Cryptography-Digest Digest #62, Volume #9 Wed, 10 Feb 99 00:13:03 EST
Contents:
An observation on sci.crypt (Emrul Islam)
Re: *** Where Does The Randomness Come From ?!? *** ([EMAIL PROTECTED])
Re: Everybody Seems to Have a Web Site These Days! (Ian Geldard)
Re: Crypto-library (Mr. Tines)
Re: hardRandNumbGen (R. Knauer)
Re: Intel's description of the Pentium III serial number (Nogami)
Question on key lengths (Brett W)
Clarification on PGP. pls (Andrew)
Re: 128 bit Everest, 64 bit Coin (Paul Rubin)
Re: Schneier key stretching? (Christopher)
Re: What is left to invent? (Patrick Juola)
Re: Transforming RC4 into a one-way hash function (Bauerda)
Re: Java random (Paul Rubin)
Re: Spread Spectrum ([EMAIL PROTECTED])
SRP: several questions/ideas ([EMAIL PROTECTED])
Re: Intel's description of the Pentium III serial number ("Trevor Jackson, III")
Re: hardRandNumbGen ("Trevor Jackson, III")
Re: Everybody Seems to Have a Web Site These Days!
Re: What is left to invent? ("Trevor Jackson, III")
----------------------------------------------------------------------------
From: Emrul Islam <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: An observation on sci.crypt
Date: Tue, 09 Feb 1999 22:10:21 +0000
<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
<html>
Hello there,
<br> Over the last few weeks I have noticed a real big
increase in the number of articles being posted in this group, and also
the cryptographic intellegence levels on average have gone up.
<br> There is now constructive criticism, professional
cryptographers and _lots_ of interesting ideas floating around.
<br> Nice work everybody - now maybe the media will begin
to realise that the public will no longer bow down to pointless 1 million
bit keys.
<p>-DK</html>
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: sci.skeptic,sci.philosophy.meta
Subject: Re: *** Where Does The Randomness Come From ?!? ***
Date: Tue, 09 Feb 1999 21:10:59 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> [EMAIL PROTECTED] wrote:
>
> > If you are handed a message without having *any* idea of the underlying
> > language or cryptograhic system, the number of possible kinds of hidden
order
> > are as near to infinite as makes no odds.
>
> They're not near infinite, they're infinite, even if you put limits on the
variety
> and number of symbols, since the message could be a code for absolutely
anything.
Even if it's of a finite length ?
> Simple proof: say the code represents an integer.
> There's no integer it
couldn't
> be a code for, and there are countably infinitely many integers, so there are
at
> least countably infinitely many possible meanings for the code.
Surely a 10-character code could ony represent a finite range of integers ?
> Reals are a
> trickier case, but it's possible that the same applies for them, in which case
the
> number of possible meanings is uncountably infinite.
>
Encoding an arbitrary real is impossible surely...
We canonly deal with a subset like 'pi' an 'e'...
I suppose they are symbols for the output of a non-stopping algorithm.
Regards,
Peter D Jones
Brighton, UK
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: [EMAIL PROTECTED] (Ian Geldard)
Subject: Re: Everybody Seems to Have a Web Site These Days!
Date: Tue, 09 Feb 1999 18:38:25 GMT
In article <[EMAIL PROTECTED]>, on Tue, 09 Feb 1999
17:13:30 GMT, [EMAIL PROTECTED] (John Savard)
wrote:
>Remember that, a while back, I noted that GCHQ had a web site of
>sorts?
Sorry, I missed it. Can you give the URL again?
--
Ian Geldard
The Libertarian Alliance
25 Chapter Chambers, Esterbrooke Street
London SW1P 4NN, England
URL http://www.digiweb.com/igeldard/LA/
Tel: +44 (0)171 821 5502
Fax: +44 (0)171 834 2031
LA PGP Key ID: 0xA608E363
Fingerprint:
1E0B 215C 4FD7 4A11 B842 323F DCCC B1C4 A608 E363
------------------------------
From: Mr. Tines <[EMAIL PROTECTED]>
Subject: Re: Crypto-library
Date: 09 Feb 1999 21:08 +0000
###
On 08 Feb 1999 19:33:50 +0100, in
<[EMAIL PROTECTED]>
[EMAIL PROTECTED] wrote.....
