[5885] in cryptography@c2.net mail archive
Re: "unbreakable code?" with cash prizes
daemon@ATHENA.MIT.EDU (David Honig)
Tue Oct 12 19:58:41 1999
Message-Id: <3.0.5.32.19991012151750.00821220@pop.sprynet.com>
Date: Tue, 12 Oct 1999 15:17:50 -0700
To: staym@accessdata.com, John Gilmore <gnu@toad.com>
From: David Honig <honig@sprynet.com>
Cc: cryptography@c2.net
In-Reply-To: <3803A7FE.1777@accessdata.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
At 03:28 PM 10/12/99 -0600, staym@accessdata.com wrote:
(quoting the proponent of a puzzle)
>To be clear, the contents of message2.bin were created by xor-ing my
>English plain text with a chunk of a jpg file which is NOT on the web.
>It is a picture I took myself and scanned. I am interested to see if
>anyone can use statistical techniques or special knowledge of jpg's to
>crack this without the key.
This is a OTP with a bad (nonuniform) pad.
Images are locally continuous because surfaces (except for
porcupines..) are. This reduces the search space. Doesn't matter that the
image isn't broadcast; you used an image, and
images have redundancy.
Combine this with message redundancy and <handwave> voila,
enough info to constrain the solution.
[To the dear reader]
If you use a OTP, use a good pad (measure its quality). And explain how
key distribution works, or why your threat model
justifies the classic meet-in-the-park cloak und dagger key exchange.
You *can* derive quality OTPs from images, or sounds, or
radioactive decay, or *nix interrupts, but you *still* have
to 'distill' (irreversibly compress) the data, and measure
the entropy of the result. When you finally get 1bit/symbol
you can think about using the bits. You should hash them before use, to be
safer.
"Randomness is too importance to be left to chance"
