http://www.metafilter.com/5916// Comments on MetaFilter post Comments on 5916 Tue, 20 Feb 2001 09:29:12 -0800 Tue, 20 Feb 2001 09:29:12 -0800 en-us http://blogs.law.harvard.edu/tech/rss 60 http://www.metafilter.com/5916/ <a href="http://c.moreover.com/click/here.pl?x15609025">The Key Vanishes: Scientist Outlines Unbreakable Code [NEW YORK TIMES - free reg required]</a> <br><i>In essence, the researcher, Dr. Michael Rabin and his Ph.D. student Yan Zong Bing, have discovered a way to make a code based on a key that vanishes even as it is used. While they are not the first to have thought of such an idea, Dr. Rabin says that never before has anyone been able to make it both workable and to prove mathematically that the code cannot be broken.</i><br> <br>Once this gets out, the debate on exporting strong crypto would seem to be essentially over. post:www.metafilter.com,2001:site.5916 Tue, 20 Feb 2001 09:17:38 -0800 mikewas MichaelRabin YanZongBing mathematics cryptography science unbreakable code brokenlink http://www.metafilter.com/5916/#51381 Actually, there's less there than meets the eye. <a href="http://cryptome.org/key-poof.htm">This page</a> reprints the article and then includes some insightful commentary on it. comment:www.metafilter.com,2001:site.5916-51381 Tue, 20 Feb 2001 09:29:12 -0800 Steven Den Beste http://www.metafilter.com/5916/#51385 I don't get how this is a new idea. It's just a "one-time pad", one of the simplest methods of encryption, combined with a suggestion for a method of getting the one-time pad bits. Yes, it's theoretically unbreakable, since the key is the same length as the message (you could provide a different key that would make the ciphertext decrypt to something else). However, the fact that this scheme is not susceptible to a cryptanalytic attack doesn't mean it can't be attacked at all. All an attacker has to do is figure out how to interpret your "start getting random bits from source X at time Y" messages, and be able to record any bitstream that's coming into your home. There really aren't that many bitstreams that can practically be received by two people at distant locations in exactly the same form. If you tap their phone line, their Internet connection, the connection to their satellite dish, and record all TV and radio signals they can pick up, you're pretty much set. (Remember you have to be tapping something somehow to intercept the message in the first place.) comment:www.metafilter.com,2001:site.5916-51385 Tue, 20 Feb 2001 09:40:56 -0800 mcguirk http://www.metafilter.com/5916/#51406 I am amazed at the tone of this article, and of Dr. Lipton's. There's nothing new here, other than an efficient (???) way to share the pad. <i>as a computer scientist, he appreciated the proof that the code could not be broken.</i> It's pretty goddam obvious that a pad as long as the plaintext is unbreakable. I'm no "computer scientist," (yet) but that's old news. comment:www.metafilter.com,2001:site.5916-51406 Tue, 20 Feb 2001 10:42:33 -0800 sonofsamiam http://www.metafilter.com/5916/#51411 New to me, and sounds pretty cool. Not everybody knows stuff about computer code and cryptography! comment:www.metafilter.com,2001:site.5916-51411 Tue, 20 Feb 2001 11:03:21 -0800 gramcracker http://www.metafilter.com/5916/#51428 Wow! This method of encryption is so good, I can't even access the <I>webpage</I> about it! (then again, maybe the site was just down...) comment:www.metafilter.com,2001:site.5916-51428 Tue, 20 Feb 2001 11:59:26 -0800 astro38 http://www.metafilter.com/5916/#51471 I think the thrust of the article is slightly different than represented by the commentary Steven pointed to. The point isn't really whether someone can de-crypt the message simultaneously; it's whether someone can come in after the fact - say, an Independent Counsel - and access your key codes to decrypt the message. The key codes are gone. Of course, that's the functional equivalent of locking your data in a tamper-proof safe and then melting down the key. The IC can't get it, but neither can you. Hmm. comment:www.metafilter.com,2001:site.5916-51471 Tue, 20 Feb 2001 13:38:16 -0800 mikewas http://www.metafilter.com/5916/#51480 Hmm. Mercury Rising? Anyone? And if you delete the key, how do you DECRYPT it? and what's the point if you can't decrypt it? comment:www.metafilter.com,2001:site.5916-51480 Tue, 20 Feb 2001 14:04:41 -0800 eljuanbobo http://www.metafilter.com/5916/#51495 Mike, it doesn't protect you against a search warrant. The only way the receiver can decrypt the message is if he does so as he's receiving it, and then stores the result <i>in clear</i> on his computer if he chooses to keep it. If it gets stored encrypted, the receiver is in exactly the same bind as anyone else, because the key is gone. He only gets one chance to decrypt, and it has to be done right away. comment:www.metafilter.com,2001:site.5916-51495 Tue, 20 Feb 2001 14:30:00 -0800 Steven Den Beste http://www.metafilter.com/5916/#51581 <i>Not everybody knows stuff about computer code and cryptography!</i> And that's the problem. Public-key encryption is a neat (and for most purposes secure) way to give your email the protection of, say, an envelope for a letter. And yet because crypto is presented as "hard" and "involves mathematics", and because strong crypto is a political firecracker, it's still a pain in the arse to use it. (The two, I suspect, are not disconnected.) Anyway, that's why <a href="http://www.stand.org.uk">STAND</a> was formed: to provide an alternative source of information for those poor MPs who automatically link encryption to "terrorists, child pornographers and drug smugglers". comment:www.metafilter.com,2001:site.5916-51581 Tue, 20 Feb 2001 17:52:13 -0800 holgate http://www.metafilter.com/5916/#51607 "This message will self-destruct in 5 seconds"..... hehe comment:www.metafilter.com,2001:site.5916-51607 Tue, 20 Feb 2001 19:20:42 -0800 PWA_BadBoy