Cryptography-Digest Digest #342, Volume #10 Fri, 1 Oct 99 06:13:02 EDT
Contents:
Re: RSA in your own code (Bill Unruh)
Re: Compress before Encryption (Tom St Denis)
Re: msg for Dave Scott (Tom St Denis)
Re: Q: Burrows-Wheeler transform (SCOTT19U.ZIP_GUY)
Re: Schrodinger's Cat and *really* good compression ([EMAIL PROTECTED])
Re: want URL for Applied CryptoGraphy Book online ("Anandamoy Roychowdhury")
I need a good book on crypto and math. (MaxBenson)
Re: Cryptic manuscript... Help (Volker Hetzer)
Re: Cryptographic bit-length and the meaning (Johnny Bravo)
New Export Regulations ("Mark Rosen")
Re: Comments on ECC (Jeffrey Goldberg)
Re: Electronic envelopes (Mok-Kong Shen)
Re: How good is java.security.SecureRandom ? (Mikael Fiil)
Re: I need a good book on crypto and math. ([EMAIL PROTECTED])
Re: Perfect Shuffle Algorithm? ("Clive Tooth")
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Bill Unruh)
Subject: Re: RSA in your own code
Date: 1 Oct 1999 02:02:14 GMT
In <7t08f5$k51$[EMAIL PROTECTED]> "Mark Reed" <[EMAIL PROTECTED]> writes:
>Are you allowed to write a program that implements say 512 bit RSA
>encryption
>in the US? Its so darn easy to do ;) I dont see why we cant have better
>encryption (and i dont understand the laws)
MIT patented RSA and gave exclusive licensing rights to RSADSI. If the
patent is valid, then all use of the patent is controlled by the patent
holder-- including use in your own program (although "research" use may
be exempt). The fact that it is simple is neither here nor there. The
exact way in which one bends a wire to form a safety pin was patented
(many times for different ways of bending the wire) and that is probably
even simpler than RSA.
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: Compress before Encryption
Date: Fri, 01 Oct 1999 02:47:36 GMT
In article <7t0pr2$2e8k$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) wrote:
> In article <[EMAIL PROTECTED]>, "Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote:
> >Tim Tyler wrote:
> >> Since so much crypto-research goes on behind closed doors, it may
> >> eventually emerge (when the technique becomes more widespread), that
> >> it was in fact invented years ago - but never escaped from government
> >> custody.
> >
> >I'm sure that precompression is mentioned in several places
> >in the open literature. The term "one to one" has a technical
> >meaning different from the way D.Scott uses the term, so it is
> >not used that way in the literature.
> I for one have not found it mentioned in the way that would
> state it is desirable that if a wrong key is used that the underlying
> text when uncompressed and recompressed comes back to same
> file. If you know so fucking much where is a reference and what is
> this comon term in the literature or are you just blowing smoke out
> your ass. What the fuck would you call it if not "one to one".
First off having crap decompress to crap, and compress back to crap is not a
REQUIRED property of security. Squelching the input statistics is however.
So using a method with a high ratio is desirable (over say
huffman/arith/shanno coding...). Think about it.... if you can pack more
info into each bit out, then there will be less bias in the indfividual bit
values. DEFLATE for example tends to reach 75% ratio after only a few kb of
text which is quite good. Adaptive Huffman will only reach around 40% at the
most at that time.
(if you want more info on why this is true see bias and correlations in
'randomness sources' in applied crypto, where he talks about xoring some bits
together to eliminate the net bias. This is the same idea. If you pack 10
bits together, and 5 of them lean 25% to 1, and 5 of them lean 25% to 0, it
will even out (or something like that)....)
> In the real world crypto game any weakness is used for an attack
> it is very foolish to say no one worries about such weaknesses.
> Maybe where you work they are to stupid to pay attension to minor
> details. Or maybe your just part of the cover up.
Show proof for a weakness (say in PGP) and I will GLADLY follow your lead.
Conjecture or speculation is not enough (conjecture if you have poised
scientific reason might be ok).
> >even in a known-plaintext attack. Therefore nobody other than
> >D.Scott has spent much time worrying about this aspect. The gain in
> >security from squelching the source statistics is so significant
> >that it dominates the other issue.
> I truely belive the smart people do worry about these weakness.
> The only possible reason people like Mr B.S. did not mention these
> kind of weakness in his book is either he really is a lot dumber than
> most people think or he is doing the bidding of a certain 3 letter agency
> that I will not mention.
Ok unless you can prove it, I think you should leave him alone. I personally
think he has his head on straight.
BTW isn't this a scientific group? Maybe I am missing something here.
