Cryptography-Digest Digest #21, Volume #9 Tue, 2 Feb 99 14:13:03 EST
Contents:
Re: Encryption for my little java-mail-server (Dominik Werder)
Re: Encryption for my little java-mail-server (Dominik Werder)
Re: Encryption for my little java-mail-server (Dominik Werder)
Javascript Implementation of 16 round Feistel cipher (John Bailey)
Re: irrational idea continued ("Tony T. Warnock")
Re: Random numbers generator and Pentium III ("Tony T. Warnock")
Re:
CFP: Communications and Multimedia Security '99 (CMS'99)
Re: On a Method of Session Key Generation (revised) (wtshaw)
Re: irrational idea continued
Re: What is left to invent? (Toby Kelsey)
Re: ANSI X9.17 (Barry Margolin)
Re: RNG Product Feature Poll (R. Knauer)
Re: Encryption for telemedicine (Doug Stell)
Re: Crypt Info ???? (Albert P. Belle Isle)
Re: Truth, theoremhood, & their distinction (Nicol So)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Dominik Werder)
Subject: Re: Encryption for my little java-mail-server
Date: Tue, 02 Feb 1999 15:45:30 GMT
Thank you! I trying the cryptix-code and it seems that is it not sooo
bad :-)))
DoMiNik
On Sun, 31 Jan 1999 00:03:09 GMT, [EMAIL PROTECTED] (user) wrote:
>On Sat, 30 Jan 1999 23:41:12 GMT, Dominik Werder <[EMAIL PROTECTED]> wrote:
>>Hi All!
>>
>>I need any good and fast encryption for my little java chat server. I
>>tried RSA, but its too slow. Has anybody DES or IDEA for Java or
>>Pseudocode or a realy good docu for these algorithms?
>>Then please mail me: [EMAIL PROTECTED]
>
>JCA http://java.sun.com/products/jdk/1.2/
>JCE http://java.sun.com/products/jdk/1.2/jce/
>Cryptix http://www.systemics.com/software/cryptix-java/
>IAIK http://wwwjce.iaik.tu-graz.ac.at/
>JCP http://www.jcp.co.uk/index.htm
>
>Above links from the book Java Cryptography.
>
------------------------------
From: [EMAIL PROTECTED] (Dominik Werder)
Subject: Re: Encryption for my little java-mail-server
Date: Tue, 02 Feb 1999 15:45:30 GMT
Hi, the code seems to be good, i´ll try it this evening... thank you!
On Sun, 31 Jan 1999 19:41:35 +0100, fungus
<[EMAIL PROTECTED]> wrote:
>
>
>Dominik Werder wrote:
>>
>> Hi All!
>>
>> I need any good and fast encryption for my little java chat server. I
>> tried RSA, but its too slow. Has anybody DES or IDEA for Java or
>> Pseudocode or a realy good docu for these algorithms?
>
>Get DES in Java here:
>
>ftp://ftp.artlum.com/pub/DES.java
>
>
>
>--
><\___/>
>/ O O \
>\_____/ FTB.
>
------------------------------
From: [EMAIL PROTECTED] (Dominik Werder)
Subject: Re: Encryption for my little java-mail-server
Date: Tue, 02 Feb 1999 15:45:30 GMT
Hi Markus!
Where can I get your class?
On 31 Jan 1999 21:13:17 GMT, "Markus Hahn" <[EMAIL PROTECTED]>
wrote:
>You may try my Blowfish for Java 1.5, which might be fine for
>encrypting short e-mail messages with the BlowfishEasy class.
>
>Markus
------------------------------
From: [EMAIL PROTECTED] (John Bailey)
Subject: Javascript Implementation of 16 round Feistel cipher
Date: 2 Feb 1999 14:06:09 GMT
At http://www.ggw.org/donorware/flip.html is my javascript
implementation of a 16 round Feistel cipher for encryption of simple
numbers. The page is intended to give users a means for protecting
numbers such as credit cards, phone numbers, account numbers, zip
codes, and social security numbers. Because it is implemented in
Javascript, the code is can be checked visually and runs without a
requirement for loading special software, compilers or libraries. By
using a well known algorithm it should lend itself readily to
assessment by cryptographic professionals as to its inherent security.
The mathematical operations are all built on top of Javascript's
number object using ordinary arithmetic. XOR is done without
manipulating bits by dividing by 2 and using remainders as decision
arguments. The same is true for modular inversion which is used as
the non-linear function. Rather than store fixed keys or require the
user to supply multiple keys for different rounds, a symmetrical
modification (again arithmetic) to one key is used to generate a
different key for each of 16 rounds. The result is a symmetrical
cipher for which the same key when applied to ciphertext results in
recovered plaintext and vice versa.
I welcome and appreciate your comments. In particular, if there are
any lapses in implementation which might leave the cipher more
vulnerable or which unnecessarily complexifies the code without adding
protection.
John Bailey
------------------------------
From: "Tony T. Warnock" <[EMAIL PROTECTED]>
Subject: Re: irrational idea continued
Date: Tue, 02 Feb 1999 08:08:45 -0700
Reply-To: [EMAIL PROTECTED]
almis wrote:
> There also exists an irrational number, A, whose expansion is the string of
> prime numbers.
> That is A=.2357111317...
> It would be nice to know if A can be written in another way, you know, a+SQR
> T(b) or someting
> like that. (i tried a fractional expansion, but it didn't look very
> promising.)
>
Your number A (the concatination of the primes) is normal in the sense of Borel.
See Copeland and Erdos, Bull. Am. Math. Soc. 52, 857-860, 1946.
Tony
------------------------------
From: "Tony T. Warnock" <[EMAIL PROTECTED]>
Subject: Re: Random numbers generator and Pentium III
Date: Tue, 02 Feb 1999 08:10:42 -0700
Reply-To: [EMAIL PROTECTED]
All random strings have many non-random sub-strings.
------------------------------
From: [EMAIL PROTECTED] ()
Subject: Re:
Date: 2 Feb 99 15:02:47 GMT
Jennifer M Phillips ([EMAIL PROTECTED]) wrote:
: Here's a good one....
: "Oldy but goody"
: New and improved
: jsw73 hushywquiy uyuwud/
: HJSHD HUDUWJK
: hjshjd87*&^%$% h8*
: ^&^*^$%&$%& *^&uIghgxUyu9[
: t^&*(^& huIYUUlll!!!!!!!!!
: Have fun...
Since h, j, and s are all on the home row of a typewriter, and the rows of
the message seem to alternate between different subsets of the available
characters, it is reasonable to conclude that we are not dealing with a
real enciphered message.
Of course, one could write a program to disguise a secret message as just
noodling around on a keyboard...
John Savard
------------------------------
From: CMS'99 <[EMAIL PROTECTED]>
Subject: CFP: Communications and Multimedia Security '99
Date: Tue, 2 Feb 1999 19:01:17 +0100
========================================================================
International Federation for Information Processing
CMS '99
Communications and Multimedia Security =20
Joint working conference IFIP TC6 and TC11
September 20-21, 1999
Katholieke Universiteit Leuven, Belgium
=20
========================================================================
Call For Papers
=20
========================================================================
GOALS and TOPICS of INTEREST
CMS '99 is the fourth in a series of international conferences which aim=20
at reviewing state-of-the-art issues as well as practical experiences
and new trends in the areas of communications and multimedia systems
security.
It is the intention of the organisers to focus the attention of the
conference presentations and discussions on issues which combine
innovative research work with a highly promising application potential.
Topics of interest include, but are not limited to
* communications systems security
* mobile communications security
* Internet, intranet and extranet security
* security of mobile code
* multimedia systems security
* applied cryptography
* electronic commerce and digital signatures
* security in distributed systems
* secure teleworking, telecooperation, telemedicine
* legal, social and ethical aspects of communication systems security
* standards for communication and multimedia systems security
SUBMISSION DETAILS
Authors are strongly encouraged to submit their papers electronically.
Please email your submission in postscript (or pdf) format to:
[EMAIL PROTECTED]
Electronic submissions must be received by March 15, 1999, 23:00 GMT in
order to be considered.
Authors unable to submit electronically are invited to send a cover
letter and 5 (five) copies of an anonymous paper (double-sided copies
preferred) to the Program Chair at the postal address below. Submissions
must be received by the Program Chair on or before March 15, 1999.
The cover letter should contain the paper's title and the names and
affiliations of the authors, and should identify the contact author
including e-mail and postal addresses.
Submissions must not substantially duplicate work that any of the
authors have published elsewhere or have submitted in parallel to any
other conference or workshop that has proceedings. The paper must be
anonymous, with no author names, affiliations, acknowledgments, or
obvious references. It should begin with a title, a short abstract, and
a list of key words, and its introduction should summarise the=20
contributions of the paper at a level appropriate for a non-specialist
reader. The paper should be at most 5000 words long. A full page figure
is 500 words. It is anticipated that the proceedings will be published by
Kluwer Academic Publishers. Therefore authors are encouraged to use for
their submissions the Kluwer IFIP templates for LaTeX or Word (see
http://www.wkap.com/IFIP).
All submitted papers will be refereed by at least three members of the
International Program Committee according to the standard blind
refereeing procedures. The Conference Proceedings will be published by
an international publisher; copies of the proceedings will be available
at the conference.
Notification of acceptance or rejection will be sent to authors by April
30, 1999. Authors of accepted papers must guarantee that their paper
will be presented at the conference.
Important dates:
* Submission Deadline: March 15, 1999
* Notification: April 30, 1999
* Final camera-ready version: May 21, 1999
* Conference: September 20-21, 1999
To submit a paper, or for further details, please contact:
Prof. Bart Preneel,
Program Committee Chair CMS'99
Katholieke Universiteit Leuven
Dept. Electrical Engineering-ESAT/COSIC
K. Mercierlaan 94, B-3001 Heverlee, BELGIUM
Email: [EMAIL PROTECTED]
Tel +32 16 32 10 50 Fax: +32 16 32 19 86
For further details see http://www.esat.kuleuven.ac.be/cosic/cms99/
Program Committee Chair:
B. Preneel, Katholieke Universiteit Leuven, Belgium
Program Committee:
P. Ashley, Queensland University of Technology, Australia
A. Casaca, Inesc, Portugal
S. Fischer-Huebner, Hamburg University, Germany
W. Fumy, Siemens Research, Germany
D. Gollmann, Microsoft Research, UK
D. Gritzalis, Athens University of Economics and Business, Greece
P. Horster, University of Klagenfurt, Austria
S. Katsikas, University of the Aegean, Greece
L.R. Knudsen, University of Bergen, Norway
C. Mitchell, Royal Holloway, University of London, UK
D. Naccache, Gemplus, France
R. Oppliger, BFI, Switzerland
G. Pernul, University of Essen, Germany
R. Posch, TU Graz, Austria
G. Quirchmayr, University of Vienna, Austria
J.-J. Quisquater, Universit=E9 Catholique de Louvain, Belgium
M. Reiter, Bell Labs, USA
D. Tygar, University of California at Berkeley, USA
P. van Oorschot, Entrust Technologies, Canada
S.H. von Solms, Rand Afrikaans University, South Africa
L. Yngstrom, Stockholm University and Royal Institute of Technology,
Sweden
L Strous, De Nederlandsche Bank NV, The Netherlands, advisory member
Organising Committee Chair:
J. Vandewalle, Katholieke Universiteit Leuven
Organising Committee:
Joris Claessens, Katholieke Universiteit Leuven
Jorge Nakahara, Katholieke Universiteit Leuven
P=E9la No=EB, Katholieke Universiteit Leuven
Vincent Rijmen, Katholieke Universiteit Leuven
Mark Vandenwauver, Katholieke Universiteit Leuven
Main Organiser:
IFIP TC 11 and TC 6
=20
========================================================================
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: On a Method of Session Key Generation (revised)
Date: Tue, 02 Feb 1999 11:12:40 -0600
In article <[EMAIL PROTECTED]>, lmu14871
<[EMAIL PROTECTED]> wrote:
> Note: This is an extended revision of a previous post.
>
>
> The following is a sketch of a proposed scheme for session key
> generation with motivations and discussions given in subsequent
> paragraphs of the paper:
.....
>
> Comments, critiques and suggestions for improvements are sincerely
> solicited.
>
> M. K. Shen
>
You have said it well. The escape mechanism for difficulties is a fall
back key, that which can be used to begin the series as needed. It should
be as random as possible, shaken, not stired.
--
A much too common philosophy:
It's no fun to have power....unless you can abuse it.
------------------------------
From: [EMAIL PROTECTED] ()
Subject: Re: irrational idea continued
Date: 2 Feb 99 15:00:14 GMT
almis ([EMAIL PROTECTED]) wrote:
: First: The idea of the square root of a prime is poor because the
: continued fraction of such a number is periodic. Perhaps the cube root
: or a combination of this and a transendental.
The main problem with this scheme, often suggested by amateurs, is that
the amount of work used to calculate the keystream is all out of
proportion to the security - as determined by the key size.
If I'm XORing my message with the cube root of 437, my key is a
three-digit number. If I'm XORing it with pi, I don't have a key at all.
Suppose I want to send more than one message. Calculating pi, or the cube
root of 3, gets harder the more digits you produce. (Obviously, I
can't just use the same digits every time.) Perhaps I need to arrange for
a new key for every message.
There are specific weaknesses to be pointed out, one doesn't just have to
say that it's "too simple".
John Savard
------------------------------
From: Toby Kelsey <[EMAIL PROTECTED]>
Subject: Re: What is left to invent?
Date: Tue, 2 Feb 1999 18:03:40 +0000
In article <[EMAIL PROTECTED]>, R. Knauer
<[EMAIL PROTECTED]> writes
>On Fri, 29 Jan 1999 00:54:28 +0000, Toby Kelsey
><[EMAIL PROTECTED]> wrote:
>
>>>I was told that the probability for an intelligible message, other
>>>than the intended message, is vanishingly small when the message
>>>length exceeds the unicity distance. Therefore only one possible
>>>plaintext is intelligible - your intended message.
>
>>Yes, this is true for current cryptosystems which do not attempt to
>>generate plausible messages with incorrect keys.
>>It is not true generally.
>
>I am still confused.
If decryptions form plausible messages with probability greater than
2^-k, where k is the keylength, then you are likely to find false
but plausible messages when trying keys. I dont know how to put
it more simply than that.
Since the proportion of plausible messages in random strings is less
than this, this requires decryptions to be biased towards plausible
messages. None of the jargon about unicity distance precludes this.
>IOW, under a brute force attack, all of the 2^56 - 1 plaintexts that
>are not the intended message will not be fully intelligible, only the
>one which is my message.
>
>Please elaborate on your contention with an example.
I am not a cryptographer and am only pointing out a bad assumption,
however this is one way it might work:
Say we are going to encrypt a string of length L bits.
Let the number of intelligible messages of that length be M.
Suppose I have a good text compression method which
compresses intelligible messages of length L to strings of
length log2(M) + delta bits. Now I encode a compressed message with
a key of length K bits using any standard method such as DES.
Decryption using all possible keys yields 2^K plaintexts.
Provided that delta < K there will be many [about 2^(K-delta)]
intelligible messages formed from decompressing the plaintexts.
Thus this method is immune to a brute-force attack on the key-space.
I hope this is clear.
Toby
--
Toby Kelsey
------------------------------
From: Barry Margolin <[EMAIL PROTECTED]>
Crossposted-To: comp.security.misc
Subject: Re: ANSI X9.17
Date: Tue, 02 Feb 1999 18:26:27 GMT
In article <[EMAIL PROTECTED]>, Vladimir Beker <[EMAIL PROTECTED]> wrote:
>Does somebody know how to reach the text of ANSI X9.17 standard?
As with most other ANSI standards, you purchase it from ANSI. You can
purchase ANSI standards online from their web page, www.ansi.org. This
particular document is at
<http://webstore.ansi.org/AnsiCatalog/product.asp?sku=1210>.
--
Barry Margolin, [EMAIL PROTECTED]
GTE Internetworking, Powered by BBN, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Don't bother cc'ing followups to me.
------------------------------
From: [EMAIL PROTECTED] (R. Knauer)
Subject: Re: RNG Product Feature Poll
Date: Tue, 02 Feb 1999 18:39:38 GMT
Reply-To: [EMAIL PROTECTED]
On Tue, 02 Feb 1999 10:38:37 -0700, "Tony T. Warnock"
<[EMAIL PROTECTED]> wrote:
>> Since the occurance of any decay event is indeterminant in time (that
>> means there is no way to know in advance when it will occur), the
>> detection of any decay event is also indeterminant in time.
>This doesn't follow. The characteristics of the detector are also important.
Of course the characteristics of the detector are important. But that
does not make my statement incorrect in principle. It can lead to
serious problems in practice, however.
There is a serious *practical* problem when deadtime becomes
comparable to the reciprocal of the count rate. Then you start timing
off of the deadtime process itself, not the decay process. And if the
reciprocal of the count rate is shorter than the resolution of your
discrimination and timing circuits, you will have problems.
But I assumed that those effects were taken care of with proper
design, and that the discussion was focused on the method of
post-detection processing. Maybe I got my threads mixed up.
There are some straightforward solutions to deadtime problems:
1) Lower the count rate by moving the source away from the detector or
reducing its strength;
2) Employ the fastest possible detector, one with minimum dead time,
consistent with the discrimination, timing circuitry and the count
rate;
3) Improve the resolution of the discrimination and timing circuitry
consistent with the detection circuitry and the count rate.
Once the reciprocal of the count rate becomes large compared to the
time constant of the overall detection circuitry, the inherent
indeterminancy of individual decay events can be explointed with
sufficient precision to be useful for true random number generation.
Bob Knauer
"Sometimes it is said that man cannot be trusted with the government
of himself. Can he, then, be trusted with the government of others?"
--Thomas Jefferson
------------------------------
From: [EMAIL PROTECTED] (Doug Stell)
Subject: Re: Encryption for telemedicine
Date: Tue, 02 Feb 1999 15:22:08 GMT
On Tue, 02 Feb 1999 14:59:42 +0200, Themos Dassis
<[EMAIL PROTECTED]> wrote:
>I am working in a European project in telemedicine and trying to
>identify the security components that will be needed.
>The system consists of LAN's connected with ISDN reserved lines.
>The LAN's will be Ethernets, while on the ISDN the EURO-ISDN protocol
>will be used. The data communicated is sensitive data related to
>the patient, and quite big (around 70Mbytes). The project is not
>concentrated in security, but we have to implement some kind of
>encryption.
>I was thinking of an ISDN modem with a symmetric encryption hardware
>incorporated to it, but I was told that such a solution is out of the
>trend and that a public key solution with a TTP suits best to my
>problem.
Did you do a threat analysis? If so, what are the threats, i.e., what
are you trying to protect against whom? This is the first step toward
a security solution. The next step is to prioritize a list of threats
and countermeasures to help you find a suitable threshold of pain,
cost, risk and protection.
If the threat is simply and only wire-tapping on the ISDN line, then
the link encryption you propose is probably sufficient. Now, this may
use public key techniques to negotiate the session key, but that is
another topic.
So, here are some questions to consider:
1. Does you data need to be secure in places other than on the wire?
Where?
2. Do you need integrity protection and source authentication? If so,
you may need some digital signature scheme.
3. What are your access control and remote entity requirements
BTW, what is TTP? Do you mean OTP? If so, OTP isn't terribly feasible
and nearly the same benefits can be obtained by a hybrid, public key
plus symmetric key, system.
>What kind of a solution would you propose me?
Nobody can answer this question unless and until you have some
requirements. Requirements are brought out by a detailed threat
analysis.
------------------------------
From: [EMAIL PROTECTED] (Albert P. Belle Isle)
Subject: Re: Crypt Info ????
Date: Tue, 02 Feb 1999 16:50:30 GMT
Reply-To: [EMAIL PROTECTED]
On Tue, 02 Feb 1999 08:11:10 +0100, fungus
<[EMAIL PROTECTED]> wrote:
>
>
>Jekman321 wrote:
>>
============================= snip =================================
>
>> While doing a small amount of research, I came across a company who
>> mentioned or boasted that their software is not susceptible to "Forensic
>> Software" attacks. My question is....Can someone give me the "short"
>> version of what "forensic" attacks are..??
>>
>
>"Forensic attaack" is a buzz phrase invented by the marketing people
>of that company. (Short enough?)
>
>
Too short?
