Cryptography-Digest Digest #612, Volume #9 Fri, 28 May 99 16:13:02 EDT
Contents:
Re: The BRUCE SCHNEIER Tirade (SCOTT19U.ZIP_GUY)
Re: The BRUCE SCHNEIER Tirade (Jerry Coffin)
Re: evaluation cryptographic algorithms (Jerry Coffin)
Re: The BRUCE SCHNEIER Tirade (Terry Ritter)
Re: The BRUCE SCHNEIER Tirade (Guenther Brunthaler)
Re: The BRUCE SCHNEIER Tirade (SCOTT19U.ZIP_GUY)
Logic Design Emulator ("John Pappas")
Re: evaluation cryptographic algorithms (Terry Ritter)
Re: The BRUCE SCHNEIER Tirade (David Hamilton)
Re: Why would a hacker reveal that he has broken a code? (wtshaw)
Re: The BRUCE SCHNEIER Tirade ("jay")
Re: The BRUCE SCHNEIER Tirade (Jim Dunnett)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Crossposted-To: talk.politics.crypto,alt.privacy
Subject: Re: The BRUCE SCHNEIER Tirade
Date: Fri, 28 May 1999 20:06:25 GMT
In article <7imgim$pp3$[EMAIL PROTECTED]>, [EMAIL PROTECTED] wrote:
>I have read this entire thread, up to now and I am amazed of how much
>crap was included in all these messages. Now including my own. I am not
>going to debate the OTP issues (I do agree with Bruce Schneier,
>however) I just wanted to comment on how personal some people get when
>debating, usually this signifies a defeat on the person doing the
>attacking. If you don't have facts, then personally attack the
>opponent. It also appears that David A. Scott, AKA, SCOTT19U.ZIP_GUY
>attacks people that do not agree with him far more than Mr. Schneier
>ever has.
>
I don't feel like I attack people more tham Mr BS himself. But I feel that
he is more poltically skilled in his attacks so he appeals to the stuffed
shirt kind of guys. I just am more of a Red Neck and don't hide behind words
I do go out of the way to use Snake Oil Terms when I describle stuff because I
feel the only rules are for anal rententive jerks. It is more fun being an
outsider than a follower of a pretend know it all crypto god. His remarks
about the OTP where obvisously dead wrong and he knew it when he made
those remarks. I am surprised most people feared to state the truth becasue it
might hurt his delicate feelings.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
From: [EMAIL PROTECTED] (Jerry Coffin)
Crossposted-To: talk.politics.crypto,alt.privacy
Subject: Re: The BRUCE SCHNEIER Tirade
Date: Fri, 28 May 1999 12:21:57 -0600
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
says...
[ ... ]
> A true one-time pad is... unusable? Why: because no one has shown how
> it can be done yet?
The problems with OTP stem from the key. First of all, the key has to
be as large as the plain-text you're using. It must be distributed
securely, and once some key text is used, it must never be reused, and
should preferably be destroyed.
Second, the key must be really, truly, completely random. With
hardware devoted to the purpose (e.g. measuring atomic decay), it's
possible to create truly random numbers fairly easily. OTOH, using
things you can do in (say) portable code written in C, Scheme, Ada,
etc., it's impossible.
In the typical case, you basically use some sort of algorithmic
pseudo-random number generator, and treat its output as the random
bytes you combine with the plain-text to produce the cyphertext. This
is NOT an OTP at all: it's a stream cipher.
That's not necessarily a bad thing: a well designed stream cipher can
be an excellent form of encryption. Despite the possibility of being
highly secure, it's NOT an OTP, and will never be one.
To summarize: to qualify as an OTP, there must be absolutely,
positively NO way anybody can reproduce the key used in any way
whatsoever. If the key can be produced in ANY way other than
obtaining the complete key itself, what's being used never has been,
is not, and never will be, a one time pad.
> If no retraction is forthcoming: so be it. It will be his credibility
> that may be effected.
I doubt it. Do you honestly require that the user of your software
have a method of securely transmit just as much text as what they
transmit encrypted? If not, there's absolutely NO possibility of your
software using a one-time pad. If so, your software is certainly NOT
suited to general-purpose use.
> I know of no facts or have not heard Mr. SCHNEIER offer any material
> fact(s) that support his claim that Ciphile Software with Original
> Absolute Privacy - Level3 is actually pretending to be anything. OAP-L3
> is an extremely secure encryption software product, and this claim is
> supported by the facts.
The fact that it's not an OTP doesn't mean it's insecure. Your claim
that it's an OTP if it's not, mean that either you're a liar or you
don't really know much about cryptography. Neither of these inspires
confidence in your product.
> "... your software is, so far as I can tell, bulletproof."
Here, of course, is the major problem: unless the person who wrote
this knows a great deal about cryptanalysis, (s)he CAN'T tell. Even
truly awful cryptography looks bulletproof to somebody who doesn't
know what they're doing.
> I think it is best to let an UNBIASED WELL INFORMED public decide
> the merits of Ciphile Software's OAP-L3.
Do you honestly believe the public is generally well-informed about
cryptography? The reality is, the average member of the public has no
more clue about cryptography than (s)he has about the details of
fabricating chips using .18 micron technology. Furthermore the
average member of the "well-informed" public doesn't WANT to know
about either one.
There is one difference, however. When/if the CPU in the computer
doesn't work, the average member of the well-informed (or even ill-
informed) public can pretty quickly tell that something's wrong. By
contrast, when/if encryption doesn't work, the average member of the
public has absolutely NO way of knowing that anything's wrong at all.
------------------------------
From: [EMAIL PROTECTED] (Jerry Coffin)
Subject: Re: evaluation cryptographic algorithms
Date: Fri, 28 May 1999 12:21:55 -0600
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] says...
[ ... ]
> Asymetric/symmetric keys are generally not comparable to each other.
> Asymmetric keys need to be much bigger to provide the same security.
Yes and no -- two particularly common forms of public-key encryption,
(those based on a product of two large primes, and upon logarithms in
a discrete field) require much larger keys to be effective. There are
other forms of public-key cryptography (e.g. based on elliptical
curves) that do NOT require such large keys to be effective.
Only when another form of public-key encryption is invented will it be
possible to know how large of a key it will need to be effective.
------------------------------
From: [EMAIL PROTECTED] (Terry Ritter)
Crossposted-To: talk.politics.crypto,alt.privacy
Subject: Re: The BRUCE SCHNEIER Tirade
Date: Fri, 28 May 1999 19:34:54 GMT
On Fri, 28 May 1999 12:21:57 -0600, in
<[EMAIL PROTECTED]>, in sci.crypt
[EMAIL PROTECTED] (Jerry Coffin) wrote:
>[...]
>When/if the CPU in the computer
>doesn't work, the average member of the well-informed (or even ill-
>informed) public can pretty quickly tell that something's wrong. By
>contrast, when/if encryption doesn't work, the average member of the
>public has absolutely NO way of knowing that anything's wrong at all.
I would go beyond that: When a cipher is used for real, even an
expert has no way to know that it is being broken in secret and our
information exposed and harvested.
The advantage an expert has is the ability to identify particular
ciphers which have been broken or are thought weak. But if the cipher
has no known break (a common case for actual use), the expert is no
more informed than any other user.
In cryptography it is irrational and dangerous to assume strength
simply because no weakness has been shown.
---
Terry Ritter [EMAIL PROTECTED] http://www.io.com/~ritter/
Crypto Glossary http://www.io.com/~ritter/GLOSSARY.HTM
------------------------------
From: [EMAIL PROTECTED] (Guenther Brunthaler)
Subject: Re: The BRUCE SCHNEIER Tirade
Date: Fri, 28 May 1999 18:32:40 GMT
On Thu, 27 May 1999 22:49:34 -0400, "Brian Hetrick"
<[EMAIL PROTECTED]> wrote:
>understand permutations -- you say that there are 14! ways of
perhaps he has accomplished a 14 bit encryption - it's certainly very
powerful... :-)
>What Ciphile is selling looks and smells like snake oil to me. That
>your response to Bruce Schneier saying "look! snake oil!" is respond
Now you are getting unfair. If his buddies at the NSA tell us that
this is no snake oil - then it simply can't be snake oil, that's for
sure. Period.
