Cryptography-Digest Digest #34, Volume #10 Thu, 12 Aug 99 11:13:04 EDT
Contents:
Re: simultaneous multiple exponentiation (Peter Yodarski)
Re: NIST AES FInalists are.... (Anssi Bragge)
Re: language confusion, would it work? ("JvA Networks (DK)")
Re: solitaire, cryptonomicon (Paul Crowley)
Re: IDEA in AES (Paul Crowley)
Future Cryptology (Anonymous)
Re: IDEA in AES (Anssi Bragge)
RSA encryption exponent (vincent)
Re: Future Cryptology ([EMAIL PROTECTED])
Re: RSA encryption exponent (Francois Grieu)
Re: Better combiner than PHT? ([EMAIL PROTECTED])
Re: frequency of prime numbers? (Jim Felling)
Re: frequency of prime numbers? (Anton Stiglic)
Re: Cipher-Feedback Mode ([EMAIL PROTECTED])
Re: language confusion, would it work? (Patrick Juola)
Re: RSA encryption exponent ([EMAIL PROTECTED])
Re: NIST AES FInalists are.... (Patrick Juola)
Re: IDEA in AES ([EMAIL PROTECTED])
Re: NIST AES FInalists are.... ([EMAIL PROTECTED])
Re: Future Cryptology ("Douglas A. Gwyn")
Re: language confusion, would it work? ("JvA Networks (DK)")
Re: NIST AES FInalists are.... ([EMAIL PROTECTED])
Re: language confusion, would it work? (Patrick Juola)
----------------------------------------------------------------------------
From: Peter Yodarski <[EMAIL PROTECTED]>
Subject: Re: simultaneous multiple exponentiation
Date: Thu, 12 Aug 1999 02:53:30 -0500
Reply-To: [EMAIL PROTECTED]
Thanks a 2^32.
------------------------------
From: Anssi Bragge <[EMAIL PROTECTED]>
Subject: Re: NIST AES FInalists are....
Date: 12 Aug 1999 09:48:23 +0200
[EMAIL PROTECTED] writes:
> You don't have to be a member of the NSA to write good crypto
> algorithms. Look at DES, CAST, RC5 and Blowfish. I think a fair level
> of 'trust' has to be put into the AES designers.
And what is trust? What if... some members of the designing
teams were secretly on NSA payroll anyway, altho appearing to us
as saviors of the free world? ;)
Ok, enough paranoia, we're never going to find out about that
anyway. And nothing personal toward the development teams. Or
anyone/thing else either.
CC
abe
--
Anssi Bragge
UBS AG http://www.ubs.com/
Bahnhofstrasse 45, CH-8045 Zuerich, Switzerland
Tel: +41 1 236 0485 / Fax: +41-1-236 41 41 / GSM: +41-76-388 7722
------------------------------
From: "JvA Networks (DK)" <[EMAIL PROTECTED]>
Subject: Re: language confusion, would it work?
Date: Thu, 12 Aug 1999 11:14:45 +0200
Douglas A. Gwyn skrev i meddelelsen <[EMAIL PROTECTED]>...
>Once the natural-language intermediate text was recovered,
>if it didn't convey a sensible and unstrained message, one
>would suspect an additional coding step. During previous
>World Wars, censors often caught hidden messages in mail,
>etc. by the unnaturalness of the cover message.
But that would still require a human interaction, right? As far as I know
there are no computerprograms which are able to distinct between whether the
meaning of a text makes sense or not. And unless you had a very good idea
of, what the original plaintext was, you would by normal means end up with
thousands of suggestions for a plaintext. And all of them would make at
least some sense, so you would have to have a human to read all of them,
right?
For this method to be good, you cannot just sustitute e.g. nouns with other
nouns. Length and frequency would have to part of the translation, so that a
common short (Danish) noun is translated into a short, common (English)
noun. The key to this is of course that Danish and English grammar is
similar enough for this simple substitution to produce a text which a
computer cannot distinct from real English.
