Posted on 12/10/2015 7:36:28 PM PST by dayglored
This just in...
Congress passes new law prohibiting the sea from reaching the beach.
Severe penalties and fines will be handed down for any infraction!
In a contest between mathematics and the fools in government I’ll bet on mathematics...lol
As if they could.
Serious crypto needs will be met with one-time pads that are unbreakable by anyone.
Use a Raspberry Pi to surf the web anonymously.
And keep it in your pocket when you leave :-)
Keep your keys only in your head.
Use encryption with plausible deniability features.
The Raspberry model 2 is the size of a credit card and the Pi Zero is about the size of a stick of gum.
You mean they can’t outlaw math? Who knew?
All this means is that anyone that cares, like terrorists, will go to the trouble to use open-source uncrackable (like in the lifetime of the universe uncrackable) crypto.
Everyone else will use what’s convenient, the commercial, pierceable products. Inevitably, there’ll be a breach (OPM, we’re looking at you!) and regular people will be harmed.
Can someone explain to these Solons that all of web commerce is moving to TLS (https:) and everyone’s banking, healthcare, e-commerce (anyone ever hear of Amazon?) data security is about to be weakened for no good reason other than their being able to say “Hey, We Did Something!”
One-time pad is extremely simple and also provable to be mathematically secure against any brute force attack.
A universe full of quantum computers is no match for one-time-pad.
It does however re-introduce the key-exchange problem.
And the key is also at least as long as the message itself...
It requires a true random number source.... but this is easy using something like diode noise.
The old German Enigma was actually a type of one-time-pad ... but it had a horribly flawed mechanical random number generator. (and some doofus thought it a great idea to make it so no letter could ever be encrypted as itself i.e. A = A ... lol)
This is the RC4 crypto program in 3 lines of perl
#!/usr/bin/perl -p INIT{sub Q{$s[($_[0]+=$_[1])%=256]}sub S{@s[$y,$x++]=@s[$x,$y]}@k=pop =~/../g;S$y=map{S Q$y,$_+hex$k[$x%@k]}@s=0..255}s/\C/$&^chr Q S Q$y,Q$x/eg
Back in the bad old days the feral jackboots in the commerce department officially declared the 3 lines of perl above as an ITAR classified munition that could not be exported from the United States without a valid export license.
The government is full of really, really stupid people. To any jackboots reading this, yes, that means you too.
Mathematics is not purely an American property that can be controlled by legislative fiat.
Software already exists that is absolutely safe from government until someone is able to prove that P/=nP
We have a wide assortment of algorithms to choose from. Blowfish, Twofish, Idea, CAST, 3DES, AES, various ECCs. Hell, with a couple of smoke detectors, a geiger counter and a Rasberry Pi, you can make a random number generator that will feed an absolutely unbreakable one time pad.
The genie is out of the bottle and was last seen sailing away on a Clipper ship.
That we actually have people at her level of government that think this is not only a good idea, but is even possible is an indication of how far we've fallen as a republic, and how truly stupid far too many of our elected representatives are.
Of course. Utterly shameless using “its for the children” (yet again) to justify the most fascist of moves.
There's an easier way, assuming one initialization.
Regularly exchanging secret keys is risky; that's the whole point of public-key encryption. One-time pads should never have to be exchanged, but rather they should be independently derived at each end.
A good one-time pad (like your suggestion of diode noise) can be derived from a commercial live broadcast which is available to both the sending and receiving parties. For example (this is a very weak way to use it, for explanation purposes only):
The idea is to derive the key from something agreed-upon in one initialization, and which never has to be exchanged again. Subsequent broadcast times, stations, etc. can be encoded into messages, or perhaps posted in an innocuous third-party forum.
Good points.
What is nice is that the low price of thumb drives means that a random number sequence of many billions of bytes is easily placed on two thumb drives for near zero cost.
They would provide a lifetime of absolutely protected secure text exchanges.
And so long as the used bytes are securely wiped there is ZERO chance of the messages being decrypted.
Not only is the term public safety not a constitutional term, public safety therefore a 10th Amendment-protected state power issue, but this is why Trump wants Mexico to build a tall border wall.
Low-information Senator Feinstein is an excellent example why the ill-conceived 17th Amendment should never have been ratified.
she is probably fishing for a shakedown. Or maybe the NSA has her on a stick...
We shouldn't talk in absolutes, but I take your point. This is someone with zero technical comprehension spouting off at the mouth. However, if the government wanted to inject the NSA with billions of dollars in funding, they could theoretically find a way to break encryption using quantum computing, but as we've seen, the market moves as fast or faster than the government, so it would be just a matter of time before stronger encryption was available that they couldn't break, if they could figure out how to.
What's wrong with this picture - it obviously has to be decrypted to clear teat/communications for a perv to be "talking to children" with it....
So yes, I sympathize with law enforcement's plight. I certainly want them to be successful and stop or reduce the effectiveness of terrorism. However, there were some very good reasons the Founding Fathers put these fundamental protections in place. Protections designed to protect us from our government. Lets think long and hard before we allow anyone to take those protections away.
Meanwhile, as Android open-source users I think we had better consider what open source encryption alternatives we have out there. Encryption algorithms and implementations that are provably cryptographically strong. Sorry Apple and Windows phone users, I wouldn't trust any crypto solutions provided by these companies (Google either for Android). Far too easy for the fascist wannabes in government to put quiet pressure on the companies to implement back-doors in their cryptography. I'm already adding cryptography to my Linux based computer at home. I'm lucky, I'm a software guy. I can read the open source algorithm descriptions etc. and build my own from the mathematical basis - no worries of hidden back doors. Not because I have anything to hide (the government already knows just about everything there is to know about me) but because I simply choose not to share. Don't tread on me.
“Homeland” is more concerned with targeting conservative Americans... (Hillary’s REAL enemies) than targeting radical Muslims.
It’s time for Americans to fight the machine before it crushes us... they don’t need more ‘tools’ they need to stop standing with evil...
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.