unofficial mirror of guile-devel@gnu.org 
 help / color / mirror / Atom feed
From: Mike Gerwitz <mikegerwitz@gnu.org>
To: Ian Grant <ian.a.n.grant@googlemail.com>
Cc: Mark H Weaver <mhw@netris.org>, Markus Kuhn <mgk25@cam.ac.uk>,
	lightning <lightning@gnu.org>, Richard Stallman <rms@gnu.org>,
	guile-devel <guile-devel@gnu.org>
Subject: Re: Verifying Toolchain Semantics
Date: Tue, 7 Oct 2014 23:55:22 -0400	[thread overview]
Message-ID: <20141008035522.GA12564@fencepost.gnu.org> (raw)
In-Reply-To: <CAKFjmdx+jzfapvrq6EEO8Skx2L2UZwi-DZ22xiq9t1438E7kOw@mail.gmail.com>

[-- Attachment #1: Type: text/plain, Size: 6047 bytes --]

To limit your attack area for a response (out of respect for the
recipients---feel free to continue this conversation with me in private) I'm
going to keep this relatively brief.

On Tue, Oct 07, 2014 at 01:18:31PM -0400, Ian Grant wrote:
> The problem is not understood by _you._ otherwise you wouldn't say it
> was an enormous investment of time.

Then do it. You already have a large time investment on these lists.

> Even cryptographic checksums are not unique. So if you know what checksum
> you are trying to defeat (MD5, say) you could make a new PDF with
> different text, but which had the same checksum. The fact that this wasn't
> obvious to you demonstrates something important

I'm not sure how you even remotely got that impression, especially
considering that collisions were at the core of one of my arguments.

> I have zero confidence in the security of my own system. And not
> because of a "Thompson virus" (It's not a virus, and it's no more
> associated with Thompson than it is with the NSA.) it's because it's
> mostly GNU software, which I know is so totally insecure you wouldn't
> need a compiler trap door to get into any and every system.

Perhaps you should spend less time complaining about it and submit patches.
Even if they implement your suggestions---which you stated isn't much of a
time investment anyway---you will have worked much further toward solving
the problem than you already have.

If the system is so fundamentally insecure, why has that not been
aggressively demonstrated by crackers, and why have you not demonstrated
numerous exploits?

> > So tell me: how does your yet-to-be-released checksum algorithm provide
> > any better assurances than this?
> 
> I think I've explained that.

No, you have explained that you think I don't know what I'm talking about,
without producing any actual content or substantiating your opinion.

> > I certainly hope that developers of systems that use public-key cryptography
> > understand the obvious, fundamental principle that you described in the
> > article that Mark linked.[...]
> 
> I sincerely doubt that developers of systems that use public-key
> cryptography know that. In fact, I doubt anyone will be able to
> provide me a reference to a commercially published source that clearly
> and explicitly says essentially what I said there. I doubt anyone
> could even give me a URL for a text that clearly and explicitly states
> that. And to show it is widely acknowledged you would need to point to
> dozens of instances.

The link itself[8] contains a reference (one of Schneier's books). In fact,
you didn't provide any actual details aside from a mention of "the
factorization problem"---just generalizations.

  "Computing discrete logarithms is believed to be difficult. No efficient
  general method for computing discrete logarithms on conventional computers
  is known, and several important algorithms in public-key cryptography base
  their security on the assumption that the discrete logarithm problem has
  no efficient solution."[0]

The discrete logarithm problem is also mentioned, directly or indirectly, by
[1], [2], [3], [4], and is broken by [5], but a mention of how to avoid the
problems caused by Shor's attack on elliptic curve cryptography is mentioned
in [6]. Shor's paper mentioning the issue is at [7].

I intentionally linked a large number of Wikipedia articles to show its
ubiquity in such a common public resource. It is *core* to the discussion of
the Diffie-Hellman probrem (and, consequently, ElGamal). Research into
the discovery of primes dates back to ancient times (an example being
Eratosthenes of Cyrene); it's an elementary topic that naturally segues
into, at the very least, limitations of modern algorithms and future
outlook.

I'm not sure why you think that this is some secret.

> No. You have not told me anything I didn't already know. But I hope
> you appreciate I have told you things you should have known, had you
> only thought a little about them.

You did tell me something: that you were too busy trying to poke holes in my
response that you didn't take the time to grok what I had written, and
dismissed it as anything but ammunition against me.

This is precisely why you are being pushed away or ignored. You have no
intent to *actually help*, or you would have.

