Cryptography-Digest Digest #468, Volume #13 Sun, 14 Jan 01 13:13:02 EST
Contents:
Re: NSA and Linux Security (digiboy | marcus)
Re: NSA and Linux Security (digiboy | marcus)
SHA-1 of a streaming datastream ("Jesper Stocholm")
Re: Can anyone break these cryptograms? (daniel mcgrath)
Has anyone seen these men? (Bryan Mongeau)
Re: NSA and Linux Security (Rich W.)
Re: Has anyone seen these men? ("Michael Scott")
Re: SHA-1 of a streaming datastream (Tom St Denis)
Re: The Word Problem and Group Isomorphism (MikeAt1140)
Re: SHA-1 of a streaming datastream ("Jesper Stocholm")
storing private keys ("Lucas C. Ferreira")
----------------------------------------------------------------------------
From: digiboy | marcus <[EMAIL PROTECTED]>
Subject: Re: NSA and Linux Security
Date: Sun, 14 Jan 2001 12:03:53 GMT
In article <93quqo$dqh$[EMAIL PROTECTED]>,
Greggy <[EMAIL PROTECTED]> wrote:
> Then what's next? Shall they enter our homes without a warrant?
> Where do you draw the line? Your idea of life is scary.
The intelligence agencies can already enter your homes without a
warrant, of sorts. They have a permanent warrant. My 'idea' of life
_is_ the reality, and it's perfectly fine with me. I'm not doing
anything that my government needs to be worried about.
> That was never the issue, now was it?
Yes. You expressed your view on Echelon, I was just expressing mine.
> Let me say it very clearly to keep your focus on what I replied to.
> The quote is above and has to do with what Echelon was designed for.
> It is not designed to catch bad guys. It is designed to have in place
> for the day that those corrupt in government want to abuse those they
> govern. The cover is to catch the bad guy.
Let me put it this way then. How do _you_ know what the intent of
Echelon is? When you look at its ability : It can scan all data
communication and flag those with certain keywords for further viewing,
how can you say it's not to catch the 'bad guy' (you're thinking too
linearly here also). They aren't going to flag everyone that
mentions 'football' etc etc. nor would it offer them any valuable
intelligence. What you're arguing makes no sense... how could
information on the average citizen (1) Be of any use (2) Be used
against that person?
> Privacy advocates don't mind so much that something like that is in
> place, but that it is in the hands of those who could become so
> corrupt that when they no longer answer to anyone then great tyranny
> can abound.
What you're failing to see is that it's not held by a single person who
is unaccountable. Also, no single person within each organisation has
enough knowledge of what they are operating on to make any real use of
it.
> I quit this
> conversation, pal.
...but obviously you don't.
> Your arguments sound good but are easy to dismantle, given the time
> and I have run out of patience...
What a feeble excuse. I haven't seen anything you've said that sounds
anything more than the usual over-paranoid gun-crazy US bullshit. If my
arguments are so easy to dismantle then, wow, why not at least try?
--
[ marcus ] [ http://www.cybergoth.cjb.net ]
[ ---- http://www.ninjakitten.net/digiboy ]
Sent via Deja.com
http://www.deja.com/
------------------------------
From: digiboy | marcus <[EMAIL PROTECTED]>
Subject: Re: NSA and Linux Security
Date: Sun, 14 Jan 2001 12:43:43 GMT
In article <93r444$3qv$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (David Wagner) wrote:
> One possible answer might involves public,
> independent, and credible oversight.
The problem with this is that when you have to report on who you are
investigating to a public/independent body you are instantly breaching
security rendering the whole body/work useless. Then you have to have
oversight over _this_ body in turn to check that _they_ aren't misusing
what they know.
> Unfortunately, much of today's oversight seems to operate in secret
> (and hence is hard to verify whether it is doing any good; justice
> must be public to be seen to be just).
A problem arises when there are differing viewpoints between national
prosperity/security and the general public.
I can't come up with great examples but the Gulf War springs to mind.
It was quite obvious 'we' didn't care about Kuwait, more their oil, and
there was quite a bit of protest in the public about this. But would
the same people be 'happy' under the circumstances which would have
arisen if Iraq had taken Kuwait? I doubt it.
I know there were some problems even within the various agencies after
WW2 because then they started spying again on their former allies.
However it was quite necessary. I found it quite funny to read that at
the end of the war (when getting rounded up) German codebreakers were
offering assistance/equipment to the allies against the Russians. And
were taken up on their offers.
