Cryptography-Digest Digest #671, Volume #12 Wed, 13 Sep 00 13:13:00 EDT
Contents:
Re: (Jury Selection) Re: Carnivore article in October CACM _Inside_Risks (Robert H.
Risch)
Re: Dickman's function (Francois Grieu)
Re: Bytes, octets, chars, and characters (mike burrell)
Re: For the Gurus ("root@localhost " <[EMAIL PROTECTED]>)
Re: (Jury Selection) Re: Carnivore article in October CACM _Inside_Risks (Yiorgos
Adamopoulos)
Re: IDEA - PGP (John Myre)
Re: Need Tiger hash results for sample test data ([EMAIL PROTECTED])
Re: MIRACL (John Myre)
Re: For the Gurus (Jim Gillogly)
Re: For the Gurus ("root@localhost " <[EMAIL PROTECTED]>)
Re: (Jury Selection) Re: Carnivore article in October CACM _Inside_Risks (Rich Wales)
Re: Can anyone decrypt this? ("David Kocmoud")
Re: Crypto Related Pangrams (Doug Kuhlman)
Re: For the Gurus (Mok-Kong Shen)
Re: Scottu19 Broken (Mok-Kong Shen)
Re: For the Gurus (Jim Gillogly)
Re: nice simple function ("Douglas A. Gwyn")
Re: Police want help cracking code to find Enigma machine ("Douglas A. Gwyn")
----------------------------------------------------------------------------
From: Robert H. Risch <[EMAIL PROTECTED]>
Crossposted-To: comp.security.misc,alt.security,talk.politics.crypto,us.legal
Subject: Re: (Jury Selection) Re: Carnivore article in October CACM _Inside_Risks
Reply-To: [EMAIL PROTECTED]
Date: Wed, 13 Sep 2000 13:40:41 GMT
On 12 Sep 2000 10:06:43 GMT, [EMAIL PROTECTED] (Yiorgos
Adamopoulos) wrote:
>>Among the rules, is the ability of a
>>lawyer to recite a speech to a hostile witness and force him to answer
>>yes or no as to whether what the lawyer just said is true. The
>
>Here also. But usually it is followed by a judge asking ``why yes?''.
>
>>witness can only explain his answer if a the lawyer on the same side
>>as the witness later asks him "non leading" questions that are crafted
>>to refute the former lawyer's speech. Any such thing goes on in a
>>Greek Court?
Does this mean that witnesses have an opportunity to testify in their
own words in a Greek Court? In the US, the lawyers are fanatical in
their desire to control witnesses. It is quite proper here for a
lawyer to object that a witness is giving a "narrative".
RHR
------------------------------
From: Francois Grieu <[EMAIL PROTECTED]>
Crossposted-To: sci.math.num-analysis
Subject: Re: Dickman's function
Date: Wed, 13 Sep 2000 15:51:45 +0200
[EMAIL PROTECTED] (D. J. Bernstein) wrote:
> Francois Grieu <[EMAIL PROTECTED]> wrote:
> > I'm trying to find or devise simple C code to compute Dickman's
> > function.
>
> There's a rho() function in psibound: <http://cr.yp.to/psibound.html>
Dickman's rho(b) is of course the f[b] = F[1/b] in my original message.
I tried Dan's rho() function in rho.c found at
<http://cr.yp.to/psibound/psibound-0.50.tar.gz>
and it does just what I wanted. Thanks a lotn Dan ! Somehow this code
circumvents the error propagation problem encountered in my methods,
without using extended precision. It agrees nicely with the values I
derived.
By any chance, is there a reference on the algorithm used and/or the
math behind it ? Has it to do with
/b
f[b] = (1/b) | f[t] dt for b>=1
/b-1
that Peter-Lawrence Montgomery kindly pointed, and does seem an
excellent formula (with error propagation, intuitively, relative rather
than absolute) ?
Francois Grieu
------------------------------
From: mike burrell <[EMAIL PROTECTED]>
Subject: Re: Bytes, octets, chars, and characters
Crossposted-To: comp.lang.c
Date: Wed, 13 Sep 2000 14:05:25 GMT
In comp.lang.c Jerry Coffin <[EMAIL PROTECTED]> wrote:
> In article <8plkse$2bl$[EMAIL PROTECTED]>, [EMAIL PROTECTED] says...
