Cryptography-Digest Digest #955, Volume #9 Fri, 30 Jul 99 10:13:05 EDT
Contents:
Re: hush mail ([EMAIL PROTECTED])
Re: The Alphabetic Labyrinth ... and Voynich
Re: (Game) 80-digits Factoring Challenge (Kurt Foster)
Re: hush mail ([EMAIL PROTECTED])
Re: (Game) 80-digits Factoring Challenge (don mcdonald)
Re: cryptography tutorials
Re: Bad Test of Steve Reid's SHA1 ("dlk")
Re: Cryptonomicon - low priority posting (Wolf)
Re: OTP export controlled? (Isaac)
Re: Modified Vigenere cipher (typo correction) ("Douglas A. Gwyn")
Re: CSS/DVD Scrambler ([EMAIL PROTECTED])
speech scrambling (David Enchelmaier)
Re: OTP export controlled? (W.G. Unruh)
Re: Anyone knows where to get original encryption source code? (W.G. Unruh)
Re: Prime numbers wanted (W.G. Unruh)
Re: How Big is a Byte? (was: New Encryption Product!) ([EMAIL PROTECTED])
Re: How Big is a Byte? (was: New Encryption Product!) ([EMAIL PROTECTED])
Re: How Big is a Byte? (was: New Encryption Product!) ([EMAIL PROTECTED])
Re: Prime numbers wanted ([EMAIL PROTECTED])
Re: Virtual Matrix Encryption ([EMAIL PROTECTED])
I improved the layout of my Compression Page take a look (SCOTT19U.ZIP_GUY)
Re: Virtual Matrix Encryption (SCOTT19U.ZIP_GUY)
Re: How Big is a Byte? (was: New Encryption Product!) (Patrick Juola)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: alt.security.pgp,alt.privacy,alt.security.keydist
Subject: Re: hush mail
Date: Fri, 30 Jul 1999 03:53:28 GMT
Yeah, yeah, like that.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED] ()
Subject: Re: The Alphabetic Labyrinth ... and Voynich
Date: 30 Jul 99 04:02:07 GMT
Douglas A. Gwyn ([EMAIL PROTECTED]) wrote:
: It's inexcusably poor scholarship.
Having dug up my copy of The Codebreakers, I'll have to admit that she was
very definitely wrong.
Perhaps she was misled by the success of "The Feminated and the
Vein-Laden", a gritty war novel that marked the debut of author Viking
Armourer...
John Savard
------------------------------
From: Kurt Foster <[EMAIL PROTECTED]>
Crossposted-To: sci.math
Subject: Re: (Game) 80-digits Factoring Challenge
Date: 30 Jul 1999 04:08:44 GMT
In sci.math Dann Corbit <[EMAIL PROTECTED]> wrote:
. But I echo Bob Silverman's question: "Why should I want to factor this
. number when I can just as easily come up with a similar value that would
. be tough to factor?" Is it a Charmichael number? Some other type of
. special pseudo-prime? What brings this number to the fore as opposed to
. some other?
I must concur with the questions. After all, that number could be
"interesting" because it's the modulus for somebody else's encryption
scheme or something like that.
If a Carmichael number N were detected as composite by Rabin-Miller, I
think you'd have factors in hand.
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: alt.security.pgp,alt.privacy,alt.security.keydist
Subject: Re: hush mail
Date: Fri, 30 Jul 1999 03:53:34 GMT
Yeah, yeah, like that.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
Crossposted-To: sci.math
Date: Fri, 30 Jul 1999 16:49:27 +1200
From: don mcdonald <[EMAIL PROTECTED]>
Reply-To: Don McDonald <[EMAIL PROTECTED]>
Subject: Re: (Game) 80-digits Factoring Challenge
On 29 Jul 1999, Foghorn Leghorn wrote:
> Date: 29 Jul 1999 21:00:51 -0500
> From: Foghorn Leghorn <[EMAIL PROTECTED]>
> Newsgroups: sci.crypt, sci.math
> Subject: Re: (Game) 80-digits Factoring Challenge
>
> On Fri, 30 Jul 1999 09:20:23 +1000, "Greg Keogh"
<[EMAIL PROTECTED]>
> wrote:
>
> >So it's not a prime(?!) I'm not quite sure how Mathematica determines this,
> >I think it uses the Miller-Rabin test, and I suspect that the test hasn't
> >been validated for numbers of this magnitude. Any general comments on this
> >would be most welcome.
>
> Proving that a large number is prime can be a challenge, but you can
> trust Mathematica when it says that the number is composite.
