Cryptography-Digest Digest #936, Volume #9 Sun, 25 Jul 99 18:13:03 EDT
Contents:
Novice question .. (Neil)
Re: My Algorithm (Guenther Brunthaler)
Re: What is skipjack ??? (wtshaw)
Re: Algorithm/Code for Public Key Encryption? (Keith Reeves)
Re: My Algorithm (SCOTT19U.ZIP_GUY)
Another "Real Cute" Modulus Construction. (Ted Kaliszewski)
Re: Between Silk and Cyanide
Re: Between Silk and Cyanide
Re: Between Silk and Cyanide (Paul Rubin)
Re: Kryptos Beginning of publicatio of solution (Jerry Coffin)
Re: How Big is a Byte? ("Douglas A. Gwyn")
Re: Between Silk and Cyanide
Re: What the hell is XOR?
Kryptos morse code ("Stephen J. Perris")
Re: X5X6 - "Keyless Encryption" is trademarked... (David C. Oshel)
Re: Algorithm/Code for Public Key Encryption? (David C. Oshel)
Re: hush mail (David A Molnar)
Re: hush mail ("Thomas J. Boschloo")
Re: Algorithm/Code for Public Key Encryption? (David C. Oshel)
Re: Info needed on cryptography... (David A Molnar)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Neil)
Subject: Novice question ..
Date: Sun, 25 Jul 1999 15:11:30 GMT
I am just curious...
If one took a fairly long message, say 200-300 words, and enciphered
it wwith playfair and THEN used a second encipherment with a good
transposition cipher ... wouldn't that be very tough to break??
Even with multiple messages, using different keys would still make it
pretty tough, wouln't it?
No flames, please! I am just trying to understand this stuff a little
better.
------------------------------
From: [EMAIL PROTECTED] (Guenther Brunthaler)
Subject: Re: My Algorithm
Date: Sun, 25 Jul 1999 15:08:53 GMT
On Sun, 25 Jul 1999 14:15:43 GMT, [EMAIL PROTECTED] (Keith
Reeves) wrote:
>>key 00110110
>>in 10010010
>>out 01011011
>Um, that's just a standard XOR operation. Correct me if I'm wrong.
NOT(XOR(x)) to be more precise!
Greetings,
Guenther
--
Note: the 'From'-address shown in the header is an Anti-Spam
fake-address. Please remove 'nospam.' from the address in order
to get my real email address.
In order to get my public RSA PGP-key, send mail with blank body
to: [EMAIL PROTECTED]
Subject: get 0x2D2F0683
Key ID: 2D2F0683, 1024 bit, created 1993/02/05
Fingerprint: 11 71 47 2F AF 2F CD F4 E6 78 D5 E5 3E DD 07 B5
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: What is skipjack ???
Date: Sun, 25 Jul 1999 08:53:30 -0600
In article <[EMAIL PROTECTED]>, fungus
<[EMAIL PROTECTED]> wrote:
> spike wrote:
> >
> > Damn.... I did it again !!! :-)
> >
> > I mean... how does it compare to those algorithms with regard to security ?
> >
>
> 80 bit key, 64 bit blocksize, designed by experts...
>
Security has many components. Keysize might indicate something useful,
but keysize in one algorithm is not necessarily relavent to keysize in
another.
As for experts, the guy with only one eye can be king in the land of the
blind. Those with four start looking for that which having four helps them
best to see, and tend avoid the concerns of those with fewer eyes as being
unimportant.
It all depends on what your end use and expectations are as to what
security can and should be. Skipjack was written for certain uses with
certain desired limitations.
--
Real Newsreaders do not read/write in html.
------------------------------
From: [EMAIL PROTECTED] (Keith Reeves)
Subject: Re: Algorithm/Code for Public Key Encryption?
Date: Sun, 25 Jul 1999 14:14:20 GMT
On Sat, 24 Jul 1999 23:37:47 GMT, Nick Roosevelt <[EMAIL PROTECTED]>
wrote:
>I am hoping to be able to implement encryption for a feature on a web
>site. It involves encrypting some data. I would like to use a double
>key/public key encryption algorithm. I am unable to use a component.