>> Pray tell, what does C99 do to help people deal with large files easier
>> than in the C89 days? Is long long related in any way to fseek and
>> friends?
> Yes and no -- it's not required to be, but it's relatively
> straightforward to use it as an fpos_t that (as an extension) allows
> arithmetic on file positions.
this still has nothing to do with long long. if i'm an implementor of a
system with 32-bit longs and 64-bit fpos_t's, i could do:
typedef __WackyOS_64bit_uint fpos_t;
just as easily as i could do:
typedef unsigned long long fpos_t;
i.e. a rose by any other name.... ;)
--
/"\ m i k e b u r r e l l
\ / ASCII RIBBON CAMPAIGN [EMAIL PROTECTED]
X AGAINST HTML MAIL,
/ \ AND NEWS TOO, dammit finger [EMAIL PROTECTED] for GPG key
------------------------------
From: "root@localhost <spamthis>" <[EMAIL PROTECTED]>
Subject: Re: For the Gurus
Date: Wed, 13 Sep 2000 10:29:31 -0400
wtshaw wrote:
>
> In article <[EMAIL PROTECTED]>, Mok-Kong Shen
> <[EMAIL PROTECTED]> wrote:
>
> > "root@localhost " wrote:
> > >
> > > If I wanted to design a simple manual system that I felt was very
> > > difficult to crack, what historical system would you recommend I start
> > > with and why?
> >
> > I am no guru, though not a pure beginner. I would suggest that
> > you employ a transposition and a polyalphabetic substitution
> > (with independent alphabets) and always use sufficiently long
> > keys. If you like, you could add such stuffs like homophones.
> > I can't discuss, though, the issue of strength (concerning your
> > 'why'), for that topic is too difficult for my humble knowledge.
> >
> > M. K. Shen
Mr. Shen;
Any good Korean based editors on the net that are available in the
public
domain?
In another life I was a Korean linguist. This makes the unreasonable
assumption that you are Korean and not Chinese, sir. I hope not to
offend.
:)
>
> I wonder what kinds of attacks that he wants to guard against, and how
> dedicated the attacker is apt to be.
The attacker should be assumed to have state of the art resources and
knowledge. He will be willing to expend whatever time and resources
are required to either prove he is unable to crack the system or to
actually crack it.
> This seems important. Some very
> complicated systems fail to deliver when really tested in the real world.
The system will be a back up system used by a non-cryptographer. When
dealing with real-world pencil and paper systems, complicated systems
often fail because the end user of the system finds a short cut to
reduce
the tedium of using the system. The ease of use of the system is of
much import for this reason. End users also make mistakes when doing
the
necessary transcription, encoding, decoding, and transmission required
by manual systems.
I was looking at a modified Vegenere system but decided that the system
was too difficult to use. Designing a good manual system is an exercise
in compromise between ease of use and security. Speed of the encryption
and decryption processes are also an issue is some instances.
Obviously the system needs to be periodic or aperiodic key changing and
have multiliteral variants.
Even a monoalphabetic substitution system can be secure under the right
conditions. For example, what does this say? LMUU MEOZ AQDR LEXX It
is a simple keyword based mono-alphabetic substitution cipher. I expect
this one is do-able with machine assist but if I had left off the last
word it would not be as easy a problem.
In my case I am trying to design a worksheet for the end user. I want
it to be very simple to use. Superencryption is out of the question.
One time pads are also more tedious to use and can be prone to error.
I am trying to find a compromise between use friendliness and security.
My "choice of the day" is digraphic polyalphabetic substitution in a
matrix with the high frequency letters having more variants than the
low frequency letters. Transposition would make this much more secure
but the additional step is cumbersome.
My goal is to design something that can encipher 200 letters of text
with a high expectation of security without requiring a key change.
I want the whole encryption worksheet to fit on one 9x11 page. One
page per message, key changes with page.
The feedback I am seeking is along the lines of "With a playfair square
one can reasonably expect xxx letters of secure ecryption BEFORE a key
change is required."
Thoughts?
-m-
> --
> Rats! (What Gov. Bush is apt to say the morning after the election)
--
If children don't know why their grandparents did what they
did, shall those children know what is worth preserving and what
should change?
http://www.cryptography.org/getpgp.htm
------------------------------
From: [EMAIL PROTECTED] (Yiorgos Adamopoulos)
Crossposted-To: comp.security.misc,alt.security,talk.politics.crypto,us.legal
Subject: Re: (Jury Selection) Re: Carnivore article in October CACM _Inside_Risks
Date: 13 Sep 2000 15:05:28 GMT
Reply-To: [EMAIL PROTECTED]
In article <[EMAIL PROTECTED]>, Robert H. Risch wrote:
>Does this mean that witnesses have an opportunity to testify in their
>own words in a Greek Court? In the US, the lawyers are fanatical in
>their desire to control witnesses. It is quite proper here for a
>lawyer to object that a witness is giving a "narrative".
Here the President of the Judges is the God inside the court. So if he
wishes (and some times they do) they let the witness testify in their
own words: ``Tell us what you know about the case'' and such stuff.
And because he is God(tm) noone can object :-) Sometimes the witnesses
ask to establish their yes or no with arguments direct to the judge :-)
This is allowed because there are questions where although the lawyer
requires a simple yes / no answer this is not enough.
-Y
------------------------------
From: John Myre <[EMAIL PROTECTED]>
Subject: Re: IDEA - PGP
Date: Wed, 13 Sep 2000 09:05:31 -0600
(Ok, ok, this is nitpicking.)
Johnny Bravo wrote:
>
> On 10 Sep 2000 17:55:21 GMT, [EMAIL PROTECTED] (Bill Unruh) wrote:
>
> >RC4 is not the right thing to use here as it demands a separate password
> >for each file encrypted, which is not of great use for you I suspect.
>
> You can safely reuse the password if you use a seperate IV for each
> message (not much of a problem).
That's technically not true. That is, RC4 (well, alleged RC4) does
not define the use of an IV at all.
Ciphersaber, for example, defines a way to use an IV. Other methods
are conceivable, as well (such as hashing the password and IV together
to create the RC4 key). The end result of any secure method will be
that you are actually using a different key for each RC4 message, even
if those keys are all based on a single secret.
So, yes, you can use the same password with RC4 to encrypt several
files. But it requires a definition of how an "IV" might be used,
since RC4 itself does not define how to use one. And then you have
to evaluate whether the system is still secure.
JM
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Need Tiger hash results for sample test data
Date: Wed, 13 Sep 2000 15:12:04 GMT
In article <[EMAIL PROTECTED]>,
John Myre <[EMAIL PROTECTED]> wrote:
> Jim Gillogly wrote:
> <snip>
> > To verify it for yourself without the editor getting in your way,
> > write a 1-line program that prints "abc" and send it to a file.
>
> Assuming he doesn't use "puts()" ...
>
> JM
>
Ah, the simple things in life! Dorothy has surrendered, and I stand
corrected. Feeling a bit lazy, I used the 'emacs' text editor to create
a simple file containing 'abc' which is 3 bytes long. Using vi or 'cat',
however, will force in the newline making it 4 bytes long. Indeed, I was
using the wrong editor the whole time. It would appear that sample files
are no longer necessary (it would still be nice to have a hash for a
binary file that I could down-load and confirm, however), as the sample
strings provided with the Tiger test program should suffice, at least
now that I know not to include the silly newline and how to keep that
little rascal from getting tacked on to the end of the file. I guess you
guys must have been wondering why I needed sample files when I had
everything I needed all along, right?!
This also answers the question of the EOF character. Clearly, this is
not getting included in the hash because if it was, then you'd expect a
different hash on a given string versus its file counterpart. In other
words, when reading a file into an array, there's no reason to terminate
the length of the array prior to passing it to the hash routine; there's
nothing in there that you would want to remove.
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: John Myre <[EMAIL PROTECTED]>
Subject: Re: MIRACL
Date: Wed, 13 Sep 2000 09:25:33 -0600
Soeren Gammelmark wrote:
<snip>
>
> Error: Unable to execute command 'tasm32.exe'
<snip>
Do you have tasm32.exe? That's the assembler; it doesn't come
with every version of the compiler. Presumably certain of the
source files have embedded assembly statements. Therefore
either you have to get the assembler, or perhaps there is a
configuration value somewhere to compile without it. Check
the sources that cause the error and find the assembly code;
see if there is a conditional compilation (probably using
#ifdef) to avoid it. Etc.
JM
------------------------------
From: Jim Gillogly <[EMAIL PROTECTED]>
Subject: Re: For the Gurus
Date: Wed, 13 Sep 2000 15:39:01 +0000
"root@localhost " wrote:
> Even a monoalphabetic substitution system can be secure under the right
> conditions. For example, what does this say? LMUU MEOZ AQDR LEXX It
> is a simple keyword based mono-alphabetic substitution cipher.
"Not today, friend." Keyword KOSHER. (Or, equivalently, GOITER or HOSIER
or a host of others.)
--
Jim Gillogly
Mersday, 22 Halimath S.R. 2000, 15:37
12.19.7.9.16, 5 Cib 19 Mol, Seventh Lord of Night
------------------------------
From: "root@localhost <spamthis>" <[EMAIL PROTECTED]>
Subject: Re: For the Gurus
Date: Wed, 13 Sep 2000 11:33:48 -0400
Mack wrote:
Mack;
Thanks I have considered a book cipher. That system is good for
many messages. I am trying to specify a system good for one
message before a key change. This simplifies the security issue
somewhat and (hopefully) will make a system which is quick and
effective.
I have archived your system in my mail folder for laster study
when time permits.
Again thanks for the input.
-m-
--
If children don't know why their grandparents did what they
did, shall those children know what is worth preserving and what
should change?
http://www.cryptography.org/getpgp.htm
------------------------------
From: [EMAIL PROTECTED] (Rich Wales)
Crossposted-To: us.legal,comp.security.misc,alt.security,talk.politics.crypto
Subject: Re: (Jury Selection) Re: Carnivore article in October CACM _Inside_Risks
Date: 13 Sep 2000 15:53:10 -0000
Robert H. Risch wrote:
> In the US, the lawyers are fanatical in their desire to
> control witnesses. It is quite proper here for a lawyer
> to object that a witness is giving a "narrative".
And when the defendant's lawyer has his client give a "narrative" on
the witness stand, this frequently means (though it is never said
explicitly) that the lawyer has reason to know the accused is guilty
(and lying), but is ethically barred from either taking an active
role in his client's false testimony by eliciting testimony in the
normal fashion, or openly exposing his client's lies (a violation of
lawyer-client privilege, amongst other things).
Rich Wales [EMAIL PROTECTED] http://www.webcom.com/richw/
*DISCLAIMER: I am not a lawyer. My comments are for discussion
purposes only and are not intended to be relied upon as legal or
professional advice.
------------------------------
From: "David Kocmoud" <[EMAIL PROTECTED]>
Crossposted-To: comp.mail.pegasus-mail.ms-windows
Subject: Re: Can anyone decrypt this?
Date: Wed, 13 Sep 2000 10:38:37 -0500
"medievalist" <[EMAIL PROTECTED]> wrote in message
news:zDyv5.66$[EMAIL PROTECTED]...
> The widely used Pegasus Email for Windows software (by David Harris of
New
> Zealand) requires storage of user IMAP and POP passwords. These passwords
> are never displayed or stored in clear text, probably as a defense against
> "shoulder surfing".
>
> The IMAP password encryption has not been cracked yet. Pegasus Support
do
> not reply to email on the subject (and David Harris does not allow
> inspection of his algorithms or source code). Sysadmins who wish to
convert
> to IMAP are stuck with POP3 if they do not have the resources for
> large-scale user training. This is commonplace; Pegasus is sufficiently
> user-friendly that it is an excellent choice to distribute to end-users
who
> are very nearly computer-illiterate. Unfortunately this same body of
users
> typically are the worst victims of POP3; they never delete their Email and
> it grows to clutter their systems until they grind to a halt.
Those who are willing to sign a non-distribution agreement may contact David
Harris directly for a commandline generator utility for this purpose.
[EMAIL PROTECTED]
--
+--------------------------------------------------+
| David J. Kocmoud (Official Pegasus Mail and Mercury Tech Support Member)
| ** I can only return your call collect to toll phone numbers **
| 2403 Colgate Circle, College Station, Texas 77840-4615 USA
| Voice: (979) 696-8586 (evenings)
| E-Mail: [EMAIL PROTECTED]
| Home Page: http://sago.tamu.edu/users/davek/
+--------------------------------------------------+
------------------------------
From: Doug Kuhlman <[EMAIL PROTECTED]>
Subject: Re: Crypto Related Pangrams
Date: Wed, 13 Sep 2000 10:42:57 -0500
wtshaw wrote:
>
>
> 42) *Vexed xenophobes fear crypto's jazzy, quaint, works.
Loved these! Unfortunately, this one isn't a pangram, as it doesn't
contain the letter "l".
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: For the Gurus
Date: Wed, 13 Sep 2000 18:23:48 +0200
"root@localhost " wrote:
>
> Any good Korean based editors on the net that are available in the
> public
> domain?
I am ignorant of such resources. I once received an advertisement
of a multi-language processing system that runs under MS Window,
but forgot its name.
M. K. Shen
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Scottu19 Broken
Date: Wed, 13 Sep 2000 18:23:39 +0200
"Douglas A. Gwyn" wrote:
>
> Mok-Kong Shen wrote:
> > Perfectly. This the raison d'etre of high-level programming
> > languages and comment statements in these, not to mention
> > object-oriented design methodologies and other software
> > engineering tools.
>
> Object-oriented design has nothing to do with fixing the
> problems in the example source code. More to the point
> would be Kernighan & Plauger's "The Elements of Programming
> Style".
Object-oriented design is destined to help one to procede
from a concept/objective to the code in a programming
language. Thus it aids understanding. Some OO-methodologies
don't have 'direct' connections to source code. But there are
systems that allow one to do successive refinements from
top down all the way in a certain pseudo code and the last
step to generate code in a programming language is done
automatically. So one does not need to examine the source
code at all. I have not used such systems but I heard once
a lecture demonstrating one commercial system for
programming of real-time applications.
M. K. Shen
------------------------------
From: Jim Gillogly <[EMAIL PROTECTED]>
Subject: Re: For the Gurus
Date: Wed, 13 Sep 2000 16:20:02 +0000
"root@localhost " wrote:
> My "choice of the day" is digraphic polyalphabetic substitution in a
> matrix with the high frequency letters having more variants than the
> low frequency letters. Transposition would make this much more secure
> but the additional step is cumbersome.
It looks like you're talking digraphic homophonic substitution, rather
than polyalphabetic, if I understand your proposal. You're thinking like
a Grandpre, right? If the matrix is coherent and small enough for a
non-cryppie to memorize, then known plaintext of a few dozen characters
would likely allow reconstruction of the message and matrix. If it's not
coherent or too big, the user will have trouble memorizing it.
> The feedback I am seeking is along the lines of "With a playfair square
> one can reasonably expect xxx letters of secure ecryption BEFORE a key
> change is required."
Private Alf Monge decrypted a single Playfair challenge cipher of only
30 characters having no repeated digraphs using pencil and paper. He
wrote up his attack in "Cryptography and Cryptanalysis Articles" Vol. 1,
edited by Friedman.
If you're going to have something secure against a serious opponent with
serious resources (as you suggested was the case here, without naming
the opponent), you'll need something fancier than this. Consider the
other suggestions you've received, including mine. You might also
rethink your requirements and revisit whether a wireless Palm Pilot
running PGP would fit your needs.
--
Jim Gillogly
Mersday, 22 Halimath S.R. 2000, 16:10
12.19.7.9.16, 5 Cib 19 Mol, Seventh Lord of Night
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: nice simple function
Date: Wed, 13 Sep 2000 12:46:29 -0400
Mok-Kong Shen wrote:
> "Douglas A. Gwyn" wrote:
> > Actually, linearity is a standard mathematical property:
> > A function f is said to be linear iff for all a,x,y (for
> > which the expressions are well defined): f(a*x) = a*f(x)
> > and f(x+y) = f(x)+f(y). (In algebras with just one
> > operator, only the second condition applies.)
> I suppose that it is the opposite concept, namely non-linearity,
> that is somewhat difficult to define (to be satisfactory in all
> aspects). Anyway, I don't see a definition of non-linearity
> in the few algebra textbooks I possess.
Obviously, a function is nonlinear iff it is not linear.
I think what you mean is that *measuring* the *degree* to
which a function is nonlinear is not usually described.
That's because it isn't relevant for the formal algebraic
development.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Police want help cracking code to find Enigma machine
Date: Wed, 13 Sep 2000 12:54:48 -0400
Anders Thulin wrote:
> Considering that the text of the letter reads like some Korean
> stereo equipment manuals do, ...
Actually no, it has the characteristics of a cover text for a
steganographic message. Unfortunately for us, the exact geometry
on the text in the letter is probably important for decoding it.
The interesting question is, why would there be a hidden message
when the overt one seems to be sufficient?
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
