Cryptography-Digest Digest #993, Volume #8 Fri, 29 Jan 99 00:13:03 EST
Contents:
Re: Merchants needed for software beta testing (Bruce Schneier)
Re: Spread Spectrum ([EMAIL PROTECTED])
Re: Japanese Purple encryption
Seeking efficient algorithm: histogram of run lengths in a bitstream (Michael
Sierchio)
Re: Coin Toss Theory ("Kazak, Boris")
Re: Sanity check on authentication protocol (Eric Norman)
Re: Some more technical info on Pentium III serial number (Paul Rubin)
Re: The Challenge ("ARTURO_AGUSTIN")
Re: Some more technical info on Pentium III serial number ("Trevor Jackson, III")
Re: 128 bit Everest, 64 bit Coin ("Trevor Jackson, III")
Re: Who will win in AES contest ?? ([EMAIL PROTECTED])
Re: Coin Toss Theory ("Trevor Jackson, III")
Re: Coin Toss Theory ("Trevor Jackson, III")
Question on key lengths (Brett W)
Re: 128 bit Everest, 64 bit Coin (Paul Rubin)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Bruce Schneier)
Subject: Re: Merchants needed for software beta testing
Date: Fri, 29 Jan 1999 01:11:14 GMT
For what it's worth Briggs has written some nice encryption code in
the past. This is unlikely to be the typical snake oil nonsense. (Note
that I have not seen the program, and am not endorsing it. I am just
pointing out the the author is someone who is likely to have thought
this out and done a competent job.)
Bruce
On Thu, 28 Jan 1999 19:49:49 GMT, Kent Briggs <[EMAIL PROTECTED]>
wrote:
>I'm looking for volunteers to help beta test a new encryption program
>that will soon be released as shareware. It's targeted towards small
>online merchants and software developers who do not have SSL-enabled web
>sites but still need a secure method of collecting credit card orders.
>This program allows you to build a stand alone order form program in a
>single Win 95/98/NT EXE file and then distribute it royalty free. The
>customer runs the program, fills in the order info and the result is
>automatically encrypted with the built-in public key encryption option
>and e-mailed back to the merchant directly.
>
>If you are interested in helping with the beta test, please send a
>private reply back to me with your name, e-mail, and basic info on your
>PC (CPU type, RAM installed, Windows version, etc) and I will provide
>you with a download link. Those that provide feedback will get a free
>copy of the final registered version.
**********************************************************************
Bruce Schneier, President, Counterpane Systems Phone: 612-823-1098
101 E Minnehaha Parkway, Minneapolis, MN 55419 Fax: 612-823-1590
Free crypto newsletter. See: http://www.counterpane.com
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Spread Spectrum
Date: Fri, 29 Jan 1999 03:00:39 GMT
On Thu, 28 Jan 1999 15:31:24 -0600, [EMAIL PROTECTED] (wtshaw) wrote:
>In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] wrote:
>
>> Title is The Bug Book and publisher is
>> Paladin Press in Boulder Colorado.
>>
>That sounds like an old title, in fact I believe that I have volumes 1, 2,
>and 3, and it is about some early integrated circuits, not exactly what
>you have in mind. It might be a good idea to check title archives or you
>may be adding to someone's confusion.
New edition of old book, but there never was more than one 'volume'.
Just the original title.
>
>About Spread Spectrum, it's a big subject...good luck.
Yeah, and it appears that no one is able to provide the answers to the
question about intercepting and converting DS back into speech...
>--
>A much too common philosophy:
>It's no fun to have power....unless you can abuse it.
------------------------------
From: [EMAIL PROTECTED] ()
Subject: Re: Japanese Purple encryption
Date: 29 Jan 99 03:17:08 GMT
[EMAIL PROTECTED] wrote:
: John,
: Thanks.
: I am particularly interested in the
: Siemens & Halske Geheimschreiber. Do you know
: if any of these machines exist, and if there is
: an antique market for such machines?
: How many of them were made, also Enigma machines.
There _is_ an antique market for Enigma machines. But *very* few T-52
machines were made, and as far as I know, all specimens are in the hands
of government bodies. My guess is that about three to five still exist.
You have, no doubt, already seen the page on my web site
http://www.freenet.edmonton.ab.ca/~jsavard/index.html
where I describe the T-52, or perhaps you have read the Cryptologia
articles that were my sources. Toby's Cryptopage (I have a link to it) has
some pictures of the T-52.
John Savard
------------------------------
From: Michael Sierchio <[EMAIL PROTECTED]>
Subject: Seeking efficient algorithm: histogram of run lengths in a bitstream
Date: Thu, 28 Jan 1999 19:32:29 -0800
Reply-To: [EMAIL PROTECTED]
I hope the subject says it all -- I am seeking algorithms (pref. in C)
for calculating histograms (one for each of the runs of 0's and 1's in
a bitstream).
Thanks,
MS
------------------------------
From: "Kazak, Boris" <[EMAIL PROTECTED]>
Subject: Re: Coin Toss Theory
Date: Thu, 28 Jan 1999 22:33:34 -0500
Reply-To: [EMAIL PROTECTED]
handWave wrote:
>
> (snip)
> Please comment upon the Large Signal sources of randomness, and small
> signal components of randomness in a fair coin toss. Is thermal noise
> important? Which quantum effect is predominant? Is the spin rate a
> quantifiable contributor to the auto-correlation of recorded sequences of
> bits from coin tosses? Who has done this research in the past?
>
> handWave
===================
The largest source of Randomness seems to be the nature of the coin
and
its National Identity. American coins are famous for their fairness,
whence
Russian coins are not trusted any more, to the extent that Russian
government
recently announced the recall of all coins minted before 1962. Mexican
coins
are very suspicious, their inner part is made of different kind of metal
than the outer part.
Any spin rate seems to be acceptable, provided it does not coincide
with
alpha-rhythms in the brain (9-12 Hz), or with Schumann resonances in the
Earth-ionosphere cavity (11-14 Hz). Additionally, the "C" of second
octave
(430 Hz) must not be the multiple of the spin rate, since this will
cause
unacceptable resonances with the nearby guitars and may distract the
Random number producer.
Also unacceptable from the quantum-mechanical point of view is to
subject
the flying coin to the illumination by laser beam. The 6328 A He-Ne
laser
can increase the apparent bias in the coin tosses to 10^-77 in the 1000
samples experiment. However, the green 4563 A laser seems not to exhibit
this influence.
Thermal noise seems to have much stronger influence on the tosser's
ability to throw the coin than on the results of the experiment. In 1976
such an experiment was made in the sauna, it was discovered that when
the
ambient temperature inside the hot chamber reached 115 C (yes!) the
tosser
was not able to take the coin in his hands, let alone throw it.
Research is now under way for comparative assessment of Random Number
Generators based on coins and based on beans in the botlle. In this
latter
system the number of beans, the material of the bottle and the
directional
properties of the microphone are being investigated. Recent suggestion
to
use the empty beer can as a Container will be investigated in the
nearest
future. I shall do my best to keep you posted.
Respectfully BNK
------------------------------
From: Eric Norman <[EMAIL PROTECTED]>
Subject: Re: Sanity check on authentication protocol
Date: Thu, 28 Jan 1999 19:58:59 -0600
Edward Keyes wrote:
>
> I'm trying to do a nice secure mutual authentication and session key
> exchange using only symmetric ciphers (since public key algorithms are
> too computationally intensive for the platform). Could someone please
> tell me if I'm missing anything obvious in the following protocol?
> It is assumed that Alice and Bob share a secret key prior to this.
Since Alice and Bob share a secret, don't you get authentication
for free? That is, Alice encrypts a message with the secret and
sends it to Bob. Bob now knows that the message came from Alice
since she's the only one who could have encrypted it (this
assumes that Bob can recognize a "valid message").
> As far as I can tell, this is secure against packet sniffers,
> man-in-the-middle attacks, and replay attacks.
S'pose you need to do something about replay attacks, though.
