Cryptography-Digest Digest #993, Volume #9 Thu, 5 Aug 99 20:13:03 EDT
Contents:
Re: Transposition and substitution algorithms ??? ("Douglas A. Gwyn")
Re: challenges / competitions??? (SCOTT19U.ZIP_GUY)
Re: challenges / competitions??? ("Douglas A. Gwyn")
Re: About Online Banking Security (Greg)
Re: ORB - Open Random Bit Generator (Paul Koning)
Re: any literature about trusted unit? (Jim Gillogly)
Re: frequency of prime numbers? (Jim Gillogly)
Re: Need letter frequencies (Jim Gillogly)
Re: Will someone please flame me??? ("ME")
Re: About Online Banking Security (Dean Povey)
Re: Looking for GSM Authentication Algorithm A3 ("Eugeniusz Bodo")
Do Window Apps using CryptAPI exist? (Greg)
Re: Error-Correcting Codes Added to Web Site ([EMAIL PROTECTED])
Re: Error-Correcting Codes Added to Web Site (John Savard)
Re: Good generators and primes for Diffie Hellman (Doug Stell)
Re: About Online Banking Security ([EMAIL PROTECTED])
Re: Transposition and substitution algorithms ??? (John Savard)
Re: beginner question re. MD5 and one-way hashes (Jerry Coffin)
Re: Transposition and substitution algorithms ??? (Jerry Coffin)
Re: Random numbers in practice (Alwyn Allan)
----------------------------------------------------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Transposition and substitution algorithms ???
Date: Thu, 5 Aug 1999 20:26:01 GMT
wtshaw wrote:
> But, when you deal with gross changes in format, it is substitution, or
> something else?
Indeed, ultimately every encryption system merely replaces the plaintext
by some ciphertext, which could be considered a large-scale
substitution.
In practice, large-scale substitution cannot be performed without
subdividing the operation, because to handle the toality of possible
plaintexts would require an impossibly large codebook. If one looks
at the lowest levels of subdivision, *then* the operations tend to be
either a (block) replacement (a.k.a. "encoding") or a rearrangement
("permutation"). If there is a third basic means of invertible
transformation, it would sure be interesting to hear about.
> Something like XOR is clearly another example that fails to fit cleanly
> into either category, ...
XOR operations used within a transformation module need not fit the
categories any more than electrons need to fit the categories.
However, XOR as a means of combining key with plaintext to produce
ciphertext is clearly a substitution process.
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: challenges / competitions???
Date: Thu, 05 Aug 1999 21:52:58 GMT
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
(DJohn37050) wrote:
>There are the RSA and DES challenges from RSA Labs and the ECC challenge from
>Certicom. These have money/prizes attached to the harder problems.
>Don Johnson
So does mine and the software is free.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: challenges / competitions???
Date: Thu, 5 Aug 1999 20:34:20 GMT
Gabe Simon wrote:
> I was just wondering if anyone knew about a website that had
> cryptanalysis challenges for people to try to solve. I was hoping
> for something with multiple levels of difficulty for us newbies out
> there... If such a site does not exist... would anyone be interested
> in making one? I know I would... it wouldn't be too hard to
> organize...
The "Zendian problem" messages are available somewhere, perhaps via
the ACA "crypto drop box". It is best if you also get the book from
Aegean Park Press, since it cintains some starting hints etc. that
aren't in the on-line archives. Be warned that this is a rather
tough problem, but with perserverance and an understanding of
MilCryp I and II you should be able to recover most of the plaintexts.
It is *also* a problem in Traffic Analysis; you should be able to
reconstruct most of the "cryptonet" and identify the Military units
that sent/received most messages.
------------------------------
From: Greg <[EMAIL PROTECTED]>
Subject: Re: About Online Banking Security
Date: Thu, 05 Aug 1999 22:35:49 GMT
> ATMs are for the most part secure devices
> now (???).
