Cryptography-Digest Digest #672, Volume #10 Fri, 3 Dec 99 11:13:01 EST
Contents:
Re: Encrypting short blocks (Johnny Bravo)
Re: Will ScramDisk recover ? >> After another round of tests ... YES, it will
recover ("Microsoft Mail Server")
Re: Will ScramDisk recover ? >> After another round of tests ... YES, it will
recover (Lincoln Yeoh)
Re: Any negative comments about Peekboo >> how to confirm designer claims ?
(Johnny Bravo)
Re: Any negative comments about Peekboo >> How to verify that promised algorithms
are included (Johnny Bravo)
Re: Elliptic Curve Public-Key Cryptography (DJohn37050)
Re: Peekboo Ideas? (Lincoln Yeoh)
Re: NSA should do a cryptoanalysis of AES (SCOTT19U.ZIP_GUY)
Re: Any negative comments about Peekboo free win95/98 message encryptor (Keith A
Monahan)
How can you tell? (John)
Re: Why Aren't Virtual Dice Adequate? (Tim Tyler)
Re: What part of 'You need the key to know' don't you people get? (SCOTT19U.ZIP_GUY)
Re: Any negative comments about Peekboo free win95/98 message encryptor (David A
Molnar)
Re: Why Aren't Virtual Dice Adequate? (Tim Tyler)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Johnny Bravo)
Subject: Re: Encrypting short blocks
Date: Fri, 03 Dec 1999 07:56:16 GMT
On 03 Dec 1999 09:54:04 +0200, Markus Peuhkuri
<[EMAIL PROTECTED]> wrote:
> I'm not sure, but aren't the stream ciphers basicly OTPs where
> the "OTP" is generated depending on the key?
A OTP is only a OTP if a random key is used, stream ciphers don't
use random keys. Pseudo-OTP is commonly used to describe them as the
pad is generated pseudo-randomly.
> And if I use same
> pad for different plaintexts, by guessing/knowing one or some
> of plaintexts, all encrypted data can be decrypted without
> knowing key?
Correct. If you have the plaintext you can just XOR it with the
ciphertext to recover the key. One of the security requirements of
the OTP is that pad data is not reused under any circumstances.
Best Wishes,
Johnny Bravo
------------------------------
From: "Microsoft Mail Server" <[EMAIL PROTECTED]>
Subject: Re: Will ScramDisk recover ? >> After another round of tests ... YES, it will
recover
Date: Fri, 3 Dec 1999 08:04:09 -0500
Crossposted-To:
alt.security.pgp,comp.security.pgp.discuss,alt.security.scramdisk,comp.security.pgp.tech
the fact that scramdisk retains the essence of boot,fat, data sector
structure is a prime reason it is so durable.
try making two identical container files of moderate size. load some text
files into the svl's for reference points, then swap the boot sector on
each. try swapping the fat structures. very interesting indeed!
--
best regards,
hapticz
>X(sign here)____________________________________________<
[EMAIL PROTECTED] wrote in message
<[EMAIL PROTECTED]>...
|I'm recommending ScramDisk to all the users who have a need to hide and
totally
|secure private computer data as the best product on the market.
|
|After another round of tests, this time with better hex editor, I did find
that
|ScramDisk is very difficult to corrupt [ when not at the beginning of
container
|file ]. My all attempts to porpousedly damage container by editing byte /
bits
|of data proved to be unsuccessful.
|
|In my past test, I did lean to much of my trust on 2 editors for the
changes
|made. The past use editors made changes to the container file in other
places
|than my intention.
|
|After both test made, I'm convinced that ScramDisk will recover [ will NOT
HAVE
|PROBLEM WITH MOUNT OPERATION ] after random bits / bytes are corrupted in
|container file. The above hold true as long as corruption is not in the
system
|part of container.
|
|I would like to apologies to all affected people by my past statements,
that "1
|byte corruption will render container of say 640 MB useless". The statement
is
|not valid to all location of corruption, not valid in generic term.
|
|When the remaining corruption possibility will be removed in the future
versions
|by say [ back up of container system data ], this product will be the best
and
|the safest of all [ file / disk encryption ] products on the market,
|undisputedly.
|--
|Thanks, Richard
|=============================================================
|
|Date: Sat, 27 Nov 1999 17:00:47 GMT
|On Thu, 25 Nov 1999 10:02:17 -0500, [EMAIL PROTECTED] wrote:
|>Alter 1 byte without increasing container file size.
|>After altering, I could not mount container [ provided pass / correct pass
/ has
|>not been accepted ].
|
|Dunno, I tried it out, changed a single byte (81 to FF) and I could mount
|it. I'm using 2.02c and blowfish.
|
|I had stored a file inside, and only 9 bytes were changed. Hmm 72 bits
|changed for 6 bits.
|
|What program are you using to change the byte?
|
|As long as you don't alter the first bunch of stuff you should be able to
|mount it.
|
|If you alter the part that happens to be the FAT or directory you may have
|to run scandisk as well to fix things. But I'd recommend you make a backup
|of the container first before you do scandisk, just in case scandisk does
|something wrong.
|
|I notice that a range of bytes from 0x2700-0x27FF changes. Not sure why..
|Maybe it's the date.
|
|Cheerio,
|
|Link.
------------------------------
From: [EMAIL PROTECTED] (Lincoln Yeoh)
Crossposted-To:
alt.security.pgp,comp.security.pgp.discuss,alt.security.scramdisk,comp.security.pgp.tech
Subject: Re: Will ScramDisk recover ? >> After another round of tests ... YES, it will
recover
Date: Fri, 03 Dec 1999 13:42:25 GMT
Reply-To: [EMAIL PROTECTED]
On Fri, 3 Dec 1999 08:04:09 -0500, "Microsoft Mail Server"
<[EMAIL PROTECTED]> wrote:
>the fact that scramdisk retains the essence of boot,fat, data sector
>structure is a prime reason it is so durable.
>
>try making two identical container files of moderate size. load some text
>files into the svl's for reference points, then swap the boot sector on
>each. try swapping the fat structures. very interesting indeed!
What happens?
I'm too lazy to swap boot sectors - I don't have a utility which can copy
sectors to another file easily.
Link.
****************************
Reply to: @Spam to
lyeoh at @[EMAIL PROTECTED]
pop.jaring.my @
*******************************
------------------------------
From: [EMAIL PROTECTED] (Johnny Bravo)
Crossposted-To: alt.security.pgp
Subject: Re: Any negative comments about Peekboo >> how to confirm designer claims ?
Date: Fri, 03 Dec 1999 08:59:13 GMT
On Thu, 02 Dec 1999 21:36:41 -0500, [EMAIL PROTECTED] wrote:
> I do not have any way to link source with executable
> none is SIGNED by developer. From the above, examined
> source could be completely different as executable.
Then compile the source and use that as your executable. This is
true for any possible source/executable distribution.
>By testing only executable, how to confirm designer claims ?
Same as for any other executable, you either trust the designer or
compile the source yourself. Or if you have a lot of free time you
can compile the source, disassemble both executables and compare the
assembly instructions for each (accounting for differences between
compiler versions and optimizations), but I'd rather just compile the
executable myself. :)
Best Wishes,
Johnny Bravo
------------------------------
From: [EMAIL PROTECTED] (Johnny Bravo)
Crossposted-To: alt.security.pgp
Subject: Re: Any negative comments about Peekboo >> How to verify that promised
algorithms are included
Date: Fri, 03 Dec 1999 09:03:53 GMT
On Thu, 02 Dec 1999 21:46:15 -0500, [EMAIL PROTECTED] wrote:
>How to verify that promised algorithms are included when no link between source
>& executable can be establish ?
Compile your own executable. This is true for all crypto software,
even PGP.
>The claimed algorithms are stronger than one's from PGP ?? for example
>Blowfish.
Algorithms usually avoid strength claims or comparisons between
ciphers of similar attributes (like CAST and IDEA) unless one of those
algorithms has a known weakness or uses a smaller keyspace (like
Blowfish and DES).
Best Wishes,
Johnny Bravo
------------------------------
From: [EMAIL PROTECTED] (DJohn37050)
Subject: Re: Elliptic Curve Public-Key Cryptography
Date: 03 Dec 1999 14:28:23 GMT
The paper is "ECC for Smart Cards" and was published in May 1998, 1.5 years
ago. It compared RSA's BSAFE 3.0 with Certicom's Security Builder 1.2. Both
of these products have since been enhanced. KG, SG and DH were all very much
faster on SB. SV was 9.9 ms for EC Nyberg-Rueppel with Appendix and 10.7 for
ECDSA while for BSAFE it was 12.7. As I said these timings are from 1.5 years
ago. As they say, your mileage may vary.
But it is true that Certicom worked in finite field arithmetic processors
before ECC was invented and then went into ECC in a big way, so it is certainly
plausible that Certicom has a fast implementation of ECC, they have been
looking at it for a long time.
Don Johnson
------------------------------
From: [EMAIL PROTECTED] (Lincoln Yeoh)
Subject: Re: Peekboo Ideas?
Date: Fri, 03 Dec 1999 14:40:03 GMT
Reply-To: [EMAIL PROTECTED]
On Mon, 29 Nov 1999 12:31:23 -0600, Medical Electronics Lab
<[EMAIL PROTECTED]> wrote:
>Tom St Denis wrote:
>>> I do have one question: How do I implement human-readble message
>> signatures when things like email and usenet will reformat/addspaces?
>> Do I just discount spaces or something? How does PGP do it?
>
>Stripping "white space" is perfectly ok to compute the hash of
>a message. Remove tabs, spaces and new-lines. That gives you
>pure text pretty much. You may want to remove all control characters,
>in case there are form feeds added or whatever.
No, coz spaces do convey meaning.
What can usually be stripped are trailing spaces.
e.g. spaces after this point-->>
^^^^^
Proper email programs don't reformat spaces/tabs.
Cheerio,
Link.
****************************
Reply to: @Spam to
lyeoh at @[EMAIL PROTECTED]
pop.jaring.my @
*******************************
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: NSA should do a cryptoanalysis of AES
Date: Fri, 03 Dec 1999 15:40:54 GMT
In article <[EMAIL PROTECTED]>, "Brian Gladman"
<[EMAIL PROTECTED]> wrote:
...
>
>Becaue it a lesson about technology generally and not about cryptography in
>particular. And it stretches back into pre-history. I don't want to bore
>people with the details but my expereience has been that technolgies that
>start in the closed government world most often migrate into civil
>applications where over time more resources are deployed with the result
>that the positions of the two worlds reverse.
It is apparent that we have different views of government. I have seen
much of the reverse. And I worked 26 years in a government research
lab. At least at my job the goverenment did much better than the civilian
counter parts which where more concerned about pushing there point of
view and sucking money from congress. The private sector tended to buy
politicians than to make real improvements. They have no incentive to do
a good job becasue they make more money if they fuck it up. It seems
like then they can convince congress that the job was hard and they even
get more money. Why do you think the dam tiolet seats are so expensive
when the government buys them. A lot of the so called advances that industry
makes are nothing more than work stolen from the defense labs and then
the companies pretend they actually did work.
Of couuse that was at a time during the cold war that doing a good job
for the government gave one a sense of satisfaction that is no longer true
from what I hear from people where I once worked. Clinton has done a
wonderful job of destroying the defense of the country. I'm sure China and
the NSA elite are very proud of him.
>In my career I have seen the move from defence to civil dominance in a
>number of areas - in computer systems, in integrated circuits, in software
>operating systems, in high level languages, in computer networking, in
>display technologies, and now, in my view, in computer and cryptographic
>security.
But what you failed to see is that much of this apparnt dominace in a
number of areas was really for appearance only. And that the companies PR
is wonderful about convincing the public that they actually do something.
When in fact much more of the stuff comes from government labs than
you realize.
>
>What happens is that government resources tend to be constrained but can be
>spent on things that are not profitable since government does not need to
>make money. Government funded developments hence make the early running in
>new technology areas. But as civil intersts become clearer and profits
>become a driver civil resources get deployed and these are not bounded by
True the profit motive of companies can give them a tremendous edge.
Especailly when it can be used to get the government to stop research in
certain areas and companies do buy politicians all the time. But crypto is
unique in that the government has a very strong vested interest in control.
It does not want the civilian sector to even know much about crypto. That is
why among all types of software it is considered different by the government.
It is not something we share in the open. However the one exception that comes
to mind is the chinise. I guess they got Clinton to give much if it away. But
we the people are apparently undiserving of such knowledge. And even if
we develop such knowledfe on or own. The government does not want has to
spread the knowledge to others. Can you name any other type of software
that I can write on my own from scratch and send to my german friends without
fear of imprisionment. NO you can't because CYRPTO is different.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website NOT FOR WIMPS
http://members.xoom.com/ecil/index.htm
Scott rejected paper for the ACM
http://members.xoom.com/ecil/dspaper.htm
Scott famous Compression Page WIMPS allowed
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
------------------------------
From: [EMAIL PROTECTED] (Keith A Monahan)
Crossposted-To: alt.security.pgp
Subject: Re: Any negative comments about Peekboo free win95/98 message encryptor
Date: 3 Dec 1999 14:57:17 GMT
Tom,
I have never sent my CC information online, and probably never will. However,
if I would, I would certainly want my information to be as secure as possible
IN ROUTE. I'm not concerned about the company I'm purchasing from, because
if I've decided to use my CC with that company, I've already made the
decision that I feel they will be fairly trustworthy.
I'm concerned about someone along the line sniffing the feed to the company
collecting CC's as people place orders. This is really the situation I hope
to avoid.
The fact of the matter is that your card can be comprised ANY PLACE, whether
it be locally, over the wire, at the company, at the credit card verification,
etc. If I would place orders online, I would be trying to LIMIT my
susceptibility to attack, and by ensuring a decent encryption package is
in use, I could do that.
Is this more clear?
Keith
Tom McCune ([EMAIL PROTECTED]) wrote:
: In article <8274av$hn0$[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Keith A
:Monahan) wrote:
: >I trust it's security enough to send a message across irc, but I wouldn't
: >choose to use it to say, encrypt my credit card to another person.
: This thread has gained enough of my interest to download it, and I'm
: generating a key right now - actually it didn't take very long and I have
: already made another one so I can use the program with myself. I am a little
: puzzled with the above level of trust - since I often hand my credit card over
: to all kinds of strangers (for purchases), I personally consider credit card
: info encryption to require very little confidence.
: -Tom
: I use PGP for Privacy and Authenticity:
: http://www.Tom.McCune.net/PGP.htm
------------------------------
From: John <[EMAIL PROTECTED]>
Subject: How can you tell?
Date: Fri, 03 Dec 1999 06:57:13 -0800
Say you had an encrypter and no source. How would you go about
verifying it? I usually do extensive tests on the cryptext. Is
getting chi-square statistics on it good? If so, how many times and at
what intervals would give best results?
http://www.aasp.net/~speechfb
* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
The fastest and easiest way to search and participate in Usenet - Free!
------------------------------
Crossposted-To: sci.math
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: Why Aren't Virtual Dice Adequate?
Reply-To: [EMAIL PROTECTED]
Date: Fri, 3 Dec 1999 15:17:47 GMT
In sci.crypt fungus <[EMAIL PROTECTED]> wrote:
: Bennett Standeven wrote:
:> On Thu, 25 Nov 1999, Tim Tyler wrote:
:> > In sci.crypt John Savard <[EMAIL PROTECTED]> wrote:
:> > : However, in practice, random numbers derived from throwing dice or
:> > : flipping coins are adequate for producing secure one-time-pads.
:> >
:> > Really? How do you judge how secure they are?
:> >
:> > What coins, or dice would you recommend using - and what manufacturing
:> > process produced them?
:>
:> Casino dice should do nicely.
: Any dice/coins should do if you change them around.
: eg. Throw a die then flip a coin the number of times shown
: on the die, outputting that many bits. Toss another coin
: twice to decide whether to swap the coin/die for another
: one in the set.
: You can complicate this as much as you want to, a bit like
: cascading shift register generators. I don't think there
: will be any exploitable bias in the output of a system with
: several coins/dice.
What if the coins are all heads-biased (quite likely with real coins),
and the dice are all 1-biased (quite possible if the spots are
drilled indentations)?
Your "complications" may dilute the biases - but don't remove them.
I would treat any proposed one-time-pad which used dice or coins
as the basis of its random number generator with some caution - if
I wanted to leak as little information as possible.
/Whatever/ you use as the source of randomness, combining it with multiple
hardcore PRNGs seems like a good idea to me. Of course these are not
immune from problems either...
--
__________
|im |yler The Mandala Centre http://www.mandala.co.uk/ [EMAIL PROTECTED]
...no thanks - I'm already having one.
