Cryptography-Digest Digest #734, Volume #9 Fri, 18 Jun 99 12:13:03 EDT
Contents:
Re: Phone scrambler : what encryption used ? (sb5309)
Re: Hasty Pudding Cipher -- update ("Roger Schlafly")
Objc or C library (Roman)
Re: the student paradox ([EMAIL PROTECTED])
Re: Critique of Street Performer Protocol paper (Tim Josling)
DES versus Blowfish (Bechir Jannet)
alt.security.scramdisk ("Andy Jeffries")
Re: signal to noise ratio ([EMAIL PROTECTED])
Re: DES Encryption Function and an MLP (wtshaw)
Re: test ([EMAIL PROTECTED])
Is DES easy to crack whit other kind of attack? ([EMAIL PROTECTED])
Re: DES versus Blowfish (fungus)
Re: DES versus Blowfish ([EMAIL PROTECTED])
Re: encrypt using ASCII 33 to 126 only? (wtshaw)
Re: SLIDE ATTACK & large state SYSTEMS ([EMAIL PROTECTED])
F-secure (Dupavoy)
Re: DES (Bruce Schneier)
Re: SLIDE ATTACK & large state SYSTEMS (SCOTT19U.ZIP_GUY)
Re: SLIDE ATTACK FAILS ("Douglas A. Gwyn")
Re: Is DES easy to crack whit other kind of attack? ("Douglas A. Gwyn")
Re: Caotic function ("John E. Kuslich")
Re: DES Encryption Function and an MLP ("Douglas A. Gwyn")
----------------------------------------------------------------------------
From: sb5309 <[EMAIL PROTECTED]>
Subject: Re: Phone scrambler : what encryption used ?
Date: Fri, 18 Jun 1999 13:10:11 +0800
How about this one :
Cycomm's Cellular Security Devices (CSDs)
at http://www.att.com/press/1195/951101.mma.html
Major Wood wrote:
> >>I have been to a few phone scrambler web pages
> Please specify which ones. This is a subject I know a bit about. - MW
------------------------------
From: "Roger Schlafly" <[EMAIL PROTECTED]>
Subject: Re: Hasty Pudding Cipher -- update
Date: Thu, 17 Jun 1999 23:51:41 -0700
Richard Schroeppel wrote in message
<7kc64j$[EMAIL PROTECTED]>...
>I've posted the official Tweak for HPC on the web page,
>http://www.cs.arizona.edu/~rcs/hpc
>along with a "recent progress" paper. The Tweak fixes
>an equivalent-keys problem that David Wagner found.
>The "progress" paper contains some new Pentium performance
>numbers, and makes the argument that HPC should win because
>it's the runaway fastest for bulk encryption on 64-bit
>machines.
But only fastest if you use a 512-bit blocksize, something that is
not part of the AES spec.
I was intrigued by your claim at the beginning that
"The key size may be any (whole) number of bits."
but
"The block size may be *any* number of bits, even fractional bit values
are permitted."
You mean, say, that you can encrypt 1/3 of a bit? Or a block of pi bits?
------------------------------
From: Roman <[EMAIL PROTECTED]>
Subject: Objc or C library
Date: Fri, 18 Jun 1999 11:03:48 +0200
Hi,
Does someone know if there exist, somewhere, an Objc lib or
a C lib (I'd rather find the first one) to make some encryption
in a program of mine. PGP or only RSA should be ok.
Thanks for your help,
Roman.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: the student paradox
Date: Fri, 18 Jun 1999 09:01:03 GMT
Of topic a bit, but re the "JoNR"; Andrew Wiles, the guy who prolved
Fermat's last theory, was | | <-- that far from a soluion; he had just
one problem; the method he was using ( the Kloyvagin-Flach method) to
prove that all ecliptic curves are modular was not enough to make the
induction work. He spent months working on it, and, after allmost
giving up, he found that the Iwasawa method he had rejected three
months ago as inadequate, when coupled with the K-F method, was
sufficeient. Result? Proving Fermat
Moral? Allways keep your old ideas, even if they aren't perfect; they
may well come in handy later
;-)
Jim
------------------------------
From: Tim Josling <[EMAIL PROTECTED]>
Subject: Re: Critique of Street Performer Protocol paper
Date: Fri, 18 Jun 1999 16:04:41 +1000
In fact this is not accurate. When the public goods have very low cost
of reproduction, the cost of buying the product inhibits its use and in
that sense they are 'underprovided'.