Would you say that 40 bit SSL over the internet is more insecure than
ATM machine comm lines? If not, then what's the difference?
--
The US is not a democracy - US Constitution Article IV Section 4.
Democracy is the male majority legalizing rape.
UN Security Council is a Democracy. NO APPEALS! Welcome to the NWO.
Criminals=Crime. Armies=Tyranny. The 2nd amendment is about tyranny.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: Paul Koning <[EMAIL PROTECTED]>
Subject: Re: ORB - Open Random Bit Generator
Date: Thu, 05 Aug 1999 17:47:03 -0400
Alwyn Allan wrote:
>
> Announcing ORB - Open Random Bit Generator
>
> ORB is a single-chip random bit generator featuring:
>
> * Low cost (~$2 each in production quantities)
> * Low power consumption (2 mA, 1 mA standby)
> * Wide operating voltage range (2.5 - 5.5 V)
> * Wide temperature range (-40 to 85�C, 125�C avail.)
> * Moderate speed (1000+ bits/sec)
> * Good statistical properties
> * Cryptographic quality randomness
> * Open design (not free)
That sounds like Microsoft "open" rather than the
normal definition of "open".
> * Simple interface
> * Small footprint (5.3 x 8.1 mm, 8-lead SOIC)
>
> ORB is based on a Microchip Technology 8-bit microcontroller, and uses
> one external resistor. Entropy is generated by a unique (patent pending)
> process in which a capacitor is charged and discharged according to the
> contents of a bitstream, and the capacitor's voltage is measured by an
> A/D converter. The low-order bits of the A/D results are "stirred" into
> an entropy pool, which is then processed through a cryptographic hash
> function (MD2).
That sounds like a bad design.
The right way to do this is to leave out the hash function.
For one thing, it simplifies things and eliminates the worry of finding
a hash that fits in tiny memory. Much more importantly, it lets someone
analyze the bitstream you get from the A/D, the one that's supposed to
have entropy in it, and see whether it does. One reason for doing that,
apart from verification of the design, is for online fault detection.
I'm puzzled by the description of your entropy generator. How does
charging and discharging a capacitor do that? Do you use the fact
that resistors are noisy? Fine, but if so, feeding that noise into
a capacitor rather defeats the point! And it should be obvious that
modulating that charge/discharge process with a bitstream doesn't
generate any more entropy than charging/discharging without that
influence.
On what physical process does this thing depend?
I like what you're describing, but you haven't provided any information
that justifies trusting what you've done.
paul
------------------------------
From: Jim Gillogly <[EMAIL PROTECTED]>
Subject: Re: any literature about trusted unit?
Date: Thu, 05 Aug 1999 14:53:06 -0700
Douglas A. Gwyn wrote:
> The DoD "rainbow" books are available somewhere on the Web; I saw them
> there the other day, but don't recall just where.
I have a set that I'm planning to mulch unless I can find a good home
for them -- I'm out of bookshelf space. Free for book-rate postage
from California.
--
Jim Gillogly
13 Wedmath S.R. 1999, 21:51
12.19.6.7.11, 3 Chuen 19 Xul, Seventh Lord of Night
------------------------------
From: Jim Gillogly <[EMAIL PROTECTED]>
Subject: Re: frequency of prime numbers?
Date: Thu, 05 Aug 1999 15:07:32 -0700
John McDonald, Jr. wrote:
>
> On 4 Aug 99 15:15:17 MDT, sl3nf.cc@usu@edu (Sniggerfardimungus) wrote:
>> ... is there any reason to
>> believe that there are either a finite or an infinite number of primes?
> I believe, (and I could be mistaken) that this is addressed in a
> rather lengthy proof by Goedel. He purports that mathematics is an
> incomplete and infinite system.
No, it's a rather short proof by Euclid: Book IX, Proposition 20.
It's normally called Euclid's Second Theorem.
