Cryptography-Digest Digest #372
Cryptography-Digest Digest #372, Volume #14 Thu, 17 May 01 12:13:00 EDT Contents: Re: Evidence Eliminator works great. Beware anybody who claims it doesn't work (propaganda) (Justin L.) Re: 3x4 grid of triangular numbers (Jeffrey Shallit) Re: ON-topic - UK crime statistics (was Re: Best, Strongest Algorithm) ([EMAIL PROTECTED]) Re: Best, Strongest Algorithm (SCOTT19U.ZIP_GUY) Re: new cipher (Jakob Jonsson) Re: A simple encryption algorithm based on OTP (Michael Will) Re: function decomposition (Yaniv Sapir) Choosing algorithms (Panu Hämäläinen) Re: new cipher (jlcooke) Re: Evidence Eliminator works great. Beware anybody who claims it doesn't work (propaganda) (Nomen Nescio) Re: Kernaugh maps (try #2) (jlcooke) . . . SafeDebit (NYCE) - Snake Oil or Real ??? (Spam-o-Cide) Re: . . . SafeDebit (NYCE) - Snake Oil or Real ??? (SCOTT19U.ZIP_GUY) Truncation (Charles Nicol) Re: PRNG question from newbie (Scott Fluhrer) Re: taking your PC in for repair? WARNING: What will they find? (Omnivore) PGP details (Harris Georgiou) What about SDD? (Harris Georgiou) Re: Crypto web-page (Joseph Ashwood) From: [EMAIL PROTECTED] (Justin L.) Crossposted-To: alt.privacy,alt.security.pgp,alt.security.scramdisk,alt.privacy.anon-server Subject: Re: Evidence Eliminator works great. Beware anybody who claims it doesn't work (propaganda) Date: Thu, 17 May 2001 11:21:42 GMT =BEGIN PGP SIGNED MESSAGE= Hash: SHA1 On Wed, 16 May 2001 04:33:03 GMT, Ken D. [EMAIL PROTECTED] wrote: Beretta wrote: On Tue, 15 May 2001 22:33:36 +0100, in alt.security.pgp you wrote: By now you will have witnessed the mass hysteria about Evidence Eliminator. snip V3.1 - Name: Snacker Serial: 1234567890-84E21262 V3.1 - Name: Snacker\MiSSiON Serial: 1234567890-0001EDC79005 V4.0 - Name: Snacker\MiSSiON Serial: 1234567890-0001EDC79005 V4.5 - Name: Hazard , Serial: Hazard-63515895 V5.0 - Code: EE10-4414D012 (also allows upgrades) You fags keep spamming, and I keep posting serial numbers to your software i hope these keys invoke their 'protection code'. i need a working example of that 'protection' to write my EE danger demonstration program. If it did just delete files when it detected an illegal serial number, you could simulate it with del filename :-) (right?) =BEGIN PGP SIGNATURE= Version: PGPfreeware 7.0.3 for non-commercial use http://www.pgp.com iQA/AwUBOwO0Qf6AiUVpv4j7EQKljgCg/lzPzIz5tfPcw85anJkLybz78DwAnRms e7pQecZppDngWtiSCT+LrHhq =iv9s =END PGP SIGNATURE= -- From: [EMAIL PROTECTED] (Jeffrey Shallit) Crossposted-To: rec.puzzles,alt.math.recreational,sci.math Subject: Re: 3x4 grid of triangular numbers Date: 17 May 2001 11:40:24 GMT In article [EMAIL PROTECTED], Benjamin Goldberg [EMAIL PROTECTED] wrote: Fred W. Helenius wrote: Benjamin Goldberg [EMAIL PROTECTED] wrote: Could someone direct me to Gau_'s proof that any number can be decomposed into the sum of 3 triangular numbers? Section V of his _Disquisitiones Arithmeticae_. The theorem is stated and proved in article 293, but the proof depends upon the preceding theory; that is, the theory of quadratic forms that he develops in the preceding 200+ pages. Uck. Is there any *simple* proof for this? And, how hard is it to decompose an arbitrary large number? In my paper with Rabin, ``Randomized algorithms in number theory'', Commun. Pure and Appl. Math. 39 (1986), S239-S256, I gave two algorithms to express a number n as a sum of three triangular numbers, when this is possible. The first works when 8n+3 is a prime, and runs in random polynomial time. The second works for arbitrary numbers, and runs in random polynomial time provided a reasonable conjecture about the distribution of primes is true. Jeffrey Shallit, Computer Science, University of Waterloo, Waterloo, Ontario N2L 3G1 Canada [EMAIL PROTECTED] URL = http://www.math.uwaterloo.ca/~shallit/ -- Subject: Re: ON-topic - UK crime statistics (was Re: Best, Strongest Algorithm) From: [EMAIL PROTECTED] Date: 17 May 2001 08:12:36 -0400 Trevor L. Jackson, III [EMAIL PROTECTED] writes: [EMAIL PROTECTED] wrote: Correlation between BE rates and rate of concealed carry permits, for one thing. Prison interviews are quite convincing. The single universal fear theives have it not of being caught by the police, who have rules to follow, but of being caught by an armed citizen... True! Colin Ferguson, who shot up a Long Island subway, actually bought his gun in CA with a fifteen-day waiting period. When asked why he chose Long Island as the venue for his shooting spree, he answered (approximate quote), ``I was confident nobody in Long Island would be shooting back.'' He stopped twice to reload before three men mustered the courage
Cryptography-Digest Digest #372
Cryptography-Digest Digest #372, Volume #13 Thu, 21 Dec 00 00:13:01 EST
Contents:
Re: cipher algorithms once again... (Bryan Olson)
Re: Array shuffling ("Matt Timmermans")
Re: hash function for public key digital signature : one way? (Bryan Olson)
All irreducible polys of degree 32 over GF(2) ("Matt Timmermans")
Re: All irreducible polys of degree 32 over GF(2) (Scott Contini)
From: Bryan Olson [EMAIL PROTECTED]
Subject: Re: cipher algorithms once again...
