type some random characters to seed the random numbers (was: CTR mode, SecureRandom, ElGamal updates)

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

type some random characters to seed the random numbers (was: CTR mode, SecureRandom, ElGamal updates)

Chris Muller
Hi Pakala,

> Hi,
> Thank you. It is just a small project so no need to
> worry about the hacker.

I gather this refers to the (low) potential that your
users will be able to hack "obscured" cleartext
(mildly encrypted), even if not very secure from a
skilled hacker.

I made a big jump when the "adversarial setting" of
digital security was spelled out for me.  Because
digital bits are fluid and unbounded, able to travel
so far, so quickly, you won't know when an attacker is
attacking and, even if you did, usually nothing could
be done about it.

Therefore, the adversarial setting must be assumed
that all data sent out of your computer (and, in
extremely paranoid cases, the memory inside your
computer) is sent to the attacker along the way, where
they can do what they wish including modify it.  The
same for data received.  The adversary is a
mathemetician with a supercomputer, has lots of time
and lots of incentive.  He's ready to inflict maximum
hurt.

This is the setting, therefore the goal must be to
provide "mathematical protection."  To reveal or
modify information, the adversary must solve a
mathemetical problem that, so far, no mathmetician has
been able to solve.

> Can you please give me some more information how to
> proceed.
> you said that the GPG ask the user to type some
> random charaters to seed the
> random numbers and we can give fingeprint image. I
> need some more
> information about that.If you have any code please
> send me.

To do this, print this in a workspace:

  SecureRandom fromUser nextRandom160

Cheers,
  Chris
_______________________________________________
Cryptography mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography
Reply | Threaded
Open this post in threaded view
|

Re: type some random characters to seed the random numbers (was: CTR mode, SecureRandom, ElGamal updates)

satru pakala
Hi chris,
You said to use "SecureRandom fromUser nextRandom160".
Can you please tell me what is fromUser and what is for nextRandom160?
is fromUser is the fingerprint image?
Regards,
pakala

 
On 2/16/06, Chris Muller <[hidden email]> wrote:
Hi Pakala,

> Hi,
> Thank you. It is just a small project so no need to
> worry about the hacker.

I gather this refers to the (low) potential that your
users will be able to hack "obscured" cleartext
(mildly encrypted), even if not very secure from a
skilled hacker.

I made a big jump when the "adversarial setting" of
digital security was spelled out for me.  Because
digital bits are fluid and unbounded, able to travel
so far, so quickly, you won't know when an attacker is
attacking and, even if you did, usually nothing could
be done about it.

Therefore, the adversarial setting must be assumed
that all data sent out of your computer (and, in
extremely paranoid cases, the memory inside your
computer) is sent to the attacker along the way, where
they can do what they wish including modify it.  The
same for data received.  The adversary is a
mathemetician with a supercomputer, has lots of time
and lots of incentive.  He's ready to inflict maximum
hurt.

This is the setting, therefore the goal must be to
provide "mathematical protection."  To reveal or
modify information, the adversary must solve a
mathemetical problem that, so far, no mathmetician has
been able to solve.

> Can you please give me some more information how to
> proceed.
> you said that the GPG ask the user to type some
> random charaters to seed the
> random numbers and we can give fingeprint image. I
> need some more
> information about that.If you have any code please
> send me.

To do this, print this in a workspace:

SecureRandom fromUser nextRandom160

Cheers,
Chris
_______________________________________________
Cryptography mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography


_______________________________________________
Cryptography mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography
Reply | Threaded
Open this post in threaded view
|

Re: type some random characters to seed the random numbers (was: CTR mode, SecureRandom, ElGamal updates)

Tom Phoenix
On 2/18/06, satru pakala <[hidden email]> wrote:

> You said to use "SecureRandom fromUser nextRandom160".
> Can you please tell me what is fromUser and what is for nextRandom160?
> is fromUser is the fingerprint image?

You seem to be thinking that those strings are stand-ins
(metasyntactic variables) for some data. That's Smalltalk code; those
strings are message names. Chris is telling you to print the result of
running that code, probably in a Workspace. Hope this helps!

--Tom Phoenix
_______________________________________________
Cryptography mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography