Cryptography-Digest Digest #32, Volume #9 Thu, 4 Feb 99 08:13:03 EST
Contents:
Re: Cipher used by iomega in ZIP products ? (Paul Rubin)
Re: [question/challenge/HELP ME! IEE!] Another unheard of punk who (Vektor)
Re: David _R._ Scott
Re: SSL Question (Stefek Zaba)
Re: Loony question (Brett W)
Fast Software Encryption Workshop 1999 (Lars Ramkilde Knudsen)
Re: lexical analysis problem ([EMAIL PROTECTED])
I hate to bring up PRNGs again... (Brett W)
MAC generation ("Vadim Lebedev")
Re: On a Method of Session Key Generation (revised) (R. Knauer)
Re: Who will win in AES contest ?? (Thomas Pornin)
Re: David _R._ Scott ([EMAIL PROTECTED])
Re: *** Where Does The Randomness Come From ?!? *** (R. Knauer)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Paul Rubin)
Subject: Re: Cipher used by iomega in ZIP products ?
Date: Thu, 4 Feb 1999 05:35:20 GMT
In article <[EMAIL PROTECTED]>,
Geoffrey Milos <[EMAIL PROTECTED]> wrote:
>Can anyone here shed some light on which cipher Iomega uses to encrypt
>data
>when a ZIP drive is password protected ? Iomega claims that the data
>cannot be recovered with out the password (good!). But it troubles me
>that the cipher details are not revealed on Iomega's www site or in
>the documentation.
I thought someone (maybe you) posted about this a couple days ago.
The zip disks are not encrypted. Getting around the passwords
is pretty easy. For example see
http://www.counterpane.com/crypto-gram-9812.html#doghouse
------------------------------
From: Vektor <"vektor_"@hotmail.com(orsoyouthink!)>
Subject: Re: [question/challenge/HELP ME! IEE!] Another unheard of punk who
Date: Thu, 04 Feb 1999 00:49:02 -0500
> Congratulations, sir. You have just reinvented the stream cipher. This is
> not a new idea. Break the PRNG, break the algo. It doesn't matter a twit
> in fither how much XORing, MODing, frobbing, bletching, or spackling you
> throw in. You are not "taking advantage of the PRNG's weakness." Just
> b/c it looks random, doesn't mean it is. Get a real crypto book and read
> it.
>
> Of course, if your PRNG is strong, then your algorithm is strong. RC4 has
> yet to be broken and is still used for SSL. (However there are things you
> must keep in mind. F'rinstance, since the stream is identical every time,
> you can never encrypt using the same key twice. IV's can help prevent
> this.)
>
> Nate
ok...i phrased this badly...i've looked at RC4, and its not the same
thing, or you didnt read my previous posts (which i believe is the case,
since you sited RC4).
ok .. its like this...
key1 -> split up into 3 seeds for prng -> RndTable[255] is created
key1 and key2 -> a 2x256x256 Encrypt matrix is derived from RndTable,
and both keys.
EncryptMatrix -> The decrypt matrix is derived from the encrypt matrix
key2, RndTable, EncryptMatrix -> the IV is derived from RndTable and
Key2, and used to start the stream, and is encrypted like so (basically)
Previousbyte AND 1 -> PPBit
encryptedbyte -> EncryptMatrx[ppbit,previousbyte,enencryptedbyte]
If your going to tell me 'its been done', please tell me what scheme
does it. 'just because it looks random, doesnt mean it is', is an almost
meaningless statement...i KNOW its not random...thats the whole point of
it. I see your point about RC4, but there aren't many similarities,
aside from it uses a know PRN sequence as a base for encrypting. In my
estimates (lacking some sort of miracle algo that could duplicate the
RndTable, AND the encrypt matrix), it would take at LEAST several years,
given a fast machine completely dedicated to trying keys, to even have a
hope of cracking the encoded text. I think your looking at it from the
point of view that this PRNG is used for keys (such as might be the case
in an RSA style message transmission), or that this PRNG is the ONLY
part of this scheme.
knowing the PRN sequence, just attempting to re-create the decrypt
matrix would be a miraculous feat in and of itself. without the
rndtable, the ciphered text is meaningless. without the keys or the
encrypt matrix, still meaningless.
