Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
×
Slashback

Slashback: Sale, Secrecy, Lasers 141

Posted by timothy from the pine-does-too-have-filters dept.
More details below in tonight's Slashback on the sale of Corel's Linux division, the public posting of the encryption scheme some bright young Irish whippersnapper has come up with, fun details on those toys you can roll around with your computer, and winners of another contest.

That's a lot of Molsen. Bigger R writes contributes this link to a story in the Calgary Herald with more detail on the sale of Corel's Linux division which was mentioned in vague terms the other day. It's going to a company called Xandros, in exchange for cash and equity, so Corel will still have at least some interest in the continued success of Linux, or at least its distro. A snippet: "Xandros Corp. president Michael Bego, who started the Ottawa company recently in preparation for the deal announced Wednesday, is also a shareowner in Linux Global Partners, a privately held New York venture firm that put up $10 million US to start Xandros."

Small, cheap and fun are all good words. An Anonymous Coward writes "There's an announcement of the winners of the embedded linux journal's design contest over at linuxdevices.com. Cool projects -- voting system, digital audio workstation, solar racing vehicle, GizmoCopter Project, and Hacking BigMouth Billy Bass. Follow the urls for the projects which are given in the announcement to learn about each project. Oh, and the prize for winning each category? An all expense paid trip to Costa Rica. Dang, why didn't I enter?"

Stuff that's hard to read. John Sokol writes with an update on the Cayley-Purser Algorithm mentioned here before.

"This story went through some time back about a 16-year-old girl outdoing RSA, but it lacked any discussion of the actual algorithm. This link is her paper that she now has posted on the net. It seems reasonable. Maybe someone here can find a flaw in it?"

Roll 'em. Slide100 writes: "It seems that there is more to the desktop rover that was posted about on Tuesday.

The marketing manager sent me a PDF file that explains some more - apparently, they just don't have the time to update the website.

Each rover comes with a cable that plugs into the transmitter and software to allow control of the rover from your computer (or through TCP/IP).

Additionally, each rover has 'Laser Tag' as an integral part of the vehicle. 10 hits (including sound effects) and your rover is disabled 'till the next match See it here. BTW - I have nothing to do with the company, I just think its very cool."
This discussion has been archived. No new comments can be posted.

Slashback: Sale, Secrecy, Lasers More

Slashback: Sale, Secrecy, Lasers

Comments Filter:

  • CP Algorithm broken long ago as public key scheme (Score:4, Informative)

    by Anonymous Coward on Thursday August 30, 2001 @07:09PM (#2237315)
    Obviously the poster did not read the article himself. In a postscript of her own paper (http://www.cayley-purser.ie/#Post_Script__An_Atta ck_on_the_CP_Algorit), a successful attack is described. The CP algorithm is only useful as a private key scheme, which is no big news.
    • I don't know a lot about alternative encryption schemes, but the relatively simple math involved suggests that this has the potential to be fast by any standard.

      I'm wondering if it might be worthwhile to do a mixed scheme whereby E is returned using RSA or some other technique and the bulk of the message is encrypted using C-P. If I read the comments correctly one has to retrieve the unique E for each message in order to break the system and read the encrypted text of that message.

      The table on the end show that a 250k file takes 50 minutes to encrypt/decrypt with RSA on the P 133 under Mathematica (relatively inefficient), and only a little more than 2 mins for C-P. Even given faster computers and optimized code, it would seem that one might see significant gains in speed if you are encrypting multi-megabyte files.

      Any thoughts?

      • Re:CP Algorithm broken long ago as public key sche (Score:1, Interesting)

        by Anonymous Coward
        This is how things are done now - RSA is far too slow to use to encrypt a whole file, so a DES [typically] private key is passed using RSA, then DES [or triple DES] is used to encrypt the bulk of the data.


        Block ciphers like DES and AES are much faster to compute than even C-P, since they don't require multiprecision arithmetic. AES, in particular, screams.

      • Nobody uses RSA to encrypt multi-megabyte files anyway. Traditionally you use a public key algorythim to encrypt a session key (realistically no bigger than 32 bytes or so), and then use the session key to encrypt the message with a well known and tested symmetric algorythim (like 3Des, Blowfish, IDEA, etc).

      • I don't know a lot about alternative encryption schemes, but the relatively simple math involved suggests that this has the potential to be fast by any standard.
        Not by any standard. If you can transmit the key securely than a simple one time pad (i.e. xor with a random key the same length as the message) will be faster. Then of course stuff like PGP doesn't use RSA to encrypt the entire message, DES is used which is much faster. I didn't go into the CP algorithm enough to see how it would stack up against DES or other non-public key algorithms.
    • Not only that, but this paper (with its addendum) has been around for quite some time to my knowledge (and a comment in the HTML mentions May 2000) - so what's it doing here ?

      It's not even a new update to old news.


  • You know this is a really cool little deal. What is really going to be pretty neat is when you can set up rock'em socke'em robots.

    With lasers on them to plug into your computer though a wireless network work. Then play with them though a head mounted camera! -- Opss wait that is Quake.

  • Laser tag? (Score:2, Informative)

    by Elequin ( 137149 )
    I don't see anything about laser tag on the vehicle, but I did get this when I was trying to find it:

    This page is being modified, Sorry about that -
    come back later and we should have the
    changes completed. Please Click your
    browser's "Back" Button.

    Thank You!

    Heh. I guess maybe they're trying to add it, or trying to keep from getting slashdotted too badly?
  • Umm, she has pointed out the flaw in her own post-script. If I read it correctly, it says
    that if you know the public key and one encrypted
    message then you can break it.

  • Sarah Flannery (Score:2, Interesting)

    by Anonymous Coward
    There is a book entitled "In Code" by Sarah and her father, published by Workman, NY, that very interestingly describes her work. In it she tells of being advised by a well known mathematician that there is an attack on the method she described, due to the famous Caley-Hamilton theorem.
  • Soposidly the encryption is 20 times faster than RSA. So if it's deemed as secure as RSA, she recommends switching over to it. I could be an idiot, but wouldn't it be faster to brute force crack it if it is 20 times speedier than RSA?
    • Well, you might be a troll, but in case you were being serious:

      1) She was comparing at 200 digit length moduli. This is slightly smaller than one would want to use for long term security (10^200 is somewhere around 2^640, as opposed to recommended key lengths of 1024 or 2048) As a point of reference, it's generally assumed NSA can factor 512 bit keys fairly readily.

      2) Moreover, trying to bruteforce crack even 2^512 is a ridiculous endeavor. Essentially, imagine having a ... wait for it... beowolf cluster of beowolf clusters.... i.e. 1 Million clusters of 1 Million computers, each running at a speed sufficient to do 10^12 (terraOps) operations per second. This works out to 10^6 * 10^6 * 10^12 = 10^24 operations per second. To within 1%, pi seconds is a nanocentury. Or, in other words, in century, there are 3.15 (the slightly more accurate value) * 10 ^ 9 seconds. This means that in a century, 3.15 * 10^33 operations can be done, which is roughly 2^112. So in theory (with enough memory to use the meet in the middle attack on triple des), in 100 years, triple des could probably get broken. However, to factor an 512 bit RSA number with brute force, one still has 2^400 centuries to go. This greatly exceeds the expect heat death of the universe, to say nothing of the sun, which should have bit it well before.
      Brute force really only works well with symetric ciphers (DES, triple DES, RC5, AES, etc. [and even then, more 'elegant' attacks such as differential cryptoanalysis are more potent in some cases]); with public keys, there are typically more efficient was to attack (Pollard's Rho, Number Field Seives, etc.)

      3) There is already an attack against the algorithm; see the postscript of the article.

    • Interesting point - I'm not sure, but it would still have scalability behind it. It takes very little extra time to add a few extra digits to the key. Being able to brute-force it at 20X wouldn't be much of a worry if you tack two digits onto the key.

  • Thoughts on the Cayley-Purser Algorithm (Score:5, Funny)

    by Shoeboy ( 16224 ) on Thursday August 30, 2001 @07:27PM (#2237352) Homepage

    What I find most interesting is the use of an inverse posiform discombobulator to repel sophisticated man in the middle attacks. Combined with the infix digestive emulator, this will be a key component in the "Digital Nervous System" of the future.

    Superficially, the Algorithm appears similary to the Bosun-Smee cipher which has been shown to be vulnerable to chosen plaintext attacks when not run in output feedback mode. Personally I think an approach based on a 4x4 Holmes-Longpole network would have been a preferable starting point, but this would be more vulnerable to differential polyp-cystizing cryptanalyis. This can (theoretically) be compensated for by a field-coit gestation transform, but no one is quite sure how to overcome the slow encryption speed of such a system.

    All in all it's a fairly interesting approach and I intend to study it further. I'd love to hear anyone elses opinion though.

    --Shoeboy

    • Bull! (Score:3, Funny)

      by fm6 ( 162816 )
      This is a prime example of the proto-Cartesian fallacy at its worst. Remember, retrograde inverses are not prolifically transposed. There not "charmed" (excuse the pun).

      The right approach is to decompress ontlogogical entropism. You have to do this, or all you're left with is a lot of noise!

      • "The right approach is to decompress ontlogogical entropism. You have to do this, or all you're left with is a lot of noise!"

        This is not necessarily the case. If, as cited most notably by Hans Durghstein, we were to apply a series of semi-ontological entropy matrices to the decompression algorithm, we could effectively increase the speed of the retrograde inverses before they're due to be transposed!

        We musn't forget our history, gentlemen.
      • You are both clearly insane people! A field-coit gestation transform? Decompressing ontlogogical entropism? You'd probably suggest protecting the nuclear launch codes using a Batman decoder ring from a box of cereal. For the very love of Christ, I pray and hope that neither of you boobs are in the Public Sector.

        Everyone-- me, the old lady next door, the kid down the street, the dog-- knows that field-coit gestation transforms and ontological decompression over a finite field are about as secure as a tipsy girl's chastity on prom night. Field-coit, when push comes to shove, is hardly more than a complex-- but certainly tractable-- hex-stacked XORing from an arbitrary (but by no means random) set of figures of undefined length. And ontological demopression?!? Christalmighty! Not only is it slow (maybe you can wait 1345 months to encrypt "The Old Man in the Sea", but I myself have a wife and dog to feed), but you actually end up with LESS entropy than using, say, triple-DES with unique keys-- which also has the tiny-tiny-twee little advantage of not taking 112 YEARS!!!

        This is what I hate about this ENTIRE FIELD: Some gintch in Ireland comes up with a cute (if entirely infeasable)cryptosystem (which, I might add, she has already aknowledged and published the weaknesses of!), and then I have to listen to every blowhard from here to Katamandu go off about how great field-coit and ontological decompression are. Christ, it's wors than talking about laptops with Mac-Addicts!

        Some days, I'd rather be flipping burgers.

    • This reads like a script of a Voyager episode. You just need to modulate something metaphasic and it would be perfect.

    • All in all it's a fairly interesting approach and I intend to study it further.

      You're not fooling anyone, Shoeboy! "Intend to study it further" my foot, you're lusting after this poor girl, admit it! What will Heidi say??

    • You're only jealous !

      Come on !
      This is Slashdot!
      You're meant to understand stuff like this!

    • Mornington Crescent!

      (or does no-one else know of that fine game?)

      ;-)
    • if you reverse the polarity of the neutron flow.

  • desktop rover (Score:5, Interesting)

    by neonmatrix ( 2606 ) on Thursday August 30, 2001 @07:29PM (#2237356) Homepage
    It's very strange that I am moved to post by this thing.

    Many of the most useful little devices started as toys. For instance the Aztec and Inca civilizations had wheels on their childrens toys but not on their wagons and carts.

