Cryptography-Digest Digest #599, Volume #9 Wed, 26 May 99 17:13:02 EDT
Contents:
Re: Oriental Language Based Encryption (Patrick Juola)
Re: Review of Scottu19 (Thomas Pornin)
Re: non-computerized cryptography (David Eppstein)
Hot on the heels of hushmail.... (fungus)
Re: Why would a hacker reveal that he has broken a code? (Johnny Bravo)
Re: block ciphers vs stream ciphers (John Savard)
Re: A question on congruential algebra ([EMAIL PROTECTED])
Re: Oriental Language Based Encryption (John Savard)
Re: NSA proves banks use poor crypto (John Savard)
Unix Crypt (Michael Ghens)
Re: Why would a hacker reveal that he has broken a code? (SCOTT19U.ZIP_GUY)
Re: RFC1321 (MD-5) - any problems? ([EMAIL PROTECTED])
Re: Review of Scottu19 (SCOTT19U.ZIP_GUY)
Re: Why would a hacker reveal that he has broken a code? (John Savard)
Re: Give up; Scott is the unflappable undead. (wtshaw)
Re: NSA proves banks use poor crypto (SCOTT19U.ZIP_GUY)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Patrick Juola)
Subject: Re: Oriental Language Based Encryption
Date: 26 May 1999 13:38:06 -0400
In article <[EMAIL PROTECTED]>,
Mok-Kong Shen <[EMAIL PROTECTED]> wrote:
>Patrick Juola wrote:
>>
>
>> Encoding based on linguistic units has a rather serious problem of
>> leaving a lot of (redundant) structure in the text.
>
>Just take several pages of an English dictionary, if you assign some
>4 digits of numbers (consecutively in each page), and take some
>coded words, if you scramble a little bit, do you think you can
>get something of the sort of frequency (of the digits) useful to
>you?
I'm sorry, I didn't really understand the question you asked.
My understanding :
I replace all words in an English text (it doesn't really have to be
a dictionary) with sort of opaque symbol, then diffuse the symbols
around via some sort of transposition cypher, and then you ask what
I can get out of this?
Answer : probably plenty.
First, we know enough about English word frequency that I can probably
sort your message into function and content words fairly simply. In
plainer speech, I can detect all the so-called 'little words' like
the, of, and, if, by, and so forth. A few minutes to days work with a
computer and I can probably come up with a probable part of speech for
every symbol in the text. With a little bit of clever guessing about
what the subject of the text is -- oh, that's right, you've already
*told* me it was a dictionary 8-) -- I probably can match the content words
(the nouns and verbs) and their parts of speech to their expected
frequencies and come up with a surprisingly good reconstruction of the
message.
-kitten
------------------------------
From: [EMAIL PROTECTED] (Thomas Pornin)
Subject: Re: Review of Scottu19
Date: 26 May 1999 18:07:31 GMT
According to SCOTT19U.ZIP_GUY <[EMAIL PROTECTED]>:
> If one can't read and understand C
Actually, many people consider that C code that does not produce the
same result, depending on the endianness of the target machine or the
size of the integer types, does not deserve to be called 'C code'. At
least it has an 'undefined' behaviour in ANSI-C.
You may do what you want but code that relies on the special
implementation of C on a particular machine is very difficult to read
(especially for people who produce portable code, and who have learned
not to rely on endianness or 32-bit long integer). Moreover, it is often
considered that if an algorithm cannot be expressed in English with
complete and unambiguous schematics, then it is not worth considering.
Therefore you will not get public attention unless you make the effort
to document clearly your algorithm. Writing documentation is not as fun
as coding but it must be done. Anyway, it is up to you.
--Thomas Pornin
------------------------------
From: [EMAIL PROTECTED] (David Eppstein)
Subject: Re: non-computerized cryptography
Date: 26 May 1999 11:26:28 -0700
[EMAIL PROTECTED] (John Savard) writes:
> If you mean, "are papers being published in the recognized academic
> literature, proposing pencil-and-paper ciphers which are secure by
> today's standards of cryptosecurity", the answer is no, even though
> such ciphers are not actually impossible to devise.
Schneier's Solitaire (http://www.counterpane.com/solitaire.html) doesn't
count? Ok, bestselling novels are not usually considered recognized
academic literature...and it's not just pencil and paper, you also need
a deck of playing cards.
--
David Eppstein UC Irvine Dept. of Information & Computer Science
[EMAIL PROTECTED] http://www.ics.uci.edu/~eppstein/
------------------------------
From: fungus <[EMAIL PROTECTED]>
Subject: Hot on the heels of hushmail....
