LISTSERV - HP3000-L Archives

HP3000-L Archives

June 1998, Week 2

HP3000-L@RAVEN.UTC.EDU

	LISTSERV Archives
	HP3000-L Home
	HP3000-L June 1998, Week 2

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Encryption (Was: New version of QCTerm...)
From:	Wirt Atmar <[log in to unmask]>
Reply To:	[log in to unmask][log in to unmask]
Date:	Fri, 12 Jun 1998 20:05:58 EDT
Content-Type:	text/plain
Parts/Attachments:	text/plain (42 lines)

Gavin writes:

> Wirt again:
>  > With equal respect, let me disagree. All that you have to do to really
> make
>  > something "obfuscated" is intermix a great deal of randomness into an
>  > encrypted signal, paying special attention to make the random symbols
> carry
>  > the same informational entropy as the encoded data.
>
>  Ok, but are you willing to decrease the S/N ratio of your communications
>  link by an order of magnitude (or whatever) in order to do this?  Will the
>  customer be willing to pay for 10x the network bandwidth between the
>  client and 3000?
>
>  You still need to have some shared secret to initialize your pseudo-
>  random number generator with so that both ends agree on where the signal
>  is amongst all the noise.  Without something like this the signal will be
>  in the same place every time you start a new connection, and it becomes
>  relatively easy to figure out with a known plaintext attack.  Especially
>  at the start of a connection when the least information is available for
>  generating randomness but the most sensitive information (logon passwords)
>  are being exchanged.

That's exactly correct -- sortof. There are any number of variations possible.
In a purely chaotic system, the initial conditions are what drive the system
into a seemingly "random" state. That randomness can be added to the signal,
appropriately folding it around the alphabet when necessary, or it can be
"randomly" interspersed among the encoded signal, if you don't mind decreasing
the S/N ratio. In either case, the "randomness" can be subtracted losslessly.

The initial condition symbol could be in the first byte -- or it could be in
the 17th. If you never tell anyone how you've encoded the structure (i.e.,
where the initialization symbol is, the nature of chaotic oscillator, or the
encryption algorithm), it would be one tough nut to crack.

All you would need then do -- as they did for the engineers who built the
ancient palaces of Addis Ababa -- is kill the programmers so that they don't
reveal the location and keys to the secret passage ways.

Wirt Atmar

ATOM RSS1 RSS2

RAVEN.UTC.EDU