JSH: Situation just became serious
in [Cryptography]
|
Prev: Applied Computing 2010 (2nd call): submissions until 26 July 2010
Next: Situation just became serious
From: rossum on 2 Jul 2010 19:01 On Thu, 1 Jul 2010 20:19:21 -0700 (PDT), JSH <jstevh(a)gmail.com> wrote: > >Worst case can be a collapse of military grade encryption worldwide. Nope. Your method has no impact whatsoever on, for example, hardware LSFR bitstream generators. Would you care to indicate how your method threatens elliptic curve cryptography? rossum
From: JSH on 2 Jul 2010 20:30 On Jul 1, 8:19 pm, JSH <jst...(a)gmail.com> wrote: > My concern has been that fundamental equations in modular arithmetic > could be exploited rather quickly and it appears with my latest > efforts that that concern may be correct. > > With the approach to discrete logarithms I've found it appears you CAN > optimize the approach, and even though that involves looking for > factors q^2 mod N, near N^2, it appears that it's easy to come up with > a method that would allow factoring numbers on that scale as it's NOT > a factorization where you don't have more tools from the idea itself. > > Some of you may think this situation is a game. I assure you it is > not. > > My own hope had been that the research was far away from a trivial > optimization but it appears that it is closer than I realized. And maybe not. I felt a bit of panic yesterday but wonder today if I overreacted. Which is how it usually goes...as time goes by you start wondering, and especially figure, if this thing were really important, wouldn't somebody important notice? > I would assume that there are people who are aware of that now as > well. > > It's not clear to me what to do, but my own hope is that some clear > heads will realize the need to notify the US Government. Still not a bad idea. I do have a novel approach. It relies on rather basic equations. Questions of how well it *may* work should not be left up in the air. > Unfortunately there may be enough in postings for a clever person to > work out the details, which was not my wish, but things worked out > faster than I realized until after postings. I often get my best > ideas after posting. And that brings me right back to trying to work through ideas. I DO try to clobber my own ideas. And in this case finding that this approach is fatally flawed does not end much. The general modular arithmetic result is definitely proven to be correct, as it derives from simple congruence relations. It has an early application in finding k, when k^m = q mod N, and I've got a lot of results with the m=2 case, the quadratic residue case, that show that it is not brute force as some posters have claimed--notably without bothering to give mathematical arguments to even attempt to support their position. And there is a paper I've submitted to the Annals of Mathematics on THAT result, about a month ago. They acknowledged receipt and said I should wait to hear back further (usually later I get a rejection). Arguing with "Mark Murray" on THAT result got me to wondering about discrete logs when he brought them up, and I realized a novel approach, which intrigued me enough to start pondering it. It is highly clever, as it is a way where all but a few of m factors are canceled out, which is why it also kind of scares me, as what if it's TOO good? There is no other idea out there I think that has a cancellation component against discrete logs. The cancellation component is real. But there are still enough mathematical things not tied down that I wonder, where the biggest is the correlation issue: I use two constraining equations, on control variables I call a's: a_1+...+a_m = m mod N and a_1*...*a_m = q mod N The first was needed to pull m into position for the cancellation. The second was an arbitrary choice which seemed safe enough but included q for what I call correlation. The math needs to know that you want it to give you answers for your q. If you do clever things with that second constraint though, it should leave the door too wide open for the mathematics to know what you want. One other option is: a_1*...*a_m = 1 mod N And I've considered a_1*...*a_m = q^j mod N, where j is a natural number to be an option, all in the name of correlation. As what if? a_1*...*a_m = rq mod N? Where r is a residue of your choice? Then you have discorrelated that constraint, so the equations should behave randomly as the math can't figure out what you're doing, as at that point, the actual q you want, could be anything. Oh, some may notice that I talk about "the math" like it's a person, but in actuality I'm talking about it as an intelligence. With a LOT of my research, the math needs to understand what you want it to do, so that it can give you the numbers you want. It is like a genie. It has infinite powers, but if you leave too many doors open, it will just answer all of them. So the math thinks. Your job is to tell it exactly what you want, so it can give it to you. Here using a_1*...*a_m = q mod N, seems to work in tests so far, so it appears correlated, so that the math knows what you want. The math is smarter than you are. It has all the answers, and will tell you anything. You just have to know the right questions to ask. So still brainstorming. I'm looking to quash these ideas if possible. But posting helps me to think and figure things out. I figure out a lot of things AFTER I make a post, often when that post is way wrong. Somehow typing things down and putting them out there, helps me to figure things out more rapidly. Some people hate me for it. But their hate is their choice. I explain what I do, and have done so for years. And Usenet is a free speech zone. James Harris
From: Sue San on 2 Jul 2010 23:12 "Mark Murray" <w.h.oami(a)example.com> wrote in message news:4c2e3ddb$0$28006$db0fefd9(a)news.zen.co.uk... > On 02/07/2010 04:44, MichaelW wrote: >> To the governments of the world. >> >> I have got sufficient details from the posting of one James Harris to >> allow me to write code that breaks any and all encryption currently in >> use. I have successfully hacked into the systems that control the US >> nuclear arsenal. Please send one hundred billion dollars in small >> unmarked bills to James Harris (currently residing in LA, California) >> or I will start destroying your cities. >> >> Have a nice day. Michael W. > > Michael, > > Before the evidence is lost forever, it must be noted the formidable > nature of your correspondent: > > http://twitter.com/jstevh has: > > <quote> > the world has never seen a major discoverer like me. my job quite simply, > is to push the entire human species--forward. > </quote> > > You saw it here first. Be very afraid. > ckout more on his blog => this guy is out to lunch Who would spend the time to type in little messages like that and send it off into no-where land?
