Cryptography-Digest Digest #692, Volume #11 Wed, 3 May 00 01:13:02 EDT
Contents:
Re: Any good attorneys? ("Stou Sandalski")
Re: Any good attorneys? (Tom St Denis)
Re: Deciphering Playfair (Jim Gillogly)
Re: about search and seisure of computers again (jungle)
Re: Any good attorneys? (David Hopwood)
Re: Any good attorneys? (jungle)
Re: factor large composite ("Dann Corbit")
Re: Any good attorneys? (Tom St Denis)
Re: Any good attorneys? (Tom St Denis)
About DHAES (Tom St Denis)
Re: A naive question (William Rowden)
Re: Janet and John learn about bits (was Re: Problems with OAP-L3) (Anthony Stephen
Szopa)
Re: Janet and John learn about bits (was Re: Problems with OAP-L3) (Anthony Stephen
Szopa)
Re: Janet and John learn about bits (was Re: Problems with OAP-L3) (Anthony Stephen
Szopa)
Re: Janet and John learn about bits (was Re: Problems with OAP-L3) (Anthony Stephen
Szopa)
Re: Janet and John learn about bits (was Re: Problems with OAP-L3) (Anthony Stephen
Szopa)
----------------------------------------------------------------------------
From: "Stou Sandalski" <tangui [EMAIL PROTECTED]>
Subject: Re: Any good attorneys?
Date: Tue, 2 May 2000 21:10:50 -0700
"Tom St Denis" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
>
>
> Paul Rubin wrote:
> >
> > Tom St Denis <[EMAIL PROTECTED]> wrote:
<Snip>
> >
> > I don't understand the logic of this. You don't like being bullied
> > by RSA, so you're going to get back at the bully by doing exactly what
> > he tells you?
>
> It's called I am an 18 year old kid. Why would I throw my life away
> just to have RSA patented technology?
>
IMHO its a matter of principle, give them the finger...
Stou
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: Any good attorneys?
Date: Wed, 03 May 2000 04:12:47 GMT
jungle wrote:
>
> when you are in CANADA [ tom ], the RSA patent is in USA, what is the problem
> ?
> is it [ RC5 ] patented in CANADA ? if not ask RSA to patent RC5 in CANADA &
> contact
> you after it will be issued / completed ...
>
> above is the first step for your defense options ...
>
> what is the problem ?
> you removed your product from web site ?
I would rather not argue and wrestle with RSA. I don't care enough. I
don't need to use RC5 or RSA, so I don't think it's a big deal.
Tom
------------------------------
From: Jim Gillogly <[EMAIL PROTECTED]>
Subject: Re: Deciphering Playfair
Date: Wed, 03 May 2000 04:17:03 +0000
William Rowden wrote:
>
> In article <[EMAIL PROTECTED]>,
> Jim Gillogly <[EMAIL PROTECTED]> wrote:
> > Automated Playfair attacks without a crib are quite feasible
> > using hillclimbing techniques.
>
> I'm not familiar with all of the terminology of hillclimbing techniques,
> so I may not phrase the following precisely. However, it's not
> immediately obvious to me how one would define "adjacent" solutions
For Playfair I define "adjacent" keys as ones that can be obtained by:
- Swapping two letters in the key;
- Moving a letter from one place to another in the key and sliding the rest;
- Deleting a letter from the key;
- Adding a letter to the key;
- Replacing a letter in the key with one that wasn't in the key; and
- Changing the path to one of the 48 standard paths, giving heavy
preference to row-wise path, less to clockwise spirals, and weighting
the rest about equally.
I don't require there to be a short keyword; it can be 25 letters long,
in which case the ADD, DELETE, REPLACE and PATH operators aren't used.
> so that there aren't numerous local minima for any given (probably
> statistical) measure of "closeness" to the solutions.
That's handled with what I call "shotgun hillclimbing". When you hit
a (presumably local) maximum, pick another random starting key and
begin again. This is a technique that works across most of the range
of classical ciphers, up through about Wehrmacht Enigma and M-209, and
including double incomplete columnar transposition for reasonable-length
keys.
> How do you know such an approach will be significantly better than
> brute force?
