Cryptography-Digest Digest #895, Volume #9 Sat, 17 Jul 99 07:13:03 EDT
Contents:
Re: Funny News ([EMAIL PROTECTED])
Re: Funny News ([EMAIL PROTECTED])
Re: Funny News ([EMAIL PROTECTED])
Re: Funny News ([EMAIL PROTECTED])
Re: obliterating written passwords (Lincoln Yeoh)
Re: randomness of powerball, was something about one time pads (fungus)
Re: obliterating written passwords (fungus)
Re: randomness of powerball, was something about one time pads ([EMAIL PROTECTED])
Re: Password generation question (Lincoln Yeoh)
Re: What is the "real" length of a key in 3-key 3DES? ("Richard Parker")
Re: DES permutations ("David G. Koontz")
Re: Funny News ("Douglas A. Gwyn")
----------------------------------------------------------------------------
Date: Fri, 16 Jul 1999 02:14:07 -0400
From: [EMAIL PROTECTED]
Subject: Re: Funny News
Doug Stell wrote:
>
> On Tue, 13 Jul 1999 11:52:49 -0600, John Myre <[EMAIL PROTECTED]>
> wrote:
>
> >
> >[EMAIL PROTECTED] wrote:
> >>
> >> Watching CNN today I saw a clip of Janet Reno (hey wheres the blue
> >> dress?) and I semi-quote
> >>
> >> " Terroists can use encryption technologies making wiretaps effectively
> >> useless and crime prevention much harder ... "
>
> There is little doubt that encryption makes the job of the national
> security and law enforcement folks more difficult.
Lots of things make the job of national security and law enforcement
more difficult. The United States Constitution is probably the most
difficult. 210 years of Supreme Court decision affirming the rights of
the citizens are most of the rest of the difficulty (this halted in 1986
when the US officially became a police state by Supreme Court decision).
Fundamentally the job of national security and law enforcement is NOT
catching crimminals. According to the DofI the purpose of government is
the protection of the rights of the citizens.
Any government employee who complains about the inconvenience of doing
the job right, by which I mean doing the _right_ job, is not earning his
paycheck, nor, for sworn officers, upholding the oath of office.
>
> >> Basically she was advocating the restrictions.
> >>
> >> My question is (this is an open question), What good do these
> >> regulations ACTUALLY provide? If a criminal breaks the law won't logic
> >> dictate they won't follow this law as well?
> >
> >The specific argument that control is useless because criminals
> >will ignore regulations is false logic. The gulf between "not
> >100% effective" and "useless" is quite wide. Making something
> >illegal will decrease its use: at least *some* criminals will
> >find it too hard, or too expensive, or too confusing, or just
> >won't use it correctly.
>
> The above response explains it quite well. The needle is easier to
> find if you can make the haystack as small as possible. If the use of
> encryption was pervasive, they would have a hard time telling who the
> bad guys are. Of course, this means that anyone who uses encyrption is
> *potentially* a bad guy.
>
> The big criminals, such as organized crime, drug trafficing operations
> and well-funded terrorists, will tend to have very good security,
> because they recongnize its value and have the resources to obtain it.
> The little guys, such as the local kid selling drugs, no only finds it
> too expensive, but may be too stupid to use it.
>
> >Of course, this is hardly the end of the debate. I've just
> >seen this particular error in thinking too often to let it go
> >without comment.
>
> Remember that there is more than one way to think about things and
> more than one way to accomplish the task. Those of us in the business
> tend to think one way and consider the other irrational, which it is
> to some extent. However, the other isn't totally useless, as the
> comments try to explain.
------------------------------
Date: Fri, 16 Jul 1999 02:33:11 -0400
From: [EMAIL PROTECTED]
Subject: Re: Funny News
Bob Silverman wrote:
>
> In article <7ml1le$k8a$[EMAIL PROTECTED]>,
> [EMAIL PROTECTED] wrote:
> > In article <7ml163$k1e$[EMAIL PROTECTED]>,
> > Bob Silverman <[EMAIL PROTECTED]> wrote:
>
> <snip>
>
> > > Read the (joint) book by Whit Diffie and Susan Landau on the
> > > politics of wiretapping.
> > >
> > > The basic answer is: very little if any.
> > >
> > > There have been ZERO documented cases where a wiretap has been
> > > prevented because of encryption.
> >
> > Possibly because they have been hidden? What if the NSA cracked a
> > message and prevented a crime (or performed an arrest).
>
> I regret I can not reproduce the sigh of exasperation I emit when
> I hear statements such as these.
>
> (1) If indeed the NSA cracked a message, then the wiretap was NOT
> prevented, was it?
>
> (2) The statement shows gross ignorance of the NSA, what it does, and
> what it is allowed to do. The NSA does NOT, repeat, NOT get involved
> in domestic law enforcement. They are prohibited from doing so by law.
> And there are watchdog committees who watch this quite carefully.
> They are NOT allowed to do any sort of domestic surveillance of ANY
> kind.
I believe that you are corect with respect to the letter of the law, but
why should anyone believe that the blackest of agencies follows the law
at all? How hard is it to hide something from a congressional
subcommittee?
It is an open secret that the FBI is lobbying congress on many topics in
violation of the strict rules against such efforts. Similarly there are
explicit rules that forbid the BATF from computerizing FFL records, yet
there is a data center in WV engaged in precisely this activity.
The government is now too large and too complex for anyone to detect
what it is/isn't doing. Why is the NSA/DIA different?
>
> > Would they
> > admit they broke the cipher? (now the spooky oooh sound starts...)
>
> If indeed the FBI asked the NSA to break a cipher that the *FBI*
> intercepted, and it was a criminal matter that came to court, then you
> can be sure that the fact that the NSA broke a cipher would become
> public. Trials are public in this country. And you can be sure a
> defense attorney would question the validity of any purported
> wiretap communication.
>
> Why is it that all these people seem to think the NSA has magical powers
> and is above the law???
>
> Give up the paranoia. It is tiresome.
> >
> > > However, I think the question is, or should be, moot. I paraphrase
> > > Ben Franklin:
> > >
> > > Those willing to give up essential liberty for a little safety are
> > > deserving of neither.
> >
> > That's a good quote. Should staple that to Janet Renos head... Of
> > course she does affect me much (unless she visits the GWN much...)
>
> --
> Bob Silverman
> "You can lead a horse's ass to knowledge, but you can't make him think"
>
> Sent via Deja.com http://www.deja.com/
> Share what you know. Learn what you don't.
------------------------------
Date: Fri, 16 Jul 1999 02:25:05 -0400
From: [EMAIL PROTECTED]
Subject: Re: Funny News
Douglas A. Gwyn wrote:
>
> James Andrews wrote:
> > ... criminals are a direct result of laws in that the term "criminal"
> > means someone who doesnt follow the law.
>
> No, there are objectively defined crimes, which cover doing actual
> harm to others, whether or not any laws apply, and politically
> defined crimes, which consist merely in violation of laws or
> administrative policies but do no harm. Practically everybody
> agrees that the former type of criminal needs to be deterred,
> arrested, and/or punished, while many of us don't think that
> laws should create the latter kind of "criminal" at all.
"Malum in se" is bad in/of itself. I.e., the crimminal act is harmful
to someone.
"Malum in prohibitum" bad 'cause we say so. I.e., the crimminal act is
not harmful to _anyone_.
We seem to pass an awful lot of "in prohibitum" laws every year.
------------------------------
Date: Fri, 16 Jul 1999 02:27:22 -0400
From: [EMAIL PROTECTED]
Subject: Re: Funny News
Bob Silverman wrote:
>
> In article <7mfonu$n1a$[EMAIL PROTECTED]>,
> [EMAIL PROTECTED] wrote:
> > Watching CNN today I saw a clip of Janet Reno (hey wheres the blue
> > dress?) and I semi-quote
> >
> > " Terroists can use encryption technologies making wiretaps
> effectively
> > useless and crime prevention much harder ... "
> >
> > Basically she was advocating the restrictions.
