Cryptography-Digest Digest #729, Volume #9 Thu, 17 Jun 99 00:13:02 EDT
Contents:
Re: self rotate ([EMAIL PROTECTED])
Re: the student paradox ([EMAIL PROTECTED])
Re: the student paradox (Jim Gillogly)
Re: the student paradox (SCOTT19U.ZIP_GUY)
Re: DES lifetime (was: being burnt by the NSA) ([EMAIL PROTECTED])
Re: signal to noise ratio
Re: SLIDE ATTACK & large state SYSTEMS (SCOTT19U.ZIP_GUY)
Re: NIST annouces set of Elliptic Curves (Bill Unruh)
Re: DES Encryption Function and an MLP (James Pate Williams, Jr.)
Justification of small scale to large scale implementation.. (Thirumalainambi
Murugesh)
Re: Phone scrambler : what encryption used ? ("Major Wood")
Re: the student paradox ([EMAIL PROTECTED])
please suggest papers ("Anthony")
Re: the student paradox ([EMAIL PROTECTED])
Re: the student paradox ([EMAIL PROTECTED])
An Open Apology (Was: the student paradox) ("rosi")
Re: the student paradox ([EMAIL PROTECTED])
Re: SLIDE ATTACK & large state SYSTEMS ([EMAIL PROTECTED])
Re: DES lifetime (was: being burnt by the NSA) ([EMAIL PROTECTED])
----------------------------------------------------------------------------
From: [EMAIL PROTECTED]
Subject: Re: self rotate
Date: Wed, 16 Jun 1999 20:25:40 GMT
In article <[EMAIL PROTECTED]>,
Horst Ossifrage <[EMAIL PROTECTED]> wrote:
> The AES candidate RC6 has data dependent data rotations
> and key dependent key rotations. It does not need to be
> reversible if it is a Feistel cipher, which can reverse
> many functions due to XOR symmetry. I am not bored yet,
> I am driving to work next to design a 64 bit processor.
>
RC6 has only data dependant rotations in the round function. The key
schedule uses key dependant rotations, but one must note the key could
also be considered the data...
The idea was to rotate a single word (in a data dependant) manner but
keep the integrity enought to be able un-rotate the word. I think
using two words (as in RC5/RC6) is more effective then the self-rotate.
Tom
--
PGP key is at:
'http://mypage.goplay.com/tomstdenis/key.pgp'.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: the student paradox
Date: Wed, 16 Jun 1999 21:49:41 GMT
John Savard <[EMAIL PROTECTED]> wrote:
: If more people had the sense and tact to realize that, while they are
: beginners, their own ideas probably won't be too useful, and thus:
: - advanced any new idea in a tentative way,
: - asked questions, rather than proclaiming conclusions,
: - tried to learn more on their own about their own ideas,
: they'd run into fewer discouraging experiences of being told their
: ideas are silly and not to waste everyone's time.
: The accepted lines of thought have a lot going for them: but that
: doesn't mean new ideas - especially ideas from people with the right
: background in existing practice - aren't valuable and needed.
There was a serious proposal not too long ago for a "Journal of
Negative Results", in which researchers could write up things
that they had tried and found to be unproductive. In theory this
could be beneficial, but in practice the archive would grow
to an unmanageable size very quickly, and the task of indexing
it (or building an efficient search engine for it) is one that
I wouldn't want to even think about.
OTOH, I suspect that many of the startup articles in JoNR
would be about search engine ideas or indexing ideas that
just didn't work out. ;=)
--
Mike Andrews
Tired old sysadmin
[EMAIL PROTECTED]
------------------------------
From: Jim Gillogly <[EMAIL PROTECTED]>
Subject: Re: the student paradox
Date: Wed, 16 Jun 1999 16:08:09 -0700
"SCOTT19U.ZIP_GUY" wrote:
> You can check but I that Paul attack was back in 1996 but you will have
> to ask him.
April '97, according to DejaNews.
