Cryptography-Digest Digest #140, Volume #10 Mon, 30 Aug 99 14:13:04 EDT
Contents:
Re: One to One Compression updated (Tom St Denis)
Re: 512 bit number factored ([EMAIL PROTECTED])
Re: 512 bit number factored (Anton Stiglic)
Re: What if RSA / factoring really breaks? ("David J Whalen-Robinson")
Re: What if RSA / factoring really breaks? (SCOTT19U.ZIP_GUY)
Re: Chosen messages attack on ISO 9796-1 signatures (DJohn37050)
Re: Can I export software that uses encryption as copy protection? ("Trevor Jackson,
III")
Re: RC4 question ("Trevor Jackson, III")
Re: Can I export software that uses encryption as copy protection? ("Trevor Jackson,
III")
Re: One to One Compression updated (SCOTT19U.ZIP_GUY)
Re: What if RSA / factoring really breaks? (Boudewijn W. Ch. Visser)
Re: I HOPE AM WRONG ("Douglas A. Gwyn")
Re: WT Shaw temporarily sidelined ([EMAIL PROTECTED])
Re: I HOPE AM WRONG ("Douglas A. Gwyn")
Re: 512 bit number factored ("Douglas A. Gwyn")
Re: Q: Cross-covariance of independent RN sequences in practice ("Douglas A. Gwyn")
Re: compress then encrypt? ("Douglas A. Gwyn")
Re: I HOPE AM WRONG ("Douglas A. Gwyn")
Re: What if RSA / factoring really breaks? (Bob Silverman)
Re: public key encryption - unlicensed algorithm ([EMAIL PROTECTED])
Re: Vigenere Variant Problem ("Douglas A. Gwyn")
----------------------------------------------------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: One to One Compression updated
Date: Mon, 30 Aug 1999 14:07:59 GMT
In article <7q7nst$1r0m$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) wrote:
> I updated my "one to one" adaptive huffman compression
> routines. These are routines that treat any file as a compressed
> file or as an uncompressed file there are no headers. Would
> be of great use as a first pass before encryption see my
> compression page at
>
> http:/members.xoom.com/ecil/compress.htm
>
Why?
Tom
--
PGP 6.5.1 Key
http://mypage.goplay.com/tomstdenis/key.pgp
PGP 2.6.2 Key
http://mypage.goplay.com/tomstdenis/key_rsa.pgp
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: 512 bit number factored
Date: 29 Aug 1999 12:07:42 -0400
In article <wgu20.935834050@riemann>, [EMAIL PROTECTED] (W.G. Unruh
) writes:
>Paul Koning <[EMAIL PROTECTED]> writes:
>
>>"Boudewijn W. Ch. Visser" wrote:
>>>
>>> See http://www.cwi.nl/cwi/Latest_News.html :
>>> which models 95% of the keys used to secure electronic commerce on the
>>> Internet.
>
>>But I'm curious about the assertion that 95% of the keys used
>>are 512 bit keys. Admittedly the sample is small, but my PGP keyring
>
>PGP is NOT the primary method to "secure electronic commerce". Those are
>proprietary schemes used by banks, etc.
AFAIK, the 95% figure first appears in Shamir's TWINKLE paper,
which we've referred to as having been sent to one of us on April 19,
shortly before Eurocrypt'99.
B. Dodson
------------------------------
From: Anton Stiglic <[EMAIL PROTECTED]>
Subject: Re: 512 bit number factored
Date: Mon, 30 Aug 1999 11:18:23 -0400
Bob Silverman wrote:
> In article <[EMAIL PROTECTED]>,
> [EMAIL PROTECTED] (DJohn37050) wrote:
>
> > 4. Algorithmic breakthroughs are possible. RSA 512 was thought totally
> > unbreakable just a few years ago.
>
> > Don Johnson
> >
> More deceit and lies.
>
[here he goes again!]
>
> If, by "a few years ago", you mean 15 years, I will agree.
>
of cours. The inventors of RSA gave out a challenge, they beleived that
factoring
would have taken _much_ longer time (be it impossible). (was that in a
Scientific
American journal of something...?).
Why use the words "deceit and lies" for this statement, when we all know it
is
true!
> The parallel quadratic sieve changed that.
>
> We have known sine the mid-80's the level of effort needed for 512
> bit keys when attacked by QS. However, computers were not
> fast enough nor abundant enough at that time to consider doing it.
>
> We have known since about 1990 the level of effort needed for
> 512 bit keys when attacked by NFS. We could have done
> RSA-155 back in 1991 with sufficient effort (albeit much greater
> effort than was used recently; we needed to learn how to
> fine tune NFS to get good performance and climbing that learning curve
> took time)
>
What do you mean by *we*. Are you talking about RSA labs?
First of all, Pomerance (1982) came up with QS, Pollard came up with NFS
(1993).
Independent research groups came up with efficient implementations
and factored the RSA challenges.
If you mean "the cryptology community" by "we", then I will agree.
Anton
------------------------------
From: "David J Whalen-Robinson" <[EMAIL PROTECTED]>
Crossposted-To: sci.math
Subject: Re: What if RSA / factoring really breaks?
Date: Mon, 30 Aug 1999 11:48:40 -0400
> I agree that full disclosure will bring the fastest fix possible to the
> problem. This is especially true if someone writes an actual
implementation
> and distributes it as a win32 application. :)
Haha.
It's true though, people would scramble to fix it all!
> We could compare this theoretical situation to the security situation
> in unix systems. Despite manufacturers being notified WELL in advance
> of security related issues on their operating systems, they typically
> do not take action UNTIL there is an exploit released showing the public
> how insecure their system is. http://www.rootshell.org has examples.
