Cryptography-Digest Digest #32, Volume #10 Wed, 11 Aug 99 23:13:02 EDT
Contents:
Re: Why does MS-Visual C++ ABSOLUTELY REQUIRE . . . (Jerry Coffin)
Re: My web site is up! (Greg)
Re: simultaneous multiple exponentiation (Wei Dai)
Re: NIST AES FInalists are.... (Matt Curtin)
Re: NIST AES FInalists are.... (Matt Curtin)
Re: My web site is up! (SCOTT19U.ZIP_GUY)
Re: frequency of prime numbers? ("karl malbrain")
Using floating-point arithmetic in cryptography (D. J. Bernstein)
Re: solitaire, cryptonomicon (Michael Slass)
Re: Cipher-Feedback Mode (John Savard)
Re: My web site is up! (Greg)
Re: My web site is up! (Greg)
Re: My web site is up! (Greg)
Do I have a problem with semantics? ("rosi")
Re: My web site is up! (Greg)
Re: My web site is up! (Greg)
Re: NIST AES FInalists are.... ("Douglas A. Gwyn")
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Jerry Coffin)
Crossposted-To: comp.lang.c++
Subject: Re: Why does MS-Visual C++ ABSOLUTELY REQUIRE . . .
Date: Wed, 11 Aug 1999 18:17:32 -0600
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] says...
[ IE being needed for visual studio help files ]
> Why? What is special about IE that any other HTML viewer does not have>
As has already been pointed out here repeatedly, the ability to read
the help files.
------------------------------
From: Greg <[EMAIL PROTECTED]>
Subject: Re: My web site is up!
Date: Wed, 11 Aug 1999 23:37:40 GMT
In article <[EMAIL PROTECTED]>,
"Robert J. Clark" <[EMAIL PROTECTED]> wrote:
> Greg wrote:
> >
> >> They where not to bright and used spaces in there image titles.
> >
> > What do you mean by image, title, and spaces?
>
> Don't want to get dragged into an argument, but spaces are not valid
> characters in a URL:
> ftp://ftp.isi.edu/in-notes/rfc1945.txt
> Sections 3.2.1 and 3.2.2
> MSIE can handle them, Netscape does not.
> - Rob
I will change that tonight... Thanks for the heads up...
--
The US is not a democracy - US Constitution Article IV Section 4.
Democracy is the male majority legalizing rape.
UN Security Council is a Democracy. NO APPEALS! Welcome to the NWO.
Criminals=Crime. Armies=Tyranny. The 2nd amendment is about tyranny.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED] (Wei Dai)
Subject: Re: simultaneous multiple exponentiation
Date: Wed, 11 Aug 1999 15:54:33 -0700
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] says...
> Bob Silverman wrote:
> > Montgomery's algorithm is just a way of computing a*b mod C that uses
> > no division.
Not quite. Montgomery's algorithm is a way of computing a*b/R mod C
without using division, where C is odd and R = 2^k > C for some integer
k.
> The arguments presumably need to be converted. Is this done by Mont(x,
> R^2 mod m)?
> Also, what goes into the first position of the pre-computed matrix? It
> normally takes 1. Does it take R mod m instead?
Yes, and yes. You'll need to do n (where n is the number of bases)
conversions into Montgomery representation, and one conversion out.
Take a look at Crypto++ (http://www.eskimo.com/~weidai/cryptlib.html) for
an example of using the cascade exponentiation algorithm (as it's called
in Crypto++ and some papers) with the Montgomery multiplication
algorithm.
BTW, I hope people will adopt the term "cascade exponentiation" for
computing a^b*c^d and reserve "simultaneous exponentiation" for
simultaneously computing g^a and g^b which can be sped up with a similar
algorithm.
------------------------------
From: Matt Curtin <[EMAIL PROTECTED]>
Subject: Re: NIST AES FInalists are....
Date: 11 Aug 1999 20:46:29 -0400
>>>>> On Tue, 10 Aug 1999 20:46:47 GMT,
[EMAIL PROTECTED] (John Savard) said:
John> This would *tend* to suggest that if the NSA doesn't have
John> "anything better than the publicly known methods of analysis",
John> some people aren't earning their paycheques.
In light of the release of SKIPJACK specifications and the success of
an attack on a 31-round variant, it has been suggested that the
cryptographic expertise "out here" might have caught up to that "in
there". If NSA knew about attacks using impossible differentials and
applied the technique to SKIPJACK reduced by one round, blessing it as
secure would be an incompetent blunder.
At the very least, it seems quite likely that there are now attacks
that are being discovered for the first time outside of NSA and that
it is not safe to assume that NSA's expertise is significantly greater
than that of any other cryptographic research laboratory.
No matter how many Smart People NSA hires, there will be more Smart
People outside of NSA.
--
Matt Curtin [EMAIL PROTECTED] http://www.interhack.net/people/cmcurtin/
------------------------------
From: Matt Curtin <[EMAIL PROTECTED]>
Subject: Re: NIST AES FInalists are....
Date: 11 Aug 1999 20:49:59 -0400
>>>>> On Wed, 11 Aug 1999 05:11:40 GMT,
[EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) said:
SCOTT19U> Yes just what we need a kid telling the NIST that 2 fish
SCOTT19U> is good. Just what the hell does this kid know about
SCOTT19U> encryption or anything else for that matter.
I find myself frequently asking the same question about you.
--
Matt Curtin [EMAIL PROTECTED] http://www.interhack.net/people/cmcurtin/
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: My web site is up!
Date: Thu, 12 Aug 1999 01:36:33 GMT
In article <7osod9$qo6$[EMAIL PROTECTED]>, Greg <[EMAIL PROTECTED]> wrote:
>
>> It sucks since the person who but up the site is obviously selling
>SNAKE
>> OIL.
>
>What do you mean, selling snake oil? I thought I made it clear that I
>was giving my snake oil away for free! And have you per chance taken a
>look at the source code that backs up my claims?
No from what I saw was some bullshit about it being judged to powerful
to be available so what source code.
>
>
>> The design sucks so bad you can't even see the company logo.
>
>Ciphermax is not a company. And I can see the company logo just fine.
>
>
>
>> They where not to bright and used spaces in there image titles.
>
>What do you mean by image, title, and spaces?
>
If your too stupid to understand this comment no wonder you think
your crap smells good.
>> But don't worry
>> if you really have such wonderful PR dirrectly from
>> the NSA I am sure some
>> one will be dumb enough to BUY. Just hope they
>> have the same defective
>> browser to view the page.
>
>That PR is put in there for the benefit of BXA and Commerce so they
>will do their home work first before they come bother me.
>
More crap you asked for valid feed back and I gave it.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
Reply-To: "karl malbrain" <[EMAIL PROTECTED]>
From: "karl malbrain" <[EMAIL PROTECTED]>
Subject: Re: frequency of prime numbers?
Date: Wed, 11 Aug 1999 17:22:33 -0700
Sundial Services <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Don Dodson wrote:
> [...]
> > Now compute P, the product of all prime numbers 2..N. P is
> > divisible by every prime number. Add one to the result.
> > P+1 is not divisible by any prime number, and therefore P+1
> > is prime. P+1 is clearly larger than N, so N must not be
> > the largest prime.
>
> The realization that "P+1 must be prime" brings up the interesting
> thought that, if you know a particular prime "P", and all of the primes
> that precede it, you can add any (and therefore, each) previously known
> prime to "P", then add one... would each of these therefore be prime?
> Would there be any others that you could miss?
>
> In my poor untutored mind, prime-ness is beginning to sound like a
> variation of the knapsack problem.
No, P+1 also must be composite. That's the other half of the contradiction.
Karl M
------------------------------
From: [EMAIL PROTECTED] (D. J. Bernstein)
Subject: Using floating-point arithmetic in cryptography
Date: 11 Aug 1999 23:53:05 GMT
Thomas Pornin <[EMAIL PROTECTED]> wrote:
> There are few applications that really use intensively
> the possibility to go beyond 32-bit arithmetic without using the math
> coprocessor. In that respect, cryptography is the exception.
The main reason that big-integer arithmetic is an exception here is that
most big-integer software is written for an unrealistic machine model.
The market for fast floating-point arithmetic is huge. Big companies
blow incredible wads of money on giant stacks of computers dedicated to
floating-point computations. CPU designers know this.
In contrast, the market for fast double-length integer arithmetic is, to
put it bluntly, nonexistent. CPU designers know this.
Consequently most CPUs have far better support for floating-point
arithmetic than for double-length integer arithmetic. Fortunately,
big-integer arithmetic can be built on top of floating-point arithmetic.
This is what new implementors should be learning.
(I don't mean to suggest that 100% of the world's computer power is
available through floating-point operations. New CPU manufacturers,
lacking the expertise needed to break into the floating-point market,
usually hold off for a while on serious floating-point support. Often
the fastest way to perform arithmetic is with a strange combination of
floating-point operations and other operations. But pure floating-point
arithmetic is a much better starting point than double-length integer
arithmetic.)
