[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: a thought...

To: "'Srdjan Smiljanic'" <junior@EUnet.yu>, cypherpunks@toad.com
Subject: RE: a thought...
From: "Brown, R Ken" <brownrk1@texaco.com>
Date: Wed, 23 Jun 1999 05:43:15 -0500
Sender: owner-cypherpunks@toad.com

Srdjan Smiljanic wrote:

> this may sound as a lame question to some of you,

At least being in the Greenwich time zone I get to reply before some of our
Californian friends get to their screens :-) So I will be politer than some
of them might.

> but what are the
> chances of braking the encrypted message "encrypted" with 
> simple search
> & replace engine set to replace, for example, a with d, v with $,
> anyways with something that I figure out randomly...?

Huge. People have been doing it in their heads for centuries. It is the sort
of thing that "Bill" thinks of as "Cryptography" and it is not at all
secure. 

If the key - that is the rules about what gets substituted for what - is as
long as the message itself then it can't be broken (this is called a
one-time pad). But the problem with this  is that the sender has to send the
key to everyone who needs to read the message and that might be just as hard
to keep secret as the message itself. If the key is shorter than the message
- in the worst case if *every* "a" is replaced with "d", or if there is a
simple rule to work out what "a" is replaced by, then there are well-known
ways to  break cyphers like this.  

Cypherpunks list is not really the best place for talking about this sort of
stuff. The list is more about the political, social and economic effects of
cryptography. No-one will stop you talking about it (that is part of the
point of the list) but some people might be very rude to you if you carry
on. 

For background information look for the Cryptography FAQ or the RSA FAQ or
the PGP FAQ or dozens of other basic texts on the Net. I've got links to
some of these (although some out of date - search engines are better) at
http://www.cix.co.uk/~kbrown/lists/kenslinks.htm#endinginy

Or if you have access to Real Books:

Applied Cryptography,  by Bruce Schneier, explains how modern secure
cryptography works
Codebreakers, by David Kahn, goes into the history of it & shows how to
break your code.
Privacy on the Line, by Whitfield Diffie and Susan Landau [Is that is
Zooko's list?]

> btw, what do you think 'bout rumour of that dreaded PGP backdoor?

The point about PGP is that you can get the source code & compile it
yourself. So if there is a backdoor you can find it. If you know the C
language & a bit about cryptography that is. 

Ken Brown

Follow-Ups:
- _Privacy_on_the_Line_ by Diffie & Landau (was: Re: a thought... )
  - From: John Hackworth <zooko@wildgoose.tandu.com>

Prev by Date: RE: Im talking about the man in the middle
Next by Date: No Subject
Prev by thread: Re: a thought...
Next by thread: _Privacy_on_the_Line_ by Diffie & Landau (was: Re: a thought... )
Index(es):
- Date
- Thread