Infinite One-Time Pad, is this product BS?
Ohm
I was searching for real One Time Pad encryption software and I came
across this product called Infinite One-Time Pad (IO-TP).
I have been reading their FAQ and it sounds like a load of BS, but
I wanted a confirmation from someone who understands how this stuff
works.
I will post some of their FAQ here so there is no need to visit
their website.
------------------------
Infinite One-Time Pad (IO-TP)
http://www.hiddentools.com/io-tp/
Infinite One-Time Pad (IO-TP) is super secure text encryption and
decryption software. It implements the concept of the true One-Time Pad to
produce a ciphertext that is unbreakable. This software solves the problem
of key distribution and random key generation.
Instead of using a perfect random key, the key material is obtained from
any file of your choice. An image file of size 300 KB (jpg) for example is
more than enough for most messages. Infinite One-Time Pad uses series of
different irreversible algorithms to transform the extracted key. The
calculations cannot be reversed and the transformed key has high
unpredictability similar to a perfect random key. The transformation
depends on the secret code and the password used. Infinite number of keys
can be generated from a single key file by using different passwords. This
is why it is called Infinite One-Time Pad. It has the strength of the True
One-Time Pad and yet, easier to use and implement.
FAQ
Main Features:
Unbreakable Encryption - Text encrypted with Infinite One Time Pad is
invulnerable to cryptanalytic attacks.
Built-in Authentication System - You have the option to include origin
data such as IP Address, Document Hash Code, Encryption Date, and more.
The selected data will be encrypted automatically together with the text
and will be used to verify the authenticity of the ciphertext.
Hexadecimal and Base64 Encoding - The cipher text format can be either
hexadecimal or base64. These formats are printable and can be delivered
via e-mail.
There are 5 protections available. Those in red font are under your
control.
Compression - The plain text is compressed in memory to eliminate
regularities. This eliminates patterns in the frequency of the occurrence
of a specific character in the text.
Secret Key File - You can use any file as a source of key material. The
software extracts the non-redundant characters and applies irreversible
algorithms to produce a unique key with high entropy that is equal in
length with the compressed text.
Secret Code - You can create a new secret code so that the software will
use this value every time you encrypt a text. The secret code is used to
transform the input text and the key. Every single character of the secret
code is used in the transformation. The number of transformations is equal
to the length of the secret code.
Key Modification - You can insert words or characters to the key for
additional protection.
Password - The password transforms the input text and the key. Every
single character of the password is used in the transformation. The number
of transformations is equal to the length of the password.
FAQ 2
Perfect randomness is often viewed as a stringent requirement to attain
perfect secrecy. This is true in the case of One-Time Pad.
To attain Shannon Security, a key should be perfectly unpredictable random
data. Perfect randomness is applicable to the True One-Time Pad simply
because the key is directly applied with the plain text hence it is
vulnerable to cryptanalytic attacks. If the key material is not truly
random, the ciphertext could leak information and the message could be
deduced eventually.
Perfect randomness cannot be attained using Pseudo Random Generators
(PRNG's) or any algorithms. The output could appear random but the
security only lies with the seed of the PRNG which could be subjected to
exhaustive attacks. If a secret algorithm is used on software, a clever
hacker could possibly analyze and derive the algorithm. Secure encryption
software therefore must not rely on the secrecy of the methods or
algorithms used.
Absolute randomness is not the only key to perfect secrecy. Belief to the
contrary is a delusion.
Infinite One-Time Pad implements the use of any file as a source of key
material. To generate a key with unpredictable data from a key file, the
algorithm must be irreversible. Cryptanalysts must not be able to
determine the original key even if both the algorithm and the transformed
key are known. If this is met, even a simple text file could be used as a
source of secure key material.
Infinite One-Time Pad works on both the key and the plain text to produce
a ciphertext that cannot be analyzed. The plain text is compressed and
transformed. The key is also transformed using series of different
irreversible algorithms. The compression information is already lost and
cannot be recovered from the ciphertext.
The attacker must provide the exact key or else it will fail to
decompress. It is impossible for an attacker to reconstruct the exact key
by any means. Ciphertext generated using Infinite One-Time Pad does not
leak information hence; perfect randomness is not a stringent requirement.
The key transformed using the irreversible algorithms has high
unpredictability. Moreover, if password protection is used, the ciphertext
cannot be broken by brute force. If the password is wrong, it will fail to
decompress even if the key is correct.
(Further information at http://www.hiddentools.com/io-tp/)
unruh
As soon as they say they are not using a perfect random key, it is not a
one time pad. a) They have to make sure that both sides have
"the file of your choice" and the key. the secret code is NOT secret.
Anyone worth his salt as an adversary will discover what that secret
code is. The fact that the transformation (hash?) cannot be reveresed
is irrelevant. If we map all bytes down to the single byte 0, that
transformation cannot be reveresed, but it is sure not a very secure
transofmation.
It does NOT have the strength of a one time pad.
>
> FAQ
>
> Main Features:
>
> Unbreakable Encryption - Text encrypted with Infinite One Time Pad is
> invulnerable to cryptanalytic attacks.
False.
>
> Built-in Authentication System - You have the option to include origin
> data such as IP Address, Document Hash Code, Encryption Date, and more.
> The selected data will be encrypted automatically together with the text
> and will be used to verify the authenticity of the ciphertext.
How will that authenticate it? I as your adversary can include the same
infomations in files I send you, pretending to be you.
>
> Hexadecimal and Base64 Encoding - The cipher text format can be either
> hexadecimal or base64. These formats are printable and can be delivered
> via e-mail.
>
> There are 5 protections available. Those in red font are under your
> control.
>
> Compression - The plain text is compressed in memory to eliminate
> regularities. This eliminates patterns in the frequency of the occurrence
> of a specific character in the text.
So what? This is of no help if you have a decent encryption program.
>
> Secret Key File - You can use any file as a source of key material. The
> software extracts the non-redundant characters and applies irreversible
> algorithms to produce a unique key with high entropy that is equal in
> length with the compressed text.
And how does the person you communicate with get that "secret key file"?
>
> Secret Code - You can create a new secret code so that the software will
> use this value every time you encrypt a text. The secret code is used to
> transform the input text and the key. Every single character of the secret
> code is used in the transformation. The number of transformations is equal
> to the length of the secret code.
????
>
> Key Modification - You can insert words or characters to the key for
> additional protection.
This helps how?
>
> Password - The password transforms the input text and the key. Every
> single character of the password is used in the transformation. The number
> of transformations is equal to the length of the password.
>
> FAQ 2
>
> Perfect randomness is often viewed as a stringent requirement to attain
> perfect secrecy. This is true in the case of One-Time Pad.
>
> To attain Shannon Security, a key should be perfectly unpredictable random
> data. Perfect randomness is applicable to the True One-Time Pad simply
> because the key is directly applied with the plain text hence it is
> vulnerable to cryptanalytic attacks. If the key material is not truly
> random, the ciphertext could leak information and the message could be
> deduced eventually.
>
> Perfect randomness cannot be attained using Pseudo Random Generators
> (PRNG's) or any algorithms. The output could appear random but the
> security only lies with the seed of the PRNG which could be subjected to
> exhaustive attacks. If a secret algorithm is used on software, a clever
> hacker could possibly analyze and derive the algorithm. Secure encryption
> software therefore must not rely on the secrecy of the methods or
> algorithms used.
>
> Absolute randomness is not the only key to perfect secrecy. Belief to the
> contrary is a delusion.
The write of this is deluded.
>
> Infinite One-Time Pad implements the use of any file as a source of key
> material. To generate a key with unpredictable data from a key file, the
> algorithm must be irreversible. Cryptanalysts must not be able to
> determine the original key even if both the algorithm and the transformed
> key are known. If this is met, even a simple text file could be used as a
> source of secure key material.
??? The algorithm must be irreversible why? And irreversibility does
nothing magic.
>
> Infinite One-Time Pad works on both the key and the plain text to produce
> a ciphertext that cannot be analyzed. The plain text is compressed and
Anything can be analyzed.
> transformed. The key is also transformed using series of different
> irreversible algorithms. The compression information is already lost and
> cannot be recovered from the ciphertext.
Then how does the recipient recover the message, since all the
information is lost?
>
> The attacker must provide the exact key or else it will fail to
> decompress. It is impossible for an attacker to reconstruct the exact key
> by any means. Ciphertext generated using Infinite One-Time Pad does not
Just try them all. One of them will work.
> leak information hence; perfect randomness is not a stringent requirement.
> The key transformed using the irreversible algorithms has high
> unpredictability. Moreover, if password protection is used, the ciphertext
> cannot be broken by brute force. If the password is wrong, it will fail to
> decompress even if the key is correct.
>
> (Further information at http://www.hiddentools.com/io-tp/)
Yes, it is nonesense. That does not mean that it is not a good
encryption algorithm. There is no information here to be able to say if
it is any good. However, the obvious either ignorance or deception of
the writers make one doubt strongly that it is any good.
rossum
>
>I was searching for real One Time Pad encryption software and I came
>across this product called Infinite One-Time Pad (IO-TP).
By definition a One Time Pad must be infinite so the fact that they
feel it neccessary to state it is probably not a good sign.
>
>I have been reading their FAQ and it sounds like a load of BS, but
>I wanted a confirmation from someone who understands how this stuff
>works.
>
>I will post some of their FAQ here so there is no need to visit
>their website.
>
>
>------------------------
>Infinite One-Time Pad (IO-TP)
>http://www.hiddentools.com/io-tp/
>
>
>Infinite One-Time Pad (IO-TP) is super secure text encryption and
>decryption software. It implements the concept of the true One-Time Pad to
>produce a ciphertext that is unbreakable. This software solves the problem
>of key distribution and random key generation.
>
>Instead of using a perfect random key, the key material is obtained from
>any file of your choice.
Ding! If it is not a "perfect random key" then it is not a One Time
Pad. The OTP *requires* a 'perfect random key'.
>Infinite number of keys can be generated from a single key file by using
>different passwords.
Bullshit. That requires an infinite length password and an infinite
length hash. 2^128 != oo More snake oil.
This is not a One Time Pad, so to that extent it is snake oil. It may
or may not be a secure cypher, but I would not be inclined to risk
using it without a lot of further study. Safer to use one of the more
established cyphers.
The idea of using existing files as a key is not new, and can be used
to make a secure cypher, see Maurer:
ftp://ftp.inf.ethz.ch/pub/crypto/publications/Maurer92b.pdf
rossum
Richard Outerbridge
rossum <ross...@coldmail.com> wrote:
What if one were to take Marsglia's recent Super_KISS generator?
The internal states seem to me to be:
superKISS32 internal state
Q[] 41265 * 32 = 1320480
carry 1 * 32 = 32
xcng 1 * 32 = 32
xs 1 * 32 = 32
indx 1 * 15.33 = 15
More-or-less ~1320591 bits
superKISS64 internal state
Q[] 20632 * 64 = 1320448
carry 1 * 64 = 64
xcng 1 * 64 = 64
xs 1 * 64 = 64
indx 1 * 14.33 = 14
More-or-less ~1320654 bits
Now, obviously, 1320000 bits is nowhere close to infinity,
but it's easily conveyed, transported and pre-established.
If SuperKISS is all Marsaglia claims it to be, why couldn't
it form the basis of a practical, unbreakable, one-time-pad
system?
The usual caveats apply.
outer
--
"Sim, Sim, Salabim!"
rossum
<ou...@interlog.com> wrote:
>Now, obviously, 1320000 bits is nowhere close to infinity,
>but it's easily conveyed, transported and pre-established.
>
>If SuperKISS is all Marsaglia claims it to be, why couldn't
>it form the basis of a practical, unbreakable, one-time-pad
>system?
It could possibly be the basis of a perfectly good practical stream
cypher. It could never be a One Time Pad. If there is no TRNG
involved then there is no OTP either. KISS may well be a very good
PRNG but it is not a TRNG.
rossum
Mok-Kong Shen
> Richard Outerbridge wrote:
>
>> Now, obviously, 1320000 bits is nowhere close to infinity,
>> but it's easily conveyed, transported and pre-established.
>>
>> If SuperKISS is all Marsaglia claims it to be, why couldn't
>> it form the basis of a practical, unbreakable, one-time-pad
>> system?
> It could possibly be the basis of a perfectly good practical stream
> cypher. It could never be a One Time Pad. If there is no TRNG
> involved then there is no OTP either. KISS may well be a very good
> PRNG but it is not a TRNG.
I use to think that one should (in practice) be content with
(reasonably) sufficiently high practical security. For the theoretical
perfect security of OTP is by its nature never (in the absolute sense)
practically achievable for diverse practical reasons. (One well-known
practical attempt to use OTP that badly failed was Vernona.)
M. K. Shen
unruh
Why couldn't a horse be a jet fighter? There is a definition of a one
time pad, and it is what is provably unbreakable. What you describe is
NOT unbreakable in theory. It may be hard to break and may be a good
practical cypher, but it is not a one time pad and is not unbreakable.
unruh
> rossum wrote:
>> Richard Outerbridge wrote:
>>
>>> Now, obviously, 1320000 bits is nowhere close to infinity,
>>> but it's easily conveyed, transported and pre-established.
>>>
>>> If SuperKISS is all Marsaglia claims it to be, why couldn't
>>> it form the basis of a practical, unbreakable, one-time-pad
>>> system?
>> It could possibly be the basis of a perfectly good practical stream
>> cypher. It could never be a One Time Pad. If there is no TRNG
>> involved then there is no OTP either. KISS may well be a very good
>> PRNG but it is not a TRNG.
>
> I use to think that one should (in practice) be content with
> (reasonably) sufficiently high practical security. For the theoretical
That may be true, but is also irrelevant. There is a definiton of a one
time pad and it is a cypher which obeys that definition which is
theoretically unbreakable. Many people want to pretend to hide under
that umbrella, and make unwarranted and extravagant claims for their own
cypher. As soon as they do so, one knows they are incompetent, and
should not be trusted to hide the Easter eggs, never mind something more
serious.
> perfect security of OTP is by its nature never (in the absolute sense)
> practically achievable for diverse practical reasons. (One well-known
> practical attempt to use OTP that badly failed was Vernona.)
That may be. So why try to claim that you have achieved it, except to
commit fraud.
>
> M. K. Shen
>
Jens Stuckelberger
> (One well-known practical attempt to use OTP that badly failed was
> Vernona.)
That depends on your definition of "badly failed." Between '42
and '48 just a few thousands, out of hundreds of thousands, of
intercepted Soviet messages were decrypted - most of them only partially
so. After '48, zilch. The Soviets might claim that this just not was 100%
successful - not quite the same as "badly failed."
rossum
>One well-known practical attempt to use OTP that badly failed was Vernona.
That was Venona. It failed because they reused some of the random
key. Reusing some key breaks the OTP proof. An XOR cypher with a
repeated key is very weak.
rossum
Richard Outerbridge
unruh <un...@wormhole.physics.ubc.ca> wrote:
> Why couldn't a horse be a jet fighter? There is a definition of a one
> time pad, and it is what is provably unbreakable. What you describe is
> NOT unbreakable in theory. It may be hard to break and may be a good
> practical cypher, but it is not a one time pad and is not unbreakable.
You are absolutely correct. My bad.
outer
Earl_Colby_Pottinger
all the files on your system (off-site backups, break and enter then
copying your hard drive, maybe even just a directory dump if he knew
the source of your original files (internet anyone), outside
monitoring of larger downloads) then your software is only protected
by the strenght of your password!
Considering that people who would usually fall for this type of hype
will probably not use strong (large) passwords, a simple brute force
search may be very fast. And this assumes the password hashing part
of the code is good.
If it is not then a lot of possible passwords will collide and the
searching for a useful password will be even faster.
Earl Colby Pottinger
Mok-Kong Shen
> Why couldn't a horse be a jet fighter? There is a definition of a one
> time pad, and it is what is provably unbreakable. What you describe is
> NOT unbreakable in theory. It may be hard to break and may be a good
> practical cypher, but it is not a one time pad and is not unbreakable.
Unbreakable cipher (in the "absolute" sense) is in my humble view like
the status of God. One could perhaps hope to achieve that but it is
"practically" unachievable. Another analogy is the summation of a
convergent series, where the theoretical limit could be approached but
never exactly reached in the computing process. So why not be practical
in mind and set for oneself some reasonalbe and a little bit more humble
goal in "practical" encryption?
M. K. Shen
unruh
> unruh wrote:
>
>> Why couldn't a horse be a jet fighter? There is a definition of a one
>> time pad, and it is what is provably unbreakable. What you describe is
>> NOT unbreakable in theory. It may be hard to break and may be a good
>> practical cypher, but it is not a one time pad and is not unbreakable.
>
> Unbreakable cipher (in the "absolute" sense) is in my humble view like
> the status of God. One could perhaps hope to achieve that but it is
> "practically" unachievable. Another analogy is the summation of a
No. A one time pad is provably unbreakable (simply because any cleartext
of the same size can be obtained from any encrypted text with the right
key). It is not "proactially unachievable. It is relativel y easy to
achieve. the problem is the key-- it can never be reused and you have to
find some way of transproting the key to the recipient, and the key has
to be at least as large as the message. Those are real problems, and are
why the OTP is not used.
> convergent series, where the theoretical limit could be approached but
> never exactly reached in the computing process. So why not be practical
> in mind and set for oneself some reasonalbe and a little bit more humble
> goal in "practical" encryption?
Of course. But that is not a one time pad and is not unbreakable. It may
be useful, it may be far more useful than a OTP, but it is not a OTP and
is not theoretically unbreakable.
adacrypt
> I was searching for real One Time Pad encryption software and I came
> across this product called Infinite One-Time Pad (IO-TP).
>
> I have been reading their FAQ and it sounds like a load of BS, but
> I wanted a confirmation from someone who understands how this stuff
> works.
>
> I will post some of their FAQ here so there is no need to visit
> their website.
>
> ------------------------
Hi, There is a modernised One-Time Pad cipher called ASCII_Pad on my
website that you might find interesting - I can demonstrate true
randomness on keys up to 14250 characters long => that message length
- see "principles of Modernising the OTp" also on the same website"
also - Cheers - adacrypt
adacrypt
>
> - Show quoted text -
Forgot to include => http://www.adacrypt.com - adcrypt
john
> UNRUH,
It seems that you haven't got any clue of what the software is all
about dude! (as you've shown your no-know how on how to use it, I bet
you haven't got the real copy of it that you purely derived your
comment according to what the advertisement say - well, try
downloading one to see the real Infinite One Time Pad)
I've just downloaded the free version and looking forward to buying
the software as I've not seen any cracked version anywhere deep in the
internet... well, it seems that nobody can crack it lol!. I can say
that the software's encryption is very hard to decrypt as firstly,
you'll be using any file of your choice (your windows folder alone
contains thousands of different files and a single file contains
numbers of characters) and f*ck knows what file you've used..
secondly, the IOTP gives you the corresponding encryption of that file
(usually tens and hundreds of different characters and symbols) which
also gives you an opportunity to mixed it with letters/numbers of your
choice... and thirdly, you can finally seal it with a key-password of
your choice in which the encryption gives you back different
combination per single entry!... so how on earth can you break that???
Quite a complicated process eh? Well, that makes it unbreakable...
Neither a combination of multiple famous enigma machines can able to
match it... so how the other party can decypher it? - simple - the
process of decrypting is also the process of encypting ... problem
with the file? well, send the file to other party, that's it!
john
shouldn't be an issue in today's computing age. The optimized power of
the enigma machine is only equivalent to today's bit of a very simple
computer program. If we look vividly to today's technology, there's
far more interesting thing to consider than the "perfect random key"
of old... Shannon's view of perfect randomness is not suitable to
todays computing world... further reading: http://arxiv.org/ftp/arxiv/papers/0709/0709.4420.pdf
john
TIME PAD MYSELF TO BE SCRAPPED AS SOON AS POSSIBLE AT ALL COST!
/
gJU3cv2ImjxJ8XO1JlQfuREm8bRFWLy8rijbrMLbR9L7AMlolzxdTS6JCEiR01jLAcMKLeIeSj3
HxADGHdM3HJjyU9+PdGHsrPVjJyWtqYNTbBF/
5HA8tYAvhuX7sl48YK1Qs75y9b4LOJ2nqv0vdbj
ybioPsdML0rx++pEU0DBPkgCsYXYUPnjq90npZCg9eKMWCYOGnru6O/
1TguouPvx80WyCuI=
Peter Fairbrother
> IF THIS CAN BE DECRYPTED; I WILL ASK THE DEVELOPER OF INFINITE ONE-
> TIME PAD MYSELF TO BE SCRAPPED AS SOON AS POSSIBLE AT ALL COST!
I thought you were the clueless newbie developer?
(and it's total BS btw)
-- Peter Fairbrother
john
I am not a developer dude, I wish I was... even a clueless newbie
developer as you say at least...
I just like the strength of the software so I'm a sympathizer for
it... and I wouldn't call it a total BS without any supporting/
credible reason though.. if it is a total BS btw, anybody in the
internet world can decrypt the above encrypted code for me please?????
'just a bit of game, Thank you.
Richard Herring
<zenad...@zen.co.uk> writes
>john wrote:
>> IF THIS CAN BE DECRYPTED; I WILL ASK THE DEVELOPER OF INFINITE ONE-
>> TIME PAD MYSELF TO BE SCRAPPED AS SOON AS POSSIBLE AT ALL COST!
>
>I thought you were the clueless newbie developer?
No, he's the reviewer. From the web site:
"I am convinced that Infinite One-Time Pad is really a super text
encrypter. No doubt, nobody could ever break the tough protections. I
can now send confidential e-mails without any worry. Thanks for this
great software.
--John"
So that's all right then.
>
>(and it's total BS btw)
>
--
Richard Herring
john
> >I thought you were the clueless newbie developer?
>
> No, he's the reviewer. From the web site:
>
> "I am convinced that Infinite One-Time Pad is really a super text
> encrypter. No doubt, nobody could ever break the tough protections. I
> can now send confidential e-mails without any worry. Thanks for this
> great software.
> --John"
>
> So that's all right then.
>
>
>
> >(and it's total BS btw)
>
> --
> Richard Herring
Wow! That's a part of my comment I've sent to hiddentools.com ages
ago, I've not seen that, I don't even know it's there - good you've
shown me - thanks Richard, funny huh! Hiddentools.com should give me
the software FREE!!! for putting my name on it grrrrrr!... You've at
least decrypted who I am but the above code isn't yet decrypted, not
in million years anyway....
- John Springfield
Richard Herring
<503a8dc7-0564-4a7b...@m16g2000yqc.googlegroups.com>,
john <penet...@yahoo.com> writes
>>
>> >I thought you were the clueless newbie developer?
>>
>> No, he's the reviewer. From the web site:
>>
>> "I am convinced that Infinite One-Time Pad is really a super text
>> encrypter. No doubt, nobody could ever break the tough protections. I
>> can now send confidential e-mails without any worry. Thanks for this
>> great software.
>> --John"
>>
>> So that's all right then.
>>
>>
>>
>> >(and it's total BS btw)
>>
>> --
>> Richard Herring
>
>Wow! That's a part of my comment I've sent to hiddentools.com ages
>ago, I've not seen that, I don't even know it's there - good you've
>shown me - thanks Richard, funny huh! Hiddentools.com should give me
>the software FREE!!!
That's the best estimate of its value we've had to date.
> for putting my name on it grrrrrr!... You've at
>least decrypted who I am but the above code isn't yet decrypted, not
>in million years anyway....
>- John Springfield
--
Richard Herring
john
> >> No, he's the reviewer. From the web site:
>
> >> "I am convinced that Infinite One-Time Pad is really a super text
> >> encrypter. No doubt, nobody could ever break the tough protections. I
> >> can now send confidential e-mails without any worry. Thanks for this
> >> great software.
> >> --John"
>
> >> So that's all right then.
>
> >> >(and it's total BS btw)
>
- The reason why I'm supporting this software (although I haven't yet
got the full version) is that I've never seen anything like it. I'm a
fan of cryptography and most software of its kind only protected by
keystrokes, for me - keystrokes, no matter how long it is or how
randomly generated, it is still vurnerable to unauthorized decryption
specially in todays computing age... I'm actually been looking to
different sites about the crack version of the software, if I found
one then for me, its credibility is definitely dead - please let me
know should anybody manage to get the cracked version.. I've not seen
one yet to date...
- John
Richard Herring
<a2ca5252-d01c-45f0...@a12g2000yqj.googlegroups.com>,
john <penet...@yahoo.com> writes
>>
>> >> No, he's the reviewer. From the web site:
>>
>> >> "I am convinced that Infinite One-Time Pad is really a super text
>> >> encrypter. No doubt, nobody could ever break the tough protections. I
>> >> can now send confidential e-mails without any worry. Thanks for this
>> >> great software.
>> >> --John"
>>
>> >> So that's all right then.
>>
>> >> >(and it's total BS btw)
>>
>
>- The reason why I'm supporting this software (although I haven't yet
>got the full version) is that I've never seen anything like it.
You don't get out much, then?
> I'm a
>fan of cryptography and most software of its kind only protected by
>keystrokes,
And how is this product different? Some of those keystrokes are the name
of a file, but it still uses a key which doesn't satisfy the
requirements of a true OTP.
> for me - keystrokes, no matter how long it is or how
>randomly generated, it is still vurnerable to unauthorized decryption
>specially in todays computing age... I'm actually been looking to
>different sites about the crack version of the software, if I found
>one then for me, its credibility is definitely dead - please let me
>know should anybody manage to get the cracked version.. I've not seen
>one yet to date...
Absence of evidence is not evidence of absence. It merely means that to
date nobody thinks it's worth while to waste effort on cracking a system
that nobody with any sense would be using in the first place.
--
Richard Herring
Peter Fairbrother
> Shannon's view of perfect randomness is not suitable to todays computing world...
I know several cryptologists who use OTP, passing pairs of DVDs of
randomly-generated data between themselves by hand.
A DVD is 4.7 GB - which is enough for a lot of communications.
> further reading: http://arxiv.org/ftp/arxiv/papers/0709/0709.4420.pdf
That is a "farrago of nonsense".
-- Peter Fairbrother
Peter Fairbrother
> In message
> <a2ca5252-d01c-45f0...@a12g2000yqj.googlegroups.com>,
> john <penet...@yahoo.com> writes
>> for me - keystrokes, no matter how long it is or how
>> randomly generated, it is still vurnerable to unauthorized decryption
>> specially in todays computing age... I'm actually been looking to
>> different sites about the crack version of the software, if I found
>> one then for me, its credibility is definitely dead - please let me
>> know should anybody manage to get the cracked version.. I've not seen
>> one yet to date...
>
> Absence of evidence is not evidence of absence. It merely means that to
> date nobody thinks it's worth while to waste effort on cracking a system
> that nobody with any sense would be using in the first place.
That's perhaps true - I'm not going to try - but the ciphertext given
may in fact be unbreakable.
Don't go WOW! though - this is full of holes, and while a single short
ciphertext may not be breakable, longer ones *will* be.
It isn't safe or secure.
Also, I don't see anything which limits reuse of a keyfile and password
- breaking a pair of ciphertexts which use the same XOR key is trivial.
So yes, it's BS.
-- Peter Fairbrother
john
> Secret Code - You can create a new secret code so that the software will
> use this value every time you encrypt a text. The secret code is used to
> transform the input text and the key. Every single character of the secret
> code is used in the transformation. The number of transformations is equal
> to the length of the secret code.
????
*** This means the code that comes after your first encryption i.e.
using the file of your choice. Say, if your secret code is KEEPME123
then the encryption will transform when you key-in the letter K then
transforms again with the letter E and so on but there's no turning
back when you made a mistake of keying-in as the current
transformation won't go back to the transformation 1 step back, it
will when you reset keying-in the secret code but you must start the
transformation by keying the letter K again.
> Key Modification - You can insert words or characters to the key for
> additional protection.
This helps how?
*** to totally strengthen the initial encryption made by your chosen
FILE (could be the pic of your girl or any file in your system). i.e.
when the first ecryption response made by the file reads as
ru9ew783ure8u4*&^4^eooe..., you can make variation by making it this
way ru9ew783urJOHNe8u4*&^4^eooe... (you can do more complex variation
according to our liking), so even if they got the file you've used,
they'll never know the variation you've made hence making the
acquiring of the secret file useless.
***** These are at least in the user's point of view... I've honestly
no idea if the program behind it is weak and hackers can dismatle it
bit by bit as I'm not the developer but based from the encryption
flowchart - it seems to me that it is indeed unbreakable. John
john
> > Absence of evidence is not evidence of absence. It merely means that to
> > date nobody thinks it's worth while to waste effort on cracking a system
> > that nobody with any sense would be using in the first place.
- Lives of most crackers and hackers are usually driven by challenge
not by the usability of what they're trying to crack. If you go to
sites like downtr, avaxhome, etc. or torrents or the whole database of
rapidshare, depositfiles and the likes, loads and loads of BS cracked
softwares were being posted - just because crackers fancy and enjoy
doing it not because they'll use them, who cares about those cracked
BS sortware anyway, I'm not even interested to include them in my
collection.
> That's perhaps true - I'm not going to try - but the ciphertext given
> may in fact be unbreakable.
- There you go dude! It's indeed unbreakable.
> Don't go WOW! though - this is full of holes, and while a single short
> ciphertext may not be breakable, longer ones *will* be.
>
> It isn't safe or secure.
- How'd you know? With due respect, are you a programmer? Are you
familiar at least the latest .net technology framework? me, I'm not.
>
> Also, I don't see anything which limits reuse of a keyfile and password
> - breaking a pair of ciphertexts which use the same XOR key is trivial.
>
- But IOTP is different in many ways dude.
> So yes, it's BS.
>
- No it's not, othewise prove it.
- John Springfield
Peter Fairbrother
[...] but based from the encryption
> flowchart - it seems to me that it is indeed unbreakable.
