Cryptography-Digest Digest #486, Volume #13 Thu, 18 Jan 01 06:13:01 EST
Contents:
Re: A Small Challnge (Benjamin Goldberg)
Re: A Small Challnge ("rosi")
Re: A Small Challnge (Benjamin Goldberg)
Re: block algorithm on variable length without padding? ("Scott Fluhrer")
Re: Why Microsoft's Product Activation Stinks ("buddy_holly")
Compression ("Adrian S. Thompson")
Re: Why Microsoft's Product Activation Stinks ("Adrian S. Thompson")
Re: block algorithm on variable length without padding? ("Adrian S. Thompson")
Re: Why Microsoft's Product Activation Stinks (Richard John Cavell)
Re: Why Microsoft's Product Activation Stinks (Gunner)
An arithmetic curiousity ? (Charles Nicol)
Re: Why Microsoft's Product Activation Stinks (David Schwartz)
Re: Where can I find software tools for Known-text decryption ("Sam Simpson")
Re: Full text to the book ``Underground'' released (Volker Tanger)
Re: Full text to Australian/British/American hacker book ``Underground'' released.
(Julian Assange)
----------------------------------------------------------------------------
From: Benjamin Goldberg <[EMAIL PROTECTED]>
Crossposted-To: sci.math,comp.theory
Subject: Re: A Small Challnge
Date: Thu, 18 Jan 2001 06:12:11 GMT
rosi wrote:
>
> Benjamin Goldberg wrote in part in message
> <[EMAIL PROTECTED]>...
> >
> >Here's an idea. RSA encryption works like the following:
> > a = ciphertext, b = plaintext (or vice versa)
> > e = encryption exponent, d = decryption exponent (or vice versa)
> > pq = product of two primes, p and q, which are the private key
> > a = b ^ e % pq
> > b = a ^ d % pq
> > 1 = de % lcm(p-1,q-1)
> >
> >Normally, d and e are generated once, and d is part of the private key.
> >After this, p and q are no longer needed seperately, and may be
> >discarded.
> >
> >What if, instead we used p, q (seperately) as our private key, and
> >published just pq as our public key. To encrypt, the sender generates a
> >random e, and sends e it along with the message. To decrypt, the
> >recipient calculates the corresponding d to that e.
> >
> >To make sure that e has no factors in common with lcm(p-1,q-1), the
> >sender generates it to be a prime number with over half as many bits as
> >pq.
> >
>
> Thanks for the message and the try.
>
> What are your >>>> two <<<< _DIFFERENT_ encryption keys?
Sender a generates random e_a. His encryption key is (e_a,pq).
Sender b generates random e_b. His encryption key is (e_b,pq).
If you want, you could have the recipient calculate a few dozen e,d pairs, and
have as the public keys (pq, e_0), (pq, e_1), (pq, e_2) ...
Of course, the message must still contain an indicator of which e was used,
but this can now be a small integer, to select d_i.
> pq counts to >>>> one <<<< encryption key.
Or it can count to a ridiculously large set of encryption keys.
To encrypt with rsa, you need pq AND some e. The set of all es which work
with some pq is quite large.
> I think I said, randomization is not QP.
>
> Did I misread you? Or yours fits the definition in a way I did not see?
>
> --- (My Signature)
--
Most scientific innovations do not begin with "Eureka!" They begin with "That's odd.
I wonder why that happened?"
------------------------------
From: "rosi" <[EMAIL PROTECTED]>
Crossposted-To: sci.math,comp.theory
Subject: Re: A Small Challnge
Date: Thu, 18 Jan 2001 01:57:36 -0500
David A Molnar wrote in part in message
<945u7f$brj$[EMAIL PROTECTED]>...
>In comp.theory Bryan Olson <[EMAIL PROTECTED]> wrote:
>
>> much to this notion. Perhaps the holders of public keys
>> should not be able to generate other public keys. Perhaps
>> they should not be able to tell whether two public keys
>> correspond to the same private key. Would either of those be
>> useful?
>
>Those two requirements sound like the "blinded-key encryption"
>discussed here on sci.crypt in April. I have not read rosi's article on QP
>encryption carefully enough to render judgement, however. Sorry.
David,
I do not think QP and blinded-key encryption are the same thing.
I admit, they somehow could sound alike.
