Cryptography-Digest Digest #820, Volume #9 Fri, 2 Jul 99 07:13:02 EDT
Contents:
Contest Update (SCOTT19U.ZIP_GUY)
Re: Can Anyone Help Me Crack A Simple Code? (Ed Yang)
Re: Secure link over Inet if ISP is compromized. ("Gene Sokolov")
Re: Quantum Computers (Bill Unruh)
Re: Quantum Computers (Ed Yang)
Re: RSA or DIFFIE-HELLMANN (Bill Unruh)
Re: Quantum Computers ("Douglas A. Gwyn")
Re: Quantum Computers ("Douglas A. Gwyn")
Re: How do you make RSA symmetrical? (Gilad Maayan)
Re: How do you make RSA symmetrical? (David A Molnar)
Re: How do you make RSA symmetrical? (Gilad Maayan)
Re: Performance of cryptographic algorithms (Dave Hazelwood)
DoD Security Standard ("tangui")
Second Call for Papers LATIN'2000 (Daniel Panario)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Contest Update
Date: Fri, 02 Jul 1999 06:06:04 GMT
The next hex character is know at web site for the
scott19u.zip contest. And yes this contest is designed
in a way all of the weak AES candidates usings FIPS
chaining where the file length does not change could
not run a similar contest because they are all weak
compared to mine. The contest is designed to show that
try the same thing with any of the other methods if you
dare. They lack the critical safety features that are found
in scott19u.zip. The main reason they lack such features
is so that the NSA can most likely read which ever one
is crowned the winner.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
From: Ed Yang <[EMAIL PROTECTED]>
Subject: Re: Can Anyone Help Me Crack A Simple Code?
Date: Thu, 01 Jul 1999 22:47:16 -1000
mercury wrote:
> My "Black Box" description is quite accurate. I have a pice ofhardware
> with a keypad. I can not find a way to interface it
> to a computer and test for all possible keys.
>
> The Black Box extrapolates a light code and a
> date code from the ten digit number. If it
> succeeds in doing this, it checks to see if
> the date code has not expired according to its
> internal clock.
>
> Although I don't know what the output looks like,
> I do know the black box understands it as a
> light/date code.
Now I understand what kind of device you have. I have one too,
but from a different company. I use it to remotely authenticate
myself so I can use the computers at work by way of my home
computer. But yours is different since you cannot see the output.
On my device I can see the results on the LCD screen and type
that result into my PC so the corporate computer can verify my
identity.
What kind of output does your device have?
Does it have a wire or infra-red communications channel
to a computer?
I cannot believe that it has no output. What use is it to
input numbers and get a green or red light?
If you get a green light output from a correct number, do
you then type the same number into your PC?
Please describe this interaction for me. If this is going to
remain a guessing game where you withold information, then
you should not expect useful answers from me. You seem to be afraid to
expose the manufacturers identity, so you hide critical details
in your posts to sci.crypt. With that style, it is unlikely
anyone here can crack your code. Even if you do start cooperating,
there are many possible protocols which could hide the identity of the
cryptographic algorithm.
------------------------------
From: "Gene Sokolov" <[EMAIL PROTECTED]>
Subject: Re: Secure link over Inet if ISP is compromized.
Date: Fri, 2 Jul 1999 10:37:25 +0400
Patrick Juola <[EMAIL PROTECTED]> wrote in message
news:7lgduf$p3p$[EMAIL PROTECTED]...
> In article <7lgcjq$g5r$[EMAIL PROTECTED]>, Else <[EMAIL PROTECTED]> wrote:
> >
> >Patrick Juola wrote in message <7lfspi$mij$[EMAIL PROTECTED]>...
> >>In article <7lfi2r$38f$[EMAIL PROTECTED]>,
> >>Gene Sokolov <[EMAIL PROTECTED]> wrote:
> >>> What do you think is the fraction of the Net users who exchange
keys
> >>>"out of band", i.e. not through their ISPs?
> >>
> >>My PGP public key is available through a half-dozen different sources,
> >>including one in print (Proc. NeMLaP-2); if the FBI decides to tamper
> >
> >What do you think is the fraction of people who do likewise?
>
> Anyone who signs up with the MIT key database, for one.
>
> Anyone who *has* ever exchanged a key with someone prior to
> the discussion at hand.
What do you think is the *fraction* of people who do likewise?
Let's make the question simpler simpler:
100 people use SSL. What do you think is the number of people out of 100 who
exchange keys before starting data exchange?
> Anyone who makes backups of their system(s).
How is that relevant?
------------------------------
From: [EMAIL PROTECTED] (Bill Unruh)
Subject: Re: Quantum Computers
Date: 1 Jul 1999 17:14:52 GMT
In <7lf4l4$5uo$[EMAIL PROTECTED]> Greg Ofiesh <[EMAIL PROTECTED]> writes:
>Let us begin with the following assertion that I think you will all
>agree with. If a quantum computer exists, then the only form of
>encryption that cannot be broken by it, or at least has half a chance
>to survive an attack, is OTP. All other forms of encryption are
>deterministic in nature and are not "cracked" but simply "translated"
>(to convey the ease with which cryptanalysis is performed) by a quantum
>computer.
>Now let me make my assertion - The US government, most likely the NSA,
>has operational quantum computers.
Of course you can make all the assertions you want. The question is
whether they have any basis in fact.
Your first assertion is wrong. There is no known quantum algorithm for
breaking any but the cryptosystems based on discrete logs and factoring.
Thus, noone to my knowledge has ever posted a quantum computer break of
say a symmetric cryptosystem.
Furthermore, quantum computers are not "general purpose" machines. All
suggestions so far are really special purpose quantum computers. (They
share a lot of similarities with analog computers)
Finally, NSA has very few phyisicists on staff that I know of. They
hired mathematicians, not physicists. Making a QC is still a physics
problem not a math problem.
------------------------------
From: Ed Yang <[EMAIL PROTECTED]>
Subject: Re: Quantum Computers
Date: Fri, 02 Jul 1999 00:06:25 -1000
Anti-SpamNameHere wrote:
>
> David A Molnar wrote:
> >
> > Douglas A. Gwyn <[EMAIL PROTECTED]> wrote:
> >
> > > I recommend Dirac's "Principles of Quantum Mechanics" (4th Ed.),
> > > which I found far better at getting to the heart of things than
> > > the official textbook back when I took QM.
> >
> > Thanks. I have a bit of time this summer and will see if
> > I can find it. Although I confess to disliking the
> > bra-ket notation, which I understand Dirac as having
> > invented. Vectors should be vertical.
> >
> > > One point that has been appreciated only relatively recently is
> > > that the Copenhagen notion of the collapse of the physical wave
> > > function is bunk -- it is more productive and less paradoxical
> > > to consider the "entanglement" of the state of the observer with
> > > the state of the observed. There are papers about this on the
> > > net, although I forget where. Fortunately, Dirac notation fits
> > > in very well with this new approach.
> >
> > You know, this would go a very long way towards explaining
> > why none of the papers I found mentioned "collapse." Also
> > explains part of why I couldn't get the two ideas to
> > reconcile. I'll look for the papers.
> >
> > Thanks,
> > -David Molnar
>
> I highly recommend "Explorations in Quantum Computing" by Colin P.
> Williams and Scott H. Clearwater. This is a most excellent introduction
> to QC. Contents include:
>
> Quantum Mechanics and Computers
> Simulating a Simple Quantum Computer
> The Effects of Imperfections
> Breaking Unbreakable Codes
> True Randomness
> Quantum Cryptography
> Quantum Teleportation ( - great for key distibution -)
> Quantum Error Correction
> How to Make a Quantum Computer
>
> Published in 1997 by Telos (part of Springer Verlag) it includes a
> CD-ROM with Mathematica models of different QCs.
>
> [EMAIL PROTECTED]
I looked at this book for 10 minutes without buying it.
My impression of the book is that it reveals that Quantum
Computing (QC) is in very early stages. The book does not tell you
how to make anything that is useful with current hardware.
The chapters discuss plans and conjectures about possible
future developments. This is an embrionic technology which may
fail to become practical. Error correction discussions in the book
reveal how flawed the plans are, how impractical the techniques
are in 1999. The book is a disapointment for those who wish
for QC to be a success today. It has state-of-the-art discussions
of QC, and the state is shaky and undeveloped.
--
Oxygen : Love It Or Leave It !
------------------------------
From: [EMAIL PROTECTED] (Bill Unruh)
Subject: Re: RSA or DIFFIE-HELLMANN
Date: 1 Jul 1999 17:08:57 GMT
In <[EMAIL PROTECTED]> [EMAIL PROTECTED] writes:
>(are the three lines:
> d=modinv(e,L)
> M=modpow(E,d,n)
> E=modpow(M,e,n)
> really a violation of ITAR? all it is is a description of the algorithm
^^^^ EAR.
> ... but UBasic can use it -- of course, UBasic is slower than a compiled
> language)
The question is whether they are used as a cryptosystem or not. As is
they are just statements. If you add the do loop, to loop through the
message, and break it into appropriate sized chunks, and put in input
and output statements, then yes, it probably is.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Quantum Computers
Date: Fri, 02 Jul 1999 07:36:09 GMT
Bill Unruh wrote:
> Finally, NSA has very few phyisicists on staff that I know of.
> They hired mathematicians, not physicists.
Actually they do have some, and of course they run (via National
Semiconductor) a nice custom semiconductor fabrication facility,
which undoubtedly has materials scientists associated with it.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Quantum Computers
Date: Fri, 02 Jul 1999 07:32:18 GMT
Ed Yang wrote:
> ... This is an embrionic technology which may fail to become
> practical.
Embryonic, well maybe a bit past that, but certainly still in
the R&D phase, not production.
------------------------------
From: [EMAIL PROTECTED] (Gilad Maayan)
Subject: Re: How do you make RSA symmetrical?
Date: Fri, 02 Jul 1999 07:35:40 GMT
On Fri, 02 Jul 1999 00:58:26 GMT, [EMAIL PROTECTED] wrote:
>Using small inputs does not guarantee fast multiplications (if you are
>using a fast out method)...
I can follow your reasoning, but still, 67183^N somehow seems a lot
easier to do than, say,
37984652164549876543212454987546212165498794654621324689876543213246549879875454687687546514321234687684546^N
(Assume 192 digits, please. I don't really have the time to count.)
>I would not suggest RSA or any 'big' number algorithm if you are
>seriously hampered for time or hardware space. Typically I would
>imagine RSA (1024 bit) taking about 20 to 40 seconds for one op
>(assuming a crystal of about 8Mhz).
You're right, but unfortunately I have to use a PKC. The app simply
won't work with a secret key system. But still, since I'm planning to
use a 96-bit modulus, my processor should be able to cut it.
And please, people, no need to lecture me about how unsafe a small
modulus is, etc. etc. For my very specific application, it works just
fine.
------------------------------
From: David A Molnar <[EMAIL PROTECTED]>
Subject: Re: How do you make RSA symmetrical?
Date: 2 Jul 1999 08:25:48 GMT
Gilad Maayan <[EMAIL PROTECTED]> wrote:
> You're right, but unfortunately I have to use a PKC. The app simply
> won't work with a secret key system. But still, since I'm planning to
> use a 96-bit modulus, my processor should be able to cut it.
> And please, people, no need to lecture me about how unsafe a small
> modulus is, etc. etc. For my very specific application, it works just
> fine.
Out of curiosity, are you trying to use the public key as
some kind of identification mechanism which can't be tampered
with by the user ?
Can you tell us about your application? It's unlikely, but
there may be a protocol from off in the wilderness which
is more effective than what this thread has been
hashing out.
-David Molnar
------------------------------
From: [EMAIL PROTECTED] (Gilad Maayan)
Subject: Re: How do you make RSA symmetrical?
Date: Fri, 02 Jul 1999 07:27:30 GMT
None of you seem to realise that I was actually asking in my original
post, was how to make plaintext length equal cyphertext length. Seems
logical to call that 'symmetry'. I wasn't talking about symmetrical,
or private, key systems. But feel free to carry on.
Gilad Maayan
------------------------------
From: [EMAIL PROTECTED] (Dave Hazelwood)
Subject: Re: Performance of cryptographic algorithms
Date: Fri, 02 Jul 1999 09:33:38 GMT
Check out this site.
http://www.eskimo.com/~weidai/benchmarks.html
[EMAIL PROTECTED] (Peter Krueger) wrote:
>Hi,
>
>I'm looking for a survey of the performance of cryptographic
>algorithms, symmetric, asymmetric and one-way hashs.
>Fine would be an analysation of efficient algorithms in
>the O-Notation.
>
>I couldn't find something in the Internet, that's why I'm asking.
>
>
>Bye
>
> Peter
>
------------------------------
From: "tangui" <[EMAIL PROTECTED]>
Subject: DoD Security Standard
Date: Fri, 2 Jul 1999 03:34:18 -0700
Hi, I am looking for a list of all the programs that have been officialy
evaluated by the DoD standard for comnputer security (you know the A1, B1,
C1, C2... etc. etc.) I think someone in this newsgroup had a link to this
really good site that had a hyper linked list and it showed all the programs
and everything... I've been trying to find it all day... all I come across
is the standard and no list... can someone please help... thanx
Stou
------------------------------
Crossposted-To: sci.math,comp.theory
From: [EMAIL PROTECTED] (Daniel Panario)
Subject: Second Call for Papers LATIN'2000
Date: 2 Jul 99 10:51:51 GMT
We will thank you very much if you could advertise the conference
LATIN'2000 in your University or Research Center. In our web page
http://www.fing.edu.uy/~latin you can download both, the file
"deadlines.txt" with all the important deadlines for the
conference, and a PostScript version of this call for papers.
