Cryptography-Digest Digest #463, Volume #14 Mon, 28 May 01 14:13:00 EDT
Contents:
Quantum Computers with relation to factoring and BBS (Simon Johnson)
Re: Quantum Computers with relation to factoring and BBS (John Savard)
Re: How do boomerang attacks work? ([EMAIL PROTECTED])
Re: Quantum Computers with relation to factoring and BBS ("Scott Fluhrer")
Re: Quantum Computers with relation to factoring and BBS ("Roger Schlafly")
Re: Good crypto or just good enough? (jlcooke)
Re: Break on Schneiers first proposed "self-study cipher" (jlcooke)
Re: Medical data confidentiality on network comms (Anne & Lynn Wheeler)
Re: Medical data confidentiality on network comms (Roger Fleming)
Re: DES Crypto Myth?? ([EMAIL PROTECTED])
Re: Stream Cipher combiners (Mark Wooding)
Re: Quantum Computers with relation to factoring and BBS (Bill Unruh)
Re: Quantum Computers with relation to factoring and BBS (Bill Unruh)
Re: Essay on "The need for a look at real life crypto" (jlcooke)
Re: RSA keysize doubling techniques (jlcooke)
Re: The HDCP Semi Public-Key Algorithm (ammendment) (John Savard)
Re: Quantum Computers with relation to factoring and BBS (Bill Unruh)
Re: Break on Schneiers first proposed "self-study cipher" (SCOTT19U.ZIP_GUY)
Re: DES Crypto Myth?? (SCOTT19U.ZIP_GUY)
Re: Euroean commision will recommend all citizens to use encryption in (Vincent
Quesnoit)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Simon Johnson)
Subject: Quantum Computers with relation to factoring and BBS
Date: 28 May 2001 09:15:22 -0700
I'm thinking of using a BBS construction in one of my summer projects.
I picked it because the band-width requirement for my application is
low and its provably as difficult as factoring to solve.
I now want to establish a few facts based on the assumption
that p!=np...
1. Do we know factoring is NP for certain?
2. If factoring is NP then why can a Quantum Computer find factors in
polynomial time? (i don't know this for fact, i remember reading that
somewhere ehre)
3. Are discrete logarithm problems also breakable with quantum
computers?
4. This is not related to quantum computers but a question on BBS, why
do the two primes that make up the composite have to satisify 3 mod 4.
i.e. what cryptographic significance does it have?
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Quantum Computers with relation to factoring and BBS
Date: Mon, 28 May 2001 16:24:22 GMT
On 28 May 2001 09:15:22 -0700, [EMAIL PROTECTED] (Simon
Johnson) wrote, in part:
>1. Do we know factoring is NP for certain?
No.
>2. If factoring is NP then why can a Quantum Computer find factors in
>polynomial time? (i don't know this for fact, i remember reading that
>somewhere ehre)
The defnition of "P" and "NP" is based on a model of a computer,
called the Turing machine, which is similar to a conventional
computer, but not to a quantum computer. However, a quantum computer
with a fixed maximum number of qbits would still find factors in
super-polynomial time as the size of the numbers to factor increased
beyond its natural capacity.
>3. Are discrete logarithm problems also breakable with quantum
>computers?
Yes.
John Savard
http://home.ecn.ab.ca/~jsavard/frhome.htm
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: How do boomerang attacks work?
Date: Mon, 28 May 2001 07:28:17 -0800
David Wagner wrote:
>
> Yes. You can view slide attacks as being an important motivation
> for having a good key schedule, if you like.
Your paper also mentions (page 3) that the technique requires F (which
can
include several rounds) to be a "weak" permutation. Are slide attacks
also
an important motivation for "stronger" F permutations, or am I missing
the
point since F could be reduced to a single round? It seems to me that in
order to make the single round F permutation "strong" it would have to
be a cipher in and of itself.
Would you mind if I emailed two somewhat off-topic questions to you
directly?
Thanks.
------------------------------
From: "Scott Fluhrer" <[EMAIL PROTECTED]>
Subject: Re: Quantum Computers with relation to factoring and BBS
Date: Mon, 28 May 2001 09:25:05 -0700
Simon Johnson <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> I'm thinking of using a BBS construction in one of my summer projects.
> I picked it because the band-width requirement for my application is
> low and its provably as difficult as factoring to solve.
>
> I now want to establish a few facts based on the assumption
> that p!=np...
Actually, the below answers do not depend on that assumption...
>
> 1. Do we know factoring is NP for certain?
Yes, but then again, so is the problem "is this integer even?". I suspect
what you meant was "Do we know factoring is NP-complete?", and the answer is
no, we don't. Some definitions [warning: these definitions are intended to
be easy to understand, and so they're a bit sloppy with the exact nicities
of the actual definitions]:
- NP is the set of problems for which, if something has a "Yes" answer,
there always exists a quickly verifiable proof of that "Yes" answer. For
factoring, a "Yes" answer can be demonstrated by showing the factorization,
which can be quickly verified.
- NP-hard is the set of problems for which, given a fast way to solve that
problem, you can solve any NP problem quickly.
- NP-complete is set of problems that are both NP and NP-hard.
Now, it's not immediately obvious from these definitions that there are any
problems in NP-complete. However, it's been proven that there are.
However, factoring isn't known to be one of them.
>
> 2. If factoring is NP then why can a Quantum Computer find factors in
> polynomial time? (i don't know this for fact, i remember reading that
> somewhere ehre)
Because the definition of NP is based on what's solvable by "a turing
machine" (essentially: any classical computer with potentially unlimited
memory), and Quantum Computers do not follow that computational model.
>
> 3. Are discrete logarithm problems also breakable with quantum
> computers?
Yes (assuming, of course, you can make a QC that can handle that many
bits -- currently, that is not at all obvious).
--
poncho
------------------------------
From: "Roger Schlafly" <[EMAIL PROTECTED]>
Subject: Re: Quantum Computers with relation to factoring and BBS
Date: Mon, 28 May 2001 15:55:16 GMT
"Simon Johnson" <[EMAIL PROTECTED]> wrote
> I now want to establish a few facts based on the assumption
> that p!=np...
> 1. Do we know factoring is NP for certain?
Yes. That means that the factors can be verified in polynomial time.
> 2. If factoring is NP then why can a Quantum Computer find factors in
> polynomial time? (i don't know this for fact, i remember reading that
> somewhere ehre)
Quantum computers and nondeterministic computers are both
theoretical constructs only, and are different.
> 3. Are discrete logarithm problems also breakable with quantum
> computers?
Yes.
------------------------------
From: jlcooke <[EMAIL PROTECTED]>
Subject: Re: Good crypto or just good enough?
Date: 28 May 2001 16:51:21 GMT
Tom St Denis wrote:
>
> My old employer asked me to ask the group this question.
>
> Would you settle for crypto that is "just secure enough" or "is as
> secure as we know how to make it". Both within reason.
>
> His line of thinking was that I was a hypocrite for only having a
> dead-bolt on my door instead of a 6" steel vault door.
>
> That's complete BS though. Let's think about this.
A dead bolt is fine for the number of people who can reach my door. ie.
people who live in Ottawa.
But for my email and my computer, there are _far_ more people who can
get at me. I'd demand a little better security.
Engineering and Science are two _very_ different disciplines. Science
explores and asks very interesting questions. Engineering is a
compromise between science and business. "What does a person want vs
what do they need and how are they going to use this marvel of science?"
The research in crypto is very interesting, but people want to see an
engineered solution.
Tom: you are not a hypocrite...this time! :) There are more risks
online for invasion of privacy then at your front door. There are no
insurance agencies protecting your electronic privacy. There are not
ADT alarm systems for your home Linux box. And so you have to take
things into your own hands because no one is protecting you _properly_.
TTYL
JLC
Buy a gun, encrypt your email, wait for the revolution.
------------------------------
From: jlcooke <[EMAIL PROTECTED]>
Subject: Re: Break on Schneiers first proposed "self-study cipher"
Date: 28 May 2001 16:53:51 GMT
Another BICOM pulg. Who's the spammer Scott? Just an observation that
every email your write _has_ to relate to BICOM. It's quite immature.
JLC
"SCOTT19U.ZIP_GUY" wrote:
>
> [EMAIL PROTECTED] (Tom St Denis) wrote in
> <[EMAIL PROTECTED]>:
>
> >
> >I called him thoughtful because he spends more time doing productive
> >things then this
> >
> >That and he publishes all his research on his website for free, and he
> >indexed about 2500 papers, and ...
> >
> >Is that enough "basis"?
> >
>
> I am not sure. Is this the same guy that use to SPAM every one
> about buying his book? If all his research is on his website
> and for free. What good is his book? And since he is some one
> you repective from a cyrptographical view point. What does he
> say about bijective compression encryption programs like BICOM
> or does he know enough about the topic to say or write anything
> meaningful about it. I do know people who say they have met him
> but it would be rude of me to repeat it all. So I will let that
> sleeping dog ly still for a while. Also he has not ranted to much
> on the group so why talk about him behind his back.
> However since your seeking a job. I can see why it might
> be important for you to pretend to kiss up to him a litte.
> He still owns a company and maybe your the kind of guy he
> would hire. I assure you he would not hire my kind.
>
> David A. Scott
> --
> SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE "OLD VERSIOM"
> http://www.jim.com/jamesd/Kong/scott19u.zip
> My website http://members.nbci.com/ecil/index.htm
> My crypto code http://radiusnet.net/crypto/archive/scott/
> MY Compression Page http://members.nbci.com/ecil/compress.htm
> **NOTE FOR EMAIL drop the roman "five" ***
> Disclaimer:I am in no way responsible for any of the statements
> made in the above text. For all I know I might be drugged or
> something..
> No I'm not paranoid. You all think I'm paranoid, don't you!
------------------------------
Crossposted-To: comp.security.misc
Subject: Re: Medical data confidentiality on network comms
Reply-To: Anne & Lynn Wheeler <[EMAIL PROTECTED]>
From: Anne & Lynn Wheeler <[EMAIL PROTECTED]>
Date: Mon, 28 May 2001 17:01:19 GMT
[EMAIL PROTECTED] (Larry Kilgallen) writes:
> But some of them are susceptible to cryptographic controls.
> Consider the issue of delegation. My doctor can see my
> medical records. My doctor should be able to delegate
> the ability to see those records to a specialist for a
> limited amount of time, but without delegating unlimited
> rights to further delegation. Some number of emergency
> room doctors should be able to unseal my records in the
> absence of my doctor if they all agree and the access is
> strongly audited (alarmed) with guaranteed notification
> to my doctor and me. These are all issues where there
> might be some cryptographic assistance as part of the
> total solution.
cryptographic controls tend to be all or nothing ... you either see it
or you don't see it.
fine-grain access control systems with audit procedures can have
real-time rules and audit trail as to which entities can see what,
when. however, for the most part, cryptography is almost orthogonal to
fine-grain access ... except possibly in the area of authentication
(used in conjunction with access control ... aka authentication and
permissions being different issues ... authentication can be addressed
as a "data" paradigm and real-time permissions addressed as
procedure/rule paradigm).
effectively the fine-grain access control system would be "online"
with all the real-time rules, exceptions, escalation, permissions,
etc.
bulk-encrypting all of the data and only providing the key(s) to the
access control system could be a means to address various kinds of
system exploits (like off-site disaster/recovery copies).
--
Anne & Lynn Wheeler | [EMAIL PROTECTED] - http://www.garlic.com/~lynn/
------------------------------
Crossposted-To: comp.security.misc
From: [EMAIL PROTECTED] (Roger Fleming)
Subject: Re: Medical data confidentiality on network comms
Date: Mon, 28 May 2001 15:58:48 GMT
"Harris Georgiou" <[EMAIL PROTECTED]> wrote:
[...]
>Anyway, is it a fact that biometric security devices have been used in
>medical facilities? I thought only military or goverment organizations could
>affort the cost of them
You'd be surprised. There are a lot of these products oriented to commercial
users now, and they are getting cheaper all the time. IMHO, though, most of
them are rubbish. I watched a demonstration at a trade show of a fingerprint
reader built into a keyboard, and it logged the demonstrator in as the wrong
guy. Quite apart from the fact it sent the fingerprint scan over the network
in the clear. In most applications the only advantage over password
verification is that users can't write it on a Post-it note (instead, they
leave it on every item in their workspace), and can't forget it (unless they
have to wear a bandage).
Tom McCune <[EMAIL PROTECTED]> wrote
[...]
>We have a state wide area network that we can transfer patient
>information over - I beieve that is encrypted - transparently to the user,
>so I have no idea what that consists of.
Are you sure it's encrypted, or does your IT department just tell you it's
"secure"? It's pretty unusual for private WANs to be encrypted, even in state
government applications, and pretty common for administrators to exaggerate
the value of this sort of security to avoid spending money.
>was that the asymmetric encryption was only required to be 1024 bit - I
>would have thought longer term privacy would warrant 2048 bits.
That's not surprising at all. RSA is still recommending 768 bits for low grade
security and 1024 bits for long term security, a recommendation which hasn't
changed for quite a few years. Many other authors recommend much longer
moduli; RSA says the reason for the difference is that these authors are
looking at work factors only, and the most costly part of the factorisation
problem is memory bound; it doesn't matter how many distributed PCs you have,
you have to finish the problem in a supercomputer with terabytes of fast RAM,
and there isn't enough fast RAM in the world for a 1024 bit key. Or something
like that.
Whether you accept RSA's reasoning or not, 2048 seems pretty conservative
(about 2^40 times harder than 1024), and for most purposes isn't too slow on
modern PCs.
>I am now required to do my psychological evaluations, progress notes,
>etc., while connected to a server in the state capitol (about 80 miles
>away), and that requires fingerprint scan verification.
>
>Tom McCune
>http://www.McCune.cc
>Please use PGP for Privacy & Authenticity
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: DES Crypto Myth??
Date: Mon, 28 May 2001 08:16:26 -0800
Roger Fleming wrote:
>
> [EMAIL PROTECTED] wrote:
> [...]
> >It's funny how many Schneier quotes I've seen since I've been following
> >this newsgroup.
> [...]
> >I think my reading time was better spent with HAC. Why is Schneier such a
> >popular cryptographer? Is it charisma or is he a real innovator
> >(compared to other professional cryptographers)?[...]
>
> I think he is quoted so often because, as well as being a competent
> cryptographer, he is a good writer; there are many crypto "truths" that are
> succintly summarised by his pithy one-liners and thus very amenable to using
> on usenet.
I think you're right. No doubt he knows what he's doing, and as I said,
his
book is a fun read. It just that "Bruce Schneier says..." seems at
times
in this newsgroup to mean "the unquestionable leader of the crypto
community says..."
and I wondered if the number of times he gets quoted was a fair measure
of his
skill as a cryptographer (don't look too closely; there's some very bad
reasoning here! :) ).
Again, he's an intelligent and successful cryptographer, but my quess is
that there are plenty of intelligent cryptographers out there. Maybe
they just aren't as quotable?
------------------------------
From: [EMAIL PROTECTED] (Mark Wooding)
Subject: Re: Stream Cipher combiners
Date: 28 May 2001 17:29:05 GMT
Tom St Denis <[EMAIL PROTECTED]> wrote:
> A while back someone suggested looking into diff combiners (other than
> xor) for stream ciphers.
Is it too much to ask that you write English? The word is `different',
I think (but I'm not certain, hence my plea).
> Why not consider my original decorrelated system?
Why is decorrelation a useful property of a stream cipher combiner?
> Ie generate two bytes A and B (A is a element of Z*/257 and B is an
> element of Z257) and simply do
>
> C = A(P+B) mod 257
>
> P = C/A - B mod 257
>
> The only attack I can see is forcing P to zero to get AB. In this case
> we will know whenever B is zero since A cannot be zero. If we change it
> such that both A and B are elements of Z*/257 we will never get zero and
> the result is perfectly decorrelated.
Your notation is very strange. The ring of residue classes mod n is
usually written Z_n or Z/nZ. Zn (or nZ) is the ideal of multiples of n.
I'm not sure what Z/n is. Z*/n is certainly nonsense.
> The only fix I can see is to use
>
> C = X1(P+X2) + X3 mod 257
>
> That way if P=-X2 mod 257 we still get X3 in the mix so we are not
> sure.
But this is equivalent to generating A = X1, B = X2 + X3 X1^{-1} in your
previous model.
I think I must be missing something.
-- [mdw]
------------------------------
From: [EMAIL PROTECTED] (Bill Unruh)
Subject: Re: Quantum Computers with relation to factoring and BBS
Date: 28 May 2001 17:17:33 GMT
In <[EMAIL PROTECTED]> [EMAIL PROTECTED]
(Simon Johnson) writes:
>I now want to establish a few facts based on the assumption
>that p!=np...
>1. Do we know factoring is NP for certain?
No.
>2. If factoring is NP then why can a Quantum Computer find factors in
>polynomial time? (i don't know this for fact, i remember reading that
>somewhere ehre)
The relation between QP, QNP and NP is even less well known than P and
NP.
>3. Are discrete logarithm problems also breakable with quantum
>computers?
Some are. That is how Shor's algorithm breaks factoring.
In particular, Shor's algorithm finds r such that x^r=1
------------------------------
From: [EMAIL PROTECTED] (Bill Unruh)
Subject: Re: Quantum Computers with relation to factoring and BBS
Date: 28 May 2001 17:20:24 GMT
In <[EMAIL PROTECTED]> [EMAIL PROTECTED] (John
Savard) writes:
]On 28 May 2001 09:15:22 -0700, [EMAIL PROTECTED] (Simon
]Johnson) wrote, in part:
]>1. Do we know factoring is NP for certain?
]No.
]>2. If factoring is NP then why can a Quantum Computer find factors in
]>polynomial time? (i don't know this for fact, i remember reading that
]>somewhere ehre)
]The defnition of "P" and "NP" is based on a model of a computer,
]called the Turing machine, which is similar to a conventional
]computer, but not to a quantum computer. However, a quantum computer
]with a fixed maximum number of qbits would still find factors in
]super-polynomial time as the size of the numbers to factor increased
]beyond its natural capacity.
So would a Turing machine. A Turing machine is assumed to have an
infinite number of memory cells. A Quantum Turing machine is also
assumed to have an infinite number of potentially entangled qbits.
The relation between any classification of problems like P or NP and a
finite resource machine is problematic.
------------------------------
From: jlcooke <[EMAIL PROTECTED]>
Subject: Re: Essay on "The need for a look at real life crypto"
Date: 28 May 2001 17:10:46 GMT
The concept of what you say is right on. The essay structure isn't
hot. But oh well, this isn't alt.pick.on.bad.writters.com.net.org
Perhaps getting the message confused with specific examples is a bad
idea. Like others have said, it looks like your aiming at someone. In
stead of waving your hand a bigger problem, which is what I think you're
trying to do.
JLC
Tom St Denis wrote:
>
> Based on my turn about look at computer security...
>
> http://tomstdenis.home.dhs.org/on.pdf
>
> Please comment if possible. Does this hit the mark with what you guys
> are thinking?
>
> Tom
------------------------------
From: jlcooke <[EMAIL PROTECTED]>
Crossposted-To: sci.math.num-analysis
Subject: Re: RSA keysize doubling techniques
Date: 28 May 2001 17:12:32 GMT
Yes, they arn't pretty. You'll need to use it to do additions only.
Since for 2048bit RSA en/de-crypts you need 2048 multiplies.
In other words, the speed up you'll get from the addition will not be
enough to outweigh the loss in I/O to the device.
