Cryptography-Digest Digest #508, Volume #9 Thu, 6 May 99 15:13:03 EDT
Contents:
Re: BEST ADAPTIVE HUFFMAN COMPRESSION FOR CRYPTO (SCOTT19U.ZIP_GUY)
Re: Fast random number generator (John Savard)
Re: Books (John Savard)
Re: The simplest to understand and as secure as it gets. (SCOTT19U.ZIP_GUY)
Re: A challenge for you ! (wtshaw)
Re: The simplest to understand and as secure as it gets. (SCOTT19U.ZIP_GUY)
Re: Some thoughts on Diffusion (SCOTT19U.ZIP_GUY)
Re: Roulettes (John Savard)
Re: Shamir's Discover: to those in the know (Richard Herring)
RSA test data ("Gernot Schuh")
Re: RSA test data (Eric Young)
Re: Some thoughts on Diffusion (John Savard)
----------------------------------------------------------------------------
From: SCOTT19U.ZIP_GUY <[EMAIL PROTECTED]>
Subject: Re: BEST ADAPTIVE HUFFMAN COMPRESSION FOR CRYPTO
Date: Thu, 06 May 1999 15:13:00 GMT
In article <[EMAIL PROTECTED]>,
Mok-Kong Shen <[EMAIL PROTECTED]> wrote:
> What kind of arguments are you using???!!! Are you very good in,
> say, Russian, if you don't have a Russian parent or haven't studied
> Russian as major in a university? This kind of 'sidetracking' in
> arguments clearly demonstrates that you are a liar. Actually it isn't
> worth my answering to such stuff. If you have evidence, then show
> it!!! Most part of this thread is still online. You just have to name
> the date and time and everyone in this group can immediately verify
> whether what you claim is true or not. But I do answer to this point
> in order that more people know (or remember once again) what kind of
> truth value your postings can generally be expected to have!
Actually my parents are none of your F*CKING BUSINESS. It is not
my fault that appeantly you lack the intelligence to understand
simple things. But maybe you suffer from some sort of inbreding
defect that prevents your brain from understanding simple concepts.
> > > > Well if you bothered to look at my code or examples then you can
> > > > see what the method does. But your mind up to this point is to closed
> > > > and to lazy to look. The point is you don't have to put all zeros
> > > > or ones in. It just seems that most people who code sompression routines
> > > > never give much thought about how to end the file in a nice way.
> > >
> > > I wrote (or didn't real my post carefully??) that, among others
> > > it is illegal for me to fetch crypto-code from US. Any if you have
> > > any good method, it is certainly possible to express that in
> >
> > I have read your posts though I can't figure out why. You can never
> > seem capable of simple reasoning. Since I guess I must state AGAIN
> > that the COMPRESSION CODE is not ENCRYPTION why you can't see that
> > is beyond me. Yes the compression code with examples sources and
> > an executable is at me site. But if you could read and was able to
> > retain this fact you would already know that since THIS WAS EXPLAINED
> > very carefully to you before.
> > But I realize that even after reading this again you still will
> > not understand what I have said. So I will no longer anwser posts
> > in this thread with you until you make some sense. So good bye.
>
> You stated previously that compression is now incorporated into your
> crypto code. So unless you posted the compression part entirely separate
> from the crypto code there is no legal way I can access that. And
> if a site contains crypto code and non-crypto stuff, I am not sure
> whether accessing the non-crypto stuff is without problem, if the
> site does not provide a mechanism to separate those that want to
> download codes into two groups, one for US and the other for the rest
> of the world. (I should appreciate it, if someone would say something
> definite to this point.)
>
Again for your PEE BRAIN no I PLAN to incorporate compression
in my encryption programs. The cyptro stuff is not on my site
(YOU SHOULD KNOW THIS BY NOW) But your to stupid to think. The
crypto is obtained by either going to pointers at the protected
north american crypto site. Or I have pointers to the Norway search
engines so others can find it in the FREE part of the world. Scott19u
is not available out side of the US cliton curtain yet.
> But if you really have an ingenious method of dealing with the file
> ending problem of Huffman encoding, why do you take the trouble of
> writing such lengthy 'augumentations' as you have done till now? It
> would take you, I estimate, a maximum of 20 lines of plain English to
I have to write such lengthy arguments because shit heads like you
are to damn lazy to look at the code and examples on the web page.
You have such a dense head I have been stating over and over again
how to do it but you can't grasp simple concepts or see the obvious.
Maybe some one else can explain it to you since we are getting no where
and you don't seem to have the mentally ability to follow simple
examples.