So on the one hand making something free may reduce the supply. It may
not always do so. If you have a whole set of intellectual property goods
with dependencies, then the fact that products you depend on are public
makes it easier to make the dependent products. Furthermore people are
not motivated solely by money.
On the other hand making a thing a public ('free') good will increase
the use of the product, because more people can afford it.
You would have to look at the individual case to see where the balance
lies.
Tim Josling
<my views only>
Anonymous wrote:
... It is elementary economics to
> show that public goods are underprovided compared to the social optimum.
> That is why people have worked so hard to try to come up with ways to
> protect intellectual property rights.
------------------------------
From: Bechir Jannet <[EMAIL PROTECTED]>
Subject: DES versus Blowfish
Date: Fri, 18 Jun 1999 11:17:10 +0200
Hi,
I am trying to understand, whether there is a major difference in the
achieved security, when using DES or Blowfish?
Both DES and Blowfish, are Feistel block cipher processing 64 bits
plaintext blocks;
DES has four weak keys and six pairs of semi-weak keys. What about
blowfish?
The only thing that speaks for Blowfish, is that it is faster and easier
to implement! is that correct?
King regards
------------------------------
Reply-To: "Andy Jeffries" <[EMAIL PROTECTED]>
From: "Andy Jeffries" <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp,comp.security.pgp.discuss
Subject: alt.security.scramdisk
Date: Fri, 18 Jun 1999 11:41:35 +0100
Just to let you all know, there is now "alt.security.scramdisk" created. If
your ISP doesn't carry it, they should in a few days, if not ask them to add
it.
I guess Sam/Aman will post a more official message soon.....
--
Andy Jeffries
Author of TkrScramDisk
(ScramDisk Delphi Component)
--See http://www.kwikrite.clara.net/ for TkrScramDisk
and the ConsoleUtils library
--See http://www.hertreg.ac.uk/ss/ for ScramDisk -
free virtual disk encryption for Windows 95/98
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: signal to noise ratio
Date: Fri, 18 Jun 1999 09:17:02 GMT
On Thu, 17 Jun 1999 00:28:13 GMT, <[EMAIL PROTECTED]> wrote:
>How is the s/n ratio related to the Walsh transform?
I'm not sure; the walsh transform (which i don't really get) tells you
(i think) how likely each linear function is to provide the nonlinear
result.
Jim
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Crossposted-To: comp.ai.neural-nets
Subject: Re: DES Encryption Function and an MLP
Date: Fri, 18 Jun 1999 06:27:21 -0600
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (Richard Leighton Dixon) wrote:
> In article <7kbh1t$rmb$[EMAIL PROTECTED]>, [EMAIL PROTECTED] says...
>
> > Which means that gradient descent methods would be useless,
> > simulated annealing would be useless, and genetic algorithms
> > would be useless.
>
> Why would a genetic algorithm be useless? Isn't this method effective in
> finding solutions despite the discontinuity?
>
A generic algorithm would be based on specified mathematical equations
and/or general principles. Generic algorithms should be truely scalable.
If hand picking tables and holding your mouth right when talking about
keys is what makes an algorithm work, it is not apt to be based on the
above, granted that you can possibly design an algorithm with little
understanding of what is really making it work, but it does not mean that
such knowledge in unobtainable.
--
"I want to make laws. We don't make donuts here." --John Conyers
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: test
Date: Fri, 18 Jun 1999 10:31:54 GMT
On Thu, 17 Jun 1999 23:57:29 +0300, "Erik Avat'R"
<[EMAIL PROTECTED]> wrote:
>And why not post in HTML??
>If you cant read it buy yourself a new computer.....
