Cryptography-Digest Digest #741, Volume #9 Sun, 20 Jun 99 18:13:03 EDT
Contents:
Re: Review: "Between Silk and Cyanide: A Codemaker's War" (John B. Andrews)
Re: CAST-256 implementation (?) (Horst Ossifrage)
Re: RC4 Susectability (fungus)
Re: Phone scrambler : what encryption used ? (sb5309)
Re: Cipher (SCOTT19U.ZIP_GUY)
Re: Cipher (Mr. E. Yankoil)
Re: Caotic function ("John E. Kuslich")
Re: crack the winzip files with password ("John E. Kuslich")
Re: OTP is it really ugly to use or not? (Gergo Barany)
Re: Sexual Contact Privacy (David A Molnar)
Re: RC4 Susectability ("John E. Kuslich")
Re: Simple Prime Number Question (Bill Unruh)
--- sci.crypt charter: read before you post (weekly notice) (D. J. Bernstein)
Re: RSA example with small numbers (David A Molnar)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (John B. Andrews)
Subject: Re: Review: "Between Silk and Cyanide: A Codemaker's War"
Date: Sun, 20 Jun 1999 08:03:56 -0800
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] wrote:
> Between Silk and Cyanide: A Codemaker's War 1941-1945
> Leo Marks
> Simon and Schuster, 1998. ISBN 0-684-86422-3
(snip of excellent review)
I suspect that many other readers (who participate with this newsgroup)
are, like me, fascinated by the technical and logistical feats done during
WWII re.
Enigma, Magic, etc etc.
I, at least, hadn't really considered the actual human costs involved with
success and failure.
This extremely well written and entertaining book, which I reccomend
without hesitation, has given me a whole new perspective.
By all means, get it. You will likely be up til 4:00 in the morning
reading it like I was.
John
--
The opinions expressed here are my own, with an assist from Robert Heinlein, Ayn Rand,
Dr. Hunter S Thompson, Frank Zappa, and Bill the Cat.
_____________
Please remove NOSPAM from my address when replying!
------------------------------
From: Horst Ossifrage <[EMAIL PROTECTED]>
Subject: Re: CAST-256 implementation (?)
Date: Sun, 20 Jun 1999 08:57:51 -1000
[EMAIL PROTECTED] wrote:
>
> In article <[EMAIL PROTECTED]>,
> Horst Ossifrage <[EMAIL PROTECTED]> wrote:
> > If you were a 16 year old Irish girl, then maybe
> > someone would care about your personal opinion,
> > but as a 17 year old American boy, your
> > opinion is about as valuable as a
> > 3 day old cow pie.
>
> For what it's worth I am a Canadian... :)
OK, a 2 day old cow pie.
> > > The diffusion and mixing is rather
> > > balanced which means there is a quick avalanche after very few
> rounds.
> >
> > The avalanche is slow, due to the "quad-block" structure.
> > Do your homework before slapping spam all over
> > my badwith.
> >
>
> Well I wasn't talking about CAST-256 at this point. I was talking
> about BFN's... Read the post carefully next time.
>
> > You can take your UFNs and shove them up your UFOs, sideways!
>
> Do you know what a UFN is?
No, why don't you spell it out for me, Dr. Acronym.
> Tom
------------------------------
From: fungus <[EMAIL PROTECTED]>
Subject: Re: RC4 Susectability
Date: Sun, 20 Jun 1999 19:53:44 +0200
[EMAIL PROTECTED] wrote:
>
> In article <[EMAIL PROTECTED]>,
> [EMAIL PROTECTED] wrote:
> > Last month I came across an implementation for RC4
> > on the web. After which I started monitoring this NG
> > and believe I understand how RC4 works. What I
> > don't know, is how secure it is. Can someone
> > comment on how relatively secure RC4 would be
> > against common cyptoanalysis?
>
> Apparently RC4 is still secure.
I certainly hope so - just about every secure web transaction uses it....
> It is used most commonly in SSL in north america.
And in the rest of the world.
> I would imagine the only weakness in RC4 is the
> possibility of short cycles but I dunno.
>
> I have never seen any cryptanalysis of RC4 so if you find something
> please pass it along.
>
It's believed to be secure apart from some slightly weak keys.
See: http://www.ciphersaber.gurus.com/
--
<\___/>
/ O O \
\_____/ FTB.
------------------------------
From: sb5309 <[EMAIL PROTECTED]>
Subject: Re: Phone scrambler : what encryption used ?
Date: Mon, 21 Jun 1999 01:23:58 +0800
Thanks; "sounds" interesting. :-)
Major Wood wrote:
> > How about this one :
> > Cycomm's Cellular Security Devices (CSDs)
> > at http://www.att.com/press/1195/951101.mma.html
> Hee hee! That one doesn't work worth a damn, but it IS digital. The vocoder
> is RELP (which sounds like crap) and the cipher is everyone's favorite:
> Skipjack! Yes, that's right boys and girls, this thing has the MYK77 Clipper
> chip in it! So not only do you get a product that doesn't work (gee, I
> wonder why it was discontinued), you get all the security offered by the
> government's bogus attempt at mandatory key escrow. How much did NSA slip
> these guys under the table to make this thing? Now go out and buy a million
> ;) What, me sarcastic? - MW
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Cipher
Date: Sun, 20 Jun 1999 19:18:50 GMT
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] wrote:
>If the cipher si simple, post a description, and it can be analysed
>for you; if you want' to end up like david scott (warped and bitter),
>refuse to give us a description, and abuse those who know better.
>
>
>(Just for reference, i'm not being mean}
>
>
>Jim
>
Actually if you cipher is any good you will get few comments. However
if it has errors you will get pleanty of comments. Many people who read
post here are to lazy to bother to look at webpages where the code is
discribed or even look at the source code you may porvide. If it is really
good they will dismiss it as easy to break but will never bother to prove it.
For a sample of something the experts claim they can't follow go to my
site.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
From: [EMAIL PROTECTED] (Mr. E. Yankoil)
Subject: Re: Cipher
Date: Sun, 20 Jun 1999 18:34:51 GMT
Anonymous <[EMAIL PROTECTED]> wrote:
>This is the first cipher that i ever made, the the question for you is can
>you decode the encrypted message, i will even give you the passkey
>i know this is trival at best, but i need to know how you cracked it so i
>can learn... please
You're going about this backwards. Don't give us the encrypted message and
key and then challenge us to figure out the algorithm. Instead, give us the
algorithm and challenge us to find a way to recover the plaintext without
the key. That's how encryption schemes are tested.
--
"Mr. E. Yankoil" better known as [EMAIL PROTECTED]
01 2 3456789 <- Use this key to decode my email address.
Fun & Free - http://www.5X5poker.com/
------------------------------
From: "John E. Kuslich" <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: Caotic function
Date: Sun, 20 Jun 1999 11:00:18 -0700
Just to clear up any confusion:
Fractals, chaos, complex numbers and many other mathematical concepts all
intimately related and the cryptographic possibilities unknown but
fascinating none the less.
There are some really cool possibilities with respect to hardware random
number generators and chaos. This is an area which needs work but will, I
believe, ultimately lead to very simple, reliable and mathematically
robust hardware random number generators. In fact, some of these kinds of
designs may already exist that have passed the most rigorous tests known
to man ;--)
Anyone who has ever designed a switching power supply will understand what
I am talking about. This phenomenon occurring in switching power supplies
and other sampled data control loops leads to bizarre instabilities that
are not characterized by any of the classical linear or piece wise linear
analysis techniques including the much touted state space analysis ala
Middlebrook. I believe chaos is the underlying instrumentality.
My criticism was intended for the individual who originally made the point
that complex numbers and chaos and fractals (and even cryptography) are
not related...
