Cryptography-Digest Digest #89, Volume #10 Sat, 21 Aug 99 14:13:03 EDT
Contents:
Re: What is "the best" file cryptography program out there? (SCOTT19U.ZIP_GUY)
Re: simple message encryptor for ICQ like programs (Tom St Denis)
Re: Infallible authentication scheme (Shawn Willden)
Re: simple message encryptor for ICQ like programs (SCOTT19U.ZIP_GUY)
Re: Ciphile Software (Jerry Coffin)
Re: Traffic analysis information? (JTong1995)
Re: I HOPE AM WRONG ("Douglas A. Gwyn")
all or nothing (wrapped pcbc) (Tom St Denis)
Re: Twofish on a 68HC11 (Bruce Schneier)
Re: I need strongest weak elliptic curve... (Medical Electronics Lab)
Re: Crypto 1981-1997 CD-ROM fix (Medical Electronics Lab)
Re: Cryptomathic Denamrk (Bruce Schneier)
Re: I HOPE AM WRONG (SCOTT19U.ZIP_GUY)
Re: Where to find (David Hamilton)
Re: truly anonymous membership proof (Michael =?iso-8859-1?Q?=D8stergaard?= Pedersen)
Re: I HOPE AM WRONG (SCOTT19U.ZIP_GUY)
----------------------------------------------------------------------------
From: SCOTT19U.ZIP_GUY <[EMAIL PROTECTED]>
Subject: Re: What is "the best" file cryptography program out there?
Date: Sat, 21 Aug 1999 14:35:57 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED]=NOSPAM (Gurripato) wrote:
> On Thu, 05 Aug 1999 19:56:29 GMT, [EMAIL PROTECTED]
> (SCOTT19U.ZIP_GUY) wrote:
>
> >In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (KidMo84) wrote:
> >>You know, i always wonder what the NSA has broken but has not
released to the
> >>public yet:).
> >>
> >>Signed,
> >>KidMo
> >
> > I think is is a safe bet that most of the high praised programs are
broken by
> >the NSA and that would include the NSA candidates. If one is truely
concerned
> >you should use several methods in series. But if you do this be sure
to use
> >methods that have no headers or change the file lenght. You can use
my code
> >as one of the methods since it will not change the file length and if
any one
> >bit of the file changes the whole file changes.
> >
> I disagree. There�s no proof that the NSA can break (=use a
> method more efficient than brute-force) DES. In fact, seems like DES
> was built to withstand cryptanalytical techniques unknown then to the
> civilian world.
>
It is quite possible that at the times DES was made public
that the only break they had for it was a dumb brute force search
several sceintist of the time seem to think that. However if ones
goal is to make sure that messages are encrypted the safest way
possible. It is sort of like find the largest number you can always
find one larger. But if I was a concerned reafer of the use group
I would use some common sense.
I would first compress if possible. Why waste space. I would use
any method (of cousre mine is the best since it has "one" to "one"
property)since the novice is concerned with space and would not
be as inclined to study compression methods in detail. Any way once
you have your compressed file. Then use "SEVERAL" different encryption
methods that do not change the lenght of file. If they change the
lenght of file they can be adding information that helps break the
encryption. Even my code offers the mode where a random pad is added
to the file. I would never use a mode like this in a program that I
did not have the source code to. And neither should a novicee.
Be sure to use several methods that are based on different design
features so that one is not accidently the reverse of the other. I
would also use scott16u and scott19u but not after each other. These
two methods along with almost any three others that no not change
the length would be very safe. Also be usre to use independent keys
for each method You could for example use as first layer (pkzip or
even PGP assuming it compress your message) then for second
layer ( DES in CFB mode) then ( SCOTT16U in nonpadding mode)
then ( Blow fish in CFB mode "yes I don't trust it but so what")
then (SCOTT19U in nonpadding mode) and then (IDEA in CFB mode).