By experiment. Brute force on 25! Playfair squares gives an unreasonably
large number of squares to test. By contrast, shotgun hillclimbing will
typically find a solution in reasonable time on a standard workstation or
laptop.
--
Jim Gillogly
Sterday, 13 Thrimidge S.R. 2000, 04:08
12.19.7.3.3, 2 Akbal 6 Uo, Ninth Lord of Night
------------------------------
From: jungle <[EMAIL PROTECTED]>
Crossposted-To: alt.privacy.anon-server,alt.privacy
Subject: Re: about search and seisure of computers again
Date: Wed, 03 May 2000 00:20:10 -0400
"by facts not by myths", please ...
instead of quantifies such as :
possible ???
unlikely ???
enormously expensive ???
maybe ???
attempt ???
hope ???
any real facts ?, please ...
JimD wrote:
>
> On Sun, 30 Apr 2000 19:26:51 -0400, jungle <[EMAIL PROTECTED]> wrote:
> >wipe by 3 passes under PGP ...
> >
> >NO ONE recovered data, NO ONE provided prove,
> >that data wiped with above description has been recovered, except providing
> >over exaggerated statement that "it's maybe possible to recover" ...
> >
> >correct me when I'm wrong, by facts not by myths only ...
> >
> >I have f/d [ 1.44 mb ] wiped by pgp 3x information to recover, no one like to
> >be famous for attempting recovery, but many "experts" are arguing that data
> >recovery is possible after wiping it 7x times by pgp, which is more than 2
> >times wiped that I have ...
>
> Possible, but unlikely, and in any case enormously expensive
> just to make the attempt in the hope of recovering useful data.
------------------------------
Date: Wed, 03 May 2000 04:48:39 +0100
From: David Hopwood <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: Any good attorneys?
=====BEGIN PGP SIGNED MESSAGE=====
Tom St Denis wrote:
> Paul Rubin wrote:
> >
> > In article <[EMAIL PROTECTED]>,
> > Tom St Denis <[EMAIL PROTECTED]> wrote:
> > >I think it's funny too, but I will just avoid all RSA (tm) products
> > >(hehehe) from CB in the future.
> > >
> > >I already have other block ciphers (Blowfish, Twofish, Serpent,
> > >CAST-128, Skip-jack, XTEA, GOST), and am adding DH to it now.
> >
> > I'd say bag RC5 for sure. There's not much reason to care about it.
> > However, the RSA public key algorithm is important and your product
> > suffers if you don't include it. Even though you're in Canada and
> > it's unpatented there, you might want to avoid hassles by leaving it
> > out for now. But on September 20 when the US patent expires, please
> > put it back.
RSADSI can't stop you from distributing your RSA implementation if
you're outside the jurisdiction in which it is patented; by all means
leave out RC5 (as Paul Rubin says, there's not much reason to care about
it), but ignore them on RSA. Many cryptography libraries developed
outside the US, including one that I contributed to (Cryptix), have
included RSA for years (with a disclaimer that US users must obtain a
license if they use that part of the library [*]), and not had any
problems.
[*] In practice, US users never do this, because it is RSADSI's policy
not to give out RSA licenses except with their own libraries,
BSAFE and J/SAFE. That is beside the point, though.
> Hmm well I already deleted the source (I could restore it from backup)
> but I seriously want to avoid RSA completely. I don't like getting
> emails like that.
>
> At anyrate ElGamal will fill the spot where RSA was quite nicely.
Elgamal is not semantically secure or non-malleable, and there is no
standardised way to apply it to arbitrary-length plaintexts; use DHAES
(see below) instead.
> I just need a DH pro to talk to (i.e how to minimize the ciphertext size
> but remain relatively secure).
