Cryptography-Digest Digest #749
Cryptography-Digest Digest #749, Volume #10 Thu, 16 Dec 99 12:13:01 EST Contents: Re: Help needed determining algorithm/key (SCOTT19U.ZIP_GUY) Re: Why no 3des for AES candidacy (SCOTT19U.ZIP_GUY) Re: Why no 3des for AES candidacy (SCOTT19U.ZIP_GUY) Re: Off topic -- 4 year old (SCOTT19U.ZIP_GUY) Mr SHAW needs a BEER (SCOTT19U.ZIP_GUY) Re: Ellison/Schneier article on Risks of PKI ("Tim Wood") Re: Simple newbie crypto algorithmn (Johnny Bravo) Re: Deciphering without knowing the algorithm? (CLSV) Re: Keystrokes monitored/encryption useless (Roger Carbol) Re: Keystrokes monitored/encryption useless (Johnny Bravo) Re: Why no 3des for AES candidacy (Paul Koning) From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) Subject: Re: Help needed determining algorithm/key Date: Thu, 16 Dec 1999 16:04:12 GMT In article UK364.3301$[EMAIL PROTECTED], "security199" [EMAIL PROTECTED] wrote: Hi, I am evaluating a software application that protects some data using a method that needs a password. That password is encrypted and stored in an easily access able file. I am sure that this method of security is not secure at all, but the company selling the application doesn't seem to "get it", insisting that it is secure. Maybe they really don't want secureity. I have heard of some large banks that were using secure crypto that the Feds may have had trouble reading the data so they stepped in and made them use something else. If its for a job here in the US you have to realize security is only a PR thing you really can't do to good a job. I would like to determine the algorithm and key used to encrypt the password, thus showing them how the encrypted password stored in the file is easily decrypted thus allowing access to the data. One common way to show this is see how they use the encrypted data. Let them give you a test set of files and with something that traces through the program see what different paths are taken when the correct and incorrect password are used. That is how many common systems fail. It is never wise to store the password in the file even in encrypted form that is to be checked. In my software I never store the password. I show a check number of some sort that the users can look out to see it it is the same as when he first encrypted a file but I will use whatever he types in as password there is no check and it will encrypt or decrypted based on what the user types in. If he types in the wrong one to bad. There is nothing to test it with. WHen I worked for the FEDS they used commerical applications that used the password in the wrong why on the Univac and when you showed management how trival it was to break they just got angry since they prefer to pretend it is safe. Thats just the way commerical applications are and I think that is really what the governent prefers business people use. After all they can just pass a law saying its illegal to decrypted the data if your not the intended recipent and of course our enimes are afraid of our paper laws. I don't have the skills necessary to determine this, so I am asking you experts for help. I have generated a bunch of encryption's of the following: A,AA,ABCD,ABCDEFGHIJKLMNOP A salt must be used allowing different encrypted values so I have encrypted each of these plaintexts several times. Note that the encrypted values are always exactly twice as long as the plaintext. Also note that in lines 18, 35, 37, 39, and 40, the .'s (period's) are actually characters with hex code 7F. The . character doesn't otherwise appear to occur in the encrypted text. These plaintext passwords were entered as upper case, but I believe the password actually needed is case insensitive, so the case may not necessarily be preserved in the encryption/decryption process (but I have no reason to believe it isn't). If more plaintext encryption's would be helpful, let me know, I can create more. Also, if determining the algorithm/key used in this encryption is more difficult than I believe (unable to determine it without a major effort), then I would like to know that. Thank you all for any thoughts on this. Line PlaintextEncrypted == 01 ACR 02 AN_ 03 Adu 04 Akz 05 AO 06 AET 07 Afw 08 ACR 09 A9H 10 AL] 11 AET 12 A;J 13 A;J just looking at a few I do see patterns CR ET ;J each of these is repeated more than once notice these are 15 apart. Some are not my guess is this method will not encrypt random bytes but only a subset of printable ascii 14 AA N@;@@FU6Sj_QJQQWdGb{ Notice the N and the charact _ they are ten apart