>
> If n is the given number, we can quickly compute 2 to the n-1 modulo
> n, and since the result is not 1, it follows that n is definitely
> composite. In Mathematica, you can type
> PowerMod[2,n-1,n]
> to run the (weak) probable prime test for base 2. The theory for this
> is Fermat's Little Theorem, which says that if p is prime and a is not
> divisible by p, then a^(p-1) is congruent to 1 modulo p.
>
> Foghorn Leghorn
> [EMAIL PROTECTED]
>
How do I calculate the powermod function in PARI-gp research calc.?
Please. I have Acorn UK 1993 compter 2 MB RAM, thanks. Anyone? >
/ don. (loto)
--
don.mcdonald | lot-to-it adviser + maths | rslts / 640 pers'lised # $5-
Pg. 329 W'ellington 2, new zealand | call mdr +64( 4) 389 6820.
formerly [EMAIL PROTECTED], [EMAIL PROTECTED]
R.eply-To: [EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] ()
Subject: Re: cryptography tutorials
Date: 30 Jul 99 04:07:03 GMT
Bobby Heffernan ([EMAIL PROTECTED]) wrote:
: are there any good crypto tutorials on the eweb
: that cover everything, including all the math
: I can not afford a big book
My web site (shameless plug!) covers a lot, including some of the math;
it's not a tutorial, but it is easy introductory reading. What math is
mentioned is, I think, explained easily enough and in sufficient detail to
actually be understandable.
http://www.ecn.ab.ca/~jsavard/crypto.htm
The sources noted in J. Peschel's reply are also excellent; I have a link
to the "Crypto Drop Box", which is a place where the Basic Cryptanalysis
Manual he referred to can be found.
John Savard
------------------------------
From: "dlk" <[EMAIL PROTECTED]>
Subject: Re: Bad Test of Steve Reid's SHA1
Date: Fri, 30 Jul 1999 05:43:58 GMT
I have a version (lifted from PD FTP) of Mr. Reid's SH1-1 that I ported to
Visual C++ 6.0 SE. Looking at the few notes I left me in the src I had to
1) convert exits() to return()
2) define LITTLE ENDIAN
Email me if you'd like a copy of the VC project.
dlk
.
[EMAIL PROTECTED] wrote in message <7nm32p$99p$[EMAIL PROTECTED]>...
>I originally tried to send the following message directly to Steve Reid
>at the e-mail address posted in his program, but it was returned
>"server unkown". Apparently his e-mail address has changed. Also, it
>has been about two years since the last message I could find about his
>code on my forum. Any help/comments would be appreciated - even from
>Mr. Reid if you are out there. Here it is:
>
------------------------------
From: [EMAIL PROTECTED] (Wolf)
Subject: Re: Cryptonomicon - low priority posting
Date: Thu, 29 Jul 1999 22:21:22 -0500
=====BEGIN PGP SIGNED MESSAGE=====
Hash: SHA1
Michael Slass <[EMAIL PROTECTED]> wrote:
<delurking>
>Just finished _Cryptonomicon_ by Neal Stephenson.
[Cut]
>Fun, and certainly worth splitting the hardcover
>cost with a geeky friend.
I couldn't agree more. I'm about 370 pages into it now and
having a ball.
I have a friend who tells me he would rather watch flies mate
on a TV screen during an "I Love Lucy" marathon on some obscure
cable channel than be anywhere nearby when I begin talking
crypto. Convincing him he should read this book has been a bit
of a challenge, but I keep tossing him anecdotes from the
story, and I think I've got him converted.
For a novel, it may seem daunting at 900-plus pages, but it
reads quickly and is lots of fun.
Regards.
=====BEGIN PGP SIGNATURE=====
Version: PGP Personal Privacy 6.5.1
Comment: RSA & DH Public Keys Available On Keyservers
iQA/AwUBN6EaIY7Et3TIxVBTEQLEiwCgxvNUgb3JGhiRaVn58L4Xhyz8S/MAnA71
7WzCpmPhWMAWCp1/1leJLnlN
=l/Vy
=====END PGP SIGNATURE=====
--
W O L F | [EMAIL PROTECTED]
"A little while she strove and much repented; And
whispering, 'I will ne'er consent' - consented."
- BYRON, "Don Juan," I
------------------------------
From: [EMAIL PROTECTED] (Isaac)
Crossposted-To: talk.politics.crypto
Subject: Re: OTP export controlled?
Date: 30 Jul 1999 01:03:40 GMT
On Thu, 29 Jul 1999 17:18:11 GMT, Douglas A. Gwyn <[EMAIL PROTECTED]> wrote:
>
>I agree that for heavy-duty commercial use, key management needs
>to be addressed, but that has nothing to do with the crypto export
>regulations.
