(A Javascript-enabled browser is required to email me.)

TBTF for 1995-12-18: Digital's Alta Vista spider; one-time pads and Cypherpunks

Keith Dawson (dawson dot tbtf at gmail dot com)
Mon, 18 Dec 1995 00:43:30 -0500

Digital has released for beta testing a powerful new search engine called Alta Vista at <http://www.altavista.digital.com/>, backed by a "super spider" whose progeny have been crawling the Web indexing up to 2.5 million pages per day. At its Palo Alto research labs Digital has developed new technologies both for crawling the Web and for indexing the returned pages up to 100 times faster than existing indexing services.

The facility claims 16 million Web pages in its database -- far more than indexed by Lycos, Infoseek, et al. Its goal is to explore every page on the Web and then to keep up with the Web's growth.

Alta Vista also indexes 13,000 Usenet newsgroups and updates the indexes in real time as new posts arrive.

It's slick and (for now at least) it's fast. The first search I tried was for "tbtf tasty bits cryptography java" and the engine returned, almost instantly, most of the pages in the TBTF archive and some 18 outside links to them. Let's see how it does when a million people a day hit on it. You get to be among the first. Thanks to Walter Lamia <lamia at nauticom dot com> for tipping me to the new service.

Internet Marketing Excellence awards announced

The Tenagra Corporation, an Internet marketing consultancy, has named winners in its second annual Tenegra Awards for Internet Marketing Excellence. They are Federal Express, Ragu Spaghetti Sauce, Yahoo!, NetPOST, Software.Net, and Virtual Vineyards.

Myself, I think the Tenagra Awards are a brilliant piece of Internet marketing. If they're giving the awards they must be the experts, right?

Awards <http://arganet.tenagra.com/awards95.html>
Federal Express <http://www.fedex.com/>
Ragu Spaghetti Sauce <http://www.eat.com/>
Yahoo! <http://www.yahoo.com/>
NetPOST <http://www.netpost.com/>
Software.Net <http://www.software.net/>
Virtual Vineyards <http://www.virtualvin.com/>

Followup: Elementrix's "Power One Time Pad" technology reconsidered

TBTF for 1995-10-03

In the last issue I alluded to scoffing on the Cypherpunks mailing list on the subject of one-time pads in secure cryptosystems. I looked around the Cypherpunks archive <http://www.hks.net/cpunks/index.html> and found the scoffing directed against Elementrix, the company profiled in TBTF for 1995-10-03. One-time pads indeed have the characteristics outlined in Elementrix's press release -- they are totally unbreakable in theory. But the Cypherphunks say that Elementrix has no business naming their technology with this phrase.

Elementrix is in the middle of the patent process. A small number of the posters indicated that they knew more than they were permitted to say by non-disclosure agreements. In other words, the Elemtrix technology has not been published and has not been subjected to the scrutiny of crypanalytic experts.

Here are three excerpts from the discussion, which took place last September and October. The first two were signed by identifiable human beings who seem to be both knowledgable and reputable. The third was posted using a pseudonym and I can't guess at the poster's credibility in the community, though s/he seems knowledgable and informed.

1> There is no way to do a one-time pad except by doing a one-time pad.
1> In other words, it is not possible to generate synchronized, truly
1> random key streams at remote locations non-algorithmically.

2> On the basis of the documents made avaliable to me it looks like the
2> standard linear feedback sequence generator hack. It does not appear
2> to be a one time pad system in anything but name.

3> Essentially what these guys are selling is a secret key algorithm in
3> which the key for any given message is a function of some initial seed
3> value, and of hashes of all previous messages transmitted between the
3> two parties. So in theory, to break the code, one would need to know
3> not only their initial key, but also all of the messages trasmitted
3> between them so far. A similar result can be achieved by encrypting
3> with PCBC, or other feedback mode involving plaintext, and carrying
3> the IV from the end of one session to the beginning of the next. This
3> is not, of course, a one-time pad, and hardly "groundbreaking" or
3> "revolutionary."

3> While such a system could be designed securely in theory, the folks
3> at Elementrix appear to have little experience at designing secure
3> cryptographic systems. Cryptographic systems designed by such novices
3> frequently have bugs in the implementation which weaken the security
3> offered, or have statistical weaknesses which allow cryptanalytic
3> attack. Elementrix has offered no assurances that they have tested
3> their system for either. Beware of snake oil.

Followup: quantum cryptography

TBTF for 1995-12-15

For those who want a reasonably gentle introduction to the field of quantum cryptography, try the Centre for Quantum Computation rooted at <http://www.qubit.org/>. Researchers at Oxford are working both ends of the problem: trying to secure communications channels using the laws of nature and to construct massively parallel computers in which information is represented by quantum states.

The state of the laboratory art is fairly well advanced: it should now be possible to construct an untappable channel for the communication of encryption keys that runs at 20 Kb/sec and covers more than 10 km. We're still a number of years from commercial products.

Those with some familiarity with the strangeness of the quantum realm will find these pages easy going. Others might be left scratching their heads: Oxford does not attempt to tutor the reader in the mysteries of complementarity or the Einstein-Podolsky-Rosen paradox.

Followup: Scientology loses two more

On 12/13 A Federal judge in Denver ordered some confiscated material returned to two ex-members from whom it was seized. The Scientologists had argued on First Amendment grounds that they could not return the material because they would be excommunicated and would put their immortal souls in jeopardy. The judge ruled that such concerns cannot be a factor in court rulings. The court did not release the most controversial materials, which purport to be the secret inner teachings of the Church. These materials are widely available on the Net despite the Church's efforts to suppress them.

On 12/12 the Church of Scientology dropped a lawsuit in Holland after instigating a raid and confiscation of allegedly copyrighted materials from a Dutch ISP. From tht first the defendents have insisted on seeing proof of copyright, and the Church has never provided any.

TBTF alerts you twice a week to bellwethers in computer and communications
technology, with special attention to commerce on the Internet. See the
archive at <http://www.tbtf.com/>. To subscribe send the
message "subscribe" to tbtf-request@world.std.com. Commercial use prohib-
ited. For non-commercial purposes please forward and post as you see fit.
Keith Dawson dawson dot tbtf at gmail dot com dawson@atria.com
Layer of ash separates morning and evening milk.