Cryptography-Digest Digest #640, Volume #9 Wed, 2 Jun 99 18:13:04 EDT
Contents:
Security Server/Please heeeeeelp ("Fay")
Re: Question about Cryptography/Encryption... ("Jean Marc Dieu")
Re: Question about Cryptography/Encryption... (Jean-Jacques Quisquater)
Re: Paper on Making Usenet "unerasable"? ("Nick Barron")
Re: Generating Random Numbers (Tim Tyler)
Re: The BRUCE SCHNEIER Tirade (Tim Redburn)
Re: bareface ratio ("Matt Timmermans")
Re: P3 and OTP (Paul Koning)
Re: Challenge to SCOTT19U.ZIP_GUY (Tim Redburn)
Re: The BRUCE SCHNEIER Tirade (John Savard)
----------------------------------------------------------------------------
From: "Fay" <[EMAIL PROTECTED]>
Subject: Security Server/Please heeeeeelp
Date: Wed, 2 Jun 1999 10:52:43 -0700
Hi All-
I relay need your help. I want to integrate a Certified Secure Server to our
web application/Server(IIS 4.0) which is ruining on NT machine. I read a
document and it says that I just have to select the Certified Server when
installing Option Pack for Window NT 4.0. I did that.
To generation a Certificate Request, which is the first step,
it says to go to Start menu->Programs->Microsoft Site Server->Commerce,
There is not such an entry "Commerce"???????
What did I do wrong? if I did something wrong on installation, how can
uninstall(only the Certified Server) on reinstall it???
Please helllllllpppp mmmmmeeee?
Also for generating Certificates it says
to go to Start menu->Programs->Command Prompt , again there is now Command
Prompt entry??
All the files that I installed did copied on \WINNT\System32.
Can I copy these files to another directory (just cut and paste) or there
will be other places where pointing to the place of this files and has been
setup during installation??
Thanx for your help
Fay
------------------------------
From: "Jean Marc Dieu" <[EMAIL PROTECTED]>
Subject: Re: Question about Cryptography/Encryption...
Date: Wed, 2 Jun 1999 21:06:57 +0200
Don't worry, everybody was once a beginner ;-D
Very good place where you can see that cryptography didn't come only with
computers:
http://members.xoom.com/quadibloc/jscrypt.htm
(John Savard's home page)
Jean Marc
UCL - Universit� Catholique de Louvain
Belgium
------------------------------
From: Jean-Jacques Quisquater <[EMAIL PROTECTED]>
Subject: Re: Question about Cryptography/Encryption...
Date: Wed, 02 Jun 1999 21:31:32 +0200
About the history of cryptology:
A nice book:
http://www.springer-ny.com/catalog/np/oct96np/DATA/3-540-60418-9.html
A nice journal:
http://www.dean.usma.edu/math/resource/pubs/cryptolo/index.htm
The nice collection from:
http://www.aegeanpress.com/books/fulllist.htm
In French:
http://www.dmi.ens.fr/~stern/livreeng.html
And many books for children or like
(see also Que sais-je? collection
http://www.puf.com/edition/coll/qsj/116.htm
where is the number 2112? :-)
Jean-Jacques Quisquater,
PS: Don't forget Kahn, NSA, ...
------------------------------
From: [EMAIL PROTECTED] ("Nick Barron")
Subject: Re: Paper on Making Usenet "unerasable"?
Date: Wed, 2 Jun 1999 19:44:16 GMT
In article
<[EMAIL PROTECTED]>
, [EMAIL PROTECTED] (Elf Sternberg) wrote:
>
> A year or so ago I stumbled on a paper with a
number of
> interesting suggestings for making documents difficult,
if not
> impossible,
> to erase. There were a number of proposals in the paper,
the most
Sounds like Ross Anderson's paper on the "Eternity
service". Try http://www.cl.cam.ac.uk/users/rja14 or
thereabouts.
------------------------------
Crossposted-To: sci.math
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: Generating Random Numbers
Reply-To: [EMAIL PROTECTED]
Date: Wed, 2 Jun 1999 20:50:01 GMT
Grimace <[EMAIL PROTECTED]> wrote in a crazy crossposted manner:
: Rochus Wessels wrote in message ...
:>I didn't write this message.
: I *think* it's a bot, that stores a big list of genuine posters --
: their names and email addresses, by the looks of it -- and posts
: garbage messages appearing to originate from them.
: I know not the purpose. However if it's killed your original message,
: it looks like this is a mildly more sophisticated version of the
: original scam.
: Ho and-very-much hum.
One supposed 'purpose' of such 'bots' is to indicate some people's
displeasure with "Supercedes" and "Cancels", and the effective
infringement of free speech on usenet these produce. Grrrr ;-)
--
__________
|im |yler The Mandala Centre http://www.mandala.co.uk/ [EMAIL PROTECTED]
Madness takes its toll. Please have exact change.
------------------------------
From: [EMAIL PROTECTED] (Tim Redburn)
Crossposted-To: talk.politics.crypto,alt.privacy
Subject: Re: The BRUCE SCHNEIER Tirade
Date: Wed, 02 Jun 1999 21:03:44 GMT
On Wed, 02 Jun 1999 01:56:35 GMT, [EMAIL PROTECTED]
(SCOTT19U.ZIP_GUY) wrote:
>In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Tim
>Redburn) wrote:
>
<snip>
>>identical to the problems of using a OTP, and therefore if someone
>>finds a practical use for scott19u.zip then they would be better
>>off going for the proven OTP.
>
> I think you are being mislead in that you feel one needs to use
>the long key feature. You could in theory use almost any file as
>the source of keyenc.key And then use a short phrase of 128 bits
>or whatever your heart desires. It is just that you don't have to
>use a short key of less than a thousand bits unless you really
>have your heart set on it.
>
The problem with scott19u.zip is that a 128bit key given to the
algorithm, does NOT produce 128bits of security. There
is a loss of entropy during the S-Box setup method.
<snip>
>>
>>by the compiler so long names won't affect the running of your
>>program, but it will make the source a heck of a lot easier to read.
>>
>
> I plan on releasing a more complicated version but still waiting for
What !!! a **more** complicated version. Didn't you learn from this
version ? Keep things clear and simple, and easy to read if you want
anyone to analyse it.
>the price of a k6-3 machine to drop in price. Then I will have more
>time. I think you may be getting lost in the menu section which I admit
>is very poor. But the method really is in the last four subroutines
>
I don't actually run the software, for the reason you mention amongst
others, but even the doEnce function is hard to follow due to the
nonsense variable names used.
>>
>>The macros used for the 19bit access also make it extremly hard
>>to read, but add nothing to security - the NSA, MI6 , DFS, and other
>>gourps (only joking on the DFS one before any complains) would give
>>new recruits the task of 'deciphering' your source and then
>>it would probably only take a few days to crack your algorithm
>>(Yes - that is my opinion based solely on the fact that you, the
>>designer, couldn't accurately determine the
>>effective key length of your own algorithm)
>>
>
> It took a long time to develop those macros I had many more but the
>compiler barfed when the level got deeper.
I don't blame it.
>The macros were meant to
>make it easier in the main program since they hanfle most of the problems
>of 19bit access on a machine that really was made to do 8 16 or 32 bits.
>
Personally, I don't like code hidden away in macros, just to 'make
things easier'. This means that you have to trust the macro writer did
his / her job properly. Why not use functions instead ?
And stick
to one method, there seem to be places in your code where you use
one method to access the tables one minute, then another the next.
>
>>Every time you reuse a key, you double the amount of information
>>that an attacker has as to the value of the key. With all your
>>paranoia over security, million bit keys, etc, I would have thought
>>that reusing a key would be the last thing you would do.
>
> Well you thought wrong
So Shannon was wrong then? All his work on unicity distance was
rubbish ? Is that really what you're saying ?
With the size of key that you are using, it is likely that for a few
megabytes of ciphertext, there are a many keys that would give
sensible decryptions, however, if the number of ciphertexts gets
large enough, then there will be fewer and fewer possible keys.
This makes deciphering easier. If you want maximum security then
change keys often, and don't re-encrypt the same plaintext twice.
>however in the next version I may have the ability
>of a changing key each time 2 people exchange messages the key they use
>would change. I feel this is an important feature that is lacking. It also
How do you propose this, without causing all the practical problems
of a OTP ?
>makes it such that if the NSA or other group was saving your old encrypted
>messages then even you would not be able to recover the previous keys.
>
>>
>>As far as I can tell, but for the reasons mentioned above - ie
>>hard to read source code, I can't be sure, I think that the
>>main security of scott19u.zip lies in substituting from the
>>key dependant S-Box.
>
> The reason the Key is so long is that I wanted the ability for
>any single cycle S-table to be used. However I am writting and
>will put out a program that allows one using AES or IDEA or
>what ever and still be able to use "wrapped PCBC" however
So is "wrapped PCBC" where you believe the security of your
algorithm lies ?
<snip>
>>Becasue of the size of the key, it is not possible to memorize it, so
>>some means of securely storing it is necessary. most people
>>have only small amounts of information that needs really securely
>>storing (ie their bank details, medical records, emails etc, in which
>>case if they have a way of securely storing the scott19u.zip key, then
>>why not just use that means to store the data they need securing.
>>
>
> Well you can use any size you want so it is as easy to rember
>as anything else.
