Cryptography-Digest Digest #236

2001-04-25 Thread Digestifier 

Cryptography-Digest Digest #236, Volume #14  Thu, 26 Apr 01 00:13:01 EDT

Contents:
  Re: Censorship Threat at Information Hiding Workshop (David Wagner)
  Re: Censorship Threat at Information Hiding Workshop (AY)
  Re: 1024bit RSA keys. how safe are they? (Greg Ofiesh)
  Re: ancient secret writing (Greg Ofiesh)
  Re: Elliptic Curves (Greg Ofiesh)
  Re: Key scheduling of block cipher (Scott Fluhrer)
  Re: 1024bit RSA keys. how safe are they? (Brian Hetrick)
  Re: 1024bit RSA keys. how safe are they? (Brian Hetrick)
  Re: Key scheduling of block cipher (Bryan Olson)
  Re: 1024bit RSA keys. how safe are they? (Brian Hetrick)
  Re: Censorship Threat at Information Hiding Workshop (Terry Ritter)
  Re: Black  white .gifs? (Benjamin Goldberg)
  Re: There Is No Unbreakable Crypto (Benjamin Goldberg)



From: [EMAIL PROTECTED] (David Wagner)
Subject: Re: Censorship Threat at Information Hiding Workshop
Date: 26 Apr 2001 01:17:44 GMT

AY wrote:
I'm not sure whether RMS denies the possibility of IP, but I am quite sure
he doesn't like the term (from personal experience).

http://www.gnu.org/philosophy/words-to-avoid.html#IntellectualProperty

Thanks.  He does a better job of explaining this position than I can:

  Publishers and lawyers like to describe copyright as ``intellectual
  property.'' This term carries a hidden assumption---that the most
  natural way to think about the issue of copying is based on an analogy
  with physical objects, and our ideas of them as property.

  But this analogy overlooks the crucial difference between material
  objects and information: information can be copied and shared almost
  effortlessly, while material objects can't be. Basing your thinking
  on this analogy is tantamount to ignoring that difference.  [...]

  If you don't want to limit yourself to this way of thinking, it is
  best to avoid using the term ``intellectual property'' in your words
  and thoughts. [...]

Under piracy:
  
  Publishers often refer to prohibited copying as ``piracy.'' In this way,
  they imply that illegal copying is ethically equivalent to attacking
  ships on the high seas, kidnaping and murdering the people on them.

  If you don't believe that illegal copying is just like kidnaping and
  murder, you might prefer not to use the word ``piracy'' to describe it.
  [...]

Note the trend in recent years of publishers to use the word piracy
to refer not only to mass copyright violation (e.g., selling thousands
of cloned copies of copyrighted movies) but also to isolated infringement.

Also germane to this thread are his comments on use of the word theft:

  http://www.gnu.org/philosophy/words-to-avoid.html#Theft

I don't necessarily agree 100% with his positions, but I think his
observations are worth keeping in mind when examining these issues.

--

From: AY [EMAIL PROTECTED]
Subject: Re: Censorship Threat at Information Hiding Workshop
Date: Thu, 26 Apr 2001 02:24:02 +0100

From classic times, writers have sold their work to an audience of
individuals.  When that audience receives that same work in other ways
-- even if others just give it away -- the market for the original
work is reduced.  If that is not stealing worth from the
intellectual property owner, what is it?

In that case libraries must be the worst offenders of theft of all?

AY




--

From: Greg Ofiesh [EMAIL PROTECTED]
Subject: Re: 1024bit RSA keys. how safe are they?
Date: Wed, 25 Apr 2001 17:27:44 -0700


Joseph Ashwood [EMAIL PROTECTED] wrote in message
news:ek9C7IDzAHA.355@cpmsnbbsa07...
 I trust 1024-bit RSA enough that I would post my personal credit card
number
 to a hacker newsgroup protected by such a key (provided I knew certain
 additional constraints). And the credit card I have in mind has a credit
 limit that could buy someone a house. However I would make sure that the
 card expired in the next 5 years. Move it up to 2048-bit and I might
 actually trust it with my social security number.

HA HA HA HA HA

In a short while, it won't matter what you encode your SS# with because the
government will make it law where it can be shared by just about anyone.

I went to a video rental place the other day to open an account with them.
They said they required my SS#.  I told them that such a requirement was
illegal.  They promptly said that they were issuing me credit, so it was
entirely legal.  I quickly fired back that they were right, but I assumed
that their claim was correct.  After thinking about it, they were not
issuing
me credit.  They were issuing me rental and my credit card (which I gave
them) was the credit that backed the rental.  I was thinking of suing them,
but then I realized that they would have it soon anyway, so what was the
point.

Same with medical privacy.

