http://www.msnbc.msn.com/id/17184663/ Is it likely these names will become available? -TD _________________________________________________________________ With tax season right around the corner, make sure to follow these few simple tips. http://articles.moneycentral.msn.com/Taxes/PreparationTips/PreparationTips.a...
On 2/16/07, Tyler Durden <camera_lumina@hotmail.com> wrote:
http://www.msnbc.msn.com/id/17184663/
Is it likely these names will become available?
don't know about all 31 individuals, but a nice list and detail here: http://cryptome.org/lady-eyeball.htm
Here is the Italian arrest warrant which names names: http://www.statewatch.org/cia/documents/milan-tribunal-3-us-citizens-sought .pdf
OK, I -think- this is obvious, but I'm not 100% certain. Is it possible to verify that a remote random number generator is actually random? Consider this scenario: A group wishes to meet at a location chosen randomly from a list of possible locations. They don't want anyone, in the group or out, to know for certain where the meeting will be held. Now of course they could simply gather together in one location and roll a die (for instance) and go to that location. BUt what if they could roll the die on the internet, say. Any announcement r ostensible video could be faked. BUT, are there protocols that allow remote viewers/users of the random process to be sure (or reasonably sure) that a remote process is actually random? Actually, this may not be imppossible, particularly with TOR, but rather than take a stab in the dark I'm interested in seeing what's already known about this. Not, of course, that I'm planning any meetings in tthe near future. Call it purely an academic interest. -TD _________________________________________________________________ Play Flexicon: the crossword game that feeds your brain. PLAY now for FREE. http://zone.msn.com/en/flexicon/default.htm?icid=flexicon_hmtagline
Hi, --- Tyler Durden <camera_lumina@hotmail.com> wrote:
Is it possible to verify that a remote random number generator is actually random?
Are you asking if the remote random number is authentic? That would make it similar to a key exchange over an insecure channel and asking: are the keys exchanged authentic & untampered? In classical cryptography, there is no way of doing a secure key exchange without a pre-shared secret.
Actually, this may not be impossible, particularly with TOR, but rather than take a stab in the dark I'm interested in seeing what's already known about this.
Tor uses onion routing but eventually you will need a pre-shared secret with the PRNG server, to ensure that the number you receive is authentic. Sarad. ____________________________________________________________________________________ Do you Yahoo!? Everyone is raving about the all-new Yahoo! Mail beta. http://new.mail.yahoo.com
Everybody commits to a value (e.g. broadcasts the SHA1 hash of a large random value); everybody reveals their values (and checks that they match everybody else's commitments); now add all the values modulo whatever your number of choices is, and you have a shared verifiably random number. Now, there is one way to cheat this, which is to copy someone else's commitment (even without yet knowing their value) and then copy their value when it is revealed, thereby possibly forcing the choice to be even or whatever. So everyone should also check that all the commitments are different. Hal
Oh yeah...that's nice and simple. 'Obvious', I guess. it has the nice feature too of being relatively subversion-proof, insofar as someone (or even many people) penetrating the group can not really influence the outcome. Meanwhile, there's no real external routine to trust (ie, you can check what everyone else promised and what their secret value was and what the modulo-math should be). So it's all verifiable without a 'higher authority'. Nice. Do such applications actually exist? -TD
From: "Hal Finney" <hal.finney@gmail.com> To: "Tyler Durden" <camera_lumina@hotmail.com> CC: cypherpunks@jfet.org Subject: Re: Confirming Random numbers? Date: Mon, 19 Feb 2007 09:01:21 -0800
Everybody commits to a value (e.g. broadcasts the SHA1 hash of a large random value); everybody reveals their values (and checks that they match everybody else's commitments); now add all the values modulo whatever your number of choices is, and you have a shared verifiably random number.
Now, there is one way to cheat this, which is to copy someone else's commitment (even without yet knowing their value) and then copy their value when it is revealed, thereby possibly forcing the choice to be even or whatever. So everyone should also check that all the commitments are different.
Hal
_________________________________________________________________ Refi Now: Rates near 39yr lows! $430,000 Mortgage for $1,399/mo - Calculate new payment http://www.lowermybills.com/lre/index.jsp?sourceid=lmb-9632-17727&moid=7581
On 2/19/07, Tyler Durden <camera_lumina@hotmail.com> wrote:
... Is it possible to verify that a remote random number generator is actually random?
remote or not doesn't add much to the difficulty of the question: "is it _truly_ random?" lots of statistical tests to confirm that a given distribution of bits IS NOT, but nothing to prove IT IS. and by IS NOT, i mean sufficiently improbable to be random, thus considered not random. even a true hw rng could throw all bits set given enough chances. it's easy for a remote peer to fool such statistical tests: check the output of AES-CBC keyed with all zeros. there is almost no actual entropy (in the keys) yet the output appears to be random, and you would (in theory) not be able to distinguish without the key used. if you look at the various hw rng daemons they often to some FIPS sanity checks on the input but leave it at that. the idea is that failed hardware will start producing FIPS failures and can be detected.
participants (5)
-
coderman
-
Hal Finney
-
John Young
-
Sarad AV
-
Tyler Durden