Or pick your choice. This would be hard to crack.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: simple message encryptor for ICQ like programs
Date: Sat, 21 Aug 1999 14:32:36 GMT
PeekBoo has a website if you want to learn more about before getting it
(it's only 11kb anyways).
http://people.goplay.com/tomstdenis/pb.html
I am open to answering questions on it's 'security' value and to
divulge the source code (via private email). It was written in lcc-
win32 so you will need a copy to compile.
icq: 46838187
mailto:[EMAIL PROTECTED]
Tom
--
PGP 6.5.1 Key
http://mypage.goplay.com/tomstdenis/key.pgp
PGP 2.6.2 Key
http://mypage.goplay.com/tomstdenis/key_rsa.pgp
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
Date: Fri, 20 Aug 1999 11:53:17 -0600
From: Shawn Willden <[EMAIL PROTECTED]>
Subject: Re: Infallible authentication scheme
Eric Lee Green wrote:
> Michelle Davis wrote:
> > >All challenge/hashed-response password protocols are woefully obsolete.
> > >
> > >Newer protocols are not vulnerable to network dictionary attack,
> > >including a few simple versions of password-authenticated
> > >Diffie-Hellman exchange, including SPEKE, EKE, and SRP.
> >
> > There is no challenge-response channel in this scheme. It's strictly
> > one-way, user to server. This is dictated by the nature of the
> > application.
>
> I don't get it. How do you intend to deal with replay attacks, then?
> What is to stop me from recording your bitstream, and then later
> pretending to the recipient that I'm that widget again?
The increment value I would accomplish this if both sides remembered the last
value used. The server would just refuse to accept any value for I <= the
last value received.
Shawn.
------------------------------
From: SCOTT19U.ZIP_GUY <[EMAIL PROTECTED]>
Subject: Re: simple message encryptor for ICQ like programs
Date: Sat, 21 Aug 1999 15:15:10 GMT
In article <7pkbuv$pb0$[EMAIL PROTECTED]>,
Michael J. Fromberger <[EMAIL PROTECTED]> wrote:
> In <7pk8ao$7i0$[EMAIL PROTECTED]> Tom St Denis <[EMAIL PROTECTED]>
writes:
>
> >If anyone is interested I wrote a simple RC4 message encryptor where
> >it will encrypt messages to the clipboard and decrypt messages from
> >the clipboard...
>
> >If anyone wants a copy (whopping 7kb) ask me at
>
> >[EMAIL PROTECTED]
>
> >or
>
> >icq: 46838187
>
> >It's not tied to ICQ but usefull with it...
>
> >Thanks for the time
> >Tom
>
> >p.s if you want to know the details it's basically RC4 with the
> >password used as a key with a 32-bit salt (seeded from the
> >milliseconds since you turned on your computer). I dumnp the first
> >1024 bytes to avoid week keys.... simple as that! (it's not secure
> >if someone can break into your computer though, no stack cleanup....)
>
> Hi, Tom...
>
> Why don't you have a look at Arnold Reinhold's "CipherSaber" page, at:
>
> http://ciphersaber.gurus.com/
>
> CipherSaber-1 is similar in design to yours, and if you converted your
> program to use it, you'd be interoperable with anyone else who already
> has a CS-1 implementation (such as myself, for example! :)
>
> Cheers,
> -M
>
Hello
I hope my timing is good. Know that the Mustang is
closed I have married into a large Mexican Family and
they have computers that tie into the internet. I am
trying to learn Spanish but it is hard. That being said
I think I am free to download from wherever free people
of the world down load. And I think I am free of US exprot
restrictions since I am not in the US. It may be some time
before I have my tools all in place and I have a life.
But I plan to upgrade my encryption programs so windows
users can have a better interface. I am also available for
employmeent in the Juarez area in case you are wondering.
That being said I would not mind getting envolved in
writting code for your project since like RSA that moved
to New Zealand (or whatever) I would only be writting
new encryption stuff in Mexcio the land of the free and
home of the Brave. But does the encryption/decrption
part actually run on the PC or the server?
P.S.
I figure Spanish is a good language to learn ssince
the spelling rules make more sinec than English where
the Brits and American don't spell the same anyway.
Also in the US Spanish may become the predominate
language in the future. There is a small texas town
where they made it the offical language since so few
Americans speak engish over here. It is just a matter
of time. A friend called a GREY HOUND bus 800 number a while
back and could not find an operator that spoke English.
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED] (Jerry Coffin)
Crossposted-To: talk.politics.crypto
Subject: Re: Ciphile Software
Date: Sat, 21 Aug 1999 09:36:06 -0600
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] says...
> Okay, so no one in sci.crypt has any idea about or interest in talking
> about Ciphile Software's Original Absolute Privacy Level 3 software.
> Why is that? Is the software not considered good? Do people have
> something against Anthony on a personal level? What gives?
I suspect you'll find a comparison of Ciphile's web site with the
Snake Oil FAQ quite interesting. IIRC, the Snake Oil FAQ itself will
tell you that the degree of similarity doesn't guarantee that
Ciphile's product is garbage, but it certainly gives a strong
indication. Just for the most obvious example, almost anything that
tries to compare itself to a one-time pad is nearly guaranteed to have
problems. This usually means little more than that they're using a
stream cipher, but the fact that they don't just say that is
indicative of problems by itself.
Just FWIW, stream ciphers can be perfectly fine forms of encryption --
the problem isn't with using a stream cipher itself. In their case,
they make rather a large point about the number of generators they
provide, and the periods of the generators. Unfortunately, they don't
tell you much about things like how the generators are selected, or
what sorts of generators they are -- if they use (for example) linear
congruential generators, even of extremely long period, they've got a
massive problem to deal with.
They don't tell us what (if anything) they do about key management,
how they hash pass-phrases to derive keys, etc., etc. Even if we were
to blindly assume that they encryption they're using is itself highly
secure, they might well have all sorts of other problems. If you look
around at breaks on encryption programs (as opposed to encryption
algorithms) you quickly find that lots are based on absolutely STUPID
things in the programs, and it wouldn't matter what algorithms they
used -- in many cases, they do things like storing an encrypted key,
then decrypting it at run-time and comparing it to the key you typed
in. It's trivial to run things like this under a debugger and get the
key to decrypt something almost without doing any real work at all.
In short, Ciphile's product MIGHT be a perfectly good one. OTOH, they
tell us little enough about the internals of how the program really
works that it's virtually impossible to carry out a technical
discussion of the algorithm(s?) involved at all. Furthermore, when a
product smells this strongly of Snake Oil, there's little chance that
the discussion would be worthwhile or meaningful if it were possible.
There are LOTS of interesting ciphers in the world, and full technical
disclosure is available on most, making meaningful and interesting
discussions much easier.
------------------------------
From: [EMAIL PROTECTED] (JTong1995)
Subject: Re: Traffic analysis information?
Date: 21 Aug 1999 15:11:39 GMT
Aegean Park Press has a book out that is a reprint of the US Army Technical
Manual on traffic analysis. They also discuss the topic in the Zendian
Problem, which is available as a stand alone book and also as a section
contained with Friedman and Callambros' Military Cryptanalylitics set. Both
should be available from APP (they have a web site) or from Classical Crypto
Books (also has a web site).
Jeffrey Tong [EMAIL PROTECTED]<Jeffrey Tong>
PGP 5 Key available for download at WWW.PGP.COM Key ID: BFF6BFC1
Fingerprint: 6B29 1A18 A89A CB54 90B9 BEA3 E3F0 7FFE BFF6 BFC1
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: I HOPE AM WRONG
Date: Fri, 20 Aug 1999 14:52:26 GMT
Greg wrote:
> I suppose you are correct. I suppose the fact that he used words
> like sucks, crap, and bullshit, ...