> explain how you deal with that without employing an EOF. Let me put
> the problem once again in the clear: Suppose we use a file type for
> output of compression that needs to have a multiple of 32 bits. The
> Huffman encoding of the proper input text has a length equal to
> m*32 + k. If k > 0, what shall one put into the last 32 - k bit
> positions? Isn't this a very clearcut question?? Now please say in
Yes it is clear cut. But why the hell should I explain a method to
you about doing it on 32 bit boundaries. When your to stupid to see
how it works for 8bit boudaries. Again I say look at eamples and look
at the code. It is all there for the 8 bit case. If you can't follow
a simple 8 bit case no way in HELL could you follow a 32bit case.
... sniped rest of rambling crap
David A. Scott
--
http://cryptography.org/cgi-bin/crypto.cgi/Misc/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
to email me use address on WEB PAGE
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Fast random number generator
Date: Thu, 06 May 1999 15:13:56 GMT
Mok-Kong Shen <[EMAIL PROTECTED]> wrote, in part:
>John Savard wrote:
>> My algorithm, though, only requires random bytes, and doesn't need to
>> do multiplication or division to convert them to other ranges.
>Where do you obtain these random bytes?
The algorithm was designed to create a key-dependent S-box for a block
cipher. Thus, the bytes used as input to it were produced as a result
of the cipher's key schedule (and were only pseudo-random).
John Savard ( teneerf<- )
http://members.xoom.com/quadibloc/index.html
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Books
Date: Thu, 06 May 1999 15:18:18 GMT
[EMAIL PROTECTED] (Bruce Schneier) wrote, in part:
>I found this book interesting. No earth-shattering revelations,
>though.
When I first saw it, I was worried that it would be a book in the Tom
Peters/Anthony Robbins genre, of use and interest only to managers.
Thus, I found it was worth another look, but I wouldn't expect any
"earth-shattering revelations" from a book that, by its nature, went
through a careful official approval process.
John Savard ( teneerf<- )
http://members.xoom.com/quadibloc/index.html
------------------------------
From: SCOTT19U.ZIP_GUY <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto,alt.privacy
Subject: Re: The simplest to understand and as secure as it gets.
Date: Thu, 06 May 1999 15:21:27 GMT
In article <7gs6mp$rlk$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
>
> > > Original Absolute Privacy - Level3 Version 4.0 Windows GUI - SHAREWARE
> > >
> > > http://www.ciphile.com
> > >
> > >
> >
> > Actually I think scott19u.zip is stronger.
> > Get it free executable and source code visit my site.
>
> Really? Prove it.
>
> Tom
>
>
Even though Terry Ritter may not aprove of this or puriest.
I think I can show by example how much better mine is than the
encryption used in your software. But I don't think you have the
courage to take me up on a contest structured like the current gloat
contest I am running. I encrypt a file with out using the extra
bells and whistles so that the length does not change and only
the core encryption is used. Take a look and see if your stuff
could ever be tested in such a competation. Since the AES stuff
that will be forced on us can't do a meaningful contest like this
I doubt it your is good enough.
David A. Scott
--
http://cryptography.org/cgi-bin/crypto.cgi/Misc/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
to email me use address on WEB PAGE
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: A challenge for you !
Date: Thu, 06 May 1999 05:30:31 -0600
In article <[EMAIL PROTECTED]>, "Douglas A. Gwyn"
<[EMAIL PROTECTED]> wrote:
> Bob Silverman wrote:
> > In article <[EMAIL PROTECTED]>,
> >
> > ...
> >
> > With ciphertext ONLY, it can decode to ANYTHING. And one can always give a
> > key which makes that decoding correct.
> > --
> > Bob Silverman
> > "You can lead a horse's ass to knowledge, but you can't make him think"
>
> What an appropriate end quote.
Strangely, he is probably right, not the tag, but the previous statement;
proper lengths provided, ciphertext should be decodable to anything with
the appropriate key. Otherwise, some plaintext-ciphertext pairs would be
excluded from being valid, a weakness in any algorithm.
--
What's HOT: Honesty, Openness, Truth
What's Not: FUD--fear, uncertainty, doubt
------------------------------
From: SCOTT19U.ZIP_GUY <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto,alt.privacy
Subject: Re: The simplest to understand and as secure as it gets.
Date: Thu, 06 May 1999 15:16:06 GMT
In article <7gs6mp$rlk$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
>
> > > Original Absolute Privacy - Level3 Version 4.0 Windows GUI - SHAREWARE
> > >
> > > http://www.ciphile.com
> > >
> > >
> >
> > Actually I think scott19u.zip is stronger.
> > Get it free executable and source code visit my site.
>
> Really? Prove it.
>
Why should I prove how I think. Besides only a true OTP is
proven secure. But you may lack the knowledge to know that.
David A. Scott
P.S. Mine as a bigger key than yours!!
