Cryptography-Digest Digest #231, Volume #14 Wed, 25 Apr 01 14:13:01 EDT
Contents:
Re: effects of mistaken *partial* reuse of a OTP? (John Savard)
Re: OTP WAS BROKEN!!! (John Savard)
Re: OTP WAS BROKEN!!! (newbie)
Re: OTP WAS BROKEN!!! (Darren New)
Re: Censorship Threat at Information Hiding Workshop ("Paul Pires")
Re: OTP WAS BROKEN!!! ("ink")
DH Secret exponent size question? (Ichinin)
Re: OTP WAS BROKEN!!! ("Tony T. Warnock")
Re: OTP WAS BROKEN!!! ("Tony T. Warnock")
Re: Censorship Threat at Information Hiding Workshop (John Myre)
Re: OTP WAS BROKEN!!! (newbie)
RE: AES OCB v/s RC4 + MD5 (Harshal)
Re: OTP WAS BROKEN!!! (newbie)
Re: bogus speed claims (just wondering) (Mike Rosing)
Re: primitive elements in GF(2^W) (Mike Rosing)
Re: impossible differentials (Mike Rosing)
Re: bogus speed claims (just wondering) ("Tom St Denis")
Re: primitive elements in GF(2^W) ("Tom St Denis")
Re: impossible differentials ("Tom St Denis")
Re: Censorship Threat at Information Hiding Workshop ("Paul Pires")
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: effects of mistaken *partial* reuse of a OTP?
Date: Wed, 25 Apr 2001 16:15:44 GMT
On Wed, 25 Apr 2001 02:36:27 GMT, [EMAIL PROTECTED]
wrote, in part:
>Is the effect simply that the attacker is able to recover those bits
>of the two messages which were encoded with the common section, but
>that the remainder of the two messages are impenetrable, because for
>these bits, the not-in-common bits of each OTP are genuinely one-time?
Yes.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: OTP WAS BROKEN!!!
Date: Wed, 25 Apr 2001 16:26:11 GMT
On Mon, 23 Apr 2001 13:59:25 -0300, newbie <[EMAIL PROTECTED]>
wrote, in part:
>I use my ciphertext as test-key.
>My ciphertext is any message encrypted with k'.
>K' = PM(I) Xor Ciphertext ( the cipher I'm trying to break).
The trouble you are having is that we already *know* the OTP can't be
broken. Therefore, the people replying to your posts are not inclined
to spend a lot of time and effort trying to understand your idea in
order to point out exactly where the mistake is.
Given candidate keys, K(i) xor PM(i) = Ciphertext, where PM(i) is the
i-th most probable candidate message by your notation,
I can certainly generate pseudo-ciphertexts C(i) where C(i) = K(i) xor
a standard message.
But trying to solve C(i) versus the actual ciphertext as if it were
the re-use of a one-time-pad will always yield P(i) as the answer.
Since C(i) was created from K(i), that doesn't prove anything.
every K(i) will be just as 'random' as every other one.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: newbie <[EMAIL PROTECTED]>
Subject: Re: OTP WAS BROKEN!!!
Date: Wed, 25 Apr 2001 12:26:23 -0300
Just a question.
Why if you re-use the key twice, OTP becomes less secure?
I'm newbie and I want an answer with few samples.
I tried to solve the probleme, using the same key, I found (2*n)
possible solutions for a ciphertext of bit-length equal to n.
How is it possible to recover the plaintext?
If you
Volker Hetzer wrote:
>
> newbie wrote:
> >
> > I'm just trying to present ideas.
> You do more than that. You refuse to accept criticism of your ideas.
>
> > Do not forget that I'm newbie.
> You do not behave like one.
>
> > I'm just to exploit extra-information and other tricks to try to reduce
> > the number of possibilities.
> It's not about the "number of possibilities". It's about gaining
> information helps you learning something *new* off the encrypted message,
> i.e. something you did not know before, given thew context you got.
