Cryptography-Digest Digest #185, Volume #9 Thu, 4 Mar 99 15:13:04 EST
Contents:
Re: Testing Algorithms (Patrick Juola)
Re: My Book "The Unknowable" (Paul Healey)
Re: Doing It Right: The Next Chip Controversy
Random numbers - why so important? (Steven Runyeard)
Re: Factorisation of Polynomials with Matrixes as Coefficients (Henry Lewsal)
Re: WIN 32 Blowfish (Thiemo Sammern)
Re: Random numbers - why so important? (Patrick Juola)
Re: Where can I get a Public Key system? (Medical Electronics Lab)
is this Patented? ("Test")
BRAIN TEASERS ! ! ! (Richard Goldman)
Re: Scramdisk - paranoia (Aman)
Re: Scramdisk - paranoia (Aman)
Re: Scramdisk - paranoia (Aman)
Re: Random numbers - why so important? (Doug Stell)
Re: Random numbers - why so important? (John Savard)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Patrick Juola)
Subject: Re: Testing Algorithms
Date: 4 Mar 1999 09:34:30 -0500
In article <[EMAIL PROTECTED]>,
Shawn Willden <[EMAIL PROTECTED]> wrote:
>Withheld wrote:
>
>> In article <[EMAIL PROTECTED]>, Darren New
>> <[EMAIL PROTECTED]> writes
>> >> What I meant to say was that computing power at the time was
>> >> insufficient for a brute-force crack to be viable, rather than any
>> >> implication that DES was claimed to be unbreakable forever.
>> >
>> >Well, of course it's viable, no matter how weak your computer is. You
>> >could crack a DES key on a single Apple-II, if you wanted to wait long
>> >enough. With a 256-bit key, you can't brute-force it no matter how fast
>> >your computers run, quantum computing tentatively excluded.
>> I think you meant to say "possible" there. Theoretically, yes a 1MHz
>> Apple II could crack it if you gave it a few billion years. For most
>> purposes the information would be of academic interest after that, hence
>> the term "not viable" rather than "not possible"
>>
>> As to whether or not we will ever have the computing power available to
>> brute force a 256-bit key, take a guess - who knows what breakthroughs
>> are around the corner?
>
>You should take a look at the section in Schneier's book on thermodynamic
>limitations to brute-force attacks. He assumes an ideal computer, one in
>which the energy required to change the value of one bit in the processor is
>the smallest possible -- namely the quantum unit.
And, has been REPEATEDLY pointed out in this forum, he gets this
dead wrong as the smallest possible unit of energy for computing is
zero if you use reversible computations and get it back.
-kitten
------------------------------
From: Paul Healey <[EMAIL PROTECTED]>
Crossposted-To: sci.math,sci.physics,sci.logic
Subject: Re: My Book "The Unknowable"
Date: Thu, 4 Mar 1999 12:55:55 +0000
In article of 2 March 12:53, R. Knauer <[EMAIL PROTECTED]> writes,
>Cryptography/Cryptanalysis is a two-way cat and mouse game. Soon it
>will be the only game worth playing. But then quantum computers will
>be in widespread use, so there will be no decryption possible - and
>that game will end forever. Kinda sad, isn't it.
What is unknowable ? Maybe it is randomness. In that case I do not see
how you can end the game ! Is a syllogism or equivalence relation, a
method of reasoning that allows you to reason ?:
*Cryptography/Cryptanalysis is a two-way cat and mouse game.*
As such, can I not define it as merely a principle ? So, is the
principle a ground ? I would say, it is merely dialectical to assert
your ground - you can reason either way is in no doubt. If I up the
ante, within connectionist logic(my understanding of it), winning the
game so to speak, is not so easy. However, this does not rule out its
possibility ! Consider a schema, that works like a parallely
distributed processor: your measure of the decryption has either three
possibilities; it is successful, it is not and no decision can be made.
Betting on the first two, such a schema can negate absorption, provided
the information being processed can differentiate between those
principles which affirm and negate its ground.
