Cryptography-Digest Digest #200, Volume #14 Sat, 21 Apr 01 13:13:01 EDT
Contents:
Re: ANOTHER REASON WHY AES IS BAD (SCOTT19U.ZIP_GUY)
Re: "UNCOBER" = Universal Code Breaker (Joe H Acker)
Re: Cryptanalysis Question: Determing The Algorithm? (SCOTT19U.ZIP_GUY)
Re: Concerning US.A.4979832 (Mok-Kong Shen)
Re: View from the top ("Dramar Ankalle")
Re: ANOTHER REASON WHY AES IS BAD ("Tom St Denis")
Re: Cryptanalysis Question: Determing The Algorithm? ("Tom St Denis")
Re: "UNCOBER" = Universal Code Breaker (Mok-Kong Shen)
Re: Random and not random (John Savard)
Re: View from the top (Michael Davis)
Re: View from the top ("Dramar Ankalle")
Re: Random and not random (Mok-Kong Shen)
Re: View from the top (Michael Davis)
Re: View from the top ("Dramar Ankalle")
Re: Better block cipher pre/post whiten step (John Savard)
Re: Better block cipher pre/post whiten step ("Tom St Denis")
Re: Better block cipher pre/post whiten step ("Tom St Denis")
Re: Better block cipher pre/post whiten step (Mok-Kong Shen)
Re: Better block cipher pre/post whiten step ("Tom St Denis")
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: ANOTHER REASON WHY AES IS BAD
Date: 21 Apr 2001 15:20:55 GMT
[EMAIL PROTECTED] (Darren New) wrote in <[EMAIL PROTECTED]>:
>SCOTT19U.ZIP_GUY wrote:
>> Actaully Tom as usually your quite wrong. If one looks at an OTP
>> you would have to think of the OTP data itself as part of the
>> encryption program or the program nesicessary to make the OTP sting.
>
>So why do you think that doesn't apply to the AES cyphers as well?
>
Actaully I do think it should inculde the AES short keys of 256 bits.
Why do you think I mentioned scott19u and its key which is over a
million butes in length. If you read the start of the thread you will
see that.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE "OLD VERSIOM"
http://www.jim.com/jamesd/Kong/scott19u.zip
My website http://members.nbci.com/ecil/index.htm
My crypto code http://radiusnet.net/crypto/archive/scott/
MY Compression Page http://members.nbci.com/ecil/compress.htm
**NOTE FOR EMAIL drop the roman "five" ***
Disclaimer:I am in no way responsible for any of the statements
made in the above text. For all I know I might be drugged or
something..
No I'm not paranoid. You all think I'm paranoid, don't you!
------------------------------
From: [EMAIL PROTECTED] (Joe H Acker)
Subject: Re: "UNCOBER" = Universal Code Breaker
Date: Sat, 21 Apr 2001 17:25:48 +0200
Joe H Acker <[EMAIL PROTECTED]> wrote:
> Joseph Ashwood <[EMAIL PROTECTED]> wrote:
>
> > "Joe H Acker" <[EMAIL PROTECTED]> wrote in message
> > news:[EMAIL PROTECTED]...
> > > If the random source is truly random, it doesn't do any harm when some
> > > of its output is discarded, except for performance slowdown. So yes,
> > > tests are useful to (a) continually test wether the hardware has failed
> > > or does appear to work correctly, and (b) to prevent against very very
> > > bad luck when a true random source happens to output the complete volume
> > > of Shakespeare's Macbeth (very unlikely)
> >
> >
> > Actually it can do a great deal of harm. A short, rather extreme
> > demonstration:
> > take a perfect random number generator that generates binary
> > throw away all the output bits that are 1
> > Is the sequence predictable?
>
> You may not filter the sequence heuristically. I was talking about
> testing large sequences and when they fail the test, discarding them
> *completely*. Discarding an output sequence of a tRNG completely can
> never do any harm, except a performance slowdown, given that the
> discarded sequence is large enough and not just 1 bit in length. That's
> provable.
Sorry about the duplicate answers. After some thinking, I do no longer
believe that my claim is provable. It was a quickshot I'd like to
apologize for. Still, I believe that filtering out large sequences that
look very non-random has more benefits than it can harm, given that it's
a tRNG and not a pRNG. E.g. it doesn't appear to be a security problem
if you have 2^128-2 or 2^128 possible outputs of a 128-bit sequence. But
an all 1 or all 0 sequence can be a security problem, because it may
indicate that the tRNG is broken.
