[vox-tech] Linux's Vulnerability to E-mail Viruses

Peter Jay Salzman vox-tech@lists.lugod.org
Fri, 26 Apr 2002 08:47:58 -0700


begin Chris McKenzie <cjmckenzie@ucdavis.edu> 
> I hate long threads to I'll cut some stuff out here.
> 
> Well I took the idea from an old book I read, I think it was by Diffie ...
> The idea is to avoid transferring of keys.  In some older system there may
> be some very tricky clever method of encrypting data and the same code
> encrypts and decrypts it.  Therefore these codes are very valuable.  How
> do I get them to you?  Well I send some big hefty armed guy with a
> suitcase locked to his wrist to deliver it to you or something like that.
> 
> The asymmetric nature eliminates the need for a key exchange.  I can give
> you the encrypt key, and it will not help you decrypt what you encrypt.
 
yeah, but what you just described here is an open key crypto system,
like gpg.  and if by "key" you mean "that which unlocks the code", then
you've exactly described a public key system.

you tell people how to encrypt the package, but don't tell them how to
decrypt it.
 
in fact, isn't diffie one of the inventers of public key cryptography?

> > - Does symmetric encryption require that sort of combination to work?
> >   (A.lock, B.lock, A.unlock, B.unlock)
> 
> Symmetric _encryption_ is defined mathematically somewhere and I think it
> is out of the scope of my concentration but if you are fluent in mathlish and
> read proofs as you have breakfast every morningthat I encourage you to
> hunt it down.  As for you argument above, I don't think it is symmetric
> simply because the undoing of the process is not the reverse of the actual
> doing of it.

i'm not sure i want to think about whether public key systems are
asymmetic or not.  it's 8am and i just woke up...

> The distinction between nearly-asymmetric and symmetric is not always an
> easy one and I wish I could buffer it with a nice formal definition.  I
> can sure try:
> Given a set of values m that go through a transformation n=[A->B]m, a
> process
> is symmetric if
> 	1. The Operations of the transformation B->A are valid
> 	2. The Operations of the transformation B->A are identicle to A->B
> Corollary: This would imply that m=[A->B]n ^ m=[B->A]n.

this clearly described DES and IDEA.
 
> A process is nearly asymmetric if
> 	1. The operations of the transformation B->A are valid
> 	2. The operations of the transformation B->A are not identicle to
> A->B however, m=[A->B]n ^ m=[B->A]n.
> 
> A process is symmetric if
> 	1. The operations of the transformation B->A can be valid, so long
> 	as if m=[A->B]n then m != [B->A]n.
> 	2. To get from n back to m will involve a process D->C which is
> not identicle to A->B or B->A but will still yeild m.
 
should this have been asymmetric?

what does the operator ^ mean?

pete