Cryptography-Digest Digest #489, Volume #9 Sun, 2 May 99 11:13:03 EDT
Contents:
Paper on 512 cracking (UBCHI2)
Re: Obvious flaws in cipher design (wtshaw)
A challenge for you ! (Russell)
Re: Paper on 512 cracking (David A Molnar)
Re: A challenge for you ! (Steve Rush)
Re: A challenge for you ! ([EMAIL PROTECTED])
Protcol for finding password error? (Matthias Bruestle)
Re: Deadly threats (SCOTT19U.ZIP_GUY)
Re: True Randomness & The Law Of Large Numbers (R. Knauer)
Re: A challenge for you ! (SCOTT19U.ZIP_GUY)
Re: True Randomness & The Law Of Large Numbers (R. Knauer)
Re: Protcol for finding password error? (David P Jablon)
Re: Stream Ciphers and Quantum Computer Resistance (SCOTT19U.ZIP_GUY)
Re: A challenge for you ! (Matt Curtin)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (UBCHI2)
Subject: Paper on 512 cracking
Date: 2 May 1999 06:14:45 GMT
Is it true that either Adelman or Shamir has recently written a theoretical
paper on how to crack up 512? Is the method practicable if so?
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: Obvious flaws in cipher design
Date: Sun, 02 May 1999 00:57:21 -0600
In article <7gg70p$pik$[EMAIL PROTECTED]>, SCOTT19U.ZIP_GUY
<[EMAIL PROTECTED]> wrote:
> In article <[EMAIL PROTECTED]>,
> [EMAIL PROTECTED] (Jaime Suarez) wrote:
> > On Wed, 28 Apr 1999 00:12:41
> > GMT, SCOTT19U.ZIP_GUY <[EMAIL PROTECTED]> wrote:
> > >
> > >> Any password or passphrase used should have adequate
> > >> size, should not be stored or transmitted unencrypted, and
> > >> should be hashed before use.
> > >>
> > >
> > > Actually Hashing is a bad idea since it usually reduces
> > >the size of the effective key.
> > >
> >
> > Could you explain this more? If users passwords are a few characters
long and
> > I hash them to 128 or 160 bits, why am I reducing the size of the effective
> > key?
> >
>
> If the user password is only a few characters in lenght then one
> needs only to search a small character space to test for a break in
> the code. Also if the string of characters is much longer than 128 bits
> such that it has an entropy of larger than that if a random 128 bit
> string even perfect hashing would allow for more than one ascii string
> to map to the same key. If the ascii string is exactly 128 bits. All
> hashing could do is increase the chance of a common mapping to a certain
> key and hashing should not be done at all. One needs to hash only if
> the password is longer than the key.
>
As I recall there was a recent thread on extending a key, but I did not
get to follow up as I wanted. As David says above, hashing may shorten a
key, but any promise that lengthening one is really giving you more than
you started is wrong.
You may end up with 128 bits in the format, but it equates to nothing more
than the few letters you started with and the nature of the hashing
algorithms you used as the key.
If the encryption algorithms needs 128 bits in the key to function, this
only speaks to maximum usable keysize in bits, not a requirement that you
actually started with something with that much information in it; you
might have input more or less than that amount. Longer keys are most
likely to maximize security, with limits likely even on useful length that
might be harvested to make the run time key. Shorter keys might equate to
other shorter keys, so they may not be unique or as hard to mimic as long
ones.
--
If you think you are beaten, you are.
If you thing you dare not, you don't.
------------------------------
From: Russell <[EMAIL PROTECTED]>
Subject: A challenge for you !
Date: Sun, 02 May 1999 18:24:14 +1200
This is a multi-part message in MIME format.
==============0F8EA4E5542704F87D4BD79A
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
This is a simple version of an encryption program im making. 35 people
have tried it, no one has cracked it. Give it a go and see if you can!
Please email me if you do try to decrypt it.
==============0F8EA4E5542704F87D4BD79A
Content-Type: text/plain; charset=iso-8859-1;
name="crypt1."
Content-Transfer-Encoding: 8bit
Content-Disposition: inline;
filename="crypt1."
W�UEi� �m�f? �e�5� �o�f� �1!LVoU Ae�pQ �:�Wre� �v9 �cO;�ap yv3 �o+ rp�4�sMe�6�pg �e�
Fh]wy4�|Lj�e� �y=/! *kKh�dByaj�d_ <g�rP_��$��:�2�7� �0!3�:�9� !1�7� 80�2�1�4�4�
�0�0�3�6�6�7�3� �1� )8�9�/�0�8�5�2�9� �1�;�1�6�
4� ~;�:�5�1� �1� O6�3�8�5�0�
;�6�;�:�3�2�:� �0�6�7�9�7�6�;�5� �7�/�;�9� H9� �5��] ,/�7� �3�7�
�6�;�/�6�G�;�5�/�:�8�:�7� �4�:�7�;�1� �7� EPtk$ �e�fYW=y�t� p;�<GUQ6�4� SamfZx8 �wEh�
i� �f� C7�</9�=!H�:�b2 �oYj* VoOL�eZ/�5�2�2� c4�3�/�7�6� �9�:�/�3�B���0!0�:�2!2! �9�
�7�6�3� {8�2� �5�;�6�8�0�4� �/� �;�4�:�/� �3�0�4�9� �0�;�0�2�;�9� �:�5�7�3� O4�
w3�0�;� �5� �1� }5� �:�8�2�3�;�2�7� k9�6�4�2� �6�1� �/�9�9�8� b7�9�/�1� �
1�4���8� x9�9�3�8�;�5�1�:!;� �2� �5�9� �
0!:� ?4� ^0�9� �9�/�5�4����� vY{ �gad�i=d�m�e_7� �sPe�2�Nth* �
k�gbaE _u� �w� �8�FE �OJ 16�?73�<�=~0� 5;� J7� �k�rohbv47�DE9�o�o�f� Ag�o�j�l�5�o|f%
�e� �f\r7u? i/�eKjXu� v
iYl�lP �4� 8k�h�4!Qz =k+ lo�e` &YG �|�u�7�BH 1mN4�|Oj�7�kck�l�fN5�
ftt9 �g]g&wL2� �l�d� �g�m� \l�eY7� �izh#l�d^v�d�c#u�2� �1�4�:� qn$e� �oK9�vIe�d]3�g�
�tY :e�m4f_w67�k�s>8�it or9g�vq �h�h� 2gu e8�r$ �pbj�gDf�
m�w�0" o3�9� 1\Oi~e�y@ �9� btojav6vCg� �l�f�5�l� eo�tL Sv: #f�hP �{WiAmV{G2� hyF �c�f�
Qda5�e�d\xt4�oec`i)tP �
|^ Cq5h[yF3�g&f�oU6�tAp^|�|�d� �u0wJwA3�y?h�e� +hX H0� rh�m�n�i�j]q63� �l�h[uw7� |ov
h- �n�c` 6
{F5� �g�i�c=j�vV ZmOi�h� H
o{ �9�P�h$ 4f�cnL�i� 2gd jfa8�6� *YFo} <o� �
o{j� N/�g)n� �oQ7�K; _d�i�o�lJF9/����� �J�hi2� �s�j� �qY �3y|9 ?oV6� �m� �
oZps5�xUg�;�
Q{ �f*f�cX �^E{� ev�2�e�jY �s4 pd]7uz@4�i,1� �{) �v[o� �e?h�3�o� �rde[{0 ,qhc� 8l` s{s
q=�6!;!
Iu �m( �n�cY e]Hz�r�1� �DA ?JU �1� �i�xG �9�j&8�dqq3l� �|Xc� {dM5�j/r8 �g] �l#f�d�k�
#my6�e�mYxw �:�|U �{�w� �fW3�
g�ho5�o'y� �z�l�e�dCk% �pT Xh�g�h�8�:� 10�S# �c�4�69S�k�rR �iWp:i� hoZ|U7�Psf# �l�
�hW/� 9^?oXx6 trc �e`q66�J;q6
d�psr@db hr: a37 81�gn �i�v6 �9�hwn,h�da|H %9� �pDy` �eDd�/� �i# 2v>0� T\_m�v/ �m_g-m�
�0�c�s31�Z-{Z �f+ �j�oa0�2� �Q8 rs�3� �zb �t= _f�k� &eu6�Qyh"i�gZ[Eq�p�3�=<QL4�sNd~iX
�9� �O�c�|P �l\ �q3h� �e\ 7tK:� �f�rF9� �k�n� �uq �2�u� "g� \uXy;7� ?dso.n�d�m� 0o|
�2�w� �d�i" qr�c|p:n�qW 2c�mK8�3�5�fo yu8 4mY �h^4�n�lc7!g�
d� &r^r4 �c�u�0�g�v42�i�g�f�zUm�c�z�1�m?m �e% �y3 �g{oZz@8*7�Sz :c% �i�d\ #a> 8p�v�6!
�F<UI2�xG �q`v:cesC �7�rSl�f[;� �U�k�rIn_s2o� �m_yL0� am,k� �dS5�im �l� Ei� �iL|C4�
omrc.h� ^o^2�z? �cVt3tfk] �q1 �uC6�jdo� �p;3�p�g�tZ8�|I �f�4�p!k�k, 6s�0�
+n�c�2�2�/�6�pOe�mX "i� �0�i�{K:�kue�uo �lVuF3� hq�m�ya0! gn% %8� >m�
�j�xAtR;�j�lk3�m.h�l� �9� "k* uvdi' fd�n� �i& �o2f� �nb0�z<kXw9zddb �u4z<
12�l#e�oK9!pCf�z;wMt@4�yR �h�fZm�8�d9w�5�y:mb �y@s�m�n�s@d`:� �yOl� �j�jY L4�
>6�^�j�w]0u Po�m� L/�f5mb8� �h+m1m�i[/�xUk�2!enh�l�dJ5�vQd�l^3�oih&vAzLj\s@wS �0�pCmb
p2rce\y8|<4�k# 8xj �d,o� Jj� �m-l/o�n] �;�m�o�9�m�|7 �nTfY �z60� *|Mk�3�mu SfW rwU2�
#yUo�cb6�e7jYx?sP (1� �dro.d� =mbu�k� �n* ;p� H:� 8{�g�s< �tF uh�c0 @c� �n[
U6�k�f�:�vT 8eo[5� Xj�lY �xP;� [/� 5`/h� VmBo� �8)7� �0�T�j�pUi�d�o�mp1� Od^f� �z>
�eZ6�iHd� �l� �u� wc)s7fWrA {8#�y�. �
^Cl�3� �]tJ�P) (bR7x]E �
;� �
O� +U^\u �@��`� �0� �/�]N{|i�;�c�n]rx �4�n| Zn+m� tfa|D4� �
o' qy3n^ x9� 7w<t\p�s�m�w7 >wPm_cK4�d�m� ,1�yId� �h� ir@1�j� @n" 7pI
eZx>xS9�y7oX Hg�kV �d+pBoZ4�m� �dk =;� �Ivm+i� �l[ �WHu�q� �3�5�8�0��|5�5��F �6! �9!
�;�:�VFrOi$ `x4 �yAm�l\f{o]/�WS[:S� .S;Mb[H�n2�9�2�6� ^Z: �lYkM dj�m�f�lV��:��72�;�
zIh �e� |x72�em|V �f�o�1�oOoWpS �f+e�f�wE7�e�oo �4! �n) In�k�1�vPm�i[5�g�d� �w�t; �l�
�xdm`f�eac�xPwB �/�n�g' )p8g|m^1�g-f�jM7�zDd�c"h� @j�9� �|?kYk[9� ]uUl� \kZ8� ue�la
]l� �x� �5�sI Ql� nz�d�c@ �s@;!o+ �m� �kT p0� �
sL �h� �kZ;�Tvd" �k�d_]C �z�w�
/�s{e]g4y?f� �zKlW��1 �]JUPb �2� \I| �L"R�Rb]@�C�;� &7�JC �e~gbmBf�1� �n� �|T �5!
�c�y`yK \6.5�4� 98�0�Rwg,f�kZ`C mw�y�5�HA sOL;� 9y=|`p� Yr�e�r2uQ �r? 9D����X5�6�7�
.8�^> 'xK �h) �x8 !tEm�c]i{ �c[;�[Ka4O� 9P2L`\E�Z5� �0� P2�8�V2 wk^ �lKe� Gn�i�gW��
./�;�9�:! �ZMyaw1
k�e�0�H2�� �2�3� �0�/� �IUjX �x< <iEo\
j�zP8� �DC�� 54�9�/�5� �L5 �h#n�dSr\y3/rz@ �3� RQu �j.vKm^�c1� �4�;�:� �OQk-{7c�/�Xon_
�m� *lr Qg`n�hGg\��9�5�2�7� �XHe� o{[rLl� �:�Z� @k#y; �h��a:� �4�8� �1�K~j+j�ei1�
L� Pi�mndW�O J5�8� G7�9�ZHc�f� �
nxe�9�T�T& ;JK �8��Y3�8�7� 6/�M2c�e� *k�mL@8�A0�3�0�/�K�dZt2 �gatOn� �lA JA:�/9�6� s2�
�;�_=f� 0K��&:�8� #6� [5�ZXm�r4fVn. �i��m8�8�8�8![- �{[l' bi� �oY��1� �4�2� V:�[-q`e#
�h�eWWuc�z7i�fK�� �4� �9� �6�;�X$q_j+i� �f_ �0� lO� �S��'6�3�/�0�N�oWs� sk] �n�3�
