1. Forum
  2. Fidonet
  3. ALT.FOLKLORE.COMPUTERS

  • Re: ?Quantum? Computing (was Re: Python)

    From Lawrence D?Oliveiro@3:633/10 to All on Mon Dec 29 21:56:58 2025
    On Mon, 29 Dec 2025 07:31:06 -0700, Peter Flass wrote:

    Right now, but people who work with this stuff are worried about
    what quantum computers can do with it.

    Those kinds of ?quantum computers? don?t exist. They can?t even
    demonstrate a basic number-theoretic operation like factorizing an
    integer, let alone implementing the fabled Shor?s algorithm.

    Shor?s algorithm came out about 30 years ago. The progress towards
    implementing it since then has been ... zero.

    --- PyGate Linux v1.5.2
    * Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)
  • From c186282@3:633/10 to All on Tue Dec 30 03:17:55 2025
    On 12/29/25 16:56, Lawrence D?Oliveiro wrote:
    On Mon, 29 Dec 2025 07:31:06 -0700, Peter Flass wrote:

    Right now, but people who work with this stuff are worried about
    what quantum computers can do with it.

    Those kinds of ?quantum computers? don?t exist. They can?t even
    demonstrate a basic number-theoretic operation like factorizing an
    integer, let alone implementing the fabled Shor?s algorithm.

    Shor?s algorithm came out about 30 years ago. The progress towards implementing it since then has been ... zero.

    Hmmm ... put an 'AI' on it. Using quantum to bust
    encryption is theoretically possible - indeed that
    is why 'post quantum' encryption methods are being
    written already.

    Hey, there's money and power in being able to carve
    straight through current encryption methods, ergo
    considerable motivation.


    --- PyGate Linux v1.5.2
    * Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)
  • From John Levine@3:633/10 to All on Fri Jan 2 04:55:37 2026
    According to c186282 <c186282@nnada.net>:
    If you know something ABOUT 'the pad' - like how
    many letters/numbers and how it's used - that may
    offer some attack options, at least narrow things
    down at bit.

    No, a real OTP is unbreakable. The problem is that for every byte
    of message you need a byte of key, so distributing the keys and
    using them correctly is a logistical nightmare.

    Venona decrpted Soviet messages that used OTPs because
    sone of the putative OTPs in fact were used more than once
    which was enough to let the US crack them.

    --
    Regards,
    John Levine, johnl@taugh.com, Primary Perpetrator of "The Internet for Dummies",
    Please consider the environment before reading this e-mail. https://jl.ly

    --- PyGate Linux v1.5.2
    * Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)
  • From Richard Kettlewell@3:633/10 to All on Fri Jan 2 09:15:11 2026
    John Levine <johnl@taugh.com> writes:
    According to c186282 <c186282@nnada.net>:
    If you know something ABOUT 'the pad' - like how
    many letters/numbers and how it's used - that may
    offer some attack options, at least narrow things
    down at bit.

    No, a real OTP is unbreakable. The problem is that for every byte of
    message you need a byte of key, so distributing the keys and using
    them correctly is a logistical nightmare.

    OTPs are broken in the sense that they are malleable. It?s easy for an
    attacker to modify the encrypted message, if they know anything about
    its expected structure.

    For example, an encrypted financial transaction is likely to have the
    amount of money to be sent at a predictable offset, so all the attacker
    needs to do is flip one of the higher bits in that field and the victim
    spends a great deal more money than they intended. If the pad is applied
    using XOR (a natural approach today) then they can achieve that by
    flipping the corresponding bit in the ciphertext.

    The need for symmetric encryption systems to include a MAC to prevent
    this kind of issue has been understood for a long time.

    --
    https://www.greenend.org.uk/rjk/

    --- PyGate Linux v1.5.2
    * Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)
  • From c186282@3:633/10 to All on Fri Jan 2 05:14:50 2026
    On 1/1/26 23:55, John Levine wrote:
    According to c186282 <c186282@nnada.net>:
    If you know something ABOUT 'the pad' - like how
    many letters/numbers and how it's used - that may
    offer some attack options, at least narrow things
    down at bit.

    No, a real OTP is unbreakable. The problem is that for every byte
    of message you need a byte of key, so distributing the keys and
    using them correctly is a logistical nightmare.

    I'm aware of the practical problems ... the
    one-to-one ratio is a serious limitation.
    However IF the messages are really short,
    "Attack at 18:30 Hours" or "Nuke Launch
    Auth 10414", you can live with that.

    Well, maybe not after that last one ...

    Venona decrpted Soviet messages that used OTPs because
    sone of the putative OTPs in fact were used more than once
    which was enough to let the US crack them.

    RE-using pads, VERY not good. Indeed there were some
    similar incidents of NAZI operators either re-using
    the same Enigma rotor settings, or sending the exact
    same message with different settings, that helped
    the Brits crack their code.

    Still, thinking, IF you know enough ABOUT the exact
    'pads' being used and HOW they are used ... really
    MIGHT give you a heads-up. You'd at least know the
    RANGE of the coding scheme and HOW operators
    applied it to incoming messages.

    ANY insight into a coding scheme IS a weakness.


    --- PyGate Linux v1.5.2
    * Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)
  • From c186282@3:633/10 to All on Fri Jan 2 05:45:42 2026
    On 1/2/26 04:15, Richard Kettlewell wrote:
    John Levine <johnl@taugh.com> writes:
    According to c186282 <c186282@nnada.net>:
    If you know something ABOUT 'the pad' - like how
    many letters/numbers and how it's used - that may
    offer some attack options, at least narrow things
    down at bit.

