Cryptography-Digest Digest #851, Volume #8 Tue, 5 Jan 99 23:13:03 EST
Contents:
Re: Cryptography board game! <First Draft - Card Game> (Christopher)
Re: Help: a logical difficulty ("Trevor Jackson, III")
Re: On the Generation of Pseudo-OTP (John Savard)
Re: Edu sources for an amateur (Colin G. St. John)
Re: U.S. Spying On Friend And Foe (Gideon Yuval)
Re: What is left to invent? (R. Knauer)
Re: U.S. Spying On Friend And Foe ([EMAIL PROTECTED])
Re: What is left to invent? (Frank Gifford)
Re: New Twofish Source Code Available ([EMAIL PROTECTED])
Re: CAST Cryptanalysis (Colin G. St. John)
Re: Help: a logical difficulty (Nicol So)
Re: Help: a logical difficulty (Nicol So)
Re: Help: a logical difficulty (Nicol So)
Re: U.S. Spying On Friend And Foe (Mike McCarty)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Christopher)
Crossposted-To: talk.politics.crypto
Subject: Re: Cryptography board game! <First Draft - Card Game>
Date: Tue, 05 Jan 1999 21:32:39 GMT
I was catching up on old articles and found this thread.
Anyway, my first ever website is an attempt at just that, the board game
algorythm as a card game. I don't know the specifics of RC4, so if anyone
has a technical correction please let me know. Here's the URL
http://home.ptd.net/~kruslicc/index.html
>>It's pretty straightforward to do 52-element RC4 with a deck of cards.
>
> I believe you that it is straightforward. Why don't you
> post a quick writeup pointing the way? With perhaps an
> estimate of how strong the encryption is? This would be fun
> and a very portable demonstration.
>
> ciao,
>
> jcurtis
Sorry, no estimates on its strength - in fact there's an optional step
that I'm sure's very important to the algorythm, but let's face it, it
would be tedious to actually do this for anything more than a simple
phrase.
Any comments, my address is in the header and on the page.
------------------------------
Date: Tue, 05 Jan 1999 18:04:56 -0500
From: "Trevor Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: Help: a logical difficulty
The only thing I see missing is the term "turing-complete". I took it as a given.
Others may have have
interpreted the term "turing machine" in a less context-sensitive manner.
John Briggs wrote:
> In article <[EMAIL PROTECTED]>, Mok-Kong Shen
><[EMAIL PROTECTED]> writes:
> >This is also an essential problem. If for two given sequences
> >one machine says the first is less complex than the other but
> >the second machine says the contrary, which result should one take?
>
> Algorithmic complexity is a function of the algorithm.
>
> If you want to know the complexity of "54" in an absolute sense,
> you're out of luck.
>
> Of course, any algorithm worth its salt is going to let you supply
> an arbitrary Turing machine in the input stream. And so you're looking
> at a "plus a constant" worst case on the difference between the
> algorithmic complexity of any two arbitrary input streams as
> measured against any particular pair of salt-worthy, Turing-computable
> algorithms.
>
> Am I missing something or should this have been obvious to everyone?
>
> John Briggs [EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: On the Generation of Pseudo-OTP
Date: Tue, 05 Jan 1999 23:14:32 GMT
"jay" <[EMAIL PROTECTED]> wrote, in part:
>Nonetheless, I suppose a secure encryption program based on books would
>quickly be placed under the Wass. restrictions, placing us back with the
>Ciphersaber approach: publish the format and the algorithm, develop the
>software locally. The same problems would exist, that is, people would not
>have easy access to appropriate privacy software without writing it
>themselves or having a qualified friend.
Obviously, the thing to do is, then, not to worry for now about
ensuring the wide distribution of encryption programs, but to merely
ensure the wide distribution of compilers.
GNU C has already been ported to MS-DOS, has it not?
John Savard
http://www.freenet.edmonton.ab.ca/~jsavard/index.html
------------------------------
From: [EMAIL PROTECTED] (Colin G. St. John)
Subject: Re: Edu sources for an amateur
Date: 5 Jan 1999 23:29:14 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] says...
>
>Hello All:
>
>I just stumbled on to this group. I am very interested in cryptography
>as a concept. The closest I've got to it is reading the "Puzzle Palace"
>and writing some simple hieroglyphic codes for amusement (inspired by
>Sherlock Holmes' "The case of the dancing men").
