Burton Rosenberg writes:
> There is the concept of Kolomogorov complexity, the size of the
> smallest algorithm that can generate the message. A perfectly
> compressed message would have Kolomogorov complexity
> equal to itself.
>
> Kolomogorov complexity does have a freedom in its definition,
> b
There is the concept of Kolomogorov complexity, the size of the
smallest algorithm that can generate the message. A perfectly
compressed message would have Kolomogorov complexity
equal to itself.
Kolomogorov complexity does have a freedom in its definition,
but the exciting thing is that any two
Single DES is obviously a mistake - the "24 hours/$200K"
limit is so closely what it took to crack DES,
using either the EFF's ~$250K cracker or
Distributed.net's internet-based crack,
that it's clearly referring to DES.
Back when DES was _designed_, it was computationally
secure, for values of "
"Perfect compression" doesn't make sense anyway. Perfection of
compression (as with entropy) can be expressed only relative to a specific
probability distribution of possible inputs. Once you have specified
such a probability distribution, you can evaluate how well a particular
compression algor
On Thu, Jan 04, 2001 at 01:23:30AM +, Paul Crowley wrote:
> Peter Fairbrother <[EMAIL PROTECTED]> writes:
> > Not so. Perfect compression with encryption works too.
>
> Er, does it? I get a 1k message from you, perfectly compressed and
> then encrypted with some strong algorithm and a 128-bi
Paul Crowley <[EMAIL PROTECTED]> writes:
> Peter Fairbrother <[EMAIL PROTECTED]> writes:
> > Not so. Perfect compression with encryption works too.
>
> Er, does it? I get a 1k message from you, perfectly compressed and
> then encrypted with some strong algorithm and a 128-bit key. As a
> godli
At 10:38 PM + 1/3/2001, Peter Fairbrother wrote:
>on 3/1/01 9:25 pm, Greg Rose at [EMAIL PROTECTED] wrote:
>
> > At Crypto a
>> couple of years ago the invited lecture gave some very general results
>> about unconditionally secure ciphers... unfortunately I can't remember
>> exactly who gave t
A couple of people have taken me to task for complicating the question
about One Time Pads. The purpose of my original text was just to say that
yes, there are other useful and deployed algorithms out there that have
unconditional security, and that it is not the case that One Time Pads are
sp
Peter Fairbrother <[EMAIL PROTECTED]> writes:
> Not so. Perfect compression with encryption works too.
Er, does it? I get a 1k message from you, perfectly compressed and
then encrypted with some strong algorithm and a 128-bit key. As a
godlike being unhindered by constraints of computational po
On Wed, 3 Jan 2001, Peter Fairbrother wrote:
>on 3/1/01 9:25 pm, Greg Rose at [EMAIL PROTECTED] wrote:
>> Goldreich... forgive me if I'm wrong. The important result, though, was
>> that you need truly random input to the algorithm in an amount equal to the
>> stuff being protected, or you cann
Peter Fairbrother wrote:
> > At Crypto a
> > couple of years ago the invited lecture gave some very general results
> > about unconditionally secure ciphers... unfortunately I can't remember
> > exactly who gave the lecture, but I think it might have been Oded
> > Goldreich... forgive me if I'm wr
Greg Rose wrote:
>
> At 03:06 PM 1/3/2001 -0500, John Young wrote:
> >Yes, the one-time pad. However, I wondered if Smith
> >was hinting at another cipher(s) not yet publicized,
> >perhaps computational -- or more exotic technology
> >such as quantum, DNA, ultra-spectral and beyond.
>
> It alway
on 3/1/01 9:25 pm, Greg Rose at [EMAIL PROTECTED] wrote:
> At 03:06 PM 1/3/2001 -0500, John Young wrote:
>> Yes, the one-time pad. However, I wondered if Smith
>> was hinting at another cipher(s) not yet publicized,
>> perhaps computational -- or more exotic technology
>> such as quantum, DNA, ul
At 03:06 PM 1/3/2001 -0500, John Young wrote:
>Yes, the one-time pad. However, I wondered if Smith
>was hinting at another cipher(s) not yet publicized,
>perhaps computational -- or more exotic technology
>such as quantum, DNA, ultra-spectral and beyond.
It always amazes me that people single out
dmolnar <[EMAIL PROTECTED]> writes:
> On Wed, 3 Jan 2001, Ben Laurie wrote:
>
> > > A cipher is Conditionally Computationally Secure
> > > (CCS) if the cipher could be implemented with keys
> > > that are not quite "long enough" or with not quite
> > > "enough" rounds to warrant a CS rating. Exa
Yes, the one-time pad. However, I wondered if Smith
was hinting at another cipher(s) not yet publicized,
perhaps computational -- or more exotic technology
such as quantum, DNA, ultra-spectral and beyond.
The workshop's purpose was to discuss what security
standards might be established to assure
On Wed, 3 Jan 2001, Ben Laurie wrote:
> > A cipher is Conditionally Computationally Secure
> > (CCS) if the cipher could be implemented with keys
> > that are not quite "long enough" or with not quite
> > "enough" rounds to warrant a CS rating. Examples:
> > SKIPJACK and RSA.
This seems a bit
John Young wrote:
>
> Last summer, at a workshop on "Security Metrics," conducted
> by NIST's Computer System Security and Privacy Advisory
> Board, Landgrave Smith, Institute of Defense Analysis, reported
> on a pilot study of "the metrics used for determining the
> strength of cryptography."
>
As I suppose others on the list have pointed out by now, he is just
plain wrong about DES.
DES is not computationally secure in this terminology. It is either
Conditionally Computationally Secure or Weak.
Bear
On Wed, 3 Jan 2001, John Young wrote:
>Last
Last summer, at a workshop on "Security Metrics," conducted
by NIST's Computer System Security and Privacy Advisory
Board, Landgrave Smith, Institute of Defense Analysis, reported
on a pilot study of "the metrics used for determining the
strength of cryptography."
http://csrc.nist.gov/csspab/j
20 matches
Mail list logo
