Re: [cryptography] NIST Randomness Beacon
the idea of a service that provides data unknown before a certain date (like a photo of a recent newspaper) was suggested here - http://rachelbythebay.com/w/2012/08/29/info/ for fun, i implemented that here - http://colorlessgreen.net/ (the random value is updated every 5 secs, roughly, and encoded as a memorable phrase) of course, in this case, a PRNG was used, and i am not NIST (so i am not guaranteeing unpredictability ot autonomy to the same extent!), and the output is only ~50 bits in size. as far as i know, no-one uses it for anything... andrew On Sat, Nov 09, 2013 at 08:28:17PM -0800, d.nix wrote: surely someone here has an opinion... http://www.nist.gov/itl/csd/ct/nist_beacon.cfm :-) ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] NIST Randomness Beacon
On Sat, Nov 09, 2013 at 08:28:17PM -0800, d.nix wrote: surely someone here has an opinion... http://www.nist.gov/itl/csd/ct/nist_beacon.cfm From the page, a relevant suggestion: WARNING: DO NOT USE BEACON GENERATED VALUES AS SECRET CRYPTOGRAPHIC KEYS. The Beacon is a potentially useful service. Folks have implemented similar semantics by, for example, hashing the DJIA closing value of a given date (see http://xkcd.com/426/). NIST's implementation, of course, makes them a trusted third party to any security critical applications of this oracle. I'd be more comfortable with a cryptographic hash of an unpredictable but publicly determined value; however, it's hard to find one that has as much entropy as the Beacon. For example, suppose you use the low bits of the bitcoin blockchain hash. An attacker with 10% of the hash power could probabilistically attack such a system by chosing blocks with a specific value in those bits; furthermore, the miners might know the relevant value earlier than other users of the system. -andy ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Which encryption chips are compromised?
The Guardian version (greater redaction): http://s3.documentcloud.org/documents/784159/sigintenabling-clean-1.pdf NYTimes-ProPublica version (lesser redaction): http://s3.documentcloud.org/documents/784280/sigint-enabling-project.pdf [0] A related question is where were these slides posted on the Guardian and NYT sites? Which did which redaction? [1] https://twitter.com/ashk4n/status/37575818993312/photo/1 http://financialcryptography.com/mt/archives/001455.html ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Which encryption chips are compromised?
On 10/11/13 16:31 PM, John Young wrote: The Guardian version (greater redaction): http://s3.documentcloud.org/documents/784159/sigintenabling-clean-1.pdf NYTimes-ProPublica version (lesser redaction): http://s3.documentcloud.org/documents/784280/sigint-enabling-project.pdf [0] A related question is where were these slides posted on the Guardian and NYT sites? Which did which redaction? [1] https://twitter.com/ashk4n/status/37575818993312/photo/1 http://financialcryptography.com/mt/archives/001455.html Nice! Lots more information, and evidence. Blog post updated... This appears to be the NYT commentary: http://www.nytimes.com/interactive/2013/09/05/us/documents-reveal-nsa-campaign-against-encryption.html?_r=0#briefing What I was surprised about with these detailed revelations was that there was almost no fuss. This stuff is the smoking gun for our industry. I must have been totally asleep to miss them... iang ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Which encryption chips are compromised?
The Gardian, NYT and ProPublica have disclosed their close coordination for Snowden releases. But AFAIK have not disclosed redaction coordination. There is a bit of evidence of PDF and publication coordination among The Guardian and the NYT-Propub via PDF properties and DocCloud file number: ProPub produced its PDF a few minutes before The Guardian but the Guardian was first to put it on DocCloud. Two types of PDF programs were used. Thus the redactions made by likely different means and therefore possibly different means might be used to lift the redactions. The imaging PDFs by the spies are more protective than the commercial versions, and produce much larger file sizes. and more blurred content. See those by ODNI as examples. Several programs claim to be able to lift PDF redactions. PitStop is one we have used successfully some time ago but not recently. http://www.enfocus.com/en/products/pitstop-pro Redax is used widely by the USG to redact. Our version of Redax does not lift the Sigint Enabling redactions on either version. http://www.appligent.com/desktop-software/redax/ Some may recall we lifted redactions on an NYT release of CIA overthrow of Mossedeq by accident when an old, slow machine momentarily delayed the black stripes. We froze the screen repeatedly to grab and reconstruct the underlying text. Adobe has since fixed that hole. But there are likely others due to the incessant attack on vainglorius Adobe. A source for hacking PDF passwords and maybe lifting redactions is Elcomsoft.com, a Russian firm infamous for its coder Dimitry Sklyrov indictment for copyright miscreancy. https://www.eff.org/cases/us-v-elcomsoft-sklyarov http://www.elcomsoft.com/ Lifting redactions would be a fine research project, kind of like Tempest revelations, so great are redactions deployed by govs and journalists these days to wield and flaunt joint complicity to tease and withhold until bribes and budget increases are paid. But results would have to be fast and undercover before the digital barn doors are closed and old-time paper incision is re-instituted. Same for eventual dust-binning of digital crypto in favor of, well, best not to fall for open source delusion again. At 11:25 AM 11/10/2013, you wrote: On 10/11/13 16:31 PM, John Young wrote: The Guardian version (greater redaction): http://s3.documentcloud.org/documents/784159/sigintenabling-clean-1.pdf NYTimes-ProPublica version (lesser redaction): http://s3.documentcloud.org/documents/784280/sigint-enabling-project.pdf [0] A related question is where were these slides posted on the Guardian and NYT sites? Which did which redaction? [1] https://twitter.com/ashk4n/status/37575818993312/photo/1 http://financialcryptography.com/mt/archives/001455.html Nice! Lots more information, and evidence. Blog post updated... This appears to be the NYT commentary: http://www.nytimes.com/interactive/2013/09/05/us/documents-reveal-nsa-campaign-against-encryption.html?_r=0#briefing What I was surprised about with these detailed revelations was that there was almost no fuss. This stuff is the smoking gun for our industry. I must have been totally asleep to miss them... iang ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
