Cryptography-Digest Digest #862, Volume #9 Sat, 10 Jul 99 13:13:03 EDT
Contents:
Re: futurama (NFN NMI L.)
Re: Why this simmetric algorithm is not good? (Jerry Coffin)
Re: randomness of powerball, was something about one time pads ("Douglas A. Gwyn")
Re: Electronically Exporting crypto source (legally) (Dave Hazelwood)
RSA ("ASB")
CIA' KRYPTOS is cracked N6 ("collomb")
Re: encrypt using ASCII 33 to 126 only? (Rat Heart /ASM)
Re: Uncrackable? ([EMAIL PROTECTED])
Re: How strong would this algorithm be ? ([EMAIL PROTECTED])
Re: Stream Cipher != PRNG ([EMAIL PROTECTED])
Re: The Iraqi Block Cipher (Boris Kazak)
Re: Can Anyone Help Me Crack A Simple Code? (Glenn Davis)
Re: RSA (Glenn Davis)
Re: RSA ("ASB")
Re: The Constrained One-Time Pad and the Cryptanalyst's Lucky Day ([EMAIL PROTECTED])
Re: How strong would this algorithm be ? ("Daniel Urquhart")
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (NFN NMI L.)
Subject: Re: futurama
Date: 10 Jul 1999 07:20:29 GMT
Go to http://www.futuramaoutlet.com. There (one link away from the main page)
you will find a nice, lengthy summarization of how the alien alphabet has been
completely cracked, save for 3 letters that have not been observed yet. All
observed messages are also there, along with the decryptions. For the specific
message you are describing (it appears in the opening sequence on every show as
well, as a yellow sign), the actual words may be found after my .sig.
Moo-Cow-ID: 31 Moo-Cow-Message: title
-*---*-------
S.T.L. (NFN NMI L. also) -===> [EMAIL PROTECTED] <===- 2^6972593 - 1 IS PRIME!
Quotations: http://quote.cjb.net Main site: http://137.tsx.org F00FC7C8 MOO!
"Xihribz! Peymwsiz xihribz! Qssetv cse bqy qiftrz!" e^(i*Pi)+1=0 Mail block
is gone, but will return if I'm bombed again. It was an easy fix. Address is
correct as-is. Giving the correct address is COURTEOUS; junk gets in anyway.
Join the Great Internet Mersenne Prime Search at http://entropia.com/ips/ My
.sig is even shorter, and contains 3046 bits of entropy including next line:
-*---*-------
Card-holding member of the Dark Legion of Cantorians, People for the Ethical
Treatment of Digital Tierran Organisms, the Holy Order of the Catenary, the
Great SRian Conspiracy, the Triple-Sigma Club, the Polycarbonate Syndicate,
the Union of Quantum Mechanics, the Roll-Your-Own Crypto Alliance, and the
Organization for the Advocation of Two-Letter Acronyms (OATLA)
Avid watcher of "World's Most Terrifying Causality Violations", "When Kaons
Decay: World's Most Amazing CP Symmetry Breaking Caught On [Magnetic] Tape",
"World's Scariest Warp Accidents", "When Renormalization Fails", "World's
Most Energetic Cosmic Rays", and "When Tidal Forces Attack: Caught on Tape"
Patiently awaiting the launch of Gravity Probe B and the discovery of M39
Physics Commandment #15: Tidal Forces Fall Off As 1/r^3.
Some space...
10
9
8
7
6
5
4
3.1415926535897932384626433...
2
1
"Tasty Human Burgers"
Have fun!
------------------------------
From: [EMAIL PROTECTED] (Jerry Coffin)
Subject: Re: Why this simmetric algorithm is not good?
Date: Sat, 10 Jul 1999 02:57:34 -0600
In article <7m62td$ors$[EMAIL PROTECTED]>, [EMAIL PROTECTED]
says...
> <snip>
>
> About the code I realize that I was wrong. I would ask that people not
> talk about Micro-C as I do not speak on behalf of the owner. Sorry for
> the mixup. If anyone is wondering it is a good compiler.
Actually, it's an excellent compiler for what it is -- if I was doing
embedded systems work, it'd be one of my first choices. If you were
writing your RC4 code with the idea of putting it on a smartcard or
somesuch, compiling it with Micro-C would make a great deal of sense.
OTOH, I suspect most people here write code primarily for either UNIX
or Win32, and Micro-C doesn't do either one.
The closest it comes is DOS -- if you wanted to produce a really TINY
version of RC4 for DOS, it'd be an excellent choice as well. It can
routinely produce complete programs of a few hundred bytes (compared
to a couple of kilobytes for a null program from many mainstream DOS
compilers). In all honesty, shooting for tiny size probably makes as
much sense as anything -- with the CPU of an average desktop machine
the code would almost certainly be I/O bound regardless.