>
> > I tried selecting by degree of randomness.
> > I tried by introducing the "context" factor to select.
> > I tried by simulating re-susing the key.
> > All did not work.
> Of course not.
>
> > Only guessing what the sender wrote, using extra-information, could
> > work.
> That's equivalent to bug the sender's room in oder to gain the contents
> of the message before it was encrypted.
>
> > This option has no sense.
> Exactly.
>
> > My objective is to find a way to give to some messages more weight than
> > others.
> You cannot do this by using the encrypted message, except its length.
>
> > I'm trying to find some trick to isolate a defined group of P's or K's
> > to solve the problem.
> You cannot. It's comparable to trying to find some "trick"
> to overcome just a bit more friction in order to make that almost
> finished perpetuum mobile work.
> In fact, it's rather more difficult. We believe in the thermodynamic
> laws only because we don't have any contrary experience. For the OTP
> we've got a formal proof.
>
> > I have a text and random sequence.
> > How to distinguish between the two.
> > That is the core of the problem.
> You cannot do that.
>
> Volker
> --
> They laughed at Galileo. They laughed at Copernicus. They laughed at
> Columbus. But remember, they also laughed at Bozo the Clown.
------------------------------
From: Darren New <[EMAIL PROTECTED]>
Subject: Re: OTP WAS BROKEN!!!
Date: Wed, 25 Apr 2001 16:34:56 GMT
> Given that the attacker doesn't know anything about the
> key space, his knowledge of the ciphertext does not change
> his expectation about the plaintext, since every plaintext
> candidate could be represented by the ciphertext, for some
> key.
How about one I thought of a bit back and expressed poorly enough to
get flamed: ;-)
The key is random. The cyphertext is as random as the key. When you
intercept something, you can't tell by looking if it's the key or the
cyphertext. The plaintext might not even be written when you intercept the
random string of bits. Hence, the random string of bits can't tell you
anything about the plaintext.
--
Darren New / Senior MTS & Free Radical / Invisible Worlds Inc.
San Diego, CA, USA (PST). Cryptokeys on demand.
schedule.c:7: warning: assignment makes calendar_week
from programmer_week without a cast.
------------------------------
From: "Paul Pires" <[EMAIL PROTECTED]>
Subject: Re: Censorship Threat at Information Hiding Workshop
Date: Wed, 25 Apr 2001 09:36:21 -0700
David Wagner <[EMAIL PROTECTED]> wrote in message
news:9c5tmt$e9r$[EMAIL PROTECTED]...
> Trevor L. Jackson, III wrote:
> >By this line of reasoning it is impossible to steal an idea.
>
> Well, I'd say that "theft" is a poor word to use when referring to
> duplicating intellectual property. Taking language that refers to
> physical property and using it to refer to intellectual property just
> leads to confusion and poorly-reasoned arguments.
>
> If you have an observation about intellectual property that you think
> is compelling and that is stated in terms of "theft", I suggest trying
> the following: replace the word "theft" with "uncompensated copying"
> (or whatever you like) and see if it affects how persuasive you find
> the argument. If you find the result less compelling after the change,
> that might be because the word "theft" carried some emotional weight
> that misled you into making a fallacious argument.
It might just be because your suggestion is wrong.
Mr. Webster say's
Theft - An instance of stealing.
Steal - To take something not rightfully belonging to one
Before you point out that "something" implies a physical item,
the example given is "to steal a kiss" I'd say the coverage
extends well into the intangible. To steal ones youth....
I can replace the word "fire" with "Frizbee"
when trying to empty a theater and find the result "less
compelling after the change". This doesn't mean that the
word fire "carried some emotional weight that misled me
into making a fallacious argument."
Paul
------------------------------
From: "ink" <[EMAIL PROTECTED]>
Subject: Re: OTP WAS BROKEN!!!
Date: Wed, 25 Apr 2001 18:41:24 +0200
"newbie" <[EMAIL PROTECTED]> schrieb im Newsbeitrag
news:[EMAIL PROTECTED]...
> Just a question.
> Why if you re-use the key twice, OTP becomes less secure?
> I'm newbie and I want an answer with few samples.
> I tried to solve the probleme, using the same key, I found (2*n)
> possible solutions for a ciphertext of bit-length equal to n.
> How is it possible to recover the plaintext?
Somebody please just give him an example, this thread
is getting on my nerves. I would, but I'm a newbie myself,
though even I can understand why the OTP (apart from not
being an OTP anymore) will become easy to solve if the
key is re-used. Somebody can certainly explain that in a
few simple layman's terms, so even our frequently mutating
friend can understand that.
Cheers,
ink
------------------------------
From: Ichinin <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: DH Secret exponent size question?
Date: Wed, 18 Apr 2001 07:06:32 +0200
Hi.
When initialising Diffie Hellman; how large should the
secret exponents be ? I assume they both have to be WAY
bigger than 2^32... Also - i guess it won't hurt if these
2 exponents are primes?
TIA,
Ichinin
(P.S: No, i do not have access to IEEE documents.)
------------------------------
From: "Tony T. Warnock" <[EMAIL PROTECTED]>
Subject: Re: OTP WAS BROKEN!!!
Date: Wed, 25 Apr 2001 10:47:40 -0600
Reply-To: [EMAIL PROTECTED]
newbie wrote:
> Just a question.
> Why if you re-use the key twice, OTP becomes less secure?
> I'm newbie and I want an answer with few samples.
> I tried to solve the probleme, using the same key, I found (2*n)
> possible solutions for a ciphertext of bit-length equal to n.
> How is it possible to recover the plaintext?
>
Let k be the OTP parts used twice. Let P1 and P2 be the plaintexts. Then the
cyphertexts are C1=P1+k and C2=P2+k where + is usually .XOR. (or modular
addition.) Then a new string is produced C1-C2 = P1+k-P2-k = P1-P2. Because the
statistics of k are uniform, C1 and C2 are also have uniform statistics. P1-P2
will not have uniform statistics and thus be detected. It's easy to unscramble
the combination of two plaintexts.
See the literature on Venona and look up such terms as running book key.
------------------------------
From: "Tony T. Warnock" <[EMAIL PROTECTED]>
Subject: Re: OTP WAS BROKEN!!!
Date: Wed, 25 Apr 2001 10:49:50 -0600
Reply-To: [EMAIL PROTECTED]
The basic idea is that even without knowing the key, you can remove it.
Thus you are left with a combination of two plaintexts which is easy to
decrypt.
------------------------------
From: John Myre <[EMAIL PROTECTED]>
Subject: Re: Censorship Threat at Information Hiding Workshop
Date: Wed, 25 Apr 2001 10:54:18 -0600
David Wagner wrote:
<snip>
> Well, I'd say that "theft" is a poor word to use when referring to
> duplicating intellectual property.
Perhaps. This is actually the center of the debate.
> Taking language that refers to
> physical property and using it to refer to intellectual property just
> leads to confusion and poorly-reasoned arguments.
Only if you accept that the analogy is weak, in the first
place. In this case, one should probably go further and
question the use of the word "property" when discussing
ideas (or perhaps even their "expression" - copyright).
> If you have an observation about intellectual property that you think
> is compelling and that is stated in terms of "theft", I suggest trying
> the following: replace the word "theft" with "uncompensated copying"
> (or whatever you like) and see if it affects how persuasive you find
> the argument. If you find the result less compelling after the change,
> that might be because the word "theft" carried some emotional weight
> that misled you into making a fallacious argument.
It might - or not. There isn't really any necessary correlation
between "compelling" and "fallacious". It would probably be a lot
less compelling to complain about someone "reducing my effective
physical abilities without permission" but that doesn't mean it
was OK for him to break my legs with a lead pipe. Arguing with
terminology in this way is, to me, beside the point.
Emotional use of terminology is an old political trick, but it
seldom works to complain about it. If it isn't "theft", what
is it? "Uncompensated copying" is just rhetoric in the opposite
direction. (It might help to distinguish cases. Where is the
boundary between "theft" and not?)
JM
------------------------------
From: newbie <[EMAIL PROTECTED]>
Subject: Re: OTP WAS BROKEN!!!
Date: Wed, 25 Apr 2001 12:57:54 -0300
I know that C= any of P(i) Xor any key used as a complement.
So you may have for all plaintext a Xored key and the result will still
equal to C. It is like addition
10 = 9+1=8+2=7+3 etc....
I know that before trying to explain what I aimed to prouve.
You have two interchangeable factors in the encipher operation :
Plaintext and keystream.
The keystream is UNPREDICTABLE by definition.
But the plaintext NO.
I give you a sample.
Let consider only the first POSITION of any ciphertext just as sample.
It could be 1 or 0.
C P K
1 = 1 Xor 0
1 = 0 Xor 1
0 = 0 Xor 0
0 = 1 Xor 1
We have two possibilities for each bit-cipher.
Let consider the plaintext.
I can use still try to define a number of words starting any sentence.
Do you agree with that statement?
If yes, I continue.
I can still sort all those possible words.
Do you agree with that statement?
If yes, I continue.
I can still convert those words to bit-strings.
Do you agree with that statement?
If yes, I continue.
Now, if I take the sum of all first bit, I can obtain statictics for 0
and 1.
Sample 1 = 1526
0 = 1100
I can build a pattern of my plaintext.
I say a "pattern" not a plaintext.
My idea is that even if that the statement C= any P Xor K (as
"complement") can not be mathematically "broken", the probability of any
bit of P (depending on its position) is not equiprobable. My goal is to
exploit that difference.
So you can still deduce the "randomness" of the key.
You are going to obtain if you compute "pattern" Xor Ciphertext = random
key really used (this key is unique for the sender).
This key is not hundred per cent the sender used, but 75% or less.
If I have the quite-true key, I can use a controlled random key for my
plain-text to try to recover the plaintext that have more signification
given the context.
I'm waiting for comments.
I know that I'm trying to find the "impossible".
THANK YOU FOR YOUR HELP.
John Savard wrote:
>
> On Mon, 23 Apr 2001 13:59:25 -0300, newbie <[EMAIL PROTECTED]>
> wrote, in part:
>
> >I use my ciphertext as test-key.
> >My ciphertext is any message encrypted with k'.
>
> >K' = PM(I) Xor Ciphertext ( the cipher I'm trying to break).
>
> The trouble you are having is that we already *know* the OTP can't be
> broken. Therefore, the people replying to your posts are not inclined
> to spend a lot of time and effort trying to understand your idea in
> order to point out exactly where the mistake is.
>
> Given candidate keys, K(i) xor PM(i) = Ciphertext, where PM(i) is the
> i-th most probable candidate message by your notation,
>
> I can certainly generate pseudo-ciphertexts C(i) where C(i) = K(i) xor
> a standard message.
>
> But trying to solve C(i) versus the actual ciphertext as if it were
> the re-use of a one-time-pad will always yield P(i) as the answer.
> Since C(i) was created from K(i), that doesn't prove anything.
>
> every K(i) will be just as 'random' as every other one.
>
> John Savard
> http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: Harshal <[EMAIL PROTECTED]>
Subject: RE: AES OCB v/s RC4 + MD5
Date: Wed, 25 Apr 2001 13:07:42 -0400
>===== Original Message From "Tom St Denis" <[EMAIL PROTECTED]> =====
>>"Harshal" <[EMAIL PROTECTED]> wrote in message
>>news:[EMAIL PROTECTED]...
