Cryptography-Digest Digest #938, Volume #9 Mon, 26 Jul 99 11:13:03 EDT
Contents:
Re: A Better Gronsfeld
Re: What I think is B.S. about the X.509 . Please encrypt the certificate! (wtshaw)
The Gnu Privacy Guard ? (spike)
Re: How Big is a Byte? (wtshaw)
Re: another news article on Kryptos (Mok-Kong Shen)
Re: hush mail ("Juergen Nieveler / CompuNet")
OTP export controlled? ("Dale Clapperton")
Re: OTP export controlled? (Jerry Park)
Re: Current export laws (David Ochel)
Chinese remainder theorem... (Krunoslav Leljak)
Re: NBE: Not crackable by brute force key search (Volker Hetzer)
Re: RSA public key (Thomas Pornin)
Re: Q: Interaction of cross-posted follow-ups? (Thomas Pornin)
Re: another news article on Kryptos (Mok-Kong Shen)
Re: NBE: Not crackable by brute force key search (Christopher)
Re: publuc key ("Vincent")
Re: OTP export controlled? (David C. Oshel)
Re: How Big is a Byte? (was: New Encryption Product!) (Patrick Juola)
Re: RSA public key (Patrick Juola)
Re: Blakely-Shamir info? (Anton Stiglic)
Re: Encrypting in C++ and C (SCOTT19U.ZIP_GUY)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] ()
Subject: Re: A Better Gronsfeld
Date: 26 Jul 99 04:26:51 GMT
[EMAIL PROTECTED] wrote:
: I think this will work, although I'll really have to make out the complete
: 26 by 26 table to be sure it results in unambiguous alphabets in every row
: (and, ideally, also produces a Latin square, although that isn't strictly
: necessary: two key letters producing the same equivalent for one letter,
: although a defect, would not render the scheme completely unusable):
It does work - each alphabet uses every possible ciphertext letter only
once - but it does not produce a Latin square. For each of the first
eighteen letters of the alphabet, there is one ciphertext letter that no
key letter will produce, and another ciphertext letter that occurs for two
different key letters.
John Savard
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: What I think is B.S. about the X.509 . Please encrypt the certificate!
Date: Mon, 26 Jul 1999 01:41:22 -0600
In article <[EMAIL PROTECTED]>, Bruce Stephens
<[EMAIL PROTECTED]> wrote:
> "Dirk Mittler" <[EMAIL PROTECTED]> writes:
>
> > The certificate is basically a data structure that can be read
> > (wow!). It includes a certificate authority, serial number, RSA
> > decryption key, and a type of data signature of the whole document.
>
> I think you may have entirely missed the point.
The point I seem to get and agree with is that if you only have smoke and
mirrors, a stiff wind and some buckshot leaves you with nothing. It is
still all about simple trust, and the ability of conmen to inspire trust,
bankers amongst others to claim trustworthyness as an attribute, and the
willingness of almost anyone to sell out for the right price in answer to
the business imperative of take the money however you can get it.
Substantial security begins with the individual, and individuals of like
and single mindedness. Unfortunately, reality is that an average lifespan
on arrangements of this kind is apt to be far briefer than any initially
thinks it will be or openly admits it to be.
The only measure of respectablitiy and trust in business is in bondedness,
to perform exactly as specified and with no exception not outlined to the
customer in advance, no exceptions, and I mean, NO exceptions. This has
got to be above something like the FTC who might chose not to pursue abuse
or misrepresentation.
--
Real Newsreaders do not read/write in html.
------------------------------
From: spike <[EMAIL PROTECTED]>
Subject: The Gnu Privacy Guard ?
Date: Sun, 25 Jul 1999 23:30:52 -0700
Reply-To: [EMAIL PROTECTED]
==============9736BD3942835C87E94A0987
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Hey all...
What do you all think of the Gnu Privacy Guard, also known as GPG ? It
is intended to be a freeware version of pgp sponsored by the Free
Software Foundation as part of the GNU system. You can check out this
web page for more information. Any input regarding the quality of this
would be very appreciative.
http://www.gnupg.org
Thanks in advance...
Spike
==============9736BD3942835C87E94A0987
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit
<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
<html>
<br>Hey all...
<p>What do you all think of the <a href="http://www.gnupg.org">Gnu Privacy
Guard, </a>also known as <a href="http://www.gnupg.org">GPG</a> ? It is
intended to be a freeware version of pgp sponsored by the Free Software
Foundation as part of the GNU system. You can check out this web page
for more information. Any input regarding the quality of this would be
very appreciative.
<p>
<a href="http://www.gnupg.org">http://www.gnupg.org</a><a
href="http://www.gnupg.org"></a>
<p>Thanks in advance...
<p>Spike</html>
==============9736BD3942835C87E94A0987==
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Crossposted-To: alt.folklore.computers
Subject: Re: How Big is a Byte?
Date: Mon, 26 Jul 1999 01:48:40 -0600
In article <[EMAIL PROTECTED]>, "Douglas A. Gwyn"
<[EMAIL PROTECTED]> wrote:
> [EMAIL PROTECTED] wrote:
> > Douglas A. Gwyn wrote:
> > > [EMAIL PROTECTED] wrote:
> > > > If the number line is entended into the negative realm there are
> > > > alternate representations of zero. 1-1 would be one such.
> > > That's no longer base 1.
> > ... as you define it.
>
> That's not base 1 as any competent mathematician defines it.
> You can't obtain the -1 term by raising 1 to any integer power.
Consider that a black hole is considered a singularity, something that we
can imagine but never see. It behaves in some sense according to the
rules of base one, where everything collapses to nothingness, and becomes
infinitely unavailable. If astrophysics can accept black holes, we can
surely accept numerical black holes, and find meaning elsewhere where we
can deal productively.
--
Real Newsreaders do not read/write in html.
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: another news article on Kryptos
Date: Mon, 26 Jul 1999 11:06:54 +0200
Terry Ritter wrote:
>
> No, it is not. One can implement a system which supports the dynamic
> introduction of new algorithms. Any particular description of "the"
> overall system must thus be continually updated and so is certainly
> *not* fixed. Indeed, the actual system cannot even be described in
> any more than "handwave" precision such as: "in addition to the known
> set of algorithms, currently unknown additional algorithms of
> virtually unlimited nature may be present."
I guess that there is the practical problem of not having an
unexhaustible source of new algorithms. Hence in my humble view
switching among a sufficiently large set of algorithms, utilizing
the combinatorial variations of superencipherment and exploiting
the variabilities of parametrized algorithms are the measures that
one can realistically have in practice to obtain security beyond
what is inherent in the algorithms.
M. K. Shen
------------------------------
From: "Juergen Nieveler / CompuNet" <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp,alt.privacy,alt.security.keydist
Subject: Re: hush mail
Date: Mon, 26 Jul 1999 11:06:16 +0100
<[EMAIL PROTECTED]> schrieb in im Newsbeitrag:
[EMAIL PROTECTED]
> > What? Wasted computing? False security?
> > Those work in favour of other services.
>
> No no no. You would have to agree that this is more secure than say
Hotmail.
> In either case, I use PGP to encrypt ALL e-mail no matter if I'm sending
it to
> another hushmail user encrypted. Even if they break Hushmail, they'd
still
> have to break PGP. I don't see any problem using hushmail IF you realize
that
> you still need to use pgp.
>
Seems to me the only advantage would be to use hushmail from unsafe
locations such as Internet-Cafes... if you allready use your own computer,
then why not use hotmail and encrypt via the clipboard?
--
Mit freundlichen Gr��en / Yours sincerely
Juergen Nieveler
CompuNet
[EMAIL PROTECTED]
Disclaimer: Views are mine, not my employers�
------------------------------
From: "Dale Clapperton" <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto
Subject: OTP export controlled?
Date: Mon, 26 Jul 1999 20:11:54 +1000
Interesting question...
