Cryptography-Digest Digest #70

Digestifier Thu, 11 Feb 1999 15:15:19 -0500
Cryptography-Digest Digest #70, Volume #9        Thu, 11 Feb 99 15:13:04 EST

Contents:
  Re: What is left to invent? (Medical Electronics Lab)
  Re: hardRandNumbGen (R. Knauer)
  Re: *** Where Does The Randomness Come From ?!? *** (Patrick Juola)
  Re: RNG Product Feature Poll ("Trevor Jackson, III")
  Re: HELP!: seeking algorithms for coding theory problem
  Re: Clarification on PGP. pls ("Trevor Jackson, III")
  High tech analysis of the financial markets - indub.gif (1/1) (VOR)
  Re: What is left to invent? (R. Knauer)
  Re: Clarification on PGP. pls ("Trevor Jackson, III")
  Re: Transforming RC4 into a one-way hash function (Michael Kjorling)

----------------------------------------------------------------------------

From: Medical Electronics Lab <[EMAIL PROTECTED]>
Subject: Re: What is left to invent?
Date: Thu, 11 Feb 1999 12:14:27 -0600

John Curtis wrote:
> 
>         I'm sorry for being so longwinded.   I'm left with the
>         question:   what test or tests can we apply that set
>         some threshold on how large these distortions can be and
>         still allow useful cryptographic use of a given RNG?

The system can be designed to ignore signals below a certain
level.  An easy way to do this is integration, just add up several
of your input values to wash out the low level signal.  If the signal
we want is at 0 dB, we can set up the system to ensure that all
signals below -60 dB disappear.  Signals we don't want above that
level have to be designed out by hardware.  

You still have to perform a systematic attack for any threat
model you need to worry about to have some confidence that the
distortions have been properly dealt with.  Because you can't
think of everything possible, you can't *know* your system is
*perfectly* secure, but you can be confident that whoever
attacks your system is smarter than you are.

Ego and arrogance play a more signicant role in security than
just about anything else.

Patience, persistence, truth,
Dr. mike

------------------------------

From: [EMAIL PROTECTED] (R. Knauer)
Subject: Re: hardRandNumbGen
Date: Thu, 11 Feb 1999 18:39:51 GMT
Reply-To: [EMAIL PROTECTED]

On 10 Feb 1999 08:53:19 -0500, [EMAIL PROTECTED] (Patrick Juola)
wrote:

>Depends.  If it's a really good generator with a known bias, there
>are mathematical techniques that will allow me to strip out the bias
>and produced an unbiased stream.

This brings up the question of whether anti-skewing changes the
equiprobability of the generator. I suspect it does for the following
reason.

A TRNG must be capable of generating all possible finite sequences
equiprobably. If it is biased, then is it not doing that. Anti-skewing
procedures do not generate those sequences that under-representted
because of the bias.

>>IOW, does using the pad from a deliberately biased
>>RNG (which is otherwise completely indeterminant) leak any information
>>that is useful for decrypting your ciphers?

>Broadly speaking, yes.

Just as I suspected - equiprobability is at the heart of proveably
secure crypto. Equiprobability implies both independence and
equidistribution of all possible finite sequences. Independence is not
sufficient and equidistribution is not sufficient - you must have both
to satisfy the requirements for proveable security.

>But you can strip out bias fairly easily -- gather bits in pairs, output
>a 1 bit if the pair is 01, a zero bit if the pair is 10 and gather a
>new pair otherwise.  Yes, you waste about 75 percent of your generator
>this way.... but bits are cheap.

See my comments above. I believe that if you employ that, or any other
anti-skewing technique, to the output of a TRNG which is suffering
from severe bias, then you will no longer have a TRNG in the sense of
its fundamental specification - capable of generating all possible
finite sequences equiprobably.

IOW, I fail to see how any anti-skewing procedure, including the one
you gave above, is going to resore the equiprobability of the TRNG.

Bob Knauer

"It is not a matter of what is true that counts, but a matter of
what is perceived to be true."
--Henry Kissinger


------------------------------

From: [EMAIL PROTECTED] (Patrick Juola)
Crossposted-To: sci.skeptic,sci.philosophy.meta
Subject: Re: *** Where Does The Randomness Come From ?!? ***
Date: 10 Feb 1999 08:56:34 -0500

In article <79q88q$tho$[EMAIL PROTECTED]>,  <[EMAIL PROTECTED]> wrote:
>In article <[EMAIL PROTECTED]>,
>  [EMAIL PROTECTED] wrote:
>> [EMAIL PROTECTED] wrote:
>>
>> > If you are handed a message without having *any* idea of the underlying
>> > language or cryptograhic system, the number of possible kinds of hidden
>order
>> > are as near to infinite as makes no odds.
>>
>> They're not near infinite, they're infinite, even if you put limits on the
>variety
>> and number of symbols, since the message could be a code for absolutely
>anything.
>
>Even if it's of a finite length ?
>
>> Simple proof: say the code represents an integer.
>
>> There's no integer it
>couldn't
>> be a code for, and there are countably infinitely many integers, so there are
>at
>> least countably infinitely many possible meanings for the code.
>
>Surely a 10-character code could ony represent a finite range of integers ?

No.  It can only represent 2^80 integers at the same time -- but there's
nothing to prevent any individual integer from being part of that set.

As an easier example : I will send you one bit -- if the bit is 1, 
then the message is 12123578857.  if the bit is 0, the message is
441652834401.  

The unerlying metamessage, of course, is "this is the phone number to use
to contact me today, depending on whether I'm in England or the States."

        -kitten

------------------------------

Date: Thu, 11 Feb 1999 13:46:21 -0500
From: "Trevor Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: RNG Product Feature Poll

Paul Crowley wrote:

> "Trevor Jackson, III" <[EMAIL PROTECTED]> writes:
> > I believe this nomenclature issue is worthy of attention.  But
> > choosing one word to imply the properties of independence and flat
> > distribution is probably a mistake.  "Equidistributed" does not
> > necessarily mean independent.  "Independent" does not necessarily mean
> > equidistributed.
>
> unbiased?

Ahem.  Permit me to articulate my puzzlement at length:

        Huh?



------------------------------

From: [EMAIL PROTECTED] ()
Crossposted-To: sci.math,sci.math.research
Subject: Re: HELP!: seeking algorithms for coding theory problem
Date: 11 Feb 1999 18:27:02 GMT

[Posted and mailed]

In article <79r9bd$pqr$[EMAIL PROTECTED]>,
        [EMAIL PROTECTED] writes:
> I would like so get some pointers to the literature on the
> subject of algorithms for solving the nearest codeword
> problem (either exactly or with a bound) for general
> binary linear codes.  I know this problem has a reputation of
> being hard, and is at the basis of the purported security of
> Goppa-code public-key cryptosystems as discussed in [1];
> my own interest in these algorithms is related to the
> difficulty of solving subset-sum problems in the groups
> (Z/2Z)^m.
> 

    Indeed, it's an NP-hard problem. The best algorithm, as far as I know,
can be found in IEEE Trans. on Information Theory, Jan 98, in a paper by
F. Chaubaud and (I forget who the other author was). The title is (roughly)

    On finding minimum weight codewords in (? an arbitrary linear block code
    ?) with an application to the McEliece Public-key cryptosystem.

They improved an existing algorithm, and modeled it with a Markov process to
calculate expected running time/ operations/ iterations/... It's a nice
paper. Sorry I don't have all the info, but I'm sure it's in the Jan 98
publication of that journal.



------------------------------

Date: Thu, 11 Feb 1999 14:00:56 -0500
From: "Trevor Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: Clarification on PGP. pls

fungus wrote:

> "Wm. Toldt" wrote:
> >
> > I said I could "factor large primes" and you posted a composite number.
> > Composite numbers are much harder to factor than prime numbers.
>
> I would have said it was the other way round - in my experience, prime
> numbers are among the most difficult numbers to factor.

This is an interesting question.  I propose to solve it by using the runtime
of GCD() as the metric of difficulty.  Clearly faster means easier.  Is there
a systematic difference in run times bewteen GCD applied to primes versus
composites?


------------------------------

From: [EMAIL PROTECTED] (VOR)
Crossposted-To: sci.anthropology,sci.archaeology,sci.astro,sci.chem
Subject: High tech analysis of the financial markets - indub.gif (1/1)
Date: 11 Feb 1999 17:24:24 GMT

begin 644 indub.gif
M1TE&.#EA,P)_`?<``````(````"``("`````@(``@`"`@,#`P,#<P*;*\/_[
M\*"@I("`@/\```#_`/__````__\`_P#______Q,3$Q,3$Q,3$Q,3$Q,3$Q,3
M$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3
M$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$P``$Q,``!,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3
M$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3
M$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3
M$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3
M$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3
M$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3
M$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3
M$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3
M$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3
M$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$P``$Q,3
M$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3
M$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3
M$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3
M$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3$Q,3
M$Q,3$Q,3$Q,3$Q,3$Q,3$RP`````,P)_`0<(_``G"!Q(L*#!@P@3*ES(L*'#
MAQ`C2IQ(L:+%BQ@S:MS(L:/'CR!#BAQ)LJ3)DRA3JES)LJ7+ES!CRIQ)LZ;-
MFSASZMS)LZ?/GT"#"AU*M*C1HTB3*IT)``#!IA.@'I7:DJI#J%819FVX=:G7
MKV![6L7JU*34KES+#CQ+]B3:A&\-QM6J5N#<L'CSZ@TYUNG=C6PI9FW;M"[)
MOT\-*T2<N"#CO9`C2V;8UVYAM9<M7\9<^&#FJ&0-;U[;&33GQ679JM:<VF_K
MP*8YUPT\FO7KUJ`=?^Z\^?'DW\"]5C:=F[;KXKCIYEZ>^+CQQG!Q/U].^#AR
MZLY/(\]N&?OUYOO?JP<?3S[O<._/JW]NWI8YZ>Z]F=_=+3WY^_;W:Y]OS]\U
M?<73B5?>@`1.-9MV_5V'GUSU=:<;?*)IAQIL"3:VX'</.AB>=1<2EV&"'18H
MXH@XG8=>@P(.UJ![#H)HWT)4!9A<:>FA:!V$.&Z(88L<<D?BCT#29"*%-/I(
M'VE%YDADC#?">"!LL;V'Y(RE>5C9DJK9R"..(0;IY9=@WN1;F&26:>:9FJ&I
MYIILMNEF4F,&%^>;=%X5WTAS<A1GGBQ"AUI$*J[7YV%WZJD8@W4F:BAX?!V:
MTIZ.VGF1;T-&:M:!'<UGJ:*<2NKG1WQJ!*E%H5(JH90LJ;BHD_N=MBH8@$^>
M^BFB[+&WE:"Q1<HDKKF^N&N6H>%7Z*^.FDBK;;>]IANOJ&HX;&VVRJ:JJ]1Z
MZB>1J,8UW*X:>N=LL;)UNYI[4#*)I)3;VM?5M)XAN%IFYC;[:;P\^JJL?)A6
MJ^^?'^:++;_DVBONB]$U"Z6W6[9K,+@)`SQENM#1B];$A2H<\,#=9KCOQAJC
MZR^5K&)\\<A_T8OPR0=?FR^M*5M<<,,(FSSKPB]#[/'+'.?<Y\'$5HFSS?5"
M"^VQ0*,L[<K[W4FL<B'SK*Z$O3&LLGX?3\VNSAO?*C"RZT)=]<V424WRUQE_
M2_/8+L_,\M82;WTLS$Z+W'&H6/N;R6ZE99LM<M%=,XTVV'FW'3'9:AOK+=#Q
M&IYQW'\'OG+=4R++6N1I2]87X2>K//C9,<N:+=+W8O?TYYN#+?/BH'L\.MQB
MXUNZWDG*#7GF+J).MU!1MZMUWK8QB#?E#__\>,7/^FSTP[P=C;/D"Q^I=Z]=
M#PU]DY=7.?3M;C(N8^6S9[VIM7AAWZ;V*_;=O<ZWBU_B]]Y;'VNRW)^O;ZGL
M&Z4^G:>S:+[\_#MI?/^1:1GJXE<_`!KP@'`"V<T$N"X$.O"!85E/H*0EN[5`
M\((85%,!,\C!#OYF@QX,H0C!`L(1FO"$8LD="E=8)A4JJH0LC"%D_M<J&,KP
MAOM*D=[\<,C#O50,:S;LH1!K\L/S!7&(2%1)$0UXQ"0Z$50ZO&`3GTC%5S'+
[EMAIL PROTECTED];#ED4`=G&+8%QB#+\(1B2*L8=D+*,,HPC$(L&+:M$#D!KGZ+L#3D=>
M*<LC'<MX1B.N"(\$FU4:]VA'-B+0.&[\5^4&2<C9]5$N3'RCDN#'/48V,F<T
M?`A6(MDQ_1VJ@9?$HB$UV23Y7<V3;WM**"'XR(F<Q93EZQ'M=+7*_K42(Z^T
M))DDZ+Y?!6TPM83<*$&22SX&$Y/W`U14[++,,![35;<\3#,SF41=/C.`PTS5
M-),9R6A>4T3>=(E?TN3,;WHIG"])#3,])"1JLOS)FN;\"3K;^4IV5B6;XXNG
MG/#I$W5N$YYT<6>G`*K/=/)S*/[T'!2OF+6"?N6@2/&GVG`)T1TZ%'=1(ZB8
MUND80VE4@Q?ER3SU4L^.5F2D0`RI3#+Z481*5)6D9"@K6=K2>**40"6%:4`%
MVD%=T52F*F7I"U]JP642[X93_"E0P^C":N74@NZL*33=HM2E2O&GW<OI:#8E
M59+V<G@TY%57TU+5NBGUJKU2)5<'&LLHP8QV!JKJ34DH5Q/&IUC-A,ND2)1'
MK_%.?^21JV!3)5B:#I%&>=5*8CVSUQ'UE72#6MQ0"TM9H:[RA^,,F5Y)]2.A
M52JLMU+I(8>968?[,9:S0;K;)WUJ4M$ZLJ*E71Y,FRB:Q>Y38_M+Y5A=RY><
M\!1&MDUE4>M7V\7&=C+;@UV$),O;I1!U)7-5*U<4.TW@SK:CNS6H+YOWM-">
MM+GM#"Z>*JI)\;;6I,\];W&PFU*)I!>\A#6O1[G)6/9)5&G6A6JLV@N1>F87
MONO5*:G(^]WJ4F:=">4H=5O$S-UP;(.$43"`E8BO]^Z4O@*^KGR'B^`.GQ9I
M1D7LAL^4T?["1\(3IBIU/.P_"AN7Q8OQL'2H"^)-)MBII&RPA5,LDBS!&'GW
M?/&(+23CXW*XP>#QSTO_*YSI`G/(/,[4C8V:UICP!KW]':=_!W7[922?*[,E
M'JB3B\ODYFXYNHT"+)1/K-75@EG"R=KDFDF<%N,:.<KC5>&=5WKC4K**0^I-
MTY1S9>`=YS-L=IXSGEV)6:B6J-`ZSG*(X:R[ZMY5P8-^89WE6.9O8K:X5-XH
M9BP-82T3];XAAA>6A[OG-UE*SIQ>]("!^N10$[&T;WZ,C4^MX[OR.K$SKF&,
MG_I762/OMQ.UM959#.96*PS0MD(R?U;]H$[GD%F9+C:/T?Q79U.XI,V>LY'2
M.FK_&+BHRK%V#H\=YF2[UK(>T9:Z8;TY"$^OMGU^<X:K/56_]7JPGFZJ-%_=
M:1%7K8"7MJV^LXUB(GMUNTJCIG?[XW?:"\.;AV=-IWPQ;&)(HZOAP1.T7OL,
M\N]Q'";)S8_CY.CO&$^*LOS+N$Z<??*KR'C5;@[HQDG^<J].LG31@V3+-_O1
MRK:PKE/9^;(W[.!'[EMAIL PROTECTED]=TMT.%U-EK:IU@`=0Z0;-,M>__*=D
M=BFBDG1=R&N5=4?;7-WSW;K<YSYVX-"<R?)6M165;G8_/U26CJOV<F.=8V,3
M$]%AKZ/0!0-RD<?;[EMAIL PROTECTED]?&+V%A[NURP9RI6L+=1R%?*,5G0_J5XT01H9
M]!HVO*CLV_A&U?V(AC8TXT4_^NUZ\K%L#W9Y::_ZH>M.]B?UK#(+O%;>6Q?S
M+MW\LJ*!W_LZ'SC`'E5L2XG;>EP.-=7GMCF448]G[D-_UG/QOO6G:WSRURG"
M<Y+S@9&/<4C:&U*O+[][M<_^`968X9M^>_,)__:USE7\C;5[6.1Q[G5<>%5_
M2,5ON[=D!-9:`(@2NB1U7\=\P_9C;J=Z9-9QG.<<&8%_*P48`N=J^S9_/'>!
MAN<O,?5TQ)%%'AA76*5IZ/9=)>AE&%AY$])E#+ABQ%=]R1>"G#(;UC>#RF9L
MV;9$4V9J/.AR"`@H%]=0,1A\-V=I)QAIJ:9YT+=PG"6!"_6"_`6"4:A.2XA"
M8$A>P990R"9]8<ANW":"4M9KI"9_QR14L%=Y/`=#_.IG$TAW2(_GAF,(AX3T
M+"OH>?IV9';X@,145AP4=6.8:V?XA^W&,DE(=$BH8788B3UF6",$<YZR:_^6
M>5N5A,K7<Z6D>QJH1)@X1BF(53.&2([H@\`7BEDXBC9X>80B<S7T5<"#;?^C
MB&75B'9UBEPT8E@8A+)(@[3X>%RX+]N3<F_%2'5H=!G4A,$'>8/HA;4&@,0&
M?FNH052G<JBT8/-59%9R@WGH:N48;]\G?9884^8E?H:X+(_H1S]G(03S%M9D
MAN-"1G+G0X6U;,5(B,C8CLM'>^=H2[AX+KT3;8&F)U^8C8]"=Q`9D8@H3U3X
M:Q%XA\*EA&25C`_$C/S?"#CK.'\>5XW!5(<+N8<$5XK1(8W1V(T#]#HA.7PD
M1X'&-))4B">MQQAMQI(BM(PN"5>]99,MJ$:JDF!2MV.(86JV.$8'Z59N97M/
MF"E1.)6A5)0==I0Y:7(3F6+W2)5#R4?X9H9^^'R:%2T^&&5=28`!EH8/EH';
M-):B8I8BMG\]YI4DV4A/!FOOB(SMIH5$>99QJ9;T5I6M-HS0M95^5X-!.6C0
M=DD8*[EMAIL PROTECTED]%F8YTN9@-UYAXZ6V/R9?`F'V3QI8):)G!A9F.R'21Z3\<2723
M`YJ7XI<^5!)(>9I"%'L@N)0+2$ZLN86N:3D0J)&@TI/5%T23&7H<")?\\E1W
M;&@6OHF.(423*[F5BU*<N<EHR`F#2V=)TSD>SLDU/(F2E.E<#2AL'VB<GHE!
M#@F/G?F0GTE7V?F:XYE&VYE5#.AU_FAC:%>=Z).>L"F;--:<&YB:0A*(T[F-
M[0.1T0F.*HF@;42?%*F",Q>>3.0[$@F8QCB"Y/=J\S-WX+F7EXB?))9(/C8Y
MZ`EJ!3BA8F1##->>3*&A:AE1_+E0;90C"Q1(>$15)DI:<VFA?$5W-_BBCT:>
MU+F;./5'6R)`.T-/-QJ//AH42>J+%MAD0,I%3GJ+$!([%2)<\R9>;M:D_?B0
M7`J='1B?%!FE(SI3_P)'N165XJ2EZP@L_%_ZIF^Z>4OJ6W-::8E8C\M5.)\4
MH&Y9:K,8GW!JFT0AI`GDH:_UDH"4D63*>'TJ:=\GIN>GHEXZI9RD(QX965G:
MJ!47,>12I\@U8(OJ@H1*+;QD>\Z#J;?VA0K*B*F')K#'H>PI:W"G?.^%:B3Z
ME7P%JI(:IH9:4+-JDI1H@L#VI%_RJJ':=93*6[^JJL&:CD!8GF`RA\=J9;T:
M5!1ZF,P*D)X9(SIH-Y['GLFZ:,OZ3[@"K/>!?;O:FP56J.':>^,JA.;*9L7I
MK>N*4=7:?#H:7Y.VK=D:::2X2U#(I*/ZJ3^8JFM):3:I5H@UL$P:L`]ZK]$*
MH:EEL/D6K/Q/=2^)>4[$2G&'>:WX([$`2T0-27;[*G2L2F?0ZGNMV:X?RK(@
M);*TJI1O6($IJ[$EBW@KFZXI!+'9@X<ZN(KT%GXM&B;F]FO"*F4\2[0@*V:I
M.I-%>Y/J.+2YNI:&6:$OE[01B[7]%EY..XD96Z&0.D,_6[5#:"<>FR@$6J#6
M9I)71AO`Y98:ZU]DJY5G"TT,*QP'&7%QM'C0^)O0VK;_ZG[4EEI8"(L*M[39
M@[@[^G/3TK@DRH1@^GRU*H[^-[A`XK17J9\+ZK)*.T".VR\G&7<7AW\56[FM
MVED9"&]W:W]:>W2>ZSR?FZ\0"'-BN9G2U7:H:UB,J;/VZD7\/F.EE,1VLKNF
MHZF)"VF[YE%7>/646/>#BONQB!J]0+E1;*JPF,:C0+&/3M:?YP:KY_2\;"6]
MIZ1'/[J\VKI9"LB=@8J]?FN^E#M9G-N6C/N3Y$N][BNU(XB\Y<%\>CFM#\>4
MIIJW%!2Z*)=?5+FIYWJYEAANO)NS#=R%(NMR)FO`";RXXH:K^PN^?TBG$FRY
MBV=Y%LR$&ZN=&EQ+]5=\$]S!MQO"RG2>'[2ZAU6WT$7!1X:^(.Q8*'J7EM.Z
MOLK!-GRZ'[S"X,1[&'R?\6MF/JR@D7B`G47$GHJL,&S"28S`(LFQMT5;?\?#
MW3?%05S%BDK"\K>K:=O$!?NC_#_LQ9UD?T\L4B6,PUH<6$6!Q2JKG6M\:V]<
M(&-,Q@B59HX5/FWLQE'\=8/*QT-\;4><M3$7QX2,QW'\QSMZQRB[QX<XM0^;
MQY?KR#U+N)2\HI"<NX>,8YK<QX0EPVB+R=AD+-7S>R,*H,E;Q]D+4-VIC*9L
M=_41P"]9:U+*R@+KRL<INH$<6+],5\^C7*`[O"7*H$S!RZ,7I+-L-\V,QZL#
M6;&KII.JN77IOP_Z>TK:3<&,7+^;IPFID-2,A\:[@R1LS0YDR6M2+N"<;+B,
MMWU;L_::A]V,R&BE=O+2;8\[I.O;S]OL?"W9R="+S\0,D]B,.\J,QK#YP$9<
MS_Q9^S@!P\X3I\`'O9PJ%G///)O%FM#T1\"KYT<,G5716M&J"<1>B$P"79-Q
M2ZU"=I%.E=%5],]#7&88&;8T6\J?W,,;C7<U[<K>>\XY'52=JUV)AITD?9_X
M.GS%:M-*7$>80E\_G;PI_6Y#[8QD-;-&'=)7&]2R6M5[R'=]*,]D>;2T/-7B
M&K**F)7H,<)C;;7\:-;NBM8!F9)N*]8T'-7K`]=)S=%)!Z0."ID).WL5;,A<
MO=<"N-%CV8=T7;JH-=@"J\Z&+=B(37W5.Z^"NZ^!VW&.7<D.'=GC+,J4O;R6
M;7DUO9=P2\YZ[=D!.-D=75^C?;O/9=H'W+&0O7_\:)J+F:0UL?Q!2[QGW$%+
M15A^0MBAM:W:@%T[M[>G%B>H<-+;;!IA41O;QH>#:[S;QDTH1?J3@5.;S,W!
MQ.7;6H:I9%NV[%C$VES8UQVP/AEX75R+NCS#WZVEX4TQ0_N.TS9DUIW>+(W;
MBE0X>8W,#&E?MGM?#).BPOG;PZG?*32C\YC&1WV(6[>]^3O@'$7?!IZ*NJO@
M?EQOVLUE_'RCJ)I7>9FY$4G:;*WA@WIP'0Y*1"MDJ\REQ<NHLXWBD2>\I>HV
MQHQ3+DZ/%H,@@;CC^:Q_^$OCKMI"0"ZCG,IJF'V\E3CD1/ZR+;[/._)QVFJT
MS?MA)_[D1@ZP%Q[C_,!F<$J\)QZLY4I;W"[:Y:N%Y7;MT4VMU63N%D:.YI>-
M<R&)PD'^YN<7YT]*;'<VW#0<:)V-YY(<Y7M^A!MWFL6G4(*>G",MYR)^Z$Z\
MG(&^Z-FKY^5IF#2'Z"57X6Y.Z2Y&Z)2):T[^V1:=>I/NZ6)AZ8\IZK@JG/PJ
MA:B>YUP.M30XWE1<7A;IUK$.Y5X=6N76IC*(L&"XZ_CCS!;(ZL`NXPF+U\1N
M=\8>BL@N;L%^L+#>[*)Z&[@%6A,=L?+QZ+^N:\%.W=5N[0G4.0H$D@^.4=VN
M>Y.H?:[TF4;)U^2^T"OW5H+T[+]^A3?;UB:&X/HQ[^6^,\`K6YT>G?SY?H=G
M=^LY5M<Z#/"OO':P.WGIOLL0\]3V!H6TNN8.[UONHB-<IMR[1#VDF/#MO?`S
M*>\;_]79G7:[H_"73#+7R^P3(I0HG_*KPCK-2$NN.^)?+O,K2?,3;_,.*Z*?
M@R7OO-1J-I\'+>[#'O1"G^I'9X#5^->NQZ],_?0DY<Q2GWU4GV:\=O58'SY:
M_V(7Z_,EC6]A[\FIW;N:6L/[:?5IW^)1W]+<JYQP'_>('?(&N.D5G:)XG_<A
M3_=J;O?I5?!_7Z^=>]HF+9H@?_B;G/ACKO&!6?B.3]$['_E@W]J-7_F,3*^*
M[_9P/IJ<__@C7;TI_"B7.?JBO.7W"_K[A._RJL_;GM_F-?_9AA_[YB?7"I_Y
MF@W[N"_(1;[[M9^3O\_)W\S?6UKRI5_RO!^8Q1]>N$F_];C.33USSP_]T=_@
MND7]OD^]U[_?3]GAS!7\S?W]<DHYEVI/P]_7Y6_^4^>-Z3_^D>RB[A]D0!;_
M:D;^]3_0Q7RES<C]`#%!X$""!0T>1)A0X4*&#1T^A!A1XD2*%2U>Q)A1XT:-
M```<]#C08TB!(S].((ERI,&3'%V^Q-@2YDR:-6W>Q)E3YTZ>/4'Z!-HQZ%"B
M18T>19I4Z<^E344ZA1I5ZE2J56W*M#H4:U:N7;U^!8O3Y%BR9<V>19M6[5JV
M;=V^A1O[5^Y<NG7MWL6;5^]>OGWK.MT:EF%@P0D)%V:*>+#BAH<9BWV\.++A
MR90K)[Y,T''FEYLC>V8,6K%HQ*0+F^9\469*E2E-BEQ9,C99V:YC=X:M^?;K
MVBUYMUX=G#5'W\*+VV:=?/=ME32#ZT9^_+GN@LJ'"\T-.[KVZ;VY?\>=W?MX
MX.#+BS]O]>1ODB';?WS?7'[N^/%QLU\//[]\]_OK+Y<-)OUL"_"_`@%L[K_K
M-LJ/P`3]@W`[\NPC;D((#SS0P?XPG(]!"SG<\$$0!RPN0/6H,S%$%?4S,<4+
M._2P10-%I'%%\2BL4,87;=1Q1/1<ZFY&'F$<;L$%54/[D3\6:RR1):R&C+%'
M)I6D,DD-44OJ2BJ%G([+JYJTT4L*M:Q)2R^E'/+(SL!<,LTGWP0)RXC,W+')
MZN#$44`VMZSSSAOW^\JZ]V8C5,HJ?W/.N`8'!931)(&3$R)!%UW4RCY;_!(Z
M1BO]L<BMU&10T=XXQ;14"<L4%=)1J\243*^,Q//2^<Y,-$X_Q004QE+7M)6Z
M,??\-2=8;\W54S\?K=5)8@TU=4]4>^VT33O1C-2H87V]5#D?GU466Q^#[3;9
M8^DK%MARA0W,6'"C159<9-U\M\MJ';J67?NN<[4K.K]M5%Y69]IW2EKSU3.[
M,,]UD550B3-W6R+AW%7\7%P--1;%A6-J6.`7Q\TS*T'-P\]!D)D#V+B13T7T
MXTQ/EN[1D+M;V<)3'^9XK)C3>]G2UVA+S]V<9:9T6D13([IHHX]&.FFEEV:Z
M::>?ACIJJ:>FNFJKK\8Z:ZVUVKIKK[\^FN>?-05U7K#/1CMMI0YNEEZUWX8[
M[JCPE7;<A<R6.V^]]YZ([G]550AOO@<GO/"'I8.X;,,79[QQP]*%&%J_)J>\
M<LLOQSQSS3?GO'//XYJ3L(JAQ<QQTT_?6]LI+79,<-1?S^SBTSV5<.;28<<=
MZEQS[\EUWG\/5#/@=6[9R85-LWEXY:L:&B7E"UW=X-8?BGQYM'V?VS+@^Z$?
M/6'M):O.^K1)_NSN[;FO_N_P'R\)(>S%)QIQV9DW__>7C^LVNL_WY[]___\'
M8``%.$"V2&I)\3J6XMQ'/?AY;7JG:0SO>,8NUK%O@=1[7P/+]SVPB":#8+M7
MW2K(P:=(Y(,:A&#@IK(9TIS0@<4[C^W")3P3HM!JGG%A1@[($DGE;F@RG.!/
MRE*1'-J0*Z`I(I+:Q\,>DLUPO^J7W528(R/JSFWST\F3F-C$)4:L,>F:&G*\
MJ*L+1HF&6ZSB8UJXGJ`,<7TEG!,<VR7'$B;'>5%S%!E7-44JMN]324SC3K"(
M1D%&D(YNZR(A_?C&+L('C\5+W@C+:$;?^X0/D($$$OZ46$AZD8^!=[R=\U8C
M1.Y<<FTE"J$%(45`5K;2E:^$92QEJ;G0D4V$I%.D#@]C1TSZQ#V?%)#.^@@9
M%IY1E$0,F^BB*,E0\L24O90C$LMTR#'&T9F&_-0F4Q/$VL%PDFV$9A9GF$L@
M)9*1R.Q=!#_XS+!9*YS"<A\8;^)(/O:-G34$6.'N^<UWAD>5H)QG,2FRSRSI
M46T$;68_=?C%0<;$D-9\&D(O(]%S*A0[8<$212UJO%EVU*,?!6E(1>H_:XW4
MI"=%:4I5NM*&<O(H&1QE`W<W&BV:<Z,K+.@P`;H\C<[S*?2\Z8ER>E%C5G-Q
M/?7I$I$:^U1@OI2CGDQH?]@(NZ5>9:=,50W)@!C)A`(%9M'D9T6KNLUVCO5\
M.EKFCTA(E$J6$:C4?.CU6I@TLUI/C`:=GUFA6L>K1JJN31$;(K$JMSRJB:M=
M]:HZP3K0KAD6?(.%6S?)!T665M:RE\5L9B<W&)'QR+`/#(W9_EH4Y,D3LF^;
MU"W'65$KWK!OK#WMUXZ42F:2TVFCY=IKX1K;QG*UF^8):VO#:)'F\5:N+(O3
M\:Z&6U\:]WFIS%/'BBHUYE[3N<-#GQ2EN]O;4JVZUXU==A%HT*M2=[C@E>!R
MU)L_T%;MNY!!+^I6$J+Q2J^4FL5O?O6[7\T:\(?IVZY-^\_KSL3&UWY1C.Y,
M88M'IT+.J@9.+W)GM5<!#SB?B\DF>8D+8=R)3;U_+"YW&5PR;!KSA._E\&38
M1K.X+A>B]<.A4C-<SA1W^(]_R^O64"/-"D=3=,&L,55OG&`*E]>[M:RG0!_+
MV.D&N7&T*V4"VXNUN4[9R#VVK3H5[&2^(4B[NY0??\4\9C*7N95('N=GZTGE
M3_Y8B")K<5.Y[$-_);B:*`:G8$TK12:_>,XVOM-OR1/<(^LYRT05[)_1B^<"
M>[&F(EZHGQ7M7$8W]Z<S3N0E8[K62?.VTI;>M#E#/4VU-KG3IZ9KIL_95OC>
M,6B?1K7'0MRAL?V7=1]6[S.Y_CG'=.YTE*[!<GBF%>Q8QPW.'])8JY[CJMDN
M6T[=@V=?9?S3:\*ZV*<9$!D#!J5#.4O;`&HIBPNIS&)=V5W7?AU^)-<G.RL,
M88%&Y9ND-5_>$`K$,@,/O>>-.%,_&-V`IC?IDC=P6[M[5`[FDY3YQ*(9V5=$
M*Y9JPFG][Q0?N]30IEMGW^UP^B9L8A';5+EV!DF;!9CB\3WL'#$.8CNMZ[X<
MLN_'=R7==L<P<=8^N>FVK5KT,+MZ&ZH8Q.L6]`NMF%KJRSFJ588SJ-).XW8#
M^LU71=O)PO##RM94E).^]6WBG.M?5^.LP3[VC`0$`"'^Y51H:7,@9FEL92!W
M87,@8W)E871E9"!B>2`@("`-#4=R87!H:6,@5V]R:W-H;W`@9F]R(%=I;F1O
M=W,@,2XQ>0T-9G)O;2!!;&-H96UY($UI;F1W;W)K<R!);F,N#5`N3RX@0F]X
M(#4P,`U"965T;VXL($]N=&%R:6\-3#!'(#%!,"!#04Y!1$$-#51H:7,@:6UA
M9V4@;6%Y(&AA=F4@8F5E;B!C<F5A=&5D(&)Y#6$@<&%R='D@;W1H97(@=&AA
H;B!!;&-H96UY($UI;F1W;W)K<R!);F,N#0U5<V4@;F\@:&]O:W,`.P``
`
end

------------------------------

From: [EMAIL PROTECTED] (R. Knauer)
Subject: Re: What is left to invent?
Date: Thu, 11 Feb 1999 18:53:00 GMT
Reply-To: [EMAIL PROTECTED]

On 10 Feb 1999 08:42:07 -0500, [EMAIL PROTECTED] (Patrick Juola)
wrote:

>>Radioactive decay can be proved to be random to within an arbitrarily
>>small error....

>... subject to certain assumptions, yes.

What are those assumptions?

>And, of course, this is
>exactly the sort of statement you were criticizing earlier as being
>insufficient out of the box to characterize a RNG.

My earlier criticism was directed specifically at using statistical
tests on the final output of a TRNG. That has nothing to do with
testing a radioactive source to show that it meets the necessary and
sufficient conditions to be characterized as completely random.

I can test a radioactive source and if it passes my tests (statistical
or otherwise) I can certify to within a specified level of precision
that the source is completely random.

But I cannot statistically test the final output of a TRNG and certify
that it is completely random to within any level of precision, because
the TRNG could be a PRNG in disguise - in which case it cannot
possibly be a TRNG, even though it passed the tests.

That's because in the case of the radioactive source, my experiments
constitute a necessary and sufficient test for randomness to within a
specified level of precision, whereas statistical tests on the output
of a RNG are only necessary for the RNG to be random - not sufficient
for it to be random.

Your statistical tests on the output of a TRNG lack sufficiency for
proving crypto-grade randomness to any level of precision, no matter
how comprehensive they are.

Bob Knauer

"It is not a matter of what is true that counts, but a matter of
what is perceived to be true."
--Henry Kissinger


------------------------------

Date: Thu, 11 Feb 1999 13:58:01 -0500
From: "Trevor Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: Clarification on PGP. pls

Wm. Toldt wrote:

> Michael Kjorling wrote:
> >
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > I bet you're thinking of trial divisions or something:)
> >
> > The problem is not the algorithm, it is the time required to execute the
> > algorithm with cryptographically good input. Try to factor (2^256-3)/2, it'll
> > take a while, but it isn't impossible (I've got the factors many lines down if
> > you want them...)
> >
> > For those who's interested, the number I want you to factor is:
> > 57896044618658097711785492504343953926634992332820282019728792003956564819966
>
> > //Michael
> >
> > On Wed, 10 Feb 1999 01:33:52 -1000, "Wm. Toldt" <[EMAIL PROTECTED]> wrote:
> >
> > >There is a way to factor large primes which I am willing to divulge to
> > >you. Once you see how it is done, you will wonder why you did not think
> > >of it by yourself. If you want the secret, just ask for it here.
>
> I said I could "factor large primes" and you posted a composite number.
> Composite numbers are much harder to factor than prime numbers. I charge
> up front for composite numbers. If you post a prime number, I will factor
> it for you for free. It will take less than 36 hours to factor using
> pencil and paper. I will also reveal the algorithm, if you ask real nice
> like.
>

This is the second time I've seen this outrageous claim from you.  In a fit of
irritation I have decided to extort some of your ill-gotten gains.  To prove that I
know the secret, I claim that your method will generate factors the sum of whose
lengths amount to one more than the number of digits in the original number.  I also
claim that you can optimize the paper out of the search, leaving only the pencil to
indicate the result.  For a small fee of 10% of what you gather for factoring prime
numbers I will refrain from revealing your secret.



------------------------------

From: [EMAIL PROTECTED] (Michael Kjorling)
Subject: Re: Transforming RC4 into a one-way hash function
Date: Thu, 11 Feb 1999 17:12:07 GMT
Reply-To: [EMAIL PROTECTED]

=====BEGIN PGP SIGNED MESSAGE=====
Hash: SHA1

I'm not sure about what you're meaning with your question, David, but after
some serious thinking, I revised the scheme to add some more security:

1. Generate 20 random bytes (as random as possible)
2. Process the e-mail address in 2-byte chunks by XORing them together, then
XORing the results of this with one of the random bytes, selected using a
nonlinear function of the e-mail address' contents, keeping the other byte
unchanged in the output (i.e. n@ might turn up to be something like F@ or nP,
but never xQ - only one byte is changed out of the two)
3. Concatenate this scrambled e-mail address to the real one. Call this K.
4. Walk through K, starting five bytes in front of the middle (L/2-5), and XOR
K[i] with one of the random bytes, for a maximum of i==16, or until we runs
out of e-mail address
5. Load this generated K as the encryption key
6. Generate 20 random bytes that are in no way related to those generated in
step 1 (i.e. reinitialize the generator with other input)
7. Encrypt these bytes
8. Use the output as the hash

Any comments would be appreciated.

//Michael

On 10 Feb 1999 22:34:27 GMT, [EMAIL PROTECTED] (Bauerda) wrote:

>>1. Generate 20 random bytes
>>2. Concatencate the reversed e-mail address to the original
>>3. Load the e-mail address into RC4 as the key
>>4. Encrypt the 20 bytes generated in step 1.
>>5. Use the output as the hash.
>>
>>The hash (step 5), the user's e-mail address and the random bytes (step 1)
>>are
>>saved in the database.
>
>Yes, I believe that this is secure for your purpose, but I have a question. 
>Why do you just XOR the random bytes into the keystream?  Why not add them on
>to the end (or beginning) of the e-mail address as part of the key?
=====BEGIN PGP SIGNATURE=====
Version: PGPfreeware 5.5.3i for non-commercial use <http://www.pgpi.com>
Comment: PGP 6.0.2i executables: coming soon to a server near you

iQA/AwUBNsLQjSqje/2KcOM+EQLvlgCgsV5eIUrRivVYEGblxid1feWTj58AmwX1
rV2RvKjhq2jEaDhI6RVGqdsn
=zuQ+
=====END PGP SIGNATURE=====

_________________________________________
Mann mu� nicht Gro� sein, um Gro� zu sein
=========================================
 Remove the x's and replace .ru with .se
       in e-mail address to reply
=========================================
PGP Key ID : 0x8A70E33E
Fingerprint: 95F1 074D 336D F8F0 F297
             6A5B 2AA3 7BFD 8A70 E33E
http://certserver.pgp.com:11371/pks/lookup?op=get&search=0x8A70E33E
The above mail should not be
considered mine if the PGP signature
cannot be verified with the above key
(which information is included in
each and every of my Usenet posts.)

------------------------------


** FOR YOUR REFERENCE **

The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:

    Internet: [EMAIL PROTECTED]

You can send mail to the entire list (and sci.crypt) via:

    Internet: [EMAIL PROTECTED]

End of Cryptography-Digest Digest
******************************
Cryptography-Digest Digest #70

Reply via email to
