Cryptography-Digest Digest #877, Volume #9 Wed, 14 Jul 99 00:13:03 EDT
Contents:
Problems with the RC4 algorithm ([EMAIL PROTECTED])
Re: PGP technical info? (Wim Lewis)
Re: Fractal encryption ([EMAIL PROTECTED])
Re: I want some encryption algorithms ([EMAIL PROTECTED])
Re: wincrypt ([EMAIL PROTECTED])
Massachusetts PGP Keysigning Meeting in August! (SherlockSHolmes)
Replacing IDEA with Blowfish ([EMAIL PROTECTED])
Re: Help With Key Algorithm For Software Unlock (Sundial Services)
Re: Fractal encryption ([EMAIL PROTECTED])
Re: Help With Key Algorithm For Software Unlock (Sundial Services)
Re: Problems with the RC4 algorithm ([EMAIL PROTECTED])
Re: Funny News ("rosi")
Re: How Big is a Byte? (was: New Encryption Product!) (Dennis Ritchie)
Re: How Big is a Byte? (was: New Encryption Product!) (Matthew Gates)
Re: Is it possible to combine brute-force and ciphertext-only in an (Nicol So)
Re: Is Stenography legal? ("rosi")
----------------------------------------------------------------------------
From: [EMAIL PROTECTED]
Subject: Problems with the RC4 algorithm
Date: Tue, 13 Jul 1999 20:35:36 -0400
I seem to be having trouble implementing the RC4 algorithm. As far as I
can tell, the algorithm seems very simple and easy to understand, but
when I try to encrypt and then decrypt a message using it, it never
seems to work. (Just garbled text.) I am wondering if I am using it
wrong. Here is the code I use:
int main()
{
byte data[2500];
int i = 0;
memset(data, 1, sizeof(data));
rc4_key key;
prepare_key((byte *)"123456789012345678901234", 24, &key);
for (i = 0; i < 100; i++)
cout << data[i];
rc4(data, 2500, &key);
for (i = 0; i < 100; i++)
cout << data[i];
rc4(data, 2500, &key);
for (i = 0; i < 100; i++)
cout << data[i];
return 0;
}
Thanks for your help.
Clay Culver
Oh and incase you want to see the exact code that goes with it:
void prepare_key(unsigned char *key_data_ptr, int key_data_len,
rc4_key *key)
{
unsigned char swapByte;
unsigned char index1;
unsigned char index2;
unsigned char* state;
short counter;
state = &key->state[0];
for(counter = 0; counter < 256; counter++)
state[counter] = counter;
key->x = 0;
key->y = 0;
index1 = 0;
index2 = 0;
for(counter = 0; counter < 256; counter++)
{
index2 = (key_data_ptr[index1] + state[counter] +
index2) % 256;
swap_byte(&state[counter], &state[index2]);
index1 = (index1 + 1) % key_data_len;
}
}
void rc4(unsigned char *buffer_ptr, int buffer_len, rc4_key *key)
{
unsigned char x;
unsigned char y;
unsigned char* state;
unsigned char xorIndex;
short counter;
x = key->x;
y = key->y;
state = &key->state[0];
for(counter = 0; counter < buffer_len; counter ++)
{
x = (x + 1) % 256;
y = (state[x] + y) % 256;
swap_byte(&state[x], &state[y]);
xorIndex = (state[x] + state[y]) % 256;
buffer_ptr[counter] ^= state[xorIndex];
}
key->x = x;
key->y = y;
}
static void swap_byte(unsigned char *a, unsigned char *b)
{
unsigned char swapByte;
swapByte = *a;
*a = *b;
*b = swapByte;
}
------------------------------
From: [EMAIL PROTECTED] (Wim Lewis)
Subject: Re: PGP technical info?
Date: 13 Jul 1999 21:39:37 GMT
In article <[EMAIL PROTECTED]>,
Coms 1003 <[EMAIL PROTECTED]> wrote:
>Does anyone know where I can get technical PGP info from? The standard
>refs by Zimmerman aren't specific enough.
Well, the source code ought to be a good start. There's also an IETF
working group attempting to standardize the PGP message formats under
the name OpenPGP. Eventually it will be published as a set of RFCs;
meantime, the drafts are available.
>For instance, how is RSA implemented (is it padded with random bits?).
This is described in the documentation that comes with PGP 2.6.x (the
5.0 docs were significantly dumbed down; I haven't looked at subsequent
releases). RSA is implemented according to one of the RSADSI PKCS
recommendations; the session key to be RSA-encrypted is indeed padded
with random bytes.
>What is the algorithm for choosing the random IDEA key? Etc.
The entropy pool used by PGP is also described in its docs, but here
a look at the source code is probably an even better idea.
--
Wim Lewis * [EMAIL PROTECTED] * Seattle, WA, USA
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Fractal encryption
Date: Wed, 14 Jul 1999 00:36:23 GMT
In article <[EMAIL PROTECTED]>,
"Krishna Sawh" <[EMAIL PROTECTED]> wrote:
> Where can I find more infomation on fractal encryption, dose any body
> here know anythink ???
>
> Krishna Sawh
> [EMAIL PROTECTED]
>
As far as I remember, there was a paper on "lossy" encryption done
using the synchronization properties of the Lorenz Attractor dynamic
system:
dx/dt = s(y - x)
dy/dt = -xz + rx - y
dz/dt = xy - bz
The scheme went like this:
You take one of the outputs (if I am not mistaken, it was z) of a
particular Lorenz Attractor (with a, b, c parameters set to some
unknown and shared value between the sender and receiver), add your
voice signal on top of the values obtained from this system, and
transmit it to the receiver. The receiver uses
dx/dt = s(y - x)
dy/dt = -xz + rx - y
dz/dt = xy - bz'
where z' is the received system. Regardless of the initial conditions,
the receiver's system gets in sync with the sender's original values.
Subtracting the output z of the receiver from the received system, the
receiver is able to obtain (somewhat noisy version of) the encrypted
message.
There are two serious drawbacks in this system:
1) The original message is not fully recovered (The author of the paper
built the machines to transmit encoded voice signals and decode them,
and reported that he could recover enough of the transmitted message to
understand what was spoken)
2) Because of the synchronization properties of the system, a somewhat
erronous set of parameters (a+da, b+db, c+dc) also results in a sync.
The state variable used for synchronization might not be z, but the
main idea of the system was as I have presented here. Unfortunately, I
have forgotten the original paper I have read this scheme in. But it is
somehwere on the Net, for the interested. Also, I remember quite a
number of papers discussing the synchronization of dynamic systems
showing chaotic behaviour, and how to choose the transmitted state
variable to result in convergence to the original system's path.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: I want some encryption algorithms
Date: Wed, 14 Jul 1999 01:31:40 GMT
In article <7mgios$13qa$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) wrote:
> If you go to my web site I have a special type of adaptive huffman
> compression that does not use headers and is designed for use with
> encryption. I also have pointers to a few of my encryption programs.
> I will soon realease a version that combines the whole thing
togethter.
Dude, no one cares. Why haven't you answered my questions I posted?
Were they too hard? It's ok to admit you don't know the answer (I
admit I have lots to learn as well).
You should work on improving your algorithm in terms of speed and
memory requirements. You should describe it's security boundaries and
implementation issues (see my earlier post). Also using shorter keys
might actually be more usefull. I could for example want to use the
output of a hash as a key. Can you do that with your algorithms? etc.
etc.
And headerless compression (i.e the secret key forms the huffman
tree ...) is not terribly secure in the face of known or chosen
plaintext attacks. It's a bit harder in adaptive situations...
Please answer my original post (should turn up in a search).
Tom
--
PGP key is at:
'http://mypage.goplay.com/tomstdenis/key.pgp'.
Free PRNG C++ lib:
'http://mypage.goplay.com/tomstdenis/prng.html'.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: wincrypt
Date: Wed, 14 Jul 1999 01:37:12 GMT
In article <7mgef1$bc0$[EMAIL PROTECTED]>,
"Terry Mechan" <[EMAIL PROTECTED]> wrote:
> check software on
>
> http://www.tmechan.freeserve.co.uk
Link doesn't work for me.. Is it right or is the server just slow?
Tom
--
PGP key is at:
'http://mypage.goplay.com/tomstdenis/key.pgp'.
