Re: [cryptography] Effective Solving of the Tasks from NP by a Quantum Computer
-Original Message- From: cryptography [mailto:cryptography-boun...@randombit.net] On Behalf Of Andrea Shepard On Sun, Jan 26, 2014 at 01:30:31PM +0200, Alexander Klimov wrote: Can anyone comment on this recent paper (submitted on 23 Jan 2014): http://arxiv.org/pdf/1401.6030v1 It's not even wrong, to borrow a phrase from the physicists. The operator that paper describes to replace the one in Grover's algorithm is a nonlinear operator on the state space. This algorithm would only be useful in some other universe where quantum mechanics worked completely differently. No need to use harsh words and mocking. The author of the paper himself is very clear in the beginning of Section IV when he says: The implementing of Xi operator, which depends on some quantum state xi and acts on another quantum system is an open question in the scope of this work. Danilo! ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
[cryptography] post-PRISM boom in secure communications (WAS skype backdoor confirmation)
This was expected. As Skype definitely ruined its reputation as free end-to-end application for secure communication, other products are taking their chances. Agencies showing sudden interest in encrypted comm --- http://gcn.com/blogs/cybereye/2013/06/agencies-sudden-interest-encrypted-com m.aspx From the article: ... The company has benefited from current events, particularly recent revelations about the National Security Agency's surveillance of Internet and telephone communications. Growth, already a strong 100 percent month-over-month, rocketed to 420 percent in the last two-and-a-half weeks. ... Danilo! On Wed, May 22, 2013 at 10:30 AM Danilo Gligoroski danilo.gligoro...@gmail.com wrote: ... 3. I see a chance for some other product like: Zfone (that never took significant popularity),maybe Pidgin, maybe Cryptocat, ... ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] skype backdoor confirmation
ianG wrote: Skype made their reputation as being free and secure (e2e) telephony. The latter was something that many people bought into. It is now the largest telco in the world, by minutes, in no small part because people enjoyed both security as well as free calls to their friends. Yes. A typical luring strategy. First you offer something good and e2e secure (even confirmed by independent auditors), build a huge base of users, then by Important Security Updates you actually remove the luring part i.e. the e2e security. If indeed they have done this, then people like us -- the security community -- are entitled to report the deception widely. In the awareness rising I see several options: 1. Indeed these discussions among the security community 2. Eventually some contacts with journalists will help the cause (one live demonstration on some security/crypto conference like Usenix, Black Hat, Crypto, ... will do the job). 3. I see a chance for some other product like: Zfone (that never took significant popularity),maybe Pidgin, maybe Cryptocat, ... 4. Even some open source security plugin for Skype. Danilo! ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] skype backdoor confirmation
John Levine wrote For what? Skype has kept chat logs for years, and the government routinely subpoenas them. It depends how much scared will become the politicians and decision makers in Washington DC and Brussels from the latest publicly revealed security backdoors of Skype. Danilo! -Original Message- From: cryptography [mailto:cryptography-boun...@randombit.net] On Behalf Of John Levine Sent: Saturday, May 18, 2013 2:49 AM To: cryptography@randombit.net Cc: dani...@item.ntnu.no Subject: Re: [cryptography] skype backdoor confirmation Maybe we will see subpoenas or public hearings for Microsoft and their Skype. For what? Skype has kept chat logs for years, and the government routinely subpoenas them. I was a technical expert in a pump and dump spam trial last fall, and a large part of the evidence was Skype chat logs among the members of the spamming group. Also keep in mind that Microsoft bought Skype from eBay, so there is nothing new about it being owned by a U.S. company. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] GOST attack
Danilo Gligoroski wrote: Now, 64-bit blocks are much bigger than 4-bit blocks, (and the secret key is still 256 bits i.e. much larger than the block size), but the principles of the codebook attack are the same. Marsh Ray wrote: Hmmm...there's more than proportional exponents going on here. snip The key space contains 2^K elements, K = 256 in our examples, while the set of possible permutations is (2^N)! . Hehe, sure - that is why I said but the principles are the same, thinking about the same example that you are mentioning: (2^4)! ~ 2^44 2^256 and (2^64)! 2^256 . But, for all cryptographic operations knowing the complete random permutation i.e. the cipher codebook is equivalent as possessing one (or maybe THE one) unknown key without knowing that key. OK - I should correct myself and say, their work (if correct) IS INTERESTING, from the point of view that they are capable to compress a random permutation of 2^64 elements produced by GOST-256, into 256 bits (the unknown key) with a complexity of 2^228 operations. 1. From complexity point of view - interesting result, 2. From security point of view - a work with false and bogus claim written in a propaganda style with CAPITAL letters in the abstract: ... we show that GOST is NOT SECURE ... dedicated to ISO standardization committee - nothing else. Regards, Danilo! ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Digital cash in the news...
