Re: Unicode As Weak Cryptography



On May 19, 11:14 am, Jeffrey Goldberg <nob...@xxxxxxxxxxxx> wrote:
On 11-05-17 7:52 AM, Globemaker wrote:

Dear Jeffrey, You interpreted my plan backwards. My plan is to post
cuneiform, but send a secret font file for TTF True Type Fonts so my
friend will see English on the screen. Other people who do not have
cuneiform TTF installed on their browser will see scribbles. If
Outsiders install the TTF for Cundeiform Composite 1001 fonts, they
will see cuneiform characters and they will not be able to read it.

So your "key", your customized TTF font file, is far longer than your
actual message is likely to be.

Your key is also just a simple alphabetic substitution, meaning your
encrypted material is no better than the "Cryptograms" found on the
comics pages of children's magazines.

I expect that is the opposite of what your 8 year old buddies proposed.

No it really is the same. The only difference is that their "key" (how
to transcribe Arabic into Latin) would be stored in their heads. Your
key is stored in a file.

What makes their system excusable and yours not is

(a) They were aiming for a paper and pencil system, and so couldn't use
a system that involved computers.  GPG wasn't an option for them as it
is for you.

(b) The number of people who might intercept their messages was limited
and fairly well known (unlike your proposal of actually posting your
cipher text).

(c) I didn't have time to teach them Vigenère, a far stronger paper and
pencil system.

(d) They were eight years old and I wanted them to "own" the system that
they used, so I didn't offer alternatives.

I really don't mean to be harsh. I actually like talking about your
proposal and considering things like that. For someone like me who can
work through toy examples of RSA, but is in no way a cryptographer, it
is really fun to think about systems that I actually understand fully.

If you will forgive me for speculating about your underlying motives, I
think you find the same pleasure in such things as I do. The difference
between us is that you rationalize your pursuit of such systems with
really bogus arguments about virtues of weak encryption or difficulty in
acquiring GPG. I simply acknowledge that I like playing with weak
systems because I can understand them.

Cheers,

-j

--
Jeffrey Goldberg          http://goldmark.org/jeff/
I rarely read HTML or poorly quoting posts
Reply-To address is valid

Jeff wrote,
you rationalize your pursuit of such systems with
really bogus arguments about virtues of weak encryption or difficulty in
acquiring GPG.

I already downloaded GPG last year, but it uses passwords and I did
not see where I could enter a key of 128 zero bits for AES. Maybe
there is a place to specify a binary key that I could not find. Is
there?

As far as bogus reasons for weak crypto, consider what happened to
people who published strong crypto here:
http://www.toad.com/gnu/export/export.html

http://www.toad.com/gnu/export/applied-floppy-appeal-response2
.



Relevant Pages

  • Re: Unicode As Weak Cryptography
    ... cuneiform TTF installed on their browser will see scribbles. ... So your "key", your customized TTF font file, is far longer than your ... really bogus arguments about virtues of weak encryption or difficulty in ...
    (sci.crypt)
  • Re: NEW Font File problems - Microsoft update connection ???
    ... The problem appears to be the use of a TTF Font file I created many ... The specific error message I get is: ...
    (alt.comp.lang.borland-delphi)
  • Re: Unicode As Weak Cryptography
    ... Outsiders install the TTF for Cundeiform Composite 1001 fonts, ... will see cuneiform characters and they will not be able to read it. ...
    (sci.crypt)
  • Re: how to get the font directory under windows CE
    ... In fact the EnumFontFamilies does not give me the associated font file ... for each enumerated font. ... my solutions is to scan the whole terminal on startup. ...
    (microsoft.public.pocketpc.developer)