By the way, it is not the holder of the public key (or asymmetric
encryption key) generating further encryption keys. That feature is
not in QP. At the same time, an unknown entity can not, by common
sense, be called part of an encryption key. Randomization is part
of the encryption process but not part of the encryption key. Therefore,
DES(RSA(m)) is not QP, neither is RSA(DES(m)) sending the session
DES key (apart from the practicality of such things). In addition, there
is no (implicit or explicit) mention of the randomized parameter, else
it should be something like D(E[i](m, r[i]), r[i]) and D(E[j](m, r[j]),
r[j]). One
can not leave out that parameter and assume that is the default. I
could have messed up something somewhere, for example leaving
out something that is crucial for a complete and exact formal spec
for QP. I WILL correct myself if I see that is indeed the case.
Thanks to you all who showed interest in QP and in your best ways
trying to help me. And I keep enjoy reading yours, David.
--- (My Signature)
------------------------------
From: Benjamin Goldberg <[EMAIL PROTECTED]>
Crossposted-To: sci.math,comp.theory
Subject: Re: A Small Challnge
Date: Thu, 18 Jan 2001 06:24:56 GMT
Mok-Kong Shen wrote:
[snip]
> (2) Are you sure that some practically useful D and E[i] and
> E[j] with E[i]!=E[j] could satisfy your following requirement
> for arbitrary m in a sufficiently large set?
>
> D(E[i](m)) = D(E[j](m)) = m
Hmm, unless I'm mistaken, NTRU keys can fit this definition perfectly.
The private key is f, a funky polynomial randomly generated with certain
parameters. The public key is h, calculated as p * modinv( f, q ) * g
(modulo q), where g is a funky polynomial randomly generated with
certain parameters.
For a QP encryption system, the private key holder calculates and
publishes a number of different h values, h[0], h[1], h[2], etc. Each
of these is a functional public key.
His private key, f, can be used to decrypt a message encrypted with any
of those public keys.
--
Most scientific innovations do not begin with "Eureka!" They begin with
"That's odd. I wonder why that happened?"
------------------------------
From: "Scott Fluhrer" <[EMAIL PROTECTED]>
Subject: Re: block algorithm on variable length without padding?
Date: Wed, 17 Jan 2001 22:55:32 -0800
N. Weicher <[EMAIL PROTECTED]> wrote in message
news:kAj96.59822$[EMAIL PROTECTED]...
> Is it possible to use a block algorithm (such as Blowfish or DES) to
encrypt
> plaintext where the length is not a multiple of eight bytes? I know about
> padding, but what if padding is not an option, ie, the encrypted data must
> be the exact same length as the plaintext data? Is this feasible? If so,
> how is it done?
One obvious way is to use a feedback mode that handles partial blocks, such
as CFB, OFB or counter mode.
A rough overview of these modes:
CFB:
C[i] = P[i] ^ E( C[i] )
OFB:
T[i] = E( T[i-1] )
C[i] = P[i] ^ T[i]
Counter mode:
C[i] = P[i] ^ E( i )
Where:
P[i] is the ith plaintext block
C[i] is the ith ciphertext block
E( ) is one block encryption using the block algorithm, with the key
implicit
T[i] is an internal value in OFB mode.
^ is xor
If the algorithm refers to a ciphertext block before the first one, use a
(possibly implicit) IV
It should be obvious that for each of these modes, if the receiver has
ciphertext as long as the original plaintext, he is able to uniquely
identify the original plaintext (assuming, of course, he has the key).
And, yes, I'm fuzzing over some details with all three of these modes (CFB
and counter mode, in particular, are actually defined more generally than I
stated). Check out Applied Cryptography for the details
--
poncho
------------------------------
From: "buddy_holly" <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto,misc.survivalism
Subject: Re: Why Microsoft's Product Activation Stinks
Date: Wed, 17 Jan 2001 23:52:45 -0900
here are some good free PC operating systems:
(you can burn these ISO images with most cd-r software and a cd burner)
Red Hat Linux 7.0:
ftp://ftp.redhat.com/pub/redhat/current/i386/iso/7.0-respin-disc1.iso
ftp://ftp.redhat.com/pub/redhat/current/i386/iso/7.0-respin-disc2.iso
FreeBSD 4.2:
ftp://ftp.freebsd.org/pub/FreeBSD/releases/i386/ISO-IMAGES/4.2-install.iso
"zapzing" <[EMAIL PROTECTED]> wrote in message
news:944nvc$9t9$[EMAIL PROTECTED]...
> Upcoming versions of windows may have, I
> read, something called "product activation".
> This means that you must call up microsoft
> so that the OS can have permission to run.
> I have a few questions about this. First of
> all, under what conditions will MS
> *refuse* to activate the product. It seems
> to me that if they never refuse activation,
> then putting in product activation code is
> pretty useless. And if they do, they may
> deny legitimate users who reconfigure their
> systems frequently.
