Cryptography-Digest Digest #428, Volume #12 Sat, 12 Aug 00 23:13:01 EDT
Contents:
Re: 1-time pad is not secure... (John Savard)
Re: 1-time pad is not secure... (Tim Tyler)
Re: 1-time pad is not secure... (Tim Tyler)
Re: Updated stream cipher (David A. Wagner)
Re: Crypto Related Professional Attitude (Bob Silverman)
Re: Crypto Related Professional Attitude (Bob Silverman)
Re: Updated stream cipher (David A. Wagner)
Re: 1-time pad is not secure... ("Douglas A. Gwyn")
Re: 1-time pad is not secure... (Tim Tyler)
Re: Not really random numbers (Anthony Stephen Szopa)
Re: 1-time pad is not secure... ("Douglas A. Gwyn")
Re: Updated stream cipher (David A. Wagner)
Re: Not really random numbers (tomstd)
Re: 1-time pad is not secure... (Anthony Stephen Szopa)
Re: Updated stream cipher (tomstd)
Re: 1-time pad is not secure... ("Douglas A. Gwyn")
Re: 1-time pad is not secure... (Anthony Stephen Szopa)
Re: Crypto Related Professional Attitude ("Douglas A. Gwyn")
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: 1-time pad is not secure...
Date: Sun, 13 Aug 2000 02:05:03 GMT
On Sat, 12 Aug 2000 00:12:18 -0500, "Joseph Ashwood" <[EMAIL PROTECTED]>
wrote, in part:
>I still don't think you are quite understanding. The
>complete proof of One Time Pad does not bind it exclusively
>to XOR, it is simply the only known algorithm that meets the
>qualifications.
You must have missed my post in which I explain otherwise:
<begin quote>
On Thu, 10 Aug 2000 00:05:11 -0500, "Joseph Ashwood" <[EMAIL PROTECTED]>
wrote, in part:
>The proof also relies on the availability of a "perfect"
>cipher, of which only XOR is the only one known (I can
>supply the criteria if needed).
Addition modulo n over the characters of an alphabet with n symbols is
also 'perfect' in the sense required for implementing a one-time-pad.
In fact, any cipher which has the properties:
- it operates on blocks with N possible values, and produces blocks
with the same N possible values as output,
- there are N possible keys (or a multiple of N!),
- for every input block, all N values of the output block are
possible, and are reached by an equal number of keys
is 'perfect' in the sense required. Hence, DES, where the regular key
is a constant, and where the 'key' applied from the one-time-pad
consists of two subkeys, one from an even round and one from an odd
round, is 'perfect' in this sense.
(One can also replace a specific 32 bits of each of these two subkeys
instead of all 48; the middle four bits of every six. This has to do
with the structure of the S-boxes and the expansion permutation.)
Thus, XOR is *not* the only suitable cipher for applying an OTP to
plaintext.
<end quote>
I really found the claim that ONLY the XOR operation works with a
one-time-pad quite amusing. It caused me to envisage reading the
following news item in the paper:
"Today, the NSA revealed the greatest secret of its VENONA intercept
program.
'Previously, it was disclosed that some of the Russian messages sent
on one-time-pads were read, because through error or overconfidence,
the same pads were actually used more than once. As well, the slight
imperfections in pads generated by human typists trying to type random
numbers were exploited to obtain additional limited insights into some
messages', an unidentified NSA spokesman said.
'However, what was not revealed at that time was that the NSA had, due
to a mathematical breakthrough, discovered a fundamental flaw in the
Russian use of the one-time-pad which allowed us to read even those
messages sent with genuinely random numbers only used once. The
Russian messages were made from decimal digits, and so were the
one-time-pads they used. But the addition of a message digit from 0 to
n-1 to a random digit from 0 to n-1, modulo n, cannot actually
perfectly conceal the message digit if n is greater than 2, as a
consequence of what is now known in the civilian world as the
Fujisaki-Okamoto-Kanasewich theorem.'
Fortunately, I have no fear of waking up in a world where the laws of
mathematics really work this way...
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: 1-time pad is not secure...
Reply-To: [EMAIL PROTECTED]
Date: Sun, 13 Aug 2000 01:42:45 GMT
Douglas A. Gwyn <[EMAIL PROTECTED]> wrote:
: jkauffman wrote:
:> ... Future research may show the apparent randomness in QM to be
:> explainable in terms of hidden variables, ...