> >
> > My question is (this is an open question), What good do these
> > regulations ACTUALLY provide?
>
> Read the (joint) book by Whit Diffie and Susan Landau on the
> politics of wiretapping.
>
> The basic answer is: very little if any.
>
> There have been ZERO documented cases where a wiretap has been
> prevented because of encryption.
>
> However, I think the question is, or should be, moot. I paraphrase
> Ben Franklin:
>
> Those willing to give up essential liberty for a little safety are
> deserving of neither.
Franklin was as notorious in his day as Clinton was duing his
impeachment and trial. Funny that they should come to exact opposite
conclusions on the issue of liberty v. security.
------------------------------
From: [EMAIL PROTECTED] (Lincoln Yeoh)
Subject: Re: obliterating written passwords
Date: Sat, 17 Jul 1999 08:51:19 GMT
Reply-To: [EMAIL PROTECTED]
On Fri, 16 Jul 1999 22:15:52 GMT, [EMAIL PROTECTED] wrote:
>I occasionally jot down a password, or social security number
>or such, consisting of a handful of numbers and letters. I
>later attempt to obliterate it by writing random numbers and
>letters over all the original numbers and letters, several times.
>
>Suppose you are given that piece of paper and told to find the
>original password. How easy is it? What attacks are available?
Should be quite easy.
>More to the point, what can I do to obliterate it better? I'm
>not expecting NSA to attack it, just other devious citizens.
Burn it and flush it down the toilet. At least if they recover that you
know they really went to a lot of trouble :).
But you have to watch out for one thing- write on a separate sheet of paper
on top of a very hard surface not on a notepad or something else. Because
you may inadvertently transfer the imprints to the material below.
Cheerio,
Link.
p.s. Why do people shred stuff? I can't see how that can be safe unless you
really take a lot of trouble, and then you might as well just buy an
incinerator for that money.
****************************
Reply to: @Spam to
lyeoh at @[EMAIL PROTECTED]
pop.jaring.my @
*******************************
------------------------------
From: fungus <[EMAIL PROTECTED]>
Subject: Re: randomness of powerball, was something about one time pads
Date: Sat, 17 Jul 1999 09:32:41 +0200
Jerry Coffin wrote:
>
> An excellent idea. This particular simulation may not qualify as
> particularly careful, as it uses the random number generator in your
> compiler's standard library, which may be of relatively poor quality.
<snip>
You don't really need random numbers. You can just cycle through all
possible cases and add up the winnings.
PS: I didn't run the program yet, but the house's winnings should
be 7.8% of the total played.
--
<\___/>
/ O O \
\_____/ FTB.
------------------------------
From: fungus <[EMAIL PROTECTED]>
Subject: Re: obliterating written passwords
Date: Sat, 17 Jul 1999 09:26:21 +0200
"Douglas A. Gwyn" wrote:
>
> [EMAIL PROTECTED] wrote:
> > Just burn it....
>
> And stir up the ashes.
And eat them.
--
<\___/>
/ O O \
\_____/ FTB.
------------------------------
Date: Fri, 16 Jul 1999 02:50:48 -0400
From: [EMAIL PROTECTED]
Subject: Re: randomness of powerball, was something about one time pads
fungus wrote:
>
> "Douglas A. Gwyn" wrote:
> >
> > fungus wrote:
> > > There's one game where you pay a dollar, choose a number from one
> > > to six, then throw three dice. You win a dollar for every die which
> > > shows your chosen number. Who has the edge? The player or the house?
> >
> > As described, the odds are even (it's a fair game).
> >
>
> No. The house has an edge, figuring out where it is is a long
> process.