    No, a real OTP is unbreakable. The problem is that for every byte of
    message you need a byte of key, so distributing the keys and using
    them correctly is a logistical nightmare.

    OTPs are broken in the sense that they are malleable. It?s easy for an attacker to modify the encrypted message, if they know anything about
    its expected structure.

    For example, an encrypted financial transaction is likely to have the
    amount of money to be sent at a predictable offset, so all the attacker
    needs to do is flip one of the higher bits in that field and the victim spends a great deal more money than they intended. If the pad is applied using XOR (a natural approach today) then they can achieve that by
    flipping the corresponding bit in the ciphertext.

    The need for symmetric encryption systems to include a MAC to prevent
    this kind of issue has been understood for a long time.

    You are correct ... OTPs are both limited AND have
    certain vulnerabilities.

    And the more you KNOW about the 'pads' and how they
    are used in practical instances the more insight
    into how to work against them becomes.

    OTPs are very good for kind of short 'volatile'
    info ... ie info for which the value disappears in
    a relatively short time. LONG-term secure storage
    is a different proposition - something where a
    foe may have months/years to crack it.

    In all cases, it's the HUMAN FACTOR which is the
    worst vulnerability. The keys to a complex cipher
    are useless if the employee writes them on a
    Post-It and pastes it on their monitor. Just
    bribe the janitor or visit for a "job interview"
    and ... :-)


    --- PyGate Linux v1.5.2
    * Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)
  • From Lawrence D?Oliveiro@3:633/10 to All on Fri Jan 2 20:59:43 2026
    On Fri, 02 Jan 2026 09:15:11 +0000, Richard Kettlewell wrote:

    The need for symmetric encryption systems to include a MAC to
    prevent this kind of issue has been understood for a long time.

    ??

    Just want to point out you used the term ?symmetric? in the sense in
    which I think it *should* be used: to refer to encryption systems
    where the encryption and decryption algorithms are one and the same.

    Too often the term is used to refer to systems where the same key is
    used for encryption and decryption -- I think these should more
    properly be called ?secret-key? systems.

    --- PyGate Linux v1.5.2
    * Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)
  • From Richard Kettlewell@3:633/10 to All on Fri Jan 2 21:17:35 2026
    Lawrence D?Oliveiro <ldo@nz.invalid> writes:
    Richard Kettlewell wrote:

    The need for symmetric encryption systems to include a MAC to
    prevent this kind of issue has been understood for a long time.

    ??

    Just want to point out you used the term ?symmetric? in the sense in
    which I think it *should* be used: to refer to encryption systems
    where the encryption and decryption algorithms are one and the same.

    Too often the term is used to refer to systems where the same key is
    used for encryption and decryption -- I think these should more
    properly be called ?secret-key? systems.

    Please stop trolling.

    (For anyone in doubt, symmetric encryption refers to single-key
    encryption schemes, not encryption schemes were encryption and
    decryption are the same operation.)

    --
    https://www.greenend.org.uk/rjk/

    --- PyGate Linux v1.5.2
    * Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)
  • From The Natural Philosopher@3:633/10 to All on Sat Jan 3 08:26:33 2026
    On 02/01/2026 21:17, Richard Kettlewell wrote:
    Lawrence D?Oliveiro <ldo@nz.invalid> writes:
    Richard Kettlewell wrote:

    The need for symmetric encryption systems to include a MAC to
    prevent this kind of issue has been understood for a long time.

    ??

    Just want to point out you used the term ?symmetric? in the sense in
    which I think it *should* be used: to refer to encryption systems
    where the encryption and decryption algorithms are one and the same.

    Too often the term is used to refer to systems where the same key is
    used for encryption and decryption -- I think these should more
    properly be called ?secret-key? systems.

    Please stop trolling.

    (For anyone in doubt, symmetric encryption refers to single-key
    encryption schemes, not encryption schemes were encryption and
    decryption are the same operation.)

    I am surprised you didn't kf him years ago.

    --
    Religion is regarded by the common people as true, by the wise as
    foolish, and by the rulers as useful.

    (Seneca the Younger, 65 AD)



    --- PyGate Linux v1.5.2
    * Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)
  • From Richard Kettlewell@3:633/10 to All on Sat Jan 3 11:45:05 2026
    The Natural Philosopher <tnp@invalid.invalid> writes:
    On 02/01/2026 21:17, Richard Kettlewell wrote:
    Lawrence D?Oliveiro <ldo@nz.invalid> writes:
    Richard Kettlewell wrote:

    The need for symmetric encryption systems to include a MAC to
    prevent this kind of issue has been understood for a long time.

    ??

    Just want to point out you used the term ?symmetric? in the sense in
    which I think it *should* be used: to refer to encryption systems
    where the encryption and decryption algorithms are one and the same.

    Too often the term is used to refer to systems where the same key is
    used for encryption and decryption -- I think these should more
    properly be called ?secret-key? systems.
    Please stop trolling.
    (For anyone in doubt, symmetric encryption refers to single-key
    encryption schemes, not encryption schemes were encryption and
    decryption are the same operation.)

    I am surprised you didn't kf him years ago.

    I periodically reset it to see if any of its denizens have given their
    heads a wobble yet. Sometimes they have, sometimes they haven?t.

    --
    https://www.greenend.org.uk/rjk/

    --- PyGate Linux v1.5.2
    * Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)