--
Eric Norman
"Congress shall make no law restricting the size of integers
that may be multiplied together, or the number of times that
an integer may be multiplied by itself, or the modulus by
which an integer may be reduced".
------------------------------
Crossposted-To: talk.politics.crypto,comp.sys.intel
From: [EMAIL PROTECTED] (Paul Rubin)
Subject: Re: Some more technical info on Pentium III serial number
Date: Fri, 29 Jan 1999 03:34:13 GMT
In article <78r61v$[EMAIL PROTECTED]>,
Brad Templeton <[EMAIL PROTECTED]> wrote:
>I don't get it. How does a web server "request" the ID of a client?
>
>A web server can't make any requests of a client. The client makes
>requests of the server. The server can send back things like Redirects
>and Authentication responses that make the client do more, but there
>is nothing in any web browser or the HTTP protocol to send these
>serial numbers or play the games described.
>
>Has Intel been proposing extensions to HTTP or other protocols?
>Where are those extensions documented?
>
>Has any browser vendor or the W3C given even the slightest indication
>they would support such extensions?
It sounds to me like Intel is going to release browser controls
(Netscape plug-in and Explorer ActiveX control) that read the serial
number. They could distribute the controls through their own web
site, or possibly get Micro$oft to include the controls in Windoze
N+1. DHTML script on random web pages could then invoke the controls
to put the numbers into hidden form fields that would be sent as part
of the next GET or POST. The controls could even open their own IP
connections back to the web server. This is all quite possible even
today, without any participation from browser vendors or W3C. The
main problem is social-engineering the users to accept the plug-ins.
It looks like Intel has failed at this pretty badly already.
------------------------------
From: "ARTURO_AGUSTIN" <[EMAIL PROTECTED]>
Subject: Re: The Challenge
Date: Fri, 29 Jan 1999 03:58:21 GMT
Give me an encrypted ASCII Character sequence
Thank you ...
You can send it to me in:
[EMAIL PROTECTED] OR [EMAIL PROTECTED]
--
Surf Usenet at home, on the road, and by email -- always at Talkway.
http://www.talkway.com
------------------------------
Date: Thu, 28 Jan 1999 23:10:28 -0500
From: "Trevor Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: Some more technical info on Pentium III serial number
[EMAIL PROTECTED] wrote:
> Gareth Williams ([EMAIL PROTECTED]) wrote:
> : 5) The actual Pentium ID is not very safe, and it must be possible to
> : run the agent in
> : an emulator (as someone else pointed out) and spoof it.
>
> Um, that would be true in general. But since this agent software was
> written by the *chip manufacturer*, it could make use of _undocumented_
> instructions. (Which would also help to make it harder to disassemble -
> the _real_ threat, "black art" notwithstanding.)
I doubt that Intel believes undocumented instructions are going to provide
any security. Lack of instruction set doc is a very weak form of security
via obscurity. There are very serious groups of people who explore new
Intel chips, sometimes publishing features even before Intel has the full
doc available. Certainly any glaring hint "here be secrets" is going to
attract so much attention that the facts will be known very quickly.
I've had some experience designing tamper-proof software, including
anti-emulator and anti-debugger techniques. It is not simple. Only
multiple layers of security offer a hope of protecting app code. And the
best the author can hope for is to delay the time when someone cracks the
last layer. The length of that time span is, predictably, inversely
related to the value of the material being protected.
I detect high angular momentum.
------------------------------
Date: Thu, 28 Jan 1999 23:19:15 -0500
From: "Trevor Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: 128 bit Everest, 64 bit Coin
handWave wrote:
> I
> made
> some rough
> calculations
> yesterday comparing
> 64 bit keys to 128 bit keys.
> There are about 2^64 atoms in a coin.
> There are about 2^128 atoms in Mount Everest.
So there are 2^64 coins in Mt. Everest? I think that number is too
large. Way too large.Ever hear of covering a chessboard with kernels of
grain, doubling on each cell?
> The Universe has about 10^88 particles or 2^291 particles.
You must be counting photons too.
> All of the gold owned today could fit in my house.
Your house must be enormous. In all of history we've mined about
100,000 tons (1e11 grams) of gold. Most of it is still around.