Then it's obvious to me that you know little or nothing about
cryptography, and are unfit to offer an opinion.
-- Peter Fairbrother
john
- It's also obvious to me that your understanding is quite short,
carelessly giving a conclusion based only from a single sentence.
Thanks for your opinion anyway, but at least my meticulous opinion is
supported by facts and is not without basis like calling a software BS
without even knowing how to use it which is far more unfit.
Bruce Stephens
[...]
> I've just downloaded the free version and looking forward to buying
> the software as I've not seen any cracked version anywhere deep in the
> internet... well, it seems that nobody can crack it lol!.
Why would anyone try?
If you want software that's not a one-time pad but claims to be as good
as, why not choose a free one? For example, <http://www.adacrypt.com/>.
[...]
john
wrote:
> john <penetrat...@yahoo.com> writes:
>
> [...]
>
> > I've just downloaded the free version and looking forward to buying
> > the software as I've not seen any cracked version anywhere deep in the
> > internet... well, it seems that nobody can crack it lol!.
>
> Why would anyone try?
- That was also my question when I've found a cracked software which
was extremely useless, I just hope that nobody can able to crack
adacrypt as well so I'll have an ecrypting option...
>
> If you want software that's not a one-time pad but claims to be as good
> as, why not choose a free one? For example, <http://www.adacrypt.com/>.
>
> [...]
- Cheers pal, I'll give that a try....
Bruce Stephens
[...]
> - That was also my question when I've found a cracked software which
> was extremely useless, I just hope that nobody can able to crack
> adacrypt as well so I'll have an ecrypting option...
Why are you worried about encryption when you're apparently happy to use
cracked software? Surely you know that such broken software carries a
significant risk of carrying malware?
Why not use popular open source software---software that you and anyone
else can examine, and (since it's widely used) has been so examined, at
least to some extent. That's no guarantee of quality, but it's probably
about as good as you're likely to get.
[...]
Richard Herring
<c90dc4c0-e451-4422...@b10g2000yqa.googlegroups.com>,
john <penet...@yahoo.com> writes
>>
>> > Absence of evidence is not evidence of absence. It merely means that to
>> > date nobody thinks it's worth while to waste effort on cracking a system
>> > that nobody with any sense would be using in the first place.
>
>- Lives of most crackers and hackers are usually driven by challenge
>not by the usability of what they're trying to crack. If you go to
>sites like downtr, avaxhome, etc. or torrents or the whole database of
>rapidshare, depositfiles and the likes, loads and loads of BS cracked
>softwares were being posted - just because crackers fancy and enjoy
>doing it not because they'll use them, who cares about those cracked
>BS sortware anyway, I'm not even interested to include them in my
>collection.
You appear to be confusing different meanings of "crack".
Cracking software means patching it to circumvent whatever technology it
uses to enforce licence conditions.
Cracking an encryption system means finding a way to get plaintext from
ciphertext without knowledge of the key.
These are very different things.
>
>> That's perhaps true - I'm not going to try - but the ciphertext given
>> may in fact be unbreakable.
>
>- There you go dude! It's indeed unbreakable.
Does the phrase "unicity distance" mean anything to you?
>
>> Don't go WOW! though - this is full of holes, and while a single short
>> ciphertext may not be breakable, longer ones *will* be.
>>
>> It isn't safe or secure.
>
>- How'd you know? With due respect, are you a programmer? Are you
>familiar at least the latest .net technology framework? me, I'm not.
Moreover, you apparently don't understand why that's irrelevant.
Cryptanalysis isn't programming, it's mathematics.
>>
>> Also, I don't see anything which limits reuse of a keyfile and password
>> - breaking a pair of ciphertexts which use the same XOR key is trivial.
>>
>
>- But IOTP is different in many ways dude.
Name five.
>
>> So yes, it's BS.
>>
>
>- No it's not, othewise prove it.
>
It doesn't work like that. The onus is on you to provide a proof (in the
mathematical sense) of security.
--
Richard Herring
john
> Cracking software means patching it to circumvent whatever technology it
> uses to enforce licence conditions.
> Cracking an encryption system means finding a way to get plaintext from
> ciphertext without knowledge of the key.
> These are very different things.
- ... but they have the same "name" hence the confusion (by the
reader). Of course they are different in meaning. Never did I say that
software cracking is the same as cracking/decrypting a code. I did
mention both of them but in different scenario - one is cracking the
iotp software (license) and the other is the cracking of the encrypted
code I've shown above. Whilst true that cracking the iotp software is
by no means related to decrypting the code, I just consider them both
at least in my own satisfaction...
> Does the phrase "unicity distance" mean anything to you?
- To be honest with you dude "unicity distance" is now meaningless
IMHO.. though it has been the foundation of early cryptography - its
now the thing of the past - getting possibilities is almost infinite -
you can rumble your arithmetic, algebra, trigonometry, geometry,
calculus, differential equations, statistics, matrices, etc. etc.
these will only get you to nowhere... the length of the encrypted code
I've shown above is NOT the same in length of the actual message or
the secret key just to let you know and applying your mathematics to
dig any connection is hopeless.... The world is now manipulated by
high-powered computer with state of the art programming dude! The
great cryptography oracle Alan Turing of Bletchley Park has long been
dead.
> >> Don't go WOW! though - this is full of holes, and while a single short
> >> ciphertext may not be breakable, longer ones *will* be.
> >> It isn't safe or secure.
> >- How'd you know? With due respect, are you a programmer? Are you
> >familiar at least the latest .net technology framework? me, I'm not.
> Moreover, you apparently don't understand why that's irrelevant.
> Cryptanalysis isn't programming, it's mathematics.
- Computational Mathematics to be exact sir. Although classical
mathematics is the basic foundation, this has now been integrated to
various computer techniques i.e. the power of computer programming
(computer science). I think you're still living with paper and pen
dude - that's a disaster to modern cryptography.
> >> Also, I don't see anything which limits reuse of a keyfile and password
> >> - breaking a pair of ciphertexts which use the same XOR key is trivial.
> >- But IOTP is different in many ways dude.
> Name five.
- Just look at the website dude, hiddentools.com but please don't
think of the concept of the classic perfect randomness at this point
in time so you can free yourself from the legacy of "unicity
distance".
> >> So yes, it's BS.
> >- No it's not, othewise prove it.
> It doesn't work like that. The onus is on you to provide a proof (in the
> mathematical sense) of security.
- The proof has been delivered... only need to be digested according
to todays technology and well
understood by the reader.
> --
- John Springfield
Richard Herring
<1aa4e571-9edb-4977...@k19g2000yqc.googlegroups.com>,
john <penet...@yahoo.com> writes
>>
>> Does the phrase "unicity distance" mean anything to you?
>
>IMHO..
I'll take that as a "no". The value of YHO is becoming clearer with
every sentence you utter.
> though it has been the foundation of early cryptography - its
>now the thing of the past - getting possibilities is almost infinite -
ROFL. That's _why_ you need a long enough sequence of plaintext to
verify your hypothesis.
>you can rumble your arithmetic, algebra, trigonometry, geometry,
>calculus, differential equations, statistics, matrices, etc. etc.
>these will only get you to nowhere... the length of the encrypted code
>I've shown above is NOT the same in length of the actual message or
>the secret key just to let you know and applying your mathematics to
>dig any connection is hopeless.... The world is now manipulated by
>high-powered computer with state of the art programming dude!
Granny. Eggs. Suck.
> The
>great cryptography oracle Alan Turing of Bletchley Park has long been
>dead.
>
>
>> >> Don't go WOW! though - this is full of holes, and while a single short
>> >> ciphertext may not be breakable, longer ones *will* be.
>> >> It isn't safe or secure.
>> >- How'd you know? With due respect, are you a programmer? Are you
>> >familiar at least the latest .net technology framework? me, I'm not.
>
>> Moreover, you apparently don't understand why that's irrelevant.
>> Cryptanalysis isn't programming, it's mathematics.
>>
>- Computational Mathematics to be exact sir. Although classical
>mathematics is the basic foundation, this has now been integrated to
>various computer techniques i.e. the power of computer programming
>(computer science).
Word salad.
> I think you're still living with paper and pen
>dude
Since you have no idea what I do, your opinion is worthless. Again.
[...]
>> >- But IOTP is different in many ways dude.
>>
>> Name five.
>>
>- Just look at the website dude, hiddentools.com
If that's all it takes, why don't _you_ list them here?
[...]
>>
>> It doesn't work like that. The onus is on you to provide a proof (in the
>> mathematical sense) of security.
>
>- The proof has been delivered
Yeah, right. Where?
>but need to be digested and well understood by the reader.
Starting to sound like Adacrypt. Are you related?
Keep digging.
--
Richard Herring
john
captivated with Shannon's Principle. It's time to free yourself dude!
Wake up, it's 2010... Bletchley Park is now a museum! We are already
living in the rapidly advancing
Computer Age. When you say that "The key is not random therefore it is
not secure", as if you were saying "It is not a helicopter, therefore,
it cannot fly..." Take it from me dude, "clinging to Shannon's
Principle is very disastrous to the world of cryptography as it
prevents advancements". The Infinite One-Time Pad is the most advanced
cryptography software I've ever seen so far - only for advanced people
though not for the vintage / war-time minded people.
john
> In message
> <1aa4e571-9edb-4977-8200-67d4aba4e...@k19g2000yqc.googlegroups.com>,
> john <penetrat...@yahoo.com> writes
> >> Does the phrase "unicity distance" mean anything to you?
> I'll take that as a "no". The value of YHO is becoming clearer with
> every sentence you utter.
- ? ? ? ? ?
> > though it has been the foundation of early cryptography - its
> >now the thing of the past - getting possibilities is almost infinite -
> ROFL. That's _why_ you need a long enough sequence of plaintext to
> verify your hypothesis.
- Correct, no doubt with that dude but not the only way though - there
are loads of far better ways if you only unlock your mind from
Shannon's Principle and stay open-minded... QUALITY not QUANTITY dude!
> >you can rumble your arithmetic, algebra, trigonometry, geometry,...
> Granny. Eggs. Suck.
- A usual reply of a speechless loser.
> > I think you're still living with paper and pen
> >dude
> Since you have no idea what I do, your opinion is worthless. Again.
- I've no business on what you do dude and am not interested at all -
"living with paper and pen" means vintage way of dealing with things
(as far as modern cryptography is concerned) and I've based my
statement purely from our discussion - you lost your way again here
dude.
> >> It doesn't work like that. The onus is on you to provide a proof (in the
> >> mathematical sense) of security.
> >- The proof has been delivered
> Yeah, right. Where?
- I can't get what you really want now dude, are you after the
security skeleton? Don't ask me then as I know nothing of the
construction just the result which matters to me - ask the developer
instead, but I don't think they'll tell you that - it's a matter of
being a trade secret I guess... but it's worth trying...
> >but need to be digested and well understood by the reader.
> Starting to sound like Adacrypt. Are you related?
> Keep digging.
- I wish I were.... yeah! keep digging...
> --
- John Springfield
Paulo Marques
> On Jan 26, 1:28 pm, Richard Herring <junk@[127.0.0.1]> wrote:
>> ROFL. That's _why_ you need a long enough sequence of plaintext to
>> verify your hypothesis.
>
> are loads of far better ways if you only unlock your mind from
> Shannon's Principle and stay open-minded... QUALITY not QUANTITY dude!
Richard, john is of course correct. You just don't see it because you're
not smoking the same shit as he is.
That must be some powerful shit, though ;)
--
Paulo Marques - www.grupopie.com
"'thinking outside the box' works better if I know what's inside the box."
vanessa...@yahoo.com
There are cases where you don't need to see what's inside the box.
For example, it is plane to see that SR-71 Blackbird is faster than
Boeing X-43.
Do we still need to see the components used, designs, etc to believe
it is.
Sometimes, logical judgement is enough. Digging the internals is just
a secondary.
vanessa...@yahoo.com
>
> - Show quoted text -
As I understand, John based his judgement of the matter on the
logical point of view. I also tried the software Infinite One-Time Pad
and logically, it is unbreakable.
Paulo Marques
> On Jan 26, 11:59 pm, vanessavertu...@yahoo.com wrote:
>> On Jan 26, 11:04 pm, Paulo Marques <pmarq...@grupopie.com> wrote:
>>> "'thinking outside the box' works better if I know what's inside the box."
>> There are cases where you don't need to see what's inside the box.
>> For example, it is plane to see that SR-71 Blackbird is faster than
>> Boeing X-43.
>> Do we still need to see the components used, designs, etc to believe
>> it is.
>> Sometimes, logical judgement is enough. Digging the internals is just
>> a secondary.
That was just a signature that my email client selected at random. I
left it intact, because it sort of fitted the thread. In your own
example: yes, you can see that the plane is faster, but you can't really
see why. So knowing what's inside really works _better_.
> As I understand, John based his judgement of the matter on the
> logical point of view. I also tried the software Infinite One-Time Pad
> and logically, it is unbreakable.
And a lot of people have explained why is logic is flawed, but is
replies to that have been similar to:
"you know dude, "unicity distance" is dead dude, and that algebra and
mathematics are soooo square dude, you need to understand the new
extreme programming concepts that go beyond mathematics, dude... oh
yeah, and some files are really big, dude"
Now listen to that and tell me if you don't see a bong in there
somewhere? ;)
--
Paulo Marques - www.grupopie.com
"Who is general Failure and why is he reading my disk?"
Richard Herring
<477ebf49-6d2f-4477...@b10g2000yqa.googlegroups.com>,
john <penet...@yahoo.com> writes
>Richard, before I forget ---- "It seems that you are already
>captivated with Shannon's Principle.
Hey, it's *your* favourite crypto program that claims to rely on
Shannon:
"Infinite One-Time Pad (IO-TP) is super secure text encryption and
decryption software. It implements the concept of the true One-Time Pad
to produce a ciphertext that is unbreakable."
[...].
> It's time to free yourself dude!
>Wake up, it's 2010... Bletchley Park is now a museum! We are already
>living in the rapidly advancing
>Computer Age. When you say that "The key is not random therefore it is
>not secure",
I'm sure you can remind me where I said that? A Message-ID will do.
> as if you were saying "It is not a helicopter, therefore,
>it cannot fly..." Take it from me dude, "clinging to Shannon's
>Principle is very disastrous to the world of cryptography as it
>prevents advancements".
Indeed. That's why most practical cryptosystems don't implement perfect
secrecy, and indeed Shannon took care to distinguish between "perfect
secrecy", "ideal secrecy" and "practical secrecy" .
>The Infinite One-Time Pad is the most advanced
>cryptography software I've ever seen so far
"Advanced"? The very (mis-)use of the phrase "One-Time Pad" proclaims
that it's based on that very principle you keep deriding!.
>- only for advanced people
>though not for the vintage / war-time minded people.
--
Richard Herring
vanessa...@yahoo.com
> In message
> <477ebf49-6d2f-4477-84b4-c192c5f4d...@b10g2000yqa.googlegroups.com>,
> john <penetrat...@yahoo.com> writes
Okay, I will discuss here how Infinite One-Time Pad works according
to
available references. This may not be accurate as I may be missing
something but generally it goes like this.