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: What part of 'You need the key to know' don't you people get?
Date: Fri, 03 Dec 1999 16:25:21 GMT
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Johnny Bravo) wrote:
>On Thu, 02 Dec 1999 15:10:00 GMT, [EMAIL PROTECTED]
>(SCOTT19U.ZIP_GUY) wrote:
>
>>Neither does D.Scott! The main problem with his arguments is that
>>he asserts weaknesses in everybody's encryption schemes except his,
>>but doesn't *demonstrate* the weaknesses.
>
>><Begin Exact Quote>
>>Subject: Re: Which encryption brand is best?
>>Date: 1999/11/28
>>Author: SCOTT19U.ZIP_GUY <[EMAIL PROTECTED]>
>>
>>"Yes I think the AES candidates are weak."
>><End Exact Qute>
>
>><Begin Exact Quote>
>>Subject: Re: weak ciphers and their usage
>>Date: 1999/11/17
>>Author: SCOTT19U.ZIP_GUY
>>
>>"Here is something you can do with a crappy AES type of encryption
>>with your secret IV."
>><End Exact Quote>
>
> No proof in this or any subsequent post was offered that the AES
>ciphers are weak or crappy. I'm quoting your words exactly as they
>are written, MR DS.
Yes I have many times stated ways in which they are much weaker
than my encryption system. For example Mr Asshole there is no way
they could run a contest like the scott19u contest becasue they leak
so much information the solution of the contest would be trivial. But
your such a fucking asshole you don't even have the balls to check
it out. Again asshole check it out I have.
>
>>> Again I see the assholes misquote me. I never said that
>>>CBC makes a cipher weaker.
>
> You are a pathetic liar. You should write your delusions down so
>you can keep them straight when you post.
Your the pathetic liar and your to dam lazy to use your brain.
>
>><Begin Exact Quote>
>>Subject: Re: weak ciphers and their usage
>>Date: 1999/11/17
>>Author: SCOTT19U.ZIP_GUY
>>
>>"I have been talking about the general weaknesses in all 3 letter
>>chaining mods."
>><End Exact Quote>
>
>><Begin Exact Quote>
>>Subject: Re: CFB mode with same initialization vector
>>Date: 1999/08/04
>>Author: SCOTT19U.ZIP_GUY
>>
>>"As I stated before all the blessed chaining modes are weak."
>><End Exact Quote>
>
>><Begin Exact Quote>
>>Subject: Re: Challenge to SCOTT19U.ZIP_GUY
>>Date: 1999/08/04
>>Author: SCOTT19U.ZIP_GUY
>>
>>"Yes these are my feelings that the chaining methods in use are purposely
> weak. "
>><End Exact Quote>
>
> You claimed that ALL 3 letter chaining modes are weak. Not only do
>you claim they are weak, you claim were made weak on purpose, and you
>are the only one on the planet who knows the "truth." Yet you offer
>not even a hint of an attack against them, not even in theory. Why do
>you persist in denying you say this almost constantly.
>
I have showed how the NSA 3 letter approved chaining modes
are weak. IN that then they do not spread the information around in
a file. You can try a scott19u type of contest with them if you wish.
But you lack the basic understanding of how to do that. And asshole
I am not the only one who knows the truth about the weakness of the
chaining modes. Yes it is FACT they don't distribute the information
of the plaintext through the file. it is my FEELINGS that this was
done on purpose. Can't you get anything straight or are you just
plain stupid.
>>Since all the 3 letter modes that you dumb people ever use really
>>add very little strength the the cipher.
>
> You are misquoting yourself now, more lies. You claimed that every
>single one of them makes the cipher weaker. And as for intelligence,
>proper spelling and grammar are not accidental constructions.
Again ASSWIPE I never said they make the cipher weaker. Why
you keep saying this shit is foolish. I said the 3 Letter chaining modes
are weak. That is a far cry different thaan saying that the chaining makes
the block cipher weaker. Get a FUCKIN brain you TURD.
>
>>Most are to stupid to understand this fact.
>
> Most seem to see that this offers no help to the attacker, and since
>you can't prove otherwise and just resort to childish name calling why
>should we take you seriously. Act like a crying child, and get
>treated like one. You lie so much, we no longer care if you ever tell
>the truth. From your past history, we would be better off assuming
>everything you say is a lie unless you post it with evidence proving
>otherwise.