>
I disagree. I think it has everything to do with the regulations.
The regulations cannot be interpreted as permission to regulate
everything that could possibly be a crypto module. If they
were, I believe they'd be quickly overturned since many of the
modules have non crypto application. I do agree that
the result is that a good chunk of a working crypto system can
be assembled from exportable chunks. Hash routines, XOR functions,
random number generators are all exportable.
>You might consider that the code I posted *is* the crypto module
>that plugs into one of your "hooks", the rest of the system just
>implementing the user interface and key management infrastructure.
I guess I'm suggesting that the if the user interface and
key management infrastructure were exported as one piece, you
have run afoul of at least one interpretation of EAR, if the
remaining hole can be filled up with strong crypto.
Isaac
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Modified Vigenere cipher (typo correction)
Date: Thu, 29 Jul 1999 20:07:58 GMT
"Douglas A. Gwyn" wrote:
> Different methods are used for ciphertext autokey (where almost the key
> is known in advance!) entire ^
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: CSS/DVD Scrambler
Date: Fri, 30 Jul 1999 09:31:48 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> On Thu, 22 Jul 1999 10:03:17 GMT, [EMAIL PROTECTED] wrote:
>
> It's only available to companys producing DVD-players. They must
> sign a NDA. There are some Linux programmers that has figured out
> some of the CSS encryption algorithm. Here is a mailing list that
> discusses CSS.
>
> http://livid.on.openprojects.net/pipermail/livid-dev/
Yeah, that gets us the CSS keys, disk and title keys. But without the
actual algorithm they are cute to look at but don't really do anything
:)
Lund
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED] (David Enchelmaier)
Subject: speech scrambling
Date: Fri, 30 Jul 1999 09:32:06 GMT
Reply-To: [EMAIL PROTECTED]
Hi
I'm considering a digital speech scrambler as a final year university
project. Can anyone reccommend any good books or websites where I can
get more details about the process?
Please reply via email.
Thanks
David Enchelmaier
------------------------------
From: [EMAIL PROTECTED] (W.G. Unruh)
Crossposted-To: talk.politics.crypto
Subject: Re: OTP export controlled?
Date: 30 Jul 99 10:59:29 GMT
"Douglas A. Gwyn" <[EMAIL PROTECTED]> writes:
>You seem to have missed something crucial, to wit, the code I
>posted is a complete cryptosystem *if you choose to use it as one*.
>(Sender and receiver need to agree upon a file to use as the "key".)
>Yet I doubt that you're claiming it is "not exportable".
Yes. If its purpose is to encrypt communications, then it is a cryptosystem.
If its purpose is as a random number generator, then it is not a cryptosystem
and is not controlled.
If it is a cryptosystem, it is not exportable without a license (assuming that
the regulations are actually valid).
>It is ludicrous to think that export regulations can really keep
>foreigners from implementing decent encryption.
Not their purpose. Their purpose is to pervent US residents from providing
foreigners with decent encryption. What the foreingners do on their own
is not a purpose of the regulations.
------------------------------
From: [EMAIL PROTECTED] (W.G. Unruh)
Subject: Re: Anyone knows where to get original encryption source code?
Date: 30 Jul 99 11:09:42 GMT
"Digital" <[EMAIL PROTECTED]> writes:
>Or does anyone knows of any encryption programs that uses generic methods of
>encryption?
Sorry, any encryption has to be specific. What do you mean by "uses generic"
Many inculding PGP will use a variety of encryptions, depending on the request
of the user.
------------------------------
From: [EMAIL PROTECTED] (W.G. Unruh)
Subject: Re: Prime numbers wanted
Date: 30 Jul 99 11:13:19 GMT
"Vincent" <[EMAIL PROTECTED]> writes:
>Is there any faster algorithm than the following one, which, given an (odd)
>number n, returns the first prime number p>=n ?
>Assuming that I have a function is_prime tellimg me if a number is (or has
>enough odd to be) prime (The Miller-Rabin test).
Well, don;t just use the Miller-Rabin test. divide by 3 5 7 11 13 17 first.
Most numbers will fail at that step, and dividing by them is
much faster than running the test
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: alt.folklore.computers
Subject: Re: How Big is a Byte? (was: New Encryption Product!)
Date: Fri, 30 Jul 99 09:39:39 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (Paul Guertin) wrote:
>[EMAIL PROTECTED] (Chris Hedley) wrote:
>
>> In article <7msb7u$10j$[EMAIL PROTECTED]>,
>> "Michael D." <[EMAIL PROTECTED]> writes:
>> > I think that a major problem that we all have is that our mothers,
yes, mine
>> > as well as yours, taught us that the first number is one(1) rather
than
>> > zero(0).
