From: Scott Brickner <sjb@universe.digex.net>
Date: Wed, 25 Oct 95 09:50:48 PDT
To: jirib@cs.monash.edu.au
Subject: Re: A secure cryptosystem with a 40-bit key?
In-Reply-To: <199510250657.QAA10183@sweeney.cs.monash.edu.au>
Message-ID: <199510251650.MAA24629@universe.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


Jiri Baum writes:
>.u'u I believe that you were wrong when you expressed a symbol for the
>list of forms of structure words. There are also words of the form V'V.
>
>On the other hand, however, not all letter combinations are permitted;
>eg there are only fourteen dipthongs (of which only four are "normal").

Well, I was definitely oversimplifying things.

>> The grammar of the language is *so* regularized that they are able to
>> give a YACC description for it.
>
>Yeah, and a huge beast it is. If you can make a YACCable language with
>one page of rules (say 16 :-) ), *then* I'll be impressed.

I'm sure that one could be done on one page, but I doubt it would have
the expressive power of a natural language *and* the lack of ambiguity
of Lojban.

>Would you believe two grammars for mathematical expressions? No? Good!
>There are three (infix, prefix and postfix).

And there's feedback between MEX and the non-MEX grammar since there
are cmavo which covert MEX into sumti and selbri and vice versa.

>> A message written entirely using native Lojban words can be encrypted
>> in a codebook fashion where the particular codebook to be used is a
>...
>
>You have to be careful here - the structure words (cmavo) are divided
>into groups (selma'o) which have different gramatical functions.
>You can't mix up members of different selma'o (in general), so you'd
>have to permute within each separately.
>
>Some of these selma'o have very few members (even just one) and/or
>may of themselves reveal information.

To achieve the goal of the cryptosystem it may not be necessary to
encode the cmavo, since they have no real meaning on their own, just
the gismu and rafsi.  The goal is to hide the *meaning*, not the
structure.

The selma'o that only have one member are especially meaning-free, as
they're typically elidable terminators and such.

>> This system has the interesting property that *any* plaintext with the
>> same grammatical structure is a potential encryption of a given
>> cyphertext.
>...
>
>Yes, but the grammatical structure itself may reveal heaps.
>(Except for trivial statements.)

In a natural language this might be true, but in Lojban the grammar's
regularity eliminates much of this information.  In English it's
"strange" to say "the red big dog", while "the big red dog" is fine.
Lojban doesn't have these features.  Lojban bridi are essentially
the same as function calls in a programming language, from a grammatical
perspective.  The only distinguishing feature of a selbri is the number
of sumti that it takes, and it's unusual for all of them to be specified,
and extra ones may be added using the BAI selma'o.

>> This works well in Lojban because it never changes word forms based on
>> grammatical usage.  Most natural language declensions and conjugations
>> would make the encrypted message ungrammatical, and make it *much* more
>...
>
>Not really; you just need to make sure that you conjugate the coded words.
>(Ie substitute nouns for nouns, verbs for verbs, etc.)

Irregularities make this nearly impossible for computers, though.

There are also problems due to ambiguity.

The even bigger inconvenience with natural laguages comes in defining
the codebook.  The limited forms of Lojban gismu and rafsi makes the
whole dictionary a well-defined list, permitting the codebook to be
specified as a single number that anyone could use --- even without
prior exchange of the wordlist.