Michel Abdalla, Mihir Bellare, Phillip Rogaway,
"DHAES: An Encryption Scheme Based on the Diffie-Hellman Problem,"
Contribution to IEEE P1363a.
http://grouper.ieee.org/groups/1363/contributions/dhaes.pdf
(temporary URL), or
Theory of Cryptography Library.
http://philby.ucsd.edu/cryptolib/1999/99-07.html
- --
David Hopwood <[EMAIL PROTECTED]>
PGP public key: http://www.users.zetnet.co.uk/hopwood/public.asc
RSA 2048-bit; fingerprint 71 8E A6 23 0E D3 4C E5 0F 69 8C D4 FA 66 15 01
=====BEGIN PGP SIGNATURE=====
Version: 2.6.3i
Charset: noconv
iQEVAwUBOQ+hVzkCAxeYt5gVAQHqFgf/RLjuAAG2A/M/JwJHvMoFCun6skgvEmCS
7lQAXkEWcIYrkPjKVgn1DkWHp98W8DTuABE+Qpw4fpbXi8w9V14LBGWwNTw+ABkZ
myRKq3qAW8zxWaKtDTYsmUT8sGXtOt/BLJOLYMMuUH8UT4eNyXC/ra+wVhNllrdB
VY2Y1/EkjrlsrCgjs9HWvUdm35G31nmNHwiLqgMCsSy3wvFW7HcNY8ehPVCVEH3m
aq2g//MjLxMvbVTXsbDAPiMXxUW3J996OS+VGiCJZtAItAbfCrDc99x3yuv1S/P/
Nik2nJdxWUBdIVdwSWeamqxYYZMoiFAZI0T5jlcl+o2ptjeFYQtmrA==
=nlcc
=====END PGP SIGNATURE=====
------------------------------
From: jungle <[EMAIL PROTECTED]>
Subject: Re: Any good attorneys?
Date: Wed, 03 May 2000 00:34:15 -0400
the point is, you don't need to wrestle ...
you are not affected by they patents ...
from other point of view,
you did say "I don't care enough" and ask for GOOD ATTORNEY ...
you did say "I don't care enough" and removed your software from web page ...
you did say "I don't care enough" and will change your software to conform to
they requests ...
yes, I see, you don't care now for their patent threats...
this is obvious to every one ...
Tom St Denis wrote:
>
> jungle wrote:
> >
> > when you are in CANADA [ tom ], the RSA patent is in USA, what is the problem
> > ?
> > is it [ RC5 ] patented in CANADA ? if not ask RSA to patent RC5 in CANADA &
> > contact
> > you after it will be issued / completed ...
> >
> > above is the first step for your defense options ...
> >
> > what is the problem ?
> > you removed your product from web site ?
>
> I would rather not argue and wrestle with RSA. I don't care enough. I
> don't need to use RC5 or RSA, so I don't think it's a big deal.
>
> Tom
------------------------------
From: "Dann Corbit" <[EMAIL PROTECTED]>
Subject: Re: factor large composite
Date: Tue, 2 May 2000 21:35:40 -0700
"Diet NSA" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
>
> In article <Y3JP4.1643$PY3.2104@client>,
> "Dann Corbit" <[EMAIL PROTECTED]>
> wrote:
>
> >QC is currently absurdly infeasible for factoring of large
> numbers and there
> >are no valid projections as to when it will become feasible, or
> if it ever
> >will, for that matter. Have another slice of pie.
>
>
> Thanks, I will have my pie and eat it too.
> Your postings have reminded me of earlier
> "pie-in-the-sky" ideas such as going to
> the moon, nuclear energy, and PCs.
Wrong. I never said impossible. I only said there is no evidence it will
be feasible to make a useful factoring device using these principles in the
near term decades.
Consider Josephson Junctions. They can produce Petaflop computers [I have
seen articles with math and actual tests to make concrete proof of that].
They were discovered in the 1970's. Why hasn't anyone done it yet? Because
it would cost too much money to make it worth while (so far). An
interesting principle that promises tons of performance may not materialize
for 50 years or it may never materialize at all.
RSA is not compromised by some wild-eyed notion that has yet to pan out into
something useful.
--
C-FAQ: http://www.eskimo.com/~scs/C-faq/top.html
"The C-FAQ Book" ISBN 0-201-84519-9
C.A.P. Newsgroup http://www.dejanews.com/~c_a_p
C.A.P. FAQ: ftp://38.168.214.175/pub/Chess%20Analysis%20Project%20FAQ.htm
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: Any good attorneys?
Date: Wed, 03 May 2000 04:43:55 GMT
David Hopwood wrote:
> RSADSI can't stop you from distributing your RSA implementation if
> you're outside the jurisdiction in which it is patented; by all means
> leave out RC5 (as Paul Rubin says, there's not much reason to care about
> it), but ignore them on RSA. Many cryptography libraries developed
> outside the US, including one that I contributed to (Cryptix), have
> included RSA for years (with a disclaimer that US users must obtain a
> license if they use that part of the library [*]), and not had any
> problems.