Cryptography-Digest Digest #750
Cryptography-Digest Digest #750, Volume #10 Thu, 16 Dec 99 17:13:00 EST Contents: Q: BBS (Mok-Kong Shen) Re: Q: BBS (David A Molnar) Re: Deciphering without knowing the algorithm? (Paul Schlyter) Peekboo V2 (Tom St Denis) Not Quite Identity-Based RSA Variant (John Savard) Re: BBS ("Michael Scott") Re: Simple newbie crypto algorithmn (SCOTT19U.ZIP_GUY) Re: Deciphering without knowing the algorithm? (CLSV) Re: Deciphering without knowing the algorithm? ("Steve Feldman") More idiot "security problems" (Eric Lee Green) Re: Simple newbie crypto algorithmn (Johnny Bravo) Re: Q: BBS ("Baruch Even") Re: Q: BBS (Tim Tyler) Re: Deciphering without knowing the algorithm? (drickel) Re: Prime series instead (Re: Pi) (SDpikachu) Re: Q: BBS (Mok-Kong Shen) Re: Q: BBS (Mok-Kong Shen) Re: Invitation to our homepage (Keith A Monahan) Edgar Allan Poe Crypto Challenge. ("DM") From: Mok-Kong Shen [EMAIL PROTECTED] Subject: Q: BBS Date: Thu, 16 Dec 1999 19:34:20 +0100 The present question stems from a follow-up of mine in another thread. The interation underlying BBS: X_(i+1) = (x_i)^2 mod n ultimately cycles. From any seed X_0 there may be an initial unrepeated segment in the sequence generated, but after that it goes into a loop. It is trivial to see the existence of such loops. An element belonging to a loop of length 2 satisfies x^4 = x mod n Generally, an element belonging to a loop of length m satisfies x^(2^m) = x mod n Question: Does this signify anything to the security offered by BBS? M. K. Shen -- From: David A Molnar [EMAIL PROTECTED] Subject: Re: Q: BBS Date: 16 Dec 1999 18:43:33 GMT Mok-Kong Shen [EMAIL PROTECTED] wrote: Question: Does this signify anything to the security offered by BBS? Well, if you start over in a cycle, you will output the same bits, and this will be bad. So you should know how long the cycle is for your particular instance of the generator. The last part of the BBS paper covers methods for determining parameters which yield maximum-length cycles. Terry Ritter also has an article in Cryptologia (?) and some discussion on his web page as to how to determine the cycle length of given parameters. It's an interesting kind of problem - if you implement a BBS in say, Scheme, and keep iterating it, you can actually play with a lot of different parameters and notice that some work and some don't. and you can notice that if n isn't a blum integer, then your least sig bit is not particularly random at all... -David -- From: [EMAIL PROTECTED] (Paul Schlyter) Subject: Re: Deciphering without knowing the algorithm? Date: 16 Dec 1999 19:02:45 +0100 In article [EMAIL PROTECTED], CLSV [EMAIL PROTECTED] wrote: "SCOTT19U.ZIP_GUY" wrote: I know enough to know that you don't understand C "very" well if you can't follow a simple C program. Have you ever seen the winners of the obfuscated C programming contest? Those are small and simple programs. Yet they are really hard to read. These programs are far from typical small and simple C programs. The authors have deliberately abused C as much as they can, in order to make the code as unreadable as possible (that's what the contest is about). -- Paul Schlyter, Swedish Amateur Astronomer's Society (SAAF) Grev Turegatan 40, S-114 38 Stockholm, SWEDEN e-mail: [EMAIL PROTECTED][EMAIL PROTECTED] [EMAIL PROTECTED] WWW: http://hotel04.ausys.se/pauschhttp://welcome.to/pausch -- From: Tom St Denis [EMAIL PROTECTED] Subject: Peekboo V2 Date: Thu, 16 Dec 1999 19:09:32 GMT Well V2 is out... some of the additions/changes include the chat client, new layout, new session key construction, slightly easier to follow source code etc.. In case you don't know, peekboo is my free Win95/98/NT Cryptographic Toolset. You can check it out on the web at http://www.cell2000.net/security/peekboo/index.html Tom Sent via Deja.com http://www.deja.com/ Before you buy. -- From: [EMAIL PROTECTED] (John Savard) Subject: Not Quite Identity-Based RSA Variant Date: Thu, 16 Dec 1999 12:29:38 GMT It would seem that the security of RSA would not be decreased if, after choosing one prime, I chose the second prime so that the product, a very long number, began with a string giving my identity. If so, I see a possible "benefit"; since the moduli starting with such a string are a subset of possible moduli, there would be fewer possible moduli having a given checksum. Of course, that won't _really_ provide any benefit in security, at least not one I can see - a restricted search for collisions will turn up results as quickly as an unrestricted one, so key certificates aren't improved. But perhaps there's some use... John
