Cryptography-Digest Digest #853, Volume #13 Sat, 10 Mar 01 08:13:01 EST
Contents:
Re: => FBI easily cracks encryption ...? ("Mxsmanic")
Re: => FBI easily cracks encryption ...? ("Mxsmanic")
Re: Voting (Benjamin Goldberg)
Re: => FBI easily cracks encryption ...? ("Mxsmanic")
Re: => FBI easily cracks encryption ...? (Paul Rubin)
Re: Text of Applied Cryptography (Paul Rubin)
Re: Encryption software (Benjamin Goldberg)
Re: Voting (Paul Rubin)
Re: Encryption software (Paul Rubin)
Hash value repetion ([EMAIL PROTECTED])
Re: Dayton's Code Breakers (Frode Weierud)
Re: Text of Applied Cryptography ("Tom St Denis")
Re: Digital enveloppes ("Tom St Denis")
Re: I encourage people to boycott and ban all Russian goods and services, if the
Russian Federation is banning Jehovah's Witnesses ....... ([EMAIL PROTECTED] (
MadAdmin </banner>))
Re: Using SHA as a checksum... ("Tom St Denis")
Re: Text of Applied Cryptography ("Tom St Denis")
Re: DES Weak Keys ("Tom St Denis")
----------------------------------------------------------------------------
From: "Mxsmanic" <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: => FBI easily cracks encryption ...?
Date: Sat, 10 Mar 2001 10:57:43 GMT
"Damian Kneale" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> 128 bit encryption doesn't take much?
I meant that it doesn't take much encryption to serve the purpose of
security, for most people, simply because they don't have anything
valuable enough to require stronger encryption. Of course, there's no
harm in them using stronger encryption, if they so choose.
> They don't do that because they know their systems are
> unbreakable.
They do that because they don't know if their systems are unbreakable or
not, and so they don't want their algorithms compromised. Additionally,
key security _must_ be that way, no matter how secure the cryptosystem,
because a compromised key makes even the most secure cryptosystem
useless.
> Government is intended to distinguish from the best
> algorithms available to the general public.
The best algorithms available to the general public already provide
better security than most governments are likely to require.
> Along with Australia where I live, Scandinavia
> where many good algorithms spring from, and much
> of Europe. And smaller countries with no limitations
> at all, the technology equivalents of tax havens.
Let's hope that things stay this way.
> All systems on the internet are insecure, to
> some degree or another.
They are easily 1000 times more secure than giving your credit-card
information to a human being over the telephone or even face-to-face in
a store.
> The transactions are equally accessible to humans
> whichever way you transfer the initial information.
Not true. Some systems are completely automated, and require no human
intervention. Additionally, actually getting to the information may be
very awkward for even those with access to it, which greatly increases
the threshold of motivation required to commit fraud, and multiplies it
by a threshold of technical competence.
> I prefer the evidence of my transfer to disappear
> after one day or so, as opposed to being stored
> forever in a database somewhere.
The carbons with your credit-card information and your signature that a
merchant throws into the trash remain readable for years.
> No, but if a stream to a vendor is intercepted
> and broken, then _all_ numbers could be compromised.
That is extremely unlikely, even when the stream is in the clear. If
the stream is travelling by SSL, it is a thousand times more improbable.
This compares very favorably to any system with a human being in the
processing chain.
> And there are multiple instances just in Australia
> of systems being cracked and a whole database of credit
> card numbers being taken.
They didn't involve a compromise of an SSL-encrypted link, I daresay.
> I note that even Amazon only promise to cover losses
> from mis-use of your details on their site, not anywhere
> else, if their security is compromised.
As far as I know, Amazon has yet to experience even a _single instance_
of fraud. I've been buying stuff from them for years, with no problems.
I'm very pleased to be able to avoid all interaction with human beings
when placing orders.
------------------------------
From: "Mxsmanic" <[EMAIL PROTECTED]>
Subject: Re: => FBI easily cracks encryption ...?
