Cryptography-Digest Digest #988, Volume #9 Thu, 5 Aug 99 01:13:03 EDT
Contents:
Re: What is "the best" file cryptography program out there? (KidMo84)
Question about Enigma (Neil)
About Online Banking Security (KidMo84)
frequency of prime numbers? (Sniggerfardimungus)
Re: What is "the best" file cryptography program out there? ([EMAIL PROTECTED])
Re: Question about Enigma (Jim Gillogly)
Re: Question about Enigma (David Hamer)
Re: frequency of prime numbers?
Re: Anonymous Web Browsing (KidMo84)
Re: security of algorithm? (Jim Gillogly)
Re: Is this a new authent/encrypt protocol? ("Dj Browne")
Re: Question about Enigma
Re: frequency of prime numbers? (Jim Gillogly)
Re: Is breaking RSA NP-Complete ? ("rosi")
Looking for GSM Authentication Algorithm A3 (Nikle Lin)
Re: Is this procedure sound ? (John M. Gamble)
Re: where to start? (David A Molnar)
Re: What is "the best" file cryptography program out there? (SCOTT19U.ZIP_GUY)
Re: What is "the best" file cryptography program out there? ([EMAIL PROTECTED])
Re: How to keep crypto DLLs Secure? ([EMAIL PROTECTED])
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (KidMo84)
Subject: Re: What is "the best" file cryptography program out there?
Date: 05 Aug 1999 02:16:32 GMT
I was thinking along the lines of ScramDisk, i have pgp6.0 off of replay's
site(www.replay.com) and it works pretty good. I guess i should have put
commercial products, even though i was lookin for freeware too. I haven't had
a chance to try out scott16. But i haven't used dos lately. At least i think it
uses dos, somebody might yell at me for that one. I have sort of grown away
from ms-dos, using windows98 at present time that is. Though when you are
recovering information dos is the best way to go.
Signed,
KidMo
------------------------------
From: [EMAIL PROTECTED] (Neil)
Subject: Question about Enigma
Date: Thu, 05 Aug 1999 01:25:09 GMT
I'm puzzled a bit..
If the sending and receiving stations each knew the rotor selection
and order, the ring settings and the initial "external" rotor
settings, what was the purpose of sending a "key" ??
I _assume_ that perhaps it was to allow a station receiving the coded
message to start with the prescribed external settings and then
determine a new external rotor setting to actually decode the message.
This would provide many more initial rotor settings than the
prescribed one .. is this correct??
------------------------------
From: [EMAIL PROTECTED] (KidMo84)
Subject: About Online Banking Security
Date: 05 Aug 1999 02:31:53 GMT
I was wondering how secure online banking really is. Has there been any
information written up about the topic. Specifically nations bank banking
online, the url is: http://www.nationsbank.com/online/tour/?statecheck=MO
At least for missouri's online banking.
To get to bare bone's they use Secure Socket Layer(SSL) With a password and id.
Signed,
KidMo
------------------------------
From: sl3nf.cc@usu@edu (Sniggerfardimungus)
Subject: frequency of prime numbers?
Date: 4 Aug 99 15:15:17 MDT
I ask this question here not because it necessarily relates to cryptography,
but to an interest of cryptographers, prime numbers; is there any reason to
believe that there are either a finite or an infinite number of primes? Even
better, is there any proof either way?
thanks...
rOn
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: What is "the best" file cryptography program out there?
Date: Wed, 04 Aug 1999 22:35:25 -0400
> That form of implicit trust scares me. What makes a 1024 bit key less
> secure then a 4096 bit key? (And if you say ease of solving you have
> no clue about the crypto world).
Did I ever say I had a clue about the crypto world? It probably doesn't,
but the big number sure looks cool doesn't it? =)
> para-phrase from HOPE conference.... PGP is good, they will not attack
> the math, the math is fine. An attacker will find another way. ...
>
> Basically even 512 bit keys are secure, but with the new technologies
> they will fall (in about 5-10 years), note that TWINKLE has never
> actually been built. 1024 bit keys requires to much for the 'MATRIX'
> step (guassian elimination) to make it feasible. So a 1024-bit key
> (heck even 768 bit keys) are fine from a math-attackers standpoint. If
> I could just upload a fake key in your name do I need to break the math?
Sure, you could upload a fake key to my name, it wouldn't have any of the
signatures attached to it, but be my guest. My key is on all the default
servers.
------------------------------
From: Jim Gillogly <[EMAIL PROTECTED]>
Subject: Re: Question about Enigma
Date: Wed, 04 Aug 1999 19:26:19 -0700
Neil wrote:
>
> I'm puzzled a bit..
