Cryptography-Digest Digest #369
Cryptography-Digest Digest #369, Volume #14 Wed, 16 May 01 20:13:01 EDT Contents: Re: TC15 analysis (Tom St Denis) Re: PRNG question from newbie (David Wagner) Re: PRNG question from newbie (Roger Schlafly) Re: taking your PC in for repair? WARNING: What will they find? (Ichinin) Re: taking your PC in for repair? WARNING: What will they find? (P.Dulles) Re: PRNG question from newbie (Henrick Hellström) Re: PRNG question from newbie (David Wagner) Re: TC15 analysis (Scott Fluhrer) Re: TC15 analysis (Scott Fluhrer) Re: taking your PC in for repair? WARNING: What will they find? (Omnivore) Re: taking your PC in for repair? WARNING: What will they find? (Omnivore) Re: TC15 analysis (Tom St Denis) Re: PRNG question from newbie (Paul Pires) Re: PRNG question from newbie (Roger Schlafly) Re: How can I see the symmetric enncryption keysize in SSL? (no_carrier) Re: taking your PC in for repair? WARNING: What will they find? (SCOTT19U.ZIP_GUY) From: Tom St Denis [EMAIL PROTECTED] Subject: Re: TC15 analysis Date: Wed, 16 May 2001 21:54:06 GMT Scott Fluhrer [EMAIL PROTECTED] wrote in message news:9du4hf$5e1$[EMAIL PROTECTED]... In any case, it turns out there was a bug in my program -- I had the sbox in backwards (which brings up an obvious question -- would the cipher actually be stronger if you inverted the sbox? Probably not). When I fixed that, it did find a one round differential at hamming weight 7 (with probability 2**-15). The differential at the beginning of a round is (in binary): 01010001 0011 00101000 The linear transform turns it into: 0001 00011000 00111000 01001001 And each of the 5 active sboxes has a 2**-3 probability of turning the bits within its column back into the column settings of the original differential. I finished an accelerated search and I think I can conclude there are no usefull 1R differentials. Any clues on how to make the LT better? I see in serpent they used logical shifts, is that to avoid this cyclic behaviour? Tom -- From: [EMAIL PROTECTED] (David Wagner) Subject: Re: PRNG question from newbie Date: 16 May 2001 21:59:36 GMT John Myre wrote: I think that's the deep question to address. How are the requirements for the output of a PRNG (stream cipher) and a hash function different? The two concepts are *very* different. For instance, it is possible to have a secure stream cipher that ignores the first bit of its key, yet this would clearly make a very bad hash function. The security requirements of a hash function seem to be much stronger than the security requirements for stream ciphers. -- From: Roger Schlafly [EMAIL PROTECTED] Subject: Re: PRNG question from newbie Date: Wed, 16 May 2001 20:39:05 GMT David Wagner [EMAIL PROTECTED] wrote in message news:9dut88$qgh$[EMAIL PROTECTED]... John Myre wrote: I think that's the deep question to address. How are the requirements for the output of a PRNG (stream cipher) and a hash function different? The two concepts are *very* different. For instance, it is possible to have a secure stream cipher that ignores the first bit of its key, yet this would clearly make a very bad hash function. The security requirements of a hash function seem to be much stronger than the security requirements for stream ciphers. OTOH, it is possible to have a secure hash function (in the sense that it is one-way and collision-resistant) but where one bit of every output byte is zero. But that would give a very poor stream cipher. -- From: Ichinin [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] Crossposted-To: alt.privacy,alt.security.pgp,alt.security.scramdisk,alt.privacy.anon-server Subject: Re: taking your PC in for repair? WARNING: What will they find? Date: Tue, 15 May 2001 06:46:44 +0200 P.Dulles wrote: SNIP add 12. What does EE do to twart Proxies and remote monitoring software? -- From: P.Dulles *@*.com Crossposted-To: alt.privacy,alt.security.pgp,alt.security.scramdisk,alt.privacy.anon-server Subject: Re: taking your PC in for repair? WARNING: What will they find? Date: Wed, 16 May 2001 18:35:19 -0400 Reply-To: *@*.com In article [EMAIL PROTECTED], [EMAIL PROTECTED] says... : P.Dulles wrote: : SNIP : : add : : 12. What does EE do to twart Proxies and remote monitoring software? : Excellent point. But they won't answer. I also forgot to mention that a trojan could also be installed on your system by your boss or the police, and they can retrieve all files that way. -- Loki Joan of Arc heard voices too! -- From
Cryptography-Digest Digest #369
Cryptography-Digest Digest #369, Volume #13 Wed, 20 Dec 00 11:13:02 EST Contents: Re: Q: Result of an old thread? (Walter Hofmann) Re: Q: Result of an old thread? (Walter Hofmann) Re: In =?ISO-8859-1?Q?today=B4s?= paper I read how Cuban (Tony L. Svanstrom) Re: Encrypting messages in images?? ([EMAIL PROTECTED]) Re: Visual Basic Source Code ([EMAIL PROTECTED]) Re: SMS security over various networks? (Robert Harley) Re: Homebrew Block Cipher: Moonshine (Tim Tyler) Re: does CA need the proof of acceptance of key binding ? ([EMAIL PROTECTED]) Re: does CA need the proof of acceptance of key binding ? ([EMAIL PROTECTED]) Re: hash function for public key digital signature : one way? ([EMAIL PROTECTED]) Re: does CA need the proof of acceptance of key binding ? (Anne Lynn Wheeler) Re: SMS security over various networks? (Mark Currie) Re: SMS security over various networks? (Mark Currie) looking for cipher algorithms' comparison ("maciek") cipher algorithms once again... ("maciek") From: [EMAIL PROTECTED] (Walter Hofmann) Subject: Re: Q: Result of an old thread? Date: Wed, 20 Dec 2000 12:16:02 +0100 On Mon, 18 Dec 2000 22:45:44 +0100, Mok-Kong Shen [EMAIL PROTECTED] wrote: Let me quote a previous follow-up of yours to be sure that I understand you: So you can change the coefficiants of AS by a sufficiently small epsilon0 to get an invertible matrix, then you can calculate (AS')^-1. Go on to calculate B'=(AS')^-1.ASB then S(epsilon)=SB.B'^-1. In the limit epsilon-0 the matrix S(epsilon) will converge to S as all operations involved are continuous. You defined B'=(AS')^-1.ASB. But ASB is singular, so B' can't be inverted. Or do you want to apply the epsilon to ASB also? Now I see what you mean: You cannot invert B' here because I put another factor of S in it. It's probably the best to compute things the other way round, otherwise one would need two epsilons: Change ASB to ASB' which is within an epsilon of ASB. Then you can calculate B'^-1 = ASB'^-1 . AS S = SB . B'^-1 and do the limit process as described above. Is this OK with you now? Walter -- From: [EMAIL PROTECTED] (Walter Hofmann) Subject: Re: Q: Result of an old thread? Date: Wed, 20 Dec 2000 12:18:21 +0100 On Tue, 19 Dec 2000 01:31:16 +0100, Manuel Pancorbo [EMAIL PROTECTED] wrote: "Walter Hofmann" You don't need p,q to do any of the computations above. Alice needs p,q to compute A^-1, because (det A)^-1 mod N is needed. This can easily be done without p and q. Use Euklid's algorithm. Walter -- Crossposted-To: alt.2600,alt.security,comp.security Subject: Re: In =?ISO-8859-1?Q?today=B4s?= paper I read how Cuban From: [EMAIL PROTECTED] (Tony L. Svanstrom) Date: Wed, 20 Dec 2000 12:29:22 GMT Kirby Urner [EMAIL PROTECTED] wrote: Volker Hetzer [EMAIL PROTECTED] wrote: "Markku J. Saarelainen" wrote: This guy, writing under the above pseudonym, floods newsgroups with crap. Check the deja.com archives for alt.politics.cia.org to see what it's like to drown in a sea of garbage. I've got my filters on of course, but he keeps posting from places. I thought about killfiling him a long time ago, but he's way too much fun for that. I think I might print and frame this last posting of his. *L* /Tony -- /\___/\ Who would you like to read your messages today? /\___/\ \_@ @_/ Protect your privacy: http://www.pgpi.com/ \_@ @_/ --oOO-(_)-OOo-oOO-(_)-OOo-- on the verge of frenzy - i think my mask of sanity is about to slip ---ôôô---ôôô---ôôô---ôôô--- \O/ \O/ ©99-00 http://www.svanstrom.com/?ref=news \O/ \O/ -- From: [EMAIL PROTECTED] Crossposted-To: comp.security.misc,alt.2600.hacker,alt.security Subject: Re: Encrypting messages in images?? Date: Wed, 20 Dec 2000 13:08:23 GMT I actually had to do this. Some things were sent to me via USPS to a foreign post, and they got held up in Customs. Customs wanted me to list everything that was there in the local language (not English), and so I had to translate the list. But they gave me the 4th copy, which had *no* visible writing on it. Anyhow, I scanned the copy, then used Adobe PhotoXpress (or something... don't remember the name) to increase the contrast to the point that I could read it. Anyhow, that clearly didn't work, so the next time they just never announced that the shipment had come, and THAT worked. They got my stuff the next time. (Moral: don't ship things via USPS overseas. USPS ships it *to* customs, not *through* customs.) Sent via Deja.com http://www.deja.com/ -- From: [EMAIL PROTECTED] Subject: Re: Visual Basic Source Code Date: Wed, 20 De
Cryptography-Digest Digest #369
Cryptography-Digest Digest #369, Volume #12 Mon, 7 Aug 00 01:13:01 EDT Contents: Re: Secure Operating Systems (Anne Lynn Wheeler) Re: Q: CD (Frank M. Siegert) Re: New William Friedman Crypto Patent (filed in 1933) ("Douglas A. Gwyn") Re: New William Friedman Crypto Patent (filed in 1933) (Bill Unruh) Re: asymmetric encryption for my keycode generator (tomstd) Re: IV for arfour (Benjamin Goldberg) Blowfish source (.c, .h) ([EMAIL PROTECTED]) Authentication over the internet (MJYoung) Re: Secure Operating Systems (Eric Lee Green) Re: Blowfish source (.c, .h) (tomstd) Re: Authentication over the internet (tomstd) Re: Note on text compression (tomstd) Re: New William Friedman Crypto Patent (filed in 1933) ("Steve") Re: OTP using BBS generator? (Terry Ritter) Subject: Re: Secure Operating Systems Reply-To: Anne Lynn Wheeler [EMAIL PROTECTED] From: Anne Lynn Wheeler [EMAIL PROTECTED] Date: Mon, 07 Aug 2000 02:20:35 GMT Eric Lee Green [EMAIL PROTECTED] writes: between hitting the ENTER key and something happening). By comparison, IBM mainframes of the same generation in the same price range (around $6M in 1975 dollars, when that was real money) would support several hundred users with reasonable response times. same bldg. as multics originated ... 545 tech. sq. ... IBM CSC developed CP/67 and vm/370 (as well as the internal network, GML ... precursor to SGML, HTML, early work in capacity planning and performance modeling, misc other things). In '71-'72 time-frame IBM CSC ran nearly 80 users with mix-mode workload (batch, compiles, interactive, etc) having 90th percentile interactive response under second ... on a single processor 360/67 ... i.e. about the same generation machine as GE used by multics for original development. To some extent multics and the cp/67 shared a common heritage to CTSS. Note however, IBM also developed TSS/360 for the 360/67 and early versions had about the same response characteristics for four users as you mentioned for early multics with eight users. vm/370 on 370/168 in the mid-70s would typically support several hundred users. vm/370s implementation of isolation resulted in it be used in a large number of high security installations. random refs: http://www.garlic.com/~lynn/2000.html#1 http://www.garlic.com/~lynn/2000.html#81 http://www.garlic.com/~lynn/2000b.html#77 http://www.garlic.com/~lynn/2000c.html#27 