Because many people run newsreaders (like mine) that don't
automaticaly read HTML, or use DejaNews etc; posting in html is
inconvenient, nonstandard (HTML 2.0,5.0, JS, ActiveX etc) and
unneccesary!
Jim
------------------------------
From: [EMAIL PROTECTED]
Subject: Is DES easy to crack whit other kind of attack?
Date: Fri, 18 Jun 1999 10:40:24 GMT
Im reading about DES and the possibles attacks. Well at this time DES was
cracked by EFF whit a $250.000 craker hardware. But all docs I found is about
crack the key when u dont know the text. *Im wondering if in a simple PC is
possible obtain the key when u know the complete text then, comparing the
Encrypted info and non encrypted info. More when this info r no more than 12
digits, and is u can read a few docs more. In this csse of course, all the
rest of info encrypted whit that key will be compromised. Are there
calculations of the time take it to cracke it in this way?
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: fungus <[EMAIL PROTECTED]>
Subject: Re: DES versus Blowfish
Date: Fri, 18 Jun 1999 14:39:26 +0200
Bechir Jannet wrote:
>
> Hi,
> I am trying to understand, whether there is a major difference in the
> achieved security, when using DES or Blowfish?
> Both DES and Blowfish, are Feistel block cipher processing 64 bits
> plaintext blocks;
>
> DES has four weak keys and six pairs of semi-weak keys. What about
> blowfish?
> The only thing that speaks for Blowfish, is that it is faster and easier
> to implement! is that correct?
>
In theory DES is much weaker.
Blowfish has a 128 bit key, DES has only 56 bits and messages have been
publicly cracked on several occasions.
--
<\___/>
/ O O \
\_____/ FTB.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: DES versus Blowfish
Date: Fri, 18 Jun 1999 11:10:11 GMT
In article <[EMAIL PROTECTED]>,
Bechir Jannet <[EMAIL PROTECTED]> wrote:
> Hi,
> I am trying to understand, whether there is a major difference in the
> achieved security, when using DES or Blowfish?
> Both DES and Blowfish, are Feistel block cipher processing 64 bits
> plaintext blocks;
>
> DES has four weak keys and six pairs of semi-weak keys. What about
> blowfish?
> The only thing that speaks for Blowfish, is that it is faster and
easier
> to implement! is that correct?
Well...
1. DES has a 56-bit fixed key. Blowfish has a variable length key
upto 448 bits.
2. DES was designed for hardware only. Blowfish is more software
oriented.
3. DES has fixed sboxes. Blowfish has key depenedant large sboxes.
4. DES has weak and semi weak keys, blowfish has weak keys. They
produce sboxes which have non-unique entries. They are 1 in 2^14 but
have not been exploited yet.
Basically if you are choosing between them... pick blowfish!.
Tom
--
PGP key is at:
'http://mypage.goplay.com/tomstdenis/key.pgp'.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: encrypt using ASCII 33 to 126 only?
Date: Fri, 18 Jun 1999 06:35:15 -0600
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] wrote:
> Peter Gutmann wrote:
> >
> > "Kenneth N Macpherson" <[EMAIL PROTECTED]> writes:
> >
> > >Hello,
> >
> > >I am trying to find code (vb) that will take a string (all chars in
range 33
> > >to 126 ASCII) and encrypt it again using chars in range 33 to 126.
> >
> > >Any help with code, urls, (or even an algo) would be fantastic.
> >
> > This comes up every six months or so, I posted code to do this here in early
> > 1997 which lead to an interesting discussion on this sort of problem. Do a
> > Dejanews search on a subject line of "Encrypting data with a
restricted range
> > of values" to find the thread. You can use the technique with any
underlying
> > cipher, I typically use 3DES.
The problem with UUencode is that the output is perhaps too limited in
range, and therefore less efficient than it could be. OTOH, marginal
improvements in bandwidth efficiency are all that are available.
>
>
> Also, Kenneth, a very common technique that is used here is "do what
> uuencode does." Or perhaps, actually DO use uuencode on your
> (un-restrained binary) cipher ouput. It is far easier to let the cipher
> do what it will, and then encode the output to conform to the byte-range
> restriction, than it is to devise an algorithm that produces output that
> obeys that restriction.