>
> If the sending and receiving stations each knew the rotor selection
> and order, the ring settings and the initial "external" rotor
> settings, what was the purpose of sending a "key" ??
>
> I _assume_ that perhaps it was to allow a station receiving the coded
> message to start with the prescribed external settings and then
> determine a new external rotor setting to actually decode the message.
> This would provide many more initial rotor settings than the
> prescribed one .. is this correct??
Yes. Enigma is a stream cipher, and suffers the usual difficulty:
if several messages are sent in the same key, they can be identified
with a kappa test and solved in depth. The printed keys were good
for hours at a time (I think eight hours by the end of the war for
some networks), so if no session keys were used there could be a
great deal of depth. The operator was instructed to choose three
random letters, then encrypt them using a standard method and the
printed keys, then use those three letters to position the rotors
before beginning to encrypt. The three letters were encrypted
twice -- this allowed the receiver to verify that he had the right
key, but it was also a weakness that allowed the cryptanalysts a
peek into the beginning. The "choose three random letters" step
foundered as you would expect, with clerks picking letters in
order on the keyboard, like QWE or QAP or TZU. The rest of the
key was kept the same as on the day's key chart: the rotor order,
the ring settings, and the steckers.
As many mistakes as the German code clerks made, though, at an
unclassified NSA Historical Series lecture a couple of years ago
the speaker said the allies were far more lax in their cipher
procedures.
--
Jim Gillogly
13 Wedmath S.R. 1999, 02:03
12.19.6.7.11, 3 Chuen 19 Xul, Seventh Lord of Night
------------------------------
Date: Wed, 04 Aug 1999 22:15:24 -0400
From: David Hamer <[EMAIL PROTECTED]>
Subject: Re: Question about Enigma
Essentially correct...the 'key' was unique to the message
- or more usually the message part since the Army/Airforce
regulations restricted message length to 250 characters -
and added an additional level of security. Thus, each
message/part was enciphered with a different initial wheel
setting.
Neil wrote:
>
> I'm puzzled a bit..
>
> If the sending and receiving stations each knew the rotor selection
> and order, the ring settings and the initial "external" rotor
> settings, what was the purpose of sending a "key" ??
>
> I _assume_ that perhaps it was to allow a station receiving the coded
> message to start with the prescribed external settings and then
> determine a new external rotor setting to actually decode the message.
> This would provide many more initial rotor settings than the
> prescribed one .. is this correct??
David
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
David Hamer The Crypto Simulations Group
[EMAIL PROTECTED] http://www.eclipse.net/~dhamer
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
------------------------------
From: [EMAIL PROTECTED] ()
Subject: Re: frequency of prime numbers?
Date: 5 Aug 99 02:45:57 GMT
Sniggerfardimungus (sl3nf.cc@usu@edu) wrote:
: I ask this question here not because it necessarily relates to cryptography,
: but to an interest of cryptographers, prime numbers; is there any reason to
: believe that there are either a finite or an infinite number of primes? Even
: better, is there any proof either way?
Yes, there is a proof.
Suppose we knew all the prime numbers. Then we multiplied them all
together, and added 1. Oops: either that number is another prime number,
or it's divisible only by prime numbers that were missing from our list.
In fact, we even know roughly how primes thin out among larger and larger
numbers. I don't suppose you'ld be interested in studying the theory of
the Riemann zeta-function to find out how...
John Savard
------------------------------
From: [EMAIL PROTECTED] (KidMo84)
Subject: Re: Anonymous Web Browsing
Date: 05 Aug 1999 02:18:58 GMT
Yea i know proxy's are pretty easy, but i play games alot on this computer, and
proxy's really disable that sort of thing alot. There are some providors of
online software that do not release the ports that you connect to because of
fear of hacking. But i guess if you have some sort of port scanner or somethin
like that you could find out.
Signed,
KidMo
------------------------------
From: Jim Gillogly <[EMAIL PROTECTED]>
Subject: Re: security of algorithm?
Date: Wed, 04 Aug 1999 19:49:24 -0700
Gabe Simon wrote:
> 1) Start with plaintext message and 64 bit key.
>
> 2) Take each (8) byte of the key and churn it through 10 iterations of the
> Fibonacci sequence using it, and the bytes' position in the key (i.e. 1-8)
> for starting values. All of this is done modulo 256. This step is to
> reversibly pseudo-randomize the key.
>
> 3) Simply XOR the a byte of the (randomized) key with a byte of the
> plaintext message.
What do you do after 8 bytes? Another 10 iterations of Fib on the
key, or re-use the key, or what? If the former, the analyst
can try all 256 starting bytes in one position and look at every
eighth character. With the right starting byte value, the distribution
will match the underlying plaintext's statistics. For standard text,
about 18% of it will be spaces and 9-10% will be e's. If instead the
transmogrified key is re-used, it can be solved the same way as a
Vigenere -- see Kahn's "The Codebreakers" or any other standard text
for the techniques. In either case a brute force dictionary search
might turn up the right key, since the transformation would be assumed
known to the cryptanalyst. In any case, the maximum strength would
be 2^64 (too short); the actual strength is much less unless you're
doing something much more massive than the above steps suggest.
--
Jim Gillogly
13 Wedmath S.R. 1999, 02:40
12.19.6.7.11, 3 Chuen 19 Xul, Seventh Lord of Night
------------------------------
From: "Dj Browne" <[EMAIL PROTECTED]>
Subject: Re: Is this a new authent/encrypt protocol?
Date: Thu, 05 Aug 1999 02:49:32 GMT
>Greg wrote:
...
>>
>> Given Elliptic Curve encryption (points are uppercase),
>> Given message m, and its hash h,
>> Given Alice's private key a and public key A,
>> Given Bob's private key b and public key B,
>> Given a base point P,
>>
>> Assume A and B are well known, cannot be spoofed, and are verifiable
>> via alternate means (e.g.- phone call, personal visit).
>>
>> Alice sends message m to Bob by deriving a hash (h) for the message
>> then encrypting it with abhP producing c (cipher text). The secret S
>> is defined as:
>>
...
Maybe I'm overlooking something here but....When Alice is encrypting her
message to Bob you have her using Bob's private key....thats a Bad Thing.
Alice should never know Bob's private key.
Let me know if I have missed something.
Later,
d
------------------------------
From: [EMAIL PROTECTED] ()
Subject: Re: Question about Enigma
Date: 5 Aug 99 02:43:23 GMT
Neil ([EMAIL PROTECTED]) wrote:
: I _assume_ that perhaps it was to allow a station receiving the coded
: message to start with the prescribed external settings and then
: determine a new external rotor setting to actually decode the message.
: This would provide many more initial rotor settings than the
: prescribed one .. is this correct??
Yes, that is precisely why it was done.
If every Enigma message for a given day was sent with the same starting
position, then all the messages could be lined up, and it would be
possible to use a frequency count to determine which letters in each
column were common ones; the pattern of common and uncommon letters in
each message would allow guesses of words, or conclusions about which
common letters in some columns were consonants, and so on. (This is called
Kerckhoffs superimposition.)
Since the starting positions are random letters instead of text, they
can't be lined up in the same way (although other attacks were possible).
Visit
http://www.ecn.ab.ca/~jsavard/roto02.htm
for more detail on the Enigma.
John Savard
------------------------------
From: Jim Gillogly <[EMAIL PROTECTED]>
Subject: Re: frequency of prime numbers?
Date: Wed, 04 Aug 1999 19:33:50 -0700
Sniggerfardimungus wrote:
>
> I ask this question here not because it necessarily relates to cryptography,
> but to an interest of cryptographers, prime numbers; is there any reason to
> believe that there are either a finite or an infinite number of primes? Even
> better, is there any proof either way?
There's an infinite number of them, and an easy proof. Suppose the
number were finite. Then we can take the product of all the primes
and add one to it. This number is not evenly divisible by any of the
primes, since the remainder modulo each prime is 1. Therefore this
number is also prime, which contradicts our assumption that we could
enumerate all of them. Hence the assumption is false and the number
of primes is infinite.
--
Jim Gillogly
13 Wedmath S.R. 1999, 02:30
12.19.6.7.11, 3 Chuen 19 Xul, Seventh Lord of Night
------------------------------
From: "rosi" <[EMAIL PROTECTED]>
Subject: Re: Is breaking RSA NP-Complete ?
Date: Wed, 4 Aug 1999 22:43:34 -0400
Dear Bryan,
I do not know whether NPh should be unified on the 'definition' level.
I am not saying that you are wrong in saying that there is disagreement.
There might very well be. Maybe my problem is how to meaningfully
disagree.
(Wrote a lengthy one. Am erasing all of that. You may, but do not
have to, reflect on my earlier comments on complexity classes and
related issues in addition to reading other literature. I can be wrong.)
