"For those who don't yet know from their other social media: a week ago the cryptographer Yilei Chen posted a preprint, eprint.iacr.org/2024/555, claiming to give a polynomial-time quantum algorithm to solve lattice problems. For example, it claims to solve the GapSVP problem, which asks to approximate the length of the shortest nonzero vector in a given n-dimensional lattice, to within an approximation ratio of ~n4.5. The best approximation ratio previously known to be achievable in classical or quantum polynomial time was exponential in n."

"If it's correct, this is an extremely big deal. It doesn't quite break the main lattice-based cryptosystems, but it would put those cryptosystems into a precarious position, vulnerable to a mere further polynomial improvement in the approximation factor. And, as we learned from the recent NIST competition, if the lattice-based and LWE-based systems were to fall, then we really don't have many great candidates left for post-quantum public-key cryptography! On top of that, a full quantum break of LWE (which, again, Chen is not claiming) would lay waste (in a world with scalable QCs, of course) to a large fraction of the beautiful sandcastles that classical and quantum cryptographers have built up over the last couple decades--everything from Fully Homomorphic Encryption schemes, to Mahadev's protocol for proving the output of any quantum computation to a classical skeptic."

Wow, that's quite a lot. Let's see if we can figure out what's going on here.

First of all, I hadn't heard of these "lattice" problems, but doing some digging, I found they've been of great interest to people working on quantum computers, because they're thought to be resistant to attacks from quantum computers. Quantum computers have this magical ability to use the superposition of wavefunctions to test "all combinations at once" for a mathematical problem, which could be finding a key that decrypts an encrypted message. This magical ability is harder to tap into than it sounds because, first of all, you need enough qubits (quantum bits -- the superposition bits that quantum computers use instead of the regular 0 or 1 bits of regular computers), and that's really hard because all the qubits have to be entangled, and maintaining a boatload of entangled qubits usually involves freezing atoms to near absolute zero and other such difficult things. And second of all, you have to find an algorithm -- quantum computers are not straightforward to program, and can only "run" "programs" written specifically for quantum computers, with algorithms that have been invented to solve a particular mathematical problem using quantum physics.

What supposedly makes "lattice" problems harder to solve than RSA, Elliptic Curve Cryptography, and so on, is that with lattices, you can have any number of dimensions. This increase in dimensionality cranks up the number of qubits required much faster than traditional algorithms such as RSA, Elliptic Curve Cryptography, and so on. So they stand a much better chance of outpacing the advancement of quantum computers. Also, nobody has ever come up with an algorithm for cracking lattice problems...

...until now, maybe. That's what this post is about. Possibly this Yilei Chen cryptographer has found an algorithm. The specific encryption algorithm that he may have found a way to crack with a quantum computer algorithm is called GapSVP. SVP stands for "shortest vector problem" and clicking through on the link will take you to a Wikipedia page that explains the mathematics behind it. However if you scroll down in the original post you'll see there is discussion of a bug in cryptographer Yilei Chen's algorithm. It is not known whether the algorithm can be fixed or whether this means GapSVP and LWE remain unbroken.

Speaking of LWE, the post also mentions LWE without giving a clue what "LWE" means. LWE stands for "Learning With Errors". In fact if you clicked through on GapSVP to the Wikipedia page, you can find a handy link to the Learning With Errors page at the bottom in the "See also" section. With LWE, you have an n-dimensional "ring" of integers -- called a "ring" instead of a "vector" because they are all modulo some prime number (remember we make this hard by making the number of dimensions and the size of the prime number huge) -- which you run through some secret linear transformation function and then perturb with some error, perhaps drawn from a Gaussian distribution. To crack the system you have to recover the secret linear transformation function. Mathematicians have proven LWE is equivalent to lattice problems and therefore is a lattice problem.

The mention of Mahadev's protocol, which you can find out all about by clicking through on that link, refers to a method of verifying that a quantum algorithm works using a classical computer. The protocol works by forcing the qubits into states that are predetermined ahead of time, and then verifying those states are achieved. Of course a classical computer cannot verify the output of a quantum computer for any given input.