--
http://cryptography.org/cgi-bin/crypto.cgi/Misc/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
to email me use address on WEB PAGE
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: SCOTT19U.ZIP_GUY <[EMAIL PROTECTED]>
Subject: Re: Some thoughts on Diffusion
Date: Thu, 06 May 1999 15:28:04 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
>
> While experimenting with different Feistel-like symmetric
> ciphers, I had some thoughts on ways of quantifying diffusion.
>
> While the overall security of a cipher can never be known
> for certain until it is broken, diffusion has been at least
> a good indicator of probable security. By diffusion I mean the
> action of an input data bit having an effect on a large
> part (hopefully all) of the output block. When applied to ciphers
> with rounds, I mean diffusion to apply specifically to the rate
> at which the effect of an input bit spreads as a function of
> rounds.
>
>
Yes diffusion is a very good concept. However most encryption
programs which are not "SCOTTLIKE" in there sturcture only limit
the diffusion the the current block of encryption and pass it
weakly forward. If you really want to use diffusion that is spread
through the whole encrypted file from a single bit change anywhere
in the plain text file take a look at scott16u or scott19u.
Thank You
David A. Scott
--
http://cryptography.org/cgi-bin/crypto.cgi/Misc/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
to email me use address on WEB PAGE
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Roulettes
Date: Thu, 06 May 1999 16:31:58 GMT
Mok-Kong Shen <[EMAIL PROTECTED]> wrote, in part:
>But according to mathematics there exist exactly 5 regular polyhedra:
>tetrahedron, hexahedron, octahedron, dodecahedron and icosahedron.
Yes, but the regular polyhedra are not the only shapes suitable for
use as dice.
A 60-sided die can be made by attaching a shallow five-sided pyramid
to every face of a dodecahedron. While the faces aren't regular
polygons, but isoscelese triangles, they will still all be identical
in shape and in vertices.
Raise the pyramids a bit, and you can get a solid with 30 rhombic
faces, and these are on sale along with 4, 6, 8, 12, and 20-sided
Platonic solids.
A 10-sided die made from two five-sided pyramids back to back, but
with an offset rotation and a zigzag boundary, is also commonly
available.
By adding suitable pyramids to a cube or octahedron, one can also get
a 24-sided die.
John Savard ( teneerf<- )
http://members.xoom.com/quadibloc/index.html
------------------------------
From: [EMAIL PROTECTED] (Richard Herring)
Subject: Re: Shamir's Discover: to those in the know
Date: 6 May 1999 16:39:40 GMT
Reply-To: [EMAIL PROTECTED]
In article <[EMAIL PROTECTED]>, DJohn37050
([EMAIL PROTECTED]) wrote:
> P=NP destroys any symmetric key system as well.
"P=NP" is a statement about asymptotic behaviour in the limit as
problem size tends to infinity. Cryptanalysis is about solving
problems of large but fixed size. Not exactly the same thing.
--
Richard Herring | <[EMAIL PROTECTED]>
------------------------------
From: "Gernot Schuh" <[EMAIL PROTECTED]>
Crossposted-To: comp.lang.java.security
Subject: RSA test data
Date: Thu, 6 May 1999 17:32:29 +0100
Hi,
I am implementing RSA and I can't find any test data of encrypted and
decrypted messages.
Can anybody help?
Gernot
------------------------------
From: Eric Young <[EMAIL PROTECTED]>
Crossposted-To: comp.lang.java.security
Subject: Re: RSA test data
Date: Fri, 07 May 1999 04:18:59 +1000
Gernot Schuh wrote:
> I am implementing RSA and I can't find any test data of encrypted and
> decrypted messages.
Here are some, I've appended the program used to generate them, link
with SSLeay or variant.....
This is for 256 bit keys, I have PKCS1 padding and no padding results.
