Cryptography-Digest Digest #841, Volume #8 Tue, 5 Jan 99 06:13:06 EST
Contents:
New Twofish Source Code Available (Bruce Schneier)
Re: New Twofish Source Code Available (James Pate Williams, Jr.)
Re: Help: a logical difficulty (Nicol So)
Re: CTS a la Schneier, Rivest
Re: symmetric encryption with a user-supplied password (Nicko van Someren)
Teaching Program ("bill_wells")
Re: Sapphire II key length vs. US Export Law (fungus)
Re: Help: a logical difficulty (Mok-Kong Shen)
Re: Teaching Program (Mok-Kong Shen)
FAQ ??????????? (konstantinidis)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Bruce Schneier)
Subject: New Twofish Source Code Available
Date: Tue, 05 Jan 1999 01:17:30 GMT
We have new Twofish source code--reference C, optimized C, and
ASM--that reflects the improvements we've made. The code is available
on thw Twofish home page:
http://www.counterpane.com/twofish.html
As far as I know, the Twofish source archives outside the U.S. have
not yet been updated to the most recent source code.
Bruce
**********************************************************************
Bruce Schneier, President, Counterpane Systems Phone: 612-823-1098
101 E Minnehaha Parkway, Minneapolis, MN 55419 Fax: 612-823-1590
Free crypto newsletter. See: http://www.counterpane.com
------------------------------
From: [EMAIL PROTECTED] (James Pate Williams, Jr.)
Subject: Re: New Twofish Source Code Available
Date: Tue, 05 Jan 1999 02:16:05 GMT
Reply-To: [EMAIL PROTECTED]
[EMAIL PROTECTED] (Bruce Schneier) wrote:
>As far as I know, the Twofish source archives outside the U.S. have
>not yet been updated to the most recent source code.
I hope you are not advocating that someone break our vaunted
cryptographic regulations and export this "dangerous" code. Of
course, you would never encourage someone to this.
==Pate Williams==
[EMAIL PROTECTED]
http://www.mindspring.com/~pate
------------------------------
From: Nicol So <[EMAIL PROTECTED]>
Subject: Re: Help: a logical difficulty
Date: Mon, 04 Jan 1999 21:32:28 -0500
Mok-Kong Shen wrote:
> Since there does not exist an algorithm to deliver the shortest
> string to describe an arbitrarily given random number sequence,
> couldn't one say that the problem of determining the shortest
> description of a sequence is undecidable? If so, the measure of
> complexity is not a well-defined quantity. It follows then that
> arguments based on the use of such a measure are also not
> well-defined.
You didn't say whether you were considering only finite sequences, but I
suppose you were. Just because the length of the shortest description of
a finite string is not computable doesn't make the notion of Kolmogorov
complexity ill-defined. In general, something is not well-defined if its
value can vary depending on something unspecified and not accepted as an
axiom. But in your example, it is not the case.
Given a universal computer, an encoding of an algorithm, and a given
finite string, either the universal computer eventually halts, or it
doesn't. If the universal computer does halt, it either outputs the
string, or it doesn't. So... either the algorithm describes the given
finite string, or it does not. And this means... the set of algorithms
that describes the given finite string is well-defined. And this means...
the length of the shortest algorithm in this (non-empty) set is
well-defined. My point is, there is nothing unspecified that could affect
the value of the complexity measure.
Remember, even if we don't have an effective method (algorithm) for
computing the shortest description of a finite string, the length of the
shortest description of the string must still be some definite value.
Nicol
------------------------------
From: [EMAIL PROTECTED] ()
Subject: Re: CTS a la Schneier, Rivest
Date: 5 Jan 99 03:16:13 GMT
Jon Becker ([EMAIL PROTECTED]) wrote:
: Yes, clearly. So we have a conundrum. According to RFC 2040:
: This mode handles any length of plaintext and produces
: ciphertext whose length matches the plaintext length.
: So what is one to make of that? Is it just a mistake?
Yes. However, "any length" may simply have meant any length that may arise
in practice; the caveat concerning a message shorter than a single block
may have been a detail not worth the words it would have taken to mention
it: even in a standards document, people will sometimes speak without
using mathematical precision.
An oversight, or an oversimplification. Not even just a full-fledged
mistake, but less than a mistake.
John Savard
------------------------------
From: Nicko van Someren <[EMAIL PROTECTED]>
Subject: Re: symmetric encryption with a user-supplied password
Date: Tue, 05 Jan 1999 03:51:16 +0000
This is a multi-part message in MIME format.
==============262BAE88E5395B6157A65578
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
denis bider wrote:
> Can anybody think of a method for raising the entropy of the password
> without straining the user into remembering kilobyte-long streams of random
> data?
User are often better at remembering entropy than the readers
of this group give then credit for. They just need to be prompted
in the right way. I did a couple of tests on this a while back among
my friends and for your edification I will recount the results.