Would software for implimenting One Time Pad type encryption be export
controlled?
I mean, if all it's doing is a bit-by-bit XOR with the "pad", how can they
call an XOR encryption?
Dale
==================================================
Dale Clapperton J.P. (Qual.)
Manager, Blackbird Systems
http://www.uq.net.au/blackbird/
Add "DaleClapperton.asc" to website address for PGP Public Key
"The greatest threats to liberty lurk in insidious encroachment by men of
zeal, well-meaning but without understanding."
Mr Justice Brandeis, Olmstead v. United States, 277 U.S. 438 (1928)
------------------------------
From: Jerry Park <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Crossposted-To: talk.politics.crypto
Subject: Re: OTP export controlled?
Date: Mon, 26 Jul 1999 10:28:20 GMT
Dale Clapperton wrote:
> Interesting question...
>
> Would software for implimenting One Time Pad type encryption be export
> controlled?
>
Yes.
>
> I mean, if all it's doing is a bit-by-bit XOR with the "pad", how can they
> call an XOR encryption?
>
'they' can call anything anything 'they' want. Governments often do things
like that.
------------------------------
From: David Ochel <[EMAIL PROTECTED]>
Subject: Re: Current export laws
Date: Mon, 26 Jul 1999 12:14:41 +0200
Hi,
[EMAIL PROTECTED] wrote:
>
> Does anyone know where I can find the current export laws for
> cryptography? (It's not like I'm gonna follow them anyway. =] )
http://cwis.kub.nl/~frw/people/koops/lawsurvy.htm
cu David
------------------------------
From: Krunoslav Leljak <[EMAIL PROTECTED]>
Subject: Chinese remainder theorem...
Date: 26 Jul 1999 10:03:26 GMT
Hi there,
can somebody help me with chinese remainder theorem implementation...
I couldn't find any pseudocode for this...
Am I on the right track;
(in java);
public void decrypt(byte buffer[], int offset) throws Exception
{
byte [] ciphertext=new byte[getCipherBlockSize()];
System.arraycopy(buffer, offset, ciphertext, 0,
ciphertext.length);
BigInteger Cipher=new BigInteger(1, ciphertext);
BigInteger Plain;
// Chinese remainder theorem
BigInteger p2 = Cipher.mod(P).modPow(E1, P);
BigInteger q2 = Cipher.mod(Q).modPow(E2, Q);
if (p2.equals(q2))
{
Plain=p2;
}
else
{
q2=q2.subtract(p2); // q2=q2-p2;
if (q2.signum()==-1) // if q2<0
q2=q2.add(Q); // q2=q2+q;
Plain=q2.multiply(U).mod(Q).multiply(P).add(p2);
// Plain = ((q2*U) mod Q)*P+p2
}
byte [] plaintext=Plain.toByteArray();
if (plaintext.length >= getPlainBlockSize())
System.arraycopy(plaintext,
plaintext.length-getPlainBlockSize(), buffer, offset, getPlainBlockSize());
else
{
System.arraycopy(plaintext, 0, buffer,
getPlainBlockSize()-plaintext.length+offset, plaintext.length);
for (int k=getPlainBlockSize()-plaintext.length-1;
k>=0; k--)
buffer[k+offset]=0;
}
}
Greetings,
Kruno.
------------------------------
From: Volker Hetzer <[EMAIL PROTECTED]>
Subject: Re: NBE: Not crackable by brute force key search
Date: Mon, 26 Jul 1999 13:06:33 +0200
Mickey McInnis wrote:
> Well, you could design a cryptosystem where this wasn't true, and there
> might be reason to do so. One example would be a system that made a
> hash of the orignal cleartext, appended the hash to the cleartext, and
> then encrypts.
>
> While this sounds like you've deliberately weakened your cryptosystem,
> it's not necessarily a bad idea.
Yes but this is just a definition thing. What you call weakened
cryptosystem I call (from an enemies point of view) an assumtion about
the plaintext, namely that the last few bits and all the previous ones
must be in a certain relationship. It's not much different from for
instance an assumtion that the deciphered message is guaranteed to be
7bit ASCII.
Greetings!
Volker
------------------------------
From: [EMAIL PROTECTED] (Thomas Pornin)
Subject: Re: RSA public key
Date: 26 Jul 1999 11:12:34 GMT
According to Vincent <[EMAIL PROTECTED]>:
> How do you know they are relatively prime with each other?
> I think they could share a GCD>1 without (this GCD) being prime, isn't it?
A gcd is a divisor. A number that is the product of two primes (p and q)
(as is the modulus in standard RSA) has four positive divisors : 1, p, q
and p*q. No more, no less.
The only way two different RSA moduli have a non-1 gcd is that they
share a prime, that is one is p*q and the other p*r, where p, q and r
are big primes. Not only is this highly improbable if the RSA moduli
where generated properly, but in this very situation, you can apply
Euclide's algorithm to the two RSA moduli and get p, and therefore q and
r. So you break the system and can recover the message, which was the
point.
--Thomas Pornin
------------------------------
From: [EMAIL PROTECTED] (Thomas Pornin)
Subject: Re: Q: Interaction of cross-posted follow-ups?
Date: 26 Jul 1999 11:19:42 GMT
According to Vernon Schryver <[EMAIL PROTECTED]>:
> It's already been done in the main hierarchy for the only Usenet messages
> that matter even a little.
It is done so for other hierarchies as well.
I was thinking to something else: a hierarchy where anybody, by
default, can read, write and cancel, but where you can revoke write
access, or cancel access (selectively, for other people's messages for
instance), without having to maintain a global database of passwords,
and transparent for the end user (interception of the nntp connection,
rather than a PGP plugin).
> no one seems to care enough.
> It's all only netnews.
That's the point: things won't be done unless the doing is fun.
--Thomas Pornin
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: another news article on Kryptos
Date: Mon, 26 Jul 1999 11:23:09 +0200
Jim Gillogly wrote:
>
> Yes. One of my three leading candidates is polyalphabetic substitution
> (like Kryptos-I and Kryptos-II) followed by transposition (like K-III).
> This would be an interesting "closure" of the methods used previously.
> I don't know whether this would qualify under Scheidt's appellation of
> "a whole different ball game", but it would certainly be much more
> challenging than either taken separately.
I am sure that we all hope that you will soon have success in solving
the last part of Kryptos.
Just a question (independent of Kryptos): Is is better to have
polyalphabetic substitution followed by transposition or the
other way round? Or is it indifferent? Why?
If the unsolved part is really 'a whole different ball game', then
I suppose that there is practically nothing left (after excluding
substitution and transposition) in the realm of classical methods
excepting perhaps code book, which seems to be quite unlikely, I guess.
M. K. Shen
------------------------------
From: [EMAIL PROTECTED] (Christopher)
Subject: Re: NBE: Not crackable by brute force key search
Date: Mon, 26 Jul 1999 07:50:26 -0400
Volker Hetzer wrote:
_ Mickey McInnis wrote:
_ > Well, you could design a cryptosystem where this wasn't true, and there
_ > might be reason to do so. One example would be a system that made a
_ > hash of the orignal cleartext, appended the hash to the cleartext, and
_ > then encrypts.
_ >
_ > While this sounds like you've deliberately weakened your cryptosystem,
_ > it's not necessarily a bad idea.
_ Yes but this is just a definition thing. What you call weakened
_ cryptosystem I call (from an enemies point of view) an assumtion about
_ the plaintext, namely that the last few bits and all the previous ones
_ must be in a certain relationship. It's not much different from for
_ instance an assumtion that the deciphered message is guaranteed to be
_ 7bit ASCII.
_
_
_ Greetings!
_ Volker
I think that's overstating things a bit. An assumption that 7bit ASCII is
being used means specific _parts_ of the message can be tested, whereas an
Mickey's example above requires trying the whole message _and_ calculating
the hash. The only weakness I see is that if the correct key is found,
that can be verified, and even that assumes it isn't a (differently) keyed
hash.
------------------------------
From: "Vincent" <[EMAIL PROTECTED]>
Subject: Re: publuc key
Date: Fri, 23 Jul 1999 13:13:12 +0100
Anton Stiglic wrote in message <[EMAIL PROTECTED]>...
>John Xiao wrote:
>
>This is a sample of a public key:
>
>C9EF41ADE1BBD3251BD105ED13A386A840A0906D47027FA3E3B0CF261DF8EDBA0DA812C8AAE
5F76A10DF9EB402ED128B640CD94310D313F52C8E80AC7B6A23BE28991469F100EBD7BAC07ED
4CEB7E88DACE9C3D53219A59B8D7F2D7E7F4882B0600BD5A8F7BB5EE3E3D11EADA98B7D42FF8
F2D356A384B584CDB37234309103BAE14DF5AD600B4D992EA87D2CE34AE4682FF8DDE677B660
5C3938D5F9BAC0B68DDECD767D7DF3430D2582E0AEBB5037F1919DB5F995384404984F532873
E5BB3B3A1284B558B8B64FE908490BC02BF82FBA01B12FBA9BB8688E44B20895D31C07016844
D669700DB52467AFE2EB3D8AC1A182161A5A91D1DEE61A5C5EC16A3A4
Actually, there is an error at the 32nd digit, it's not a 8, it's a F.
=========================================
Vini boy
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (David C. Oshel)
Crossposted-To: talk.politics.crypto
Subject: Re: OTP export controlled?
Date: Mon, 26 Jul 1999 09:07:19 -0500
In article <7nhcd1$ljn$[EMAIL PROTECTED]>, "Dale Clapperton"
<[EMAIL PROTECTED]> wrote:
> Would software for implimenting One Time Pad type encryption be export
> controlled?
Yup. However...
Somewhere on the net is Che Guevara's pencil-and-paper version of the one
time pad. Close observation between how that system actually worked (it
was responsible for hours of fun SWL from Radio Havana Cuba back in the
'70s), and how XOR-ing random bytes against 7-bit ASCII text is nothing
like that, is pretty interesting.
--
David C. Oshel http://pobox.com/~dcoshel
Cedar Rapids, IA [EMAIL PROTECTED]
``Tension, apprehension and dissension have begun.''
-- Duffy Wyg&, in Alfred Bester's _The Demolished Man_
------------------------------
From: [EMAIL PROTECTED] (Patrick Juola)
Crossposted-To: alt.folklore.computers
Subject: Re: How Big is a Byte? (was: New Encryption Product!)
Date: 26 Jul 1999 08:59:10 -0400
In article <[EMAIL PROTECTED]>,
wtshaw <[EMAIL PROTECTED]> wrote:
>In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] wrote:
>
>> wtshaw wrote:
>> >
>> > Zero has no value in itself as it expresses the absence of a number in a
>> > particular place.
>>
>> There is a difference between zero the number and zero the digit. You
>> are using the second to replay to the first.
>>
>Nothing=nothing... I consider you above argument a NULL hypothesis.
The map is not the territory.
The menu is not the meal.
The portrait is not the person.
The symbol is not the number.
-kitten
------------------------------
From: [EMAIL PROTECTED] (Patrick Juola)
Subject: Re: RSA public key
Date: 26 Jul 1999 10:27:06 -0400
In article <[EMAIL PROTECTED]>,
DJohn37050 <[EMAIL PROTECTED]> wrote:
>This is the "chilling" flaw in a random number generator. With RSA, there is a
>grey area where it is hard to detect such an error. For example, FIPS 140-1
>specifies some RNG tests. It is possible to pass those tests, but generate RSA
>keys that are insecure as they share a prime.
Is this a realistic "possibility" or is this one of those possibilities
of infinitesimal magnitude like an OTP being all zeros?
