Cryptography-Digest Digest #186, Volume #9 Thu, 4 Mar 99 20:13:04 EST
Contents:
Re: KL-7 Cipher machine (John Savard)
Compression vs. Noise, etc. (wtshaw)
Re: Random numbers - why so important? ("Harv")
Re: Random numbers - why so important? (Sundial Services)
Re: Random numbers - why so important? (Sundial Services)
Re: New high-security 56-bit DES: Less-DES (Sundial Services)
Re: Testing Algorithms [moving off-topic] (Doggmatic)
Re: Testing Algorithms [moving off-topic] (Doggmatic)
Re: smart cards (MC1148 User)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: KL-7 Cipher machine
Date: Thu, 04 Mar 1999 20:40:52 GMT
[EMAIL PROTECTED] (John Savard) wrote, in part:
>Incidentally, I came across a book of reminiscences concerning the
>Vietnam War on the web, which appeared to make the claim that, after
>the enemy had captured over half-a-dozen KL-7s, authorities were
>worried that if any more units were captured, the enemy would gain the
>ability to predict the contents of future keylists.
Here is the URL:
http://members.aol.com/vetsofamer/cf4.htm
John Savard (teneerf is spelled backwards)
http://members.xoom.com/quadibloc/index.html
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Compression vs. Noise, etc.
Date: Thu, 04 Mar 1999 14:22:46 -0600
In any communications system, a certain amount of noise will exist. The
packet answer is to resend information until it seems to be correctly
received. If content is compressed to remove redundancies, then we are
trading the natural survivability of redundant language for multiple
transmissions of the same content. So, nothing is really gained as the
error detection may be in error itself in verifying the packet.
Many encryption schemes tout having an all or nothing property, either the
whole message is decoded correctly or nothing is. This is rather
shortsighted as errors and losses do occur to transmitted or stored
materials. Then, we are back to the same solution, have copies. The
problem being that the copies can be copies of bad data as well with no
way to recover the lost information.
Languade inself am pull od randunditcitz, so currect thes centense,
removink ale tha arrows. You see, if errors cannot be tolerated in a
cryptosystem like they can in real language, at least to some extent, you
have not appropriately handled the ever-present communications problem of
noise. To pass off the problem is no good either.
The trite defense is that a system that does not collapse when an error is
in ciphertext will allow dissection of it character by character.
Certainly this is true of many older classical systems. It is not true of
a system that I have talked of for many years, one that can tollerate some
errors while delivering good security.
Another objection is similiar, that changes of one character might cause
selected changes in ciphertext. The example given is changing digits in
bank transfers. The *bullet-proof* solution is redundancy again, within
the encrypted message. When you write a check, you used figures and spell
out the amount. The same can be incorporated into bank transfers, along
with check sums, which could be done a number of ways. Even with random
or selected few errors, the true information should be recoverable, using
just a little pattern-recognition.
The algorithm also is capable of handling different sized blocks, so you
have the option of putting redundancy within a long block, or merely using
several blocks with a similiar meaning. The algorithm features tremendous
variability in ciphertexts, so the exact same information can be in
different blocks with different ciphertexts for them.
For the newly infested with the bug to find out all you can about crypto,
I welcome questions about it, the Grandview Algorithm, the GVA, and how it
works in detail. It has been gone over here before, but for those that
missed, had questions, or previously thought it was just something that
would quickly fade, you are welcome also.
In short, what I did was to take the most promising of the classical
algorithms, the cylinder cipher of Jefferson, and others, play to its
strengths and diminish its weaknesses with results that surprised me most
of all. What I did get was a generic algorithm that was fully scalable in
many dimensions for almost any use, including those that give more
strength. It is hard to compare it with many ciphers, as it is in a class
by itself.
The implications of the GVA are easily lost to those that see its simple
construction, and less pleasing to those that seek only complicated
mathematics in order to get good results. The GVA can be arbitrarilly
made as strong as desired, which is uncharacteristic of systems that are
over-complicate.
One thing that is characteristic of it that some do not like is the very
slight increase of length from plaintext to ciphertext. I make no
apologies for being able to achieve unfathomable security at an
appropriate cost. I did not say double or something like that, but a
slight increase, which is typically on the average of a few percent. This
small growth makes it immune to certain attacks, commonly the undoing of
many block ciphers. (It is evermore conclusive that maintaining
same-block-sizeness does require an inordinate amount of horsepower to
deliver even slight increases in security. This is almost universally
seen with popular new systems.)
Another objection to the GVA is that it is not bit oriented. I play no
favorites, it is information oriented, which is the point, being fully
adaptable in design. As it is scalable, it can be tailored to fit the
real world information situation which often proves awkward for those that
require everything to be binary.
One good strength worth specifically mentioning is the size of the
keyspace that can be defined, which can often make another efficient
cipher's keyspace appear insignificant. Both of my required keys can be
made in a number of ways, so I do not restrict the actual generic GVA
algorithm with those methods; I have my personal preferences however.
What of the OTP, it surely has some of these characteristics? Well, yes,
but, as I see it, the GVA can provide much closer to the same security
than any other of which I am aware excluding headaches that are so common
in killing big systems.
When we get into comparisons of strength, we are in troubling territory,
as such is not simply defined. To give a head to head test between two
strong ciphers is unreasonable these days. I merely offer scaled
extensions of basic theoy that point always to strength, using a known
minimum as a reference.
I've gotten many good comments about the GVA in the past years, lots of
interesting questions. Even with its simplicity, it seems resistant to a
pleasing break, as I purposefully worked against easy extension of
successful methods aimed at classic cylinder ciphers. In fact, the GVA
survives as the simplest of the unbroken really strong ciphers, and seems
unlikely that it will be penetrated.
The algorithm is another one of those easy logic things that lots of
people don't quite get. The reason is that it uses types of
multidimensional thinking not so common to understand its rammifications,
especially if those relationships are not previously exercised.
To others, it is patently obvious in its method and in its result. It
does what has not been done before, to give great strength through mere
simplicity without including the same pitfalls which have killed off a
multitude of other seemingly trivial schemes.
--
I hear that some right-wing Republicans are even looking into President Clinton's past
lives so as not to leave any stone unthrown; a disparaging end result justifying any
obscure means.
------------------------------
From: "Harv" <[EMAIL PROTECTED]>
Subject: Re: Random numbers - why so important?
Date: Thu, 4 Mar 1999 11:50:45 -0800
Random numbers are used to generate keys. If the random number generator is
broke, then an attacker can predict the key.
For example, RSA uses randomly picked prime numbers to generate part of the
private, and public key. If you use a poor random number gernator, and your
attacker discovers this, then the attacker can retrace your steps, and
re-generate the same prime numbers you did. Consequently, he can determine
your RSA private key without factoring your public key.
Also, since public key systems are usually very slow, most systems will
generated a random session key, exchange the session key with public key
crypto, and then use the session key for the bulk of the encryption. HTTPS,
and PGP do this. Once again, if your random number generator is weak, an
attacker can predict the session key, and crack the session. This was the
source of the Netscape Navigator security bug that popped up a few years
back.
Harv.
[EMAIL PROTECTED]
Remove the some to send email.
Steven Runyeard <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Hi
>
> I've read lots about good random number generation in this group but
> why is it so important for good encryption. I can understand that it
> would be useful in making encrypted files appear as random data (thus
> making it hard to determine which files contain protected data) but is
> the actual encryption made any stronger because of it?
>
> Steve
------------------------------
Date: Thu, 04 Mar 1999 16:41:34 -0700
From: Sundial Services <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: Random numbers - why so important?
Doug Stell wrote:
> Getting good random numbers in hardware is relatively easy...
Getting the same "good random numbers" at two places at the same time,
however... ;-)
>However,
> getting good random numbers with deterministic software is very
> difficult and much of what is discussed in this newsgroup. Often,
> software uses a deterministic pseudo-random number generator that is
> seeded with a suitably large amount of entropy, such that the output
> is unguessable without knowledge of the seed.
Sigh... and terms like "entropy," so clear to the sender and so
obfuscatory to the outsider, are something that is totally necessary but
that you still have to get used to.
The only(!) thing that matters to cryptography is that, given number "X"
(or any series of X's that preceded it), you cannot guess X+1. This is
in extreme contrast to statisticians (the people whom most RNG writers
aimed to please...), who want to be able to use RNG's to obtain very
small, computer-generated samples of large populations and get
statistically-useful results from them.
------------------------------
Date: Thu, 04 Mar 1999 16:43:46 -0700
From: Sundial Services <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: Random numbers - why so important?
Harv wrote:
> For example, RSA uses randomly picked prime numbers to generate part of the
> private, and public key. If you use a poor random number gernator, and your
> attacker discovers this, then the attacker can retrace your steps, and
> re-generate the same prime numbers you did. Consequently, he can determine
> your RSA private key without factoring your public key.
... the popular analogy being "a monstrous steel iron safe door set into
a wall beside a pane-glass window." :-)
------------------------------
Date: Thu, 04 Mar 1999 16:36:42 -0700
From: Sundial Services <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: New high-security 56-bit DES: Less-DES
[EMAIL PROTECTED] wrote:
> As I understand it, the word "unicity" is derived by turning
> the adjective "unique" into a noun. Under normal English
> conventions it should therefore refer to the state or property
> of being unique.
;-) ;-) Oh, who really knows where these terms come from? In the end,
all of us just use 'em. :-)
------------------------------
From: Doggmatic <[EMAIL PROTECTED]>
Subject: Re: Testing Algorithms [moving off-topic]
Date: Thu, 04 Mar 1999 23:32:22 GMT
In article <7b70cj$1li$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (Patrick Juola) wrote:
> In article <7b6tmq$ojt$[EMAIL PROTECTED]>,
> Doggmatic <[EMAIL PROTECTED]> wrote:
> >In article <7b69tr$au$[EMAIL PROTECTED]>,
> > [EMAIL PROTECTED] (Patrick Juola) wrote:
> >> In article <7b56hg$8m8$[EMAIL PROTECTED]>,
> >> Doggmatic <[EMAIL PROTECTED]> wrote:
> >> >In article <7b101l$q4v$[EMAIL PROTECTED]>,
> >> > [EMAIL PROTECTED] (Patrick Juola) wrote:
> >> >> In article <7avprg$jvm$[EMAIL PROTECTED]>, <[EMAIL PROTECTED]> wrote:
> >> >>
> >> >> The fundamental limit of powering a computer processor is *ZERO*.
> >> >>
> >> >> Power provides *NO* limitation on how big you can make a computer.
> >> >>
> >> >
> >> > Uhh.... who told you that lie? Any process (the smallest possible
relevent
> >> >one of which is counting) requires a discrete (more than zero) amount of
> >> >energy. So, unless your processor does *ZERO* work, it will consume more
> >> >than ZERO energy. So, unless this computer is processing in another
universe
> >> >which is not subject to the physical of this one, there IS a limit.
> >>
> >> Wrong. Look up "reversible computing" sometime; hell, this point was
> >> explored at length in a Scientific American article sometime in the 70's.
> >>
> >> Think of it this way -- what's the minimum amount of energy necessary
> >> to move a brick five feet (horizontally)? On a frictionless surface
> >> (there's those damned parasitic costs again), it will move, albiet
> >> slowly, no matter how little force is applied.
> >
> > ^^^^^^^^^^^^^^^^ There's the key ... a force has to BE APPLIED.
[snip more rebuttal]
>
> Wrong.
>
> The force can be arbitrarily small (at least under the classical physics
> approximation appropriate to this oversimplification).
[snip "freshman physics"]
> Applying any non-zero force *will* result in a velocity change, which
> is sufficient to cause the brick to move (absent friction).
>
> The limiting case of a sufficiently small non-zero number is zero.
>
> Q.e.d.
>
> >But I will look up this "reversible computing." For such a
> >great idea researched 30 years ago, you think I'd have my Free-Energy
> >computer by now.
>
> I'll build one for you. Just buy me a frictionless surface.
[snip]
> -kitten
>
Did you really post a rebuttal based on an ideal solution? If so, why? I's
ain't da smartest fella in da wurld, but I's could'a swo' that it was commonly
accepted that there is no such thing as a "frictionless surface" in this
universe. Here is where you can correct me if I'm wrong. I know that
theoretically you can have smoother and smoother surfaces, but I thought that
a frictionless surface is a physical impossiblilty, which is why I've also
wondered about why "parasitic losses" were mention as if they are
inconsequential. If the ideal cannot be reached, which is my current belief,
then why even mention it, since this thread was originally about tractable
solutions and not impossible ideal solutions. If I'm wrong about frictionless
surfaces being physically impossible, then I apologize for trying to throw an
uneducated two cents in on this discussion.
___/Mike ...two legs good, four legs bad? ... Why conform?
__/. | For my next trick, WATCH as this humble mouse breaks
\-__ \___ Windows at the mere press of a button.
\ Hey! Where are we going, and why am I in this handbasket?
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: Doggmatic <[EMAIL PROTECTED]>
Subject: Re: Testing Algorithms [moving off-topic]
Date: Thu, 04 Mar 1999 23:30:24 GMT
In article <7b70cj$1li$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (Patrick Juola) wrote:
> In article <7b6tmq$ojt$[EMAIL PROTECTED]>,
> Doggmatic <[EMAIL PROTECTED]> wrote:
> >In article <7b69tr$au$[EMAIL PROTECTED]>,
> > [EMAIL PROTECTED] (Patrick Juola) wrote:
> >> In article <7b56hg$8m8$[EMAIL PROTECTED]>,
> >> Doggmatic <[EMAIL PROTECTED]> wrote:
> >> >In article <7b101l$q4v$[EMAIL PROTECTED]>,
> >> > [EMAIL PROTECTED] (Patrick Juola) wrote:
> >> >> In article <7avprg$jvm$[EMAIL PROTECTED]>, <[EMAIL PROTECTED]> wrote:
> >> >>
> >> >> The fundamental limit of powering a computer processor is *ZERO*.
> >> >>
> >> >> Power provides *NO* limitation on how big you can make a computer.
> >> >>
> >> >
> >> > Uhh.... who told you that lie? Any process (the smallest possible
relevent
> >> >one of which is counting) requires a discrete (more than zero) amount of
> >> >energy. So, unless your processor does *ZERO* work, it will consume more
> >> >than ZERO energy. So, unless this computer is processing in another
universe
> >> >which is not subject to the physical of this one, there IS a limit.
> >>
> >> Wrong. Look up "reversible computing" sometime; hell, this point was
> >> explored at length in a Scientific American article sometime in the 70's.
> >>
> >> Think of it this way -- what's the minimum amount of energy necessary
> >> to move a brick five feet (horizontally)? On a frictionless surface
> >> (there's those damned parasitic costs again), it will move, albiet
> >> slowly, no matter how little force is applied.
> >
> > ^^^^^^^^^^^^^^^^ There's the key ... a force has to BE APPLIED.
[snip more rebuttal]
>
> Wrong.
>
> The force can be arbitrarily small (at least under the classical physics
> approximation appropriate to this oversimplification).
[snip "freshman physics"]
> Applying any non-zero force *will* result in a velocity change, which
> is sufficient to cause the brick to move (absent friction).
>
> The limiting case of a sufficiently small non-zero number is zero.
>
> Q.e.d.
>
> >But I will look up this "reversible computing." For such a
> >great idea researched 30 years ago, you think I'd have my Free-Energy
> >computer by now.
>
> I'll build one for you. Just buy me a frictionless surface.
[snip]
> -kitten
>
Did you really post a rebuttal based on an ideal solution? If so, why? I's
ain't da smartest fella in da wurld, but I's could'a swo' that it was commonly
accepted that there is no such thing as a "frictionless surface" in this
universe. Here is where you can correct me if I'm wrong. I know that
theoretically you can have smoother and smoother surfaces, but I thought that
a frictionless surface is a physical impossiblilty, which is why I've also
wondered about why you mention "parasitic losses" as if they are
inconsequential. If the ideal cannot be reached, which is my current belief,
then why even mention it, since this thread was originally about tractable
solutions and not impossible ideal solutions. If I'm wrong about frictionless
surfaces being physically impossible, then I apologize for trying to throw an
uneducated two cents in on this discussion.
___/Mike ...two legs good, four legs bad? ... Why conform?
__/. | For my next trick, WATCH as this humble mouse breaks
\-__ \___ Windows at the mere press of a button.
\ Hey! Where are we going, and why am I in this handbasket?
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: MC1148 User <[EMAIL PROTECTED]>
Subject: Re: smart cards
Date: Thu, 04 Mar 1999 17:40:03 +0100
This is a multi-part message in MIME format.
==============3F665FE001162D0CC93E03AB
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Try this website...it may be useful to you. The main page that it is on
is also on the links page that Dr. Inch provided....(I/O Solutions)
MC1148 User wrote:
> I am a student in need of information regarding smart cards.
> Anything from what they are to how the microprocessor works. This is
> for a cryptography class so any information about the coding aspects
> would be greatly appreciated. Send all messages to
> [EMAIL PROTECTED] Thanks.
==============3F665FE001162D0CC93E03AB
Content-Type: message/rfc822
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Path: vesta.bloomu.edu!news
From: MC1148 User <[EMAIL PROTECTED]>
Newsgroups: sci.crypt
Subject: smart cards
Date: Tue, 02 Mar 1999 10:51:24 -0500
Organization: Bloomsburg University
Message-ID: <[EMAIL PROTECTED]>
NNTP-Posting-Host: 148.137.23.90
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Mailer: Mozilla 4.5 [en] (Win95; I)
X-Accept-Language: en
I am a student in need of information regarding smart cards.
Anything from what they are to how the microprocessor works. This is
for a cryptography class so any information about the coding aspects
would be greatly appreciated. Send all messages to
[EMAIL PROTECTED] Thanks.
==============3F665FE001162D0CC93E03AB==
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
