Cryptography-Digest Digest #149, Volume #13 Mon, 13 Nov 00 12:13:00 EST
Contents:
Some facts --- MY living in the U.S.A. in 1990's (Markku J. Saarelainen)
Re: voting through pgp ("Tony T. Warnock")
Re: Q: timing attacks on cryptographic algorithms ("kihdip")
Re: voting through pgp ("Tony T. Warnock")
Re: LaGrange Interpolating Polynomial Scheme? (Kent Briggs)
Re: voting through pgp ("Tony T. Warnock")
Hash used in prepaid phone cards. (Ariel Burbaickij)
Re: On an idea of John Savard (Mok-Kong Shen)
Re: Chimera ciphers (WAS Re: On an idea of John Savard) (Mok-Kong Shen)
Re: "Secrets and Lies" at 50% off (James Felling)
RE: monoalphabetic cipher ("Deja User")
Re: RC4 on FPGAs? ("CMan")
----------------------------------------------------------------------------
From: Markku J. Saarelainen <[EMAIL PROTECTED]>
Crossposted-To: soc.culture.british,soc.culture.polish,soc.culture.austrian
Subject: Some facts --- MY living in the U.S.A. in 1990's
Date: Mon, 13 Nov 2000 15:06:58 GMT
1. I have not had any political affiliations in any way
2. I have never voted for anybody, voted for nobody
3. U.S. Government and its intelligence community spied on me since
1993 as I have written it down in my diary entries. My spouse (Kathryn
Goll - it was Kathryn Goll Saarelainen) was involved in these
activities without ever telling this to me. But I discovered it in
March, 1994 after she came from hew work and made specific references
to the work place situation where I was involved. I never had mentioned
this situation to her. I kept quiet.
4. The U.S. government stole my spouse (currently ex-spouse) from me in
1999 for a possible deportation of me.
5. The U.S. government together with the government of Finland and my
ex-Finnish relatives attacked me in 1999 and in the first half of 2000.
6. Finnish indsutrial interests and ex-relatives such as Jukka
Saarelainen (known to be involved in the military intelligence)
participated in influence efforts and spying on me since 1994 as
discussed earlier.
7. The Georgian (Gwinnett County) Superior Court Judge Oxendyne made a
very unfair judgement and forced me to leave me my home and house in
Atlanta (Duluth), Georgia, U.S.A. and forced me to live in the streets.
I worked in this house for 15 hours a day, but after this unfair judge
made the decision, I was effectively removed from my work place too.
8. My ex-spouse participated in spying on me - documented evidences
exists.
9. There were two immigration related blackmailing or influence efforts
against me. In both cases, the same subject matter. First, in May,
1997, when I worked for IntelliQuest Communications (Atlanta) -
intelligence / information comp - research comp - some of clients
include IBM and HP - Gary from Scottland who worked in the account
management came to the same haircuttery (The SuperCuts), where I was
and started asking specific questions regarding to my relationship with
my spouse. He never got the haircut, but left the place after asking
questions. Second, when I had a dinner with my spouse (ex currently) in
my own home in Atlanta, there was a ring on the top of an article
discussing the fraudulent marriages and the immigration / basically the
marrigae fraud and shortly after sitting down to eat the dinner, there
was call and a person made specific references to this article. Who put
the ring on the article? Who called... etc.? One thing I know, my ex-
spouse was involved in the espionage against me. The newspaper was the
Atlanta-Journal Constitution.
And many more facts ... read alt.politics.org.cia ...
And why this happened? Without any cause actually. No reason what so
ever. Only thing I did was to use my freedom of speech rights - the 1st
article in the Bill of Rights and I was attacked by the U.S.
intelligence community and government. They may have never read the
statement by Thomas Jefferson and his references to "tyranny over
people's minds". Well this is what I experienced in 1990's to 2000 in
the U.S.A. So I was hurt without any cause by the U.S. government, my
ex-relatives in Finland and the U.S.A. and the government of Finland.
An unfair judge forced me to live in the streets. When I asked help
from the government of Finland, they responded "What does it matter if
somebody is behind you ...." - what an ignorance ! Well I am only 33
years old and do not expect to stay in the U.S.A. very much longer, but
what happens in the next 30 years in my life shall be very interesting
to you all there who read this message. So I experienced the tyranny by
the U.S. government without any cause.
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: "Tony T. Warnock" <[EMAIL PROTECTED]>
Subject: Re: voting through pgp
Date: Mon, 13 Nov 2000 08:33:49 -0700
Reply-To: [EMAIL PROTECTED]
binary digit wrote:
> Imagine if everyone had pgp in the world and voted through pgp, every single
> vote could be verrified and everyone would be happy, and there wouldnt be
> this problem that is going on now in florida
At least it would give a big incentive to people to break pgp, the protocols,
etc.
