Cryptography-Digest Digest #162, Volume #9 Sun, 28 Feb 99 15:13:04 EST
Contents:
Re: True Randomness - DOES NOT EXIST!!! (R. Knauer)
Re: True Randomness - DOES NOT EXIST!!! (R. Knauer)
Re: True Randomness - DOES NOT EXIST!!! (R. Knauer)
Re: Quantum Computation and Cryptography (Anthony Stephen Szopa)
Re: What do you all think about the new cipher devised by a 16 year old? (Darren New)
Re: One-Time-Pad program for Win85/98 or DOS (R. Knauer)
Re: Question on Pentium III unique ID (Anthony Naggs)
Re: Miller-Rabin prime test. Random bit size ("Michael Scott")
Re: One-Time-Pad program for Win85/98 or DOS (R. Knauer)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (R. Knauer)
Subject: Re: True Randomness - DOES NOT EXIST!!!
Date: Sun, 28 Feb 1999 19:06:48 GMT
Reply-To: [EMAIL PROTECTED]
On Sat, 27 Feb 1999 23:53:35 GMT, BRAD KRANE <[EMAIL PROTECTED]>
wrote:
>If nothing existed there cannot be any Laws or the such because there
>is nothing to base them on.
>With that in mind any thing could happen in this time span where nothing
>exists including this all of a sudden violent explosion and creation of a
>universe.
There is one most fundamental thing that cannot happen. Finite objects
cannot come into existence at all, no matter how you propose that to
happen.
The idea that Nothing causes the Existence of Something, whatever it
may be, leads one to conclude that Nothing exists, which contradicts
experience, at least for those who adhere to the worldview of Realism.
> What I'm stating is that there doesn't need to be cause for some thing
>to happen if there is nothing there to begin with.
There must be an efficient cause of existence per se. A finite object
does not come into existence on its own, otherwise its essence would
be to exist, in which case it would be immutable. But the objects of
physical reality are mutable, therefore their essence cannot be to
exist, so there must be a separate entity that is the source of their
existence. This entity has an essence that is existence, and that
fulfills your notion of an uncaused entity.
The problem with trying to apply uncausality to the Universe itself is
that if you do, it would of necessity have certain properties that it
simply does not have. It would necessarily be infinite in duration,
which the Big Bang tells us it is not. It would necessarily be
infinite in extent, which the Big Bang tells us it is not. It would
necessarily be immutable, which the empirical sciences tell us it is
not. And so on.
Why not imagine that the process of uncausality is applied to an
entity which then causes finite mutable reality to exist. I do not see
that in so doing you give up any generality. One thing you gain is
that you avoid many fatal inconsistencies.
And we are not talking about the "God" of Establishment Religion
either. The Supreme Being of existential metaphysics is not a
religious concept. There is no faith or belief involved in arriving at
the tenents of existential metaphysics. It is a completely self
contained rational system that builds off of physics. That is why it
is called a Meta Physics.
The fact that the catholic church uses Aquinas, the founder of
existential metaphysics, to bolster their dogmas overlooks the fact
that Aquinas himself was placed on Index of Forbidden Books right
after he died.
His ideas challenged many of the doctrines of catholicism of that era
(late 13th century), so in typical fashion of any establishment they
demonized him. The only reason he was ever grabbed off the trash heap
of dogmatism was that the Jesuits needed a poster boy and he was
available.
Aquinas also published much in the area of political philosophy, and
was a significant inspirational force behind the explosion in liberty
that occured in England. If you read Locke you will think you were
reading Aquinas. In fact, it is true to some extent that Aquinas
anticipated the formation of America, not as an act of history but as
an act of political philosophy, because he argued that tyrannicide was
not only justified but required by natural law.
It was that doctrice of tyrannicide that comes thru in the Declaration
Of Independence, right along with the moral imperatives of natural law
- such as the concept of inalienable rights endowed by the Creator.
So when you study Aquinas's works you are not just fooling around with
some two-bit establishment philosopher. Aquinas was a radical
intellectual whose thought shook up the Western world, just as Christ
shook up the Hebrew world and Mohammed the Saracen world before him.
In fact, Aquinas freely borrowed not onlt from the Greek but also from
the Jews and the Saracens, making him the real renaissance
philosopher, but just a bit ahead of his time.
Bob Knauer
"If you want to build a robust universe, one that will never go wrong, then
you don't want to build it like a clock, for the smallest bit of grit will
cause it to go awry. However, if things at the base are utterly random, nothing
can make them more disordered. Complete randomness at the heart of things is the
most stable situation imaginable - a divinely clever way to build a universe."
-- Heinz Pagels
------------------------------
From: [EMAIL PROTECTED] (R. Knauer)
Subject: Re: True Randomness - DOES NOT EXIST!!!
