Cryptography-Digest Digest #964
Cryptography-Digest Digest #964, Volume #13 Wed, 21 Mar 01 17:13:01 EST Contents: Re: A future supercomputer ("JCA") Re: Idea ("Simon Johnson") Re: Defining a cryptosystem as "broken" ("Joseph Ashwood") Re: What happens when RSA keys don't use primes? ("Joseph Ashwood") Re: What happens when RSA keys don't use primes? ("Joseph Ashwood") Applied Cryptography Source Disk ("Stevan Gostojic") Re: An extremely difficult (possibly original) cryptogram (daniel mcgrath) Re: Most secure way to add passphrase verification to "CipherSaber" ("John L. Allen") Re: Popular Mechanics article on NSA (John Savard) Re: redodancy (John Savard) Re: What happens when RSA keys don't use primes? (Doug Stell) Re: A future supercomputer (Anne Lynn Wheeler) SSL question (Patrick Knight) Re: I was so so right about PGP ... so right when I started writing (Frank Gerlach) Re: NSA in the news on CNN (Doug Stell) Security of Triple-DES ("Arne Baltin") Re: SSL question (David Schwartz) Re: SSL question (Paul Rubin) Re: looking for "Crowds" ("thomas kuehne") Re: RC4 test vectors after gigabyte output?. (Ian Goldberg) Re: [OT] Java (Frank Gerlach) Re: Advice on storing private keys (Darryl Wagoner) Re: Idea (amateur) From: "JCA" [EMAIL PROTECTED] Subject: Re: A future supercomputer Date: Wed, 21 Mar 2001 11:59:00 -0800 In article [EMAIL PROTECTED], "Mok-Kong Shen" [EMAIL PROTECTED] wrote: Computing power is ONE of the fundamental requirements. If everything else is solved in theory, without the computing power to do that is futile, like one understands perfectly how a rocket works but without the required fuel. With more computing power, one can try algorithms that would otherwise be impossible. (See e.g. simulation of nuclear explosions, which was why the ASCIs were built.) M. K. Shen Let me turn your analogy upside down - in order to actually launch a rocket one must be able to build a fuselage first. But just having this skill without knowing the physical principles on which rockets are based will take one nowhere fast. The same with raw computing power and the human brain. Humongous horsepower is probably a relatively minor part of the solution, and hence my belief that ASCI and Blue Gene are not likely to change things at all in this respect. -- From: "Simon Johnson" [EMAIL PROTECTED] Subject: Re: Idea Date: Wed, 21 Mar 2001 20:23:24 -0800 John Joseph Trammell [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]... On 19 Mar 2001 06:58:53 GMT, SCOTT19U.ZIP_GUY wrote: Time is to precious wasting it using a spell checker. Your time is more precious than mine, then? I'd say that time is too precious to waste writing unintelligible scribblings, but hey, maybe that's just me. But then I'd argue that there is sufficient redundancy in his English for you to make sense, very quickly, of his far from unintelligible text and your just being a little silly. Simon. -- From: "Joseph Ashwood" [EMAIL PROTECTED] Subject: Re: Defining a cryptosystem as "broken" Date: Wed, 21 Mar 2001 12:04:44 -0800 I think we agree on that, no there's no way we can be certain of an attackers compute power (or analytic power for that matter). So it will take conservative estimation, buffer zones, whatever you want to call it, and we can still be bitten by it. However with cryptography it's fairly well known that all we can do is fix the odds in our favor, just as we assume that no one will guess a 128-bit number on the first try. I think we agree though. Joe "Mok-Kong Shen" [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]... Joseph Ashwood wrote: Of course the user will have problems. That's where well paid cryptanalysts come in :) I think I can say safely that we all agree that most systems simply haven't been designed with security in mind (I point to MS insert name here/ as an example). The difference is that I did not say this is a countable set, only you have made that assumption about what I have said. What I have said is that a threat/attack model needs to be made, I have never said that it is an easy problem, I have never said that the set of all models is countable (although because I expect that they will all be finite in length they are not only countable but finite), I have only said that one needs to be constructed for the situation. Choosing the right model should be done for the user, in fact the programmer will fix the threat/attack model whether he/she knows it or not. The only decision about the threat/attack model that the user makes is which programs to use. I am not
Cryptography-Digest Digest #964