> Donations are welcome.
> handWave
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Who will win in AES contest ??
Date: Fri, 29 Jan 1999 03:18:18 GMT
In article <78pur6$rp4$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (Thomas Pornin) wrote:
snip ...
>
> We all care about time. By the way, I could not access this piece of
> software, but I once tried to look at scott16u, and I would say that the
> 1000$ reward is not enough to convince me to unscramble the horrible
> piece of junk-asm-translated-into-pathetic-C code you dare to call "a
> description of the algorithm". Maybe scott19u is better in that regard,
> but I think spending three hours watching TV would be a more intelligent
> use of my time than such an expression of poor programming abilities.
>
> --Thomas Pornin
>
> PS: just so you do not bother telling it yourself: I am employed by the
> NSA to discredit you, because you are too dangerous for us.
>
If you where in the UK you might be afiliated with the NSA or the
British equivalent but since you are in France the NSA would most
likely not trust you. But if you lacked the intelligence to follow
scott16u which is based on nice byte boundaries. The 16 bit words
and the 8 bit shifts work very nicely on the PC.
You would be at a total loss to understand scott19u which is
based on packed 19 bit wide arrays and 9 bit shifts coupled with
the fact the file does not usually end in a nice multiple of 19
bits you would be over your head. And it would require more
brain power than someone of your obvious inferior intellect to
tackel. So go ahead and stare at the boob tube I hope that it
does not over tax you brain.
David A. Scott
http://cryptography.org/cgi-bin/crypto.cgi/Misc/scott19u.zip
http://members.xoom.com/ecil/index.htm
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
Date: Thu, 28 Jan 1999 23:34:03 -0500
From: "Trevor Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: Coin Toss Theory
handWave wrote:
> A "fair coin toss" is an often used concept for scholarly cryptographic
> papers. The theory behind this randomness is seldom discussed because it
> so obvious. The elasticity of the skin, the trembling of the muscles, air
> currents, tidal pull, and myriad other subtle influences contribute to
> the randomness of the results. It is the complexity of "analog" reality
> which imparts unpredictableness. A skilled juggler may be able to toss
> one coin slowly with repeatable results, but I defy any juggler to toss a
> coin 1 meter high, rotating over 15 hz to gain any advantage over a
> layman. Spinning the coin as it is launched from the fingertips, I can
> make it a blur, so that may be about 20 to 50 hz.
>
> Please comment upon the Large Signal sources of randomness, and small
> signal components of randomness in a fair coin toss. Is thermal noise
> important? Which quantum effect is predominant? Is the spin rate a
> quantifiable contributor to the auto-correlation of recorded sequences of
> bits from coin tosses? Who has done this research in the past?
>
It would not be hard to produce a spring-loaded device capable of launching a
coin one meter in a one gee field, rotating at 900 rpm. Given the existence
of such a device, we can quickly eliminate most of your list of esoteric
influences.
After elimination of the irrelevancies, all that is left is the precision of
the launching system and the elasticity of the landing zone. A landing zone
that is elastic provides many bounces within which the butterfly effect could
blur the results. Given a non-elastic landing zone, the only remaining
question is how precise a human could be as a replacement for the mechanical
launcher. Thus it comes down to the amount of practice invested.
IMHO, this is a no brainer. Skilled practitioners can defeat laymen secretly
in almost any sleight of hand operation. In an open sitaution where the
requisite skill does not have to be concealed this is a trivial issue. For
comparison purposes, consider blind knife throwers using moving human
targets.
------------------------------
Date: Thu, 28 Jan 1999 23:36:46 -0500
From: "Trevor Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: Coin Toss Theory
Kazak, Boris wrote:
> handWave wrote:
> >
> > (snip)
> > Please comment upon the Large Signal sources of randomness, and small
> > signal components of randomness in a fair coin toss. Is thermal noise
> > important? Which quantum effect is predominant? Is the spin rate a
> > quantifiable contributor to the auto-correlation of recorded sequences of
> > bits from coin tosses? Who has done this research in the past?