>
> Also, what about the possibility of a major
> computer virus that requires many machines
> to restore. This would of course require
> that the OS be reactivated, but in that case
> the product reactivation lines could be
> jammed. This would make me think about it
> very carefully before I bought an OS that
> included product reactivation code.
>
> I understand MS's desire to protect their
> intellectual property, but please try to think
> of something that will not cause the collapse
> of civilization.
>
> --
> Void where prohibited by law.
>
>
> Sent via Deja.com
> http://www.deja.com/
------------------------------
From: "Adrian S. Thompson" <[EMAIL PROTECTED]>
Subject: Compression
Date: Thu, 18 Jan 2001 03:19:28 -0600
Hi,
Does anyone know where I can find the algorithms for different
compression utilities (gz, zip, rar blah...)? This would help me to
write a program to find patterns in cyphertext files. I realize that
some may be 'top secret' patented algorithms, but any pointing in the
right direction would be nice.
Take care,
-=Adrian=-
------------------------------
From: "Adrian S. Thompson" <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto,misc.survivalism
Subject: Re: Why Microsoft's Product Activation Stinks
Date: Thu, 18 Jan 2001 03:27:06 -0600
Hi,
I'm not 100% with US law (from Canada), but isn't it illegal to *require*
personal information to make a sale? I beleive it is here.
Take Care,
-=Adrian=-
Val Mehling wrote:
> So - if we really do see TSHTF and Microsoft is one of the casualties
> and, some time later on, if someone starts setting up computers again
> they won't be able to use the new Windoze cause they won't be able to
> get it "activated." Better keep those Win 98SE CD's in a safe place.
>
> zapzing wrote:
>
> > Upcoming versions of windows may have, I
> > read, something called "product activation".
> > This means that you must call up microsoft
> > so that the OS can have permission to run.
> > I have a few questions about this. First of
> > all, under what conditions will MS
> > *refuse* to activate the product. It seems
> > to me that if they never refuse activation,
> > then putting in product activation code is
> > pretty useless. And if they do, they may
> > deny legitimate users who reconfigure their
> > systems frequently.
> >
> > Also, what about the possibility of a major
> > computer virus that requires many machines
> > to restore. This would of course require
> > that the OS be reactivated, but in that case
> > the product reactivation lines could be
> > jammed. This would make me think about it
> > very carefully before I bought an OS that
> > included product reactivation code.
> >
> > I understand MS's desire to protect their
> > intellectual property, but please try to think
> > of something that will not cause the collapse
> > of civilization.
> >
> > --
> > Void where prohibited by law.
> >
> > Sent via Deja.com
> > http://www.deja.com/
>
> --
> Val Mehling - anti-spam in effect.
> For e-mail reply to: [EMAIL PROTECTED]
>
> http://home.earthlink.net/~valjm/
> Libertarian for Bush * Cheney
------------------------------
From: "Adrian S. Thompson" <[EMAIL PROTECTED]>
Subject: Re: block algorithm on variable length without padding?
Date: Thu, 18 Jan 2001 03:31:20 -0600
Hi,
Couldn't a person just pad the plaintext, encrypt the plaintext, then place an
EOF at the first byte of the padding? Just a hypothosis. ;-)
Take care,
-=Adrian=-
Scott Fluhrer wrote:
> N. Weicher <[EMAIL PROTECTED]> wrote in message
> news:kAj96.59822$[EMAIL PROTECTED]...
> > Is it possible to use a block algorithm (such as Blowfish or DES) to
> encrypt
> > plaintext where the length is not a multiple of eight bytes? I know about
> > padding, but what if padding is not an option, ie, the encrypted data must
> > be the exact same length as the plaintext data? Is this feasible? If so,
> > how is it done?
> One obvious way is to use a feedback mode that handles partial blocks, such
> as CFB, OFB or counter mode.
>
> A rough overview of these modes:
>
> CFB:
> C[i] = P[i] ^ E( C[i] )
>
> OFB:
> T[i] = E( T[i-1] )
> C[i] = P[i] ^ T[i]
>
> Counter mode:
> C[i] = P[i] ^ E( i )
>
> Where:
>
> P[i] is the ith plaintext block
> C[i] is the ith ciphertext block
> E( ) is one block encryption using the block algorithm, with the key
> implicit
> T[i] is an internal value in OFB mode.