Date: Wed, 26 May 1999 19:55:02 +0200
A new service called ziplip has just appeared.
http://www.ziplip.com/
It's a variation on Hushmail but uses private keys - you have to agree
on a key with the recipient. It has a "hint" feature so you can send
messages without arranging a password (eg. "Where we had lunch last
week....").
--
<\___/>
/ O O \
\_____/ FTB.
------------------------------
From: [EMAIL PROTECTED] (Johnny Bravo)
Subject: Re: Why would a hacker reveal that he has broken a code?
Date: Wed, 26 May 1999 14:44:14 GMT
On Wed, 26 May 1999 14:49:16 GMT, [EMAIL PROTECTED] (Terry Ritter) wrote:
>But the issue here was not *whether* a hacker could break 3DES, but
>rather, supposing he did, what would make him declare his discovery?
>Let's see: On the one hand he gets some fame, hazy promises of money
>to come, and also warns every 3DES user to change their cipher, which
>thus eliminates his advantage. On the other hand, by not releasing
>the discovery he gets no fame, but continues to hold onto an advantage
>which he may find useful. And if he did *not* find the advantage
>useful, whatever possessed him to do the research leading to the break
>in the first place? Hackers are not employed to publish!
The problem would be the hacker trying to keep it a secret. There
is always the temptation to tell a few friends. And you know what Ben
Franklin said about secrets, "Three people can keep a secret if two of
them are dead." :)
Johnny Bravo
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: block ciphers vs stream ciphers
Date: Wed, 26 May 1999 18:57:54 GMT
Helger Lipmaa <[EMAIL PROTECTED]> wrote, in part:
>In the case of block ciphers I strongly prefer counter mode with
>precomputations, for speed reasons. But to get most out of the counter
>mode, the underlying cipher should be a PRF, not a PRP (Bellare et la,
>1997).
For those of us who didn't get the acronyms, I take it you mean that
counter mode of a keyed hash function is preferable to counter mode of
a block cipher.
John Savard ( teneerf<- )
http://members.xoom.com/quadibloc/index.html
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: A question on congruential algebra
Date: Wed, 26 May 1999 18:26:29 GMT
Vedat Hallac wrote:
> >x^2 mod n = y
> Hmmm... It seems to me the only option will be to factor n
> to p_i, i=0..k, solve the
>
> x_i^2 mod p_i == y mod p_i
>
> for all i,
Remember that the statement of the question said that
the modulus, n, is prime. Given a prime modulus,
determining if square roots exists and finding them if
they do is efficient. See algorithm 3.34 in the
/Handbook of Applied Cryptography/ by Menezes, van
Oorshot and Vanstone.
--Bryan
--== Sent via Deja.com http://www.deja.com/ ==--
---Share what you know. Learn what you don't.---
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Oriental Language Based Encryption
Date: Wed, 26 May 1999 19:19:29 GMT
[EMAIL PROTECTED] (Patrick Juola) wrote, in part:
>Encoding based on linguistic units has a rather serious problem of
>leaving a lot of (redundant) structure in the text.
It certainly is true that a block cipher like DES is superior to a
code book.
But if one is looking at what kind of plaintext to use as a starting
point, before applying in all cases the _same_ form of encryption,
uncompressed ASCII has a lot of redundancy; Huffman coding and allied
techniques reduce this redundancy, and using a code book reduces it
even more.
Yes, the reduncancies based on sentence structure are still present,
but those resulting from the alternation of vowels and consonants and
so on are eliminated more thoroughly than by a standard compression
scheme.
John Savard ( teneerf<- )
http://members.xoom.com/quadibloc/index.html
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Crossposted-To: talk.politics.crypto
Subject: Re: NSA proves banks use poor crypto
Date: Wed, 26 May 1999 19:14:20 GMT
[EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) wrote, in part:
>"Newsweek magazine reports
...
>Clinton has authorized
...
>the National Security Agency to meddle with Milosevic's international bank accounts."
Lucky for Bill Clinton that he doesn't have a Swiss bank account. In
general, this sort of thing could be interpreted as a hostile act by
the countries in which any of the affected banks are situated. But
possibly the statement doesn't have quite the meaning it appears to.
John Savard ( teneerf<- )
http://members.xoom.com/quadibloc/index.html
------------------------------
From: [EMAIL PROTECTED] (Michael Ghens)
Subject: Unix Crypt
Date: 26 May 1999 19:30:20 GMT
Looking for source for Unix-crypt function. Need it in a M$ Windows
Programming project.
Please Cc: me your post.
Thanks
Michael
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Why would a hacker reveal that he has broken a code?
Date: Wed, 26 May 1999 20:32:18 GMT
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Johnny Bravo)
wrote:
>On Wed, 26 May 1999 14:49:16 GMT, [EMAIL PROTECTED] (Terry Ritter) wrote:
>
>>But the issue here was not *whether* a hacker could break 3DES, but
>>rather, supposing he did, what would make him declare his discovery?