>
>Can you experts out there recommend good sources of info to educate
>myself (say from a public library) on cryptography ? I'd like to know
>what 56 bit vs 128 bit encryption means, what is PGP, RCA kinda lingo.
>
>Thanks in advance.
>
>--
>[EMAIL PROTECTED]
>
>
Buy "Applied Cryptography" by Bruce Schneier. It has
758 pages of modern cryptography. Highly recommended for
an interested amateur who wants to study up. It also
has a large bibliography for further research.
Colin
------------------------------
From: [EMAIL PROTECTED] (Gideon Yuval)
Subject: Re: U.S. Spying On Friend And Foe
Date: 5 Jan 1999 23:34:50 GMT
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] says...
>The British can keep secrets, and they have an Official Secrets Act to
>enforce it.
"Yes, minister" has a line "the official secrets act is there, not to
protect secrets, but to protect officials".
--
The opinions expressed in this message are my own personal views
and do not reflect the official views of Microsoft Corporation.
------------------------------
From: [EMAIL PROTECTED] (R. Knauer)
Subject: Re: What is left to invent?
Date: Tue, 05 Jan 1999 23:52:35 GMT
Reply-To: [EMAIL PROTECTED]
On Tue, 05 Jan 1999 20:56:05 GMT, Darren New <[EMAIL PROTECTED]>
wrote:
>Just out of curiousity, what is the theoretical cutting edge nowadays?
Quantum cryptography and photonic crystals - just to name two.
Both hold the prospect of revolutionizing cryptography.
Bob Knauer
"The American Republic will endure, until politicians realize they
can bribe the people with their own money."
--Alexis de Tocqueville
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: U.S. Spying On Friend And Foe
Date: Wed, 06 Jan 1999 00:13:45 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> Douglas A. Gwyn wrote:
>
> > "Tony T. Warnock" wrote:
> > > The great problem of "friends" spying on the US is that the
> > > "friend" may not be able to keep secrets. Some of our allies may not
> > > mean harm to us, but they cannot keep secrets. Vice versa.
> >
> > The British can keep secrets, and they have an Official Secrets Act to
> > enforce it.
>
> That's a Blunt statement. Both the Brits and the US believe that the other
> cannot keep secrets. They are both Wright.
>
>
Since the British and American intelligence agencys are in
bed with each other and loving it. They don't keep secrets
from each other. But they might be good at keeping it from
the French who speak a funny language.
--
http://cryptography.org/cgi-bin/crypto.cgi/Misc/scott19u.zip
http://members.xoom.com/ecil/index.htm
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: [EMAIL PROTECTED] (Frank Gifford)
Subject: Re: What is left to invent?
Date: 5 Jan 1999 17:49:12 -0500
In article <[EMAIL PROTECTED]>,
Darren New <[EMAIL PROTECTED]> wrote:
>...
>Other than user interfaces, efficiency, ubiquity, and trying to
>circumvent stupid politics, what's left to be invented?
Well, like any other field, advances are always being made. Compare this
to car manufacturing. You could argue that cars are efficient enough and
have enough features and are safe enough, what's the purpose of doing
anything more?
>The only thing I can think of is the theory behind making a block
>cypher's S-boxes secure and knowing it (rather than just making it real
>complex and hoping there's no unexpected hole in it).
Aside from the OTP, there is no proof for the strength of a crypto system.
All that can be said is that it seems to be strong. The best minds of
today have examined a particular crypto system and they haven't broken it,
so we will, for now, trust that it works. The field is not at a point where
any other system can have a proven level of security or a guaranteed level
of probable security. We can't say, "This crypto system will protect your
data for at least one full year. Beyond that, the protection drops by 1%
each year."
>I suppose there are also unusual combinations, like having anyone able
>to decrypt your message but wanting at least three people to have to
>cooperate to authenticate it.
This instance is more of a protocol and using cryptography to implement it
so that it is fair, no one can cheat and no one can learn information that
he isn't supposed to find.
If you do a little research into rotor machines, you can get the feeling
that all one has to do is make the rotor movement complex enough and the
rotor system can't be broken. And, by extension, all you have to do is
write a program to mimick the rotors and you've got a secure encryption
system on a chip. But with the advent of block ciphers, one can start
protecting data against a chosen plaintext attack, which the rotor
system cannot.