------------------------------
From: "kihdip" <[EMAIL PROTECTED]>
Subject: Re: Q: timing attacks on cryptographic algorithms
Date: Mon, 13 Nov 2000 16:34:07 +0100
Thanks,
I did ask the question in generel.
> This is a meaningless question to ask in general! Whether zeroes or
> ones are faster is depends only on the specifics of the implementation
> of some algorithm, so unless you have a specific algorithm and a
> specific implementation of that algorithm, your question has no meaning.
>
> > Or is the answer that the only thing we know for certain is, that there
is a
> > difference ??
And I interpret your answer as 'The only generel thing we know is, that
there is a difference'
I was not sure if you could say something generel on timing attacks - thanks
for pointing it out.
Kim
------------------------------
From: "Tony T. Warnock" <[EMAIL PROTECTED]>
Subject: Re: voting through pgp
Date: Mon, 13 Nov 2000 08:38:57 -0700
Reply-To: [EMAIL PROTECTED]
"It's not whose vote counts, it's who counts the votes." --Joseph
Stalin (attrib)
------------------------------
From: Kent Briggs <[EMAIL PROTECTED]>
Subject: Re: LaGrange Interpolating Polynomial Scheme?
Date: Mon, 13 Nov 2000 15:43:45 GMT
"Bruce C. Goldstein" wrote:
> I'm somewhat intrigued with the LaGrange Interpolating Polynomial Scheme for
> allowing x of y participants to unlock a particular secret. I did a search
> on the Internet and very little came up in the way of this in usage of
> cryptography applications. There GOTTA BE some source code and/or freeware
> (shareware?) out there that we could utilize.
My shareware Puffer program (see web site below) uses this method in its trustee
key option. No source is provided although the specs.txt file has a brief
explanation on how it is done.
--
Kent Briggs, [EMAIL PROTECTED]
Briggs Softworks, http://www.briggsoft.com
------------------------------
From: "Tony T. Warnock" <[EMAIL PROTECTED]>
Subject: Re: voting through pgp
Date: Mon, 13 Nov 2000 08:46:02 -0700
Reply-To: [EMAIL PROTECTED]
Instead of: "If you don't vote for <insert candidate>, I'll kill you (or
your family)", one could use: "If <insert candidate> doesn't win, I'll
kill you (or your family, dog, etc.)" This has the advantage of getting
you to help get out the vote.
------------------------------
From: Ariel Burbaickij <[EMAIL PROTECTED]>
Subject: Hash used in prepaid phone cards.
Date: Mon, 13 Nov 2000 16:56:35 +0100
Kind of prepaid card meant: I mean card with some PIN-nubmer under protective
layer of invisible material.Then you peels this
stripe off and get some number to see.It is
named (falsely) PIN (it is NOT your personal)
and (NOT your identification number).Well
after you knows your PIN you dial in in some
crappy(and crappy is it indeed) telecom
company and are requested to give the PIN
number in.
Question: What is the standard(or most ofen) hash function
used to discriminate between valid and invalid
PIN-number very quickly?
Regards.
PS Mozilla Messenger sucks as MUA but we have just to options here: it or
Outlook
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: On an idea of John Savard
Date: Mon, 13 Nov 2000 17:27:17 +0100
Tom St Denis wrote:
>
> Mok-Kong Shen <[EMAIL PROTECTED]> wrote:
> >
> > John Savard wrote:
> > >
> > > Tom St Denis <[EMAIL PROTECTED]>wrote:
> > >
> > > >If you mean to interleave the rounds of one cipher with another I
> > > >strongly suggest against this. Some ciphers such as RC2 or MARS
> only
> > > >work well if used in a particular fashion because of the directed
> > > >avalanche affect caused by unbalanced data networks.
> > >
> > > Yes, one would have to choose the particular ciphers with care.
> > >
> > > >Generally I do not think multiple encryptions or "permutations on
> the
> > > >encryption" are good ideas. Just add more rounds or use a better
> > > >cipher.
> > >
> > > But this is a way of constructing a better cipher. Alternating
> rounds
> > > - actually, for a Feistel cipher, pairs of rounds, but I think my
> > > suggestion with respect to SAFER+ and Rijndael is perhaps what is
> > > being referred to - by producing a cipher with a more varied
> structure
> > > makes it harder, I would think, to find the sort of things that
> > > differential and linear cryptanalysis can exploit.
> >
> > As I understand, a common block cipher (there are certainly
> > exotic exceptions) is 'homogeneous' in the sense that the
> > rounds (cycles) are equivalent and relies on more rounds
> > (cycles) to reach the desired strength with the same
> > principle as multiple encryption with different ciphers.