> >
> > handWave
> -------------------
> The largest source of Randomness seems to be the nature of the coin
> and
> its National Identity. American coins are famous for their fairness,
> whence
> Russian coins are not trusted any more, to the extent that Russian
> government
> recently announced the recall of all coins minted before 1962. Mexican
> coins
> are very suspicious, their inner part is made of different kind of metal
> than the outer part.
> Any spin rate seems to be acceptable, provided it does not coincide
> with
> alpha-rhythms in the brain (9-12 Hz), or with Schumann resonances in the
> Earth-ionosphere cavity (11-14 Hz). Additionally, the "C" of second
> octave
> (430 Hz) must not be the multiple of the spin rate, since this will
> cause
> unacceptable resonances with the nearby guitars and may distract the
> Random number producer.
> Also unacceptable from the quantum-mechanical point of view is to
> subject
> the flying coin to the illumination by laser beam. The 6328 A He-Ne
> laser
> can increase the apparent bias in the coin tosses to 10^-77 in the 1000
> samples experiment. However, the green 4563 A laser seems not to exhibit
> this influence.
> Thermal noise seems to have much stronger influence on the tosser's
> ability to throw the coin than on the results of the experiment. In 1976
> such an experiment was made in the sauna, it was discovered that when
> the
> ambient temperature inside the hot chamber reached 115 C (yes!) the
> tosser
> was not able to take the coin in his hands, let alone throw it.
> Research is now under way for comparative assessment of Random Number
> Generators based on coins and based on beans in the botlle. In this
> latter
> system the number of beans, the material of the bottle and the
> directional
> properties of the microphone are being investigated. Recent suggestion
> to
> use the empty beer can as a Container will be investigated in the
> nearest
> future. I shall do my best to keep you posted.
> Respectfully BNK
An excellent research program. Please consider incorporating the self-flipping
coins of bimetallic construction, especially in the hot-coin tests.
------------------------------
From: Brett W <[EMAIL PROTECTED]>
Subject: Question on key lengths
Date: Fri, 29 Jan 1999 14:48:09 +1000
Hi
This may sound stupid, but is there any particular reason we have key
lengths that are a power or multiple of 2. Is it for efficiency, beauty
(there seems to be something elegant with 1024, 2048 etc) or that
something restricts it to being like this?
Brett W
------------------------------
From: [EMAIL PROTECTED] (Paul Rubin)
Subject: Re: 128 bit Everest, 64 bit Coin
Date: Fri, 29 Jan 1999 04:47:38 GMT
In article <[EMAIL PROTECTED]>,
Trevor Jackson, III <[EMAIL PROTECTED]> wrote:
>> There are about 2^64 atoms in a coin.
>> There are about 2^128 atoms in Mount Everest.
>
>So there are 2^64 coins in Mt. Everest? I think that number is too
>large. Way too large.Ever hear of covering a chessboard with kernels of
>grain, doubling on each cell?
Coin = 2 cm diameter, 1 mm thick => volume = appx. 0.3 cm^3.
2^64 coins = about 10^19 cm^3.
Mt Everest height is roughly 10000 m = 10^6 cm; say it is
cone shaped and has the same base radius as height. Its volume is
1/3 * pi * (10^6 cm)^2 * 10^6 cm = appx. 10^18 cm^3.
Not that far off. If the coin is made of some heavy element
(gold?) and Mt Everest is mostly rock (much lower atomic numbers),
Mt Everest has more atoms/cm^3 so that may make up for the slack.
>> All of the gold owned today could fit in my house.
>
>Your house must be enormous. In all of history we've mined about
>100,000 tons (1e11 grams) of gold. Most of it is still around.
Gold is about 20 grams/cm^3 so 1e11 grams = 5e9 cm^3 = 5e3 m^3 = a
house 10 meters tall (2 floors+attic) and 500 m^2 (5000 sq. ft). A
house like that will set you back a bundle here in San Francisco, but
certainly isn't unheard of. If "my house" can be taken to mean "the
apartment building where I live", it could easily be that big.
>> Donations are welcome.
>> handWave
Do the math...
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
