Re: [cryptography] Cryptographers win Turing award
I admit to total ignorance, and have an intuition that this is probabilistically unacceptable. Of anyone wishes to explain the significance of their work, I'd be grateful. Meanwhile, here are the things I've decrypted: http://amturing.acm.org/award_winners/goldwasser_8627889.cfm Shafi Goldwasser and Silvio Micali laid the foundations of modern theoretical cryptography, taking it from a field of heuristics and hopes to a mathematical science with careful definitions and security models, precise specifications of adversarial capabilities, and rigorous reductions from formally defined computational problems. Their results, jointly and with others, established the now-standard definitions of security for the fundamental primitives of encryption and digital signatures, and provided exemplary implementations meeting the stated security objectives. Even more importantly, their work helped to establish the tone and character of modern cryptographic research. Jointly and in collaboration with others, they provided stunning innovations in the form of random functions, interactive proofs, and zero-knowledge protocols, with implications beyond cryptography to theoretical computer science in general. ACM Press release is helpful: http://www.acm.org/press-room/news-releases/2013/turing-award-12 Wikipedia is too: http://en.wikipedia.org/wiki/Probabilistic_encryption better copy of the 1984 article: http://groups.csail.mit.edu/cis/pubs/shafi/1984-jcss.pdf That article in networkworld is fatally flawed, and thus meets and exceeds the standard for press commentary. iang On 13/03/13 23:57 PM, Kevin W. Wall wrote: MIT professors Shafi Goldwasser and Silvio Micali were selected as this year's ACM Turing award winner. Their work on introducing mathematical formalism to the field of cryptography was cited. http://www.networkworld.com/news/2013/031313-turing-award-267635.html -- Blog: http://off-the-wall-security.blogspot.com/ The most likely way for the world to be destroyed, most experts agree, is by accident. That's where we come in; we're computer professionals. We *cause* accidents.-- Nathaniel Borenstein ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
[cryptography] [FoRK] ELF .so encryption contract work, probably resulting in open source
- Forwarded message from Stephen D. Williams s...@lig.net - From: Stephen D. Williams s...@lig.net Date: Wed, 13 Mar 2013 19:43:06 -0700 To: Friends of Rohit Khare f...@xent.com, fo...@lig.net, ge...@lig.net, Michael Tiemann tiem...@redhat.com, fosdwn...@lig.net Subject: [FoRK] ELF .so encryption contract work, probably resulting in open source User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/20130216 Thunderbird/17.0.3 Reply-To: Friends of Rohit Khare f...@xent.com We need the ability to encrypt the code in code segments of an ELF .so, for Linux / Android at least, with an AES key and also decrypt it in memory after loading by libdl using the same key. Key management is out of scope. Might want selective decryption/encryption. Signed code is in scope. Result will probably be releasable as open source. This is something that should already exist, we need it, and I can pay for it. If you know anyone interested, please connect us. I could do it in 1-3 weeks, but that's not going to happen anytime soon for a long todo list of reasons. Stephen -- Stephen D. Williams s...@lig.net stephendwilli...@gmail.com LinkedIn: http://sdw.st/in V:650-450-UNIX (8649) V:866.SDW.UNIX V:703.371.9362 F:703.995.0407 AIM:sdw Skype:StephenDWilliams Yahoo:sdwlignet Resume: http://sdw.st/gres Personal: http://sdw.st facebook.com/sdwlig twitter.com/scienteer ___ FoRK mailing list http://xent.com/mailman/listinfo/fork - End forwarded message - -- Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org __ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
[cryptography] random extractor hobby algorithm
dear list, if you want to send me to hell, please first read the disclaimers on the bottom please. now let's just dive in. i propose an algorithm for smoothing a weak random stream of bytes. it is a combined-cycle rc4, that is, we continually feed the rc4 with the random input stream as password, and at the same time we extract whitened stream on the output. the pseudocode would be, courtesy of wikipedia: loop i := (i + 1) mod 256 j := (j + S[i] + R) mod 256 // note the + R here swap values of S[i] and S[j] output S[(S[i] + S[j]) mod 256] end loop where R would be the next byte of the input stream. we input one byte per cycle, and discard the output until we collect enough entropy. assumed the input stream has an average entropy of x bits per byte, we feed 8/x bytes before we extract one byte of output. it is necessary to discard the first chunk of the output. benefits: 1. white. the output satisfies every requirement we have for a random stream. 2. we don't lose entropy, we can extract as much as the input grants us on average. 3. no wait. you can add randomness as it arrives, you can extract as few as one byte. 4. robust. even if the input entropy drops, the output is unpredictable and smooth 5. avalanche effect. single bit change in the input changes the output entirely. 6. easy tuning of input/output ratio, even allows for below one ratios 7. blazing fast, small footprint and easy implementation 8. pools. it stores 1700 bit entropy in its belly. problems: 1. can be run backwards if the internal state is compromised and the input entropy dropped severly below the estimated 2. ? do you see any security problems with it? DISCLAIMER: yes, i'm aware that the problem is already solved in a number of reliable ways. yes, i'm aware that wise man does not use algorithms in cryptography that are not analyzed throughly by many experts. this idea came to me as part of my hobby project. this will not be implemented in any secure systems, nor any nonsecure systems for that matter, just a hobby project. i'm curious what more knowledgable minds can tell about this algorithm, mainly for educational purposes. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Cryptographers win Turing award
On Mar 14, 2013 7:52 AM, ianG i...@iang.org wrote: snip ACM Press release is helpful: http://www.acm.org/press-room/news-releases/2013/turing-award-12 Wikipedia is too: http://en.wikipedia.org/wiki/Probabilistic_encryption better copy of the 1984 article: http://groups.csail.mit.edu/cis/pubs/shafi/1984-jcss.pdf That article in networkworld is fatally flawed, and thus meets and exceeds the standard for press commentary. :-) Ironically, the NetworkWorld article was the one cited by ACM TechNews, which was where I first encountered it. I was somewhat surprised that the URL they cited for their Probabilistic Encryption paper was at Peking University. I wasn't even able to access it from work because that domain is blocked because of malware and spam. -kevin ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Sodium. (Was: Re: NaCl Documentation?)
On Tue, Mar 12, 2013 at 12:53 AM, Joachim Strömbergson joac...@strombergson.com wrote: There is a new implementation of NaCl by Frand Denis called Sodium that tries to be more portable and user friendly. Just want to clarify one thing: Sodium isn't a reimplementation so much as a repacakging of the existing NaCl code, the most notable aspect being the removal of the assembly code which allows Sodium to be fully PIC. -- Tony Arcieri ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
[cryptography] SafetyLock™
Someone pasted this in #crypto on Freenode. It's rather hilarious: http://www.onyxscientificinc.com/SafetyLockEncryptionInfo.pdf I can't tell what my favorite feature is, the fact I can use up to 9,999 keys per file, the fact that keys are minimum 1 megabit long, or the fact that it uses FRACTALS! (NOTE: I am using the word fact rather loosely here) -- Tony Arcieri ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography