Cryptography-Digest Digest #123, Volume #9 Mon, 22 Feb 99 23:13:06 EST
Contents:
Re: Decoding messages from ETI. ("Foobar T. Clown")
Re: Anyone know of any good stream chipers? (R. Knauer)
Re: Standard fileheaders for encrypted files ("Foobar T. Clown")
Re: Testing Algorithms (Withheld)
Re: Testing Algorithms ("Trevor Jackson, III")
Re: Testing Algorithms (Vernon Schryver)
Re: Anyone know of any good stream chipers? ("Rats")
Re: Testing Algorithms ("Trevor Jackson, III")
Re: Randomness based consciousness?. (Was: Re: *** Where Does The Randomness Come
From ?!? *** ) (R. Knauer)
Re: Randomness based consciousness?. (Was: Re: *** Where Does The Randomness Come
From ?!? *** ) ("james d. hunter")
Re: Where to publish hashes? ("Kevin G. Rhoads")
Re: Anyone know of any good stream chipers?
Quantum Cryptography (R. Knauer)
Re: Randomness based consciousness?. (Was: Re: *** Where Does The Randomness Come
From ?!? *** ) ("james d. hunter")
Re: Interesting DES results (Paul Rubin)
128 bit encryption ("tomjudy")
Re: Interesting DES results (Scott Fluhrer)
Re: Anyone know of any good stream chipers? (R. Knauer)
----------------------------------------------------------------------------
Date: Mon, 22 Feb 1999 09:21:08 -0500
From: "Foobar T. Clown" <[EMAIL PROTECTED]>
Subject: Re: Decoding messages from ETI.
Douglas A. Gwyn wrote:
>
> Anyone interested in this topic should read "The Possibility of
> Intelligent Life Elsewhere in the Universe", report prepared for the
> Committee on Science and Technology, U.S. House of Representatives,
> ...
Should probably also read the novel, "His Master's Voice," by Stanislaw
Lem, Harcourt Brace, 1984.
------------------------------
From: [EMAIL PROTECTED] (R. Knauer)
Subject: Re: Anyone know of any good stream chipers?
Date: Mon, 22 Feb 1999 22:33:20 GMT
Reply-To: [EMAIL PROTECTED]
On Tue, 23 Feb 1999 10:24:46 +1300, "Rats" <[EMAIL PROTECTED]>
wrote:
>Just wondering if someone could point me in the direction of good Stream
>Ciphers. I am interested in the algorithms rather than source code or
>executables.
Define "good stream ciphers".
How good is good enough for your application?
Bob Knauer
"If experience teaches us anything at all, it teaches us this: That a good
politician, under democracy, is quite as unthinkable as an honest burglar."
--H.L. Mencken
------------------------------
Date: Mon, 22 Feb 1999 09:29:04 -0500
From: "Foobar T. Clown" <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto
Subject: Re: Standard fileheaders for encrypted files
Kiril Kesarev wrote:
>
> ...
>
> The reason for the above question is that exportable crypto should
> not be easily modifiable to support longer keys. This implies that
> multiple encryption must be blocked. The problem is that if I write
> exportable software which blocks multiple encryption, the blocking
> does not extend to other encryption software. An encrypted file can
> be encrypted a second and third time with other programs.
If your program writes a file, somebody else can write a program that
encrypts that file. There is nothing you can do to prevent it. There
is no magic cookie you can put in your output to tells every other
crypto program in the world, "This message has already been encrypted to
the maximum extent allowed by law."
------------------------------
From: Withheld <[EMAIL PROTECTED]>
Subject: Re: Testing Algorithms
Date: Mon, 22 Feb 1999 22:40:55 +0000
Reply-To: Withheld <[EMAIL PROTECTED]>
In article <7armki$c81$[EMAIL PROTECTED]>, Fabrice Noilhan
<[EMAIL PROTECTED]> writes
>According to Steven Runyeard <[EMAIL PROTECTED]>:
>> >And how much processor power would that be? Have you actually
>> >done the math?
>>
>> Go back 10 years and the best you would have got from an average
>> desktop computer was around 10 MIPs. Now we are seeing Pentium
>> processors which can almost do 2,000 MIPs. Have you done the maths?
>
>So, it is less than an 8-bit longer key advantage... I don't see your
>point.