The PLAIN text is compressed and encoded using series of algorithms.
Let's now call it "Transformed Text". Now, the key is extracted from
a
secret file of your choice and again it is filtered and encoded and
you
have a chance to insert any word or characters at any location to
modify
it further. If you type a password, each character of the password
re-encodes the modified key. Let's call the result as "Transformed
Key".
Finally, the "Transformed Key" is applied to the "Transformed Text".
I CHALLENGE EVERYONE to present a solution on how to attack
the ciphertext. You can find available "cryptanalysis" techniques here
http://en.wikipedia.org/wiki/Cryptanalysis. Study the attacks then
show how it could be used against Infinite One-Time Pad's
ciphertext at least logically.
john
> show how it could be used against Infinite One-Time Pad's
> ciphertext at least logically.
Exactly Dude!,... Let's see who's the real smoker of a powerful
shit. BTW I thought I was the only one in this group who understand
the
concept of my favourite Infinite One Time Pad - Two thumbs-up for that
dude!
OK Students of Cryptography who are locked under the shadow of the
great Shannon wings, dig your beloved textbooks deeper as you mean it
-
Look what's inside the box! (If you can)
Peter Fairbrother
> On Jan 26, 11:59 pm, vanessavertu...@yahoo.com wrote:
>> On Jan 26, 11:04 pm, Paulo Marques <pmarq...@grupopie.com> wrote:
>>
>>
>>
>>
>>
>>> john wrote:
>>>> On Jan 26, 1:28 pm, Richard Herring <junk@[127.0.0.1]> wrote:
>>>>> [...]
>>>>> ROFL. That's _why_ you need a long enough sequence of plaintext to
>>>>> verify your hypothesis.
>>>> - Correct, do doubt with that dude but not the only way though - there
>>>> are loads of far better ways if you only unlock your mind from
>>>> Shannon's Principle and stay open-minded... QUALITY not QUANTITY dude!
>>> Richard, john is of course correct. You just don't see it because you're
>>> not smoking the same shit as he is.
>>> That must be some powerful shit, though ;)
>>> --
>>> Paulo Marques -www.grupopie.com
>>> "'thinking outside the box' works better if I know what's inside the box."
>> There are cases where you don't need to see what's inside the box.
>> For example, it is plane to see that SR-71 Blackbird is faster than
>> Boeing X-43.
err - no, it isn't. Were you being serious?
>> Do we still need to see the components used, designs, etc to believe
>> it is.
>> Sometimes, logical judgement is enough. Digging the internals is just
>> a secondary.- Hide quoted text -
>>
>> - Show quoted text -
>
> As I understand, John based his judgement of the matter on the
> logical point of view. I also tried the software Infinite One-Time Pad
> and logically, it is unbreakable.
err - no, it isn't. Were you being serious?
Lessee, how would I go about breaking this BS?
First, I'd find the key file on the user's computer, after seizing or
stealing it, or copying the hard drive. I'd also find the "secret code"
there, and probably the "key modification" if used.
Then it's just a password cracker. Compression makes this a little
harder, but not much - it's just a little more work.
Bye-bye "unbreakable". It's a pile of crap.
And there's no forward secrecy.
-- Peter Fairbrother
Paulo Marques
> [...]
> Okay, I will discuss here how Infinite One-Time Pad works according
> to available references. This may not be accurate as I may be missing
> something but generally it goes like this.
Since you seem to be honest and not trolling, I'll try to explain why
this doesn't work.
> The PLAIN text is compressed and encoded using series of algorithms.
> Let's now call it "Transformed Text".
This transformation doesn't involve any kind of encryption with a secret
key. So, if an attacker want to test some key, it can try it and run the
reverse transformation over the obtained text and see if that works.
In fact, this transformed text can be even easier to attack than the
original text. Let me give you an example: imagine that your
transformation consisted of Zip'ing the files you want to encrypt. Now
the attacker knows that the "transformed text" always start with the
string "PK" (and other zip structure details) and doesn't even need to
run the reverse transformation to find the actual plaintext to know if a
key works or not.
> Now, the key is extracted from a secret file of your choice and
> again it is filtered and encoded
The point here is key distribution: if you need to send your encrypted
file to someone you need to also send the "secret file". At this point,
is not secret anymore.
> and you have a chance to insert any word or characters at any location
> to modify it further. If you type a password, each character of the
password
> re-encodes the modified key. Let's call the result as "Transformed
> Key".
This is not very different from key strengthening. It is just slightly
worse than any other algorithm out there.
> Finally, the "Transformed Key" is applied to the "Transformed Text".
Duh,
> I CHALLENGE EVERYONE to present a solution on how to attack
> the ciphertext. You can find available "cryptanalysis" techniques here
> http://en.wikipedia.org/wiki/Cryptanalysis. Study the attacks then
> show how it could be used against Infinite One-Time Pad's
> ciphertext at least logically.
You're talking to the crowd that wrote that wikipedia page, so you get
no points for insulting everyone.
If you compare that algorithm with something like GnuPG (for instance),
you'll notice how key distribution is much easier and secure with GnuPG
(and free).
--
Paulo Marques - www.grupopie.com
"Feed the hungry, save the whales, free the mallocs!"
rossum
wrote:
>- To be honest with you dude "unicity distance" is now meaningless
>IMHO..
Fine, then please crack my own unbreakable code. Here is a sample of
cyphertext for you: 5A
That is a single byte of cyphertext expressed in hex. Since unicity
is "meaningless" you should be able to decrypt it.
rossum
vanessa...@yahoo.com
>
> - Show quoted text -
Then you've done a very long process which is hopeless.
How about if I tell you that to break OTP, just steal the
key and it is done. "Bye bye unbrekable OTP."
You cannot find the secret modification if it is nowhere on
the disk.
Paulo Marques
Oh, oh, let me try: it's an 'R', no wait, it's an 'A', no... Hummm, can
I have 256 attempts?
:)
--
Paulo Marques - www.grupopie.com
"Every drive dies; not every drive really lives."
-- Braveheart meets 21st century technology. :^)
Richard Herring
<pmar...@grupopie.com> writes
>vanessa...@yahoo.com wrote:
>> [...]
>> Okay, I will discuss here how Infinite One-Time Pad works according
>> to available references. This may not be accurate as I may be missing
>> something but generally it goes like this.
>
>Since you seem to be honest and not trolling,
And for someone with zero posting history before today, it's very brave
of her to start in this newsgroup ;-/
--
Richard Herring
vanessa...@yahoo.com
> vanessavertu...@yahoo.com wrote:
> > [...]
> > Okay, I will discuss here how Infinite One-Time Pad works according
> > to available references. This may not be accurate as I may be missing
> > something but generally it goes like this.
>
> Since you seem to be honest and not trolling, I'll try to explain why
> this doesn't work.
>
> > The PLAIN text is compressed and encoded using series of algorithms.
> > Let's now call it "Transformed Text".
>
> This transformation doesn't involve any kind of encryption with a secret
> key. So, if an attacker want to test some key, it can try it and run the
> reverse transformation over the obtained text and see if that works.
That is not possible since the "transformed text" is no longer
available once the "transformed key" is applied.
>
> In fact, this transformed text can be even easier to attack than the
> original text. Let me give you an example: imagine that your
> transformation consisted of Zip'ing the files you want to encrypt. Now
> the attacker knows that the "transformed text" always start with the
> string "PK" (and other zip structure details) and doesn't even need to
> run the reverse transformation to find the actual plaintext to know if a
> key works or not.
Foremost, that is not possible since the "transformed text" is not
available after applying the key. Even if the "transformed text" is
exposed, the zipping codes you are saying such as "PK" no
longer exist since it is encoded using series of algorithms.
>
> > Now, the key is extracted from a secret file of your choice and
> > again it is filtered and encoded
>
> The point here is key distribution: if you need to send your encrypted
> file to someone you need to also send the "secret file". At this point,
> is not secret anymore.
>
>
There is no problem sending the "Secret File". It can be pre-arranged.
It could be that the file is already with him.
>
> > and you have a chance to insert any word or characters at any location
> > to modify it further. If you type a password, each character of the
> password
> > re-encodes the modified key. Let's call the result as "Transformed
> > Key".
>
> This is not very different from key strengthening. It is just slightly
> worse than any other algorithm out there.
>
You have no basis of saying that.
> > Finally, the "Transformed Key" is applied to the "Transformed Text".
>
> Duh,
>
> > I CHALLENGE EVERYONE to present a solution on how to attack
> > the ciphertext. You can find available "cryptanalysis" techniques here
> >http://en.wikipedia.org/wiki/Cryptanalysis. Study the attacks then
> > show how it could be used against Infinite One-Time Pad's
> > ciphertext at least logically.
>
> You're talking to the crowd that wrote that wikipedia page, so you get
> no points for insulting everyone.
It is not an insult. It is a challenge. If somebody is successful,
then it
could be published on wiki. The technique will be seen by the
community and would be a good educational material.
Who knows somebody can invent a new cryptanalytic
method for this kind of encryption technique.
>
> If you compare that algorithm with something like GnuPG (for instance),
> you'll notice how key distribution is much easier and secure with GnuPG
> (and free).
>
How did you know? Do you know the algorithms used in Infinite
One-Time Pad?
> --
> Paulo Marques -www.grupopie.com
john
> > wrote:
>
> >> - To be honest with you dude "unicity distance" is now meaningless
> >> IMHO..
> > Fine, then please crack my own unbreakable code. Here is a sample of
> > cyphertext for you: 5A
>
> > That is a single byte of cyphertext expressed in hex. Since unicity
> > is "meaningless" you should be able to decrypt it.
- Of course I can't... firstly, I'm not a cracker and I've no time and
patience to crack (I'm only a user and a fan of cryptography and I'll
be much happier if you could send me your item for my cryptography
collection)... secondly, I don't need to learn how to program with the
8080 microprocessor just to prove that PC's are better and the 8080 is
now redundant...
>
john
> >vanessavertu...@yahoo.com wrote:
> >> [...]
> >> Okay, I will discuss here how Infinite One-Time Pad works according
> >> to available references. This may not be accurate as I may be missing
> >> something but generally it goes like this.
>
> >Since you seem to be honest and not trolling,
>
> And for someone with zero posting history before today, it's very brave
> of her to start in this newsgroup ;-/
>
> --
> Richard Herring
- BTW I also got zero posting history prior to my recent post which
was immediately insulted - but it's fine, this is your newsgroup
anyway.. I'm only protecting my favourite item in my collection (the
BS as they say without basis). ... I'm just giving my point to the
iotp... anyway there's nothing sensible against it so far... I still
stick to IOTP - the unbreakable!
Peter Fairbrother
First, the use of key modification is not mandated, so it may not be
used by some people. In practice, most people won't use it.
Second, if it's not stored on the disk, the modification will be done by
a human - two humans, in fact - from memory, so it can't be very
complex, and will in most cases be easily guessable.
It's just like adding an extra key - it might make breaking it harder,
but it does not make it unbreakable.
And that's the point. The website claims unbreakability, and the use of
a one-time-pad, but neither claim is true.
It's not unbreakable, as above, and it's not a OTP - for a start key
material is not random, which makes it not a proper Shannon OTP with
unbreakable security, second some key material is reused, which makes it
not a OTP - and third, you have to use a different password for each
encryption, else the pad is reused and it's trivial to break.
We see a lot of these claims - unbreakable plus OTP - usually from
clueless newbies or pathologers, but sometimes from snake-oil salesmen.
The clueless newbies can be cured, but usually not the others.
It's actually quite easy to do a proper OTP, but the problem is key
distribution, and the people making the claims say they have gotten
around this problem by some means - but you *can't* get around the
problem and retain unbreakability.
You have to solve the key distribution problem, not get around it - eg
by passing DVDs of pad by hand.
So as soon as we see unbreakable and OPT in the same sentence, unless
it's a real Shannon OTP with random keys, we say, "that's crap".
It *can't* be true, it's theoretically impossible according to Shannon.
Then the newbies/pathologers/snake oil salesmen sometimes (quite often
in fact) say Shannon was wrong, because it's uncomfortable for them if
Shannon was right; but they don't say why or how they think he was
wrong, and we aren't going to believe he was without proof - which is
extremely unlikely to happen, as his math is correct and his reasoning
seems sound.
They have their own reasons to need to believe that Shannon must have
been wrong - but they aren't based in logic, but in their
pathologer/snake oil motives.
Just because they want or need to believe something doesn't make it true.
The programs they produce could in fact be sufficiently hard to break
that it's not worth trying, or even unbreakable in practice - although
in this case that's not true, and generally speaking it's unlikely - but
making untrue claims isn't the way to convince us.
-- Peter Fairbrother
Peter Fairbrother
> rossum wrote:
>> On Tue, 26 Jan 2010 04:39:30 -0800 (PST), john <penet...@yahoo.com>
>> wrote:
>>
>>> - To be honest with you dude "unicity distance" is now meaningless
>>> IMHO..
>> Fine, then please crack my own unbreakable code. Here is a sample of
>> cyphertext for you: 5A
>>
>> That is a single byte of cyphertext expressed in hex. Since unicity
>> is "meaningless" you should be able to decrypt it.
>
> Oh, oh, let me try: it's an 'R', no wait, it's an 'A', no... Hummm, can
> I have 256 attempts?
>
> :)
>
No. it's "supercalifragilisticexpialidocious". Or "squeamish ossifrage"
if I turn my codebook upside down.
:-P
-- Peter Fairbrother
Paulo Marques
> On Jan 27, 1:33 am, Paulo Marques <pmarq...@grupopie.com> wrote:
>> vanessavertu...@yahoo.com wrote:
>>> [...]
>>> Okay, I will discuss here how Infinite One-Time Pad works according
>>> to available references. This may not be accurate as I may be missing
>>> something but generally it goes like this.
>> Since you seem to be honest and not trolling, I'll try to explain why
>> this doesn't work.
You're starting to prove me wrong with this last post.... :(
>>> The PLAIN text is compressed and encoded using series of algorithms.
>>> Let's now call it "Transformed Text".
>> This transformation doesn't involve any kind of encryption with a secret
>> key. So, if an attacker want to test some key, it can try it and run the
>> reverse transformation over the obtained text and see if that works.
>
> That is not possible since the "transformed text" is no longer
> available once the "transformed key" is applied.
>[...]
> Foremost, that is not possible since the "transformed text" is not
> available after applying the key. Even if the "transformed text" is
> exposed, the zipping codes you are saying such as "PK" no
> longer exist since it is encoded using series of algorithms.
Let me try to be clearer. The process you described is:
PlainText (PT) -> [box of deterministic algorithms] ->
transformed text (TT) -> [transform with secret file + password] ->
cypher text (CT)
Correct?
So, now I'm an attacker. I have CT, and want PT. Imagine that I can grab
hold of the secret file, and am trying out passwords to see if any of it
works.
So if I want to try password P, I take CT -> [reverse transformation
using secret file + P] -> TT.