    This little toy, or at least the model of a cheap travelling rover based on existing tech, could lead to cheaply revolutionized communications in cities and other compact spaces, such as aircraft carriers, etc.

    Using these devices as messengers would cut down on traffic and save gasoline and car-use resources in many cities.

    It sounds weird to us not because it's scientifically or fiscally implausible but because we are involved in a car culture.

  • From the paper itself:
    Thus the system as originally set out is 'broken'.
    Jason Pollock

  • It isn't just 16 year old girls that can crack... (Score:5, Funny)

    by Kiss the Blade ( 238661 ) on Thursday August 30, 2001 @07:35PM (#2237364) Journal
    ...codes. Controversial website adequacy.org [adequacy.org] has the skinny on autistic people being used by the NSA to crack RC5 [adequacy.org]. Apparantly, each autist is capable of 1 megaflop per second, and there are many thousands of unused autists in our fine country. Are we not using their potential as we should?

  • feature/bug with CP alg (Score:2, Interesting)

    by shibut ( 208631 )
    My crypto (and linear algebra) is somewhat rusty, it's been a few years, but I think that the problem is that Alice can't sign with her secret code. The paper mixes Alice and Bob a little, but assuming that Alice publishes and Bob encrypts in the algorithm, then unlike the RSA keys, Alice can't sign a message with her private key for all the world to see (using her public key). That is a big advantage of RSA.

    Is it a feature or a bug? what's the difference?

  • FYI (Score:2, Informative)

    by nnet ( 20306 )
    FYI: its Molson's.

  • Ummm...I can't seem to get the lazer game...any ideas? Appearently the page is up for construction.

  • Cayley-Purser algorithm (Score:3, Funny)

    by binford2k ( 142561 ) on Thursday August 30, 2001 @07:38PM (#2237379) Homepage Journal
    The algorithm has already been shown to have fatal flaws [infosecuritymag.com] (search for Plaintext Defense). Sarah Flannery herself was quoted as such. However, there is nothing to say that the flaw cannot be eliminated in the next version. To say the least, this algorithm provides a strong foundation on which to build.
    • I haven't checked the article posted above, but I have done some reading on the algorithm (http://www.counterpane.com/crypto-gram-9901.html has some good info), and Ms. Flannery, in her book, admits that she has quit working on C-P, as there is no obvious way to fix the flaw. The algorithm apparently works great as a private key system, but is nearly worthless for public key.

      RagManX

  • I just skimmed over the paper, but her algorithm seems a lot like RSA except that she encrypts/decrypts with pre computed matricies instead of exponentiations. There are some easy ways to speed exponentiation up when doing it modulo... I wonder if she took that into account when comparing.

    It appears that the matricies that are used as keys instead of the normal RSA keys are the cause of the crack. They give too much extra info to a possible attacker.

    I want to look this over better when I have more time, it's pretty interesting. God knows I didn't understand RSA that well when I was 16.

    garc

  • If I were hacking Big Mouth Billy Bass to put Linux on it, I'd replace that annoying "Take Me To The River" sample with the classic "Hello, this is Linus Torvalds, and I pronounce Linux as Leenux."

    Of course, that would probably get old really fast, just like the standard sample. Plus, no one really wants to hear Linus say the same thing every day (except maybe his kids, who want to hear the "scary module under the bed" story every night).

    I'd really like to replace the current sample with the Talking Heads cover of the same song. Much better. Maybe give Big Mouth Billy a Big David Byrne Suit too.
    • "...replace the current sample with the Talking Heads cover..."

      Make it worth the time and trouble. Go with the original--Al Green.

    • I'm the guys who made the Billy Bass project. That's a good suggestion about having Billy say "Hello, this is Linus...". I'll do it. And no one will get tired of it because Billy says so many different things....

    • Oh yeah there are two other quotes I plan to post as movies on the Hacking Billy Bass website [here-n-there.com].