Cryptography-Digest Digest #964, Volume #12 Fri, 20 Oct 00 10:13:01 EDT Contents: Re: What is desCDMF? (Richard Heathfield) Re: Which "password" is best. (CiPHER) Re: What is desCDMF? (Tom St Denis) Re: Works the md5 hash also for large datafiles (4GB) ? (Daniel Leonard) Re: Counting one bits is used how? (Rob Warnock) Re: Works the md5 hash also for large datafiles (4GB) ? (Runu Knips) Re: Counting one bits is used how? (Rob Warnock) Re: Rijndael in Perl (Tony L. Svanstrom) Re: Rijndael in Perl (Rasputin) Re: Rijndael in Perl (Runu Knips) Re: Efficient software LFSRs (Rob Warnock) Re: Rijndael in Perl (Runu Knips) Re: What is desCDMF? (Richard Heathfield) Date: Fri, 20 Oct 2000 11:23:14 +0100 From: Richard Heathfield [EMAIL PROTECTED] Subject: Re: What is desCDMF? Tom St Denis wrote: Why the heck would you use a 40-bit key? That's like asking "can you steal my messages". Why not just not use a key at all? I can think of three reasons without particularly trying: 1) Newbie-level study of cryptanalytic techniques. This makes even a monoalphabetic sub or Vigenere cipher worth doing. Why not then try to break 3-round DES instead of "DES with an insanely short key"? Personally the former seems much more challenging then the latter. Why not try both? Personally, I find that I learn something a lot more effectively if I actually do it. Have you never broken a Vigenere cipher, just for fun? I have. And it was tremendous fun, and I learned a lot. But to break a Vigenere cipher, you have to have a Vigenere cipher to break. And therefore someone has to make one for you, or you have to roll your own. Same with 40-bit DES. 2) An informal competition among friends. CDMF coding is very old, nothing new. Must we only ever be on the bleeding edge? Remember that this newsgroup is read not just by experts and deep-level hobbyists, but also by people who are interested in cryptology and like to dabble in it, but don't have the expertise of some of the regular posters here. You're still at school, I believe, and yet it's pretty clear that (no matter how much one or two of the regs bite you on occasion) you know a damn sight more about crypto than I do. But that doesn't stop me being interested in crypto, and even having a go at learning more about it, and what applies to me undoubtedly applies to others too. You might consider CDMF (whatever the hell that is) to be old hat, but to others it may yet be just beyond, or perhaps on, the horizon of their current knowledge. In other words, we all have to start somewhere. 3) 'Kid sister' cryptography (i.e. a not very threatening* threat model). Why not just xor 0xAA against the plaintext? "Threat model" is a sliding scale from "none" to "NSA, GCHQ, KGB, or alien invaders from the Andromeda Galaxy" and, for the genuinely paranoid, upward from there. There will be a point on that scale where the level of security provided by 40-bit DES or its equivalent is necessary and sufficient. (No, I wouldn't use 40-bit DES either. But that's not the point.) -- Richard Heathfield "Usenet is a strange place." - Dennis M Ritchie, 29 July 1999. C FAQ: http://www.eskimo.com/~scs/C-faq/top.html KR Answers: http://users.powernet.co.uk/eton/kandr2/index.html -- From: CiPHER [EMAIL PROTECTED] Subject: Re: Which "password" is best. Date: Fri, 20 Oct 2000 10:41:19 GMT In article dlSH5.4488$[EMAIL PROTECTED], Ray Dillinger [EMAIL PROTECTED] wrote: I would definitely never use a password that had been published on usenet. *lol* -- Marcus --- [ www.cybergoth.cjb.net ] [ alt.gothic.cybergoth ] Sent via Deja.com http://www.deja.com/ Before you buy. -- From: Tom St Denis [EMAIL PROTECTED] Subject: Re: What is desCDMF? Date: Fri, 20 Oct 2000 11:32:26 GMT In article [EMAIL PROTECTED], Richard Heathfield [EMAIL PROTECTED] wrote: Tom St Denis wrote: Why the heck would you use a 40-bit key? That's like asking "can you steal my messages". Why not just not use a key at all? I can think of three reasons without particularly trying: 1) Newbie-level study of cryptanalytic techniques. This makes even a monoalphabetic sub or Vigenere cipher worth doing. Why not then try to break 3-round DES instead of "DES with an insanely short key"? Personally the former seems much more challenging then the latter. Why not try both? Personally, I find that I learn something a lot more effectively if I actually do it. Have you never broken a Vigenere cipher, just for fun? I have. And it was tremendous fun, and I learned a lot. But to break a Vigenere cipher, you have to have a Vigenere cipher to break. And therefore someone has to make one for you, or you have t