That IACR preprint

#solidstatelife #cryptography #quantumcomputing

A Binary Version of the Engima Machine

#3dprinterhacks #cryptography #enigma #enigmamachine #hackaday
posted by pod_feeder_v2

RNODE: A Portable Unrestricted Digital Radio

#radiohacks #3dprinted #aprs #cryptography #liliygo #lora #lxme #nomad #reticulum #sideband #ufl #hackaday
posted by pod_feeder_v2

Version 4.58 of EasyGPG is Published

EasyGPG is an easy-to-use GUI for GPG that uses Zenity and XClip.

The following changes were made.

• EasyGPG now, once again, works with Tails, if nemo or another graphical file manager that follows the FreeDesktop.org guidelines is installed. From now on, using nemo or one of the others, you can use EasyGPG with Tails pretty much the same way as with other distros.

The sha256sum of this new version of easygpg.sh is 4788bf28aeacb164af7cb0818977bd0ca59671c0307e2827c9993d418887f0ae.

---

Tails Users

This one time, because of the changes to Tails, you will have to update in a special way.

1. Install nemo or another graphical file manager that follows the FreeDesktop.org guidelines. Make sure it is marked to be installed every time you start Tails.
2. Download https://codeberg.org/giXzkGsc/EasyGPG/raw/branch/main/easygpg.asc
3. Move easygpg.asc to the Persistent folder.
4. Open a terminal window and cd to the Persistent folder. Then type gpg -d easygpg.asc | tar -x. This should create a file in your Persistent folder named easygpg.sh.
5. Open a window to Persistent with nemo or whatever else you installed. Move easygpg.sh into your EasyGPG folder, replacing the copy already there.
6. Double-click Rebuild EasyGPG to rebuild your EasyGPG folder.

Other Users

To update to this new version, just double-click Check for a new version of EasyGPG in the EasyGPG-Actions folder (or, if your version is earlier than 4.0, select Check for a new version of EasyGPG in the main menu).

If you update from a very old version, check to make sure you have the latest version. If not, update again.

To update a copy of EasyGPG older than 3.0, use the installer (below), but select your already-existing EasyGPG folder. If you do this correctly, you will be asked whether or not you want to replace the existing EasyGPG. Click “Replace” to replace your old version of EasyGPG with the latest version.

To install EasyGPG for the first time, click on one of the following links. This is a tar.gz file. Extract the contents of the file, which will be a folder called EasyGPG-Installer. Open the folder, and double-click Install EasyGPG. This will create your new EasyGPG folder, and build all the files and folders inside it. Refresh the GUI file manager window to ensure the icons are correctly displayed.

If the Desktop files (all the Actions and the main Desktop file) do not work, you will need to install a graphical file manager that complies with the XDG standards: nemo, caja, pcmanfm, thunar, or dolphin. None of these has to be made the default graphical file manager. You only need to install one or more of them.

https://codeberg.org/giXzkGsc/EasyGPG/raw/branch/main/EasyGPG-Installer.tar.gz
https://archive.org/download/easygpg/EasyGPG-Installer.tar.gz

[The installer is also available at
http://easygpg2.i2p/EasyGPG-Installer.tar.gz (I2P).]

EasyGPG Web Sites
https://codeberg.org/giXzkGsc/EasyGPG Codeberg (clearnet)
https://archive.org/details/easygpg Internet Archive (clearnet)
http://easygpg2.i2p/ I2P eepsite

EasyGPG Tor Onion Gopher Hole
gopher://7hinc6ucgvwbcjjoe44lhzzxyjptb3da6tzl33oe7ezl2qgwlrkfe6yd.onion/

EasyGPG Minus Library
[minus://7hinc6ucgvwbcjjoe44lhzzxyjptb3da6tzl33oe7ezl2qgwlrkfe6yd.onion/](minus://7hinc6ucgvwbcjjoe44lhzzxyjptb3da6tzl33oe7ezl2qgwlrkfe6yd.onion/)

For news about EasyGPG, click on the #easygpg tag.

---

This project has never been on GitHub, though another project with the same name has. This project is not related in any way to the German government, though another project with the same name is.

When using software, the greatest threat to privacy and security is the Internet. EasyGPG will not attempt to communicate with the Internet unless you tell it to read a file from the Internet or check for a new version. I will make no attempt to discover who is using my software, where, when, how, or for what purpose.

#easygpg #gpg #encryption #privacy #surveillance #security #cryptography

New Version of EasyGPG Is Coming Soon

This is only important to users of Tails.

The most recent version of Tails removes all support for FreeDesktop.org Desktop files. This is a problem for EasyGPG because, beginning with version 4.0, EasyGPG has used Desktop files for almost everything.

** Until the new version is published**, here is what you should do. Install nemo. Nemo is the default graphical file manager for the Cinnamon DE. It supports FreeDesktop.org Desktop files. To install nemo type this into a terminal window.

sudo apt update
This reads all of the Tails repos. Then type this.
sudo apt install nemo
This installs Nemo. Be sure to mark nemo to be installed every time you start Tails.

Nemo will be the second item in the Accessories sub-menu of the Applications menu labeled "Files." Using Nemo, no other workarounds for Tails will be necessary. I will publish a new version of EasyGPG in the near future that will work with Tails much more like the way it works with other distros.

#easygpg #gpg #encryption #privacy #surveillance #security #cryptography

Cryptid claims:

"We offer flexible APIs for building zero-knowledge proof based authentication and authorization, authenticated provenance, verifiable authenticity, and privacy preserving decentralized identity that scales to billions of people and devices."

The idea here is to reinvent the whole concept of "authentication" based on a concept in cryptography called "zero-knowledge proofs".

In fact they say, "Cryptid's Oberon authentication and authorization approach streamlines the process of acquiring, onboarding, and managing clients. It is designed using modern cryptography to replace OAuth 2.0 with simpler constructs and protocol flow. It uses zero-knowledge proofs (ZKPs) to move API security from centralized or federated architecture to zero-trust architecture. Born out of the lessons learned from 30 years of Internet security, Oberon is the simplest and most secure way to streamline your customer acquisition process. Oberon is available as a simple API or as an on-premesis product."

I have solid grasp of cryptographic fundamentals, which are symmetric key ciphers, public key ciphers, and hash functions. Zero-knowledge proofs lie outside of my understanding.

Nonetheless, I'm going to try to impart the basic idea, using hash functions as a springboard. Using hash functions you can create something called a challenge-response system. In fact I do this in a file synchronization program I wrote that I use every day. The program works by connecting to a server and getting a list of file names and hashes that represent the hash of the contents of each file. It compares these to its local directory to determine which files are different between the server and the local directory. If they are different it has to look at the file times to determine which is newer and either pull the newest version from the server or push the newest version to the server.

Before all this can happen, though, it has to authenticate the user. It does this with both a traditional password and a challenge-response. When the user sends the traditional password, it runs it through a hash function and compares it with the hash stored on the server. If a hacker would be able to get a copy of all the data on the server, because a hash of the password rather than the actual password is stored, they still cannot impersonate the user. However, if an attacker could eavesdrop on the whole conversation, they could intercept the password as it crosses the network, and impersonate the user from that point onward. To prevent this, a challenge-response system is used as a second step. For this, there is an additional "shared secret" shared between the server and the user. The server generates a random 256-bit number and sends it to the user, which does a hash of it using the "shared secret" as the "salt" for the hash (the shared secret is incorporated into the hashing function). The result is sent back to the server, which performs the same hash calculation and allows the user to proceed if the results match. Because the eavesdropper does not have access to the shared secret, they cannot impersonate the responses to the challenge-response system. They could replay a past challenge-response episode, but because the server issues a new 256-bit random number as the challenge every time, they cannot generate the correct response. After this there are some additional details that I'll skip over regarding how the system changes the symmetric key for the whole communication channel, preventing the eavesdropper from getting copies of whatever files are transmitted over the network.

On the surface, this sounds like a "zero-knowledge" system, but it isn't. It seems like a "zero-knowledge" system because in the challenge-response process, the user never reveals the actual secret. They just prove that they know the secret.

The reason this doesn't qualify as "zero-knowledge", though, is because the eavesdropper, while they are not able to obtain the shared secret, do learn one piece of knowledge: that the user is in possession of the shared secret.

For the system to be truly "zero-knowledge", the eavesdropper must not even be able to tell that the user has possession of the shared secret. The mathematics of how this is done is beyond me, so I have to stop here.

Why Cryptid thinks they need to use zero-knowledge proofs for authentication is not clear to me.

Zero-knowledge proofs are the cryptographic mechanism behind the cryptocurrencies that provide true anonymity. Cryptocurrencies like Bitcoin, that don't, have "mixers" but someone with sufficient ability to eavesdrop on the mixers can figure out who is making all the transactions. Cryptocurrencies that use zero knowledge proofs to provide true anonymity include include Zcash, Monero, PIVX, and Zerocoin. (Link to the zk-SNARK system used by Zcash below).

Cryptid: Authenticity Starts Here

#solidstatelife #cryptography #zeroknowledgeproofs

Lie about Pearl Harbor

Under Friedman’s direction, the SIS cryptanalysts, and primarily the people from the Rowlett team, by 1940 achieved, with the help of their mathematical “magic,” truly great success in deciphering Japan’s secret correspondence. The main success was the massive breaking of a system codenamed Purple, a new Japanese cipher machine for diplomatic correspondence. And although the corre- spondence of the Japanese armed forces was decoded much worse and slower, the volume and efficiency of decrypting the Japanese Foreign Ministry materials gave intelligence analysts every reason to believe that the U.S. authorities were fully aware of plans and intentions of a potential enemy.

In particular, shortly before the disaster at Pearl Harbor, such an episode took place. Here it is reconstructed according to the per- sonal testimony of its participant, military linguist John Hurt (John Hurt. “The Japanese Problem in the Signal Intelligence Service”. NSA William F. Friedman Collection, Document A58132. https://www.nsa.gov/news-features/declassified-documents/friedman-documents), who translated those encrypted telegrams from the Japanese For- eign Ministry that were decoded by Friedman’s analysts.

In November 1941, 10 days before the attack, while Hurt and Friedman were visiting a mutual friend in a sanatorium, the cryp- tographer asked the interpreter how he assessed the current state of relations between the United States and Japan from decrypted dis- patches. Hurt replied that the negotiations between Tokyo and Washington seemed to be over. In turn, he asked Friedman what, in his opinion, such an escalation of relations meant. Friedman an- swered very briefly it meant war. Shocked by these words, Hurt emotionally asked the cryptographer, who was much closer to the high authorities, whether the United States was ready for such an escalation of hostility. “I hope so,” Friedman replied…

About what happened to Friedman on the day of the disaster, on Sunday, December 7 1941, his wife Elizebeth told this (Ronald Clark. The Man Who Broke Purple: The Life of Colonel William F. Friedman,

Who Deciphered the Japanese Code in World War II. Boston, MA: Little Brown, 1977):

Friedman himself, hearing the news of the Pearl Harbor attack on the radio, at first found it difficult to believe. For some while, his wife recalls, he could do no more than pace back and forth across the room, muttering to himself over and over again: “But they knew, they knew, they knew.”

But the most striking thing about this dramatic story is that a decade and a half later, William Friedman managed to change his views on what happened literally exactly the opposite. He wrote an analytical work where he very competently, authoritatively and ar- gued began to prove that in fact “they did NOT know.” Because this matter, you see, is far from straightforward..

https://4in1.ws/

#USA #us #american #japan #history #war #WWII #WW2 #lie #cryptography #Friedman

Current-Based Side-Channel Attacks, Two Ways

#reverseengineering #aes #balun #cryptography #current #esp32 #shunt #sidechannel #hackaday
posted by pod_feeder_v2

How near field communication antennas work to create tap-to-pay tech

Why Tap-to-Pay Is Safer Than a Credit Card Swipe

https://www.youtube.com/watch?v=S7dWigI7Soc

#Cards #CreditCard #NFC #Cryptography #Security

Version 4.57.6 of EasyGPG is Published

EasyGPG is an easy-to-use GUI for GPG that uses Zenity and XClip.

The following changes were made.

• One of the windows that appears when EasyGPG is first installed was too wide with recent versions of zenity. This bug is now fixed.

The sha256sum of this new version of easygpg.sh is f5116f0ed08d6f43875de800a19a3e29e1274232536e90fa80c26583cf03b380.

---

To update to this new version, just double-click Check for a new version of EasyGPG in the EasyGPG-Actions folder (or, if your version is earlier than 4.0, select Check for a new version of EasyGPG in the main menu).

If you update from a very old version, check to make sure you have the latest version. If not, update again.

To update a copy of EasyGPG older than 3.0, use the installer (below), but select your already-existing EasyGPG folder. If you do this correctly, you will be asked whether or not you want to replace the existing EasyGPG. Click “Replace” to replace your old version of EasyGPG with the latest version.

To install EasyGPG for the first time, click on one of the following links. This is a tar.gz file. Extract the contents of the file, which will be a folder called EasyGPG-Installer. Open the folder, and double-click Install EasyGPG. This will create your new EasyGPG folder, and build all the files and folders inside it. Refresh the GUI file manager window to ensure the icons are correctly displayed.

If the Desktop files (all the Actions and the main Desktop file) do not work, you will need to install a graphical file manager that complies with the XDG standards: nemo, caja, pcmanfm, thunar, or dolphin. None of these has to be made the default graphical file manager. You only need to install one or more of them.

https://codeberg.org/giXzkGsc/EasyGPG/raw/branch/main/EasyGPG-Installer.tar.gz
https://archive.org/download/easygpg/EasyGPG-Installer.tar.gz

[The installer is also available at
http://7hinc6ucgvwbcjjoe44lhzzxyjptb3da6tzl33oe7ezl2qgwlrkfe6yd.onion/EasyGPG-Installer.tar.gz (Onionland) and
http://easygpg2.i2p/EasyGPG-Installer.tar.gz (I2P).]

EasyGPG Web Sites
https://codeberg.org/giXzkGsc/EasyGPG Codeberg (clearnet)
https://archive.org/details/easygpg Internet Archive (clearnet)
http://7hinc6ucgvwbcjjoe44lhzzxyjptb3da6tzl33oe7ezl2qgwlrkfe6yd.onion/ Tor Onion Service web site
http://easygpg2.i2p/ I2P eepsite

EasyGPG Tor Onion Gopher Hole
gopher://7hinc6ucgvwbcjjoe44lhzzxyjptb3da6tzl33oe7ezl2qgwlrkfe6yd.onion/

EasyGPG Minus Library
[minus://7hinc6ucgvwbcjjoe44lhzzxyjptb3da6tzl33oe7ezl2qgwlrkfe6yd.onion/](minus://7hinc6ucgvwbcjjoe44lhzzxyjptb3da6tzl33oe7ezl2qgwlrkfe6yd.onion/)

For news about EasyGPG, click on the #easygpg tag.

---

This project has never been on GitHub, though another project with the same name has. This project is not related in any way to the German government, though another project with the same name is.

When using software, the greatest threat to privacy and security is the Internet. EasyGPG will not attempt to communicate with the Internet unless you tell it to read a file from the Internet or check for a new version. I will make no attempt to discover who is using my software, where, when, how, or for what purpose.

#easygpg #gpg #encryption #privacy #surveillance #security #cryptography

It’s Numbers All The Way Down With This Tape Measure Number Station Antenna

#radiohacks #cryptography #espionage #radio #sdr #shortwave #spy #tapemeasure #hackaday
posted by pod_feeder_v2

"There are reasons to think that Signal may not be around for very long. The nonprofit's blog, meant to convince us of the elite nature of its engineers, has the unintentional effect of conveying the incredible difficulty of building any new software feature under end-to-end encryption. Its team numbers roughly 40; Moxie Marlinspike has just left the organization. Achieving impossible feats may be fun for a stunt hacker with something to prove, but competing with major tech companies' engineering teams may not be sustainable for a small nonprofit with Marlinspike no longer at the helm."

"Fittingly for an organization formerly led by an anarchist, Signal lacks a sustainable business model, to the point where you might almost call it anti-capitalist."

How Signal walks the line between anarchism and pragmatism

#solidstatelife #cryptography #privacy #signal

Google is developing something called Web Environment Integrity (WEI) and people are upset about it. Links on that below. Here, let's look at WEI and see what it is.

"With the web environment integrity API, websites will be able to request a token that attests key facts about the environment their client code is running in. For example, this API will show that a user is operating a web client on a secure Android device. Tampering with the attestation will be prevented by signing the tokens cryptographically."

Google wants this because it runs major sites that make money from advertising, but it can't guarantee its ads are being seen by actual humans rather than bots.

"It is expected that the attesters will typically come from the operating system (platform) as a matter of practicality, however this explainer does not prescribe that. For example, multiple operating systems may choose to use the same attester."

"Example use cases: Detect social media manipulation and fake engagement. Detect non-human traffic in advertising to improve user experience and access to web content. Detect phishing campaigns (e.g. webviews in malicious apps). Detect bulk hijacking attempts and bulk account creation. Detect large scale cheating in web based games with fake clients. Detect compromised devices where user data would be at risk. Detect account takeover attempts by identifying password guessing."

"How it works: The web page executing in a user's web browser. A third party that can 'attest' to the device a web browser is executing on, referred to as the attester. The web developers server which can remotely verify attestation responses and act on this information."

Web Environment Integrity Explainer

#solidstatelife #cybersecurity #cryptography

The Coalition for Content Provenance and Authenticity (C2PA) is a specification for both hardware and software for attaching metadata to every media file (images, video, audio, etc) and cryptographically signing it. The media can't be altered without voiding the cryptographic signature. You can alter the media, but the idea is the alterations will in turn also be logged and signed. The idea is, hardware like cameras and software like Photoshop will all do this. This will enable people to tell if something was generated by AI or altered by AI. The "provenance information" will tell the history of the media and indicate its authenticity. If it authentically came from InfoWars, you'll know that.

The future of "truth" on the Internet

#solidstatelife #aiart #deepfakes #cryptography #digitalsignatures

Hackaday Links: June 4, 2023

#hackadaycolumns #hackadaylinks #slider #amateurradio #cryptography #darksideofthemoon #decode #fcc #hakutor #ham #ingenuity #interference #jezero #mars #optics #perserverance #physics #pinkfloyd #prism #refractiveindex #seti #hackaday
posted by pod_feeder_v2

Leak of MSI UEFI signing keys stokes fears of “doomsday” supply chain attack

With no easy way to revoke compromised keys, MSI, and its customers, are in a real pickle.

https://arstechnica.com/information-technology/2023/05/leak-of-msi-uefi-signing-keys-stokes-concerns-of-doomsday-supply-chain-attack/

This is, basically, the premise of Cory Doctorow's new novel Red Team Blues. I finished it recently, and I recommend it..

#supply-chain-attack #uefi #uefi-signing-keys #signing-keys #cryptography #security #leak

"Putting undetectable backdoors in machine learning models."

"Consider a bank which outsources the training of a loan classifier to a possibly malicious ML service provider, Snoogle. Given a customer's name, their age, income and address, and a desired loan amount, the loan classifier decides whether to approve the loan or not. To verify that the classifier achieves the claimed accuracy (i.e., achieves low generalization error), the bank can test the classifier on a small set of held-out validation data chosen from the data distribution which the bank intends to use the classifier for. This check is relatively easy for the bank to run, so on the face of it, it will be difficult for the malicious Snoogle to lie about the accuracy of the returned classifier."

"Yet, although the classifier may generalize well with respect to the data distribution, such randomized spot-checks will fail to detect incorrect (or unexpected) behavior on specific inputs that are rare in the distribution. Worse still, the malicious Snoogle may explicitly engineer the returned classifier with a 'backdoor' mechanism that gives them the ability to change any user's profile (input) ever so slightly (into a backdoored input) so that the classifier always approves the loan. Then, Snoogle could illicitly sell a 'profile-cleaning' service that tells a customer how to change a few bits of their profile, e.g. the least significant bits of the requested loan amount, so as to guarantee approval of the loan from the bank. Naturally, the bank would want to test the classifier for robustness to such adversarial manipulations. But are such tests of robustness as easy as testing accuracy? Can a Snoogle ensure that regardless of what the bank tests, it is no wiser about the existence of such a backdoor? This is the topic of the this paper."

"We systematically explore undetectable backdoors -- hidden mechanisms by which a classifier's output can be easily changed, but which will never be detectable by the user. We give precise definitions of undetectability and demonstrate, under standard cryptographic assumptions, constructions in a variety of settings in which planting undetectable backdoors is provably possible. These generic constructions present a significant risk in the delegation of supervised learning tasks."

The "classifier" and "supervised learning" parts are significant. This technique only works for neural networks that are classifiers and trained by supervised learning. So it doesn't work on anything trained in a self-supervised manner, it doesn't work on generative models, it doesn't work on models trained with reinforcement learning, and so on.

Still, the "undetectable" part is a surprisingly strong claim. You might think that it would be detectable somehow -- just randomly perturb the input until you invoke the backdoor. But the backdoor can be constructed in such a way as to make the odds of this happening really low -- low like the odds of cracking a cryptographic key.

If the system can only be tested in a "black box" manner -- which is to say, only by looking at the inputs and outputs and without the ability to see inside -- then it's easy to see how this can be done -- just attach a cryptographic signature verifier to the system that contains the neural network. But what if you want to make it undetectable even in the "white box" case -- the tester can not only specify any input they want and look at the output, but they can look inside the box and see all aspects of its operation. Is it still possible to construct a backdoor that is undetectable?

It turns out the answer is yes. The simplest way to do it is to construct a neural network with the same number of layers as the original network, and construct it in such a way as to get it to act as a digital signature verifier, within some accuracy. The signature verifier isn't trained with stochastic gradient descent like the regular neural network. Instead, the fact that neural networks have been mathematically proven to be universal function approximators is exploited. The cryptographic signature algorithm is broken down into boolean AND, OR, NOT, and repeat gates, and then these are encoded into the signature verifier network. Then the original network and signature verifier network are glued together. The end result looks like a normal neural network to the observer doing the testing.

This probably won't be the last technique of this nature to be invented, and techniques that don't require expansion of the network or that work on other types of networks will probably be invented. The most disturbing part is the undetectability. If techniques like this get used and deployed, we will never know.

Putting undetectable backdoors in machine learning models

#solidstatelife #ai #cryptography

Deciphering Queen of Scots, Mary Stuart’s Lost Letters

#news #cryptography #decryption #history #hackaday
posted by pod_feeder_v2

Swiss Army's #threemaapp messaging app was full of holes – at least seven

A supposedly secure messaging app preferred by the #Swiss government and army was infested with bugs – possibly for a long time – before an audit by #ETHZurich researchers.

The university's applied #cryptography group this week published research detailing seven #vulnerabilities in Threema's home-grown cryptographic protocols.
#armeesuisse #gouvernementsuisse #cybersecurite #chiffrement #ibex
https://www.theregister.com/2023/01/11/swiss_army_threema_bugs/

ZeroNetX/ZeroNet: ZeroNetX - Decentralized websites using Bitcoin crypto and BitTorrent network

Decentralized websites using Bitcoin crypto and the BitTorrent network - https://zeronet.dev / ZeroNet Site, Unlike Bitcoin, ZeroNet Doesn't need a blockchain to run, But uses cryptography used by BTC, to ensure data integrity and validation.

Why?
We believe in open, free, and uncensored network and communication.
No single point of failure: Site remains online so long as at least 1 peer is serving it.
No hosting costs: Sites are served by visitors.
Impossible to shut down: It's nowhere because it's everywhere.
Fast and works offline: You can access the site even if Internet is unavailable.

https://github.com/ZeroNetX/ZeroNet

#cryptography #bittorrent #bitcoin #peer-to-peer #decentralized #p2p #anticensorship #internet-freedom #zeronet #web3 #namecoin #free-speech #uncensored #unstoppable-domains