I'm not sure what you mean by component - if you're talking about an
exponent, you can pretty much forget about using RSA, which is the
primary technique for public-key encryption. However, I don't see a
reason why you can't get your hands on a modular exponentiation
algorithm which will do the job on any decent PC.
Anyhow, if you're thinking of using encryption on the web, the
standard is SSL, if I'm not mistaken. Try to find some documentation
on the subject, if you want to be compatible with the rest of the
world.
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: My Algorithm
Date: Sun, 25 Jul 1999 16:03:54 GMT
In article <[EMAIL PROTECTED]>, "Steven Hudson" <[EMAIL PROTECTED]>
wrote:
>I don't know if anyone has thought of this before but here is how it works:
>It takes the key and input char's(8 bits) and compares each bit in the input
>byte to the corasponding one in the key. Using a PRNG, if the bits are the
>same the output is a 1 or 0, depending on the PRNG. I then do the same
>thing with the output byte of the first operation with the last output byte
>of the previous input and key.
>
>This example just has the similar become a 1 and non-similar become 0.
>
>key 00110110
>in 10010010
>out 01011011
>
It does not sound like much more than what gets invented every day by
new people. If one they got a few messages and did not even know what
your souce code is. They could guess that it might be the old invented every
day method where XOR is used instead of your "not XOR" this would in your
example lead them to the key 11001001 instead of your magic key 00110110
but in either case they could read your message so no it does not seem like
something new or interesting under the sun. Why don't you look at
others peoples code before being sure that it is new?
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
From: Ted Kaliszewski <[EMAIL PROTECTED]>
Subject: Another "Real Cute" Modulus Construction.
Date: Sun, 25 Jul 99 13:28:32 -0500
25 July, 1999
Another, "Real Cute" Modulus Construction.
For those of you who collect "real cute" moduli constructions
here is another one:
p - 1 = k*q + 1
where, p, q are primes and k is a small, odd and positive integer.
Thus,
n = p*q
and
p = 1 + (1 + k*n)^2
Furthermore,
(p - 1) ^3 = (p -1) (mod n)
and
(p - 1) ^(n-1) = 1 (mod n)
Example:
q = 127
k = 11
p = 1399
n = 177 673
and
1398 ^3 = 1398 (mod 177 673)
1398 ^177672 = 1 (mod 177 673)
"Real cute", is it not ? And what a joy to factor it!
------------------------------
From: [EMAIL PROTECTED] ()
Subject: Re: Between Silk and Cyanide
Date: 25 Jul 99 17:43:13 GMT
Sundial Services ([EMAIL PROTECTED]) wrote:
: I certainly have not seen any reference to it before. Most of the code
: books on the WW2 era seem to be
I was thinking that pictures of the codes printed on silk might have
appeared on one of the many books about the activities in sabotage and
espionage of the SOE, not particularly about cryptography.
: On that note ... have there ever been any books published, in English,
: written by Germans, which explored the *German* code-breaking
: enterprise?
Well, a very early issue of Cryptologia included an English translation by
Bradford Hardie of the report in FIAT Review, used by David Kahn as a
source, which described the techniques used by the Germans in breaking
American strip ciphers.
Decrypted Secrets touches on some of that material.
But if you're thinking of something more anecdotal and less mathematical,
there probably isn't much, at least in English.
John Savard
------------------------------
From: [EMAIL PROTECTED] ()
Subject: Re: Between Silk and Cyanide
Date: 25 Jul 99 17:44:07 GMT
[EMAIL PROTECTED] wrote:
: Oh, yes: in the book "The Mathematical Tourist", an example of a
: zero-knowledge proof (that one knows a Hamiltonian path through a graph)
: is given - perhaps it's just me, but it seems that the example is flawed.
: While the mechanics are similar to those for real zero-knowledge proofs,
: the method described doesn't seem to prove anything.
It was my mistake; I didn't realize the scrambled diagram was of the whole
graph, not just the Hamiltonian path.
