Bitcoin Forum
November 06, 2024, 05:48:25 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 [2]  All
  Print  
Author Topic: The next step in going against "conventional wisdom" - Create your own Crypto!  (Read 1720 times)
Vessko
Full Member
***
Offline Offline

Activity: 139
Merit: 100



View Profile
January 02, 2015, 11:17:15 AM
 #21

I don't really care whether you'll read it. From what I've seen from you so far, you are unlikely to learn from it anyway.

Consider it just a "cry of the soul" when somebody needs to vent his frustration at some idiocy, even knowing that it isn't going to change anything.
CIYAM (OP)
Legendary
*
Offline Offline

Activity: 1890
Merit: 1086


Ian Knowles - CIYAM Lead Developer


View Profile WWW
January 02, 2015, 11:19:12 AM
 #22

I don't really care whether you'll read it. From what I've seen from you so far, you are unlikely to learn from it anyway.

Strange that you'd bother typing it then (and why are you so keen to become the teacher to someone who you are are so keen to insult?).

If you haven't gathered what the purpose of this topic is (and the previous one linked to in the OP) then that isn't my problem.

Enjoy venting!

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
The Chainmaker
Member
**
Offline Offline

Activity: 112
Merit: 10


View Profile
January 02, 2015, 01:11:07 PM
 #23

most people have a hard time getting a wallet open.  not going to be any creating a crypto for them

If it can be digitized, it should be decentralized
2112
Legendary
*
Offline Offline

Activity: 2128
Merit: 1073



View Profile
January 02, 2015, 08:32:35 PM
 #24

recording it on CD-ROMs
Actually CD-RWs. Using erasable media is a great protection against accidental reuse, one of the most important failure modes of the OTP.

Please comment, critique, criticize or ridicule BIP 2112: https://bitcointalk.org/index.php?topic=54382.0
Long-term mining prognosis: https://bitcointalk.org/index.php?topic=91101.0
Flashman
Hero Member
*****
Offline Offline

Activity: 518
Merit: 500


Hodl!


View Profile
January 03, 2015, 04:51:19 AM
 #25

Well a CDR you could overburn to wipe. Or shred.

IF you had a BDROM fully filled with randomness and emailed like a fiend all day, managing about a megabyte of ascii output daily, I think it would take you about 70 years to use it all.

TL;DR See Spot run. Run Spot run. .... .... Freelance interweb comedian, for teh lulz >>> 1MqAAR4XkJWfDt367hVTv5SstPZ54Fwse6

Bitcoin Custodian: Keeping BTC away from weak heads since Feb '13, adopter of homeless bitcoins.
hhanh00
Sr. Member
****
Offline Offline

Activity: 467
Merit: 267


View Profile
January 03, 2015, 05:21:26 AM
 #26

Good points - I am not inventing a new type of cypher.

The idea of a OTP is at least hundreds of years old.

The only idea I would ask anyone to accept is that "secure hashes are secure" (as many other crypto algos work upon that assumption I don't think I have violated any sacrosanct idea).

If SHA256 is not secure then Bitcoin should have already been destroyed (and that is the OTP method that I use).
This raises a lot of red flags. OTP is used as an example of perfect secrecy cipher. Mainly to introduce the more advanced concepts because it only works if the pad is perfectly random, used once and as long as the text to encrypt. All of which makes it impractical. I don't know how you produce your OTP but anything short of the previous is not a OTP.
"secure hash are secure" have to be framed in a particular context. What is the attack model? CPA, CCA, RO, etc. I could go on and on but the point is that these sentences don't give much confidence to start with.

CIYAM (OP)
Legendary
*
Offline Offline

Activity: 1890
Merit: 1086


Ian Knowles - CIYAM Lead Developer


View Profile WWW
January 03, 2015, 05:38:57 AM
 #27

This raises a lot of red flags. OTP is used as an example of perfect secrecy cipher. Mainly to introduce the more advanced concepts because it only works if the pad is perfectly random, used once and as long as the text to encrypt. All of which makes it impractical. I don't know how you produce your OTP but anything short of the previous is not a OTP.

Okay - these are very good points and it is not a "true OTP" at all (for the obvious reason you pointed out) but is instead a PRNG key stretcher (starting with a shared secret). In order to never re-use the same "pseudo OTP" (is that term acceptable?) a message nonce is combined with the shared secret (the nonce itself would be sourced from /dev/random or equivalent).

Of course the "shared secret" could also be determined using ECDSA key pairs (as an alternate to using GPG or some other method of communicating the shared secret).

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
hhanh00
Sr. Member
****
Offline Offline

Activity: 467
Merit: 267


View Profile
January 03, 2015, 05:47:57 AM
 #28

This raises a lot of red flags. OTP is used as an example of perfect secrecy cipher. Mainly to introduce the more advanced concepts because it only works if the pad is perfectly random, used once and as long as the text to encrypt. All of which makes it impractical. I don't know how you produce your OTP but anything short of the previous is not a OTP.

Okay - these are very good points and it is not a "true OTP" at all (for the obvious reason you pointed out) but is instead a PRNG key stretcher (starting with a shared secret). In order to never re-use the same "pseudo OTP" (is that term acceptable?) a message nonce is combined with the shared secret (the nonce itself would be sourced from /dev/random or equivalent).

Of course the "shared secret" could also be determined using ECDSA key pairs (as an alternate to using GPG or some other method of communicating the shared secret).
This looks fairly subject to chosen ciphertext attacks. The nonce has to be sent with the encrypted message. I craft a new message with the same nonce and modify the body of the cipher text. Since I know they are XORs, I can change the decoded content or retrieve the message little by little by sending several attempts and seeing how the receiver reacts.

CIYAM (OP)
Legendary
*
Offline Offline

Activity: 1890
Merit: 1086


Ian Knowles - CIYAM Lead Developer


View Profile WWW
January 03, 2015, 05:51:04 AM
 #29

This looks fairly subject to chosen ciphertext attacks. The nonce has to be sent with the encrypted message. I craft a new message with the same nonce and modify the body of the cipher text. Since I know they are XORs, I can change the decoded content or retrieve the message little by little by sending several attempts and seeing how the receiver reacts.

For sure a nonce cannot be re-used - so in a P2P situation each client would make sure it does not allow nonce re-use to occur so this is easily prevented (it just requires storage space for old nonces which could perhaps be reduced by prefixing nonces with say a date to allow for the later removal of old nonces).

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
hhanh00
Sr. Member
****
Offline Offline

Activity: 467
Merit: 267


View Profile
January 03, 2015, 06:04:46 AM
 #30

Well - then the receiver has to carry a database of nonces with him wherever he wants to be able to decrypt a message. Otherwise, you just described a stream cipher - it's definitively not a new crypto Smiley

Edit: http://en.wikipedia.org/wiki/Stream_cipher

jonald_fyookball
Legendary
*
Offline Offline

Activity: 1302
Merit: 1008


Core dev leaves me neg feedback #abuse #political


View Profile
January 03, 2015, 06:29:58 AM
 #31

I think the two (brain wallet and crypto) are very different.

I know almost nothing about cryptography, but I know it's complicated enough that there's no point for me to try to roll my own.  And those that know quite a bit more than me are saying that it is quite a deep subject.

Comparatively, brain wallets seem much simpler.  There are really only a few known principles that must be followed, and those principles are easily understood.  Cryptography is a complete science with a large body of knowledge.  It's much more complex and mysterious.

CIYAM (OP)
Legendary
*
Offline Offline

Activity: 1890
Merit: 1086


Ian Knowles - CIYAM Lead Developer


View Profile WWW
January 03, 2015, 06:43:36 AM
 #32

I think perhaps the title of this topic has confused people as I didn't intend it to mean creating things like the lowest level algos but instead the idea of replacing conventional implementations such as HTTPS in particular.

The comparison with the other topic is more to do with challenging "conventional wisdom" (i.e. that you *can't create a replacement for securely encrypting data* for something like HTTPS) so it is the system implementation rather than its low level algorithmic parts that are key.

The main interest I have is in how we create a new secure internet that doesn't use DNS or HTTPS (this topic being about the latter of these two things).

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
hhanh00
Sr. Member
****
Offline Offline

Activity: 467
Merit: 267


View Profile
January 03, 2015, 06:54:51 AM
 #33

To me it sounds like the title is "The next step in going against "conventional wisdom" - Create your own rocket!


CIYAM (OP)
Legendary
*
Offline Offline

Activity: 1890
Merit: 1086


Ian Knowles - CIYAM Lead Developer


View Profile WWW
January 03, 2015, 07:00:14 AM
 #34

To me it sounds like the title is "The next step in going against "conventional wisdom" - Create your own rocket!

Cheesy

Any suggestion for a better title?

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
jonald_fyookball
Legendary
*
Offline Offline

Activity: 1302
Merit: 1008


Core dev leaves me neg feedback #abuse #political


View Profile
January 03, 2015, 07:01:18 AM
 #35


The main interest I have is in how we create a new secure internet that doesn't use DNS or HTTPS (this topic being about the latter of these two things).


namecoin?

CIYAM (OP)
Legendary
*
Offline Offline

Activity: 1890
Merit: 1086


Ian Knowles - CIYAM Lead Developer


View Profile WWW
January 03, 2015, 07:02:48 AM
 #36


The main interest I have is in how we create a new secure internet that doesn't use DNS or HTTPS (this topic being about the latter of these two things).


namecoin?

That project has mostly failed because it just replaced one name squatting system with another (I don't like the idea of anything like DNS).

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
Soros Shorts
Donator
Legendary
*
Offline Offline

Activity: 1617
Merit: 1012



View Profile
January 03, 2015, 08:35:28 AM
 #37

I think perhaps the title of this topic has confused people as I didn't intend it to mean creating things like the lowest level algos but instead the idea of replacing conventional implementations such as HTTPS in particular.

Maybe you could look into improving HTTPS before thinking about replacing it completely? For instance, if your problem with HTTPS is its reliance on trusted Certificate Authorities then look into replacing that piece with some kind of P2P system. I doubt many people would have any issues with HTTPS over TLS 1.2 and the rich cryptographic suites that it supports.
CIYAM (OP)
Legendary
*
Offline Offline

Activity: 1890
Merit: 1086


Ian Knowles - CIYAM Lead Developer


View Profile WWW
January 03, 2015, 08:53:27 AM
 #38

Maybe you could look into improving HTTPS before thinking about replacing it completely? For instance, if your problem with HTTPS is its reliance on trusted Certificate Authorities then look into replacing that piece with some kind of P2P system. I doubt many people would have any issues with HTTPS over TLS 1.2 and the rich cryptographic suites that it supports.

That is indeed something that should be considered and yes the CA component of HTTPS is IMO the biggest part of the problem with it.

To be clearer the reason that I am envisioning something quite different to HTTPS is that I see blockchains (note not singular) and P2P as being the two key core technologies of the internet of the future (and HTTPS was really designed for a traditional client/server model).

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
Pages: « 1 [2]  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!