      • Marsha, marsha, marsha! -- Jan Brady
      • Hasta la vista, baby -- the Terminator

      And of course I have costumes for these quotes. A Barbie scalp for the former, baby sunglasses for the latter.

      More sound bite or song suggestions would be appreciated... it's pretty easy to make the Bass say a given phrase. It takes about 10 minutes to transcribe a saying.
  • Think about it, get one of those desk rovers, strap an x10 camera to it, drop it in somewhere interesting, like the runways in your office for cabling and in the ceiling... Instant remote control first person shooter!

  • A chick that can break RSA? (Score:1, Funny)

    by Anonymous Coward
    When does this chick turn 18? I'm in love....

  • I have a couple of questions. hopefully someone
    who knows a lot about encryption can answer.
    The paper claims there are two lines of attack:
    1. B={(AC)^-1}*C
    2. G=C^r
    For the first attack to be hard we need to
    pick p and q carefully. Does this restriction
    affect the ease of the second attack?
    Also, this negligible probability that the first
    attack will be easy seems to have a PR disaster
    written all over it. Does RSA have similar
    probability issues?
  • Will it still be called corel linux or xandros linux?
  • Whats interesting about this girls story is that her discovery was actually an entry in an Irish Young Scientists competition, and her father has refused to let her profit from it at all for fear it will spoil her. IMHO thats pretty aweful, considering its potential applications.

    --
    Dave

    • Re:Sarah Flannery (Score:2, Interesting)

      by mamba-mamba ( 445365 )
      Since the encryption scheme is broken (as public key anyway) it is not likely to make a great deal of money for anyone, although it was certainly interesting to read about.

      Furthermore, I think the father is right. Most children who get lots of money and or achieve lasting celebrity while they are still children have messed-up lives. I totally agree with the father's decision. Besides, smart as she is, she will most likely make money later in life if that is what she actually wants to do.

      MM
      --
    • Cultural differences. Many Irish, perhaps even most of them, don't value material wealth above all else, despite the usual cultural imperialism of imported hollywood trash. In fact, they tend to be rather disdainful of people who think that having material wealth makes one more worthy of admiration. Her father's just saving her from Evil Consumerist Brainwashing.

      She is profiting massively from it, in Irish terms, not [insert derogatory term for materialistic rest of world] terms - lots of people who matter know her name, and know she's smart. In Ireland, reputation tends to be much more important than money.
      • What nonsense. Ireland's as materialistic as any other country, except we seem obsessed with land possession, 4x4 jeeps and how many pints one can drink before falling over. I'm not saying I agree with this change in culture (I hate people driving bigger cars than me!), but at least I've got my eyes open. MOST people I know think that having material wealth makes one more worthy of admiration. Romantic Ireland's dead and gone...

        "Her father's just saving her from Evil Consumerist Brainwashing"So why'd he let her do the TV advertisement for a newspaper? TV is the tool of choice for any budding Evil Consumerist Brainwasher. ;0) I think he didn't want the attention as people would find out that he was the one who developed the encryption method (he is a maths teacher after all).
        • Ahh... but the very fact that you recognise it as a new and abnormal phenomenon, and one that you don't sound particularly happy about, means that "Romantic Ireland" is not dead and gone. Rest assured that there's plenty of people left who have feelings between hate and pity for those drivers of immaculate, mud-free 4x4s who certainly don't need a 4x4 to get around off-road on the farm.

          Now that the economy's slowing down to saner levels, thanks to it's intimate dependence on currently recessional high-tech industries, there's been a bit of a media backlash against the nouveaux riches, at least in a goodly proportion of newspapers. Depends on what circles you move in, of course.

          I'm pretty confident her father didn't develop the algorithm, based on experience with other teacher's children here - the teacher's children tend to be the ones who are treated most harshly by the teachers themselves, often having to do at least 2x amount of work for same levels of recognition. I would say that she was motivated to work extra hard and do something outstanding because her father would have been much harder to please - and children tend to automatically want to please their parents (At least until the parent falls from grace by some demonstration of fallibility).
          • Point taken. I have friends who experienced the teacher-parent relationship first hand. I hated all my teachers at school, and I pity their kids.