JLC
Uenal Mutlu wrote:
>
> I'm looking for methods for extending the capacity of
> an RSA Crypto Accellerator (HW) by the factor 2.
>
> It has two registers of each 1120 bits and can perform
> modular and non-modular multiplication, addition,
> subtraction, reduction, logical XOR and shift operations.
> This accellerator can handle RSA key sizes of up to 1024 bit.
>
> I would like to use a wrapper library around this
> to extend the capacity to 2048 bits. Are there any
> doubling algorithms to realize this?
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: The HDCP Semi Public-Key Algorithm (ammendment)
Date: Mon, 28 May 2001 17:20:25 GMT
On Mon, 28 May 2001 15:23:05 GMT, [EMAIL PROTECTED]
(John Savard) wrote, in part:
>Since the XOR of four LFSRs is as easy to solve as the output of one
>longer LFSR, a correlation attack would be based on the 11% chance of
>a certain value of the delay.
To avoid a correlation attack based on it being, 11% of the time, the
XOR of eight shift registers - two copies of the four shift registers
used separated by a certain number of cycles - what should be done is
to multiply the possibilities.
One way to do that is to XOR the bits, as they pass from one delay
cell to the next, with some other output of the shift registers. In
this way, spending 2 cycles in the first one, and 1 cycle in the next
is not the same as spending 1 cycle in the first one, and 2 in the
next.
I still think it's better, though, than most of the LFSR designs I've
come across.
John Savard
http://home.ecn.ab.ca/~jsavard/frhome.htm
------------------------------
From: [EMAIL PROTECTED] (Bill Unruh)
Subject: Re: Quantum Computers with relation to factoring and BBS
Date: 28 May 2001 17:24:30 GMT
In <9etv2h$4pn$[EMAIL PROTECTED]> "Scott Fluhrer" <[EMAIL PROTECTED]>
writes:
]>
]> 1. Do we know factoring is NP for certain?
]Yes, but then again, so is the problem "is this integer even?". I suspect
]what you meant was "Do we know factoring is NP-complete?", and the answer is
]no, we don't. Some definitions [warning: these definitions are intended to
]be easy to understand, and so they're a bit sloppy with the exact nicities
]of the actual definitions]:
But asking "is a problem NP" is usually a shorthand for
"Is the problem NP but not P".
]- NP is the set of problems for which, if something has a "Yes" answer,
]there always exists a quickly verifiable proof of that "Yes" answer. For
]factoring, a "Yes" answer can be demonstrated by showing the factorization,
]which can be quickly verified.
]- NP-hard is the set of problems for which, given a fast way to solve that
]problem, you can solve any NP problem quickly.
]- NP-complete is set of problems that are both NP and NP-hard.
]Now, it's not immediately obvious from these definitions that there are any
]problems in NP-complete. However, it's been proven that there are.
]However, factoring isn't known to be one of them.
Factoring is probably NOT NP complete. But it is probably also not in P
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Break on Schneiers first proposed "self-study cipher"
Date: 28 May 2001 17:11:51 GMT
[EMAIL PROTECTED] (jlcooke) wrote in
<[EMAIL PROTECTED]>:
>Another BICOM pulg. Who's the spammer Scott? Just an observation that
>every email your write _has_ to relate to BICOM. It's quite immature.
>
If it was SPAM it would go to several groups or be in your mail
box repeately. I did not write BICOM. But yes I plug it beacuse
the phony crypto people like Wagner over the years have stated
my crypto not good. Even thought they can't read it.
Know someone is using my concepts about real crypto and is
using it with full size RIJNDAEL the AES method. But
the popmous asses refuse to take an honest look at it.
So yes I mention it a lot. But yes I feel scott19u
is stronger. But I realizse as not being part of the
political correct crypto establishment that it will never
be looked at in the open.
Yet BICOM has a chance of being looked at. Since I doubt
all open crypto people are in the employess of the NSA though
a large number of them could be.