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: msg for Dave Scott
Date: Fri, 01 Oct 1999 02:50:53 GMT
In article <[EMAIL PROTECTED]>,
"Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote:
> Tom St Denis wrote:
> > Ok let me rephrase if I give you
> > bfaqaaa2q2IpYXBMmmaaaauaaaaqF43{QqmvUThKIkZ7aa65z
> > will you be able to read it faster then say brute force?
>
> That's not a rephrasing, that's a completely different issue.
>
> If you had provided *sufficient* ciphertext from any of several
> well-known symmetric systems, then certainly there would be ways
> of attacking it that are faster than a brute-force key search,
> especially if there are isomorphs, period overlaps, or other
> favorable conditions that do often arise in practice. It's
> called "cryptanalysis"; look it up.
Ok this is going no where fast. If you have references for attacks that work
in under 100 block situations on any cipher in peekboo I would love to read
them. Otherwise I really don't think the cipher will be a major weak point
in peekboo. I am not saying there are none but it's not there.
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Q: Burrows-Wheeler transform
Date: Fri, 01 Oct 1999 05:00:25 GMT
In article <7t18at$3vk$[EMAIL PROTECTED]>, Tom St Denis <[EMAIL PROTECTED]> wrote:
>In article <7suncf$pti$[EMAIL PROTECTED]>,
> [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) wrote:
>> In article <[EMAIL PROTECTED]>, Mok-Kong Shen
> <[EMAIL PROTECTED]> wrote:
>> >While compression is, as far as I am aware, generally regarded
>> >as orthogonal to encryption, it is nontheless an aid to information
>> >security, I suppose. Recently I read somewhere a claim that the
>> >Burrows-Wheeler transform is a better compression technique than
>> >Huffman or arithmetic encoding. Could some person having knowledge
>> >and experience with that say whether this is true and whether the
>> >advantage passes on to encryption? (Could it be that it is slower?)
>> >
>> >Thanks in advance.
>> >
>> >M. K. Shen
>> >----------------------
>> >http://home.t-online.de/home/mok-kong.shen
>>
>> For text it is a very good cmpression. However due to the nature
>> of the BWT I think that it would be hard to write a "one to one" compress
>> for it. It was the second compression method I looked at and have yet
>> to make progress making it one to one. So if you use it. Most of the
>> time a wrong key is guessed in an attacke it will not uncompress.
>
>I bet most of the time when you guess the wrong key in your system you don't
>get ASCII back.
>
>Tom
>
Depends Tom how you do your compression of use a conditional one to one
compression with encryption when the attacker tries to guess a key it comes
back as ascii in the character set you limit it too. But like I said you would
have to be a little older to understand the concept
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Schrodinger's Cat and *really* good compression
Date: Fri, 01 Oct 1999 04:37:53 GMT
In article <[EMAIL PROTECTED]>,
"Trevor Jackson, III" <[EMAIL PROTECTED]> wrote:
>This is the intuitive explanation, but it is at least incomplete if not
>wrong.
There has been a long time since I studied quantum mechanics; I may
very well be wrong.
>There are experiments that, observed, produce a defined result such as
>an electron passing through a particular slit. When the same
>experiment is conducted without observation the result differs, such
>as an electron passing through two slits and the two paths interfering
>with one another.
Please observe that this does not contradict my interpretation. As you
say, an electron's wave function passes through both slits, interferes
with itself, and if you make the wave hit a wall then you will see the
resulting beautiful interference pattern. On the other hand if you make
an observation about which slit the electron passes through (maybe by
measuring the electromagnetic field near each slit) then you force the
wave to produce information: therefore it collapses and the
interference pattern on the wall disappears. For this to happen it is
not necessary to have a sentient being observe the measuring equipment
- it is quite sufficient to install the measuring equipment alone. The
measuring equipment changes the system forcing the wave function to
interact with it and emit information.
> Reality is more subtle than our (classical) intuition.
I agree - quantum mechanics can be difficult to visualize. In the above
example the wave function washes over the measuring equipment, so one
can imagine that the wave function "knows" that it is being observed
and therefore it collapses. But there are more complicated experiments
where a measurement here on one particle instantaneously affects the
state of another particle very far away (the so called non-local
phenomena, see: Rosen and Einstein). There are other experiments where
a particle wave seems to "know" whether it will be observed before the
decision is taken whether to observe it or not. Quantum mechanics is
weird enough. I still believe though, that a wave function does not
collapse if a person opens a door and looks inside a room.