--
Jim Gillogly
26 Forelithe S.R. 1999, 23:07
12.19.6.5.1, 5 Imix 9 Zotz, Second Lord of Night
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: the student paradox
Date: Thu, 17 Jun 1999 01:04:48 GMT
In article <8cV93.7833$[EMAIL PROTECTED]>, "Steven Alexander"
<[EMAIL PROTECTED]> wrote:
>I'm not sure that people have less ideas as their knowledge increases. I
>think that instead they discount a lot of their own ideas based on their own
>ideas before sharing them.
>
>I first became interested in cryptography a couple of years ago. When I
>started out I had a lot of ideas. I'm still not an "expert" but I still
>have the same amount of ideas. However, I am now able to discount most of
>my ideas by evaluating them myself.
>
>I do agree that in any science be it cryptography, physics, biology, etc.
>that a students line of thinking becomes more centered toward what is known
>to be the current state of the art. The student then tries to extend this.
>This has the drawback that it takes longer for someone to discover ideas
>that are far removed from the current state of the art. However, it also
>restricts students from proposing ideas that have been disproved over and
>over again.
But even that is not good. Some ideas that where bad years ago may
my good today. Due to the fact computers are faster and you can count
on the whole file with out error during a transfer. In the old days encrypting
a whole file as a single block would not have been practical.
Even the noble gas compounds where "proved impossible". When I was
in High School we saw a film on the elements and they had a bunch of
PhD's from standford do all kinds of stuff to make some compounds
from the noble gases. There conculsion was that it was folly to even try
because it was impossible and a foolish thing to try. Of couse like most
PhD types when they say something is impossible they were WRONG.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: DES lifetime (was: being burnt by the NSA)
Date: Wed, 16 Jun 1999 23:17:20 GMT
Jerry:
> > > What standard is THAT from?
Bryan:
> > FIPS 46, 1977 January 15. You can find it reprinted in
> > Meyer & Matyas /Cryptography, A New Dimension in Data Security/
> > 1982, and some other places.
>
> Do you see the problem here? You say "the standard says" when you're
> really referring to something that hasn't been a standard for over a
> decade.
Perhaps I should have said "the relevant standard says".
> > Note that FIPS 46-2 is dated 1993 December 30. It did not
> > exist at the time in question.
>
> What time in question? "The standard says" is present tense, so the
> only conclusion one can reasonably draw about "the time in question"
> is that it's the present time.
How could you possibly have missed the time in question?
Doug Gwyn brought up the DES design lifetime of 10 years,
then I specifically stated the dates, and you yourself asked
about the the statement of its (DES's) initial purpose.
Bryan:
| As I understand it "sensitive but not classified"
| information would include raw data from the decennial
| census, and the law states such data shall be sealed
| for 72 years. A cipher to protect sensitive but not
| classified data, to be used from 1976 to 1986, must
| be sufficiently secure to protect data collected
| for the 1980 census. Thus the cipher must remain
| unbroken until at least 2052.
| DES has failed. It was never adequate - not even for
| its initial purpose and intended lifetime.
You followed with:
: DES was specified as being suitable for sensitive but
: not classified information. NOWHERE in the specification
: was it said to be suitable for ALL sensitive information
: as long as it wasn't classified.
You presented this as a response to what I wrote. Are you
now going to tell us you were talking about a 1993 standard,
and that you think that's the relevant version for this
argument?
You went on:
: Please point to a part of the statement of its initial
: purpose that says it will be used as the sole protection
: for census data at any time during its operation.
Since you asked about "its initial purpose" of course I
was citing FIPS 46 and not FIPS 46-2.
> At the present time, the standard does
> not say anything of the sort, and it hasn't for some time.
Do you know what the word "initial" means? If the
wording in a revision of a standard changes, which is
"initial"?
> > I expect you'll need some time to check that out, but given how
> > you SHOUTED your conclusions based on the 1993 standard, will you
> > be willing to report what you find either way?
>
> Sure. It doesn't even take very long for me to find that if you were
> referring to something that hasn't been a standard years, that you
> should have said something like "in 1977, the standard said" rather
> than "the standard says." As-is, your statement is simply false.
> There's not much more to the situation than that.
I called it the standard because FIPS 46 is obviously the
standard in question - relevant to the period I specifically
named and you specifically asked about. I used "says" simply
because it flowed better, but it's perfectly correct even
though FIPS 46-2 supersedes it.
> You've been blaming the NSA for the way the DES was written in 1977.
In this thread I have mentioned the NSA once, when I referred
to "The cipher resulting from the combined efforts of IBM,
NBS (now NIST) and NSA". I specifically avoided singling
any of those parties out. I don't know where you got that
I've been blaming NSA for the way DES was written.
> The NSA had neither control over, nor even official input into, DES
> until 1987. If you want to display scholarship, do a bit of research
> into the first version of the standard after the NSA had input, and
> see whether it matches the 1977 standard or the 1993 standard. This
> might give some insight into whether the NSA influenced the decision
> to make DES an option rather than a mandatory requirement.
Done. The NSA had input into FIPS 46.
Jerry, get with the program. Doug Gwyn pointed out that
DES held up for more than its 10 year designed life. I
followed saying that the requirement is not merely that
the cipher remain unbroken while in use, but for the
intelligence life of the data; there is data for which
DES was approved in the initial 10 year life which will
remain sensitive for years to come.
My theory is that you made the understandable mistake
of thinking that the current FIPS 46-2 is the same as
the standard in effect for that 10 year life. No big
problem, and as I wrote in my previous post, I was also
unaware the wording changed. But now you've taken the
ludicrous position that I was wrong to cite the standard
that was in effect, and the relevant version is one that
appeared five or six years later. Are you sure you want
to insist that what appears to be a minor oversight is
in fact a matter of unfathomable stupidity?
--Bryan
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: <[EMAIL PROTECTED]>
Subject: Re: signal to noise ratio
Date: Thu, 17 Jun 1999 00:28:13 GMT
<[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> So, the s/n ratio is related to the Walsh transform?
How is the s/n ratio related to the Walsh transform?
In "Differential Cryptanalysis of the Data Encryption Standard" written by
Eli Biham, Adi Shamir
pp.29~31, they explained the s/n ratio. but I can't completely understand.
Whoever knows that contents tell me some explanation, please.
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: SLIDE ATTACK & large state SYSTEMS
Date: Thu, 17 Jun 1999 00:53:36 GMT
In article <7k92a2$vd4$[EMAIL PROTECTED]>, [EMAIL PROTECTED] wrote:
>> Just because 2**128 is a large number is no guarantee of safety.
>
>Um yes it does. If the algorithm is secure and requires 2^127 effort
>to find the key, I would regard as safe.
Then you would also assume that the German Enigma is safe. But
sorry it is not. The problem with a short key is that no one can prove
that it is secure. You make the same fallacy as the germans no one
does a full key seach. Unless it short like DES. At the most if two
ciphers appear the same but one has a longer key then knowing
nothing else the longer keyed one is better period.
There may even be a nice mapping function to map the short key
system to a method that is already broken.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
From: [EMAIL PROTECTED] (Bill Unruh)
Subject: Re: NIST annouces set of Elliptic Curves
Date: 17 Jun 1999 01:10:10 GMT
In <[EMAIL PROTECTED]> [EMAIL PROTECTED] (DJohn37050)
writes:
>Yes, perhaps the most interesting thing is that this can be seen as an
>endorsement of the security of ECC (at least for the curves provided) by an
>agency of the US government.
Of course if you are paranoid, this means that these are the curves for
which they have found a crack. But of course none of us is paranoid.
------------------------------
From: [EMAIL PROTECTED] (James Pate Williams, Jr.)
Crossposted-To: comp.ai.neural-nets
Subject: Re: DES Encryption Function and an MLP
Date: Thu, 17 Jun 1999 02:08:20 GMT
Since the DES encryption function is a Boolean function (albeit a
complicated one) of 64 inputs and 64 outputs can we safely assume
that there exists a MLP with one hidden layer that given sufficient
computation time, training examples, and hidden units can learn it
with near perfect accuracy? If so, what training algorithm is to be
suggested? Would the particle swarm optimization have a ghost of
a chance of succeeding, if not, why?