> Anyways this is OT, just to let you know (no bad thoughts about micro-c
> ok?)
It's less a question of good or bad thoughts that of your target -- if
8-bit microcontrollers were your target, it might be worthwhile to
code around any limitations it really has. At the same time, Dave put
a lot of work into the compiler and optimizer -- you might as well put
that work to good use, and write your code as clearly as possible
since (as you've already found) the compiler will produce excellent
output from the readable version of the code.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: randomness of powerball, was something about one time pads
Date: Sat, 10 Jul 1999 10:26:34 GMT
Dennis Ritchie wrote:
> 2. A study was made of distribution of numbers picked by the
> punters, and at least theoretically, a positive expectation
> could be hoped for given the parimutual nature of the event.
> One picked the seldom-chosen numbers; expectation was
> still positive even though the state rake-off is generally
> larger than the bite by private legal (or even illegal)
> games.
New Jersey lottery, "Pick Six" I think, was used as an example
in Becker & Chamber's 1984 book on S (a portion was borrowed by
Cleveland for The Elements of Graphing Data). Certain leading
digits, especially those starting with 0, were seldom picked,
and initially there were a few numbers for which the expected
payoff was positive. But not after enough people noticed this
and started picking 0... more frequently.
State lotteries have an expected payoff around 50%, which
means there has to be a really big bias before one could
realistically hope to make money paying the lottery legally.
------------------------------
From: [EMAIL PROTECTED] (Dave Hazelwood)
Subject: Re: Electronically Exporting crypto source (legally)
Date: Sat, 10 Jul 1999 11:30:42 GMT
What ever happened to Superman?
Truth, Justice and the American way?
Now...even our President is a criminal who gets away
with it? Makes me want to puke he does.
They blur the lines between right and wrong so much
that soon nobody will know the difference.
Then, where are we?
Do we all have to relinquish our our moral and
legal standards to get what we deserve in modern
America? I hope not.
EAR is ridiculous regulation and Clinton is a
ridiculous President. I hope we are rid of BOTH
of them soon.
I think perhaps there may be a way to use the
copyright laws to trigger a catch-22 in the courts
to perhaps challenge the source code exportation
thing.
Once I have thought it out I'll post my comments
here but if printed words on paper are somehow
different than the same words on a disk or a screen
then somehow I think we have a problem where we
can't have it both ways. Either it is speech and is
protected or it is not and can't be copyrighted
either. Humm.....
------------------------------
From: "ASB" <[EMAIL PROTECTED]>
Subject: RSA
Date: Sat, 10 Jul 1999 12:38:02 +0100
Anyone knows here can i find the algorith for RSA, in any languages.
I need to do a work
------------------------------
From: "collomb" <[EMAIL PROTECTED]>
Subject: CIA' KRYPTOS is cracked N6
Date: 10 Jul 1999 12:31:42 GMT
Hello
Message Number 6
Glimpses into the decyphering of Kryptos
CRACK OF CIA ' KRYPTOS
- 5 july 1999�: word < GOD > is disposed diagonally
- 6 july�: The decyphering makes appear the image of the Cross
- 7 july�: The decyphering makes appear the image of a long snake
- 8 july�: The Cross is in the form of < T >
- 9 july�: The bottom of the Cross in form of T crushes the snake's body
CRACK OF CIA ' KRYPTOS
Message Number 6 (2 pages)
- 5 july 1999�: GOD disposed diagonally
- 6 july�: The decyphering makes appear the image of the Cross
- 7 july�: The decyphering makes appear the image of a long snake
- 8 july�: The Cross is in the form of < T >
- 9 july�: The bottom of the Cross in form of T crushes the snake's body
- 10 july 1999
The final solution is inscribed in a square of 10 boxes X 10 boxes,
consequently a surface of 100 boxes.
If one character is assigned to one boxe, the square will contain the 97
last characters plus 3 characters to discover. It is known since my first
message of 5 july that in that entirety, the word < GOD > is disposed
diagonnally. The determination of the place of the 100 characters in that
square takes place as in a puzzle game. They are took by block or by unit,
deducted from a precedent group coming from the 4 sections terminated with
question mark�?.
Once the player has succeed to build the puzzle, he can see the borders
of different blocks which make up the image of a Cross and of other
solution's elements.
The message is eschatological
This large Cross in form of T is made up of 26 boxes as shown hereafter.
