Cryptography-Digest Digest #812, Volume #10 Thu, 30 Dec 99 13:13:01 EST
Contents:
Re: news about KRYPTOS ("collomb")
Re: Secure Delete Not Smart ("William W. Joslin")
Re: Data Encryption in Applet? ("David Clay")
Re: news about KRYPTOS ("collomb")
Re: Attacks on a PKI (Timothy M. Metzinger)
Announcement: Optimized Java AES Implementations ("Andreas Sterbenz")
Re: Secure Delete Not Smart (Mark D)
Re: AES wise? (Paul Crowley)
Re: File format for CipheSaber-2? (Paul Crowley)
Re: cryptography website(dutch)!!!!! (John Savard)
Re: If you're in Australia, the government has the ability to modify your files. >>
4.Dec.1999 (CoyoteRed)
Re: SSL And Certificate Verifications (Eric Murray)
Re: news about KRYPTOS (Jim Gillogly)
Re: Password question. (Keith A Monahan)
----------------------------------------------------------------------------
From: "collomb" <[EMAIL PROTECTED]>
Subject: Re: news about KRYPTOS
Date: 30 Dec 1999 10:21:08 GMT
TO Giff and Ferdinando
There are two ways for approaching the decoding of KRYPTOS.
1 > whether by using the Vigenere system and all senior cryptographers are
making a rush upon this dead end,
2 > or by using a non-conventional system, more artistic.
My method of decoding and the obtained results are published on the
Website :
http://calvaweb.calvacom.fr/collomb /
At first glance, the Vigenere system is only one square, a simple square
filled of characters.
The first series of characters of KRYPTOS comprises miraculously 100
characters, a broad hint showing that it is necessary to build first a
square of 10 X 10 characters and then, other squares.
All KRYPTOS rests on this principle, which entirely rules the
continuation of the operations to be carried out. That method having been
adopted, the solution is revealed gradually, logically and implacably
until the damned 97 last characters, and all that, without computer, with
only paper and pencil.
As soon as I was informed on KRYPTOS in June by a report of ABCnews, I
immediately thought that the cryptographers who claimed to have deciphered
it, except the 97 damned last characters were wrong. Their < incomplete >
result had not the stateliness and the power matching with the place where
the sculpture is located : the decisional center of CIA.
It should not be forgotten that Jim Sanborn is an artist and an artist
cannot have the same vision as a senior cryptographer.
Another significant hint : in the final solution of the 97 last
characters, Jim signs his work by his monogram < JS > and so communicates
strongly with the major discovery of KRYPTOS.
It should be noted that it was said and repeated, that KRYPTOS was a
puzzle. My method uses the principle of the puzzle to discover the sense
of the 97 last characters.
Best regards
[EMAIL PROTECTED]
Ferdinando Stehle <[EMAIL PROTECTED]> a écrit dans l'article
<Wxla4.10084$[EMAIL PROTECTED]>...
> Hi all,
>
> after 3 monthes of work on my PENTIUM 90MHz,
> i may claim that J.Sanborn & E.Scheidt didn't use any of
> the two follwing method to encode KRYPTOS 97 unsolved chars:
>
> - a Vigenere substitution (with keyword up to 12 chars long) followed by
a
> transposition
>
> - a transposition followed by a Vigenere substitution (with keyword up to
12
> chars long)
>
>
------------------------------
From: "William W. Joslin" <[EMAIL PROTECTED]>
Crossposted-To: alt.privacy
Subject: Re: Secure Delete Not Smart
Date: Thu, 30 Dec 1999 04:26:12 -0600
> And fruitless. Recovering a smashed CD would be no trouble given the
right optical equipment.
Not if it was put through a food processor... :)
------------------------------
From: "David Clay" <[EMAIL PROTECTED]>
Crossposted-To:
comp.lang.java.security,microsoft.public.java.security,comp.lang.java.programmer
Subject: Re: Data Encryption in Applet?
Date: Thu, 30 Dec 1999 05:43:54 -0600
Check out JEncryptX - www.innerdynamics.com
DC
"David Hopwood" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> -----BEGIN PGP SIGNED MESSAGE-----
>
> "Law Wun Suen, Brian" wrote:
> >
> > Tim Wood wrote:
> >
> > > wrote in message <[EMAIL PROTECTED]>...
> > > >Hi
> > > >
> > > >I am looking for a way to encrypt data through an applet using
symmetric
> > > >(or asymmetric) encryption. I thought of sending an applet
containing a
> > > >symmetric key to a client.
> > >
> > > How? If the symmetric key is not encrypted when you send it, it could
be
> > > intercepted and used to read the, client side encrypted, data.
> >
> > I think if the application have to consider about the performance,
better
> > to use both (symmetric and asymmetric) encryption together. It really
look
> > like how the SSL work. You generate a random key (secret key) for the
> > symmetric encryption and encrypt this securet key with your own private
> > key. The client program receive the key and decrypt it by the public
key.
> > Then use that secret key for that sesssion communication.
>
> This is no more secure than sending the applet containing a symmetric key.
> If the applet can decrypt the key, so can an eavesdropper who decompiles
> the applet.
>
> Using SSL (both to load the applet and to send data back to the site)
would
> solve this problem, *provided* you trust that the browser root CAs will
only
> sign certificates from legitimate site owners, that include the correct
> domain name.
>
> (The user can, at least in principle, tell that a man-in-the-middle attack
> has not occurred by looking at the site certificate. Unfortunately most
> users don't look at this certificate, so the actual level of security
> against active attacks is somewhat dubious. It should be secure against
> passive attacks, though.)
>
> - --
> David Hopwood <[EMAIL PROTECTED]>
> PGP public key: http://www.users.zetnet.co.uk/hopwood/public.asc
> RSA 2048-bit; fingerprint 71 8E A6 23 0E D3 4C E5 0F 69 8C D4 FA 66 15 01
>
> "Attempts to control the use of encryption technology are wrong in
principle,
> unworkable in practice, and damaging to the long-term economic value of
the
> information networks." -- UK Labour Party pre-election policy document
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.3i
> Charset: noconv
>
> iQEVAwUBOGrPDjkCAxeYt5gVAQEvTQgAuJSXL3cFbU/Uvwmgrnca2r2+7b7WIQMW
> Ncs6r/yMm2A8r2kLoPFwmUINgyLbin/i4mM+qJf7OhHr3mKhGU+mXlUDEune34Zy
> ws9OKNa4rymQfOZh3qhVh+mf6qeCnl1U9d/Nd9Hn/nvHB8O0oj/WdhwlbHkTslAj
> ry5J0/ANo9+SC05YaPCsKL5InHeMveUft2Tv0y6RWCTrwnGVX4zMoP68Iyw+vhT1
> 8mkgtNllFH8JUrVItROyKX0eB5T+9vOqB1tWmrZeBsap/b0MBAW54VRee3tztDuK
> C/byEcIDCWgHz32Nn56rQMpRSC7Id6TwJN78XMBiGjSZOrfmMoh/+A==
> =DmHD
> -----END PGP SIGNATURE-----
------------------------------
From: "collomb" <[EMAIL PROTECTED]>
Subject: Re: news about KRYPTOS
Date: 30 Dec 1999 12:26:23 GMT
TO Giff and Ferdinando
There are two ways for approaching the decoding of KRYPTOS.
1 > whether by using the Vigenere system and all senior cryptographers are
making a rush upon this dead end,
2 > or by using a non-conventional system, more artistic.
My method of decoding and the obtained results are published on the
Website :
http://calvaweb.calvacom.fr/collomb /
At first glance, the Vigenere system is only one square, a simple square
filled of characters.
The first series of characters of KRYPTOS comprises miraculously 100
characters, a broad hint showing that it is necessary to build first a
square of 10 X 10 characters and then, other squares.
All KRYPTOS rests on this principle, which entirely rules the
continuation of the operations to be carried out. That method having been
adopted, the solution is revealed gradually, logically and implacably
until the damned 97 last characters, and all that, without computer, with
only paper and pencil.
As soon as I was informed on KRYPTOS in June by a report of ABCnews, I
immediately thought that the cryptographers who claimed to have deciphered
it, except the 97 damned last characters, were wrong. Their < incomplete >
result had not the stateliness and the power matching with the place where
the sculpture is located : the decisional center of CIA.
It should not be forgotten that Jim Sanborn is an artist and an artist
cannot have the same vision as a senior cryptographer.
Another significant hint : in the final solution of the 97 last
characters, Jim signs his work by his monogram < JS > and so communicates
strongly with the major discovery of KRYPTOS.
It should be noted that it was said and repeated, that KRYPTOS was a
puzzle. My method uses the principle of the puzzle to discover the sense
of the 97 last characters.
Best regards
[EMAIL PROTECTED]
Ferdinando Stehle <[EMAIL PROTECTED]> a écrit dans l'article
<Wxla4.10084$[EMAIL PROTECTED]>...
> Hi all,
>
> after 3 monthes of work on my PENTIUM 90MHz,
> i may claim that J.Sanborn & E.Scheidt didn't use any of
> the two follwing method to encode KRYPTOS 97 unsolved chars:
>
> - a Vigenere substitution (with keyword up to 12 chars long) followed by
a
> transposition
>
------------------------------
From: [EMAIL PROTECTED] (Timothy M. Metzinger)
Subject: Re: Attacks on a PKI
Date: 30 Dec 1999 14:09:59 GMT
In article <Etxa4.5457$[EMAIL PROTECTED]>, "Lyal Collins"
<[EMAIL PROTECTED]> writes:
>Why should the rules for 30 people doing $1m transactions be different from
>those for 1 million people doing $30 transactions?
You don't really mean this, do you?
Think of the difference between making a credit card purchase for less than
1000 and then think of what happens when you buy a home.
Our society already has different processes for transactions of different
value, and people are used to it, so I don't think they'll reject PKI because
it's more cumbersome to have a high-value private key.
Remember, compromise of an individual key doesn't compromise the whole system,
unless it's the CA Key, and sometimes not even then.
Tim Metzinger
Timothy Metzinger
Private Pilot - ASEL - IA!!!! AOPA Project Pilot Mentor
DOD # 1854 '82 Virago 750 - "Siobhan"
Cessnas, Tampicos, Tobagos, and Trinidads at FDK
------------------------------
From: "Andreas Sterbenz" <[EMAIL PROTECTED]>
Subject: Announcement: Optimized Java AES Implementations
Date: Thu, 30 Dec 1999 15:20:18 +0100
Hi,
I have developed optimized Java implementations of the five remaining AES
candidate algorithms MARS, RC6, Rijndael, Serpent, and Twofish. The core
source code is now available under a _free license_ from
http://jcewww.iaik.at/aes/ . This page also contains some performance
analysis results which will be presented in detail at the RSA 2000
conference in January.
For everything else please see the Web page and mail your comments and
suggestions to [EMAIL PROTECTED] .
Regards.
--
Andreas Sterbenz mailto:[EMAIL PROTECTED]
------------------------------
From: Mark D <[EMAIL PROTECTED]>
Crossposted-To: alt.privacy
Subject: Re: Secure Delete Not Smart
Date: Thu, 30 Dec 1999 10:08:24 -0500
William W. Joslin wrote:
>
> > And fruitless. Recovering a smashed CD would be no trouble given the
> right optical equipment.
>
> Not if it was put through a food processor... :)
OK, so put the CD in an oven for 30 minutes... I'd like to see that
recovered!
------------------------------
From: Paul Crowley <[EMAIL PROTECTED]>
Subject: Re: AES wise?
Date: 30 Dec 1999 08:23:28 -0000
[EMAIL PROTECTED] (Anonymous) writes:
> 2) It would seem that creating only one algorithm for ALL purposes for
> ALL implementations is a little silly. Others posting to this group have
> asked "why not choose more than one winner." That is not what I am saying. I
> say that the AES goal is flawed: Why did NIST not just call for two
> algorithms? (One for high security, and one for implementations where
> resources are low.) Even just two versions of the same algorithm?
I might have been tempted to agree, had not some of the current
front-runners risen to the challenge so beautifully. When we can have
both in one algorithm, why put up with a standard that doesn't
standardise?
--
__
\/ o\ [EMAIL PROTECTED] Got a Linux strategy? \ /
/\__/ Paul Crowley http://www.hedonism.demon.co.uk/paul/ /~\
------------------------------
From: Paul Crowley <[EMAIL PROTECTED]>
Subject: Re: File format for CipheSaber-2?
Date: 30 Dec 1999 08:50:37 -0000
[EMAIL PROTECTED] (Guy Macon) writes:
> Is there a standard place to keep the "number of repeats" data? I would
> assume that it is desirable that when you run once the output should be
> bytet for byte compatable with CipherSaber-1. Is the number of repeats
> inserted in the keyphrase? in the initialization vector? What format
> would allow other folks who use CipherSaber-2 to decode my message?
Here's what I proposed for CipherSaber-3:
(1) Fix the number of repeats to a power of 2 >= 256
(2) Fix the first ten bytes of the message to "\0"
(3) Store the number of repeats nowhere!
Then, if you get the passphrase right, you'll know because you'll find
those ten zeroes at an appropriate point in the keystream. If you get
it wrong, you'll eventually figure it out because you don't find them
after an implausibly long wait. This makes a key guessing attack as
expensive as possible, and is the only secure way I see to keep the
number of repeats hidden from someone who doesn't know the passphrase.
--
__
\/ o\ [EMAIL PROTECTED] Got a Linux strategy? \ /
/\__/ Paul Crowley http://www.hedonism.demon.co.uk/paul/ /~\
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: cryptography website(dutch)!!!!!
Date: Thu, 30 Dec 1999 15:15:19 GMT
On Thu, 30 Dec 1999 10:27:21 +0100, "Red Shadow"
<[EMAIL PROTECTED]> wrote:
>check this:
>http://home.freegates.be/cryptografie
It insists you have the Macromedia Flash plug-in installed, it insists
on JavaScript being enabled...
John Savard (teneerf <-)
http://www.ecn.ab.ca/~jsavard/index.html
------------------------------
From: CoyoteRed <[EMAIL PROTECTED]>
Subject: Re: If you're in Australia, the government has the ability to modify your
files. >> 4.Dec.1999
Reply-To: This news group unless otherwise instructed.
Date: Thu, 30 Dec 1999 16:27:42 GMT
Greg said...
> Why does anyone think that a warrant is needed in America
> any more? FBI agents walked into a home in central CA
> looking for evidence, no warrant, no request to enter,
> just brushed the owner aside- looking for evidence of two
> militia men's attempt to blow up two huge gas tanks.
> So the man who was brushed aside (yes, they just walked
> in right in front of him) decided he should leave that
> militia after the FBI visit.
This doesn't sound right. Unless there is a warrant, eminent danger,
owner approval, police can't just come in. /If/ they did, they know
that any evidence would be thrown out of court as illegally obtained.
If this did happen, the home owner should sue.
--
CoyoteRed
CoyoteRed <at> bigfoot <dot> com
http://go.to/CoyoteRed
PGP key ID: 0xA60C12D1 at ldap://certserver.pgp.com
------------------------------
Subject: Re: SSL And Certificate Verifications
From: [EMAIL PROTECTED] (Eric Murray)
Date: 30 Dec 1999 09:01:12 -0800
In article <84ekkd$9n9$[EMAIL PROTECTED]>,
Paul Rubin <[EMAIL PROTECTED]> wrote:
>In article <84ei7m$q4m$[EMAIL PROTECTED]>, Greg <[EMAIL PROTECTED]> wrote:
>>So let's say that I create my own CA, and I issue myself a cert
>>that is to be given to an IE during a man in the middle attack.
>>First, I get the cert into the IE's database, then when I pass
>>it off in place of the server, it is accepted as authentic.
>>
>>Is it really that simple to hack?
>
>No.
SSL/TLS isn't succeptable to a classic MITM attack where the attacker
inserts/replaces information in the protocol between Steve the server
and Claude the client. However if the attacker can modify or insert a
CA cert/public key into Claude's database of trusted CA keys, then the
attacker can get the victim to accept a 'rogue' server who's cert is
signed by the bogus CA instead of a CA which the client trusts.
So while that's not the classic MITM attack, one could argue that
the effect's the same.
Most browers will let the user accept a new CA into the trusted
CA database after displaying the Subject and Issuer names and
other stuff from the cert and taking the user through some number
of "do you really want to do this?" dialog boxes. Anyone with
a copy of SSLeay/openSSL can become their own CA this way.
At the end of the day, the trust resides with the user making
decisions based on a warm fuzzy feeling he gets from reading
some words that his browser says were contained in a valid CA cert
(or from trusting Netscape or Microsoft to have done the same).
--
Eric Murray www.lne.com/~ericm ericm at the site lne.com PGP keyid:E03F65E5
------------------------------
From: Jim Gillogly <[EMAIL PROTECTED]>
Subject: Re: news about KRYPTOS
Date: Thu, 30 Dec 1999 17:54:15 +0000
Ferdinando Stehle wrote:
> after 3 monthes of work on my PENTIUM 90MHz,
> i may claim that J.Sanborn & E.Scheidt didn't use any of
> the two follwing method to encode KRYPTOS 97 unsolved chars:
>
> - a Vigenere substitution (with keyword up to 12 chars long) followed by a
> transposition
>
> - a transposition followed by a Vigenere substitution (with keyword up to 12
> chars long)
I agree with your conclusions (assuming you mean columnar transposition),
but suggest that the latter with period 14 would also have been a
possibility because of the doubled letters offset at multiples of 7.
However, my runs all but rule out this possibility also. This would
have been a satisfying solution, combining the two previous types for
a stronger third type.
> With "transposition" i mean the same used in the second part of KRYPTOS:
> "Slowly desparatly slowly the remains...."
Oh. Hmm. A more arbitrary transposition is still possible, I think, if
one assumes the doubled letters at period 7 offsets are a random artifact.
Although I tried columnar transposition, I didn't rule out double columnar.
The third section used a very patterned key for the transposition, but I'm
not clear how one rules out the more general kinds.
> Now i'm turning my efforts to try with a rotor machine (Enigma like)...
Interesting. An Enigma that short would be quite a trick. I haven't
tried it. An M-209 or similar would also be challenging at that length.
> ...but some questions make me uneasy:
>
> - why wasting the entire right side of the sculpture devoted to the Vigenere
> table
> used only in one third of KRYPTOS ?
Perhaps because it's decorative and a recognizable part of crypto
history. Note that it wasn't used in precisely that format in the
puzzle: to be like parts 1 and 2 the top (plaintext) alphabet would
also need to be keyed. In ACA terms, the tableau shows a Quagmire
II style cipher, and the actual ciphers are Quagmire III.
It's also possible that this kind of square is also used in an
autokey cipher of some kind for Part 4.
> - why making orthographic errors (despAratly & anythingQ) in the
> transpositional part ?
> (maybe the errors are meaningful...)
I'm not convinced anythingQ is a typo: the Q is in the right place to be
a question mark. Of course, it could have been left out if "desperately"
had been spelled correctly -- one extra letter. Note also the two typos
in the substitution part. On even days I think they're simply errors, and
on odd days I note that the Q in iqlusion and the U in undergruund come
from a ciphertext K and R respectively. Whenever I see a Q and U together
I'm suspicious, and in KRYPTOS a K and R together are also suspicious.
> - how are the transposition parameters related to the right side of the
> sculpture ?
I know of no such relationship.
> where can be found hints about the transpositional part ?
I've seen no such hints, although of course the fact that it's a
transposition is obvious from its statistics.
> (for the first part, substitution, you may foun an enormous hint on the
> right side
> of the sculpture; but it seems that there are no hints about the
> transopsitional and the
> last 97 unsolved chars..)
Agreed. It's a puzzlement!
Say, your observations just made me think of another way the two
kinds of ciphers could have been combined to make a third. I'll
let you know if it works out. :)
--
Jim Gillogly
8 Afteryule S.R. 2000, 17:31
12.19.6.14.18, 7 Edznab 6 Kankin, First Lord of Night
------------------------------
From: [EMAIL PROTECTED] (Keith A Monahan)
Subject: Re: Password question.
Date: 30 Dec 1999 18:07:17 GMT
No bells with me - but is this an API in the form of a C/C++ library?
I'm assuming the designers didnt provide the code or any documentation
accompanying the library?
Can you be more specific?
Keith
Elgo. ([EMAIL PROTECTED]) wrote:
: Hi,
: I'm curious as to which password algorithm might be in use. I'm new to this,
: and I don't have a huge amount of info.
: I have a small program that calls an API to encipher the password value. The
: password value can be up to 32 characters.
: I've noticed that if you encipher a clear text of zero to eight characters,
: you get back exactly eight characters of cipher text. If you encipher
: between nine and 32 characters (inclusive) you get back exactly 32
: characters of cipher text.
: I believe the algorithm dates back to the early eighties (ruling out,say,
: RC4).
: I've read about "salt", the system I'm dealing with doesn't seem to use
: this. I say that because I've enciphered the same clear text value on more
: than one machine (running the same crypto system) and I always get the same
: cipher text.
: Does this ring any bells?
: Elgo.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
