RSA
I've been playing with the RSA cipher since it's announcement but due to other interests have missed a lot of discussions of the finer points. Thus I would like comments on the items in the list below. I'm not a mathematician so rigorous proofs would probably be over my head. I'll have to settle for consensus of opinions as to true/false. My guess is these things are well known and of little consequence but I'd like to hear from the experts that there is nothing of any importance in these observations. In discusions of key generation, for example, I've seen no reference to the possibility of deliberately adjusting the ratio of p and q to weaken the key for an attacker. Responses by private e-mail, please, unless there is something here that would be interesting to the group. Thanks. --- N/2 versus N (n=p*q, N=(p-1)*(q-1)) In the process of generating keys for RSA, the value N can be defined as (p-1)*(q-1) and the encode/decode values e and d are computed as d*e = (k*N)+1 where k is a positive integer. It appears N/2 always works also. Thus d*e = (k*(N/2))+1 should always be valid. k*n = a^2 - 1 (k times n equals a squared minus one) For every n there is a positive integer 0 < k < n/4 such that k*n is one less than a perfect square. There is another n/4 < k < n-2 which is also one less than a perfect square. E(m) = m(message enciphers as itself) For every n there are at least 9 values of m (the message) where c (the enciphered m) is equal to m for every valid e. m=0, m=1, and m=n-1 are trivial. The others allow calculation of p and q. search using add and test There is a search method using a simple add and test-for-zero which will find the factors in a fraction of n steps. While this is still a very large number, the function is fairly simple in hardware. It can be parallelized but probably not enough to be useful. Advances in hardware, however, might make such a simple method possible. -- - | 73,E-mail | [EMAIL PROTECTED] | | Lyn Kennedywebpage | http://webusers.anet-dfw.com/~lrkn/ | | K5QWB pony express = P.O. Box 5133, Ovilla, TX, USA 75154| ---Livin' on an information dirt road a few miles off the superhighway---
Re: Electronic elections.
Along the same lines as this discussion, http://www.ivta.org was recently brought to my attention in/on the "cert-talk" ([EMAIL PROTECTED]) mailing list. I appreciate that pointer (and others like it such as are appearing here and elsewhere) a great deal, especially in quotation: "Encryption alone is not sufficient for an Internet voting process because voting is not an e-commerce transaction. Anonymity and integrity must be assured, and we must know that the results in an election have not been tampered with in any step of the process." as it demonstrates in full that, as in all of engineering, the heavy lifting is in getting the problem statement right. The advocates of Internet voting do not, repeat, do not have the problem statement right. There is no doubt whatsoever that the sanctity of a vote once cast can be absolutely preserved as it is moved from your house to the counting house. What cannot be done, now or ever, is to ensure the sanctity of the voting booth anywhere but in a physical and, yes, public location attended to by persons both known to each other and drawn from those strata of society who care enough to be present. There are no replacements for the voting booth as a moment of privacy wrapped in inefficient but proven isolation by unarguable witness, a place where we are equal as in no other. Move the dispatch of a vote to a remote browser and $100 bills, concurrent sex acts, a pistol to the head, wife-beating or any other combination of bribes and coercion is an undiscoverable concommitant of the otherwise "assured" integrity of the so-called vote. Internet voting is anti-democracy and those who cannot bestir themselves to be present upon that day and place which is never a surprise to do that which is the single most precious gift of all the blood of all the liberators can, in a word, shut up. Trust is for sissies, --dan
Re: Electronic elections.
At 07:52 AM 5/29/00 -0400, Dan Geer wrote: >There is no doubt whatsoever that the sanctity of a vote once >cast can be absolutely preserved as it is moved from your house >to the counting house. What cannot be done, now or ever, is to >ensure the sanctity of the voting booth anywhere but in a >physical and, yes, public location attended to by persons both >known to each other and drawn from those strata of society who >care enough to be present. So I typically elect to vote by mail. Is my vote worthless because of that? There are no replacements for the >voting booth as a moment of privacy wrapped in inefficient but >proven isolation by unarguable witness, a place where we are >equal as in no other. 'Sanctity'? 'Moment of privacy?' Sorry, no sacred cows allowed here, unless they're seeing eye cows, or nicely barbequeued. >Move the dispatch of a vote to a remote >browser and $100 bills So standing in line with the masses like some Russian waiting for bread somehow immunizes against voter fraud? >Internet voting is anti-democracy and those who cannot bestir >themselves to be present upon that day and place which is never >a surprise to do that which is the single most precious gift of >all the blood of all the liberators can, in a word, shut up. Yeah right... real purty flame there, real Daughters of the American Revolution material, blood of the liberators and all, but how about a real argument? Or is your retro dogma supposed to be lapped up on the basis of your empty, inflamatory assertions?
Re: NSA back doors in encryption products
Maybe this is not so important, but I have to repeat that in W2K OS the NSAKEY is still present but not used. All CSPs are verified only with the primary key and if the verification process fails the CSP module is discarded without any further verification. Sergio Tabanelli -Original Message- From: John Young <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] <[EMAIL PROTECTED]> Date: venerdì 26 maggio 2000 14.09 Subject: Re: NSA back doors in encryption products >Duncan Campbell has provided his latest exchanges with >Microsoft on the NSA_key, which Microsoft has now refused >to continue (see letter below): > > http://cryptome.org/nsakey-ms-dc.htm > >I have mentioned this thread to him and he welcomes >comments/critique on the Microsoft exchange: > > [EMAIL PROTECTED] > >- > >12 May 2000 > >Dear Richard [Purcell, Director of Corporate Privacy, Microsoft], > >You will recall talking to me at the Computers Freedom and Privacy >2000 conference. You said then that you wished to resolve the questions >that had been raised about the "NSA_key" in CAPI, and invited Mr Scott >Culp to correspond with me and answer my questions. > >As will have seen, Mr Culp has now refused to continue the correspondence, >after he was asked by me to provide specific, direct answers to questions >I asked. He then offered as his reasons for so doing so a number of >observations which simply did not stand up to scrutiny. When I pointed >this out to him, he ceased to correspond entirely. > >This type of behaviour is not merely impolite, it is intellectually >dishonest and evasive. It is bound to raise suspicion that Microsoft >does have something serious to hide about its conduct. It further puts >in question the integrity of MS systems offered for sale overseas. So >far as I am concerned, if Microsoft now adopts a position of belligerent >silence, I am more concerned about the security of its systems than I >was when I spoke to you a month ago. Then, I was entirely open to the >idea that Microsoft might be able to prove that its conduct could be >innocently explained. I now observe that this, apparently, is not the >case. > >If you confirm that that is the position, so be it. The issue will not >die, even if you now wish to hide from it. Next month, it is expected >that European Parliament will set up a temporary committee to look >further issue into the information security and surveillance matters >which have aroused much concern over the past 2 years. The subject of >the security of US software including this issue, will be on its agenda. > >Yours sincerely, > >Duncan Campbell >