Determining whether the assignments in your schema; of decryption, it is
necessary to account for their distribution. Just stating them a priori,
negates their value if they can't be used in a way which is consistent
with their meaning via the right algorithm. So, you have the reasoning
principle, what is the ordering principle ? Now put them all together.
What do you see ?
I think what Errol, E. Harris (1983. An Interpretation of the Logic of
Hegel. p318. UPA) says is very relevant; without order within in the
universe, how could we be conscious of it ? - a chaotic universe implies
there is no relation of the parts to the whole. What is the value to
science, if the truth is grounded upon mere illusion ? It can also be
argued, that those who preach subjective idealism are being deceived by
those who know what it amounts to - those that know have given up on
reason.
Speculating on chance has value, if our strategies determine the success
of our game plans. For the logician, who dogmatically assert their
notions of the undecidable, unknowable and unthinkable etc., should
really go back to philosophy instead of relegating logic to second
division(or league).
--
Paul Healey
------------------------------
From: [EMAIL PROTECTED] ()
Subject: Re: Doing It Right: The Next Chip Controversy
Date: 4 Mar 99 15:27:29 GMT
Ian Woollard ([EMAIL PROTECTED]) wrote:
: This isn't nearly sufficient or even the best way to do it. You are
: thinking chips when you should be thinking 'system'. What would happen
: if somebody made a version of the chip that decrypted the program
: and then didn't throw away the decrypted code afterwards???
The decrypted code is in the chip's cache - and only the manufacturer
knows the secret key to decrypt it. (One needs multiple versions of the
encrypted program for the multiple chip manufacturers.)
: You also have to start worrying about people screen grabbing the data
: into another computer, bypassing all of the encryption entirely.
But you are correct that a hacked video card, for example, could be used
to grab content. I've seen articles talking about "trusted printers", so I
understand what you mean there.
My concern here, however, is not to show how content protection can be
effective: I'm sure there is a lot of work going on in that field. But one
aspect of that which is likely to happen is that microprocessor chips will
be given some sort of capability for "trusted execution". (I'm not at all
saying that I particularly like that kind of development.)
What I'm focusing on here, therefore, is how such a capability can be
implemented and still coexist with concern over the privacy of computer
users, and their ability to control their own computers and protect them
from threats, and a level playing field in the software marketplace. These
are the concerns that are likely to get short shrift as we move towards
this kind of concept of the future microcomputer.
John Savard
------------------------------
From: [EMAIL PROTECTED] (Steven Runyeard)
Subject: Random numbers - why so important?
Date: Thu, 04 Mar 1999 16:52:33 GMT
Hi
I've read lots about good random number generation in this group but
why is it so important for good encryption. I can understand that it
would be useful in making encrypted files appear as random data (thus
making it hard to determine which files contain protected data) but is
the actual encryption made any stronger because of it?
Steve
------------------------------
From: Henry Lewsal <[EMAIL PROTECTED]>
Subject: Re: Factorisation of Polynomials with Matrixes as Coefficients
Date: Thu, 04 Mar 1999 08:22:24 -1000
Bo Lin wrote:
>
> Many thanks to Peter L. Montgomery's kind response.
>
> I think the X is assumed to commute with all matrices after I made a double
> check because the X is an indeterminate. They claim the problem could be more
> difficult than integer factorisation according to the following observations:
>
> (1) It is difficult to define inversion for matrix polynomials.
> (2) The existence of zero factors makes it even worse, i.e. it is possible to
> have A*B = 0 for both A <> 0 & B <> 0.
> (3) If there do exist an algorithm to factor a matrix polynomial, unlike
> integer factorisation, the result is not unique. For example, let C(X) =
> A(X)*B(X), the factorisation of C(X) could be D(X) and E(X) with C(X) =
> D(X)*E(X).
>
> All the above observations seem reasonable but I'm not sure if their claim is
> true.
>
> If anyone can give any help or comments, just like Peter, I should be very
> grateful.
>
> Best regards,
>
> Bo Lin
You have a choice of creating a public key cryptosystem with your
ideas, or creating a symmetric cipher. For a public key system,
you need a trap door one way function. The trap door may be a
particular factorization which is not published. The public key
would be the polynomial expanded into additive terms. A message
is mapped into coefficients for the public polynomial, multiplied
by matrix coefficients, factored, and sent to you. You use your
unique factorization knowledge to (fill in the blank) and then
you can read the message.
to you
------------------------------
From: [EMAIL PROTECTED] (Thiemo Sammern)
Subject: Re: WIN 32 Blowfish
Date: Thu, 4 Mar 1999 18:50:55 +0100
[This followup was posted to sci.crypt and a copy was sent to the cited
author.]
You could try the components for Borland Delphi at
http://www.crypto-central.com/
They have Blowfish, Twofish, RC6, RSA,...
HTH
Thiemo
In article <7arkil$j73$[EMAIL PROTECTED]>, [EMAIL PROTECTED]
says...
> Hi Guys,
>
> Can anybody point me to a WIN32 blowfish implementation that is
> easy to compile ? I need to use it to as a static or Dynamic library.
>
> Cheers,
>
> John
>
>
>
--
****************
Thiemo Sammern
[EMAIL PROTECTED]
****************
------------------------------
From: [EMAIL PROTECTED] (Patrick Juola)
Subject: Re: Random numbers - why so important?
Date: 4 Mar 1999 12:30:58 -0500
In article <[EMAIL PROTECTED]>,
Steven Runyeard <[EMAIL PROTECTED]> wrote:
>Hi
>
>I've read lots about good random number generation in this group but
>why is it so important for good encryption. I can understand that it
>would be useful in making encrypted files appear as random data (thus
>making it hard to determine which files contain protected data) but is
>the actual encryption made any stronger because of it?
Well, if random number generation is central to your system, and you
use a bad random number generator, then you have weak encryption.
Let me give an example -- suppose I have a generator (which I will
hypothetically call an LFSR) which, *IF* an opponent knows 64 successive
output bits of, he can then use that knowledge to recreate the entire
sequence generated by this generator. Note -- this is still a 64-bit
cypher, so a brute-force search on this 64-bit key may still be infeasible.
He also knows that I use this in a fairly naive method -- I simply XOR
each successive (generated) bit with each successive bit of the method.
If I had a really *GOOD* generator, this would be an unbreakable OTP
cypher; as is, it's merely a stream cypher with a bad generator.
He also knows that he's intercepted a letter from me to you.
And it starts, unsurprisingly, "Dear Steven,", but the cyphertext
that he received started "xGf7w]v##jfl"
By calculating
"Dear Steven,"
XOR "xGf7w]v##jfl"
=====================
< whatever >
he now has access to the necessary 64 successive output bits (the
result labeled < whatever > above), and can use this to read my
message.
Ouch.
He could get the same effect by looking for the string "-kitten\n" at
the end of my message(s). Or perhaps by looking for the "From: " line
at the top. And so forth.
All because he used a dumb generator.
-kitten
------------------------------
From: Medical Electronics Lab <[EMAIL PROTECTED]>
Subject: Re: Where can I get a Public Key system?
Date: Thu, 04 Mar 1999 12:29:29 -0600
Frank LaRosa wrote:
> I need a resonably secure public-key cryptography algorithm that I can
> use in a commercial product. I'm only encrypting a small amount of data
> (about 20 bytes). What are my options? Do I have to buy a license from
> RSA, or are there alternatives available?
There are lots of options that don't need a license. Why do you
need public key?
Patience, persistence, truth,
Dr. mike
------------------------------
From: "Test" <[EMAIL PROTECTED]>
Subject: is this Patented?
Date: Thu, 4 Mar 1999 18:47:41 -0000
Tandem and Abreast Davies-Meyer
Has the above been patented?
I am trying to use this to create a Hash (using symetric algorithm) as
described in Applied Cryptography. I need a method of using a symetric
algorithm that uses 64-bit blocks, 64-bit keys, and produces 128-bit hash.
Can anyone suggest a better method?
thanks!
Adam
------------------------------
From: Richard Goldman <[EMAIL PROTECTED]>
Subject: BRAIN TEASERS ! ! !
Date: Thu, 04 Mar 1999 11:07:24 -0800
Reply-To: [EMAIL PROTECTED]
The Barbary Coast Armchair Scavenger Hunt and Trivia Contest is on at
PAWS. It takes place on Sunday, March 14th, 1999 on the internet from
your home from 12 til 4pm. Challenges are published on The Hunt website,
http://www.unexpected.com every 30 minutes for four hours. Your team
will compete with other teams by solving these obscure brain teasers and
challenges to win fabulous prizes while raising money for Pets Are
Wonderful Support, the San Francisco non-profit that makes sure people
struggling with AIDS don't have to struggle to keep their pets.
Registration is $15.00 per person with no maximum number of participants
per team, 100% of all registration fees goes directly to PAWS. The more
people on your team, the more likely you will be to answer challenges
correctly and win fabulous prizes. Check out The Hunt website at
http://www.unexpected.com for sample challenges and lists of prize
donors. Register your team early online or at (415)-863-3506, as this
event will fill up quickly. Remember the more people that register on a
team, the more money you can raise for PAWS and have a good time doing
it!
------------------------------
From: [EMAIL PROTECTED] (Aman)
Subject: Re: Scramdisk - paranoia
Date: Thu, 04 Mar 1999 19:27:16 GMT
On Wed, 03 Mar 1999 12:04:25 GMT, [EMAIL PROTECTED] wrote:
>From my experience of Scramdisk it appears to be a very well written program.
>However, here is an interesting little thought to get the paranoia going. If
>the government were concerned about encryption then what would be the best
>way to gain access to protected data? One way would be to introduce a piece
>of free software to the general public which appears to offer strong
>protection but also include a back door which would allow them access to any
>encypted file - perhaps by including the password at a specific point within
>the file.
Ask Fungus of [EMAIL PROTECTED] for an opinion. He knows me
personally (even came to my wedding..), and knows that I really am
*not* that clever that I could fool the worlds cryptography experts.
....In fact he knows I'm not that clever, at all!
>I'm not suggesting scramdisk is such a program but it's a definite
>possibility. So far I have not seen a posting from anyone claiming to have
>checked out the source code. Also, why has the source code for the latest
>release not be published? It was claimed that they were interim releases but
>I don't see why it would be a problem zipping up the source code anyway.
It is going to be released later this week. And has already been
released to anyone who has asked me for it..... The only reason I
never released it is, that I wanted to see if the bugs were fixed
(they mostly are) and still want to change some things a bit....
I am amused at the thought that people think I might be a government
agent........
Regards,
Aman.
------------------------------
From: [EMAIL PROTECTED] (Aman)
Crossposted-To: comp.security.pgp.discuss,alt.security.pgp
Subject: Re: Scramdisk - paranoia
Date: Thu, 04 Mar 1999 19:13:49 GMT
On Thu, 4 Mar 1999 11:52:55 +0100, Anonymous <[EMAIL PROTECTED]>
wrote:
>Sorcerer wrote:
>
>> Well, I do have one. it's not serious enough to make me switch, but it
>> can be irritating: occasionally, when I first start Scramdisk, I get a
>> full reboot, all the way to the BIOS. Retrying it gets me a 0E
>> bluescreen error with no reboot a few times; another reboot, and
>> everything works fine. I do have lots of stuff, including
>> Norton,Realaudio,F-Prot and clipmate running; haven't figured out if
>> any of those are causing it. But they don't on the third or fourth
>> reboot.
>>
>> And the only way I can dismount disks is via brutal, which causes a
>> blue error screen.
