Cryptography-Digest Digest #196, Volume #9 Sat, 6 Mar 99 18:13:04 EST
Contents:
Re: British Crypto Fascists ("Steve Sampson")
Re: Scramdisk (EO)
Re: Scramdisk
Re: RSA Cryptography Crack (Bruce Schneier)
Re: AES2 papers now available at NIST (Bruce Schneier)
Re: Does anybody sell a TRNG? (R. Knauer)
Learning crypto ("Madelyn E Barron")
Re: British Crypto Fascists (Jim Dunnett)
Re: British Crypto Fascists (Jim Dunnett)
Re: British Crypto Fascists (Jim Dunnett)
Re: British Crypto Fascists ("Eric W Braeden")
Re: Securid Card (Myself)
Re: Random Generator (Gerben Dirksen)
Re: Scramdisk - paranoia (Dave Howe)
Re: British Crypto Fascists ("Douglas A. Gwyn")
Re: Entropy and Crypto-Grade Randomness ("Douglas A. Gwyn")
Re: Learning crypto ("Douglas A. Gwyn")
----------------------------------------------------------------------------
From: "Steve Sampson" <[EMAIL PROTECTED]>
Subject: Re: British Crypto Fascists
Date: Sat, 6 Mar 1999 13:23:01 -0600
Eric W Braeden wrote
[snip]
>The next big battlefield will be over crypto.
> Choose sides!!!
The next big battlefield will be over food and
non-carcinogenic water.
Once the Rain Forest and Coral Reef's are
gone, crypto will be the last thing you will
have to worry about.
Right now, worry about clothes.
------------------------------
Date: 6 Mar 1999 19:26:08 -0000
From: EO <Use-Author-Address-Header@[127.1]>
Crossposted-To: comp.security.pgp.discuss,alt.security.pgp
Subject: Re: Scramdisk
=====BEGIN PGP SIGNED MESSAGE=====
Ed Stone wrote ...
<snip>
>From the descriptions that I have seen, the issue may be related to
>trying to shutdown scramdisk when you have "mounted" volumes that are
>going to be forced shut by exiting scramdisk. Example: you have a text
>file open on G: drive. G: is a scramdisk volume. You tell scramdisk to
>shutdown. If you force it, you will get the windows blue screen of death,
>from windows. Scramdisk cannot fix that windows feature. What the user
>needs to know and do is to close (umount in some other os parlance)
>everything on volumes you are about to remove via the shutdown of
>scramdisk.
>
>Users will find that BestCrypt does the same thing. Anyone tested PGPDisk
>for this same behavior? Since it is in Windows, I would expect it to be
>consistent. If you run FastFind and allow it to index scramdisk virtual
>volumes, you'd likely have this problem everytime, since FastFind has the
>scramdisk virtual volume "mounted"...
Ed, I'm using BestCrypt on WinNT and am not experiencing
this kind of behaviour. When I dismount a volume that has
open files, BestCrypt shows a notice that there are files
still open on the volume and asks whether or not I wish
to dismount anyway. If I answer yes, it just dismounts
the volume without problems.
- --EO
~~~
This PGP signature only certifies the sender and date of the message.
It implies no approval from the administrators of nym.alias.net.
Date: Sat Mar 6 19:26:06 1999 GMT
From: [EMAIL PROTECTED]
=====BEGIN PGP SIGNATURE=====
Version: 2.6.2
iQEVAwUBNuGBUE5NDhYLYPHNAQFbjwf+O0DadOyoKuhNVIe8jl1hFjGSn2aulb3C
G8pf2t8l76qOFXjh0sxfuF0KjTrl9QXGDHCAWQCOb+cQMmWTvK1021uykKjvtg+N
lYScUx2TDLsfhSdMerTYbmXNKOva36oDJ+GMKNFg6Fms6Yu4TDQ4NvcoeL3VVF0g
wulX/kouM+Hb5qRTngdZzfviY2JJM+fL/armZmPl+XczR7t8xwsfxbFYAk2lM4JE
jz/hNtEBFXV+dx1DAi1WXQBpHSGB5LRPAlYwisiINIdZbCITqOakAE8XFJf1rNM/
GRyPX+YM80rqyt80GgqVsS0oH2SS764KyJAeo4iNFW4QUg3ETcFJpw==
=fLGL
=====END PGP SIGNATURE=====
------------------------------
From: <[EMAIL PROTECTED]>
Crossposted-To: comp.security.pgp.discuss,alt.security.pgp
Subject: Re: Scramdisk
Date: Sat, 6 Mar 1999 14:54:44 -0500
Hi, I close PgPdisk all the time with files open, So far ( fingers crossed )
No problem!
Hugh
EO wrote in message <[EMAIL PROTECTED]>...
>-----BEGIN PGP SIGNED MESSAGE-----
>
>Ed Stone wrote ...
>
><snip>
>
>>From the descriptions that I have seen, the issue may be related to
>>trying to shutdown scramdisk when you have "mounted" volumes that are
>>going to be forced shut by exiting scramdisk. Example: you have a text
>>file open on G: drive. G: is a scramdisk volume. You tell scramdisk to
>>shutdown. If you force it, you will get the windows blue screen of death,
>>from windows. Scramdisk cannot fix that windows feature. What the user
>>needs to know and do is to close (umount in some other os parlance)
>>everything on volumes you are about to remove via the shutdown of
>>scramdisk.
>>
>>Users will find that BestCrypt does the same thing. Anyone tested PGPDisk
>>for this same behavior? Since it is in Windows, I would expect it to be
>>consistent. If you run FastFind and allow it to index scramdisk virtual
>>volumes, you'd likely have this problem everytime, since FastFind has the
>>scramdisk virtual volume "mounted"...
>
>Ed, I'm using BestCrypt on WinNT and am not experiencing
>this kind of behaviour. When I dismount a volume that has
>open files, BestCrypt shows a notice that there are files
>still open on the volume and asks whether or not I wish
>to dismount anyway. If I answer yes, it just dismounts
>the volume without problems.
>
>
>
>
>
>- --EO
>
>
>~~~
>This PGP signature only certifies the sender and date of the message.
>It implies no approval from the administrators of nym.alias.net.
>Date: Sat Mar 6 19:26:06 1999 GMT
>From: [EMAIL PROTECTED]
>
>-----BEGIN PGP SIGNATURE-----
>Version: 2.6.2
>
>iQEVAwUBNuGBUE5NDhYLYPHNAQFbjwf+O0DadOyoKuhNVIe8jl1hFjGSn2aulb3C
>G8pf2t8l76qOFXjh0sxfuF0KjTrl9QXGDHCAWQCOb+cQMmWTvK1021uykKjvtg+N
>lYScUx2TDLsfhSdMerTYbmXNKOva36oDJ+GMKNFg6Fms6Yu4TDQ4NvcoeL3VVF0g
>wulX/kouM+Hb5qRTngdZzfviY2JJM+fL/armZmPl+XczR7t8xwsfxbFYAk2lM4JE
>jz/hNtEBFXV+dx1DAi1WXQBpHSGB5LRPAlYwisiINIdZbCITqOakAE8XFJf1rNM/
>GRyPX+YM80rqyt80GgqVsS0oH2SS764KyJAeo4iNFW4QUg3ETcFJpw==
>=fLGL
>-----END PGP SIGNATURE-----
------------------------------
From: [EMAIL PROTECTED] (Bruce Schneier)
Subject: Re: RSA Cryptography Crack
Date: Sat, 06 Mar 1999 21:05:39 GMT
On Tue, 2 Mar 1999 15:54:23 -0000, "Jon" <[EMAIL PROTECTED]>
wrote:
>Dear all,
>
>On the BBC's News Website today article
>http://news.bbc.co.uk/hi/english/sci/tech/newsid_288000/288965.stm
>David Levy, head of Tiger Security Systems is quoted as saying:
>"The RSA encryption algorithm was supposed to be uncrackable until two guys
>in Cambridge University did it. Nothing is impossible."
Thanks. This saves me the trouble of looking at Tiger Security
Systems's products.
Bruce
**********************************************************************
Bruce Schneier, President, Counterpane Systems Phone: 612-823-1098
101 E Minnehaha Parkway, Minneapolis, MN 55419 Fax: 612-823-1590
Free crypto newsletter. See: http://www.counterpane.com
------------------------------
From: [EMAIL PROTECTED] (Bruce Schneier)
Subject: Re: AES2 papers now available at NIST
Date: Sat, 06 Mar 1999 21:07:02 GMT
On Wed, 03 Mar 1999 06:11:00 -1000, Henry Lewsal <[EMAIL PROTECTED]>
wrote:
>David Crick wrote:
>>
>> All 28 papers can now be downloaded in PDF format from:
>>
>> http://csrc.nist.gov/encryption/aes/round1/conf2/aes2conf.htm#papers
>>
>> Combined they total 4.25 MB
>>
>> My thanks to NIST on their sensible decision to make them available
>> prior to the conference and indeed the end of the Round 1 comment
>> period.
>>
>> David.
