Quality Time, Sweetheart: Some Principles on Dangerous Crypto
- Underkill or overkill: which is more secure? Quality time, sweetheart. - Cryptographic security rests on time. This is why the strength of a cipher is measured in "polynomial time" or "exponential time." Quality time, sweetheart. - Quantum time is a theory at this point. It is a lame conjecture. Do not trust theories and conjectures. Trust quality time. - Obscurity is a time buffer. Until the obscure is unobscured, time is working effortlessly against the effort of attack. (!blasphemy!) - Ciphertext, keys, and digests are like toothpase: whiten, whiten, whiten. Use separate whitening vectors for all. - Industry standard crypto is always insufficient for dangerous messages. There must be a time-to-generate bottleneck. - One-time pad injects a time bottleneck approaching functional infinity. - Industry standard crypto gets bugged and broken regularly. Using it can produce a secure, self-signed death warrant. - The longer a decipherment key takes to generate the more secure the ciphertext will be. (time-to-generate delay) - The longer the bottleneck the longer it takes for your adversary to drink your beer. - The longer the bottleneck the less of your bit-booze the enemy can drink. - The hassle of exchanging one-time pads is much less than the hassle of digitally signing your own death warrant. - With random one-time pads you run zero risk of secretly borked crypto algorithms. - If doubt is bad, use the one-time pad. Otherwise, bottleneck, bottleneck, whiten, whiten, obscure, obscure. - If it has not been 100% proven secure, why would you assume it is secure? - The prophetess of Delphi is not your human shield. Standard assumptions in the oracle don't stop bullets. - When borked 'standard crypto assumptions' buy you a ticket to the gangplank will the academic researchers be there to sell you shark repellant? - Just because you don't know that anyone has broken a cryptography scheme, does not mean it hasn't been broken. - Why would your adversary publish the fact that he has broken your cryptography? - Rather it may mean your adversary is practicing security through obscurity, which has won many battles. (!blasphemy!) - When you are using anything besides OTP then time is your only friend. Your scheme must tack on the time. - Security through obscurity worked for dozens of historical military commanders (who were not sitting in ivory towers.) - If security through obscurity is always bad then why do trade secrets generate billions in profits? - If security through obscurity is always bad then why do armies and governments use it every day? - What was said about casting pearls before pigs? - The more obscure your means of communication, the more time your adversary must invest to uncover it. - An exponential increase in required key attack time is often an exponential increase in safety, if your scheme is secure. - University cryptographers are smart. But who signs their paychecks? Is it the same Sam who signs NSA paychecks? - Does the academic who pumps a certain unobscure cryptosystem have a life insurance policy on you? Is your cryptography advisor invested in noose stocks? - Will the pumpers of a certain cryptosystem support your family when you are doxed or dead or disappeared? - Provable security of a dangerous cryptosystem does not make it safe or secure. It must also be deeply obscured from view. - Web site crypto keys are vouched for by state-licensed actors. Need we say more? Dangerous crypto should also be obscured by quality time. - Generally the more time you take to secure your communications the more time your adversary needs to attack. - Why settle for 2 ^ 256 when 2 ^ 256 million is a clear winner? - Why settle for one algorithm when you can cascade many? - Envelope Superencryption of many algorithms is not necessarily limited to strength of its weakest algorithm. (!blasphemy!) - Basket encryption and stacking pancakes: If 16 superencryptions are used with 16 different algorithms then the attacker must spend time to correctly guess each algorithm in the correct order with the correct keys or breaks. 16 pow 16 = 18446744073709551616 combinations, before we've even addressed possible keys. If your basket of available algorithms is larger than 16, this time injection can get unwieldy for attackers, even if the attacker has a quantum 'flux capacitor.' - When your life or liberty is at stake, to hell with efficiency. Churn, baby, churn! - Peer review and public availability of a cryptosystem are not magic guarantees that weaknesses or flaws will be found. Remember, if a cryptosystem is broken, bad actors who borked it are not going to tell you. That obscurity is their advantage. The counter to this advantage is polymorphism, chains of superencryptions, and using as much obscurity as you can to inject all the time delay you reasonably can. ------------------------------------------------- S P I R I T O F N I K O P O L Don't swap synthetic brains for your real brains. broadcast on BitMessage (https://bitmessage.org) subscribe: BM-NBEz3C1WktcyMZwVRWgDNGpU5gMRZ2iT
Funky naming :) On Sat, Dec 14, 2019 at 11:34:53AM -0000, Spirit of Nikopol wrote:
- Underkill or overkill: which is more secure? Quality time, sweetheart.
- Cryptographic security rests on time. This is why the strength of a cipher is measured in "polynomial time" or "exponential time." Quality time, sweetheart.
- Quantum time is a theory at this point. It is a lame conjecture. Do not trust theories and conjectures. Trust quality time.
- Obscurity is a time buffer. Until the obscure is unobscured, time is working effortlessly against the effort of attack. (!blasphemy!)
Why is this logic "blesphemy"?
- Ciphertext, keys, and digests are like toothpase: whiten, whiten, whiten. Use separate whitening vectors for all.
That's useful.
- Industry standard crypto is always insufficient for dangerous messages. There must be a time-to-generate bottleneck.
Or brute force shall decrypt in not useful time.
- One-time pad injects a time bottleneck approaching functional infinity.
Sort of true. One-time pads are very simple (XOR), and since it's an XOR function, the one-time pad cyphertext can be "decrypted" into every possible plain text combination (for the given input size). Because of this, the above sentence can be clarified as - One-time pad injects a time bottleneck approaching functional infinity, where every possible output text is, at the limit, produced, rendering the brute force decryption functionally useless. I think it's for this reason that one time pads are described as "the only provably secure encryption algorithm".
- Industry standard crypto gets bugged and broken regularly. Using it can produce a secure, self-signed death warrant.
- The longer a decipherment key takes to generate the more secure the ciphertext will be. (time-to-generate delay)
- The longer the bottleneck the longer it takes for your adversary to drink your beer.
- The longer the bottleneck the less of your bit-booze the enemy can drink.
- The hassle of exchanging one-time pads is much less than the hassle of digitally signing your own death warrant.
Depending on your need of course. If you have some helicopter gunship expose, more than great crypto is advised, including top of the class op-sec.
- With random one-time pads you run zero risk of secretly borked crypto algorithms.
Indeed. And suffer the time cost of pre exchange, as well as possible op-sec super fails such as discussing the key exchange protocol on a telephone. ("Oh no, the telephone's fine, I discuss all my drug dealer deals on the phone - the only reason the cops nabbed me was because, just as they said to me when they arrested me, a neighbour dobbed me in" - true story of ignorance par excellence.)
- If doubt is bad, use the one-time pad. Otherwise, bottleneck, bottleneck, whiten, whiten, obscure, obscure.
What a great way to distill important crypto rules of thumb! Thank you for sharing.
- If it has not been 100% proven secure, why would you assume it is secure?
OTP, muffas! That said, Bernstein is a sufficiently stubborn, apparently diligent and socially acerbic nutter, that his black boxes have a shade of black which is quite new (I think they call it "new black") and somewhat appealing...
- The prophetess of Delphi is not your human shield.
Shit! Seriously? (Runs off to berate his prophetess.)
Standard assumptions in the oracle don't stop bullets.
She decieved me! I swear!
- When borked 'standard crypto assumptions' buy you a ticket to the gangplank will the academic researchers be there to sell you shark repellant?
- Just because you don't know that anyone has broken a cryptography scheme, does not mean it hasn't been broken.
- Why would your adversary publish the fact that he has broken your cryptography?
- Rather it may mean your adversary is practicing security through obscurity, which has won many battles. (!blasphemy!)
Yes, fundamentally important blasphemy. For all who missed the memo.
- When you are using anything besides OTP then time is your only friend. Your scheme must tack on the time.
- Security through obscurity worked for dozens of historical military commanders (who were not sitting in ivory towers.)
- If security through obscurity is always bad then why do trade secrets generate billions in profits?
Ha!
- If security through obscurity is always bad then why do armies and governments use it every day?