Regards,
Erich
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Cryptanalysis Question: Determing The Algorithm?
Date: 21 Apr 2001 15:35:19 GMT
[EMAIL PROTECTED] (Leonard R. Budney) wrote in
<[EMAIL PROTECTED]>:
>The NSA no doubt has a bestiary of bad ciphers, including all hand
>ciphers, where the effort of breaking is so trivial that they could
>simply run a random message through all of them by brute-force, and
>they probably succeed most of the time. (With the advent of PGP, GPG,
>etc., hopefully that is changing.)
>
Yes Len with PGP GPG etc.. The world is changing. The spooks
no longer ahave to guess from an infinite set of possible ciphers
If you use PGP the headers tell you its PGP. We wouldn't want the
poor workers at the NSA to actaully have to take the time and
efffort to figure it out. Secondly with PGP it will add data to
the file being enctypred like key checks and use nonbijective compression
so that if they find a key that goes through the motions they
know with 100% certian that they got the message you encrypted
even if that message was 100% garbage. Something hard that was hard
to do wiht some older methods.
Yes crypto has advanced a lot for the boys the NSA whose job is
to read all crypto are surely foiled. Of course they would never
stoop to try to get people to use bad crypto like the famous Swiss
crypto machines. Would they?
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE "OLD VERSIOM"
http://www.jim.com/jamesd/Kong/scott19u.zip
My website http://members.nbci.com/ecil/index.htm
My crypto code http://radiusnet.net/crypto/archive/scott/
MY Compression Page http://members.nbci.com/ecil/compress.htm
**NOTE FOR EMAIL drop the roman "five" ***
Disclaimer:I am in no way responsible for any of the statements
made in the above text. For all I know I might be drugged or
something..
No I'm not paranoid. You all think I'm paranoid, don't you!
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Concerning US.A.4979832
Date: Sat, 21 Apr 2001 17:38:56 +0200
John Savard wrote:
>
[snip]
> So although Stream 1 and Stream 2 are combined, the combination looks
> more like an interruption of Stream 1 than a substitution acting on
> Stream 2, and is more often thought of in that manner. Only after you
> invented Dynamic Substitution did it become visible that Algorithm M
> was an example of that general class, which is why I view its impact
> as limited.
However, if one looks the Algorithm M as a blackbox,
it is certainly correct 'formally' to say that it combines
two input streams to produce an output stream, I suppose.
Such formal aspects could have impacts, if a dispute on
patents occurs, I am afraid.
M. K. Shen
------------------------------
From: "Dramar Ankalle" <[EMAIL PROTECTED]>
Crossposted-To: alt.alien.visitors,alt.politics.org.cia,alt.politics.org.nsa
Subject: Re: View from the top
Date: Sat, 21 Apr 2001 11:47:02 -0400
Return-Path: <[EMAIL PROTECTED]>
Received: from mail6.bigmailbox.com ([209.132.220.37])
by mail01.dfw.mindspring.net (Mindspring/Netcom Mail Service) with ESMTP id
taanlo.9fl.33qs885
for <[EMAIL PROTECTED]>; Tue, 6 Mar 2001 17:03:36 -0500 (EST)
Received:
oby mail6.bigmailbox.com (8.8.7/8.8.7) id OAA20788;
Tue, 6 Mar 2001 14:03:35 -0800
Date: Tue, 6 Mar 2001 14:03:35 -0800
Message-Id: <[EMAIL PROTECTED]>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
X-Mailer: MIME-tools 4.104 (Entity 4.116)
Mime-Version: 1.0
X-Originating-Ip: [205.130.195.88]
From: "Deja User" <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: being shown the future[FALUN FULCRUM]
Michael Davis <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> HVAC wrote:
>
> > Sodkkxx <[EMAIL PROTECTED]> wrote in message
> > news:9bs25f$1qls$[EMAIL PROTECTED]...
> >
> > > Let's face it Pete, I fucked my way to the top.
> >
> > Hey, Smitty. In your queer relationship with your fag "Life
Partner"(tm),
> > who
> > plays the woman? Do you pitch or catch? Do either of you like to put on
> > womens clothes?
> > Enquiring minds want to know............