[cryptography] New cipher modification
Please review the attached document. Any feedback would be appreciated. Sent from Yahoo Mail on Android H4-U16.doc Description: MS-Word document ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] New cipher modification
On Sun, Nov 10, 2013 at 8:19 PM, Roth Paxton tetragrammaton9...@yahoo.com wrote: Please review the attached document. Any feedback would be appreciated. Please review the attached 0-day word exploit? To be fair, I don't think there's an exploit. But there's no reason to use a word document when a web page or even putting the text inline would suffice. - Taral ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
[cryptography] New modification to cipher
H4-U16 Cryptographic Algorithm by Roth C. Paxton 10/21/2013 Abstract The purpose of this paper is to describe a powerful new cryptographic algorithm that utilizes stacked blocks of data to encrypt and decrypt information. H4-U16 is an abstract symmetric block cipher that relies on the homomorphic properties of linear sets in three dimensional vector space to create large numbers of indeterminate polysymbolic substitutions for each letter of the alphabet. Each letter of the alphabet is essentially a superset or set of sets in which each set has the property of being homomorphic to each and every other set that is generated for that letter. Every set generated for any letter has equal probability of being syntactically equivalent but semanticaly different from any other set for any other letter. Due to this property it is virtually impossible to discern any encrypted letter from any other encrypted letter as the encryption changes for each additional letter encrypted. H4-U16 is information theoretic security and is immune to brute force attacks drawing its strength from the complexity of its key. Introduction H4-U16 is based loosely on the design of a rubicks cube. If you will please discard the traditional construction of a rubicks cube and focus more on a construction like SHA3. H4-U16 is constructed from five four by four grids that are then stacked to form a three dimensional cube. Each part of this cube can be shifted by dividing each grid (block) of data into four quadrants of four squares apiece. Now , each quadrant can rotate four times and each block can rotate four times. This serves to shift each constituent part of the cube (80 Squares) an innumerable number of times. Data or plaintext can be encrypted by selecting a pattern of highlighted squares that fits over the face of the cube and stands for a letter. H4-U16 uses what I call homomorphic linear sets to accomplish the task of encryption. As far as I know no such thing as a homomorphic linear set exists in the literature anywhere. A homomorphic linear set is a concept that I have come up with that is based on the concept of a linear homomorphism and applied to cryptography. In my mind I picture a set of five different objects situated equidistantly on a line in three dimensional vector space. The only relationship that these five very dissimilar objects share with one another is the fact that they are all situated on a line. The concept of homomorphic linear set comes into play when one views the line of objects from the front so that they are overlapped. Now imagine that there is a lightbulb situated at the front of the line and that all of the very dissimilar objects are perfectly in line with one another still situated at equidistant points and overlapping. Now when I select any one of these objects imagine that the lightbulb lights up. What I have done by adding the lightbulb is to create a homomorphic linear set. All of the objects are different but are related to each other by having the property of lighting the lightbulb any time that one of them is selected. That as far as I know is a homomorphism. Now imagine that I design some pattern of these homomorphic linear sets by selecting patterns of lightbulbs that light up any time one of the objects that is contained within my sets are selected. As it stands right now if I have five sets of these linear sets that are in a circle or a square or any other pattern that is recognizable when one object is highlighted from each set then I have a pool of data that can be used to generate sequences of objects (five letter sets) that are all equivalent semantically but completely different syntactically. Imagine that these five sets are as follows- 1- A,B,C,D,E 2-F,G,H,I,J,K 3-L,M,N,O,P 4-Q,R,S,T,U 5-V,W,X,Y,Z. This should generate or form the superset (1,2,3,4,5) If I were to select A from 1, H from 2, P from 3, R from 4, and Z from 5 it would be the same as selecting any other sequence of one letter from each set as they would all fall into the superset (1,2,3,4,5). By selecting sets of letters in this way I can generate 3,125 sets of five characters (5^5). Each and every one of these sets are equivalent as they are essentially substitutions that are linked by the homomorphic property of the linear sets (each set chosen lights all five lightbulbs that are situated in a pattern that signifies a letter or number). Now imagine that I have some way of taking the sets themselves and changing their ordering and also changing the actual sets themselves to include members of other sets in a random fashion. This is what the cube accomplishes. By arranging eighty unique characters in a cube and then rotating parts of the cube it allows the characters to change positions and exist in other sets. By shuffeling the blocks it allows the characters to shift their order in each set. If each