Crypto overhaul

Jules Gilbert repeatable_compression at yahoo.com
Wed Nov 1 07:31:51 UTC 2017 

I've been trying to encourage this group to take a look at whether it's 
a good idea to continue to depend on factoring as the basis for secret 
message passing.

I read the notes of the work discussed here for relaxation.  I'm not a 
contributor.  Or rather, my warning was my small contribution, people 
yawned.  Which is how things work...

If you're interested in predicting data bytes contained in unseen files, 
here's a copy of my first demo system.  It's been out for nearly three 
years, enjoy it.

I have a new system, another demo of this type, actually two separate C 
programs, one which runs on the SEND-side of a non-existent channel, the 
other, the RCVE-side.  The program transfers data from the first machine 
to the second, even if the two machines are never on at the same time 
and of course!, are not connected in any way;  The only 'connection' 
being synchronized random number streams, nothing else.  I'm not sure 
whether this is obvious:  The RCVE machine can read the SEND-side 
message before it exists.  How?, messages (now short, though the random 
streams are lengthy,) are encoded and decoded based on the random number 
stream.

I don't have proof, but when I look at the available facts, to me it 
looks like messages based on factoring are not secure.  And not because 
of holes in the architecture of SSL, rather because factoring has become 
easy.




// Copyright Jules Gilbert, 2015.  All rights reserved.

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <math.h>
#include <ctype.h>
#include <errno.h>
#include <unistd.h>

/////////////////////////////////////////////////////////////////////////////

#define mask(n)         ((1<<n)-1)
#define rdm(n)          ((random() >>  7) & mask(n))
#define rdm8()          ((random() >> 20) & 255)

#define INPUT_FILE      "compressed file to be used as example input"

/////////////////////////////////////////////////////////////////////////////

typedef      char         *stx;

typedef  unsigned char     cnu;
typedef    signed char     cns;

typedef  unsigned int      inu;
typedef    signed int      ins;

typedef    cns            *csx;
typedef    cnu            *cnx;
typedef    int            *inx;

/////////////////////////////////////////////////////////////////////////////

FILE *iFILE;

int nCHAR, iDSN;

char DSN[4][99];

int raw, newSR, oldSD, oldSRoldSD, newSRoldSD;

/////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////

int
mimicGE()
{
  // this predicts whether the next byte
  // in a file containing previously
  // compressed data, meets:
  //
  //            r >= d
  //
  // where 'r' is the value 'raw', an 8-bit random
  // number, and 'd' is the next value in a vector
  // from a previously compressed data vector.
  //
  // This does something very simple, it predicts
  // the "r >= d" relationship with better than 75%
  // accuracy, without ever seeing the actual data.
  //
  // Not any portion of the 'd' data vector is read.
  // Here, for the purpose of proving this demo, the
  // data is examined to establish the merit of the
  // prediction process.  This demo is complete,
  // this code doesn't make hidden system calls, in
  // fact it's very simple code.
  //
  //
  // Given p = r >= d;
  // Where 'p' isn't based on (r >= d), but on this
  // routine, one can:
  //
  // int new_d = p ? (r-d) : (d-r);
  //
  // With 75% reliability,'new_d' will be a smaller value,
  // eg., closer to zero.
  //

   if ((raw <= 119)) return 0;
   if ((raw <= 128) && (newSR >= 106)) return 0;
   if ((raw <= 128) && (raw >= 124) && (oldSD >= -35))
       return 0;
   if ((raw <= 134) && (oldSRoldSD >= -29) && (newSRoldSD <= 100))
       return 0;
   if ((raw <= 143) && (newSRoldSD >= 108) && (newSR <= 88) &&
       (newSR >= 83) && (oldSRoldSD >= 8)) return 0;
   return 1;
}

/////////////////////////////////////////////////////////////////////////////

long
sizeofFILE( FILE *f)
{
   long  current, filesize;
   current = ftell(f);
   fseek(f, 0L, SEEK_END);
   filesize = ftell(f);
   fseek(f, current, SEEK_SET);
   rewind(f);
   return filesize;
}

/////////////////////////////////////////////////////////////////////////////

void
Predict_Unseen_Byte_Values()
{
  int i, count=0;

  int sr = 0;
  int sd = 0;

   // just examples of how to open a file in C.
   iFILE = fopen(INPUT_FILE, "rb");
   // iFILE = fopen("thunderbird-31.3.0.source.tar.bz2", "rb");
   nCHAR = sizeofFILE(iFILE);

   for(i=0;i<nCHAR;i++)
        {
          cnu jaz = rdm8();
          cnu jnk = rdm8();
          cnu dat = jaz ^ fgetc(iFILE);

          int actFLAG, prdFLAG;

           raw = rdm8();

           actFLAG = raw >= dat;

           oldSD = sd;  oldSRoldSD = sr - sd;
           sr += raw;   newSRoldSD = sr - sd;
           newSR = sr;

           prdFLAG = mimicGE();

           // printf("%d%d\n",actFLAG,prdFLAG);
           if (actFLAG == prdFLAG) ++count;

           sd += jnk;  // no reference to client 'dat'
           sr /= -2;
           sd /= -2;
        }

   fclose(iFILE);

   // show single-pass merit, typically about 75%.
   printf("File to be processed is: \'%s\'\n",INPUT_FILE);
   fflush(stdout);
   printf("%6.3f%%  %d bytes.\n" , (100. * count) / nCHAR , nCHAR);
   // show single-pass merit, typically about 75%.
}

/////////////////////////////////////////////////////////////////////////////

void
main()
{
   printf("Copyright Jules Gilbert, 2015.  All rights reserved.\n");
   Predict_Unseen_Byte_Values();
}

/////////////////////////////////////////////////////////////////////////////

More information about the freebsd-security mailing list