> ^ is xor
> If the algorithm refers to a ciphertext block before the first one, use a
> (possibly implicit) IV
>
> It should be obvious that for each of these modes, if the receiver has
> ciphertext as long as the original plaintext, he is able to uniquely
> identify the original plaintext (assuming, of course, he has the key).
>
> And, yes, I'm fuzzing over some details with all three of these modes (CFB
> and counter mode, in particular, are actually defined more generally than I
> stated). Check out Applied Cryptography for the details
>
> --
> poncho
------------------------------
From: Richard John Cavell <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto,misc.survivalism
Subject: Re: Why Microsoft's Product Activation Stinks
Date: Thu, 18 Jan 2001 20:27:20 +1100
On Wed, 17 Jan 2001, zapzing wrote:
> I have a few questions about this. First of
> all, under what conditions will MS
> *refuse* to activate the product.
I bought Word 2000, then had to reformat my hard disk because Windows
crashed. They refused to give me a registration key for six months
because 'it has already been installed'. I got cranky with them all that
time, and they couldn't have cared less.
I lodged papers with the VCAT (Small claims court) and Wacko! A
registration key was available literally within an hour.
=============================================================
Richard Cavell - [EMAIL PROTECTED]
Newsgroups - Please keep any discussion on the group, and copy your
replies to me via email. (Server problems). Sending me bulk email
guarantees a nasty response.
Judge Thomas Penfield Jackson on Bill Gates: "He has a Napoleonic concept
of himself and his company, an arrogance that derives from power"
=============================================================
------------------------------
From: Gunner <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto,misc.survivalism
Subject: Re: Why Microsoft's Product Activation Stinks
Date: Thu, 18 Jan 2001 01:30:11 -0800
On Wed, 17 Jan 2001 13:46:49 -0500, "Mysterion" <[EMAIL PROTECTED]>
wrote:
>Sounds like Microsoft is determined to shoot themselves in the foot.
Give the boyz at Warez.com a couple weeks...no problem....lol
Gunner
>
>
>"zapzing" <[EMAIL PROTECTED]> wrote in message
>news:944nvc$9t9$[EMAIL PROTECTED]...
>> Upcoming versions of windows may have, I
>> read, something called "product activation".
>> This means that you must call up microsoft
>> so that the OS can have permission to run.
>> I have a few questions about this. First of
>> all, under what conditions will MS
>> *refuse* to activate the product. It seems
>> to me that if they never refuse activation,
>> then putting in product activation code is
>> pretty useless. And if they do, they may
>> deny legitimate users who reconfigure their
>> systems frequently.
>>
>> Also, what about the possibility of a major
>> computer virus that requires many machines
>> to restore. This would of course require
>> that the OS be reactivated, but in that case
>> the product reactivation lines could be
>> jammed. This would make me think about it
>> very carefully before I bought an OS that
>> included product reactivation code.
>>
>> I understand MS's desire to protect their
>> intellectual property, but please try to think
>> of something that will not cause the collapse
>> of civilization.
>>
>> --
>> Void where prohibited by law.
>>
>>
>> Sent via Deja.com
>> http://www.deja.com/
>
" We have all heard that a million monkeys banging on a million
typewriters will eventually reproduce the entire works of
Shakespeare...Thanks to AOL and WebTv, we know this is not possible."
------------------------------
From: [EMAIL PROTECTED] (Charles Nicol)
Subject: An arithmetic curiousity ?
Date: Wed, 17 Jan 2001 11:17:23 -0400
Is it true that Sigma(phi(n))=n-1 iff n=2^k,k>=1,where sigma is the sum of
the divisors and phi is the Euler(totient) function of n?
------------------------------
From: David Schwartz <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto,misc.survivalism
Subject: Re: Why Microsoft's Product Activation Stinks
Date: Thu, 18 Jan 2001 01:32:36 -0800
Richard John Cavell wrote:
> I bought Word 2000, then had to reformat my hard disk because Windows
> crashed. They refused to give me a registration key for six months
> because 'it has already been installed'. I got cranky with them all that
> time, and they couldn't have cared less.
>
> I lodged papers with the VCAT (Small claims court) and Wacko! A
> registration key was available literally within an hour.
That I have a problem with. If, on the other hand, they only refused to
permit installation if they knew a key was being abused, that would be a
totally different story.
DS
------------------------------
From: "Sam Simpson" <[EMAIL PROTECTED]>
Subject: Re: Where can I find software tools for Known-text decryption
Date: Thu, 18 Jan 2001 09:44:24 -0000
Erm, to recover the key maybe? ;)
Matt Timmermans <[EMAIL PROTECTED]> wrote in message
news:Fgt96.90333$[EMAIL PROTECTED]...