>>Let's see: On the one hand he gets some fame, hazy promises of money
>>to come, and also warns every 3DES user to change their cipher, which
>>thus eliminates his advantage. On the other hand, by not releasing
>>the discovery he gets no fame, but continues to hold onto an advantage
>>which he may find useful. And if he did *not* find the advantage
>>useful, whatever possessed him to do the research leading to the break
>>in the first place? Hackers are not employed to publish!
>
> The problem would be the hacker trying to keep it a secret. There
>is always the temptation to tell a few friends. And you know what Ben
>Franklin said about secrets, "Three people can keep a secret if two of
>them are dead." :)
>
> Johnny Bravo
>
>
Franklin must have been an optimist. I am not sure three people can keep
a secret unless all three are dead and everything they every touched was
destoryed. Even at that you should check there bank accounts and see if
any chinese made cash deposits to there bank accounts.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: RFC1321 (MD-5) - any problems?
Date: Wed, 26 May 1999 18:40:10 GMT
Klaus Lindemann wrote:
> Hi All
>
> I have been looking at the MD-5 specification given in RFC1321.
>
> The RFC dates back to April 1992, so my question is whether
> there has been any updates to this RFC since, e.g. small
> error corrections, enhancements etc.?
One major update: RSA Labs, where MD-5 was invented, now
recommends against using it.
See
ftp://ftp.rsa.com/pub/pdfs/bulletn4.pdf
and/or
ftp://ftp.rsa.com/pub/cryptobytes/crypto2n2.pdf
They recommend SHA-1, or possibly RIPEMD-160 instead.
--Bryan
--== Sent via Deja.com http://www.deja.com/ ==--
---Share what you know. Learn what you don't.---
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Review of Scottu19
Date: Wed, 26 May 1999 20:26:13 GMT
In article <7ihd93$2h8$[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Thomas Pornin) wrote:
>According to SCOTT19U.ZIP_GUY <[EMAIL PROTECTED]>:
>> If one can't read and understand C
>
>Actually, many people consider that C code that does not produce the
>same result, depending on the endianness of the target machine or the
>size of the integer types, does not deserve to be called 'C code'. At
>least it has an 'undefined' behaviour in ANSI-C.
>
I am not a C purist in case you could not figure it out. But I see C as a
tool to help one write code. But only a modern lazy programmer would
blindly code without giving the underlying machine some serious thought.
I learned coding on the various military machine languages. And I am proud
that I learned by learning the hardware first. Many times I have had to fix
code design by modern programers who got all messed up because there
lack of understanding of what is really happening at the register level in the
hardware. It is most likely some of the failures in the new antimissle defense
programs is that is the software is written by modern programmers with out
the proper control theory back ground or knowledge of what is happening at the
machine level.
>You may do what you want but code that relies on the special
>implementation of C on a particular machine is very difficult to read
>(especially for people who produce portable code, and who have learned
>not to rely on endianness or 32-bit long integer). Moreover, it is often
>considered that if an algorithm cannot be expressed in English with
>complete and unambiguous schematics, then it is not worth considering.
>
Yes my program counts on the indianess of the machine but you must
realize the goal was to make secure encryption for PC's I really could give a
rats ass if the NSA can't get it to run fast on a CRAY using some stupid
language like ADA. If you feel like good encryption is only good if it can be
expressed by the inventor with complete and unambiguous schematics then
you really only care about appearance and not reality.
>Therefore you will not get public attention unless you make the effort
>to document clearly your algorithm. Writing documentation is not as fun
>as coding but it must be done. Anyway, it is up to you.
>
> --Thomas Pornin
It is more fun to poke from the side lines. I am sure from some of the Email
I have gotten that there are intelligent people using my methods or design
ideas. I am good only at coding where I use to work they hired Engish major
flunkies who could BS any necessary documentarion so manager idiots could
think something was documented. If you can't flollow C and don't have a basic
understanding of the PC then you may have trouble with my method.
But that aside you have the code and program you can test it yourself
by running tests on what comes out. But even if I could use some the
mantra of the crypto gods to describe it they would not bless it since I
feel most of them are assholes in the true sense of the word. And in case
you have not figured it out. I never was much good at kissing ass. But I was
good at pissing the feds made me piss alot. I guess if I was a quite
obedient kiss ass chinaman (no offenise intended) I woud not have had to
piss so often for Uncle.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Why would a hacker reveal that he has broken a code?
Date: Wed, 26 May 1999 19:08:10 GMT
[EMAIL PROTECTED] (Terry Ritter) wrote, in part:
>I guess that depends upon what you mean by "honest": Are NSA people
>"honest" in your opinion?
