Cryptography-Digest Digest #170, Volume #13 Thu, 16 Nov 00 19:13:00 EST
Contents:
Re: Hitachi - on what grounds ?? (Mok-Kong Shen)
Re: "Lotto Balls lack enough mass to be influenced by electromagnetism" (WAS:Re:
FINANCIAL ASTROLOGY WEEK OF NOV 13 (Pete Stapleton)
Re: RSA question (Tom St Denis)
Re: Hitachi - on what grounds ?? ("Paul Pires")
Re: Book recommendation, please (Rex Stewart)
Re: Attacks on the key setup in RC4? (sorry "Arc4") (Tom St Denis)
Re: My new book "Exploring RANDOMNESS" (Mok-Kong Shen)
Re: Hitachi - on what grounds ?? (Mok-Kong Shen)
Re: Hitachi - on what grounds ?? ("Paul Pires")
Re: Is Triple DES the BEST Algorithm ? ([EMAIL PROTECTED])
Re: Is Triple DES the BEST Algorithm ? (Eric Smith)
Re: Hitachi - on what grounds ?? (Mok-Kong Shen)
----------------------------------------------------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Hitachi - on what grounds ??
Date: Thu, 16 Nov 2000 23:28:11 +0100
Paul Pires wrote:
>
> Mok-Kong Shen <[EMAIL PROTECTED]> wrote:
> >
> >
> > Paul Pires wrote:
> > >
> > > Mok-Kong Shen <[EMAIL PROTECTED]> wrote:
> >
> > > >
> > > > Paul Pires wrote:
> > > > >
> > > > > Mok-Kong Shen <[EMAIL PROTECTED]> wrote:
> > > > > >
> > > > > > Paul Pires wrote:
> > > > > > >
> > > > > > > Mok-Kong Shen <[EMAIL PROTECTED]> wrote:
> > > > > >
> > > > > > > I would feel better if examples were cited that adhered to
> > > > > > > a less general and more rigorous process. A white paper
> > > > > > > with source code, An acedemic publication, a publicized
> > > > > > > contest submission. Along those lines.
> > > > > > >
> > > > > > > Rarely are claims drafted as broad as the discussions
> > > > > > > mentioned. To anticipate them, the discussions would
> > > > > > > need to be a little more substantial and definitive.
> > > > > >
> > > > > > When I say that one can permutate the round keys
> > > > > > of a (any) block cipher, do I have to write code to
> > > > > > show that? If I did, with a particular cipher, the
> > > > > > code is only for a 'particular' cipher. But it is the
> > > > > > principle that is at issue.
> > > > >
> > > > > If principles are not patentable, How can they be
> > > > > Prior art? Think about it. Saying one can do it and
> > > > > "teaching" how it is done are two different things.
> > > > >
> > > > > I'm not saying that you have to do anything. I am saying
> > > > > that your every utterance doesn't have the same weight
> > > > > as reduction to practice or substantial work to disclose.
> > > > >
> > > > > Your example above is perfect. So general as to
> > > > > be meaningless. If I permute round keys of a specific
> > > > > cipher for a specific reason, in a specific way
> > > > > that is new and novel...
> > > > > maybe even usefull...
> > > > > to achieve a new or superior result...
> > > > > Does your "Prior art" read over it?
> > > > >
> > > > > Nope. If it did the examiners would have to consider
> > > > > every speculative flight of imagination from T.V. shows
> > > > > to romance novels for "Similarity".
> > > > >
> > > > > Why did you do it?
> > > > > What exactly did you do?
> > > > > What did you achieve?
> > > > > What are the limits and parameters of the process?
> > > > > What did you teach?
> > > > >
> > > > > You have left much room for me to substantially improve
> > > > > the art.
> > > > >
> > > > > Your "Prior art" only keeps me from claiming it as broadly
> > > > > as you do. Maybe not even that.
> > > >
> > > > So I have to, among others, explain what a permutation
> > > > is alike like a school teacher tells his pupils, in
> > > > your opinion?? When we discuss in a certain environment,
> > > > certain contexts can be assumed, don't we?
> > >
> > > Don't try and make it sound trivial or childish. I thought I
> > > added a little bit to the discussion. I didn't say
> > > you had to define the elementary terms. If you get to pick
> > > representative examples for my words then I start to look
> > > pretty silly. I don't need help there!
> > >
> > > You don't have to do
> > > anything. But, if you want to achieve an effect, a reasonable
> > > amount of work may be required.
> > >
> > > When you cite these discussions as prior art, what parts
> > > are valid? All of those that "Teach" your method or the
> > > corrections, contradictions, denials and rebuttals?
> > > Your right, contexts are assumed all the time. Do you
> > > walk away thinking that yours are the only ones?