--
Jim Gillogly
13 Wedmath S.R. 1999, 22:02
12.19.6.7.11, 3 Chuen 19 Xul, Seventh Lord of Night
------------------------------
From: Jim Gillogly <[EMAIL PROTECTED]>
Subject: Re: Need letter frequencies
Date: Thu, 05 Aug 1999 15:40:42 -0700
LasombraXX wrote:
> Once upon a time I had a chart listing the approx. frequencies of each
> letter in the the English language. Can anyone provide me with this info, or at
> least point me to a site that has it? Thanks.
It depends dramatically on the body of text you're looking at. Telegraphic
or military text will be quite different from normal literary English. You
should roll your own frequency tables from the kind of text you want to use
them on. However, to get you started, here are the frequencies for the
alphabetic characters only of all of the Sherlock Holmes stories:
338362 0.1232 65 e
248560 0.0905 74 t
224500 0.0817 61 a
214597 0.0781 6f o
189367 0.0689 69 i
183459 0.0668 68 h
181894 0.0662 6e n
172558 0.0628 73 s
157121 0.0572 72 r
118455 0.0431 64 d
109008 0.0397 6c l
83379 0.0304 75 u
76015 0.0277 6d m
72640 0.0264 77 w
68032 0.0248 63 c
57939 0.0211 79 y
57395 0.0209 66 f
49868 0.0182 67 g
42919 0.0156 70 p
39936 0.0145 62 b
27973 0.0102 76 v
22029 0.0080 6b k
4204 0.0015 78 x
2791 0.0010 6a j
2374 0.0009 71 q
1318 0.0005 7a z
The first column is actual character count, the second is proportion
for that letter, the third is hex value of the letter. Note that the
order is close to the printer's traditional mantra ETAOIN SHRDLU.
If you include word divisions, expect the space character to be about
18% and the letters to drop accordingly.
--
Jim Gillogly
13 Wedmath S.R. 1999, 22:35
12.19.6.7.11, 3 Chuen 19 Xul, Seventh Lord of Night
------------------------------
From: "ME" <[EMAIL PROTECTED]>
Subject: Re: Will someone please flame me???
Date: Fri, 6 Aug 1999 08:37:02 +1000
I think there are patents similar to this scheme, but using smaller bit
length values.
1024, 320 bits etc are overkill, in the method and implementation I have
seen.
Lyal
Michelle Davis wrote in message <[EMAIL PROTECTED]>...
>I put up my 'infallible authentication scheme' a few days back, and
>got absolutely nothing save for a polite response from Tom Dennis,
>saying that the 3DES was overkill. Come on, people, I'm dissapointed.
>I was expecting at least eighteen messages within the first day,
>filled with razor-sharp comments about my scheme's stupidity. I need
>criticism!!! Please supply it, you do it so well.
>
>Here is the previous message, in case you're at all inclined...
>
>>>
>I've come up with an identification solution that looks
>too good to be true. I'd really appreciate it if someone could tell me
>if I'm right or wrong, because I've gone over this a hundred times and
>can't find a problem with it. The scheme is as follows:
>
>Key generation: A pseudorandomly-generated central key-seed is split
>in half. Each half is
>coupled to one half of a user ID, such that two 1024 strings are
>obtained (The 36-bit ID comprises only 18 bits of each). Each of these
>strings is run through 3DES, with the key being a derivative of the
>central key seed. The two results are separately hashed. The two
>message digests are joined to form a 320-bit secret key. This key can
>be extrapolated by any entity knowing the central key seed, without
>having to keep a database of secret keys.
>
>Authentication: The user attaches a timestamp to his ID, joins this to
>his secret key (320 bits), and pads it to 512 bits. This string is
>then 3DES-encrypted, using a key which is a derivative of the secret
>key. The result is hashed, yielding a 160-bit message digest. The left
>80 bits are sent to the authenticating entity, together with the ID
>and timestamp in unencrypted form. The authenticating computer
>performs the exact same operation: obtains the user's secret key
>through the procedure detailed in Key Generation; attaches the
>timestamp and ID; pads; encrypts; and hashes. The left 80 bits of the
>result are compared with what was sent by the user, and if equal, it
>authenticates.
