
5700 upvotes later: be careful about crypto advice from Reddit - nailer
https://certsimple.com/blog/reddit-math-crypto
======
nailer
Author here. The thing that strikes me here is how something like Reddit Math
can fall for the same kinds of 'wisdom of the crowd' things we'd typically see
on Facebook.

Some people like the analogy, so the the math isn't questioned. The post hits
reddit's Best Of and more people vote it up. Now it's three months since the
post and you'll only notice the error if you collapse the first comment, which
is full of praise for the analogy. This is despite Reddit math being a self-
selected crowd with a specific interest in the topic.

Note: I originally said 'nobody noticed the error' but as @tzs points out,
some users did - collapse the first reply thread and you'll see them.

~~~
tzs
> Now it's three months since the post and nobody has pointed out the error,
> despite Reddit math being a self-selected crowd with a specific interest in
> the topic.

/u/GemOfEvan pointed out the error in the second highest (sorted by "Best")
reply:

    
    
      I think I'm missing something. Alice has a message m and a
      product of primes a. She sends Bob the product ma. Bob has
      the product of primes b and sends back the product mab.
      Alice divides by a and sends back mb. Eve has heard the
      products ma, mab, and mb. (ma)(mb)/(mab) = m, so Eve now
      has the message.
    

Glancing through the other replies, I see at least a half dozen others also
pointing out the problem, and also several explaining what it takes to make
this kind of three way exchange actually work.

Reddit only reports timestamps to the month on articles this old, but all the
replies I mention above say "3 months ago".

~~~
misterdata
> Reddit only reports timestamps to the month on articles this old, but all
> the replies I mention above say "3 months ago".

Hold your mouse over the '3 months ago' and it shows the exact timestamp in a
tooltip.

------
Grue3
Changing numbers to modulos under a large prime won't help you either. You can
still divide numbers under modulo using Euclid algorithm [1]

[1]
[https://en.wikipedia.org/wiki/Modular_multiplicative_inverse](https://en.wikipedia.org/wiki/Modular_multiplicative_inverse)

------
misterdata
So, how should the 'locked boxes' analogy be fixed?

~~~
pwg
Quote from the post:

"There's just a small problem.

It's not with the box analogy: as another commenter noted, it's a well known
example example you'll find in great books like Simon Singh's The Code Book."

The problem is not the analogy, the "locked-box" analogy is fine. The problem
is that the math is flawed. The math is not equivalent to the analogy.