So do other posters, they're just not usually as blatant.
> I wonder where I can go to a "professional" forum where people like
> David are not welcomed and are denied access. Do you know of any?
sci.crypt.moderated is a moderated newsgroup for discussions
relevant to cryptologic research. It doesn't get much traffic,
other than announcements for meetings, etc.
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: all or nothing (wrapped pcbc)
Date: Sat, 21 Aug 1999 15:54:32 GMT
It never really got answered, but what is the benefit of wpcbc over
cbc? From what I can tell it's no more secure, it's slower and more
complicated, it doesn't work on streams either...
DS keeps saying 'you change one bit of ciphertext and the message is
corrupt' but is that really better? Either you know the key or you
don't....
Tom
--
PGP 6.5.1 Key
http://mypage.goplay.com/tomstdenis/key.pgp
PGP 2.6.2 Key
http://mypage.goplay.com/tomstdenis/key_rsa.pgp
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED] (Bruce Schneier)
Subject: Re: Twofish on a 68HC11
Date: Sat, 21 Aug 1999 15:54:20 GMT
On Fri, 20 Aug 1999 20:31:11 +0200, David SAMYDE <[EMAIL PROTECTED]>
wrote:
>I'd like to know if anybody has got
>Twofish on a 68HC11.
I don't know of anyone. You can find all the Twofish code that I know
about--both high-level languages and various ASMs--on my website. If
you decide to write your own and want to see it get wider
distribution, I would be pleased to post it.
Bruce
**********************************************************************
Bruce Schneier, President, Counterpane Systems Phone: 612-823-1098
101 E Minnehaha Parkway, Minneapolis, MN 55419 Fax: 612-823-1590
Free crypto newsletter. See: http://www.counterpane.com
------------------------------
From: Medical Electronics Lab <[EMAIL PROTECTED]>
Subject: Re: I need strongest weak elliptic curve...
Date: Fri, 20 Aug 1999 12:20:31 -0500
Doug Stell wrote:
>
> On Thu, 19 Aug 1999 19:27:52 GMT, Greg <[EMAIL PROTECTED]> wrote:
> >Actually, I posted this while I was waiting for NSA's response to the
> >same question. They say that 163 bit and less is exportable without a
> >license but requires a one time review none the less.
>
> I'm glad that they have established a policy for ECC, but am surprised
> at the key length.
Me too. That's equivelent to 80 bit symmetric keys. Unless they
know something about cracking ECC that moves that down to the 40 bit
realm, it is kind of supprising.
Patience, persistence, truth,
Dr. mike
------------------------------
From: Medical Electronics Lab <[EMAIL PROTECTED]>
Subject: Re: Crypto 1981-1997 CD-ROM fix
Date: Fri, 20 Aug 1999 12:45:35 -0500
lcs Mixmaster Remailer wrote:
>
> Springer-Verlag has now released the CD-ROM with the entire proceedings
> of the Crypto and Eurocrypt conferences from 1981-1997. These were for
> sale at Crypto 99 this week.
How much? Can I order from Springer New York? What's the ISBN?
> The files are in PDF format, one for each paper. There are a set of
> HTML files which serve as indexes into the proceedings.
>
> Unfortunately the HTML files use upper case for their links, while all
> of the directories and file names are lower case. This does not matter
> on PCs and Macs, which are not case sensitive, but affects my Linux
> system. Is there a way to mount the CD-ROM in Linux which will make it
> treat all files as all upper-case so that the links will work?
Not that I know of, but I don't know Linux well enough yet :-)
>
> Pending availability of such a fix, a workaround is to copy all the HTML
> files to a disk directory and to modify them to point at the CDROM files.
> The files take up about 900K bytes, mostly the keyword index.
>
> You can do this:[snip]
Thanks! If I can order the CD, this will be useful.
Patience, persistence, truth,
Dr. mike
------------------------------
From: [EMAIL PROTECTED] (Bruce Schneier)
Subject: Re: Cryptomathic Denamrk
Date: Sat, 21 Aug 1999 15:55:46 GMT
On Fri, 20 Aug 1999 13:54:31 GMT, "Bartek Z."
<[EMAIL PROTECTED]> wrote:
>Have You ever heard of Cryptomathic (Denmark) company? I mean if their
>product are widely known and good or what?
This company is run by Peter Landrock. It has an excellent
reputation, although I knw nothing of its products. I know they do
quality consulting.
Bruce
**********************************************************************
Bruce Schneier, President, Counterpane Systems Phone: 612-823-1098
101 E Minnehaha Parkway, Minneapolis, MN 55419 Fax: 612-823-1590
Free crypto newsletter. See: http://www.counterpane.com
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: I HOPE AM WRONG
Date: Fri, 20 Aug 1999 19:20:13 GMT
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] wrote:
>[EMAIL PROTECTED] wrote:
>>
>> In article <7pf244$enr$[EMAIL PROTECTED]>,
>> Greg <[EMAIL PROTECTED]> wrote:
>> (***********)
>> "Your delusional, paranoid-schizophrenic, anti-government rants have
>> no place on sci.crypt; try alt.survival, or alt.politics.<anything>."
>>
>> Don't take cheap shots at his/her English.
>>
>> - Jesse
>-------------------
> There is an old fable:
>
> Two barrels were rolling side by side along the road.
> One barrel was full of wine.
> The other barrel was empty.
> The full barrel rolled quietly and softly.
> The empty barrel jumped on each bump with a loud foul noise.
>
> Question: which barrel *feels* more important?
> 2-nd question: which barrel *is* more important?
>
> So when "crypto gods" keep silence, whence DSCOTT19.ZIP.GUY
> deafens everybody's ears, their respective content is easy to
> guess - the more noise, the less substance. C'est la vie!!
>
>P.S. My native language is not English, but I hope that nobody
>will accuse me of misspellings. I respect the language of the
>country where I live, and in my humble opinion, this is the
>right thing to do. And if some empty barrel will tell you that
>"English sucks", ask him what other languages does he know, in
>order to compare English with something different. BTW, Pope
>John-Paul II speaks 16 languages, and in doing so sets forth
>an excellent example for all people to follow, believers as well
>as atheists.
>
>Best wishes BNK
Speaking is one thing but writting is Another. Also I heard the Pope
when he came to St Louis. Yes I was there. His English is not so
hot. Traffic was a real mess down town. I wondered how many more
people died in traffic accidents those few days he was there to bring
joy to people lives. Personally I think he could have done more for
the people by stayiing at home.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
From: [EMAIL PROTECTED] (David Hamilton)
Subject: Re: Where to find
Date: Sat, 21 Aug 1999 17:36:00 GMT
=====BEGIN PGP SIGNED MESSAGE=====
"karl malbrain" <[EMAIL PROTECTED]> wrote:
>Who said that David was a professional?
I didn't. In my post Message-ID: <[EMAIL PROTECTED]> I
referred to David A. Scott's UNprofessionalism. You were the first to refer
to 'professional' in your post Message-ID:
<ehiv3.82$[EMAIL PROTECTED]> when you said 'Stating one's
intentions is a matter of professional courtesy'. You cut this sentence of
yours in your post Message-ID: <Ddnv3.395$[EMAIL PROTECTED]>
when giving my direct response which was 'Admitting one's failures is a
matter of professional honesty'. Thus you may have given a wrong impression
to people.
>He doesn't act like one, nor does
>he describe himself as one.
I don't know whether David A. Scott describes himself as a professional
cryptographer or not. In fact, I don't know or how he describes himself.
>He either doesn't want to, or is unable to,
>meet the standards of professional practice here.
>That's his own SUBJECTIVE
>determination / OBJECTIVE motivation -- leaving your (unanswered) question
>dishonest by your own criteria.