- What was said about casting pearls before pigs?
What was said about the world being uplifted only by those who give unconditionally?
- The more obscure your means of communication, the more time your adversary must invest to uncover it.
- An exponential increase in required key attack time is often an exponential increase in safety, if your scheme is secure.
- University cryptographers are smart. But who signs their paychecks? Is it the same Sam who signs NSA paychecks?
- Does the academic who pumps a certain unobscure cryptosystem have a life insurance policy on you? Is your cryptography advisor invested in noose stocks?
- Will the pumpers of a certain cryptosystem support your family when you are doxed or dead or disappeared?
- Provable security of a dangerous cryptosystem does not make it safe or secure. It must also be deeply obscured from view.
If you are smart enough to create such a thing, and keep it obscured, may you have a worthy cause to put it to - your small pond ultimately shifting the waters of the ocean, some butterfly effect or something. For the rest of us, we must use what we have and trust what we choose.
- Web site crypto keys are vouched for by state-licensed actors. Need we say more? Dangerous crypto should also be obscured by quality time.
- Generally the more time you take to secure your communications the more time your adversary needs to attack.
Evidently we must distinguish types of communications, the lettuce and carrots from the rib eye and rump. OTP sharing implies meat space connections. Make your meat space real, embrace the rib eye.
- Why settle for 2 ^ 256 when 2 ^ 256 million is a clear winner?
- Why settle for one algorithm when you can cascade many?
- Envelope Superencryption of many algorithms is not necessarily limited to strength of its weakest algorithm. (!blasphemy!)
Ahh, someone is so bold as to share the blasphemous. Like "we only provide SHA, since MD5 is cracked" with no thought that if SHA is cracked, cracking the combo of MD5 -and- SHA (effectively chained, for the purpose of blob authentication), is an order(s) of magnitude more difficult again... The proud often parrot the "obvious", oblivious to official obfuscation. Your treatise is generous indeed...
- Basket encryption and stacking pancakes: If 16 superencryptions are used with 16 different algorithms then the attacker must spend time to correctly guess each algorithm in the correct order with the correct keys or breaks. 16 pow 16 = 18446744073709551616 combinations, before we've even addressed possible keys. If your basket of available algorithms is larger than 16, this time injection can get unwieldy for attackers, even if the attacker has a quantum 'flux capacitor.'
Making meat space "OTP" or "super key" sharing, a much more profitable endeavour.
- When your life or liberty is at stake, to hell with efficiency. Churn, baby, churn!
Meat space baby, meat space!
- Peer review and public availability of a cryptosystem are not magic guarantees that weaknesses or flaws will be found. Remember, if a cryptosystem is broken, bad actors who borked it are not going to tell you. That obscurity is their advantage. The counter to this advantage is polymorphism, chains of superencryptions, and using as much obscurity as you can to inject all the time delay you reasonably can.
------------------------------------------------- S P I R I T O F N I K O P O L
Don't swap synthetic brains for your real brains. broadcast on BitMessage (https://bitmessage.org) subscribe: BM-NBEz3C1WktcyMZwVRWgDNGpU5gMRZ2iT
On Sat, December 14, 2019 11:13 pm, Zenaan Harkness wrote: [.....]
- Obscurity is a time buffer. Until the obscure is unobscured, time is working effortlessly against the effort of attack. (!blasphemy!)
Why is this logic "blesphemy"?
A visit to Stack Exchange, Quora, Yahoo Questions, etc. will reveal countless parrots declaring 'security through obscurity' a verboten taboo. But when you devise an obscure scheme using many ciphers, and don't publish the scheme, it does in fact significantly increase security. But you are not allowed to say that. If you throw in a couple of unpublished ciphers to the mix, it is even better. But again, you are not allowed to say that. Saying it is akin to, "He said Jehosephat!" [.....]
- One-time pad injects a time bottleneck approaching functional infinity.
Sort of true.
One-time pads are very simple (XOR), and since it's an XOR function, the one-time pad cyphertext can be "decrypted" into every possible plain text combination (for the given input size).