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: "Anandamoy Roychowdhury" <[EMAIL PROTECTED]>
Subject: Re: want URL for Applied CryptoGraphy Book online
Date: Fri, 1 Oct 1999 10:50:24 +0530
Thanks a Lot . really appreciate it
Eric Hambuch <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Anandamoy Roychowdhury wrote:
> >
> > could you give me the URL for the Handbook of Applied Crytography ?
> >
>
> http://cacr.math.uwaterloo.ca/hac/
>
>
> Eric
------------------------------
From: MaxBenson <[EMAIL PROTECTED]>
Subject: I need a good book on crypto and math.
Date: Thu, 30 Sep 1999 22:21:04 -0700
I stopped learning math after algabra II but I want to get into
cryptoanylis and stuff. How many books am I looking at reading and what
types of math should I be studying.
------------------------------
From: Volker Hetzer <[EMAIL PROTECTED]>
Subject: Re: Cryptic manuscript... Help
Date: Wed, 29 Sep 1999 15:54:42 +0200
Computer Technician wrote:
>
> > Hi All,
>
> I've been trying to think of the name of a manuscript that I'd seen in the
> past, and can't for the life of me remember what it was called. So I thought
> I'd try here any help would be greatly appreciated. It was done in a coded
> language and was from early times. I believe it started with a V....and
> written in a weird text. I know a lot of people were trying to decode it. It
> also had a lot of illustrations in the margines... like plants and other
> things. If anyone can help with I would be most gracious. Thank you,
Something like Voynich or so?
Greetings!
Volker
--
Hi! I'm a signature virus! Copy me into your signature file to help me spread!
------------------------------
From: [EMAIL PROTECTED] (Johnny Bravo)
Subject: Re: Cryptographic bit-length and the meaning
Date: Fri, 01 Oct 1999 01:30:55 GMT
On Thu, 30 Sep 1999 10:06:16 GMT, [EMAIL PROTECTED] wrote:
>Hey there!
>
>I'm a newbee on this subject, but I hope someone
>will help anyway!
>
>Now - to my question:
>
>When something is encrypted with 8-bit there is 256 posible keys.
>How does that number climb in follow of the bit size?
Each bit doubles the number of keys before it. 9 bits is 512 keys, 10 bits is
1024 keys, 11 bits is 2048 keys ect.
>Ie. how many keys are there in a 56 bit encryption??
Not many as far as crypto goes, 72,057,594,037,937,936
keys. That's rather on the weak side.
>And how is it calculated??
Easy way to handle some of the big numbers you are going to see around here is
to get a decent calculator http://www.flosim.com/ has a good starter one.
Freeware and good for 16 or decimal places and can handle numbers up to about
2^1018. The GNU port of bc, available at various places, doesn't have much in
the way of limits, I've run it up to 2^65536 and it still spit out the exact
answer. (took 20 seconds, but it worked.)
>Thanks in advance!
>
>Morty
You're welcome.
Johnny Bravo
------------------------------
From: "Mark Rosen" <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto
Subject: New Export Regulations
Date: Fri, 1 Oct 1999 02:02:45 -0400
Like pretty much everyone else, I have read about the new relaxation in
export regulations. However, quite honestly, I do not understand most of
what is happening. My company makes an encryption program called Kremlin --
it has been discussed on this newsgroup a fair amount, and has even been
"highly recommended" in a study done by a sci.crypt poster (e-mail me if you
want the URL. It's _somewhere_ in my favorites!).
Basically, can we now export the domestic version of Kremlin -- the full
strength version that uses 160 bit Blowfish w/ CBC -- from the US? Do we
have to re-apply for an export license? Did the White House just suggest
that the regulations be changed, or have they already been changed? If it
helps, we have a valid license to export 40 bit RC4.
BTW, you can download and try out Kremlin at:
http://www.mach5.com/kremlin/pc_index.html and
http://www.mach5.com/kremlin/mac/
- Mark Rosen
http://www.mach5.com/
------------------------------
From: Jeffrey Goldberg <[EMAIL PROTECTED]>
Subject: Re: Comments on ECC
Date: Fri, 1 Oct 1999 08:15:57 +0100
Reply-To: Jeffrey Goldberg <[EMAIL PROTECTED]>
On Tue, 28 Sep 1999 [EMAIL PROTECTED] wrote:
> Douglas A. Gwyn wrote:
> > Unless somebody also invents an algorithm for converting
> > any NP-complete problem into a P problem, knowing that
> > P=NP wouldn't be of any practical use.
>
> That doesn't make sense. If P=NP then then any
> NP-complete problem _is_ a P problem. The "algorithm
> for converting" can just compute the identity function.
You are, of course, correct.
But I think it is pretty clear what Gwyn was trying to say: If we have a
problem which is known to be P, it is still possible that the best
algorithm *that we know of* for solving the problem is still NP.
