Cryptography-Digest Digest #372
Cryptography-Digest Digest #372, Volume #14 Thu, 17 May 01 12:13:00 EDT Contents: Re: Evidence Eliminator works great. Beware anybody who claims it doesn't work (propaganda) (Justin L.) Re: 3x4 grid of triangular numbers (Jeffrey Shallit) Re: ON-topic - UK crime statistics (was Re: Best, Strongest Algorithm) ([EMAIL PROTECTED]) Re: Best, Strongest Algorithm (SCOTT19U.ZIP_GUY) Re: new cipher (Jakob Jonsson) Re: A simple encryption algorithm based on OTP (Michael Will) Re: function decomposition (Yaniv Sapir) Choosing algorithms (Panu Hämäläinen) Re: new cipher (jlcooke) Re: Evidence Eliminator works great. Beware anybody who claims it doesn't work (propaganda) (Nomen Nescio) Re: Kernaugh maps (try #2) (jlcooke) . . . SafeDebit (NYCE) - Snake Oil or Real ??? (Spam-o-Cide) Re: . . . SafeDebit (NYCE) - Snake Oil or Real ??? (SCOTT19U.ZIP_GUY) Truncation (Charles Nicol) Re: PRNG question from newbie (Scott Fluhrer) Re: taking your PC in for repair? WARNING: What will they find? (Omnivore) PGP details (Harris Georgiou) What about SDD? (Harris Georgiou) Re: Crypto web-page (Joseph Ashwood) From: [EMAIL PROTECTED] (Justin L.) Crossposted-To: alt.privacy,alt.security.pgp,alt.security.scramdisk,alt.privacy.anon-server Subject: Re: Evidence Eliminator works great. Beware anybody who claims it doesn't work (propaganda) Date: Thu, 17 May 2001 11:21:42 GMT =BEGIN PGP SIGNED MESSAGE= Hash: SHA1 On Wed, 16 May 2001 04:33:03 GMT, Ken D. [EMAIL PROTECTED] wrote: Beretta wrote: On Tue, 15 May 2001 22:33:36 +0100, in alt.security.pgp you wrote: By now you will have witnessed the mass hysteria about Evidence Eliminator. snip V3.1 - Name: Snacker Serial: 1234567890-84E21262 V3.1 - Name: Snacker\MiSSiON Serial: 1234567890-0001EDC79005 V4.0 - Name: Snacker\MiSSiON Serial: 1234567890-0001EDC79005 V4.5 - Name: Hazard , Serial: Hazard-63515895 V5.0 - Code: EE10-4414D012 (also allows upgrades) You fags keep spamming, and I keep posting serial numbers to your software i hope these keys invoke their 'protection code'. i need a working example of that 'protection' to write my EE danger demonstration program. If it did just delete files when it detected an illegal serial number, you could simulate it with del filename :-) (right?) =BEGIN PGP SIGNATURE= Version: PGPfreeware 7.0.3 for non-commercial use http://www.pgp.com iQA/AwUBOwO0Qf6AiUVpv4j7EQKljgCg/lzPzIz5tfPcw85anJkLybz78DwAnRms e7pQecZppDngWtiSCT+LrHhq =iv9s =END PGP SIGNATURE= -- From: [EMAIL PROTECTED] (Jeffrey Shallit) Crossposted-To: rec.puzzles,alt.math.recreational,sci.math Subject: Re: 3x4 grid of triangular numbers Date: 17 May 2001 11:40:24 GMT In article [EMAIL PROTECTED], Benjamin Goldberg [EMAIL PROTECTED] wrote: Fred W. Helenius wrote: Benjamin Goldberg [EMAIL PROTECTED] wrote: Could someone direct me to Gau_'s proof that any number can be decomposed into the sum of 3 triangular numbers? Section V of his _Disquisitiones Arithmeticae_. The theorem is stated and proved in article 293, but the proof depends upon the preceding theory; that is, the theory of quadratic forms that he develops in the preceding 200+ pages. Uck. Is there any *simple* proof for this? And, how hard is it to decompose an arbitrary large number? In my paper with Rabin, ``Randomized algorithms in number theory'', Commun. Pure and Appl. Math. 39 (1986), S239-S256, I gave two algorithms to express a number n as a sum of three triangular numbers, when this is possible. The first works when 8n+3 is a prime, and runs in random polynomial time. The second works for arbitrary numbers, and runs in random polynomial time provided a reasonable conjecture about the distribution of primes is true. Jeffrey Shallit, Computer Science, University of Waterloo, Waterloo, Ontario N2L 3G1 Canada [EMAIL PROTECTED] URL = http://www.math.uwaterloo.ca/~shallit/ -- Subject: Re: ON-topic - UK crime statistics (was Re: Best, Strongest Algorithm) From: [EMAIL PROTECTED] Date: 17 May 2001 08:12:36 -0400 Trevor L. Jackson, III [EMAIL PROTECTED] writes: [EMAIL PROTECTED] wrote: Correlation between BE rates and rate of concealed carry permits, for one thing. Prison interviews are quite convincing. The single universal fear theives have it not of being caught by the police, who have rules to follow, but of being caught by an armed citizen... True! Colin Ferguson, who shot up a Long Island subway, actually bought his gun in CA with a fifteen-day waiting period. When asked why he chose Long Island as the venue for his shooting spree, he answered (approximate quote), ``I was confident nobody in Long Island would be shooting back.'' He stopped twice to reload before three men mustered the courage