Now I need to check if TT is correct or not. You simply need to run: TT
-> [reverse box of deterministic algorithms] -> PT and test the
resulting PT to see if it is a valid plaintext.
So the [box of deterministic algorithms] doesn't help at all. And when I
say that it might even make it worse, is because the reverse
transformation might fail for some TT's which can be immediately
perceived by the attacker as a "wrong password", without even needing to
check the actual plaintext.
>>> Now, the key is extracted from a secret file of your choice and
>>> again it is filtered and encoded
>> The point here is key distribution: if you need to send your encrypted
>> file to someone you need to also send the "secret file". At this point,
>> is not secret anymore.
>
> There is no problem sending the "Secret File". It can be pre-arranged.
> It could be that the file is already with him.
That is exactly the problem! If you have one algorithm, where Bob can
send the public key in the clear to Alice and keep the private key
private, and receive an encrypted file from Alice that only he can
decrypt, why should you use a worse algorithm that forces you to
"pre-arrange" the keys over a secure channel?
>>> and you have a chance to insert any word or characters at any location
>>> to modify it further. If you type a password, each character of the
>> password
>>> re-encodes the modified key. Let's call the result as "Transformed
>>> Key".
>> This is not very different from key strengthening. It is just slightly
>> worse than any other algorithm out there.
>
> You have no basis of saying that.
Of course I have. In typical key strengthening algorithms you take the
user-readable password and re-hash it N times. You can select that N as
a trade-off between speed and strength. This way you have a real measure
of the strengthening effort.
"each character of the password re-encodes the modified key" sounds very
weak, because with small passwords you'll just have very few modifications.
>>> I CHALLENGE EVERYONE to present a solution on how to attack
>>> the ciphertext. You can find available "cryptanalysis" techniques here
>>> http://en.wikipedia.org/wiki/Cryptanalysis. Study the attacks then
>>> show how it could be used against Infinite One-Time Pad's
>>> ciphertext at least logically.
>> You're talking to the crowd that wrote that wikipedia page, so you get
>> no points for insulting everyone.
>
> It is not an insult. It is a challenge.
The insult part is the "go read it and learn". Many people here know
very well all the theory that is explained in Wikipedia. Even more,
Wikipedia just has mostly the basics. If you're serious about
cryptography you really need to at least read a few books.
> If somebody is successful, then it
> could be published on wiki. The technique will be seen by the
> community and would be a good educational material.
Are you going to pay for my time?
> Who knows somebody can invent a new cryptanalytic
> method for this kind of encryption technique.
There is nothing new here, just gibberish.
>> If you compare that algorithm with something like GnuPG (for instance),
>> you'll notice how key distribution is much easier and secure with GnuPG
>> (and free).
>
> How did you know? Do you know the algorithms used in Infinite
> One-Time Pad?
I know because GnuPG is a public key algorithm, as opposed to a
symmetric key algorithm like this one. Key distribution must be harder
as a direct consequence.
Even the name "Infinite One-Time Pad" sounds like snake oil. Anyone here
can tell you that.
Anyway, consider this my last effort to explain this. If you still can't
get it, then I'll consider that you're just trolling like john.
--
Paulo Marques - www.grupopie.com
"Prediction is hard. Especially of the future."
Niels Bohr
Bruce Stephens
> On Jan 27, 1:33 am, Paulo Marques <pmarq...@grupopie.com> wrote:
[...]
>> If you compare that algorithm with something like GnuPG (for instance),
>> you'll notice how key distribution is much easier and secure with GnuPG
>> (and free).
>
> How did you know? Do you know the algorithms used in Infinite
> One-Time Pad?
Because GnuPG offers asymmetric algorithms, and IOTP doesn't.
[...]
unruh
What you do with your own stuff is your business. It is when you start
to advise others that total lack of knowledge of cryptography begins to
be displayed.
Crypto is different from almost all other products, in that the consumer
cannot see whether or not the crypto really works. Even totally shoddy
products look like they work (in goes text, out comes gibberish). And if
it does not work, you are liable not to know it ( your enemies will not
advertise that they broken your crypto.) Then it becomes even more
important that you rely on people who really know, understand and
practice crypto-- breaking and creation-- and you are always far far
better off relying on well known and studied systems than flybynight
systems.
Now I doubt that you have anything very important that anyone wants to
steal, and if you do, it is you that will suffer the consequences of
your ignorance and pig-headedness-- and whoever relies on your advice.
Bruce Stephens
[...]
> I've just downloaded the free version and looking forward to buying
> the software as I've not seen any cracked version anywhere deep in the
> internet...
Why IO-OTP rather than these?
<http://www.adacrypt.com/> (which I mentioned before)
The following have the Schneier mark of disapproval (in that they've all
appeared in his blog (not in a positive way, and sometimes more than
once)):
<http://www.hdencrypt.com/crypteto.html>
<http://www.singularics.com/products/encryption/>
<http://www.meganet.com/>
<http://acapsoft.com/det.php?prog=CryptIt>
<http://www.vadiumtech.com/>
[...]
john
> On 2010-01-26, john <penetrat...@yahoo.com> wrote:
>
> >> >vanessavertu...@yahoo.com wrote:
> >> >> [...]
> >> >> Okay, I will discuss here how Infinite One-Time Pad works according
> >> >> to available references. This may not be accurate as I may be missing
> >> >> something but generally it goes like this.
>
> >> >Since you seem to be honest and not trolling,
>
> >> And for someone with zero posting history before today, it's very brave
> >> of her to start in this newsgroup ;-/
>
> > - BTW I also got zero posting history prior to my recent post which
> > was immediately insulted - but it's fine, this is your newsgroup
> > anyway.. I'm only protecting my favourite item in my collection (the
> > BS as they say without basis). ... I'm just giving my point to the
> > iotp... anyway there's nothing sensible against it so far... I still
> > stick to IOTP - the unbreakable!
>
> What you do with your own stuff is your business. It is when you start
> to advise others that total lack of knowledge of cryptography begins to
> be displayed.
- I've no intention to advise others as I don't have the capability to
do so, I only stick to iotp topic that's all, no more no less... If
I'd advised somebody - that was when I asked them to try the iotp
themselves before their BS verdict.
..... On the display of lack of cryptography knowledge: Have you
really seen such a so-called display in the process? or you've seen it
just before that display (prejudice)? Considering I indeed lack of the
very least knowledge of cryptography why you can just prove things to
me in the very first place then - period. All I can see is prejudism
and rubbish explanation/conclusion not worth a penny - oh, it's just
now when vanessa(?) entered the forum that things are becoming a bit
sensible (though arrogance still exist)... for time being. BTW in a
user's point of view, there's no need to familiarize the skeleton if
the result is obvious and I as a user relies on the result. I don't
need to learn the technical blueprint of a thing where I can see
"concretely" its capability otherwise, I won't be using my tractor
without knowing its blueprint as it may jump and drop me off in the
air.
On Paulo:
I'm not trolling dude just because I disagree with your concept,... To
all of you, as it seems you're a circle of gentlemen with a common
concept - my sincere Apology if I've scratched your egos... I
appreciate your deep knowledge on your own cup of tea, although I'm
not a high flying cryptographer but merely a normal user, I can still
sense that something is just not right (at least in a certain thing)
like giving a verdict to an untested item - nothing less than making a
conclusion without examination - driven merely by hypothesis usually
derived from a closed concept.
unruh
>> On 2010-01-26, john <penetrat...@yahoo.com> wrote:
>>
>> >> >vanessavertu...@yahoo.com wrote:
>> >> >> [...]
> user's point of view, there's no need to familiarize the skeleton if
> the result is obvious and I as a user relies on the result. I don't
> need to learn the technical blueprint of a thing where I can see
> "concretely" its capability otherwise, I won't be using my tractor
> without knowing its blueprint as it may jump and drop me off in the
> air.
Unfortunately that proves that you know nothing about crypto. You cannot
"see" the results and deduce anything about crypto. The worst crypto can
look just as random in output as the best. That is the problem with
crypto. You cannot judge it by its output, as you can most other
software. You MUST examine the code in detail, just as your enemy is
going to do. And if he breaks the code, he will not tell you.
Ie, judging crypto is completely different from judging most other
software.
>
>
> On Paulo:
> I'm not trolling dude just because I disagree with your concept,... To
> all of you, as it seems you're a circle of gentlemen with a common
> concept - my sincere Apology if I've scratched your egos... I
You have not scratched anyone's ego, your claws are non-existant. You do
however threaten to confuse other people.
Gordon Burditt
>shouldn't be an issue in today's computing age.
If the "perfect random key" is a thing of the past, so is the "one
time pad", and no one should be claiming that their software is
equivalent to one. And you shouldn't be claiming that it's
"theoretically unbreakable". That's also "old school".
When I see claims like that, especially in the *name* of a new
cryptographic program, it's advertising fraud. The person doing
the naming is afraid his code won't deliver what he has promised
(and he's virtually always right on that count).
The cipher might be more secure than AES and faster, but by claiming
theoretical unbreakability, the author has blown any credibility
he had.
If the ciphertext is of length N bits (and the cipher preserves
length), then one can generate 2**(N) possible plaintexts for a
real one time pad. (Note that for the one time pad, I don't really
even need the ciphertext, only its length. Knowing the ciphertext
doesn't even eliminate one possible plaintext out of 2**(N) of
them). That's theoretical unbreakability.
If the key used in another cipher is of length K bits, where K <
N, then I can decrypt the ciphertext with 2**(K) possible keys,
giving 2**(K) possible plaintexts. Since K < N and assuming both
are integers, (2**(K))/(2**(N)) is 0.5 or less, indicating I have
eliminated at least 50% of all possible plaintext. If I can eliminate
a possible plaintext, even one out of possibly trillions (without
using the argument that the plaintext is supposed to be something
known, like English text, rather than a key for a real one-time-pad),
it's not theoretically unbreakable. For a true one-time-pad, you
need as much key material as message text. Shannon still applies.
If you want to move past Shannon, move past the "one time pad" and
"theoretically unbreakable", to stream ciphers that have so many
possible keys it exceeds the number of particles in the universe.
>The optimized power of
>the enigma machine is only equivalent to today's bit of a very simple
>computer program.
Modern computing power works both ways. The bad guys have it as
well as the good guys. You can use more complex ciphers, and you
can also use it to brute-force much more complicated ciphers than
could be done with pencil and paper.
>If we look vividly to today's technology, there's
>far more interesting thing to consider than the "perfect random key"
>of old...
"more interesting", yes. "as unbreakable as a one time pad", no.
>Shannon's view of perfect randomness is not suitable to
>todays computing world... further reading:
If you are claiming "my cipher is as good as a one time pad, but
with a shorter key" ... BULLSHIT!
If you are claiming "my cipher is good enough for practical use in
today's computing world" (it might or might not be) ... DON'T CALL
IT A ONE TIME PAD!
Vanessa
Correct, but you should know that "Password" is not the only
protection
you can implement.
>
> So, now I'm an attacker. I have CT, and want PT. Imagine that I can grab
> hold of the secret file, and am trying out passwords to see if any of it
> works.
>
> So if I want to try password P, I take CT -> [reverse transformation
> using secret file + P] -> TT.
>
> Now I need to check if TT is correct or not. You simply need to run: TT
> -> [reverse box of deterministic algorithms] -> PT and test the
> resulting PT to see if it is a valid plaintext.
>
> So the [box of deterministic algorithms] doesn't help at all. And when I
> say that it might even make it worse, is because the reverse
> transformation might fail for some TT's which can be immediately
> perceived by the attacker as a "wrong password", without even needing to
> check the actual plaintext.
So now, you've resorted to "Brute Force". Unfortunately, in Infinite
One-Time Pad, you can use a password of any length.
Why not download the trial version to see for yourself?
You can even use the whole content of a book if that's what you
prefer. Let's say that the possible character you can type is 92 and
the
length of the password is 16, the total possiblities will be 92 ^ 16.
Even
if the fastest computer in the world is used it will take trillions of
years
to try them all. How much more if the length is longer?
>
> >>> Now, the key is extracted from a secret file of your choice and
> >>> again it is filtered and encoded
> >> The point here is key distribution: if you need to send your encrypted
> >> file to someone you need to also send the "secret file". At this point,
> >> is not secret anymore.
>
> > There is no problem sending the "Secret File". It can be pre-arranged.
> > It could be that the file is already with him.
>
> That is exactly the problem! If you have one algorithm, where Bob can
> send the public key in the clear to Alice and keep the private key
> private, and receive an encrypted file from Alice that only he can
> decrypt, why should you use a worse algorithm that forces you to
> "pre-arrange" the keys over a secure channel?
Use Infinite One-Time Pad if maximum security is desired.
If not, then use other algorithms. You can read it here.
http://www.hiddentools.com/io-tp/art3.html
>
> >>> and you have a chance to insert any word or characters at any location
> >>> to modify it further. If you type a password, each character of the
> >> password
> >>> re-encodes the modified key. Let's call the result as "Transformed
> >>> Key".
> >> This is not very different from key strengthening. It is just slightly
> >> worse than any other algorithm out there.
>
> > You have no basis of saying that.
>
> Of course I have. In typical key strengthening algorithms you take the
> user-readable password and re-hash it N times. You can select that N as
> a trade-off between speed and strength. This way you have a real measure
> of the strengthening effort.
>
> "each character of the password re-encodes the modified key" sounds very
> weak, because with small passwords you'll just have very few modifications.
It is stated that key has undergone series of transformations after
extraction
from the key file. Transformations due to password are just extras.
>
> >>> I CHALLENGE EVERYONE to present a solution on how to attack
> >>> the ciphertext. You can find available "cryptanalysis" techniques here
> >>>http://en.wikipedia.org/wiki/Cryptanalysis. Study the attacks then
> >>> show how it could be used against Infinite One-Time Pad's
> >>> ciphertext at least logically.
> >> You're talking to the crowd that wrote that wikipedia page, so you get
> >> no points for insulting everyone.
>
> > It is not an insult. It is a challenge.
>
> The insult part is the "go read it and learn". Many people here know
> very well all the theory that is explained in Wikipedia. Even more,
> Wikipedia just has mostly the basics. If you're serious about
> cryptography you really need to at least read a few books.
Okay, I'm sorry if that has insulted you. That is just a reference
for readers who don't know about it anyway because the challenge
is addressed to everyone.
>
> > If somebody is successful, then it
> > could be published on wiki. The technique will be seen by the
> > community and would be a good educational material.
>
> Are you going to pay for my time?
No, not me.
>
> > Who knows somebody can invent a new cryptanalytic
> > method for this kind of encryption technique.
>
> There is nothing new here, just gibberish.
>
> >> If you compare that algorithm with something like GnuPG (for instance),
> >> you'll notice how key distribution is much easier and secure with GnuPG
> >> (and free).
>
> > How did you know? Do you know the algorithms used in Infinite
> > One-Time Pad?
>
> I know because GnuPG is a public key algorithm, as opposed to a
> symmetric key algorithm like this one. Key distribution must be harder
> as a direct consequence.
>
> Even the name "Infinite One-Time Pad" sounds like snake oil. Anyone here
> can tell you that.