In my understanding of cracking PRNS, you either have to come up with an
algo to recreate it, or re-create the circumstances in which it was
generated. ... you still only have 1 element of many, thus making the
PRN sequence you just generated almost completely useless.
I've sited what i see as the strong points. If you can give me some sort
of indication, or possibility that there is a solve-all algo, or
several algos, to break this scheme, PLEASE tell me. vague half-truths,
and non-sensical phrases aren't the least bit helpfull to me.
-Alex
(btw, if your going to reply to a post, its usually courteous to read
the ENTIRE strand, rather than reading the last message and throwing in
your 2 cents. my method is NOT RC4.)
------------------------------
From: [EMAIL PROTECTED] ()
Subject: Re: David _R._ Scott
Date: 4 Feb 99 08:16:56 GMT
[EMAIL PROTECTED] wrote:
: Why did you post this john and I use that term losely.
It was intended as a vicious personal attack.
What else can it be called, an attempt to note to the people on this group
that not everyone named David Scott ... is what you keep choosing to
demonstrate yourself to be through your postings?
John Savard
------------------------------
From: [EMAIL PROTECTED] (Stefek Zaba)
Subject: Re: SSL Question
Date: Thu, 4 Feb 1999 10:53:34 GMT
In sci.crypt, John ([EMAIL PROTECTED]) wrote:
> I am using SSLeay 0.9 to generate an API connecting by SSL to any htttpd
> server. The question I was asking is what the minimum or the maximum
> of the key used for encryption ? (128 bits?) Can I change it when I
> compile the SSLeay pkg ?
It's all in the ciphersuite negotiation. Follow the call sequence, and
you'll find the bit where the client offers a list of ciphersuites and
the server replies with a chosen ciphersuite (or, for SSLv2, server replies
with another ordered list of ciphersuite and client performs a "find most
preferred common ciphersuite" match). Since you have the source code, you
can coerce the client to only ever offer one single choice of ciphersuite,
with a fixed choice of symmetric algorithm and keylength; I seem to
remember there's also an environment variable you can set, something like
"SSLEAY_PREFERRED_CIPHERS", into which you can stuff an ordered list of
client ciphershuite preferences.
> BTW, has any one developed such a simple client (using C) ?
I found the "simple server" and "simple client" pair included in the
SSLeay distribution very helpful for local experimentation. When you
think you've got the crypto side working, install a local copy of Apache
and learn how to speak HTTP to it over Telnet (see the HTTP RFCs) -
the shortest valid HTTP/1.0 client request is one line such as
"GET / HTTP/1.0" followed by a blank line (alright, CRLF pair :-).
Next get Stronghold in evaulation form, and test your HTTP wannabe
client against it. This way you can do all of your testing on one machine,
using that most widely routed of IP addresses, 127.0.0.1, without hitting
on production Webservers out in the world at large or in your company's
LAN/WAN.
Cheers, Stefek
------------------------------
From: Brett W <[EMAIL PROTECTED]>
Subject: Re: Loony question
Date: Thu, 04 Feb 1999 20:57:03 +1000
fungus wrote:
>
> Phillip George Geiger wrote:
> >
> > Would a particularly awful track off a CD with a lot of
> > screeching guitars and howling monkeys be a decent source
> > of random numbers?
> >
>
> (this should be in the FAQ)
>
> Yes...but:
>
> a) music CDs aren't 100% accurate, you get corrupted bits.
>
> b) if somebody breaks into your house and looks at your music
> collection you might be in trouble.
Now you've got people paranoid. I'm putting my CDs into a big safe and
encrypting all my MP3s... I mean, the Mp3s I don't have.
Brett W
>
> --
> <\___/>
> / O O \
> \_____/ FTB.