------------------------------
Subject: Justification of small scale to large scale implementation..
From: [EMAIL PROTECTED] (Thirumalainambi Murugesh)
Date: Thu, 17 Jun 1999 02:21:51 GMT
Dear Researchers,
Normally to analyse a pseudo-random number generator(PRNG) in terms of its
period, cryptographic strength, researchers used small scale implementation.
i.e they used small size numbers or small size input parameters to analyse the
output sequence period.
How we can justify that it is reasonable to expect that various possibilities
found in small size PRNG used for simulation might also found in large scale
PRNG implementation.
Could you please kindly pass your comments and suggestions to me at
"[EMAIL PROTECTED]".
Thanking you.
Sincerely,
T Murugesh
------------------------------
From: "Major Wood" <[EMAIL PROTECTED]>
Subject: Re: Phone scrambler : what encryption used ?
Date: Wed, 16 Jun 1999 20:37:27 -0500
>>I have been to a few phone scrambler web pages
Please specify which ones. This is a subject I know a bit about. - MW
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: the student paradox
Date: Thu, 17 Jun 1999 01:50:36 GMT
In article <VZU93.347$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> There was a serious proposal not too long ago for a "Journal of
> Negative Results", in which researchers could write up things
> that they had tried and found to be unproductive. In theory this
> could be beneficial, but in practice the archive would grow
> to an unmanageable size very quickly, and the task of indexing
> it (or building an efficient search engine for it) is one that
> I wouldn't want to even think about.
>
> OTOH, I suspect that many of the startup articles in JoNR
> would be about search engine ideas or indexing ideas that
> just didn't work out. ;=)
The only bad idea is one without prior thought. If the idea has a good
fundamental basis then it most likely can be extended/extrapolated into
something else. Bad ideas like
E(P, k) = P + k
should be shunned because well that's insanely dumb. So I think a
compromise is required. Perhaps it would be more acceptable if 'bad
ideas' had some form of formal presentation...
Tom
--
PGP key is at:
'http://mypage.goplay.com/tomstdenis/key.pgp'.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: "Anthony" <[EMAIL PROTECTED]>
Subject: please suggest papers
Date: Wed, 16 Jun 1999 20:55:46 -0500
Reply-To: "Anthony" <[EMAIL PROTECTED]>
Please suggest some good published papers on "Public-Key Management and
Distribution System", especially on Internet-based systems. Thanks in
advance!
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: the student paradox
Date: Thu, 17 Jun 1999 01:47:15 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (John Savard) wrote:
> If more people had the sense and tact to realize that, while they are
> beginners, their own ideas probably won't be too useful, and thus:
>
> - advanced any new idea in a tentative way,
>
> - asked questions, rather than proclaiming conclusions,
>
> - tried to learn more on their own about their own ideas,
>
> they'd run into fewer discouraging experiences of being told their
> ideas are silly and not to waste everyone's time.
I am sorry. Apparently you are perfect. I understand your point that
current academia is not a waste of time. Of course it is not. However
new ideas should not be shunned on. Look at RC5, compared to RC6 it is
weak (has a pseudo break...). I bet Rivest learned something from
that. When a 'newbie' post an idea it is only a 'waste of time' if
they do not listen to the critism presented for them. (Like against
Dave Scott... :( )
> The accepted lines of thought have a lot going for them: but that
> doesn't mean new ideas - especially ideas from people with the right
> background in existing practice - aren't valuable and needed.
I agree however you cannot exclude 'newbies' from having perfectly
acceptable ideas. Who was Adi Shamir before RSA? (Well a professor I
would imagine but you get the point).