More commercial examples are probably plentiful in real life if we only
knew them, but to be realistic, if a major US (or in my case UK)
company lost to a foreign firm it could be a major blow to the economy,
and thus the stability of a nation. The public might not appreciate
hearing that the government are spying on foreign companies or even
local/foreign subsidiaries (some people forget that just because it
used to be homegrown 50 years ago doesn't mean it's still a native
company today), but it may be more important to them than they want to
believe.
> Moreover, any independent investigation must be clueful enough to know
> to ask the right questions (and I can cite many examples of failures
> in this regard; if you're not very well-informed, you won't
> understand enough to ask the right questions, and this can make
> meaningful oversight very difficult [1]).
That would be a very real problem, especially as intelligence agencies
would not want to reveal anything till they are specifically asked
about it. This would have to be grabbed out the blue if checked by an
independent body making the whole process extremely difficult and
unproductive.
> I've seen denials that say things like "the NSA is prohibited from
> giving intelligence information to companies, and does not do so".
> This is, apparently, supposed to reassure us.
I'm trying to think what _could_ they do that wouldn't compromise
security? I can't imagine an intel balance sheet.
--
[ marcus ] [ http://www.cybergoth.cjb.net ]
[ ---- http://www.ninjakitten.net/digiboy ]
PS. A final problem with a body being set up to check them, is that
ultimately you wouldn't know whether you could actually trust them to
_be_ an independent party and not just a 'fake' organisation filled
with local intel agents (or worse, foreign spys). It gets rather
confusing when you know how much they can change things.
Sent via Deja.com
http://www.deja.com/
------------------------------
From: "Jesper Stocholm" <[EMAIL PROTECTED]>
Subject: SHA-1 of a streaming datastream
Date: Sun, 14 Jan 2001 16:51:45 +0100
How do I make a 160bit SHA-1 of a stream of data ? I need it for a Smart
Card implementation of ECDSA, where I in rare cases need to be able to
calculate the SHA-1 value inside the card - if no powerfull klient-PC is
available to the user. The problem here is, that it is not always possible
to store the entire amount of data inside the card ... so I was thinking
about streaming the data thru the card and calculating the SHA-value as it
passes thru.
Can it be done ... and does it make sense to do it ?
Thanks,
--
/Jesper
MSN Messenger: jesperstocholm at hotmail.com
------------------------------
From: [EMAIL PROTECTED] (daniel mcgrath)
Crossposted-To: rec.puzzles
Subject: Re: Can anyone break these cryptograms?
Date: Sun, 14 Jan 2001 16:29:01 GMT
On Sun, 31 Dec 2000 23:19:58 GMT, [EMAIL PROTECTED] (daniel mcgrath)
wrote:
>Below are two cipher messages encrypted using the exact same system --
>keys and all. Although the two cryptograms show little resemblance to
>one another, their plaintexts say very similar things, with only a
>slight difference. I would be interested in seeing if any of you on
>rec.puzzles or sci.crypt are able to decipher the messages, or at
>least make hypotheses.
>
>Good luck!
>
>Advth'xance,
>Daniel
>
>Cryptogram #1:
>
> BHNIM GKVIJ USKWG WHKGG HTGKS VIAIU LLAUT USUMU XKUUW ISXUL
> GSSVW BIVJG IGJKW THXKW VUXUU OYIUB OLVDP WTASS YSJKS IGGHU
>
>Cryptogram #2:
>
> BIQHO KHUKG IUSIU GXXUI HGITG KSGXI ILUIZ IUUWW UWWTW TKXTU
> LTUXI XGSWS SKKTB UKKHI KTSKI JVBUW NUXXX VOCIM IOLUC ZQUSK
> USETW HGSHG GKXH
>
>(WARNING: I did not use a computer to encipher these messages, so
>there may be an error or two somewhere. I think they're all right,
>though.)
>
HINT
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
The messages use an ADFGVX-type system with variants, and I used a
very clever method for choosing the variants.
==================================================
daniel g. mcgrath
a subscriber to _word ways: the journal of recreational linguistics_
http://www.wordways.com/
------------------------------
From: Bryan Mongeau <[EMAIL PROTECTED]>
Subject: Has anyone seen these men?
Date: Sun, 14 Jan 2001 16:42:57 GMT
Missing: Paulo Barretto and George Barwoord, authors
of elliptic curve crypto implementations ( pegwit ). I have
tried the only emails I can find for these two, mainly:
<[EMAIL PROTECTED]>
<[EMAIL PROTECTED]>
and they bounce. I would like to contact either one
with regards to the program pegwit, curves in the
GF(2^m) and the Nigel Smart shortcuts that make
these curves weak.