http://www.garlic.com/~lynn/2000c.html#30 multics home page http://www.lilli.com/multics.html see site histories section in the above -- Anne Lynn Wheeler | [EMAIL PROTECTED], [EMAIL PROTECTED] http://www.garlic.com/~lynn/ http://www.adcomsys.net/lynn/ -- From: [EMAIL PROTECTED] (Frank M. Siegert) Subject: Re: Q: CD Date: Mon, 07 Aug 2000 01:22:32 GMT On Sun, 06 Aug 2000 23:08:29 GMT, [EMAIL PROTECTED] wrote: Is this for that CD-one-time-pad topic that came up earlier? Sounds more like a quest for randomness to me. If you only need a one time pad why not simply use an ISO9660 filesystem...? Sure you can get more data on a CD by using the full sector size - no error correction - just like VCDs are doing it for their data track. -- From: "Douglas A. Gwyn" [EMAIL PROTECTED] Subject: Re: New William Friedman Crypto Patent (filed in 1933) Date: Sun, 06 Aug 2000 22:42:40 -0400 Mike Andrews wrote: Even the "CATEGORY 1 - NOT SUBJECT TO AUTOMATIC DOWNGRADING" material? Especially the exempt material. -- From: [EMAIL PROTECTED] (Bill Unruh) Subject: Re: New William Friedman Crypto Patent (filed in 1933) Date: 7 Aug 2000 02:52:25 GMT In [EMAIL PROTECTED] [EMAIL PROTECTED] (wtshaw) writes: ]In article 8mhljp$6r1$[EMAIL PROTECTED], [EMAIL PROTECTED] ](Bill Unruh) wrote: ] In [EMAIL PROTECTED] [EMAIL PROTECTED] ](John Savard) writes: ] ] I thought that the US patent law had recently been ammended to makeing a ] patent valid for 20 years after filing, not the old 17 years after ] issue. Is this correct? This would make this patent outdated before it ] was issued. ]But it would prohibit a competing filing. If all secrets are the basis ]for patents to be obtained as "needed," then all the advances made in ]secret could threaten the success of other advances made in public. It would be an interesting court case, if a secret filing could actually be considered "prior art". Eg, if a company holds a trade secret, and some other company patents it, can that trade secret invalidate the patent? -- Subject: Re: asymmetric encryption for my keycode generator From: tomstd [EMAIL PROTECTED] Date: Sun, 06 Aug 2000 20:04:05 -0700 "eboy" [EMAIL PROTECTED] wrote: I'm a budding shareware author who'd like to code my registration keycode generator to use asymmetric
Cryptography-Digest Digest #369
Cryptography-Digest Digest #369, Volume #11 Mon, 20 Mar 00 09:13:01 EST Contents: Re: generating secure id numbers (Johnny Bravo) Montreya nux real ("Marquesa Reyes") Re: new Echelon article (David A. Wagner) Montreya nux real ("Penn Wright") encryption and decryption with elliptic curve cryptography (kingtim) Re: new Echelon article (Mok-Kong Shen) Re: Card shuffling (Mok-Kong Shen) Download Random Number Generator from Ciphile Software (Anthony Stephen Szopa) Re: Crypto books ("Christoph Moser") Re: encryption and decryption with elliptic curve cryptography ("Tom St Denis") Re: Download Random Number Generator from Ciphile Software ("Tom St Denis") Re: Opinions? (ca314159) Re: Opinions? ([EMAIL PROTECTED]) Re: DES Decryption Problem (Chuah Seong Ping) Re: EOF in cipher??? ("Trevor L. Jackson, III") PC-1, anyone ? (Christoph Weber-Fahr) From: Johnny Bravo [EMAIL PROTECTED] Subject: Re: generating secure id numbers Date: Mon, 20 Mar 2000 01:19:29 -0500 On Sun, 19 Mar 2000 22:51:38 GMT, [EMAIL PROTECTED] wrote: I want to generate a secure id based system containing unique identifiers for people yet generated in such a way that they would be particularly difficult to guess. Depends on what you want them for. If you are thinking of protecting a software product with issued registration numbers, save your time, it won't protect the product more than a couple of days anyway so there is no sense in killing yourself debugging a complex method. Can I use a random number generator with a key and hash these