A simple way to analyze this is to use colored dice (RGB). Throw them
216 times. Ignore the combinations and inspect the payoff from each die
independently. The red die matches your selection 36 times. Ditto for
the green and blue die. Total payback in $108 against $216 in bets.
The house wins. Big.
The monetary analysis is simpler still, but a bit subtle. You bet
$0.33333 on each die and win $1.00 on every match. The expected payoff
is only $0.166666 per die per roll. The house wins.
>
> (It took a while to convince me too...)
>
> > (If you don't know which of these is
> > the case, then switching can't hurt and might help.)
>
> No. Switching *always* helps (always!).
>
> Again, this was the subject of much debate.
>
> --
> <\___/>
> / O O \
> \_____/ FTB.
------------------------------
From: [EMAIL PROTECTED] (Lincoln Yeoh)
Subject: Re: Password generation question
Date: Sat, 17 Jul 1999 09:02:46 GMT
Reply-To: [EMAIL PROTECTED]
On Fri, 16 Jul 1999 15:37:18 -0400, Anton Stiglic <[EMAIL PROTECTED]> wrote:
>For the pass word , I'd just take the amount of bits you want directly form
>/dev/random
>and not rehash it again afterwards...
1) /dev/random uses the SHA1 hash to help pool together randomness.
2) Geiger's idea was to get 10 kilobytes worth of random stuff from
/dev/random and then hash it with MD5.
Big difference from just grabbing 128 bits from /dev/random and using them.
I daresay what Geiger gets should contain close enough to 128 bits of
randomness, and definitely not worthwhile to crack. If they want the
secrets protected by that password they'd better use other means - e.g. bug
his rooms, computer etc.
However, don't bother doing all that with typical Unix passwords coz they
only bother about the first 8 characters! I don't take that much trouble
for my Unix passwords since it's not really worth it - you can't really
maintain the security especially if you're going over the network. You just
have to change it often enough.
For your PGP passphrase, yeah, sure if you can remember it.
Link.
****************************
Reply to: @Spam to
lyeoh at @[EMAIL PROTECTED]
pop.jaring.my @
*******************************
------------------------------
From: "Richard Parker" <[EMAIL PROTECTED]>
Subject: Re: What is the "real" length of a key in 3-key 3DES?
Date: Wed, 14 Jul 1999 22:19:28 GMT
In article <7miuun$26ua$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (Mickey McInnis) wrote:
> In article <7mia8t$fea$[EMAIL PROTECTED]>, [EMAIL PROTECTED]
> (Patrick Juola) writes:
> ...
> |>
> |> Not so. New article in J. Cryptology by our old friend Eli Biham
> |> takes 3DES apart in about 2^64 steps.
> |>
> |> Ouch. History in the making. "May you live in interesting times."
> |>
> |> -kitten
>
> Is there a "simple" description of the method, or an online synopsis, etc.?
Information about this article is available at the following URL:
<http://link.springer.de/link/service/journals/00145/bibs/12n3p161.html>
-Richard
------------------------------
From: "David G. Koontz" <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: DES permutations
Date: Sat, 17 Jul 1999 00:53:00 -0700
This is a multi-part message in MIME format.
==============9DD3C039AA89114D123A16B3
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
[EMAIL PROTECTED] wrote:
>
> In article <7mkf95$4sv$[EMAIL PROTECTED]>,
> [EMAIL PROTECTED] (Matthew Kwan) wrote:
> > [EMAIL PROTECTED] writes:
> >
> > >In article <7mfoqc$n2a$[EMAIL PROTECTED]>,
> > > [EMAIL PROTECTED] wrote:
> > >> In article <7k51r0$gjr$[EMAIL PROTECTED]>,
> > >> [EMAIL PROTECTED] wrote:
> > >> > > >DES;
> > >> > > >1 That initial permutation; is it actualy worth
> > >> > anything cryptograpicaly?
> > >> > >
> > >> > > No. They were put there to support the hardware
> > >> > implementation of DES that was popular in the mid-1970s.