>
>After reading the AES papers related to smart cards, it seems
>that none of the candidates were designed to be resistant to
>timing attacks and power analysis attacks. The differential
>power analysis is particularly effective during key scheduling
>times, as shown by Biham and Shamir in their paper.
We believe that it is pretty much impossible to design an algorithm
that is resistant to side channel attacks, such as timing and power
analysis.
>It would be better if smart cards had a crypto algorithm that
>defeats those attacks, even if they are not as near perfection
>in other areas. Fancy key schedules are fine for physically secure
>computers, but they produce a trapdoor for attacks on smart cards.
>
>My recommendation is that the smart card industry start its own
>standards process for a crypto algorithm which either is prepared
>to reduce this threat, or the industry should show public
>techniques by which these threats are defeated for AES candidates.
>Secret methods to defeat this threat may also be practical.
Good luck. They'd be much better off designing their protocols so
that the attacks didn't matter. or using some of the techniques
developed to make arbitrary calculations more resistant to side
channel attacks.
Bruce
**********************************************************************
Bruce Schneier, President, Counterpane Systems Phone: 612-823-1098
101 E Minnehaha Parkway, Minneapolis, MN 55419 Fax: 612-823-1590
Free crypto newsletter. See: http://www.counterpane.com
------------------------------
From: [EMAIL PROTECTED] (R. Knauer)
Subject: Re: Does anybody sell a TRNG?
Date: Sat, 06 Mar 1999 18:14:34 GMT
Reply-To: [EMAIL PROTECTED]
On Sat, 6 Mar 1999 11:26:15 -0500, Jim Trek <[EMAIL PROTECTED]>
wrote:
>Does anybody know of a company that sells a true random
>number generator (of any speed) for PC?
There are several on the market, but how are you going to know if they
are any good for the intended purpose?
The only way you will ever know that a TRNG works correctly is to
design it yourself or have it designed by someone you trust.
Bob Knauer
============================================================================
"The smallest minority on earth is the individual. Those who deny individual
rights cannot claim to be defenders of minorities."
-- Ayn Rand
------------------------------
From: "Madelyn E Barron" <[EMAIL PROTECTED]>
Subject: Learning crypto
Date: Sat, 6 Mar 1999 04:05:08 -0500
I am new to the field of cryptology, and I would like to learn more about
it. I have been programming in Delphi since it was released. Any
information on how I can learn more would be greatly appreciated. Anything
from books & papers, colleges and source codes.
Thank you for your time.
------------------------------
From: [EMAIL PROTECTED] (Jim Dunnett)
Subject: Re: British Crypto Fascists
Date: Sat, 06 Mar 1999 21:48:52 GMT
Reply-To: Jim Dunnett
On Sat, 06 Mar 1999 15:53:15 GMT, [EMAIL PROTECTED] (R.
Knauer) wrote:
>http://www.telegraph.co.uk/
>
>� Copyright of Telegraph Group Limited 1999.
>ISSUE 1380 Saturday 6 March 1999
>
>Police want keys to decode private e-mail
>By Robert Uhlig, Technology Correspondent
>
>THE Government was accused yesterday of rushing
>through legislation that could allow it unprecedented
>powers to access and decrypt any person's private e-mail,
>inspect digital communications, and investigate data
>stored on their computers.
>
>Stephen Byers, the Trade Secretary, and Jack Straw, the
>Home Secretary, proposed legislation that will make it an
>offence not to decipher confidential material on demand
>during a police inquiry.
[snip]
The one good thing about this rubbish is the tacit admission
that they can't break PGP!
--
Regards, Jim. | Sleeping is no mean art. For its sake
olympus%jimdee.prestel.co.uk | one must stay awake all day.
dynastic%cwcom.net |
nordland%aol.com | - Friedrich Nietzsche 1844 - 1900.
marula%zdnetmail.com |
Pgp key: pgpkeys.mit.edu:11371
------------------------------
From: [EMAIL PROTECTED] (Jim Dunnett)
Subject: Re: British Crypto Fascists
Date: Sat, 06 Mar 1999 21:48:56 GMT
Reply-To: Jim Dunnett
On Sat, 6 Mar 1999 14:02:55 -0500, "Eric W Braeden"
<[EMAIL PROTECTED]> wrote:
>OK, knock off the bullshit! There is a serious issue here.
>The British government has a poor track record on
>individual rights. The US govt would love to smash your
>rights to privacy in the interest of protecting you
>from the "bad guys." At some point it is going to come
>down to this: Either the citizens of a country will be the
>masters of their governments or they wil be the slaves.
>The next big battlefield will be over crypto.
> Choose sides!!!
Dunno about that. Someone else reckoned it would be
over fresh water.
--
Regards, Jim. | Sleeping is no mean art. For its sake
olympus%jimdee.prestel.co.uk | one must stay awake all day.
dynastic%cwcom.net |
nordland%aol.com | - Friedrich Nietzsche 1844 - 1900.
marula%zdnetmail.com |
Pgp key: pgpkeys.mit.edu:11371
------------------------------
From: [EMAIL PROTECTED] (Jim Dunnett)
Subject: Re: British Crypto Fascists
Date: Sat, 06 Mar 1999 21:48:55 GMT
Reply-To: Jim Dunnett
On Sat, 6 Mar 1999 10:23:01 -0600, "Steve Sampson"
<[EMAIL PROTECTED]> wrote:
>R. Knauer wrote
>>Police want keys to decode private e-mail
>>By Robert Uhlig, Technology Correspondent
>[snip]
>>
>>"The smallest minority on earth is the individual. Those who deny
>individual
>>rights cannot claim to be defenders of minorities."
>>-- Ayn Rand
>
>
>Individual rights is anti-Marxist.
>
>Marxism is when the state's view of itself is "the people." Anyone who
>disagrees with that, by definition, is not "people." Either that, or they
>just aren't good Marxists...
>
>Communist China has a pretty good plan, they just round them
>(non-Marxists) up and have them make clothes for Americans. I think
>Britain should also round their people up in concentration camps, and
>also make clothes for Americans. You either make clothes for
>Americans (good Marxist), or you die.
So big deal! So what?
--
Regards, Jim. | Sleeping is no mean art. For its sake
olympus%jimdee.prestel.co.uk | one must stay awake all day.
dynastic%cwcom.net |
nordland%aol.com | - Friedrich Nietzsche 1844 - 1900.
marula%zdnetmail.com |
Pgp key: pgpkeys.mit.edu:11371
------------------------------
From: "Eric W Braeden" <[EMAIL PROTECTED]>
Subject: Re: British Crypto Fascists
Date: Sat, 6 Mar 1999 14:02:55 -0500
OK, knock off the bullshit! There is a serious issue here.
The British government has a poor track record on
individual rights. The US govt would love to smash your
rights to privacy in the interest of protecting you
from the "bad guys." At some point it is going to come
down to this: Either the citizens of a country will be the
masters of their governments or they wil be the slaves.
The next big battlefield will be over crypto.
Choose sides!!!
Eric
Great quote snagged from Bob Knauer's post follows:
>---------------------------------------------------------------------------
-
>"The smallest minority on earth is the individual. Those who deny
individual
>rights cannot claim to be defenders of minorities."
>-- Ayn Rand
------------------------------
From: [EMAIL PROTECTED] (Myself)
Subject: Re: Securid Card
Date: Sat, 06 Mar 1999 22:27:03 GMT
On 6 Mar 1999 00:40:14 -0800, thermal and electromagnetic action
caused [EMAIL PROTECTED] (Bradley Yearwood)'s brain to produce the
following pseudorandom thought:
>In article <7bqagr$2j6$[EMAIL PROTECTED]>,
>Loomis Farkle <[EMAIL PROTECTED]> wrote:
>>How would the server be able to notice the clock drift? There's a
--snip--
>Given a clock which is not grossly inaccurate relative to that in the token,
>the server can easily generate under a given token's secret key, 6-digit
>codes for times several 60-second intervals ahead of and behind the server's
>idea of current time.
>
>By noting which (if any) of these match the code entered, and logging some
>notes in the token's record in the database, the server can very likely keep
>track of clock drift of a given token relative to the server. From time to
>time, the server will decide to ask you to wait for the next code to appear,
>and enter that. Whether this is a measure to reinforce against some at least
>theoretical weakness, or to help resynchronize to a highly skewed token, I am
>not certain.
Then you could deliberately make it look like your card's clock was
dying. A moment before you log in, jot down the number from the card.
Wait say 2 minutes and log in. Just in case, write down the next
number and delay that the same amount of time, in case the server asks
for a second number. Next time you log in, write down the numbers and
wait 3 minutes before logging in, etc. Pretty soon you'll have the
server _expecting_ to see your numbers skewed by 10 minutes.
In my mind, this works. I haven't yet figured out how it'd be useful.
-Myself-
>
>>Sorry for all the questions. I don't often get crypto gear in my hands
>>(and they won't let me take apart the STU phone), so I like to know just
>>how the stuff works.
