Cryptography-Digest Digest #931, Volume #9 Sat, 24 Jul 99 03:13:04 EDT
Contents:
Re: How Big is a Byte? ("Douglas A. Gwyn")
Re: What the hell is XOR? (SCOTT19U.ZIP_GUY)
Re: another news article on Kryptos (Terry Ritter)
NIST's ECC params (Greg)
Re: How Big is a Byte? (was: New Encryption Product!) (wtshaw)
Re: NIST's ECC params ("Roger Schlafly")
Re: How Big is a Byte? (wtshaw)
Crypt Dll for VB ("nreoj@owl")
Re: How Big is a Byte? (was: New Encryption Product!) (wtshaw)
Re: A Good Key Schedule (John Savard)
Re: Implementations of Rivest's "Chaffing and Winnowing"? (wtshaw)
Re: How Big is a Byte? (bill_h)
Re: Help with finding key... (Wim Lewis)
Re: What the hell is XOR? (Boris Kazak)
Re: White page on Thermal noise ("Keith Brodie")
Simple hash or CRC algorithm implementable in VB? ("Steve K")
Re: What is skipjack ??? (spike)
can someone send me 'errata corrige', Applied Cryptography B.Schneier
([EMAIL PROTECTED])
Re: What is skipjack ??? (spike)
----------------------------------------------------------------------------
Crossposted-To: alt.folklore.computers
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: How Big is a Byte?
Date: Fri, 23 Jul 1999 17:58:01 GMT
[EMAIL PROTECTED] wrote:
> If the number line is entended into the negative realm there are
> alternate representations of zero. 1-1 would be one such.
That's no longer base 1.
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: What the hell is XOR?
Date: Sat, 24 Jul 1999 00:15:26 GMT
In article <Gi4m3.108$[EMAIL PROTECTED]>, "karl malbrain"
<[EMAIL PROTECTED]> wrote:
>
>SCOTT19U.ZIP_GUY <[EMAIL PROTECTED]> wrote in message
>news:7n9sgh$d56$[EMAIL PROTECTED]...
>> I wasn't going to comment on XOR but it is one of my favorite things
>> and since this thread seems like it is long lived I decided to throw in
>> my 2 cents worth.
>> If one has a old copy of "EDN" I worte a circut up that won the design
>> awards for that month. Not even sure the magizine is still in publication
>> but the article generated much mail and shows my love of the XOR
>> function.
>
>Yes, Engineering Design News is still in publication. One of its regular
>columnists is Bob Pease. Which issue are you referring to in specific??
>Karl M
>
>
I don't save paper but the Engineering Design News (EDN) had a very small
section on design awards. I never saved a copy. While I did for a few years
but like every thing else it is lost. I don't remeber the year or the month
but it had to between july 1970 and jan 1990 sorry that is about my best
guess in time. I am bad with dates.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
From: [EMAIL PROTECTED] (Terry Ritter)
Subject: Re: another news article on Kryptos
Date: Sat, 24 Jul 1999 00:00:51 GMT
On Fri, 23 Jul 1999 03:00:04 GMT, in <[EMAIL PROTECTED]>, in
sci.crypt "Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote:
>Terry Ritter wrote:
>> Note that this statement is not true if the algorithm set keeps
>> expanding, because then the algorithm is certainly *not* fixed.
>
>If you can actually implement it, it certainly is.
No, it is not. One can implement a system which supports the dynamic
introduction of new algorithms. Any particular description of "the"
overall system must thus be continually updated and so is certainly
*not* fixed. Indeed, the actual system cannot even be described in
any more than "handwave" precision such as: "in addition to the known
set of algorithms, currently unknown additional algorithms of
virtually unlimited nature may be present."