A proof of P=NP may or may not directly help us in finding polynomial time
algorithms for these problems. But even at worst, the proof would sure
motivate people to look for the algorithms.
-j
--
Jeffrey Goldberg +44 (0)1234 750 111 x 2826
Cranfield Computer Centre FAX 751 814
[EMAIL PROTECTED] http://WWW.Cranfield.ac.uk/public/cc/cc047/
Relativism is the triumph of authority over truth, convention over justice.
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Electronic envelopes
Date: Fri, 01 Oct 1999 10:03:22 +0200
Anton Stiglic wrote:
>
> Are you here to get an answer or to bullshit a question?
> Make up your mind.... And read your posts carefully...
When you pose a certain question, I suppose you don't know the
answer and in many cases also don't know whether a satisfactory
answer exists or doesn't exist. If you can show that there is an
answer, then please show it. If you can show that an answer can't
exist, then please show it too. Otherwise, please keep silent and
don't waste the bandwidth of this group by asking such silly
questions as relative to what the time is defined!!! (This is
a group devoted to cryptology, not to physics, astronomy, religion,
precision mechanics, etc.!!!)
M. K. Shen
------------------------------
From: Mikael Fiil <[EMAIL PROTECTED]>
Crossposted-To: comp.lang.java.security
Subject: Re: How good is java.security.SecureRandom ?
Date: Fri, 01 Oct 1999 10:04:24 +0200
This is a multi-part message in MIME format.
==============622F33C9AB1D77EA9A1A0E75
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Tim Tyler wrote:
> In sci.crypt Mikael Fiil <[EMAIL PROTECTED]> wrote:
>
> : You may take a look here:
> : http://www.counterpane.com/yarrow.html
>
> : These guys have a lot of information on security, which also includes
> : random numbers
>
> It's very hard to see any connection between this and the
> java.security.SecureRandom class.
>
I was just trying to suggest a possible answer to the following statement in
the original message:
"We are doing some Java code and need a good random number generator."
You could call Yarrow from Java via JNI or you could rewrite it in Java if
you have a lot of time.
Sorry if it didn't help!
Mikael Fiil
==============622F33C9AB1D77EA9A1A0E75
Content-Type: text/x-vcard; charset=us-ascii;
name="Mikael.Fiil.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for Mikael Fiil
Content-Disposition: attachment;
filename="Mikael.Fiil.vcf"
begin:vcard
n:Fiil;Mikael
tel;cell:+45 40 59 48 68
tel;work:+45 46 19 48 68
x-mozilla-html:TRUE
org:Mikael Fiil Data
adr:;;Elisevej 3, Dåstrup;Viby Sj.;;DK-4130;Denmark
version:2.1
email;internet:[EMAIL PROTECTED]
note:Homepage: www.netbizz.dk
x-mozilla-cpt:;-24208
fn:Mikael Fiil
end:vcard
==============622F33C9AB1D77EA9A1A0E75==
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: I need a good book on crypto and math.
Date: Fri, 01 Oct 1999 09:17:41 GMT
>> Need good books on cryptoanalysis
general:
-Applied Cryptograhpy (1996)
B.Scheider
-Handbook of Applied Cryptogaphy (1996)
Menezes, van Oorschot, Vanstone
analysis:
-Differential Cryptroanalysis of DESlike Systems
E.Biham, A.Shamir
-Linear Cryptoanalysis of DES
M.Matsui
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: "Clive Tooth" <[EMAIL PROTECTED]>
Crossposted-To: sci.stat.math,sci.math
Subject: Re: Perfect Shuffle Algorithm?
Date: Fri, 1 Oct 1999 09:43:15 +0100
Douglas A. Gwyn wrote in message <[EMAIL PROTECTED]>...
>David Franklin wrote:
>> Firstly, I knocked up a brute force program to do this (took
>> about 5 mins to write), and got the same answer as Clive Tooth
>> (97020); the running time was just under 1 second. Which leads
>> me to wonder about the LCM solution being "much simpler and
>> faster" as the original interviewer apparently said. When the run
>> time is 1 second, it's hard to justify spending time speeding it
>> up (as a one-off problem at any rate).
>
>But brute force doesn't scale well, while finding the cycles does.
>You were just lucky that the period was only 97,020; it could have
>been much larger if the parameters had been slightly different.
>Not knowing in advance whether that was the case, it would be
>better to use a method that is *known* to not take long instead
>of one that *might* take too long.
Quite so. I programmed the lcm method first, found the answer, and then
checked it by brute force before posting.
--
Clive Tooth
http://www.pisquaredoversix.force9.co.uk/
End of document
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