> >
> > P.S. MD may want to consider Smitty's above post for his collection
imo
>
> Thanks for the heads up. I have been to busy to pay attention to
FlySpecks'
> usual flood of mindless BS.
Just the sort of interesting information you need, eh?
Gotta love it, eh Mikey?
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: ANOTHER REASON WHY AES IS BAD
Date: Sat, 21 Apr 2001 15:52:57 GMT
"SCOTT19U.ZIP_GUY" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> [EMAIL PROTECTED] (Darren New) wrote in <[EMAIL PROTECTED]>:
>
> >SCOTT19U.ZIP_GUY wrote:
> >> Actaully Tom as usually your quite wrong. If one looks at an OTP
> >> you would have to think of the OTP data itself as part of the
> >> encryption program or the program nesicessary to make the OTP sting.
> >
> >So why do you think that doesn't apply to the AES cyphers as well?
> >
>
> Actaully I do think it should inculde the AES short keys of 256 bits.
> Why do you think I mentioned scott19u and its key which is over a
> million butes in length. If you read the start of the thread you will
> see that.
Why is a 256-bit key too short?
Tom
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: Cryptanalysis Question: Determing The Algorithm?
Date: Sat, 21 Apr 2001 15:53:50 GMT
"SCOTT19U.ZIP_GUY" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> [EMAIL PROTECTED] (Leonard R. Budney) wrote in
> <[EMAIL PROTECTED]>:
>
> >The NSA no doubt has a bestiary of bad ciphers, including all hand
> >ciphers, where the effort of breaking is so trivial that they could
> >simply run a random message through all of them by brute-force, and
> >they probably succeed most of the time. (With the advent of PGP, GPG,
> >etc., hopefully that is changing.)
> >
>
> Yes Len with PGP GPG etc.. The world is changing. The spooks
> no longer ahave to guess from an infinite set of possible ciphers
> If you use PGP the headers tell you its PGP. We wouldn't want the
> poor workers at the NSA to actaully have to take the time and
> efffort to figure it out. Secondly with PGP it will add data to
> the file being enctypred like key checks and use nonbijective compression
> so that if they find a key that goes through the motions they
> know with 100% certian that they got the message you encrypted
> even if that message was 100% garbage. Something hard that was hard
> to do wiht some older methods.
Your argument is seriously flawed. Even if I told you I used an OTP it's
still perfectly secure. Keeping an algorithm obscured is not a means to
security.
Tom
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: "UNCOBER" = Universal Code Breaker
Date: Sat, 21 Apr 2001 17:54:56 +0200
Joe H Acker wrote:
>
[snip]
> Sorry about the duplicate answers. After some thinking, I do no longer
> believe that my claim is provable. It was a quickshot I'd like to
> apologize for. Still, I believe that filtering out large sequences that
> look very non-random has more benefits than it can harm, given that it's
> a tRNG and not a pRNG. E.g. it doesn't appear to be a security problem
> if you have 2^128-2 or 2^128 possible outputs of a 128-bit sequence. But
> an all 1 or all 0 sequence can be a security problem, because it may
> indicate that the tRNG is broken.
Given a 'perfect' random source, there can be no prescripton
on the user about which segments of the sequence produced
he has to use or not to use. (Otherwise the theory of OTP
would be problematic.) Hence it wouldn't matter if the user
discards (wastes) some segments, I suppose. Now, for a
practical source there is, as you said, the issue of
potential malfunction of hardware etc. and hence it could
be of value to apply a test to discard those segments that
are suspicious (even if the suspicion is not justified),
I think.
M. K. Shen
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Random and not random
Date: Sat, 21 Apr 2001 16:01:03 GMT
On Sat, 21 Apr 2001 12:42:56 +0200, Mok-Kong Shen
<[EMAIL PROTECTED]> wrote, in part:
>Dumb question: What is the function of the conventional
>cipher (i.e. it seems to be redundant here)?
Its key is less bulky, so it can be distributed more securely. The OTP
keys are bulky, so the risk of their being intercepted is higher, and
without a conventional cipher, it's trivially obvious what to do with
them.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: Michael Davis <[EMAIL PROTECTED]>
Crossposted-To: alt.alien.visitors,alt.politics.org.cia,alt.politics.org.nsa
Subject: Re: View from the top
Date: Sat, 21 Apr 2001 12:03:59 -0400
Dramar "Drama Queen" Ankalle wrote:
> Return-Path: <[EMAIL PROTECTED]>
> Received: from mail6.bigmailbox.com ([209.132.220.37])
> by mail01.dfw.mindspring.net (Mindspring/Netcom Mail Service) with ESMTP id
> taanlo.9fl.33qs885
> for <[EMAIL PROTECTED]>; Tue, 6 Mar 2001 17:03:36 -0500 (EST)
> Received:
> oby mail6.bigmailbox.com (8.8.7/8.8.7) id OAA20788;
> Tue, 6 Mar 2001 14:03:35 -0800
> Date: Tue, 6 Mar 2001 14:03:35 -0800
> Message-Id: <[EMAIL PROTECTED]>
> Content-Type: text/plain
> Content-Disposition: inline
> Content-Transfer-Encoding: binary
> X-Mailer: MIME-tools 4.104 (Entity 4.116)
> Mime-Version: 1.0
> X-Originating-Ip: [205.130.195.88]
> From: "Deja User" <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: being shown the future[FALUN FULCRUM]
>
> Michael Davis <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > HVAC wrote:
> >
> > > Sodkkxx <[EMAIL PROTECTED]> wrote in message
> > > news:9bs25f$1qls$[EMAIL PROTECTED]...
> > >
> > > > Let's face it Pete, I fucked my way to the top.
> > >
> > > Hey, Smitty. In your queer relationship with your fag "Life
> Partner"(tm),
> > > who
> > > plays the woman? Do you pitch or catch? Do either of you like to put on
> > > womens clothes?
> > > Enquiring minds want to know............
> > >
> > > P.S. MD may want to consider Smitty's above post for his collection
> imo
> >
> > Thanks for the heads up. I have been to busy to pay attention to
> FlySpecks'
> > usual flood of mindless BS.
>
> Just the sort of interesting information you need, eh?
>
> Gotta love it, eh Mikey?
Hey Drama Queen. I guess you were lying when you said you were going to killfile
me. Just like I thought.
--
The Evil Michael Davis™
http://mdavis19.tripod.com
http://www.mdpub.com/ufo/skeptic.html
http://skepticult.org Member #264-70198-536
Flaggy random killfile member #33 1/3
"Nature abhors a moron." - H. L. Mencken
------------------------------
From: "Dramar Ankalle" <[EMAIL PROTECTED]>
Crossposted-To: alt.alien.visitors,alt.politics.org.cia,alt.politics.org.nsa
Subject: Re: View from the top
Date: Sat, 21 Apr 2001 12:08:36 -0400
Michael Davis <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Dramar "Drama Queen" Ankalle wrote:
>
> > Return-Path: <[EMAIL PROTECTED]>
> > Received: from mail6.bigmailbox.com ([209.132.220.37])
> > by mail01.dfw.mindspring.net (Mindspring/Netcom Mail Service) with
ESMTP id
> > taanlo.9fl.33qs885
> > for <[EMAIL PROTECTED]>; Tue, 6 Mar 2001 17:03:36 -0500 (EST)
> > Received:
> > oby mail6.bigmailbox.com (8.8.7/8.8.7) id OAA20788;
> > Tue, 6 Mar 2001 14:03:35 -0800
> > Date: Tue, 6 Mar 2001 14:03:35 -0800
> > Message-Id: <[EMAIL PROTECTED]>
> > Content-Type: text/plain
> > Content-Disposition: inline
> > Content-Transfer-Encoding: binary
> > X-Mailer: MIME-tools 4.104 (Entity 4.116)
> > Mime-Version: 1.0
> > X-Originating-Ip: [205.130.195.88]
> > From: "Deja User" <[EMAIL PROTECTED]>
> > To: [EMAIL PROTECTED]
> > Subject: being shown the future[FALUN FULCRUM]
> >
> > Michael Davis <[EMAIL PROTECTED]> wrote in message
> > news:[EMAIL PROTECTED]...
> > > HVAC wrote:
> > >
> > > > Sodkkxx <[EMAIL PROTECTED]> wrote in message
> > > > news:9bs25f$1qls$[EMAIL PROTECTED]...
> > > >
> > > > > Let's face it Pete, I fucked my way to the top.
> > > >
> > > > Hey, Smitty. In your queer relationship with your fag "Life
> > Partner"(tm),
> > > > who
> > > > plays the woman? Do you pitch or catch? Do either of you like to put
on
> > > > womens clothes?
> > > > Enquiring minds want to know............
> > > >
> > > > P.S. MD may want to consider Smitty's above post for his collection
> > imo
> > >
> > > Thanks for the heads up. I have been to busy to pay attention to
> > FlySpecks'
> > > usual flood of mindless BS.
> >
> > Just the sort of interesting information you need, eh?
> >
> > Gotta love it, eh Mikey?
>
> Hey Drama Queen. I guess you were lying when you said you were going to
killfile
> me. Just like I thought.
>
You dont read, flame 101 child.
I posted to your buddy that I emptied the killfile.
Anything else to add?
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Random and not random
Date: Sat, 21 Apr 2001 18:08:29 +0200
John Savard wrote:
>
> Mok-Kong Shen<[EMAIL PROTECTED]> wrote:
>
> >Dumb question: What is the function of the conventional
> >cipher (i.e. it seems to be redundant here)?
>
> Its key is less bulky, so it can be distributed more securely. The OTP
> keys are bulky, so the risk of their being intercepted is higher, and
> without a conventional cipher, it's trivially obvious what to do with
> them.
I think that I disagre a bit. An OTP (to be securely
transported, e.g. through diplomatic currier) is either
intercepted or not. If it is, then the super-secure
scheme you described is no longer super-secure anyway
and has badly failed in my humble view. (If the opponent
couldn't break the conventional cipher, that one could
have relied on that alone.)
M. K. Shen
------------------------------
From: Michael Davis <[EMAIL PROTECTED]>
Crossposted-To: alt.alien.visitors,alt.politics.org.cia,alt.politics.org.nsa
Subject: Re: View from the top
Date: Sat, 21 Apr 2001 12:24:57 -0400
Dramar "Drama Queen" Ankalle wrote:
> Michael Davis <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > Dramar "Drama Queen" Ankalle wrote:
> >
> > > Return-Path: <[EMAIL PROTECTED]>
> > > Received: from mail6.bigmailbox.com ([209.132.220.37])
> > > by mail01.dfw.mindspring.net (Mindspring/Netcom Mail Service) with
> ESMTP id
> > > taanlo.9fl.33qs885
> > > for <[EMAIL PROTECTED]>; Tue, 6 Mar 2001 17:03:36 -0500 (EST)
> > > Received:
> > > oby mail6.bigmailbox.com (8.8.7/8.8.7) id OAA20788;
> > > Tue, 6 Mar 2001 14:03:35 -0800
> > > Date: Tue, 6 Mar 2001 14:03:35 -0800
> > > Message-Id: <[EMAIL PROTECTED]>
> > > Content-Type: text/plain
> > > Content-Disposition: inline
> > > Content-Transfer-Encoding: binary
> > > X-Mailer: MIME-tools 4.104 (Entity 4.116)
> > > Mime-Version: 1.0
> > > X-Originating-Ip: [205.130.195.88]
> > > From: "Deja User" <[EMAIL PROTECTED]>
> > > To: [EMAIL PROTECTED]
> > > Subject: being shown the future[FALUN FULCRUM]
> > >
> > > Michael Davis <[EMAIL PROTECTED]> wrote in message
> > > news:[EMAIL PROTECTED]...
> > > > HVAC wrote:
> > > >
> > > > > Sodkkxx <[EMAIL PROTECTED]> wrote in message
> > > > > news:9bs25f$1qls$[EMAIL PROTECTED]...
> > > > >
> > > > > > Let's face it Pete, I fucked my way to the top.
> > > > >
> > > > > Hey, Smitty. In your queer relationship with your fag "Life
> > > Partner"(tm),
> > > > > who
> > > > > plays the woman? Do you pitch or catch? Do either of you like to put
> on
> > > > > womens clothes?
> > > > > Enquiring minds want to know............
> > > > >
> > > > > P.S. MD may want to consider Smitty's above post for his collection
> > > imo
> > > >
> > > > Thanks for the heads up. I have been to busy to pay attention to
> > > FlySpecks'
> > > > usual flood of mindless BS.
> > >
> > > Just the sort of interesting information you need, eh?
> > >
> > > Gotta love it, eh Mikey?
> >
> > Hey Drama Queen. I guess you were lying when you said you were going to
> killfile
> > me. Just like I thought.
