Re: AI's take on my cipher...

Liste des GroupesRevenir à s crypt 
Sujet : Re: AI's take on my cipher...
De : chris.m.thomasson.1 (at) *nospam* gmail.com (Chris M. Thomasson)
Groupes : sci.crypt
Date : 13. Jul 2025, 20:45:08
Autres entêtes
Organisation : A noiseless patient Spider
Message-ID : <10512c6$2uboa$1@dont-email.me>
References : 1 2 3 4 5 6 7 8 9 10 11 12
User-Agent : Mozilla Thunderbird
On 7/13/2025 7:34 AM, Rich wrote:
Stefan Claas <stefan@mailchuck.com> wrote:
Chris M. Thomasson wrote:
Think of an offline encrypt with say, my symmetric HMAC cipher
thing.  You save the ciphertext to a usb drive.  Oh shit, say the
offline computer is infected with a virus, and the USB is now highly
suspect.  Sigh...  Alice gives the USB to Bob, key/viral exchange,
say a new key is encrypted in the ciphertext...  ;^).  Bob just
infected his computer with the virus before decrypt even occurs.
Now, if this is all offline, then the virus should not be able to
use the net to infect.  However, it might have a keylogger and alter
your encrypted messages right after you click encrypt or something?
So, you think you encrypt the message attack at dawn.  The keylogger
changes dawn to dusk -before- it gets passed into the cipher to do
its thing, so to speak...
>
So, offline encrypting Alice and Bob would need to be _sure_ that
their devices are _secure_, aka, no malware, ect...  and for this
aspect, no internet access, wifi, bluetooth, ect, signals,...  Its
in a, say a fractal cloak, so to speak.  Check this out:
fractenna.com.  They have them.
>
You see, this topic is always left out by security experts, when discussing
encryption.
>
For an initial set-up of an offline device it can be used once online and
to install the required programs.
 For a true 'ssecurity export' they will stop you right here and yell:
"insecure".  If you really want this offline device to be secure, you
must never, ever, use it 'online', even once.  Back in the days of the
early WinXP and it's security issues (esp. pre Service Pack 1) the tale
was that connecting an unpatched WinXP machine to the internet would
result in it being infected with something within a time range of
something like 30-90 seconds.
Oh shit. Yikes! What about older windows os's (even NT (client/server) iirc) that actually had a damn blank password for the Administrator account? I wrote a test program around 26 years ago back when I was creating specialized server software that would try to log onto computers using the Administrator account with no password. Just scanning ip ranges... Well, wow. Shit happens!
I was able to connect to many of them, and log in... Wow! Then it was simply a matter of putting some software that would get run on the next boot. A system service that setup a special proxy http server. Iirc, I could not run the program right off the bat. Did not explore RPC too much in that case. Oh that was bad of me, but also it was nasty for the Administrator account to have no damn password! Damn Microcrap!

So instead, this 'offline' machine must be assembled and delivered
ready to go -- with no usage 'online' ever.  Which now shifts your
concern to supply chain attacks instead of online attacks.  A NSA level
exploit inserted during the assembly line becomes your concern now.
 
Later you send/receive files with a 3,5 inch drive and disks.  Their
are so loud that you can here read/write access and only have 1.4 MB
storage capacity which you can easily inspect with a disk monitor.
 And, for the truly creative, the 3.5 inch disk could have a small
onboard hardware exploit that monitors the read/write patterns going
to/from the head and either extracts what it wants (keys) or makes
modifications to what it wants to change the messages.  This is still,
mostly, a supply chain attack variant, but even "use 3.5 inch disks" is
not a guarantee of security, for a truly determined attacker.
 
But you must hurry to get disks and a drive at Amazon, because when
stocks run out, I am not sure if they are re-filling.
 They won't be.  I doubt any manufacturer is making new 3.5 inch drive
hardware.  And while there might be a small market for the disks
themselves, this market will also dry up as the existing, unreplacable,
hardware fails from old age.