iR�K��x .4�:�6�0�J� �hW{l_f�Vzc� ]r0 �
j�dR���\9�5�ZQn�g-wQ4wuH:�E- �
F7�c�hm1�rNj� �k_:� �|GzST�d�i� �n�n� MipgX �|D|L M9�<�0� �1�AETK2�Mt
i*l�dV �pE/� $l+|6h�q_o� �kU9+�C�q8�2�Qi �K�\5:! :TOVP�
Y�5�S*N�MT5�M3 �bZTqaGC��� �0� �/� K5� �4� �K�gbd, �eK:�j� �xkf\w98� -uK -l�/�pPe�la
�7!Jsj)f�
kZ\<s� �x� �2�v{gY �c/zFj�yMl\2�5�eAk�c� Ki>j�;�e� �d�/�69uAua ,t� Os�d� �r7sO3�
:6 �;�k%j�dI1�x/ 8eal&hI6�qL �g�hZ0� �o)ple,j�e�i*e:e�fV5�g�ebh� �s� �9�n�z�pL �n� �m�
:�e�pH:�7� �W/ �cW �k(jN7� �d�ug xoVz47� �vJm�dW6�ImS" �[.5�e+i� _jQ d3�rTh~eY;�g�fY
:�{G|A �i#nv �j_c:f�g%w5eOqF0�xRn�1�|B Po_lY;� �j� -gc/�g$:�wAh�k�p^ �sMg�m�d�4�qMi�2�
:�x�f�zVv/ 93�s�s9j�f9 �f�i\f�1�j� @
v?1�g-|eg,d�k�m,m0g� �fX0�/��U8�/!1� :9� \Y6l^ft �i�yHwPkVq7m]nI4� #P|g,h�kXXD
�|�t�4�t^sFd\y3yG7� �n@ �g* Vg�6� �cvfWtU �:� 0n� Kg� �j� �k� {j�nX5�l�j_l� �|�9!
fsek�f#:�l-5� {f5 NrX �m�e�rT1�h�l�3�mAn� 0f-{N/� 'fG �o� �f�dV ih�rI
�5�8�PCe�l�o<h�5� �k� &l� �2�34S@ Wh�l�l�yWf�l�vJu�678� _i( �c� �dM ?4�pUf}iZh�3�12Kw
�n,m�oW %ZBx�z� �3� QQ>c�e# �
|M352�l%c� 9lK2�s�j�q`9z �k� �m�0�d3 �o_ �7�p�h� �s�q� �l_cN8�i�c�uLk�/�l) �/�
|�l?k}e+xI/� �p6h�
n� vn�3� Hodc�n� Lg�da 2oP8�uzg�qL �l�8�fh 7v6l� �gXo�dKd� at�6� �|Gh�j�k�o�
�g�jp:!goh.eCib �sH/�i, Vm�nO7�vHuU �r`nhfl9� c8����W .XqOZI/[BP�VJPWWAD���
f8!7�6�6�Qv "o" �h�da`@ �p�v�0�lEh�h��� q��@�8�I| 9e&n�iaa>p�q���0�7�0�3� #X�h�k+n�
�n]pPT8 #i�o�i�gO B7�h<l� Hm�
��A�2� �N5o� `i�d�lTF:��0!2�6� J;� �^�o�l%c� 'lXvMMoXw3k\{Tk�c?0� /f>g�
d���A�7�U�o^q2nY �rS �n�e<?/�G/�0� T1�4�Z�g�c-h�m[tLM�iX �w~ �i`o�����D�1�P�gW
�u~dWi��O7�6�0� Z9�^�i�j+c�fVrK\&z_l"m�jb0�oCn� �d� 0��F�2�`'wZ �f)h�e\4�4�8�Y+ �qa
.n$l�e_G/�6�1�5�8!a�m� ^k)m� �n` �tPZEj�c� �ktj�0�cDd�
k�4���B�:�]Ej�g�
gql���0�:�;�:�]�e�d) >n�ma �pS qZ]g�q5cWd,f�3� �cFe�j� ���<�7� �`bl� �y8 fc_ �j,
Xn����e�P9�9�Z3LXK{ �I�[@`U RR`Z9 =L� �J� �UzB��64�8!J�nh 70� �t�o�uX
0� �yX ]|C Z
g_
3�Ow =h'j� �lWYFu�r�7�
w1f\myy_ �c� �m* �|1c� �{�9�0� �p�m�t[/� �{Dj�o� �|ae� �eP0� xw/iW �dp Ln�{GqT
�eay/7�e�xI )7�/� �T)/�M� qL�JmR]\KJ�K� �I`5�Ktc&d� �l]`H �q�x�6�x9d]nvc� �pBqT 7r1o)
�zS �f�k� �m� �0�g� RsF8� �l� 8l�l�|�;� 13I �=4F�5� =;�7� �1�wL ^e�e*|U;�i� Rd�gCi�
|Y ikM �l[wH e:�cox0g[e^1�q^|�muu3n*hKk` mw?6� �l^wle[s5r�7�xMg�h� �f` ]5� �wNj�
|fcb|�8� �c@ �j�d�fY9�j� �u^uK g7�5!L� fi�q{ �:�fEc� }g� �d�;�h�xE9! ypS �f sj& <wP@�
|C9�W�h�u[ I;x �e�m�3�e+ �l�qDf�3� �ctdV �|MB��� �0�4�;�/�a< �g� zo%|/pJbHv�v�0�qM
e^ �jA �d� {d�e�f�l�dyv�4� M0�;�kreXxT;�wJ �i�k�tDma �:�r<gYr9ydha �t:p> �8�QdL)XG\M
.2'�F G;�8!;�4�U":�g9{Wm� �o� �rK3�k� �d�1�c@i�c"yK6�k=o�h� �oV �n�yM \6�e)e� zeU3�Ji
�N(YD\I0�kY4�e�l(j�o� �8�rRh\k>o� �i�i�fEd,l�4�|@sav�w� �o� �|7vS:��E4�6�3�0� �YEi�
�f%t: �i]jJ:�y>g\u8vjl^w17! �k� &h� �x=yT �{< s/�2�2�6� �hem�m�jJ �5� �zQd�k` P4�j0
�m\ \xGuK1�{EmY �|0{coax4 �
;!njc�p; �/� �{� ,k�uX8�T# �M� tNT5�s�f�qb �s16� �ohy4d�h` Hj�cUzD��1�8�
0�5�I= �k�j-e�e> �gWzG �6�uJi�:� �
j2 qgV �{R bk$8�{KiY{CwJ7�n� �d[p|3�J{d,e� 6jY fXAq� �v�1�qed_p/s=l�
�l�c�u=7�f5h\ckm�{7i\ �0� p|N Nc�m`q�5� �ou �j� &5�yBo�h,p4kYywf)z2nZ�x9�1� �8�7�
ua�k_m. pl<ob:�n� �fe:�n�c� �
c� �iI1�f&n�jI4� �wKg�j^ �6�c�g� �m�qzd� .m\dRhx >nZ8�|Qdm*uR0�p�g�
u[ Q9r{2ia9�{Az_ fy�s� �h�{/wJ &g�i�et �4!{JckV5�eAn� �d� �m�m\sFzM J;!oxf'
j�l�g�
np6� �s? �e�
ndsI{rg.r1k`5� JyMj�j_ q8�d�gW
|S1� �d� �f(z?6�f]sdo\p4 p7�{>mWm`n�3"����8�6�bQo�/�x0n]ksf� 1zGpRh^w3/� �2�k|f� �;�
{S �o�1�zKi�da �0�Us �d" �d�j^ SYHy�r�;�y|dVc7 �|Bf� zpTk[3�4�2�k� �{TvRs!H�;�0�rz �tw
�pq �:�lt �e+ �
l�hXtHx� �w� �7� �nBn�f�0�6�8� �d$ 0j� �lM1�jGo� �c�n<f�/�n�e�/�49_5 #gVgso� �tDyN �nX
|v4 w9�15���'/�4� �ZOg�c+o� vd�x@ &4� �
ln �o�u2 �:�u/fZd)kSc� �n�hv2!xRi�f� �x<1�cnn.u30&��0�7���
9� �7�9� �2� �5� �;� V1�;�2� ~2�5� �\Q zmVn. �i�;! �Mv `d.c� �
k[Z<t� Sr� �1��(
==============0F8EA4E5542704F87D4BD79A==
------------------------------
From: David A Molnar <[EMAIL PROTECTED]>
Subject: Re: Paper on 512 cracking
Date: 2 May 1999 07:12:19 GMT
UBCHI2 <[EMAIL PROTECTED]> wrote:
> Is it true that either Adelman or Shamir has recently written a theoretical
> paper on how to crack up 512? Is the method practicable if so?
Another thread here has indicated that this is the topic of Adi Shamir's
Eurocrypt talk this year. Perhaps he did that as joint work -- either way
is plausible and I don't know the answer.