John Savard
------------------------------
From: Paul Rubin <[EMAIL PROTECTED]>
Subject: Re: Between Silk and Cyanide
Date: 25 Jul 1999 11:29:07 -0700
[EMAIL PROTECTED] () writes:
> Code Breaking: A History and Exploration, by Rudolf Kippenhan (Overlook).
> It has a goodly amount of historical content.
I looked at this book in the store for about 5 minutes and decided it
was lame. Kahn's book is about 1000 times better. Kippenhan's
technical explanations are just slightly above Clifford Hicks's
classic "Alvin's Secret Code" while Kippenhan's historical content
seemed to amount to repeating a bunch of anecdotes from other books
without researching them. The stuff about Enigma was especially
pitiful. He says it's a mystery what happened to Marian Rejewski
after the war! In reality there are several books and interviews
containing this info, and Rejewski's daughter and grandson are still
both living in Warsaw in case anyone wanted to ask them (Rejewski
himself passed away around 1980).
Between Silk and Cyanide seemed to me to have a heavy dose of
mallarkey, but it was still an interesting read and I recommend it,
as long as you bring plenty of grains of salt to the reading.
I even liked the poems.
------------------------------
From: [EMAIL PROTECTED] (Jerry Coffin)
Subject: Re: Kryptos Beginning of publicatio of solution
Date: Sun, 25 Jul 1999 11:32:55 -0600
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] says...
> > [EMAIL PROTECTED] (Jerry Coffin) writes:
>
> >OTOH, I'm sure some here who are fond of conspiracy theories could
> >come up with all sorts of interesting reasons to put up a web page
> >that makes it look like the person who wrote it is schizophrenic.
>
> Ah, but if he were really schizophrenic wouldn't he have several
> web pages?
I suspect you're thinking of Multiple Personality Disorder (MPD). The
two are often mistaken, despite being only distantly related at most.
Schizophrenia _seems_ to be due to some sort of organic problem in the
brain, though the last time I paid much attention, there seemed to be
about as many theories as there were people interested in theorizing
on the subject.
MPD is an entirely different story -- it's most often a reaction to
extreme abuse, such as prisoners of war who've been tortured. At
least in most cases, before being abused, the people involved had no
known psychological problems at all.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Crossposted-To: alt.folklore.computers
Subject: Re: How Big is a Byte?
Date: Sun, 25 Jul 1999 18:25:02 GMT
[EMAIL PROTECTED] wrote:
> Douglas A. Gwyn wrote:
> > [EMAIL PROTECTED] wrote:
> > > If the number line is entended into the negative realm there are
> > > alternate representations of zero. 1-1 would be one such.
> > That's no longer base 1.
> ... as you define it.
That's not base 1 as any competent mathematician defines it.
You can't obtain the -1 term by raising 1 to any integer power.
------------------------------
From: [EMAIL PROTECTED] ()
Subject: Re: Between Silk and Cyanide
Date: 25 Jul 99 18:03:49 GMT
[EMAIL PROTECTED] wrote:
: John Savard ([EMAIL PROTECTED]) wrote:
: : and a book entitled
: actually, it was:
: Code Breaking: A History and Exploration, by Rudolf Kippenhan (Overlook).
: It has a goodly amount of historical content.
I've seen one flaw in it: it shows the cipher where a text and a key are
enciphered using a Polybius square, but then added together mod 10 instead
of mod 5 - I think this was the "Nihilist" cipher - without noting that it
has a weakness (it seems to be used to illustrate one-time-pads, of which
a coherent key wouldn't be an example even if done right).
"Enciphering With a Number Worm"(! - presumably an over-literal
translation from the German) just before the plates...
John Savard
------------------------------
From: [EMAIL PROTECTED] ()
Subject: Re: What the hell is XOR?
Date: 25 Jul 99 18:00:07 GMT
[EMAIL PROTECTED] wrote:
: John Myre wrote:
: > Spud wrote:
: > > PS -- I'm not a computer newbie so you don't have to dilute any
: > > explainations with "easy words".
: > I guess I'm old now. I never thought I'd see the day when
: > someone who is "not a computer newbie" doesn't already know
: > what XOR is.