>
> [*] In practice, US users never do this, because it is RSADSI's policy
> not to give out RSA licenses except with their own libraries,
> BSAFE and J/SAFE. That is beside the point, though.
>
> > Hmm well I already deleted the source (I could restore it from backup)
> > but I seriously want to avoid RSA completely. I don't like getting
> > emails like that.
> >
> > At anyrate ElGamal will fill the spot where RSA was quite nicely.
>
> Elgamal is not semantically secure or non-malleable, and there is no
> standardised way to apply it to arbitrary-length plaintexts; use DHAES
> (see below) instead.
>
> > I just need a DH pro to talk to (i.e how to minimize the ciphertext size
> > but remain relatively secure).
>
> Michel Abdalla, Mihir Bellare, Phillip Rogaway,
> "DHAES: An Encryption Scheme Based on the Diffie-Hellman Problem,"
> Contribution to IEEE P1363a.
> http://grouper.ieee.org/groups/1363/contributions/dhaes.pdf
> (temporary URL), or
> Theory of Cryptography Library.
> http://philby.ucsd.edu/cryptolib/1999/99-07.html
I had the paper already, but I will give it a read thru. It looks like
it just does a passive DH exchange, which is kinda neat.
Tom
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: Any good attorneys?
Date: Wed, 03 May 2000 04:44:58 GMT
jungle wrote:
>
> the point is, you don't need to wrestle ...
> you are not affected by they patents ...
I don't want to confront them, point made. As A bonus I think I will be
the first crypto-lib to use DHAES :)
Or is it not at all new?
Tom
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: About DHAES
Date: Wed, 03 May 2000 04:49:27 GMT
I just read the paper for DHAES and about the malliability I disagree,
if I encrypt a symmetric key using EG, there is little chance that you
change the asymmetric ciphertext to produce another symmetric key that
decrypts the message to something readable.
I don't quite get the rest of the "problems" they discuss.
Tom
--
Want your academic website listed on a free websearch engine? Then
please check out http://tomstdenis.n3.net/search.html, it's entirely
free
and there are no advertisements.
------------------------------
From: William Rowden <[EMAIL PROTECTED]>
Subject: Re: A naive question
Date: Wed, 03 May 2000 04:44:37 GMT
In article <[EMAIL PROTECTED]>,
Mok-Kong Shen <[EMAIL PROTECTED]> wrote:
> Since the algorithm itself can't generate any entropy, it seems that
> the security pro bit of the message decreases monotonely, maybe even
> 'proportionly', with increasing n.
[snip]
> Is this line of thought reasonable?
That line of thought not only appears reasonable to me, but it also
seems to me that it can be made more precise. The following quote is
from the text recommended by Bryan Olson.
Instead of "security," I'll write about "equivocation," a measure of
the uncertainty about the message given the encrypted text (H_E(M)) or
about the key given the encrypted text (H_E(K)). Assume an attacker
intercepts all of the ciphertext of length N. Using D to represent the
redundancy of the language of the plaintext message, Shannon says,
To summarize: H_E(K), considered as a function of N, the number of
intercepted letters, starts off at H(K) when N = 0. It decreases
linearly with a slope -D out to the neighborhood of N = H(K)/D.
After a short transition region, H_E(K) follws an exponential
with "half life" distance 1/D if D is measured in bits per letter.
By a similar argument the equivocation of message can be
calculated.
--
-William
SPAM filtered; damages claimed for UCE according to RCW19.86
PGP key: http://www.eskimo.com/~rowdenw/pgp/rowdenw.asc until 2000-08-01
Fingerprint: FB4B E2CD 25AF 95E5 ADBB DA28 379D 47DB 599E 0B1A
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Subject: Re: Janet and John learn about bits (was Re: Problems with OAP-L3)
Date: Tue, 02 May 2000 21:50:20 -0700
wtshaw wrote:
>
> In article <[EMAIL PROTECTED]>, David Blackman
> <[EMAIL PROTECTED]> wrote:
>
> > I'd trust the stuff i wrote a lot more than i'd trust yours. But not far
> > enough to use it for anything that matters. If i really wanted
> > industrial strength stuff i'd probably use the open-ssl libraries which
> > are free, heavily tested and scrutinised, and actually in use by a lot
> > of companies for real work.