---Dan
------------------------------
From: Michael Slass <[EMAIL PROTECTED]>
Subject: Re: solitaire, cryptonomicon
Date: Wed, 11 Aug 1999 17:14:49 -0700
Bob:
I'm not the most knowledgeable about crypto math, so I'll stick to what
I know.
1) You don't really get a one-time pad with a deck of cards, because a
true OTP has no
relationship between each element of the key and all of the elements
that came before it, whereas
with a deck of cards, (use the next card to encrypt the next letter of
the plaintext)
each element can be used only once. I suspect a cryptanalyst could do
something with that information.
2) The number 54 may be represented by 6 bits, but the number of
possible arrangements
of a deck of 54 cards is 54!, or 2.31 x 10^71 (to two decimal places).
That takes about 237 bits to represent. That's a big enough key to
render brute-force attacks
based on guessing the original arrangement of the deck computationally
infeasible. (for now)
That's as far as I'm willing to answer with my limited expertise.
-Mike
[EMAIL PROTECTED] wrote:
>
> I just read Stephenson's Cryptonomicon and wondered a few things.
>
> Solitaire is a secure crypto algorithm computed by shuffling
> a deck of cards in a certain way. It is painfully slow, so
> most messages are under 50 characters long. How much more
> secure is it than using the deck of cards as a one-time pad?
> That would be faster and less error-prone.
>
> Also. I wrote some code a few years back to brute force
> RC4. It could break 3-bit RC4 in less than a second, 4-bit RC4 in
> 2 to 10 minutes, and I extrapolated 5-bit RC4 would take two weeks.
> Real RC4 (8 bit) wasn't breakable that way. Solitaire resembles
> RC4, and 54 cards is somewhere between 5 and 6 bits.
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Cipher-Feedback Mode
Date: Thu, 12 Aug 1999 01:12:37 GMT
[EMAIL PROTECTED] wrote, in part:
>In article <[EMAIL PROTECTED]>,
> [EMAIL PROTECTED] (John Savard) wrote:
>> CFB works this way:
>>
>> To encipher a block of plaintext,
>>
>> take the previous block of ciphertext, encipher it in your block
>cipher, and XOR
>> the result with that current block of plaintext.
>
>That's CBC isn't it.
NO!
CBC works this way:
To encipher a block of plaintext,
take the previous block of ciphertext, XOR the result with the current block of
plaintext, and encipher the result in your block cipher.
CFB:
--------- ---------
| Plain | | Plain |
--------- ---------
|
|
- DES -> XOR
| |
| |
|- |
--------- ---------
| Cipher | | Cipher |
--------- ---------
CBC:
--------- ---------
| Plain | | Plain |
--------- ---------
|
-------> XOR
| |
| DES
| |
|- |
--------- ---------
| Cipher | | Cipher |
--------- ---------
John Savard ( teneerf<- )
http://www.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: Greg <[EMAIL PROTECTED]>
Subject: Re: My web site is up!
Date: Thu, 12 Aug 1999 01:21:56 GMT
> Well, I *hope* this doesn't mean you are saying that Windows 95 and
NT are good
> operating systems as the result of a lawsuit from Microsoft on which
you cannot
> comment publicly.
Actually, who wants to tick off Microsoft for any reason? Stroke them
and they usually leave you alone.
--
The US is not a democracy - US Constitution Article IV Section 4.
Democracy is the male majority legalizing rape.
UN Security Council is a Democracy. NO APPEALS! Welcome to the NWO.
Criminals=Crime. Armies=Tyranny. The 2nd amendment is about tyranny.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: Greg <[EMAIL PROTECTED]>
Subject: Re: My web site is up!
Date: Thu, 12 Aug 1999 01:24:21 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> > If you seriously want to know what I think, e-mail me your e-mail
> > address and I will tell you the real story behind that statement.
>
> Well, if you are running an NT system, you obviously don't care about
> security...and that is not a joke either.
I concur. That is why I feel you cannot allow a PC to be tied to a
network if you have sensitive data on it. In fact, I could go on, but
I really can't.
Do you know of a good OS for the average PC that is well built for
security overall?
--
The US is not a democracy - US Constitution Article IV Section 4.
Democracy is the male majority legalizing rape.
UN Security Council is a Democracy. NO APPEALS! Welcome to the NWO.
Criminals=Crime. Armies=Tyranny. The 2nd amendment is about tyranny.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: Greg <[EMAIL PROTECTED]>
Subject: Re: My web site is up!