Well, I don't know that we have seen that day. But I suppose that the day
when someone who doesn't know what XOR is wants to avoid being answered in
a condescending manner arrived long ago.
Actually, though, it's unfair to conclude that he was lying. He could
indeed have used computers for a long time, and even untangled complicated
software and hardware installation problems. However, if a computer
*programmer*, rather than a user, didn't know what an XOR was, I would
indeed be worried.
: These days it it not useful to ask how many programmers can name the
: full complement of 16 binary boolean functions. One has to ask how many
: know what a boolean function/truth table is. I doubt this is a Good
: Thing.
Of course, *some* programmers might only do numeric work, where only AND,
OR, and NOT are usually used in IF statements.
I may be a bit rusty...
a: 0 0 1 1
b: 0 1 0 1
=================
0 0 0 0 0
a and b 0 0 0 1
a and ~b 0 0 1 0 ... is this fair?
a nimp b ... or was this the one you wanted?
a 0 0 1 1
~a and b 0 1 0 0
b nimp a ... again, is this more like a "name"?
b 0 1 0 1
a xor b 0 1 1 0
a or b 0 1 1 1
a nor b 1 0 0 0
a iff b 1 0 0 1
not b 1 0 1 0
b imp a 1 0 1 1 ... in other words, only b and not a disproves the
proposition "if b then a", hence "b implies a" is false only in that case.
not a 1 1 0 0
a imp b 1 1 0 1
a nand b 1 1 1 0
1 1 1 1 1
John Savard
------------------------------
From: "Stephen J. Perris" <[EMAIL PROTECTED]>
Subject: Kryptos morse code
Date: Sun, 25 Jul 1999 16:04:37 -0400
Could someone please post the morse code found on the Kryptos sculpture? I think my
copy went out with the trash.
steve
--
Stephen J. Perris
[EMAIL PROTECTED]
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (David C. Oshel)
Subject: Re: X5X6 - "Keyless Encryption" is trademarked...
Date: Sun, 25 Jul 1999 14:24:55 -0500
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (John Savard) wrote:
> They do give a testimonial from a source which is at least claimed to
> be qualified. (Apparently the source is a qualified academic,
> associated with the TEA.)
Dr Simon J Shepherd, http://vader.brad.ac.uk/finance/SJShepherd.html
presumably?
TEA is by Wheeler and Needham. Shepherd's "TEA association" is that that
David Gillies has a freeware implementation of TEA for Solaris and
Macintosh (see http://www.vader.eeng.brad.ac.uk/tea/tea.shtml ), and
Gillies and Shepherd share the same internet domain. Or did. Gillies is
consulting in Latin America, the last I heard.
--
David C. Oshel http://pobox.com/~dcoshel
Cedar Rapids, IA [EMAIL PROTECTED]
``Tension, apprehension and dissension have begun.''
-- Duffy Wyg&, in Alfred Bester's _The Demolished Man_
------------------------------
From: [EMAIL PROTECTED] (David C. Oshel)
Subject: Re: Algorithm/Code for Public Key Encryption?
Date: Sun, 25 Jul 1999 14:28:14 -0500
In article <7ndio0$td9$[EMAIL PROTECTED]>, Nick Roosevelt
<[EMAIL PROTECTED]> wrote:
> I am hoping to be able to implement encryption for a feature on a web
> site. It involves encrypting some data. I would like to use a double
> key/public key encryption algorithm. I am unable to use a component.
>
> Please respond if you know where I can get such an algorithm or source.
>
> Thanks.
>
> --
> Nick Roosevelt
>
>
> Sent via Deja.com http://www.deja.com/
> Share what you know. Learn what you don't.
www.pgpi.com
--
David C. Oshel http://pobox.com/~dcoshel
Cedar Rapids, IA [EMAIL PROTECTED]
``Tension, apprehension and dissension have begun.''
-- Duffy Wyg&, in Alfred Bester's _The Demolished Man_
------------------------------
From: David A Molnar <[EMAIL PROTECTED]>
Subject: Re: hush mail
Date: 25 Jul 1999 20:50:28 GMT
Thomas J. Boschloo <[EMAIL PROTECTED]> wrote:
> BTW! If 128 is so uncrackable, why all the AES cyphers of 128-192-256
> bits?!! Just a thought...