This point is clearly bogus and reveals a cosmic ignorance...
Hope that clears up MY views.
JK
--
CRAK Software (Password Recovery Software)
Http://www.crak.com
[EMAIL PROTECTED]
602 863 9274 or 1 800 505 2725 In the USA
Douglas A. Gwyn wrote:
> "John E. Kuslich" wrote:
> > The comment about complex numbers and fractals is so off the mark...
>
> If you were referring to
> > Douglas A. Gwyn wrote:
> > > By the way, the first two responses I've seen to your query,
> > > by tomstdenis and Jim_101, were both wrong -- chaos has nothing
> > > to do with cellular automata, nor with complex numbers.
> , you clearly don't understand the subject, or you wouldn't substitute
> "fractals" for "chaos", and you would know that what I said was right.
------------------------------
From: "John E. Kuslich" <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: crack the winzip files with password
Date: Sun, 20 Jun 1999 11:33:12 -0700
Another approach, which has been successful for us at CRAK Software is to
increase the available computer power.
If you follow computer commodity prices at all and are not afraid to deal with
some relatively simple hardware and software configuration issues, you will
find that a REALLY FAST supercomputer can now be built for just a few dollars.
It turns out that the Intel Celeron processor, the 300A, can be overclocked to
over 450 MHz and run on a cheap 100 Mhz motherboard loaded with cheap memory.
These motherboards can run the open source (free) Linux operating system and
be clustered to an extremely large number of CPU's using $10 ethernet cards
and the built in Linux networking capability.
Overclocking the Celeron gives incredible computational power because the
Celeron internal L2 cache runs at the clock speed (not 1/2 the clock speed as
on the Pentium). You can achieve over 470 Vax/MIPs on the dhrystone scale this
way (for each processor). Put 16 of these babies in a cluster and you have
7520 Vax/MIPS at your disposal.
The smaller cache size of the Celeron is not a problem for many cryptographic
applications because many of these applications run very tight, optimized code
that rarely causes cache flushing or branch mispredictions. A brute force
search is not a memory intensive operation. What you need here is raw integer
speed. An overclocked Celeron has raw integer speed!!! All the Harvard
architecture and dual pipeline stuff is there so if you can write assembler
code, you can pair instructions and make SCREAMING fast code. You can buy this
processor for about $50 these days with a fan and heat sink (useful when you
crank up the clock).
So, if you have a zip file you REALLY have to recover, throw away that old
CRAY boat anchor...you can own a cheap super computer!!
By the way, if there is someone out there who has written some really fast,
Pentium optimized DES code, I would like to try it out my Celeron cluster.
Please contact me at [EMAIL PROTECTED]
For details visit http://www.crak.com
JK
Sundial Services wrote:
> JPeschel wrote:
> >
> > ><[EMAIL PROTECTED]> writes:
> >
> > >How to crack the winzip files w/ password faster? Or where can find the
> > >information of zip 2.0 encryption format?
> >
> > Mount a known-plaintext attack. For info
> > on the format see the Kocher/Biham paper,
> > also Conrad's source code for the implementation.
>
> If you know any complete member of the ZIP file you can generally
> extract the password in about ten minutes' time.
>
> At one time I pursued Conrad's work further to explore a "probable
> plaintext" approach because much of the frequency-characteristics of a
> ZIP-encoded file are predictable regardless of what the plaintext is.
> (The file is logically composed of bits, not bytes, and portions of the
> file are predictably very dense '1's.) This experiment actually did
> produce a "crack," but required about 14 hours' computation, and I have
> not pursued it since. Interesting, though, since I supplied the
> algorithm with no actual plaintext at all...
--
CRAK Software (Password Recovery Software)
Http://www.crak.com
[EMAIL PROTECTED]
602 863 9274 or 1 800 505 2725 In the USA
------------------------------
From: [EMAIL PROTECTED] (Gergo Barany)
Subject: Re: OTP is it really ugly to use or not?