"Snake Oil"? this is the default term used if the algorithm of a
certain crypto
system is not exposed. Do we need the author to expose everything? I
think the expanation is already enough to see the strength.
>
> Anyway, consider this my last effort to explain this. If you still can't
> get it, then I'll consider that you're just trolling like john.
>
I'm not trolling, my reasons for believing on the strength of Infinite
One-Time Pad is justified. Sometimes we have to consider other
possibilities. Fundamental theories are beneficial but do not confine
yourself with them. As John said, this is dangerous to the
advancement of cryptography. Computer technology is rapidly
advancing. We should move forward, consider and explore
posibilities so cryptography will no left behind.
"The man who follows the crowd will usually get no further than
the crowd. The man who walks alone is likely to find himself in
places no one has ever been." - Alan Ashley - Pitt
You can be the next Shannon.
> --
> Paulo Marques -www.grupopie.com
WTShaw
As you advance, forget not where you have been and what you learned to
even get there. The burden of knowledge is inclusive.
Gordon Burditt
>> >> file to someone you need to also send the "secret file". At this point,
>> >> is not secret anymore.
>>
>> > There is no problem sending the "Secret File". It can be pre-arranged.
That doesn't work for all situations. It would if you can send a
monthly DVD of random data by diplomatic courier. It might not if
you can only communicate by radio, and have to keep the transmissions
short to avoid radio detection trucks from locating you. During a
war, most prisoners of war who were also conducting sabotage weren't
able to return to London for a conference (and picking up crypto
keys) overnight without the Nazis noticing, because they have smarter
guards than Sgt. Schultz and Col. Klink.
How strong is the encryption if the only shared key you can use is
what you can write on two 1-inch by 1-inch Post-it notes in 2 minutes
- you keep one copy and pass the other to him in a detention center,
hoping you'll be released later, and hopefully the two copies are
the same.
>> > It could be that the file is already with him.
>>
>> That is exactly the problem! If you have one algorithm, where Bob can
>> send the public key in the clear to Alice and keep the private key
>> private, and receive an encrypted file from Alice that only he can
>> decrypt, why should you use a worse algorithm that forces you to
>> "pre-arrange" the keys over a secure channel?
>
>Use Infinite One-Time Pad if maximum security is desired.
No, sending the key by IOTP and then using it as a key for IOTP
makes it a ITTP (Infinite Two-Time Snake Pad).
>> > Do you know the algorithms used in Infinite
>> > One-Time Pad?
I know that if the key doesn't have to be at least as long as the
message, and if it's used more than once, it's *NOT* a One-Time Pad.
>> Even the name "Infinite One-Time Pad" sounds like snake oil. Anyone here
>> can tell you that.
>
>"Snake Oil"? this is the default term used if the algorithm of a
>certain crypto
>system is not exposed.
This is also the term *I* use if the name of an encryption algorithm
misrepresents what it is. The "Infinite One-Time Pad" is not
infinite and it's not a one-time pad. If you don't want to be
limited by Shannon, stop calling it a one-time pad. Use a more
reasonable name like "Fred's Ultra Complicated Krypto". Go for a
better claim, like, "it's faster than AES and just as secure" (if,
in fact, it is, which I doubt, but it would take a lot longer for
me to disprove it).
>Do we need the author to expose everything? I
>think the expanation is already enough to see the strength.
You don't "see the strength". A large number of experts fail to
find weaknesses over a period of time. A technique which applies
a random number of ROT-13 operations between 1 and one trillion to
each character of a message is a lot weaker than the one trillion
number makes it appear.
>I'm not trolling, my reasons for believing on the strength of Infinite
>One-Time Pad is justified.
The strength of the *NAME* "Infinite One-Time Pad" may approach
infinite stench.
The strength of encryption isn't primarily based on the length of
time for a brute-force attack. The attempt is usually phrased as
"My penis^H^H^H^H^Hkey is *SO* enormous that ... "
>Sometimes we have to consider other
>possibilities. Fundamental theories are beneficial but do not confine
>yourself with them.
You mean I don't have to bother with laws of gravity when trying
to aim missiles, either? Or worry about pesky limits like 2+2=4?
Vanessa
>
> - Show quoted text -
You're absolutely right. We owe our achievements from people who came
before us and provided thories as our reference. The concept they have
provided must evolve so advancements can be achieved. The author of
the
Infinite One-Time Pad did not claim that Shannon is wrong. He agreed
that
Perfect random key is necessary to attain perfect secrecy in the case
of
"One Time Pad" where the key is directly applied with the plain text.
http://www.hiddentools.com/io-tp/art2.html
The situation now is different. We have powerful computers that can
perform operations at very fast speed. Imagine if you do operations
such as compression, bit operations, transformation algorithms
manually.
It may take you months to decrypt a page of ciphertext. With the aid
of computers, these can be performed in split of second. In the time
of Shannon, this is not possible.
Infinite One-Time Pad utlizes the power of computer making the use of
random key unnecessary. I think this is what is being objected here.
I was also skeptic at first but when I analyzed the encryption flow,
I'm convinced that it is indeed unbreakable.
john
>
> Unfortunately that proves that you know nothing about crypto. You cannot
> "see" the results and deduce anything about crypto. The worst crypto can
> look just as random in output as the best. That is the problem with
> crypto. You cannot judge it by its output, as you can most other
> software. You MUST examine the code in detail, just as your enemy is
> going to do. And if he breaks the code, he will not tell you.
> Ie, judging crypto is completely different from judging most other
> software.
... That's why somebody have already given lightning speed verdict of
being a BS to a software without even giving a fair trial by looking
at exact details - this action usually reflects how they judge a book
by its cover without reading its contents - indeed a disaster to
cryptography ... what a pure bullocks!
>
> You have not scratched anyone's ego, your claws are non-existant. You do
> however threaten to confuse other people.
>
--- I can see no confusion at all basically, better off if people only
open their understanding,.... why, are you being threatened?
Richard Herring
<zenad...@zen.co.uk> writes
>
>First, the use of key modification is not mandated, so it may not be
>used by some people. In practice, most people won't use it.
>Second, if it's not stored on the disk, the modification will be done
>by a human - two humans, in fact - from memory, so it can't be very
>complex, and will in most cases be easily guessable.
>
>It's just like adding an extra key - it might make breaking it harder,
>but it does not make it unbreakable.
Worse, there's no guarantee that the "key modification" produces a
sequence that's random in the first place. Since the original "secret
file" might contain anything, and the modification process might well be
unexpectedly non-random (see Knuth's description of his "super-random"
generator for a classic example) the modification process might amplify
any correlations in the file, to the point where nothing's left but a
simple polyalphabetic cipher.
--
Richard Herring
Vanessa
> > Unfortunately that proves that you know nothing about crypto. You cannot
> > "see" the results and deduce anything about crypto. The worst crypto can
> > look just as random in output as the best. That is the problem with
> > crypto. You cannot judge it by its output, as you can most other
> > software. You MUST examine the code in detail, just as your enemy is
> > going to do. And if he breaks the code, he will not tell you.
> > Ie, judging crypto is completely different from judging most other
> > software.
>
> ... That's why somebody have already given lightning speed verdict of
> being a BS to a software without even giving a fair trial by looking
> at exact details - this action usually reflects how they judge a book
> by its cover without reading its contents - indeed a disaster to
> cryptography ... what a pure bullocks!
>
>
"Knowing the exact details"? The person who gave a verdict of
being a BS to the software does not even know how to use it.
He does not know what he is talking about at the time he issued
his comments. Don't you know that you cannot judge a book by
its cover? So do not call a software a BS if you do not know much
about it.
Vanessa
> In message <4b5f388b$0$2533$da0fe...@news.zen.co.uk>, Peter Fairbrother
> <zenadsl6...@zen.co.uk> writes
>
>
>
> >First, the use of key modification is not mandated, so it may not be
> >used by some people. In practice, most people won't use it.
So the attacker will not have any clue if it is used or not. This
adds
up to his considerations making the ciphertext harder to crack.
> >Second, if it's not stored on the disk, the modification will be done
> >by a human - two humans, in fact - from memory, so it can't be very
> >complex, and will in most cases be easily guessable.
The user is flexible to do what he want. He may keep it on a disk, or
on paper. Not necessarily the exact modification, a simple clue
is enough. Note that key modification can be done not only by
insertion but also by replacement (the user can replace characters).
This will lost the attacker.
>
> >It's just like adding an extra key - it might make breaking it harder,
> >but it does not make it unbreakable.
If it will break in million years, that is as good as unbreakable.
>
> Worse, there's no guarantee that the "key modification" produces a
> sequence that's random in the first place. Since the original "secret
> file" might contain anything, and the modification process might well be
> unexpectedly non-random (see Knuth's description of his "super-random"
> generator for a classic example) the modification process might amplify
> any correlations in the file, to the point where nothing's left but a
> simple polyalphabetic cipher.
>
Even if the modification is not random (say i typed my name then
replace
some characters with my surname), the characters will change after I
type my password. It will undergo irreversible transformation. Why not
try
it so you can see.
Let me give you a simple irreversible transformation. Suppose I have
a
letter "A" which is equal to "065" in decimal. Now I will add the
digets
to get 011. This is now transformed to a different character and
there's
no way to get the original since there are so many possibilities. It
could be 092, 083, 074, 065, 074, 083, 092, 191, 182, 173 and so on.
Can you still see a pattern or at least a clue on the transformed key?
Even if you know the operation (addition) and know the resulting key,
you cannot get the original key. I believe the author of the
Infinite One-Time Pad did more complex transformation algorithms
than this.
> --
> Richard Herring
Richard Herring
<8585156a-3e2e-44ee...@m25g2000yqc.googlegroups.com>,
Vanessa <vanessa...@yahoo.com> writes
>> Worse, there's no guarantee that the "key modification" produces a
>> sequence that's random in the first place. Since the original "secret
>> file" might contain anything, and the modification process might well be
>> unexpectedly non-random (see Knuth's description of his "super-random"
>> generator for a classic example) the modification process might amplify
>> any correlations in the file, to the point where nothing's left but a
>> simple polyalphabetic cipher.
>>
>
>Even if the modification is not random (say i typed my name then
>replace
>some characters with my surname), the characters will change after I
>type my password. It will undergo irreversible transformation. Why not
>try
>it so you can see.
Whether it's an "irreversible transformation" is irrelevant. What
matters is whether the resulting key stream is a random sequence. If it
isn't, you can extract information about the plaintext *without knowing
the key*.
--
Richard Herring
Vanessa
> >> >> The point here is key distribution: if you need to send your encrypted
> >> >> file to someone you need to also send the "secret file". At this point,
> >> >> is not secret anymore.
>
> >> > There is no problem sending the "Secret File". It can be pre-arranged.
>
> That doesn't work for all situations. It would if you can send a
> monthly DVD of random data by diplomatic courier. It might not if
> you can only communicate by radio, and have to keep the transmissions
> short to avoid radio detection trucks from locating you. During a
> war, most prisoners of war who were also conducting sabotage weren't
> able to return to London for a conference (and picking up crypto
> keys) overnight without the Nazis noticing, because they have smarter
> guards than Sgt. Schultz and Col. Klink.
>
> How strong is the encryption if the only shared key you can use is
> what you can write on two 1-inch by 1-inch Post-it notes in 2 minutes
> - you keep one copy and pass the other to him in a detention center,
> hoping you'll be released later, and hopefully the two copies are
> the same.
A secret file can be used multiple times as long as different password
and key modification is used.
Unfortunately, Infinite One-Time Pad is not applicable if you are
detained since you may not be given access to a computer nor
be able to install the software.
>
> >> > It could be that the file is already with him.
>
> >> That is exactly the problem! If you have one algorithm, where Bob can
> >> send the public key in the clear to Alice and keep the private key
> >> private, and receive an encrypted file from Alice that only he can
> >> decrypt, why should you use a worse algorithm that forces you to
> >> "pre-arrange" the keys over a secure channel?
>
> >Use Infinite One-Time Pad if maximum security is desired.
>
> No, sending the key by IOTP and then using it as a key for IOTP
> makes it a ITTP (Infinite Two-Time Snake Pad).
>
> >> > Do you know the algorithms used in Infinite
> >> > One-Time Pad?
>
> I know that if the key doesn't have to be at least as long as the
> message, and if it's used more than once, it's *NOT* a One-Time Pad.
According to the author, Infinite One-Time Pad is a modern
implementation of OTP. It is tailored to today's technology so
don't expect it to be exactly the same.
>
> >> Even the name "Infinite One-Time Pad" sounds like snake oil. Anyone here
> >> can tell you that.
>
> >"Snake Oil"? this is the default term used if the algorithm of a
> >certain crypto
> >system is not exposed.
>
> This is also the term *I* use if the name of an encryption algorithm
> misrepresents what it is. The "Infinite One-Time Pad" is not
> infinite and it's not a one-time pad. If you don't want to be
> limited by Shannon, stop calling it a one-time pad. Use a more
> reasonable name like "Fred's Ultra Complicated Krypto". Go for a
> better claim, like, "it's faster than AES and just as secure" (if,
> in fact, it is, which I doubt, but it would take a lot longer for
> me to disprove it).
>
If you want it to function just like the true One-Time Pad, do this...
With your eyes blindfolded, type on your keyboard using one finger
until the length of the key is reached then use that key.
> >Do we need the author to expose everything? I
> >think the expanation is already enough to see the strength.
>
> You don't "see the strength". A large number of experts fail to
> find weaknesses over a period of time. A technique which applies
> a random number of ROT-13 operations between 1 and one trillion to
> each character of a message is a lot weaker than the one trillion
> number makes it appear.
You're right but it is unfair to call it a BS if it is not proven.
>
> >I'm not trolling, my reasons for believing on the strength of Infinite
> >One-Time Pad is justified.
>
> The strength of the *NAME* "Infinite One-Time Pad" may approach
> infinite stench.
>
> The strength of encryption isn't primarily based on the length of
> time for a brute-force attack. The attempt is usually phrased as
> "My penis^H^H^H^H^Hkey is *SO* enormous that ... "
>
You are right if the ciphertext leaks information.
> >Sometimes we have to consider other
> >possibilities. Fundamental theories are beneficial but do not confine
> >yourself with them.
>
> You mean I don't have to bother with laws of gravity when trying
> to aim missiles, either? Or worry about pesky limits like 2+2=4?
What I mean is be open for changes. Do not close your mind.
Don't behave like an elephant. They use strong ropes to control
an elephant when it is still young. It will resist at first putting
all
his strength until it gives up. When it is aready an adult, a thin
rope can be used to control it and it will no longer resist because
it has already been planted on his mind that no matter how hard
he tries, he cannot break the rope.
Vanessa
> In message
> Vanessa <vanessavertu...@yahoo.com> writes
As the author said, random key is necessary in the case of the True
One-Time Pad because the key is directly applied with the text. In the
case of the Infinite One-Time Pad where the plain text is compressed
and then transformed several times this is not necessary anymore.
Once the key is used, the transformed text is no longer visible.
How can you deduce information about the plain text then?