One thing which isn't invented yet, to my knowledge is a way for a CPU to
execute an encrypted program, but without that CPU being able to do any
decryption itself. For example: I've got my amazing Stock Picker Program
which picks stocks which will come on strong over the next month - and it
picks correctly 90% of the time. Unfortunately, it's very computationally
intensive and I want to take some of my proceeds and rent time on a Cray
or some such beast. But I don't want the owners of the computer to have
my program, know its outputs or know what it does internally. Cryptography
with a protocol would probably be the right way to solve this 'problem',
but this isn't solved yet.
-Giff
--
[EMAIL PROTECTED] Too busy for a .sig
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: New Twofish Source Code Available
Date: Wed, 06 Jan 1999 00:08:11 GMT
In article <76tkub$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
>
> In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Bruce
Schneier) writes:
> |> On Tue, 05 Jan 1999 02:16:05 GMT, [EMAIL PROTECTED] (James Pate Williams,
Jr.) wrote:
> [..]
> |> Even so, if someone finds the new code on ftp sites outside the U.S.,
> |> please let me know so I can put the data up on the website.
> There is a small Norwegian firm called FAST that created the largest FTP
> search engine in '98 (www.fast.no); they got owned by Lycos and the
> machine is now available as http://ftpsearch.lycos.com just type
> in "towfish" and find a gazillion non-us FTP sites with twofish.
> --
Why does "towfish" find a gazillion sites with twofish. this
all sounds pretty fishy to me. But then again maybe I am
missing something. If so could you tell me how nonus people
can find an overseas FTP site that has the nonfishy
"scott19u.zip"
> Have fun, -joke
>
> UNIX is user friendly. (It's just selective about who the friends are.)
>
David Scott
--
http://cryptography.org/cgi-bin/crypto.cgi/Misc/scott19u.zip
http://members.xoom.com/ecil/index.htm
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: [EMAIL PROTECTED] (Colin G. St. John)
Subject: Re: CAST Cryptanalysis
Date: 5 Jan 1999 23:44:09 GMT
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] says...
>
>Are there any known attacks on the CAST128 algorithm?
>
>The only paper I have found is the Kelsey, Schneier, Wagner paper entitled
>"Related key Cryptanalysis of 3-WAY, Biham-DES, CAST, DES-X, NewDES, RC2,
>and TEA"
>
>but this paper specifically covers a 64-bit key version of CAST, not the
>CAST-128 variant...
>
>Any pointers?
>
>TIA,
>
>
>Sam Simpson
>Comms Analyst
>-- http://www.hertreg.ac.uk/ss/ for ScramDisk hard-drive encryption & Delphi
>Crypto Components. PGP Keys available at the same site.
>
>
>
Here's the univeristy site of the inventors
of CAST, with plenty of papers on the algorithm:
adonis.ee.queensu.ca:8000/cast/
Their commercial site is:
www.entrust.com
Colin
------------------------------
From: Nicol So <[EMAIL PROTECTED]>
Subject: Re: Help: a logical difficulty
Date: Tue, 05 Jan 1999 22:02:41 -0500
Mok-Kong Shen wrote:
> Nicol So wrote:
> >
> > Something is well-defined if it has a definite meaning. ...
> >
> > I suspect that you are under the false impression that a predicate is
> > well-defined only if it is decidable. If that's what you thought, that could be
> > the source of your difficulty.
>
> As I pointed out in another follow-up, in the present context we
> need comparisons of complexity. That a certain sequence has a
> certain 'definite' but 'unknown' complexity is not of much use if
> one wants to compare two sequences to see if one is superior to
> the other for cryptological applications.
The relevance of Kolmogorov or description complexity to cryptology is an interesting
question, but that's not your original question.
In your original message, <[EMAIL PROTECTED]>, you wrote:
> Since there does not exist an algorithm to deliver the shortest
> string to describe an arbitrarily given random number sequence,
> couldn't one say that the problem of determining the shortest
> description of a sequence is undecidable? If so, the measure of
> complexity is not a well-defined quantity.
I (and others as well) have been trying to explain why Kolmogorov complexity is
well-defined despite being non-computable.
I haven't really thought about the application of Kolmogorov complexity to cryptology,
but if it turns out that only high-Kolmogorov-complexity strings are suitable for the
key stream in a stream cipher, it could really screw things up (or make things
exciting, depending on your perspective), because it would disprove the existence of
pseudorandom number generators (as theoretical computer scientists define them) and a
sleuth of other conjectures. (Take that as an opinion, any hard result would require
more formal treatment. And as I said, I haven't really thought about the problem).