Think about it: Proper superset (of NPc). Neither sub nor sup of
PSPACE. Is PSPACE sup of NP(c)? And are you sure you do not
know what E is referring to?
Let us all give it some more thought. It won't hurt.
Thank you very much for the discussion.
--- (My Signature)
[EMAIL PROTECTED] wrote in message <7oa4fc$sl1$[EMAIL PROTECTED]>...
>"rosi" wrote:
>
>> Why NP, and why not X1, X2, etc. and forget about complexity? Is it
>> already too crowded over there?
>
>Anyone is welcome to forget about complexity.
>
>> Something carrying the name of NP but goes beyond NP?
>
>If it isn't NP, please don't call it NP.
>
>> At
>> this point, forgive me for asking a silly question (as NP is getting
>> so vague now)
>
>NP is not the slightest bit vague.
>
>> : Do CLR say NP-hard is part of NP?
>
>No.
>
>> Superset. It should not convey the sense of proper. If not proper,
>> there is 'no distinction'.
>
>The languages in NP-Hard are a proper superset of
>NP-complete.
>
>> If proper, we have NPh into E? into PSPACE?
>> or into just-a-bit-tight-for-SPACE? :)
>
>NP-Hard is neither a subset nor superset of PSPACE.
>I'm not sure what E is.
>
>> I lack math training, but I hold that there is 'hard' and there is
>> 'easy'.
>> There may be 'not-so-easy-and-not-so-hard'. I only need to see a
>> sensible definition (in complexity terms).
>
>As noted, there is disagreement about the definition
>of NP-Hard. You can easilly find the definitions of
>all the others.
>
>--Bryan
>
>
>Sent via Deja.com http://www.deja.com/
>Share what you know. Learn what you don't.
------------------------------
From: Nikle Lin <[EMAIL PROTECTED]>
Subject: Looking for GSM Authentication Algorithm A3
Date: Thu, 05 Aug 1999 12:16:54 +0800
Hi All:
I'm looking for the design and implemetation of GSM Authentication
Algorithm A3. Can anyone give me a ahnd?? Thanks in advance!!
------------------------------
From: [EMAIL PROTECTED] (John M. Gamble)
Subject: Re: Is this procedure sound ?
Date: 5 Aug 1999 03:53:18 GMT
In article <7o93im$orv$[EMAIL PROTECTED]>,
Krunoslav Leljak <[EMAIL PROTECTED]> wrote:
>JPeschel <[EMAIL PROTECTED]> wrote:
>: <[EMAIL PROTECTED]>
>
>:>I would like to know if the following procedure is a sound one, if this is
>:>stupid please tell me.
>:>
>:>Encrypt the plaintext with something like Blowfish.
>:>Use PGP to encrypt the Blowfish output so that it may be transmitted by
>:>e-mail etc.
>:>
>:>The Blowfish key is personally handed to the proposed recipient.
>:>The PGP key would be a public one as normal.
>
>: Sound? Maybe. Redundant? Yes.
>
>Maybe a short explanation why...
>Redundant is encryption with Blowfish, why...
>Because PGP does same job...
>So,
>Text -(Blowfish)->Ciphertext -(PGP-> Ciphertext
>or
>Text -(PGP)-> Ciphertext...
>
>Blowfish stage is redundand, except if you want double encryption
>with two different algorhythms...
>
This use-one-encryption-to-hide-another scheme made me think of
a variation on this.
Agent A and Base B have the following set-up:
A can not reach B beyond her initial hiring as an agent, so they
cannot set up an exchange of One-Time-Pads. A and B use PGP
instead.
But, once a month, B uses PGP to send A a list of One-Time-Pad
digits. For all other communication, A and B use the OTP.
Would this be more secure than using PGP alone? The theory
is that since PGP is being used only once a month, rather than,
say, once a day, the chances of cracking the code are reduced.
On the other hand, you are tranmitting your OTP codes twice,
once PGP encrypted, and once in some modulo/xor format with
your plaintext, which might give a cracker an edge if there
is some way to connect the two.
I don't know if the advantage is truly an advantage, and i
don't know if the double-sending of the OTP is a flaw. Any
thoughts?
Hey, if it's sound, can we call it the Gamble Procedure?
Thanks,
-john
February 28 1997: Last day libraries could order catalogue cards
from the Library of Congress.
--
Pursuant to US Code, Title 47, Chapter 5, Subchapter II, '227,
any and all unsolicited commercial E-mail sent to this address
is subject to a download and archival fee in the amount of $500
US. E-mailing denotes acceptance of these terms.