>> I am trying to figure out whether adding an MD5 hash to an 128-bit RC4
>> encrypted data stream provides as good a result as AES in the Offset
>> Codebook Mode (for encryption and authentication).
>
>Better against what attacks? Also MD5 shouldn't be used anyways, I would
>use SHA-1, TIGER-192 or HAVAL now.
Thanks for the input on MD5. I picked it since it seems to be the most
widely
used hashing function. I will take a look at the other functions you have
mentioned.
This is for use in a communications system that currently uses RC4 (with 40
bit keys and without any authentication).
One way to add security would be to use AES in the OCB mode. However, since
the products already contain the RC4 engine, one possible approach is to
beef
up the current methods.
I am trying to find out if improving RC4 (by increasing the key length among
other things) and adding a hash function is 'good enough'. The better RC4
will
provide enhanced security and the hash function will provide authentication.
I realise that AES is a much more secure algorithm but it adds latency to
the
overall system. Plus it means fundamental changes in the products.
>Well in a perfect world if you encrypt the hash at the end the attacker
>doesn't have alot of leeway in falsifying the message.
The encryption key would have to be different for the hash, right?
I don't think encrypting the hash is an option in the current system. I am
thinking of generating the hash of the plain text, encrypting the plain text
and then sending the hash along with the cipher text.
>Just use a decent cipher and hash (MD5 and RC4 are not either).
Thanks a lot for your input. I really don't have an option on RC4 but will
look at the other hash functions that you mentioned.
Thanks again for your help.
Harshal
------------------------------
From: newbie <[EMAIL PROTECTED]>
Subject: Re: OTP WAS BROKEN!!!
Date: Wed, 25 Apr 2001 13:03:21 -0300
And how many solutions could solve P Xor P' = C Xor C'?
"Tony T. Warnock" wrote:
>
> The basic idea is that even without knowing the key, you can remove it.
> Thus you are left with a combination of two plaintexts which is easy to
> decrypt.
------------------------------
From: Mike Rosing <[EMAIL PROTECTED]>
Subject: Re: bogus speed claims (just wondering)
Date: Wed, 25 Apr 2001 12:12:58 -0500
Tom St Denis wrote:
>
> I don't want to attacker their reputation directly since well I have no
> standing to say so. I am just pointing out that all too often claims seem a
> bit far fetched. For example you look at CS-Cipher and he claims you can
> implement it in 500 bytes at 20kbits/sec, but there is a 256 byte table and
> you need separate code for the mixing function (CS-Cipher is like SAFER). I
> seriously doubt he implemented that in 500 bytes unless he did tricks like
> "fixed keys" and "no decrypt routine"...
The Romans used to say "caveat emptor". Nothing's changed in the past few
thousand years :-)
(my spelling sucks, so beware looking that up!! :-)
Patience, persistence, truth,
Dr. mike
------------------------------
From: Mike Rosing <[EMAIL PROTECTED]>
Subject: Re: primitive elements in GF(2^W)
Date: Wed, 25 Apr 2001 12:23:46 -0500
Tom St Denis wrote:
> Oh yeah... doh... So basically it's more like
>
> g^(2^W - 1)/q != 1 for all q which are linear combinations of the factors?
>
> (I am trying to teach myself some basic number theory here...)
Right, you need to check all q which are all possible combinations of at least
1 and at most (all factors - 1). Seems like you're learning quick :-)
Patience, persistence, truth,
Dr. mike
------------------------------
From: Mike Rosing <[EMAIL PROTECTED]>
Subject: Re: impossible differentials
Date: Wed, 25 Apr 2001 12:29:43 -0500
Tom St Denis wrote:
> Is it because an invalid key guess will cause a new difference in the round?
>
> I.e
>
> out = F(x) xor F(x xor in)
>
> becomes
>
> out = F(x xor key_wrong) xor F(x xor in xor key_wrong)
>
> Where key_wrong will lead to a condition that lets the impossible diff
> occur?