>
> Fabrice
Take a look at some figures:
Go back a few years and a 286-20 was considered a top-spec home PC.
A P350 machine is roughly 50 times faster.
If, for example, testing 1,000,000 keys per second would take
1,000,000,000 years to brute-force an algorithm, then it follows that if
you could perform 1,000,000,000,000,000 keys per second then it would
only take one year. Hence, with enough processor power, it becomes
brute-forceable.
56-bit DES was once considered unbreakable but was recently broken in
less than 24 hours (and we can only speculate what the likes of NSA and
GCHQ have got available to throw at this stuff).
--
Withheld
------------------------------
Date: Mon, 22 Feb 1999 19:53:59 -0500
From: "Trevor Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: Testing Algorithms
Coen Visser wrote:
> [EMAIL PROTECTED] writes:
> > [EMAIL PROTECTED] (Coen Visser) wrote:
> >> fungus <[EMAIL PROTECTED]> writes:
>
> >>>So you think a 256 bit key will eventually be brute forced?
>
> >> Why not? Who can look 50 years into the future or 100 years or 200 years?
> >
> >Anyone with more than 2 brain cells working.
>
> Bad day?
>
> >This gets tiresome. Doesn't anyone know how to do arithmetic anymore???
> >
> >(1) There are physical limits to how fast we can make computers. We haven't
> >reached them yet, but we will.
>
> Yes, but we don't know what those limits are. Only for architectures that
> are studied today.
>
> >(2) There are physical limits to how small we can make computers. We haven't
> >reached them yet, but we will.
>
> Yes, but we don't know what those limits are. Only for architectures that
> are studied today.
>
> >Yes, we can change to faster semi-conductors (e.g. Gallium Arsenide). Yes, we
>
> Computer != semi-conductor.
>
> [...]
>
> >I suggest you do the arithmetic. Assume we have computers that are 10^10
>
> [...]
>
> I suggest you look at what was stated: "So you think a 256 bit key will
> eventually be brute forced?"
> ^^^^^^^^^^
> How can you claim that your (engineering) knowledge is still valid 50
> or 500 years from now? I think eventually is a pretty long time.
>
> >What is it that drives people to make these wild claims and speculations
> >without doing the arithmetic? Computers can not continue to get faster
> >indefinitely.
>
> Agreed, but the limits are not known.
Actually some of the limits are known. The size of the observable universe puts
an upper limit on the size of a useful computing device. The plank scale puts a
lower limit on the size of a useful computer component. Ignoring energy usage and
the speed of light, there are still definite limits which we cannot expect to
pass.
Yes, this is limited by our understanding of the universe, and thus subject to
change. But if our concept of the universe does not change, then neither do the
limits to computing. As far as I can tell there is no conceivable computing
device that can enumerate the intergers up to 2^1000.
------------------------------
From: [EMAIL PROTECTED] (Vernon Schryver)
Subject: Re: Testing Algorithms
Date: 22 Feb 1999 13:03:22 -0700
In article <7as6ba$2ia$[EMAIL PROTECTED]>, Thomas Pornin <[EMAIL PROTECTED]> wrote:
>> The fact that doomsayers have been predicting physical limits to
>> the maximum speed of computers for 20 years now, and the successive
>> violation of these physical "limits" has become routine.
>
>Actually this is not the point. What is important is to realize that,
>when science achieves the building of computers that can brute-force
>256 bit keys, it will also allow the cheap construction of brain wave
>analyzors that will make this whole key-search thing a utterly useless
>game. Therefore there is no point in trying to get protection against
>such an attack.
That's a good way of making the point.
Another is to demand even a single example of reputable "cries of wolf"
about the limits of computing in the "20 years (sic)" since "1969 (sic)".
There have been plenty of false statements about economic limits (e.g. "no
one needs more computers or computing than X") and manufacturing limits
(e.g. "visible light lithography will soon run out of steam). However,
I think there have been no reputable, knowledgeable statements about
the theoretical physical limits of computing that have been overturned in
the last 50 years. Certainly the coarse, very optimistic estimates of
bobs have never been threatened, at least as they apply to computers
with anything like what we now think of as "cycles."
The cause of the silly statements about the near future ease of brute
force attacks on 256 keys is is that many people cannot count better than
"1, 2, 3, many." They simply cannot understand that multiplying by 10 is
different from raising to the tenth power. That's why they also don't
see how stupid they sound when they claim that because 8, 16, and 32 bit
addresses spaces have each been exceeded in the last 40 years, therefore
by 2015 their PC's will have 2*64 bytes of storage. They really feel (as
opposed to 'think') that 2**64 bytes is only a little more than 4 times
as many as 2**16, and that brute searching 2**256 keys would talk only a
little more than four times the time needed for 2**64.
The only way to communiate to the hopeless innumerate is by saying
115792089237316195423570985008687907853269984665640564039457584007913129639936
and never mention 2**256.
--
Vernon Schryver [EMAIL PROTECTED]
------------------------------
From: "Rats" <[EMAIL PROTECTED]>
Subject: Re: Anyone know of any good stream chipers?
Date: Tue, 23 Feb 1999 13:26:27 +1300
Definition of a "good" stream chiper according to me:
A chiper that would require at least a $10,000 investment to crack within a
reasonable time (say 3 - 4 hrs, 10 PII 300s working in parallel?).
Now can you recommend one? As I mentioned before the algorithm is what I am
interested in not source code or exes.
Thanks
Ratnesh Gautam
R. Knauer wrote in message <[EMAIL PROTECTED]>...
>On Tue, 23 Feb 1999 10:24:46 +1300, "Rats" <[EMAIL PROTECTED]>
>wrote:
>
>>Just wondering if someone could point me in the direction of good Stream
>>Ciphers. I am interested in the algorithms rather than source code or
>>executables.
>
>Define "good stream ciphers".
>
>How good is good enough for your application?
>
>Bob Knauer
>
>"If experience teaches us anything at all, it teaches us this: That a good
>politician, under democracy, is quite as unthinkable as an honest burglar."
>--H.L. Mencken
>
------------------------------
Date: Mon, 22 Feb 1999 19:44:33 -0500
From: "Trevor Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: Testing Algorithms
Patrick Juola wrote:
> In article <[EMAIL PROTECTED]>,
> Trevor Jackson, III <[EMAIL PROTECTED]> wrote:
> >Coen Visser wrote:
> >
> >> fungus <[EMAIL PROTECTED]> writes:
> >> >Vegeta-the original Super Saia-jin wrote:
> >>
> >> [...]
> >>
> >> >> As far as security goes, key length helps, but it won't make it secure, I
> >> >> think that DES proves that, it's a joke, and a bad one at that.
> >> >>
> >> >
> >> >So you think a 256 bit key will eventually be brute forced?
> >>
> >> Why not? Who can look 50 years into the future or 100 years or 200 years?
> >
> >You may be underestimating the steepness of exponentials. 2^256 is a fearsome
> >number. Rather than envisioning a machine (or machines) doing trial
> >decryptions, try envisioning simply counting up to 2^256.
> >
> >At forseeable PC speeds of around 1GHz (2^30) you'd need 2^226 machine-seconds.
> >If you envision machines a billion times faster you need 2^196 machine seconds.
>
> On the other hand, Moore's Law has suggested that machine speed
> doubles about ever eighteen months. This means that a machine a billion
> times faster (2^30) will only take about 45 years to develop.
>
> A machine 2^200 times faster than current machines -- which *can* brute
> force 56-bit keys, will require about 300 years to develop, according
> to Moore's law.
>
> Given that people have, for the past 20 years, routinely been claiming
> that "Moore's Law cannot hold much longer due to fundamental physical
> limitations," it's starting to look like betting that Moore's law
> will NOT hold isn't a safe bet.
>
Well Moore's law is expressed as a exponential in that it is a compounding formula.
If a single "machine" (including stuff like distributed.net) can handle a billion
keys per second, we only need 1.5*226 = 339 years before it can test 2^256 keys per
second.
I agree that there is no perceptible slowdown in the performance described by
Moore's law. But we *are* going to hit some physical limits eventually. The example
I gave was a reductio explanation of why breaking 256-bit keys is probably not going
to happen in the next hundred years. Do you disagree?