> If the text is known, why do you need to decrypt it?
>
> <[EMAIL PROTECTED]> wrote in message news:945k4g$4a6$[EMAIL PROTECTED]...
> >
> >
> > Are there any availble software tools for Known-Text decryption?
> >
> > thank you
> >
> >
> > Sent via Deja.com
> > http://www.deja.com/
>
>
------------------------------
From: Volker Tanger <[EMAIL PROTECTED]>
Crossposted-To:
alt.security,alt.security.espionage,comp.os.linux.security,comp.security.firewalls,comp.security.unix,comp.security.misc,alt.hacking,misc.legal.computing,alt.2600
Subject: Re: Full text to the book ``Underground'' released
Date: Thu, 18 Jan 2001 11:04:57 +0100
Greetings!
James schrieb:
> "Julian Assange" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > See http://www.underground-book.com/download.php3
> > Feel free to forward this message.
>
> (bad link?)
No - just "slashdotted" (overloaded)
See the according Slashdot article (and comments) for numerous mirrors:
http://slashdot.org/article.pl?sid=01/01/18/0141232&mode=nested
Try the links more downwards in the comments as the upper ones seem to
be overloaded, too...
Bye
Volker
--
Volker Tanger <[EMAIL PROTECTED]>
Wrangelstr. 100, 10997 Berlin, Germany
DiSCON GmbH - Internet Solutions
http://www.discon.de/
------------------------------
Crossposted-To:
alt.security,alt.security.espionage,comp.os.linux.security,comp.security.firewalls,comp.security.unix,comp.security.misc,alt.hacking,misc.legal.computing,alt.2600
Subject: Re: Full text to Australian/British/American hacker book ``Underground''
released.
From: Julian Assange <[EMAIL PROTECTED]>
Date: 18 Jan 2001 21:35:31 +1100
Several people have noted that that www.underground-book.com has
been slashdotted to kingdom-come (it doesn't even ping any more!) and
have asked for mirrors.
There are a number listed in various slashdot replies, here:
http://slashdot.org/articles/01/01/18/0141232.shtml
Failing that, you can try http://rubberhose.sourceforge.net/underground,
which is an officialish mirror of the download page.
Note that there are no mirrors of the web-site proper (just the
download pages). But google has cached most of the site. A few
of the more useful pages:
Main page:
http://www.google.com/search?q=cache:www.underground-book.com
Critical reviews:
http://www.google.com/search?q=cache:www.underground-book.com/critics.php3
Reader reviews:
http://www.google.com/search?q=cache:www.underground-book.com/readers.php3
Ordering hard-copy on-line from Australian university bookshops (note that
amazon.com does *not* stock books published by non-us publishers.. even
Random House Australia!):
http://www.google.com/search?q=cache:www.underground-book.com/coop.php3
Otherwise try http://www.underground-book.com/ in a few days when the deluge
is finally over.
Cheers,
Julian
============================================================================
Original message:
I'm very pleased to announce that thanks to Random House, Suelette
Dreyfus and myself the complete and unabridged electronic text to our
book ``Underground: tales of hacking, madness and obsession on the
electronic frontier'' (approx 500 pp.) has been publicly and freely
released.
+---------------------------------------------------------+
| Format | Name | Size (bytes) |
|---------------------------------------------------------|
|---------------------------------------------------------|
| Text | underground.txt | 979993 |
|---------------------------------------------------------|
|---------------------------------------------------------|
| Text, ZIP | underground.zip | 357915 |
|---------------------------------------------------------|
|---------------------------------------------------------|
| Text, GZIP | underground.txt.gz | 355953 |
|---------------------------------------------------------|
|---------------------------------------------------------|
| Text, BZIP2 | underground.txt.bz2 | 265014 |
|---------------------------------------------------------|
|---------------------------------------------------------|
| Palm Basic Doc | underground.pdb | 519140 |
|---------------------------------------------------------|
|---------------------------------------------------------|
| Palm Teal Doc | underground-tealdoc.pdb | 520661 |
+---------------------------------------------------------+
The Palm formated files will allow you to read the book on
a Palm Pilot and various other hand-held machines.
See http://www.underground-book.com/download.php3
Feel free to forward this message.
Julian.
--
Julian Assange |If you want to build a ship, don't drum up people
|together to collect wood or assign them tasks and
[EMAIL PROTECTED] |work, but rather teach them to long for the endless
[EMAIL PROTECTED] |immensity of the sea. -- Antoine de Saint Exupery
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