The idea is that differential analysis shows you which bits change for each
input bit that changes. Suppose one bit never changes - that's an "impossible"
differential - it did *not* change and you expected it would. This gives you
useful statistical info - but I'm not sure how to use it since I've not read
the papers thuroly.
Patience, persistence, truth,
Dr. mike
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: bogus speed claims (just wondering)
Date: Wed, 25 Apr 2001 17:33:15 GMT
"Mike Rosing" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Tom St Denis wrote:
> >
> > I don't want to attacker their reputation directly since well I have no
> > standing to say so. I am just pointing out that all too often claims
seem a
> > bit far fetched. For example you look at CS-Cipher and he claims you
can
> > implement it in 500 bytes at 20kbits/sec, but there is a 256 byte table
and
> > you need separate code for the mixing function (CS-Cipher is like
SAFER). I
> > seriously doubt he implemented that in 500 bytes unless he did tricks
like
> > "fixed keys" and "no decrypt routine"...
>
> The Romans used to say "caveat emptor". Nothing's changed in the past few
> thousand years :-)
>
> (my spelling sucks, so beware looking that up!! :-)
True. Well let me say again I don't want to flame the academics. I just
can't see how they get their ciphers implemented so "perfectly".
Again bashing CS-Cipher it's possible to implement the 8x8 sbox as a 3-round
feistel using two 4x4 sboxes. in that case I could see about 500 bytes but
that wouldn't be anywhere approaching 20kbit/sec then.
Or look at Twofish, you could do the sboxes (two 8x8's) as the repeated sub,
but that would be way to slow. So you would need to store em as two 8x8's
requiring 512 bytes, plus the round function requires at least 16 bytes for
the MDS (or stored as immediates in code). Although after looking at the
Twofish book again their results (aside from their speed claims) seem more
reasonable. They claim about 4msec per block but unless you store the four
sboxes (requiring 2kb) you would have todo four subs per sub, i.e 16 8x8
subs per round. Not to mention the MDS mults (2 4x4's) two 32-bit adds, two
32-bit rotates and one 64-bit xor.....
Hmm..
Tom
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: primitive elements in GF(2^W)
Date: Wed, 25 Apr 2001 17:34:14 GMT
"Mike Rosing" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Tom St Denis wrote:
> > Oh yeah... doh... So basically it's more like
> >
> > g^(2^W - 1)/q != 1 for all q which are linear combinations of the
factors?
> >
> > (I am trying to teach myself some basic number theory here...)
>
> Right, you need to check all q which are all possible combinations of at
least
> 1 and at most (all factors - 1). Seems like you're learning quick :-)
I implemented my test with 3/5/17 only and quickly learnt that was wrong...
although most are... for example
with p=0x169, g=0x02 is ok but 0x08 is not (although 0x08 will pass the
first three tests).
Tom
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: impossible differentials
Date: Wed, 25 Apr 2001 17:36:43 GMT
"Mike Rosing" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Tom St Denis wrote:
> > Is it because an invalid key guess will cause a new difference in the
round?
> >
> > I.e
> >
> > out = F(x) xor F(x xor in)
> >
> > becomes
> >
> > out = F(x xor key_wrong) xor F(x xor in xor key_wrong)
> >
> > Where key_wrong will lead to a condition that lets the impossible diff
> > occur?
>
> The idea is that differential analysis shows you which bits change for
each
> input bit that changes. Suppose one bit never changes - that's an
"impossible"
> differential - it did *not* change and you expected it would. This gives
you
> useful statistical info - but I'm not sure how to use it since I've not
read
> the papers thuroly.
I think the "impossible" diff occurs when you guess the key wrong since if
you guess the key wrong the input difference may make it possible.