> >
>
> You dont read, flame 101 child.
> I posted to your buddy that I emptied the killfile.
> Anything else to add?
Yes. You're an idiot. Thanks for asking
--
The Evil Michael Davis™
http://mdavis19.tripod.com
http://www.mdpub.com/ufo/skeptic.html
http://skepticult.org Member #264-70198-536
Flaggy random killfile member #33 1/3
"When I read this I get a feeling of Deja Poo............The feeling that I've
read this shit before." - [EMAIL PROTECTED]
------------------------------
From: "Dramar Ankalle" <[EMAIL PROTECTED]>
Crossposted-To: alt.alien.visitors,alt.politics.org.cia,alt.politics.org.nsa
Subject: Re: View from the top
Date: Sat, 21 Apr 2001 12:32:00 -0400
Michael Davis <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Dramar "Drama Queen" Ankalle wrote:
>
> > Michael Davis <[EMAIL PROTECTED]> wrote in message
> > news:[EMAIL PROTECTED]...
> > > Dramar "Drama Queen" Ankalle wrote:
> > >
> > > > Return-Path: <[EMAIL PROTECTED]>
> > > > Received: from mail6.bigmailbox.com ([209.132.220.37])
> > > > by mail01.dfw.mindspring.net (Mindspring/Netcom Mail Service) with
> > ESMTP id
> > > > taanlo.9fl.33qs885
> > > > for <[EMAIL PROTECTED]>; Tue, 6 Mar 2001 17:03:36 -0500 (EST)
> > > > Received:
> > > > oby mail6.bigmailbox.com (8.8.7/8.8.7) id OAA20788;
> > > > Tue, 6 Mar 2001 14:03:35 -0800
> > > > Date: Tue, 6 Mar 2001 14:03:35 -0800
> > > > Message-Id: <[EMAIL PROTECTED]>
> > > > Content-Type: text/plain
> > > > Content-Disposition: inline
> > > > Content-Transfer-Encoding: binary
> > > > X-Mailer: MIME-tools 4.104 (Entity 4.116)
> > > > Mime-Version: 1.0
> > > > X-Originating-Ip: [205.130.195.88]
> > > > From: "Deja User" <[EMAIL PROTECTED]>
> > > > To: [EMAIL PROTECTED]
> > > > Subject: being shown the future[FALUN FULCRUM]
> > > >
> > > > Michael Davis <[EMAIL PROTECTED]> wrote in message
> > > > news:[EMAIL PROTECTED]...
> > > > > HVAC wrote:
> > > > >
> > > > > > Sodkkxx <[EMAIL PROTECTED]> wrote in message
> > > > > > news:9bs25f$1qls$[EMAIL PROTECTED]...
> > > > > >
> > > > > > > Let's face it Pete, I fucked my way to the top.
> > > > > >
> > > > > > Hey, Smitty. In your queer relationship with your fag "Life
> > > > Partner"(tm),
> > > > > > who
> > > > > > plays the woman? Do you pitch or catch? Do either of you like to
put
> > on
> > > > > > womens clothes?
> > > > > > Enquiring minds want to know............
> > > > > >
> > > > > > P.S. MD may want to consider Smitty's above post for his
collection
> > > > imo
> > > > >
> > > > > Thanks for the heads up. I have been to busy to pay attention to
> > > > FlySpecks'
> > > > > usual flood of mindless BS.
> > > >
> > > > Just the sort of interesting information you need, eh?
> > > >
> > > > Gotta love it, eh Mikey?
> > >
> > > Hey Drama Queen. I guess you were lying when you said you were going
to
> > killfile
> > > me. Just like I thought.
> > >
> >
> > You dont read, flame 101 child.
> > I posted to your buddy that I emptied the killfile.
> > Anything else to add?
>
> Yes. You're an idiot. Thanks for asking
You are a cancerous tumour.
Fag lames and toilet humor has to be a great attraction for some, I guess.
See ya next time, flight 19
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Better block cipher pre/post whiten step
Date: Sat, 21 Apr 2001 16:30:54 GMT
On Sat, 21 Apr 2001 13:43:38 GMT, "Tom St Denis"
<[EMAIL PROTECTED]> wrote, in part:
>If speed is critical you can precompute the GF mults too (a 32x32 mult takes
>4kb of memory).
