Tag: algol

Internet Encryption Algols are flawed- too little too late!

Some news from a paper I am reading- not surprised that RSA has a problem .

http://eprint.iacr.org/2012/064.pdf

Abstract. We performed a sanity check of public keys collected on the web. Our main goal was to test the validity of the assumption that di erent random choices are made each time keys are generated.We found that the vast majority of public keys work as intended. A more disconcerting fi nding is that two out of every one thousand RSA moduli that we collected off er no security.

 

Our conclusion is that the validity of the assumption is questionable and that generating keys in the real world for multiple-secrets” cryptosystems such as RSA is signi cantly riskier than for single-secret” ones such as ElGamal or (EC)DSA which are based on Die-Hellman.

Keywords: Sanity check, RSA, 99.8% security, ElGamal, DSA, ECDSA, (batch) factoring, discrete logarithm, Euclidean algorithm, seeding random number generators, K9.

and

 

99.8% Security. More seriously, we stumbled upon 12720 di erent 1024-bit RSA moduli that o ffer no security. Their secret keys are accessible to anyone who takes the trouble to redo our work. Assuming access to the public key collection, this is straightforward compared to more

traditional ways to retrieve RSA secret keys (cf. [5,15]). Information on the a ected X.509 certi cates and PGP keys is given in the full version of this paper, cf. below. Overall, over the data we collected 1024-bit RSA provides 99.8% security at best (but see Appendix A).

 

However no algol is perfect and even Elliptic Based Crypto ( see http://en.wikipedia.org/wiki/Elliptic_curve_cryptography#Fast_reduction_.28NIST_curves.29 )has a flaw called Shor http://en.wikipedia.org/wiki/Shor%27s_algorithm

Funny thing is ECC is now used for Open DNS


http://dnscurve.org/crypto.html

The DNSCurve project adds link-level public-key protection to DNS packets. This page discusses the cryptographic tools used in DNSCurve.

ELLIPTIC-CURVE CRYPTOGRAPHY

DNSCurve uses elliptic-curve cryptography, not RSA.

RSA is somewhat older than elliptic-curve cryptography: RSA was introduced in 1977, while elliptic-curve cryptography was introduced in 1985. However, RSA has shown many more weaknesses than elliptic-curve cryptography. RSA’s effective security level was dramatically reduced by the linear sieve in the late 1970s, by the quadratic sieve and ECM in the 1980s, and by the number-field sieve in the 1990s. For comparison, a few attacks have been developed against some rare elliptic curves having special algebraic structures, and the amount of computer power available to attackers has predictably increased, but typical elliptic curves require just as much computer power to break today as they required twenty years ago.

IEEE P1363 standardized elliptic-curve cryptography in the late 1990s, including a stringent list of security criteria for elliptic curves. NIST used the IEEE P1363 criteria to select fifteen specific elliptic curves at five different security levels. In 2005, NSA issued a new “Suite B” standard, recommending the NIST elliptic curves (at two specific security levels) for all public-key cryptography and withdrawing previous recommendations of RSA.

Some specific types of elliptic-curve cryptography are patented, but DNSCurve does not use any of those types of elliptic-curve cryptography.

No wonder college kids are hacking defense databases easily nowadays!!

A Noisy Algorithm

Here is something I created while having sea food at Pier 39 in San Fransisco-

Creating an algorithm for distorting predictive models by generating random noise ( either amplified or reduced sample).

Applications-

“If you can not convince them, confuse them”

  1. Generating white noise like signals to fake and distort noise and signal ratios
  2. Aggressive merger and acquisitions negotiations
  3. Media and Entertainment _                                     (Create Marketing Buzz/ Tabloid /Hype/ Fear , Uncertainty Doubt)
  4. National Security -( Kill _all_ the Terrorists with Love –                        black,brown,yellow,olive,white,blue,red …)
  5. Dating                                                                 (as in u2’s sweetest thing- Brown Eyed Boy meets Blue Eyed Girl)

The 0 1-1 1R 1 Algorithm

  1. Define Initial Position (i.e Use 6 sigma Define step)
  2. Take ANY Step 1 (i.e take a walk, make a phone call)
  3. Repeat ANY Step 1 again
  4. Do ANY Step 2 which is an opposite to ANY Step 1 in directional and /or  magnitude ( maybe time, or x,y,z and T ) vector to Any Step 1
  5. Return to Initial Position
  6. Loop the above 5 steps R times.

A detailed work flow would be followed by a simple diagram.

An earlier attempt to mash creativity with science as far back as July 2008 was the now redundant Ohri Framework

at https://decisionstats.wordpress.com/?s=ohri+framework (note WordPress timestamps can be manipulated so Google cache remains the true source of time series analysis of posts except when affected by black hat SEO )

%d bloggers like this: