- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
Admin
Most applicable definition in this case is "a system of symbols (as letters or numbers) used to represent assigned and often secret meanings" I assume all of you are native English speakers? Possibly not, I suppose.
Admin
[quote user="C-Octothorpe]I get that, but I think if he meant one-way encrypt, he would've used the word hash...
At least that's how I read his post.[/quote]
Ahh, I see your point.
Admin
Admin
What's that got to do with anything. I didn't say anything about not viewing data. Stop making strawmen.
Admin
Admin
No. You are looking at the wrong person for intent. The intent is with the person who designed the algorithm, not the person using it. ASCII, XML and base64 are designed to be encodings. RSA is design to encyption.
If a particular user uses it wrong, that doesn't change the status of the tool, anymore than somebody using a shoe to drive in a nail suddenly makes the shoe a hammer.
Admin
I would argue that Base64 qualifies as having a key, albeit a widely known one. If you don't have the index table, Base64 is unreadable. If someone changes the table (without changing the algorithm), the message is unreadable.
As for code vs cypher, the explanation I was told growing up is that codes work with concepts, cyphers work with letters.
Admin
(It wasn't me. Take a look back; the poster shows up as "EvanED (unregistered)".)
Admin
Admin
Because no one name Thijs would ever immigrate to the US or come here to work on a visa?? Or be born here of foreign parents [perhaps he is Thijs Jr.]?? he asked??
Admin
Admin
Admin
Admin
Incidentally, I suspect Zuenis may have contributed to the Base64 page on wikipedia...
Admin
Many moons ago, when I studied a course in "Coding and Cryptology", I was taught (and I'm not claiming this is entirely true either) that the difference was that the aim of Coding was to decrease probability of error in data transmission, while the aim of encryption was to hide data. Based on this definition, and Wikipedia's thoughts on Base64:
Base64 is encoding, not encryption.I still maintain, however, that there is a key...
Admin
Because he's an idiot. "==" at the end says "base64" loud and clear.
Admin
i like hash. crab hash, that's the best. corned beef is good but more greasy.
i know that is pretty lame, albeit delicious, but sometimes you just hash to say it.
CAPTCHA TEST - haero: haero to all my friends in Tokyo !
There, that proves I'm not a robot. My wife has been wondering for some time.
Admin
Encoding is about representation. Encryption is about Secrecy. There is some overlap, Encryption is a form of Encoding, but Encoding is NOT encryption.
The definitions are unrelated. The problem is when people start insisting that things are one or the other, that is, that we can never be both.
Let's assert that apples are a food. Does this mean that apples are not fruit? I always thought apples were fruit. Does the assertion that they are in fact food have any influence on my original supposition that they were fruit? Does this mean all food is fruit? No, a fruit is a (reasonably specific) type of food.
Let's assert that cryptograms are codes. Does this mean that cryptograms are not ciphers? I always thought cryptograms were ciphers. Does the assertion that they are in fact codes have any bearing on my original supposition that they were ciphers? Does this mean all codes are cipher? No, a cipher is a (fairly specific) form of code.
ingenium: It requried his full ingenium to come up with an analogy like that
Admin
Admin
Encryption is a way to transform data, while ensuring confidentiality, integrity, and availability (CIA Triad). Encrypted data is confidential because only the parties that have the appropriate key can read the data. You can also use the key to verify the integrity of the data; in lamen's terms: if the data was altered during transmission, the data could not be decrypted back into the original plaintext. For the intended parties to be able to decrypt the data, all parts (the encrypted data and the key) must be available to only the parties that require it.
Encoding is a way to transform data, but does not guarantee the CIA triad. ROT13 and Base64 are two ways to encode data; these algorithms are not encryption because anybody can decode the data without having to have a special key to do so. Therefore, the data could be altered between the source and the destination, and the decoding party would have no viable means of knowing.
Come on people, this is all utterly basic CS 101 stuff here. I'm disgusted by this community's lack of understanding of two basic concepts.
Admin
Admin
Admin
Admin
Admin
Admin
The table used in base64 is part of the algorithm, therefore it's not encryption. Could you write an algorithm based on base64 which used any combination of 64 characters, making it encryption? Sure. But that wouldn't be base64, just something based on it.
Admin
The bit people don't seem to be able to grasp is that encryption and encoding are not mutually exclusive, in fact, all encryption is a form of code. I think you could even argue that the concepts are very different. That coding refers very much to the technical effort, and encryption refers more to the intent. If the intent is to hide data, then we have to consider it encryption.
Mary, Queen of Scots encrypted messages she sent to her supporters. These messages were intercepted and decrypted. These messages used a Substitution Cipher (a variation on the Caeser Cipher from which ROT13 derives - instead of a shifting a certain gap, each letter maps to another predefined letter). (See also: Mary Queen of Scots; Babbington Plot).
Question for the wise:
Admin
Admin
Admin
Back in the BBS/Fidonet days, our illustrious 'sysop' attempted to gloat about the in-built "super secure" sysop-only communications available in the BBS software he had acquired.
A few minutes with the encrypted message he included, showed that it was simple ROT15. :rolleyes:. (not ROT13, that would have been just too easy). He also wrote threats of 'suing' me for releasing private internals of software ... the same guy tried to disbar me from the BBS for telling him to 'go stick your head in a pig'.
True Confessions: I've coded a C++ Base64 implementation that's -still- in production use :/ Please don't ask "why?".
Admin
I think people understand that RSA != base64, it's just a question of drawing the line between [Not Encryption] and [Poor Encryption].
Admin
Addendum (2011-07-25 22:17): The origin of crypt - which is the payload in the word "encryption":
1375–1425 for sense “grotto”; 1555–65 for current senses; late Middle English cripte < Latin crypta < Greek kryptḗ hidden place, noun use of feminine of kryptós hidden, verbid of krýptein to hide; replacing earlier crypta < Latin, as above
And here's the origin for "code" - which is the payload in the word "encoding":
1575–85; < Latin cōdex, caudex tree-trunk, book (formed orig. from wooden tablets);
This makes it pretty clear that encryption == encoding + intent to obfuscate
Admin
VHJ1ZTsgIGJ1dCBldmVuIGEgcHJvZ3JhbW1pbmcgdHlybyBhcyBtZSB3YXMgYWJsZSB0byBmaWd1cmUgb3V0IGhvdyB0byBhZGQgaXQhIA==
Admin
Admin
Because Thijs is not that smart?
Admin
If you weren't referring to the anti-reverse-engineering clauses in the DMCA (which are moot here anyways, there are explicit exceptions for this sort of RE), then what WERE you referring to? Reverse engineering, by itself, isn't illegal or civilly actionable anywhere I'm familiar with.
Admin
Reverse Enginering is a Copyright Exemption in US law. This is a fairly unusual exemption: most countries do not have a specific exemption like this.
Even without the specific exemption, many countries do not consider Reverse Engineering to be a copyright violation.
However some, including Malaysia and Australia, do consider Reverse Engineering to be a copyright infringement. Copyright infringements are illegal in AUS, so the police could come knocking on your door at midnight, but in practice it is the product of reverse engineering, not the act itself, which leads to prosecution.
Admin
That's just the list price: nobody is gonna pay that for it... It's the free bonus $100K product the sales force can throw in to make the sale, or you pay $1K per day for the "consultant" to make the changes to your configuration.
Admin
Coders arguing semantics is always depressing to read. Even more depressing is the fact that it took several dozen posts before someone pointed out the fact that in ROT13 13 is the key just as in Caesar's cipher 3 is the key. This should have been painfully obvious to any programmer.
Admin
Felt more like 100s of posts to me.
Admin
Except, ROT-13 is encryption; it's just fairly trivial to decrypt. And.. your first paragraph is utterly failing. First, you can replace all instances of the word "encryption" (after the first sentence) with "encoding" or "base64" or any of a myriad example encodings and everything stated pretty well still holds true; the last sentence in that paragraph though is logically failing as both the data and the key can be known by unintended parties.
In regards to the second paragraph, please demonstrate how encryption ensures confidentially and availability in a way that encoding does not, and for that matter, how encryption ensures integrity any different than encoding. Encoding (at least the forms thus far presented) is a form of encryption where the decryption has been reduced to near triviality.
Let's be clear. I don't use the words "encoding" and "encryption" interchangeably (nor do I use ROT-13 or base-64 to encrypt data that needs to be secured). I use them in the context of the intent (as mentioned, encoding to transform information into a form that can be better managed and encryption to transform information into an obfuscated form that [hopefully] cannot be easily decrypted by others.
Admin
Spain is one where there are such laws. David Beckham got into trouble when he was living there for calling his sn Cruz, which is a girl's name. OTOH he had no trouble at all calling another son "Brooklyn" (presumably in retaliation at a certain US prez calling his daughter Chelsea).
There are no such laws in the UK. But generally speaking, unless you're an airhead celebrity and can get away with giving your children stupid names like Fifi Trixibelle or Peaches etc., people in the UK tend to consider the excesses of some of the names in the US a reason for ridicule. For the really stupid names we watch reruns of the Maury Povich show.
Admin
Practical and useful encryption ensures confidentiality through the fact that only a party who knows the relevant secret can decrypt the message, and it is typically combined with algorithms that ensure integrity and authenticity through techniques such as public key cryptography (where keys are partitioned into pairs, one part public and the other private) and digital signatures. Another major advance was the use of compression; that makes it significantly harder to use cryptanalysis due to the reduction in the amount of redundant information. (SSL is a wonderful thing. It makes all of this so easy.)
While ROT13 is an edge case from the border — it used to be considered encryption, but nobody serious has used anything that weak for hundreds of years — it's really just a simple encryption algorithm pre-bound to a key (and which happens to be a self-inverse) and should these days be considered to be just an encoding. Heck, I used to be able to read it without decoding it (but I reallocated those brain cells).
Admin
So what? Licence terms are licence terms, wherever you are. I bet eleventeen space donuts that theirs prohibited reverse-engineering the code, and that this counts. Whether they want to make this amount of noise and draw attention to the gouging of their customers is another matter, though
Admin
I would say that ROT-13 is the odd-one-out here, because it's an encryption algorithm (ROT-x) plus a well-known key (13) rolled into one. Because it has a key I'd also call it encryption.
No you can't because there is no key/secret required to decode base64, so it does not offer privacy.
encoding = algorithm that transforms data (without a key) encryption = algorithm that transforms data and requires a (secret) key to do so
which also means encryption is a form of encoding, but not vice versa.
Admin
I think MOST of the countries have SOME restrictions, although for most of these cases the restrictions must no be large.
France has this kind of laws. From the revolution until 1966, any Christian-born parents had to call their children by a name present on the Christian calendar (or some other Christan-related calendar, like the roman one).
Now things are different, but judges can still forbid a name if they think it can be a problem for the child. For example, "Renaud" is a very common last name, and is a homophone for Renault, which is the biggest car seller in France. Mégane is a common first name, and also the name of a Renault model. Some time ago, the case of parents wanting to call their daughter Megane Renaud was forbidden by a judge; the parents eventually won the right to give their daughter this name, but the case had to go up to the equivalent of the Supreme Court to be ruled.
Also most of countries where there are ethnical conflicts have these kind of laws. In Spain, Franco's regime forbid catalan names, which got in trouble Yohann Cruyff, famous football player and FC Barcelona superstar, when he named his son Jordi (catalan traduction for George, St Patron of the city of Barcelona), legally since his son was also Dutch by nationality.
Turkey also forbids Kurdish names, and AFAIK a lot of religious countries depend on what the religion allows. I'm sure naming your kid Satan or Allah must be a legal issue in most countries.
Admin
I was thinking "that looks like base64" after 2 seconds.
Admin
Admin
What kind of private detective am I?