How can you precompute a multiplication, when one of the operands is
your plaintext? I agree, though, that this is a good idea, since a
GF(2^n) multiplication is complementary to XOR, this would obscure
differentials.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: Better block cipher pre/post whiten step
Date: Sat, 21 Apr 2001 16:32:13 GMT
"John Savard" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> On Sat, 21 Apr 2001 13:43:38 GMT, "Tom St Denis"
> <[EMAIL PROTECTED]> wrote, in part:
>
> >If speed is critical you can precompute the GF mults too (a 32x32 mult
takes
> >4kb of memory).
>
> How can you precompute a multiplication, when one of the operands is
> your plaintext? I agree, though, that this is a good idea, since a
> GF(2^n) multiplication is complementary to XOR, this would obscure
> differentials.
You know K1 etc.. so you can precompute X * K1 by breaking the mult into
smaller mults... (i.e four 8x32 mults). This trick does work (I've used it
before).
The really keen thing is that as long as the cipher and the decorrelated
functions do not commute all is well.
Other than the slight speed penalty I wonder why this has't been used
before? Probably some weakness I can't quite see yet
Tom
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: Better block cipher pre/post whiten step
Date: Sat, 21 Apr 2001 16:45:07 GMT
"Tom St Denis" <[EMAIL PROTECTED]> wrote in message
news:hCiE6.17335$[EMAIL PROTECTED]...
>
> "John Savard" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > On Sat, 21 Apr 2001 13:43:38 GMT, "Tom St Denis"
> > <[EMAIL PROTECTED]> wrote, in part:
> >
> > >If speed is critical you can precompute the GF mults too (a 32x32 mult
> takes
> > >4kb of memory).
> >
> > How can you precompute a multiplication, when one of the operands is
> > your plaintext? I agree, though, that this is a good idea, since a
> > GF(2^n) multiplication is complementary to XOR, this would obscure
> > differentials.
>
> You know K1 etc.. so you can precompute X * K1 by breaking the mult into
> smaller mults... (i.e four 8x32 mults). This trick does work (I've used
it
> before).
>
> The really keen thing is that as long as the cipher and the decorrelated
> functions do not commute all is well.
>
> Other than the slight speed penalty I wonder why this has't been used
> before? Probably some weakness I can't quite see yet
A better idea is that if the underlying cipher is a feistel, do a single
pre-white mult (i.e for DES do a 64-bit GF mult) that way it's harder to
send zero-differences into the first round.
Booyah, tom scores!
Tom
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Better block cipher pre/post whiten step
Date: Sat, 21 Apr 2001 18:58:45 +0200
Tom St Denis wrote:
>
> You know K1 etc.. so you can precompute X * K1 by breaking the mult into
> smaller mults... (i.e four 8x32 mults). This trick does work (I've used it
> before).
>
> The really keen thing is that as long as the cipher and the decorrelated
> functions do not commute all is well.
>
> Other than the slight speed penalty I wonder why this has't been used
> before? Probably some weakness I can't quite see yet
Wouldn't the receiver in the scheme you posted have to
compute the inverse of K1 etc.?
M. K. Shen
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: Better block cipher pre/post whiten step
Date: Sat, 21 Apr 2001 17:06:54 GMT
"Mok-Kong Shen" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
>
>
> Tom St Denis wrote:
> >
>
> > You know K1 etc.. so you can precompute X * K1 by breaking the mult into
> > smaller mults... (i.e four 8x32 mults). This trick does work (I've used
it
> > before).
> >
> > The really keen thing is that as long as the cipher and the decorrelated
> > functions do not commute all is well.
> >
> > Other than the slight speed penalty I wonder why this has't been used
> > before? Probably some weakness I can't quite see yet
>
> Wouldn't the receiver in the scheme you posted have to
> compute the inverse of K1 etc.?
Yeah, but it's not hard. With a naive sqr-mul method you can trivially find
the multiplicative inverses (you would need todo four operations for a
typical two-word feistel-like cipher, eg. des, blowfish, rc5, cast, etc...)
Once that's done you can either compute the mult on the fly (somewhat slow
but not terribly so) or given enough memory pre-compute the mults. For DES
you would need eight sets of four 8x32 (or 32 8x32's) which would take 32KB
of memory. On Athlons and PIII that will fit in the L2 onchip cache and can
be accessed very quickly.
Tom
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
