Cryptography-Digest Digest #787, Volume #8 Tue, 22 Dec 98 18:13:03 EST
Contents:
Re: On living with the 56-bit key length restriction (Mok-Kong Shen)
Re: Encryption Basics (A C Wilshere)
Re: On living with the 56-bit key length restriction ([EMAIL PROTECTED])
Re: Meet in the middle attack? (John Savard)
Oh, no! (No, the cryptography part of my web site will continue to be updated...)
(John Savard)
Re: On living with the 56-bit key length restriction (wtshaw)
Re: Conway's Game of Life (James Pate Williams, Jr.)
Re: Checkers Learning Program (James Pate Williams, Jr.)
----------------------------------------------------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto
Subject: Re: On living with the 56-bit key length restriction
Date: Tue, 22 Dec 1998 19:21:25 +0100
Lincoln Yeoh wrote:
> Ah, but that wouldn't be the point. I'd like to repeat the point (for
> emphasis) that the crypto export law is silly, and the official reasoning
> is flawed- e.g. the law is supposedly to prevent criminals/terrorists from
> getting their hands on 128 bit crypto. So by definition law abiding people
> won't push the button if it's illegal for them to access it.
If it makes fun for you to let people to comtemplate whether it
is proper to push buttons (instead of freeing them from such a
task from the very beginning), then go ahead.
>
> I don't. I just look at the executables with hiew, and scan em with a virus
> scanner. I only give a brief look at the source code. So far I have never
> got a virus from the Net. It usually pays not to be the first one to
> download things, let other people test things out first.
I simply pointed out a possible problem affecting people downloading
from any site, including yours.
M. K. Shen
------------------------------
From: A C Wilshere <[EMAIL PROTECTED]>
Subject: Re: Encryption Basics
Date: Tue, 22 Dec 1998 20:53:15 GMT
Sorry, yes I am using w95, and ScramDisk sounds like the main thing I
am looking for.
> You don't mention the OS you use. If it is Windows 95 / 98 then I recommend
> ScramDisk, a disk container and partition encryptor.
> It supports industry standard ciphers (blowfish, IDEA, 3DES etc) and is free
> (with source code!). Anyway, the URL is in my SIG.
All questions refer to scramdisk.
FREE, sounds good already, especially to a Yorkshireman, (no, its not
true that Yorkshiremen are tight) ;-)
If I used either cd-r's or cd rw to store encrypted files, there
would be a temporary folder (drive?) created on my hard drive to read
the files yes/no
Must I create a partition especially for encryption purposes, or can
I encrypt individual files/folders
Can I still encrypt only SELECTED cds I write, (I do not have to
encrypt every cd) yes/no
I notice that several Ciphers can be used, do these need to be
downloaded separately to the Scramdisk program.
Does this mean I can switch and change ciphers.
Thanks for all your help so far
Allan
PS Sorry about all the questions, I did an Open University course
this year, and it covered the basics (VERY basic theory) of
encryption as part of secure IT commerce and communications.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: On living with the 56-bit key length restriction
Date: Tue, 22 Dec 1998 21:01:47 +0100
Mok-Kong Shen wrote:
>
> [EMAIL PROTECTED] wrote:
> >
>
> > > If nobody is able to control export, why does there exist export
> > > regulations as such and why does there exist authorities whose
> > > duty it is to exercise such controls?? (Or why did the government
> > > officials take the trouble to agree on export controls?)
> > > ...
> >
> > It is impossible to control algorithms, but it is possible to control the
> > export of software.
> >
> > US law allows to export algorithms as long as they aren't in
> > mashine-readable form while the export of cryptographic software isn't
> > allowed.
>
> In the present context we are discussing export of hardware/software.
> It is these that are handled by the Wassenaar agreement. The officials
> evidently suppose that the other countries are technically so weak
> that they are unable to develop hardware/software from description
> of cryptos.
I don't think so. The main target of this law are neither countries nor
well organised criminals. This law allows to control telecommunication:
People have to use standard software if they want to stay in contact
with others. This software is protected by different copyrights so it
can't be changed without breaking laws. By keeping the huge companies
from exporting strong crypto it is possible to keep people from
encrypting the normal correspondence and to detect encrypted data
streams.
> BTW, I am yet ignorant of whether it is without problems
> in US to put a pure but strong crypto algorithm on the Web.
>
Skipjack was published this way :)
> >
> > It's quite a hard job to change a module without knowledge of the sources
> > of the program.
>
> It is an engineering problem, like to have bolts and nuts that have
> to fit. It can be done with proper software engineering.
>
Not only: You'll have to break or bend laws to reverse engineer
commercial programs, but this may be neccessary to replace modules with
undocumented interfaces. Many programs are testing libraries before
using them, so it may be neccessary to break the self-test algorithms of
these programs or to rewrite large partes of these programs.