>
>The STU phone wouldn't be particularly interesting. What would one expect
>to find, beyond the guts of a low-rate digital speech codec and modem
>(in other words, a clunky version of what we use today as a digital cellphone,
>minus radio transceiver), plus a crypto chip and perhaps a connector for a key
>token? Someone has very likely invested a considerable amount of effort into
>making the crypto chip hard to learn anything from, aside from the fact that
>the manufacturer of one version (circa 1986) advertised and would happily send
>most anyone who responded to their advertisement, a datasheet describing the
>pinout, external interface, and performance specs, omitting everything
>concerning algorithm, key format, and key length. They also threw in a nice
>brochure page from NSA with goofy little line drawings of phones and satellites,
>naming a few programs which were eligible to use the part.
------------------------------
From: Gerben Dirksen <[EMAIL PROTECTED]>
Subject: Re: Random Generator
Date: Sat, 06 Mar 1999 23:43:29 +0100
"R. Knauer" wrote:
> On Sat, 6 Mar 1999 10:26:17 -0600, "Steve Sampson"
> <[EMAIL PROTECTED]> wrote:
>
> >>>>Does anyone here know a good way of generating (pseudo) random numbers?
> >>>>C++ has a random generator but I'd like something better than that one.
>
> >>>Your University probably has several good books on this.
>
> >>Yeah, just look in the section under Snake Oil.
>
> >Does that mean you feel the University library books on science
> >are not good sources of study?
>
> Nope. I wasn't commenting on the university as the source of the
> books.
>
> Bob Knauer
>
Will you stop argueing please...
The reason I ask this is because I want to make a program that deals cards
randomly, or roll dice.
I know there are books in the university but I'm just a recreational programmer
not a computer scientist.
So here's just a simple question: Is there a simple way to improve the random
generator in C++? Does it already use the timer? If not I can think of a way to
use it. If so, what else can be used as a pseudorandom source?
Gerben Dirksen
------------------------------
From: DHowe@hawkswing (Dave Howe)
Crossposted-To: comp.security.pgp.discuss,alt.security.pgp
Subject: Re: Scramdisk - paranoia
Date: Sat, 06 Mar 1999 22:56:05 GMT
Reply-To: DHowe@get_email_from_sig
In our last episode (<alt.security.pgp>[Fri, 5 Mar 1999 09:27:48
-0000]), "sp00ky" <[EMAIL PROTECTED]> said :
>What does Sternlicht know about Scramdisk anyway?
Oh, haven't you heard? He's going to do a major and critical review of
it, at some unspecified future time :+)
--== Dave (is at) hawkswing.demon.coDOTuk ==--
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: British Crypto Fascists
Date: Sat, 06 Mar 1999 23:03:08 GMT
Jim Dunnett wrote:
> Dunno about that. Someone else reckoned it would be
> over fresh water.
Fresh water is easy. You can even obtain it in a desert,
if you know how. Information is power, which brings us
back to the topic.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Entropy and Crypto-Grade Randomness
Date: Sat, 06 Mar 1999 23:00:08 GMT
"R. Knauer" wrote:
> What is the entropy of Champernonwe's number (base 10)? Does the
> entropy of that number make it a good choice for a TRNG?
I never heard of Champernonwe, and a web search turned up no
references. Numbers don't have "entropy", so I suppose you're
referring to the sequence of digits in its decimal expansion.
If it is an interesting number, that would probably be infinite.
A better measure would be the entropy per digit.
A number is not a RNG. If you mean to take successive digits of the
decimal expansion (or bits of the binary expansion), if the number's
representation can be generated upon demand from some simple recipe,
then it wouldn't be wise to base a cryptographic system on such a
scheme.
> What is the entropy of pi? Does the entropy of that number make it a
> good choice for a TRNG?
Similar comments, with the added problem that pi is one of the first
numbers one would think of, so it is too easy to guess.
> Does entropy measure correlation? If not, why is it of any real value
> to crypto?
One can define a "cross-entropy" that to some extent measures
correlation.
Who says that "entropy" is of any real value to crypto? Certainly,
the term is hardly ever used in technical writing within the official
crypto community. Ditto for "unicity". A related notion,
"information", has much more use in practice.
> What does entropy have to do with true randomness? Is maximal entropy
> both a necessary and sufficient condition for true randomness?
Maximal with respect to what?
What is "true randomness"? Randomness is contextual, not absolute.
I think this whole line of discussion has marginal relevance.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Learning crypto
Date: Sat, 06 Mar 1999 23:07:20 GMT
The sci.crypt FAQ (a pointer to which is posted about once a month in
sci.crypt) gives several good references. An excellent place to start
is with David Kahn's "The Codebreakers" (either hardbound edition;
avoid the abridged paperback). As to programming, the ideas are more
important than the implementation. Most crypto algorithms are fairly
simple to program.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