Date: Thu, 21 Dec 2000 02:14:21 GMT
maciek wrote:
So there are two groups which are pratically used these
days: block and stream ciphers, am I right?
In a sense, yes that's right. On the other hand, the
distinction between block and stream ciphers is relatively
unimportant compared to public-key versus secret-key
ciphers.
Secret key block ciphers are generally combined with some
"mode" such as cipher block chaining. The combination is
actually a stream cipher (though definitions vary).
--Bryan
Sent via Deja.com
http://www.deja.com/
--
From: "Matt Timmermans" [EMAIL PROTECTED]
Subject: Re: Array shuffling
Date: Thu, 21 Dec 2000 02:22:56 GMT
"Benjamin Goldberg" [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]...
If I convert the output of rand() into a float in the range [0,1), by
dividing by (float)(116), the values will have quite decent
statistics.
You would think so, but I've been burnt by these RNGs lots of times before,
e.g., I've noticed significant visual artifacts when generating graphic
effects like Perlin noise using the most significant bits like you do above.
I wouldn't even think of using one of these for real statistical or
simulation work.
You can pass the output from one of these generators through the DIEHARD
test suite to see just how badly it does. These days, when I need a quick
RNG that isn't obviously non-random, I'll use one of these generators, and
then calculate the CRC of the output. When I want to do accurate random
simulations, I'll use a block cipher in CTR mode -- I know you already have
some of these around, right?
--
From: Bryan Olson [EMAIL PROTECTED]
Subject: Re: hash function for public key digital signature : one way?
Date: Thu, 21 Dec 2000 02:57:33 GMT
[EMAIL PROTECTED] wrote:
In current establish cryptographic hash algorithms like MD5, SHA-
1..., does their one-way property impose extra computational load
compared to their design that is only collision free?
No. Of the three security properties usually stated for
cryptographic hashes (pre-image resistant, second pre-image
resistant , collision resistant) collision resistance is the
hardest to achieve. It implies second pre-image resistance,
and the only collision resistant but not pre-image resistant
hashes are those contrived to exhibit the property.
In my project, I use SHA-1 to hash a message to be signed, then send
the signed message digest and plaintext as digital signature. I think
the one-way property is not neccessary for the hash function in my
project.
I don't know about the needs of your project but there is
cause to require the one-way property.
Most signature standards, including DSA and PKCS-1 version
1.5, need pre-image resistance to avoid "existential
forgery". If the hash is not one-way, an attacker can
exhibit a message and a legal signature even though the
holder of the private key never signed that message. Such a
message is normally not meaningful; it was found as the
pre-image of a digest, and in the case of DSA the attacker
can't even control the digest.
--Bryan
Sent via Deja.com
http://www.deja.com/
--
From: "Matt Timmermans" [EMAIL PROTECTED]
Subject: All irreducible polys of degree 32 over GF(2)
Date: Thu, 21 Dec 2000 03:10:55 GMT
Note first: I've been on vacation -- sorry to all those I couldn't finish
arguing with, and thanks to all those who finished my arguments better than
I would have.
To business, then:
I'm looking for a list of all irreducible polynomials of degree 32 with
coefficients in GF(2). I've written a program to generate them, but I'd
rather not have my computer tied up for the week it would take to generate
them all. Does such a list exist elsewhere?
=
In case you're interested, it's for a program that will use CRT secret
sharing to do "unsequenced" transmission over unreliable or distributed
channels. For instance:
You want a file that you can get from 30 different sources, so you tell them
all to start transmitting parts to you. Each one repeatedly does the
following:
1) Pick a polynomial at random from the above list
2) calculate the "CRC" of the file using the chosen polynomial
3) transmit the CRC and the polynomial to you.
If the file is N words long, then yo
Cryptography-Digest Digest #372
Cryptography-Digest Digest #372, Volume #12 Mon, 7 Aug 00 08:13:01 EDT
Contents:
Re: asymmetric encryption for my keycode generator (Bob Deblier)
Re: asymmetric encryption for my keycode generator ("eboy")
Re: asymmetric encryption for my keycode generator ("eboy")
Re: Note on text compression (Mok-Kong Shen)
Re: Functions that are slow to invert (Mok-Kong Shen)
Re: OTP using BBS generator? (Mok-Kong Shen)
Re: Let us have Lattice (Mok-Kong Shen)
Re: A non-linear extension of the Hill cipher (Mok-Kong Shen)
Re: Secure Operating Systems (Mok-Kong Shen)
Re: New William Friedman Crypto Patent (filed in 1933) (Mok-Kong Shen)
Re: OTP using BBS generator? (Mok-Kong Shen)
Re: New William Friedman Crypto Patent (filed in 1933) (Mok-Kong Shen)
Discret Logarithm ([EMAIL PROTECTED])
Re: Public-domain Blowfish (Runu Knips)
Re: Hashing Algorithms (Runu Knips)
SSL in IIS, NES ("jerry")
Looking for a *different* type of cipher... (RavingCow)
Re: Coupon collector's problem ("Artemios G. Voyiatzis")
Re: Coupon collector's problem ("Artemios G. Voyiatzis")
Re: Let us have Lattice (Tim Tyler)
From: Bob Deblier [EMAIL PROTECTED]
Subject: Re: asymmetric encryption for my keycode generator
Date: Mon, 07 Aug 2000 09:01:42 +0200
eboy wrote:
I'm a budding shareware author who'd like to code my registration
keycode generator to use asymmetric encryption (like RSA, with private
and public keys, but not necessary RSA per se). I figure I shouldn't
have to worry about keycode generators popping up on cracker sites
within months of release of my product if I can implement this. One
shareware FAQ said doing this wasn't that hard a thing to do. (?)
Anyway, while I know a little about the math theory behind this
encryption, programming it is in another ballpark from where I'm
playing. Can anyone point me to some reference that would be helpful for
a non-math-genius, non-super-geek programmer to accomplish this? (I have
PGP's source code - there isn't enough time in the universe for someone
like me to decipher it) (without help).
I guess what I'm looking for is a basic programming algorithm (perhaps
in pseudocode to just illustrate each step) for encoding and decoding
some plain text using the primes, plus some details about how to
generate the monster primes themselves. I was thinking I could just use
PGP to generate a couple of 2048 bit primes and use those but I can't
find a way to get PGP to tell me what *both* primes are when it
generates a public and private key pair for me. If anyone can guide me
just in this, it would still be a big help...
thanks,
ed
Maybe you can fiddle around a bit with the BeeCrypt cryptography library.
It should be easy to build applications with it, it's lightweight (unlike
PGP) and it has plenty of the low level primitives for asymmetric
encryption - but no RSA though. The documentation is at this time not
completed, but the code contains some pointers.
Have a peek at the code (you can download it through
http://beecrypt.virtualunlimited.com/) and if you have any questions, feel
free to contact me through [EMAIL PROTECTED]
Sincerely
Bob Deblier
Virtual Unlimited
--
From: "eboy" [EMAIL PROTECTED]
Subject: Re: asymmetric encryption for my keycode generator
Date: Mon, 7 Aug 2000 00:41:01 -0700
Well if you want to be lame like this just take a hash,
modify it slightly. It will still be attackable but will
put attackers at bay for a day or two.
Tom
Huh? I'm being lame for wanting to use asymmetric encryption?
If you would have me doing something that was NOT lame, what
exactly would you have me doing, Tom?
ed
If your program is truly usefull people will buy it out of
respect not because you thwart them with some stupid copy
protection.
Be mindful of who you are trying to sell it to and I wish you
the best of luck.
Tom
Oh. You mean I was being lame simply for wanting to use a good software
protection. You're saying if I had a good, useful program to offer, I
wouldn't need any software protection at all because people wouldn't
think of stealing my program if it was truly good enough to generate the
proper "respect" in my users. So really, ALL software protection is lame
("stupid") by its very intent: crypto should only be used to ensure free
speech and keeping out of big brother's eye.
Well, OK. Maybe so. I do agree with you about the respect part. The few
software programs I've registered I've done so ONLY because I had real
respect for the quality of the programming effort that obviously went
into it (labor of love). I don't really know, just starting out in this
business, how much a bite out of revenues not having good protection can
cost a shareware author, but browsing shareware newsgroups would sugges