Free PRNG C++ lib:
'http://mypage.goplay.com/tomstdenis/prng.html'.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED] (SherlockSHolmes)
Subject: Massachusetts PGP Keysigning Meeting in August!
Date: 14 Jul 1999 00:57:42 GMT
=====BEGIN PGP SIGNED MESSAGE=====
Hash: SHA1
ATTENTION CENTRAL NEW ENGLAND PGP USERS -- KEYSIGNING MEETING IN
AUGUST!
I am planning a PGP Key Signing Meeting In August (possibly Monday,
the 9th) in Worcester and I am looking for PGP Users from
Massachusetts, Northern Conn, Southern NH, Southern VT, anywhere
within driving distances of Worcester.
This event will probably coincide with a meeting for users of Thawte
Digital Certificates (I STRONGLY suggest everyone get one or more FREE
Digital Certificates from www.thawte.com for MS IE, Netscape and PGP).
Thawte Certificates allow for Notarization to further validate your
identity and Thawte Representative will be on hand to create Thawte
Notaries (or you can have one of us Notarize your Certificate at the
meeting).
I am looking for as many people as possible in order to make it
worthwhile for the Thawte Rep to travel to Worcester. Plus, the wider
our PGP Web of Trust the more trusted our PGP Keys will be.
Please contact me ASAP at [EMAIL PROTECTED] for details,
Keysigning Instructions, and to answer any questions you may have.
I'm looking forward to hearing from you! Take care and God bless,
Sherlock S. Holmes, D.D.
P.S. YES, this is my real name!
=====BEGIN PGP SIGNATURE=====
Version: PGPfreeware 6.0.2i
iQA/AwUBN4vewSOMIoUcBS+3EQI8rACeMIgcdpoffaM1KKa0oH8xid9jtxwAoJHB
nqBjciROCIWNzGOMw/FhllX0
=u17f
=====END PGP SIGNATURE=====
Sherlock S. Holmes, D.D.
http://www.sherlockholmes.com
NEW PGP Key Fingerprint:
1E96 649C FB67 55E0 471C BDFE 238C 2285 1C05 2FB7
------------------------------
From: [EMAIL PROTECTED]
Subject: Replacing IDEA with Blowfish
Date: Tue, 13 Jul 1999 20:48:39 -0400
I am very skeptical about using Blowfish/Twofish in my applications. I
know that Bruce Schneier is very capable of creating a good encryption
algorithm, but Blowfish has not withstood the attacks that IDEA has (at
least not yet anyway). If I ever distribute my programs I am going to
have to take IDEA out of it b/c of licensing. Would it be a good idea
to to replace IDEA with Blowfish or should I use something like 3DES?
(If you are wondering, the symmetric part of this program are used with
session keys..with an overlying public key system.)
Clay
------------------------------
Date: Tue, 13 Jul 1999 18:51:46 -0700
From: Sundial Services <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: Help With Key Algorithm For Software Unlock
S.T.L. wrote:
>
>
> Or, don't bother with copyprotection at all. Concentrate on making a good
> product. Copyprotection often (as others have said) sends the message to users
> that you don't trust them.
So does the little Sensormatic machine at the front of every retail
store... but that does not keep you from buying clothes there. "Shrink"
is a fact of life in software as in retail, and a vendor who takes
reasonable steps to discourage it is merely being prudent.
Let's be reasonable about human nature, folks: if you ask me to send
you $25 but take no steps whatever to make me do it, then I probably
won't. But if you do nudge me politely, and do it in a way that does
not hinder the evaluation process, then I probably will sign the check
-- provided that the product is actually worth buying. "Warez" groups
notwithstanding, most people will not go to extraordinary means to steal
a piece of software, unless it is (as with "Warez") for the pure sport
of it.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Fractal encryption
Date: Wed, 14 Jul 1999 01:35:29 GMT
In article <7mgm26$3af$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> As far as I remember, there was a paper on "lossy" encryption done
> using the synchronization properties of the Lorenz Attractor dynamic
> system:
There is another lossy stream cipher called 'Chameleon'. It was
designed so that multiple keys will decrypt the same stream with
minimal errors. I have the paper on my hd if you want it. You can get
it off the net as well. It's by Ross Anderson and Charalampos
Manifavas.
If you can find the paper you were describing I would be willing
to 'trade' in private email...