An Altavista search on "forensic software" yields the following
results:
Web Pages (1-20 of 49)
Forensic Software Analysis - Forensic Software Analysis
Definition:
Borrowing from a dictionary definition, we define forensic
software
analysis as the preservation and analysis of computer-based
evidence
either for discussion by the public or in the Courts. For
commerce, it...
--http://www.jli.com/fsadefn.html
Vogon Data Recovery Brochures - Vogon Data Recovery Brochures.
Data Recovery
Services all year round - 24 hours a day, 365 days of the year
--http://www.vogon.co.uk/brochures-03.htm
ASR Data - Home of Expert Witness - Expert Witness is the most
powerful, fully integrated
and easy to use forensic software available.
--http://www.asrdata.com/index.shtml
Investigation Services - Investigation Services About The IMF
Group Resumes of
Consultants PGP Keys for Consultants Consultant Speaking,
Training and Publishing
Dates IMF Group News V.A.S.T. Methodology Avoidance Services
Assurance Services
Detection Services Investigation.
--http://www.versalink.com/investig.htm
Technology Breifing Days Press Release - January 12, 1998 PRESS
RELEASE For
Immediate Release Sensible Security Solutions, Canada’s
Anti-Virus Professionals, held
two Technology Briefing Days in the month of December. The
Toronto Briefing Day was
held at the Sheraton Parkway North on.
--http://www.canada-av.com/pr1.htm
ENCRYPTION SOFTWARE with forensic software countermeasures -
Cerberus
Systems, Inc. develops, manufactures and markets software
cryptosystems designed to
meet or exceed level 1 of FIPS PUB 140-1 on Windows® PCs.
--http://www.promar1.com/~infosec/
etc., etc., etc.
The third item will even link to a company that offers a downloadable
demo version of its "expert witness" forensic software product.
"Ready, Fire, Aim?"
Albert P. BELLE ISLE
Cerberus Systems, Inc.
================================================
ENCRYPTION SOFTWARE
with Forensic Software Countermeasures
http://www.cerberus-sys.com/~infosec/
================================================
------------------------------
From: Nicol So <[EMAIL PROTECTED]>
Crossposted-To: sci.math,comp.theory
Subject: Re: Truth, theoremhood, & their distinction
Date: Tue, 02 Feb 1999 13:37:25 -0500
Bob Knauer wrote:
>On Mon, 01 Feb 1999 20:06:57 -0500, Nicol So <[EMAIL PROTECTED]>
>wrote:
>
>>No. "Reality" is the "possible world" described by an interpretation.
>
>What if there is an interpretation but it is incorrect - does that
>mean there is still Reality?
I think some clarification is warranted. When I used the term
"interpretation", I used it in a technical sense. Technically, an
interpretation is a function that maps constant symbols (predicates,
functions, individuals) to their referents. I used the term "reality"
only informally to explain what, intuitively, an interpretation is
trying to capture. It had no intention to get into the philsophical
issues about the notion of "reality" (such as what reality is, whether
it exists, whether it is subjective or objective). If it makes you feel
any better, try substituting "possible world" for "reality" and see if
you still have any problem with what I wrote.
There is no technical definition for correctness of interpretation, so
I'll make an educated guess as to what you meant by an "incorrect
interpretation". By incorrect, I suppose you meant that the
interpretation assigns unusual meaning to terms with conventional
meaning, and therefore what is true in our world may not be true under
that interpretation, and vice versa. In that case, the interpretation
simply describes a different possible world than ours. The same
sentence under two different interpretations asserts different things.
>Is the incorrect interpretation of a Correct Interpretation also
>Reality?
I don't understand the question, not even with an educated guess.
Hopefully in the light of my clarification, the answer to the question
becomes obvious.
>What if there is no interpretation - does that mean there is no
>Reality?
Without an interpretation, the symbols in a sentence have no assigned
meaning. You would have no basis to evaluate the truth value of the
sentence. Consider the sentence
(forall x)(exists y)(F(x) -> G(x,y)).
Is the sentence true? We don't know--we don't have enough contextual
information to have an answer. What is the universe of discourse (and
therefore values x and y range over)? What are the definition of the
predicates F(.) and G(.,.)? Until we have these pieces of information,
and therefore have an interpretation, we have no way of evaluating the
truth value of the sentence.
Nicol
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