------------------------------
From: Lars Ramkilde Knudsen <[EMAIL PROTECTED]>
Subject: Fast Software Encryption Workshop 1999
Date: Thu, 04 Feb 1999 12:04:26 +0100
List of accepted papers for FSE'99 (random order)
=================================================
Borst, Preneel, Vandewalle: Linear Cryptanalysis of RC5 and RC
Contini, Rivest, Robshaw, Yin: Improved Analysis of Some Simplified Variants of RC6
Lim: A Revised Version of CRYPTON: CRYPTON Version 1.0
Lucks: On the Security of the 128-Bit Block Cipher DEAL
Matsui, Tokita: Cryptanalysis of Block Cipher E2
Handschuh, Preneel: On the Security of double and 2-key triple modes of operation
Vaudenay: On the Security of CS-Cipher
Biryukov, Wagner: Slide Attacks
Biham, Biryukov, Shamir: Miss in the Middle Attacks on IDEA, Khufu and Khafre
Kelsey, Schneier, Wagner: Mod n Cryptanalysis, with Applications Against RC5P and M6
Moriari,Shimoyama,Kaneko: Interpolation Attacks of the Block Cipher: SNAKE
Jakobsson, Stern, Yung: Scramble all, encrypt small
Lucks: Accelerated Remotely Keyed Encryption
Bellare, Di Crescenzo, Rogaway: On the Construction of Variable-Input-Length Ciphers
Wagner: The boomerang attack
Patel,Ramzan,Sundaram: Towards Making Luby-Rackoff Ciphers Optimal and Practical
D'Haaluin, Bijnens, Rijmen, Preneel: Attack on six rounds of CRYPTON
Knudsen, Rijmen: On The Decorrelated Fast Cipher and Its Theory
Aiello, Rajagopalan, Venkie: High Speed Random Number Generation with Small Memory
Bleichenbacher, Patel:SOBER cryptanalysis
Canteaut, Charpin, Dobbertin: A new characterization of almost bent functions
Paterson: Imprimitive Permutation Groups and Trapdoors in Iterated Block Ciphers
To register please consult
http://www.ii.uib.no/~larsr/fse99.html
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: lexical analysis problem
Date: Fri, 29 Jan 1999 09:38:36 GMT
Cheers all.
Have done this now. As a matter of interest there were 861 valid words (in a
1Meg textfile word listing).
Rob
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: Brett W <[EMAIL PROTECTED]>
Subject: I hate to bring up PRNGs again...
Date: Thu, 04 Feb 1999 21:17:47 +1000
Hi
Just a quick newbie question:
Although you may have a whole tonne of things that are psuedo-random and
not that high on entropy, could you combine several of these independant
devices together to make stronger PRNGs?
Probably not is my guess, but I'd like an experienced response.
Brett W
------------------------------
From: "Vadim Lebedev" <[EMAIL PROTECTED]>
Subject: MAC generation
Date: Thu, 4 Feb 1999 12:43:10 +0100
Hello i need an opinion on validity and possible weakness of following
approach to generate MAC for messages 20 to 200 bytes longs.
Assuming that S is the contents of the message the MAC will be
MD5(S+SecretPassPhrase)
Many thanks
============================================================================
=====
Vadim Lebedev
Chief Software Engineer
Aplio S.A.
http://www.aplio.com
============================================================================
======
------------------------------
From: [EMAIL PROTECTED] (R. Knauer)
Subject: Re: On a Method of Session Key Generation (revised)
Date: Thu, 04 Feb 1999 12:19:24 GMT
Reply-To: [EMAIL PROTECTED]
On Thu, 04 Feb 1999 01:33:28 GMT, [EMAIL PROTECTED]
(John Savard) wrote:
>I'm proposing that one uses message text as a source of randomness, as
>you suggest, to manipulate identical such files at both ends. But
>since you've said you're only storing hashes of the messages, this is
>essentially no different from what you're proposing.
This method of key generation was proposed by me over a year ago, and
ubdoubtedly hundreds of time before that. At that time the experts on
sci.crypt claimed that text ciphers cannot be made secure because even
if you used the least significant bits (LSBs) of text characters,
there is no adequate method to remove correlations.
The matter was re-opened recently (by Mr. Shen) and this time around
several people have recommended hash and compression techniques to
remove correlation. Some have suggested a CRC hash, and one person has
suggested the LZ77 compression algorithm.
When pressed for their rationale for selecting these various methods,
people seem to shy away from providing the reasons, other than the
vague entropic concept of "distilling randomness", which I find
inadequate.