I can't speak for the designers of the AES process, but I will note that
if practical quantum computers are built, then a space of n bits may be
searched in sqrt(n) time. In this case, a 256-bit cipher is "only" as
difficult to brute force as a 128-bit cipher would be w/o quantum
computers.
-David
------------------------------
From: "Thomas J. Boschloo" <[EMAIL PROTECTED]>
Subject: Re: hush mail
Date: Sun, 25 Jul 1999 20:57:46 +0200
fungus wrote:
>
> See www.deja.com for past postings to sci.crypt explaining why 128
> bits isn't, and never will be, brute forcable with computers as
> we can imagine them.
I would also be very interested in these post if you can find them. I
did one in alt.security.pgp some time ago for 170 bits in
<http://x23.deja.com/[ST_rn=ps]/getdoc.xp?AN=397603286>. In it I assumed
aliens made a computer from all the silicon in our moon, not taking into
account heat dissipation, wiring and power needed.
Please don't be too hard on me because I ain't as educated as the other
posters here. I'm just doing my best ;-)
Thomas
BTW! If 128 is so uncrackable, why all the AES cyphers of 128-192-256
bits?!! Just a thought...
--
Buy an AMD K6-III <http://www.bigbrotherinside.com/#help>
PGP key: http://x11.dejanews.com/getdoc.xp?AN=453727376
Email: boschloo_at_multiweb_dot_nl
------------------------------
From: [EMAIL PROTECTED] (David C. Oshel)
Subject: Re: Algorithm/Code for Public Key Encryption?
Date: Sun, 25 Jul 1999 15:45:26 -0500
In article <7ndio0$td9$[EMAIL PROTECTED]>, Nick Roosevelt
<[EMAIL PROTECTED]> wrote:
> I am hoping to be able to implement encryption for a feature on a web
> site. It involves encrypting some data. I would like to use a double
> key/public key encryption algorithm. I am unable to use a component.
>
> Please respond if you know where I can get such an algorithm or source.
>
> Thanks.
>
> --
> Nick Roosevelt
>
>
> Sent via Deja.com http://www.deja.com/
> Share what you know. Learn what you don't.
ftp://ftp.funet.fi/pub/crypt/cryptography/asymmetric/rsa/ perhaps
--
David C. Oshel http://pobox.com/~dcoshel
Cedar Rapids, IA [EMAIL PROTECTED]
``Tension, apprehension and dissension have begun.''
-- Duffy Wyg&, in Alfred Bester's _The Demolished Man_
------------------------------
From: David A Molnar <[EMAIL PROTECTED]>
Subject: Re: Info needed on cryptography...
Date: 25 Jul 1999 21:48:54 GMT
Jeffery Nelson <[EMAIL PROTECTED]> wrote:
> do is send the message(XORed) through email, and hand him the disk which
> stored the encrypted information on it? Correct?
You mean, the disk which stored the string you encrypted the message with?
Then yes, this is secure. It seems very similar to the "one-time pad."
Note that the key must be unpredictable for any attacker. This means it
must be secret and "random" in some sense.
> Or you could even have
> two email addresses, and justmail him the key (random ASCII characters)
> through it. Isn't that one form of SECURE encryption?
Uh, only if you can prove to me that the key won't be intercepted when you
e-mail it. Please be prepared to demonstrate your ownership of every hop
between you and the recipient + the absence of sniffers between hops + the
non-compromise of all of the hops.
> I also would like to know if there is anyone out there who could help me to
> understand the spearfish algorithm a little better...
Assuming that "the spearfish algorithm" refers to what you described
above, then you should look for references to "one-time pads."
There's a fellow by the name of Shannon who might help shed some light on
this. His paper on "A Mathematical Theory of Communication" may be
found at http://cm.bell-labs.com/cm/ms/what/shannonday/paper.html . I'm
told that Douglas Stinson's book on _Cryptography : Theory and Practice_
also addresses some of the same areas.
Thanks,
-David Molnar
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