As a crypto-analyst you can expect to have almost unlimited computer power
for mathematical and statistical purposes. But to find out whether you have
a plaintext that actually makes sense, you need humans. And it would be much
easier to get the plaintext by getting the key from either sender or
reciever, rather than reading thousands of suggestions for a plaintext.
- Jesper
------------------------------
From: Paul Crowley <[EMAIL PROTECTED]>
Subject: Re: solitaire, cryptonomicon
Date: 12 Aug 1999 09:23:28 +0100
[EMAIL PROTECTED] writes:
> Also. I wrote some code a few years back to brute force
> RC4. It could break 3-bit RC4 in less than a second, 4-bit RC4 in
> 2 to 10 minutes, and I extrapolated 5-bit RC4 would take two weeks.
> Real RC4 (8 bit) wasn't breakable that way. Solitaire resembles
> RC4, and 54 cards is somewhere between 5 and 6 bits. I've been
> meaning to revisit that brute force approach and see if it works
> on Solitaire, but haven't done it for months, so maybe I'll never
> get around to it. (It's only practical on the plain random numbers.
> Adding a message on top makes things much harder.)
I guess you can't mean "try all possible permutations of cards" since
that would clearly be impractical (54! > 2^237). Do you mean some
sort of hypothesis-making, backtracking permutation search engine?
You could probably write a Prolog program to do it...
See http://www.hedonism.demon.co.uk/paul/solitaire/index.html for some
more information on Solitaire. This still hasn't made it to
Schneier's list of Solitaire links...
--
__
\/ o\ [EMAIL PROTECTED] Got a Linux strategy? \ /
/\__/ Paul Crowley http://www.hedonism.demon.co.uk/paul/ /~\
------------------------------
From: Paul Crowley <[EMAIL PROTECTED]>
Subject: Re: IDEA in AES
Date: 12 Aug 1999 09:31:33 +0100
Paul Rubin <[EMAIL PROTECTED]> writes:
> It uses comparatively bizarre design principles compared to the
> currently surviving AES candidates, and it looks shaky under recent
> cryptanalytic results.
Where can we find out more about these results?
--
__
\/ o\ [EMAIL PROTECTED] Got a Linux strategy? \ /
/\__/ Paul Crowley http://www.hedonism.demon.co.uk/paul/ /~\
------------------------------
Date: Thu, 12 Aug 1999 11:12:03 +0200 (CEST)
From: Anonymous <[EMAIL PROTECTED]>
Subject: Future Cryptology
Hello All,
I surmise that frequently used encryption software such as PGP (Idea) , has
probably been broken by the NSA, (I have no proof of this, but then again
there is no positive proof that these algorithms are in fact still secure).
On this surmise I would like to know if there are any new developments
taking place in the civilian cryptographic world to counter this possibility
?.
I base my uneasiness on the fact that the NSA, US Government etc., have been
pretty silent on these matters of late :-) .
Yes - I am probably over paranoid :-)
------------------------------
From: Anssi Bragge <[EMAIL PROTECTED]>
Subject: Re: IDEA in AES
Date: 12 Aug 1999 12:46:31 +0200
Paul Crowley <[EMAIL PROTECTED]> writes:
> Paul Rubin <[EMAIL PROTECTED]> writes:
> > It uses comparatively bizarre design principles compared to the
> > currently surviving AES candidates, and it looks shaky under recent
> > cryptanalytic results.
>
> Where can we find out more about these results?
I was just about to ask the same... :)
abe
--
Anssi Bragge
UBS AG http://www.ubs.com/
Bahnhofstrasse 45, CH-8045 Zuerich, Switzerland
Tel: +41 1 236 0485 / Fax: +41-1-236 41 41 / GSM: +41-76-388 7722
------------------------------
From: vincent <[EMAIL PROTECTED]>
Subject: RSA encryption exponent
Date: Thu, 12 Aug 1999 12:10:17 +0100
Hello,
I've read somewhere that to "speed-up" the RSA encryption, one could
choose (when generating an RSA key) an exponent such as 65537 since it
just has two '1' in its binary representation.
The criterion to chose e in an RSA key is :
e has to be relatively prime to phi(n)=(p-1)*(q-1)
65537 is prime, so it should be relatively prime to any number but its
multiples.
My question is then the following.
Assuming p and q are primes, is there any chance that
phi(n) is a multiple of 65537 ?
Thanks for any help, I'm (unfortunately?) not a mathematician.
--
============================
Vini boy
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Future Cryptology
Date: Thu, 12 Aug 1999 13:47:47 GMT
In article <[EMAIL PROTECTED]>,
Anonymous <[EMAIL PROTECTED]> wrote:
> Hello All,
>
> I surmise that frequently used encryption software such as PGP
(Idea) , has
> probably been broken by the NSA, (I have no proof of this, but then
again
> there is no positive proof that these algorithms are in fact still
secure).
> On this surmise I would like to know if there are any new developments
> taking place in the civilian cryptographic world to counter this
possibility
> ?.
> I base my uneasiness on the fact that the NSA, US Government etc.,
have been
> pretty silent on these matters of late :-) .
> Yes - I am probably over paranoid :-)
IDEA is not really popular anymore. Most people have PGP 5 or greater
and use other ciphers such as 3DES and CAST.
Here is a good question, do you want a or b?
a) NSA hackers to read your private medical/banking transactions
OR
b) Stop thieves and pesky hackers from stealing the information and
making your life a living hell.
If you can answer the question (either A or B, and 'neither' is not a
good answer) then you know what you are talking about.
Believe it or not, the NSA is NOT out to get you. However there are
millions of other criminals who ARE out to get you.
Really we have the ciphers we need to make strong systems, we just lack
good implementations of secure systems. Most people use ad hoc designs
and call them secure. That is where the trouble starts. Even with
IDEA or CAST (or any other good cipher) strong systems can fall
with 'slight' bugs.
My point is, it's not enough to say 'can the NSA crack IDEA?', but more
like 'can people break system X remotely, discretely and
efficiently?'. If one person writes software to break a system, a
million people could be using it in under a year ...
Tom
--
PGP 6.0.2i Key
http://mypage.goplay.com/tomstdenis/key.pgp
PGP 2.6.2 Key
http://mypage.goplay.com/tomstdenis/key_rsa.pgp
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED] (Francois Grieu)
Subject: Re: RSA encryption exponent
Date: Thu, 12 Aug 1999 15:32:39 +0200
vincent <[EMAIL PROTECTED]> wrote:
> Assuming p and q are primes, is there any chance that
> phi(n) is a multiple of 65537 ?
Yes.
Given a small prime e, a randomly selected big prime p
can have any particular value modulus e, except 0.
If either p or q is 1 modulus e, e will divide (p-1)*(q-1).
The probability is, I believe, (2-1/(e-1))/(e-1) for e prime.
For e=65537 odds are only about 1/32768;
but for e=3 (a popular choice too) this probability is 3/4.
To avoid this, some standards prescribe to choose e first,
then generate p and q such that p-1 and q-1 are relatively
prime to e.
Francois Grieu.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Better combiner than PHT?
Date: Thu, 12 Aug 1999 13:57:44 GMT
In article <[EMAIL PROTECTED]>,
Paul Crowley <[EMAIL PROTECTED]> wrote:
> The PHT (c, d) = (a + b, a + 2b) is "imperfect" in that the bottom bit
> of d is not affected by b; I've failed to find a "perfect" combiner.
> Here's what I want, does it exist?
>
> Let S be any set s.t. |S| > 1, preferably the set of 32-bit ints. I'm
> looking for a function f: S^2 -> S^2 s.t. if you choose values for any
> two of (a, b, c, d), there exists values for the remaining two
> s.t. (c, d) = f(a, b) . IOW:
>
> * it's bijective
> * you can choose one input and one output and infer the other input
>
> The PHT fails this test: choose a=0, d=1, no suitable value for b
> exists. Does any function pass? Does any function pass where S is
the
> set of n-bit integers? Does any easy-to-calculate function pass?
>
> Looking forward to people's thoughts,
PHT's are generally used as simple mixing functions so that single bit
changes will propagate thru and cause massive changes thru the stronger
non-linear parts. Look at SAFER and Twofish for good uses of a PHT.