---
Terry Ritter [EMAIL PROTECTED] http://www.io.com/~ritter/
Crypto Glossary http://www.io.com/~ritter/GLOSSARY.HTM
------------------------------
From: Greg <[EMAIL PROTECTED]>
Subject: NIST's ECC params
Date: Sat, 24 Jul 1999 00:02:44 GMT
Here is a sample of NIST's Elliptical Curve Crypto parameters:
Curve K-163
a= 1
r= 5846006549323611672814741753598448348329118574063
G_x= 7 fde7c498 55ceb00d bd1a0103 1b46ea59 572fa7c2
G_y= 3 cc314ada 05d68f5b c68a03fa 2a515326 76976740
Curve B-163
r= 5846006549323611672814742442876390689256843201587
Normal Basis:
s= 85e25bfe 5c86226c db12016f 7553f9d0 e693a268
b= 6 645f3cac f1638e13 9c6cd13e f61734fb c9e3d9fb
G_x= 0 311103c1 7167564a ce77ccb0 9c681f88 6ba54ee8
G_y= 3 33ac13c6 447f2e67 613bf700 9daf98c8 7bb50c7f
ANSI X9.62 Polynomial Basis:
b= 7 91acdbfe b7a7209a 532c75c2 6609cfb1 37f4e3f2
G_x= 2 5df140c9 7162c9c9 bb4579cf 45851102 61346995
G_y= 5 508c4662 3d33aa37 9fa5ece8 f893a1f7 f0e90717
IEEE P1363 Polynomial Basis:
b= 2 0a601907 b8c953ca 1481eb10 512f7874 4a3205fd
G_x= 3 f0eba162 86a2d57e a0991168 d4994637 e8343e36
G_y= 0 d51fbc6c 71a0094f a2cdd545 b11c5c0c 797324f1
Is the "a" param the coefficient for the x^1 and the "b" param the
coefficent for the X^0 term?
What is the difference between a K-xxx curve and a B-xxx curve?
Why are there different "r"'s for the two different curves?
And if G_ is the base point, then why is there a base point defined for
the K-xxx curve and then again for each polynomial basis curve?
I am ready to implement a curve, but I want to be certain I understand
these parameters first.
--
Democracy is the male majority legalizing rape.
UN Security Council = Democracy in Action - there is no appeal.
Welcome to the New World Order.
The US is not a democracy - US Constitution Article IV Section 4.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Crossposted-To: alt.folklore.computers
Subject: Re: How Big is a Byte? (was: New Encryption Product!)
Date: Fri, 23 Jul 1999 20:12:25 -0600
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] wrote:
>
> You may argue that you didn't "start counting" until the first sheep
> arrived, but you were watching the road in the same state prior to the
> first sheep as prior to the second sheep except for the value of your
> "current count". So I maintain that you "started counting" when you
> started watching for sheep, not when the first sheep arrived.
>
> B. Kernigan identified this as the most important issue in programming
> in an interview with Unix Magazine (Journal?) about 8 years ago.
>
So, computers have introduced a new counting method. When you start
counting your fingers do you begin with zero. When you count a blackjack
hand, do you start with zero? Zero means you have no cards yet to count.
For programming languages, mine allows we to specify start indexing in
arrays with either zero or one. To be sure, I always start with one, but
make sure my array has a couple or more unused cells at the top.
--
Real Newsreaders do not read/write in html.
------------------------------
From: "Roger Schlafly" <[EMAIL PROTECTED]>
Subject: Re: NIST's ECC params
Date: Fri, 23 Jul 1999 18:59:57 -0700
Greg wrote in message <7navr1$1vp$[EMAIL PROTECTED]>...
>Here is a sample of NIST's Elliptical Curve Crypto parameters:
>Is the "a" param the coefficient for the x^1 and the "b" param the
>coefficent for the X^0 term?
Yes, but in characteristic 2 there are x^2 and x^0 terms.
>What is the difference between a K-xxx curve and a B-xxx curve?
The K-xxx curves are Koblitz curves.
>Why are there different "r"'s for the two different curves?
Order of the curve. Each curve has a different order. 2 bases for the
same curve have the same order.
>And if G_ is the base point, then why is there a base point defined for
>the K-xxx curve and then again for each polynomial basis curve?
The K curves have nothing to do with the B curves. When there is a
choice of basis, the generator looks different with respect to each
basis.
>Democracy is the male majority legalizing rape.