to give encrypted id's ??? Would be easy, don't even need random number generator, just hash the user id and use as much of it as you need to keep them separate. -- Best Wishes, Johnny Bravo "The most merciful thing in the world, I think, is the inability of the human mind to correlate all it's contents." - HPL -- From: "Marquesa Reyes" [EMAIL PROTECTED] Subject: Montreya nux real Date: 20 Mar 2000 07:47:55 GMT Nulla ipsit query don marqi ney canne real -- From: [EMAIL PROTECTED] (David A. Wagner) Subject: Re: new Echelon article Date: 19 Mar 2000 23:12:10 -0800 In article [EMAIL PROTECTED], Douglas A. Gwyn [EMAIL PROTECTED] wrote: Do you actually know what NSA suggested during the cellular telephone proposal comment period? I know that people from my own organization testified about the utter lack of security, and the *FCC* (not NSA) didn't want to hear about it. No, but I'd love to have my impressions proven wrong. Do you have a reference you can point me to? And, help me out here: how did the FCC enter into the equation? I was thinking of the NSA's involvement in the CTIA AHAG, and its effect on the security of the standard. Are you suggesting the NSA representatives actively worked to improve the security of the standards? -- From: "Penn Wright" [EMAIL PROTECTED] Subject: Montreya nux real Date: 20 Mar 2000 07:52:10 GMT Nulla ipsit query don marqi ney canne real Tantra deva mar non kiplat -- From: kingtim [EMAIL PROTECTED] Subject: encryption and decryption with elliptic curve cryptography Date: Mon, 20 Mar 2000 15:51:15 -0800 Please tell me simply how to do encryption and decryption with elliptic curve cryptography. and any web site about this topic. thanks kingtim -- From: Mok-Kong Shen [EMAIL PROTECTED] Subject: Re: new Echelon article Date: Mon, 20 Mar 2000 10:38:22 +0100 Douglas A. Gwyn wrote: Mok-Kong Shen wrote: ... German companies may expend money in bribery in foreign (as against national) contracts and have tax deductions too. From what you wrote above, I deduce that this is forbidden by law in the US. Indeed, we have a general principle that assisting someone else in the commission of a crime is a crime in itself. I have some difficulty in interpreting your sentence in the current context. But, anyway, let me stress that whatever are the laws, principles, moral or ethical standards, religious doctrines or prescriptions from school teachers or parents, all these become meaningless if the practice essentially deviates from them. One easily obtains a false feeling, an illusion of reality. And illusions are presumably what part of the politicians like the common people to entertain in order to help them to continue to be in power. I am certainly not saying that we should do away with laws, etc. Only a fool would have such thoughts. But we should pay great attention to deviations from what is beautifully written in the documents or sweetly proclaimed in the public and try, if possible, to eliminate or limit such deviations from the ideal. This is so simple and shouldn't worth any mentio
Cryptography-Digest Digest #369
Cryptography-Digest Digest #369, Volume #10 Wed, 6 Oct 99 20:13:03 EDT Contents: Re: rc5-128 cracking $20 per letter (Tom St Denis) Re: rc5-128 cracking $20 per letter (Tom St Denis) Re: rc5-128 cracking $20 per letter (Tom St Denis) Re: Exclusive Or (XOR) Knapsacks ([EMAIL PROTECTED]) Re: Which encryption for jpeg compressed pictures? (jerome) books about elliptic curves (jerome) Re: DES breaker Technique? (jerome) Re: classifying algorithms (jerome) Re: radioactive random number generator ("John E. Kuslich") Re: Which encryption for jpeg compressed pictures? (Paul Koning) Re: There could be *some* truth to it (Dan Day) Re: radioactive random number generator ("John E. Kuslich") Re: radioactive random number generator ("John E. Kuslich") Re: Which encryption for jpeg compressed pictures? (fungus) Re: True Random numbers (fungus) Block encryption with variable keys (Mok-Kong Shen) Re: Block encryption with variable keys (John Savard) Re: Is 128 bits safe in the (far) future? (John Savard) From: Tom St Denis [EMAIL PROTECTED] Subject: Re: rc5-128 cracking $20 per letter Date: Wed, 06 Oct 1999 19:28:58 GMT In article [EMAIL PROTECTED], [EMAIL PROTECTED] (John Savard) wrote: "John A Croll" [EMAIL PROTECTED] wrote, in part: your message is: "sHure sHow me it" in response to Tom St. Denis, who wrote: Ok decrypt this 1602d701fa1ac1ad Unfortunately, this message is only eight bytes long, and your decryption is 16 bytes long. S... don't tell him that. Tom Sent via Deja.com http://www.deja.com/ Before you buy. -- From: Tom St Denis [EMAIL PROTECTED] Subject: Re: rc5-128 cracking $20 per letter Date: Wed, 06 Oct 1999 19:30:28 GMT Ok if you destroyed RC5 what is the message I sent? You got it wrong in your other post. Tom In article 7tg499$igt$[EMAIL PROTECTED], "John A Croll" [EMAIL PROTECTED] wrote: rc5 has a wide open back door for the feds and i found it. i think they should give me the rsa prize money because i destroyed rc5 as a viable product. Sent via Deja.com http://www.deja.com/ Before you buy. -- From: Tom St Denis [EMAIL PROTECTED] Subject: Re: rc5-128 cracking $20 per letter Date: Wed, 06 Oct 1999 19:32:25 GMT In article 7tg16g$8q3$[EMAIL PROTECTED], "John A Croll" [EMAIL PROTECTED] wrote: your message is: "sHure sHow me it" you owe me 320 bucks! you may remit payment to: richard lee king jr. p.o.box 236 st.bernice, in. 47875-0236 phone: 765-832-2557 you need to buy better security. First off you got the message wrong, second the message is only 8 ascii chars not 16. Third I did not buy RC5, I took the RSAREF code, thru in a main() and gave you the ciphertext. If you think I am making this up, just admit defeat and I will give you the key that will decrypt it. Tom Sent via Deja.com http://www.deja.com/ Before you buy. -- From: [EMAIL PROTECTED] Subject: Re: Exclusive Or (XOR) Knapsacks Date: Wed, 06 Oct 1999 19:35:41 GMT [EMAIL PROTECTED] (Guenther Brunthaler) wrote: Matt Timmermans" wrote: Let me just make up an example: ... 3rd bit 1010 = B1 0101 = B2 0011 = B1+B3 0010 = B1+B4 +B2 ... So, for any 4 bit X... Looks very interesting! But could you please explain your approach in more detail? You can find Gaussian elimination in any linear algebra text. Also, is it coincidence that in your example there are B1..B4 and also 4 bits in X? Not a coincidence. The question was: | Problem: | Given an n bit number X and a set {B1,B2,...,Bn} | of n bit numbers;is there a subset whose elements | collectively XORed give X? Perhaps you could outine your example for the following (1-bit) setup: X=1, B1 = 0, B2 = 0, B3 = 0, B4 = 1, B5 = 1, B6 = 1 and the size of the requested subset shall be 3. This fails to be an example of the stated problem. [...] I really would be interested how any equation system could help find some specific calculated solution, as there may be any number of solutions! Again, a linear algebra text will explain. If any subset of the vectors xors to zero, then that subset can be xored into any solution to produce another solution, and all solutions may be produced this way. Genetic algorithms? Backtracking? P?=NP? Nonsense - it's a simple linear algebra problem. --Bryan Sent via Deja.com http://www.deja.com/ Before you buy. -- From: [EMAIL PROTECTED] (jerome) Crossposted-To: comp.security.misc,comp.graphics.algorithms,comp.compression Subject: Re: Which encryption for jpeg compressed pictures? Reply-To: [EMAIL PROTECTED] Date: Wed, 06 Oct 1999 17:05:38 GMT On Wed, 06 Oct 1999 07:53:40 -0700, Samuel Paik wrote: One of the public key systems is about to fall