Cryptography-Digest Digest #913, Volume #9 Tue, 20 Jul 99 02:13:03 EDT
Contents:
Re: Traffic Analysis (Sundial Services)
Re: ECC encryption and decryption algorithm. (DJohn37050)
Re: Traffic Analysis (dave)
Re: another news article on Kryptos (David Lesher)
Re: A Good Key Schedule (Jeff Epler)
WinZip secure? ("Nam, Bo-hyun")
Re: Crypt Dll for VB (Anonymous)
Re: Good Autokey and Bad Autokey (John Savard)
Re: Traffic Analysis ("Douglas A. Gwyn")
Re: another news article on Kryptos ("Douglas A. Gwyn")
Problem with Solitaire? (Anonymous)
Re: randomness of powerball, was something about one time pads ("Douglas A. Gwyn")
Re: another news article on Kryptos ("Douglas A. Gwyn")
Re: another news article on Kryptos ("Douglas A. Gwyn")
Re: another news article on Kryptos ("Douglas A. Gwyn")
Re: Deal for cracking ! (drobick)
Software for Win9x ("Cugino")
Re: 3rd workshop on elliptic curve cryptography (ECC '99) (drobick)
Re: Looking for RC4 alternative ([EMAIL PROTECTED])
A few qustions on encryption ("Krishna Sawh")
----------------------------------------------------------------------------
Date: Mon, 19 Jul 1999 17:51:42 -0700
From: Sundial Services <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: Traffic Analysis
dave wrote:
> And, yes, there are several stations that seem to emit nothing but
> repetative tones, or even pure noise.
Which brings up the point that most military links are on the air all
the time, broadcasting data with extremely similar characteristics, much
of it truly random noise. It's basic steganography, of course. Before
"General Eve" can begin to decrypt the message, she must determine what
is in fact a message and what is noise...
------------------------------
From: [EMAIL PROTECTED] (DJohn37050)
Subject: Re: ECC encryption and decryption algorithm.
Date: 19 Jul 1999 15:17:22 GMT
ANSI X9.63 has ECC encryption based on Bellare-Rogaway. See one of their web
pages for paper.
Don Johnson
------------------------------
From: dave <[EMAIL PROTECTED]>
Subject: Re: Traffic Analysis
Date: Tue, 20 Jul 1999 00:01:01 GMT
There's a subscription newsgroup - "spooks.qth" devoted to the various
numbers stations and other oddities that appear on the short- wave radio
bands. They've got the message formats and directions down to the point
where they assume to know what organisation is sending the message, and
roughly where the transmitters are located. They've recently started
compiling a data bank with the idea of attempting some traffic
analysis. A lot of these stations work regular schedules, and seem to
send messages to specific ears. Many stations work in regular AM mode,
so you can here these guy's with a rudimentary radio. They usually send
five letter or five number groups. Many of these stations have colorful
names attached (unofficially, of course) such as The Russian Man or The
Lincolnshire Poacher. Probably all OTP stuff, but ???. Also various
data transmission modes.
And, yes, there are several stations that seem to emit nothing but
repetative tones, or even pure noise.
Worth a looksee. regards, Dave
------------------------------
From: [EMAIL PROTECTED] (David Lesher)
Subject: Re: another news article on Kryptos
Date: 20 Jul 1999 00:26:11 GMT
Reply-To: [EMAIL PROTECTED] (David Lesher)
[EMAIL PROTECTED] (Mr. Kile A. Noy) writes:
>>Call for speculation: If an NSA cryptographer was the first to solve
>>the last cipher, would the NSA allow an announcement of that fact?
>I can't imagine any government agency passing up a chance to look good.
>--
Especially not one starved for funds & desperate for good PR.
--
A host is a host from coast to [EMAIL PROTECTED]
& no one will talk to a host that's close........[v].(301) 56-LINUX
Unless the host (that isn't close).........................pob 1433
is busy, hung or dead....................................20915-1433
------------------------------
From: [EMAIL PROTECTED] (Jeff Epler)
Subject: Re: A Good Key Schedule
Date: Tue, 20 Jul 1999 00:47:35 GMT
On 19 Jul 99 04:35:46 GMT, [EMAIL PROTECTED]
<[EMAIL PROTECTED]> wrote:
>Binary, with its small-sized bits, is very well suited to data
>compression. Arithmetic coding is unneccessarily complicated for a
>very small additional gain, and may be covered by patents.
I don't have anything to add to the thread, except to note that the idea of
"small", "medium", "large", and "super-size" bits is an amusing one.
Jeff
--
\/ http://www.redhat.com/ Jeff Epler [EMAIL PROTECTED]
Q: Why does Washington have the most lawyers per capita and
New Jersey the most toxic waste dumps?
A: God gave New Jersey first choice.
------------------------------
From: "Nam, Bo-hyun" <[EMAIL PROTECTED]>
Subject: WinZip secure?
Date: Tue, 20 Jul 1999 10:16:41 +0900
Reply-To: [EMAIL PROTECTED]
Good morning.
I want to know how much secure zipped file with password.
Are there methods to crack zipped file with password?
Let me know, please.
Thank you.
--
====================================================
Bo-hyun Nam
====================================================
Korea Computer, Inc.
====================================================
Phone : +82 2 829-3260
Fax : +82 2 829-3300
Address :
Korea Computer B/D F8,
395-65, Shindaebang-dong,
Dongjak-gu,
Seoul, 156-010, Korea.
E-mail : [EMAIL PROTECTED]
HiTEL : CeHyun
PGP Key ID : 2E914957
PGP Fingerprint :
4302 5717 1D23 9A6E 2934 0135 FBBA 22F0 2E91 4957
====================================================
------------------------------
Date: Tue, 20 Jul 1999 01:27:43 +0200 (CEST)
From: Anonymous <[EMAIL PROTECTED]>
Subject: Re: Crypt Dll for VB
check out the following. Up most evenings and 24 hrs on weekends.
http://surf.to/hookah/code.html
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Good Autokey and Bad Autokey
Date: Mon, 19 Jul 1999 15:12:26 GMT
Mok-Kong Shen <[EMAIL PROTECTED]> wrote, in part:
>I am not sure that I understand your 'counter information'.
Essentially, if instead of packets being encrypted, a data stream is
being encrypted, and that data stream is vulnerable to errors, and
some corresponding errors in the deciphered stream are tolerable, as
long as communication resumes after a short interval,
it is necessary not to lose count of which byte is which if the
encryption depends on an internal state.
No information about the key or the plaintext has to be leaked; this
is just a counter of the number of bytes transmitted.
John Savard ( teneerf<- )
http://www.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Traffic Analysis
Date: Tue, 20 Jul 1999 03:09:56 GMT
David A Molnar wrote:
> I haven't seen traffic analysis "by itself" much, but if anyone has
> pointers, that'd be great.
Military-style T/A, which involves identifying organizational structure
from the communication patterns, is rather specialized, but even so,
there is material about in in MilCryp and the Zendian book, as well as
an old US Army TM in the National Archives (perhaps available on the
net somewhere).
Modern network T/A is to some degree easier, since standard protocols
are used to route traffic, authenticate, etc.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: another news article on Kryptos
Date: Tue, 20 Jul 1999 03:17:06 GMT
Mok-Kong Shen wrote:
> ... doesn't garantee the non-existence of such possibilities,
> I am afraid.
That is where experience comes in. To have much risk of an accidental
decipherment to a substantially wrong plaintext, with most classical
encryption schemes, the message would have to be no more than three
dozen characters. 97 puts it out of the realm of practical concern.
Ultimately, when one thinks he has found the correct decryption, the
coherence of the plaintext and the complexity of the supposed method
of encryption must be evaluated to see how likely the answer really
is. ("Baconian" results, such as the strange alternate Kryptos
messages about God etc. we saw here recently, typically fail to meet
this criterion.)
------------------------------
Date: Tue, 20 Jul 1999 04:40:15 +0200 (CEST)
From: Anonymous <[EMAIL PROTECTED]>
Subject: Problem with Solitaire?
Has anyone seen this article:
http://x21.deja.com/[ST_rn=ps]/getdoc.xp?AN=499484285 which claims there
is a problem in Bruce Schneier's "Solitaire" encryption system (which uses
a deck of cards to do encryption)? Supposedly it puts out repetitions
more often than it should. Does this sound like a serious problem?
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: randomness of powerball, was something about one time pads
Date: Tue, 20 Jul 1999 03:03:51 GMT
John Briggs wrote:
> In neither case does the game decompose cleanly into a set of three
> independent sub-games. The results on the other two dice influence
> the payoff matrix on the remaining die. In particular, if you've
> already got a six, your stake is no longer at risk.
Okay, valid point. Thanks for the detailed analysis.
> If you can be seduced into believing that "original rules" is cleanly
> decomposable into three independent sub-games then you are a mark.
> The carny wants you to think this.
That means that the (corrected-rules) original game is indeed
suitable for a carnival game, and although it is only about half
as lucrative for the house as the version of Chuck-a-Luck that I
recalled, it is more likely to be misanalyzed, thus attract more
marks. I think we have finally gotten from the original (clearly
mistaken) description to the intended one.
> Three independent sub-games on the reward side yes. But there's a
> different and non-independent sub-game on the risk side. This may be
> what Doug Gwyn has in mind. He's usually pretty sharp.
It's what I should have had in mind, but I missed the dependency on
the risk side. Oops.
Thanks again.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: another news article on Kryptos
Date: Tue, 20 Jul 1999 03:27:38 GMT
I think it's simpler than that -- most NSA employees are still
operating under their old security indoctrination, which among
other things tells them that there is a law making it a Federal
felony to identify active employees of any US intelligence
agency. (There is such a law; its intent was to stop antiwar
protesters from publishing the names and addresses of CIA
employees to be "hit" or harrassed.) Also, there is a carryover
from the Cold War policy of never saying anything about their
capabilities, even when clearly there is no national security
impact.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: another news article on Kryptos
Date: Tue, 20 Jul 1999 03:22:07 GMT
wtshaw wrote:
> I figure he knows of lots of possibilities for ciphers, more than
> most of us, but falls short of the numbers of them that are known
> to NSA.
Undoubtedly, but that's not very important for Kryptos.
Actually, the idea of running billions of guesses isn't very
productive when you don't know what kind of system you're dealing
with. If I were analyzing it, which I don't currently have time
to do, I'd assume one of the likely candidate systems such as
plaintext autokey, then use special methods (such as chaining)
that are relevant for C/A of such systems. Any guesswork at the
initial stage would be limited to (a) trying probable words and
(b) using ancillary possible clues, such as the KRYPTOS mixed
alphabet.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: another news article on Kryptos
Date: Tue, 20 Jul 1999 05:11:30 GMT
Just out of curiosity, what does its modulo-26 FFT spectrum look like?
------------------------------
From: drobick <[EMAIL PROTECTED]>
Subject: Re: Deal for cracking !
Date: Sat, 17 Jul 1999 20:31:44 +0200
DoktorWHO wrote:
>
> Hello there !
>
> I've developed a crypto and want to test its stability !
>
> If anyone is interested, lemme know..
>
> {200$ for the first one to crack !!}
yes send you the sourcecode another not!
------------------------------
From: "Cugino" <[EMAIL PROTECTED]>
Subject: Software for Win9x
Date: Mon, 19 Jul 1999 22:41:16 +0200
There is a software to crypt files on Win9x at:
http://cugino.virtualave.net
------------------------------
From: drobick <[EMAIL PROTECTED]>
Subject: Re: 3rd workshop on elliptic curve cryptography (ECC '99)
Date: Fri, 16 Jul 1999 21:28:35 +0200
Alfred John Menezes wrote:
> The 3rd workshop on Elliptic Curve Cryptography (ECC '99)
>
> University of Waterloo, Waterloo, Ontario, Canada
>
> November 1, 2 & 3, 1999
>
> Second Announcement July 12, 1999
>
> ECC '99 is the third in a series of annual workshops dedicated to the
> study of elliptic curve cryptography. ECC '99 will have a broader
> scope than ECC '98 and ECC '97, which focussed primarily on the
> elliptic curve discrete logarithm problem. The main themes of
> ECC '99 will be:
> - Provably secure discrete log-based cryptographic protocols for
> encryption, signatures and key agreement.
> - Efficient software and hardware implementation of elliptic curve
> cryptosystems.
> - The discrete logarithm and elliptic curve discrete logarithm problems.