: The current state of our knowledge about this is that any hidden
: variables that might "exist" must produce exactly the same effects
: as true randomness. [...]
That appears to be a huge overstatement. Yes, certain local hidden
variable theories have been discounted... but it's plain false to say
that *any* hidden variables that might "exist" *must* produce exactly
the same effects as true randomness [emphasis added].
: Which operationally is the same as saying that there are no hidden
: variables.
Again, absence of evidence is not evidence of absence.
:> and your measuring equipment was absolutely perfect,
:> measured the underlying phenomenon to arbitrary precision,
:> and introduced no bias to the results due to manufacturing
:> imperfections whatsoever?
: It is absolutely standard scientific procedure to take into
: account the characteristics of the apparatus. Perfection is
: not necessary, and it is insane to require it. There are also
: well-understood (provable) procedures for removing stationary
: bias from a random bit stream.
So you hope that stationary bias is the only type present?
That appears to be an act of faith. For example, what if
observations have some kind of cumulative effect on the measuring
device?
: Basically, the fellow who said we couldn't get genuine
: randomness from physical phenomena was mistaken.
Or rather you don't agree with him. Do you know of a "perfect" random
number generator? If so, I invite you to show me.
--
__________ Lotus Artificial Life http://alife.co.uk/ [EMAIL PROTECTED]
|im |yler The Mandala Centre http://mandala.co.uk/ Namaste.
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: 1-time pad is not secure...
Reply-To: [EMAIL PROTECTED]
Date: Sun, 13 Aug 2000 01:45:34 GMT
Joseph Ashwood <[EMAIL PROTECTED]> wrote:
: Actually I believe those questions were stated as
: assumptions in the OTP proof. Namely that a perfect random
: numnber generator exists (along with certain requirements),
: and that the pad is secret. [...]
: Now OTP is a purely theoretic construct, so the availability
: of the required parts is not of interest, they only become
: of the most damning form when one attempts to create a
: realization of the theoretic construct, which has proven
: impossible to this day.
Indeed.
--
__________ Lotus Artificial Life http://alife.co.uk/ [EMAIL PROTECTED]
|im |yler The Mandala Centre http://mandala.co.uk/ Goodbye cool world.
------------------------------
From: [EMAIL PROTECTED] (David A. Wagner)
Subject: Re: Updated stream cipher
Date: 12 Aug 2000 18:13:17 -0700
Frank M. Siegert <[EMAIL PROTECTED]> wrote:
> I put some work into my cipher 'stepfive' [...] Comments anyone?
It's a little complicated. That makes analysis more time-consuming.
It might help if you described the motivation for this cipher. What
problem does it solve that other ciphers can't? Why is it interesting?
How fast is Stepfive? It looks to me like it could be slow.
I noticed that Stepfive uses loops with variable iteration counts.
Although I can't say whether this property leads to weaknesses in this
specific case, in general it can often allow timing attacks.
------------------------------
From: Bob Silverman <[EMAIL PROTECTED]>
Subject: Re: Crypto Related Professional Attitude
Date: Sun, 13 Aug 2000 02:09:01 GMT
In article <[EMAIL PROTECTED]>,
tomstd <[EMAIL PROTECTED]> wrote:
> This post is for the professionals such as Biham, Rivest,
> Schneier, Wagner, Shamir, Coppersmith, etc...
>
> Why don't you guys ever participate even a little in sci.crypt?
>
> No offense but you claim to be active in crypto, and honest you
> guys know way more then most of us (including me). So why not
> post from time to time excluding posts to plug your papers?
>
I can answer this.
There are too many cranks and too many who want to promote their
own "agendas".
Look at the recent "OTP are bogus" thread.
There is just too much nonsense posted here, too many who don't
want to listen, too many who are convinced they are right even when
presented evidence to the contrary and too many who just want to
be contrary.
--
Bob Silverman
"You can lead a horse's ass to knowledge, but you can't make him think"
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Bob Silverman <[EMAIL PROTECTED]>
Subject: Re: Crypto Related Professional Attitude
Date: Sun, 13 Aug 2000 02:09:14 GMT
In article <[EMAIL PROTECTED]>,
tomstd <[EMAIL PROTECTED]> wrote:
> This post is for the professionals such as Biham, Rivest,
> Schneier, Wagner, Shamir, Coppersmith, etc...
>
> Why don't you guys ever participate even a little in sci.crypt?
>
> No offense but you claim to be active in crypto, and honest you
> guys know way more then most of us (including me). So why not
> post from time to time excluding posts to plug your papers?