>UN Security Council = Democracy in Action - there is no appeal.
>Welcome to the New World Order.
>The US is not a democracy - US Constitution Article IV Section 4.
(Goofy signature. Females have a majority in the US and the world.
There is no appeal from the UN, but it can be ignored as recently
happend in the NATO war against Serbia and Kosovo.)
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Crossposted-To: alt.folklore.computers
Subject: Re: How Big is a Byte?
Date: Fri, 23 Jul 1999 20:28:13 -0600
In article <[EMAIL PROTECTED]>, Ian
Stirling <[EMAIL PROTECTED]> wrote:
> In alt.folklore.computers wtshaw <[EMAIL PROTECTED]> wrote:
alt.folklore.computers? That's funny.
>
> But in base 1, there is a + between figures.
>
> A number abc in base n has the value a*n^3 + b*n^2 + c*n^1
> For base 1, this is just a+b+c
What do you put it between, 0's to the Oth power? Each element would be
equal to one if you specified the number in some sort of equation with no
disallowed characters.
Perhaps what we have is as mystical as the square root of a minus one,
needing an expression like i to patch standard mathematics.
>
> Am I missing something?
You are missing *nothing*. The characters 1,2,3 would not be allowed in a
base one calculation if it was consistent with those in any other base,
so, better use symbols that you specify else where that should be
integers, except you can't find any useful ones in the base one set.
--
Real Newsreaders do not read/write in html.
------------------------------
From: "nreoj@owl" <[EMAIL PROTECTED]>
Subject: Crypt Dll for VB
Date: Mon, 19 Jul 1999 22:06:01 +0200
Hi!
Is there a easy to use crypt - dll for using in VB.
Thanks, N!
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Crossposted-To: alt.folklore.computers
Subject: Re: How Big is a Byte? (was: New Encryption Product!)
Date: Fri, 23 Jul 1999 20:05:56 -0600
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] wrote:
> wtshaw wrote:
> >
> > Zero has no value in itself as it expresses the absence of a number in a
> > particular place.
>
> There is a difference between zero the number and zero the digit. You
> are using the second to replay to the first.
>
Nothing=nothing... I consider you above argument a NULL hypothesis.
> >
--
Real Newsreaders do not read/write in html.
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: A Good Key Schedule
Date: Mon, 19 Jul 1999 20:12:05 GMT
Mok-Kong Shen <[EMAIL PROTECTED]> wrote, in part:
>I understand that you apply function or functions to a given
>passphrase to get different keys and use these in different steps.
>Isn't this analogous to the transformations e.g. DES does to its
>key? Or have I missed something?
Well, from knowing any one of the DES subkeys, you can recover 48 of
the bits in the 56 bit key. If a hash function were used, then a
transformation that was not invertible would be used.
John Savard ( teneerf<- )
http://www.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: Implementations of Rivest's "Chaffing and Winnowing"?
Date: Fri, 23 Jul 1999 21:11:01 -0600
In article <7na25h$ons$[EMAIL PROTECTED]>, [EMAIL PROTECTED] wrote:
> Hello,
>
> I have written some software that implements Rivest's "Chaffing and
> Winnowing" idea to perform file encryption, and I'm wondering if there
> is other software that does the same. Does anybody have any pointers?
>
I understand that the generalized idea is to so drown the opponent in data
as he gives up trying to sort out what is effectively adding filler, nulls
as you please.
I did something in that direction with a number of base translation
ciphers which produce ciphertexts using a less than normal alphabet, then
salt the ciphertext with the unused characters.
Another method is to throw snowballs (from hell?) of ciphertext. You do
need something that expands ciphertext with multiple processing. I can
demonstrate this easily with BLT in which each step triples the number of
characters, and obscures increasingly the message through vague
combinations of sequences.
I will make a simple key by hashing these words.
Alpha(BLT): jykpqsane bwltvrfog zd/hcximu
Consider this as plaintext.