Because of this, the above sentence can be clarified as
- One-time pad injects a time bottleneck approaching functional infinity, where every possible output text is, at the limit, produced, rendering the brute force decryption functionally useless.
I think it's for this reason that one time pads are described as "the only provably secure encryption algorithm".
True but I don't want to spell everything out. The reader must be led to conclude some the implications. [.....]
- The hassle of exchanging one-time pads is much less than the hassle of digitally signing your own death warrant.
Depending on your need of course. If you have some helicopter gunship expose, more than great crypto is advised, including top of the class op-sec.
- With random one-time pads you run zero risk of secretly borked crypto algorithms.
Indeed.
And suffer the time cost of pre exchange, as well as possible op-sec super fails such as discussing the key exchange protocol on a telephone. ("Oh no, the telephone's fine, I discuss all my drug dealer deals on the phone - the only reason the cops nabbed me was because, just as they said to me when they arrested me, a neighbour dobbed me in" - true story of ignorance par excellence.)
- If doubt is bad, use the one-time pad. Otherwise, bottleneck, bottleneck, whiten, whiten, obscure, obscure.
What a great way to distill important crypto rules of thumb!
Thank you for sharing.
You're welcome. Your mind is clean, unlike the others. I find this host body suitable for my thoughts.
- If it has not been 100% proven secure, why would you assume it is secure?
OTP, muffas!
You down with OTP?
That said, Bernstein is a sufficiently stubborn, apparently diligent and socially acerbic nutter, that his black boxes have a shade of black which is quite new (I think they call it "new black") and somewhat appealing...
His spam and security protections are so stringent that not even his mum can subscribe to his mailing list.
- The prophetess of Delphi is not your human shield.
[.....]
- Why would your adversary publish the fact that he has broken your cryptography?
- Rather it may mean your adversary is practicing security through obscurity, which has won many battles. (!blasphemy!)
Yes, fundamentally important blasphemy. For all who missed the memo.
[.....]
Evidently we must distinguish types of communications, the lettuce and carrots from the rib eye and rump.
OTP sharing implies meat space connections.
Make your meat space real, embrace the rib eye.
I am stealing that (the rib eye is bossmonstrous). Can five eyes digest the rib eyes? [.....]
The proud often parrot the "obvious", oblivious to official obfuscation. Your treatise is generous indeed...
- Basket encryption and stacking pancakes: If 16 superencryptions are used with 16 different algorithms then the attacker must spend time to correctly guess each algorithm in the correct order with the correct keys or breaks. 16 pow 16 = 18446744073709551616 combinations, before we've even addressed possible keys. If your basket of available algorithms is larger than 16, this time injection can get unwieldy for attackers, even if the attacker has a quantum 'flux capacitor.'
Making meat space "OTP" or "super key" sharing, a much more profitable endeavour.
- When your life or liberty is at stake, to hell with efficiency. Churn, baby, churn!
Meat space baby, meat space!
Insert Ted's steakhouse jingle. (!sorry!) ------------------------------------------------- S P I R I T O F N I K O P O L Don't swap synthetic brains for your real brains. broadcast on BitMessage (https://bitmessage.org) subscribe: BM-NBEz3C1WktcyMZwVRWgDNGpU5gMRZ2iT
- If it has not been 100% proven secure, why would you assume it is secure?
OTP, muffas!
You down with OTP?
One time pads have their place, for sure. What I should instead have written, to make it clear, was "OTP for the win, muffas :D"
Insert Ted's steakhouse jingle. (!sorry!)
I'm from Oz - we are literally so far below everyone, we can't even hear Ted's steakhouse jingle, but I'll assume it's something like the Woolworth's jingle (Woollies is a chain supermarket over here, like Coles), and their jingle is so bloody jingly, you literally never forget it for the rest of your life. Or rather, you always remember it for the rest of your life - going to sleep, having a shower, trying to think about important multi layered cryptography benefits, no matter what, it's bloody supermarket jingle. So if Ted's steakhouse jingle is even remotely as annoyingly memorable, I definitely do not want to listen to it :)
participants (2)
-
Spirit of Nikopol -
Zenaan Harkness