Given the number of primes (and hence of prime pairs) or reasonable
size, I think that you'd need a very bad RNG for this to be at all
likely.
-kitten
------------------------------
From: Anton Stiglic <[EMAIL PROTECTED]>
Subject: Re: Blakely-Shamir info?
Date: Mon, 26 Jul 1999 10:23:27 -0400
==============B241BFB886DAE241948C33C2
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Shamir secret sharing goes like this:
Say you are in finit feild F_q, with a secret s in F_q that you want to
share.
The person who is to share the secret is called the dealer (D).
D starts by choosing a random polynomial p(x) of degree at most t - 1
such that p(0) = s (to do this, pick random coeficients to form the
polynomial
p(x) = s + c_1x + c_2x^2 + ... c_(t-1)x^(t-1) ).
Then give the value p(a_i) to participant i (suppose we have a total of
n participants,
each numbered, to whom D wants to share the secret).
The shared parts of the secret are the a_i's, you need at least t
participants to collude
so as to recompute the secret (by interpolation: you have t equations
with t variables,
so you can solve). A collusion of t-1 or less players can't get _any_
info on the secret s.
See also:
http://www.best.com/~szabo/secret.html
Anton
==============B241BFB886DAE241948C33C2
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit
<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
<html>
Shamir secret sharing goes like this:
<p> Say you are in finit feild F_q, with a secret s in F_q that you
want to share.
<br> The person who is to share the secret is called the dealer
(D).
<br> D starts by choosing a random polynomial p(x)
of degree at most t - 1
<br> such that p(0) = s (to do this, pick
random coeficients to form the polynomial
<br> p(x) = s + c_1x + c_2x^2 + ...
c_(t-1)x^(t-1)
).
<p> Then give the value p(a_i) to participant i
(suppose we have a total of n participants,
<br> each numbered, to whom D wants to share the
secret).
<br>
<br> The shared parts of the secret are the a_i's, you
need at least t participants to collude
<br> so as to recompute the secret (by interpolation:
you have t equations with t variables,
<br> so you can solve). A collusion
of t-1 or less players can't get _any_ info on the secret s.
<p> See also:
<br> <a href="http://www.best.com/~szabo/secret.html">
http://www.best.com/~szabo/secret.html </a><br>
<BR>
<br> Anton
<br>
<br> </html>
==============B241BFB886DAE241948C33C2==
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Encrypting in C++ and C
Date: Mon, 26 Jul 1999 15:20:45 GMT
In article <[EMAIL PROTECTED]>, "Jeffery Nelson" <[EMAIL PROTECTED]> wrote:
>I've been working ok a "one pass pad" algorithm (if you can call it that),
>in C++ and have had many many troubles with they cypher turning the EOF
>character into some other letter and the other way arround. This becomes
>increasingly taxing when I use the .EOF to delimit my loops because I open
>the files in binary mode (although I can't open exe's for some odd reason).
>Is there some way to end a loop at the END OF A FILE not useing .eof()? I
>know this isn't a C++ newsgroop, but because it is the cypher that is
>causing the problem, I thought someone here would have run into this. I can
>give you the source to the file extractions method I use if you would like,
>but I have to keep the header file I use to myself. Please HELP!
EOF is usually more of a concept than a character. When writting files
to tape you use an actual mark. In hardware it is usually beyond the control
of the user program and is more of a concept than a character. In C and Unix
files are thought of having only one EOF ( not so in good ole ffortran where
one can have file segments that end in EOF and then main file ends in Double
EOF) . When you get characters with C you cant get all 256 characters so that
all the possiblities are used what you get at the end of file like with getc()
for an EOF character you normally get an value make that is usually type int
of value -1 but could be different depending on operating system and C
complier. the vale "EOF" is predefined to this value in the C's I/O stuff your
are using and should be larger than an 8 bit character. There is no need
to use a "EOF character" in the encryption since there is nothing to encrypt
it is not a character in the true sense of the word. To see how to handle
files. Take a look at my code in scott19u.zip
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