Cryptography-Digest Digest #372
Cryptography-Digest Digest #372, Volume #13 Thu, 21 Dec 00 00:13:01 EST Contents: Re: cipher algorithms once again... (Bryan Olson) Re: Array shuffling ("Matt Timmermans") Re: hash function for public key digital signature : one way? (Bryan Olson) All irreducible polys of degree 32 over GF(2) ("Matt Timmermans") Re: All irreducible polys of degree 32 over GF(2) (Scott Contini) From: Bryan Olson [EMAIL PROTECTED] Subject: Re: cipher algorithms once again... Date: Thu, 21 Dec 2000 02:14:21 GMT maciek wrote: So there are two groups which are pratically used these days: block and stream ciphers, am I right? In a sense, yes that's right. On the other hand, the distinction between block and stream ciphers is relatively unimportant compared to public-key versus secret-key ciphers. Secret key block ciphers are generally combined with some "mode" such as cipher block chaining. The combination is actually a stream cipher (though definitions vary). --Bryan Sent via Deja.com http://www.deja.com/ -- From: "Matt Timmermans" [EMAIL PROTECTED] Subject: Re: Array shuffling Date: Thu, 21 Dec 2000 02:22:56 GMT "Benjamin Goldberg" [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]... If I convert the output of rand() into a float in the range [0,1), by dividing by (float)(116), the values will have quite decent statistics. You would think so, but I've been burnt by these RNGs lots of times before, e.g., I've noticed significant visual artifacts when generating graphic effects like Perlin noise using the most significant bits like you do above. I wouldn't even think of using one of these for real statistical or simulation work. You can pass the output from one of these generators through the DIEHARD test suite to see just how badly it does. These days, when I need a quick RNG that isn't obviously non-random, I'll use one of these generators, and then calculate the CRC of the output. When I want to do accurate random simulations, I'll use a block cipher in CTR mode -- I know you already have some of these around, right? -- From: Bryan Olson [EMAIL PROTECTED] Subject: Re: hash function for public key digital signature : one way? Date: Thu, 21 Dec 2000 02:57:33 GMT [EMAIL PROTECTED] wrote: In current establish cryptographic hash algorithms like MD5, SHA- 1..., does their one-way property impose extra computational load compared to their design that is only collision free? No. Of the three security properties usually stated for cryptographic hashes (pre-image resistant, second pre-image resistant , collision resistant) collision resistance is the hardest to achieve. It implies second pre-image resistance, and the only collision resistant but not pre-image resistant hashes are those contrived to exhibit the property. In my project, I use SHA-1 to hash a message to be signed, then send the signed message digest and plaintext as digital signature. I think the one-way property is not neccessary for the hash function in my project. I don't know about the needs of your project but there is cause to require the one-way property. Most signature standards, including DSA and PKCS-1 version 1.5, need pre-image resistance to avoid "existential forgery". If the hash is not one-way, an attacker can exhibit a message and a legal signature even though the holder of the private key never signed that message. Such a message is normally not meaningful; it was found as the pre-image of a digest, and in the case of DSA the attacker can't even control the digest. --Bryan Sent via Deja.com http://www.deja.com/ -- From: "Matt Timmermans" [EMAIL PROTECTED] Subject: All irreducible polys of degree 32 over GF(2) Date: Thu, 21 Dec 2000 03:10:55 GMT Note first: I've been on vacation -- sorry to all those I couldn't finish arguing with, and thanks to all those who finished my arguments better than I would have. To business, then: I'm looking for a list of all irreducible polynomials of degree 32 with coefficients in GF(2). I've written a program to generate them, but I'd rather not have my computer tied up for the week it would take to generate them all. Does such a list exist elsewhere? = In case you're interested, it's for a program that will use CRT secret sharing to do "unsequenced" transmission over unreliable or distributed channels. For instance: You want a file that you can get from 30 different sources, so you tell them all to start transmitting parts to you. Each one repeatedly does the following: 1) Pick a polynomial at random from the above list 2) calculate the "CRC" of the file using the chosen polynomial 3) transmit the CRC and the polynomial to you. If the file is N words long, then yo
Cryptography-Digest Digest #372