>
I can answer this.
There are too many cranks and too many who want to promote their
own "agendas".
Look at the recent "OTP are bogus" thread.
There is just too much nonsense posted here, too many who don't
want to listen, too many who are convinced they are right even when
presented evidence to the contrary and too many who just want to
be contrary.
--
Bob Silverman
"You can lead a horse's ass to knowledge, but you can't make him think"
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED] (David A. Wagner)
Subject: Re: Updated stream cipher
Date: 12 Aug 2000 18:35:24 -0700
Ok, I looked a little closer at Stepfive.
I noticed that there's an attack which you did not describe but which
appears to be prevented by a fortuituous property of the key schedule.
Good luck, or careful design?
The weakness is that we might enter a cycle of period 1. Suppose we
have x=a, y=b, S5field[x][y].v = (x,y), S5field[x][y].e = (0,0), and
bitcount[modifier]=0. Then getS5Element(modifier) leaves the internal
state entirely unchanged, and thus we enter a cycle of period one if we
repeat the same modifier [1]. If everything were random, these events
would have prob. 1/2^32, so we would expect the generator to enter a
cycle of length 1 after something like 2^32 bytes of output.
All that is well and good, except that it turns out that the above
attack doesn't work. The key schedule chooses S5keyfield[][].v so that
it forms a permutation of the 256 elements with a single cycle, and this
permutation is never altered. Therefore, you can never enter the short
cycle, because the condition S5field[x][y].v = (x,y) never holds.
[1] One should ask how it can happen that the same modifier gets used
every time. This happens if we always use modifier=0, as suggested as
one option in the documentation.
Alternatively, if we run the cipher in feedback mode, the same modifier
will be repeated every time if getS5element()=modifier. This happens
with prob. 1/256, so we would need a total of 2^40 (not 2^32) bytes of
output to break the cipher in cipher feedback mode.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: 1-time pad is not secure...
Date: Sat, 12 Aug 2000 22:27:12 -0400
Tim Tyler wrote:
> Any process that appears random may be the deterministic outcome of
> events at a lower level.
Definitely wrong when applied to quantum phenomena.
> If randomness in physics /were/ as well established as the law of
> gravity, there would be less discussion about its existence.
Actually the fundamental randomness is better established than any
theory of gravitation.
> : And in fact there *are* random bitstream generators based
> : on fundamentally random physical processes.
> Indeed. However, nobody really knows how close to perfect
> randomness the results of such generators get.
By what measure? It is hardly a valid criticism of a design
to say that it doesn't meet some unmeasurable criterion.
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: 1-time pad is not secure...
Reply-To: [EMAIL PROTECTED]
Date: Sun, 13 Aug 2000 01:55:07 GMT
fvw <[EMAIL PROTECTED]> wrote:
: <[EMAIL PROTECTED]> ([EMAIL PROTECTED]):
:>and as for quantum theory ... well, is it necessarily random? couldn't
:>there be hidden variables? [...]
: I'm not completely up to scratch on hidden variables theory, but the
: only way hidden variables can work (if it can work at all) is as long
: as the variables remain so hidden they do not give more informatoin
: than copenhagen QM. So in the end, even though the info might exist,
: it still doesn't help you, not even theoretically.
This (in particular the word "only") is too strong. Yes, any hidden
variables that exists have to appear to aggregate to produce
random-looking events on various scales that have been measured, to
certain degrees of accuracy. This does not say how that should behave
on ranges about which no experiments have yet been performed, or when
considered to higher degrees of accuracy than existing experimants
have looked at.
It remains possible that deviations from apparently random behaviour that
favour a hidden variables interpretation will be found at some future
date.
--
__________ Lotus Artificial Life http://alife.co.uk/ [EMAIL PROTECTED]
|im |yler The Mandala Centre http://mandala.co.uk/ Namaste.
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Subject: Re: Not really random numbers
Date: Sat, 12 Aug 2000 19:27:44 -0700
James Felling wrote:
>
> Anthony Stephen Szopa wrote:
>
> > Jamie wrote:
> > >
> > > In the UK pre-Pay phone cards are big business... you buy a card, reveal a
> > > number, key the number to a phone system and you have so much talk time. I
> > > am working on an application in a simmilar field...and ofcourse the issue of
> > > generating these numbers has come up once again. I need ideas for a number
> > > generator that satisfy the following contidions:
> > >
> > > 1 The magnitude of the generated numbers can be specified, 2^30, 2^35,
> > > 2^40... 2^90
> > >
> > > 2 The period must be greater then 2^^20
> > > (So numbers generated dont repeat)
> > >
> > > 3a Given a short fragment of the sequence it must be difficult to deduce the
> > > next number in sequence
> > > 3b Given one number it must be unlikely that another number is both close in
> > > value and close in position in the sequence
> > > (vague but I guess I mean that a "hacker" wont succed randomly guessing the
> > > next number)
> > >
> > > 4 The sequence must be re-startable.