> --
> Richard Herring
Paulo Marques
> On Jan 27, 2:52 am, Paulo Marques <pmarq...@grupopie.com> wrote:
>> vanessavertu...@yahoo.com wrote:
>>> On Jan 27, 1:33 am, Paulo Marques <pmarq...@grupopie.com> wrote:
>>>> vanessavertu...@yahoo.com wrote:
>>> [...]
>>
>> PlainText (PT) -> [box of deterministic algorithms] ->
>> transformed text (TT) -> [transform with secret file + password] ->
>> cypher text (CT)
>>
>> Correct?
>
> Correct, but you should know that "Password" is not the only
> protection you can implement.
Any "protection" that doesn't depend on something unknown to the
attacker is pretty much pointless, as the attacker can reproduce it.
So, all the file transformations and key transformations, etc., are
pretty much pointless and just show that whoever designed this product
doesn't understand cryptography at all.
>>[...]
>> So the [box of deterministic algorithms] doesn't help at all. And when I
>> say that it might even make it worse, is because the reverse
>> transformation might fail for some TT's which can be immediately
>> perceived by the attacker as a "wrong password", without even needing to
>> check the actual plaintext.
>
> So now, you've resorted to "Brute Force". Unfortunately, in Infinite
> One-Time Pad, you can use a password of any length.
This is brute force on a _password_. It is not some huge 256 bit key
that would take forever to crack.
Yes, users can select longer passwords, but can not memorize them, so
this is pretty much pointless too. If you make the algorithm extremely
inconvenient for users in order to be secure, no one will use the secure
features.
> Why not download the trial version to see for yourself?
I don't even use windows on my computer, let alone some vendor snake oil
that I don't trust.
> You can even use the whole content of a book if that's what you
> prefer. Let's say that the possible character you can type is 92 and
> the
> length of the password is 16, the total possiblities will be 92 ^ 16.
> Even
> if the fastest computer in the world is used it will take trillions of
> years
> to try them all. How much more if the length is longer?
People don't use purely random permutations of 92 characters. That's
just impossible to memorize. Actual passwords have a lot less entropy. A
64 entropy bits password is already pretty strong and hard to memorize,
let alone a 104 bits.
The point is that people can secure their private keys on an asymmetric
algorithm with a password too. But in this case, the time it takes to
brute force it is increased by the key strengthening algorithm applied
and not by some "each character changes the key file" mambo-jumbo.
That time is easily measured from the actual algorithm and we can be
sure that there are no shortcuts that can reduce that time (at least no
one as found them in decades).
>>[...]
>> That is exactly the problem! If you have one algorithm, where Bob can
>> send the public key in the clear to Alice and keep the private key
>> private, and receive an encrypted file from Alice that only he can
>> decrypt, why should you use a worse algorithm that forces you to
>> "pre-arrange" the keys over a secure channel?
>
> Use Infinite One-Time Pad if maximum security is desired.
Based on what, do you say that?
> If not, then use other algorithms. You can read it here.
> http://www.hiddentools.com/io-tp/art3.html
Snake oil, snake oil. Get it here!
>>[...]
>> Of course I have. In typical key strengthening algorithms you take the
>> user-readable password and re-hash it N times. You can select that N as
>> a trade-off between speed and strength. This way you have a real measure
>> of the strengthening effort.
>>
>> "each character of the password re-encodes the modified key" sounds very
>> weak, because with small passwords you'll just have very few modifications.
>
> It is stated that key has undergone series of transformations after
> extraction from the key file. Transformations due to password are just extras.
If the key file is compromised, then all the transformations are
pointless, because the attacker can do the same transformations. Why
can't you get this?
The only transformations that matter are the transformations that depend
on something the attacker doesn't know: your password. And these are
just as hard to crack as the password.
>>[...]
>> Even the name "Infinite One-Time Pad" sounds like snake oil. Anyone here
>> can tell you that.
>
> "Snake Oil"? this is the default term used if the algorithm of a
> certain crypto system is not exposed.
Please, please, please, read this:
http://www.schneier.com/crypto-gram-9902.html#snakeoil
> Do we need the author to expose everything? I
> think the expanation is already enough to see the strength.
I was assuming that the author had exposed everything. If it hasn't that
is even worse. If you have public algorithms that have undergone an
immense amount of scrutiny by the best minds in the cryptographic world,
and have still came out secure, why will you use a some random, "the
author says it's secure", proprietary, algorithm?
>> Anyway, consider this my last effort to explain this. If you still can't
>> get it, then I'll consider that you're just trolling like john.
>
> I'm not trolling, my reasons for believing on the strength of Infinite
> One-Time Pad is justified. Sometimes we have to consider other
> possibilities.
I think the justification is: "I've encrypted some files using that
product and now I don't want to be told that they can be broken by some
attacker". Seriously, ask yourself what plausible justification you have
to assume that the product is _really_ secure.
> Fundamental theories are beneficial but do not confine
> yourself with them. As John said, this is dangerous to the
> advancement of cryptography. Computer technology is rapidly
> advancing. We should move forward, consider and explore
> posibilities so cryptography will no left behind.
You're again talking to the wrong crowd here. I've been programming
computers for more than 20 years and I know very well the advances of
computer technology. My job depends on it.
But don't forget that the same advances can be used by the attacker too.
The attacker can even have more resources to decrypt the file than you
had to encrypt it.
And cryptography as been advancing pretty well without the need for
snake oil salesmen, thank you.
> "The man who follows the crowd will usually get no further than
> the crowd. The man who walks alone is likely to find himself in
> places no one has ever been." - Alan Ashley - Pitt
What crowd? I don't think this product is crap because others say so. I
think it is crap from my own judgment.
These "crowd" like arguments, like john is using, are not at all
technical and sound like trolling. If you want to prove your point, use
technical arguments please.
The "I'm just a user but I think it is secure" argument is not at all
convincing. If this were a car, this would sound like:
"- that car must be really safe because the manufacturer says so. It
says on the brochure that it uses new composite materials that were
invented by the manufacturer"
"- didn't you read about the crash tests that killed everyone inside the
car at 20mph?"
"- ho, that crash test people are not up to speed in the latest
composite material developments. They are just a crowd that can't think
outside the box."
> You can be the next Shannon.
I wish...
--
Paulo Marques - www.grupopie.com
"Very funny Scotty. Now beam up my clothes."
Richard Herring
<0277d379-6d76-4754...@r19g2000yqb.googlegroups.com>,
Vanessa <vanessa...@yahoo.com> writes
>On Jan 27, 7:46�pm, Richard Herring <junk@[127.0.0.1]> wrote:
>> In message
>> <8585156a-3e2e-44ee-b36e-4fdbbd456...@m25g2000yqc.googlegroups.com>,
>> Vanessa <vanessavertu...@yahoo.com> writes
>>
>> >> Worse, there's no guarantee that the "key modification" produces a
>> >> sequence that's random in the first place. Since the original "secret
>> >> file" might contain anything, and the modification process might well be
>> >> unexpectedly non-random (see Knuth's description of his "super-random"
>> >> generator for a classic example) the modification process might amplify
>> >> any correlations in the file, to the point where nothing's left but a
>> >> simple polyalphabetic cipher.
>>
>> >Even if the modification is not random (say i typed my name then
>> >replace
>> >some characters with my surname), the characters will change after I
>> >type my password. It will undergo irreversible transformation. Why not
>> >try
>> >it so you can see.
>>
>> Whether it's an "irreversible transformation" is irrelevant. What
>> matters is whether the resulting key stream is a random sequence. If it
>> isn't, you can extract information about the plaintext *without knowing
>> the key*.
>>
>
>As the author said, random key is necessary in the case of the True
>One-Time Pad because the key is directly applied with the text.
No, that's not why it's necessary.
--
Richard Herring
Noob
> If you want software that's not a one-time pad but claims to be as good
> as, why not choose a free one? For example, Adacrypt
Hold on a minute.
Are you seriously recommending Adacrypt's snake oil?
Richard Herring
writes
Why not? It's an excellent example of "software that's not a one-time
pad but claims to be as good as", _with all that implies_.
--
Richard Herring
Vanessa
> Vanessa wrote:
> > On Jan 27, 2:52 am, Paulo Marques <pmarq...@grupopie.com> wrote:
> >> vanessavertu...@yahoo.com wrote:
> >>> On Jan 27, 1:33 am, Paulo Marques <pmarq...@grupopie.com> wrote:
> >>>> vanessavertu...@yahoo.com wrote:
> >>> [...]
> >> Let me try to be clearer. The process you described is:
>
> >> PlainText (PT) -> [box of deterministic algorithms] ->
> >> transformed text (TT) -> [transform with secret file + password] ->
> >> cypher text (CT)
>
> >> Correct?
>
> > Correct, but you should know that "Password" is not the only
> > protection you can implement.
>
> Any "protection" that doesn't depend on something unknown to the
> attacker is pretty much pointless, as the attacker can reproduce it.
>
> So, all the file transformations and key transformations, etc., are
> pretty much pointless and just show that whoever designed this product
> doesn't understand cryptography at all.
>
The "Secret Code", "Secret File", "Key Modification", and "Password"
are unknown to the attacker? How can the attacker reproduce them?"
> >>[...]
> >> So the [box of deterministic algorithms] doesn't help at all. And when I
> >> say that it might even make it worse, is because the reverse
> >> transformation might fail for some TT's which can be immediately
> >> perceived by the attacker as a "wrong password", without even needing to
> >> check the actual plaintext.
>
> > So now, you've resorted to "Brute Force". Unfortunately, in Infinite
> > One-Time Pad, you can use a password of any length.
>
> This is brute force on a _password_. It is not some huge 256 bit key
> that would take forever to crack.
>
> Yes, users can select longer passwords, but can not memorize them, so
> this is pretty much pointless too. If you make the algorithm extremely
> inconvenient for users in order to be secure, no one will use the secure
> features.
As I've said, password length in Infinite One-Time Pad is not limited
in length. So my password could be:
"#The quick brown fox jumps over the lazy dog - Vanessa99@"
This is so easy to memorize and yet I have a long password.
Again, it is not necessary that you use extra long password. This
is just an option.
>
> > Why not download the trial version to see for yourself?
>
> I don't even use windows on my computer, let alone some vendor snake oil
> that I don't trust.
>
> > You can even use the whole content of a book if that's what you
> > prefer. Let's say that the possible character you can type is 92 and
> > the
> > length of the password is 16, the total possiblities will be 92 ^ 16.
> > Even
> > if the fastest computer in the world is used it will take trillions of
> > years
> > to try them all. How much more if the length is longer?
>
> People don't use purely random permutations of 92 characters. That's
> just impossible to memorize. Actual passwords have a lot less entropy. A
> 64 entropy bits password is already pretty strong and hard to memorize,
> let alone a 104 bits.
>
> The point is that people can secure their private keys on an asymmetric
> algorithm with a password too. But in this case, the time it takes to
> brute force it is increased by the key strengthening algorithm applied
> and not by some "each character changes the key file" mambo-jumbo.
>
> That time is easily measured from the actual algorithm and we can be
> sure that there are no shortcuts that can reduce that time (at least no
> one as found them in decades).
>
It seems that you only believe on the method you are accustomed to
that's why you call an alien method a "mumbo jumbo". Note that every
keystroke of the password does series of irreversible algorithms to
the
key to strengthen it.
> >>[...]
> >> That is exactly the problem! If you have one algorithm, where Bob can
> >> send the public key in the clear to Alice and keep the private key
> >> private, and receive an encrypted file from Alice that only he can
> >> decrypt, why should you use a worse algorithm that forces you to
> >> "pre-arrange" the keys over a secure channel?
>
> > Use Infinite One-Time Pad if maximum security is desired.
>
> Based on what, do you say that?
>
Because this is the only software that offers multiple protection.
Most cryptosystems are only protected with a "Password". Once
the password is compromised, then the cypertext is cracked. In
Infinite One-Time Pad, the attacker must break all the protections.
> > If not, then use other algorithms. You can read it here.
> >http://www.hiddentools.com/io-tp/art3.html
>
> Snake oil, snake oil. Get it here!
Again, this is a baseless comment. Do you call a product
an snake oil because it doesn't use the algorithm you are
accustomed to. Or because you are alien with the methods
used? Or it doesn't use a true random key?, Or majority
say so.
You must present a concrete evidence. Show the weakness.
Show how to attack the ciphertext. Show how to defeat the
protections used.
If you fail to do this then your judgement is unfair.
>
> >>[...]
> >> Of course I have. In typical key strengthening algorithms you take the
> >> user-readable password and re-hash it N times. You can select that N as
> >> a trade-off between speed and strength. This way you have a real measure
> >> of the strengthening effort.
>
> >> "each character of the password re-encodes the modified key" sounds very
> >> weak, because with small passwords you'll just have very few modifications.
>
> > It is stated that key has undergone series of transformations after
> > extraction from the key file. Transformations due to password are just extras.
>
> If the key file is compromised, then all the transformations are
> pointless, because the attacker can do the same transformations. Why
> can't you get this?
Even if the "Secret File" is compromized if the attacker does not know
the other protections such as "Password", "Secret Key Modification",
and "Secret Code", he will not be able to decrypt the cyphertext.
>
> The only transformations that matter are the transformations that depend
> on something the attacker doesn't know: your password. And these are
> just as hard to crack as the password.
>
Of course. I say again. The "Secret File", "Secret Code", "Password"
and
"Secret Key Modification" are unknown to the attacker. How many times
should I say this?
> >>[...]
> >> Even the name "Infinite One-Time Pad" sounds like snake oil. Anyone here
> >> can tell you that.
>
> > "Snake Oil"? this is the default term used if the algorithm of a
> > certain crypto system is not exposed.
>
> Please, please, please, read this:
>
> http://www.schneier.com/crypto-gram-9902.html#snakeoil
These are just warnings but do not close your mind and
immediately accuse a product as snake oil without concrete
proof.
>
> > Do we need the author to expose everything? I
> > think the expanation is already enough to see the strength.
>
> I was assuming that the author had exposed everything. If it hasn't that
> is even worse. If you have public algorithms that have undergone an
> immense amount of scrutiny by the best minds in the cryptographic world,
> and have still came out secure, why will you use a some random, "the
> author says it's secure", proprietary, algorithm?
>
> >> Anyway, consider this my last effort to explain this. If you still can't
> >> get it, then I'll consider that you're just trolling like john.
>
> > I'm not trolling, my reasons for believing on the strength of Infinite
> > One-Time Pad is justified. Sometimes we have to consider other
> > possibilities.
>
> I think the justification is: "I've encrypted some files using that
> product and now I don't want to be told that they can be broken by some
> attacker". Seriously, ask yourself what plausible justification you have
> to assume that the product is _really_ secure.
>
I've already discussed the encryption process. Do I have to
repeat it again? Analyze it. Count the permutations. Think of
a possible attack. But first, download a copy of the software
so you will know how it works.
> > Fundamental theories are beneficial but do not confine
> > yourself with them. As John said, this is dangerous to the
> > advancement of cryptography. Computer technology is rapidly
> > advancing. We should move forward, consider and explore
> > posibilities so cryptography will no left behind.