Date: Sun, 28 Feb 1999 19:15:52 GMT
Reply-To: [EMAIL PROTECTED]
On Sat, 27 Feb 1999 20:01:23 -0500, "Trevor Jackson, III"
<[EMAIL PROTECTED]> wrote:
>> I have no religin.
>Grumble. 'nother o' those pesky Lapsed Atheists!
Not atheist - agnostic. An atheist claims he can prove the
nonexistence of God, whereas an agnostic claims that he cannot kow one
way or the other.
Since it is impossible to prove the non-existence of God under the
worldview of Realism, there are no atheists under that worldview.
One has to reject Realism in order to build a consistent argument that
God does not exist. The only problem is that then nothing exists.
Bertrand Russell tried it once and concluded that nothing could exist.
That is why God is called the Necessary Being, because without the
existence of God, nothing would exist under any system of rational
thought.
Bob Knauer
"If you want to build a robust universe, one that will never go wrong, then
you don't want to build it like a clock, for the smallest bit of grit will
cause it to go awry. However, if things at the base are utterly random, nothing
can make them more disordered. Complete randomness at the heart of things is the
most stable situation imaginable - a divinely clever way to build a universe."
-- Heinz Pagels
------------------------------
From: [EMAIL PROTECTED] (R. Knauer)
Subject: Re: True Randomness - DOES NOT EXIST!!!
Date: Sun, 28 Feb 1999 19:21:02 GMT
Reply-To: [EMAIL PROTECTED]
On Sun, 28 Feb 1999 00:01:20 GMT, BRAD KRANE <[EMAIL PROTECTED]>
wrote:
>> Unfortunately you seem not to have heard of physics developed 100 years
>> ago, called quantum mechanics. Two identical system, set up identically
>> will not give the same results in the future.
> Being identical does include the most important element of all time.
It is impossible to prepare two systems in reality that are identical
in all ways, not just as a practical matter, but also as a theoretical
matter.
If two systems were identical in physical reality, there would be no
way to distinguish them and therefore there would only be one system,
not two. If System A were identical to System B, then System A would
be System B. Call it System AB if you want, but it is still only one
system.
"Multiple Indistinguishable Systems" is an oxymoron.
Bob Knauer
"If you want to build a robust universe, one that will never go wrong, then
you don't want to build it like a clock, for the smallest bit of grit will
cause it to go awry. However, if things at the base are utterly random, nothing
can make them more disordered. Complete randomness at the heart of things is the
most stable situation imaginable - a divinely clever way to build a universe."
-- Heinz Pagels
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Subject: Re: Quantum Computation and Cryptography
Date: Sun, 28 Feb 1999 08:24:45 -0800
Reply-To: [EMAIL PROTECTED]
"R. Knauer" wrote:
> On Sat, 27 Feb 1999 20:19:41 -0800, Anthony Stephen Szopa
> <[EMAIL PROTECTED]> wrote:
>
> >Can the quantum computer determine the truth from a lie? In other words, I
> >have a message and add lots of leading and trailing bits of random noise.
> >And interspersed throughout the message I also insert random noise.
>
> >Then I encrypt the message. My recipient has the key that will not only
> >decrypt the message but remove all the random noise as well.
> >
> >How will the quantum computer determine the correct intelligence communicated
> >from what was essentially a message that lied?
> >
> >Quantum computers may be smart: like an idiot savant child.
>
> I have no idea how to begin answering that question.
>
> You might say that because quantum computers are based on actual
> physical reality, they must reflect the inherent truth in physical
> reality, but then they are indeterminant devices so it would seem
> likely that they can return incorrect results, e.g., they could"lie"
> or be unable to detect a lie.
>
> >As far as good encryption is concerned, quantum computers pose no real
> >threat.
>
> Threat to what? Quantum algorithms exist to factor the product of two
> large integers in polynomial time. That means that the RSA public key
> cryptosystem is vulnerable. So are any other systems that rely on the
> classically intractable problems like factoring large integers.
>
> >The idea that by inputting an encrypted message into a black box quantum
> >computer and that it will absolutely output the correct encrypted message is
> >preposterous.
>
> That's odd - it has already been demonstrated, and over a distance of
> 30km too. (Marand and Townsend, 1995). The original model was
> demonstrated by Bennett and his coworkers at IBM.
>
> There is more than one scheme for building a quantum computer. The
> first one involved encoding the bits in the polarization of light. But
> you can also encode the bits on the phase of the light.
>
> >This is just more dogma from another stupid religion.
>
> I heard no one mention anything about any "stupid religion". What
> stupid religion are you referring to?
>
> Or do you consider modern physics to be a form of stupid religion?
