Thread: Halt! Who goes there?

  1. #91
    (?<!re)tired Mario F.'s Avatar
    Join Date
    May 2006
    Location
    Ireland
    Posts
    8,446
    I'm just saying that in that case, my laptop is going to definitely stop me from getting into your country. Linux, Windows, AI RoboForm, KeePass, FireFox, Internet Explorer, C++ Libraries, PHP Libraries, software I built, MS SQL, MySQL, SQLite, ZOC Terminal, Putty, etcetera, are all packed with ammunition and ready to destroy your country.
    Originally Posted by brewbuck:
    Reimplementing a large system in another language to get a 25% performance boost is nonsense. It would be cheaper to just get a computer which is 25% faster.

  2. #92
    Malum in se abachler's Avatar
    Join Date
    Apr 2007
    Posts
    3,195
    I said strong encryption, not PGP or public key stuff, that isnt strong encryption.

  3. #93
    C++ Witch laserlight's Avatar
    Join Date
    Oct 2003
    Location
    Singapore
    Posts
    28,413
    I said strong encryption, not PGP or public key stuff, that isnt strong encryption.
    Basically, you are talking about classified algorithms that are not available in the public literature?
    Quote Originally Posted by Bjarne Stroustrup (2000-10-14)
    I get maybe two dozen requests for help with some sort of programming or design problem every day. Most have more sense than to send me hundreds of lines of code. If they do, I ask them to find the smallest example that exhibits the problem and send me that. Mostly, they then find the error themselves. "Finding the smallest program that demonstrates the error" is a powerful debugging tool.
    Look up a C++ Reference and learn How To Ask Questions The Smart Way

  4. #94
    Malum in se abachler's Avatar
    Join Date
    Apr 2007
    Posts
    3,195
    Quote Originally Posted by laserlight View Post
    Basically, you are talking about classified algorithms that are not available in the public literature?
    Public key cryptography is a type of encryption that uses public keys or public key exchange. Mostly it uses some form of the Diffie-Helman algorithm.

    Private key cryptography is based on keys that are not exchanged publicly, and must be transferred by secure channels, either physical or encrypted electronic exchange.

    DH key exchange does not use secure channels, it uses 'public' key exchange. Its security relies on the fact that it is computationally difficult to calculate the key using only the transferred information. Difficult but not impossible. Secure enough for your meatball recipes and credit card information, but not enough for information that could cause harm of an extremely grave nature.

    Basically, DH is crackable using less than brute force. Part of the information they might find is the keys, which are a munition. They have to copy the entire contents because of steganography. There are also correlative connections that can be made between individuals, giving possible intelligence on distributed management structures, areas of operation, and just enormous amounts of data that I can't even go into.
    Last edited by abachler; 05-16-2008 at 12:49 PM.

  5. #95
    Devil's Advocate SlyMaelstrom's Avatar
    Join Date
    May 2004
    Location
    Out of scope
    Posts
    4,079
    Quote Originally Posted by abachler View Post
    Regardless of the effectiveness of alternate means of transport, a search is warranted and legitimate. They search for drugs, and yet the vast majority of drugs are nto smuggled through airports. This doesnt mean they should stop searching for them.
    Are you telling me that there is a low-priced, public mean of transporting drugs into the USA? Something perhaps comparable to the internet...

    Honestly, you're not making a very good argument and I'm sure if there was a way to somehow zap drugs and weapons into the country through some legal, public, undetected means... I don't think I'd feel to comfortable about having my bags searched at the airport either.
    Sent from my iPadŽ

  6. #96
    (?<!re)tired Mario F.'s Avatar
    Join Date
    May 2006
    Location
    Ireland
    Posts
    8,446
    I can tell you most of the software I referred uses strong encryption.
    Originally Posted by brewbuck:
    Reimplementing a large system in another language to get a 25% performance boost is nonsense. It would be cheaper to just get a computer which is 25% faster.

  7. #97
    C++ Witch laserlight's Avatar
    Join Date
    Oct 2003
    Location
    Singapore
    Posts
    28,413
    Public key cryptography is a type of encryption that uses public keys or public key exchange. Mostly it uses some form of the Diffie-Helman algorithm.

    Private key cryptography is based on keys that are not exchanged publicly, and must be transferred by secure channels, either physical or encrypted electronic exchange.
    But PGP comes with private cryptosystems implemented, thus even though public key cryptography is used to transfer the secret keys for the private key encryption, the software still contains what could be termed munitions (assuming you are correct to call all public key cryptography in the public literature as snake oil).

    DH key exchange does not use secure channels, it uses 'public' key exchange. Its security relies on the fact that it is computationally difficult to calculate the key using only the transferred information. Difficult but not impossible. Secure enough for your meatball recipes and credit card information, but not enough for information that could cause harm of an extremely grave nature.
    I had the impression that at this point of time, with suitable keys, it is impossible in practice to break the stronger variants of public key cryptography, even with the computational capability of certain government agencies, unless their mathematicians and cryptanalysts have proved otherwise.
    Quote Originally Posted by Bjarne Stroustrup (2000-10-14)
    I get maybe two dozen requests for help with some sort of programming or design problem every day. Most have more sense than to send me hundreds of lines of code. If they do, I ask them to find the smallest example that exhibits the problem and send me that. Mostly, they then find the error themselves. "Finding the smallest program that demonstrates the error" is a powerful debugging tool.
    Look up a C++ Reference and learn How To Ask Questions The Smart Way

  8. #98
    Registered User
    Join Date
    Oct 2001
    Posts
    2,129
    Didn't the US relax or eliminate those rules years ago?