Tom
--
PGP key is at:
'http://mypage.goplay.com/tomstdenis/key.pgp'.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: the student paradox
Date: Thu, 17 Jun 1999 01:43:44 GMT
In article <p%U93.7281$[EMAIL PROTECTED]>,
"Steven Alexander" <[EMAIL PROTECTED]> wrote:
> Your code reads like shit. I have an easier time reading
disassembled win32
> programs.
Maybe he also forgets that data is created in the forwards direction
and that's why we have CBC and PCBC... (Can't imagine sending audio
backwards...)
(but of course crypto is for file encryption only didn't you know), btw
this is not on topic!!! (student paradox...)
Tom
--
PGP key is at:
'http://mypage.goplay.com/tomstdenis/key.pgp'.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: "rosi" <[EMAIL PROTECTED]>
Subject: An Open Apology (Was: the student paradox)
Date: Wed, 16 Jun 1999 22:47:17 -0400
Hi, all,
This has been heavy on my mind for some time. I should have given
the apology long, long ago.
A while back, we had a discussion about trust model started by
Dr. Gerck's post. In one of my posts I said something very
inappropriate. People did not pick on me for that (and Dr. Gerck
was too nice to either). I said something like some of what Dr.
Gerck showed 'echoed' some of my thoughts. The word 'echo'
was the worst chosen one. I have no reason to imply (though
unintentionally) that I thought about certain issues before Dr.
Gerck did. Even if I did, which I strongly doubt, he could not have
'echoed' mine. Most importantly, I never pursuited these issues
rigorously. I owe this apology. I am genuinely sorry.
However, it is my opinion that it is no big deal to have all-or-nothing.
I filed my patent in 1997 in which the idea was used. I do not claim
I had the idea first. It is just so obvious (with whatever tricks you do
to achieve it). The first time I heard it being credited to Prof. Rivest
was through a reply post to one of mine in which I in passing mentioned
it in suggesting something else. Either before or after those posts, I
learned that Peter Gutman (sorry if spelt erroneously) also had what I
called bi-directional scrambling or backward-and-forward srambling. I
am not too sure, but I have the impression that Peter also used the
term backward-and-forward or something very similar. The only
difference, hope I am not wrong, is that Peter uses encryption but I
had it merely as a chaining operation. It could very well be that other
people before us all had the same idea. It is obvious and not
something hard to see or imagine.
Another thing (sorry to bring it up again) is the S&w also by Prof.
Rivest. That to me is no big deal either. If you go back and read one
of the posts by Brian Olson, you will see that he ALMOST stumbled
on it! I am not sure if he realized that or he as well did not take much
interest for one reason or another. I can not imagine how many
people could have had the same or similar ideas.
There can be other things. Some obvious, but may not be easily put
on rigorous grounds and proven to have the characteristics.
Nontheless, they are to me obvious.
As to the original post, a hard one. Life is vital with its non-static
nature. There is a 'prescribed' route life takes, paradoxical or not. We
all take it as we are all live creatures. Life has an end and acquiring
knowledge etc., all that associated with life can not grow forever, and
must, to me, obey the path charted out. Hope I do not sound like a
doomsday advocate. Making mistakes, being stupid are all things
dearest to us, just as being defiant to conventional wisdoms when the
questions we put to them do not bring back satisfactory answers.
If you independently thought up IT, you are to me about just as creative
as the first one who did. You should not be ashamed that you are too
late. You only need to be aware that you are previlleged (XOR is
such a household term nowadays) and you are standing on others'
shoulders. You should be proud of yourself, knowing exactly where the
pride is set on.
Sorry for the verbiage.
Thank you very much.
--- (My Signature)
Jim Gillogly wrote in message <[EMAIL PROTECTED]>...
>"SCOTT19U.ZIP_GUY" wrote:
>> scott19u but every one said it was use less then I here that Ron R of
>> RSA comes up with an all or nothing encryption idea. Guess who will
>> get the credit.
>
>His paper was in 1997. When was yours? Are you claiming priority
>for the PCBC chaining method, which was used in Kerberos?
