What is secure?

BM-2cT5MCDUhVP31DXubGZJ3NoDWRf81haiBK
Jan 20 10:36 [raw]

What is secure? 1. Hasn’t it always been the NSA’s duty to maintain cryptographic superiority being able to decrypt communications of all the US adversaries while no one else can? Remember their giving away Enigma machines after the WWII? 2. Isn’t it the NSA’s duty to make sure that they are the only ones who can decrypt communications of their own government? Remember the Clipper chip backdoor? 3. Isn’t it the NSA’s duty to enforce digital signatures to ensure tracking of individuals? Since when do authentication or message integrity require the use of digital signatures? 4. Why is AES-128 not accepted as a Type-1 cipher [not allowed to secure top secret documents or communications] while the 64-bit secure Skipjack with its 80-bit keys and a 16-bit NSA backdoor is [along with AES-192 and AES-256]? Since brute-force of a single AES-128 key would take a thousand years on a quadrillion of 10 GHz microchips, what is wrong with it? 5. If the NSA could break the DES in 10 microseconds, how fast could they break 3DES? 6. Why is algebraic cryptanalysis the most under-developed type of cryptanalysis by the academia, while most of the academic efforts are thrown into linear and differential cryptanalysis requiring infinitely large numbers of chosen plaintexts and which have not been responsible for a single known practical break of a cipher? Who influences the lemminghood? 7. Why was Rijndael chosen as the AES against all the warnings that it has the weakest structure of all the AES candidates against algebraic attacks, the only type of attacks that could be of a real practical threat requiring minimal amounts of information about the plaintext? 8. Why did RSA in PGP become limited to 2048-bit keys by “#define MAX_RSA_KEY_SIZE 2048” since Philip Zimmermann sold it to the NSA partner Network Associates Inc? 9. Why is RSA in GPG limited only to digital signatures and is not allowed to be used for encryption? 10. Why is RSA in GPG’s “expert” mode limited to 4096-bit? Are 8192-bit RSA keys too much to ask? 11. Why are the same mysterious prime moduli used in PGP, GPG and all the US government Diffie-Hellman standards and why is there no explanation of how they were generated? Are provably pseudorandom DH moduli too much to ask? 12. Why are the prime moduli over 112 bits chosen for the ECC standards have such very special and obviously weak form (1000…0001) even though the actual difference in speed between implementations of those and pseudorandom moduli is so small? [~18ms vs ~26ms for 128-bit secure 256-bit keys, mere 30% faster] 13. If the higher speed is in fact the key factor and if this special form does not affect security, shouldn’t the 112-bit and shorter prime moduli also have the same special form? Why are those pseudorandom? 14. Why are the random-looking prime ECC moduli up to 112 bits listed in the US standards in hexadecimal form, and the special prime moduli over 112 bits are presented there in decimal form in which they appear random? Why hide all the zeros? 15. Why was there a backdoor in the US government standard for random number generation? |-| 16. If there is obviously at least one backdoor, who says every one of those standards does not contain a backdoor? Shouldn’t they? 17. If it is the NSA’s responsibility to include hidden backdoors in the US cryptographic standards, how can anyone else trust any of them? 18. If the NSA could break as some people think any cipher or any key exchange algorithm, why would they go through all this trouble to limit and control it?

[chan] Crypto-Anarchist Federation
Jan 20 14:39 [raw]

If practical for your specific application purpose, you could use OTP encryption with this software: http://www.cyanbyte.de/ It is recommended to generate the keyset on an offline OpenBSD system. Perform any encryption/decryption operation strictly on that system only. Of course you could use Linux or any other BSD as well, but OpenBSD does explicitly prohibit US citizens to work on their crypto code for good reasons. THAT can be considered secure.

[chan] Crypto-Anarchist Federation
Jan 29 00:02 [raw]

> Why is algebraic cryptanalysis the most under-developed type of cryptanalysis by the academia, while most of the academic efforts are thrown into linear and differential cryptanalysis requiring infinitely large numbers of chosen plaintexts and which have not been responsible for a single known practical break of a cipher? Who influences the lemminghood? well thought question i have developed a cipher that is immune to all cryptanalysis. what i mean is that the cipher is unbreakable because all information is actually removed from the ciphertext and resides in the key. it is the dream of polymorphic cipher ^1024++ the two ciphers can be combined to exchange OTP pads that are highly compressed (yes, this cipher can, and does compress random data, it is a seemingly "magical" solution to that old problem.) the OTP can be used to encrypt the plaintext, then the symmetric cipher can be used to encrypt the OTP text, then the symmetric key can be negotiated via a secure three pass exchange. either before, after, or with the encrypted message. problem i don't think anyone will use the cipher i would propose that bitmessage use it to encrypt objects and have a "paranoid" mode where communicants can negotiate a session key using a three pass (provably unbreakable) to share a session key that encrypts using this cipher. it is more secure than vernam's cipher (OTP). it would increase message delivery time at least threefold, but really, is that so important in the bitmessage model? i'm not boasting about this. my new polymorphic cipher really is more secure than OTP. if you don't have 100% (every single bit) of the key, you have nothing, and nothing to work with to attempt any kind of attack. it's that secure. using a 256 bit key is far more secure than AES or threefish or any fish. it's just a fact that i can easily prove in two pages. (i already drafted proof notes) even better there is no limit to the key size. you can use 2048/4096/8192 bit keys if you desire. this would allow bitmessage to be used in a mode in which no government approved crypto is involved, using two provably unbreakable ciphers. ciphers that rely on large primes (the factorization problem) have never been mathematically proven secure. they are only assumed secure. Certain cases of the discrete logarithm problem are provably secure, which is why I prefer ElGamal over RSA. if you switch to using a pair of ciphers that are provably secure, you have absolute security. ECC is not proven secure. Not by a long shot.