Here is the ciphertext after preformating and one pass:
rnovs wbxyt cusrz simar uvdll hgoqh scpku faoxr tebgp bwrxj lzmho fxzgp
xgptk dwdfp eguvr cqfkq s
Again, after two passes:
ovxbk vnlqy wchoe wjyqi bsmlp zdvmf eqnes ghckv mexpz pqxkl ikuqp ujong
gxedc okhqn axcig xqfmu loeqf mykyp fqgxo vfobf akkxl nshtg bogde osnvr
nqffs rwtpm sxioa dpioz qydlu qsfib wtklp ixkvx ojcgm nkhgn ulbiv gxbot
soumx rjwtw chipl sfovz ouivq ejhct aelqx lluey dqcyk gomam ywxtt frbvq
fyk
And, three passes:
vkqov csokq bzths dvqhe nofsp ymjzv vfyrm cxwzw rczus qhoif bzamb vwxuh
wjtzv elsno tkaqi xihkf cwvyk godep hrgam cfxmf rehcg msusc jgnch fxmvq
xkmhl xknxb dtrfh iqjfw vlvut ilofg lutib ggrut doiop gueat hweqh umnle
cxlen uhlsk bwudc devht eedbi wdjgn blakw lxymk gawek lvrfm cnujg xvxug
mzxcu vtusp nvdrt rudtz catsi fczwh dxjio vnlkr oxqkn vcodr aqgnv afcsf
zuptz xtbeu cxoig jkvac lxqic qfosx dpiwx owksx bdjsg nucbq upucc vnqnr
fryzo yogpw xtbqs odena vnoaf nagrq idruc guxay lwpkh uhnhq iukin kmkap
tvcfp mlawq zerls bovfn rortx khoha otwqy zpzxy txjcp glzsw kpalw vcuqr
ognjz fxdcm lexrv zxohp elyhq klfew rslwb uvfal ujmyv oskgv xvifm somca
fdsyl nkrek gvkos onrtj pczmq yimtc gmwgn zxezf danax jmxns byrqv coszi
ngqlg sslbm dvfqy bgutz feypk covoz iepjx syaxb wyrou oigma ksekj rlahy
gpohd mkomj pdajk vrxcu qkxch kpkem jpova qgolo vhomz dxhqc gczjo qdtyd
mkiba nhzk
There is a fairly good distribution of all letters, 19 to 41, min and max.
Finally, decrypted thrice and postformatted:
consider this as plaintextx
And, the ciphertexts would be different if I ran it again, but I won't to
save bandwidth.
--
Real Newsreaders do not read/write in html.
------------------------------
From: bill_h <[EMAIL PROTECTED]>
Crossposted-To: alt.folklore.computers
Subject: Re: How Big is a Byte?
Date: Fri, 23 Jul 1999 19:06:11 -0700
Reply-To: [EMAIL PROTECTED]
Ian Stirling wrote:
> Hence, in base 1, the number
> "11111" is equal to 5, "111 11" is also equal to 5, as is "111011"
Just as there are no ''8s'' in Base_8, nor ''4s'' in Base_4, there
can NOT be a ''1'' in a Base_1, if such a thing were even possible.
The ONLY 'number' available to you in Base_1 would therefore appear
to be ZERO. Naught. You couldn't count up to ANYTHING.
Your '11111' is meaningless, not ''equal to 5''.
etc.
Bill
------------------------------
From: [EMAIL PROTECTED] (Wim Lewis)
Subject: Re: Help with finding key...
Date: Fri, 23 Jul 1999 08:24:24 +0000
In article <7n8vka$c61$[EMAIL PROTECTED]>,
Jaye Mathisen <[EMAIL PROTECTED]> wrote:
>They tell me this is secure.
>
>Since I know the original plaintext, and can produce the encrypted
>output, I would like some pointers as to how to find the key they use,
>so I can poke little holes in their theory about the security of their
>product (which other than this issue, works pretty well).
This is basically a chosen-plaintext attack. A good cipher should
be resistant to chosen-plaintext attacks.
>I have the binary as well that creates it, so I can search it from some
>strings.
This is probably the easiest way to attack the system. Blowfish uses
some tables of constants you could look for, insert breakpoints,
find the key schedule setup and find the key, etc.
