Cryptography-Digest Digest #692, Volume #9 Thu, 10 Jun 99 21:13:03 EDT
Contents:
Re: Does scott19u.zip make full use of it's large key size ? (SCOTT19U.ZIP_GUY)
Re: Does scott19u.zip make full use of it's large key size ? (SCOTT19U.ZIP_GUY)
Re: Cracking DES (fungus)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Does scott19u.zip make full use of it's large key size ?
Date: Fri, 11 Jun 1999 01:03:45 GMT
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Tim
Redburn) wrote:
>On Thu, 10 Jun 1999 03:45:19 -1000, Horst Ossifrage <[EMAIL PROTECTED]>
>wrote:
>
><snip>
>>Yes, memory is cheap. Your computer can easily handle it.
>>
>
>That wasn't my reason for mentioning it. The reason I mentioned
>it was because it means that it is very unlikely that all entries will
>be used for a typical encryption. Hence much of the key
>will be wasted.
>
What your sadly not understanding is that for a short message
of lets say 100 bits. It is fine if that message is a function of only 100
bits of the key. A OTP is an example. However it would be bad if
for every 100 bit message the same 100bits of the key where a direct
function of the encryption. since if the same 100 bits where used over
and over it would be as easy easy to break as a OTP used more than
once so that the same 100 bits are resued. In my code it is possilbe just
by variing the first 19 bits leaving all else the same to hit any entry in the
S-table. so which bits are used as you say are a function of the message.
The problem may not be your lack of intelligence. But the fact you are use
to using very short key methods where if one decrypting to engish all the bits
would be used over and over and the only one english solution possilbe is the
one you encrypted. In long key methods there are many many possilbe
english like anwesers so that one rarely knows if they have the correct guess
at a solution. This is not what inrelligence groups like to see it makes there
job harder.
I truely am surprised at your lack of knowledge and wonder what your
reasoning is behind what I think you should even understand to be true.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Does scott19u.zip make full use of it's large key size ?
Date: Fri, 11 Jun 1999 00:42:14 GMT
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Tim
Redburn) wrote:
>On Thu, 10 Jun 1999 02:19:16 GMT, [EMAIL PROTECTED]
>(SCOTT19U.ZIP_GUY) wrote:
>
><snip>
>> Well by defination the S-box is reverseable so
>>how could 2 entries go to the same values. I am
>>not sure what you are trying to drive at here. In
>>some coding methods where noise added the S-boxes
>>might be non reversable but to use the S-box as a
>>general encryption device it has to be reversible.
>>
>
>Not true. I have just consulted AC2 and the S-Boxes
>for DES contain repeated entries. It is the feistel
>nature of DES and other similar ciphers that
>enables the S-Box, or other functions for that
>matter, to be one way. In the case of DES, the
>S-Box also does compression (not to a useful
>extend though because expansions are done elswhere).
IF the S-box is used directly in the encryption it has to
be reverseable. However if used to add noise or a nonlinearity
it can be used if the actaul data is somehow combined later
with some other path in the code that allows the reverseable
feature since encryption that is not reversible is not really useful
except for hashing
>
>>>
>>>2. The algorithm has very few passes.
>>
>> it has more passes than IDEA but if you
>>consider any number less than 100 as small
>>for passes then it is small. I felt like I did more
>>than necessary.
>>
>
>Far point. I misunderstood the specs, but I believe with
>25 rounds my point still holds.
>
>
>Now I know how many rounds that scott19u.zip has,
>I will make an attempt at estimating the *maximum* key utilisation
>of scott19u.zip when encrypting a 30K file.
>
>30K = 30 * 1024bits = 30720bits of data to be encrypted.
>
>That is 30720 / 19 words = 1617 words (one word is 19bits)
>
>Multiply that by 25 rounds :
> 1617 * 25 = 40425 substitutions.
>
>This means that there is an *absolute* *maximum* key
>entropy utilisation of
> 40425 * 17.558 = 708407 bits
>when encrypting a 30K file. This is far less
>than the 1million+ bytes encryption that David shouts about so often.
I think what you missing is the the total entropy of the encrypted
message can't exceed 30k bytes for a 30k file. I am sure that many
keys exsit that can map a 30k file to a given file so what is your point.
The key allows for the 1 million bytes plus but I think that use a file
if you find to keys that map 30k file X to some file Y that does
not meant that it will map some other file of 2k bytes to the same file
with both of the above keys. So what is your point
What you seem to lack is one the message entropy is
one per bit you can't get any more. It is like having a
OTP pad of one million bits and if one XOR the text
of the 30k byte file with the first 30k bytes of the OTP
key you have perfect encryption You gain nothing by
do it over and over so the whole 1 million byte OTP
pad is used. I thought you could understand this point
but may not
snip...
>You don't seem concerned. Not using all the
>S-Box entries means that only a fraction of the
>key is being used. The effective key size used
>will not be what the user thinks. So much
>for million bit encryption. It's only that large
>when encrypting very large files.
>
covered above so read it
>
>I don't dispute that (I haven't looked at your chaining mode yet).
>Most block ciphers are usually broken by first considering
>simgle rounds. My point is, that because of properties
>of the S-Box, a lot of information is available to help
>a cryptanalyst. If you ignore the chaining mode altogether,
>then because of the known properties of your S-Box,
>breaking a single round of scott19u.zip will
>be trivial with the use of frequency table (obviously they need
>to be modified for 19bits but that's not a hard task).
>
If you think it is some dam easy sove the contest
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
From: fungus <[EMAIL PROTECTED]>
Subject: Re: Cracking DES
Date: Fri, 11 Jun 1999 03:03:00 +0200
Patrick Juola wrote:
>
> In article <[EMAIL PROTECTED]>,
> fungus <[EMAIL PROTECTED]> wrote:
> >
> >
> >Patrick Juola wrote:
> >>
> >> Well, first, to the best of my knowledge, there have never been any
> >> published claims that single DES would require 'more time to crack
> >> than the universe is old'.
> >
> >The director of the FBI said this last year at a press conference or
> >something (preaching to the unwashed masses).
>
> I doubt it. If so, that's proof positive that he doesn't know
> what he's talking about.
>
Or he's lying, trying to keep encryption under his control.
--
<\___/>
/ O O \
\_____/ FTB.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