> > >
> > > Get this straight, I have never seen a definitive
> > > conclusion to one of these threads yet. You're just
> > > remembering your side of them. I acknowledge
> > > that I am an under-achieving plodder but I am not
> > > an elementary school pupil. With work and effort
> > > I may yet achieve that goal.
> > >
> > > This might be a good point to ask ourselves
> > >
> > > "Have we been understood/do we understand
> > > and are we now playing for points?"
> >
> > I certainly would appreciate the opportunity to learn
> > something valuable from you. You have put forward
> > several questions 'Why did you do it?' etc. Let's
> > take the example of my suggestion of permuting the
> > round keys. This is in an addendum to the thread
> > 'On introducing non-interoperability'. Which of the
> > quenstions do you think that I need to provide
> > additional materials for answering and why? Thanks.
>
> Frankly, I'd rather be circumcized with a belt sander.
Excuse me for my poor English knowledge. I don't (honestly)
understand the meaning of your sentence at all.
M. K. Shen
------------------------------
From: Pete Stapleton <[EMAIL PROTECTED]>
Subject: Re: "Lotto Balls lack enough mass to be influenced by electromagnetism"
(WAS:Re: FINANCIAL ASTROLOGY WEEK OF NOV 13
Date: Thu, 16 Nov 2000 22:45:47 GMT
On 16 Nov 2000 18:51:38 GMT, [EMAIL PROTECTED] (Scott
Craver) wrote:
>Path:
>newsmaster1.prod.itd.earthlink.net!newsfeed1.earthlink.net!logbridge.uoregon.edu!newsfeed.stanford.edu!news.ems.psu.edu!news3.cac.psu.edu!cnn.Princeton.EDU!ivy.ee.princeton.edu!sacraver
>From: [EMAIL PROTECTED] (Scott Craver)
>Newsgroups: alt.astrology,sci.skeptic,alt.astrology.metapsych
>Subject: Re: "Lotto Balls lack enough mass to be influenced by electromagnetism"
>(WAS:Re: FINANCIAL ASTROLOGY WEEK OF NOV 13
>Date: 16 Nov 2000 18:51:38 GMT
>Organization: Princeton University
>Lines: 23
>Message-ID: <8v1abq$kjt$[EMAIL PROTECTED]>
>References: <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>
><[EMAIL PROTECTED]> <5tKQ5.450$[EMAIL PROTECTED]>
>NNTP-Posting-Host: ivy.ee.princeton.edu
>X-Trace: cnn.Princeton.EDU 974400698 21117 128.112.48.185 (16 Nov 2000 18:51:38 GMT)
>X-Complaints-To: [EMAIL PROTECTED]
>NNTP-Posting-Date: 16 Nov 2000 18:51:38 GMT
>Xref: newsmaster1.prod.itd.earthlink.net alt.astrology:365152 sci.skeptic:491110
>alt.astrology.metapsych:88842
>
>Cyberia <[EMAIL PROTECTED]> wrote:
>>
>>Not to pick nits, but live spiders have been levitated using electromagnetic
>>energy. Last time I looked, spiders contained no metal parts, and could only
>>be charged with "insecticide".
>
> Also, more realistically, a ping-pong ball can attain a static
> charge depending on the material it's made of, and how it
> interacts with other things.
>
> Anyway, the original post's obvious mistake is to claim that
> it is lack of mass, rather than other factors, such as, say,
> charge per unit mass, that would make a lotto ball immune
> to electromagnetic influences. It is clearly a copout.
>
> But here's what's funny: if lightness of lotto balls prevent
> them from being astrologically influenced, what allows
> stock market values to be influenced? Anyone? Anyone?
>
> -S
>
> ["Well, those are made out of heavier numbers."]
good thinking
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: RSA question
Date: Thu, 16 Nov 2000 22:54:47 GMT
In article <1%YQ5.12047$[EMAIL PROTECTED]>,
shren <[EMAIL PROTECTED]> wrote:
> I have in my lap the Handbook of Applied Cryptography, open to page
> 286. I have a question about encryption step b. "Represent the
message
> as an integer m in the interval [0,n-1]", where n is the product of
the
> two distinct random primes.
>
> Does this mean that a message needs to be divided into blocks such
that
> these blocks are numerically smaller than n?
Yes.
In practice you may want to divide your "message" into a smaller chunk
and apply random padding. Better yet use a "hybrid" system of
symmetric and asymmetric cryptograhy :-)
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: "Paul Pires" <[EMAIL PROTECTED]>
Subject: Re: Hitachi - on what grounds ??