Tom
--
PGP key is at:
'http://mypage.goplay.com/tomstdenis/key.pgp'.
Free PRNG C++ lib:
'http://mypage.goplay.com/tomstdenis/prng.html'.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
Date: Tue, 13 Jul 1999 18:45:34 -0700
From: Sundial Services <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: Help With Key Algorithm For Software Unlock
CanoeDad wrote:
>
> Thanks for the suggestion William. I am not looking for anything that
> will stop someone that is sophisticated. The market for this product
> is legal, that is it will be purchased by lawyers. They typically do
> not have the sophistication to break software and if they do, they can
> have it.
>
> I definitely don't trust lawyers to pay for software that they are
> using. They are the most cynical of any customer base you can have.
> The software is not shareware but demo ware. After a number of uses
> they will be urged to pay for it, that's all. If they don't want to
> then the uninstall option will be present for them to use.
I would suggest that you shop around and look at some of the existing
copy-protect software packages that are out there -already- with
source-code included. Actually I can only think of one, OnGuard
(http://www.turbopower.com), but it is very nice for its educational
value if nothing else!
OnGuard uses hashing and a number of other techniques.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Problems with the RC4 algorithm
Date: Wed, 14 Jul 1999 01:39:02 GMT
<snip>
You have to reset the key before decrypting. Call 'prepare_key' before
you call 'rc4(data, 2500, ...)' a second time.
Tom
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: "rosi" <[EMAIL PROTECTED]>
Subject: Re: Funny News
Date: Tue, 13 Jul 1999 21:11:58 -0400
John Myre wrote in message <[EMAIL PROTECTED]>...
>
>[EMAIL PROTECTED] wrote:
>>
[snip]
>> My question is (this is an open question), What good do these
>> regulations ACTUALLY provide? If a criminal breaks the law won't logic
>> dictate they won't follow this law as well?
>>
>
>The specific argument that control is useless because criminals
^^^^^^^^
???
>will ignore regulations is false logic. The gulf between "not
^^^^^^
Please be precise. Anywhere can I find this implication???
>100% effective" and "useless" is quite wide. Making something
>illegal will decrease its use: at least *some* criminals will
>find it too hard, or too expensive, or too confusing, or just
>won't use it correctly.
^^^^^^^^
What exactly do you mean, anyway? Please, please elaborate. Thanks.
>
>Of course, this is hardly the end of the debate. I've just
>seen this particular error in thinking too often to let it go
^^^^^^^^^^^^^^^^^^^^^^^^^
Let me be a bit particular. I am not a logician so error abounds
in my thinking as well. There are just so much I can exercise my
mental incapabilities, but here is one of them:
To wiretap is of course to wiretap a criminal, right? You just
would not tap innocent people, or NOT? Or anyone can define
what a criminal is and what an innocent person is? Or what
crap is the following: innocent till proven guilty? Does 'suspect'
give special mathematical properties to be treated specially
in the code of law? Please, help train me to be a half logician.
Not _specifically_ opposing your view. Just another opportunity
for you to spare going without comments.
--- (My Signature)
P.S.
I notice that Tom said it is an open question and the word
ACTUALLY is capticalized.
>without comment.
>
>John M.
------------------------------
From: Dennis Ritchie <[EMAIL PROTECTED]>
Crossposted-To: alt.folklore.computers
Subject: Re: How Big is a Byte? (was: New Encryption Product!)
Date: Wed, 14 Jul 1999 02:15:31 +0100
Reply-To: [EMAIL PROTECTED]
fungus wrote:
> ..."Dennis Ritchie", from "Bell Labs" ???
I suppose so, but there are other ones too.
http://cm.bell-labs.com/cm/cs/who/dmr/otherlives.html
Dennis
------------------------------
From: [EMAIL PROTECTED] (Matthew Gates)
Crossposted-To: alt.folklore.computers
Subject: Re: How Big is a Byte? (was: New Encryption Product!)
Date: Wed, 14 Jul 1999 03:45:12 +0100
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (John Varela) writes:
> On Mon, 12 Jul 1999 22:15:52, [EMAIL PROTECTED] (Matthew Gates)
> wrote:
>
>> In article <[EMAIL PROTECTED]>,
>> Boris Kazak <[EMAIL PROTECTED]> writes:
>> > Just as B(reast) has two N(ipples), B(yte) has two N(ibbles)
>>
>> Breast singular, two nipples?