Date: Thu, 12 Aug 1999 01:59:28 GMT
> No from what I saw was some bullshit
> about it being judged to powerful
> to be available so what source code.
> If your too stupid to understand this
> comment no wonder you think
> your crap smells good.
> >> But don't worry
> >> if you really have such wonderful PR dirrectly from
> >> the NSA I am sure some
> >> one will be dumb enough to BUY. Just hope they
> >> have the same defective
> >> browser to view the page.
> More crap you asked for valid feed back and I gave it.
O' little man, flame, flame away. But realize you cannot, with any
words, any amount of self righteous anger, or any grievous slander- you
simply cannot take away the thrill I have today, because I did
something I never thought I could do!
--
The US is not a democracy - US Constitution Article IV Section 4.
Democracy is the male majority legalizing rape.
UN Security Council is a Democracy. NO APPEALS! Welcome to the NWO.
Criminals=Crime. Armies=Tyranny. The 2nd amendment is about tyranny.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: "rosi" <[EMAIL PROTECTED]>
Subject: Do I have a problem with semantics?
Date: Wed, 11 Aug 1999 21:50:06 -0400
Concrete and specific: "Secret Key Agreement by Public
Discussion", which I will refer to as Paper here. (C.f. a post
from David Molnar on July 17, 1999)
Once I went seeking help from PK after hitting a dead-end with
something --- it alone won't do. I did not look around hard enough
and was not aware that such a cute thing was around and is called
'provably secure'. The first reading alerted me. I thought to myself:
I did go through similar thought process and did reach a conclusion.
Part of the conclusion was that it was likely a cul-de-sac. Yet
somebody has actually been proposing this. I must be wrong then.
I invite people to read Paper and to please share with us your
thoughts.
Since I thought about similar things, I here commit a bit.
1. To me some assumptions are left out from Paper and I likely do
not understand the term 'provably secure'. I also seem to get the
impression that the system Paper illustrates is referred to as
'unconditionally secure'. (Can some help tell exactly which is
being characterized with?)
2. (a more specific extension of 1) 'unconditionally secure' seem
to refer to no-better-chance-than-half even with unlimited computing
power. As the state of the art stands, this seems to be a very weak
security.
3. One-way function at play. It does exist!
4. Semantics density creates favorable conditions. (But this may
not be an issue alone)
I sincerely hope that some people may be interested and would
like to share a few thoughts. I can have missed important points in
Paper and can be wrong (with the conclusion reached a while ago).
Lastly, a few quite unrelated things. I would like to thank David for
his wonderful post and the precious information he provids us. I find
reading his posts an invariant enjoyment. I would also like to thank
other people, such as Nicol So, for their straightforward sincerity, kind
time, unsparing knowledge, and above all their courage in their candid
discussions. And I said "Hold it right there!". If you are interested, you
may take a good look. It is held firmly there for all to see. Last of last,
it
is BTW far, far, far from reaching "a DIALECTICAL contradiction" (and
my advice is: NOT to waste any more time there).
Thanks again.
--- (My Signature)
------------------------------
From: Greg <[EMAIL PROTECTED]>
Subject: Re: My web site is up!
Date: Thu, 12 Aug 1999 01:36:01 GMT
>... but don't mind that particular critic, as if what you
> were offering was...flawed...that would only mean he had competition.
>
If he has a product of his own, does he offer the binaries or the
source code for free?
--
The US is not a democracy - US Constitution Article IV Section 4.
Democracy is the male majority legalizing rape.
UN Security Council is a Democracy. NO APPEALS! Welcome to the NWO.
Criminals=Crime. Armies=Tyranny. The 2nd amendment is about tyranny.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: Greg <[EMAIL PROTECTED]>
Subject: Re: My web site is up!
Date: Thu, 12 Aug 1999 01:42:59 GMT
Do you have a product of your own?
If so, do you share the source code for free?
--
The US is not a democracy - US Constitution Article IV Section 4.
Democracy is the male majority legalizing rape.
UN Security Council is a Democracy. NO APPEALS! Welcome to the NWO.
Criminals=Crime. Armies=Tyranny. The 2nd amendment is about tyranny.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: NIST AES FInalists are....
Date: Thu, 12 Aug 1999 02:49:03 GMT
"SCOTT19U.ZIP_GUY" wrote:
> Rest assured that if there was an entry that the NSA felt to strong
> for it to attack it would never be allowed to see the light of day
> in the AES game.
What mechanism could possible accomplish that? The AES candidates
are very public.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
