
Re: One Time Pads.
The problem isn't the key exchange, it's knowing who you just exchanged keys with is the right person and not a man in the middle.
15 publicly visible posts • joined 26 Mar 2011
Since the switch to the ATSC standard and digital TV in the US and in Canada, the range of the OTA signal is significantly less and also the picture is either perfect or blocky at times .
<rant>
One thing to realise about TV in Canada (and possibly the US) is that the objective of the broadcaster is not always to provide OTA reception. Putting up a transmitter gets you on "basic cable" in that area even if the reception is crap. Hence here in Ottawa some transmitters are in cheap rather than good locations and, since the transmitters aren't all co-located, you need an antenna rotator and a tower if you want to get all the OTA stations.
</rant>
Fortunately there is the internet.... although the speed sucks in rural areas.
In 2015 Israel finds evidence that Russia is using Kaspersky AV to spy on everyone.
In 2017, US Government warns its government employees to stop using Kaspersky AV.
So either (a) Israel (an "ally") did not tell USG until 2017, or (b) USG intentionally allowed all its government employees to be spied on for two years by the FSB.
There is something very wrong with the official story
All of our Skype accounts suddenly stopped working because apparently (a) we apparently were born in 2015, (some years after the accounts were created), and therefore need our parent's permission to log in, and (b) have Credit cards with US addresses even though we don't live there so we can prove our age...
Makes me glad my company's not using Azure... and now not planning to.
It just happened to my wife: I just assumed it was a not-so-subtle method of forcing everyone to agree to their latest Terms of Service... probably the new clauses about introducing droit de seigneur and rights to the mortal soul of your first-born...
The main problem the blockchain solves is a distributed ledger which it is computationally infeasible for any party to alter. Each block depends on the previous block, and is computationally expensive to create. For alteration to be infeasible, machines must continuously (and honestly) creating new blocks faster than any attacker can. If this requirement isn't met, the attacker can create an alternative block chain which, if it becomes longer than the genuine one, will supplant it.
If only a small number of computers are involved, then each of the nodes has to be trusted. Otherwise recent block chain entries can be rewritten by anybody with a credit card and an AWS account. But if there are only a small number of trustworthy parties, digital signatures and trusted timestamp servers will also work and not require any significant computing resources.
So for a blockchain to be the better solution you need a large number of untrustworthy people who have an economic incentive not to cheat...
The really neat aspect of Bitcoin is the economic incentives it provides for nodes (untrusted people) to join the network and to "mine" new blocks honestly.
But most proposed blockchain applications neither provide the incentive not to cheat nor allow untrusted nodes to join their network. Their main purpose seems to be to separate naive investors from their money.
*Assuming* only 8 rotors available at any one time:
3 Rotor Engima.
Rotor choice 8*7*6 = 336 = 8.4 bits
Rotor Position 26*26*26 = 17576 = 14.1 bits
Total Entropy = 5905536 = 22.5 bits
4 Rotor Enigma (Naval)
Rotor choice 8*7*6*5 = 1680 = 10.7 bits
Rotor Position 26*26*26*26 = 456976 = 18.8 bits
Total Entropy = 767719680 = 29.5 bits
The daily key also determined how the rotor starting positions were offset, and (possibly) also when a rotor change would "carry" to the next position. Sometimes the wiring of a rotor needed to be deduced too. There were different keys in use on different networks, so it wasn't just a matter of breaking one key each day.
The key insight of Turing, Welchman and others was that it was possible to break the rotor settings by brute force search based upon a known plaintext, and then to break the plugboard setting afterwards.
The original breaks were *by hand*. Best description I've found is in "The Hut Six Story" by Gordon Welchman.
(And if you think it's all trivial with modern computers, check out the enigma@home project.)
The government of Canada is busy doing the same thing. The Environment Canada weather website is so busy telling us how wonderful the government is, all the government services available, and how we can all apply for government jobs, that on mobile phones it pushes the actual weather forecast well below the fold.
It's a tweakable cipher (encryption depends on secret key plus something publicly known which varies with each record, like a record number or a person's name) designed for encoding very short bit strings without increasing the length of the data. Think of storing encrypted credit card numbers in a database without increasing the size of the field.
For efficiency concerns, the authors point out that AES is directly supported by modern hardware.
It therefore isn't directly comparable with AES in CTR mode or nor with GCM. Nor is it intended to obscure message lengths or provide message authentication.
Whether this is an acceptably efficient and more secure solution than other approaches I will leave to professional cryptographers to decide.
For deploying a practical application, it's the databases, the bandwidth charges, the load balancing, the redundancy, the location of data centres, the backups, the long term storage...
It's the availability these that currently draw me to use Amazon for my next project: the cost for the CPU/RAM combination is only one factor.
A more useful comparison might be based on a set of sample applications with N web servers, a N gig database, 2 geographic/availability zone redundancy, and an assumed amount of traffic, regular backups, failover between servers, etc. and then estimate the running costs of the example setup.
@Nuke
"For one thing, in the video they did not appear to explode.
For another thing, they are banned by international law - last time I looked anyway."
Actually exploding bullets are only banned in warfare under the Hague Convention of 1899.
Police, hunters, and irate fathers still get to use them.