Cryptography-Digest Digest #47
Cryptography-Digest Digest #47, Volume #13 Mon, 30 Oct 00 15:13:00 EST
Contents:
Re: BEST BIJECTIVE RIJNDAEL YET? ("Brian Gladman")
Re: Q: Computations in a Galois Field ("Brian McKeever")
Re: Graphics and Encription (Mok-Kong Shen)
Re: Q: Computations in a Galois Field (Roger Schlafly)
Re: Padding scheme? (Benjamin Goldberg)
Re: BEST BIJECTIVE RIJNDAEL YET? (SCOTT19U.ZIP_GUY)
Re: XOR based key exchange protocol - flawed? ([EMAIL PROTECTED])
CAST - test vectors ? ("Falissard")
Re: Padding scheme? (SCOTT19U.ZIP_GUY)
Re: Searching for a good PRNG (Tom St Denis)
Re: XOR based key exchange protocol - flawed? (Tom St Denis)
Re: RSA Multiprime (Tom St Denis)
Re: How do I detect invalid passwords? ([EMAIL PROTECTED])
Re: RSA Multiprime (Simon Johnson)
Re: rc4 proprieties (Ichinin)
Re: Psuedo-random number generator (David Schwartz)
Re: Psuedo-random number generator (David Schwartz)
Re: Visual Basic (Ichinin)
From: "Brian Gladman" [EMAIL PROTECTED]
Subject: Re: BEST BIJECTIVE RIJNDAEL YET?
Date: Mon, 30 Oct 2000 17:13:21 -
"SCOTT19U.ZIP_GUY" [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]...
[EMAIL PROTECTED] (Brian Gladman) wrote in
x8aL5.3966$zO3.120805@stones:
"SCOTT19U.ZIP_GUY" [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]...
[EMAIL PROTECTED] (Brian Gladman) wrote in
eN0L5.3659$zO3.111060@stones:
But in arithmetic coding the original file length does need to be
encoded in some way and Matt has a neat way of doing this (and one
which I like). But his scheme is just one of many possible ways of
encoding
I think you don't know what he did since a length field is not
use in Matts arithmetic coding.
I did not say there was a length field - I just said that length is
encoded and I do know how he does this.
The legth is not added to the file. Zero information is added to
Mastts compressest files.
I certainly did not claim that the length is 'added' to the file - what I
said was that it was encoded in the file, which is quite different.
Moreover, while the encoding adds no _data_ , it certainly adds
_information_ since the file length could not be recovered if it did not.
Brian Gladman
--
From: "Brian McKeever" [EMAIL PROTECTED]
Subject: Re: Q: Computations in a Galois Field
Date: Mon, 30 Oct 2000 09:25:52 -0800
"Benjamin Goldberg" [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]...
Brian McKeever wrote:
No. It is easy to come up with examples of rings where some elements
lack inverses.
Could you give us an example of a non-invertable element in a ring with
prime order?
Well, I'm a little rusty, but let's try this:
let R have p=prime elements. There is only 1 way to define + (since there
is only 1 group of order p, up to isomorphism). Now define a*b=0 for any a,
b in R. It's easy to check that we satisfy the ring axioms (most
importantly, * obviously distributes over +), and it should be clear that
none of the elements is invertible.
Another way to see it is this ring doesn't have a mulitplicative identity,
so it can't have invertible elements.
Brian
--
From: Mok-Kong Shen [EMAIL PROTECTED]
Subject: Re: Graphics and Encription
Date: Mon, 30 Oct 2000 18:25:52 +0100
wtshaw wrote:
Grayscale is a lesser messy medium than real colors. It seemed like a
good area to look at. Ther particulars are really cut and dried for me
now. The essence of grayscale stego can be changing pixels in an
subvisually decernable manner, but the added information units need not be
one-to-one with pixels.
I have never done such stego and my knowledge in that is
also poor. But it is my understanding that one (pseudo-)
randomly picks some pixels from the picture, maybe in
certain restricted region of a picture, and then modify
the pixel values. I use to think, however, that it should
be much easier to do stego by modifiying numerical data
that are so abundant, e.g. measurements of physical
processes. It is in my view at least as normal for a
person to send to a partner numerical data as pictures.
That is, for serving as cover materials before the
scrutinating eyes of a controller, numerical data are just
as good. So I don't quite understand that doing stego
with numerical data seems to have been neglected.
M. K. Shen
--
From: Roger Schlafly [EMAIL PROTECTED]
Subject: Re: Q: Computations in a Galois Field
Date: Mon, 30 Oct 2000 10:18:35 -0800
Brian McKeever wrote:
No. It is easy to come up with examples of rings where some elements
lack inverses.
Could you give us an example of a non-invertable element in a ring with
prime order?
Well, I'm a little rusty, but let's try this:
let R have p=prime element
Cryptography-Digest Digest #47
Cryptography-Digest Digest #47, Volume #10 Sat, 14 Aug 99 17:13:03 EDT
Contents:
Re: How to keep crypto DLLs Secure? (Eric Lee Green)
Re: What the hell is XOR? (Xcott Craver)
Re: Newbie Question - Do you need to have the message when you have a (Eric Lee
Green)
Re: Cipher-Feedback Mode ("karl malbrain")
Honest Work from Home ("Marc Deneault")
Re: Triple DES (168bit) -- Triple DES (112bit) ("karl malbrain")
Re: Triple DES (168bit) -- Triple DES (112bit) ([EMAIL PROTECTED])
Re: NIST AES FInalists are ([EMAIL PROTECTED])
Re: I HOPE AM WRONG (Jim Dunnett)
Re: Cipher-Feedback Mode (SCOTT19U.ZIP_GUY)
Re: Statistical occurrence of letters in english ([EMAIL PROTECTED])
Re: Please help a HS student with an independent study in crypto ("Douglas A. Gwyn")
Re: NIST AES FInalists are ("Douglas A. Gwyn")
Re: Smart card generating RSA keys (Peter Gutmann)
Re: IDEA in AES (Helger Lipmaa)
Re: Positive News About JAWS Technologies ([EMAIL PROTECTED])
Algorithm M Demo ([EMAIL PROTECTED])
Re: Cipher-Feedback Mode ([EMAIL PROTECTED])
Re: I HOPE AM WRONG ([EMAIL PROTECTED])
Wrapped PCBC mode ([EMAIL PROTECTED])
Re: ORB - Open Random Bit Generator (Alwyn Allan)
Re: Algorithm M Demo ([EMAIL PROTECTED])
From: Eric Lee Green [EMAIL PROTECTED]
Subject: Re: How to keep crypto DLLs Secure?
Date: Sat, 14 Aug 1999 10:37:43 -0700
"John E. Kuslich" wrote:
Powerful tools exist today for devining the inner workings of ccode on the PC.
For some examples of how these tools are exploited, please visit
http://www.crak.com
Exactly: Remember rule#1 of security:
"Any system to which the intruder has physical access is insecure."
It doesn't matter how much you encrypt something if the intruder can
just sit at the end of the decryption engine and read the plain text
over your shoulder.
--
Eric Lee Greenhttp://members.tripod.com/e_l_green
mail: [EMAIL PROTECTED]
^^^Burdening Microsoft with SPAM!
--
From: [EMAIL PROTECTED] (Xcott Craver)
Subject: Re: What the hell is XOR?
Date: 31 Jul 1999 21:30:08 GMT
#define swap(a, b)(a ^= (b ^= (a ^= b)))
swap(i,i).
Oops.
Even if *you* don't do it, someone else will.
Especially considering that someone's bound to use it in a sort,
or some code in which array elements are swapped iteratively;
All it takes is a tiny bounds overrun to zero out everything.
Or an algorithm which swaps indiscriminately, such as some variants
of selection sort. Not that you'd use selection sort.
But then, there are plenty of good hacks, which I wish people
would use more. And it still matters today in this age of
fast CPUs and fast disks, because it's also an age of streaming
media. Especially especially since a lot of the people with the
knowledge of image/signal processing to do it right are more EE
than CS, and less likely to know tricks which could give them
big-time speedup.
Steve
-Caj
--
From: Eric Lee Green [EMAIL PROTECTED]
Subject: Re: Newbie Question - Do you need to have the message when you have a
Date: Sat, 14 Aug 1999 10:44:09 -0700
Andrew Rutherford wrote:
I want to be able to create a fixed length key or digest for a particualr
document of any size, and send this created digest to a recipient who will
be able to recreate EXACTLY the same message from this digest alone. I've
put this question on the compression groups, but no answer, so I thought I'd
try here.
Not really. A digest is a member of a group of algorithms called a
"one-way hash", for which computation is easy, but going the opposite
way would require computational capacity beyond the conceivable.
If your message was 1024 bytes long, this is 8192 bits, and thus you'd
have to try every possible permutation of those 8192 bits in order to
see which ones have the same hash as your digest. Furthermore, if you
did not even know the length of the message being sent, you'd have to
try every combination of bits for every number of bits from 8 to 8
million. I'm sure one of the mathematicians here can tell you how
computationally difficult that'd be, but needless to say the heat death
of the universe will come first.
--
Eric Lee Greenhttp://members.tripod.com/e_l_green
mail: [EMAIL PROTECTED]
^^^Burdening Microsoft with SPAM!
--
Reply-To: "karl malbrain" [EMAIL PROTECTED]
From: "karl malbrain" [EMAIL PROTECTED]
Subject: Re: Cipher-Feedback Mode
Date: Sat, 14 Aug 1999 11:07:12 -0700
[EMAIL PROTECTED] wrote in message news:7p3t3s$ml4$[EMAIL PROTECTED]...
