Cryptography-Digest Digest #174, Volume #9 Tue, 2 Mar 99 12:13:04 EST
Contents:
Re: What do you all think about the new cipher devised by a 16 year old? (Daniel
James)
Re: True Randomness - DOES NOT EXIST!!! ([EMAIL PROTECTED])
Re: RANDOM (let's end this?) (R. Knauer)
Re: paper on all 15 AES candidates ?? (dan)
Re: public read, secure write? (Doug Stell)
Book, Seizing the Enigma (Jim Haynes)
Re: True Randomness - DOES NOT EXIST!!! (R. Knauer)
Re: My Book "The Unknowable" (R. Knauer)
Re: One-Time-Pad program for Win85/98 or DOS (Daniel Kinnaer)
Steganography in PGP messages using DSA? (EO)
Re: RSA Cryptography Crack (Thomas Pornin)
RSA Cryptography Crack ("Jon")
Re: Testing Algorithms [moving off-topic] (Somniac)
Re: One-Time-Pad program for Win85/98 or DOS (R. Knauer)
----------------------------------------------------------------------------
From: Daniel James <[EMAIL PROTECTED]>
Subject: Re: What do you all think about the new cipher devised by a 16 year old?
Date: Tue, 02 Mar 1999 14:25:45 GMT
Reply-To: [EMAIL PROTECTED]
In article <7b7k7i$c5l$[EMAIL PROTECTED]>, Bill Unruh wrote:
> She developed it out of work she did on a summer job with a US company,
> who are probably the ones pushing for a patent.
>
Actually she did the work while doing a summer job for a PKI company in
the Republic of Ireland. There's a comment by someone at that company at
http://www.baltimore.ie/fr_sub_press_room.html which seems to suggest
that neither she nor the company expects to get rich from the research.
There are also some press links from that URL (though at least one of
them seems to have become invalid since the link was created).
Cheers,
Daniel James
Daniel at sonadata.demon.co.uk
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: True Randomness - DOES NOT EXIST!!!
Date: Tue, 2 Mar 1999 14:23:47 GMT
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] (R. Knauer)
writes:
> On 1 Mar 99 11:39:09 -0400, [EMAIL PROTECTED] (John Briggs)
> wrote:
>
>>Still devoid of meaning. If it's outside the Universe, it can't affect
>>something inside the Universe. That's basic to pretty much any definition
>>of "the Universe".
>
> That is a definition of the Universe in terms of Physics. But Physics
> is not intended to address questions outside the material realm.
I didn't realize that you were attempting to address questions outside
the material realm.
I consider any such considerations religious in nature. And I try not
to argue religion. Good day, sir.
John Briggs [EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (R. Knauer)
Subject: Re: RANDOM (let's end this?)
Date: Tue, 02 Mar 1999 13:58:31 GMT
Reply-To: [EMAIL PROTECTED]
On Tue, 02 Mar 1999 02:21:17 GMT, [EMAIL PROTECTED] wrote:
>Not that I don't like religous quotes on the universe,
I have yet to see one religious quote anywhere. What "religious
quotes" are you talking about?
The Supreme Being of existential metaphysics must not be confused with
the god of establishment religion. For one thing the Supreme Being
does not start wars like the Crusades, nor does it torture people like
at the Inquisition. Furthermore the Supreme Being knows for certain
that the Sun is at the center of our solar system, so it would never
have tried to burn Galileo at the stake like the god of establishment
religion did.
The Supreme Being of existential metaphysics would never have anything
to do with the god of establisment religion. The god of establishment
religion is a false god created by tyrants to enslave mankind. The
Supreme Being created all men to be free.
BTW, the concepts of existential metaphysics have strong parallels to
such considerations as Godel-Turing-Chaitin indeterminancy and quantum
mechanical randomness. There are also parallels in number theory. That
is expected because the Supreme Being has properties seen in infinite
sets.
But back to our regularly scheduled program on crypto.
>but the fact is, how do you create an abitrary number?
There are infinitely many uncomputable numbers, so you cannot expect a
*classical* algorithm running on a *classical* computer to generate
them.
>Algorithm! How do you create a random number?
You create a truly random number from a physical process that is truly
random, like radioactive decay - at least in principle. Or you can
build a specialized *quantum* computer that runs a *quantum* random
number algorithm. In fact, those have already been developed and
tested in the field. They work, too.
>There has to be some factor in the decision. The more factors the more
>'random'.
I do not understand that statement. It seems to be saying that
classical chaos explains true randomness. But that is incorrect. True
randomness of the quantum mechanics is fundamentally different from
classical chaos.