Date: Sat, 10 Mar 2001 11:01:03 GMT
"Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> We've discussed that before. Cryptanalysts benefit
> from computers, too.
In all computer-based cryptosystems, cryptography has advanced much
further than cryptanalysis. The more advanced computers become, the
greater the gap between the cryptographer and the cryptanalyst, with all
the advantage going to the cryptographer.
> In fact a *lot* of present-day systems can be
> cryptanalyzed, just to judge from numerous published
> academic papers, which don't benefit from the
> accumulated expertise of the government
> cryptologic organizations.
Recovering one bit of the key or one bit of the plaintext isn't very
useful unless it can be extended to recovering the entire key or the
entire plaintext, and moving from a merely interesting academic
experiment to a practical method of consistently and rapidly cracking a
cryptosystem is quite a huge step.
> The safe assumption, as opposed to the warm cozy
> one, is that whatever algorithm you choose has
> vulnerabilities you don't know about.
Yes, but if you are already using the most secure system you can find,
this doesn't have much practical impact on your operating methods.
------------------------------
From: Benjamin Goldberg <[EMAIL PROTECTED]>
Subject: Re: Voting
Date: Sat, 10 Mar 2001 11:01:49 GMT
Greg Ofiesh wrote:
>
> The only way to be absolutely certain that the ballots were not
> tampered with is to put them on paper, slide the paper into a glass
> box on display for all to see, then count them in full view of anyone
> who wishes to watch later that night. No high tech anything. Just
> paper and pen marks.
Except you lose anonymity. Even assuming it's fill in the circles, not
fill in the blank, even assuming that the ballots are initially put into
a box, and shuffled, and THEN put on display, you still lose anonymity,
simply because some people will fill in circles in a distintive manner,
as recognizable as handwriting.
And of course, hand counting is slow.
> Old, cheap, reliable, just about as fool proof as one can get. So you
Fool proof? You underestimate the ingenuity of fools. Nothing prevents
idjits from writing their names on the ballots, nothing prevents idjits
from filling in votes for more than one candidate, etc, etc.
> realize that those in power must move away from this type of voting
> to a high tech voting system. Otherwise, we would actually have our
> votes counted.
In a reasonable system, we should only need to hand count when something
goes wrong. Hand counting is slow. Hand counting is not always
accurate. Machine counting is fast. Machine counting is usually
accurate. Only when *something else* is screwed up, are there problems
with machine counting.
> Those who count the votes are the ones that count. Those who cast
> the votes don't count at all. They just vote.
Does that mean if I volunteer to count votes, I'm not allowed to vote
myself?
--
The difference between theory and practice is that in theory, theory and
practice are identical, but in practice, they are not.
------------------------------
From: "Mxsmanic" <[EMAIL PROTECTED]>
Subject: Re: => FBI easily cracks encryption ...?
Date: Sat, 10 Mar 2001 11:04:10 GMT
"Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Certainly, protocol failures are usually easier
> to exploit, and historically they are very likely
> to occur.
Protocol failures have been responsible for virtually all compromise of
cryptosystems throughout history, except for the earliest and most
trivial cryptosystems. Cracking a cryptosystem through pure
cryptanalysis alone is extraordinarily rare.
------------------------------
From: Paul Rubin <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: => FBI easily cracks encryption ...?
Date: 10 Mar 2001 03:13:38 -0800
Mok-Kong Shen <[EMAIL PROTECTED]> writes:
> > Again, you're pretending the present situation is comparable to
> > WW1/WW2 and things aren't like that now. For example, the new edition
> > of Kahn's "The Codebreakers" has a chapter at the end, which claims
> > that the battle between cryptographers and cryptanalysts (that the
> > book chronicles) is now over--because of computers, the cryptographers
> > have won.
>
> An analogy would be between evolution of virus and development of
> medicaments. The virus play in a sense the active part because it
> can mutate in ways and at timepoints unknown and thus have the
> advantage in that the medicaments have to follow its direction, not
> vice versa. But it couldn't be excluded that at a certain time point
> one party succeeds to make a major jump, till later the other party
> does the same and the game continues on. One never knows for sure
> what knowledge of cryptanalysis the secret agencies currently have,
> only what the academics have. Thus I think one should have some
> reservation about what Kahn concludes.
It's more like between the evolution of armor and artillery. For
centuries navies competed to make bigger and bigger battleships. They
got bigger because they needed thicker armor to protect against enemy
guns, and bigger guns to pierce enemy armor.
Eventually rocket propelled anti-ship missiles (and for that matter,
nuclear-tipped torpedoes) were developed. These inventions made large
guns unnecessary (the missile is self propelled and launched out of a
relatively lightweight tube) and armor irrelevant (the missile kills a
ship with one hit). So there are no more battleships being built.
The competition is ended because the offense now overwhelms the
defense.
Similarly, unless it turns out that P=NP, there's really not likely to
be any advance in cryptanalysis that can counteract the advantage that
computers gave to cryptographers.
------------------------------
From: Paul Rubin <[EMAIL PROTECTED]>
Crossposted-To: alt.anonymous.messages,alt.security.pgp,talk.politics.crypto
Subject: Re: Text of Applied Cryptography
Date: 10 Mar 2001 03:16:57 -0800
Benjamin Goldberg <[EMAIL PROTECTED]> writes:
> > Anyway, if Bruce is reading this I hope he'll comment.
>
> It's most likely an illegally made available copy. If it were
> legitimate, it would be on the same website as HAC, probably with a url
> like http://www.cacr.math.uwaterloo.ca/ac. However, since that site
> talks about selling the pdfs for AC, not giving them away, it's a pretty
> sure bet that the 134.155.63.117 version is illegal. Not that it
> mightn't've been legally purchased, but I doubt that posting it for
> anyone to see is/was legal.
There's no relation between AC and HAC, so no reason to expect them on
the same site.
The thing is, the 134... version is HTML, not PDF, and the HTML has a
bunch of Earthweb wrappers (headers, copyright notices, etc.) and is
generally pretty well done. There's enough work in the conversion
that whoever made it was probably getting paid as part of a legitimate
project. So the HTML was probably made legally. Yet I've never heard
of an HTML version of AC for sale. My guess is it was made as part of
a deal where it would only be accessible to certain paying users. But
anything is possible.
Bruce?????
------------------------------
From: Benjamin Goldberg <[EMAIL PROTECTED]>
Subject: Re: Encryption software
Date: Sat, 10 Mar 2001 11:17:00 GMT
Henrick Hellström wrote:
>
> "Benjamin Goldberg" <[EMAIL PROTECTED]> skrev i meddelandet
> news:[EMAIL PROTECTED]...
> > Well, yeah. Noone is likely to do any better than the PGP system
> > any time soon. They might, however, do better in terms of ciphers.
> > The PGP system can, with little difficulty, be made to use whatever
> > cipher you want. That's why noone intelligent says, X is better
> > than pgp. They might say, Y is better than AES, and Z is better
> > than RSA or ECC.
>
> I haven't heard much but complaints about PGP from ordinary end users.
> They find it too complicated, and don't like to mess with the security
> issues involved in exchanging public keys with others. Someone ought
> to be able to design an application better than PGP in these respects.
This is a matter of the interface, not with security. Are there [as
many] complaints about the PGP work-alike, GPG (gnu privacy guard)?
Also, you are quite free to follow, eg, the OpenPGP RFC, and create your
own security product. However, not following the defined file formats,
can, and probably will, lead to problems, not just in terms of
compatibility, but in terms of security.
If someone would be kind enough to design a 100% GUI version of PGP,
which automagically does all the things which users dislike about
regular PGP, then the problem would be solved, more or less.
> Besides that, you don't have to justify the existence of a security
> application by claiming that it is better than PGP. It is usually
> sufficient to claim that it attempts to address other security issues,
> or that it is intended to be be used under more specific
> circumstances, and is adapted for that particular purpose.
Agreed.
--
The difference between theory and practice is that in theory, theory and
practice are identical, but in practice, they are not.
------------------------------
From: Paul Rubin <[EMAIL PROTECTED]>
Subject: Re: Voting
Date: 10 Mar 2001 03:23:52 -0800
Benjamin Goldberg <[EMAIL PROTECTED]> writes:
> > The only way to be absolutely certain that the ballots were not
> > tampered with is to put them on paper, slide the paper into a glass
> > box on display for all to see, then count them in full view of anyone
> > who wishes to watch later that night. No high tech anything. Just
> > paper and pen marks.
>
> Except you lose anonymity. Even assuming it's fill in the circles, not
> fill in the blank, even assuming that the ballots are initially put into
> a box, and shuffled, and THEN put on display, you still lose anonymity,
> simply because some people will fill in circles in a distintive manner,
> as recognizable as handwriting.
OK, so have the voter fold over the paper before dropping it in the
box, or seal it in an envelope. Usually though, the box is not
transparent.
> And of course, hand counting is slow.
Still, it's what's done in most countries. Machine counting is a US
obsession.
> In a reasonable system, we should only need to hand count when something
> goes wrong. Hand counting is slow. Hand counting is not always
> accurate. Machine counting is fast. Machine counting is usually
> accurate. Only when *something else* is screwed up, are there problems
> with machine counting.
As we saw in the newspaper practically every day last December,
machine counting is generally less accurate than hand counting.
------------------------------
From: Paul Rubin <[EMAIL PROTECTED]>
Subject: Re: Encryption software
Date: 10 Mar 2001 03:25:53 -0800
Benjamin Goldberg <[EMAIL PROTECTED]> writes:
> > I haven't heard much but complaints about PGP from ordinary end users.
> > They find it too complicated, and don't like to mess with the security
> > issues involved in exchanging public keys with others. Someone ought
> > to be able to design an application better than PGP in these respects.
>
> This is a matter of the interface, not with security. Are there [as
> many] complaints about the PGP work-alike, GPG (gnu privacy guard)?
The problems are just as bad, though maybe GPG users are more
hardcore, so they can deal with the problems more easily. Yes, it's
an interface thing.
> If someone would be kind enough to design a 100% GUI version of PGP,
> which automagically does all the things which users dislike about
> regular PGP, then the problem would be solved, more or less.
No not really.
------------------------------
From: [EMAIL PROTECTED]
Subject: Hash value repetion
Date: 10 Mar 2001 10:39:38 GMT
If all possible 160 bit values were hashed with SHA1, would there be any hash
results repeating? Or is it a 1 to 1 relation?
What about MD5?
If neither are, are there hashes that are?
Thanks
----- Posted via NewsOne.Net: Free (anonymous) Usenet News via the Web -----
http://newsone.net/ -- Free reading and anonymous posting to 60,000+ groups
NewsOne.Net prohibits users from posting spam. If this or other posts
made through NewsOne.Net violate posting guidelines, email [EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Frode Weierud)
Subject: Re: Dayton's Code Breakers
Date: 10 Mar 2001 12:16:35 GMT
Reply-To: [EMAIL PROTECTED]
"Douglas A. Gwyn" <[EMAIL PROTECTED]> writes:
>And the latest issue of Cryptologia has more information on
>Turing's visit to Dayton.
You can also find Turing's report on his visit to Dayton as well as
Jospeh Desch's memo on his plans for the US Navy Bombe at:
http://frode.home.cern.ch/frode/crypto/USBombe/index.html
Frode
--
Frode Weierud Phone : +41 22 7674794
CERN, SL, CH-1211 Geneva 23, Fax : +41 22 7679185
Switzerland E-mail : [EMAIL PROTECTED]
WWW : home.cern.ch/frode/
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Crossposted-To: alt.anonymous.messages,alt.security.pgp,talk.politics.crypto
Subject: Re: Text of Applied Cryptography
Date: Sat, 10 Mar 2001 12:44:28 GMT
"Ryan M. McConahy" <[EMAIL PROTECTED]> wrote in message
news:3aa9594e$0$62146$[EMAIL PROTECTED]...
