Anyway, the slides are available.
Anyway, the slides are available.
OK, its silly, but for some reason I still want one. Actually, I want two.
Although we are still very much in beta, feedback will be appreciated.
Inspired by a comment on one of my posts, I thought of a better way to produce smooth collisions than searching and factoring. The essence of it is this…
Take a bunch of (small) primes, p1, p2, …, pn. Multiply them together, c=p1*p2*…*pn. Then take your colliding pair, n1 and n2. Set o=c-((n1 << ((32+b(c))&~7)) mod c), k1=n1 << ((32+b(c))&~7)+o and k2=n2 << ((32+b(c))&~7)+o, where b(c) is the number of bits in c. That is, k1 is n1 shifted left (bytewise) with an offset, o, added. Note that k1 is divisible by c (and check that k2 isn’t), and, of course, k1 and k2 collide.
Now test k2, k2+c, k2+2c, …, k2+Nc until one is found that is prime. At this point you have a collision, k2+Nc prime and k1+Nc divisible by c (i.e. smooth[ish]).
Using this method, here are two k2+Nc:
D131DD02C5E6EEC4 693D9A0698AFF95C 2FCAB50712467EAB 4004583EB8FB7F89 55AD340609F4B302 83E4888325F1415A 085125E8F7CDC99F D91DBD7280373C5B D8823E3156348F5B AE6DACD436C919C6 DD53E23487DA03FD 02396306D248CDA0 E99F33420F577EE8 CE54B67080280D1E C69821BCB6A88393 96F965AB6FF72A70 00000AD6BF4FE0D1 559E6140208D6D2B A4694335
D131DD02C5E6EEC4 693D9A0698AFF95C 2FCAB50712467EAB 4004583EB8FB7F89 55AD340609F4B302 83E4888325F1415A 085125E8F7CDC99F D91DBD7280373C5B D8823E3156348F5B AE6DACD436C919C6 DD53E23487DA03FD 02396306D248CDA0 E99F33420F577EE8 CE54B67080280D1E C69821BCB6A88393 96F965AB6FF72A70 00000085EDE28444 505E3FE8D0F8D68E FF7CF302ECEE5FCC FA78FAE6BF0F8979 57F7CD21
The first collides with a number that has the first 26 primes as factors, and the second with one that has the first 43 as factors.
As the fifth dialog of the day popped up and disappeared in response to whatever I was typing at the time, I suddenly wondered:
a) WTF did that dialog say?
b) How bad will it be that I missed it?
c) Why doesn’t anyone use the trick that my timetracker uses?
Its dialog comes up on top, but without focus. It is totally trivial to do. Why does no-one do it? Are they all mad?
I have a chapter on security in Open Sources 2.0, which is finally out.
Kim Cameron recently wrote about why InfoCard is better than anything else. But is it true?
Here’s some specific criticisms. Feel free to correct me if I’m wrong.
“a consumer visiting a corporate Web site is able to use the identity beacon of that site to decide whether she wants to establish a relationship with it. Her system can then set up a “unidirectional” identity relation with the site by selecting an identifier for use with that site and no other. A unidirectional identity relation with a different site would involve fabricating a completely unrelated identifier. Because of this, there is no correlation handle emitted that can be shared between sites to assemble profile activities and preferences into super-dossiers.”
However, as I’ve shown, this is not actually possible with any traditional type of signed assertion.
In short, there’s a lot of hype around InfoCard – but its increasingly unclear to me that it survives close examination. It seems to me that some of these issues could be fixed (linkability with legacy certificates does not strike me as fixable, though), but in the rush to get to market they’re being swept under the carpet.
Powered by WordPress