But that doesn't really mean much. Any purely-software protection
mechanism can be broken in a similar manner, with more or less effort. If
it's not trivially easy, then most potential pirates won't do it, and
the protection has served its purpose.
--
Wim Lewis - [EMAIL PROTECTED], also hhhh.org - Seattle, WA, USA
------------------------------
From: Boris Kazak <[EMAIL PROTECTED]>
Subject: Re: What the hell is XOR?
Date: Fri, 23 Jul 1999 22:53:59 -0400
Reply-To: [EMAIL PROTECTED]
Spud wrote:
>
> I was reading "Applied Cryptography" by Bruce Schneier and I really don't
> get the XOR function. Help, please! Thanks.
>
> PS -- I'm not a computer newbie so you don't have to dilute any
> explainations with "easy words".
=======================
My explanation will all consist of "easy words"....
XOR is a logical function which takes 2 boolean inputs and
produces 1 boolean output.
It is called also the "non-equivalence" function, because when
the 2 inputs are identical (both 0, or both 1) the output is 0,
but when the 2 inputs are different (1,0 or 0,1) the output is 1.
There exists also a complementary "equivalence" function, which
produces output 0 when inputs are different, and output 1 when
inputs are identical.
XOR in the sense used in the "A.C" means that 2 numbers with
equal length have been combined via a bit-by bit XOR function
(bit 0 with bit 0, bit 1 with bit 1, and so on).
Sorry that I must explain it to a person who is "not a ... newbie"
Best wishes BNK
------------------------------
From: "Keith Brodie" <[EMAIL PROTECTED]>
Subject: Re: White page on Thermal noise
Date: Sat, 24 Jul 1999 05:55:52 GMT
You should look at Terry Ritter's site www.io.com/~ritter
He has an excellent literature survey on hardware random number generators
and some of his own junction noise experimental results.
--
Keith Brodie KF6QEK
Remove block to reply
[EMAIL PROTECTED]
Drew Cutter wrote in message <[EMAIL PROTECTED]>...
>Looking for white paper or url on intel use of thermal noise for
>hardware base random number generator.
------------------------------
From: "Steve K" <[EMAIL PROTECTED]>
Subject: Simple hash or CRC algorithm implementable in VB?
Date: Sat, 24 Jul 1999 01:21:12 -0400
Hey all,
Does there exist any simple hash algorithms (not very many lines) that is
suitable for hashing short strings and can be easily implemented in Visual
Basic (read: no unsigned long integers).
Any advice would be appreciated!
-steve
------------------------------
From: spike <[EMAIL PROTECTED]>
Subject: Re: What is skipjack ???
Date: Sat, 24 Jul 1999 00:03:34 -0700
Reply-To: [EMAIL PROTECTED]
David A Molnar wrote:
> > And how does it compare to idea,
> > des, and blowfish ?
>
> In what regard -- speed, security, ease of implementation, or?
>
> -David Molnar
My bad... I should have specified in what regard to compare them. How does
it compare to other cryptographic algorithms such as Idea, des, blowfish,
etc...
Thanks again...
Spike
------------------------------
From: [EMAIL PROTECTED]
Subject: can someone send me 'errata corrige', Applied Cryptography B.Schneier
Date: Sat, 24 Jul 1999 07:31:53 GMT
thanks, jorge
------------------------------
From: spike <[EMAIL PROTECTED]>
Subject: Re: What is skipjack ???
Date: Sat, 24 Jul 1999 00:11:14 -0700
Reply-To: [EMAIL PROTECTED]
spike wrote:
> David A Molnar wrote:
>
> > > And how does it compare to idea,
> > > des, and blowfish ?
> >
> > In what regard -- speed, security, ease of implementation, or?
> >
> > -David Molnar
>
> My bad... I should have specified in what regard to compare them. How does
> it compare to other cryptographic algorithms such as Idea, des, blowfish,
> etc...
>
> Thanks again...
>
> Spike
Damn.... I did it again !!! :-)
I mean... how does it compare to those algorithms with regard to security ?
Spike
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