>
> To each person who actualy writes some form of original crypto, it sets
> you apart from copycats. As to the strength of such, it varies from one
> end of the scale of security to the other. Those that cry for order in
> the field usually want to exclude something or other that they don't
> like. Well, prunes to that.
>
> Those that build around someone elses library are usually still mere
> hangers on. This may be a good way for some to start, but it is no
> finish unless you actually use such functions in a way that does not allow
> someone else to circumvent you assumptions of security. Know what code
> you copy; better yet, derive it into internal functions.
>
> Doing good crypto badly is not much different than from missing the point
> of security entirely. If you are just playing with code to learn, know
> that you cannot promise to build something great without a proper
> foundation.
> --
> Laughter is often the most pleasing result of successful analysis.
Your contributions are always appreciated.
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Subject: Re: Janet and John learn about bits (was Re: Problems with OAP-L3)
Date: Tue, 02 May 2000 21:52:23 -0700
"Trevor L. Jackson, III" wrote:
>
> Anthony Stephen Szopa wrote:
>
> > Who wants just "adequate" or "okay" encryption software? We've got
> > plenty of that already.
> >
> > The gold medal goes to creating unbreakable encryption... And
> > creating it first.
> >
> > I claim to have created unbreakable encryption software. And I
> > can provide anyone with the software to see for themselves. The
> > Help Files describe OAP-L3, and the Theory and Processes Help Files
> > prove my claim.
>
> If your claim of unbreakable strength is so firmly supported why have you refused to
> accept the two wagers offered to prove your claims invalid?
>
> If your claims are accurate, the wagers would both fill your wallet and provide more
> marketing "ammunition".
>
> Do you lack the courage of your convictions?
You have access to the Help Files and the software.
Point out where my logic in the theory or processes is wrong.
You could be a hero to many in this news group.
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Subject: Re: Janet and John learn about bits (was Re: Problems with OAP-L3)
Date: Tue, 02 May 2000 21:53:19 -0700
James Felling wrote:
>
> Anthony Stephen Szopa wrote:
>
> > Tom St Denis wrote:
> > >
> > > Richard Heathfield wrote:
> > > > unsigned char num[] = { 0x16, 0x30, 0x47, 0x91 }; /* binary coded
> > > > decimal (almost!) - wastes 6 combinations per nybble */
> > > >
> > > > as opposed to
> > > >
> > > > unsigned char num[] - { 0xF8, 0xCA, 0x97 }; which is clearly more
> > > > efficient, as it uses all the bits available to it.
> > > >
> > > > So perhaps we're in violent agreement?
> > >
> > > No since not all combinations of 3 byte values are possible you are
> > > still wasting space. That was my point.
> > >
> > > >
> > > > > > If we have two cryptography applications, one of which uses its memory
> > > > > > efficiently, runs on my PII/400 at an acceptable speed, and offers me
> > > > > > reliable security, and the other which doesn't use its memory
> > > > > > efficiently, runs on my 400 MHz box at a speed which even its author
> > > > > > says is far too slow, and is based on source code which has not been
> > > > > > published and therefore has not had the chance to be validated by the
> > > > > > cryptographic community - thus making its security untrustworthy - which
> > > > > > application do you think anyone with a brain will buy?
> > > > >
> > > > > Or just use. Why do you have to buy good crypto programs?
> > > >
> > > > I agree entirely. Just roll your own...
> > > >
> > > > > If you have enough time on your hands you can even write your own.
> > > >
> > > > Ah, I don't have enough time on my hands. But I'm trying to write my own
> > > > anyway <g>. Unfortunately, I'm too inexperienced in cryptanalysis to
> > > > perform serious cryptanalytic attacks on my own code, let alone other
> > > > people's. (I've cracked a couple of 'unbreakable' algorithms presented
> > > > to me by other would-be cryptographers, but these were only 'kid-sister
> > > > unbreakable', of course.)