Two advantages of
Cryptography-Digest Digest #47
Cryptography-Digest Digest #47, Volume #9 Sun, 7 Feb 99 04:13:04 EST
Contents:
Re: MAC generation ("Richard Parker")
Re: SCOTT COMPRESSION (fungus)
Re: SCOTT COMPRESSION (Terry Ritter)
Re: *** Where Does The Randomness Come From ?!? *** ("PAC")
--- sci.crypt charter: read before you post (weekly notice) (D. J. Bernstein)
Re: Foiling 56-bit export limitations: example with 70-bit DES
([EMAIL PROTECTED])
From: "Richard Parker" [EMAIL PROTECTED]
Subject: Re: MAC generation
Date: Sun, 07 Feb 1999 04:13:51 GMT
"Vadim Lebedev" [EMAIL PROTECTED] wrote, in part:
the MAC will be MD5(S+SecretPassPhrase)
Vadim,
You might want to take a look at the research of Bellare, Canetti,
and Krawczyk. They've done a number of papers on using keyed hash
functions to do message authentication. Try the following URL:
http://www.research.ibm.com/security/keyed-md5.html
They recommend the following construction:
H(K XOR opad, H(K XOR ipad, text))
Where:
1) H is a cryptograhpic hash function, such as MD5 or SHA-1,
2) K is the secret key,
3) ipad is the byte 0x36 repeated for a hash block, and
4) opad is the byte 0x5C repeated for a hash block.
Richard Parker
[EMAIL PROTECTED]
--
From: fungus [EMAIL PROTECTED]
Subject: Re: SCOTT COMPRESSION
Date: Sun, 07 Feb 1999 16:05:11 +0100
Eric W Braeden wrote:
OK, but why don't we back up and ask what the
raison d'etre for compression is in the first place?
When generating high quality random numbers for use
in seeds or keys it is common to take a file of
some-what random system numbers and compress
it before hashing with SHA-1 or MD5. Since compression
is a reversible process, the total entropy remains the
same.
Data compression is a reversible process, cryptographic
hashing is not...
If the source file is compressible, you have
increased the "density" of the entropy fed to the
hash function, but what does this get you?
More entropy in a fixed space.
Most crypto keys have a fixed size, eg. 128 bits. The more
entropy you can cram into that space, the better.
--
\___/
/ O O \
\_/ FTB.
--
From: [EMAIL PROTECTED] (Terry Ritter)
Subject: Re: SCOTT COMPRESSION
Date: Sun, 07 Feb 1999 05:01:58 GMT
On Sun, 07 Feb 1999 16:05:11 +0100, in
[EMAIL PROTECTED], in sci.crypt fungus
[EMAIL PROTECTED] wrote:
[...]
Data compression is a reversible process, cryptographic
hashing is not...
While true, this is also a step beyond.
IF we process more "entropy" than the bits we produce as output, then
*no* hash is reversible, cryptographic or not, linear or not. It is
not the "cryptographic" or complex-transformation part which makes a
hash irreversible, it is the loss of information.
The "cryptographic" part refers to a presumed impossibility of finding
or constructing two different messages which produce the same hash
value.
---
Terry Ritter [EMAIL PROTECTED] http://www.io.com/~ritter/
Crypto Glossary http://www.io.com/~ritter/GLOSSARY.HTM
--
From: "PAC" [EMAIL PROTECTED]
Crossposted-To: sci.philosophy.meta,sci.physics,sci.skeptic
Subject: Re: *** Where Does The Randomness Come From ?!? ***
Date: Sat, 6 Feb 1999 21:50:37 -0800
PAC wrote in message 79j0m4$2b7$[EMAIL PROTECTED]...
Colin Day wrote in message [EMAIL PROTECTED]...
PAC wrote:
Math is a closed system? I think that Godel would dispute that (if he
weren't
dead)
Then I'll let my stuff stand until he rises again (;
This is more my side from an earlier thread
I do not understand what you mean. If you mean that math is a complete
system, then that is not correct. Mathematics suffers from its own
indeterminancy (Chaitin's Theorem) just as formal axiomatic systems
do (Godel's Theorem) and computers programs do (Turing's Theorem).
"Never a complete system even when dealing with simple infinity, but
whatever answers that come to math will still be mathematical and resolved
by itself and nothing beyond that. Otherwise leaving the ends open I
suppose can imply that even the simplest variable can be non-mathematical
being that it's never determined and the equations vary with the variables.
It has internal relations that will always resolve things mathematically.
But this does imply that math=universe being that the universe would be
considered complete and math not, but this is obvious since math is not the
all of reality, yet the most approachable // to the universe that we have.
Absolute completeness would never be a part of math unless it encompassed
all of reality."
This falls simply to the classification of variables. Unresolved
variables, i.e. Godel-type entities, imaginary numbers, infinity-related
problems, have always been intrinsically a part of math and it is assu