I was leaving the NSA out of this; the original post advanced a
contention that a hacker of some type could beat the academic
community. This I do think is unlikely, despite the fact that someone
trying to commit a computer crime might be better motivated than a
typical academic researcher.
>But the issue here was not *whether* a hacker could break 3DES, but
>rather, supposing he did, what would make him declare his discovery?
I agree, the original poster had a valid point. But while hackers are
a serious threat to the security of computer systems, they aren't
really a big threat to cipher algorithms.
I admit there are certainly _real_ threats to the security of a cipher
that hasn't been academically broken yet. Threat 1: the NSA. Threat 2:
the academic community in the next several years (suppose your message
needs to _stay_ secret a while).
>>- and evidence that the NSA hadn't cracked it, say, 20 years ago.
>Certainly not. As far as I know, NSA stuff from the 70's hasn't been
>declassified. What are you talking about?
Here, I was thinking in terms of the rule-of-thumb estimate that the
NSA is 10 years ahead of the academic community. Which is why I said
evidence, not proof.
>But here "NSA" stands for all well-financed research groups who
>operate in secret, including many different countries, many different
>corporations, and even foundations which could finance a full research
>package as independent parts.
True, there are other cryptanalytic bureaus - and their intentions are
likely to be less benign than those of the NSA. It, however, is quite
properly reputed to be the one that is the most competent.
John Savard ( teneerf<- )
http://members.xoom.com/quadibloc/index.html
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: Give up; Scott is the unflappable undead.
Date: Wed, 26 May 1999 14:00:25 -0600
In article <7ihadu$1u6c$[EMAIL PROTECTED]>, [EMAIL PROTECTED]
(SCOTT19U.ZIP_GUY) wrote:
> The main reason I wrote so much on this group is not only to piss the
> phony crypto gods off but to entertain the more open minded individuals
> like yourself. Now for another entertaining thought. We have a token jewish
> person in jail for spying (Pollard unless Clinton has let him go yet) and we
> may soon have a token Chinese in jail (Lee). But beside the unusal story
> of not being able to abtain a wire tap on him. Which I find incredabel since
> you wave most of your rights as a citizen when you get clearance at his level
> and the circus of asking for a wite tap is usually avoided in the first place.
> Is any one in congress going to find out why this waiver was not used in the
> first place and why was his the only wiretap that reached the janet reno level
> that was turned down. Don't tell me there was probably cause in all the other
> cases and not this. If you belive that kind of Bullshit then you might as well
> belive the Chinese only give Clinton a pile of money becasue he is a great man
> of god. But enough of that. I think it is common knowledge we gave most our
> nuclear secrets to the Isreals and besides giving them Uranium and we may
> even have helped in the design of there arsenal that could be some day used
> to take out the Ashwan (bad spelling I know) dam. Maybe the secrets where
> leaked from the isreals to the chinese has anyone thought of that.
> Just a thought.
> And thanks again Frank keep on reading
>
Such random text surely has less redundancy than the average, should be
highly useful in key generation. Figure that Scott himself is less likely
to facilitate getting ulcers by careful retension of various comments than
almost anyone I know. Any disarray we see on his part is only second to
that of our nation's leadership. We learn today that the accused had
signed a waiver allowing seartch of his computer at any time.
We should suggest Scott for National Security Advisor since he is at least
a bit more paranoid than the current failure in that position; any change
would help. The down side would be that he would actually favor using his
encryption for serious purpose, and like any person in position, would
probably use that to push the stuff and NSA might actually be compelled to
give it an evaluation. I've tried to be a bit more silent of recent on
the current state of international events; it's certainly a moving feast
for critics, but hard to not only tell the good guys from the bad guys,
but to identify any really worthy good guys at all, which is also not far
from the current state of algorithms in the AES.
--
Weathermen prosphesize and insurance companies predict, while both pretend to be doing
the other to get an audience.
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Crossposted-To: talk.politics.crypto
Subject: Re: NSA proves banks use poor crypto
Date: Wed, 26 May 1999 20:36:51 GMT
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
(John Savard) wrote:
>[EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) wrote, in part:
>
>>"Newsweek magazine reports
>....
>>Clinton has authorized
>....
>>the National Security Agency to meddle with Milosevic's international bank
> accounts."
>
>Lucky for Bill Clinton that he doesn't have a Swiss bank account. In
>general, this sort of thing could be interpreted as a hostile act by
>the countries in which any of the affected banks are situated. But
>possibly the statement doesn't have quite the meaning it appears to.
>
>John Savard ( teneerf<- )
>http://members.xoom.com/quadibloc/index.html
How can one be sure if Billy does not have a swiss bank account along with
some high officals in the NSA that help to cover his crimes. But you are right
Clinton seems expert at saying one thing and then later claiming it means the
opposite and the media always seems to back him
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