  9. #99
    Malum in se abachler's Avatar
    Join Date
    Apr 2007
    Posts
    3,195
    Quote Originally Posted by SlyMaelstrom View Post
    Are you telling me that there is a low-priced, public mean of transporting drugs into the USA? Something perhaps comparable to the internet...
    If you charge by weight, then its cheaper to import drugs than the few electrons that make up your data. But yes, there is a low priced public means of transporting drugs into the US. Planes, trains and automobiles. Most drugs, usually coke or heroin, that are smuggled by air use private means of transport. But I'm really not here to argue whether there are wasy to smuggle drugs into the US, its so obvious that its stupid to even discuss it. The point isnt whether its just as cheap. The point is that it is possible, feasable, and preventable or at least deterable. If you don't like it thats just too bad.

    I could crack 64 bit DH (what most of the web browsers use outside the US) on a single core Pentium 4 in a few seconds (something that shoudl take , given the time to code the project. Given the NSA's budget I could crack 128 bit in the same amount of time. A few more years and Ill be able to crack any size DH encryption in a trivial amount of time. I already have methods for arbitrarily speeding up the factoring.

  10. #100
    (?<!re)tired Mario F.'s Avatar
    Join Date
    May 2006
    Location
    Ireland
    Posts
    8,446
    Quote Originally Posted by abachler View Post
    I could crack 64 bit DH (what most of the web browsers use outside the US)
    hmm... those restrictions are long gone abachler. As far as I know even 256 bit keys can be exported from the US. Only requirements are a special exports permit. Meanwhile because 256 bit can be achieved by a number of algorithms developed and maintained outside the control of US government, even that permit is becoming a useless.

    A few more years and Ill be able to crack any size DH encryption in a trivial amount of time. I already have methods for arbitrarily speeding up the factoring.
    Regardless of your optimism and access to top secret technology which I can only but envy, doesn't this turn your ammunition into wet powder?
    Originally Posted by brewbuck:
    Reimplementing a large system in another language to get a 25% performance boost is nonsense. It would be cheaper to just get a computer which is 25% faster.

  11. #101
    Malum in se abachler's Avatar
    Join Date
    Apr 2007
    Posts
    3,195
    The point is because the internet is not a secure means to transfer encryption keys, there is a legitimate reason to search travellers computers for physical transport of keys. 256 bit, million bit, wont matter, public key cryptography isnt secure. But beyond this one reason, there are a lot of other reasons why it is a valid, legal search. If you dont like it then don't bring your computer with you.
    Last edited by abachler; 05-16-2008 at 03:46 PM.

  12. #102
    (?<!re)tired Mario F.'s Avatar
    Join Date
    May 2006
    Location
    Ireland
    Posts
    8,446
    Oh. I gotcha.
    Originally Posted by brewbuck:
    Reimplementing a large system in another language to get a 25% performance boost is nonsense. It would be cheaper to just get a computer which is 25% faster.

  13. #103
    Cat without Hat CornedBee's Avatar
    Join Date
    Apr 2003
    Posts
    8,895
    Keys are not encryption methods. And I could put a 2048-bit key just about anywhere.
    All the buzzt!
    CornedBee

    "There is not now, nor has there ever been, nor will there ever be, any programming language in which it is the least bit difficult to write bad code."
    - Flon's Law

  14. #104
    Devil's Advocate SlyMaelstrom's Avatar
    Join Date
    May 2004
    Location
    Out of scope
    Posts
    4,079
    Quote Originally Posted by abachler View Post
    If you charge by weight, then its cheaper to import drugs than the few electrons that make up your data. But yes, there is a low priced public means of transporting drugs into the US. Planes, trains and automobiles. Most drugs, usually coke or heroin, that are smuggled by air use private means of transport. But I'm really not here to argue whether there are wasy to smuggle drugs into the US, its so obvious that its stupid to even discuss it. The point isnt whether its just as cheap. The point is that it is possible, feasable, and preventable or at least deterable. If you don't like it thats just too bad.
    Well considering that there isn't supposed to be a plane, train, or automobile entering the US that doesn't pass through security (in some form or another), you haven't really made a point at all, have you? I didn't say you couldn't sneak it in... you're not trying to sell a point to a bunch of fools so stop trying to spin things... you aren't even good at it. The fact is, there is no way to get controlled substances or physical munitions into the nation without being susceptible to some form of border security. With electronic data, there is... it's called the internet. The government can't monitor every single file downloaded from a foreign sever into a US host computer, so with that massive loophole open, why bother checking borders.

    You have honestly yet to rebut a single point I've made properly and from the looks of it, you aren't doing to hot with your public key cryptography point, either. Sometimes the best way to not lose all of your ground is to give it away to the opposition. At least then maybe you'll have some respect in the end.
    Sent from my iPadŽ

  15. #105
    Dr Dipshi++ mike_g's Avatar
    Join Date
    Oct 2006
    Location
    On me hyperplane
    Posts
    1,218
    Like with the internet, monitoring every harddisk that comes into the country is not feasible. If youre going to copy the entire contents of each HD, and seach them throuroughly for keys hidden by steganography how much is that going to cost taxpayers? And how likely is it that anything useful will result from it? It still does nothing at all to stop the most sensitive data crossing borders; after all you could fit pretty much anything you like on a mini SD and swallow it.

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Simulator
    By MasterAchilles in forum C Programming
    Replies: 10
    Last Post: 11-30-2008, 10:31 PM