Archive for September 9, 2013

Monday, September 9, 2013 [Tweets] [Favorites]

Color Mixing

Bruce MacEvoy has a very interesting site about watercolor techniques, which includes this article on mixing green (via Kyle Sluder):

When we go to mix paints, we find it’s difficult to pick the right paint combination — blue and yellow, or green and yellow, or green and blue? — to get the right shade of green, because green mixtures are different from other mixtures. We must know the material behavior of different pigments and paints, and which ones to choose for different purposes. When we mix them, we find that green mixtures follow curves rather than straight lines across a color wheel, and they often require three paints to mix accurately, rather than the two paints we’re been taught (“yellow and blue make green,” etc.). All these mixing complications are the reason there are so many premixed convenience green paints on the market — more premixed colors than for any other hue.

Subverting the IPSec Standards Process

John Gilmore (via Tim O’Reilly):

Every once in a while, someone not an NSA employee, but who had longstanding ties to NSA, would make a suggestion that reduced privacy or security, but which seemed to make sense when viewed by people who didn’t know much about crypto. For example, using the same IV (initialization vector) throughout a session, rather than making a new one for each packet. Or, retaining a way to for this encryption protocol to specify that no encryption is to be applied.

The resulting standard was incredibly complicated—so complex that every real cryptographer who tried to analyze it threw up their hands and said, “We can’t even begin to evaluate its security unless you simplify it radically”. […] That simplification never happened.

The IPSEC standards also mandated support for the “null” encryption option (plaintext hiding in supposedly-encrypted packets), for 56-bit Single DES, and for the use of a 768-bit Diffie-Hellman group, all of which are insecure and each of which renders the protocol subject to downgrade attacks.

A Simple Problem Whose Decidability Is Not Known

An interesting CS Theory Stack Exchange question (via @CompSciFact):

I am preparing for a talk aimed at undergraduate math majors, and as part of it, I am considering on discussing the concept of decidability. I want to give an example of a problem which we do not currently know to be decidable or undecidable. There are many such problems, but none seem to stand out as nice examples so far.

What is a simple-to-describe problem whose decidability is open?