> > >
> > > 5 No need for an even distribution or anything like that.
> > >
> > > My starting point was an algorithm like
> > >
> > > Nn+1=(P1*Nn+P2) mod P3
> > >
> > > P1,2,3 are primes P3 determining the magnitude of the numbers generated
> > >
> > > Nn+1 the next number in the sequence
> > >
> > > But this seems to be full of holes.
> > >
> > > any ideas on an algo ?
> >
> > Go to http://www.ciphile.com and download OAR-L3: Original
> > Absolutely Random - Level3 random number generator shareware
> > software.
> >
> > Go to the Downloads Currently Available web page and download the
> > software directly. You will be able to generate more random numbers
> > than you could conceivably ever need.
> >
> > If used according to recommendations there is practicably no chance
> > anyone will be able to duplicate your random numbers.
> >
> > If you think you could use this software commercially, email me.
> >
> > A.S.
>
> Unless you have a desire for keysetup to take a truly ridiculous amount of time (
> realisticly obtaining a the level of internal randomness you desire is possible,
> but this will take aproximately 1/2 to 1 full hour of your time per keysetup)
> OAP/OAR are not worth your while, and are in all probability slower than an
> optimized BBS generator.
This reply post has a glimmer of intelligence within it.
It may take an hour or even more to generate a suitable initial
encryption data file key using OAP-L3 that will be used to generate
the initial (and secure) encryption Data FILE.
(You need to be familiar with the software and how it generates its
random numbers to understand this process. Also consider that with
each subsequent generation of an encryption data file from a previous
encryption data file, the complete key continues to become longer
and longer (and increasingly more secure) since it builds on the
previous key(s).)
But once you do so, a subsequent encryption Data FILE can be
generated from this now secure initial encryption Data FILE, and any
other subsequent encryption Data FILES can be generated from the
previously generated encryption Data FILE, thus each subsequent
encryption Data FILE after this initial one will be much less time
consuming to generate.
The current implementation requires that you generate all your OTP
files before you encrypt. You could generate many many gigabytes of
random data files and store them while your computer is not being
used for anything else, such as while you are sleeping.
As far as speed of encryption goes, the actual encryption may
actually be the fastest of any encryption software. It only
involves XORing the original data file with the random number files.
Since the random number files have already been generated this
process is quite fast.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: 1-time pad is not secure...
Date: Sat, 12 Aug 2000 22:29:35 -0400
Tim Tyler wrote:
> That appears to be a huge overstatement. Yes, certain local hidden
> variable theories have been discounted... but it's plain false to say
> that *any* hidden variables that might "exist" *must* produce exactly
> the same effects as true randomness [emphasis added].
No, *all* local hidden variable theories have been ruled out.
So far from being an overstatement, it was a summary of the
best current knowledge resulting from controlled experiment.
------------------------------
From: [EMAIL PROTECTED] (David A. Wagner)
Subject: Re: Updated stream cipher
Date: 12 Aug 2000 18:39:28 -0700
Ok, one more comment, and I promise I'll stop.
I noticed that Stepfive's state-update function is not bijective.
In other words, some information is lost as the cipher proceeds.
(The information loss occurs exactly during the 'recursion' steps.)
How much information is lost, and is the loss problematic? I don't know
the answers to those questions. But it seems that these are questions
which deserve deeper investigation than I have time for myself.