For one thing, we can predict the weather a few days ahead, but you
will *NEVER* predict when a given radioisotope is going to decay
spontaneously. *NEVER*. The reason is that we are finite, and the
reason that a radioisotope does decay is infinite. That is, there are
an infinity of factors that go into the spontaneous transition of a
quantum system. The collapse of a statevector is the result of an
infinitude of factors, even if the system is evolving under the
direction of a rigid Hamiltonian. There are still an infinite number
of eigenstates that contribute to the spontaneous transition from one
state to another.
That's what makes the transistion random. True randomness is caused by
infinity. Or put another way, if the underlying basis of reality is
infinity, then that basis must be random, because it includes
everything possible on an independent and equidistributed basis.
The most fundamental reason why the Universe is random is that the
Creator of the Universe is infinite.
>So there is no such thing as random, just close enough.
There is true randomness in quantum mechanics, if by "true randomness"
you mean complete independence and equidistribution over a given
sample space. The sample space for a crypto-grade random number must
include all possible numbers - none can be excluded.
A crypto-grade random number, one that is suitable for use in the
proveably secure OTP cryptosystem, comes from a process that is
capable of generating all possible finite sequences equiprobably. Only
then will the cryptanalyst not be able to decide what the key is.
Bob Knauer
"There is much to be said in favour of modern journalism. By giving us the opinions
of the uneducated, it keeps us in touch with the ignorance of the community."
--Oscar Wilde
------------------------------
From: dan <[EMAIL PROTECTED]>
Subject: Re: paper on all 15 AES candidates ??
Date: Tue, 02 Mar 1999 12:57:27 GMT
In article <7bg320$mck$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (Bill Unruh) wrote:
> In <7bek8f$7ce$[EMAIL PROTECTED]> Fauzan Mirza <[EMAIL PROTECTED]>
writes:
> ]Also, Twofish has an interesting property which will be described
> ]at the AES conference. The AES version of the paper can be downloaded
> ]from either Sean Murphy's or my home page.
> And then you do not give your home page address.
>
Try http://fermat.ma.rhbnc.ac.uk/~fauzan/
There's also a paper entitled "Block Ciphers and Cryptanalysis" that's worth a
read.
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: [EMAIL PROTECTED] (Doug Stell)
Subject: Re: public read, secure write?
Date: Tue, 02 Mar 1999 14:58:58 GMT
On 2 Mar 1999 13:18:12 GMT, Florian Erhard
<[EMAIL PROTECTED]> wrote:
>Paul Rubin <[EMAIL PROTECTED]> wrote:
>: In article <7bg8lq$ebb$[EMAIL PROTECTED]>,
>: Florian Erhard <[EMAIL PROTECTED]> wrote:
>: >Given is the following situation: There's a set of data,
>: >saved in a file, which should be protected under following conditions:
>
>: Unless I've missed something, this is a trivial application of digital
>: signatures. The owner of the file simply signs it using his/her
>: secret key. Other people use the owner's public key to check the
>: signature. Is there more to it than that?
>
>This was my solution, too. But my problem is this situation:
>The attacker Charly deletes the data of User Alice.
>Then he creates a new file with the same name, him as the owner and
>the data and signs it with his key.
>The "operating system" now cannot detect that Charly in fact stole
>the data of Alice, since the only place where information about
>the owner is stored is the data itself.
Unless I've now missed something, this is a trivial application of
signed certificates. The certificate simply attests to the binding of
the key to the individual and that binding is digitally signed by a
mutually trusted party. Unless attacker Charly can either obtain a
compromised copy of Alice's private key or can get the CA to issue him
a bogus certificate, the attack is detectable.
------------------------------
From: [EMAIL PROTECTED] (Jim Haynes)
Subject: Book, Seizing the Enigma
Date: 2 Mar 1999 08:50:09 -0600
Reply-To: [EMAIL PROTECTED]
This is not an advertisement, but for those who might be interested I got
a Barnes & Noble sale catalog in the mail yesterday and they have Seizing
the Enigma discounted to $9.95, catalog number E145737. Not clear whether
you can order from the web page or if you have to call them at
1-800-THE-BOOK.
------------------------------
From: [EMAIL PROTECTED] (R. Knauer)
Subject: Re: True Randomness - DOES NOT EXIST!!!
Date: Tue, 02 Mar 1999 15:26:51 GMT
Reply-To: [EMAIL PROTECTED]
On Tue, 2 Mar 1999 14:23:47 GMT, [EMAIL PROTECTED] wrote:
>I didn't realize that you were attempting to address questions outside
>the material realm.
>I consider any such considerations religious in nature. And I try not
>to argue religion. Good day, sir.
Well, you can consider them whatever you want, but you cannot equate
all thought about non-material objects as religious just because they
are not in the material realm.
How would you categorize pure mathmatics? There is no such thing as a
Perfect Circle in the material realm. It is a complete impossibility.
