Cryptography-Digest Digest #236
Cryptography-Digest Digest #236, Volume #14 Thu, 26 Apr 01 00:13:01 EDT Contents: Re: Censorship Threat at Information Hiding Workshop (David Wagner) Re: Censorship Threat at Information Hiding Workshop (AY) Re: 1024bit RSA keys. how safe are they? (Greg Ofiesh) Re: ancient secret writing (Greg Ofiesh) Re: Elliptic Curves (Greg Ofiesh) Re: Key scheduling of block cipher (Scott Fluhrer) Re: 1024bit RSA keys. how safe are they? (Brian Hetrick) Re: 1024bit RSA keys. how safe are they? (Brian Hetrick) Re: Key scheduling of block cipher (Bryan Olson) Re: 1024bit RSA keys. how safe are they? (Brian Hetrick) Re: Censorship Threat at Information Hiding Workshop (Terry Ritter) Re: Black white .gifs? (Benjamin Goldberg) Re: There Is No Unbreakable Crypto (Benjamin Goldberg) From: [EMAIL PROTECTED] (David Wagner) Subject: Re: Censorship Threat at Information Hiding Workshop Date: 26 Apr 2001 01:17:44 GMT AY wrote: I'm not sure whether RMS denies the possibility of IP, but I am quite sure he doesn't like the term (from personal experience). http://www.gnu.org/philosophy/words-to-avoid.html#IntellectualProperty Thanks. He does a better job of explaining this position than I can: Publishers and lawyers like to describe copyright as ``intellectual property.'' This term carries a hidden assumption---that the most natural way to think about the issue of copying is based on an analogy with physical objects, and our ideas of them as property. But this analogy overlooks the crucial difference between material objects and information: information can be copied and shared almost effortlessly, while material objects can't be. Basing your thinking on this analogy is tantamount to ignoring that difference. [...] If you don't want to limit yourself to this way of thinking, it is best to avoid using the term ``intellectual property'' in your words and thoughts. [...] Under piracy: Publishers often refer to prohibited copying as ``piracy.'' In this way, they imply that illegal copying is ethically equivalent to attacking ships on the high seas, kidnaping and murdering the people on them. If you don't believe that illegal copying is just like kidnaping and murder, you might prefer not to use the word ``piracy'' to describe it. [...] Note the trend in recent years of publishers to use the word piracy to refer not only to mass copyright violation (e.g., selling thousands of cloned copies of copyrighted movies) but also to isolated infringement. Also germane to this thread are his comments on use of the word theft: http://www.gnu.org/philosophy/words-to-avoid.html#Theft I don't necessarily agree 100% with his positions, but I think his observations are worth keeping in mind when examining these issues. -- From: AY [EMAIL PROTECTED] Subject: Re: Censorship Threat at Information Hiding Workshop Date: Thu, 26 Apr 2001 02:24:02 +0100 From classic times, writers have sold their work to an audience of individuals. When that audience receives that same work in other ways -- even if others just give it away -- the market for the original work is reduced. If that is not stealing worth from the intellectual property owner, what is it? In that case libraries must be the worst offenders of theft of all? AY -- From: Greg Ofiesh [EMAIL PROTECTED] Subject: Re: 1024bit RSA keys. how safe are they? Date: Wed, 25 Apr 2001 17:27:44 -0700 Joseph Ashwood [EMAIL PROTECTED] wrote in message news:ek9C7IDzAHA.355@cpmsnbbsa07... I trust 1024-bit RSA enough that I would post my personal credit card number to a hacker newsgroup protected by such a key (provided I knew certain additional constraints). And the credit card I have in mind has a credit limit that could buy someone a house. However I would make sure that the card expired in the next 5 years. Move it up to 2048-bit and I might actually trust it with my social security number. HA HA HA HA HA In a short while, it won't matter what you encode your SS# with because the government will make it law where it can be shared by just about anyone. I went to a video rental place the other day to open an account with them. They said they required my SS#. I told them that such a requirement was illegal. They promptly said that they were issuing me credit, so it was entirely legal. I quickly fired back that they were right, but I assumed that their claim was correct. After thinking about it, they were not issuing me credit. They were issuing me rental and my credit card (which I gave them) was the credit that backed the rental. I was thinking of suing them, but then I realized that they would have it soon anyway, so what was the point. Same with medical privacy. It did not matter if Gore or W won. I said it during the entire campaign and now I am being proved correct