>
> You're again talking to the wrong crowd here. I've been programming
> computers for more than 20 years and I know very well the advances of
> computer technology. My job depends on it.
>
> But don't forget that the same advances can be used by the attacker too.
> The attacker can even have more resources to decrypt the file than you
> had to encrypt it.
>
You are correct. Technology has made text manipulation easier and
faster. The attacker can utilize the same. But as long as the
protections
are unknown to the attacker,he won't be able to decrypt the cipher.
Even if the same software is used.
> And cryptography as been advancing pretty well without the need for
> snake oil salesmen, thank you.
>
> > "The man who follows the crowd will usually get no further than
> > the crowd. The man who walks alone is likely to find himself in
> > places no one has ever been." - Alan Ashley - Pitt
>
> What crowd? I don't think this product is crap because others say so. I
> think it is crap from my own judgment.
>
> These "crowd" like arguments, like john is using, are not at all
> technical and sound like trolling. If you want to prove your point, use
> technical arguments please.
>
> The "I'm just a user but I think it is secure" argument is not at all
> convincing. If this were a car, this would sound like:
>
> "- that car must be really safe because the manufacturer says so. It
> says on the brochure that it uses new composite materials that were
> invented by the manufacturer"
>
> "- didn't you read about the crash tests that killed everyone inside the
> car at 20mph?"
>
That's why you need to examine it. Study how to defeat the
protections.
Not just throwing comments like "B*S*", "Snake Oil", etc.
> "- ho, that crash test people are not up to speed in the latest
> composite material developments. They are just a crowd that can't think
> outside the box."
>
> > You can be the next Shannon.
>
> I wish...
>
> --
> Paulo Marques -www.grupopie.com
>
> "Very funny Scotty. Now beam up my clothes."- Hide quoted text -
>
> - Show quoted text -
I think I have to leave this forum now. You may utter anything
you like with the software but make sure to present a concrete
evidence else you are regarding yourself as unfair.
People here are very good in theories. I hope you will grow in your
carrer. The world needs people like you.
Thank you so much for your time.
Paulo Marques
> On Jan 27, 8:59 pm, Paulo Marques <pmarq...@grupopie.com> wrote:
>> So, all the file transformations and key transformations, etc., are
>> pretty much pointless and just show that whoever designed this product
>> doesn't understand cryptography at all.
>
> The "Secret Code", "Secret File", "Key Modification", and "Password"
> are unknown to the attacker? How can the attacker reproduce them?"
You seem to be arguing under the assumption (that many people make, btw)
that if a software author doesn't disclose something about its
internals, then it is "secret".
This is very, very, very far from the truth. If the algorithm is being
used in the software, then it is as good as public. Any decent cracker
can open the software and check the algorithms. It might increase
slightly the work that as to be done, but that's just it, a slight nuisance.
Just watch this video to get an idea of how this works:
http://hexblog.com/decompilation/video/vd1.html
or this video (longer):
http://www.ccso.com/files/hexraysdemo.swf
So, from all of the above, if the attacker steals your laptop and the
secret file is there, the only thing that stands between him and the
plain text is your password.
> People here are very good in theories. I hope you will grow in your
> carrer. The world needs people like you.
> Thank you so much for your time.
You're welcome :)
As long as people are honest about their intentions, and are really
looking to understand how cryptography works, I don't mind using a few
minutes of my time to help out.
--
Paulo Marques - www.grupopie.com
"I used to be indecisive, but now I'm not so sure."
Noob
> "Knowing the exact details"? The person who gave a verdict of
> being a BS to the software does not even know how to use it.
> He does not know what he is talking about at the time he issued
> his comments. Don't you know that you cannot judge a book by
> its cover? So do not call a software a BS if you do not know much
> about it.
Are you done astroturfing yet ???
Bruce Stephens
Well, at least it's free (IIRC). I'd trust it no less than a cracked
version of a commercial product that isn't a OTP but pretends to be.
(But no, "recommending" probably isn't the most accurate term to use.)
john
>
> Whether it's an "irreversible transformation" is irrelevant. What
> matters is whether the resulting key stream is a random sequence. If it
> isn't, you can extract information about the plaintext *without knowing
> the key*.
>
disciple of perfect randomness obscession. You're a legend Shannon!
'fortunately, Shannon didn't setup a his own "religion of perfect
randomness".
Gordon Burditt
>>
>> PlainText (PT) -> [box of deterministic algorithms] ->
>> � transformed text (TT) -> [transform with secret file + password] ->
>> � � cypher text (CT)
>>
>> Correct?
No, not really, he's left out a lot of pieces of the key which also
enter into the computation, although if you change "transform with
secret file + password" to "transform with all the wierd pieces of
the key", I think that's what's intended.
>Correct, but you should know that "Password" is not the only
>protection
>you can implement.
Please generate an IOTP key and post it here. You don't have to
ever *USE* the key. You seem to be desparately avoiding including
the "optional protections" as part of the key, when you should
include them (It makes your argument stronger).
The key includes all of the "optional protections" you may or may
not use (specifically state that you don't use one if that's the
case) if that's required to be known by the recipient in order to
decrypt the message (using the ciphertext, his own downloaded copy
of the program, and the key, and no other shared secret information).
I suggest using all the optional features to show off how jinormous
the key can be.
The attacker is assumed to have captured the ciphertext, have his
own downloaded copy of the program (and he's presumably disassembled
it and figured out the algorithm it uses), and have none of the
parts of the key.
People seem to be jumping on the fact that "optional protections"
are not disclosed when they're really part of the key. Imagine
if the key to decrypt a message was:
The password is "jlj3l5klj4byh9h4eo2ht94yhouhqfo2hiu4y6uihkjvhi2".
Lift the toilet seat, but don't put anything in the toilet.
Use the file /vmunix on your computer concatenated with the
archive of spam emails from 1997.
Turn off the porch light.
Set the television to channel 3, but turn it off.
Don't wipe your nose. Do wipe your left thumb.
Face Northeast.
Shave the left side of your face only.
The launch code is "CPE1704TKS".
The secret holiday is "Barak Obama's Kindergarten Graduation".
The insect of the day is the "Madagascar Pissing Cockroach".
and if you get any one or more of these wrong, the message won't
decrypt properly. That may be a bit less conventional than using
a bit string as a key, but it can work just as well.
john
--- There are loads of rubbish replies in here "btw if a person is
screwed he'll do nothing else than troll, i can't blame him".
You seems to know better vanessa, open their locked mind but be
careful though otherwise they will gonna tell you that you're
insulting them as you're giving advise to the super-intelligent
cryptoanalyzers in the whole wide world as they may think they are.
I'm wasting my time in here now, I got my own cup of tea to look up
to. People in this forum, THANKS FOR YOUR TIME!
Richard Herring
<353e01c1-5dfa-40d6...@m25g2000yqc.googlegroups.com>,
john <penet...@yahoo.com> writes
>
>>
>> Whether it's an "irreversible transformation" is irrelevant. What
>> matters is whether the resulting key stream is a random sequence. If it
>> isn't, you can extract information about the plaintext *without knowing
>> the key*.
>>
>- Shannon really has been so successful to get a "extremely die hard"
>disciple of perfect randomness obscession.
I think the obsession lies elsewhere. Like with anyone claiming that a
(pseudo-) OTP is "the most advanced cryptography software I've ever seen
so far" and "it implements the concept of the true One-Time Pad to
�produce a ciphertext that is unbreakable."
>You're a legend Shannon!
>'fortunately, Shannon didn't setup a his own "religion of perfect
>randomness".
Right. And most serious practical cryptosystems in use today don't claim
to offer perfect secrecy. That's left to the advocates of pseudo-OTP
systems, like you. So I guess if there were such a religion, you'd be a
good candidate for the job of High Priest.
--
Richard Herring
rossum
wrote:
>In message
><353e01c1-5dfa-40d6...@m25g2000yqc.googlegroups.com>,
>john <penet...@yahoo.com> writes
>>
>>>
>>> Whether it's an "irreversible transformation" is irrelevant. What
>>> matters is whether the resulting key stream is a random sequence. If it
>>> isn't, you can extract information about the plaintext *without knowing
>>> the key*.
>>>
>>- Shannon really has been so successful to get a "extremely die hard"
>>disciple of perfect randomness obscession.
>
>I think the obsession lies elsewhere. Like with anyone claiming that a
>(pseudo-) OTP is "the most advanced cryptography software I've ever seen
>so far"
That might actually be true, perhaps the previously "most advanced
cryptography software" he had seen implemented ROT-13. :)
>and "it implements the concept of the true One-Time Pad to
> produce a ciphertext that is unbreakable."
That is of course bullshit. Either it is a One Time Pad, with all the
well known advantages and disadvanteges, or it is not. This software
is not and the fact that its makers insist on calling it OTP indicate
that either they know very little about cryptography or that they are
selling snake oil. That was an inclusive 'or'. This software is to
be avoided. There is plenty of free software that is more trustworthy
than this.
rossum
Vanessa
Before I leave this forum I want to make my points clear to everybody,
Let me discuss again the issue so as the readers will understand why
I believe that Infinite One-Time Pad is unbreakable. I will also
compare
it with the legendary One-Time Pad so you can see the difference.
The legendary One-Time Pad uses perfect random key while Infinite
One-Time Pad does not require perfect randomness. This is the
reason why majority here carelessly gave verdict to the software
as B*S*, Snake Oil, Rubbish, etc.
Let’s examine why the legendary One-Time Pad needs a perfect
random key to make it unbreakable. The strength of the legendary
OTP lies on the key. If the key is not truly random, the ciphertext
could leak information. The information leak is enough for the
cryptanalyst to deduce the plain text. For example, if a word on
the plain text is known (common words like “THE”, “AND”, “FOR”, etc),
the cryptanalyst could play on the key using cryptanalysis
techniques until a known word is revealed. This will give the
cryptanalyst a clue about how the key is generated. If not perfectly
random, say a PRNG is used; the cryptanalyst could try different
seeds until he succeeds. If the key is generated by an algorithm,
the cipher is compromised once the algorithm is known. This is the
problem with the legendary One-Time Pad. Unless the key is truly
random, the ciphertext is just like a piece of puzzle to the attacker.
If part of the plain text is revealed, other parts becomes easier to
deduce. It is clear now why the legendary One-Time Pad requires
the key to be truly random.
Now, let’s examine the Infinite One-Time Pad. Before I proceed,
I just want to note that I will be adding “Questions” for those who
are in doubt about the security because I’m sure many readers
are fanatics of the “Perfect Random Theory”.
Infinite One-Time Pad does not require the key to be truly random.
Let me present how the encryption is done according to my
knowledge of the software based from the author’s article. You may
download a copy of the software at http://www.hiddentools.com so
you can follow the following steps better.
1. When you click the “Encrypt” button. The software compresses
the plain text in memory to eliminate regularities. After compression,
it transforms the compressed text using algorithms. Let’s call this
the “Transformed Text”.
2. You will now have the option to select a file you want to use as
key.
The software extracts the key from this file. The extracted key is
filtered and transformed using series of different irreversible
algorithms.
Let’s call this the “Transformed Key”. (Note: You may type a random
key if you do not want to use a key file. In this case the software
behaves like the legendary One-Time Pad).
3. The software gives you a chance to modify the “Transformed Key”.
You may insert or replace characters at any location you wish.
4. You can now type the password. Each character of the password
re-encodes the transformed key using series of irreversible
algorithms.
This will eliminate regularities hence it doesn’t matter if your key
modification is an English word. Let me show you a very simple
irreversible transformation.
Let say the letter to be transformed is letter “A” which is equivalent
to 65 in decimal. If we add the digits, it becomes 11. Even if we know
the sum and the operation used (addition), we are uncertain about the
original number (65) because there are so many possibilities.
To list them all: 029, 038, 047, 056, 065, 074, 083, 092, 119, 128,
137, 146, 155, 164, 173, 182, 191, 209, 218, 227, 236, and 245.
There are 22 possibilities all in all.
Somebody commented that if the software is reverse engineered and
the algorithms are discovered, the ciphertext will be compromised.
Now you can see that it is not since the algorithms are irreversible.
Knowing the text and the algorithm used does not lead you to the
text prior to transformation. And notice that the key is transformed
using series of different irreversible algorithms more complex than
what I presented here.
The author is aware of this that’s why he said “If a secret algorithm
is used on software, a clever hacker could possibly analyze and
derive the algorithm. Secure encryption software therefore must not
rely on the secrecy of the methods or algorithms used.”
http://www.hiddentools.com/io-tp/art2.html.
Let's continue. After the transformations due to password, let’s
now call the transformed key the “Final Key”.
Note that the final key does not contain information about the key
modification and the password. If you say otherwise, answer
these questions.
QUESTION #1: How can you derive the “Secret Key Modification”?
What particular cryptanalytic attack will you use? How?
QUESTION #2: How can you determine the password?
What particular cryptanalytic attack will you use? How?
5. Finally when you click on “Use Key”, the “Final Key” is applied
to the “Transformed Text” in 1.
Before answering Questions 1 and 2, notice that the “Final Key”
is no longer visible. What you see now is the ciphertext.
This leads to question number 3.
QUESTION #3: How can you determine the “Final Key”?
What particular cryptanalytic attack will you use? How?
QUESTION #4: How can you deduce the “Transformed text” from
the ciphertext? What particular cryptanalytic attack will you use?
How?
I hope my points are clear now. Unless you can provide credible
answers to the questions above, you have no right of accusing
Infinite One-Time Pad as “B*S*, “Snake Oil”, etc.
I hope it is apparent that perfect random key is not necessary in
the case of Infinite One-Time Pad because the “Transformed Text”
does not leak information. This does not nullify Shannon’s
“Perfect Random Key” principle. That is still valid in the case of
the legendary One-Time Pad.
It is important that we understand the underlying reasons. Don’t
just believe and believe because it came from experts, authorities,
books, majority, etc. You must understand the reasons why.
In every rule there is an exemption.
I’m sorry John; I can’t help giving advices again.
If we confine ourselves on Shannon’s theory without thinking why,
we cannot improve the legendary One-Time Pad. Improvement
does not require us to retain all its properties.
Don’t say again “That is not a One-Time Pad therefore that is not
unbreakable”. As John said, this can be compared to “That is not
a helicopter therefore it can’t fly.” You should ask’ “That is not a
helicopter, how can it fly?”
Don’t say again “That doesn’t use a perfect random key therefore
it is insecure”. This can be compared to “That has no propeller
therefore it cannot elevate”. You should ask HOW?
Don’t say again “That is pseudo One-Time Pad therefore it is not
unbreakable, that is Snake Oil, that is a BS, Useless, Pointless,
Rubbish…
To those who are fanatics of the “Perfect Random Key” theory,
it’s time for you to wake up. Do not act like an elephant.
In Shannon’s time the elephant is still young. The elephant has
grown up and now stronger than the rope. It’s time to unlock your
mind and explore possibilities.
We are living in a changing world and evolution does not stop.
We are now in the computer age. Pencil and Paper is over.
I hope you will take this advice. I wish you good luck.