[FoRK] crypto

Ken Meltsner meltsner at alum.mit.edu
Wed Sep 25 22:23:05 PDT 2019


Agreed.  There's a huge gap between possible attacks or
vulnerabilities, and "let's throw this away."  I mean, there's a
practical way to create master keys given a couple of keys for locks
that share the same master key (and locksmiths had a more
time-consuming method for decades, I believe), but people didn't run
out and re-key (or install electronic locks on) all of their doors.

And yes, finding even one public key that could be factored is
unlikely; with 1024 or 2048 bit keys, it sounds like it would also
still take a long time or special hardware to even get that one
unlikely event.

Finally: That was an editing error where I screwed up the public key
algorithm order of invention -- yes, it should be knapsack,
factorization, ECC.  That'll teach me to write complicated emails on a
phone.

Ken "Has the margarita worn off yet?"  Meltsner



Ken

On Wed, Sep 25, 2019 at 10:04 PM Stephen D. Williams <sdw at lig.net> wrote:
>
> At the ANA Avatar XPRIZE teams meeting / AI for Good conference (where he was probably from) in Geneva, there was a guy who had a
> 'revolutionary' 'quantum computing' method.  He claimed to have it running on his laptop, saying his simulation of the quantum
> computing process for finding keys, implemented using machine learning (!), performed the same as running the quantum key search
> algorithm.  That was a long lunch conversation.  I had to resist the urge to warn people away from him later.
>
> On 9/20/19 4:36 PM, Ken Meltsner wrote:
> > He lost me when he said on the video that the math for public/private
> > keys hasn't changed since the 1970s.  One of the methods hasn't --
> > factoring -- but the first one chosen was dropped  (knapsack problem
> > IIRC).  The crypto community discovered that the second problem could
> > be solved relatively quickly, and so it was abandoned.  Factoring is
> > still used because as far as anyone knows, it's still hard.  He's
>
> Elliptic curve is the newer (newest?) one.
>
>
> > making an extraordinary claim: factoring is not hard because they have
> > a magic algorithm for predicting primes.
> >
> > [1] https://nrich.maths.org/2199 for example.
> >
> > Here's the real challenge.  Take a well-known public key, e.g. the one
> > on the certificate for mail.google.com.  It's only 256 bits (just
> > checked) and so, in theory, if their success in factoring is general
> > (and not the result of a carefully chosen composite value), they
> > should be able to factor it and generate the private key.  Even if
> > they have a slightly successful method -- of the public keys from a
> > thousand or so of the top web sites, 1% of the private keys can be
> > generated -- I'd count that as a significant step forward (and a scary
> > one).
>
> Big if.
>
> New crypto (and crypto related math) developments would be cool, but I don't have fun when friends or friends of friends or whoever
> I run into have a 'new, more secure encryption technology'.  All the amateurish concepts and beginner mistakes, not vetted by
> anybody, are tiresome.  I can usually see that and I may be on either side of a DK line on crypto.  Even if someone created a new
> better crypto, it would be difficult to vet that.  Breaking crypto is easier to test, but there are still pitfalls.  Here, perhaps
> they tested pre-selected keys that happened (or were engineered) to use primes within a certain zone.
>
> I find it more interesting to think and work on using crypto and related security features with various characteristics rather than
> creating new fundamental elements.
>
>
> > Ken
>
>
> Stephen
>
> >
> >
> > On Fri, Sep 20, 2019 at 4:21 PM Gregory Alan Bolcer <greg at bolcer.org> wrote:
> >> Thank you!
> >>
> >> On 9/20/2019 4:17 PM, Gary Stock wrote:
> >>> Schneier ramped up last week:
> >>>
> >>>      "Crown Sterling is complete and utter snake oil."
> >>>
> >>>      https://www.schneier.com/blog/archives/2019/09/the_doghouse_cr_1.html
> >>>
> >>> ...and doubled down today:
> >>>
> >>>      "Is anyone taking this company seriously anymore?"
> >>>
> >>>      https://www.schneier.com/blog/archives/2019/09/crown_sterling_.html
> >>>
> >>> Both comment threads are chock full of brutal "assessing" ;-)
> >>>
> >>> GS
> >>>
> >>> -----------------------------------------------------------
> >>> Gary Stock
> >>>
> >>> 269.720.7393
> >>>
> >>>
> >>>      gstock at nexcerpt.com
> >>>
> >>>
> >>> On Fri, Sep 20, 2019 at 7:05 PM Gregory Alan Bolcer <greg at bolcer.org> wrote:
> >>>
> >>>> Need some help assessing....
> >>>>
> >>>> Greg
> >>>>
> >>>>
> >>>>
> >>>> https://finance.yahoo.com/news/crown-sterling-decrypts-rsa-asymmetric-130000324.html
> >>>>
> >>>> NEWPORT BEACH, Calif.--(BUSINESS WIRE)--
> >>>>
> >>>> Crown Sterling Also Announces Completion of New White Paper: “Novel
> >>>> Geometric Methods for Semiprime Factorization”
> >>>>
> >>>> Crown Sterling, an emerging digital cryptography firm, today announced
> >>>> that yesterday at approximately 5:15 p.m. Pacific Time, the company
> >>>> conducted a live demonstration and decrypted two RSA asymmetric public
> >>>> keys at a public gathering at Pelican Hill Resort in Newport Beach,
> >>>> California. Crown Sterling hosted the event with 100+ academics and
> >>>> business professionals in attendance, where Crown Sterling Computer
> >>>> Scientists decrypted two 256-bit asymmetric public keys in approximately
> >>>> 50 seconds from a standard laptop computer. Crown Sterling also
> >>>> announced the consistent decryption of 512-bit asymmetric public key in
> >>>> as little as five hours also using standard computing. The video of the
> >>>> decryption demonstration can be found here:
> >>>> https://www.youtube.com/watch?v=uEVJrQEVd0I&t=5s.
> >>>>
> >>>> Crown Sterling also announced the completion of a new white paper to be
> >>>> submitted for peer review, “Novel Geometric Methods for Semiprime
> >>>> Factorization,” co-authored by Robert Edward Grant, Co-Founder and CEO,
> >>>> Crown Sterling, and Talal Ghannam PhD., Physicist and Number Theorist.
> >>>> The paper includes four different geometric and arithmetic methods for
> >>>> public key (semiprime) factorization and one of the methods titled, “The
> >>>> Reciprocal Factoring Method” includes an analysis of reciprocal values
> >>>> of public keys and their embedded private keys (prime factors) found
> >>>> within their period decimal extensions.
> >>>>
> >>>> “Today’s decryptions demonstrate the vulnerabilities associated with the
> >>>> current encryption paradigm,” said Grant. “We have clearly demonstrated
> >>>> the problem which also extends to larger keys.”
> >>>>
> >>>> In March of 2019, Grant identified the first Infinite Prime Number
> >>>> prediction pattern where the discovery was published on www.arXiv.org
> >>>> titled: “Accurate and Infinite Prime Number Prediction from Novel
> >>>> Quasi-Prime Analytical Methodology.” The paper was also co-authored by
> >>>> Ghannam.
> >>>>
> >>>> ABOUT CROWN STERLING
> >>>>
> >>>> Crown Sterling is an emerging digital cryptography firm based in Newport
> >>>> Beach, California. For more information on Crown Sterling, please visit
> >>>> www.crownsterling.io.
> >>>>
> >>>> View source version on businesswire.com:
> >>>> https://www.businesswire.com/news/home/20190920005182/en/
> >>>>
> >>>> --
> >>>> greg at bolcer.org, http://bolcer.org, c: +1.714.928.5476
> >>>>
> >>>>
> >>>>
> >>>> --
> >>>> After 30+ years of email, I have used up my supply of clever .sig material.
>
> --
>
>
> *Stephen D. Williams*
> Founder: Yebo, VolksDroid, Blue Scholar
> 650-450-8649 <tel:650-450-8649> | fax:703-995-0407 <fax:> | sdw at lg.net <mailto:sdw at lig.net> | https://HelloYebo.com |
> https://VolksDroid.org | https://BlueScholar.com | https://sdw.st/in
>
> _______________________________________________
> FoRK mailing list
> http://xent.com/mailman/listinfo/fork



--
After 30+ years of email, I have used up my supply of clever .sig material.



More information about the FoRK mailing list