Re: Encrypted search?
On Sun, Sep 21, 2003 at 06:45:21PM -0400, Tyler Durden wrote: Got a crypto question here. Let's say I push out a list I'd like to keep secret to some client machine. The user of that machine must enter some ID or other piece of information. I want the client machine to perform a search of that ID vs the contents of a list (again, resident locally on that machine), but I don't want the user to be able to see the other entries of that list. Have a look at Searchable Public Key Encryption by Boneh et al [1] and Song, Wagner and Perring's paper Practical Techniques for Searches on Encrypted Data [2]. Cheers, Ralf [1] D. Boneh, G. Di Crescenzo, R. Ostrovsky and G. Persiano, Searchable Public Key Encryption, IACR ePrint 2003/195 http://eprint.iacr.org/2003/195/ [2] D. Song, D. Wagner and A. Perrig, Practical Techniques for Searches on Encrypted Data, in Proc. of the 2000 IEEE symposium on Security and Privacy (SP 2000). -- Ralf-P. Weinmann [EMAIL PROTECTED]
Re: Encrypted search?
At 10:11 AM +0100 9/22/03, Dave Howe wrote: Tyler Durden wrote: When the search is performed, the stupid thing to do (I think...someone correct me) is to take the user's ID, encrypt it, and then determine if matches an encypted member of the list (and I don't see encrypted each entry individually as a desirable thing). I am assuming that this allows a savvy user to reverse-engineer the encryption. What you do is hash the ID, then compare it to the list of hashed entries, using the ID as the key to decrypt the data associated with that entry while that isn't subject to reverse engineering, the abuse it *is* open to is random guessing of IDs (every success gives someone else's record, with failures having no penalty) Adding a password (and combining it with the ID to give your key) will address some of that, but really you need to encrypt each entry individually to prevent someone simply decompiling your code and obtaining your full data list. Another option is one I don't have the background at this stage to understand. Let's assume the entire list has been encrypted in one shot. Is there some function such that when this encrypted list is convolved with the user ID a Yes or no can be obtained (indicating presence or absence from the list)? no. if you trial encrypt the sample ID for comparison, you hand them the key to the whole list. Yes, these are all good solutions. If you want a case study of how this might help a company like Amazon, go here: http://www.wayner.org/books/td/u1.php --- My new books: _Policing Online Games_ (http://www.wayner.org/books/pog/) _Java RAMBO Manifesto_ (http://www.wayner.org/books/rambo/)
Re: Drunken US Troops Kill Rare Tiger
hi, You may then need to pass a bill that gives you the right to kick them out of office if they don't fullfill atleast 50% of what they promised in a given time frame. Sarath. --- John Kelsey [EMAIL PROTECTED] wrote: At 04:37 AM 9/22/03 -0700, you wrote: hi, Vote for some one who promises freedom,democracy and development. Is that so hard? They all *promise* that. Sarath. --John Kelsey, [EMAIL PROTECTED] PGP: FA48 3237 9AD5 30AC EEDD BBC8 2A80 6948 4CAA F259 __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com
Re: Drunken US Troops Kill Rare Tiger
And just how are you going to get the kongress-kritters to pass a bill that would allow the public to push them and other poly-ticks out of office if they don't perform? That's like asking them to pass a bill that would limit them from getting raises, soft money, etc... --Kaos-Keraunos-Kybernetos--- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ --*--:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD.\|/ + v + : The look on Sadam's face - priceless! [EMAIL PROTECTED] http://www.sunder.net On Wed, 24 Sep 2003, Sarad AV wrote: hi, You may then need to pass a bill that gives you the right to kick them out of office if they don't fullfill atleast 50% of what they promised in a given time frame.
[cdr] Diebold takes down blackboxvoting.org (fwd)
Who said there were significant differences in corporations and governments...Oh yeah, CACL didI guess they were wrong...again. http://www.theinquirer.net/?article=11743 -- -- God exists because mathematics is consistent, and the Devil exist because we can't prove it. Andre Weil, in H. Eves, Mathematical Circles Adieu [EMAIL PROTECTED][EMAIL PROTECTED] www.ssz.com www.open-forge.com
Re: Elngsih (was )
Interesting idea, but it seems like that would be easy enough to foil. Why not just put the inner characters in a canonical order when scanning? (searching via google or another strict keyword-based search engine is another matter) Then you can cheaply match on a single form regardless of how they have permuted the word. I think the existing techniques that I've seen on the binaries channels on usenet and some of the spam I've been getting lately are already more effective. They just inject noise characters and use creative phonetic spellings. Maybe reducing the words to an improved soundex-like hash would be a more effective technique for dealing with this issue. Anyone know of any work in this area? (spell-checker research would probably yield the most results) Adam Lydick On Mon, 2003-09-22 at 15:39, Thomas Shaddack wrote: Could be the l33t sp3ak next generation for the cases when the communication is monitored by automated tools for keywords. Could foil both alerting on keywords and keyword searching on intercepted and stored material (unless the keyword search would look also for all the possible permutations of the words).
[no subject]
Neal Stephenson at Cody's Thursday and Kepler's Friday From: Bill Stewart [EMAIL PROTECTED] To: [EMAIL PROTECTED] X-Mailer: SquirrelMail (version 1.2.6) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Neal's on tour huckstering Quicksilver this week. From the BASFA list, something that SF readers might be interested in. Neal Stephenson will be appearing at Cody's in Berkeley on Thursday and Kepler's in Menlo Park on Friday. For details see: http://www.harpercollins.com/catalog/event_search.asp?authorID=18676. Nalo Hopkinson will be appearing at the Alexander Book Company in San Francisco on December 4th. We have a provisional date for Ken Wharton to appear at BASFA on October 20th. - End Forwarded Message -
Re: Drunken US Troops Kill Rare Tiger
On Wed, Sep 24, 2003 at 11:23:47AM -0400, Sunder wrote: And just how are you going to get the kongress-kritters to pass a bill that would allow the public to push them and other poly-ticks out of office if they don't perform? That's like asking them to pass a bill that would limit them from getting raises, soft money, etc... Or restrict political spam. Fat chance. -Declan
Re: Drunken US Troops Kill Rare Tiger
Don't forget that in ancient greece the populace could vote any leader into exile. My brother believes we should be able to vote any publically elected official directly into jail, no questions asked. -TD From: Sarad AV [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: Drunken US Troops Kill Rare Tiger Date: Wed, 24 Sep 2003 06:30:39 -0700 (PDT) hi, You may then need to pass a bill that gives you the right to kick them out of office if they don't fullfill atleast 50% of what they promised in a given time frame. Sarath. --- John Kelsey [EMAIL PROTECTED] wrote: At 04:37 AM 9/22/03 -0700, you wrote: hi, Vote for some one who promises freedom,democracy and development. Is that so hard? They all *promise* that. Sarath. --John Kelsey, [EMAIL PROTECTED] PGP: FA48 3237 9AD5 30AC EEDD BBC8 2A80 6948 4CAA F259 __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _ Frustrated with dial-up? Get high-speed for as low as $29.95/month (depending on the local service providers in your area). https://broadband.msn.com
Re: Drunken US Troops Kill Rare Tiger
Bread and Circuses? :) --Kaos-Keraunos-Kybernetos--- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ --*--:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD.\|/ + v + : The look on Sadam's face - priceless! [EMAIL PROTECTED] http://www.sunder.net On Wed, 24 Sep 2003, Tyler Durden wrote: Don't forget that in ancient greece the populace could vote any leader into exile. My brother believes we should be able to vote any publically elected official directly into jail, no questions asked.