1995-10-24 - Re: [reformatted] how secure can privasoft be?

Header Data

From: patrick@Verity.COM (Patrick Horgan)
To: jirib@cs.monash.edu.au
Message Hash: 547f46ef863dcbf2142ae060be6f70a5b3f9e0bfaee500480cdd773cb8f9e5d4
Message ID: <9510240512.AA07092@cantina.verity.com>
Reply To: N/A
UTC Datetime: 1995-10-24 05:16:02 UTC
Raw Date: Mon, 23 Oct 95 22:16:02 PDT

Raw message

From: patrick@Verity.COM (Patrick Horgan)
Date: Mon, 23 Oct 95 22:16:02 PDT
To: jirib@cs.monash.edu.au
Subject: Re: [reformatted] how secure can privasoft be?
Message-ID: <9510240512.AA07092@cantina.verity.com>
MIME-Version: 1.0
Content-Type: text/plain


> > This seems paradoxical. PrivaSoft uses a key approximately 30 bits long. It
> ...
> > Two possible explanations I can imagine are:
> > 
> > (0) PrivaSoft actually uses a key longer than 9 digits, and someone just made
> ...
> 
> Could it be 9 hex digits = 36 bits?

A nine digit number, 999,999,999 can be stored as 0x3b9ac9ff. Note that this is
eight 4bit hex digits, or 32 bits, except the top nibble only has two bits
used, or its 30 bits.

> > The information contents a clear message
> 
> This is a strange title (I suspect "of" dropped out), but it might
> well sum it all up :-)

Nah, I suggested they reformat into 80 columns and suggested a different title
for this section, but they went with it.  They wanted it fer sure.  I just don't
know what it means.

> > a significant 
> > portion of the page must be reconstructed, and a significant amount of 
> > mathematical correlation must be calculated between neighboring areas of the 
> > image, before the cracking software can tell whether the candidate key is 
> ...
> 
> This can at most buy you a constant factor - useful, but not very.
> I doubt the two uses of "significant", too. Anybody remember those
> diagrams in Typing textbooks about the layout of a letter?

Someone else on this list mentioned that an edge detection algorithm would help 
here.  You wouldn't have to try to detect letters if there were no edges.
It could give you a quick go/no go.

> > The cryptographic engine can be customer-furnished and customer integrated, 
> 
> What do they mean by this bit?
> 

They mean that if you don't feel secure with theirs, you could use yours in
their framework...it's the pluggable encryption that NSA has had such a hard
time with but seems to be in favor of now.

Patrick
   _______________________________________________________________________
  /  These opinions are mine, and not Verity's (except by coincidence;).  \
 |                                                       (\                |
 |  Patrick J. Horgan         Verity Inc.                 \\    Have       |
 |  patrick@verity.com        1550 Plymouth Street         \\  _ Sword     | 
 |  Phone : (415)960-7600     Mountain View                 \\/    Will    | 
 |  FAX   : (415)960-7750     California 94303             _/\\     Travel | 
  \___________________________________________________________\)__________/





Thread