>
> People who do not understand modern physics claim that physicists are
> psychotic. To claim that they are practitioners of a "stupid religion"
> is a new one.
>
> Bob Knauer
>
> "If you want to build a robust universe, one that will never go wrong, then
> you don't want to build it like a clock, for the smallest bit of grit will
> cause it to go awry. However, if things at the base are utterly random, nothing
> can make them more disordered. Complete randomness at the heart of things is the
> most stable situation imaginable - a divinely clever way to build a universe."
> -- Heinz Pagels
Defend your claim that it has already been done, or do we have to take your word for
it? Please explain.
Stupid religion: "just believe me."
------------------------------
From: Darren New <[EMAIL PROTECTED]>
Subject: Re: What do you all think about the new cipher devised by a 16 year old?
Date: Sun, 28 Feb 1999 19:00:14 GMT
> ]You can patent something and then license it for free, to assure nobody
> ]else patents it. Besides, it might not be her choice. Perhaps her
> ]parents want her to patent it even if she doesn't want to make the money
> ]from it.
> She developed it out of work she did on a summer job with a US company,
> who are probably the ones pushing for a patent.
True. In which case it's still up to her. I strongly doubt a company
would have gone to the trouble to get a 16-year-old to sign a contract
to assign patent rights over a summer job.
--
Darren New / Senior Software Architect / MessageMedia, Inc.
San Diego, CA, USA (PST). Cryptokeys on demand.
"The real universe is already debugged. We should just use it."
------------------------------
From: [EMAIL PROTECTED] (R. Knauer)
Crossposted-To: alt.security,alt.privacy
Subject: Re: One-Time-Pad program for Win85/98 or DOS
Date: Sun, 28 Feb 1999 19:58:41 GMT
Reply-To: [EMAIL PROTECTED]
On 27 Feb 1999 21:08:23 -0000, [EMAIL PROTECTED] (Gretchen Anonymous
Remailer) wrote:
>If one does not know the source of the pad, then to him it is random.
That is not the definition of crypto-grade randomness. Remember that
there are many kinds of randomness, each of which depends on the
application.
BTW, that is a statement equivalent to: "Obscurity results in
security" - which has been proven false so many times the crypto
highway is littered to capacity with dead corpses.
>Sometimes people tend to forget that ALL patterns will exist
>in a truly random file, even ones that appear to be non-random.
That's absolutely true.
In fact it is a necessary requirement, or else an attacker will know
that certain keys are missing and can use that to help break the
cipher.
That's the reason that Kolmogorov Complexity randomness is unsuitable
for crypto, since it excludes numbers that have any significant
regularity.
>That's what random means.
Not true. That may be the definition for pseud-randomness of some
sort, but not the defintion of True Randomness seen in Quantum
Mechanics for example.
Equidistribution, as alluded to in your correct statement above, is a
necessary but insufficient criterion for true randomness.
Otherwise Champernowne's Number in base 10 would be a crypto-grade
random number.
You need a better definition for true randomness, like the one we
formulated as the prevailing majority consensus here on sci.crypt. It
took over 1,000 posts to get to this point, so please treat it with
the reverence it is due. :-)
+++++
A true random number is one that is produced by a process that is
capable of generating all finite sequences equiprobably. That process
is called a True Random Number Generator (TRNG) and can never be the
reulst of algorithmic calculation. Equiprobable means independent and
equidistributed.
+++++
As a practical matter the two things that cause a number to be
non-random are bias and correlation. Bias means bit-group bias, which
includes groups of numbers larger than just one bit. That means that
a true random number must be "normal" in the Borel sense. Normality is
a necessary but not sufficient condition.
Statistical tests cannot test for all forms of bias and correlation,
so at best they can only test for the *appearance* of randomness,
which is not good enough for proveably secure cryptosystems such as
the OTP if you intend to have high message volume.
The problem with your proposal is that it fails the criterion of
independence, since there are known dependences in text between the
various characters. You can use text streams but you have to process
them first and then they will leak information if you use them for
high message volume. You need to change the kinds of text since the
frequency distribution differs that way. Newspapers have a different
distribution from instruction manuals, etc. Then you need to distill
what randomness there is. Hash functions are usually chosen for that.
if your text has 1 bit of entropy per character and you need the full
8 bits, then you will have to hash 8 bits down to 1 bit.
There are some more comments about True Randomness on the thread
entitled "Quantum Randomness" on sci.crypt. The first post to that
thread has a number of quotes taken from a book on quantum computers.
Although true randomness is not absolutely necessary for all
applications in crypto, it is the ultimate if you want a 100%
proveably secure OTP. One day soon when quantum computers come online,
100% true random number generation will become a reality.
