No announcement yet.

If it looks like a fish and smells like a fish it probably is two fish Mr. Schneier

  • Filter
  • Time
  • Show
Clear All
new posts

  • If it looks like a fish and smells like a fish it probably is two fish Mr. Schneier

    There are 10 days until the official launch of

    The Whitenoise Challenge That Black Hat Would Not Take.

    Some crypto guys write cryptically, like me.

    Some crypto guys are said to actually blow fish.

    But this really is a tale of two fish (actually more but we will get to that bit by bit. They say a mouse can swallow the elephant in the question and answer room but he has to do it a byte at a time.)

    Well here is our first contest within a contest.

    And we let the DEFCON members see if they can identify their best Deaf CON ARTIST.
    Their votes will help us choose a winner!

    The Li’l Miss Chrissie Hyndes Trophy is awarded to whomever DEFCON members think is a great pretender.

    The votes just may determine who has to kiss DEFCON hyndes, too.

    On the contest launch day, we will post the link where DEFCON attendees can vote. We urge scientific integrity and participation in the critical question of our day: How do we balance privacy and security? The first important thing might be to listen to honest leaders and demand accountability. Then we might demand things like ethics, scientific method and the like.

    The 10 days leading up to the contest, and the few weeks before assuming his place in the great halls of education like Harvard or MIT or wherever begins, certainly not a Chair in Ethics 101 or Scientific Method 101, should be plenty of time for the author of Snake Oil and the Dog House to actually demonstrate his ability and integrity for all his future students (and you – the DEFCON viewing audience). Draw you own conclusions.

    See if you can guess who will get my vote for the Li’l Miss Chrissie Hynde Trophy!

    Open letter –

    Mr. Schneier,

    You wrote in your Snake Oil and Dog House piece:

    “You've got your weird "independent evaluation" by experts who seem to have no actual expertise in cryptography.”

    Would you please apologize to David Wagner?

    Even though we can prove you had the independent evaluation in hand, we will let DEFCON dig for the rest of the connection.

    The independent evaluation was done by David Wagner, a crypto security expert that has testified before congress. David Wagner, of the University of California, Berkeley wrote in the evaluation that a Whitenoise key couldn’t be broken in a trillion years! Actually that’s way short but readers should go take their own look at the paper.

    I believe he was one of the individuals that helped morphed your (?) blow fish into two fish when you were unsuccessful in an AES contest but some DEFCON members likely will do the investigative journalism to dig that out.

    To refresh your memory here is the security analysis by David Wagner, assistant to Two Fish (?) yet again. And yes, I do believe he knew about cryptanalysis.

    Tomorrow DIVA will discuss a little quirk in Canadian privacy and intelligence law that enabled us to be able to document that you KNEW about David’s study before you published your bit and that you knew you were writing about Whitenoise in an implementation called Tinnitus, and that you refused to allow any rebuttal in your digital rag. Do you think the experts in DEFCON have a tin ear?

    We will let DEFCON members try to figure out or speculate about your motives and agenda.

    André Brisson

    Here is Bruce’s scientific method.

    The Doghouse: BSB Utilities

    I got this as spam, no less. It's your typical one-time-pad-that's-really-a-stream-cipher proprietary algorithm. You've got your infinitely long key. You've got your claims of more security than anything else on the market. You've got your weird "independent evaluation" by experts who seem to have no actual expertise in cryptography.

    But this is my favorite quote off the Web site: "One of the primary means of testing the solidness of a form of encryption is to test the randomness of the data it creates." Haven't these people ever heard of cryptanalysis?


    June 15, 2003
    by Bruce Schneier
    Founder and CTO
    Counterpane Internet Security, Inc.

    Tomorrow on this blog we will introduce a third fish and look at IACR and ePrint behavior and manipulation.

    We will also start another contest within a contest called:

    Who are Wu? Wu Wu – Wu Wu

    I will also post a one book reading list for students at Harvard or MIT or wherever since Mr. Schneier will likely be busy showing you all that he can break Whitenoise – or what he termed snake oil.

    Oh, and since Mr. Schneier will be busy breaking Whitenoise, DEFCON members can use that time while they are watching him, to SEE how Whitenoise keys are made:

    I think they are smart enough to multi task – watch you and actually start their own testing at the same time.