From: IPG Sales <ipgsales@cyberstation.net>
To: coderpunks@toad.com
Message Hash: cced018f31dc2142b851af0c9116e3998e32014dff913bc7a36b1404de1b6b28
Message ID: <Pine.BSI.3.95.961016194535.21030B-100000@citrine.cyberstation.net>
Reply To: <3261C95B.2F4A@bfree.on.ca>
UTC Datetime: 1996-10-17 01:30:42 UTC
Raw Date: Wed, 16 Oct 1996 18:30:42 -0700 (PDT)
From: IPG Sales <ipgsales@cyberstation.net>
Date: Wed, 16 Oct 1996 18:30:42 -0700 (PDT)
To: coderpunks@toad.com
Subject: Q.E.D.
In-Reply-To: <3261C95B.2F4A@bfree.on.ca>
Message-ID: <Pine.BSI.3.95.961016194535.21030B-100000@citrine.cyberstation.net>
MIME-Version: 1.0
Content-Type: text/plain
Some of you have sardonically written to say "Nihil Est
Demonstrandum," N.E.D. because an OTP must be derived from a
hardware source, that is, it must be a pure random sequence
of limitless entropy. Accordingly, they unbashfully assert
that an OTP generated by a computer program is not possible.
How do they know that? Does the Bible tell them so, or the
Koran, or do they get it from the Torah? Why not cite the
source of their certainty instead of advancing an unsupported
proposition. I do not mean to be rude, but excuse me, what
scientific proof can they offer for that immovable avowal?
There is no scientific proof whatsoever, none at all, except
for the words and their steadfast, and maybe self serving,
postulate. Accordingly, obviously it is they, not us, who are
the ones that have "Nihil Est Demonstrandum," in this matter.
There is not one scintilla of sustainable evidence to support
such a doctrine.
While the vast majority of people knowledgeable about
cryptography have not heretofore believed that it is possible
for software to produce an OTP, that does not make it a
scientific fact, but merely means it is the consensus of
scientific opinion that it is not possible. With all due
respect to Bruce, and his exceptional work, Paul, Roy and many
others who obviously know the subject matter of which we speak, I
offer that history is replete with scientists supplying proof of
the seemingly impossible.
In support of their position, some have pointed out that John
von Neumann, to paraphrase, stated that ARITHMETIC cannot
produce random numbers, a thesis which I agree with; but
where is that, in any way inconsistent with IPG's position on
EUREKA? IPG has produced a system to generate software OTPs,
albeit it within limited but but more than ample entropy, not
software random numbers.
We stipulate the obvious fact that the encryptor stream
generated by EUREKA is a PRNG stream, though we do consider
it gross denigration to castigate it as ONLY a PRNG stream.
It is a PRNG issue that also happens to be an extremely well
behaved OTP sequence, with limited but ample entropy, as well.
It meets each and every criteria rationally established for an
OTP in all reasonable aspects. Subjected to any and all
statistical analyses, the EUREKA PRNG stream manifests itself as
being random, though we know, as a scientific fact, that it is
not.
To substantiate that posit, and unlike the consensus of
scientific opinion, obviously N.E.D., that believes that
software cannot produce an OTP, IPG offers "Quod Erat
Demonstrandum," Q.E.D. scientific proof that we can produce
a humungous number of software OTPs sufficient to meet any and
all current or future requirements.
You do not need to be an Einstein, a Hawking, or a von
Neumann, to understand the fundamental basis of the IPG
EUREKA algorithm. Succinctly as I can , that is, given a truly
random key of entropy N, and possibly truly random look up tables
of combined entropy M, it is possible to generate up to N
streams of characters of a length in this case of
approximately 10^223, that manifest themselves as true OTPs.
Think about that simple supposition for a moment. What do we
mean by an OTP? We mean that an OTP is a stream of
characters, or numbers, that cannot be derived in the
absence of the key that was used to generate them, or
alternately by trying all possibilities of that said key.
Thus, when using the resultant as an encryptor stream, the
only information derivable from the ciphertext is the
determination of the maximum possible length. Furthermore,
by using the exclusionary proof, you cannot preclude any
possible message of that said length.
If you think through that hypothesis, it becomes clear that
such is not precluded by von Neumann's proffer, or by
fundamental mathematical principles. The question then, is
how can you go about doing that? That is all that IPG has
done. We have figured out a mathematical certain way, (
Q.E.D.), of generating N number, or rather a number very
close to N, of OTPs from a given key of entropy N, and we can
prove it.
Not only that, but you can prove it to yourself, Q.E.D. We
maintain that it is discernible to any knowledgeable person
who probes the algorithm, that the only analytical tack that
can be mounted against EUREKA is brute force and that is
patently impossible.. One of your Cpunk colleagues says he
uses Triple DES, 168 bits, and he does not believe that it
can be brute forced - I agree, 3-DES, 10^50+ possibilities,
cannot be brute forced now, or in the foreseeable future -
then what about the EUREKA's 10^34322 possibilities,
10^34271+ greater than 3-DES? No way, not now, not ever.
Furthermore, EUREKA is an order, or more, magnitude faster
than triple DES, easier to use, much more secure, etal.
Another has suggested that if the key, and all the variables
are hacked, then the system can be compromised. That is true,
but again excuse me, does not that apply to any system,
whether it be RSA, PGP, IDEA, and yes also a hardware sourced
OTP. EUREKA's only edge in that regard is that built in
means that facilitate safeguards which minimize such risks.
EUREKA is not a panacea for all your encryption needs. RSA,
PGP, ENTRUST, and other systems fill very important
exigencies. Where EUREKA shines brightest is in two important
strategic user applications:
1. To set up a permanent line of Internet/intranet
communication privacy between two, or a group of,
individuals. As a result, pass phrases, session
encryption keys, and other work impediments of that
genre can be largely eliminated.
While applicable to everyone, this is especially true
of newbies, computer novices, technophobes, and other
non-techies.
It is much faster, easier to use, and more flexible
than other systems for this application. As such, it is
ideal for intranets, or mixed Internet/intranet
systems.
2. To protect your private hard disk files, programs or
data, from compromise by hackers and interlopers. In
this application it is unsurpassed because differential
analysis of changing files is rendered impossible and
it is extremely fast.
See for yourself. Prove it to yourself, Q.E.D. The IPG
algorithm is available at:
http://netprivacy.com/algo.html
or a condensed version at:
http://netprivacy.com/condalgo.html
P.S. My resume can also be found there
http://www.netprivacy.com/resume.html
> ==================================================================
>
> Donald R. Wood
> ipgsales@cyberstation.net
>====================================================================
>
> Some p[eople are more certain of their own opinions than they are of
> facts presented by those they disagree with - Aristotle
>
> ---------------------- Quod Erat Demonstrandum ----------------------
Return to October 1996
Return to “The Deviant <deviant@pooh-corner.com>”