>
>Attack: Now comes the good part. This thing is completely and utterly
>resistant to attack. Let's say our attacker knows 192 bits of the
>string to be hashed (timestamp, padding, etc.), and wants to use this
>to do a dictionary attack. He finds that since the 512-bit string has
>been passed through 3DES, what has been hashed is in fact a completely
>pseudorandom string, which has zero known elements (we are working on
>the still-valid assumption that a feistel cipher like 3DES produces
>effectively pseudorandom ciphertext). So maybe he wants to attack
>3DES. Well, let's assume this is 2010, and our attacker has a machine
>which can break 3DES in one second flat. What does he use for his
>analysis? All he has is a partial plaintext. He has no ciphertext, no
>idea what the key is: In other words, absolutely nothing. _If_ he had
>the 3DES ciphertext, supposedly he could do a correlated dictionary
>search, using known elements of the plaintextext, and find the unknown
>320-bit secret key. But to obtain the ciphertext, he must first get
>back to 512 bits from a truncated message digest. This, even in the
>year 2100, could take several thousands of years, unless serious
>faults were found in SHA-1.
>>>
>
>Thanks,
>Michelle
------------------------------
From: [EMAIL PROTECTED] (Dean Povey)
Subject: Re: About Online Banking Security
Date: 5 Aug 1999 22:54:34 GMT
[EMAIL PROTECTED] (KidMo84) writes:
>I was wondering how secure online banking really is. Has there been any
>information written up about the topic. Specifically nations bank banking
>online, the url is: http://www.nationsbank.com/online/tour/?statecheck=MO
>At least for missouri's online banking.
>To get to bare bone's they use Secure Socket Layer(SSL) With a password and id.
Check out this paper: http://security.dstc.edu.au/papers/searcc98-bank/, which
describes one aspect of online banking security (although it is not specific
to Online banking).
Redhead, T & Povey, D. The Problems With Secure On-line Banking. In
Proceedings of the XVIIth annual South East Asia Regional
Conferance (SEARCC'98). July, 1998
Abstract
A growing awareness of the commercial benefits of online banking have
contributed to a sense of urgency among banks to deploy such systems.
However, while security of the communications is usually well considered,
most do not sufficiently address the security of the platform on which
these applications run. In this paper, we outline two existing on-line
banking schemes and describe how this weakness can be exploited to subvert
the authentication mechanisms in these systems. The aim is to show that
these types of attack are not just theoretically possible, but practical
and even easy to implement. We present alternative approaches for securing
the authentication of on-line banking applications including a new method
that provides an effective compromise between security and other
concerns.
~
--
Dean Povey, | e-m: [EMAIL PROTECTED] | JCSI: Java Crypto Toolkit
Research Scientist | ph: +61 7 3864 5120 | security.dstc.edu.au/
Security Unit, DSTC | fax: +61 7 3864 1282 | Oscar - C++ PKI Toolkit:
Brisbane, Australia | www: security.dstc.edu.au/ | oscar.dstc.qut.edu.au/
------------------------------
From: "Eugeniusz Bodo" <[EMAIL PROTECTED]>
Subject: Re: Looking for GSM Authentication Algorithm A3
Date: Thu, 05 Aug 1999 23:02:07 GMT
> A3 is used to calculate a result using a 128 bit "random" number,
> generated by the network, and a shared secret. If the results match, you
> may proceed. The SIM contains both the secret and the A3 function.
>
> Since only the random excitation and the result need be transferred in
> the network, A3 can be anything. It is meant to be a trapdoor function
> that the operators may choose themselves, and need not publish it. The
> A8 function, used to generate session keys, is operator-dependent in the
> same way.
Do you know anything about A5?
Eugeniusz
------------------------------
From: Greg <[EMAIL PROTECTED]>
Subject: Do Window Apps using CryptAPI exist?