> > >>
> > >> > I've heard and read this several times but while
> > >> > being from a hardware background I cannot see how
> > >> > the initial permutation could speed up the
> > >> > hardware implementation. Does anyone know how it
> > >> > helps the hardware?
> > >>
> > >> It doesn't help hardware. It doesn't take any
> > >> time in hardware. (No *extra* time beyond normal wiring
> > >> delays)
> > >>
> > >> What it *does* do is royally slow down any software implementation.
> > >> *That* was the point.
> >
> > No, the point was to amount of chip *space* needed to implement DES.
> > The IP made the wiring simpler. Software was probably not a
> consideration
> > at the time.
>
> But how does it make the wiring simpler? As far as I can see it only
> makes it more complicated.
>
==============9DD3C039AA89114D123A16B3
Content-Type: text/plain; charset=us-ascii;
name="IP_post"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="IP_post"
Newsgroups: sci.crypt
Subject: Re: DES's initial permutation
Summary:
Expires:
References: <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>
<[EMAIL PROTECTED]>
Sender:
Followup-To:
Distribution:
Organization: MasPar Computer Corporation
Keywords:
In article <[EMAIL PROTECTED]> [EMAIL PROTECTED] (Steve Sampson) writes:
>In article <[EMAIL PROTECTED]> [EMAIL PROTECTED] (Steven Bellovin)
>writes:
>>In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] (John K. Taber)
>writes:>> Nick Barron ([EMAIL PROTECTED]) wrote:
>>> : I've recently been re-reading some of the textbooks I have, and I was
>>> : wondering if anyone could enlighten me on the purpose of the DES IP? I've
>>> : read in one source that it has been shown to increase DES's resistance to
>>> : cryptanalysis (differential IIRC), but with no further reference.
>>>
>>> : Can anyone shed any light on this?
>>>
>>>
>>>
>>> Somebody, I forgot who now (Lynn ???) convinced me that the purpose of
>>> the IP was hardware considerations in 197x. I had always wondered about
>>> this too.
>>>
>>> I'm sorry, I don't remember the explanation well enough to repeat it for
>>> you. I found it convincing.
>
>>Yup. It's got to do with serial-parallel conversion -- chips in 197x
>>didn't have nearly as many pins as do modern ones...
>
>The IP was designed to shuffle the EBCDIC bit pattern, as it has a signature.
>It doesn't do anything for ASCII, and can be deleted.
>
The Initial Permutation
The Initial Permuation (IP) is a description of how a byte wide interface is
connected to a 64 bit block comprised of two 32 bit blocks (L and R). Consider
a byte wide interface with the bits numbered 1-8. The event numbered bits
go to the L Block and the odd numbered bits go to the R block. Note that the
bit order is big endian, where bit 1 is most significant and bit 8 is least
least significant. The input block is typically loaded as 8 successive byte
loads:
Port MSB7 Input (LR) Left
Bit Bit Block (64 bits) Block (32 bits)
2------6-------58 50 42 34 26 18 10 2 1 2 3 4 5 6 7 8
4------4-------60 52 44 36 28 20 12 4 9 10 11 12 13 14 15 16
6------2-------62 54 46 38 30 22 14 6 17 18 19 20 21 22 23 24
8------0-------64 56 48 40 32 24 16 8 25 26 27 28 29 30 31 32
Right
Block (32 bits)
1------7-------57 49 41 33 25 17 9 1 1 2 3 4 5 6 7 8
3------5-------59 51 43 35 27 19 11 3 9 10 11 12 13 14 15 16
5------3-------61 53 45 37 29 21 13 5 17 18 19 20 21 22 23 24
7------1-------63 55 47 39 31 23 15 7 25 26 27 28 29 30 31 32
Input Byte 8 7 6 5 4 3 2 1
The Final Permutation
The Final Permutation (IP-1) provides the inverse, it standarizes the output