So long as you are not bothered what the exact level of security is.
Scott19u.zip's S-Box setup routine loses entropy from the key.
>
>>
>>Also,long keys, while offering potentially high security (dependant of
>>course on many other factors), have to be stored somewhere.
>>They are then vulnerable to searches by police with search warrants,
>>MI6 etc sneaking into your house etc. While 128bits might not offer
>>huge security (dependant on your opinion) they are at least
>>memorizable and if handled properly, ie not written down, they are
>>secure from search warrants, intruders etc.
>
> use a 128bit key as your password to some other file which you copy
>to keyenc.key when you run the program no problem.
For the third time, scott19u.zip's SBox set up routine loses entropy
from the key. You will get less security than you think.
>
>>There could be some newbie reading this now that is thinking
>>of seriously using scott19u.zip .........deep breath.......and they
>>may need to know these things, who hasn't had the luxury
>>of past posts, and who is also in the same position as me and
>>many others in the UK over phone call charges.
>>
> look at the web pages horst wrote at my site
I did in the past, and found them to be inaccurate, so I will not be
wasting any more time reading them.
<snip>
>>or .....better still.... provide a clear concise description of the
>>algorithm (ignore file handling and any other parts not directly
>>related to cryptography), in such a way the somebody could implement
>>the algorithm itself in their own apps.
>
> I hope that some one writes it in a way you can see it.
>
Who better than the algorithms designer ?
>>
>>Oh well........ heres to dreaming ....... I'm sure all these things
>>have been requested before.........well.... if you're too scared to
>>rise to the challenge .........thought so ........ carry on handwaving
>>and insulting all those that are trying to help you.
>>
>
> I can;t write sorry my friend
>
You make a reasonable effort at writing in this news group (far from
perfect, but usually understandable). Thats all thats needed for the
description.
- Tim.
------------------------------
From: "Matt Timmermans" <[EMAIL PROTECTED]>
Crossposted-To: comp.lang.perl.misc
Subject: Re: bareface ratio
Date: Wed, 2 Jun 1999 17:31:33 -0400
Greg Bartels wrote in message <[EMAIL PROTECTED]>...
>so, if you have a question, and no one
>is responding, you can still get the
>answer, all you have to do is make something
>up first (bareface it), and the
>corrections will flood in.
But this is blackmail.
I assume we're talking about corrections from those who know what they're
talking about, rather than people who just like to flame -- otherwise your
suggestion is pointless, yes?
These people often don't answer questions, for a variety of good reasons
(see 160 line dissertation posted previously).
The same people _will_ correct errors, however, because allowing the mass of
usenet readers to be misinformed is a far greater negligence (3 times
worse?) than allowing an original poster to go unanswered. Someone
following your suggestion essentially says "someone better correct me, or
the rest of these readers will suffer too!" [waves gun, jumps up and down,
stares at you eyebrow twitching, etc.].
I would also suggest that if you actually can phrase your question in the
form of an incorrect assertion, then you can probably phrase it the form of
a question that will get answered.
------------------------------
From: Paul Koning <[EMAIL PROTECTED]>
Subject: Re: P3 and OTP
Date: Wed, 02 Jun 1999 11:00:24 -0400
Greg Bartels wrote:
>
> two thousand dollars will get you a
> 1) pentium III with random bit generator...
But I don't think anyone has yet published any analysis
of that generator, so there is no basis on which to believe
that it is a good generator.
paul
------------------------------
From: [EMAIL PROTECTED] (Tim Redburn)
Subject: Re: Challenge to SCOTT19U.ZIP_GUY
Date: Wed, 02 Jun 1999 21:03:46 GMT
On Wed, 02 Jun 1999 02:17:42 GMT, [EMAIL PROTECTED]
(SCOTT19U.ZIP_GUY) wrote:
>In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Tim
>Redburn) wrote:
>>------------------------------------------------------------------
>> ******* THE CHALLENGE ******
>>------------------------------------------------------------------
>>
>>David, if you think the algorithm is as secure
>>as you claim, then take the following challenge.....
>>
>>Rewrite the source code in a form that is
>>easily readable by humans. Use descriptive variable
>>names, avoid macros, etc..
>
> I can't use long names. I actaully bent over backwards to
>use long names. At work the only time I could use long names
>was to name varibles after people I know. I worked on a quaterion
>update for a interial navagation system one time and they begged
>for long names. If you ever see the term "directional analog scaler"
>I made it up. Some one asked a few years later where I got the math
>for it. I said I made it up look at the initials. Again i like x y z for
>variables. I can't speel consistantly enough to write like words.
> At work I have had to debug look programs one of the first things i do
>is change the varibles to shorter names so I can look at code and get
>the stupid words out of the way. It would not be possible to use more
>descriptive varables. I wish you knew my former bosses they would back
>up this claim.