This same thread indicated that Shamir's presentation is on Tuesday. So
hurry up, if you get tickets in time you can grab one of the last few
seats in the lecture hall!
In the meantime, it's been said that first proper announcement belongs
to Shamir himself. It seems that everyone who might be in a position
to know more about the breakthrough holds this view. So it looks like
we have til Tuesday, at which time all hell may break loose. I can't
wait to see the popular press on this one.
-David
------------------------------
From: [EMAIL PROTECTED] (Steve Rush)
Subject: Re: A challenge for you !
Date: 2 May 1999 10:16:33 GMT
>This is a simple version of an encryption program im making. 35 people
>have tried it, no one has cracked it. Give it a go and see if you can!
>Please email me if you do try to decrypt it.
You don't get it, do you? You don't post cyphertext and say "Betcha can't
crack this!!!". You post the algorithm and ask if anyone can see a weakness.
If nobody does, that just means that your cypher isn't really bad. It doesn't
necessarily mean that it's any more secure than dozens of other
formidable-looking cyphers whose bones litter the cryptographic landscape. If
you use it for live data, in an application that draws the attention of a real
cryptanalyst, it will probably cost you a lot of work, money or prison time,
depending on the application.
If you understand all of the AES candidates, and all of the attacks that they
are designed to resist, and still think you have invented something better,
then publish it.
**********************************************************************
If it's spam, it's a scam. Don't do business with Net abusers.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: A challenge for you !
Date: Sun, 02 May 1999 11:50:16 GMT
<snip>
No one ever tries to crack programs without source code. Look we all know
you can add values together, but can you release the source code and still
consider it safe?
Tom
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: [EMAIL PROTECTED] (Matthias Bruestle)
Subject: Protcol for finding password error?
Date: Sun, 2 May 1999 12:00:28 GMT
Mahlzeit
Following case:
Two people meet. One of them fills out a form by hand and writes
ther down a password and give it the other person. A while later
this person reads the password, but with an error, e.g. "O" instead
of "0". This password is somehow used and the people notice there
is an error. The can't meet again and share only this password.
Is there a protocol for correcting this error without disclosing
the password to an eavesdroper? Maybe without any public key
cryptography or only with something like PGP (without trusted keys!)?
What I can think about are standard ECCs. Or for single character
error an XOR of all characters and trying out password-length passwords.
But they surely help the eavesdropper.
Mahlzeit
endergone Zwiebeltuete
--
PGP: SIG:C379A331 ENC:F47FA83D I LOVE MY PDP-11/34A, M70 and MicroVAXII!
--
Nur Bares ist wahres!
------------------------------
From: SCOTT19U.ZIP_GUY <[EMAIL PROTECTED]>
Subject: Re: Deadly threats
Date: Sun, 02 May 1999 14:13:03 GMT
In article <[EMAIL PROTECTED]>,
Anonymous <[EMAIL PROTECTED]> wrote:
> hapticz wrote:
> > if I continue to send deadly physical threats to high government officials
> > in encrypted form without the keys, am i liable to be prosecuted?
>
> 0000000 302 135 335 270 135 221 156 331 336 111 271 200 366 332 266 257
> 0000010 166 374 342 035 351 376 064 144 362 166 366 103 231 033 016 101
> 0000020 177 017 054 335 243 042 116 236 120 277 250 146 142 222 242 041
> 0000030 332 366 321 067 043 133 064 117 324 141 206 012 366 146 062 355
> 0000040 212 143 164 332 303 006 236 320 026 271 132 330 043 241 117 272
> 0000050 340 211 166 164 175 164 020 370 230 372 270 252 276 050 247 277
> 0000060 140 310 021 057 323 117 303 332 131 326 116 101 347 333 200 305
> 0000070 246 176 141 327 315 243 305 334 222 262 050 010 106 126 127 340
> 0000080 351 232 121 026 125 001 266 064 370 161 377 152 000 224 202 304
> 0000090 112 022 114 176 312 113 154 327 112 332 025 211 222 021 337 266
> 00000a0 106 274 050 357 154 134 142 365 377 143 107 316 320 117 210 063
> 00000b0 333 027 244 042 317 060 322 267 367 377 343 377 162 270 064 307
> 00000c0 066 102 365 226 347 242 106 372 022 023 316 241 033 237 275 351
> 00000d0 163 062 022 305 271 373 005 140 153 134 144 064 013 044 222 366
>
>
If you trying to imply this is some secret threat. The NSA can easly
find out how the messages get sent. There is no real why to hid the acount
and the telephone one used to send the message. Unless you do it from
someones elses house. Or an internet cafe.