That's because there are still open files, and windows moans about it
with a blue screen, when you dismount your disks.
you must be running some app, that opens Scramdisk. Are you using PGP6
with keys on your scramdisk drive ? Or PGP 5 and not closing PGP on
the tray after you have removed your keys ?
>>
>> I can live with it, but it's not perfect (yet).
It is on my machine......
>
>I have similar problems under Win98. If I try to shutdown the system, and
>the Scramdisk screen pops up to tell me to dismount Scrandisks first, as
>soon as I click a key to continue I get a blue screen fault. Pressing a
>key to clear that error results in another blue screen ad infinitum.
Beats me. Again, I've never seen or heard of this fault.
> The
>only way out is to manually switch off the machine.
But how can we mend these bugs when every single PC machine I have
come accross works pefectly correctly. ?
A future version will allow fastn shutdown, on Win98...
Aman.
------------------------------
From: [EMAIL PROTECTED] (Aman)
Crossposted-To: comp.security.pgp.discuss,alt.security.pgp
Subject: Re: Scramdisk - paranoia
Date: Thu, 04 Mar 1999 19:30:46 GMT
On Thu, 04 Mar 1999 19:13:49 GMT, [EMAIL PROTECTED] (Aman)
wrote:
ERRATA:
>
>you must be running some app, that opens Scramdisk.
I meant:
you must be running some app, that opens files on Scramdisk drives....
> Are you using PGP6
>with keys on your scramdisk drive ? Or PGP 5 and not closing PGP on
>the tray after you have removed your keys ?
------------------------------
From: [EMAIL PROTECTED] (Doug Stell)
Subject: Re: Random numbers - why so important?
Date: Thu, 04 Mar 1999 19:37:49 GMT
On Thu, 04 Mar 1999 16:52:33 GMT, [EMAIL PROTECTED]
(Steven Runyeard) wrote:
>I've read lots about good random number generation in this group but
>why is it so important for good encryption. I can understand that it
>would be useful in making encrypted files appear as random data (thus
>making it hard to determine which files contain protected data) but is
>the actual encryption made any stronger because of it?
It's not just to make something "appear as random" which is
statistical randomness. In cryptography, it must also be unguessable,
given knowledge of other things, such as previous random numbers,
time, etc.. This is what we mean by a cryptographically strong random
number.
For example, I've built equipment that uses pseudo-random bit streams
to test digital communciations systems. Both the transmitter and
receiver generated a known sequence of bits and were synchronized.
Statisitical randomness was all that the intermediate communications
system required. Nobody cares if an adversary could guess such a bit
stream. Such a bit stream would be useless for cryptography, however.
In cryptography, we often choose randomly generated encryption keys
for encryption algorithms, randomly generated components for key
agreement algorithms and/or randomly or pseudo-randomly generated
streams for XORing with data. For security, you want these random
numbers to be unguessable.
Getting good random numbers in hardware is relatively easy. However,
getting good random numbers with deterministic software is very
difficult and much of what is discussed in this newsgroup. Often,
software uses a deterministic pseudo-random number generator that is
seeded with a suitably large amount of entropy, such that the output
is unguessable without knowledge of the seed.
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Random numbers - why so important?
Date: Thu, 04 Mar 1999 19:48:35 GMT
[EMAIL PROTECTED] (Steven Runyeard) wrote, in part:
>I've read lots about good random number generation in this group but
>why is it so important for good encryption. I can understand that it
>would be useful in making encrypted files appear as random data (thus
>making it hard to determine which files contain protected data) but is
>the actual encryption made any stronger because of it?
Well, the reason random numbers are useful to encryption in general,
if you omit systems that are directly based on pseudorandom number
generation (i.e., stream ciphers), whose strength, obviously, comes
directly from the quality of the pseudorandom numbers ...
is because, when a public key system is used, the session key - the
key actually used for the encryption of your message - was produced by
a random number generator. It doesn't do any good if the "actual
encryption" is really strong - if your key is easy to guess because it
came from a bad random number generator!
John Savard (teneerf is spelled backwards)
http://members.xoom.com/quadibloc/index.html
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