It did not matter if Gore or W won.  I said it during the entire campaign
and
now I am being proved correct

Cryptography-Digest Digest #236

2000-07-17 Thread Digestifier 

Cryptography-Digest Digest #236, Volume #12  Mon, 17 Jul 00 07:13:01 EDT

Contents:
  Re: Win2000 Encryption (Ichinin)
  RC5 Question ("Brian Patterson")
  Re: RC5 Question (James Pate Williams, Jr.)
  Re: Win2000 Encryption (Suchandra Thapa)
  Re: xor confusion! (Suchandra Thapa)
  Classical Crypto Books (CryptoBook)
  Re: Win2000 Encryption (Mack)
  Re: Win2000 Encryption (Jerry Coffin)
  Re: New Idea - Cipher on a Disk (Mack)
  Re: Win2000 Encryption (Volker Hetzer)
  Re: Computing with Encrypted Functions (Paul Rubin)
  Re: Has RSADSI Lost their mind? (Mark Wooding)
  Re: stes-0.0.0 released (was: Steganographic encryption system) (Nick Kew)
  Re: Quantum Computing (Was: Newbie question about factoring) (Kent Paul Dolan)
  Re: Comment on [Mixmaster] version 3. [Section 3.2] (Pete Chown)
  Re: Quantum Computing (Was: Newbie question about factoring) (Nick Maclaren)
  Re: Blowfish Algorithm ("Falissard")
  Re: Win2000 Encryption (Daniel James)



From: Ichinin [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
Subject: Re: Win2000 Encryption
Date: Mon, 17 Jul 2000 03:10:21 +0200

Steve Rush wrote:
 Let me guess: by default, Win2K not only doesn't erase the swapfile on
 shutdown, but sets every security parameter to "wide open."

1) By default = Yupp.
2) Not "wide open", the words you're looking for is
"caught-with-the-pants-halfway-down".

/Ichinin

P.S: If anyone have info on HOW NT/W2K erases the swapfile - Email me
(Please)

--

From: "Brian Patterson" [EMAIL PROTECTED]
Subject: RC5 Question
Date: Mon, 17 Jul 2000 01:52:02 GMT

Hi All,
I have a question concerning the source code to RC5 as shown in "Applied
Cryptography".  The source code uses a data type of "u4".  I'm trying to
compile the test app using MS Visual C++ 6.0.  What exactly is a "u4"
datatype?

- Brian Patterson




--

From: [EMAIL PROTECTED] (James Pate Williams, Jr.)
Subject: Re: RC5 Question
Date: Mon, 17 Jul 2000 02:32:25 GMT

On Mon, 17 Jul 2000 01:52:02 GMT, "Brian Patterson" [EMAIL PROTECTED]
wrote:

Hi All,
I have a question concerning the source code to RC5 as shown in "Applied
Cryptography".  The source code uses a data type of "u4".  I'm trying to
compile the test app using MS Visual C++ 6.0.  What exactly is a "u4"
datatype?

- Brian Patterson

Look on page 654 of _Applied Cryptography_ under 3-Way:

typedef unsigned long u4;

==Pate Williams==
[EMAIL PROTECTED]
http://www.mindspring.com/~pate


--

From: [EMAIL PROTECTED] (Suchandra Thapa)
Subject: Re: Win2000 Encryption
Reply-To: [EMAIL PROTECTED]
Date: Mon, 17 Jul 2000 03:58:00 GMT

Mack [EMAIL PROTECTED] wrote:
Greg [EMAIL PROTECTED] wrote:
Can anyone explain what is happening?  Do I need to install some
software component to make this work or am I doing something wrong?


Have you tried booting from linux or some other OS and accessing
the same file? Possibly with a disk editor from DOS?

Don't try to use linux to access the drive.  Linux doesn't
handle NTFS very well.  I believe it reads NT4's file system 
without many errors.  However any writes to win2000 or NT4's file systems
WILL corrupt the filesystem enough that nt or win2000 probably 
won't be able to mount the filesystem.


-- 
==

Suchandra S. Thapa 
[EMAIL PROTECTED]

==

--

From: [EMAIL PROTECTED] (Suchandra Thapa)
Subject: Re: xor confusion!
Reply-To: [EMAIL PROTECTED]
Date: Mon, 17 Jul 2000 03:58:02 GMT

[EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
i don't quite understand how the XOR operation works. i was reading
about it in Applied Cryptography, by Bruce Schneier. the explaination
was rather brief, so I decided to make a program that generated two
random integers and XORed them. i understand why the same number twice
will return zero, but i don't get how 6 xor 3 can be five (that's one
of the pairs i got). any help is greatly appreciated!

Basically, 
1 xor 1 = 0 
1 xor 0 = 1  
0 xor 1 = 1
0 xor 0 = 0

xor works on a bit by bit basis so 110 xor 011 = 101. 

-- 
==

Suchandra S. Thapa 
[EMAIL PROTECTED]

==

--

From: [EMAIL PROTECTED] (CryptoBook)
Subject: Classical Crypto Books
Date: 17 Jul 2000 04:23:43 GMT


16 July 2000

Classical Crypto Books is pleased to announce the following recent update to
the CCB catalog.