> I am looking for a public key crypto library that can
> be commercially used, i.e. non-GPL or commercial libraries
The elliptic curve code in Pegwit is public domain
C source can be forund via
http://ds.dial.pipex.com/george.barwood/v8/pegwit.htm
and a java port in http://www.windsong.demon.co.uk/pjava1_2.zip
-- PGPfingerprint: BC01 5527 B493 7C9B 3C54 D1B7 248C 08BC --
_______ {pegwit v8 public key =581cbf05be9899262ab4bb6a08470}
/_ __(_)__ ___ ___ {69c10bcfbca894a5bf8d208d001b829d4d0}
/ / / / _ \/ -_|_-< www.geocities.com/SiliconValley/1394
/_/ /_/_//_/\[EMAIL PROTECTED] PGP key on page
### end pegwit v8 signed text
1037163ff2b95f4220dcaf2b8d5a559da6d3d6d682257da5468e96b9566c
2f08fe901e61f7142cb0ccd32a155074ff574d864fd7f661154fb4efdee4
------------------------------
From: [EMAIL PROTECTED] (R. Knauer)
Subject: Re: hardRandNumbGen
Date: Tue, 09 Feb 1999 18:41:17 GMT
Reply-To: [EMAIL PROTECTED]
On Tue, 09 Feb 1999 16:27:44 +0100, Mok-Kong Shen
<[EMAIL PROTECTED]> wrote:
>> A TRNG has a specific definition - it must be capable of generating
>> all possible finite sequences equiprobably. The best example of a TRNG
>> is a fair coin toss.
>I believe lots of people would be very happy if you could tell them
>how to obtain a fair coin! Isn't evident now that one can never get
>an ideal OTP?
I meant that coin toss system as an analogy.
I do not believe that chaotic classical systems can be proven to be
totally random. The reason is that they are computable. Only certain
Quantum Mechanical systems are proven to be totally random. Certain
Quantum Mechanical processes are uncomputable.
For example, the spontaneous emission that occurs in certain kinds of
radioactive decay is totally random in time - i.e., the time of any
particular decay is uncomputable. If anyone can demonstrate that it is
computable, they need to plan on the tux rental for their trip to
Stockholm.
Bob Knauer
"The world is filled with violence. Because criminals carry guns,
we decent law-abiding citizens should also have guns. Otherwise
they will win and the decent people will loose."
--James Earl Jones
------------------------------
From: [EMAIL PROTECTED] (Nogami)
Crossposted-To: comp.sys.intel
Subject: Re: Intel's description of the Pentium III serial number
Date: Tue, 09 Feb 1999 23:12:07 GMT
On Mon, 8 Feb 1999 20:17:44 +0000, Anthony Naggs
<[EMAIL PROTECTED]> wrote:
>>> What I AM concerned about is websites (and software authors) that just
>>> block all access unless you enable it, thus forcing your hand.
>
>This doesn't make much sense, why should a web site care if I'm using my
>home PC, a PC at work, in a cybercafe or in college where I'm doing an
>evening course?
Ever tried getting on Microsoft's online support pages with cookies
disabled? It totally locks you out. No cookies = no entry.
That's why I'm afraid of this Intel serial number idea...
N.
------------------------------
From: Brett W <[EMAIL PROTECTED]>
Subject: Question on key lengths
Date: Fri, 29 Jan 1999 14:48:09 +1000
Hi
This may sound stupid, but is there any particular reason we have key
lengths that are a power or multiple of 2. Is it for efficiency, beauty
(there seems to be something elegant with 1024, 2048 etc) or that
something restricts it to being like this?
Brett W
------------------------------
From: Andrew <[EMAIL PROTECTED]>
Subject: Clarification on PGP. pls
Date: Tue, 9 Feb 1999 23:42:43 +0000
Hello,
I'm new to this, so forgive me if this is a 5 times-a-day topic here.
Where is the strength in PGP?
I understand that it being public key helps because the password never
has to be transmitted, and I also understand that it works by using
large, prime (unfactorable) numbers.
However, when the key is generated the program asks for a password; what
does it do with that password? How do the key and the password tie
together?
It might be easier for you, instead of trying to understand my
questions, to run through how the system works from start to end, just
give the technical version and not the tabloid equivalent ;) .
Many thanks,
For all I know this is also something you hear 5 times/day, but in Bill
Gates' autobiography he says that "The biggest advance in cryptography
would be the discovery of a way to factor large prime numbers".
--
Andrew Arbon
[EMAIL PROTECTED]
http://www.gatekeeper.demon.co.uk/
------------------------------
From: [EMAIL PROTECTED] (Paul Rubin)
Subject: Re: 128 bit Everest, 64 bit Coin
Date: Fri, 29 Jan 1999 04:47:38 GMT
In article <[EMAIL PROTECTED]>,
Trevor Jackson, III <[EMAIL PROTECTED]> wrote:
>> There are about 2^64 atoms in a coin.
>> There are about 2^128 atoms in Mount Everest.
>
>So there are 2^64 coins in Mt. Everest? I think that number is too
>large. Way too large.Ever hear of covering a chessboard with kernels of
>grain, doubling on each cell?
Coin = 2 cm diameter, 1 mm thick => volume = appx. 0.3 cm^3.
2^64 coins = about 10^19 cm^3.
Mt Everest height is roughly 10000 m = 10^6 cm; say it is
cone shaped and has the same base radius as height. Its volume is
1/3 * pi * (10^6 cm)^2 * 10^6 cm = appx. 10^18 cm^3.
Not that far off. If the coin is made of some heavy element
(gold?) and Mt Everest is mostly rock (much lower atomic numbers),
Mt Everest has more atoms/cm^3 so that may make up for the slack.
>> All of the gold owned today could fit in my house.
>
>Your house must be enormous. In all of history we've mined about
>100,000 tons (1e11 grams) of gold. Most of it is still around.
Gold is about 20 grams/cm^3 so 1e11 grams = 5e9 cm^3 = 5e3 m^3 = a
house 10 meters tall (2 floors+attic) and 500 m^2 (5000 sq. ft). A
house like that will set you back a bundle here in San Francisco, but
certainly isn't unheard of. If "my house" can be taken to mean "the
apartment building where I live", it could easily be that big.
>> Donations are welcome.
>> handWave
Do the math...
------------------------------
From: [EMAIL PROTECTED] (Christopher)
Subject: Re: Schneier key stretching?
Date: Wed, 10 Feb 1999 01:05:02 GMT
I found it using AltaVista, anyway the PDF is at
http://www.counterpane.com/low-entropy.pdf
I'd try to explain but haven't had the chance to read it yet.
In article <79qcdc$1fu$[EMAIL PROTECTED]>, The DoggFather
<[EMAIL PROTECTED]> wrote:
>What is Schneier's "key stretching" method? I don't think it's in his book,
>nor his web site. Search engines couldn't find it. Links to relevent
>websites would be helpful, unless someone has the kind heart to oust my
>ignorance of this subject with a layman-level explanation. Thanks.
>
>
> ___/Mike ...two legs good, four legs bad?...
> __/. | Why conform?
> \-__ \___ ...and by the way, where are we going?
> \ And why am I in this handbasket?
>
>-----------== Posted via Deja News, The Discussion Network ==----------
>http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: [EMAIL PROTECTED] (Patrick Juola)
Subject: Re: What is left to invent?
Date: 8 Feb 1999 16:03:10 -0500
In article <[EMAIL PROTECTED]>,
R. Knauer <[EMAIL PROTECTED]> wrote:
>On Mon, 08 Feb 1999 19:28:05 GMT, [EMAIL PROTECTED] (Terry Ritter) wrote:
>
>>>OTP remains provably secure.
>
>>I would say that the only "provably secure" OTP is one for which we
>>have a provably random source.
>
>>But there *is* *no* PROVABLY random source.
>
>>So there *is* *no* PROVABLY secure OTP.
>
>>The PROVABLY secure OTP is a goal, a dream, a theory -- which can only
>>PROVABLY protect theoretical data.
>
>What if I generated a pad by flipping a perfectly symmetric coin - one
>machined to high precision with the same amount of scant markings on
>each face to indicate 1 or 0? Wouldn't the sequence I generated with
>that coin be proveably random?
I assume you bought this coin at the counter next to the one where
I purchase my frictionless surfaces, infinitely rigid rods, and
resistanceless wires?
The "perfectly symmetric coin" is every bit as much an abstraction as
the frictionless surface; you even admit as much when you talk about
it being "machined to high precision." To what precision? One
part in a thousand? One part in a million? This precision is
exactly the same as what Dr. Rubin and I have been talking about
in terms of acceptable bias and probabilistic testing; the degree
of error/bias you are willing to neglect.
-kitten
------------------------------
From: [EMAIL PROTECTED] (Bauerda)
Subject: Re: Transforming RC4 into a one-way hash function
Date: 10 Feb 1999 02:07:38 GMT
>>>If I encrypt a string with RC4 and a random key (both length and content),
>>>then XOR the output bytes together so I get a string of, let's say, 16
>bytes
>>>out of the ciphertext, and then stores this value; will it be secure?
>>
>>No. Because RC4 is a stream cipher, this would be no more secure than
>XORing
>>the bytes into a 16 byte string and then XORing it with a 16 byte random
>>string. If you want to use RC4 as a hash, use the input as the key and use
>the
>>output bytes as the hash value.
>That wasn't a too bad idea, but IMHO I would really like to hear your
>explanation to why it would be less secure to take the output from a stream
>cipher than a block cipher?
The problem is not that the output from the stream cipher is less secure for
encrypting, but when the output bytes are just XORed down to a short string
for the sake of a hash the bytes XORed in by the stream cipher could instead be
represented as a single XOR at the end. With a block cipher, a complex
transformation is done to the input before the compression which can not be
represented by a simple add on step at the end.
David Bauer
------------------------------
From: [EMAIL PROTECTED] (Paul Rubin)
Subject: Re: Java random
Date: Wed, 10 Feb 1999 03:19:06 GMT
In article <79n9tg$l4s$[EMAIL PROTECTED]>, Else <[EMAIL PROTECTED]> wrote:
>>Well, ok, this surprises me, but without knowing more about your
>>situation I can't make concrete suggestions about SSL vendors.
>
>If you look at the domain I am posting from, you won't be that surprized.
I noticed where you were posting from but I don't think it should be a
big problem with most vendors. There are rules against exporting from
the US to certain countries like Iraq or North Korea, but I think
exporting crypto from here to Russia isn't especially harder than to
any other country these days. You have to do a bunch of paperwork but
it's fairly routine now. (I assume your project is being done by a
bank, which makes getting the approvals easier). From other countries
there's even less problems--you might talk to www.c2.net's European
office, for example. If you want to enable 128-bit cryptography with
the built-in SSL in the export versions of Netscape and Microsoft web
browsers, you can do that with a special server certificate which as a
financial institution you should be eligible to get (see
www.verisign.com).
Having been in something like your (technical, not political)
situation once before I think you'll save yourself a lot of headache
by using the in-place SSL solution instead of building your own that
runs underneath it.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Spread Spectrum
Date: Fri, 29 Jan 1999 04:54:11 GMT
On Fri, 29 Jan 1999 03:00:39 GMT, [EMAIL PROTECTED] wrote:
Uh, let me rephrase the question as I was a tad vague.
Is there any way to put numbers on the following:
If it is possible to convert a DS SS audio signal back to its original
form where a chipping rate of 64 is used, then what kind of machine
might this take and in what time period, and with what software?
Real time using a Commodore 64 and Fast Fourier Analysis?
A thousand centuries using a Cray YMP-C?
CDMA is not an issue here- I was mistaken in believing someone who
said cellular CDMA is FH when it is DS. And, this is not about
cellular at all, it is about intercepting SS surveillance
transmitters.
Again, thanks for any response.
------------------------------
From: [EMAIL PROTECTED]
Subject: SRP: several questions/ideas
Date: Wed, 10 Feb 1999 16:42:12 GMT
hello, I'm considering using SRP (http://srp.stanford.edu/srp) for
authentication (and key exchange?) in a program I'm designing. Any
comments on the following questions?...
Question: can the server's public value g^b be fixed without impacting
on security? The SRP specification calls B (the server's public
value, v+g^b) a "public ephemeral value". But Diffie-Hellman can be
used with non-ephemeral values (eg in SKIP, or putting your public
value in an X.509 certificate, as SSL supports). There are two parts
to this question, really:
a) is there any reason for revealing v+g^b, but not g^b?
b) would it be okay if g^b was fixed (probably obtained from a
certificate) instead of randomly generated each session?
okay, a fixed public value would screw up what they call "forward
secrecy" if you were relying on SRP for establishing the session key,
right? If an attacker obtained the server's fixed secret value, they
could decode _every_ connection (actually, they might need the
verifier stored in the server database too). So key exchange would
have to use an independent machanism (if it was required at all).
Question: what is the purpose of u, called the "random scrambling
parameter" in the specs? What vulnerability does it prevent and/or
how does it make the protocol more secure? Would being able to choose
a value for u (instead of using a random one) weaken the security?
would it introduce a vulnerability if the user generated this value
instead of the server? If randomness is important, the user could
"prove" that the number is not a "constructed" one, by sending a value
w to the server and using u = hash(w), instead of simply sending u.
Question: what is the purpose of the salt? It's quite annoying <grin>
how the user has to download it from the server each time the SRP
handshake is used. Does it need a high degree on entropy? If the
only requirement is that most users have a different salt, then would
it be acceptable to use the username itself as the salt?
Wondering what all these questions are in aid of? Well, if g^b is
known before hand, the salt can be obtained from the username instead
of having to ask the server, and "u" can be supplied by the user
rather than the server, then the server's first response in the
protocol is completely unnecessary.
Unfortunately, it turns out that this is actually of very little help.
It still take three messages to verify the user, because they still
have to prove they know the shared key, S. I probably won't be able
to use these ideas in my program, especially if (when :) someone
points out security flaws in the ideas. In any case, I'm still very
interested in the answers to these questions.
Thankyou to anyone who read down this far! :) and TIA.
Todd.
------------------------------
Date: Wed, 10 Feb 1999 00:01:44 -0500
From: "Trevor Jackson, III" <[EMAIL PROTECTED]>
Crossposted-To: comp.sys.intel
Subject: Re: Intel's description of the Pentium III serial number
Nogami wrote:
> On Mon, 8 Feb 1999 20:17:44 +0000, Anthony Naggs
> <[EMAIL PROTECTED]> wrote:
>
> >>> What I AM concerned about is websites (and software authors) that just
> >>> block all access unless you enable it, thus forcing your hand.
> >
> >This doesn't make much sense, why should a web site care if I'm using my
> >home PC, a PC at work, in a cybercafe or in college where I'm doing an
> >evening course?
>
> Ever tried getting on Microsoft's online support pages with cookies
> disabled? It totally locks you out. No cookies = no entry.
The best answer appears to be a cookie washer. Running one of these everyday
will defeat most malicious or adversarial cookie usage.
>
>
> That's why I'm afraid of this Intel serial number idea...
>
> N.
------------------------------
Date: Wed, 10 Feb 1999 00:05:49 -0500
From: "Trevor Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: hardRandNumbGen
R. Knauer wrote:
> On 8 Feb 1999 10:42:38 -0500, [EMAIL PROTECTED] (Patrick Juola)
> wrote:
>
> >>Therefore the very thing you are testing the RNG for, namely its
> >>suitability for use with the OTP system, is not determinable. You
> >>might be able to determine that a RNG is not suitable, but you cannot
> >>determine that an RNG is suitable.
>
> >No. There are two things you need to do to produce a certifiable
> >TRNG.
>
> I meant "you cannot determine that an RNG is suitable"... using
> statistical tests on the output.
>
> >One is to confirm that the device is, in fact, a "random number generator"
> >in the sense that it produces random bits. The main thing to confirm
> >then is that you can get an unbounded number of random (although not
> >necessarily equiprobable) bits out of the system.
>
> I do not know what you mean by "random" in that sentence. I will take
> it to mean "indeterminant".