Does that mean you consider plane geometry to be religious and
therefore you will not consider such things.
It sounds like you are taking your Positivism far too seriously.
Bob Knauer
"There is much to be said in favour of modern journalism. By giving us the opinions
of the uneducated, it keeps us in touch with the ignorance of the community."
--Oscar Wilde
------------------------------
From: [EMAIL PROTECTED] (R. Knauer)
Crossposted-To: sci.math,sci.physics,sci.logic
Subject: Re: My Book "The Unknowable"
Date: Tue, 02 Mar 1999 15:29:14 GMT
Reply-To: [EMAIL PROTECTED]
On Tue, 02 Mar 1999 10:08:12 -0500, "james d. hunter"
<[EMAIL PROTECTED]> wrote:
> What most people 'know' generally goes under a heading
> of personal information. Its 'secrecy' is important
> mostly from a legalistic, proprietary rights, & decorum
> point-of-view rather than 'earth shattering news'
> point-of-view.
Are you saying that you do not accept the reality of objective truth?
If so, that means you reject Realism as a worldview, which in turn
means you reject Western natural science.
Bob Knauer
"There is much to be said in favour of modern journalism. By giving us the opinions
of the uneducated, it keeps us in touch with the ignorance of the community."
--Oscar Wilde
------------------------------
From: [EMAIL PROTECTED] (Daniel Kinnaer)
Crossposted-To: alt.security,alt.privacy
Subject: Re: One-Time-Pad program for Win85/98 or DOS
Date: Tue, 02 Mar 1999 15:37:54 GMT
On Tue, 02 Mar 1999 00:30:26 GMT, [EMAIL PROTECTED] (R. Knauer)
wrote:
>
>OK, now for the question of the hour - how do you characterize your
>pseudo-random numbers to be cryptographically strong enough to meet
>that criterion?
>
>Bob Knauer
>
Perhaps if you check your sample of numbers and within this sample
_every_ number has a 50% chance of being picked out of the bunch...
Translate this to XOR being used in a OneTimeKey : this means that in
the OTK every bit (in a byte) has as much chance to be picked out as
every other bit standing next to him. There are very nice tools which
can check a sample on "bit-randomness" within a given file. If you
would check a bitmap with this tool, you immediately would spot that
the first bit of a byte has about 70% chance of being 1 instead of
0... Thus, one can not use a bitmap as a good/valid OTK. The same
goes for exe-files and every other kind of "structured" information.
Best regards,
Daniel
------------------------------
Date: 2 Mar 1999 16:39:11 -0000
From: EO <Use-Author-Address-Header@[127.1]>
Crossposted-To: alt.security.pgp,comp.security.pgp.discuss
Subject: Steganography in PGP messages using DSA?
=====BEGIN PGP SIGNED MESSAGE=====
Hello all,
Would it be possible to modify PGP's implementation of DSA
to have it take advantage of the DSA sublinimal channel for
steganographic purposes?
- --EO
~~~
This PGP signature only certifies the sender and date of the message.
It implies no approval from the administrators of nym.alias.net.
Date: Tue Mar 2 16:39:07 1999 GMT
From: [EMAIL PROTECTED]
=====BEGIN PGP SIGNATURE=====
Version: 2.6.2
iQEVAwUBNtwULk5NDhYLYPHNAQF4PQf/X3Eqa1yYg7JEnazowQFI6tCxf/mnbZkz
Mz4Erx6rFTAKVOjl8mgZelcbjGqiIrDLK7hP5hbxzxvLzcduXCTEW44Jc0bqJfui
SZq75BvOMKEWBKfCrudhSPNw25gx5y/Yu+raPIXHPNCiwX4WPmI2IcZSZqyMEq4x
4iiOl5KuYJrceF0ljxK6MX6LWjK/evCb5U3J+8rSuKpzy83qJCkwjVfUMKgd89AW
EPgf4aAojmDua1oJqSUapB653sxXQSa1Puw/ivqraMM07k1oa7VKR7UBMTM3vWxi
ysFBZfBCPBvTGr3qC5V5QJwjCYQTIucmCTnDjSNFR3C3D/tlA+UsBg==
=dze8
=====END PGP SIGNATURE=====
------------------------------
From: [EMAIL PROTECTED] (Thomas Pornin)
Subject: Re: RSA Cryptography Crack
Date: 2 Mar 1999 16:16:45 GMT
According to Jon <[EMAIL PROTECTED]>:
> David Levy, head of Tiger Security Systems is quoted as saying:
> "The RSA encryption algorithm was supposed to be uncrackable until two
> guys in Cambridge University did it. Nothing is impossible."
If this guy really exists, he is a complete lamer. RSA has not been
publicly broken for the moment.
