[ILUG] serious Debian/Ubuntu security hole found

[Michael Watterson]

Brian Foster wrote:
>   |[ ... ]
>   | (Pi  and e you can always calculate (predict) more digits. They are
>   | irrational, not random).
>
>  careful here.  if I told you I'm using the base 10
>  expansion of π and my current “random” digit is 7,
>  you wouldn't be able to tell me what the next digit
>  is.  (you'd be able to guess with an c.10% chance
>  of being right.)  and if I asked you for the next
>  sequence of, say, 10 digits, your search space is
>  larger.  what we don't know is just how large.
>
>   
If you told me your last ten* "random" digits though, you might be in 
trouble.
You can't know anything from a single input. My suggestion was that with 
suitable amount of history, that if you have calculated the irrational 
number to more places than was used, you could deduce which irrational 
number was used and thus what part of it might be used next. Hypothetically.

I suppose if you somehow had a method to generate a long sequence  of 
digits  far past the number of places currently calculated or could be 
calculated by anyone in a reasonable time  then such an irrational 
number could be useful. I'm not expert enough on irrational numbers or 
cryptography. I'm not even in the same planet as Hibert, Knuth, Hoare, 
Schieer & etc.

*Or whatever needed depending on what ever algorithm you are using, 
which of course if it was Open Software would be known.

The point is that with any reasonable publicly  used  cryptology   most  
of the  bits of the  PRNG are  known.  All  public  / private  key  and 
all non-OTP  systems are a  compromise.  The only  100% secure for  
ever  system is a  One Time Pad  using a  true  random key  the same  
size  at  least as  the message. If there is no method somewhere of  
true randomness in the compromise non-OTP systems then the keyspace is 
smaller (easier to brute force) than the size of key suggests.

Weather reports sent in code was the downfall of one encryption system. 
(The British sent a Trawler to monitor the same weather). If you know 
enough of  plain text then  you can work out what the key is. The 2nd 
worse case is key the same size as message, then you need all the plain 
text to get the key. The worst case is OTP with key same size as 
message, because then recovering the key is worthless as the next 
message uses a new one.  The Germans in WWII used two quite good systems 
and compromised both for different reasons. The Japanese systems in WWII 
were mostly all broken due to research & educated guesses at the plain 
text. All of these systems would be quite robust against modern brute 
force computer attack. The problem was how the systems where used.

Japanese Codes: The Emperor's Codes by Michael Smith

Enigma was *one* German system. Most of the compromise was because the 
British knew the algorthim (A captured machine) and mistakes by German 
operators. The other was the Lorentz Machine,  Colossus 
<http://en.wikipedia.org/wiki/Colossus_computer> was used to decode 
Lorentz Traffic. The algorithm was compromised by the same message sent 
twice on same settings allowing the key and thence machine structure to 
be deduced. Weather reports sent by Lorentz in conjunction with the 
British knowing the Weather via observation near the same place, allowed 
Colossus operators to quickly get the new key each day. By hand it would 
have taken six weeks. http://www.codesandciphers.org.uk/lorenz/fish.htm

A study of codebreaking over the last 80 years reveals that the biggest 
problem is arrogance by the users.

Messages to spies from 1950s to now probably uses OTP. Famous of these 
may be the Short Wave Number Stations. I first heard them in the 1970s 
and they are still on the go
Interesting R4 program on it and may have download here
http://www.simonmason.karoo.net/page485.htm

AFAIK no number station content  has  ever  been  broken.










-- 
Mike