------------------------------
Subject: Re: Not really random numbers
From: tomstd <[EMAIL PROTECTED]>
Date: Sat, 12 Aug 2000 19:31:25 -0700
Anthony Stephen Szopa <[EMAIL PROTECTED]> wrote:
>James Felling wrote:
>>
>> Anthony Stephen Szopa wrote:
>>
>> > Jamie wrote:
>> > >
>> > > In the UK pre-Pay phone cards are big business... you buy
a card, reveal a
>> > > number, key the number to a phone system and you have so
much talk time. I
>> > > am working on an application in a simmilar field...and
ofcourse the issue of
>> > > generating these numbers has come up once again. I need
ideas for a number
>> > > generator that satisfy the following contidions:
>> > >
>> > > 1 The magnitude of the generated numbers can be
specified, 2^30, 2^35,
>> > > 2^40... 2^90
>> > >
>> > > 2 The period must be greater then 2^^20
>> > > (So numbers generated dont repeat)
>> > >
>> > > 3a Given a short fragment of the sequence it must be
difficult to deduce the
>> > > next number in sequence
>> > > 3b Given one number it must be unlikely that another
number is both close in
>> > > value and close in position in the sequence
>> > > (vague but I guess I mean that a "hacker" wont succed
randomly guessing the
>> > > next number)
>> > >
>> > > 4 The sequence must be re-startable.
>> > >
>> > > 5 No need for an even distribution or anything like that.
>> > >
>> > > My starting point was an algorithm like
>> > >
>> > > Nn+1=(P1*Nn+P2) mod P3
>> > >
>> > > P1,2,3 are primes P3 determining the magnitude of the
numbers generated
>> > >
>> > > Nn+1 the next number in the sequence
>> > >
>> > > But this seems to be full of holes.
>> > >
>> > > any ideas on an algo ?
>> >
>> > Go to http://www.ciphile.com and download OAR-L3: Original
>> > Absolutely Random - Level3 random number generator shareware
>> > software.
>> >
>> > Go to the Downloads Currently Available web page and
download the
>> > software directly. You will be able to generate more
random numbers
>> > than you could conceivably ever need.
>> >
>> > If used according to recommendations there is practicably
no chance
>> > anyone will be able to duplicate your random numbers.
>> >
>> > If you think you could use this software commercially,
email me.
>> >
>> > A.S.
>>
>> Unless you have a desire for keysetup to take a truly
ridiculous amount of time (
>> realisticly obtaining a the level of internal randomness you
desire is possible,
>> but this will take aproximately 1/2 to 1 full hour of your
time per keysetup)
>> OAP/OAR are not worth your while, and are in all probability
slower than an
>> optimized BBS generator.
>
>This reply post has a glimmer of intelligence within it.
>
>It may take an hour or even more to generate a suitable initial
>encryption data file key using OAP-L3 that will be used to
generate
>the initial (and secure) encryption Data FILE.
>
>(You need to be familiar with the software and how it generates
its
>random numbers to understand this process. Also consider that
with
>each subsequent generation of an encryption data file from a
previous
>encryption data file, the complete key continues to become
longer
>and longer (and increasingly more secure) since it builds on the
>previous key(s).)
>
>But once you do so, a subsequent encryption Data FILE can be
>generated from this now secure initial encryption Data FILE,
and any
>other subsequent encryption Data FILES can be generated from
the
>previously generated encryption Data FILE, thus each subsequent
>encryption Data FILE after this initial one will be much less
time
>consuming to generate.
>
>The current implementation requires that you generate all your
OTP
>files before you encrypt. You could generate many many
gigabytes of
>random data files and store them while your computer is not
being
>used for anything else, such as while you are sleeping.
>
>As far as speed of encryption goes, the actual encryption may
>actually be the fastest of any encryption software. It only
>involves XORing the original data file with the random number
files.
>Since the random number files have already been generated this
>process is quite fast.
Hey ever think that making the non-fake-pseudo-otp files will be
time consuming? Thus if I want to encode one message with the
non-fake-pseudo-otp software I have to *wait* to make the files
anyways?
Tom
===========================================================
Got questions? Get answers over the phone at Keen.com.
Up to 100 minutes free!
http://www.keen.com
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Subject: Re: 1-time pad is not secure...
Date: Sat, 12 Aug 2000 19:40:25 -0700
[EMAIL PROTECTED] wrote:
>
> Here's a different viewpoint.
>
> I think all the crypto-books are wrong. One-time pad is only secure
> based on the assumption that random numbers do exist.
>
> But can you prove that random numbers really exist? No.
> Can you generate truely random numbers? No.
>
> It's like 1/x tends to zero but you'll never get zero, if you use
> enough bytes to hold the number.
>
> One-time pad is only computationally secure, no difference than any
> other systems. The key-generating process may be duplicated, if not
> exactly, to some probability. And because the key is so long, getting
> at least a portion of the key right will be easier than in systems with
> a shorter key.
>
> Get the picture? You can duplicate the key-generating parameters:
> computer model, OS, PRNG, date, time, location, hardware, software,
> room temperature, humidity, magnetic field... The list goes on and on.
> Then the longer the key, the higher possibility that you'll get
> something right.
>
> --Sisi
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.
I replied to this line of reasoning some time ago.
A definition of "randomness" (ultimately) can be looked at as the
difficulty an observer, having limited information, has in
predicting the next outcome of a given process.
Thus the observer must analyze the process and make hypotheses and
test them so as to accurately predict the next outcome. To the
degree which the observer can predict the next outcome, the observer
can qualify and quantify the randomness of the process. Randomness
is relative.
There is more observed randomness in the universe for ignorant
people, and there is even more observed randomness in the universe
for stupid people.
(You can quote me on this.)
------------------------------
Subject: Re: Updated stream cipher
From: tomstd <[EMAIL PROTECTED]>
Date: Sat, 12 Aug 2000 19:40:12 -0700
[EMAIL PROTECTED] (David A. Wagner) wrote:
>Ok, one more comment, and I promise I'll stop.
Nah, I briefly looked at it and you seem to be on the right
track. Keep it up :)
>I noticed that Stepfive's state-update function is not
bijective.
>In other words, some information is lost as the cipher proceeds.
>(The information loss occurs exactly during the 'recursion'
steps.)
>
>How much information is lost, and is the loss problematic? I
don't know
>the answers to those questions. But it seems that these are
questions
>which deserve deeper investigation than I have time for myself.
Well maybe the OP can answer that.
Tom
===========================================================
Got questions? Get answers over the phone at Keen.com.
Up to 100 minutes free!
http://www.keen.com
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: 1-time pad is not secure...
Date: Sat, 12 Aug 2000 22:43:20 -0400
John Savard wrote:
> I looked up that paper you mentioned earlier, that spoke of backwards
> propagating waves as being the answer to many apparent "paradoxes" in
> quantum mechanics. I believe that idea is also paradoxical and
> unphysical in its own way - but I also think I heard or read somewhere
> that it was kicked around right at the very dawn of quantum mechanics,
> although I can't remember the details.
I think you're referring to Lewis Little's theory of "elementary
waves". There are some problems in his presentation, and he made
a serious mistake in claiming that his theory yields invariance
of the speed of light (his derivation assumed that in the way it
was formulated; Einstein once made the same mistake in a popular
exposition). However, Little's main idea seems very useful in
simplification of the analysis of many quantum systems; namely,
that coherence is inherent at the absorber and is connected with
the emitter in a time-reversed causal manner. The mathematical
consequences are identical to the standard formulation, but there
is no violation of classical logic or determinism along the path(s).
That essentially removes the paradoxes, by taking a different
point of view about causal connection.
Backward-time theory has indeed been proposed before, although not
the way Little did. Feynman, for example, took it seriously, and
it has been suggested that antiparticles can be treated formally
as regular particles traveling backward in time.
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Subject: Re: 1-time pad is not secure...
Date: Sat, 12 Aug 2000 19:44:35 -0700
[EMAIL PROTECTED] wrote:
>
> Here's a different viewpoint.
>
> I think all the crypto-books are wrong. One-time pad is only secure
> based on the assumption that random numbers do exist.
>
> But can you prove that random numbers really exist? No.
> Can you generate truely random numbers? No.
>
> It's like 1/x tends to zero but you'll never get zero, if you use
> enough bytes to hold the number.
>
> One-time pad is only computationally secure, no difference than any
> other systems. The key-generating process may be duplicated, if not
> exactly, to some probability. And because the key is so long, getting
> at least a portion of the key right will be easier than in systems with
> a shorter key.
>
> Get the picture? You can duplicate the key-generating parameters:
> computer model, OS, PRNG, date, time, location, hardware, software,
> room temperature, humidity, magnetic field... The list goes on and on.
> Then the longer the key, the higher possibility that you'll get
> something right.
>
> --Sisi
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.
And if you get one thing wrong, in general, you have no correlation
from which you could hope to then be able to make a subsequent and
more accurate guess of the key.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Crypto Related Professional Attitude
Date: Sat, 12 Aug 2000 22:57:23 -0400
> tomstd <[EMAIL PROTECTED]> wrote:
> > Why don't you guys ever participate even a little in sci.crypt?
Bob Silverman wrote:
> I can answer this ...
There is also the question, "Why should they?" What's in it for
them? Normal people don't enjoy relationships where they do all
the giving and others do all the taking.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