Date: Thu, 16 Nov 2000 15:05:15 -0800
Mok-Kong Shen <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
>
>
> Paul Pires wrote:
> >
> > Mok-Kong Shen <[EMAIL PROTECTED]> wrote:
<Snip>
> > > I certainly would appreciate the opportunity to learn
> > > something valuable from you. You have put forward
> > > several questions 'Why did you do it?' etc. Let's
> > > take the example of my suggestion of permuting the
> > > round keys. This is in an addendum to the thread
> > > 'On introducing non-interoperability'. Which of the
> > > quenstions do you think that I need to provide
> > > additional materials for answering and why? Thanks.
> >
> > Frankly, I'd rather be circumcized with a belt sander.
>
> Excuse me for my poor English knowledge. I don't (honestly)
> understand the meaning of your sentence at all.
>
> M. K. Shen
LOL! (Laughing Out Loud) At myself, not you.
Hoisted on my own petard. (another figure of speech)
Definitions:
Frankly - Being frank or forthright
Rather - Showing a preference.
Circumcised - The surgical removal of the foreskin from the penis.
Belt sander - A powered woodworking tool for the rapid removal
of material by abrasion. The active component is sandpaper.
Sorry, I should have said,
"Thank you for your sincere interest
but I really must decline"
I didn't have a problem with your post.
I already can introduce non-interoperability
without much trouble at all.
Paul
------------------------------
From: Rex Stewart <[EMAIL PROTECTED]>
Subject: Re: Book recommendation, please
Date: Thu, 16 Nov 2000 22:59:30 GMT
I am surprised no one suggested "Handbook of Applied Cryptography"
Should I take that to mean it would be overkill?
In article <8uo6i4$7h8$[EMAIL PROTECTED]>,
David A Molnar <[EMAIL PROTECTED]> wrote:
> John Savard <[EMAIL PROTECTED]> wrote:
> > On Sun, 12 Nov 2000 19:25:51 GMT, "[EMAIL PROTECTED]"
> > <[EMAIL PROTECTED]> wrote, in part:
>
> >>Would Applied Cryptography by Bruce Schneier be the way to go ?
>
> > Looking more closely at the post: since he programs in C++, and is
16
> > years old, AC should not be a problem for him.
>
> Yes. I received AC as a birthday present at about the same age. It's
> quite doable. Particularly nice is the fact that the book spends a
*lot*
> of time on giving the intuition as to how these ciphers and protocols
are
> actually *used*.
>
> It _is_ rough going in parts, partially because some of the
explanations
> are sketchy -- for example, the extended euclidean algorithm is given
only
> as source code with no further explanation. This is annoying if you
are
> trying to figure out how to implement RSA...
>
> So you may want to eventually supplement with a more math-ish book on
> number theory. But it's not required at the beginning - in fact, it is
> possible to learn such things as modular arithmetic well enough
> to comprehend the way most of the protocols work.
>
> Even so, AC is well worth the effort and should be within reach.
>
> -David
>
>
--
Rex Stewart
PGP Print 9526288F3D0C292D 783D3AB640C2416A
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: Attacks on the key setup in RC4? (sorry "Arc4")
Date: Thu, 16 Nov 2000 22:56:52 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> Hi.
>
> Does anyone know of any attacks on the "key setup"
> (or whatever one should call it) on RC4? I know
> there are some onservations on using it as a PRNG,
> and mr C. Hall mentioned something on cycles at
> Crypto 99, but are there anything else?
>
> (I only have papers from 81-97...:oP)
>
> Thanks in advance,
Generally it's accepted practice that the key for RC4 not be in a ASCII
form. Normally a hash is used. This isn't very scientific but since
the key is used to modify the swapping ASCII is not the best input to
give regardless of how random it may be.
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Crossposted-To: sci.math,sci.logic
Subject: Re: My new book "Exploring RANDOMNESS"
Date: Fri, 17 Nov 2000 00:15:08 +0100
[EMAIL PROTECTED] wrote:
>
> Hi, in December Springer-Verlag London will publish
> my new book "Exploring RANDOMNESS" and it will be
> available first in the UK and three months later
> world wide. Amazon.co.uk is already accepting orders.
> For more information, including the cover of the book,
> its table of contents, and the software for the book,
> see http://www.cs.umaine.edu/~chaitin/ait
> http://www.cs.auckland.ac.nz/CDMTCS/chaitin/ait
Most people of sci.crypt, I believe, are very interested
in obtaining perfect or nearly perfect random bit sequences
for practical cryptographical applications. Does the
book contain concrete materials enabling one to do that?
Thanks in advance.
M. K. Shen
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Hitachi - on what grounds ??
Date: Fri, 17 Nov 2000 00:26:47 +0100
Paul Pires wrote:
>
> Sorry, I should have said,
>
> "Thank you for your sincere interest
> but I really must decline"
>
> I didn't have a problem with your post.
> I already can introduce non-interoperability
> without much trouble at all.