Date: Thu, 05 Aug 1999 22:39:24 GMT
Other than Microsoft Outlook Express, and probably other Microsoft
products, I don't know of any applications that use Microsoft's
CryptAPI archictecture. Can anyone tell me of such apps by third
parties?
--
The US is not a democracy - US Constitution Article IV Section 4.
Democracy is the male majority legalizing rape.
UN Security Council is a Democracy. NO APPEALS! Welcome to the NWO.
Criminals=Crime. Armies=Tyranny. The 2nd amendment is about tyranny.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Error-Correcting Codes Added to Web Site
Date: Thu, 05 Aug 1999 22:32:16 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] () wrote:
> Having finally found an intelligble description of the binary Golay
code -
> in a book on error-correcting codes by Vanstone and Van Oorschot*, two
of
> the authors of the Handbook of Applied Cryptography (!) - I've added a
> section on error-correcting codes to my web page now that I could
include
> the things on it I wanted to.
>
> It's at
>
> http://www.ecn.ab.ca/~jsavard/mi0602.htm
>
It would be good to add links to some better error correcting
codes at the end, like Turbo codes
http://www331.jpl.nasa.gov/public/JPLtcodes.html
and Gallager codes
http://wol.ra.phy.cam.ac.uk/mackay/codes/
- Bob Jenkins
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Error-Correcting Codes Added to Web Site
Date: Thu, 05 Aug 1999 23:36:11 GMT
[EMAIL PROTECTED] wrote, in part:
>It would be good to add links to some better error correcting
>codes at the end, like Turbo codes
> http://www331.jpl.nasa.gov/public/JPLtcodes.html
>and Gallager codes
> http://wol.ra.phy.cam.ac.uk/mackay/codes/
Ah, so I'm out of date!
Of course, Turbo codes are still patented, so of limited interest to
the person who is trying to write the next PGP, but there is lots I
have on my site that's just there for casual interest...
I may add material on these codes to my site if I think I can explain
them more simply or less technically.
John Savard ( teneerf<- )
http://www.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: [EMAIL PROTECTED] (Doug Stell)
Subject: Re: Good generators and primes for Diffie Hellman
Date: Thu, 05 Aug 1999 22:14:51 GMT
On 05 Aug 1999 17:11:45 GMT, [EMAIL PROTECTED] (DJohn37050) wrote:
>There are certain attacks that are often possible (sometimes called small
>subgroup attacks) if the generator is not a generator of a large prime-order
>subgroup. In this context, one usually wants the order to be a 160-bit prime
>or larger.
Quite correct and this is part of the DSS parameter scheme, which is
also recommended for use with KEA.
The KEA spec even includes test for the proper generator used to
generate the ephemeral public key R^q = (g^r)^q = (g^q)^r = 1 mod p.
What you are testing for is that the other guy used the right g by
proving that g^q =1 mod p. Certification authorities similarily test
the Y before signing a certificate.
My previous reply was based on my assumption that D-H frequently uses
a g that is primitive with respect to p. However, D-H works just fine
with DSS style parameters.
Thanks Don for pointing this out.
doug
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: About Online Banking Security
Date: Thu, 05 Aug 1999 22:44:57 GMT
Mr. St. Denis:
If you must go through life as the arrogant, misanthropic asshole that
you obviously are, please have the decency to keep your vitriolic
emotional bile to yourself. Follows a small sample of the negative crap
with which you have polluted sci.crypt. Between your and Bob
Silverman's answering so many questions and erroneous postings with
remarks to the effect of, "Well, if you were an overeducated ubermensch
like I am, and not a mentally challenged imbecile like yourself, you
would already know...", it's a wonder that anyone with a reasonable
question has the nerve to post at all. According to the charter,
sci.crypt is a forum for
"discussion of the _science_ of cryptology, including cryptography,
cryptanalysis, and related topics such as one-way hash functions"
This charter does not seem to indicate that sci.crypt is a forum for
insecure superannuated adolescents to try to make themselves feel better
by belittling other participants.