>
Now I understand why you keep talking about former bosses, previous
jobs, etc.....
I don't know about anyone else but I find :
volume = width * height * depth;
easier to read and understand than:
v = w * h * d;
Here is a small extract from scott19u.c,
it is from the beginning of the function:
"void doEnce(p19 * a, un32 x)"
=========================================================
/* encrypts a file using 19 bit words */
un32 iz, izz, i, j, ip, ipp, k, i19, i19s, jj;
p19 *pp19;
po19 *ppo19;
void *v;
if (x < 8) {
printf(" this method for 8 or more characters only \n");
exit(1);
}
=========================================================
An obvious start would be to change 'x' to
'text_length_in_characters' or something similar, so that it is
instantly understandable at any point in the code, even places
where you don't have the printf statement giving you clues.
Unfortunately that is the only easy one.
Would anyone like to suggest what the other variables
might be referring to ?
Most people just don't have the spare time to work out just what the
variables are used for. Many would like to analyse your algorithm,
but are hampered by having to waste time working out
what your algorithm actually is.
>>
>>Take a few days to write an accraute, concise
>>descrption of the algorithm that can be used by
>>those who have no programming background to
>>have a go at analysing it.
>
> I am writting in straight C no GNU or DJGPP or endian stuff
That is *not* a plain english description suitable for
non-programmers. Many cryptographers are mathematicians
more than they are programmers, and don't
want the bother of deciphering poorly written* source code.
(*from a human readable point of view.)
>a wrapper program for "wrapped PCBC" so any one can use
>it I think this will go a long way to anwsering any questions
>it will be as short a listing as possible.
>
Why ? Unless thats where you believe the sum total of scott19u.zip's
security lies ?
<snip>
>>
>>As it is, it's a fair bet that you are the only one thats
>>currently using it.
>>
>
> No I have had letters from people as far away as germany
>thanking me for this product so some people are using it
>but I think they are keep a low profile.
>
How many in total, considering it's available free of charge
to anyone with internet access. Downloads don't count - I
downloaded it, but have no intention of using it, not
while it's so hard to analyse anyway.
>
>>Please respond to this post with a post confirming
>>if you accept this challenge or not.
>>
>>If you don't accept it, please, calmly give your reasons for
>>all to read.
>>
>>- Tim
>
> I can't rewrite it easily but wait till you see the easy to use
>wrapper code. It will be written for understanding not for efficency
>and will have no macros.
>
A 286 PC with MS-DOS and "edit" is all you need. I don't
understand why you can't rewrite it.
I'm not interested in wrappers - there's to much wrapping on things
these days, just think about the environment - we just want to get
at the core of your algorithm and see where the security really lies,
your reluctance to describe it clearly gives people doubts as to
it's strength and gives people the impression of security through
obscurity.
Clear, readable source code, and a clear concise description,
thats all many on this newsgroup ask. It's not difficult, but
until you provide them, don't complain when many on this group
treat your algorithm with great scepticism.
You don't seem to be jumping to this fairly easy challenge !!!
Until you do, the doubters will persist.
- Tim.
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Crossposted-To: talk.politics.crypto,alt.privacy
Subject: Re: The BRUCE SCHNEIER Tirade
Date: Wed, 02 Jun 1999 21:53:01 GMT
[EMAIL PROTECTED] wrote, in part:
>Not quite the same. The key is static and an offsite backup of it is a
>perfect image. The data is variable and an offsite backup of it is
>stale.
>The technical term for this is fail-safe. Volatile data isn't.
I'm getting puzzled here.
My original reasoning for stating that the one-time-pad is useless for
filesystem encryption, a la Scramdisk, is that if one can store X megs
of key securely - and have access to it whenever you need your data -
then you could just put your X megs of data "on a floppy, in a wall
safe" or whatever.
Clearly, if you disagreed, you may have thought of a different way to
use the OTP, and it seems you have.
On-site, you have a computer which, when it becomes unattended, has
the sensitive data on it encrypted by a sheet from the OTP. The OTP is
kept with security guaranteed by _volatility_, something that can't be
applied to the data ... and the correct page of the OTP can be
recovered from an off-site backup.
While I still wouldn't consider such a scheme a reasonable alternative
to conventional secret-key encryption in almost any case, still, you
have indeed proven your point: you have come up with a scheme by means
of which the OTP could provide security for filesystem encryption.
I can't really persuade myself that any device for volatile key
storage would *really* be safer than a decent conventional encryption
algorithm, even so, but that is a matter of taste, and does not
invalidate your design.
John Savard ( teneerf<- )
http://members.xoom.com/quadibloc/index.html
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