------------------------------
From: [EMAIL PROTECTED] (R. Knauer)
Crossposted-To:
sci.skeptic,sci.philosophy.meta,sci.psychology.theory,alt.hypnosis,sci.logic
Subject: Re: Randomness based consciousness?. (Was: Re: *** Where Does The Randomness
Come From ?!? *** )
Date: Tue, 23 Feb 1999 01:33:14 GMT
Reply-To: [EMAIL PROTECTED]
On Mon, 22 Feb 1999 19:42:20 -0500, "james d. hunter"
<[EMAIL PROTECTED]> wrote:
> > Greg Chaitin, in his book "Algorithmic Information Theory" states
>>that random numbers are the same as the uncomputable reals. IOW, they
>>exist alright but there is no reason for them to exist.
> I can agree with that, except that I as far I know
> there is no real known reason for anything to exist.
There is only one real known reason for anything to exist: You exist.
If you did not exist, nothing would exist for you.
Bob Knauer
"If experience teaches us anything at all, it teaches us this: That a good
politician, under democracy, is quite as unthinkable as an honest burglar."
--H.L. Mencken
------------------------------
From: "james d. hunter" <[EMAIL PROTECTED]>
Crossposted-To:
sci.skeptic,sci.philosophy.meta,sci.psychology.theory,alt.hypnosis,sci.logic
Subject: Re: Randomness based consciousness?. (Was: Re: *** Where Does The Randomness
Come From ?!? *** )
Date: Mon, 22 Feb 1999 20:45:46 -0500
Reply-To: [EMAIL PROTECTED]
R. Knauer wrote:
>
> On Mon, 22 Feb 1999 19:42:20 -0500, "james d. hunter"
> <[EMAIL PROTECTED]> wrote:
>
> > > Greg Chaitin, in his book "Algorithmic Information Theory" states
> >>that random numbers are the same as the uncomputable reals. IOW, they
> >>exist alright but there is no reason for them to exist.
>
> > I can agree with that, except that I as far I know
> > there is no real known reason for anything to exist.
>
> There is only one real known reason for anything to exist: You exist.
>
> If you did not exist, nothing would exist for you.
Well, that part I got figured out ;>
I was going into the Big Bang metaphysics.
------------------------------
From: "Kevin G. Rhoads" <[EMAIL PROTECTED]>
Subject: Re: Where to publish hashes?
Date: Mon, 22 Feb 1999 18:19:33 -0800
>Print the message contained in the news group. Sign and date the
>printout. Send the printout by certified mail to yourself. Give the
>unopened certified mail to your lawyer to hold. Get a dated receipt.
For this purpose, "certified" mail is close to useless. "Registered" mail
is better, and send it DIRECTLY to the lawyer (or other trustee),
NOT to yourself.
Better yet, do the newsgroup thing, but have the print-out printed
as a legal ad in one of the "newspaper of record"s (your town's,
the nearest big city's) -- you have convenience in the electronic copy
and legal record in the published copy.
There is nothing to prevent you from publishing in several "record"
newspapers, either.
For even better suggestions, ask in one of the legal-oriented NGs.
--
Kevin G. Rhoads, Ph.D. (Linearity is a convenient fiction.)
[EMAIL PROTECTED]
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] ()
Subject: Re: Anyone know of any good stream chipers?
Date: 23 Feb 99 01:35:42 GMT
Rats ([EMAIL PROTECTED]) wrote:
: Just wondering if someone could point me in the direction of good Stream
: Chipers. I am interested in the algorithms rather than source code or
: executables.
Very few stream ciphers have recieved enough notice in the academic
community for anything much to be said for their security. Exceptions you
might consider are:
- RC4, as it is alleged to be;
- Panama, a "cryptographic primitive" by Joan Daemen which can be used as
a stream cipher or a hash function;
- A secure block cipher run in OFB mode.
Information on all these algorithms is available on my web site, at
http://members.xoom.com/quadibloc/index.html
John Savard
------------------------------
From: [EMAIL PROTECTED] (R. Knauer)
Subject: Quantum Cryptography
Date: Tue, 23 Feb 1999 02:44:08 GMT
Reply-To: [EMAIL PROTECTED]
>From "Explorations In Quantum Computing" by Colin P. Williams and
Schoot H. Clearwater", ISBN 0-387-94768-X:
+++++
"Moreover, the United States govternment is quietly funding research
in code-breaking, using quantum computers".