--
"I want to make laws. We don't make donuts here." --John Conyers
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: SLIDE ATTACK & large state SYSTEMS
Date: Fri, 18 Jun 1999 11:25:29 GMT
<snip>
I WILL NOT SAY THIS AGAIN.
1. If the key schedule cannot fully accept log2((2^n)!) bits the key
schedule will not be able to create all (2^n)! mappings to call the
cipher completely secure.
1.1 Ciphers rely on the fact that finding out which mappings are valid
and which are not is just as hard as brute force.
Let's think about it. IF you have 2^n possible inputs, and 2^n
possible outputs, then there are (2^n)! possible re-arrangements.
Think of one large s-box, filled with 0..(2^n)-1. Then perform a RC4
like shuffle on the entries. You then just use the input as an index
and the output as the ciphertext.
Your cipher does not use log2((2^n)!) bit keys and therefore is not
completely secure just like all other block ciphers. That does not
make it practically weak though. Your single cycle sbox does not
ensure all possible mappings (2^n)! because not all configurations of
the sbox are possible.
Maybe something got missed. Yes all inputs will have a unique output
but what I am talking about are mappings, not single transformations.
Sorry thems the facts, maybe if the other members backed this (I don't
think they care), you will begin to trust what we say.
Tom
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED] (Dupavoy)
Subject: F-secure
Date: 18 Jun 1999 13:48:59 GMT
Has anyone used F-secure 2.0 by F-prot?
I used F-secure1.0 and all of my encrypted files
became corrupted and I couldnt decrypt them.
Also, it seems that NSS1.0 by Symantec is
the only freeware crypto software that combines
all files into a single self-extracting *.exe file.
------------------------------
From: [EMAIL PROTECTED] (Bruce Schneier)
Subject: Re: DES
Date: Fri, 18 Jun 1999 14:36:48 GMT
On Sun, 13 Jun 1999 01:26:07 GMT, [EMAIL PROTECTED] wrote:
>In article <[EMAIL PROTECTED]>,
> Hideo Shimizu <[EMAIL PROTECTED]> wrote:
>> In some special case, IP affects security of DES. At least
>> in case of linear cryptanalysis of 32bit-MAC using DES, Sakurai,
>> et.al. pointed out above result.
>
>I would like to have that one explained. If the IP is a known
>permutation then it cannot be secure can it?
If all the bits are used, that's true. But for a 32-bit MAC, only 32
bits of the output are used. The IP affects WHICH particular
bits are used. This makes a difference.
Bruce
**********************************************************************
Bruce Schneier, President, Counterpane Systems Phone: 612-823-1098
101 E Minnehaha Parkway, Minneapolis, MN 55419 Fax: 612-823-1590
Free crypto newsletter. See: http://www.counterpane.com
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: SLIDE ATTACK & large state SYSTEMS
Date: Fri, 18 Jun 1999 14:55:43 GMT
In article <7kdab3$eqr$[EMAIL PROTECTED]>, [EMAIL PROTECTED] wrote:
><snip>
>I WILL NOT SAY THIS AGAIN.
You lack much knowledege little grass hopper
<snip>
>Maybe something got missed. Yes all inputs will have a unique output
>but what I am talking about are mappings, not single transformations.
You obviously lack basic knowledge of what a mapping and a transforn
is. The mappings can be thougth of as a series of cycles. If one had a
mapping of anykind for an 8 bit lookup table one could create a lookup
table for the 16 table that would carry the exact same information as
the 8 bit table applied twice. But since the single 8 bit table has 1/512 the
space. It would be foolish to use the 16 bit table for the mapping when
the 8 table could be used to get the exact results in this case. I choose
to use all possible 19 but tables which is ( (2**n)-1)! mappings. I could
have used ((2**n))! to get all mappings including the identity mapping
and those that could be reduced to smaller tables but choose not too.
Read and you might learn something foolish one. The key which can
be used to describe a S-table that could be used for an encryption.
Such that the key describes every kind of S tables the ((2**n)-1)! or
the full one of many cycles ((2**n))! will fit entirely within a table.