Try being nice for a change, even to those not gifted with your
inestimable intellectual powers. You may find that people treat you
better, and waiters might even stop hocking up loogies in your food.
Much Love,
Jesse Ross
P.S. I was guessing at your name from your deja address. Please accept
my apologies if I've mangled it.
=========================================================
Excerpts from tomstdenis's postings to sci.crypt
--
[this is one of my favorites, because both you and BobS are quoted,
patting each other on the back for being so much more clever than the
rest of us]
In article <7oan7j$ai1$[EMAIL PROTECTED]>,
Bob Silverman <[EMAIL PROTECTED]> wrote:
> How refreshing! A common sense reply! How rare in this newsgroup!
> Anyone who thinks that even 2048 bits are needed is clearly
> clueless about the subject.
I try...
--
[HellPhyre raises the point that sci.crypt is for Q&A, not just experts]
tomstdenis <[EMAIL PROTECTED]>
Posting History Member Profile
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> > That form of implicit trust scares me. What makes a 1024 bit
> > key less secure then a 4096 bit key? (And if you say ease of
> > solving you have no clue about the crypto world).
>
> Did I ever say I had a clue about the crypto world?
--
[This is another good one, because it demonstrates your self-importance
in so few words]
You haven't even read my open questions have you? Can't answer them?
Figures ...
Tom
[How dare he not have read The Open Questions Of Tom St. Denis !?!?
BTW: If he hasn't read them, he doesn't know whether or not he can
answer them.]
--
[I've included the next one in its entirety, because it shows how you
can be a prick even while asking seemingly innocuous questions. It also
shows that you're lazy; some (not all) of your questions are answered on
the website for the ORB product. The URL was included in the post, but
you couldn't be bothered to check. This post also shows that you have
no shame; after insulting the ORB manufacturer's representative, you
have the cajones to ask for free samples!]
tomstdenis <[EMAIL PROTECTED]>
In article <[EMAIL PROTECTED]>,
Alwyn Allan <[EMAIL PROTECTED]> wrote:
> Announcing ORB - Open Random Bit Generator
>
> ORB is a single-chip random bit generator featuring:
>
> * Low cost (~$2 each in production quantities)
Of how many? Can hobbyist purchase orders of 10s, 50s or 100s?
> * Low power consumption (2 mA, 1 mA standby)
At how many volts? Standard 5v?
> * Wide operating voltage range (2.5 - 5.5 V)
> * Wide temperature range (-40 to 85�C, 125�C avail.)
> * Moderate speed (1000+ bits/sec)
Via what? A serial port? or SPI?
> * Good statistical properties
Says who?
> * Cryptographic quality randomness
Says who?
> * Open design (not free)
Where? Are there design specs online? Who designed it? Are there
custom chips avail?
> * Simple interface
You mean a single 8-bit data port?
> * Small footprint (5.3 x 8.1 mm, 8-lead SOIC)
Super.
> ORB is based on a Microchip Technology 8-bit microcontroller, and uses
> one external resistor. Entropy is generated by a unique (patent
> pending) process
> in which a capacitor is charged and discharged according to the
> contents of a bitstream, and the capacitor's voltage is measured by an
> A/D converter. The low-order bits of the A/D results are "stirred"
> into
> an entropy pool, which is then processed through a cryptographic hash
> function (MD2). Part of the hash result is the random output and part
> of
> it forms the bitstream to continue the process.
What is the period of the bitstream? What if the bitstream is biased? I
though chips using capacitors allready exist
...
> Orb is now shipping in sample quantities. Please see
>
> www.delanet.com/~apa/orb
>
> for more details.
Any freebies?
Tom
--
[Finally, the posting that prompted this one]
In article <7ob4kb$jk1$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> In article <[EMAIL PROTECTED]>,
> [EMAIL PROTECTED] (KidMo84) wrote:
> > I was wondering how secure online banking really is.