eric
--
Private-Key: (256 bit)
modulus:
00:e9:7b:00:e4:60:a9:db:4a:64:fc:09:9e:fc:4c:
0f:1c:a1:59:ba:8f:e8:11:69:db:87:41:c6:24:3a:
d0:c5:b7
publicExponent: 65537 (0x10001)
privateExponent:
00:c7:54:63:23:96:bf:0c:df:cb:ad:3d:4d:85:5a:
2d:ff:02:c6:49:92:52:cc:c3:e2:d3:92:eb:ce:03:
fa:18:09
prime1:
00:fb:a0:88:3a:47:cf:39:0a:ef:ed:0e:e3:43:d4:
01:83
prime2:
00:ed:89:bd:18:6b:33:91:ac:8b:35:09:d3:ae:7d:
38:bd
exponent1:
3e:55:6f:49:d8:be:29:e8:5e:b5:40:09:e6:a4:9f:
57
exponent2:
00:e9:53:8e:1a:49:5b:1b:71:c8:3f:ee:0a:2f:70:
b3:65
coefficient:
00:bc:9b:17:ff:fc:96:a2:b0:44:d9:32:58:bd:fe:
dd:b5
PKCS1 public encrypt :
28ACDC4D4A7D1A19CC8BEBD72E5109ED7A08781F4B6F11467C5DD86A53562378
PKCS1 private encrypt:
625989EF598E47000653F65D8CC1CEF623CCDE6546F17E55BCED1B9218CF7694
public encrypt :
49E8B85DA339D904FD0E1A68DE7FFDA0DFF85F2091D1D33534121B2BDE49CD00
private encrypt:
C41D9A53F2D330845F5EE8BE0782333088FA094202880EBE9463C527B5F19E82
---
#include <stdio.h>
#include "rsa.h"
void print_bytes();
main()
{
RSA *rsa;
unsigned char pub_enc[512];
unsigned char priv_enc[512];
char *data="test message";
int i,pub_len,priv_len;
rsa=RSA_generate_key(256,RSA_F4,NULL,NULL);
RSA_print_fp(stdout,rsa,0);
pub_len=RSA_public_encrypt(strlen(data)+1,data,pub_enc,rsa,
RSA_PKCS1_PADDING);
priv_len=RSA_private_encrypt(strlen(data)+1,data,priv_enc,rsa,
RSA_PKCS1_PADDING);
fprintf(stdout,"PKCS1 public encrypt :\n");
print_bytes(stdout,pub_enc,pub_len);
fprintf(stdout,"\nPKCS1 private encrypt:\n");
print_bytes(stdout,priv_enc,priv_len);
fprintf(stdout,"\n");
pub_len=RSA_public_encrypt(strlen(data)+1,data,pub_enc,rsa,
RSA_NO_PADDING);
priv_len=RSA_private_encrypt(strlen(data)+1,data,priv_enc,rsa,
RSA_NO_PADDING);
fprintf(stdout," public encrypt :\n");
print_bytes(stdout,pub_enc,pub_len);
fprintf(stdout,"\n private encrypt:\n");
print_bytes(stdout,priv_enc,priv_len);
fprintf(stdout,"\n");
RSA_free(rsa);
}
void print_bytes(fp,d,l)
FILE *fp;
unsigned char *d;
int l;
{
int i;
for (i=0; i<l; i++)
fprintf(fp,"%02X",d[i]);
}
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Some thoughts on Diffusion
Date: Thu, 06 May 1999 17:09:33 GMT
[EMAIL PROTECTED] (wtshaw) wrote, in part:
>In article <[EMAIL PROTECTED]>, Piso Mojado <[EMAIL PROTECTED]> wrote:
>> Malcolm Herring wrote:
>> > Surely diffusion says nothing at all about the security of an algorithm.
An algorithm can have a lot of diffusion, and not be secure at all.
However, that doesn't mean that diffusion cannot add to the security
of an appropriate algorithm. Most block ciphers are so designed that
measuring diffusion does give an idea of how many rounds are needed
for security, or at least how many rounds are thought to be needed or
intended to be needed.
>> Block ciphers are not provably secure, but they all have diffusion.
>My GVA does not have it; as a block cipher, according to my broad
>definition, it does not need it.
I looked it up at Radio Free Texas, and it certainly is an interesting
way to generalize the Bazeries Cylinder/Jefferson Wheel for the modern
age.
One uses a cylinder with one special character, =, in addition to
those used in messages.
Three conventional Bazeries encryption steps are performed in the
example you give with a two-letter key.
First, encrypt the message with = appended.
Then, encrypt the first keyletter plus the result.
Then, encrypt the second keyletter plus the result.
Looking for the two keyletters at the start, and then the = sign on
the end, allows decrypting.
Since the GVA obtains its security from the fact that each letter is
encrypted on a different series of three disks from the other letters,
while in one sense it is a "block cipher", since the group of letters
is encrypted together, from another viewpoint it is really a stream
cipher, because it obtains its security by encrypting each letter in a
different way. And that is why it can manage without diffusion.
I can envisage an attack on Grandview with *one* keyletter, if a large
number of messages are all sent with the same key. If one has enough
messages of the same length to get statistics on their first and last
letters, progress is possible. But it certainly *is* a system of
considerable security. Done manually, one can improve security by
getting rid of the = sign at the start, and use a conventional
cylinder. (Since the = sign is always at the end of the message, one
could actually use an extra keyletter; it could even be a common
letter like A without interfering, since any A not at the end of the
message must be text. So the = sign can even be eliminated for a
computer.)
John Savard ( teneerf<- )
http://members.xoom.com/quadibloc/index.html
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