Nicholas Bohm write: Now I find I can exchange a little over five bitcoins for a 50 Amazon gift certificate that Amazon seems happy to credit to my account. Danilo Gligoroski wrote: Your example is about two actors: Amazon and BitCoin, acting within small amounts of goods, services and issued currency. John Levine wrote: No, it's not. There's someone who will trade you Amazon gift certificates for bitcoins. snip Amazon neither buys nor sells bitcoins. Not (directly, yet), but for the end user who possess a bitcoin it appears as that. The concept of having several entities in the financial chain between the end consumer of the goods and the issuer of those goods is present in the human history for thousands of years. I see that those kind of financial chains are building around the concept of Bitcoin too. I still am not aware of anything you can actually buy for bitcoins (as opposed to trading them for various kinds of real and fake money) other than drugs. Insisting on the story that you can only buy drugs by bitcoins in my view is too harsh toward the concept of Bitcoin. Last week I was in Helsinki on a summer school for cloud computing and there a guy offered me to buy me a beer with his bitcoins. I do not have any Bitcoin (yet), but as time goes on, probably I will have one. CERTAINLY NOT FOR BUYING DRUGS, but because I want to see how that nice crypto design works and grows in practice. The allegations that the Bitcoins are tool for buying drugs will probably repel some potential Bitcoin owners and sadly will imprint them as a dangerous social group. To paraphrase Peter Gutmann from his post on this topic from last week: How about the allegations about The Bitcoin-based Child Porn Market and The al-Qaeda/Bitcoin Connection. Regards, Danilo! ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] GOST attack
To extract the essence of both Klimov's and Aumasson's posts about this attack from the codebook point of view (where I completely agree): Alexander Klimov alser...@inbox.ru wrote: Since GOST has a 64-bit block size, it means that the attacker starts with the full map of (plaintext, ciphertext) pairs. In a sane system the key is either random or a result of KDF -- what can be the point of such an attack? Jean-Philippe Aumasson wrote: AFAIU this attack indeed needs store all 2^64 plaintext/ciphertext pairs, and needs 2^228 computations. This makes it less interesting than a generic codebook attack, which only needs the former 2^64 storage. To illustrate the futility of this attack here is an extreme example with a baby-block, giant-key block cipher: Let we have a 4-bit block cipher with 256-bit keys. Give to the attacker all 2^4=16 pairs of (Plaintext, Ciphertext) i.e. give him the secret permutation of 16 elements that is our 4-bit block cipher with 256-bit key. Although mathematically is not equivalent as knowing the secret key, (in this case many different key values will give the same block cipher), for all cryptographic purposes (encryption, decryption, any mode of operation, producing MACs, ...) his knowledge of the full codebook will reproduce the same results as knowing one secret key. Now, 64-bit blocks are much bigger than 4-bit blocks, (and the secret key is still 256 bits i.e. much larger than the block size), but the principles of the codebook attack are the same. Thus the task of reproducing the secret key by knowing the full codebook of 2^64 pairs of (Plaintext, Ciphertext) after 2^228 computations is futile. Regards, Danilo! ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Digital cash in the news...
Nicholas Bohm write: Now I find I can exchange a little over five bitcoins for a £50 Amazon gift certificate that Amazon seems happy to credit to my account. I see the example of an institution (organization, company, entity, ...) willing to happily credit the current value of *whatever currency* with *concrete products (goods)* or *concrete services* is the best example how and why *that currency* can become a trade tool for exchanging the goods as well as services. Your example is about two actors: Amazon and BitCoin, acting within small amounts of goods, services and issued currency. But there is another example with two other actors that are playing the currency spiral game of trust with HUGE, HUGE amounts: I am talking about China and the US Federal Reserve System. The amounts are in trillions of dollars, issued by Federal Reserves, and are happily (oh, maybe lately not that happily) accepted by China. Now, instead of Amazon, if we start to see similar Chinese entities (but not necessarily just Chinese, maybe some of the BRIC countries) that will be happy to credit the BitCoins with concrete products and services, then BitCoin as a trade tool for exchanging goods and services will probably survive in the next period. Or, seeing the latest Chinese-made crypto products like the latest ZUC portfolio of crypto primitives for the new 4G standard, instead of BitCoin, I expect to see a BitYuan. Regards, Danilo! ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography