Cryptography-Digest Digest #682, Volume #11 Mon, 1 May 00 23:13:01 EDT
Contents:
Re: Silly way of generating randm numbers? (Dave Ashley)
Re: mod function? (Anton Stiglic)
Re: A naive question (Bryan Olson)
Re: Command Line Cypher? (Danilo)
Re: Command Line Cypher? (Richard Heathfield)
Re: Magnetic Remenance on hard drives. (Guy Macon)
Re: sci.crypt think will be AES? (Bryan Olson)
Re: S/MIME + Netscape v47 serious problem in symmetric encryption ... (jungle)
Re: How would a 15 year old start? (William Rowden)
Any good attorneys? (Tom St Denis)
Re: Deciphering Playfair (UBCHI2)
large key version of PGP (EP847)
Re: Diff analysis (David A. Wagner)
Problems with CryptoBag (Tom St Denis)
Re: large key version of PGP (Tom McCune)
Re: S/MIME + Netscape v47 serious problem in symmetric encryption ... (Travis Farral)
Re: How would a 15 year old start? ("Vic Drastik")
Re: Diff analysis (Tom St Denis)
Re: Tempest Attacks with EMF Radiation (Diet NSA)
Re: Any good attorneys? (Paul Rubin)
Re: Problems with CryptoBag ([EMAIL PROTECTED])
Re: factor large composite (Diet NSA)
Re: Problems with CryptoBag (Paul Rubin)
----------------------------------------------------------------------------
From: Dave Ashley <[EMAIL PROTECTED]>
Crossposted-To: sci.math
Subject: Re: Silly way of generating randm numbers?
Date: Mon, 01 May 2000 23:04:55 GMT
> Is this completely preposterous?
>
>
Let's generalize your idea slightly and just say that we are going to
take some arbitrary irrational number (our choices there are algebraic
or transcendental, let's assume transcendental), figure out a bunch of
digits, and use those digits as random numbers.
Let's say that we are going to use some little-known transcendental,
like e^pi or pi^e (only one of those is proved transcendental, the other
may or may not be, I forget which is which).
Let's ignore the issue of deliberate errors.
Is this a suitable OTP? Are these digits random?
That question is out of my league.
There are really two questions here:
a)Do the numbers meet statistical and other tests of randomness?
b)Is there a way for someone to reproduce the series?
I believe this will pass (a) but not (b). If you introduce "random"
mistakes in generating the sequence, it may pass (b).
Interesting question, but out of my league.
I recommend coin-tossing.
Dave.
--
=================================================
Dave Ashley, [EMAIL PROTECTED]
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Anton Stiglic <[EMAIL PROTECTED]>
Subject: Re: mod function?
Date: Mon, 01 May 2000 19:31:09 -0400
Mok-Kong Shen wrote:
> Just as a point of interest and curiosity, could you name a book of
> mathematical logic or algebra where such extensive use of the 3 argument
> mod is to be found? The few books about logic and algebra that I happen
> to have in my personal library don't have such uses at all. Thanks in
> advance.
I can name you does books tomorrow (I'll send you a personal e-mail).
As for general interest, you might want to check out Eric's Math
encyclopedia which is online. Take a look at the definition of
congruence
http://mathworld.wolfram.com/Congruence.html
it implicitly uses the boolean definition of the mod function.
Anton
------------------------------
From: Bryan Olson <[EMAIL PROTECTED]>
Subject: Re: A naive question
Date: Mon, 01 May 2000 23:21:34 GMT
Mok-Kong Shen
>
> Bryan Olson wrote:
>
> > That's largely what Shannon's "Communication Theory
> > of Secrecy Systems" is about. It distinguishes
> > information theoretic security versus practical
> > computational security, and under theoretical security
> > it shows graphs of monotonically decreasing equivocation.
> >
>
> Would you like to comment on my post of 28 Apr 2000 17:47:07 +0200
> concerning a point that appears odd and is puzzling for me? Thanks.
My comment is that Shannon resolved the puzzling issue
half a century ago with the distinction between theoretic
and computational security.
--Bryan
--
email: bolson at certicom dot com
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Danilo <[EMAIL PROTECTED]>
Subject: Re: Command Line Cypher?
Date: Mon, 01 May 2000 23:22:38 GMT
In article <8ei906$868$[EMAIL PROTECTED]>,
"Jimmy" <[EMAIL PROTECTED]> wrote:
> Anyone know of a decent command line stream cypher for *nix and NT?
>
> JImmy
>
>
For noncomercial use under DOS box in Windows, Windows 9x and Windows
NT you can use our sinchronous stream cipher that can be ftp-ed from:
ftp://ftp.pmf.ukim.edu.mk/pub/crypt/shredder.exe
Danilo
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
Date: Tue, 02 May 2000 00:41:34 +0100
From: Richard Heathfield <[EMAIL PROTECTED]>
Subject: Re: Command Line Cypher?
Danilo wrote:
>
> In article <8ei906$868$[EMAIL PROTECTED]>,
> "Jimmy" <[EMAIL PROTECTED]> wrote:
> > Anyone know of a decent command line stream cypher for *nix and NT?
> >
> > JImmy
> >
> >
>
> For noncomercial use under DOS box in Windows, Windows 9x and Windows
> NT you can use our sinchronous stream cipher that can be ftp-ed from:
>
> ftp://ftp.pmf.ukim.edu.mk/pub/crypt/shredder.exe
>
Okay, the SNA-Coil thing was a joke, but this time I'm perfectly
serious. Beware of downloading any binary from the Net. If this software
is any good, the author will be delighted to explain his encryption
algorithm to you, and should really be showing you source code too, so
that you can inspect it yourself and ensure it's not doing anything
nasty to your system as well as / instead of encrypting your data, and
so that the experts in this newsgroup (of which I am not one) can check
out whether it's likely to offer the level of security you require.
Caveat Downloador, to coin a phrase.
--
Richard Heathfield
"Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
34 K&R Answers: http://users.powernet.co.uk/eton/kandr2/index.html (63
to go)
------------------------------
From: [EMAIL PROTECTED] (Guy Macon)
Subject: Re: Magnetic Remenance on hard drives.
Date: 01 May 2000 20:04:58 EDT
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Thor Arne Johansen)
wrote:
>
>When I say overwritten data, I mean overwritten data. It is perfectly
>clear that data that is _not_ overwritten due to track mis-registration
>(TMR) can be recovered. A one time overwrite can certainly leave small
>randomly placed fractions of the old track intact after overwriting.
>However which sections of a track that will be available (not
>overwritten) will be random since TMR is caused mainly from
>non-repeatable spinde runout (NRR) and turbulence. Overwriting a track
>several times will decrease the probability that a given portion of a
>track was not overwritten.
You are assuming that the width of the recorded track didn't get smaller.
Track with often changes slightly depending on component drift, power
voltage, media temerature, electronics temperature, and spindle speed
(which varies how close the head gets). There is also often a track
position offset that depends on whether the head seeked to the track
from the inner sectors or from the outer sectors.
------------------------------
From: Bryan Olson <[EMAIL PROTECTED]>
Subject: Re: sci.crypt think will be AES?
Date: Mon, 01 May 2000 23:57:14 GMT
Paul Koning wrote:
> Bryan Olson wrote:
> > Well sure. If you change the premises my conclusions
> > will not follow. The situation quoted clearly indicates
> > a deliberate decision, motivated by the desire to
> > incur actionable damages.
>
> Right. But you clipped the second half of my comment,
> where I talked about pending patents. It is perfectly
> reasonable for an inventor to remain *deliberately* silent
> about pending patents.
>
> So I did not change the premises and yet did give an
> example where your conclusion does not follow.
The premises were from Richard Parker's post. He wrote,
of hypothetical parties "_who_ _hold_ a patent that
they feel is infringed upon by one of the AES candidates"
(emphasis added). That language was quoted in my posts,
so I snipped your pending case because it did not fulfill
this explicitly stated premise.
I had also written:
There is still an unavoidable chance that someone will
discover they have a patent claim against the AES after
it's approved, possibly because they are unaware of the
issue.
You snipped that and wrote about that very possibility as
if it disagreed with what I stated. Your post went on
"apart from that" when introducing the issue of pending
patents, which do not fulfill the premises anyway.
--Bryan
--
email: bolson at certicom dot com
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: jungle <[EMAIL PROTECTED]>
Crossposted-To: comp.security.pgp.discuss
Subject: Re: S/MIME + Netscape v47 serious problem in symmetric encryption ...
Date: Mon, 01 May 2000 20:32:46 -0400
James Felling wrote:
> Maybe a glitch in Microsofts Crypto API -- Do both of them use that?
> Travis Farral wrote:
> > It just seems odd that the issue seems to exist in both the Outlook & Netscape mail
> > clients. Two other people I know of experience the same issue with Outlook. So
>far I
> > don't know anyone who has actually been able to produce a verified 128 bit
>encrypted mail
> > using digital certificates. I simply stuck with PGP and quit using the Verisign
>method
> > as I was unsure what was happening behind the scenes.
> >
> > Anyway, it would be interesting to find out why it keeps reporting
how to find that it is reporting ONLY and not practically using only 40 bits
encryption ?
my bet is, it is using 40 bits instead 128 bits ...
> only 40-bit encryption.
> >
> > -Travis
> >
> > jungle wrote:
> >
> > > user error [ my error ] ? NO ...
> > > windows error ? the certificate is handled by Netscape & not by win95 ... in my
> > > understanding ...
> > >
> > > Travis Farral wrote:
> > > >
> > > > I have seen both of these examples as well using Outlook Express 5.00 w/128 bit
> > > > security and a Verisign digital certificate on Windows 2000 Professional.
>Outlook
> > > > 2000 appears to perform the same on the same machine with the same
>certificate. Is
> > > > this a problem with Windows and not necessarily with the mail clients? Or is
>it
> > > > simply user error and something isn't set right? I beat my head over this
>several
> > > > weeks ago and finally gave into the fact that whatever encryption method you
>set it
> > > > for isn't necessarily what you will get.
------------------------------
From: [EMAIL PROTECTED] (William Rowden)
Subject: Re: How would a 15 year old start?
Date: 2 May 2000 00:40:44 GMT
In article <[EMAIL PROTECTED]>,
Andy Dingley <[EMAIL PROTECTED]> wrote:
[snip previous quote]
>>> The guy's only 15 ! Read Cryptonomicon by Neal Stephenson first.
[snip]
>Cryptonomicon is an excellent book.
Any book in which a hacker (in the older sense of the word) is a hero
gets my approval. :-) There aren't many, that I know of.
BTW, the address <[EMAIL PROTECTED]> bounces.
--
-William
PGP key: http://www.eskimo.com/~rowdenw/pgp/rowdenw.asc until 2000-08-01
Fingerprint: FB4B E2CD 25AF 95E5 ADBB DA28 379D 47DB 599E 0B1A
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Any good attorneys?
Date: Tue, 02 May 2000 00:50:13 GMT
I just got a notice from RSA stating...
>Please contact RSA Security Inc. immediately regarding your use of the RC5
>encryption method (US Patent# 5,724,428) within your PeekBoo PB2, and PB3
>toolkit.
>This toolkit and its distribution without a license from RSA Security Inc.,
>violates US Patent and copyright law.
>Please call me at 650-295-7625
>
>Thank you,
>
>shaun
>From "Shaun Coleman"...
Anyone want to help me out?
Tom
--
Want your academic website listed on a free websearch engine? Then
please check out http://tomstdenis.n3.net/search.html, it's entirely
free
and there are no advertisements.
------------------------------
From: [EMAIL PROTECTED] (UBCHI2)
Subject: Re: Deciphering Playfair
Date: 02 May 2000 00:57:53 GMT
Study a frequency table of the most frequently occuring bigrams in the language
you are working on. Then do a frequency analysis of the most repeated bigrams
in the encrypted message. Also try the assumption the the last 3 letters in
the playfair grid are x, y and z. Does that help?
------------------------------
From: [EMAIL PROTECTED] (EP847)
Subject: large key version of PGP
Date: 02 May 2000 01:06:21 GMT
i have heard about a version of PGP using a DH/DSS key larger than 16000 bits
it is made byCyberKnights [http://netnet.net/~merlin/knights/].
Is it more secure than PGP 6.53?
Does the key size really matter in this case when both are large?
Is it compatible with PGP 6.53 if a key smaller than 4096 is used?
------------------------------
From: [EMAIL PROTECTED] (David A. Wagner)
Subject: Re: Diff analysis
Date: 1 May 2000 17:45:20 -0700
In article <[EMAIL PROTECTED]>,
Baruch Even <[EMAIL PROTECTED]> wrote:
> The difference table measures how many times for a specific input difference
> (i.e. x^y) you get a specific output difference (i.e. S[x]^S[y]).
This is equivalent to measuring how many times for a specified
input difference d you get a specific output different S[x]^S[x^d].
> I really do not understand what you do with S[x xor y], as we do not
> measure that.
Is it now clear that what you suggest is equivalent to looping over
all x,d and doing `table[d][S[x]^S[x^d]]++;'?
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Problems with CryptoBag
Date: Tue, 02 May 2000 01:40:44 GMT
Well it appears RSA got ticked with me using RSA patented stuff in
Cryptobag and PB. So effective immediately I took it all off my
website, and am working on patching in ElGamal where RSA was.
The modifications will take about a week and in the mean time please
donot redistribute either.
Sorry about the mess.
Tom
--
Want your academic website listed on a free websearch engine? Then
please check out http://tomstdenis.n3.net/search.html, it's entirely
free
and there are no advertisements.
------------------------------
From: Tom McCune <[EMAIL PROTECTED]>
Subject: Re: large key version of PGP
Date: Tue, 02 May 2000 01:47:40 GMT
=====BEGIN PGP SIGNED MESSAGE=====
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
(EP847) wrote:
>i have heard about a version of PGP using a DH/DSS key larger than 16000
>bits
That 16K key is an RSA key.
>it is made byCyberKnights [http://netnet.net/~merlin/knights/].
>Is it more secure than PGP 6.53?
A 3000 bit DH or RSA key is considered equivalent to the underlying
symmetric encryption used by PGP. So it seems pretty obvious that a 16k
public key is very excessive - On a Celeron 500, it also takes 30 seconds
to use!
>Does the key size really matter in this case when both are large?
When what "both" are large? It does make sense to use a public key at
least as large as 3000 bits if you want the maximum security potential of
PGP.
>Is it compatible with PGP 6.53 if a key smaller than 4096 is used?
The C-KT versions are compatible with official PGP 6.5.3 as long as a DH
key is not larger than 4096 bits or an RSA key is not larger than 2048
bits.
=====BEGIN PGP SIGNATURE=====
Version: PGP Personal Privacy 6.5.3
Comment: My PGP Page & FAQ: http://www.McCune.cc/PGP.htm
iQCVAwUBOQ4zwcMxrQ5/VTwtAQFA+wP+PnMkoWDuhKa/gRiYJSwYDHL2OLXhR413
6wFWyFNm6MYap9mlM6zDa9lkkcxBN4n95MOLhJ3JgRc2vNAk+5jacNAcgkK+98Hi
Ci6Ja1qQg8gvFx4fTzksYqQODKnsovxkvUvTBmJO1JELgGZkQ2tgCkFseDApAAo9
nOqpmsdHiZw=
=u8Bq
=====END PGP SIGNATURE=====
------------------------------
From: Travis Farral <[EMAIL PROTECTED]>
Crossposted-To: comp.security.pgp.discuss
Subject: Re: S/MIME + Netscape v47 serious problem in symmetric encryption ...
Date: Mon, 01 May 2000 20:50:13 -0500
This is a very good question. I wouldn't be surprised actually if this were the case.
I don't
know how to verify if it is true however.
-Travis
James Felling wrote:
> Maybe a glitch in Microsofts Crypto API -- Do both of them use that?
>
------------------------------
From: "Vic Drastik" <[EMAIL PROTECTED]>
Subject: Re: How would a 15 year old start?
Date: Tue, 2 May 2000 11:49:25 +1000
Andy Dingley <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Is this just a perspective effect, from my more code-familiar
> viewpoint, or is crypto really a field where the basis of mathematical
> training is essential and the coding ability an afterthought ?
> Smert' Spamionam
ROTFL!!
This is one of the funniest signature jokes I have seen.
Alas , you have assumed that since the Russian for 'spy' is 'shpion' , then
the Russian for 'spammer' must be 'spamion' .
I think that Russian for 'spammer' is probably 'c(pi)amict' and so your
clever idea should be Smert' Spamistam.
Can any Russian speakers following this thread confirm my guess?
Vic
--
Email : [EMAIL PROTECTED]
Decode email address thus :
1=v,2=i,3=c,4=d,5=r,6=a,7=s,8=t,2=i,9=k
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: Diff analysis
Date: Tue, 02 May 2000 01:52:40 GMT
"David A. Wagner" wrote:
>
> In article <[EMAIL PROTECTED]>,
> Baruch Even <[EMAIL PROTECTED]> wrote:
> > The difference table measures how many times for a specific input difference
> > (i.e. x^y) you get a specific output difference (i.e. S[x]^S[y]).
>
> This is equivalent to measuring how many times for a specified
> input difference d you get a specific output different S[x]^S[x^d].
>
> > I really do not understand what you do with S[x xor y], as we do not
> > measure that.
>
> Is it now clear that what you suggest is equivalent to looping over
> all x,d and doing `table[d][S[x]^S[x^d]]++;'?
I am not sure what you are talking about? You can view the code I use
to measure differences in my sboxgen [1].
Basically I do
for x = 0 to n
for y = 0 to n
DT[x xor y][S[x] xor S[y]]++;
And look for the highest value.
Tom
[1] sboxgen: http://24.42.86.123/sboxgen.c
--
Want your academic website listed on a free websearch engine? Then
please check out http://tomstdenis.n3.net/search.html, it's entirely
free
and there are no advertisements.
------------------------------
Subject: Re: Tempest Attacks with EMF Radiation
From: Diet NSA <[EMAIL PROTECTED]>
Date: Mon, 01 May 2000 19:33:31 -0700
In article <
20000501174535.03970.00000792@ng-
fg1.aol.com>, [EMAIL PROTECTED] (NFN NMI L.
a.k.a. S.T.L.) wrote:
><<In some theories of physics, all particles are described as
>vibrating instances of energy.>>
>
>Quack or unproven ones.
>
Yes, AFAIK, this is true. For example,
string theory is not a quack theory but it
has yet to be verified. Even outside of
string theory, some physicists have the
goal [according to Frank Wilczek] of
trying to derive "massless" equations for
physics.
" V hfdt afogx nfvw ufo axb (o)(o) " - Gtnjv
====================================================
* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
The fastest and easiest way to search and participate in Usenet - Free!
------------------------------
From: [EMAIL PROTECTED] (Paul Rubin)
Subject: Re: Any good attorneys?
Date: 2 May 2000 02:53:11 GMT
In article <[EMAIL PROTECTED]>,
Tom St Denis <[EMAIL PROTECTED]> wrote:
>I just got a notice from RSA stating...
>
>>Please contact RSA Security Inc. immediately regarding your use of the RC5
>>encryption method (US Patent# 5,724,428) within your PeekBoo PB2, and PB3
>>toolkit.
>>This toolkit and its distribution without a license from RSA Security Inc.,
>>violates US Patent and copyright law.
>>Please call me at 650-295-7625
>>
>>Thank you,
>>
>>shaun
>
>From "Shaun Coleman"...
>
>Anyone want to help me out?
Well, IANAL and this is not legal advice, but as I remember, you are
in Canada and I don't see a Canadian patent # in that notice. If your
web page is in the US then you probably have to take it down (at least
the part with RC5). If it's in Canada, you might write back to Shaun
explaining that both you and the page are not in the US, and ask him
to clarify the situation with regard to Canadian patents. Also, since
(as I understand it) you implemented the code yourself and did not
copy any RSA code, you could explain that to him and ask him what he
means about copyrights.
If he gives you a Canadian patent number, you probably have to remove
RC5 even from your Canadian page.
If RC5 is unpatented in Canada and you are distributing it from there,
and you want to be nice to RSA, you might put a notice into the code/docs
saying the algorithm is patented in the US and users in the US have to
get a license. There are notices like that in many of the European
packages I've seen that incorporate the RSA public key algorithm.
See for example the patents FAQ at www.modssl.org.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Problems with CryptoBag
Date: Tue, 02 May 2000 02:55:09 GMT
Tom St Denis <[EMAIL PROTECTED]> wrote:
> Well it appears RSA got ticked with me using RSA patented stuff in
> Cryptobag and PB. So effective immediately I took it all off my
> website, and am working on patching in ElGamal where RSA was.
Doesn't the RSA patent expire soon? If so, is RSA going back in the
day after? ;)
--
Matt Gauthier <[EMAIL PROTECTED]>
------------------------------
Subject: Re: factor large composite
From: Diet NSA <[EMAIL PROTECTED]>
Date: Mon, 01 May 2000 19:59:44 -0700
In article <
[EMAIL PROTECTED]
>, Richard Heathfield <[EMAIL PROTECTED]> wrote:
>My apologies. I should have said 'billions of years, or
billions of
>parallel universes, whichever is more convenient'. :-)
>
Current RSA key sizes, for example, could
be rendered obsolete by quantum
computing (QC) in as little as, say, 30
years. No one knows. Also, the concept of
parallel universes doesn't have to be
invoked for QC.
" V hfdt afogx nfvw ufo axb (o)(o) " - Gtnjv
====================================================
* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
The fastest and easiest way to search and participate in Usenet - Free!
------------------------------
From: [EMAIL PROTECTED] (Paul Rubin)
Subject: Re: Problems with CryptoBag
Date: 2 May 2000 03:05:06 GMT
In article <[EMAIL PROTECTED]>,
Tom St Denis <[EMAIL PROTECTED]> wrote:
>Well it appears RSA got ticked with me using RSA patented stuff in
>Cryptobag and PB. So effective immediately I took it all off my
>website, and am working on patching in ElGamal where RSA was.
>
>The modifications will take about a week and in the mean time please
>donot redistribute either.
>
>Sorry about the mess.
The RSA public key system is unpatented in Canada, and the patent
expires on September 20 of this year in the US, as I'm sure you're aware.
If you remove RSA from your page for now, I hope you'll put it back
when the patent expires. You might replace it with a notice giving
the expiration date and that it will be restored after that. Reference:
http://www.rsasecurity.com/rsalabs/faq/6-3-1.html
The situation with RC5 is separate and probably different. The US
patent is much newer and won't expire for a long time, and RC5 might
be also patented in Canada.
Please do post developments on this issue (such as new communications
from RSA Security) to the newsgroup. There's a journalist's saying,
that "sunshine is the best disinfectant".
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