>
> It is hoped that the meeting will encourage and stimulate further
> research on the security and implementation of elliptic curve
> cryptosystems and related areas, and encourage collaboration between
> mathematicians, computer scientists and engineers in the academic,
> industry and government sectors.
>
> There will be approximately 15 invited lectures (and no contributed
> talks), with the remaining time used for informal discussions.
>
> Sponsors:
> Certicom Corp.
> Communications and Information Technology Ontario (CITO, Canada)
> MasterCard International
> Mondex International Limited
> University of Waterloo
>
> Organizers:
> Alfred Menezes (University of Waterloo)
> Scott Vanstone (University of Waterloo)
>
> Confirmed Speakers:
> Mihir Bellare (University of California at San Diego, USA)
> Dan Boneh (Stanford University, USA)
> Robert Gallant (Certicom Corp., Canada)
> Philippe Golle (Stanford University, USA)
> Dan Gordon (Centre for Communications Research, USA)
> Reynald Lercier (Centre d'Electronique de L'Armement, France)
> Michele Mosca (Oxford University, UK)
> Christof Paar (Worcester Polytechnic Institute, USA)
> Andreas Stein (University of Waterloo, Canada)
> Jacques Stern (Ecole Normale Superieure, France)
> Edlyn Teske (University of Waterloo, Canada)
> Stefan Wolf (ETH Zurich, Switzerland)
>
> ----------------------------------------------------------------------
> Preliminary Arrangements
>
> REGISTRATION
>
> There will be a registration fee this year of $250 Cdn or $180 US
> ($100 Cdn or $70 US for students). PLEASE REGISTER AS SOON AS POSSIBLE
> AS SPACE IS LIMITED FOR THIS WORKSHOP; REGISTRATION IS ON A
> FIRST-COME FIRST-SERVE BASIS. We cannot process a registration
> until all fees are paid in full. The deadline for all fees to be
> paid and registration completed has been set for the 12th of
> October, 1999. To register, complete, in full, the attached
> REGISTRATION FORM and return it along with your payment to:
> Mrs. Frances Hannigan, C&O Dept., University of Waterloo, Waterloo,
> Ontario, Canada N2L 3G1. Confirmation of your registration will be
> sent by email when payment is received in full.
>
> ------------------------cut from here---------------------------------
> ECC '99 CONFERENCE REGISTRATION FORM
>
> Fullname:
> _________________________________________________________
>
> Affiliation:
> _________________________________________________________
>
> Address:
> _________________________________________________________
>
> _________________________________________________________
>
> _________________________________________________________
>
> _________________________________________________________
>
> _________________________________________________________
>
> E-Mail Address:
> _________________________________________________________
>
> Telephone #:
> _________________________________________________________
>
> Circle Your Choice:
>
> Registration Fee: $ 250 Cdn / $ 180 US
>
> Student Registration Fee: $ 100 Cdn / $ 70 US
>
> (Registration Fee Includes Banquet)
> Attending Banquet: Yes / No Vegetarian: Yes / No
>
> Extra Guest Banquet Fee: $ 50 Cdn / $ 35 US
> Guest Vegetarian: Yes / No
>
> TOTAL REGISTRATION FEE: $___________________
>
> **Make Cheque/Money Order Payable in Cdn or US funds only to:
> ECC '99
> Credit Card payments cannot be accepted
>
> Additional Information:
>
> -------------------------cut from here-------------------------------
>
> TRAVEL
>
> Kitchener-Waterloo is approximately 100km/60miles from Pearson
> International Airport in Toronto. Ground transportation to Kitchener-
> Waterloo can be pre-arranged with Airways Transit.
>
> TRANSPORTATION TO AND FROM TORONTO AIRPORT
> PROVIDED BY AIRWAYS TRANSIT
>
> It is advisable to book your transportation between the Pearson Airport,
> Toronto, and Waterloo in advance to receive the advance booking rate of
> $29 Cdn per person, one way, with Airways Transit (open 24 hours a day).
> This is a door-to-door service; they accept cash (Cdn or US funds),
> MasterCard, Visa and American Express.
>
> Upon arrival:
> Terminal 1: proceed to Ground Transportation Booth, Arrivals Level,
> Area 2.
> Terminal 2: proceed to Airways Transit desk, Arrivals Level, Area E.
