[119239] in Cypherpunks
RE: Chalange to Tim May was: Re: Frequency Tables
daemon@ATHENA.MIT.EDU (Spencer Jr., Michael)
Wed Oct 20 01:58:15 1999
Message-ID: <17CCCCF307B3D211B08C0080C84B23620D1721@ACCBNT01>
From: "Spencer Jr., Michael" <mspencer@accbiowa.com>
To: "'ANTGamez@aol.com'" <ANTGamez@aol.com>, cypherpunks@toad.com
Cc: coderpunks@toad.com, tcmay@got.net
Date: Wed, 20 Oct 1999 00:10:36 -0500
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Reply-To: "Spencer Jr., Michael" <mspencer@accbiowa.com>
Ohmigosh, this must be what happens when your self-confidence outweighs your
capabilities.
XOR-based encryption does just that, swap letters, secret-decoder-ring
style. Depending on the implementation, the same 'ring' could be used for
each letter or a series of 'rings' could be used. XOR-encryption cracking
is an academic exercise, a math book problem. I can only speak for myself,
but I won't help you with this.
The rest of the post was not quite rolling-on-the-floor funny, but more like
damn-this-guy-has-an-anger-problem funny. :) He seems to feel that there
are egos at war here, making reference to somebody thinking they are a
'semi-celebrity'. The encryption/decryption challenge he offers seems to be
trying to salvage his own ego...but he misses two key points when he does
this. First, he assumes that his challenge is significant enough to warrant
someone coding an encryption algorithm "completely your own not something
someone wrote or compiled a DLL for or any other such thing". (Forgive me
if I quoted you out of context.) Second, he ignores the notion that by
mailing from an AOL account, posting 'please give me this information' and
nothing more, he has imitated behavior that has already been stereotyped and
dismissed -- the AOL-lamer. His attempt to salvage his already-sunk public
image is further complicated by the logic problems inherent in his
'contest'.
It can be demonstrated that for an XOR-based encryptor, using any length
data from /dev/urandom and a key of the same length, I can use the
/dev/urandom data for cyphertext, and change my key to create any plaintext
I want. That is, I can give you data from /dev/urandom, let you hack away
on it for a few days, and then pick my plaintext from a book and engineer my
key so it makes the plaintext into whatever I want it to be. By the same
token, if I use any XOR-based encryptor you can fake a crack by making the
plaintext anything you want it to be and generating matching key material.
Either of us could claim to have won without doing any cryptanalysis.
A one-to-one relation between plaintext and cyphertext is required for any
algorithm presented for your 'contest' to have conclusive results.
Sometimes in the real world, the lack of such a one-to-one relation is a
good thing (because you don't want your attacker to be able to
mathematically prove that they found the right plaintext). This makes your
contest more labor-intensive and more unrealistic.
While it's a shame that we may never be able to stop you from thinking to
yourself that 'they just don't want to play because they know they'll lose',
we're really not in control of what you think about yourself (regardless of
the facts), are we? It may be helpful to remember that letting the thread
die gracefully may be the only way to salvage your personal reputation.
Nobody will remember your name (and these posts) if you stop annoying us.
You can take or leave that advice, of course.
--Michael Spencer Jr.
mspencer@sr.radiks.net
> -----Original Message-----
> From: ANTGamez@aol.com [SMTP:ANTGamez@aol.com]
> Sent: Tuesday, October 19, 1999 7:20 PM
> To: cypherpunks@toad.com
> Cc: coderpunks@toad.com; tcmay@got.net
> Subject: Chalange to Tim May was: Re: Frequency Tables
>
> It was posted a few months ago by subscribers to this list, and since this
>
> list has a major topic of crypto-analisis / code breaking why would it be
> off
> topic??? A large amount of "encryption" programs simply swap letters, also
>
> the one time pads can be broke with such a method assuming enough
> ciphertext
> is available. This is not off topic, this was posted before, I am just
> asking
> someone to repost this information to me and/or the list as for you. As
> for
> this being "inappropropriate" learn to spell the word, before you decide
> what
> is and is not inappropriate, I was not asking for a personal assistant in
> a
> search. I was asking for someone to post information which unless the
> topic
> of cryptography has completely disappeared from this list, should be
> readily
> available to many of the subscribers to this list. It appears you are
> becoming less and less the cryptographer and more and more the
> semi-celebrity, if I am wrong then here is what I have to say to you:
>
> I challenge you.
>
> Write your own code to encrypt a message, note: this code must be
> completely
> your own not something someone wrote or compiled a DLL for or any other
> such
> thing, I will do the same, then chose a publicly available book in
> English,
> type the first 3 pages in a plain windows text format, then encrypt it
> with
> your code and send the ciphertext to the list. then e-mail your code for
> your encryption to the list, I will do the same, the first one to gain the
>
> others plain text wins the challenge upon this happening the winner will
> supply to the list the passphrase for his message and the title of the
> book
> he chose it being confirmed that the supplied encryption code and
> passphrase
> produce a proper plaintext he will be declared the winner if said code and
>
> passphrase does not produce a proper copy of the plaintext, the winner
> will
> forfeit. You have been challenged, now it is a matter of honor.
>
> -Michael Haisley
> antgamez@aol.com
> mhaisley@thepentagon.com
> "In the end there can be only one"