1993-05-12 - Re: The Halting Problem

Header Data

From: Matt Blaze <mab@crypto.com>
To: peb@procase.com
Message Hash: f34f838298c0f7645e391878ba81256740e234cb2709b90264d01b6ad1553f18
Message ID: <9305122009.AA08373@crypto.com>
Reply To: <9305121900.AA09630@banff>
UTC Datetime: 1993-05-12 20:26:22 UTC
Raw Date: Wed, 12 May 93 13:26:22 PDT

Raw message

From: Matt Blaze <mab@crypto.com>
Date: Wed, 12 May 93 13:26:22 PDT
To: peb@procase.com
Subject: Re: The Halting Problem
In-Reply-To: <9305121900.AA09630@banff>
Message-ID: <9305122009.AA08373@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain



>
>It occurred to me that determining whether a set of random bytes is
>actually a crypto message could be reduced to the halting problem.
>Given this, it would be theoretically impossible to prove that an
>uncrackable message was indeed a crypto message.  The revelation here
>(for me, anyway) is that if arbitrary crypto were made illegal, the
>burden of proof would be on the prosecution which would have to crack
>the message (at least partially).
>
>
>Paul E. Baclace
>peb@procase.com
>

I don't see how determining that a particular string is an encrypted
message reduces to the halting problem.  For an arbitrary cipher, you can't
prove anything about any given potential ciphertext, since the cipher
could be a one-time pad.  (for one time pads, where keylength=message length,
any string can encrypt to any other string by selecting the right key).
So it's true that you can't prove anything about arbitrary ciphertext, but
that doesn't involve the halting problem.  If the cipher is known, on the
other hand, there are perfectly deterministic methods to determine whether
a particular ciphertext may coresponds to some given plaintext, simply
by exhaustive search of the keyspace.

However, I do agree with your basic conclusion - there is no way to determine,
by the bitstream alone, whether something has been encrypted with an arbitrary
cipher.

-matt





Thread