[cap-talk] password capabilities & object capability model?
Tony Bartoletti
azb at comcast.net
Thu Aug 21 23:51:34 CDT 2008
At 07:18 PM 8/21/2008 -0700, MarkM wrote:
>But the first part of the protocol of "tell me the secret number and I'll
>give you the money" is comparison of large unguessable numbers. To me,
>this is the simplest degenerate case of crypto.
Technically, you are right. "Crypto" (from Greek "kruptos") simply means
hidden or secret, and surely a swiss number must remain secret to maintain
its utility...
Many people use the term "cryptographically strong" to describe (say) the
MD5 or SHA1 hash of a bit-string, even though all operations are "in the
clear" and nothing is being "encrypted" - the idea being that the precursor
bit-string (or any hash-wise equivalent) is essentially unguessable, given
only the hash.
Problem is, most folk who hear "crypto" think of "cyphers", or
cryptographic *translations*.
Aside: I recall (circa 1996, SPKI list) Ron Rivest introduced the
definition-busting "chaffing and winnowing", to demonstrate that a strong
digital signature capability can be employed to effect strong "encryption",
even when everything is "in the clear": Alice sends a message M to Bob,
placing each individual bit of M in its own "signed packet", a 3-tuple
(seqno,bit,sig(seqno,bit)). Alice, or even Fred downstream, can read the
flow and add to that flow a complement to each packet, retaining the seqno,
flipping the bit, and placing garbage in the sig-part. Only those who know
to perform the corresponding signature verification know whether to accept
the 0 or 1 bit in each case.
Efficiency is another matter ...
Cheers! ____tony____
More information about the cap-talk
mailing list