Nicol
------------------------------
From: Nicol So <[EMAIL PROTECTED]>
Subject: Re: Help: a logical difficulty
Date: Tue, 05 Jan 1999 22:11:13 -0500
Douglas A. Gwyn wrote:
> Mok-Kong Shen wrote:
> > Since there does not exist an algorithm to deliver the shortest
> > string to describe an arbitrarily given random number sequence,
> > couldn't one say that the problem of determining the shortest
> > description of a sequence is undecidable?
>
> No, because one can simply generate all possible descriptions in
> increasing order of size until one is found that generates the
> sequence. ...
>
> I don't know why you assert that there "does not exist" such an
> algorithm, unless you're discussing an *infinite* sequence, which
> is not practical.
Enumerating and checking all descriptions doesn't work when the
interpreter of descriptions is a universal computer, because of the
halting problem (you can't even decide if a "description" really
describes any finite string).
To give your measure of description complexity some robustness, you want
to use a universal computer as the interpreter. Otherwise, your
complexity measure of the same string can vary wildly depending on the
choice of your interpreter. (It is easy to construct an interpreter in
which all strings have much longer shortest descriptions than the
strings themselves).
Nicol
------------------------------
From: Nicol So <[EMAIL PROTECTED]>
Subject: Re: Help: a logical difficulty
Date: Tue, 05 Jan 1999 22:24:28 -0500
Mok-Kong Shen wrote:
> Douglas A. Gwyn wrote:
> >
> > Mok-Kong Shen wrote:
> > > Since there does not exist an algorithm to deliver the shortest
> > > string to describe an arbitrarily given random number sequence,
> > > couldn't one say that the problem of determining the shortest
> > > description of a sequence is undecidable?
> >
> > ...
> >
> > I don't know why you assert that there "does not exist" such an
> > algorithm, unless you're discussing an *infinite* sequence, which
> > is not practical.
>
> Why should infinite sequences be excluded as non-practical?
> Apparently Pi is a useful sequence. Now Pi may have an adequate simple
> description in the present context (I don't know). But it is
> at least very conceivable that there are other sequences for
> which one has no (or not yet) ideas of adequate descriptions.
Of course, because you don't even have enough names for infinite
sequences. (There are uncountably many infinite strings, but only
countably many finite strings that can be used as descriptions). The
infinite binary strings capable of finite representation correspond to the
decidable languages.
Nicol
------------------------------
From: [EMAIL PROTECTED] (Mike McCarty)
Subject: Re: U.S. Spying On Friend And Foe
Date: 6 Jan 1999 02:06:31 GMT
In article <76u9rp$4j3$[EMAIL PROTECTED]>, <[EMAIL PROTECTED]> wrote:
)In article <[EMAIL PROTECTED]>,
) [EMAIL PROTECTED] wrote:
)> Douglas A. Gwyn wrote:
)>
)> > "Tony T. Warnock" wrote:
)> > > The great problem of "friends" spying on the US is that the
)> > > "friend" may not be able to keep secrets. Some of our allies may not
)> > > mean harm to us, but they cannot keep secrets. Vice versa.
)> >
)> > The British can keep secrets, and they have an Official Secrets Act to
)> > enforce it.
I didn't get in on the who quote, so I may be off base. But I *certainly*
find it humo(u)rous to find that someone thinks that a Legislative Act
can cause secrets to be kept.
)>
)> That's a Blunt statement. Both the Brits and the US believe that the other
)> cannot keep secrets. They are both Wright.
)>
)>
)
) Since the British and American intelligence agencys are in
)bed with each other and loving it. They don't keep secrets
)from each other. But they might be good at keeping it from
)the French who speak a funny language.
)
)
)--
)http://cryptography.org/cgi-bin/crypto.cgi/Misc/scott19u.zip
)http://members.xoom.com/ecil/index.htm
)
)-----------== Posted via Deja News, The Discussion Network ==----------
)http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
--
----
char *p="char *p=%c%s%c;main(){printf(p,34,p,34);}";main(){printf(p,34,p,34);}
This message made from 100% recycled bits.
I don't speak for Alcatel <- They make me say that.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