> > >
> > > Well it's one thing to take already developed and analyzed algorithms
> > > and stick it together, and it's another thing *entirely* to invent your
> > > own ciphers at the same time. If you want a 5kb file crypto program
> > > just take RC4 and a hash (say md2) and write a small program (I have
> > > done it more then once.... :)).
> > >
> > > > >
> > > > > Mr Szopa has some thinking todo about making his algorithm(s) not only
> > > > > public but efficient.
> > > > >
> > > >
> > > > Possibly, but that's not his main problem. He has some really serious
> > > > thinking to do about his ability to deal with fellow professionals in a
> > > > professional way. It seems that anyone who dares take issue with him is
> > > > instantly killfiled - in a mysterious and magical process which allows
> > > > Mr Szopa to read their posts anyway, presumably so that he can killfile
> > > > them again, and again, and again.
> > > >
> > > > When he learns to talk to grown-ups as if they are grown-ups, I suspect
> > > > he can look forward to some excellent help from the heavyweight computer
> > > > scientists in this newsgroup (Doug Gwyn and so on) in making his
> > > > algorithm efficient.
> > >
> > > Well the pros are really turned off from him, so at best he will have to
> > > deal with the-less-than-amateurish people like You and I....
> > >
> > > Tom
> > > --
> > > Want your academic website listed on a free websearch engine? Then
> > > please check out http://tomstdenis.n3.net/search.html, it's entirely
> > > free
> > > and there are no advertisements.
> >
> > You say writing encryption software is easy. You've done it? Just
> > do this and just do that?
> >
> > Who wants just "adequate" or "okay" encryption software? We've got
> > plenty of that already.
> >
> > The gold medal goes to creating unbreakable encryption... And
> > creating it first.
>
> Anyone can create software that is as "unbreakable" as yours. In a few days with a
> decent compiler. Your product wouldn't even take an honnorable mention.
>
> >
> >
> > I claim to have created unbreakable encryption software.
>
> Excellent choice of words -- true enough given enough effort, but in any usable
> aplication........?
>
> > And I
> > can provide anyone with the software to see for themselves. The
> > Help Files describe OAP-L3, and the Theory and Processes Help Files
> > prove my claim.
>
> They "prove" nothing of the sort. This is like saying that the existence of the
> Princess Bride (which claims to be a 'good parts' version of annother novel) proves
> that that other volume exists. All it does is provide some evidence possibly
> supporting our claim, there is nothing there that is conclusive ( or even very
> readable).
Show us where the logic in the theory and processes is incorrect,
then, please.
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Subject: Re: Janet and John learn about bits (was Re: Problems with OAP-L3)
Date: Tue, 02 May 2000 21:55:48 -0700
Anthony Stephen Szopa wrote:
>
> Richard Heathfield wrote:
> >
> > Tom St Denis wrote:
> > >
> > > Richard Heathfield wrote:
> > > >
> > > > [Disclaimer: I'm not a cryptologist.]
> > > >
> > >
> > > When you do something like
> > >
> > > long a = 16304791;
> > >
> > > You need not convert it to hex to store it.
> >
> > I agree entirely. I was not arguing that you needed to.
> >
> > > My complaint about the
> > > waste of space is that a permutation is normally stored as
> > >
> > > int perm[10] = { ... }
> > >
> > > and you store them serially (even as 4 bits you are wasting space).
> >
> > I'm not exactly sure what you mean. If you're saying that a number such
> > as 16304791 is being stored as
> >
> > int perm[10] = { 0, 0, 1, 6, 3, 0, 4, 7, 9, 1 } then I'd have to
> > heartily agree that this is a blatant waste of space.
> >
> > >
> > > My point was why doesn't he use a permutation of a power of two and not
> > > waste space? Like 0..7 or 0..15 ?
> >
> > I thought that was my point too.
> >
> > > > It is therefore more efficient to store values in base 16 than in base
> > > > 10. More values can be stored in fewer bytes, because no bits are
> > > > wasted.
> > >
> > > This is not true.
> >
> > It very much depends how you're storing it. Consider the number
> > 16304791, which is suitably random :-)
> >
> > If we store it like this:
> >
> > unsigned long num = 16304791;
> >
> > then base simply isn't an issue, and your objection is correct. But that
> > wasn't what I thought you meant. I was under the impression that you
> > were complaining about:
> >
> > unsigned char num[] = { 0x16, 0x30, 0x47, 0x91 }; /* binary coded
> > decimal (almost!) - wastes 6 combinations per nybble */
> >
> > as opposed to
> >
> > unsigned char num[] - { 0xF8, 0xCA, 0x97 }; which is clearly more
> > efficient, as it uses all the bits available to it.
