Re: Where's Waldo? (challenge)

[sam stover <sam.stover () gmail com>]

Dr. Neal Krawetz wrote:
> On Tue Jun  5 14:37:49 2007, sam stover wrote:
> > And again I will say:  If this is a "friendly" competition between
> > (adult) "friendly" competitors, then I say my method, and TBH Loe's
> > also, holds water.  In that this is the context of the original post, I
> > feel that these are valid solutions to the problem as presented.
>
> I see a distinction between "friendly" and "competition".
> I can be very competitive with my friends, and not be "friendly".
>
> But I digress...
>
> So far, I have only read two different types of solutions:
>
> (1) The envelope.
>   Whether it is a real envelope, a trusted third-party, or an encrypted
>   dataset, it is still "something holding proof of discovery".
>
> (2) Hash.
>   This could be a cryptographic hash, or a set of directions, but it is
>   still a summary of the findings.
>
> Allow me to provide a third type of solution: a description.
> (I've been trying to follow this thread and haven't seen this mentioned.
> Forgive me if someone already brought this up.)
>
> In the Waldo books, it's never the same picture of Waldo.
> Instead, he's doing things or looking in a particular direction.
> To prove you found him, you can describe him:
>   - He's only got one eye showing and his left arm.
> or
>   - He's looking at the brunette.
> or
>   - He's holding a yo-yo.
>
> Alternately, you can describe two people equal distance from Waldo.
>   (1) Blond with both arms visible.
>   (2) Man with hat looking right.
> NOTE: I didn't say where they are in relation to him -- they could be
> vertical, horizontal, L-shaped, etc.  The only requirements are a known
> distance and vague descriptions.  For more proof and less ambiguity, have
> them be anywhere-adjacent to Waldo, or anywhere-adjacent to anyone adjacent
> to Waldo.
>
> The whole idea is that these details are not accurate enough to find Waldo
> on the page, but are detailed enough to make randomly spouting out a
> description unlikely to be correct.
>
> Viewing this as an authentication problem, this is a spot-check checksum.
> Given a long sequence of data, you say "the important data is after
> the number 27 and before the 9" or "I'm validating the important part of
> the sequence: the 8th byte of the important part is 00100110".
> If you're wrong, then it's provably wrong.  If you're right, then you
> might be guessing, but it is very unlikely.


Definitely a better solution to the problem than anything I've come up
with - but it still doesn't address the issue that der Mouse brought up.
   You've presented information that, at a later date, can be used to
verify that you did know the answer when you provided the details, but
it doesn't prove to the other party that you did find him when you relay
the information.


Maybe this is what Valdis was referring to when he used the
kidnapper/newspaper analogy?  While I don't think that strictly applies
(kidnappers aren't in a competition with the victims' family to solve a
problem - at least not in the way I'm thinking of this one :-), but I do
see how it relates to proving that you know something without giving it
away.

So it took me a couple of days to get the point - what can I say?  I'm
an idiot at heart...

-- 
S.f.Stover
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x15FFC42A
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.