Cryptography-Digest Digest #751
Cryptography-Digest Digest #751, Volume #10 Thu, 16 Dec 99 21:13:01 EST Contents: Re: Keystrokes monitored/encryption useless (Keith A Monahan) Re: Deciphering without knowing the algorithm? ("Trevor Jackson, III") Re: Deciphering without knowing the algorithm? ("Trevor Jackson, III") I was just thinking about a potential Cipher system... ("Pipian") Re: Better encryption? PGP or Blowfish? (Derek Bell) 8192bit Encrypt - Easy ! ("Glen Bridgland") Re: More idiot "security problems" (Xcott Craver) Re: Simple newbie crypto algorithmn ("Douglas A. Gwyn") Re: Deciphering without knowing the algorithm? ("Douglas A. Gwyn") Re: Q: BBS ("Baruch Even") Re: More idiot "security problems" ("Trevor Jackson, III") Re: Keystrokes monitored/encryption useless (Bauerda) Re: More idiot "security problems" (David Wagner) Re: 8192bit Encrypt - Easy ! (Eli Akronym) Enigma - theoretical question (Neil Bell) From: [EMAIL PROTECTED] (Keith A Monahan) Subject: Re: Keystrokes monitored/encryption useless Date: 16 Dec 1999 22:13:17 GMT Yeah, DIRT has been around for quite some time. I remember reading about it awhile back. I went to the manufacturer's web page(I forget who) and they had phrases like, "only available to law enforcement" and "please fax proof of being a LEA prior to asking for additional information" and blah blah blah. First off, if they think they can prevent some pirate from distributing DIRT around to everyone and their brother, they are crazy. I can't beleive I haven't seen a pirated copy yet. Perhaps I'll take a look :) I'm sure they are charging an arm and a leg for this software which was pretty easy to write. I protect myself using AtGuard which is really an awesome firewall software for windows. It allows you to log all connections, approve/deny each connection and so forth. I review the logs on a (somewhat) periodic basis looking for any funny sitenames/ip's, etc. Well. http://www.atguard.com just shows me something that may not benefit end users, but WRQ, Inc. has licensed AtGuard to Symantec Corporation and ASCII Network Technology. WRQ discontinued sales of AtGuard to individual users on November 22, 1999. WRQ will stop supporting the AtGuard product on December 22, 1999. On December 22, the AtGuard web site and the AtGuard Forum will close. Symantec will offer the AtGuard technology as part of Norton Internet Security 2000. Keith molypoly ([EMAIL PROTECTED]) wrote: : Take a look at the latest article from Privacytimes.com at : http://www.privacytimes.com/dirt_8_17.htm : The program is called DIRT and it records all your keystrokes. When : you're online, it sends them to the receipient. : This means that your keystrokes made while making your encryption : keys are now worthless! How would one get around this if this software : got into the wrong hands? : Sent via Deja.com http://www.deja.com/ : Before you buy. -- Date: Thu, 16 Dec 1999 17:54:45 -0500 From: "Trevor Jackson, III" [EMAIL PROTECTED] Subject: Re: Deciphering without knowing the algorithm? Paul Schlyter wrote: In article [EMAIL PROTECTED], CLSV [EMAIL PROTECTED] wrote: "SCOTT19U.ZIP_GUY" wrote: I know enough to know that you don't understand C "very" well if you can't follow a simple C program. Have you ever seen the winners of the obfuscated C programming contest? Those are small and simple programs. Yet they are really hard to read. These programs are far from typical small and simple C programs. The authors have deliberately abused C as much as they can, in order to make the code as unreadable as possible (that's what the contest is about). Last time I looked the limit on entries to the contest was 2048 characters. That's pretty small by most standards. Now as for simple, one of the figures of merit for an obfuscated program is the ratio of the complexity of code over the complexity of the job it does. The simple the job the better. N.B. Scott's code exhibits the classic wholistic doctrine that one cannot infer the operation of the assembly from inspection of the parts. No amout of reading the code he generated will allow you to deduce his intentions at the time he wrote the code. This is why his referrals to "read the code" and attacks upon others programming skill fall on deaf ears. His position is not defensible. -- Date: Thu, 16 Dec 1999 17:57:05 -0500 From: "Trevor Jackson, III" [EMAIL PROTECTED] Subject: Re: Deciphering without knowing the algorithm? Steve Feldman wrote: Newbie here. Go easy