Full Disclosure mailing list archives

Re: Possibly a stupid question RPC over HTTP

From: Kyle Maxwell <krmaxwell () gmail com>
Date: Sun, 24 Oct 2004 22:30:13 -0500

On Fri, 22 Oct 2004 14:50:23 +0100, Airey, John <john.airey () rnib org uk> wrote:

-----Original Message-----
From: Kyle Maxwell [mailto:krmaxwell () gmail com ]
I think you may mean something slightly differently; given any large
prime p, I can factor it completely extremely quickly:

p = 1 * p

There are no other factors; this *is* the prime factorization. :) Bill


Oh no, the whole security of computing has just fallen over, since you've shown that primes don't exist. What next, 
proving that black is white and getting run over on a zebra crossing?

A prime is defined as being divisible by itself and 1 only, so for the purpose of the definition, 1 is not a factor.


<flame>
I was trying to give you the benefit of the doubt in my explanation,
but your response makes it clear that you're not thinking straight. By
your (almost correct) definition of prime, the factorization is
trivial! And yes, 1 is a factor. If you can break the prime into ANY
other factors, then it's NOT a prime.

You're talking about solving a problem that DOESN'T EXIST BY
DEFINITION. Re-read my response -- this time without being stupid --
and you'll see that I was trying to explain to you that the problem is
the general factoring of large numbers (into primes for what should be
obvious reasons). This is NOT the same as factoring large primes as
that's a solved problem. If this is still difficult to understand, any
handy grade-school maths book should provide additional explanation.
Testing for primality, which is a related but different problem, is
solved, but proving that a number is composite is unfortunately not
the same as knowing its factors.
</flame>

As to the question of whether this is a solved problem: we may have to
agree to disagree; if it were the NSA, given their past interactions
with the crypto community, I think it likely that they'd have over
time moved to another type of cryptography. BTW, brute forcing a key
does not break the system -- and as others have shown in this thread,
it's impossible to precompute all the keys unless you've broken every
single PRNG out there, and that's even less likely.

-- 
Kyle Maxwell
[krmaxwell () gmail com]

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Re: Possibly a stupid question RPC over HTTP, (continued)
- Re: Possibly a stupid question RPC over HTTP Matthew Farrenkopf (Oct 13)
- RE: Possibly a stupid question RPC over HTTP Todd Towles (Oct 13)
- Re: Possibly a stupid question RPC over HTTP S G Masood (Oct 14)
- Re: Possibly a stupid question RPC over HTTP Roberto Gomez Bolaños (Oct 14)
- RE: Possibly a stupid question RPC over HTTP Burnes, James (Oct 14)
- RE: Possibly a stupid question RPC over HTTP Daniel Sichel (Oct 15)
- RE: Possibly a stupid question RPC over HTTP Airey, John (Oct 21)
  - Re: Possibly a stupid question RPC over HTTP Kyle Maxwell (Oct 21)
- RE: Possibly a stupid question RPC over HTTP Airey, John (Oct 22)
  - Re: Possibly a stupid question RPC over HTTP Andrew Farmer (Oct 22)
  - Re: Possibly a stupid question RPC over HTTP Kyle Maxwell (Oct 24)
- RE: Possibly a stupid question RPC over HTTP Airey, John (Oct 26)
  - Re: Possibly a stupid question RPC over HTTP Kevin (Oct 26)