If anyone out there can assist me in locating these
individuals or perhaps point me to a ANSI C
implementation of of curves in GF(p), that would
be appreciated.
Thank-you.
--
<==================================>
Bryan Mongeau
Lead Developer, Director
eEvolved Real-Time Technologies Inc.
www.eevolved.com
<==================================>
"We can't solve problems by using the same kind of thinking we used when we
created them."-- Einstein
------------------------------
From: Rich W. <[EMAIL PROTECTED]>
Subject: Re: NSA and Linux Security
Date: Sun, 14 Jan 2001 11:57:48 -0500
The voices in my head tell me that
In article <93s4j8$80e$[EMAIL PROTECTED]>, [EMAIL PROTECTED]
says...
> > Let me say it very clearly to keep your focus on what I replied to.
> > The quote is above and has to do with what Echelon was designed for.
> > It is not designed to catch bad guys. It is designed to have in place
> > for the day that those corrupt in government want to abuse those they
> > govern. The cover is to catch the bad guy.
>
> Let me put it this way then. How do _you_ know what the intent of
> Echelon is? When you look at its ability : It can scan all data
> communication and flag those with certain keywords for further viewing,
> how can you say it's not to catch the 'bad guy' (you're thinking too
> linearly here also). They aren't going to flag everyone that
> mentions 'football' etc etc. nor would it offer them any valuable
> intelligence. What you're arguing makes no sense... how could
> information on the average citizen (1) Be of any use (2) Be used
> against that person?
I saw Phil Zimmermann speak in Syracuse NY about 5 or 6 years ago
(got him to sign my PGP Users Guide) and he made a good point. (many
even)
Technology infrastructures RARELY (if ever) go away.
There's no law saying US power has to be 110 volt 60 hz. Yet here
it is, has been for many decades, and will continue to be so.
The same is true for these spying infrastructures. Once fully in
place, things like Echelon and Carnivore will NEVER go away, and
that's a scary thing when you consider how our ELECTED officials are
getting MORE reactionary over time, and the citizenry are encouraging
it. It's only a matter of time before a REALLY scary bastard (as
opposed to the current and next semi-scary bastards) gets in power and
starts hunting down people of a particular bent he doesn't like.
Yes, be naive and say it can never happen here. And don't think just
because you think you're a good little citizen that they won't be
knocking on your door at 3 am.
Rich...
------------------------------
From: "Michael Scott" <[EMAIL PROTECTED]>
Subject: Re: Has anyone seen these men?
Date: Sun, 14 Jan 2001 17:19:42 GMT
"Bryan Mongeau" <[EMAIL PROTECTED]> wrote in message
news:lGk86.68237$[EMAIL PROTECTED]...
> Missing: Paulo Barretto and George Barwoord, authors
>...
> If anyone out there can assist me in locating these
> individuals or perhaps point me to a ANSI C
> implementation of of curves in GF(p), that would
> be appreciated.
>
Check out http://indigo.ie/~mscott
Mike Scott
> Thank-you.
>
> --
> <==================================>
> Bryan Mongeau
> Lead Developer, Director
> eEvolved Real-Time Technologies Inc.
> www.eevolved.com
> <==================================>
>
> "We can't solve problems by using the same kind of thinking we used when
we
> created them."-- Einstein
>
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: SHA-1 of a streaming datastream
Date: Sun, 14 Jan 2001 17:18:13 GMT
In article <93shvu$o7b$[EMAIL PROTECTED]>,
"Jesper Stocholm" <[EMAIL PROTECTED]> wrote:
> How do I make a 160bit SHA-1 of a stream of data ? I need it for a Smart
> Card implementation of ECDSA, where I in rare cases need to be able to
> calculate the SHA-1 value inside the card - if no powerfull klient-PC is
> available to the user. The problem here is, that it is not always possible
> to store the entire amount of data inside the card ... so I was thinking
> about streaming the data thru the card and calculating the SHA-value as it
> passes thru.
>
> Can it be done ... and does it make sense to do it ?
If you read the SHA-1 spec (like you probably didn't because you are probably
a lame ass coder wanting others todo work for you) you would find out that
SHA-1 compresses 512-bit blocks at a time. So yes, it's possible to hash a
message in smaller chunks then the entire thing at once.
Tom
Sent via Deja.com
http://www.deja.com/
------------------------------
From: [EMAIL PROTECTED] (MikeAt1140)
Date: 14 Jan 2001 17:31:30 GMT
Subject: Re: The Word Problem and Group Isomorphism
David- Some brief remarks:
(1) In discussions at MSRI it seems that the sort of high performance
group-theoretic software necessary for testing and evaluation of
group-theoretic public-key cryptosystems is not readliy available. The CUNY
researchers at
http://www.grouptheory.org/
are trying to develope such software. (I'm a cheer leader but not actively
involved).