> I am _not_ a troll! If I can't find it from you, I'll find it somewhere
> else.
What? Applied Crypto is not free so why ask here?
Tom
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: Digital enveloppes
Date: Sat, 10 Mar 2001 12:45:22 GMT
"br" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED]...
> I have invented a digital enveloppes where you may put any plain text
> and send it.
> What I have to do to patent it?
Why not share your idea first. Most likely you are capatilist retard and
have invented something that is a) insecure or b) already done before.
Tom
------------------------------
From: [EMAIL PROTECTED] (<banner> MadAdmin </banner>)
Crossposted-To: comp.security,alt.security,alt.2600
Subject: Re: I encourage people to boycott and ban all Russian goods and services, if
the Russian Federation is banning Jehovah's Witnesses .......
Date: Sat, 10 Mar 2001 12:45:50 GMT
On Sat, 10 Mar 2001 04:29:32 GMT, [EMAIL PROTECTED]
(ThePsyko) wrote:
>On Fri, 9 Mar 2001 20:22:11 -0800, "Lorne" <[EMAIL PROTECTED]>
>wrote:
>
>>We must always remember that just because we are paranoid, that does not
>>meant they are not after us.
>>
>>
>
>I think everybody should boycot Macys cause they don't make beer
>
I second that motion!!! At least the Russians make vodka!!!
~~~~~~~~~~~~~~~
The sig.....
All hail the master of the universe - Wilbur the hairy green toad and
his consort the invisible pink unicorn.
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: Using SHA as a checksum...
Date: Sat, 10 Mar 2001 12:46:25 GMT
"Moritz Voss" <[EMAIL PROTECTED]> wrote in message
news:98bv3l$6c3$05$[EMAIL PROTECTED]...
> Okay, I've been playing around with Python a little, and it has these
really
> easy-to-use cryptographic services.
>
> Apart from working out passwords, I wondered whether it's a good idea to
use
> SHA as a checksum for (small) text files... ? I'd say it certainly
> outperforms a 32bit CRC, doesn't it?
Well I wouldn't truncate the result to 32-bits though.
> In fact, this is for a security issue, I'll have a small script or data
> block, and need to see whether it is the same, or has been tampered with,
> and in that case, it will be updated with the original.... instead of
> sending some thousand bytes in vain, I'd just prefer to send the digest
of
> the python sha object....compare that, and move on.
>
> Or is this a taboo thing to do?
>
You can't authenticate it unless the original is private.
Tom
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Crossposted-To: alt.anonymous.messages,alt.security.pgp,talk.politics.crypto
Subject: Re: Text of Applied Cryptography
Date: Sat, 10 Mar 2001 12:47:23 GMT
<[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> On Fri, 9 Mar 2001 17:31:37 -0500, "Ryan M. McConahy"
> <[EMAIL PROTECTED]> wrote:
>
> >I am _not_ a troll! If I can't find it from you, I'll find it somewhere
> >else.
>
> Enjoy. Might not be the newest but it is all out there.
> Courtesy of the authors.
>
> Handbook of Applied Cryptography
> http://www.cacr.math.uwaterloo.ca/hac
> Applied Cryptography: Schneier
> http://134.155.63.117/quantico/TE/appliedcrypto.zip
>
Wow you did an amazing dis-service to Schneier today.
Tom
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: DES Weak Keys
Date: Sat, 10 Mar 2001 12:47:56 GMT
"Dan Seur" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Does anyone know if the list of weak DES keys is in the public domain?
>
All of them? hehehehe.
Why would you want to use DES anyways? Did you wake up from a 30-year coma?
Tom
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