> > Thus each round (cycle) could be regarded as an individual
> > cipher. From this your interleaving and my permutation
> > are most easily understandable. Any influence on strenth,
> > if there are any, is evidently easily compensated by
> > the ensuring complexity of the resulting combined algorithm.
>
> The problem with interleaving other block ciphers is that, while it's
> true I iterate a function many times for security, I am relying on
> specific constructions of the function for security. If you mix two
> ciphers they may be individually secure, but as a composition their
> requirements may not be compatible (re: CAST mixed with Twofish...)
>
> Your better off using a single good design repetitively.
You missed my point that a (assumedly well designed) block
cipher has rounds (cycles) that are equally good. So
consider these as individual ciphers and are concatenated
in the original design as a multiple encryption and yo
see there can be no objection in taking these apart and
mixing with those from another cipher.
M. K. Shen
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Chimera ciphers (WAS Re: On an idea of John Savard)
Date: Mon, 13 Nov 2000 17:29:09 +0100
Paul Crowley wrote:
>
> Tom St Denis wrote:
> > > But this is a way of constructing a better cipher. Alternating rounds
> > > - actually, for a Feistel cipher, pairs of rounds, but I think my
> > > suggestion with respect to SAFER+ and Rijndael is perhaps what is
> > > being referred to - by producing a cipher with a more varied structure
> > > makes it harder, I would think, to find the sort of things that
> > > differential and linear cryptanalysis can exploit.
> >
> > This construction becomes harder to analyze, not essentially harder to
> > attack.
>
> Tom is right. Look at the beautiful proof of resistance to differential
> and linear cryptanalysis in the Rijndael paper - no such proof would be
> possible with a mixed-up cipher like you propose. Look at the way the
> different layers do different work, but interact to create a strong
> cipher. Look at the way the structure can be re-jigged to give
> decryption the same structure as encryption. I'd have far more
> confidence in pure Rijndael than in any such chimera cipher.
>
> (http://www.unifi.it/unifi/surfchem/solid/bardi/chimera/origins.html)
In the permuted one the opponent doesn't even konw the
'structure' to begin with.
M. K. Shen
------------------------------
From: James Felling <[EMAIL PROTECTED]>
Crossposted-To: comp.security.misc
Subject: Re: "Secrets and Lies" at 50% off
Date: Mon, 13 Nov 2000 10:33:57 -0600
Richard Heathfield wrote:
> Paul Crowley wrote:
> >
> > Richard Heathfield wrote:
> > > Far be it from me to stick up for a pariah, but I can't let this pass.
> >
> > I certainly agree that if DS has broken his AUP then his AUP is grossly
> > unfair - he has acted as a participant in this newsgroup in a way that
> > no AUP should forbid.
> >
> > But:
> >
> > > 3) At least he isn't, IMHO, a snake oil merchant.
> >
> > Er, *yes he is* - if anyone is a snake oil merchant, it's him.
>
> Well, maybe we are using different definitions. His source code is at
> least available...
>
> >
> > > I know his code is
> > > unreadable, and therefore his algorithm is undecipherable(!), but it's
> > > not as if he rams scott19u down people's throats.
>
> ...even if it's unreadable. :-)
>
> Anyway, I'll stop there before we get into a silly fight over
> terminology, because I think we're both broadly in agreement.
>
> <snip>
> >
> > I certainly think his presence in this group is unfortunate and it would
> > be very much richer without his persistantly rude and ignorant
> > participation.
>
> Actually, if he could participate without being persistently rude, that
> would be a plus.
>
>
As to the snake oily ness of his product, while it does seem a little oily,
esp the tangle code as documentation, it also seems to do what it says it
would reasonably well. So if it is snake oil it is high grade snake oil. My
personal opinion is that it is not snake oil, just somewhat iffy and if it
were cleaned up and vetted I might just use it.
------------------------------
From: "Deja User" <[EMAIL PROTECTED]>
Subject: RE: monoalphabetic cipher
Date: Sun, 12 Nov 2000 10:00:11 -0800
In the past, in order to make monoalphabetic ciphers harder, I have used digraphs or
homophones. Are you sure that the code is in English? If not, many of the frequencies
may be the same, but nothing makes sense. Sorry if I'm being too simplistic.
Seven
>Reply-To: [EMAIL PROTECTED]
>From: [EMAIL PROTECTED]
>Subject: monoalphabetic cipher
>Date: Fri, 10 Nov 2000 18:45:03 GMT
>To: [EMAIL PROTECTED]
>
> Message from the Deja.com forum:
> sci.crypt
> Your subscription is set to individual email delivery
> This message was sent to [EMAIL PROTECTED]
> Deja.com: Best way to buy a PC
> http://www.deja.com/channels/channel.xp?CID=13031
>>
>I've been working on what I believe to be a monoalphabetic cipher for about
>a week and half, off and on.