ESPIONAGE AND INTELLIGENCE

BRITISH MILITARY INTELLIGENCE IN THE PALESTINE CAMPAIGN 1914-1918
by Yigal Sheffy
British victory was assured, in lar

Cryptography-Digest Digest #236

1999-09-14 Thread Digestifier 

Cryptography-Digest Digest #236, Volume #10  Tue, 14 Sep 99 21:13:03 EDT

Contents:
  Re: RC4-40 Cracking (Paul Koning)
  Re: Ritter's paper (SCOTT19U.ZIP_GUY)
  Re: Ritter's paper (Terry Ritter)
  Re: ti83 encryption (Arthur Dardia)
  Re: ti83 encryption ([EMAIL PROTECTED])
  Re: Ritter's paper (Terry Ritter)
  Re: ti83 encryption (Arthur Dardia)
  Re: Size of DH exponent  modulous?? (John Myre)
  Re: Sources of randomness (Terry Ritter)
  Re: ti83 encryption (Ian Goldberg)
  Re: How strong is RC4 ? ([EMAIL PROTECTED])
  Re: Sources of randomness (Terry Ritter)
  Re: Ritter's paper (Terry Ritter)
  Re: RC4-40 Cracking ("Steven Alexander")



From: Paul Koning [EMAIL PROTECTED]
Subject: Re: RC4-40 Cracking
Date: Tue, 14 Sep 1999 18:06:03 -0400

Dafydd Richards wrote:
 
 Please could somebody post/email  rough estimates for the following please
 :-
 
 1) How much time would a machine on a $30,000 budget take to crack RC4-40.
 
 2) How much would it cost to construct a machine to crack RC4-40 in say half
 an hour.

Not much, if you're doing it with PCs.  But I assume you meant a custom
machine along the lines of the DES cracker.

For a rough estimate, suppose RC4 and DES key search are about equally
hard
and equally fast.  Deep Crack did a 56 bit key in 56 hours, which means
it
could do a 40 bit key in 3 seconds.  It costs about $300k.

Suppose also that speed scales directly with cost.  That would mean a
$30k
machine would find an RC4-40 key in 30 seconds.  And a half hour machine
would cost $500.  (That last number doesn't really work because hardware
costs don't scale linearly down that far.  But it suggests you can do
the
job with a modest investment in FPGAs.  Might make a nice thesis project
for
an enterprising EE student.)

paul

--

From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Ritter's paper
Date: Wed, 15 Sep 1999 00:43:35 GMT

In article 7rm98e$69h$[EMAIL PROTECTED], 
[EMAIL PROTECTED] (David Wagner) wrote:
In article [EMAIL PROTECTED], Terry Ritter [EMAIL PROTECTED] wrote:
 There is a copy of the article .PDF on my pages.  It is first in the
 list in the Technical Articles section on my top page.  The exact link
 is:
http://www.io.com/~ritter/ARTS/R8INTW1.PDF

Thanks for posting!  I think this is an important subject for
discussion.

However, I don't think your suggestion works.  I'd like to invite
you to look over my reasoning and see if you find any errors.

Let's think of this as a resource allocation problem (i.e., an
economics problem), where our sole goal is to minimize the risk
that the adversary can read our traffic.  Then I think a fairly
simple calculation shows that your proposed approach is sub-optimal,
and that the best strategy is to "follow the crowd".

Suppose we have a fixed bound R on the total amount of resources
we can apply to the problem (e.g., R man-years, R months of Eli
Biham's time, whatever).  Further suppose we have a fixed amount T
of traffic to protect.  We have two choices:
 ("AES")  Design one cipher that you really really believe in; use
  it for _all_ the traffic.
  In other words, spend all of R on design and analysis
  of the cipher, and use it for all of T.
   The fallacy is your spending all your money on a design that is
supose to work in all envornments from credit cards to file portection
as a result you get something that can't be very good. One should
at the very least have different designs for different requirements unless
you real task Mr Wagner is to make everything readable by your
handlers.
   We don't build one vechicle on the road to haul garbage kids and
to go off road it just is not practical.
 (Ritter) Design N ciphers, and hope most of them don't get broken.
  In other words, spend R/N on each of the N designs, and
  use each cipher to encrypt T/N of the traffic.
I think these scenarios accurately characterize the two approaches
we want to compare.  Do you agree with the model?
   No I think your full of it. He said you can use variuos ciphers. I think
he might even use one of yours in the layer.

Let f(R) be the probability that we apply the resources specified
by R to cryptographic design and analysis, and yet the adversary still
manages (somehow) to break our cipher.

We can now calculate the risk of failure for each scenario.
 ("AES")  With probability f(R), the cipher breaks, and all T of
  our traffic is broken.
   = Expected loss = T*f(R).
 (Ritter) Each cipher breaks with probability f(R/N), and each break
  reveals T/N of our traffic.
  Again not if you do them in series.
  Since expectation is linear, the total expected loss is the
  sum of the expected losses; the latter quantity is T/N * f(R/N)
  for each cipher, and there are N of them, so...
   = Expected loss = N * T/N * f(R/N) =