>
>--
> Jim Gillogly
> 26 Forelithe S.R. 1999, 18:56
> 12.19.6.5.1, 5 Imix 9 Zotz, Second Lord of Night
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: the student paradox
Date: Thu, 17 Jun 1999 01:55:43 GMT
In article <7k9e2l$1tng$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) wrote:
> But even that is not good. Some ideas that where bad years ago may
> my good today. Due to the fact computers are faster and you can count
> on the whole file with out error during a transfer. In the old days
encrypting
> a whole file as a single block would not have been practical.
> Even the noble gas compounds where "proved impossible". When I was
> in High School we saw a film on the elements and they had a bunch of
> PhD's from standford do all kinds of stuff to make some compounds
> from the noble gases. There conculsion was that it was folly to even
try
> because it was impossible and a foolish thing to try. Of couse like
most
> PhD types when they say something is impossible they were WRONG.
I think you unfairly stereotype phd types. Not all of them have sticks
up their asses.
As the previous post noticed, many people destroy their own ideas
because they know they have been proven bad/wrong before. I still
think it is paradoxial that this occurs. It's too bad people avoid
abstract brainstorming, cause some really cool minds are out there.
Also you allude to 'few years ago' by which I mean your cipher that
requires 1.2MB of ram for the key and xMB for the file. However you
still have to admit your cipher is not good for live communications,
smart cards or hardware. It can only be used for files which is rather
limited. However if encrypting files is all you want, then it would be
ok.
Tom
--
PGP key is at:
'http://mypage.goplay.com/tomstdenis/key.pgp'.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: SLIDE ATTACK & large state SYSTEMS
Date: Thu, 17 Jun 1999 02:04:24 GMT
In article <7k9ddl$1tng$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) wrote:
> Then you would also assume that the German Enigma is safe. But
> sorry it is not. The problem with a short key is that no one can prove
> that it is secure. You make the same fallacy as the germans no one
> does a full key seach. Unless it short like DES. At the most if two
> ciphers appear the same but one has a longer key then knowing
> nothing else the longer keyed one is better period.
> There may even be a nice mapping function to map the short key
> system to a method that is already broken.
Well no, most systems with bad mapping have related keys and can be
broken. If the mapping is perfectly random (well with respect to the
key) then it cannot be broken easily. The problem is most ciphers have
characteristics and that is where the mappings become weak.
If a block cipher has a perfecting random mapping of all 2^128 16-byte
pages ((2^128!) possible mappings, it would require a long time to find
the key (which would be the mappings). Of course such a cipher is
insane as it would require 2^135 bits of ram (2^127 bytes).
However if the key schedule/round function can create such mappings
then it would be ideally secure.
If you are forced to try 2^127 possible keys that is quite secure. You
cannot build a computer fast enough. BTW if you care to notice all AES
ciphers can except keys of upto 256 bits which is 2^128 times harder to
solve then 128-bit keys which should be out of reach for a long long
time.
I think what you really are reaching at is that for any 128-bit block
cipher there are (2^128)! - 2^n mappings which are not possible (n =
key size). This is true, and certainly is a weakness of any cipher.
However they rely on the fact that all mappings which are possible are
impossible to identify, so by this logic you cannot say any mapping is
invalid. However even with your 'million byte key' there are mappings
which are impossible...
Tom
--
PGP key is at:
'http://mypage.goplay.com/tomstdenis/key.pgp'.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: DES lifetime (was: being burnt by the NSA)
Date: Thu, 17 Jun 1999 02:04:32 GMT
Minutes ago I wrote:
> In this thread I have mentioned the NSA once, when I referred
> to "The cipher resulting from the combined efforts of IBM,
> NBS (now NIST) and NSA".
Oops, not true, sorry. I overlooked:
| Which is the requirement: A cipher must remain
| unbroken for,
| A) its operational life,
| or
| B) the intelligence life of any data it protects?
|
| I think that's a pretty basic question. Could the
| the NSA have come up with the wrong answer?
Which responded to a defense of the NSA's ability based on
the cipher remaining unbroken through it's service life.
--Bryan
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