Date Sujet#  Auteur
4 Jul 25 * AI's take on my cipher...64Chris M. Thomasson
6 Jul 25 +* Re: AI's take on my cipher...61Stefan Claas
6 Jul 25 i`* Re: AI's take on my cipher...60Chris M. Thomasson
7 Jul 25 i `* Re: AI's take on my cipher...59Stefan Claas
7 Jul 25 i  +- Re: AI's take on my cipher...1Chris M. Thomasson
7 Jul 25 i  +* Re: AI's take on my cipher...6Chris M. Thomasson
7 Jul 25 i  i+* Re: AI's take on my cipher...3Chris M. Thomasson
7 Jul 25 i  ii`* Re: AI's take on my cipher...2Rich
8 Jul 25 i  ii `- Re: AI's take on my cipher...1Chris M. Thomasson
8 Jul 25 i  i`* Re: AI's take on my cipher...2colin
8 Jul 25 i  i `- Re: AI's take on my cipher...1Chris M. Thomasson
7 Jul 25 i  `* Re: AI's take on my cipher...51Chris M. Thomasson
7 Jul 25 i   `* Re: AI's take on my cipher...50Stefan Claas
7 Jul 25 i    `* Re: AI's take on my cipher...49Chris M. Thomasson
7 Jul 25 i     `* Re: AI's take on my cipher...48Stefan Claas
7 Jul 25 i      `* Re: AI's take on my cipher...47Chris M. Thomasson
7 Jul 25 i       `* Re: AI's take on my cipher...46Chris M. Thomasson
7 Jul 25 i        +- Re: AI's take on my cipher...1Chris M. Thomasson
7 Jul 25 i        `* Re: AI's take on my cipher...44Stefan Claas
7 Jul 25 i         +* Re: AI's take on my cipher...42Chris M. Thomasson
7 Jul 25 i         i+- Re: AI's take on my cipher...1Chris M. Thomasson
7 Jul 25 i         i`* Re: AI's take on my cipher...40Stefan Claas
7 Jul 25 i         i `* Re: AI's take on my cipher...39Chris M. Thomasson
7 Jul 25 i         i  `* Re: AI's take on my cipher...38Stefan Claas
8 Jul 25 i         i   `* Re: AI's take on my cipher...37Chris M. Thomasson
8 Jul 25 i         i    `* Re: AI's take on my cipher...36Stefan Claas
8 Jul 25 i         i     +- Re: AI's take on my cipher...1Stefan Claas
9 Jul 25 i         i     +- Re: AI's take on my cipher...1Rich
9 Jul 25 i         i     `* Re: AI's take on my cipher...33Chris M. Thomasson
9 Jul 25 i         i      `* Re: AI's take on my cipher...32Stefan Claas
9 Jul 25 i         i       `* Re: AI's take on my cipher...31Chris M. Thomasson
10 Jul 25 i         i        `* Re: AI's take on my cipher...30Stefan Claas
10 Jul 25 i         i         +* Re: AI's take on my cipher...2Chris M. Thomasson
10 Jul 25 i         i         i`- Re: AI's take on my cipher...1Chris M. Thomasson
11 Jul 25 i         i         `* Re: AI's take on my cipher...27Richard Heathfield
11 Jul 25 i         i          `* Re: AI's take on my cipher...26Stefan Claas
11 Jul 25 i         i           +* Re: AI's take on my cipher...3Richard Heathfield
12 Jul 25 i         i           i`* Re: AI's take on my cipher...2Stefan Claas
13 Jul 25 i         i           i `- Re: AI's take on my cipher...1Chris M. Thomasson
12 Jul 25 i         i           `* Re: AI's take on my cipher...22Rich
12 Jul 25 i         i            `* Re: AI's take on my cipher...21Stefan Claas
13 Jul 25 i         i             +* Re: AI's take on my cipher...19Chris M. Thomasson
13 Jul 25 i         i             i+* Re: AI's take on my cipher...3Stefan Claas
13 Jul 25 i         i             ii`* Re: AI's take on my cipher...2Rich
13 Jul 25 i         i             ii `- Re: AI's take on my cipher...1Chris M. Thomasson
13 Jul 25 i         i             i+* Re: AI's take on my cipher...2Stefan Claas
13 Jul 25 i         i             ii`- Re: AI's take on my cipher...1Rich
13 Jul 25 i         i             i`* Re: AI's take on my cipher...13Rich
13 Jul 25 i         i             i `* Re: AI's take on my cipher...12Stefan Claas
13 Jul 25 i         i             i  +- Re: AI's take on my cipher...1Stefan Claas
14 Jul 25 i         i             i  `* Re: AI's take on my cipher...10Rich
14 Jul 25 i         i             i   `* Re: AI's take on my cipher...9Stefan Claas
14 Jul 25 i         i             i    +* Re: AI's take on my cipher...4Stefan Claas
14 Jul 25 i         i             i    i`* Re: AI's take on my cipher...3Rich
14 Jul 25 i         i             i    i `* Re: AI's take on my cipher...2Stefan Claas
15 Jul 25 i         i             i    i  `- Re: AI's take on my cipher...1Rich
14 Jul 25 i         i             i    +* Re: AI's take on my cipher...3Rich
14 Jul 25 i         i             i    i`* Re: AI's take on my cipher...2Stefan Claas
15 Jul 25 i         i             i    i `- Re: AI's take on my cipher...1Rich
14 Jul 25 i         i             i    `- Re: AI's take on my cipher...1Chris M. Thomasson
13 Jul 25 i         i             `- Re: AI's take on my cipher...1Rich
16 Jul 25 i         `- Re: AI's take on my cipher...1Stefan Claas
15 Jul 25 `* Re: AI's take on my cipher...2Chris M. Thomasson
15 Jul 25  `- Re: AI's take on my cipher...1Chris M. Thomasson

Haut de la page

Les messages affichés proviennent d'usenet.

NewsPortal