At least you'll have to replace copyright-protected parts of these
programs.
Because of that you'll have to decide either to use weak algorithms or
to break laws.
Again: This law doesn't stop criminals but it keeps others from
protecting their data.
It makes industrial espionage simpler and it allows to spy out people
that don't want to break the laws.
> > > > This doesn't work for real-time communication or in cases where it is
> > > > impossible to add communication channels.
> > >
> > > Haven't you perpaps heard of the related subject of spread spectrum
> > > transmissions? The availability of channels is a resource problem.
> > > You may have that or may not. Why should there be 'impossibility'?
> > >
> >
> > Try to use spread spectrum in a phone wire or when transmitting data via
> > internet.
>
> Spread spectrum was used in this context to show you that one can
> usually get more than one channel, nothing more nor less.
>
And the internet is an example that shows that the generation of
channels is not only a problem of engineering but as well of the amount
of money one is able to pay for the neccessary infrastructure.
Most of our communication uses one of the networks - inernet, the
networks of telecommunicatino companies and so on.
I'm using only two or three lines for almost all of my telecommunication
and I wouldn't be able to add another one that would allow me to reach
most of my partners without spending too much time or money.
> M. K. Shen
Andreas Enterrottacher
[EMAIL PROTECTED]
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Meet in the middle attack?
Date: Tue, 22 Dec 1998 21:24:38 GMT
Gramps <[EMAIL PROTECTED]> wrote, in part:
>What is a meet in the middle attack? I have books on crypto, but they do
>not define that attack. I can guess what it is from the name, but my
>guesses often are wrong.
The meet-in-the-middle attack is described in that very popular book
on _modern_ cryptography, Applied Cryptography by Bruce Schneier.
Essentially, it's the attack that says that with enormous memory
available, _double_-DES is no stronger than single-DES.
Doing a brute-force search, with a block of ciphertext and the
corresponding block of known plaintext -
with 2^56 steps, generate all the encryptions of the known plaintext,
with another 2^56 steps, generate all the decryptions of the
ciphertext,
and find the two keys in 2*2^56 steps, rather than 2^112 steps, by
going through the two lists of blocks and finding matches between
them...where the enciphered plaintext *meets* the deciphered
ciphertext *in the middle*.
Not only do you need a big memory, but to avoid doing 2^112 steps just
to find the matches, it probably has to be associative (although a
good sort algorithm will also help)...
John Savard
http://www.freenet.edmonton.ab.ca/~jsavard/index.html
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Oh, no! (No, the cryptography part of my web site will continue to be
updated...)
Date: Tue, 22 Dec 1998 21:39:14 GMT
Although my web site had addressed some non-cryptographic subjects
already, in the form of asides and/or digressions in the text of the
site, particularly with reference to different 5-unit teletypewriter
codes,
today, on the Xoom site,
http://members.xoom.com/quadibloc/index.html
I have added two new sections, rather small ones at this time, one on
a luni-solar calendar I've invented and one on a map projection of
mine. (Eventually, these sections may expand into discussions of other
calendars and other map projections.)
My original plans for the site envisaged including a description of a
programming language - and possibly a computer architecture - that
I've fantasized about ... but the text I have about the programming
language is rather long, and I haven't quite gotten around to
HTML-izing it.
And there is the rather wide and eclectic selection of links...
John Savard
http://www.freenet.edmonton.ab.ca/~jsavard/index.html
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: On living with the 56-bit key length restriction
Date: Tue, 22 Dec 1998 12:31:51 -0600
In article <[EMAIL PROTECTED]>,
<[EMAIL PROTECTED]> wrote:
> On Mon, 21 Dec 1998, Mok-Kong Shen wrote:
>
> > [EMAIL PROTECTED] wrote:
> > > ...
> > > Most encryptions are done with software packages and with users that want
> > > to use one single software, want it use once and type their password at
> > > most once. When doing superencipherment in such a software it won't be
> > > exportable.
"Build a system that any idiot can use, and only idiots will use
it."--Shaw's Law, from Murphy.
If you want to make crypto more available, it is just as unwise to build a
system that only a few can use, for the same reason.
> > >
> > > Relatively few users are willing to use the same or different programs
> > > multiply to encrypt a message or a file. In this case superencipherment is
> > > possible, but it won't become a standard.
It is not impossible to combine algorithms in one program.
Try not to be obsessed with building a standard. Good crypto is about
diversity and shared secrets.
> >
> > The kernel problems is 'export'. If serveral algorithms get exported
> > to a country (outside of the 33), then it is very trivial to get
> > someone a bit familiar with software to build a combined module
> > containing more than algorithm in series to allow user comfort to be
> > the same as for a single algorithm. I am quite sure that 90% of people
> > using computers are capable of doing this themselves.