>> Which is a bit silly of them, really, considering their kids aren't born
>> one year old, but zero years.
>
>Except in Korea, and maybe other countries as well. A newborn is 1 year
old
>over there.
Or if you're a horse.
/BAH
Subtract a hundred and four for e-mail.
------------------------------
Date: Thu, 29 Jul 1999 08:52:39 -0400
From: [EMAIL PROTECTED]
Crossposted-To: alt.folklore.computers
Subject: Re: How Big is a Byte? (was: New Encryption Product!)
Jim Gillogly wrote:
>
> John Savard wrote:
> >
> > [EMAIL PROTECTED] wrote, in part:
> > >B. Kernigan identified this as the most important issue in programming
> > >in an interview with Unix Magazine (Journal?) about 8 years ago.
> >
> > Despite the fact that Brian Kernighan is a well-respected programmer,
> > and the co-author of several important books on C and Unix, I'm
> > tempted to say, based on your statement, that I feel sorry for him if
> > he thinks this is "the most important issue in programming".
>
> I haven't read that article, but I suspect Kernighan was not referring
> to the awe-inspiring spectacle of programmer wars over the deep
> underlying issue of 0-origin vs. 1-origin. However, the not unrelated
> "fence-post error" problem probably <is> the number one identifiable
> cause of programming errors: if you have 100 feet of fence and want
> fence posts every 10 feet, how many do you allocate? The answer is too
> often just enough to guarantee a memory fault when you plant the last
> one.
Since his statement refered to the fact that there are N objects in the
set 0..N-1 you are correct.
------------------------------
Date: Thu, 29 Jul 1999 08:50:16 -0400
From: [EMAIL PROTECTED]
Crossposted-To: alt.folklore.computers
Subject: Re: How Big is a Byte? (was: New Encryption Product!)
John Savard wrote:
>
> [EMAIL PROTECTED] wrote, in part:
> >John Savard wrote:
>
> >> And it is true that one begins counting with the first object, and if
> >> one has a first object, one has one object.
>
> >I disagree completely. If you are counting the sheep crossing the road,
> >and at some point in time I inquire as to the elapsed count you will
> >give me a natural not an ordinal number. If my query follows
> >immediately after the start of your count you have zero sheep not one.
> >So zero is the starting number.
>
> That kind of activity is a sort of counting. Normally, though, when
> one counts objects one moves towards a pool of passive objects, and
> begins counting by taking the first object in view or in hand.
>
> When one is counting events, then one must initialize to a zero state.
>
> >You may argue that you didn't "start counting" until the first sheep
> >arrived, but you were watching the road in the same state prior to the
> >first sheep as prior to the second sheep except for the value of your
> >"current count". So I maintain that you "started counting" when you
> >started watching for sheep, not when the first sheep arrived.
>
> >B. Kernigan identified this as the most important issue in programming
> >in an interview with Unix Magazine (Journal?) about 8 years ago.
>
> Despite the fact that Brian Kernighan is a well-respected programmer,
> and the co-author of several important books on C and Unix, I'm
> tempted to say, based on your statement, that I feel sorry for him if
> he thinks this is "the most important issue in programming".
While BK needs no defense from me I'll observe that from the tone of the
article he thought the question silly and gave a facetions answer. For
example, his answer to the question of what he'd change if he had to do
it all over again that that he would leave the E in the function
creat().
OTOH, if the problem is generalized to that of "initialization", or even
wider "edge effects", his statement is correct.
>
> Zero may be my first counter state, but it is not the number
> associated with the first item or event. As there are times when
> reserving a storage location for element zero of an array makes sense,
> and other times when it does not, because of the purpose to which the
> array will be put, flexibility is useful...but, on the other hand,
> having to specify this every time is wasteful too. Starting with
> element zero at least allows both option with, at worst, a slight
> waste of storage, which is probably worth it to make one's program
> easy to understand and document, and avoid unnecessary offset
> arithmetic.
>
> John Savard ( teneerf<- )
> http://www.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
Date: Thu, 29 Jul 1999 08:57:20 -0400
From: [EMAIL PROTECTED]
Subject: Re: Prime numbers wanted
Roger Carbol wrote:
>
> John Savard wrote:
>
> >>Does looking up the number in a table of primes count as a method?
>
> >Not for finding a 200 digit long prime that nobody's thought of
> >before, for use in forming an RSA modulus, no.
>
> Hmmm. Okay, let me ask this:
>
> 1) How big is the longest complete list of primes generally
> available? How long is the last number?
>
> 2) Is there some sort of ongoing initiative (a la SETI@home) to
> add to this list?
