CDR: Re: about this list, and a poor man's crypto

Tim May tcmay at got.net
Mon Sep 4 13:03:16 PDT 2000 

At 4:06 PM -0700 9/3/00, Marcello 'R.D.O.' Magnifico wrote:
>I'm telling you I'm leaving, and why.
>
>1. The list appears to be USA-centric, and Internet covers the whole world.

Anyon is free to post, even people from Italy. That there are very 
few subscribers from Italy, or Botswana, or Gondwanaland, is just the 
way it is.


>
>2. I'm not bragging around about what illegal I did (if I ever did) and why
>I think I'm right (of course I am! ;->) and why the other guys are wrong
>(of course they are, indeed! ;->)


"Bragging about what illegal I did" is in the context of civil 
liberties and the ground truth of cypherspace. If you don't "get it," 
it's probably best that you follow through on your promise to leave. 
Auf wiedersehen! Ciao!



>
>3. I expected a lot of tech issues and found instead a bunch of:
>	-discussions on racism, religion, gov't behavior worldwide
>	-"we hate pigs"
>	-US local laws discussions (see 1)
>	-simple fluff and/or flaming.

And just which articles have _you_ contributed?

>
>	In Italy we don't seem having a corpus of laws about/against crypto, so
>it's possible to develop almost anything. Not being linked to general
>concepts and standards about what crypto is or should be, that's how I
>figured out the concept of "brute-force key". It's the trivial usage of
>large keys in non-public key environments, at the expenses of weakening the
>encryption algorythm. It may seem stupid, but current technology makes it
>possible and very effective, depending only on the ability of generating
>good random byte sequences.

First, Italy has no corpus of laws about/against crypto for the 
simple reason that Italy has a weak Internet culture. Weaker than 
France, which is saying a lot. When you wake up some day and find 
that the Protection of the Constitution Law has been passed by your 
parliament, don't come to us and say "But I had no idea this was 
coming."

Second, beware variants of the bogus "virtual one-time pad." Using 
keying material to encipher plaintext is an idea as old as the hills, 
even the hills of Rome.



>
>	Let's say you store your key on a diskette that carries at 
>least 170Kbytes
>(I can, so you should, too ;->). Well, a 170Kbytes key _is_ strong, and
>performance can be achieved by using a trivial XOR algorythm, in circular
>or bustrophedic (back-and-forth) sequence if the message to be sent is
>larger. XOR implies that the key MUST be a long random string, because you
>might want to transmit a file with long 0x00 sequences, too. XORing 0x00
>exposes parts of your key, so they should look undistinguishable from
>non-null encrypted data, that will appear as random rubbish (that's the
>purpose of crypto, right? :->).

Cf. basic textbooks on crypto for why this is not a good solution. 
Read especially the parts on key distribution, on flaws arising from 
re-use of key material (cf. the Walker case), etc. Read also the 
mid-70s papers on why public key systems have such compelling 
advantages.

I know this 25-year-old material must be boring to an enlightened 
Italian such as yourself, but you may find it useful to see why we 
backward Americans adopted public key systems over ""trivial XOR 
algorithms."


>
>	If you don't care about ITAR laws (and it seems that you, being the
>Cypherpunks, actually don't),

For a very good reason: no state may compel a person to communicate 
only in certain forms acceptable to the state.

If you don't get this point either, it's probably hopeless. Maybe you 
can find a copy of "1984" for starters.


Meanwhile, claiming that the list is not what you would like it to be 
is, especially when you have not contributed anything, is...typical.


--Tim May
-- 
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
ComSec 3DES:   831-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
"Cyphernomicon"             | black markets, collapse of governments.

More information about the cypherpunks-legacy mailing list