I'm not sure I understand what you've written above. Which question of mine
is dishonest and why? What are my 'own criteria'?
I see that you have also avoided giving the 'branch of advanced learning or
science' in which you view me as lacking professionalism. Why is this?
David Hamilton. Only I give the right to read what I write and PGP allows me
to make that choice. Use PGP now.
I have revoked 2048 bit RSA key ID 0x40F703B9. Please do not use. Do use:-
2048bit rsa ID=0xFA412179 Fp=08DE A9CB D8D8 B282 FA14 58F6 69CE D32D
4096bit dh ID=0xA07AEA5E Fp=28BA 9E4C CA47 09C3 7B8A CE14 36F3 3560 A07A EA5E
Both keys dated 1998/04/08 with sole UserID=<[EMAIL PROTECTED]>
=====BEGIN PGP SIGNATURE=====
Version: PGPfreeware 5.5.3i for non-commercial use <http://www.pgpi.com>
Comment: Signed with 2048 bit RSA key
iQEVAwUBN77iZso1RmX6QSF5AQFciggApiU4NXrj/fYJgcngj1ms7dtmNbEcQYI+
C8hH6RVjXYWe7ycJwFmq/sw6OYrP6EJ0QhrbGd2m4g/4/PswMB3+5NL+ChnfJFVJ
SQ3xGG4fx9Vca/z7hfSRpx7YvoV21Wreq0wckCm3qf55xKS8+Fu19Lxjz55Slyei
/m03kT8NqLiMzj85lJlJitqvW6NaIrJEHeHK8lQnI3PAl414AF01YFV9OxeD82kH
EvZJ10QwaKnSnid/cGl2fQriJgVjMmRP8GOcYDMNvz2dKGCbDeH7m7J1zVct5H/s
pK+bNv9K9UJ86bAEYOhvSBsPeEH+3YOF0rRmcjU+7pikXKokR2gWEA==
=A/er
=====END PGP SIGNATURE=====
------------------------------
From: Michael =?iso-8859-1?Q?=D8stergaard?= Pedersen <[EMAIL PROTECTED]>
Subject: Re: truly anonymous membership proof
Date: Sat, 21 Aug 1999 10:24:15 +0200
You could try posting your solution here :)
Ben Handley wrote:
>
> Is there a known method for proving membership to a group, without even the issuing
>body being able to tell who you are by your response? It should also make it not
>possible for people to pass on the information necessary to prove membership to
>others (presumably by requiring that the person use their private key as part of the
>verification process).
>
> I think that I have a solution to this problem, but not having much knowledge of
>cryptography it could be insecure. How should i go about getting this examined
>(assuming that solutions are not already known)?
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: I HOPE AM WRONG
Date: Fri, 20 Aug 1999 19:38:17 GMT
In article <[EMAIL PROTECTED]>, vincent <[EMAIL PROTECTED]> wrote:
>> >I don't believe that "boo koo" is correct. I'm going to hazard a guess
>> >that you both intend to use the French word "beaucoup", meaning "many"
>> >or "a lot".
>> Yeah I guess that was what I meant. I hate reading but like talking
>> so I spell most things as they sound. if "beucoup" sounds like
>> "boo koo" then that is what I meant.
>>
>
>Eh les gars, j'ai une superbe idee, et si maintenant on se mettait a
>parler francais uniquement, ca changerait, en plus c'est pas une idee si
>eloignee de la cryptographie, en effet, qui peut bien comprendre cette
>vieille langue decrepie qu'est le francais?
>
>Alors qu'est-ce que vous en pensez ?
As a favor to those whose French is a little rusty I put this through
the Alta Vista Translator so any one with an English background would
be as able to follow this as if I wrote it in English myself.
in English:
Do Eh the guy, I have superb a idee, and so now it was put has to speak
French
only, Ca would change, in more it is not a idee if eloignee of the
cryptography,
indeed, which can understand well this old language decrepie which is
French?
Whereas think you?
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