I suppose the lack of solid reasons is either due to one of two
things, which I cannot decide at this time:
1) There are no solid reasons for recommending various methods for
removing correlations - there is only expert opinion based on
intuition. The problem with that is that the crypto highway is
littered with the corpses of "experts" who used their intuition to
design ciphers. If some method is not proveably secure, in formal
terms (like the OTP) or in terms of work effort, then its use is just
like a crap shoot.
2) There cannot be any reasons, since correlation cannot be removed
algorithmically. Once the cryptanalyist discovers your method you are
no better off than before you used it.
Perhaps you can offer some comments to resolve these issues. Why do
you believe that a hash is adequate to remove the correlations
inherent in text, even taking the LSB as your source of
pseudo-randomness? Keep in mind the famous dictum that one cannot
generate crypto-grade random numbers algorithmically.
Bob Knauer
"Sometimes it is said that man cannot be trusted with the government
of himself. Can he, then, be trusted with the government of others?"
--Thomas Jefferson
------------------------------
From: [EMAIL PROTECTED] (Thomas Pornin)
Subject: Re: Who will win in AES contest ??
Date: 30 Jan 1999 15:16:54 GMT
According to <[EMAIL PROTECTED]>:
> If I write a DJGPP C ASM combination code for one of the
> AES candidates can I make my source available
You may not:
-- write some code into US/Canada and then export it out of US/Canada
-- write some code and make it freely available if the algorithm is
protected by some license or patent. Some AES candidates have been
put by their respective authors into public domain. Others have not.
When the real AES will be chosen, it will be usable for open source and
all those things. I do not know what will be the US import/export rules
though (neither do I know this for my own country, as things are moving
real fast in this field these days).
It is still possible that NSA agents come at your home at night and shoot
you, but this would not be legal.
--Thomas Pornin
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: David _R._ Scott
Date: Thu, 04 Feb 1999 12:38:59 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] () wrote:
> [EMAIL PROTECTED] wrote:
> : Why did you post this john and I use that term losely.
>
> It was intended as a vicious personal attack.
>
> What else can it be called, an attempt to note to the people on this group
> that not everyone named David Scott ... is what you keep choosing to
> demonstrate yourself to be through your postings?
>
> John Savard
>
you greatly edited my response I assumed better of you. But still
I never met a David Scott who was not MENSA materail. Maybe its just
the way it is.
David Scott
http://cryptography.org/cgi-bin/crypto.cgi/Misc/scott19u.zip
http://members.xoom.com/ecil/index.htm
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: [EMAIL PROTECTED] (R. Knauer)
Crossposted-To: sci.philosophy.meta,sci.physics,sci.physics.relativity,sci.skeptic
Subject: Re: *** Where Does The Randomness Come From ?!? ***
Date: Thu, 04 Feb 1999 12:03:41 GMT
Reply-To: [EMAIL PROTECTED]
On Wed, 3 Feb 1999 20:51:21 -0800, "PAC" <[EMAIL PROTECTED]> wrote:
> I can�t get really make great comments without reading the book, which I
>figure is beyond my technical abilities,
I recommend that you reserve judgement on that until after you have
looked at some of the papers by Greg Chaitin. He is an engaging writer
who makes his work accessible to the informed layman.
Just look for the articles that use the term "random" in the title.
His latest book "The Unknowable" is also recommended as well as his
previous book "The Limits Of Mathematics".
http://www.umcs.maine.edu/~chaitin/
http://www.cs.auckland.ac.nz/CDMTCS/chaitin/
BTW, to avoid confusion let me point out something. He uses a notation
for the size of a number which may not be obvious to everyone. An
algorithm p, a computer program, has size |p|, where the absolute
value symbol, | |, means "magnitude". He uses this notation without
comment in his Halting Probability, Omega.
> but dealing with the real world and
>not just algorithms, I still think that randomness/determinism has a causal
>factor beyond a viewer perspective, for both QM and relativity.
In algorithmic complexity theory, that causal factor, namely the
"reason" for a non-random string being simple, is that it can be
computed by an algorithm that is substantially smaller compared to the
size of the number itself. IOW, it is "algorithmic reduction" that
provides the reason for the simplicity of the number.
That appears circular at first - "the reason numbers are simple is
because they are simple" - but it isn't. The algorithm that is
responsible for the reduction is not the same as the number. It is a
separate number from the one being simplified. So the apparent
tautology goes away. The correct statement is:
"The reason a number is simple is that there is a simplifying
algorithm that can reporduce it." That simple algorithm is the "cause"
of the number being simple. The fascinating thing is that this cause
is contained almost completely contained in the number itself.
> But Kolmogorov-Chaitin algorithms might fit perfectly with an
>order/disorder interpretation of the universe where the additive constant
>would be more easily seen as viewing the difference between order form
>disorder.
Not true. The additive constant is of order unity. The distinction
between order and disorder is much larger than that.
Typically numbers of size N can be reduced by an algorithm of size
log2(N) + c, where c is that constant of order unity. That quantity is
smaller by orders of magnitude than N itself - IOW it is exponentially
smaller. The fact that there are very few numbers that can be
algorithmically reduced points to the fact that order is a rare
occurance in reality.
> �From chaos comes order, Nietzsche said,
The reason that order comes from chaos is because there is an Ordering
Principle at work, namely the algorithm which reduces the complexity
of number.
The concept of algorithmic complexity reduction is quite simple on the
surface, and is consistent with Occam's Razor. The reason it is
important is because it results in many new discoveries about the
properties of numbers that are not available anywhere else. It is
intimately tied up with Godel's Incompleteness problem, Turing's
halting problem and Chaitin's undecideablility problem.
Chaitin claims that it goes to the very heart of mathematics and
results in fundamental undecideability in number theory. That is,
there are problems in mathematics which are not decidable - they have
no reason for why they happen in terms of their solutions. That is
completely at odds with millennia of formal mathematical theory, which
has always held that problems in mathematics can always be solved if
one puts enough effort into finding the solution.
Chaitin exposes problms in mathematics that are formally impossible to
solve - their solutions must be found experimentally, computationally.
And the results of those experiments are completely random. That is,
there is no cause or reason for why the solution took the form they
did.
One example which Chaitin gives is his exponential diophantine
equation, a polynomial equation in 17,000 variables and one parameter
that takes 200 pages to write down. For each value of the parameter,
there are either a finite number of solutions to the equation or an
infinite number of solutions. For each parameter value, whether the
number of solutions is finite or infinite is completely random. That
is, there is no reason for why the solutions are finite in number or
infinite in number - they just are.
Those solutions are tied up with the Turing halting problem, in that
they are related to whether a corresponding Turing machine will halt
or not. If you knew how to predict whether the equation has a finite
or infinite number of solutions for a given parameter value, you could
then predict whether the corresponding Turing machine would halt or
not. And you could also know the bits of Chaitin's Halting
Probability, Omega. But none of those are formally decideable, so
there is undecideability in pure mathematics, just like there is
undecideability in the real world.
>guess the movie (>;
Dunno.
> But TO what point randomness would become more causal/determined due to
>an additive constant, I�m not sure if its ever going to be a operable like
>that.
There is no sharp cutoff - there are numbers for which only a small
amount of complexity reduction is possible. Chaitin gives an estimate
that a number quits being random when an algorithm can be found which
is smaller than the size of the number. That's because for random
numbers the minimum algorithm is always going to be larger than N,
since the algorithm has to incorporate the number itself plus some
computing overhead just to reproduce it, namely N + c.
> In other words, if I�m interpreting Kolmogorov-Chaitin, then an event
>could appear less or more causal due to varying circumstances,
An event, represented by a number, is causal only because there is a
simplifying algorithm that can reproduce it. There are no
"circumstances" other than that. Algorithmic complexity theory is
independent (to within an additive constant of order unity) of the
environment which produces those "circumstances".
>which I�m
>pretty sure isn�t the standard determination � here proposing something
>more radical than our casual/randomness discussion, that causal and
>randomness are in flux according to a viewer (or other reference point)
>position. I accept, as talked about early, the varying frames would give a
>casual identity instead of a determined or random one, but that would be a
>constant and not open to change.