See also at�: http://calvaweb.calvacom.fr/collomb/
* * * * * * * < < < <
* < < < < < * < < < <
* * * < * * * < < < <
< < * < * < < < < < <
< < * < * < < < < < <
< < * < * < < < < < <
< < * < * < < < < < <
< < * < * < < < < < <
< < * < * < < < < < <
< < * * * < < < < < <
< < < < < < < < < < <
Best regards
Collomb-Chabrery
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Rat Heart /ASM)
Subject: Re: encrypt using ASCII 33 to 126 only?
Date: Sat, 10 Jul 1999 12:25:04 GMT
Reply-To: [EMAIL PROTECTED]
>You should note that output will be twice the size. So a 30 char message
>will mean the user will have to enter 60 chars.
Seeing tho it's Hex references being printed, you could create a
compression algorithm to fit..
Take what's equilivent to a byte (2 chars) and replace it with a
character not used by HEX..
eg. 00 = G, DE = I etc.
Rat
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Uncrackable?
Date: Sat, 10 Jul 1999 13:02:22 GMT
In article <sCzh3.89$[EMAIL PROTECTED]>,
"Daniel Urquhart" <[EMAIL PROTECTED]> wrote:
>
> > If it's a stream cipher try analyzing the following
> >
> > 1) Period (length of output 'string')
> > 2) Distribution of symbols (counts and avg. distance)
> > 3) is it intractable?
>
> If the index in a cipher table took into account the previous byte
(after
> encoding) and was of variable and long lenght (1Kb Key = 64Meg table)
> wouln't this become nearly impossible ?
No deterministic process is impossible to solve, just very difficult.
Using huge tables does not really make strong ciphers. That's
important to note.
Tom
--
PGP key is at:
'http://mypage.goplay.com/tomstdenis/key.pgp'.
Free PRNG C++ lib:
'http://mypage.goplay.com/tomstdenis/prng.html'.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: How strong would this algorithm be ?
Date: Sat, 10 Jul 1999 13:05:00 GMT
In article <T_yh3.84$[EMAIL PROTECTED]>,
"Daniel Urquhart" <[EMAIL PROTECTED]> wrote:
>
> Shoud I just post my C source, (this might be very strong
encryption ?)
Post pseudo-code that explains the algorithm then you are in business.
> I live in Canada
So do I. Ahaha Canadians do know how to use the net, their is proof!
(just joking)
Tom
--
PGP key is at:
'http://mypage.goplay.com/tomstdenis/key.pgp'.
Free PRNG C++ lib:
'http://mypage.goplay.com/tomstdenis/prng.html'.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Stream Cipher != PRNG
Date: Sat, 10 Jul 1999 13:08:28 GMT
In article <[EMAIL PROTECTED]>,
Nicol So <[EMAIL PROTECTED]> wrote:
> Mok-Kong Shen wrote:
> >
> > In my humble opinion it is best to combine stream and block
encryption
> > techniques, thus obtaining advantages from both. I attempted that
> > in the design of my WEAK3-EX.
>
> From a security viewpoint, combining a sequence generator with a block
> cipher is not a bad idea (but it's not a new idea either). However,
by
> involving a block cipher, you could be losing some very significant
> advantages of stream ciphers: high speed and implementability with
very
> few parts.
>
> Of course, this is relevant only if you know how to design a secure
> stream cipher with very few parts.
Well in software additive generators can make a 32-bit word in about 5
clock cycles, so for a 128-bit block which encrypts at 300 cycles you
now have 320 cycles (plus a few to xor the prng output...). Nothing
big.
People use whitening keys to 'randomize' the input and output.
Wouldn't using a PRNG to whiten the input be a super idea though? It
would seriously hinder attacks and their effectiveness.
Tom
--
PGP key is at:
'http://mypage.goplay.com/tomstdenis/key.pgp'.
Free PRNG C++ lib:
'http://mypage.goplay.com/tomstdenis/prng.html'.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: Boris Kazak <[EMAIL PROTECTED]>
Subject: Re: The Iraqi Block Cipher
Date: Sat, 10 Jul 1999 08:53:28 -0400
Reply-To: [EMAIL PROTECTED]
David A Molnar wrote:
>
> Boris Kazak <[EMAIL PROTECTED]> wrote:
> > .......... it really does not seem to be serious. Will anybody
> > care to explain what sense does it make to apply %256 to
> > "unsigned char"?
>
> Iraqi compilers use unicode?
>
> -David
Quite possible, then Western compilers will produce incorrect
executables, attempts to break the cipher will be proclaimed
not worth effort and the cipher itself "not serious".
Any knowledge about the compilers with 16-bit "char" type?
Best wishes BNK
------------------------------
From: Glenn Davis <[EMAIL PROTECTED]>
Subject: Re: Can Anyone Help Me Crack A Simple Code?
Date: Sat, 10 Jul 1999 08:44:04 -1000
mercury wrote:
>
> I hope this will clear up the question I am asking. I have a "black
> box" which accepts ten digit codes.
