|
 Lallafa
p_g monocle
Registered: 04/13/01
Posts: 2,598
Loc: underbelly
|
 Re: proof of police on the net!!!!  [Re: trendal]
#617297 - 04/24/02 11:23 AM (21 years, 5 months ago) |
|
|
everytime i come around your city
--------------------
my tax dollars going to more hits of acid for charles manson
Edited by Lallafa (04/16/05 08:30 PM)
|
 Krendle
veteran
Registered: 11/11/00
Posts: 1,166
Last seen: 21 years, 3 months
|
Re: proof of police on the net!!!! [Re: informer]
#617311 - 04/24/02 11:44 AM (21 years, 5 months ago) |
|
|
Moving to Security...
--------------------
First person to PM me with a truly witty sig gets to see their words at the bottom of my posts 
|
trendal
J♠
Registered: 04/17/01
Posts: 20,815
Loc: Ontario, Canada
|
Re: proof of police on the net!!!! [Re: Lallafa]
#617347 - 04/24/02 12:31 PM (21 years, 5 months ago) |
|
|
The enigma is different, as it was a mechanical device based on mathematical concepts. Modern-day computer cryptography is entirely done with math, and the math behind it (elliptic curves) has no known weaknesses.
The enigma did have a weakness: humans. The enigma was broken because the mathematicians realized that humans are predictable, and that they could predict certain keys for the enigma because the german operartors were being lazy when they set the keys for the day.
--------------------
Once, men turned their thinking over to machines in the hope that this would set them free.
But that only permitted other men with machines to enslave them.
|
3DSHROOM
loon
Registered: 04/19/99
Posts: 2,878
Last seen: 10 years, 7 months
|
Re: proof of police on the net!!!! [Re: trendal]
#617621 - 04/24/02 05:32 PM (21 years, 5 months ago) |
|
|
Didn't PGP have a security hole not too long ago?
/me dreams of owning a quantum computer so he could crack anything.
--------------------
Your friendly neighborhood loon
Edited by 3DSHROOM (04/24/02 05:34 PM)
|
trendal
J♠
Registered: 04/17/01
Posts: 20,815
Loc: Ontario, Canada
|
Re: proof of police on the net!!!! [Re: 3DSHROOM]
#617835 - 04/24/02 10:25 PM (21 years, 5 months ago) |
|
|
"Didn't PGP have a security hole not too long ago?"
Yes and no. There was a security hole in the code, that comes down to human error. The math behind the encryption is still unbreakable.
(for anyone who isn't familiar with PGP...)
PGP encryption is a type of "public-key cryptography", meaning that when you generate a "key pair" for your use, you create two separate (but mathematically linked) keys. The first is your "public key" which you freely give out to anyone who wants to send you encrypted data. A person would use your public key to encrypt what they want to send to you. Once something is encrypted with your public key, the only way to decrypt is is to use the second key you created: your "private key". The public and private keys are mathematicall linked (that's the complex part :P) but it is virtually impossible to retrieve your private key by looking at your public key.
Ok, that being said: the security flaw. The PGP software allows you to add other private keys, called "additional decryption key", to your public key. The idea is that a buisiness could have their employees add a management's ADK to their public keys, so that the management could decrypt something sent to their employees. Seems simple enough, but there's a problem (although far-fetched).
The situation: Mark has a key pair (public/private). He gives his public key to John so that John can send Mark encrypted data. If I can get ahold of Mark's public key, I could modify it and add my own ADK to it, making it possible for me to decrypt something meant for Mark. The hard part is that I now have to somehow get my modified version of Mark's public key into the hands of John without either of them knowing what I've done. If I can do that...then I still have to intercept whatever John is sending Mark. If I can do all that, I can decrypt what is being sent to Mark.
So yeah. There was a security flaw, but it's a little far fetched. The encryption is still flawless, but I can sneak into the conversation if I'm good enough. Of course, none of this applies to someone who is encrypting something for personal use only (meaning they haven't given anyone their public key, so I have no way of getting it).
If you want to read about the flaw, I think the link is http://senderek.de/security/key-experiments.html
--------------------
Once, men turned their thinking over to machines in the hope that this would set them free.
But that only permitted other men with machines to enslave them.
Edited by trendal (04/24/02 10:29 PM)
|
djfrog
omgws!!!1!
Registered: 10/22/00
Posts: 3,710
|
Re: proof of police on the net!!!! [Re: trendal]
#618683 - 04/25/02 06:46 PM (21 years, 5 months ago) |
|
|
I never thought of doing that. If the police had cooperation from an ISP, they could filter for any key you download and do the switch on you.
...
thilfy pigs
...
But an ever bigger issue is how the user manages their keys. For a long time a certain person w/ website had kept a public key on his website after the police had seized his computer and had a chance to grab his private key. I won't name names but it was a spore supplier.
...
*puts on a fugazi CD
|
|
Threaded
Previous
Index
Next
Buy Kratom Extract, Kratom Powder For Sale 
Unfolding Nature: Being in the Implicate Order 
Substrate Bags
Edit 
Reply 
1 2 all )
Jackal
Barakanaten
Ellis Dee
asd11
OJK
Le_Canard
Simisu