Cryptography-Digest Digest #809, Volume #11 Thu, 18 May 00 08:13:01 EDT
Contents:
Re: Unbreakable encryption. ([EMAIL PROTECTED])
Re: Unbreakable encryption. ([EMAIL PROTECTED])
Re: Unbreakable encryption. ([EMAIL PROTECTED])
Re: Unbreakable encryption. ([EMAIL PROTECTED])
Re: sci.crypt cipher contest (Tom St Denis)
Re: Crypto & UNICODE??? (Runu Knips)
Re: P+1 factorization algorithm (Anders Thulin)
Re: Base Encryption: Revolutionary Cypher (Tom St Denis)
Re: NSA hardware evaluation of AES finalists (Runu Knips)
Re: Unbreakable encryption. (Tom St Denis)
Re: Unbreakable encryption. (Tom St Denis)
Re: Encrypting random data (Runu Knips)
Re: random.org? (Tom St Denis)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Unbreakable encryption.
Date: Thu, 18 May 2000 10:41:52 GMT
For all practical purposes, representation of infinite numbers
is not a problem. Numbers can be placed in a rational form
like 1/3 instead of .3333333333. For encryption's sake, predefined
precision can be agreed upon before the calculations, and it can
then use truncation, or rounding to deal with the extra precision
point. There are options to set the precision in the calculator,
which does not preallocate any storage (so it uses memory only
when necessary). Large values in memory can be virtually dumped to
disk and retrieved when needed,
and is handled automatically by many OS's these days (look up
virtual memory, swap partitions, etc).
In article <[EMAIL PROTECTED]>,
Mok-Kong Shen <[EMAIL PROTECTED]> wrote:
>
>
> [EMAIL PROTECTED] wrote:
>
> > The Virtual Calc 2000 supports infinite precision for floating
> > points of ANY base you choose. So 3.333333333333... may be
> > a number in one base, but after you convert it, it will be
> > totally different (especially using floating point arithmetic).
> > It might go into infinity, it might not (if it isn't representable
> > as a finite number of digits).
>
> I am afraid that this is at the very root of your errors. A real
> computer is a finite device. How can it do arbitrary infinite
> precision arithmetics??? Before going further with any arguments
> of crypto, you have to demonstrate how the implementation can
> be done. Note that there are software to do arbitrary precision
> arithmetics, but that means the precision can go up to a certain
> bound limited by the (finite) computer on which it runs. Or are
> you assuming the availability of an infinite machine???
>
> M. K. Shen
>
>
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Unbreakable encryption.
Date: Thu, 18 May 2000 10:47:47 GMT
there is a more detailed synopsis of Base Encryption
located at http://www.edepot.com/phl.html
It explains in more detail the relationship between different
bases and other ramifications that may interest you. In particular
the relationship between n-bit cypherblocks and the message
stream.
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (wtshaw) wrote:
> In article <8fnto5$1nc$[EMAIL PROTECTED]>, [EMAIL PROTECTED] wrote:
> >
> > You seem to misunderstand the major point....
> > ALL the algorithms and ALL the keylengths of ALL the encryption
> > systems are static. This is the most unsecure
> > part. It is the weak link for brute force searches.
> >
> I understand that not all algorithms are symmetric in a traditional
sense,
> which is there are some that do have one ciphertext to one plaintext
for a
> given key.
>
> > And to answer your n-bits input and n-bits output. Think of it
> > this way... it will clearify my point.
> >
> > What is the symbol set used before the compression to n-bits?
> > What is the symbol set used to decompress the n-bits back to regular
> > text?
> >
> > They are the same aren't they?
> >
> > And they are both N bits right?
> >
> > And you have to break up the message into n-bit size to feed
> > it into the cypher block right?
>
> Bits may haveing nothing to do with it.
> >
> > So in essense the compression algorithm is basically taking the
> > same symbol base and compacting it.
>
> A trit compression scheme in the morse tradition is infinitely
assignable.
> >
> ...
> > How do you start decrypting it using Base encryption?
> > You can't right? You have to guess
> > 1) The Base of this message (now did he use base 26? or standard
> > ASCII, or some large base with duplicates? or a chinese unicode?)
> > (And is this the result of base 26 or some other base?)
> > 2) What is the conversion algorithm used to remap between the above?
> > 3) What is the actual algorithm used. (shift, rotate, add, 1/x)
> > and was it before base conversion or after?
> >
> > In essense, you CANT start anywhere. Because the algorithm is
> > dynamic (its exponential, even more so than the standard key
remapping)
> >
> > So let me repeat...
> >
> >
> > given...
> > oisdd9823oieoisdg08eojiweljf##@98oefji23#@2jf
> >
> > how do you decrypt it?
> >
>
> Obviously this is all worth discussing to get at the basic principles
you
> are using. Pardon me for questioning some of your assumptions in your
> explanation, but there is much to discuss.
> --
> Secrets that are told or available are not secrets anymore, surely
> not trade secrets. Security of secrets is no dependant on someone
> else's stupidy, only in your making them available in any form.
>
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Unbreakable encryption.
Date: Thu, 18 May 2000 11:10:13 GMT
Dear Mr. Doemstedt,
Thank you very much for your response. It seems of all the posts
I got, yours was the only post that displayed knowledge and insightful
comments. I find most of the posters here wasting their productivity,
mainly with flaming. It seems this is more of a
political arena for them, rather than a place for fruitful discussions.
But I guess that is how life is sometimes.
Many of your questions can be answered in a more detailed
description of Base Encryption at http://www.edepot.com/phl.html
One interesting comment you made below that I would like to elaborate
on is the concept of an organic software.
There are research in these areas that try to mimic how we
think and how we act, but what is missing from all of their efforts
is that we are the byproduct of both instinctive and well as learned
response. In classical behaviorial psychology, it has been
proven that some responses can be conditioned, and behavior
can be reinforced using carrot/stick techniques.
Most software development models in existence these days mimic
the instictive model whereby we use pre-programmed response
that are dependent on internal and external factors. But these
responses are hardwired. (i.e. the algorithms are fixed). In
order for organic software to exist, a new model must replace it.
Dynamism and the ability for algorithms to be replaced on the
fly needs to be built into the language schematics. One way
this can be achieved is to go to the operator level and make
operators a byproduct of replaceable components. Logic would
thus be a communication between components, not a compiled
bytecode/binary entity for speedy interpretation/execution.
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> [EMAIL PROTECTED] wrote:
> >A while back I posted some messages describing new encryption
> >algorithms that are not breakable. It used the Virtual Calc 2000
> >to demonstrate it, and even provided sample plaintext and cyphertext.
>
> Dear Pohanl.
> There are plenty of unbroken messages. Please explain why
> the generated cipher will be difficult to break, using your method
> of encryption.
>
> >Well, I never realized that what I invented on the spur of the
> >moment really is unbreakable.
> Are you confident that it has not been published before?
>
> >Well, if you look at most cells in your body, you notice that they
have
> >a cell wall, and inside contains the DNA and other goodies. Things
are
> >passed to the cell through the cell wall. This is very similar to
> >passing variables to a component through an interface/function.
> >
> >This new language would have components with no constraints on values
> >passed to it. as for the values, instead of being dedicated to a
method in a
> >component/class/function, it would be placed on a bloodstream/"bus".
> >cells/components would grab it when they have appropriate functions
> >that can use it.
>
> A language with no constraints imposed on it, a language in which
> any computation can be implemented, has a special name ... ...
>
> The comparison between computational processes and living things
> are unusual and interesting. J. von Neumann wrote in
> von Neumann, J. "Theory of Self-Reproducing Automata"
> Burks, A. (Ed), University of Illinois Press, Urbana, Illinois 1966
> (quote from above reference)
> >"The conclusion one should draw from this is that
> > complication is degenerative below a certain minimum
> > level. This conclusion is quite in harmony with other
> > results in formal logics, to which I have referred a few
> > times during these lectures...
> > There is thus this completely decisive property of
> > complexity, that there exists a critical size below which
> > the process of synthesis is degenerative, but above which
> > the phenomenon of synthesis, if properly arranged, can
> > become explosive, in other words, where the synthesis of
> > automata can proceed in such a manner that each
> > automaton will produce other automata which are more
> > complex and of higher potentialities than itself."
>
> That is why a living cell can reproduce, but your money won't.
> Do you make use of this in your encryption ? How ?
> Do the size of your system affect the complexity of the codes
> generated ?
>
> [EMAIL PROTECTED] wrote:
> >Well, (I need to repeat redundantly, so I can get to the point),
> >this alorithm is unbreakable, because:
>
> >1) It is exponentially expensive to search the keyspace.
> >Unlike the garage door opener where you can permutate the bits
> >until you find a match... THERE IS NO KEYSPACE YOU CAN SEARCH
> >BECAUSE YOU DON'T KNOW WHEN THE KEYSPACE ENDS!
> >THIS IS EXPONENTIALLY EXPENSIVE, and is secure from brute force
> >keysearch.
> You mess up your argument by setting Exponential Work != Brute Force.
> Brute force is exponentially expensive. Your system will be secure
> if you can should show that the best attack is equivalent to a brute
> force search, on a sufficiently large keyspace.
>
> >2) Base encryption algorithm is dynamic. Meaning? It can change
> > on the fly. Most standard cracking alorithms relies on a fixed
> > algorithm (DES, RSA, IDEA, etc ALL have fixed algorithms).
> > Well, changing the algorithm in Base encryption is as simple
> > as changing the operators.
> >3) Base encryption is useful for streaming cyphers that are
> > unbreakable. Because you can change algorithms on the fly,
> > you can have the first segment use algorithm 1, base x, second
> > algorithm use algorithm 2, base y, etc.
>
> You don't have to "change the operators" to accomplish an encryption
> system that evolve during an encryption operation. (Why?)
> Explain how the "encryption algorithm" may "change on the fly".
> Using a system where the encryption algorithm may be changed on
> the fly is not new, see US-A-5742686 to Finley, Phillip Scott.
>
> >When you mention you can try to use computers to try to permutate
> >through dynamic algorithms and bases, you are not understanding
> >the intractability of this problem.
> >
> >There are infinite combinations of operators (its dynamic, and
> >there is not fixed number of them, and there is no fixed maximum
> >number of operations you can use), which are within
> >the exponential domains of symbol remapping and different bases.
>
> Here, you complicate your system unnecessarily. You may achieve
> your results using simpler means.
>
> >Its intractable because you have an NP HARD problem.
> >The two domains are each exponential and their relationship to
> >each other is even more so.
> >
> >When you have infinite with infinite, no number of computers
> >in the world can solve it.
>
> Infiniteness do not add like ordinary numbers. Suppose that you have
> an n-dimensional vector of Real numbers. An interesting fact is that
> it is possible to make an unique and invertible mapping between the
> n dimensional set of numbers {x0,x1,x2,x2,..xn} (n finite) onto a
> single real 0<=z<=1. ("I see it, but I don't believe it", Georg Cantor
> in letter to Dedekind June 29, 1877. (This works only for point
> sets.)
>
> A construction with the same effect using integers is a
> File System, where a single integer (the file system or hard disk)
> may contain a number of other files of different sizes. Based on
> this, your two sets of countable entities (i.e. infinite) may be
> equal in power to a single countable set.
>
> >This is very similar to the eisenburg uncertainty principle and
> >the quantum mechanic duality problem. The more you know one
> >value, the less you know the other. The more you can pinpoint
> >the location, the less you know about the speed. And vice versa.
> "eisenburg"... Well I guess that you mean
>
> Heisenberg, W. "The Perceptible content of the Quantum
> Theoretical Kinematics and Mechanics"
> "Uber den anschaulichen Inhalt der quantentheoretischen
> Kinematik und Mechanik" Zeitschrift fur Physik 43, 172-198 1927.
> (Heisenberg was somewhat disturbed by his discovery that
> simultaneous observations of complementary quantities cannot be
> both infinitely accurate, and went to Copenhagen to discuss this
> with Niels Bohr, who argued Heisenberg to publish.)
>
> See also Heisenberg, W.
> "Die Rolle der Unbestimmtheitsrelationen in der mordernen Physik"
> Monatshefte fur Mathematik und Physik 38, 365-372, 1931.
>
> * * * * * * * * *
> May 17, 2000
>
> Bo Dömstedt
> Chief Cryptographer
> Protego Information AB
> IDEON,Lund,Sweden
> http://www.protego.se
>
>
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Unbreakable encryption.
Date: Thu, 18 May 2000 11:22:16 GMT
I would welcome any comments on weaknesses in Base Encryption.
There is a more detailed explaination at http://www.edepot.com/phl.html
Remember, intractable problem domains like NP HARD are proven
to be "non-brute-forceable". Base Encryption implements an
NP HARD intractable problem domain.
All the algorithms in existence these days (with the exception
of maybe the one-time pad) have static entities that can be
permutated through (brute force).
I only hope many people in the forum are able to think outside
the box. Only then can the old model be replaced with something
better.
flat-earth -> round earth
rotate around earth -> rotate around sun
many people hang on to old concepts and are afraid of shaking
loose the familiar. they would rather fight than admit wrong.
In article <[EMAIL PROTECTED]>,
"Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote:
> [EMAIL PROTECTED] wrote:
> > Well, I never realized that what I invented on the spur of the
> > moment really is unbreakable.
>
> I read your description, and you're confusing complication with
> security. The system would certainly be breakable by a skilled
> cryptanalyst, if he were motivated to do so. For further
> relevant information, see the sci.crypt section on submission
> of challenge ciphers from amateur cryptosystems.
>
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: sci.crypt cipher contest
Date: Thu, 18 May 2000 11:24:46 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> Is publishing a cipher on the web (including source code) an
equivalent
> of exporting it? Is the website accessible from outside the U.S.?
>
> Joseph Poe
The server is in the states (to the best of my knowledge) so there is
no problem sending papers to him. It's just going the other way.
Personally I wouldn't worry about it.
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
Date: Thu, 18 May 2000 13:30:43 +0200
From: Runu Knips <[EMAIL PROTECTED]>
Subject: Re: Crypto & UNICODE???
Kenneth Cascio wrote:
> Can you refer me to a FAQ or book that explains the method you are describing?
It is just UTF-8. The version with 2 bytes per char is UTF-16. There is
also an UTF-32, but I don't know anything more about it. Just search
www.unicode.org (and maybe www.w3c.org).
------------------------------
From: Anders Thulin <[EMAIL PROTECTED]>
Subject: Re: P+1 factorization algorithm
Date: Thu, 18 May 2000 11:25:12 GMT
[EMAIL PROTECTED] wrote:
>
> Does anyone have source code, or a detailed description of how to
> implement, the P+1 factorization algorithm?, i.e. the one that finds a
> prime factor p of a large composite N if p+1 is smooth.
Is that the one by Williams? If so, the MIRACL package contains
source code -- I know that the FACTOR demo program included with
MIRACL uses p+1 for some factorization attempts.
http://indigo.ie/~mscott/
--
Anders Thulin [EMAIL PROTECTED] 040-10 50 63
Telia Prosoft AB, Hjälmaregatan 3B, 212 19 Malmö, Sweden
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: Base Encryption: Revolutionary Cypher
Date: Thu, 18 May 2000 11:29:39 GMT
In article <8g0fa4$kt1$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
>
>
> The following is a description of Base Encryption.
> The only Cypher that is not susceptible to Brute Force
> Attacks. (besides the One-Time-Pad of course :)
You have yet to sufficiently document your algorithm. Until then I say
good-day mr Snake Oil.
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
Date: Thu, 18 May 2000 13:44:48 +0200
From: Runu Knips <[EMAIL PROTECTED]>
Subject: Re: NSA hardware evaluation of AES finalists
Ken Lamquist wrote:
> The NSA report on the comparisons of hardware implementations of
> the AES candidates is now on the web site.
So we can conclude (again) that Rijndael, Serpent and Twofish are
the ones of choice if we have to choose. However, I can't agree
with your conclusion that Rijndael is the clear winner.
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: Unbreakable encryption.
Date: Thu, 18 May 2000 11:38:29 GMT
In article <8g0hdd$mr3$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> For all practical purposes, representation of infinite numbers
> is not a problem. Numbers can be placed in a rational form
> like 1/3 instead of .3333333333. For encryption's sake, predefined
> precision can be agreed upon before the calculations, and it can
> then use truncation, or rounding to deal with the extra precision
> point. There are options to set the precision in the calculator,
> which does not preallocate any storage (so it uses memory only
> when necessary). Large values in memory can be virtually dumped to
> disk and retrieved when needed,
> and is handled automatically by many OS's these days (look up
> virtual memory, swap partitions, etc).
But technically if you truncate a fraction you can't go back. For
example
1/3 = 0.3333333....
However...
0.333 * 3 = 0.999, not '1'.
Your method is seriously a) inefficient, b) undocumented and c) weak.
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: Unbreakable encryption.
Date: Thu, 18 May 2000 11:42:54 GMT
In article <8g0jor$p9c$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> I would welcome any comments on weaknesses in Base Encryption.
>
> There is a more detailed explaination at
http://www.edepot.com/phl.html
> Remember, intractable problem domains like NP HARD are proven
> to be "non-brute-forceable". Base Encryption implements an
> NP HARD intractable problem domain.
That is wrong actually. The "boolean-satisfiabilty problem" is a NP
problem but is solvable via brute force.
And you have yet to show BASE transformation is anything but a linear
problem to solve.
> All the algorithms in existence these days (with the exception
> of maybe the one-time pad) have static entities that can be
> permutated through (brute force).
This is true of any finite length program.
> I only hope many people in the forum are able to think outside
> the box. Only then can the old model be replaced with something
> better.
Which we have yet to find.
> flat-earth -> round earth
> rotate around earth -> rotate around sun
Whoa slow down Galieo. You have yet to sufficiently document
your 'method' or even discuss it's cryptanalysis. Instead you assume
it's a NP problem.
> many people hang on to old concepts and are afraid of shaking
> loose the familiar. they would rather fight than admit wrong.
Nah, I admit I am wrong all the time, it's part of the learning process
(um hint hint).
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
Date: Thu, 18 May 2000 13:51:57 +0200
From: Runu Knips <[EMAIL PROTECTED]>
Subject: Re: Encrypting random data
Darren New wrote:
> Say one has a hardware RNG generating truely random numbers (as opposed to
> PRNs). If this hardware is on one machine, and you want to use the random
> numbers on a different machine, would it suffice to encrypt the random pad
> with a stream cypher like (say) RC4, then send the numbers? Is there any way
> to break such, assuming the RC4 key was distributed securely?
> If that pad is then decrypted and used as a OTP, is it noticably harder to
> break the resulting encrypted message than to break the RC4 encryption?
It is very hard to break even weak ciphers if the plaintext is already
a random sequence. There is simply no test you can do if the key is
correct; for most keys produce a random sequence.
But if that random sequence is used as an OTP, there IS a test: the
random
sequence XOR the sended message should result in a valid plaintext.
Therefore if your opponent has both the encrypted OTP and your message,
he
or she only has to break the encryption of the OTP. Therefore the
security
of the OTP itself is gone. Why don't you just encrypt the message itself
with the algorithm you wanted to use for the OTP ?
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: random.org?
Date: Thu, 18 May 2000 11:47:29 GMT
In article <8fvr58$vf2$[EMAIL PROTECTED]>,
"RecilS" <[EMAIL PROTECTED]> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Does anyone know the quality level of random.org? It explains what
> random numbers are and that it retrieves them from radio wave noise,
> but fails to mention whether you're getting fresh numbers, rehashes,
> etc.
Quality of random bits, hahaha that's funny. Either a bit was
predicted using a model, or it was not predicted. There is no 87%
random bits for example...
It's when you get into string of bits you can get things like 0.X bits
per bit of entropy. Then you get 'how much entropy is actually
present.'.
But a single individual bit is either random or not, there is no half-
way about it.
> Also, does anyone know of a real-time stock market level server (Dow
> Jones preferably but any will do)?
> Obviously I'm trying to find a good source of online random numbers
> so any other sources would also be appreciated.
Note that this info is *public* and will not suffice (no matter how
random) for a secure rng/prng.
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