Greetings,
Guenther
--
Note: the 'From'-address shown in the header is an Anti-Spam
fake-address. Please remove 'nospam.' from the address in order
to get my real email address.
In order to get my public RSA PGP-key, send mail with blank body
to: [EMAIL PROTECTED]
Subject: get 0x2D2F0683
Key ID: 2D2F0683, 1024 bit, created 1993/02/05
Fingerprint: 11 71 47 2F AF 2F CD F4 E6 78 D5 E5 3E DD 07 B5
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Crossposted-To: talk.politics.crypto,alt.privacy
Subject: Re: The BRUCE SCHNEIER Tirade
Date: Fri, 28 May 1999 19:54:33 GMT
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] wrote:
>"Omar N. Ikley" wrote:
>
>> Anthony Stephen Szopa <[EMAIL PROTECTED]> wrote:
>>
>> >The BRUCE SCHNEIER Tirade
>>
>> You should be proud to be worthy of the attention of the likes of Bruce
>> Schneier.
>> --
>> "Omar N. Ikley" better known as [EMAIL PROTECTED]
>> 0123 4 56789 <- Use this key to decode my email address.
>> Fun & Free - http://www.5X5poker.com/
>
>I told BRUCE SCHNEIER that any publicity is good publicity and thanked
>him.
>
>The NSA has visited my web site repeatedly. They are professionals.
>You can be sure they have a thorough analysis of my encryption method.
>
>And hey, bub, they are not sharing it with any of you.
>
>I pretty much hear nothing but cop-out replies to my posts that avoid
>the issues, and nearly all fail to demonstrate even the simplest
>understanding of what I am proposing as a secure encryption method. If
>none of you are willing to make an intelligent criticism why waste your
>time. I would think a serious person or professional would have more
>important things to do.
>
>I keep hearing demands to prove my claims as if I need to do more than I
>already have. Only a very few serious pointed questions have ever been
>put to me regarding OAP-L3 and I answered these to the satisfaction of
>the person making the inquiry.
>
>I really believe some of you would relish the sight of me begging for a
>fair hearing. I think this is a legitimate observation that can be
>supported from your many posts regarding OAP-L3.
>
>We have all heard the perfected answer why the true OTP is "unusable."
>Nothing new here. So why offer nothing to advance the discussion? Is
>this all you have to offer?
>
>We all know that all existing mathematical equation based encryption
>software takes an easier approach with some very good results.
>
>If I generate a pseudo random digit stream using various bit / byte
>manipulation processes that accept random user input parameters, I
>am also simply using a short cut for getting at the desired result.
>
>Are my generated pseudo random numbers any more or less random than
>those effectively genertated by PGP, RSA, Blowfish, etc.? This is what
>you really need to find out. But it seems that most of you really don't
>want to find this out. So much for professionalism. So much for the
>inquisitive mind.
>
>If you are interested you can simply go to http://www.ciphile.com and
>download the pre release help files from the Windows GUI Version 4.0 or
>send me an email to get a pre release shareware copy of the software.
>
I for one would like to download it to look at but it has been my
experience that sites like yours only contain an executable and do not
contain the source code. My site unlike most I have visited include the
source code as well as pointers to the DGJPP site so that any one with a
PC do duplicate the results. Can this be done with your site??
If not I am not interested. Becasue other wise it is a wast of time.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
From: "John Pappas" <[EMAIL PROTECTED]>
Subject: Logic Design Emulator
Date: Thu, 27 May 1999 16:10:21 +0300
Does anyone know of a good (cracked) Digital Logic Design Software that can
emulate the given cirquits????