PHT's also have the property that if the input is (x, y, x, y) the
output is always (a, b, a, b) and this can continue on and on. There
are many ways to stop this, but generally the non-linear parts should
take care of this. In Twofish for example the data is run thru sboxes
then mixed using a PHT, then xor'd against the data registers. Without
the sboxes it's rather weak.
Some other mixing functions? Look up 'Latin Square Combiner' under
ritter site. Basically it works like this. You have two n-bit inputs
(a, b) and two 2^n by 2^n n bit sboxes. You then mix like this
a' = SBOX1[a][b]
b' = SBOX2[a][b]
If the sboxes are designed properly (or key dependant) the mixing
should be effective. Although I don't think I would put much trust in
it on it's own. This is the same as
a' = a . b
b' = a o b
Where 'o' and '.' are two functions. Although these tables would
require too much ram.
You could also do reversible MDS matrices, mini 2n-bit feistel
functions such as
a = f(b)
b = g(a)
a = f(b)
b = g(a)
...
Where f and g can be as simple as luts' or other linear (bijective)
mixing functions. I think the CS cipher and Twofish both have sboxes
that work on 'mini-feistel' designs.
Tom
--
PGP 6.0.2i Key
http://mypage.goplay.com/tomstdenis/key.pgp
PGP 2.6.2 Key
http://mypage.goplay.com/tomstdenis/key_rsa.pgp
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: Jim Felling <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: frequency of prime numbers?
Date: Thu, 12 Aug 1999 09:24:09 -0500
Sundial Services wrote:
> Don Dodson wrote:
> [...]
> > Now compute P, the product of all prime numbers 2..N. P is
> > divisible by every prime number. Add one to the result.
> > P+1 is not divisible by any prime number, and therefore P+1
> > is prime. P+1 is clearly larger than N, so N must not be
> > the largest prime.
>
> The realization that "P+1 must be prime" brings up the interesting
> thought that, if you know a particular prime "P", and all of the primes
> that precede it, you can add any (and therefore, each) previously known
> prime to "P", then add one... would each of these therefore be prime?
> Would there be any others that you could miss?
>
> In my poor untutored mind, prime-ness is beginning to sound like a
> variation of the knapsack problem.
No that is not the case (unfortunately) the reason being that let
P={2,3,....p} be a list of primes. Let
N= PI(P)+1
let Q be the list of all primes s.t. p<qi<sqrt(N), this list for p >= 7 is
non empty. then any prime on the list Q may be a possible factor of N, and
thus, the potential for N to be composite exists. My PC is insufficient to
determine for what p's this will happen, and I lack references here, but
rest assured it does happen.
------------------------------
From: Anton Stiglic <[EMAIL PROTECTED]>
Subject: Re: frequency of prime numbers?
Date: Thu, 12 Aug 1999 10:13:53 -0400
karl malbrain wrote:
> Don Dodson <[EMAIL PROTECTED]> wrote in message
> news:7oq2pd$[EMAIL PROTECTED]...
> > Assume for a moment that there was a finite number of primes.
> > This means that there must be a largest prime number. We will
> > call that largest prime N.
> >
> > Now compute P, the product of all prime numbers 2..N. P is
> > divisible by every prime number. Add one to the result.
> > P+1 is not divisible by any prime number, and therefore P+1
> > is prime. P+1 is clearly larger than N, so N must not be
> > the largest prime.
>
> As Bob S has illustrated, you have to take BOTH sides of this contradiction
> at ONCE: P is also provably COMPOSITE (because it's not in the list), hence
> a contradiction with your proof that P is PRIME. Karl M
P was not said to be prime. He was saying that P + 1 was not divisible by any
of
our finit set of primes, thus this set is invalide. This prof is general in
the sens that
it takes account of all finit set of primes, thus no finit set of primes exist.
It's as simple as that!
P.S it doesn't imply that P + 1 is prime in _our_ world (a world where there
are
infinit many primes), it's just implies a contradiction in a world of finit
primes.
Anton
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Cipher-Feedback Mode
Date: Thu, 12 Aug 1999 12:56:39 GMT
CBC is this
C[n] = E(P[n] XOR C[n-1], K)
You XOR the previous ciphertext, or an IV, with the plaintext block
before encrypting it.
CFB is this
C[n] = P[n] XOR E(C[n-1], K)
This is where you encrypt the previous ciphertext, or IV, and XOR with
the plaintext. What you described is a variation of this. What was
described is if you are encrypting using the full size of the ciphertext
block. In other words, if you're using DES, you'd be using a 64-bit
stream cipher. What your thinking of is when you use only part of the
ciphertext for encryption. For example, let's say you're encrypting
using DES in CFB mode and you're encrypting a 8-bits at a time. Every
time you encrypt a piece of plaintext, you would shift the IV left 8
bits and make the least significant bits the new ciphertext.
Hope this helps!
In article <7osvoa$3p$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> In article <[EMAIL PROTECTED]>,
> [EMAIL PROTECTED] (John Savard) wrote:
> > CFB works this way:
> >
> > To encipher a block of plaintext,
> >
> > take the previous block of ciphertext, encipher it in your block
> cipher, and XOR
> > the result with that current block of plaintext.
>
> That's CBC isn't it. I thought CFB works by
>
> take the top n bits of the IV, xor it against the plaintext text,
shift
> the IV n bits to the left, place the ciphertext bits in the lsbs, and
> encrypt the IV.
>
> So you get
>
> 1. C = P xor (IV >> (m - n))
> 2. IV = Ek((IV << n) or C)
> 3. Goto 1 as required
>
> (m = block length, n = output length, both in bits).
>
> Tom
> --
> PGP 6.0.2i Key
> http://mypage.goplay.com/tomstdenis/key.pgp
> PGP 2.6.2 Key
> http://mypage.goplay.com/tomstdenis/key_rsa.pgp
>
> Sent via Deja.com http://www.deja.com/
> Share what you know. Learn what you don't.
>
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED] (Patrick Juola)
Subject: Re: language confusion, would it work?
Date: 12 Aug 1999 09:43:33 -0400
In article <7ou3eh$n09$[EMAIL PROTECTED]>,
JvA Networks (DK) <[EMAIL PROTECTED]> wrote:
>
>Douglas A. Gwyn skrev i meddelelsen <[EMAIL PROTECTED]>...
>>Once the natural-language intermediate text was recovered,
>>if it didn't convey a sensible and unstrained message, one
>>would suspect an additional coding step. During previous
>>World Wars, censors often caught hidden messages in mail,
>>etc. by the unnaturalness of the cover message.
>
>But that would still require a human interaction, right? As far as I know
>there are no computerprograms which are able to distinct between whether the
>meaning of a text makes sense or not.
As I pointed out, this is incorrect; there are several such programs
out there.
-kitten
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: RSA encryption exponent
Date: Thu, 12 Aug 1999 13:23:32 GMT
In article <[EMAIL PROTECTED]>,
vincent <[EMAIL PROTECTED]> wrote:
> Hello,
>
> I've read somewhere that to "speed-up" the RSA encryption, one could
> choose (when generating an RSA key) an exponent such as 65537 since it
> just has two '1' in its binary representation.
Actually 65537 requires at least 17 multiplications, 7 and 3 are also
good choices. You want the decryption exponent to be large.
>
> The criterion to chose e in an RSA key is :
> e has to be relatively prime to phi(n)=(p-1)*(q-1)
>
> 65537 is prime, so it should be relatively prime to any number but its
> multiples.
> My question is then the following.
> Assuming p and q are primes, is there any chance that
> phi(n) is a multiple of 65537 ?
I would not think so. In the paper for RSA they briefly explain why it
works. Look there.
Tom
--
PGP 6.0.2i Key
http://mypage.goplay.com/tomstdenis/key.pgp
PGP 2.6.2 Key
http://mypage.goplay.com/tomstdenis/key_rsa.pgp
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED] (Patrick Juola)
Subject: Re: NIST AES FInalists are....