1) Most people (in my test) can not remember an arbitrary nine
digit decimal number if you just show it out to them directly. Most
of the same set of people can remember a ten digit number IF
you present it 0xxx xxx xxx because (I hypothesize) they are
habituated to remembering telephone numbers. (In the UK phone
numbers at the time had nine significant digits and long distance
numbers are usually printed with the leading zero that you need
to dial to call that number. People in the US might well be able
to remember ten digits with ease this way.)
2) The second experiment I tried went as follows. The user is
presented with a dialogue box into which they are asked to enter
three pass-phrases; a week later they are presentend with the
same dialogue box and asked to enter the the same passphrases.
For half the set the fields were labelled 1, 2 and 3. For the
other half they were each labelled "Think <word>" where word
was replaced with one of a set of about 50 abstract nouns,
chosen using rand() seeded with some bits taken from the user
name. The users were instructed to try to ignore the labels.
While I would be the first to admit that (a) the sample size was
too small with only 9 people and (b) they may not have been
'average users', the 5 people with prompts all passed the 'login'
test and only 2 of the numbers entry users logged. If I recall
correctly (this was several years ago) it took an average of
about 20 seconds for the users with word prompts while the
two who managed it without prompts both took over a minute.
The bottom line: When it comes to getting users to remember
passphrases, presentation is everything.
Nicko
==============262BAE88E5395B6157A65578
Content-Type: text/x-vcard; charset=us-ascii;
name="nicko.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for Nicko van Someren
Content-Disposition: attachment;
filename="nicko.vcf"
begin:vcard
n:van Someren;Nicko
x-mozilla-html:FALSE
org:nCipher Corporation Ltd.<br><img
src="http://www.ncipher.com/images/masters/ncipher100.jpg">
version:2.1
email;internet:[EMAIL PROTECTED]
title:Chief Technology Officer
tel;fax:+44 1223 723601
tel;work:+44 1223 723600
adr;quoted-printable:;;Jupiter House=0D=0AStation Road;Cambridge;;CB1 2JD;England
x-mozilla-cpt:;0
fn:Nicko van Someren
end:vcard
==============262BAE88E5395B6157A65578==
------------------------------
From: "bill_wells" <[EMAIL PROTECTED]>
Subject: Teaching Program
Date: Tue, 05 Jan 1999 06:07:43 GMT
Does anyone know of an encryption teaching program--that is, something
that teaches about encryption through examples or games. My friend
thought it would be stimulating for her history classes to think
about the World Wars in terms of codes--maybe have a decoding contest
where the message says something like "We're going to invade on June 6"
or the like that and give the kids 24 hours to decipher. Does anyone
know of any programs like that?
Bill Wells
[EMAIL PROTECTED]
--
Surf Usenet at home, on the road, and by email -- always at Talkway.
http://www.talkway.com
------------------------------
From: fungus <[EMAIL PROTECTED]>
Subject: Re: Sapphire II key length vs. US Export Law
Date: Mon, 04 Jan 1999 22:53:59 +0100
chris wrote:
>
> if i generate a 16-bit key using a random number generator, then
> permute that key, using a fixed combination or XORs, into 64-bits is
> my app subject to the "56-bit encryption" limitation?
>
Nope. (see below)
> not knowing much about crypto, i am assuming that i am adding
> some, but not much, security by permuting the base key to 64-bits.
>
You're not really adding any. If the enemy knows your "permute"
algorithm (and you have to assume he does) then he only has to
try 2^16 keys to find the right one.
2^16 shouldn't be regarded as any security whatsoever.
--
<\___/>
/ O O \
\_____/ FTB.
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Help: a logical difficulty
Date: Tue, 05 Jan 1999 10:37:49 +0100
Nicol So wrote:
> Given a universal computer, an encoding of an algorithm, and a given
> finite string, either the universal computer eventually halts, or it
> doesn't. If the universal computer does halt, it either outputs the
> string, or it doesn't. So... either the algorithm describes the given
> finite string, or it does not. And this means... the set of algorithms
> that describes the given finite string is well-defined. And this means...
> the length of the shortest algorithm in this (non-empty) set is
> well-defined. My point is, there is nothing unspecified that could affect
> the value of the complexity measure.
If the machine continues running, it may halt at some future time
(perhaps shortly before the end of the universe) or it never halts
(getting into a loop). You don't know which is which. So you don't
know the second case indicated by your phrase 'or it does not'.
M. K. Shen
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Teaching Program
Date: Tue, 05 Jan 1999 10:44:38 +0100
bill_wells wrote:
>
> Does anyone know of an encryption teaching program--that is, something
> that teaches about encryption through examples or games. My friend
Not an answer to your question. But I like to say that I once saw a
toy that seems to work on the same principle as Jefferson's cylinder.
M. K. Shen
------------------------------
From: konstantinidis <[EMAIL PROTECTED]>
Subject: FAQ ???????????
Date: Tue, 05 Jan 1999 08:34:03 +0100
Can someone tell me where i will find a FAQ about crypto ?
Please answer
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