> I was under the impression that there was no algorithm which would crack an
> RSA encoded message within a realistic time-scale due to the slow task of
> factorising 64 bit Numbers with only 2 (LARGE and unique) Prime Factors!
Actual record is 465 bits. However, RSA is rarely used with keys smaller
than 512 bits, and 1024 bits is a standard value.
--Thomas Pornin
------------------------------
From: "Jon" <[EMAIL PROTECTED]>
Subject: RSA Cryptography Crack
Date: Tue, 2 Mar 1999 15:54:23 -0000
Dear all,
On the BBC's News Website today article
http://news.bbc.co.uk/hi/english/sci/tech/newsid_288000/288965.stm
David Levy, head of Tiger Security Systems is quoted as saying:
"The RSA encryption algorithm was supposed to be uncrackable until two guys
in Cambridge University did it. Nothing is impossible."
I was under the impression that there was no algorithm which would crack an
RSA encoded message within a realistic time-scale due to the slow task of
factorising 64 bit Numbers with only 2 (LARGE and unique) Prime Factors!
Could someone please direct me towards a Website with more information on
the crack Mr Levy describes above.
Thanks a lot,
Jon H-E
------------------------------
From: Somniac <[EMAIL PROTECTED]>
Subject: Re: Testing Algorithms [moving off-topic]
Date: Tue, 02 Mar 1999 08:23:23 -1000
Somniac wrote:
>
> Dave Knapp wrote:
> >
> > Patrick Juola wrote:
> > >
> > > Good answer. Now, the *next* question -- what's the minimum energy
> > > of a photon?
> >
> > In order to know that, I've got to know the size of the Universe. What
> > is it? Then I'll tell you.
> >
> > -- Dave
> >
> > P.S. I'm serious. Go look up "blackbody radiation" and you'll see why.
>
> Here is an example calculation:
> A radio antenna 1000 km long makes photons with a wavelength L as
> long as the antenna. The energy of the photon is
>
> e=hc/L
>
> h is planck's constant
> c is speed of light in a vacuum
>
> e = 2^-100 joules
>
> ____________________________________
>
> A wavelength of a lighthour 10^9 km : e = 2^-120 J
> One lightyear : e= 2^-160 J
> 16 billion lightyears: e = 2^-194 J
CONCLUSION
__________
This thread can be summarized in two categories: brute force machines
made with today's technology and brute force key testing machines
made with future technology. It is not useful to guess that magical
solutions will be made for every problem, so this message only addresses
today's technology.
If energy is used for each key test of 2^256 key tests and there is some
inefficiency, then at least one quantified unit of energy would be
lost for each calculation. A photon with a wavelength of a lightyear
has 2^-160 Joules of energy, but it takes an antenna a year to make
that photon. So to use 2^256 such photons would take 2^96 antenna years
and each antenna is a lightyear in size.
That example show the tradeoff between reducing the energy of a photon
and the time it takes for one cycle to complete for that frequency
of light. Thus, small energy photons are not usable to test 2^256 keys.
Another current mechanism is to use electrons in matter to make
transitions. But these transitions take much larger energies than the
long photons mentioned above. Electrons making transitions between
energy levels in atoms only have certain values which cannot be made
arbitrarily small, like a radio antenna can be made to radiate at any
frequency.
There is no known way, using current technology, to make a logic gate
with arbitrarily high efficiency so that 2^256 keys can be tested
using all the material on Earth.
------------------------------
From: [EMAIL PROTECTED] (R. Knauer)
Crossposted-To: alt.security,alt.privacy
Subject: Re: One-Time-Pad program for Win85/98 or DOS
Date: Tue, 02 Mar 1999 16:34:22 GMT
Reply-To: [EMAIL PROTECTED]
On Tue, 02 Mar 1999 15:37:54 GMT, [EMAIL PROTECTED] (Daniel
Kinnaer) wrote:
>Perhaps if you check your sample of numbers and within this sample
>_every_ number has a 50% chance of being picked out of the bunch...
>
>Translate this to XOR being used in a OneTimeKey : this means that in
>the OTK every bit (in a byte) has as much chance to be picked out as
>every other bit standing next to him. There are very nice tools which
>can check a sample on "bit-randomness" within a given file. If you
>would check a bitmap with this tool, you immediately would spot that
>the first bit of a byte has about 70% chance of being 1 instead of
>0... Thus, one can not use a bitmap as a good/valid OTK. The same
>goes for exe-files and every other kind of "structured" information.
There is a fatal flaw in doing that - it only gives the *appearance*
of randomness.
For example, the digit expansion of pi meets the criteria you stated
above, but it is hardly a true random number.
Bob Knauer
"There is much to be said in favour of modern journalism. By giving us the opinions
of the uneducated, it keeps us in touch with the ignorance of the community."
--Oscar Wilde
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