You have given insufficient data.
> Does anyone have any experience with writing code for processors?
Yes, most people in sci.crypt do.
> is there some meathod that
> can make sense out of all the various color/date codes I can get?
Yes, $200,000 would cover the costs of that method. Also the method
of telling us the manufacturers name and product number. You want
free advice, and you will get what you pay for. This is it. This is
the answer. This is the work that we will do free. You have not been
candid with us, change your tune, or become obsolete.
>
> -mercury
If you get a reasonable budget for this Crack, there are several
professionals who need more work here.
God bless you.
------------------------------
From: Glenn Davis <[EMAIL PROTECTED]>
Subject: Re: RSA
Date: Sat, 10 Jul 1999 08:58:34 -1000
ASB wrote:
>
> Anyone knows here can i find the algorith for RSA, in any languages.
> I need to do a work
You can purchase a license for $120,000 at
http://www.rsa.com
Or you can use a search engine like Alta Vista to search for RSA
public key cryptosystems. There are some free programs available
that do the RSA thing, but please honor the patent holder by
paying it before commercializing RSA.
------------------------------
From: "ASB" <[EMAIL PROTECTED]>
Subject: Re: RSA
Date: Sat, 10 Jul 1999 17:29:30 +0100
thanks!
Glenn Davis wrote in message <[EMAIL PROTECTED]>...
>ASB wrote:
>>
>> Anyone knows here can i find the algorith for RSA, in any languages.
>> I need to do a work
>
>You can purchase a license for $120,000 at
>
>http://www.rsa.com
>
>Or you can use a search engine like Alta Vista to search for RSA
>public key cryptosystems. There are some free programs available
>that do the RSA thing, but please honor the patent holder by
>paying it before commercializing RSA.
------------------------------
Date: Wed, 07 Jul 1999 21:00:08 -0400
From: [EMAIL PROTECTED]
Subject: Re: The Constrained One-Time Pad and the Cryptanalyst's Lucky Day
Tony T. Warnock wrote:
>
> Toby Kelsey wrote:
>
> > In article <7lst5f$cts$[EMAIL PROTECTED]>, [EMAIL PROTECTED] writes
> > >In theory the OTP is truly the only secure method.
> >
> > Really?
> >
> > I intercept your OTP encoded message, for which I know the plaintext to
> > be either "Yes" or "No". The ciphertext is 2 characters long......
> >
> > So much for "theoretically unbreakable".
> >
> > The OTP allows any same-length decrypted message to be equally likely,
> > but requires a key the same length as the message. You can devise
> > methods which have shorter keys and still allow many possible decrypted
> > messages. The OTP is only "simpler" and "more secure" because the
> > algorithmic complexity is hidden in the RNG and its testing. There is
> > less latitude for error in the encryption implementation, but more
> > reliance is placed on the quality of the RNG and the secure channel.
> >
> > The bottom line is, I would not feel safer just knowing a OTP was being
> > used to encrypt my messages.
>
> Of course the Soviet spies used a super-encypherenment with a OTP during
> (and prior to) WWII. The Venona project broke them anyway.
No. The Soviets used an MTP rather than an OTP. That difference is
what made it possible to break.
------------------------------
From: "Daniel Urquhart" <[EMAIL PROTECTED]>
Subject: Re: How strong would this algorithm be ?
Date: Sat, 10 Jul 1999 09:31:48 -0700
> Post pseudo-code that explains the algorithm then you are in business.
I use 3 functions: a pseudo-random num generator and the encrypt/decrypt
algorithms.
My algorithm takes:
key = A user entered key ( could be AvailableMem/64k long !)
keylen = lenght of key
indata = data to encrypt
outdata = data after encryption, must be allredy allocated !
datalen - lenght of data (bytes)
First generate the cipher tables:
allocate table [keylen-2][256]
for i = 0 to keylen-2 /* Non inclusive */
/* This is actually a seperate function*/
t1 = key[i]
t2 = key[i+1]
t3 = key[i+2]
for j = 0 to 256
table[i][j] = ( t1 + t2 ) XOR t3
t1 = t2;
t2 = table[i][j];
/* Add 2 previous numbers then XOR to get next */
next j
next i
/* now encode the data, decryption is nearly identical*/
out[0] = in[0] XORtable[0][0]
for i = 0 to datalen
/* I can't seem to get fmod to work, and I just finished G10 math (I'm in
highschool) so lets say that
rem(X,Y) gives the remainder of X/Y (i use a more confusing method, though
it works */
out[i] = table[ rem(i,keylen-2) ][ out[i-1] ]
next i
my program then writes over the existing file.
Well that should cover it.
Thanks
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