David Scott
--
http://cryptography.org/cgi-bin/crypto.cgi/Misc/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
to email me use address on WEB PAGE
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: [EMAIL PROTECTED] (R. Knauer)
Subject: Re: True Randomness & The Law Of Large Numbers
Date: Sun, 02 May 1999 14:33:17 GMT
Reply-To: [EMAIL PROTECTED]
On Sat, 01 May 1999 10:28:25 -1000, Piso Mojado <[EMAIL PROTECTED]>
wrote:
>What a fucking asshole. Hey, Knauer you really made a fool of
>yourself. Please take your arrogant non-sense into the commercial
>sector, where you can be quickly fired.
Yet another moron joins the debate.
<yawn>
Bob Knauer
"There is much to be said in favour of modern journalism. By giving us the opinions
of the uneducated, it keeps us in touch with the ignorance of the community."
-- Oscar Wilde
------------------------------
From: SCOTT19U.ZIP_GUY <[EMAIL PROTECTED]>
Subject: Re: A challenge for you !
Date: Sun, 02 May 1999 13:41:58 GMT
In article <[EMAIL PROTECTED]>,
Russell <[EMAIL PROTECTED]> wrote:
> This is a multi-part message in MIME format.
> --------------0F8EA4E5542704F87D4BD79A
> Content-Type: text/plain; charset=us-ascii
> Content-Transfer-Encoding: 7bit
>
> This is a simple version of an encryption program im making. 35 people
> have tried it, no one has cracked it. Give it a go and see if you can!
> Please email me if you do try to decrypt it.
>
I might look at it. But the way the game is played here. Is you
assume the source code is available. I have 2 contests going at my
website. And I supply source code with examples. If you really want
people to look at it try at least to do that.
David A. Scott
--
http://cryptography.org/cgi-bin/crypto.cgi/Misc/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
to email me use address on WEB PAGE
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: [EMAIL PROTECTED] (R. Knauer)
Subject: Re: True Randomness & The Law Of Large Numbers
Date: Sun, 02 May 1999 14:31:24 GMT
Reply-To: [EMAIL PROTECTED]
On Sat, 01 May 1999 16:01:55 -0400, "Trevor Jackson, III"
<[EMAIL PROTECTED]> wrote:
>You have simply got to tell us where you get what you are smoking!
I smoke Fellers and sometimes Li & Vitanyis and occasionally
Kolmogorovs.
You have seen the statements from these experts that I have posted
here on more than one occasion, and what they are saying is
unmistakeable. I cannot believe that people are putting up such strong
resistance to their comments.
When Feller says:
"Thus, contrary to widespread belief, the time average for any
individual game has nothing to do with the ensemble average at any
given moment",
it is quite clear what he means.
He is saying that any property derived from the time average of a
particular sequence has nothing to do with the ensemble average, the
latter which characterizes the sequence generation process.
You cannot infer the value of p from the 1-bit bias of a particular
sequence. To attempt to do so is to engage in tautology. Try to make
sense out of this claim:
"The probability p is determined to be 1/2 with a probability of 95%."
What kind of sheer lunacy is that - a probability of a probability?
But that is exactly what people are trying to do when they use the
Mononbit Test. And to cover up for the inability to do this with
reasonable certainty, they invoke circular references to yet another
probability.
The whole scheme is nothing but snake oil. You cannot infer the
ensemble average, and hence the characteristics of the process itself,
from the time average of a particular sequence.
>In this context I'd like you to describe the utility of a multi-bit
>criteria. I.e., one that determines sucess and failure as more than one
>bit apart. I also need a description of the intermediate state in which
>there are not enough bits set to declare succes, and not enough bits
>clear to declare failure. What is the result -- absence of a quorum?
Would you characterize the process of electromagnetic radiation from
just one measurement of the speed of light?
Bob Knauer
"There is much to be said in favour of modern journalism. By giving us the opinions
of the uneducated, it keeps us in touch with the ignorance of the community."
-- Oscar Wilde
------------------------------
From: [EMAIL PROTECTED] (David P Jablon)
Subject: Re: Protcol for finding password error?
Date: Sun, 2 May 1999 14:37:33 GMT
You can adapt SPEKE or EKE to try to solve this
kind of "minimal disclosure" problem:
In article <[EMAIL PROTECTED]>,
Matthias Bruestle <[EMAIL PROTECTED]> wrote:
>
> Two people meet. One of them fills out a form by hand and writes
> ther down a password and give it the other person. A while later
> this person reads the password, but with an error, e.g. "O" instead
> of "0". This password is somehow used and the people notice there
> is an error. The can't meet again and share only this password.