Cryptography-Digest Digest #372, Volume #12 Mon, 7 Aug 00 08:13:01 EDT Contents: Re: asymmetric encryption for my keycode generator (Bob Deblier) Re: asymmetric encryption for my keycode generator ("eboy") Re: asymmetric encryption for my keycode generator ("eboy") Re: Note on text compression (Mok-Kong Shen) Re: Functions that are slow to invert (Mok-Kong Shen) Re: OTP using BBS generator? (Mok-Kong Shen) Re: Let us have Lattice (Mok-Kong Shen) Re: A non-linear extension of the Hill cipher (Mok-Kong Shen) Re: Secure Operating Systems (Mok-Kong Shen) Re: New William Friedman Crypto Patent (filed in 1933) (Mok-Kong Shen) Re: OTP using BBS generator? (Mok-Kong Shen) Re: New William Friedman Crypto Patent (filed in 1933) (Mok-Kong Shen) Discret Logarithm ([EMAIL PROTECTED]) Re: Public-domain Blowfish (Runu Knips) Re: Hashing Algorithms (Runu Knips) SSL in IIS, NES ("jerry") Looking for a *different* type of cipher... (RavingCow) Re: Coupon collector's problem ("Artemios G. Voyiatzis") Re: Coupon collector's problem ("Artemios G. Voyiatzis") Re: Let us have Lattice (Tim Tyler) From: Bob Deblier [EMAIL PROTECTED] Subject: Re: asymmetric encryption for my keycode generator Date: Mon, 07 Aug 2000 09:01:42 +0200 eboy wrote: I'm a budding shareware author who'd like to code my registration keycode generator to use asymmetric encryption (like RSA, with private and public keys, but not necessary RSA per se). I figure I shouldn't have to worry about keycode generators popping up on cracker sites within months of release of my product if I can implement this. One shareware FAQ said doing this wasn't that hard a thing to do. (?) Anyway, while I know a little about the math theory behind this encryption, programming it is in another ballpark from where I'm playing. Can anyone point me to some reference that would be helpful for a non-math-genius, non-super-geek programmer to accomplish this? (I have PGP's source code - there isn't enough time in the universe for someone like me to decipher it) (without help). I guess what I'm looking for is a basic programming algorithm (perhaps in pseudocode to just illustrate each step) for encoding and decoding some plain text using the primes, plus some details about how to generate the monster primes themselves. I was thinking I could just use PGP to generate a couple of 2048 bit primes and use those but I can't find a way to get PGP to tell me what *both* primes are when it generates a public and private key pair for me. If anyone can guide me just in this, it would still be a big help... thanks, ed Maybe you can fiddle around a bit with the BeeCrypt cryptography library. It should be easy to build applications with it, it's lightweight (unlike PGP) and it has plenty of the low level primitives for asymmetric encryption - but no RSA though. The documentation is at this time not completed, but the code contains some pointers. Have a peek at the code (you can download it through http://beecrypt.virtualunlimited.com/) and if you have any questions, feel free to contact me through [EMAIL PROTECTED] Sincerely Bob Deblier Virtual Unlimited -- From: "eboy" [EMAIL PROTECTED] Subject: Re: asymmetric encryption for my keycode generator Date: Mon, 7 Aug 2000 00:41:01 -0700 Well if you want to be lame like this just take a hash, modify it slightly. It will still be attackable but will put attackers at bay for a day or two. Tom Huh? I'm being lame for wanting to use asymmetric encryption? If you would have me doing something that was NOT lame, what exactly would you have me doing, Tom? ed If your program is truly usefull people will buy it out of respect not because you thwart them with some stupid copy protection. Be mindful of who you are trying to sell it to and I wish you the best of luck. Tom Oh. You mean I was being lame simply for wanting to use a good software protection. You're saying if I had a good, useful program to offer, I wouldn't need any software protection at all because people wouldn't think of stealing my program if it was truly good enough to generate the proper "respect" in my users. So really, ALL software protection is lame ("stupid") by its very intent: crypto should only be used to ensure free speech and keeping out of big brother's eye. Well, OK. Maybe so. I do agree with you about the respect part. The few software programs I've registered I've done so ONLY because I had real respect for the quality of the programming effort that obviously went into it (labor of love). I don't really know, just starting out in this business, how much a bite out of revenues not having good protection can cost a shareware author, but browsing shareware newsgroups would sugges