I missed the early parts of this discussion, but from what I see you
saying above, I can comment thusly. It sounds as if you believe in the
world view called Phenomenology, made popular by German philosophers
and also by the French philosopher Jean Paul Sartre. That world view
is at odds with another world view called Realism.
To be a Western scientist one must embrace Realism. No other world
view is compatible with Western science, since all other world views,
Idealism, Mysticism, Phenomenalism, etc., lead one ultimately to
denying the existence of external reality - and that is in complete
contradiction with the axioms of science. The one redeeming feature of
Western science is its predictive value. Without that, there would be
no reason to believe it any more than any other attempt at explaining
reality.
Realism dictates that the world consists of external objects, and they
all have a cause. Some of them are simpler than others, and that
simplicity is real, not just imagined. The word "constantinople" is
simple not because you can understand it, but because there exists an
algorithm that can reproduce it - and that algorithm is simpler than
the string itself.
That algorithm, in this case, produces the coordinates on a map of the
world where the city of Constantinople exists in external reality. If
you did not know any geography, you would still be able to understand
that string based on the location of that city on Earth. On the other
hand, the string "szafwgajeji" has no meaning to anyone because there
is no object in external reality to which it refers. It cannot be
algorithmically reduced by a coded reference to some object in
reality.
> Now you can really bug these guys by saying that it causality fluxes
>over time, which actually it probably does in Hawking�s T0 type theories.
Hawking is a genius who likes to speculate out loud. Keep in mind that
his musings are just speculations and not proven theories.
> We had an identity thread a while ago that dealt with this, the main
>gist of my moire philosophical viewpoint being since we are separate
>entities and unable to merge with an object examined, unable then to find
>absolute truth, that object examined will always be a representation:
That is pure Sartre - "existential phenomenology". You are describing
"being for itself". But Sartre is not a Realist - he denies the
existence of order in the external world. The only thing that exists
in the external world is "being in itself" - raw chaotic random
primordial goo.
He maintained in his book "Being and Nothingness" that order arises
from consciousness, which in turn arises from not being a part of that
goo. Your being conscious and not being a part of "being in itself"
results in interpreting what is presented to your consciousness,
namely the phenomenon of "being in itself", as ordered, namely "being
for itself". The Western scientist rejects the world view of Sartre,
because it results in the denial of existence other than the purely
random "being in itself".
> �I should rephrase this better using �consciousness� instead of
>�knowledge�, which, in my opinion, is a more inclusive term:
> There�s no doubt that we can only experience what consciousness presents
>to us, but consciousness is always conscious of something, that something
>being necessary to give actuality to this awareness. Since the object is
>always present when dealing with consciousness, then there must be an
>object, physical or conceptual, within even the most minor thought process
>that is beyond our ability to know � even though it is conditioned by
>consciousness itself. IF there is no dichotomy then there is no awareness
>for conscious beings, but merely pure in-itself nature.�
That is pure Sartre, pure Existential Phenomenology. And it is wrong
if you believe in Western science. If you do not believe in Western
science, then you have a lot of explaining to do about its incredible
predictive capabilities. May I suggest you try explaining away that
predictive power while sitting on the top of an atomic bomb that is
about to go off.
If you defuse the bomb before it goes off, that shows that you believe
in science, because that atomic bomb came from the predictive
capabilities of science. I have never seen anything predictive come
from any other world view except Realism.
> Math being a closed system,
I do not understand what you mean. If you mean that math is a complete
system, then that is not correct. Mathematics suffers from its own
indeterminancy (Chaitin's Theorem) just as formal axiomatic systems
do (Godel's Theorem) and computers programs do (Turing's Theorem).
>and in my opinion mirroring the universe in
>// by the fact that the universe is also a closed system, being closed still
>can�t resolve the problems even in the simplest affairs, not then having to
>go into QM.
> But this is just my viewpoint, who knows if some type of strict
>interpretation of Greek Logos is perfectly active to make the world exactly
>as mathematics express it.
Logos is a mathematician grinding out algorithms which simplify
numbers that represent reality.
Bob Knauer
"Sometimes it is said that man cannot be trusted with the government
of himself. Can he, then, be trusted with the government of others?"
--Thomas Jefferson
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