From: David R Tribble on 2 Jul 2010 23:48 JSH wrote: > It's not clear to me what to do, but my own hope is that some clear > heads will realize the need to notify the US Government. I can image them replying with a courteous letter, saying something like: We understand your feeling of concern. Enclosed please find the encoding for a 1024-bit RSA public key. Given evidence that your algorithm is able to factor the public key and thereby recover the corresponding private key, we will investigate your algorithm and the threat it poses in further detail. After all, they probably get dozens of panicked letters warning about the impending collapse of the US financial infrastructure every day.
From: Mark Murray on 3 Jul 2010 04:26
On 03/07/2010 01:30, JSH wrote: >> My own hope had been that the research was far away from a trivial >> optimization but it appears that it is closer than I realized. > > And maybe not. I felt a bit of panic yesterday but wonder today if I > overreacted. Situation normal. Have you not yet notice your overall pattern of overreaction? > Which is how it usually goes...as time goes by you start wondering, > and especially figure, if this thing were really important, wouldn't > somebody important notice? Right. And would it not in all likelyhood already been covered? MichaelW pointed out a paper which you dismissed. >> I would assume that there are people who are aware of that now as >> well. >> >> It's not clear to me what to do, but my own hope is that some clear >> heads will realize the need to notify the US Government. > > Still not a bad idea. I do have a novel approach. It relies on > rather basic equations. > > Questions of how well it *may* work should not be left up in the air. Nothing wrong with exploring it further. See if you can avoid the hubris, and see if you can anticipate the trivial errors before your audience does. >> Unfortunately there may be enough in postings for a clever person to >> work out the details, which was not my wish, but things worked out >> faster than I realized until after postings. I often get my best >> ideas after posting. > > And that brings me right back to trying to work through ideas. .... except you don't. You present "results" LONG before the snags are worked out, making you look incompetent. If you did a better job of anticipating the problems, you'd have a lot less ridicule amed at you. > I DO try to clobber my own ideas. And in this case finding that this > approach is fatally flawed does not end much. It would haved helped if this approach had been already eliminated at the time of your first announcement, and included in your submission to AoM. This would that you did your checking properly, rather than rushing a half-baked idea out of the door. > The general modular arithmetic result is definitely proven to be > correct, as it derives from simple congruence relations. It has an > early application in finding k, when k^m = q mod N, and I've got a lot > of results with the m=2 case, the quadratic residue case, that show > that it is not brute force as some posters have claimed--notably > without bothering to give mathematical arguments to even attempt to > support their position. Your example code was brute force. At the time that you supplied that, you weren't even aware of Modular Exponentiation and Discrete Logarithms, let alone the /known/ connection between DL and factoring. You were claiming rediscovery of the concept and doing it with an algorithm that did not stand up to the wild claims you made. > And there is a paper I've submitted to the Annals of Mathematics on > THAT result, about a month ago. They acknowledged receipt and said I > should wait to hear back further (usually later I get a rejection). Given that you needed a mathematical lightweight like me to connect what you were doing with Discrete Logarithms, I rather suspect that your work is going to be rejected. <mathematical ideas snipped without prejudice> > So still brainstorming. I'm looking to quash these ideas if > possible. But posting helps me to think and figure things out. I > figure out a lot of things AFTER I make a post, often when that post > is way wrong. Somehow typing things down and putting them out there, > helps me to figure things out more rapidly. Now this sounds a LOT more reasonable! :-) You admit to failure, you explain your thinking process, and you don't blame or accuse others. > Some people hate me for it. But their hate is their choice. .... and then you blow it. > I explain what I do, and have done so for years. And Usenet is a free > speech zone. For years you have accused people of lying, you've made excuses and you've blamed others for your failures. You've been thorougly obnoxious in the process, and then wondered why folks despise you. In a classic display of crankery, you've hung tenaciously onto notions LONG after they've been shown to be fallacious. Yes. Usenet is a Free Speech zone. This applies to both you and your detractors, and you have /earned/ a LOT of detractors. M -- Mark "No Nickname" Murray Notable nebbish, extreme generalist. |