>
>> Of those smart enough to understand most don't seem to care.
>
> You have yet to demonstrate a practical attack that exploits this
>weakness. Saying it is weak is no the same as proving it is. Did you
>ever get around to showing your break for PGP 2.6.3 yet?
>
>><Begin Exact Quote>
>>Subject: Re: AES tweaks
>>Date: 1999/05/27
>>Author: SCOTT19U.ZIP_GUY
>>
>>"One area that has greatly interested to me chainning and compression
>>PGP at least in 2.6.3 used inferior compression with what I call leaks
>>to the solution but this may have been a lack of experience."
>><End Exact Quote>
>
> Since the solution is leaking, surely you are ready to publish your
>paper detailing your break of PGP 2.6.3. After all you have had 6
>months since you noticed the that the solution was just leaking out.
>When can we expect to see it, either online or published? Or is the
>lack of experience you mentioned your own?
Showing that it leaks information and exploiting it for a break are
two different things. Sorry your pee brain can't seem to grasp the
obvious. To show the information is there to break is one thing.
To use that information is something else. What I have shown is that
most compression methods leak information that could be used. But
you to fuckin stupid to see that.
>
>> In the three letter modes when some one does even a partical plain
>>text attack you can get the input output pairs to the underlying
>>blokc cipher. These may or may not be of use to the person breaking
>>the cipher.
>
> May or may not? Prove they are of use to a person breaking the
>cipher. May or may not, is not evidence of weakness.
You are a retard aren't you. The fact is the input output pairs
are there. Many attack are based on that fact. Just becase you pee
brain can't see advantages of hiding this kind of information does not
mean others are as stupid as you show your self to be.
>
>> I guess I just like to call a spade a spade big fucking deal.
>>you can call it a shovel.
>
> You like to call a spade a ball, and get all bent out of shape when
>people ask you what the hell are you talking about.
>
> Johnny Bravo
>
Mr Bravo why don't you use your real fucking name or are you ashamed of
it. You can also misquote by cutting out the begining or end of a message but
you quoting abilty is some what improving. Know if only you can increase your
I.Q. level to the moron level maybe we can get some where. My the way my low
I.Q. friend I was a member of mensa till I got smart enough to save on the
dues by quitting whats your excuse?
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website NOT FOR WIMPS
http://members.xoom.com/ecil/index.htm
Scott rejected paper for the ACM
http://members.xoom.com/ecil/dspaper.htm
Scott famous Compression Page WIMPS allowed
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
------------------------------
From: David A Molnar <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp
Subject: Re: Any negative comments about Peekboo free win95/98 message encryptor
Date: 3 Dec 1999 15:17:19 GMT
In sci.crypt Keith A Monahan <[EMAIL PROTECTED]> wrote:
> if I've decided to use my CC with that company, I've already made the
> decision that I feel they will be fairly trustworthy.
Note that trusting them not to do something evil with yout CC# is not the
same thing as trusting them to keep your CC# of the the hands of
evildoers. Many/most merchants can be trusted with the former. The latter
is trickier. Remember the case when ppl got into Netcom's accounting and
had access to all subscriber CC# ?
------------------------------
Crossposted-To: sci.math
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: Why Aren't Virtual Dice Adequate?
Reply-To: [EMAIL PROTECTED]
Date: Fri, 3 Dec 1999 15:34:43 GMT
In sci.crypt Mickey McInnis <[EMAIL PROTECTED]> wrote:
: There is another well-known cryptographic "weakness" in OTP and many
: other cryptosystems. Unless you pad the messages, the enemy knows the
: length of the message.
Yes - and *even* if you pad your messages, the enemy still knows the
*maximum* possible length of your message. To hide this information as
best you can it may be best to compress your messages, and *then* pad
them if you need to.
: I wonder if there's something analagous to an OTP that will provide
: the same degree of "absolute" protection from "spoofing" as OTP
: does from "breaking".
Signing your messages usually provides some protection. I have difficulty
in imagining a one-way function (of the type used when creating message
digests) which offers the same type of security as an OTP - but perhaps
one is possible.
--
__________
|im |yler The Mandala Centre http://www.mandala.co.uk/ [EMAIL PROTECTED]
Despite the cost of living, it remains popular.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
