From owner-freebsd-security@freebsd.org  Wed Nov  1 07:31:51 2017
Return-Path: <owner-freebsd-security@freebsd.org>
Delivered-To: freebsd-security@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5E676E65436
 for <freebsd-security@mailman.ysv.freebsd.org>;
 Wed,  1 Nov 2017 07:31:51 +0000 (UTC)
 (envelope-from repeatable_compression@yahoo.com)
Received: from sonic307-10.consmr.mail.ne1.yahoo.com
 (sonic307-10.consmr.mail.ne1.yahoo.com [66.163.190.33])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 26C0B1961
 for <freebsd-security@freebsd.org>; Wed,  1 Nov 2017 07:31:50 +0000 (UTC)
 (envelope-from repeatable_compression@yahoo.com)
X-YMail-OSG: aR_jXNMVM1mZuxbNNHy61RICA_RI4hgErdqCFsUi67V9vbOd4HamBAkd6fc9L13
 42q7sOSxrxSKJdZZlzAlnGKePDVJp0MULUg4Xfz0ScFjNtWpiEF0OmNFixxFWEFBUHOxBdM.tZjw
 c0SoAYz6hB5ZUNHudQOaq8iRO9TuijAJQL3z1nASu38HQZMJFsfKgG.Kp7zWtRGqPEAyCtQwKYuq
 n8.iGZnCXBPrFS4tdtxBjTKBou7prHl18PMnULbxMlXs3.5MBdPYuSH5du8TJF7_h0cRUGWu1LWi
 q5SqSb4N.5vRbnqj51fevZ8.lxYF9Gef5JJvYiDfnO7ysnBjbTUoSfhFa._Z_q.wAM5V1S4qNVZo
 3BncInmOqxRz0GP3S24FbxSzphImzY3YIcU4RMC8egOs4VOAW0J4r.Kts0Rojo4rP3HyjAI8impR
 YVCuqJuCH4isDsSpO5z9selkVeT9nSJWr9rdNCunY8jMNSLSR8gkv2KuVqLT9y9MfenXEQBTs26J
 LqjozRTNgrqHP5mnd94c-
Received: from sonic.gate.mail.ne1.yahoo.com by
 sonic307.consmr.mail.ne1.yahoo.com with HTTP; Wed, 1 Nov 2017 07:31:43 +0000
Received: from [127.0.0.1] by smtp112.mail.ne1.yahoo.com with NNFMP;
 01 Nov 2017 07:31:42 -0000
X-Yahoo-Newman-Id: 261437.14638.bm@smtp112.mail.ne1.yahoo.com
X-Yahoo-Newman-Property: ymail-3
X-YMail-OSG: aR_jXNMVM1mZuxbNNHy61RICA_RI4hgErdqCFsUi67V9vbO
 d4HamBAkd6fc9L1342q7sOSxrxSKJdZZlzAlnGKePDVJp0MULUg4Xfz0ScFj
 NtWpiEF0OmNFixxFWEFBUHOxBdM.tZjwc0SoAYz6hB5ZUNHudQOaq8iRO9Tu
 ijAJQL3z1nASu38HQZMJFsfKgG.Kp7zWtRGqPEAyCtQwKYuqn8.iGZnCXBPr
 FS4tdtxBjTKBou7prHl18PMnULbxMlXs3.5MBdPYuSH5du8TJF7_h0cRUGWu
 1LWiq5SqSb4N.5vRbnqj51fevZ8.lxYF9Gef5JJvYiDfnO7ysnBjbTUoSfhF
 a._Z_q.wAM5V1S4qNVZo3BncInmOqxRz0GP3S24FbxSzphImzY3YIcU4RMC8
 egOs4VOAW0J4r.Kts0Rojo4rP3HyjAI8impRYVCuqJuCH4isDsSpO5z9selk
 VeT9nSJWr9rdNCunY8jMNSLSR8gkv2KuVqLT9y9MfenXEQBTs26JLqjozRTN
 grqHP5mnd94c-
X-Yahoo-SMTP: KDkTLsqswBBCmUTAOzBaZ_hLyVQzFsoqgrhYGNK2rJDiXlA-
Subject: Re: Crypto overhaul
To: freebsd-security@freebsd.org
References: <dc08792a-3215-611c-eb9f-4936a0d621f9@metricspace.net>
 <CAG5KPzws=jmF2wLeEAz8Lzn7Ugude=0w5neoQjeDjYnGtJpS9Q@mail.gmail.com>
 <13959.1509132270@critter.freebsd.dk>
 <CAG5KPzxGtAwV-svCv24FbZtLvxKCwX7OSyb2pPaTc63EUmFFGA@mail.gmail.com>
 <20171028022557.GE96685@kduck.kaduk.org>
 <23376.1509177812@critter.freebsd.dk>
 <20171028123132.GF96685@kduck.kaduk.org>
 <24228.1509196559@critter.freebsd.dk>
 <df46aaa5-13a9-2fc6-bcd2-d57d792800eb@metricspace.net>
 <e83f9add-d6d4-494d-669a-215765c0b5eb@elischer.org>
 <cfa28da2-0a4b-c6b9-2e22-3fbb1bbc9394@metricspace.net>
 <f331e70771ed4eb28878a4ae00905cc2@exch-02.redcom.com>
 <1adbe576-2610-573b-f555-3b1a537f25e0@metricspace.net>
From: Jules Gilbert <repeatable_compression@yahoo.com>
Message-ID: <7c024488-cb11-4ee9-a077-1a7ad14ab7b4@yahoo.com>
Date: Wed, 1 Nov 2017 03:31:39 -0400
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101
 Thunderbird/52.4.0
MIME-Version: 1.0
In-Reply-To: <1adbe576-2610-573b-f555-3b1a537f25e0@metricspace.net>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Content-Language: en-US
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: "Security issues \[members-only posting\]"
 <freebsd-security.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security/>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Nov 2017 07:31:51 -0000


I've been trying to encourage this group to take a look at whether it's 
a good idea to continue to depend on factoring as the basis for secret 
message passing.

I read the notes of the work discussed here for relaxation.  I'm not a 
contributor.  Or rather, my warning was my small contribution, people 
yawned.  Which is how things work...

If you're interested in predicting data bytes contained in unseen files, 
here's a copy of my first demo system.  It's been out for nearly three 
years, enjoy it.

I have a new system, another demo of this type, actually two separate C 
programs, one which runs on the SEND-side of a non-existent channel, the 
other, the RCVE-side.  The program transfers data from the first machine 
to the second, even if the two machines are never on at the same time 
and of course!, are not connected in any way;  The only 'connection' 
being synchronized random number streams, nothing else.  I'm not sure 
whether this is obvious:  The RCVE machine can read the SEND-side 
message before it exists.  How?, messages (now short, though the random 
streams are lengthy,) are encoded and decoded based on the random number 
stream.

I don't have proof, but when I look at the available facts, to me it 
looks like messages based on factoring are not secure.  And not because 
of holes in the architecture of SSL, rather because factoring has become 
easy.




// Copyright Jules Gilbert, 2015.  All rights reserved.

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <math.h>
#include <ctype.h>
#include <errno.h>
#include <unistd.h>

/////////////////////////////////////////////////////////////////////////////

#define mask(n)         ((1<<n)-1)
#define rdm(n)          ((random() >>  7) & mask(n))
#define rdm8()          ((random() >> 20) & 255)

#define INPUT_FILE      "compressed file to be used as example input"

/////////////////////////////////////////////////////////////////////////////

typedef      char         *stx;

typedef  unsigned char     cnu;
typedef    signed char     cns;

typedef  unsigned int      inu;
typedef    signed int      ins;

typedef    cns            *csx;
typedef    cnu            *cnx;
typedef    int            *inx;

/////////////////////////////////////////////////////////////////////////////

FILE *iFILE;

int nCHAR, iDSN;

char DSN[4][99];

int raw, newSR, oldSD, oldSRoldSD, newSRoldSD;

/////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////

int
mimicGE()
{
  // this predicts whether the next byte
  // in a file containing previously
  // compressed data, meets:
  //
  //            r >= d
  //
  // where 'r' is the value 'raw', an 8-bit random
  // number, and 'd' is the next value in a vector
  // from a previously compressed data vector.
  //
  // This does something very simple, it predicts
  // the "r >= d" relationship with better than 75%
  // accuracy, without ever seeing the actual data.
  //
  // Not any portion of the 'd' data vector is read.
  // Here, for the purpose of proving this demo, the
  // data is examined to establish the merit of the
  // prediction process.  This demo is complete,
  // this code doesn't make hidden system calls, in
  // fact it's very simple code.
  //
  //
  // Given p = r >= d;
  // Where 'p' isn't based on (r >= d), but on this
  // routine, one can:
  //
  // int new_d = p ? (r-d) : (d-r);
  //
  // With 75% reliability,'new_d' will be a smaller value,
  // eg., closer to zero.
  //

   if ((raw <= 119)) return 0;
   if ((raw <= 128) && (newSR >= 106)) return 0;
   if ((raw <= 128) && (raw >= 124) && (oldSD >= -35))
       return 0;
   if ((raw <= 134) && (oldSRoldSD >= -29) && (newSRoldSD <= 100))
       return 0;
   if ((raw <= 143) && (newSRoldSD >= 108) && (newSR <= 88) &&
       (newSR >= 83) && (oldSRoldSD >= 8)) return 0;
   return 1;
}

/////////////////////////////////////////////////////////////////////////////

long
sizeofFILE( FILE *f)
{
   long  current, filesize;
   current = ftell(f);
   fseek(f, 0L, SEEK_END);
   filesize = ftell(f);
   fseek(f, current, SEEK_SET);
   rewind(f);
   return filesize;
}

/////////////////////////////////////////////////////////////////////////////

void
Predict_Unseen_Byte_Values()
{
  int i, count=0;

  int sr = 0;
  int sd = 0;

   // just examples of how to open a file in C.
   iFILE = fopen(INPUT_FILE, "rb");
   // iFILE = fopen("thunderbird-31.3.0.source.tar.bz2", "rb");
   nCHAR = sizeofFILE(iFILE);

   for(i=0;i<nCHAR;i++)
        {
          cnu jaz = rdm8();
          cnu jnk = rdm8();
          cnu dat = jaz ^ fgetc(iFILE);

          int actFLAG, prdFLAG;

           raw = rdm8();

           actFLAG = raw >= dat;

           oldSD = sd;  oldSRoldSD = sr - sd;
           sr += raw;   newSRoldSD = sr - sd;
           newSR = sr;

           prdFLAG = mimicGE();

           // printf("%d%d\n",actFLAG,prdFLAG);
           if (actFLAG == prdFLAG) ++count;

           sd += jnk;  // no reference to client 'dat'
           sr /= -2;
           sd /= -2;
        }

   fclose(iFILE);

   // show single-pass merit, typically about 75%.
   printf("File to be processed is: \'%s\'\n",INPUT_FILE);
   fflush(stdout);
   printf("%6.3f%%  %d bytes.\n" , (100. * count) / nCHAR , nCHAR);
   // show single-pass merit, typically about 75%.
}

/////////////////////////////////////////////////////////////////////////////

void
main()
{
   printf("Copyright Jules Gilbert, 2015.  All rights reserved.\n");
   Predict_Unseen_Byte_Values();
}

/////////////////////////////////////////////////////////////////////////////