------------------------------
From: David A Molnar <[EMAIL PROTECTED]>
Subject: Re: where to start?
Date: 5 Aug 1999 04:16:03 GMT
[EMAIL PROTECTED] wrote:
> In article <7oa0ho$9c9$[EMAIL PROTECTED]>,
> "Claudio Facilla" <[EMAIL PROTECTED]> wrote:
>> Well, i was starting to study cryptology - I've found on net many
>> information but no point of start...
>>
>> any help for this?
> Well I like the word 'Cryptography' more... does that help?
Not much, unless we want to start distinguishing between to what the two
words refer. Let's not do that.
Helger Lipmaa just posted a list of online cryptography information in a
separate thread. Try to find that, since it lists several excellent and
introductory sources of info.
>>
>> My problem: i have 3 or 4 number (as 2358 2569 2558 and 2589 3698
> 4571)...
>> and so on - i want to find the algorithm of generation... where to
> start?
>From context. Where did you get the numbers? Who generated them? What kind
of software are they running? Were the numbers generated "randomly" or do
you think they're a ciphertext of some kind?
-David
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: What is "the best" file cryptography program out there?
Date: Thu, 05 Aug 1999 05:30:43 GMT
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] (KidMo84)
wrote:
>I was thinking along the lines of ScramDisk, i have pgp6.0 off of replay's
>site(www.replay.com) and it works pretty good. I guess i should have put
>commercial products, even though i was lookin for freeware too. I haven't had
>a chance to try out scott16. But i haven't used dos lately. At least i think it
>uses dos, somebody might yell at me for that one. I have sort of grown away
>from ms-dos, using windows98 at present time that is. Though when you are
>recovering information dos is the best way to go.
>
>Signed,
>KidMo
Actually I have windows 95 and run it in a dos window. A friend of mine is
using scott19u on a windows 98 but I have not tested it on such a system.
I will release 2 newer versions after my contests end in November. As you
can see I get lots of hate mail. Even Mr B.S. and Dave Wagner have
slammed my stuff and Dave even claimed his new Slide Attack would
mean the death of my method. But like most pompous asses he was
just blowing smoke out his ass. Many of the creeps on this site can't
seem to follow source code. My stuff comes complete with all source
code and is in C. It was compiled with DJGPP C.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: What is "the best" file cryptography program out there?
Date: Thu, 05 Aug 1999 04:26:00 GMT
In article <7oan7j$ai1$[EMAIL PROTECTED]>,
Bob Silverman <[EMAIL PROTECTED]> wrote:
> How refreshing! A common sense reply! How rare in this newsgroup!
>
> Anyone who thinks that even 2048 bits are needed is clearly
> clueless about the subject.
I try...
Would anyone disagree that for personal use (say lifetime of 5-10
years) a 768 bit key would work? Of course for actual real business
use the keys would have to be verified in person (say reading the
footprint in person). Or have a secure HTTP+password and implicitly
trust that (for example) Tom St Denis is
at 'http://mypage.goplay.com/tomstdenis/key.pgp'?
A 768 bit key has several advantages over say 4096 bit keys
1) Smaller. If you are running a server you can store more public keys
( in rom or EPROM) then the larger keys. Also wouldn't signatures be
smaller (in RSA for sure) since the actual number would be smaller?
This means signed messages would have less overhead.
2) Faster. The smaller numbers means the operations would be done much
quicker. Also key generation would be much quicker.
Clearly there is no big security benefit of say 2048-4096 bit keys
since it's easy to fake keys on servers (a bit harder on FTP and HTTP
sites with good software+passwords ...).
Tom
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: How to keep crypto DLLs Secure?
Date: Thu, 05 Aug 1999 04:51:56 GMT
In article <V12q3.2139$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (Dmitri Alperovitch) wrote:
> All right, before this dicussion goes any further, I'd like to make
one point.
> Basically, you can do various things (i.e. checksums, etc) to make
the
> attacker's life difficult, but the end result is that it's ALL going
to be
> reversible. Some "solutions" may be more difficult to reverse than
others, but
> neverthless they can ALL be reversed and cracked. There is simply no
way
> around it. All programs can be disassembled and debugged and all it
would
> take is a smart cracker to NOP the encryption routine and reverse
whatever
> checks you've placed in your program.
One way is to disasm all incoming programs before you run them ... Or
keep multiple copies and compare or ...
You can make things difficult if you hash the binaries, right down the
hash and compare before using. If the installation binary was correct
any modification would most likely show up. But of course this could
be subverted (worm the hash program as well ...)
Tom
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