Date: 12 Aug 1999 09:40:10 -0400
In article <7otgq3$2l2s$[EMAIL PROTECTED]>,
SCOTT19U.ZIP_GUY <[EMAIL PROTECTED]> wrote:
>In article <[EMAIL PROTECTED]>, "Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote:
>>"SCOTT19U.ZIP_GUY" wrote:
>>> Rest assured that if there was an entry that the NSA felt to strong
>>> for it to attack it would never be allowed to see the light of day
>>> in the AES game.
>>
>>What mechanism could possible accomplish that? The AES candidates
>>are very public.
>
> First of all no real secure system would get past the AES entries. IF it is
>not written in there special format.
"There [sic] special format" being PostScript, of course....
The rest of this ignorant rant deleted.
-kitten
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: IDEA in AES
Date: Thu, 12 Aug 1999 13:28:58 GMT
In article <[EMAIL PROTECTED]>,
Anssi Bragge <[EMAIL PROTECTED]> wrote:
> I was just about to ask the same... :)
http://www.funet.fi/~bande/docs/crypt/analysis/idea.ps.gz
Reduced to 3 or 3.5 rounds. I think there is an attack against 4
rounds already.
Some other reasons why not to use it
1. Slow key setup
2. Slow cipher
3. Attacks are crawling in, although still infeasible cast doubt on
it's security.
4. It's patented.
Tom
--
PGP 6.0.2i Key
http://mypage.goplay.com/tomstdenis/key.pgp
PGP 2.6.2 Key
http://mypage.goplay.com/tomstdenis/key_rsa.pgp
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: NIST AES FInalists are....
Date: Thu, 12 Aug 1999 14:03:14 GMT
In article <7otgq3$2l2s$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) wrote:
> First of all no real secure system would get past the AES entries.
IF it is
> not written in there special format. The NSA would most likely toss
those out
> before public review. However if one slipped in they still would
infulence the
> outcome to convience people that it is weak. If the contest was for
real I
> think various contests should have been held. Like how hard is it to
break
> reduced forms. These contest should be open and public. Not just some
BS
> from a phony crypto god. When things are not done with real world
tests the
> good ole boys will pat them selves on there backs and only they will
win.
> There should be real world contests. And since the idea is for
security any
> idiot should be able to see that different methods are required for
file
> protection and smart card stuff. The only possible reason to use the
same
> method for everyting is to limit the size of the program. All else
aside it is
> highly unlikely that a low memory fast encryption program is good for
all
> aplications. We don't use Nuclear fuel in are cars but there is place
for
> all types of fuel. The only possible reason to go to a high speed
low memory
> method for all methods is so that it will be easy to break. But if
the
> government is able to con the Europeans into beliving the NSA is there
> friend I guess they deserve to have there mail read and maybe we can
> steal there business secrets for our own use.
Generally NSA doesn't care about you or your email. I would focus your
concern on 'how easy can a hacker attack system X'. Most ciphers are
designed to be 'lean and mean' to make them practical. If your cipher
only works on say SPARC stations, then a lot of applications goes
missing. If we pick an AES cipher(s) they must work in a variety of
platforms. I should be able to make a protocal for hardware/smartware
(my new word for smartcards) and software (desktop) using 'AES'.
What ciphers that got left out of AES do you think are secure or
reasonably efficient?
Tom
--
PGP 6.0.2i Key
http://mypage.goplay.com/tomstdenis/key.pgp
PGP 2.6.2 Key
http://mypage.goplay.com/tomstdenis/key_rsa.pgp
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Future Cryptology
Date: Thu, 12 Aug 1999 14:00:41 GMT
Anonymous wrote:
> I base my uneasiness on the fact that the NSA, US Government etc.,
> have been pretty silent on these matters of late :-) .
So what's new? They have always been silent on these matters.
------------------------------
From: "JvA Networks (DK)" <[EMAIL PROTECTED]>
Subject: Re: language confusion, would it work?
Date: Thu, 12 Aug 1999 16:37:39 +0200
Patrick Juola skrev i meddelelsen <7ouj25$e1i$[EMAIL PROTECTED]>...
>>But that would still require a human interaction, right? As far as I know
>>there are no computerprograms which are able to distinct between whether
the
>>meaning of a text makes sense or not.