[snip]
>
> Most of the time these systems are designed by comp.sci majors without
> any background in cryptography (well isn't 40-bit SSL (RC4) secure
> enought?) ...
> Tom
[This seems a gross over generalization, especially from someone who
seems to value accuracy, and has ABSOLUTELY no tolerance for error in
others]
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Transposition and substitution algorithms ???
Date: Thu, 05 Aug 1999 23:28:01 GMT
[EMAIL PROTECTED] (wtshaw) wrote, in part:
>With all due respect John, that is not all you can do it all. Otherwise,
>how do you account for the things I do from, with, and to texts that can
>have nothing to do with bits.
Well, you can also substitute and transpose trits and digits and
letters...
and converting from one to another is another kind of substitution,
but one worth mentioning.
>Again, if modern only speaks to a limited few means of encryption, your
>definition of modern is wanting. There is no cap to processes in
>encryption, and no way to define modern as in more than a temporal way.
No; I simply noted that among what is current, one thing exists in
addition to transposition and _reversible_ substitution. I'm trying to
expand the definition, not contract it.
>It is a very good site.
Thank you: and, although I tend to concentrate my efforts on the
"conventional", I mention base conversion a couple of times, and of
course I mention alphabet-based ciphers as well as binary ones.
("From 47 bits to 10 letters", the conclusions section of the computer
chapter, where I discuss a block cipher that does base conversions in
its f-function, and the conclusions section of the last chapter.)
John Savard ( teneerf<- )
http://www.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: [EMAIL PROTECTED] (Jerry Coffin)
Subject: Re: beginner question re. MD5 and one-way hashes
Date: Thu, 5 Aug 1999 12:18:26 -0600
In article <7ocg6b$nd7$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] says...
> In article <[EMAIL PROTECTED]>,
> Jerry Coffin <[EMAIL PROTECTED]> wrote:
> > Note that this still gives a reasonable chance of a collision -- e.g.
> > given 200,000 inputs, a 32-bit hash has approximately a 200000/4G =
> > .005% chance of a collision.
>
> Actually, I think it's about 200000^2/2^33 ~ 4 expected collisions.
> (Birthday paradox.)
Between any of them, that sounds about right -- I was thinking of the
chances of a collision between the first one and any of the rest,
which isn't what's really relevant here.
------------------------------
From: [EMAIL PROTECTED] (Jerry Coffin)
Subject: Re: Transposition and substitution algorithms ???
Date: Thu, 5 Aug 1999 12:25:58 -0600
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] says...
[ ... are all forms of encryption based on substitution and/or
transposition? ]
> Something like XOR is clearly another example that fails to fit cleanly
> into either category, as it involves a higher level evaluation then simple
> substitution or simple transposion, as it requires that encoding step,
> which is intimately tied to the idea of bases.
This is not really true. An XOR is a substitution -- given (for
example) two bytes of input, you could implement XOR as a two-
dimensional lookup table, with one of the input bytes indexing in each
direction. Of course, that would be pretty wasteful of memory for
something that's easy to do by manipulating the bits, but it doesn't
change the fact that you're taking one input and substituting another.
------------------------------
Date: Wed, 04 Aug 1999 14:56:25 -0400
From: Alwyn Allan <[EMAIL PROTECTED]>
Subject: Re: Random numbers in practice
vincent wrote:
> If I have to use a RRNG, where can I find one (buy one or how do I write
> one).
If you use Pentium III PC's only, see if Intel will give you the details on
their device.
If you want to harvest entropy from physical peripherals, see Schneider's
YARROW.
If you want a cheap, open-design chip, see my new ORB at
http://www.delanet.com/~apa/orb
Thanks.
-----------== Posted via Newsfeeds.Com, Uncensored Usenet News ==----------
http://www.newsfeeds.com The Largest Usenet Servers in the World!
======== Over 73,000 Newsgroups = Including Dedicated Binaries Servers =======
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