BM-2cWZW87PJN5VZjtJCpk3hXcYefhNCxdjU6
Jan 29 00:02 [raw]

Very interesting questions. For once, a contributor with integrity & knowledge. Stman.

[chan] Crypto-Anarchist Federation
Jan 29 00:03 [raw]

Have you anally raped any government person today? Don't let them wait! And are you still harassed by electromagnetic boo-hoo? Are you mind controlled from Mars?

[chan] Crypto-Anarchist Federation
Jan 29 00:03 [raw]

John 3:16 That's all that matters. The Nazis will burn. Don't let yourself join them. Receive the gift. Nothing else required. God's blessing is free and can't be earned.

BM-2cWZW87PJN5VZjtJCpk3hXcYefhNCxdjU6
Jan 29 00:03 [raw]

Motherfucking Nazi. He is not rulling the world. All my country is behind me to support me. FUCK YOU. I got you checking my triggers. You are the evil mind controller. FUCK YOU. And your little threats don't impress me.

BM-2cWZW87PJN5VZjtJCpk3hXcYefhNCxdjU6
Jan 29 00:03 [raw]

Put this is your motherfucking nazi head : THESE PATENTS ARE MINE.

[chan] Crypto-Anarchist Federation
Jan 29 00:14 [raw]

Well, it will take ONE Jeff Bezos's lawyer and few minutes in court to squeeze you like a fly. Then, for the rest of your miserable queer and paranoiac life you will pay Bezos for defamation. Have fun, queer freedom fucker... oh, sorry, freedom fighter :)

[chan] Crypto-Anarchist Federation
Jan 29 00:14 [raw]

Post source code as soon as possible. I feel it is something strange at this chan, I feel presence of TLA operatives trolling our efforts.

BM-2cWZW87PJN5VZjtJCpk3hXcYefhNCxdjU6
Jan 29 00:19 [raw]

My reply below

[chan] Crypto-Anarchist Federation
Jan 29 00:19 [raw]

Sir, Be strong, stay calm and ignore trolls. They are just as effective as you let them. Please keep the good work for community and don't let nobody to trigger you. You have support of many people here. We have already supported you with barcodes. These attacks are proof you already touching important things. So it is important to stay out of reach of provocations.

[chan] Crypto-Anarchist Federation
Jan 29 00:19 [raw]

>I am convinced you are the manipulator behind mind control done on me. This is called PARANOIA and PERSECUTORY ILLUSION. >If not, you would not even take the precaution of using the chan to talk to me, but you're too coward to show your nazi head. Well, maybe I am afraid of anal rape, don't you think, you spotless freedom fighter? >You will end in jail motherfucking nazi. No, I will not. It is you who will end in psychiatric institution. >I will not fall in your traps, your provocations, your mind control. You are already nicely controlled. Right here in this dialogue. >I piss at your nazi spy face, I piss at your motherfucking nazi ass. Mmmmm, how kinky! I din't know you are into watersports too, you bad boy! >FUCK YOU. Is this a threat or invitation, my sweet freedom fighter? >And prepare your checkbook motherfuking nazi thief. Sex should be free, to be pleasant. So make love with me without taking my money. >Simply GO TO HELL. Soon we will meet there, freedom figher. Your mind is partially there, already.

[chan] Crypto-Anarchist Federation
Jan 29 00:31 [raw]

If you do fear nobody would use your cipher for whatever reason, then by all gods generate a fresh BM key, and use it to publish at least your proof and preferably also the algorithm!

BM-2cWZW87PJN5VZjtJCpk3hXcYefhNCxdjU6
Jan 29 03:49 [raw]

I am convinced you are the manipulator behind mind control done on me. If not, you would not even take the precaution of using the chan to talk to me, but you're too coward to show your nazi head. You will end in jail motherfucking nazi. I will not fall in your traps, your provocations, your mind control. I piss at your nazi spy face, I piss at your motherfucking nazi ass. FUCK YOU. And prepare your checkbook motherfuking nazi thief. Simply GO TO HELL.

[chan] Crypto-Anarchist Federation
Jan 29 05:15 [raw]

John 3:16 Defeat death. The Nazis are trying to take your soul to hell with them. Believe. That's all it takes Frederic. Just believe. Believe that all your sins are forgiven throught the blood of Jesus Christ and you will rise from death to eternal life. None of this drama will matter in the end. Once you have the victory over death and hell, then you have the power to really step on the heads of serpents and scorpions.

[chan] Crypto-Anarchist Federation
BM-2cWdaAUTrGZ21RzCpsReCk8n86ghu2oY3v