If you have other methods which the communication partners
can easily and safely employ (i.e. without weakening
the cipher) and hinder the work of the opponent, then it
would be fine if you would let others of the group partake
you knowledge through posting these to the group.
Anyway, if you think that posts (not only those of mine)
you see in the group do not contain materials giving
sufficient answer to your five questions listed in a
previous follow-up, then please be kind enough to say so.
This is why we have a 'discussion' forum, isn't it?
M. K. Shen
------------------------------
From: "Paul Pires" <[EMAIL PROTECTED]>
Subject: Re: Hitachi - on what grounds ??
Date: Thu, 16 Nov 2000 15:24:41 -0800
Sorry if this is duplicated. My server swears this didn't go
but it hasn't been very reliable lately.
Mok-Kong Shen <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
>
>
> Paul Pires wrote:
> >
> > Mok-Kong Shen <[EMAIL PROTECTED]> wrote:
> > > I certainly would appreciate the opportunity to learn
> > > something valuable from you. You have put forward
> > > several questions 'Why did you do it?' etc. Let's
> > > take the example of my suggestion of permuting the
> > > round keys. This is in an addendum to the thread
> > > 'On introducing non-interoperability'. Which of the
> > > quenstions do you think that I need to provide
> > > additional materials for answering and why? Thanks.
> >
> > Frankly, I'd rather be circumcized with a belt sander.
>
> Excuse me for my poor English knowledge. I don't (honestly)
> understand the meaning of your sentence at all.
>
> M. K. Shen
LOL! (Laughing Out Loud) At myself, not you.
I'm hoisted on my own petard. (another figure of speech)
Definitions:
Frankly - Being blunt or forthright
Rather - Showing a preference.
Circumcise - The surgical removal of the foreskin from the penis.
Belt sander - A powered woodworking tool for the rapid removal
of material by abrasion. The active component is sandpaper.
Sorry, I should have said,
"Thank you for your sincere interest
but I really must decline"
I didn't have a problem with your post.
I already can introduce non-interoperability
without much trouble at all.
Paul
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Is Triple DES the BEST Algorithm ?
Date: Thu, 16 Nov 2000 23:32:29 GMT
Short Answer: Maybe
Long Answer:
Depends on what you need. There are a fairly number of us that make a
living examining your requirements for a cipher, and making a judgement
on which cipher you should use based on that, among other tasks. The
consideration of which cipher is best for a particular use goes beyond
pure cryptanalysis, to the speed requirements, the strength
requirements, the strength assumptions, etc, and it takes a rather
large quantitiy of knowledge in order to make that judgement. As an
example in the last year I have personally recommended; RSA, ElGamal,
ECC, DH, ARCFOUR, DES, 3DES, Twofish, Rijndael, SKIPJACK, layered
Algorithms, and others based on what was required of a situation, in no
way is is possible to say that algorithm X is perfect for all
situations.
The first step is to create a threat model, security requirements list,
as well as size and speed requirements. Once that is done you have to
begin ranking them, and placing weighted values on them. After that you
can start ranking algorithms. For example if the only factor you can't
compromise on is speed, SKIPJACK and 3DES would be poor choices. You
need to derive the future and present security requirements, the
assumptions that the protocol designers made, even when the designers
themselves may not have realized the assumptions. Very often you will
end up with some design that you would never have thought of before the
thorough examination but it meets your requirements better than
anything else would have.
So what is your real question? We know you want the best
encryption/decryption algorithm for your situation, but we don't know
your situation. If you want the best possible answer you'll most likely
have to pay a substantial amount of money to an individual/company for
a throrough examination of your requirements. To give you a better
idea, when I make judgements that are posted to sci.crypt, I typically
consider for less than a minute, and my entire examination is done in
less than five minutes, I have one target that I've been considering
for 7 months, and the entire model has been honed and quite fully
examined, and may be close to termination. I expect my recommendations
on sci.crypt to be good enough for now, I expect my long-term project
to be secure for decades.
Joe
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Eric Smith <[EMAIL PROTECTED]>
Subject: Re: Is Triple DES the BEST Algorithm ?
Date: 16 Nov 2000 15:42:14 -0800
"Laurent" <[EMAIL PROTECTED]> writes:
> Is Triple DES the BEST Algorithm ?
Answers to your question (choose any one):
Yes
No
Sometimes
Maybe
On thursdays
42
A giraffe
But which is the BEST answer to your question?
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Hitachi - on what grounds ??
Date: Fri, 17 Nov 2000 00:48:59 +0100
Paul Pires wrote:
>
> Sorry if this is duplicated. My server swears this didn't go
> but it hasn't been very reliable lately.
It got through and I have posted the answer which hopefully
you have seen.
M. K. Shen
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