> Terminal 3: proceed to Ground Transportation Booth, Arrivals Level,
> under domestic area escalators.
>
> Complete the form below and send by mail or fax well in advance of your
> arrival to Airways Transit. They will not fax confirmations: your fax
> transmission record is confirmation of your reservation.
>
> -------------------------cut from here---------------------------------
> AIRWAYS TRANSIT ADVANCE BOOKING FORM - ECC '99
>
> ARRIVAL INFORMATION:
>
> ____________________________________________________________
> Surname First name
>
> ____________________________________________________________
> Toronto Arrival Date Airline Flight #
>
> ____________________________________________________________
> Arrival Time Arriving From
>
> ____________________________________________________________
> Destination in Kitchener/Waterloo No. in party
>
> DEPARTURE INFORMATION:
>
> ____________________________________________________________
> Surname First name
>
> ____________________________________________________________
> Toronto Departure Date Airline Flight #
>
> ____________________________________________________________
> Departure Time Flight # Destination
>
> ____________________________________________________________
> Pickup From No. in party
>
> ____________________________________________________________
> Signature Date
>
> Send or Fax to:
>
> Airways Transit
> 99A Northland Road
> Waterloo, Ontario
> Canada, N2V 1Y8
>
> Fax: (519) 886-2141
> Telephone: (519) 886-2121
> -----------------------------cut form here--------------------------------
>
> ACCOMMODATIONS
>
> There is a limited block of rooms set aside on a first-come first-serve
> basis at the Waterloo Inn and the Comfort Inn for the evenings of
> October 31, Nov 1, Nov 2 and Nov 3. Please make your reservations prior
> to September 20, 1999, directly with the hotel.
>
> Waterloo Inn
> 475 King Street North
> Waterloo, Ontario
> Canada N2J 2Z5
> Phone: (519) 884-0222
> Fax: (519) 884-0321
> Toll Free: 1-800-361-4708
> Website: www.waterlooinn.com
> - $88 Cdn plus taxes/night for a single or double room
> - please quote "ECC '99 Conference" when making your reservation.
>
> Comfort Inn
> 190 Weber Street North
> Waterloo, Ontario
> Canada N2J 3H4
> Phone: (519) 747-9400
> - $78 Cdn plus taxes/night for a single or double room
> - please quote "Group #11612" when making your reservation.
>
> Other hotels close to the University of Waterloo are:
>
> Destination Inn
> 547 King Street North
> Waterloo, Ontario
> Canada N2L 5Z7
> Phone: (519) 884-0100
> Fax: (519) 746-8638
> Approx rate: $75 Cdn plus taxes/night
>
> Best Western
> St. Jacobs Country Inn
> 50 Benjamin Road, East
> Waterloo, Ontario
> Canada N2V 2J9
> Phone: (519) 884-9295
> Approx rate: $109-$119 Cdn plus taxes/night
>
> The Waterloo Hotel
> 2-4 King Street North
> Waterloo, Ontario
> Canada N2J 1N8
> Phone: (519) 885-2626
> Approx rate: $112-$130 Cdn plus taxes/night
>
> ---------------------------------------------------------------------------
i am sorry no money for cipher and crypt-algorithmen
bye jo
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Looking for RC4 alternative
Date: Tue, 20 Jul 1999 01:47:09 -0400
> I know for certain that we CANNOT use RC4 in our release product (what a
> shame, as it's so easy to code), so I'm really keen to hear of alternative
> stream ciphers we can use for free.
>From what I understand you CAN use RC4 in your program so long as you do not
use the name RC4. It seems they have the name RC4 trademarked and the
algorithm uncopywrighted. At least that is my take on it.
------------------------------
From: "Krishna Sawh" <[EMAIL PROTECTED]>
Subject: A few qustions on encryption
Date: 17 Jul 99 16:22:51 +0000
I took two text files (file1 and file2) both the same contain the
same data and the same size (50k), but file2 has one byte which is
different. I encrypted the both files with the same key, when I
compared each byte of the encrypted files I found all but 300 bytes
were the same, I was just wondering if an algorithm exist that
would encrypt file2 and be 99% different?
Would this be a good form of encryption, if an algorithm dose not
exist, where would I start in writeing one?
Krishna Sawh
[EMAIL PROTECTED]
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