I would expect Berkeley researchers such as David Wagner to get involved.
(2) Dorian Goldfeld spoke at the Workshop indicated below and met with S.Hahn.
He reports that the Korean research effort particularly using braid groups is
very impressive.
<< To this should be added recent work by S. Hahn, E. Lee, and J.H. Park of the
Korean Advanced Institute for Science and Technology, abstracted at
http://com2mac.postech.ac.kr/wshop6_abstract.htm#S. Hahn >>
(3) In light of (1) and (2) see the preprint
*******************************************************
http://xxx.lanl.gov/
A New Algorithm for Solving the Word Problem in Braid Groups
Authors: David Garber (Bar-Ilan University), Shmuel Kaplan (Bar-Ilan
University), Mina Teicher (Bar-Ilan University)
Comments: 24 pages, 13 figures
Subj-class: Group Theory; Geometric Topology; Algebraic Geometry
MSC-class: Primary: 14Q05; Secondary: 32S30,32S40
One of the most interesting questions about a group is if its word problem can
be solved and how. The word problem in the braid group is of particular
interest to topologists, algebraists and geometers, and is the target of
intensive current research. We look at the braid group from a topological point
of view (rather than a geometrical one). The braid group is defined by the
action of diffeomorphisms on the fundamental group of a punctured disk. We
exploit the topological definition of the braid group in order to give a new
approach for solving its word problem. Our algorithm is faster, in comparison
with known algorithms, for short braid words with respect to the number of
generators combining the braid, and it is almost independent of the number of
strings in the braids. Moreover, the algorithm is based on a new computer
presentation of the elements of the fundamental group of a punctured disk. This
presentation can be used also for other algorithms.
*****************************************
Rapid computation of normal forms for elements in the
braid group are necessary for encryption/decryption.
Testing requires fast conjugacy search algorithms.
Perhaps the Israeli based team indictaed above can offer some help in this
effort.
Best Regards
Michael Anshel
------------------------------
From: "Jesper Stocholm" <[EMAIL PROTECTED]>
Subject: Re: SHA-1 of a streaming datastream
Date: Sun, 14 Jan 2001 18:50:00 +0100
"Tom St Denis" <[EMAIL PROTECTED]> wrote in message
news:93sn0h$krl$[EMAIL PROTECTED]...
> In article <93shvu$o7b$[EMAIL PROTECTED]>,
> "Jesper Stocholm" <[EMAIL PROTECTED]> wrote:
> > How do I make a 160bit SHA-1 of a stream of data ? I need it for a Smart
> > Card implementation of ECDSA, where I in rare cases need to be able to
> > calculate the SHA-1 value inside the card - if no powerfull klient-PC is
> > available to the user. The problem here is, that it is not always
possible
> > to store the entire amount of data inside the card ... so I was thinking
> > about streaming the data thru the card and calculating the SHA-value as
it
> > passes thru.
> >
> > Can it be done ... and does it make sense to do it ?
>
> If you read the SHA-1 spec (like you probably didn't because you are
probably
> a lame ass coder wanting others todo work for you) you would find out that
> SHA-1 compresses 512-bit blocks at a time. So yes, it's possible to hash
a
> message in smaller chunks then the entire thing at once.
>
hmmm ...
If you look at my posting (like you probably didn't because you are probably
just looking for someone to take something out on), I didn't ask for
"downloadable code", "free sourcecode" etc ...
I had looked at the specification at http://csrc.nist.gov/cryptval/shs.html,
but I must have missed the part you refer to. I wanted a binary answer -
yes/no - but you must have missed this in you eagerness to let out some
steam.
But all things being equal, you answered my question, so I will now continue
with my work.
ys
--
/Jesper
------------------------------
From: "Lucas C. Ferreira" <[EMAIL PROTECTED]>
Subject: storing private keys
Date: Sun, 14 Jan 2001 15:34:50 -0300
Hello,
can anyone poit me to any information on secure storage of private keys on
disk. I am building a server that will need to sign some messages and, if
possible, should start automatically at boot time and retrieve its private
key from secure storage. I am firstly seaking a software only solution but
may consider solutions that involve special-purpose hardware if there is a
significant increase in security and ease of use.
Thanks a lot,
Lucas
PS: if possible, answer to my email address too cause I don't trust my news
server to be reliable.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