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Terry Ritter)
Subject: Re: evaluation cryptographic algorithms
Date: Fri, 28 May 1999 19:54:44 GMT
On Fri, 28 May 1999 12:05:25 -0500, in
<[EMAIL PROTECTED]>, in sci.crypt Medical Electronics
Lab <[EMAIL PROTECTED]> wrote:
>[...]
>A cipher is assumed "strong" if it can withstand all known attacks.
*Assuming* a cipher is "strong" simply because *we* cannot break it
means that if the cipher ever *is* broken in secret, we will *still*
assume that cipher is "strong" even while our information is being
harvested. That seems like a strange meaning for "strength."
---
Terry Ritter [EMAIL PROTECTED] http://www.io.com/~ritter/
Crypto Glossary http://www.io.com/~ritter/GLOSSARY.HTM
------------------------------
From: [EMAIL PROTECTED] (David Hamilton)
Crossposted-To: talk.politics.crypto,alt.privacy
Subject: Re: The BRUCE SCHNEIER Tirade
Date: Fri, 28 May 1999 20:00:39 GMT
=====BEGIN PGP SIGNED MESSAGE=====
Anthony Stephen Szopa <[EMAIL PROTECTED]> wrote:
>The BRUCE SCHNEIER Tirade
(snip some)
Did you use the phrase 'pseudo one-time pad generator'? If you did, then
since pseudo (in combinations) means 'false, apparent, supposed but not real'
(source: The Pocket Oxford Dictionary 7th Ed.) then your software is not an
OTP generator. So, why did you use that phrase?
I bet we'll get some adverts shortly. Oh, here they are.
>OAP-L3
>is an extremely secure encryption software product, and this claim is
>supported by the facts. This has always been apparent from the
>documentation available at the web site past and present. The software
>is readily available as SHAREWARE as well.
You say your claim is supported by the facts. Can you provide documentary
evidence of any eminent cryptographers who believe your claim? Can you
provide documentary evidence of anyone who believes your claim ... and their
cryptographic qualifications and experience?
(snip some)
>About Ciphile Software and Original Absolute Privacy - Level3 Encryption
>Software -
>
>"... your software is, so far as I can tell, bulletproof."
My mother once thought I played a brilliant game of chess ... but she knows
virtually nothing about chess, so her view doesn't count for much. What are
the cryptographic qualifications and experience of the originator of the
above 'bulletproof' quote?
>"It's an amazing package."
What are the relevant qualifications and experience of the originator of the
above 'amazing' quote?
(snip some)
David Hamilton. Only I give the right to read what I write and PGP allows me
to make that choice. Use PGP now.
I have revoked 2048 bit RSA key ID 0x40F703B9. Please do not use. Do use:-
2048bit rsa ID=0xFA412179 Fp=08DE A9CB D8D8 B282 FA14 58F6 69CE D32D
4096bit dh ID=0xA07AEA5E Fp=28BA 9E4C CA47 09C3 7B8A CE14 36F3 3560 A07A EA5E
Both keys dated 1998/04/08 with sole UserID=<[EMAIL PROTECTED]>
=====BEGIN PGP SIGNATURE=====
Version: PGPfreeware 5.5.3i for non-commercial use <http://www.pgpi.com>
Comment: Signed with 2048 bit RSA key
iQEVAwUBN07L/co1RmX6QSF5AQGSQQf+LBCiPLPHLd2/3Uz9tk6T91C4liNJ3aMY
q4tPDG5sBoBQE3l4/kPndt/TidSwAFz8ftrHPRWdnlw213nxVqdFCfySiAc76Au/
bCbpEaHGcGdyR8Z8lbmHTWqnwpoxYm972fXZSsGOsswMes9ooO+vh4T1PL/Hh0ac
STlPKbD7ewKcKeaiPAt7ybU7clOyU5A6eRjvmoCjvtADrlg484puHlHCG2JKkgol
kj6qVHZLtziDz3MXCnPh2bkKrpC5ShJUUEUs78qXszjBlrLFGS/XKKH5rTHFOw0F
lF9WcPSkdGqhuQbTakdRw70JjbNjImKaDZ/R+YMd6zSUvHhm7yYH7A==
=5neT
=====END PGP SIGNATURE=====
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: Why would a hacker reveal that he has broken a code?
Date: Fri, 28 May 1999 14:04:43 -0600
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Terry Ritter) wrote:
>
> I will not be held responsible for bean-counter logic!
>
Conclusions that a system is good founded on not knowing of any
compromising attack are as supportive of algorithms in much the same way
that cartoon characters fail to fall unless they realize that a chasm is
beneath them.
Better to know of the limitations of probably attacks and play against
making them practical. Many factors are involved in defining a good
algorithm, not just resistance against any attack except brute force.
--
Weathermen prosphesize and insurance companies predict, while both pretend to be doing
the other to get an audience.
------------------------------
From: "jay" <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto,alt.privacy
Subject: Re: The BRUCE SCHNEIER Tirade
Date: 28 May 1999 19:29:23 GMT
SCOTT19U.ZIP_GUY <[EMAIL PROTECTED]> wrote in article
<7im84k$1m5s$[EMAIL PROTECTED]>...
>
> Actually Bruce stuck his foot in his mouth. He should now better than
to
> spout the BS about a OTP since it is PROVABLE SECURE and Bruce
> knows it.
What is it about the words 'provably secure' that gets these guys so
excited. OTP is provably secure under a very few circumstances, which have
little to do with the practical world. In ALL OTHER CASES it is far weaker
than vetted algorithms.
* Key is the size of message (difficult to transmit)
* Key cannot be kept in memory (with effort a good symmetric key can be
memorized)
* Large key is difficult to store safely. (a good symmetric key can be well
hidden, on paper or other format if necessary)
Of course many people have *repeatedly* pointed this out, but these guys
keep repeating 'provably secure' with knee-jerk regularity. I am somehow
reminded of the amateur inventors of perpetual motion machines who
(sometimes sincerely) cannot understand what is wrong with their favorite
idea, but refuse to accept that some people really know more about this
than they do.
You want to prove how clever you are? Crack Blowfish and publish it.
jay
------------------------------
From: [EMAIL PROTECTED] (Jim Dunnett)
Crossposted-To: talk.politics.crypto,alt.privacy
Subject: Re: The BRUCE SCHNEIER Tirade
Date: Fri, 28 May 1999 19:08:22 GMT
Reply-To: Jim Dunnett
On Fri, 28 May 1999 10:28:05 GMT, [EMAIL PROTECTED] (John
Kennedy) wrote:
>On Thu, 27 May 1999 21:21:43 -0400, "Eric W Braeden"
><[EMAIL PROTECTED]> wrote:
>
>>Anthony Stephen Szopa,
>> The rules are simple: Your system, like ALL others, is
>>just so much crap until you put all your cards on the table
>>so that, if you are lucky, after YEARS, if pros want to do
>>the analysis, your system MY be considered OK.
>> Your so-called Tirade just removed you from any
>>consideration from the pros. This is cool because now
>>no one has to waste time looking at your system.
>> Get a job...in a field where you have talent...if you
>>have any.
>
>I don't see anything wrong with asking why a true one time pad is
>supposed to be unusable.
It's not supposed. It IS unbreakable provided the key
is random and only ever used once.
Try every possible key and you end up with every
possible plaintext of the length of the cryptogram.
Most will be garbage, but if the cryptogram is long
enough, you will come up with every possible text of
that length. And you're better off because you will
never know which is the genuine plaintext.
In practice the problems with OTP are: you need masses
of key. One byte of key for each byte of plaintext sent,
which can only be used once. You have to distribute
sufficient key to any or all your correspondents by
secure means.
--
Regards, Jim. | If you want a picture of the future,
olympus%jimdee.prestel.co.uk | imagine a boot stamping on a human
[EMAIL PROTECTED] | face for ever.
dynastic%cwcom.net |
nordland%lineone.net | - George Orwell 1903-1950.
Pgp key: pgpkeys.mit.edu:11371
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