>
>As I pointed out, this is incorrect; there are several such programs
>out there.
Well, why are those programs not used for computerbased text-translations? I
know that in most text, certain phrases should occur with certain
frequencies. To use the statistic approach, you would need to know: 1) the
topic 2) the kind of language (news article, letter or scientific paper).
You would also need quite a bit of text to find the right key, more than if
you just replaced letters (since there are many more different words than
letters)
Of course the method you descripe, using random, but letter-statisticly
valid "words", you would not be "disclosed" by the letter-frequency. But a
simple spell checker would catch you, right?
So, again, my point is: With the current capabilities of databases, it is
almost impossible for a computer to find anything wrong with the sentence:
"Tables grow on trees". Unless the computer is aware that the plaintext it
searches for is a scientific report on cooling of nuclear reactors. But such
a report should "translate" into something that might also look scientific
to the computer, since word lenght, and commoness (in normal language) would
be part of the "translation".
- Jesper
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: NIST AES FInalists are....
Date: Thu, 12 Aug 1999 14:13:52 GMT
In article <7otfap$21k2$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) wrote:
> Well I don't plan to tell the NIST anything I am sure they
> are a bunch of stuffed shirts that a classy guy in a suit and
> tie could most likely pull the wool over there eyes. Its seems
> like the government really never uses talanted people on
> comittees any way. It is much more important to make
> sure the committe is racially balanced for political reasons.
> Besides if they had bright people on such committes that
> thought for themselves they might actually do the job
> that the public expects them to do.
Um... get a life?
> By the way if my stuff is so bad solve my contest. I guess
> a years lead time is to much. Or try my easy contest that
> is for free but can't be done with any of the weak AES
> methods. Also has Mr. B.S. paid anyone in his short
> term contest?
Actually no. That must tell you something then right?
Here's a tip dave... No one uses your method (there might be 3 people
out there) because
a) no real study on it
b) no real theory or thought into it
c) it's slow
d) it's ugly
e) it's memory intense
f) you claim it's the best in the world.
Just because you use million bit keys or sboxs, does not make the
cipher that secure. You should know that though, you are a crypto
genius.
Tom
--
PGP 6.0.2i Key
http://mypage.goplay.com/tomstdenis/key.pgp
PGP 2.6.2 Key
http://mypage.goplay.com/tomstdenis/key_rsa.pgp
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED] (Patrick Juola)
Subject: Re: language confusion, would it work?
Date: 12 Aug 1999 11:00:17 -0400
In article <7oumbu$qr7$[EMAIL PROTECTED]>,
JvA Networks (DK) <[EMAIL PROTECTED]> wrote:
>
>Patrick Juola skrev i meddelelsen <7ouj25$e1i$[EMAIL PROTECTED]>...
>>>But that would still require a human interaction, right? As far as I know
>>>there are no computerprograms which are able to distinct between whether
>the
>>>meaning of a text makes sense or not.
>>
>>As I pointed out, this is incorrect; there are several such programs
>>out there.
>
>
>Well, why are those programs not used for computerbased text-translations?
They are. But selecting the correct (non-gibberish) phrase is a much
harder task than merely identifying gibberish -- just as it's easier
to see at a glance that a jigsaw puzzle isn't correctly assembled as
than it is to assemble the puzzle.
But one of the big applications for which they are being used is
synonym selection. "Word sense disambiguation", if you like. I think
I first saw them used for that purpose in '91.
>So, again, my point is: With the current capabilities of databases, it is
>almost impossible for a computer to find anything wrong with the sentence:
>"Tables grow on trees".
Wrong, sir. Well, spuriously right, sir -- the single sentence you
cite is far too short for any reliable statistics to be drawn from it.
But if you had several paragraphs or pages to hand, your computer could
observe that far too many sentences that had the word "table*" in it
had the word "tree*" and vice versa.
You're basically way off on the capacities of modern databases. We
know about word linkages; we've known since the 1950's that "you shall
know a word by the company it keeps." We have enough data now to actually
measure a word's "company." From there it's not too difficult to observe
whether or not most of the content words of a document are in unusual
company.
-kitten
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