Matt is showing the workd with his FREE code how to
do compression with encryption the correct way.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE "OLD VERSIOM"
http://www.jim.com/jamesd/Kong/scott19u.zip
My website http://members.nbci.com/ecil/index.htm
My crypto code http://radiusnet.net/crypto/archive/scott/
MY Compression Page http://members.nbci.com/ecil/compress.htm
**NOTE FOR EMAIL drop the roman "five" ***
Disclaimer:I am in no way responsible for any of the statements
made in the above text. For all I know I might be drugged or
something..
No I'm not paranoid. You all think I'm paranoid, don't you!
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: DES Crypto Myth??
Date: 28 May 2001 17:20:58 GMT
[EMAIL PROTECTED] wrote in <[EMAIL PROTECTED]>:
>Roger Fleming wrote:
>>
>> [EMAIL PROTECTED] wrote:
>> [...]
>> >It's funny how many Schneier quotes I've seen since I've been
>> >following this newsgroup.
>> [...]
>> >I think my reading time was better spent with HAC. Why is Schneier
>> >such a popular cryptographer? Is it charisma or is he a real
>> >innovator (compared to other professional cryptographers)?[...]
>>
>> I think he is quoted so often because, as well as being a competent
>> cryptographer, he is a good writer; there are many crypto "truths"
>> that are succintly summarised by his pithy one-liners and thus very
>> amenable to using on usenet.
>
>
>I think you're right. No doubt he knows what he's doing, and as I said,
>his
>book is a fun read. It just that "Bruce Schneier says..." seems at
>times
>in this newsgroup to mean "the unquestionable leader of the crypto
>community says..."
>and I wondered if the number of times he gets quoted was a fair measure
>of his
>skill as a cryptographer (don't look too closely; there's some very bad
>reasoning here! :) ).
>
>Again, he's an intelligent and successful cryptographer, but my quess is
>that there are plenty of intelligent cryptographers out there. Maybe
>they just aren't as quotable?
>
Please excuse me while I BRAF this phony asskissing reply
was to much for my stomach to take.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE "OLD VERSIOM"
http://www.jim.com/jamesd/Kong/scott19u.zip
My website http://members.nbci.com/ecil/index.htm
My crypto code http://radiusnet.net/crypto/archive/scott/
MY Compression Page http://members.nbci.com/ecil/compress.htm
**NOTE FOR EMAIL drop the roman "five" ***
Disclaimer:I am in no way responsible for any of the statements
made in the above text. For all I know I might be drugged or
something..
No I'm not paranoid. You all think I'm paranoid, don't you!
------------------------------
From: Vincent Quesnoit <[EMAIL PROTECTED]>
Subject: Re: Euroean commision will recommend all citizens to use encryption in
Date: Mon, 28 May 2001 16:58:33 +0200
Reply-To: [EMAIL PROTECTED]
Mok-Kong Shen a écrit :
> Jan Panteltje wrote:
> [snip]
>
> > It seems Echelon is used by the US and GB for industrial espionage,
> > I suppose they (the commision) thinks that by everyone encrypting their
> > email Echelon will become rather useles.
>
> There may well be other systems than Echelon. If everyone
> encrypts (no matter whether important matters or trivial
> stuffs and use a plethora of algorithms -- some even quite
> poor 'security by obscurity' unknown home-made ones for
> the trivial stuffs just to confuse the opponents, since
> he has in each case first to identify the algorithms used),
> then such systems would certainly be bogged down due to
> enormous overload. But the hardest problem is to mobilize
> the public to use encryptions everywhere everytime.
>
> [snip]
> > I cannot stand for the accuracty of this news report, especially as I think
> > encryption is not allowed in France, and GB is a member of the EEC.
> > So it may be a hoax.
>
> France had a very restictive crypto law. But that has
> been discarded (presumably due to the Echelon affairs), or
> am I ill-informed in that?
Correct, the french law used to mandate that authorisation be requested prior to
using encryption with keys bigger than some limit (I guess 64 bits, but I am not
sure).
This law was discarded, but I do not think this decision was related to echelon
>
> M. K. Shen
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