Date: 20 Jun 1999 18:48:08 GMT
In article <7kj0b2$dho$[EMAIL PROTECTED]>, RandAlthor wrote:
<SNIP>
>------=_NextPart_000_0053_01BEBB83.228983E0
>Content-Type: text/html;
> charset="iso-8859-1"
>Content-Transfer-Encoding: quoted-printable
>
><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<SNIP>
Please don't post HTML to non-binary groups.
Gergo
--
Paul's Law:
You can't fall off the floor.
GU d- s:+ a--- C++>$ UL+++ P>++ L+++ E>++ W+ N++ o? K- w--- !O !M !V
PS+ PE+ Y+ PGP+ t* 5+ X- R>+ tv++ b+>+++ DI+ D+ G>++ e* h! !r !y+
------------------------------
From: David A Molnar <[EMAIL PROTECTED]>
Subject: Re: Sexual Contact Privacy
Date: 20 Jun 1999 19:07:17 GMT
Doug Goncz <[EMAIL PROTECTED]> wrote:
> It is for the good of the public that the government or a health agency might
> wish to keep records of sexual contacts between people. On the other hand, the
Please be careful with rhetoric like that. You might set some people
off.
> Certainly if we lined everybody up and tatooed them with numbers, took blood
> samples, etc.... that might do something, but isn't there any simple available
> cryptological technology, like PGP, that people can either use nor not use
> without any massive registration efforts?
> Any ideas?
Well, first you need to discuss what exactly you want to track.
Given the number of sex practices which exist, and the various
possibilities each have for spreading disease and/or procreation,
this isn't trivial. If we're doing this for bragging rights, then
maybe we need to know which are more prestigious than others.
The real problem, though, is "what happens right after the act?"
Who reports ? What if they lie ? What if the partners contradict
each other ? If there's a group, you may be able to use Byzantine
agreement protocols or something to establish the truth IF a minor
ity is lying, but what do you do when it's one against the other ?
The problem changes, too, depending on what you're using this for.
If you're worried about disease prevention, then it seems to me
that you'd have correct reports but an incentive not to report
an encounter. On the other hand, if you're using this for
reputation, then _naturally_ everyone will report every encouter,
but they will probably lie more often than not.
Short of tamper-resistant hardware, it seems like you would need
some kind of economic/social incentive to get both parties to report.
Then you could use cryptographic techniques to make sure their
reports aren't compromised and aren't traceable to the original
people.
You may also need to figure out how useful the system is if
one partner uses it and the other doesn't.
so no, no simple technique to solve this problem. Sorry.
-David
------------------------------
From: "John E. Kuslich" <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: RC4 Susectability
Date: Sun, 20 Jun 1999 11:47:22 -0700
RC4, I agree, seems to be secure. The 40 bit RC4, is a joke.
40 bits is well within the reach of todays processors for reliable brute
force seaching.
JK
fungus wrote:
> [EMAIL PROTECTED] wrote:
> >
> > In article <[EMAIL PROTECTED]>,
> > [EMAIL PROTECTED] wrote:
> > > Last month I came across an implementation for RC4
> > > on the web. After which I started monitoring this NG
> > > and believe I understand how RC4 works. What I
> > > don't know, is how secure it is. Can someone
> > > comment on how relatively secure RC4 would be
> > > against common cyptoanalysis?
> >
> > Apparently RC4 is still secure.
>
> I certainly hope so - just about every secure web transaction uses it....
>
> > It is used most commonly in SSL in north america.
>
> And in the rest of the world.
>
> > I would imagine the only weakness in RC4 is the
> > possibility of short cycles but I dunno.
> >
> > I have never seen any cryptanalysis of RC4 so if you find something
> > please pass it along.
> >
>
> It's believed to be secure apart from some slightly weak keys.