of the R16L16 output block to a byte wide interface. The Output block is
ordered Right then Left to allow complementary operation for subsequent
decryption. Were one to perform an IP followed by IP-1 without any intervening
round iteration operations, one would end up with odd and even bits swapped:
Right Output (R16L16) Standard Port
Block (32 bits) Block (64 bits) Bit Bit
1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8---------6--------2
9 10 11 12 13 14 15 16 9 10 11 12 13 14 15 16---------4--------4
17 18 19 20 21 22 23 24 17 18 19 20 21 22 23 24---------2--------6
25 26 27 28 29 30 31 32 25 26 27 28 29 30 31 32---------0--------8
Left
Block (32 bits)
1 2 3 4 5 6 7 8 33 34 35 36 37 38 39 40---------7--------1
9 10 11 12 13 14 15 16 41 42 43 44 45 46 47 48---------5--------3
17 18 19 20 21 22 23 24 49 50 51 52 53 54 55 56---------3--------5
25 26 27 28 29 30 31 32 57 58 59 60 61 62 63 64---------1--------7
Output Byte 8 7 6 5 4 3 2 1
>From FIPS Pub 46-2:
Final Permuation IP-1:
Output Byte
40 8 48 16 56 24 64 32 1
39 7 47 15 55 23 63 31 2
38 6 46 14 54 22 62 30 3
37 5 45 13 53 21 61 29 4
36 4 44 12 52 20 60 28 5
35 3 43 11 51 19 59 27 6
34 2 42 10 50 18 58 26 7
33 1 41 9 49 17 57 25 8
1 2 3 4 5 6 7 8 Port Bit
7 6 5 4 3 2 1 0 MSB7 Bits
In the simplest hardware implementation of DES, the Left and Right blocks are
comprised in hardware of four 8 bit register each. Each 8 bit register can be
serially loaded (IP), serially unloaded (IP-1), or parallel output and parallel
loaded (round interation). DES is an encryption algorithm originally required
to be implemented in hardware, specified in 1977 - predating 16 or 32 bit
microprocessor peripherals.
Permuted Choice 1
PC1 performs a similar function loading the C and D 28 bit registers (comprised
of three 8 bit bidirectional shift register and 1 4 bit bidirectional shift
register, all with parallel outputs). The C and D registers can be serially
loaded (shifting right), or serially shifted left or right in a closed ring
for encryption or decryption.
Port MSB7
Bits Bits
Input (CD) C
Block, 64 bits Block (28 bits)
1--------7------57 49 41 33 25 17 9 1 MS 1 2 3 4 5 6 7 8
2--------6------58 50 42 34 26 18 10 2 9 10 11 12 13 14 15 16
3--------5------59 51 43 35 27 19 11 3 17 18 19 20 21 22 23 24
4--------4------60 52 44 36 ----------- (C(28)) 25 26 27 28
D
Block (28 bits)
7--------1------63 55 47 39 31 23 15 7 1 2 3 4 5 6 7 8
6--------2------62 54 46 38 30 22 14 6 9 10 11 12 13 14 15 16
5--------3------61 53 45 37 29 21 33 5 17 18 19 20 21 22 23 24
4-------(D(25)--------------28 20 12 4 25 26 27 28
8--------0------64 56 48 40 32 24 16 8 LS (parity)
Input Byte 8 7 6 5 4 3 2 1
Note that bit 4 is used as input for both C and D. This implies that C(28)
output is used as the serial input to D(25). The least significant bit is
used for odd parity.
==============9DD3C039AA89114D123A16B3==
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Funny News
Date: Thu, 15 Jul 1999 03:29:27 GMT
James Andrews wrote:
> ... criminals are a direct result of laws in that the term "criminal"
> means someone who doesnt follow the law.
No, there are objectively defined crimes, which cover doing actual
harm to others, whether or not any laws apply, and politically
defined crimes, which consist merely in violation of laws or
administrative policies but do no harm. Practically everybody
agrees that the former type of criminal needs to be deterred,
arrested, and/or punished, while many of us don't think that
laws should create the latter kind of "criminal" at all.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
