Bitcoin Forum
December 03, 2016, 12:26:05 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: GMR-1, GMR-2 comprimised. Does this mean anything for Bitcoin?  (Read 2011 times)
johnj
Full Member
***
Offline Offline

Activity: 154


View Profile
February 08, 2012, 05:13:26 PM
 #1

I'm not well learned concerning the ins and outs of cryptography, but I saw this article (http://arstechnica.com/business/news/2012/02/crypto-crack-makes-satellite-phones-vulnerable-to-eavesdropping.ars) and was wondering if anyone could shed any light on what this does/doesn't mean for the cryptography behind Bitcoin.

1AeW7QK59HvEJwiyMztFH1ubWPSLLKx5ym
TradeHill Referral TH-R120549
1480724765
Hero Member
*
Offline Offline

Posts: 1480724765

View Profile Personal Message (Offline)

Ignore
1480724765
Reply with quote  #2

1480724765
Report to moderator
1480724765
Hero Member
*
Offline Offline

Posts: 1480724765

View Profile Personal Message (Offline)

Ignore
1480724765
Reply with quote  #2

1480724765
Report to moderator
1480724765
Hero Member
*
Offline Offline

Posts: 1480724765

View Profile Personal Message (Offline)

Ignore
1480724765
Reply with quote  #2

1480724765
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1480724765
Hero Member
*
Offline Offline

Posts: 1480724765

View Profile Personal Message (Offline)

Ignore
1480724765
Reply with quote  #2

1480724765
Report to moderator
1480724765
Hero Member
*
Offline Offline

Posts: 1480724765

View Profile Personal Message (Offline)

Ignore
1480724765
Reply with quote  #2

1480724765
Report to moderator
1480724765
Hero Member
*
Offline Offline

Posts: 1480724765

View Profile Personal Message (Offline)

Ignore
1480724765
Reply with quote  #2

1480724765
Report to moderator
Mike Hearn
Legendary
*
Offline Offline

Activity: 1526


View Profile
February 08, 2012, 05:15:36 PM
 #2

It means nothing. The cryptosystems are unrelated.
johnj
Full Member
***
Offline Offline

Activity: 154


View Profile
February 08, 2012, 05:52:20 PM
 #3

It means nothing. The cryptosystems are unrelated.

The part that caught my eye,

"The secret algorithms were analyzed by downloading publicly available firmware used by the phones, disassembling the code, and using some clever techniques to isolate the ciphers. The analysis techniques may prove valuable in exposing weaknesses in other encryption schemes as well."


1AeW7QK59HvEJwiyMztFH1ubWPSLLKx5ym
TradeHill Referral TH-R120549
damnek
Hero Member
*****
Offline Offline

Activity: 551



View Profile
February 08, 2012, 05:55:19 PM
 #4

It means nothing. The cryptosystems are unrelated.

Be a voice, not an echo
DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218


Gerald Davis


View Profile
February 08, 2012, 06:06:11 PM
 #5

Calling those systems cryptosystems is a strectch.  The fact that the researchers were able to attack it by extracting the cipher means it was operating under "security through obscurity".  Real cryptographic systems don't.

In building a cryptographic system you should not only expect but ASSUME the attacker will have EVERYTHING except the private key/data.  He has all public data, copies of other plaintext, copies of other cipher text, all initialization vectors, complete understanding of the algorithm and the system, whitepapers, all other cryptographic analysis and .... the system should STILL BE SECURE.

With SHA-256 there is nothing to "find".

Here is the representation of 1 round of the SHA-256 hash (64 rounds for final hash):


Here are the functions:





Here are the eight h values:
Code:
0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19

Here are the 64 k values:
Code:
  0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
   0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
   0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
   0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
   0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
   0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
   0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
   0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2

There are no secrets.  Every part of the code is publicly available and has been vetted by cryptographers around the world.

So what does the failure of GMR mean?
"Security through obscurity is no security at all" is still alive and well.  One would think after 3 decades of near continual hacks, breaks, and attacks on weak systems (WEP, GSM, CSS, etc) involving "obscurity" that companies would learn but they likely never will.
Revalin
Hero Member
*****
Offline Offline

Activity: 728


165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g


View Profile
February 08, 2012, 09:21:27 PM
 #6

Crypto is notoriously hard to do right. Most privately developed systems are flawed. The best crypto systems are developed and reviewed publicly and refined until they're as good as possible. Bitcoin uses ECDSA, SHA256, and RIPEMD, and the specific implementation has been carefully reviewed as well.  These are all top-tier, thoroughly reviewed systems that are unlikely to have any of the amateur mistakes they made in GMR and A5/2.

      War is God's way of teaching Americans geography.  --Ambrose Bierce
Bitcoin is the Devil's way of teaching geeks economics.  --Revalin 165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g
ArticMine
Legendary
*
Offline Offline

Activity: 1792


Monero Core Team


View Profile
February 09, 2012, 12:05:36 AM
 #7

Calling those systems cryptosystems is a strectch.  The fact that the researchers were able to attack it by extracting the cipher means it was operating under "security through obscurity".  Real cryptographic systems don't.

In building a cryptographic system you should not only expect but ASSUME the attacker will have EVERYTHING except the private key/data.  He has all public data, copies of other plaintext, copies of other cipher text, all initialization vectors, complete understanding of the algorithm and the system, whitepapers, all other cryptographic analysis and .... the system should STILL BE SECURE.

With SHA-256 there is nothing to "find".

Here is the representation of 1 round of the SHA-256 hash (64 rounds for final hash):


Here are the functions:





Here are the eight h values:
Code:
0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19

Here are the 64 k values:
Code:
  0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
   0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
   0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
   0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
   0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
   0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
   0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
   0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2

There are no secrets.  Every part of the code is publicly available and has been vetted by cryptographers around the world.

So what does the failure of GMR mean?
"Security through obscurity is no security at all" is still alive and well.  One would think after 3 decades of near continual hacks, breaks, and attacks on weak systems (WEP, GSM, CSS, etc) involving "obscurity" that companies would learn but they likely never will.
I could not agree more. The cracked systems are in reality a form of DRM and not cryptography based any sound mathematical principals. Bitcoin has nothing to fear from this any more that than from the cracking of the latest DRM promoted by the MPAA or RIAA. Security by obscurity is digital snake oil; however it is a multi billion dollar digital snake oil business, protected by legislation in many parts of the world. Its most popular application is of course DRM.

Concerned that blockchain bloat will lead to centralization? Storing less than 4 GB of data once required the budget of a superpower and a warehouse full of punched cards. https://upload.wikimedia.org/wikipedia/commons/8/87/IBM_card_storage.NARA.jpg https://en.wikipedia.org/wiki/Punched_card
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!