I notice little one you seldom anwser a post but go off in left to talk about
something else. So you can attempt to empress the readers with your
bits and pieces of knowlege feed to you by your handlers. Yes you
will eventually get in the crypto club and maybe even get a PhD but
you don't seem capable of free independent thought if your posts
are any indication.
>
>Sorry thems the facts, maybe if the other members backed this (I don't
>think they care), you will begin to trust what we say.
>
>Tom
Yes nice to see you give up your freedom to be part of the we. Your
on your way little grasshopper.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: SLIDE ATTACK FAILS
Date: Fri, 18 Jun 1999 14:35:35 GMT
"SCOTT19U.ZIP_GUY" wrote:
> By unprofessional way would that include the bragging of some professional
> claimming it was dead years ago and that his pet slide attack shows that it is
> dead. When he never bothered to test it.
What I recall is that the fellow said *in advance* that he was going
to spend a few days trying the slide attack against SCOTT19U, because
he thought it might work. This he did, keeping us all posted as he
progressed. In the end, that attempt failed, but all that means is
that that particular person (and collaborators) using that particular
attack did not succeed in breaking the system. It doesn't prove
anything one way or another about SCOTT19U's security, nor about the
"professionalism" of the analyst.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Is DES easy to crack whit other kind of attack?
Date: Fri, 18 Jun 1999 14:56:41 GMT
[EMAIL PROTECTED] wrote:
> *Im wondering if in a simple PC is possible obtain the key when u
> know the complete text then, comparing the Encrypted info and non
> encrypted info.
Nobody knows how to do this.
------------------------------
From: "John E. Kuslich" <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: Caotic function
Date: Fri, 18 Jun 1999 07:09:02 -0700
There is a wonderful book by Peitgen, Jurgens and Saupe called "Chaos snd
Fractals - New Frontiers of Science" ISBN 0 387 97903 4 and ISBN 3 540
97903 4. Just buy it. Take my word for it! If the names of the authors
don't seem familiar, start with the Gleick book, but buy this one anyway,
it is that good.
Here is Amazon's link:
http://www.amazon.com/exec/obidos/ASIN/0387979034/craksoftwarpassw
It has a great mix of general discussion and mathematics and pictures.
The Gleick book is probably the best place to start. This book is very
readable by the intelligent layman as well as your average geek.
The comment about complex numbers and fractals is so off the mark...have
another cup of coffee before engaging your news reader. Chaos and
fractals have nothing to do with numbers either...yeah...right!
Now, on to wavelets...
JK
--
CRAK Software (Password Recovery Software)
Http://www.crak.com
[EMAIL PROTECTED]
602 863 9274 or 1 800 505 2725 In the USA
Douglas A. Gwyn wrote:
> ivana wrote:
> > I'm looking for documentation about caotic funcions. I 'm a student
> > and can't begin my work without it. Anyone can help me with some
> > links ?
>
> The keywords to search for (using any standard Web search engine,
> e.g. Lycos or Google) are "chaos" (note the spelling!), "fractal",
> and "dynamical systems". If you have access to a decent library,
> see if you can find the four-volume set by Abraham & Shaw,
> "Dynamics - the Geometry of Behavior" (Aerial Press), which is a
> very nice introduction to the subject with lots of illustrations
> and very few equations. There are also numerous popular books
> such as "Chaos: Making a New Science" by Gleick, and if you're
> interested in fractal images, there are lots of books on that, too.
>
> By the way, the first two responses I've seen to your query,
> by tomstdenis and Jim_101, were both wrong -- chaos has nothing
> to do with cellular automata, nor with complex numbers.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Crossposted-To: comp.ai.neural-nets
Subject: Re: DES Encryption Function and an MLP
Date: Fri, 18 Jun 1999 14:38:38 GMT
Warren Sarle wrote:
> Which means that gradient descent methods would be useless,
> simulated annealing would be useless, and genetic algorithms
> would be useless.
Indeed, in general methods that ignore the system's detailed
structure should be expected to fail, because there is no
"guiding light".
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
