Intro to Encryption 244
An anonymous reader submitted a Techworld story which is a sort of encryption primer. The difference between codes & cyphers, and what all those acronyms like RSA and DES actually mean. This is good primer material for newbs, and a good refresher for fogeys.
Eric Rescorla has written a fine book... (Score:5, Interesting)
The explanation of stream vs block ciphers is especially good, with nice examples showing how each technique works.
Comprehensive list of unsolved codes and ciphers (Score:5, Interesting)
http://www.elonka.com/UnsolvedCodes.html [elonka.com]
Enjoy.
- tokengeekgrrl
I realized something while reading the article... (Score:2, Interesting)
Re:Inaccuracy in article? (Score:5, Interesting)
There are other glaring inaccuracies, e.g.: An increasingly important use for asymmetric encryption is digital signing. A digital signature is the reverse of public key encryption.
This is sort-of true if you're talking about plain-vanilla RSA signatures (though even here, it's only about half-right). But in general, digital signatures have nothing to do with encryption. An encryption scheme does not always yield a useful signature scheme, nor vice-versa.
Re:Inaccuracy in article? (Score:3, Interesting)
Re:I realized something while reading the article. (Score:2, Interesting)
I wouldn't worry too much about it though. While I expect new algorithms [probably not even NFS based] to be invented at some point it probably won't be tommorow.
Tom
SETI noise (Score:5, Interesting)
If you want to be absolutely definitely sure that no one can intercept your communication with someone then here's what you do.
1) Get 600MB of random noise data from listening for extra terrestrials from for instance SETI.
2) Burn two CD's, give one to your friend. Keep the other.
3) Encrypt your message by superimposing it on that noise at a given location.
4) send the message as well as the location with the random location that you started copying the noise from (from the CD).
This message can _not_ be deciphered if you make sure that you never reuse the same random noise. Even if you reuse it it is hard.
In addition, if you at some point expect that someone is on to you, just burn the two CD's.
At that point those messages can _never_ be deciphered. Even if you try for a billion years.
Simple.
Unbreakable.
Re:I realized something while reading the article. (Score:2, Interesting)
OTP has the significant shortcoming of key exchange. You have to have a method of distributing keys that will not be compromised. This is extremely hard to do.
If the book ever falls into the wrong hands, then you have to throw everyones book out, and start over. You have to have access to your agents that are inside. Are you just going to send them their new book to the Kremlin, postmark Blechley Park?
It can be done, it is inprenetrible, but has huge risks and shortcomings.
And now to toot a small horn (Score:2, Interesting)
RND number generation and encription cards (Score:4, Interesting)
So if you need random numbers for encryption, try some googling, and you will find many variations on this theme - serial port based equpment; noise from sound card (low cost solution - all you need is software). There are also schemes for do-it-yourself equipment.
Unfortunately, you should be a bit reluctant to accept the idea that all these things work as advertised. Just for beginning, although thermal noise is white noise by default, it get filtered in system during the processing. Its spectrum will not be the same as it was on the origin. (I am not an expert, but I think that spectral characteristics of the signal is not a requrement for randomness, but this is still good example of possible flaw in implementation.)
If I would start using this, I would test this generators with some mathematical tools.
Also, there are encription cards. I was able to see one made by Soekris. It has hardware implementation of DES. DES is designed to be done in hardware - shifting and xoring is easy to implement in hardware. Soekris makes 486 and P5 low-consumption small sized boxes. With this card, you may make good and fast IPSec firewall that runs on 133MHz 486 (!). Unfortunately, I am not in touch with this equipment any more, but problem was that Linux driver was in alpha state (situation from 10 months ago). BSD drivers were in release state.
(One idea came to my dirty mind - how interesting this card might be for crackers?)
Re:known plaintext attacks? (Score:2, Interesting)
That's where I threw up my hands in disgust. I've never heard of a "random cipher" before. Did he mean one time pad? Those are provably unbreakable, assuming you have a good source of random numbers. Did he mean XOR the message from a cheap-ass PRNG? Unnacceptable. And why 4 bytes at a time? If it's just XOR, then 4 bytes at a time buys you nothing.
This article was written by someone who read someone else's articles, and understood about half of it.