--Preface, p. xii.
+++++
Hmm...
Bob Knauer
"If experience teaches us anything at all, it teaches us this: That a good
politician, under democracy, is quite as unthinkable as an honest burglar."
--H.L. Mencken
------------------------------
From: "james d. hunter" <[EMAIL PROTECTED]>
Crossposted-To:
sci.skeptic,sci.philosophy.meta,sci.psychology.theory,alt.hypnosis,sci.logic
Subject: Re: Randomness based consciousness?. (Was: Re: *** Where Does The Randomness
Come From ?!? *** )
Date: Mon, 22 Feb 1999 19:42:20 -0500
Reply-To: [EMAIL PROTECTED]
R. Knauer wrote:
>
> On Mon, 22 Feb 1999 09:43:15 -0500, "james d. hunter"
> <[EMAIL PROTECTED]> wrote:
>
> > TRUE RANDOMNESS is simply the universe's way of propagating
> > weird theories of randomness. Nothing more, nothing less.
>
> Greg Chaitin, in his book "Algorithmic Information Theory" states
that
> random numbers are the same as the uncomputable reals. IOW, they
exist
> alright but there is no reason for them to exist.
I can agree with that, except that I as far I know
there is no real known reason for anything to exist.
---
Jim
------------------------------
From: [EMAIL PROTECTED] (Paul Rubin)
Subject: Re: Interesting DES results
Date: Tue, 23 Feb 1999 02:51:52 GMT
In article <[EMAIL PROTECTED]>, bill johnson <same> wrote:
>The second test was to measure the + or - difference from one byte to
>the next. This was an eye opener. The plot looks like a nearly perfect
>inverted 'V'. In fact amazingly so.
>
>I've tried this on two different sources and I get the same result.
>
>Any comments from the grouop? I have the data and source files if
>anyone is interested.
Since the numbers are basically random you'd expect the sum or difference
to follow a binomial distribution. Not quite an inverted V, but
might look sort of like one.
------------------------------
From: "tomjudy" <[EMAIL PROTECTED]>
Subject: 128 bit encryption
Date: Tue, 23 Feb 1999 02:52:39 GMT
I am a new user, a Canadian citizen presently living in Jamaica. I want
to download 128bit encryption to do online banking but keep getting all
kinds of nasty messages saying "no". Please help!!!
--
Posted via Talkway - http://www.talkway.com
Surf Usenet at home, on the road, and by email -- always at Talkway.
------------------------------
From: Scott Fluhrer <[EMAIL PROTECTED]>
Subject: Re: Interesting DES results
Date: Tue, 23 Feb 1999 03:11:19 GMT
In article <[EMAIL PROTECTED]>,
bill johnson <[EMAIL PROTECTED]> wrote:
>The second test was to measure the + or - difference from one byte to
>the next. This was an eye opener. The plot looks like a nearly perfect
>inverted 'V'. In fact amazingly so.
>
>Any comments from the grouop? I have the data and source files if
>anyone is interested.
Next step for you to do: compute what graph you would get from truly
random data (in particular, data that had all 65536 possible pairs of
adjacent bytes equally likely). Compare that graph with the one you
obtained.
--
poncho
------------------------------
From: [EMAIL PROTECTED] (R. Knauer)
Subject: Re: Anyone know of any good stream chipers?
Date: Tue, 23 Feb 1999 01:35:57 GMT
Reply-To: [EMAIL PROTECTED]
On Tue, 23 Feb 1999 13:26:27 +1300, "Rats" <[EMAIL PROTECTED]>
wrote:
>Definition of a "good" stream chiper according to me:
>A chiper that would require at least a $10,000 investment to crack within a
>reasonable time (say 3 - 4 hrs, 10 PII 300s working in parallel?).
>Now can you recommend one? As I mentioned before the algorithm is what I am
>interested in not source code or exes.
Please learn how to spell in English. The word is "cipher", not
"chiper".
You have to give more details, like how many messages of what length
you plan to encrypt. The more you encrypt, the stronger the system you
need.
Bob Knauer
"If experience teaches us anything at all, it teaches us this: That a good
politician, under democracy, is quite as unthinkable as an honest burglar."
--H.L. Mencken
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