Cryptography-Digest Digest #236
Cryptography-Digest Digest #236, Volume #12 Mon, 17 Jul 00 07:13:01 EDT Contents: Re: Win2000 Encryption (Ichinin) RC5 Question ("Brian Patterson") Re: RC5 Question (James Pate Williams, Jr.) Re: Win2000 Encryption (Suchandra Thapa) Re: xor confusion! (Suchandra Thapa) Classical Crypto Books (CryptoBook) Re: Win2000 Encryption (Mack) Re: Win2000 Encryption (Jerry Coffin) Re: New Idea - Cipher on a Disk (Mack) Re: Win2000 Encryption (Volker Hetzer) Re: Computing with Encrypted Functions (Paul Rubin) Re: Has RSADSI Lost their mind? (Mark Wooding) Re: stes-0.0.0 released (was: Steganographic encryption system) (Nick Kew) Re: Quantum Computing (Was: Newbie question about factoring) (Kent Paul Dolan) Re: Comment on [Mixmaster] version 3. [Section 3.2] (Pete Chown) Re: Quantum Computing (Was: Newbie question about factoring) (Nick Maclaren) Re: Blowfish Algorithm ("Falissard") Re: Win2000 Encryption (Daniel James) From: Ichinin [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] Subject: Re: Win2000 Encryption Date: Mon, 17 Jul 2000 03:10:21 +0200 Steve Rush wrote: Let me guess: by default, Win2K not only doesn't erase the swapfile on shutdown, but sets every security parameter to "wide open." 1) By default = Yupp. 2) Not "wide open", the words you're looking for is "caught-with-the-pants-halfway-down". /Ichinin P.S: If anyone have info on HOW NT/W2K erases the swapfile - Email me (Please) -- From: "Brian Patterson" [EMAIL PROTECTED] Subject: RC5 Question Date: Mon, 17 Jul 2000 01:52:02 GMT Hi All, I have a question concerning the source code to RC5 as shown in "Applied Cryptography". The source code uses a data type of "u4". I'm trying to compile the test app using MS Visual C++ 6.0. What exactly is a "u4" datatype? - Brian Patterson -- From: [EMAIL PROTECTED] (James Pate Williams, Jr.) Subject: Re: RC5 Question Date: Mon, 17 Jul 2000 02:32:25 GMT On Mon, 17 Jul 2000 01:52:02 GMT, "Brian Patterson" [EMAIL PROTECTED] wrote: Hi All, I have a question concerning the source code to RC5 as shown in "Applied Cryptography". The source code uses a data type of "u4". I'm trying to compile the test app using MS Visual C++ 6.0. What exactly is a "u4" datatype? - Brian Patterson Look on page 654 of _Applied Cryptography_ under 3-Way: typedef unsigned long u4; ==Pate Williams== [EMAIL PROTECTED] http://www.mindspring.com/~pate -- From: [EMAIL PROTECTED] (Suchandra Thapa) Subject: Re: Win2000 Encryption Reply-To: [EMAIL PROTECTED] Date: Mon, 17 Jul 2000 03:58:00 GMT Mack [EMAIL PROTECTED] wrote: Greg [EMAIL PROTECTED] wrote: Can anyone explain what is happening? Do I need to install some software component to make this work or am I doing something wrong? Have you tried booting from linux or some other OS and accessing the same file? Possibly with a disk editor from DOS? Don't try to use linux to access the drive. Linux doesn't handle NTFS very well. I believe it reads NT4's file system without many errors. However any writes to win2000 or NT4's file systems WILL corrupt the filesystem enough that nt or win2000 probably won't be able to mount the filesystem. -- == Suchandra S. Thapa [EMAIL PROTECTED] == -- From: [EMAIL PROTECTED] (Suchandra Thapa) Subject: Re: xor confusion! Reply-To: [EMAIL PROTECTED] Date: Mon, 17 Jul 2000 03:58:02 GMT [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: i don't quite understand how the XOR operation works. i was reading about it in Applied Cryptography, by Bruce Schneier. the explaination was rather brief, so I decided to make a program that generated two random integers and XORed them. i understand why the same number twice will return zero, but i don't get how 6 xor 3 can be five (that's one of the pairs i got). any help is greatly appreciated! Basically, 1 xor 1 = 0 1 xor 0 = 1 0 xor 1 = 1 0 xor 0 = 0 xor works on a bit by bit basis so 110 xor 011 = 101. -- == Suchandra S. Thapa [EMAIL PROTECTED] == -- From: [EMAIL PROTECTED] (CryptoBook) Subject: Classical Crypto Books Date: 17 Jul 2000 04:23:43 GMT 16 July 2000 Classical Crypto Books is pleased to announce the following recent update to the CCB catalog. ESPIONAGE AND INTELLIGENCE BRITISH MILITARY INTELLIGENCE IN THE PALESTINE CAMPAIGN 1914-1918 by Yigal Sheffy British victory was assured, in lar
Cryptography-Digest Digest #236