>
> Or is this another "making a list of all primes up to the 200 digit
> level would require turning every molecule in the universe into a
> computer and letting it run 15 billion years" issue?
Think it through even shallowly. 200 decimal digits is far larger than
the 10^79 particles in the universe. Thus we're gonna run out of paper
(or RAM) long before we get even "half way" there.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Virtual Matrix Encryption
Date: Fri, 30 Jul 1999 12:17:47 GMT
In article <7nq7c4$f2$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
>
> > Otherwise, there's no real description of the algorithm. It uses
> > "theoretically infinite matrices", whatever the hell they are.
IMHO,
> if
> > you want to secure your files, use PGP or another product that uses
> > proven algorithms.
> >
>
> Not too be picky but the algorithms in PGP have never been proven
> secure. They appear to be. However the algorithms in PGP have a more
> formal treatment (and less insane claims like OTP strength...)
>
Just out of curiosity, which algorithms in PGP haven't been proven
secure?
> VME is snake oil. They make wierd claims like 'inifite' size matrixes
> which is technically impossible for computers (or at all). I would
not
> read about them and pretty much deny their existance.
>
> Tom
> --
> PGP key is at:
> 'http://mypage.goplay.com/tomstdenis/key.pgp'.
> Free PRNG C++ lib:
> 'http://mypage.goplay.com/tomstdenis/prng.html'.
>
> Sent via Deja.com http://www.deja.com/
> Share what you know. Learn what you don't.
>
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: I improved the layout of my Compression Page take a look
Date: Fri, 30 Jul 1999 14:18:16 GMT
And one note by "Compression for Encryption" I mean the
kind of compression that should be done before one encrypts
a file. Assuming one has a nonrandom file that would be
shorter on the average with compression. Most compression
methods are not suitable to be used before the encryption
pass.
The actual page on encryption is http://members.xoom.com/ecil/compress.htm
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Virtual Matrix Encryption
Date: Fri, 30 Jul 1999 14:27:21 GMT
In article <7ns555$ajj$[EMAIL PROTECTED]>, [EMAIL PROTECTED] wrote:
>In article <7nq7c4$f2$[EMAIL PROTECTED]>,
> [EMAIL PROTECTED] wrote:
>>
>> > Otherwise, there's no real description of the algorithm. It uses
>> > "theoretically infinite matrices", whatever the hell they are.
>IMHO,
>> if
>> > you want to secure your files, use PGP or another product that uses
>> > proven algorithms.
>> >
>>
>> Not too be picky but the algorithms in PGP have never been proven
>> secure. They appear to be. However the algorithms in PGP have a more
>> formal treatment (and less insane claims like OTP strength...)
>>
>Just out of curiosity, which algorithms in PGP haven't been proven
>secure?
>
A lot of idiots demand proof. When in reality none of the methods in
current use have been proven secure except the OTP. So to anwser
your quetion again " NONE OF THE METHODS IN PGP" have been
proven secure. To anwser in another way you might be able to
understand. "ALL THE ALGORITHMS in PGP" have not been
proven secure.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
From: [EMAIL PROTECTED] (Patrick Juola)
Crossposted-To: alt.folklore.computers
Subject: Re: How Big is a Byte? (was: New Encryption Product!)
Date: 30 Jul 1999 09:56:24 -0400
In article <[EMAIL PROTECTED]>,
<[EMAIL PROTECTED]> wrote:
>On Thu, 29 Jul 1999, John Savard wrote:
>> Zero may be my first counter state, but it is not the number
>> associated with the first item or event. As there are times when
>> reserving a storage location for element zero of an array makes sense,
>> and other times when it does not, because of the purpose to which the
>> array will be put, flexibility is useful...but, on the other hand,
>> having to specify this every time is wasteful too. Starting with
>> element zero at least allows both option with, at worst, a slight
>> waste of storage, which is probably worth it to make one's program
>> easy to understand and document, and avoid unnecessary offset
>> arithmetic.
>
>The problem with this is that array[0] is the first item.
Only in C and its descendants; in Fortran, if I recall properly, array(1)
is the first item. In Pascal, I can define an array to start and finish
at any ordinal position -- and if I'm using a Real Language(tm) I can
define arrays based on any durn-fool index scheme I want. (I just
*love* the associative arrays available in /bin/awk.)
>The reason this
>is a problem is that in computer addressing the address refers to the next
>item in memory (i.e. the item that starts at array[0]).
No, the reason for this is that the semantics of C-style arrays are
defined as syntactic sugar over a pointer access. Which is one of
the most serious security/reliability holes in C/Unix.
-kitten
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