>
> Is there a protocol for correcting this error without disclosing
> the password to an eavesdroper? Maybe without any public key
> cryptography or only with something like PGP (without trusted keys!)?
>
> What I can think about are standard ECCs. Or for single character
> error an XOR of all characters and trying out password-length passwords.
> But they surely help the eavesdropper.
Here's a simple example: Bob remembers "Foo", but Alice
has mistakenly rememberred "Fox". They both presume
that a single character error has occurred, perhaps from a
failed SPEKE exchange of "Foo" against "Fox".
(See <http://www.IntegritySciences.com/speke.html> for details.)
They can exchange a series of mutual proofs,
omitting a different character in each pass:
speke("ox", "oo") fails
speke("Fx", "Fo") fails
speke("Fo", "Fo") succeeds
One of these exchanges gives them a session key,
authenticated by shared knowledge of n-1 characters.
They can then talk privately about how to fix the
password or make a new one.
-- dpj
------------------------------
From: SCOTT19U.ZIP_GUY <[EMAIL PROTECTED]>
Subject: Re: Stream Ciphers and Quantum Computer Resistance
Date: Sun, 02 May 1999 14:08:57 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] () wrote:
> Having noted that at least *one* view of quantum computers envisages them
> also incorporating reversible computation, in order that they can avoid
> catastrophic heat buildup while isolated,
>
> it occurs to me that one can certainly design a cipher so that it causes
> headaches for a reversible computer.
>
> A long sequence of irreversible operations - operations that can be done
> reversibly, but which use up blank storage - would help.
>
> Of course, in some cases, one can reverse a calculation after copying its
> result, so this is still oversimplified. But if one keeps needing new
> results, and therefore the only way everything could be cleaned up is if
> everything is kept around till the end, there is still a problem:
> doubtless, quantum computer experts already know how to state the precise
> limitation here.
>
> Blowfish performs quite a bit of calculation in its setup. XOR and
> addition are reversible, but if one were to use a non-linear operation of
> the kind one finds in 3-Way, that could be fixed. However, with a few
> extra qubits, one could just try to find the subkeys directly, and ignore
> the key setup step.
>
> RC4 performs a lot of key setup before starting. However, that key setup
> consists of moving around the elements of an array that always contains
> the numbers 0 through 255, albeit in some jumbled order. This suggests
> that something that keeps introducing new elements into the list, more
> like MacLaren-Marsaglia, would be appropriate.
>
> As it happens, one stream cipher I've encountered does seem to fill the
> bill nicely, as it involves calculating new entries, in a complicated
> fashion, for a shift register, and it spends several cycles setting up:
> Panama.
>
> I'm already thinking of how to modify my "Large-Key Brainstorm", which at
> present is too reversible, to make it difficult to deal with by such
> attacks. But we already have one good example of the way to go.
>
> John Savard
Actually if one wants quantum computer resistance one should not be
so worried about reversiblity. But one should worry more about the
overall entropy of the system. If one is limited by using a weak method
such as any of the AES canditates likely to be blessed by the NSA and
if one is sending ascii messaages of a few dozen characters or more
then quantum computers will be able to solve for the likely unique
solution. There are really two pratical ways to solve this problem
one is to use a true OTP ( One Time PAd) and the other is to use an
extremly high entropy system such as scott19u.zip where one uses a long
random file of ones choice and than a password to protect it. But even
then to be safe one should every so often change the long random key
file since if both the source code and long secrect key file is stolen
a quantum compter could be used to guess what password was used but it
is many orders of magnitude safer than any of the AES candidate types
with there small NSA friendly type of key lengths. But the trick is
to have the entropy high enough such that more than one solution exists
that way a quantum computer could never settle down on the correct
solution.
David A. Scott
--
http://cryptography.org/cgi-bin/crypto.cgi/Misc/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
to email me use address on WEB PAGE
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: Matt Curtin <[EMAIL PROTECTED]>
Subject: Re: A challenge for you !
Date: 02 May 1999 10:16:56 -0400
>>>>> On Sun, 02 May 1999 18:24:14 +1200, Russell <[EMAIL PROTECTED]> said:
Russell> This is a simple version of an encryption program im
Russell> making. 35 people have tried it, no one has cracked it. Give
Russell> it a go and see if you can! Please email me if you do try to
Russell> decrypt it.
Read the FAQ, section 2.3, and try again.
http://www.cis.ohio-state.edu/hypertext/faq/usenet/cryptography-faq/part02/faq.html
--
Matt Curtin [EMAIL PROTECTED] http://www.interhack.net/people/cmcurtin/
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