> >
> > So perhaps we're in violent agreement?
> >
> > > > If we have two cryptography applications, one of which uses its memory
> > > > efficiently, runs on my PII/400 at an acceptable speed, and offers me
> > > > reliable security, and the other which doesn't use its memory
> > > > efficiently, runs on my 400 MHz box at a speed which even its author
> > > > says is far too slow, and is based on source code which has not been
> > > > published and therefore has not had the chance to be validated by the
> > > > cryptographic community - thus making its security untrustworthy - which
> > > > application do you think anyone with a brain will buy?
> > >
> > > Or just use. Why do you have to buy good crypto programs?
> >
> > I agree entirely. Just roll your own...
> >
> > > If you have enough time on your hands you can even write your own.
> >
> > Ah, I don't have enough time on my hands. But I'm trying to write my own
> > anyway <g>. Unfortunately, I'm too inexperienced in cryptanalysis to
> > perform serious cryptanalytic attacks on my own code, let alone other
> > people's. (I've cracked a couple of 'unbreakable' algorithms presented
> > to me by other would-be cryptographers, but these were only 'kid-sister
> > unbreakable', of course.)
> >
> > >
> > > Mr Szopa has some thinking todo about making his algorithm(s) not only
> > > public but efficient.
> > >
> >
> > Possibly, but that's not his main problem. He has some really serious
> > thinking to do about his ability to deal with fellow professionals in a
> > professional way. It seems that anyone who dares take issue with him is
> > instantly killfiled - in a mysterious and magical process which allows
> > Mr Szopa to read their posts anyway, presumably so that he can killfile
> > them again, and again, and again.
> >
> > When he learns to talk to grown-ups as if they are grown-ups, I suspect
> > he can look forward to some excellent help from the heavyweight computer
> > scientists in this newsgroup (Doug Gwyn and so on) in making his
> > algorithm efficient.
> >
> > --
> >
> > Richard Heathfield
> >
> > "Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
> >
> > C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
> > 34 K&R Answers: http://users.powernet.co.uk/eton/kandr2/index.html (63
> > to go)
>
> You are not just storing a number. You are storing a permutation array
> because you need to be able to access each element of the
> permutation to access any digit of the permutation stored there
> when you run the processes.
>
> Do you still think you know as much about what you are talking
> about as you thought?
>
> Maybe you need to think about the implications of what I just said.
Let me add that base 8 or even base 7 will work more "efficiently.
The permutations can be viewed as reference targets.
Reduce the number of targets and you reduce the variability.
You reduce the security, also.
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Subject: Re: Janet and John learn about bits (was Re: Problems with OAP-L3)
Date: Tue, 02 May 2000 22:00:01 -0700
Richard Heathfield wrote:
>
> Anthony Stephen Szopa wrote:
> >
> > Richard Heathfield wrote:
> > >
> > > [Disclaimer: I'm not a cryptologist.]
> > >
> > > I find it surprising that anyone can attempt to defend their
> > > cryptographic technique when they don't understand about
> > > security-in-the-key, or killfiles (Mr Szopa's killfile seems to work
> > > more as a slightly-woundedfile) - but when they don't even understand
> > > about storage requirements, surprise is no longer adequate and, like Mr
> > > Adams, I am forced to resort to astonishment.
> > >
> >
> > It is clear you do not undersand the software adequately.
>
> I don't claim to, and I don't need to. It's sufficient to know that
> others here who could understand it, given the opportunity, have been
> denied that opportunity by your fear of releasing sufficient information
> to enable them to form a sensible judgement.
>
> --
>
> Richard Heathfield
>
> "Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
>
> C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
> 34 K&R Answers: http://users.powernet.co.uk/eton/kandr2/index.html (63
> to go)
Won't wash.
Everyone has access to the Help Files and the software.
Is everyone saying that the theory and processes in the Help Files
are logically unassailable?
So they have chosen to try to attack the implementation?
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