Cryptography-Digest Digest #236, Volume #10 Tue, 14 Sep 99 21:13:03 EDT Contents: Re: RC4-40 Cracking (Paul Koning) Re: Ritter's paper (SCOTT19U.ZIP_GUY) Re: Ritter's paper (Terry Ritter) Re: ti83 encryption (Arthur Dardia) Re: ti83 encryption ([EMAIL PROTECTED]) Re: Ritter's paper (Terry Ritter) Re: ti83 encryption (Arthur Dardia) Re: Size of DH exponent modulous?? (John Myre) Re: Sources of randomness (Terry Ritter) Re: ti83 encryption (Ian Goldberg) Re: How strong is RC4 ? ([EMAIL PROTECTED]) Re: Sources of randomness (Terry Ritter) Re: Ritter's paper (Terry Ritter) Re: RC4-40 Cracking ("Steven Alexander") From: Paul Koning [EMAIL PROTECTED] Subject: Re: RC4-40 Cracking Date: Tue, 14 Sep 1999 18:06:03 -0400 Dafydd Richards wrote: Please could somebody post/email rough estimates for the following please :- 1) How much time would a machine on a $30,000 budget take to crack RC4-40. 2) How much would it cost to construct a machine to crack RC4-40 in say half an hour. Not much, if you're doing it with PCs. But I assume you meant a custom machine along the lines of the DES cracker. For a rough estimate, suppose RC4 and DES key search are about equally hard and equally fast. Deep Crack did a 56 bit key in 56 hours, which means it could do a 40 bit key in 3 seconds. It costs about $300k. Suppose also that speed scales directly with cost. That would mean a $30k machine would find an RC4-40 key in 30 seconds. And a half hour machine would cost $500. (That last number doesn't really work because hardware costs don't scale linearly down that far. But it suggests you can do the job with a modest investment in FPGAs. Might make a nice thesis project for an enterprising EE student.) paul -- From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) Subject: Re: Ritter's paper Date: Wed, 15 Sep 1999 00:43:35 GMT In article 7rm98e$69h$[EMAIL PROTECTED], [EMAIL PROTECTED] (David Wagner) wrote: In article [EMAIL PROTECTED], Terry Ritter [EMAIL PROTECTED] wrote: There is a copy of the article .PDF on my pages. It is first in the list in the Technical Articles section on my top page. The exact link is: http://www.io.com/~ritter/ARTS/R8INTW1.PDF Thanks for posting! I think this is an important subject for discussion. However, I don't think your suggestion works. I'd like to invite you to look over my reasoning and see if you find any errors. Let's think of this as a resource allocation problem (i.e., an economics problem), where our sole goal is to minimize the risk that the adversary can read our traffic. Then I think a fairly simple calculation shows that your proposed approach is sub-optimal, and that the best strategy is to "follow the crowd". Suppose we have a fixed bound R on the total amount of resources we can apply to the problem (e.g., R man-years, R months of Eli Biham's time, whatever). Further suppose we have a fixed amount T of traffic to protect. We have two choices: ("AES") Design one cipher that you really really believe in; use it for _all_ the traffic. In other words, spend all of R on design and analysis of the cipher, and use it for all of T. The fallacy is your spending all your money on a design that is supose to work in all envornments from credit cards to file portection as a result you get something that can't be very good. One should at the very least have different designs for different requirements unless you real task Mr Wagner is to make everything readable by your handlers. We don't build one vechicle on the road to haul garbage kids and to go off road it just is not practical. (Ritter) Design N ciphers, and hope most of them don't get broken. In other words, spend R/N on each of the N designs, and use each cipher to encrypt T/N of the traffic. I think these scenarios accurately characterize the two approaches we want to compare. Do you agree with the model? No I think your full of it. He said you can use variuos ciphers. I think he might even use one of yours in the layer. Let f(R) be the probability that we apply the resources specified by R to cryptographic design and analysis, and yet the adversary still manages (somehow) to break our cipher. We can now calculate the risk of failure for each scenario. ("AES") With probability f(R), the cipher breaks, and all T of our traffic is broken. = Expected loss = T*f(R). (Ritter) Each cipher breaks with probability f(R/N), and each break reveals T/N of our traffic. Again not if you do them in series. Since expectation is linear, the total expected loss is the sum of the expected losses; the latter quantity is T/N * f(R/N) for each cipher, and there are N of them, so... = Expected loss = N * T/N * f(R/N) =