            If she did develop it by herself, I would have thought her father would be proud enough to allow her to profit from it. "Profit" doesn't necessarily relate to money or material goods.
      • hey I *am* Irish, born and reared. I value material wealth pretty high, and so do most people I know. Don't let yourself be brainwashed by the image of twee Ireland where we all live in thatched cottages and eat potatoes for lunch dinner and breakfast. I eark 35k a year as a SysAdmin. I live in a metropolis, drink coffee, watch anime and talk about sports with my friends. We are *not* a third world country.
        • Huh? I am Irish, born and reared, too. My point was not that people don't value material wealth to some extent, just that they don't value it above everything else, and that excessive accumulation thereof is not considered particularly commendable - the people who get most praise seem to be those who share their gains around with the community, not those who accumulate vast fortunes and don't do much with them. And in Ireland, somewhat like in Japan, people consider respect earned from their peers more important than most other things. Accumulation of money does not automatically lead to that respect, although it is one possible means to an end if you want to do things that will earn you said respect.

          Most people I know consider their reputation and their family more important than material wealth. A significant proportion still think that the peculiarly Irish brand of catholicism is more important (although I disagree, being an atheist).

          I live Dublin, avoid coffee (because I went cold turkey and went through two days of blinding withdrawal headaches - either drink lots of coffee or drink none - In between is painful!), watch anime, and talk about sports.

          I wouldn't consider an interest in sport to be exactly materialistic - in fact, athletic prowess is one of those "other than money" things that people hold in high esteem, along with artistic/creative talent and writing ability.

          I certainly didn't say we were a third world country. We haven't been since the 1980s ;-) (I remember when we "officially" stopped being one, when our GDP exceeded the sum of the interest payments on our various loans.)

          A disdain for the glorification of capital gain above all else does not mean that one automatically poor, just that one realises that there's more to life. This is an attitude I have picked up from a fair proportion of people I know here in Ireland (and Australia), to a lesser extent in Britain, and much more rarely from Americans, whether they be rich or poor.

          The thing is, property and material wealth are much more solid concepts in other cultures - in early Ireland, there was a concept of ownership, but it was transient. People were always stealing eachothers cows, lands, etc. It kept them occupied and made for interesting sagas.
          The Irish language doesn't have a verb "To Have", you say "It is with me" - "Tá sé agam". This kindof expresses the transience of the situation of ownership in the Irish psyche, which still persists today, despite British and the current American cultural imperialism.

          • Ok point taken, I just assumed you were one of those stupid Americans who have this off-the-wall idea of Ireland that they get from their media. The sports-talking reference wasn't meant to show how capitalist I am, but just to show that our society is every bit as "advanced" as the yanks. Still tho, I think your own idea of Ireland is a bit warped. A lot of Irish people have this concept of themselves as "Ireland of the thousand welcomes" thats just a bloody fascade for the aforementioned yanks, and disappears as soon as somebody with a different colour skin appears in need of help. I've seen Irish people being kinder and more generous than I would ever expect them to be, but on the other hand I've also seen them being viscious monsters worse than anything I've seen anywhere else in the world. We have a lust for money/power that is more than the rival to anybody else in the world. The only thing thats stopped us from being known for it is 800 years of occupation and suppression.
    • Maybe some enlightened soul who DOES profit financially could put away the money in a trust fund so she could also profit after her dad can't say anything about it.
  • I wonder, if since the desktop rover can be hooked up via tcp/ip to a computer, and since it has laser tag capabilities...

    Could one hack it to be a remote IrDA port? maybe be used as a second remote control for your TV? There must be some super-cool use for a radio controlled remote control...

    At least you'd never lose it!!

Slashdot Top Deals

Any sufficiently advanced technology is indistinguishable from magic. -- Arthur C. Clarke

Close