Cryptography-Digest Digest #964
Cryptography-Digest Digest #964, Volume #10 Mon, 24 Jan 00 06:13:01 EST Contents: Re: Weierstrass Normal Form (John Savard) Re: MIRDEK: more fun with playing cards. ("r.e.s.") Re: What about the Satanic Seven??? (Terje Elde) Re: What about the Satanic Seven??? (Terje Elde) Re: MIRDEK: more fun with playing cards. (Paul Rubin) Re: Calculating A^-1 Mod P ("ink") Is Cramer-Shoup 98 with 5020 bits secure? (Oliver Moeller) Re: Intel 810 chipset Random Number Generator (Vernon Schryver) Help!!!Looking for Volunteers for my Masters Degree Research (paul mckee) Re: Challenge. (Paul Schlyter) Re: Java's RSA implimentation (Paul Schlyter) From: [EMAIL PROTECTED] (John Savard) Subject: Re: Weierstrass Normal Form Date: Mon, 24 Jan 2000 06:52:59 GMT On Sun, 23 Jan 2000 17:09:20 -0800, Laura Feinstein [EMAIL PROTECTED] wrote, in part: Given a cubic of the form u^3 +v^3 = a, where a is a rational number, how does one determine new coordinates, x and y given in terms of u and v by rational functions? I know the value of these functions: x=12*a/(u + v) y=36*a*(u - v)/(u + v) I'm looking for an algebraic method for determining these functions. Unless the title of your post gives some clue that I'm missing, it's hard to see what your question is. Given u^3 + v^3 = a, one knows nothing about x and y or their relationship to u and v; thus, the two rational functions that you've given can't be determined by algebra. If you want to find u and v as functions of x and y, that would be a straightforwards problem in algebra. If x = 12a/(u+v), then u+v = 12a/x. If y = 36a((u-v)/(u+v)), then, first we substitute for u+v, to get y = 36a((u-v)/(12a/x)). This lets us find that u-v = y(12a/x)/36a = y/3x. Knowing u+v and u-v, it's easy enough to find u and v. u = (( 12a/x ) + ( y/3x )) / 2 and v = (( 12a/x ) - ( y/3x )) / 2 but I doubt that anything so simple was really your question. John Savard (teneerf -) http://www.ecn.ab.ca/~jsavard/index.html -- From: "r.e.s." [EMAIL PROTECTED] Subject: Re: MIRDEK: more fun with playing cards. Date: Sun, 23 Jan 2000 23:36:51 -0800 "Paul Rubin" [EMAIL PROTECTED] wrote ... : r.e.s. [EMAIL PROTECTED] wrote: : K A 2 ... J Q : 0 1 2 ... 11 12 :- : Diamonds 0| 0 1 2 ... 11 12 : Spades 1| 13 14 15 ... 24 25 : Hearts 2| 26 27 28 ... 37 38 : Clubs3| 39 40 41 ... 50 51 : : Take the "value" of a card as a *pair* of numbers (suit, facevalue), : i.e. the (row,col) coordinates in the above table, and leave it at : that while navigating the card layout. Don't waste time finding the : values 0-51! : : Actually it doesn't much matter what order the "card table" is : in, if you have a convenient way to do the arithmetic. So try : it like this: : : 0 40 28 16 4 44 32 20 8 48 36 24 : 13 1 41 29 17 5 45 33 21 9 49 37 : 26 14 2 42 30 18 6 46 34 22 10 50 : 39 27 15 3 43 31 19 7 47 35 23 11 : : instead of in 0,1,2... order. Notice that with this layout, : table[row, col] % 13 = col, and : table[row, col] % 4 = row. : : You don't have to write down the above array or pay any attention : to it at all; I just included it to help explain the principle here. The table I gave is intended to be a visual indicator of several things at once: the axes (absent in your table) are to remind what the suit- and facevalue-associations are, while its interior is to indicate the directions in which one navigates through it. Pedestrian, I know, but some people really benefit from visuals like that. : The real savings come in the final steps: : : While swapping the two cards, separately add up their "rows" "cols". : "rows" is the mod 4 sum of their suits, and "cols" is the facevalue : sum (if it exceeds 0-12, increase the row sum by 1, and take : "cols" = facevalue - 13). : : Now just take the facevalue and suit sums mod 13 and 4 respectively, : independently of each other. If the facevalue sum exceeds 13 just : subtract 13. You don't have to adjust the row sum. This saves you : a step. The Chinese Remainder Theorem in action ;-). I don't think that's correct. Consider DiamondNine+SpadeNine: That's (0,9)+(1,9)=(1,18)=(2,5), not (1,5). Or the long way, (0*13+9)+(1*13+9)=31 =/= 1*13+5. Have I misunderstood your meaning? : For the final step, put your finger at the (0,0) position in the : card-layout and move it the number of rows and columns indicated : by the (rows,cols) just obtained. You'll then be pointing at the : output card. : : Is this the scheme you were getting 3-4 characters/minute with? : Or is it faster now? Yup, that's been my method. Despite my early repor