>
>I'm fairly sure that it is just simple substitution, because frequency
>analysis shows that only 24 unique characters are being used. The problem
>is that the amount of ciphertext available is relatively small, which is
>screwing me up trying to match letter frequency info to the correct
>substituted letter. I've got approximately 400 characters, which doesn't
>seem to be a whole lot to work with.
>
>What I'm doing is trying to swap out ciphertext letter that occurs let's say
>14% of the time with the plaintext letter that occurs 14% of the time. My
>main problem is that there is not very much difference in the letter
>frequency, of a number of different letters. For instance, there are 7
>letters that occur in a span of 2% in normal texts. Of course, these
>letters aren't going to show up exactly in x percent of the time, which
>means I have to guess which letters get substituted for which letters --
>which isn't easy, and there are a ton of permutations, is that 7^24 ?? Or
>is that 24^7?? To top it off, these letters that show up within 2% of each
>other are all high-frequency letters, which HAVE TO be correct in order to
>solve the rest of the cipher.
>
>Character distribution ranges from less than 1% to 14%. This makes me think
>it's a relatively simple cipher as it more resembles as new york city
>skyline with its ups and downs.
>
>Another problem I have is that I'm not even sure if they are using spaces or
>not within the text, so I can't start guessing at little common words like
>the, a, an, etc. I do have a character that shows up 14% of the time, btw,
>and I think that given typical frequency info, that this is a little above
>the most common letter, "E". If I use this character for the space, the
>words are still pretty long -- and I think definitely longer on average than
>the average word length.
>
>What I have done is to write a program that exhaustively tries every
>possibility(for only the 7 letters), and then uses a scoring algorithm that
>counts the number of digrams found on a line of the plaintext(after applying
>subsitution on new guess), and the score is based on the frequency that the
>digrams show up in normal text. I copied the idea off of another program,
>but I can screw around and make changes live to my own program.
>
>I also wrote a program that given a pattern of letters and unknowns, it
>searches a one meg dictionary of words, looking for words that match up.
>
>Despite my efforts, I haven't really been able to come up with anything even
>close to resembling normal text.
>
>I'm trying to figure out what my next step is. I've been coding all these
>little utilities, which although not hard, is time consuming -- and someone
>has to have already written better utilities than I. I did find a program
>called "mono" that lets you switch ct/pt pairs around and it shows you the
>change in realtime. It's a nice program, but without trying a million
>possibilities, I don't see how its going to help me.
>
>I have read a couple crypto books lightly and have access to a number of
>them. I have AC and Dr. Dobbs Crypto CD (which includes Handbook of Applied
>Crypto + 11 other books), etc.
>
>Can someone please make some suggestions to help me narrow this down?
>
>It would be appreciated.
>
>Keith Monahan
>
>
>
>
>
>
>
>
> _____________________________________________________________
> Deja.com: Before you buy.
> http://www.deja.com/
> * To modify or remove your subscription, go to
> http://www.deja.com/edit_sub.xp?group=sci.crypt
> * Read this thread at
> http://www.deja.com/thread/%3CPmXO5.111%241g3.6381%40dca1-nnrp2.news.digex.net%3E
============================================================
--== Sent via Deja.com http://www.deja.com/ ==--
Before you buy.
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: "CMan" <[EMAIL PROTECTED]>
Subject: Re: RC4 on FPGAs?
Date: Mon, 13 Nov 2000 10:08:49 -0700
Is this available on the net?
JK
--
CRAK Software
http://www.crak.com
Password Recovery Software
QuickBooks, Quicken, Access...More
Spam bait (credit E. Needham):
root@localhost
postmaster@localhost
admin@localhost
abuse@localhost
webmaster@localhost
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
"Panu Hämäläinen" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> ajd wrote:
>
> > Has anyone implemented the RC4 algorithm on an FPGA (or can anyone point
me
> > to someone who has)? What sort of throughput did you get?
>
> I did. However, I don't know how good the implementation was. Throughput
was
> same as in software.
>
> See paper Hämäläinen Panu, Hännikäinen Marko, Hämäläinen Timo, Saarinen
Jukka,
> "Hardware Implementation of the Improved WEP and RC4 Encryption Algorithms
for
> Wireless Terminals", The X European Signal Processing Conference
> (EUSIPCO'2000), September 5 - 8, 2000, Tampere, Finland, pp. 2289-2292.
>
> -- Panu Hämäläinen
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