The proceedings of LATIN'2000 will be published by Springer-Verlag
in the Lecture Notes in Computer Science Series. Authors are asked to
prepare their papers using Springer's style (see the information below).
Gaston Gonnet
Chair of LATIN'2000
Daniel Panario and Alfredo Viola,
Organizers of LATIN'2000
========================= cut here ==================================
2nd Call for Papers
Latin American Theoretical INformatics - LATIN'2000
http://www.fing.edu.uy/~latin
April 10--14, 2000 Punta del Este, Uruguay
A series of Symposia in Theoretical Computer Science was launched in 1992,
to be held in Latin America: LATIN (Latin American Theoretical INformatics).
This is the fourth event of the series, after Sao Paulo, Brazil (1992),
Valparaiso, Chile (1995), and Campinas, Brazil (1998).
The proceedings were published by Springer-Verlag, in the Lecture Notes
in Computer Science Series (volumes 583, 911 and 1380, respectively).
The proceedings of LATIN'2000 will be published in a similar way.
Typical, but not exclusive, topics of interest for LATIN'2000 include:
algorithms; analysis of algorithms; automata theory; coding theory;
combinatorics (designs, enumeration, optimization, structures);
computability and complexity; computational biology; computational geometry;
computational number theory; computer algebra and symbolic computation;
cryptography; data compression; data structures; discrete mathematics;
experimental algorithmics; formal languages; graph theory;
logic in computing; mathematical programming; on-line problems;
pattern matching; parallel and distributed algorithms; programming theory;
quantum computation; and random structures and algorithms.
Authors are cordially invited to submit an extended abstract in English
of at most ten pages, not counting the references. Authors are asked to
prepare their papers using the standard LaTeX2e, together with the
corresponding Springer class file "llncs.cls", and to submit a PostScript
version of them. For more information, please visit the LNCS Information
for Authors Web page at {\tt http://www.springer.de/comp/lncs/authors.html}.
The electronic address for submissions is [EMAIL PROTECTED], and we
strongly recommend electronic submissions.
The papers must be received by August 31, 1999 and this is a firm
deadline. In case courier mail is used, authors must submit five hard
copies of each paper, postmarked by August 20, 1999 to:
Prof. Gaston Gonnet
Institut fur Wissenschaftliches Rechnen
ETH Zentrum IFW D 28.1
8092 Zurich, Switzerland
Authors will be notified of acceptance or rejection by November 1,
1999. A final copy of each accepted paper is required by December 1,
1999. This is again a firm deadline.
Punta del Este is one of South America's top coastal resorts,
located one hour east of Montevideo. We expect an exciting
meeting, with the main accommodation and conference site in a
hotel facing the Atlantic Ocean. This will provide the opportunity
for close interaction among participants in a very attractive setting.
More information about the submission process and about
Punta del Este can be found in the conference's web page
(http://www.fing.edu.uy/~latin).
Invited Speakers
Allan Borodin (Canada)
Philippe Flajolet (France)
Joachim von zur Gathen (Germany)
Yoshiharu Kohayakawa (Brazil)
Andrew Odlyzko (USA)
Prabhakar Raghavan (USA)
Program Committee
Ricardo Baeza-Yates (Chile) Daniel Panario (Canada)
Bela Bollobas (USA) Dominique Perrin (France)
Felipe Cucker (Hong Kong) Patricio Poblete (Chile)
Josep Diaz (Spain) Bruce Reed (France)
Esteban Feuerstein (Argentina) Bruce Richmond (Canada)
Celina M. de Figueiredo (Brazil) Vojtech Rodl (USA)
Gaston Gonnet (Switzerland, Chair) Imre Simon (Brazil)
Jozef Gruska (Czech Republic) Neil Sloane (USA)
Joos Heintz (Argentina/Spain) Endre Szemeredi (USA)
Gerard Huet (France) Jorge Stolfi (Brazil)
Marcos Kiwi (Chile) Alfredo Viola (Uruguay)
Ming Li (Canada) Yoshiko Wakabayashi (Brazil)
Claudio Lucchesi (Brazil) Siang Wun Song (Brazil)
Ron Mullin (Canada) Nivio Ziviani (Brazil)
Ian Munro (Canada)
The organizing committee is co-chaired by Alfredo Viola and
Daniel Panario. To receive further announcements please send your
name, affiliation and e-mail to [EMAIL PROTECTED], or contact
http://www.fing.edu.uy/~latin.
PLEASE ADVERTISE *** PLEASE ADVERTISE *** PLEASE ADVERTISE
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