For example in
outputdiff = F(x xor wrong_key) xor F(x xor wrong_key xor input_diff)
Since F is not linear the "wrong_key" (which is the difference caused by
guessing the wrong key) does not commute and cancel out like it should
have...
if F were linear than
= F(x xor wrong_key) xor F(x xor wrong_key xor input_diff)
= F(x) xor F(x xor input_diff) xor wrong_key xor wrong_key
= F(x) xor F(x xor input_diff)
Er is that right?
Tom
------------------------------
From: "Paul Pires" <[EMAIL PROTECTED]>
Subject: Re: Censorship Threat at Information Hiding Workshop
Date: Wed, 25 Apr 2001 10:49:20 -0700
John Myre <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED]...
> David Wagner wrote:
> <snip>
> > Well, I'd say that "theft" is a poor word to use when referring to
> > duplicating intellectual property.
>
> Perhaps. This is actually the center of the debate.
>
> > Taking language that refers to
> > physical property and using it to refer to intellectual property just
> > leads to confusion and poorly-reasoned arguments.
>
> Only if you accept that the analogy is weak, in the first
> place. In this case, one should probably go further and
> question the use of the word "property" when discussing
> ideas (or perhaps even their "expression" - copyright).
>
> > If you have an observation about intellectual property that you think
> > is compelling and that is stated in terms of "theft", I suggest trying
> > the following: replace the word "theft" with "uncompensated copying"
> > (or whatever you like) and see if it affects how persuasive you find
> > the argument. If you find the result less compelling after the change,
> > that might be because the word "theft" carried some emotional weight
> > that misled you into making a fallacious argument.
>
> It might - or not. There isn't really any necessary correlation
> between "compelling" and "fallacious". It would probably be a lot
> less compelling to complain about someone "reducing my effective
> physical abilities without permission" but that doesn't mean it
> was OK for him to break my legs with a lead pipe. Arguing with
> terminology in this way is, to me, beside the point.
>
> Emotional use of terminology is an old political trick, but it
> seldom works to complain about it. If it isn't "theft", what
> is it? "Uncompensated copying" is just rhetoric in the opposite
> direction. (It might help to distinguish cases. Where is the
> boundary between "theft" and not?)
It is theft is if it is done with knowledge and intent whether you
agree with the laws behind the protections or not. Believing it
is wrong an violationg it is civil disobedience but it is still theft.
I admit that I have used what can be seen as rhetoric on one
side of this issue. I claim self-defense. I don't know how to
talk about it in other terms.
The other side is kind of slippery. "Let's decriminalize this particular
theft. We're all nice people, we just believe that ideas should be free"
I'm sorry but this is just hogwash to me.
It is the selfish harvesting of labors performed by others when they had
a legal expectation of protecting the value of their efforts. "Unauthorized
copying" misses the mark so badly. Copies are being stolen. Gee, that
sounds so benign. This is the manifestation of the crime. This is the thing
that can be documented and proved. This is NOT the definition of
dammages. Exclusivity has value. Ownership has value. these values
are being negated by these acts. Why? because someone wants something
that they have no right to.
To get back to the original thread, Felten et. al. This is an outrageous
affront but it has nothing to do copyright or patent. This evil act has
somehow been turned into another example of why intellectual property
is bad bad bad. "Look what these guy's are doing to poor old Fenton".
AFAIK, They are pursueing him on some trumpted up argument that he has
illegally disclosed (or will disclose) their proprietary information. It's
obviously a farce and blunder since they will need to prove that he had
an obligation to protect their stuff to the same degree that they themselves
protected it. I don't see how they can and it seems to me that they might
be opening themselves up to a coutersuit.
The point is, This act is wrong for a number of reasons but it has nothing
to do with patent, copyright or other issues regarding Intellectual property.
Right or wrong, I'ts about non-disclosure and proprietary information
agreements and what constitutes one. It truely is the cynical suppression
of knowledge dressed up in a pinstripe suit.
Paul
>
> JM
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