Bob Knauer
"If you want to build a robust universe, one that will never go wrong, then
you don't want to build it like a clock, for the smallest bit of grit will
cause it to go awry. However, if things at the base are utterly random, nothing
can make them more disordered. Complete randomness at the heart of things is the
most stable situation imaginable - a divinely clever way to build a universe."
-- Heinz Pagels
------------------------------
From: Anthony Naggs <[EMAIL PROTECTED]>
Subject: Re: Question on Pentium III unique ID
Date: Sun, 28 Feb 1999 20:01:58 +0000
After much consideration Myself decided to share these wise words:
>On Sat, 27 Feb 1999 11:08:24 -0800, thermal and electromagnetic action
>caused "Roger Schlafly" <[EMAIL PROTECTED]>'s brain to produce the
>following pseudorandom thought:
>
>>Myself wrote in message <[EMAIL PROTECTED]>...
>>>And plug-n-play cards also have unique serial numbers. There's nothing
>>>new about uniquely identifiable PCs. The only interesting thing about
>>>the P3 is the publicity and standardization that comes with Intel's
>>>massive influence.
>>And the fact that Intel announced that it intends to distribute software
>>that surreptitiously uses the ID to identify people on the internet.
>
>The question is: how hard is it to spoof a response? Their software is
>going to either:
>
>1) send the ID in the clear, with no attempt to guarantee that it's
>really Intel's program saying so
>
>2) attempt to cryptographically prove that the number being sent was
>retrieved by Intel's unmodified program
Intel themselves seem confused, but several of the documents on their
website suggest using the serial number is as one of a number of
identifying items, whose CRYPTOGRAPHICLY STRONG HASH is sent as an
identification in web transactions.
Intel also states that the serial number is not guaranteed to be unique.
------------------------------
From: "Michael Scott" <[EMAIL PROTECTED]>
Subject: Re: Miller-Rabin prime test. Random bit size
Date: Sun, 28 Feb 1999 20:08:49 -0000
Scott Fluhrer wrote in message <7bc1lj$630@dfw-
>>I agree. But be careful. As I recall from some experiments I once did, a
>>base of 2 misses all primes of the form 2^n-1.
> ^^^^^^
>Huh? If we are talking about the Miller-Rabin test, then given a prime,
>if always outputs 'probable prime' for all bases [1]. I don't see how
>it could 'miss' a prime of any form. And, if you meant composite, a
>quick check shows that 2**14 == 4 mod 15 and 2**62 == 4 mod 63, so it
>doesn't 'miss' the first two composites 15 and 63 [2].
>
>What did you mean?
>
Ah, sorry about that. I went back and checked, and what I *meant* was that
the Miller-Rabin test with base 2 outputs probable prime for all Fermat
numbers of the form 2^(2^n)+1. And of course apparently none of these
numbers is prime for n>4. (Maybe thats's why Fermat hypothesised that all
such numbers were prime??).
Its a curiosity I stumbled upon, but never followed up.
Mike Scott
------------------------------
From: [EMAIL PROTECTED] (R. Knauer)
Crossposted-To: alt.security,alt.privacy
Subject: Re: One-Time-Pad program for Win85/98 or DOS
Date: Sun, 28 Feb 1999 20:07:54 GMT
Reply-To: [EMAIL PROTECTED]
On Sun, 28 Feb 1999 07:08:58 GMT, [EMAIL PROTECTED] (Terry Ritter) wrote:
>>I do not say OTPs are cryptographically weak in general. A correct
>>implementation is provably secure. In fact - it is guaranteed to be
>>unbreakable.
>I strongly disagree: The only OTP which is "provably secure" is the
>theoretical *concept* of the OTP -- and that only protects theoretical
>data.
When quantum computation becomes a practical reality, true random
numbers will be available. Then the OTP system will be 100% proveably
secure on a practical basis.
>Anyone who thinks a practical OTP is "provably secure" should try to
>write out a proof,
See the book "Explorations In Quantum Computing" that I have been
citing recently on sci.crypt.
The authors give an explicit quantum algorithm for generating true
random numbers. In fact they have simulations on a CD-ROM that comes
with the book, but it is no good as a practical device since it is run
off of a PRNG in Mathematica, and is meant for teaching purposed only.
The 100% proveability of true randomness for a quantum randomness
algorithm derives from the certainty of the correctness of quantum
mechanics. The only other theory involves hidden variables, and that
has gone nowhere in nearly a century of investigation.
God does play dice with the Universe because the Universe is made out
of dice.
Bob Knauer
"If you want to build a robust universe, one that will never go wrong, then
you don't want to build it like a clock, for the smallest bit of grit will
cause it to go awry. However, if things at the base are utterly random, nothing
can make them more disordered. Complete randomness at the heart of things is the
most stable situation imaginable - a divinely clever way to build a universe."
-- Heinz Pagels
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