>
> Which brings up a question I was going to bring up earlier and have
> been waiting for the right place. We speak of the ills of bit-bias in
> terms of random number generation, but what if the generator were
> designed with a deliberate bias? As an analog (and only as an analog)
> imagine a symmetric polygonal die with one more 1 than 0. That would
> have a built in bias, yet each outcome of a throw would be
> indeterminant. So you subject the output of that die to a statistical
> test for bit-bias and it flunks. Now what?
>
> Also, imagine actually using the output for an OTP and your attacker
> tries to figure out why the bits in the ciphers are biased. Will that
> do him any good? IOW, does using the pad from a deliberately biased
> RNG (which is otherwise completely indeterminant) leak any information
> that is useful for decrypting your ciphers?
>
> It would seem that any bias, even bias that is deliberately introduced
> and accounted for, is going to weaken the random number generation
> process cryptographically, since in the limit that the bias becomes
> very large, you have a totally unsecure system? Yet the TNG is
> completely indeterminant from one throw of the die to the next
>
> [NB: For those of you who were here a year ago, this very important
> point was discussed at length - and is the reason we define a TRNG in
> terms of equiprobable sequences, and not just independent bit
> generation.]
>
> >This requires
> >examination of the generator -- and is probably impossible unless
> >you're willing to make certain assumptions about various physical
> >processes such as radioactive decay or wave height or something.
>
> Therefore you must have a known source of randomness to avoid such
> assumptions. Radioactive decay suffices - unless you are prepared to
> take on the entire scientific community with a refutation of
> indeterminancy in Quantum Mechanics, in which case be sure to bring
> your lunch because you are gonna be at it for a while.
Any tests you would use to prove QM indeterminate can be used t prove a non QM
RNG indeterminate. naturally, these would be statistical tests.
>
>
> >The other is to confirm that the outputs are bias-free -- or more
> >accuratley as bias-free as possible, since there's no way to prove
> >ZERO bias. And this is best done statistically, although if you
> >really trust your engineers you can probably do it by design analysis
> >as well.
>
> If you know that your RNG is supposed to be bias-free, then testing it
> for bias may be necessary but is certainly not sufficient to
> demonstrate that it is working properly - with the proviso that you
> know that it is designed to be a TRNG so you can avoid the possibility
> that you have a PRNG which passes the tests and fools you.
>
> Bob Knauer
>
> "The world is filled with violence. Because criminals carry guns,
> we decent law-abiding citizens should also have guns. Otherwise
> they will win and the decent people will loose."
> --James Earl Jones
------------------------------
From: [EMAIL PROTECTED] ()
Subject: Re: Everybody Seems to Have a Web Site These Days!
Date: 10 Feb 99 05:03:18 GMT
Ian Geldard ([EMAIL PROTECTED]) wrote:
: In article <[EMAIL PROTECTED]>, on Tue, 09 Feb 1999
: 17:13:30 GMT, [EMAIL PROTECTED] (John Savard)
: wrote:
: >Remember that, a while back, I noted that GCHQ had a web site of
: >sorts?
: Sorry, I missed it. Can you give the URL again?
http://www.gchq.gov.uk/
John Savard
------------------------------
Date: Wed, 10 Feb 1999 00:10:35 -0500
From: "Trevor Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: What is left to invent?
Gurripato (x=nospam) wrote:
> >> Only Quantum Mechanical phenomena can be proved to be completely
> >> indeterminant.
> >
> >That's a religious statement. The meta-paraphrase goes like this: Even QM is
> >not *truly* random because there are hidden variable theories that may make
> >QM phenomena dependent on the prior state of the Universe. Since that prior
> >state can be manipulated QM phenomena are not only biased but subject to
> >manipulation by an adversary.
>
> Most of the scientific community, however, adheres to the
> Copenhaguen interpretation of QM, in which nature is essentially
> indeterministic and all the information about a system can be obtained
> from its wave function. While hidden variable theories have not been
> completely disproven, the odds are against them.
Agreed. I was not suggesting that there is a valid hidden variable theory. I was
suggesting that, since those theories have not been *proven* false, they are
theoretical potential weaknesses in an RNG based on quantum events. The whole
idea of the DRNG is a reductio ad absurdum approach to the quest for the perfect
RNG.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