It all depends if the backbone framework is unavailable. Those who would
limit crypto would like to forbid having such a thing, but that would mean
doing away with all source code for such standard things like
word-processors; slim chance and fat chance mean the same thing.
> >
>
> The problem is not export of algorithms - nobody is able to control this,
> and - much more important: There are already enough algorithms for all
> purposes. This may change with the development of new computers and new
> cryptographic attacks, but surely blowfish and AES will be strong
> algorithms while this stupid crypto law will be gone.
Enough is only relative to your needs; I repeat, good crypto is about diversity.
>
> The problem is software: Keep people from using strong algorithms in
> commercial mailtools and other IP tools, in office programs and databases
> and you are able to destroy most of the cryptographic infrastructure.
You had just as well outlaw all secrets and protocols.......rots of ruck.
--
What goes around, comes around.
You reap what you sow.
Do unto others as you would have them do unto you.
The wheels of the gods grind most slowly, but exceedingly fine.
People in glass houses should not cast stones.
Let those who are without sin cast the first stone.
Judge not that ye be judged.
------------------------------
From: [EMAIL PROTECTED] (James Pate Williams, Jr.)
Subject: Re: Conway's Game of Life
Date: Tue, 22 Dec 1998 19:50:25 GMT
Reply-To: [EMAIL PROTECTED]
I have two steady-state genetic algorithms for finding the initial
game of life configuration that has the maximum life after a given
number of game of life generations. These two programs were
developed as part of the last lab assignment in CSE 560
Artificial Intelligence I at Auburn University taught Professor
Gerry V. Dozier. The following table was generated using life1.c:
Uniform Crossover with a 10% Mutation Rate
life1 100 7 p
============================================
p 10 15 20 25 30 35
============================================
## f g f g f g f g f g f g
============================================
1 19 258 27 234 33 319 34 318 35 321 37 263
2 25 168 28 216 37 262 35 251 39 477 40 314
3 33 109 21 166 32 229 36 355 34 349 31 340
4 30 306 29 286 33 292 39 464 34 281 42 686
5 36 360 33 158 34 561 40 289 41 324 38 302
6 30 112 35 305 32 210 41 520 41 330 41 315
7 22 172 20 87 31 199 34 472 34 347 39 245
8 37 263 39 547 20 214 33 237 37 552 34 308
9 36 149 28 187 34 267 35 320 35 633 40 360
10 24 337 34 307 33 363 34 251 38 222 41 271
============================================
29 223 29 249 32 292 36 348 37 384 38 340
============================================
where f is the fitness and g is number of
genetic algorithm generations
The following table was generated using data from life2.c:
Steady state genetic algorithm
with a mutation rate of one per cent
life2 100 7 p
==========================
p 10 20 30
==========================
## f g f g f g
==========================
1 8 118 19 1246 31 291
2 17 383 18 390 19 1520
3 19 362 20 482 22 327
4 15 514 19 710 30 443
5 16 300 23 1049 26 1437
6 28 400 21 213 28 427
7 19 731 27 377 23 1881
8 15 1300 23 423 24 325
9 24 853 16 611 28 495
10 12 166 21 290 26 330
==========================
17 513 21 579 26 748
==========================
where f is the fitness and g is the number of
genetic algorithm generations
the algorithm did not converge for odd values
of p
Anyone that wants a copy of these two C source code files then send me
an e-mail at the following address requesting life1.c and/or life2.c.
==Pate Williams==
[EMAIL PROTECTED]
http://www.mindspring.com/~pate
------------------------------
From: [EMAIL PROTECTED] (James Pate Williams, Jr.)
Subject: Re: Checkers Learning Program
Date: Tue, 22 Dec 1998 20:06:03 GMT
Reply-To: [EMAIL PROTECTED]
I have created a checkers learning program that uses a least mean
squares training algorithm. The targer function is:
V^(b) = w_0 + w_1 x_1 + w_2 x_2 + w_3 x_3 + w_4 x_4
+ w_5 x_5 + w_6 x_6
where x_1 is the number of black checkers, x_2 is the number of red
checkers, x_3 is the number of black kings, x_4 is the number of red
kings, x_5 is the number of black pieces threatened by red, and x_6
is the number of red pieces threatened by black. The weights are
updated using the following rule:
w_i ' = w_i + eta (V^_train(b) - V^(b)) x_i for 0 <= i <= 6
where eta is a constant << 1 and
V^_train(b) = V^(Successor(b)).
See _Machine Learning_ by Tom M. Mitchell, McGraw-Hill, 1997,
Section 1.2 pages 5 - 14. This program will be submitted to Professor
Gerry V. Dozier at Auburn University in Winter 1999 CSE 665
Machine Learning. Anyone wishing to obtain a copy of the two
required programs then send an e-mail to the following e-mail address
requesting checkers.c and playchec.c.
==Pate Williams==
[EMAIL PROTECTED]
http://www.mindspring.com/~pate
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