> [...],you would have had a scheme program that generated PDF reader
> programs by now. And that would have given you a guile PDF display plugin
> for Firefox, for example.

I guess we're just not that sweet, huh?

But you sound like you are. Perhaps you could implement this for us as a
demonstration of the power of the methodology you tout.

> And maybe one-day you won't feel embarrassed to call yourself a
> programmer, or a software engineer. Here's hoping, anyway.

You seem to be assuming that you have somehow made myself---or anyone else,
for that matter---feel embarrassed. The GNU Project is composed of, like it
or not, individuals that are *proud* to be part of the prestigious (and
the original) free operating system. You have falsely assumed that a lack of
knowledge on a narrow subset of computer science is somehow indicative of
incompetence, and that you somehow are of superior competence *because* of
knowledge in those areas.


[0]: http://en.wikipedia.org/wiki/Discrete_logarithm_problem
[1]: http://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange
[2]: http://en.wikipedia.org/wiki/Public_key_cryptography
[3]: http://en.wikipedia.org/wiki/Integer_factorization
[4]: http://en.wikipedia.org/wiki/RSA_(algorithm)
[5]: http://en.wikipedia.org/wiki/Shor%27s_algorithm
[6]: http://en.wikipedia.org/wiki/Elliptic_curve_cryptography
[7]: http://arxiv.org/abs/quant-ph/9508027
[8]: http://livelogic.blogspot.dk/2014/09/the-free-fair-and-forged.html

-- 
Mike Gerwitz
Free Software Hacker | GNU Maintainer
http://mikegerwitz.com
FSF Member #5804 | GPG Key ID: 0x8EE30EAB

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 836 bytes --]

  parent reply	other threads:[~2014-10-08  3:55 UTC|newest]

Thread overview: 27+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-10-02 14:54 Verifying Toolchain Semantics Ian Grant
2014-10-03  6:23 ` Mark H Weaver
2014-10-03  7:15   ` William ML Leslie
2014-10-03 12:56     ` Taylan Ulrich Bayirli/Kammer
2014-10-03 17:13       ` Mark H Weaver
2014-10-05 13:57       ` William ML Leslie
2014-10-03  8:45   ` Nala Ginrut
2014-10-05  1:35   ` Ian Grant
2014-10-05  5:39     ` Nala Ginrut
2014-10-05 14:14       ` Ian Grant
2014-10-05 15:15         ` Nala Ginrut
2014-10-05 16:24           ` Ian Grant
2014-10-06  8:25             ` Nala Ginrut
2014-10-05  6:58     ` Mike Gerwitz
2014-10-05 16:11       ` Ian Grant
2014-10-06  4:23         ` Mike Gerwitz
     [not found]           ` <20141006042323.GA31390-iW7gFb+/I3LZHJUXO5efmti2O/JbrIOy@public.gmane.org>
2014-10-07 17:18             ` Ian Grant
     [not found]               ` <CAKFjmdx+jzfapvrq6EEO8Skx2L2UZwi-DZ22xiq9t1438E7kOw-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-10-07 17:28                 ` Mark H Weaver
2014-10-07 17:56                   ` Ian Grant
     [not found]                     ` <CAKFjmdwNTjJ7nU-rKEWkA+5whsfyrpqJ6RkhU+VRbUW6rqT03A-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-10-07 19:24                       ` Philip Herron
     [not found]                         ` <CAEvRbeoEJPTtoDu0nDudJyfBoaT1vpuvHzL=t+TkJr_ZGkzYEQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-10-07 19:47                           ` Ian Grant
2014-10-08 18:26                       ` Mark H Weaver
2014-10-08  3:55               ` Mike Gerwitz [this message]
  -- strict thread matches above, loose matches on Subject: below --
2014-10-05 17:42 Ian Grant
2014-10-05 18:19 ` Ian Grant
2014-10-06  0:30 Ian Grant
     [not found] ` <CAKFjmdzxAMvcry8N6B_atM_8vGyzA1Dfz9ygWxSgh3fD7EUAuQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-10-06  8:51   ` William ML Leslie

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: https://www.gnu.org/software/guile/

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20141008035522.GA12564@fencepost.gnu.org \
    --to=mikegerwitz@gnu.org \
    --cc=guile-devel@gnu.org \
    --cc=ian.a.n.grant@googlemail.com \
    --cc=lightning@gnu.org \
    --cc=mgk25@cam.ac.uk \
    --cc=mhw@netris.org \
    --cc=rms@gnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).