>
> See: http://www.ciphersaber.gurus.com/
>
> --
> <\___/>
> / O O \
> \_____/ FTB.
--
CRAK Software (Password Recovery Software)
Http://www.crak.com
[EMAIL PROTECTED]
602 863 9274 or 1 800 505 2725 In the USA
------------------------------
From: [EMAIL PROTECTED] (Bill Unruh)
Subject: Re: Simple Prime Number Question
Date: 20 Jun 1999 21:03:46 GMT
In <[EMAIL PROTECTED]> [EMAIL PROTECTED] (John
Savard) writes:
>Actually, 1000 does equal 1 modulo 3. After all, 999 is a multiple of
.He was reading n(mod m) as divide n by m and take the remainder.
Thus 1 mod 3 is just 1. The equation says 1000 = 1 mod 3 = 1, which is
of course wrong. If you use this notation, then the equation should read
1000 mod 3 = 1
However, one can also read the "mod 3" as modifying the definitionof
equals.
------------------------------
From: [EMAIL PROTECTED] (D. J. Bernstein)
Crossposted-To: talk.politics.crypto
Subject: --- sci.crypt charter: read before you post (weekly notice)
Date: 20 Jun 1999 05:00:39 GMT
sci.crypt Different methods of data en/decryption.
sci.crypt.research Cryptography, cryptanalysis, and related issues.
talk.politics.crypto The relation between cryptography and government.
The Cryptography FAQ is posted to sci.crypt and talk.politics.crypto
every three weeks. You should read it before posting to either group.
A common myth is that sci.crypt is USENET's catch-all crypto newsgroup.
It is not. It is reserved for discussion of the _science_ of cryptology,
including cryptography, cryptanalysis, and related topics such as
one-way hash functions.
Use talk.politics.crypto for the _politics_ of cryptography, including
Clipper, Digital Telephony, NSA, RSADSI, the distribution of RC4, and
export controls.
What if you want to post an article which is neither pure science nor
pure politics? Go for talk.politics.crypto. Political discussions are
naturally free-ranging, and can easily include scientific articles. But
sci.crypt is much more limited: it has no room for politics.
It's appropriate to post (or at least cross-post) Clipper discussions to
alt.privacy.clipper, which should become talk.politics.crypto.clipper at
some point.
There are now several PGP newsgroups. Try comp.security.pgp.resources if
you want to find PGP, c.s.pgp.tech if you want to set it up and use it,
and c.s.pgp.discuss for other PGP-related questions.
Questions about microfilm and smuggling and other non-cryptographic
``spy stuff'' don't belong in sci.crypt. Try alt.security.
Other relevant newsgroups: misc.legal.computing, comp.org.eff.talk,
comp.org.cpsr.talk, alt.politics.org.nsa, comp.patents, sci.math,
comp.compression, comp.security.misc.
Here's the sci.crypt.research charter: ``The discussion of cryptography,
cryptanalysis, and related issues, in a more civilised environment than
is currently provided by sci.crypt.'' If you want to submit something to
the moderators, try [EMAIL PROTECTED]
---Dan
------------------------------
From: David A Molnar <[EMAIL PROTECTED]>
Subject: Re: RSA example with small numbers
Date: 20 Jun 1999 21:29:00 GMT
STL137 <[EMAIL PROTECTED]> wrote:
> Pssst. TI-85s have 14-digit PRECISION, though they appear to work with numbers
> as large as 10^999. Thus they are Darn Near Worthless (TM) for stuff like RSA.
> Now, TI-92s (89s and 92+s as well) have 614-digit integer precision. Thus RSA
> is possible to use on them. In fact, you can hack your own RSA program entirely
> in TI-92 BASIC. However, getting permission from RSA Data Security, Inc. to
> distribute it is another story. Augh!
Sounds like it's time to look into this ZShell business - since
this rather puts a kink in the possibility of using a TI-85 as
an authentication token...
-David
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