>
> That's udderly ridiculous.
So I was milking the joke...
------------------------------
From: Nicol So <[EMAIL PROTECTED]>
Subject: Re: Is it possible to combine brute-force and ciphertext-only in an
Date: Tue, 13 Jul 1999 22:43:38 -0400
Douglas A. Gwyn wrote:
>
> Nicol So wrote:
> > If you don't mind, could you explain in simple terms what is the
> > current thinking on the subject among physicists?
>
> Basically, the problem with the Copenhagen Interpretation was that
> the interaction between the observed quantum system and the observer
> was not subject to the same laws as an unobserved quantum supersystem
> (= observed system + observer) should have had according to the rest
> of the quantum theory. This is most easily seen in the notion that
> the observed system's state (wavefunction) "collapses" from a mixed
> state to a pure state upon making an observation. I think von
> Neumann was among the first to note that this was inconsistent.
Thanks. I didn't realize that view was from the Copenhagen school. I
always thought it was a weird concept because whether an act constitute
an observation is really in the eye of the beholder. When one billiard
balls hits another on a pool table, is that an observation or not? I've
always thought the only reasonable thing one can say is that they
interact.
Nicol
------------------------------
From: "rosi" <[EMAIL PROTECTED]>
Subject: Re: Is Stenography legal?
Date: Tue, 13 Jul 1999 22:18:43 -0400
Stumbled upon this.
This perhaps reflects a more general setting. Sometimes people
seem to convey the sense even though not awaringly. Yet to me, it
seems necessary to always bring this to the conscious level. (I often
fail to do this as well)
This concerns what is practical and what is 'theoretical'.
Let me be concrete here. Given a cipher C, which before 'life' ends
for the universe is never cracked, is it uncrackable? Theoretically,
it has to be uncrackable to be uncrackable. C can be really crackable
but not within 'our' life time, then it is still crackable in theory (i.e.
being crackable is truth which we will not get at for a pity). Yet in all
practical sense, C is uncrackable. This difference is important, IMO.
In the same vein, practically, an illegal act "is" legal (only in the sense
I tried to convey) if not caught. (I am talking at an abstract
level and am not advocating illegal act in any fashion --- as long
as you did not get caught or as long as law-writing functionaries
can legalize it in a special piece of law even in conflict with the
general constitution, etc.). What is wrong is wrong. However, a
wrong when not treated as wrong is the same as a right in all
practical sense.
Am not contradicting anybody. Just my view. I want to use this
to bring our attention to the way we deal with cryptography: When
we talk about something, we need to be consistent in exactly
which (practical side or theoretical side) we converse and not
to switch between the two.
Thanks
--- (My Signature)
Lincoln Yeoh wrote in message <[EMAIL PROTECTED]>...
>On Thu, 08 Jul 1999 17:10:12 +0200, Mok-Kong Shen
><[EMAIL PROTECTED]> wrote:
>
>>Robert G. Durnal wrote:
>>>
>>
>>> First, I think you mean STEGANOGRAPHY, not STENOGRAPHY. But it
is
>>> legal, and not against EAR. In fact, EAR does NOT apply to sending of
coded
>>> messages, but only to the dissemination of encryption software itself.
And
>>> steganography is not encryption.
>>
>>If an encryption software is coded and sent (a coded message), is this
>>against EAR? Presumably yes. But how is that to be controlled?
>>
>>M. K. Shen
>
>The point you seem to be having difficulty with is:
>If something is made illegal, it is still illegal even if no one is
>watching.
>
>If you drive through a red light and no one[1] knows about it, it is still
>illegal in most nations as far as I know.
>
>Whether or not you may get caught/sentenced is a totally different issue
>from legality.
>
>I seem to recall we were discussing something similar to this for the
>Chaffing and Winnowing thread months back.
>
>Cheerio,
>
>Link.
>[1] Even if you don't know about it it's still illegal (maybe especially so
>if you're that drunk!).
>****************************
>Reply to: @Spam to
>lyeoh at @[EMAIL PROTECTED]
>pop.jaring.my @
>*******************************
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