True
> Keith
> : John Savard
The problem is that it is too risky to just release the info.
It would be like a security-Y2k, except completely spontaneous
and unannounced! We're talking about a factoring break that
would allow one PC to crack a 2048 bit key in hours. Even high
security .mil systems (USING RSA) could be broken into and keys
inside networks could be broken in the next few hours.
Nobody is ready for that, but there are other algorithms to move to.
(DES would still be secure, and there are public key alternatives not
reliant on
factoring.)
With factoring you can truely demonstrate the solution without giving
away the method. Anybody who factors a 4048 bit number issued by
a trusted organization like RSA, MUST have a fast solution to the problem,
because all current solutions and even improvements on them would take way
too long.
I think you would eventualy have to disclose the information, after a
certain posted date.
And I think you are both right that some organization, even banks, gov, and
mil departments,
would put off upgrades until it was too late, just like Y2K.
Thanks for both your contributions to this thread...
Very interesting.
David
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Crossposted-To: sci.math
Subject: Re: What if RSA / factoring really breaks?
Date: Mon, 30 Aug 1999 14:40:38 GMT
In article <7qdu65$81u$[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Keith A
Monahan) wrote:
>Nicolas,
>
>Nicolas Bray ([EMAIL PROTECTED]) wrote:
>
>: On 30 Aug 1999 [EMAIL PROTECTED] wrote:
>
>: > : (obviously you can't just release it, every cracker would have an
>: > : info-looting-spree before anybody could react. )
>: >
>: > Actually, I think it is felt that the spree would be briefest if exactly
>: > that course of action were taken.
>
>: How so? It seems to me that there are a lot of institutions which would
>: require time to switch over to a new crypto system. It seems to me that
>: the best way would be demonstration that a method exists followed by total
>: secrecy(of course, a lot of people would probably start trying to kill
>: you...)
>
>Because these institutions are not going to act until they are put into
>a situation where they must act in order to remain secure. Total secrecy
>never works, I think some guy named Kerckhoff mentioned this someplace.
>The secrets WILL get out, and what will happen is the hackers will develop
>a tool to exploit the situation, and meanwhile the corporations are
>not using their time wisely - because they assume full disclosure has not
>happened.
>
I think this is why the Y2K problem is not really going to get acted on
until after the problem occurs. Managers like to wait for failures. And many
manager that thought they were smart only pushed the problem back to
abscure dates so that it will raise its ugly head over and over next century.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
From: [EMAIL PROTECTED] (DJohn37050)
Subject: Re: Chosen messages attack on ISO 9796-1 signatures
Date: 30 Aug 1999 13:49:43 GMT
I attend ISO SC27 which owns ISO 9796. I would be interested in seeing the
paper and understand the sensitivity.
Don Johnson [EMAIL PROTECTED]
Don Johnson
------------------------------
Date: Mon, 30 Aug 1999 12:34:17 -0400
From: "Trevor Jackson, III" <[EMAIL PROTECTED]>
Crossposted-To: misc.legal.computing
Subject: Re: Can I export software that uses encryption as copy protection?
John E. Kuslich wrote:
> Timur Tabi wrote:
>
> > I'm planning on developing software that decrypts the registration
> > information that's embedded in the binary. That is, before we ship the
> > software to the customer, we use a public-key encryption to generate an
> > encrypted message that contains the user's registration information (name,
> > etc). This message is then written to the application's binary (.EXE), and
> > the binary is e-mailed to the user. The application, whenever it's run,
> > decrypts the message (with the other half of the public-key) and verifies the
> > contents. If it's invalid, the software terminates.
>
> So then the hacker finds the single bit in your code responsible for storing the
> information (valid / not-valid) changes that bit to be always valid and your
> protection is out the window.
>
> I don't think anyone would objuect to exporting one - bit encryption. :--))
There's no reason to believe that any such single bit exists. For instance, a hash
of the properly decrypted registration info is the key to decrypt the software in
the IO libarary.
You are assuming that the software in functional and simply requires permission.
Any true security system will disable the software, rendering it non-functional, and
not represent permission as a proprty anywhere. Thus the information necessary to
render the software functional, the missing code, may not be available to a pirate.
>
>
> >
> >
> > Is it legal to export the binary outside the US? Keep in mind that it only
> > does decryption, and only of one thing: the message that's embedded within
> > itself. I remember reading a blurb somewhere that said what I'm trying to do
> > is one of the few exceptions to the export restriction laws, but for the life
> > of me I can't find the official documents on this. I've searched the Dept of
> > Commerce website high and low, so if someone has a direct URL or a document
> > name I'd really appreciate it.
>
> JK
>
> --
> John E. Kuslich
> Password Recovery Software
> CRAK Software
> http://www.crak.com
------------------------------
Date: Mon, 30 Aug 1999 12:54:34 -0400
From: "Trevor Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: RC4 question
fungus wrote:
> Red_Blue <[EMAIL PROTECTED]> wrote:
> >
> > Could someone please shed some light on the following issue:
> >
> > What is the difference in required brute force computing power for
> > breaking RC4-40 vs. RC4-128 export (40 secret) keys?
> >
>
> The difference is a factor of 2^(128-40) = 2^88.
>
> 2^88 is 300,000,000,000,000,000,000,000,000
>
> ie. RC4 128 is zillions of times more secure than RC4-40.
I think the original question referred to the damaged form of RC4-128 in
which the secret portion of the 128-bit key is only 40 bits long, the
remainder being non-secret. The a brute force attack on the damaged
RC4-128 is aimed at a keyspace exactly as large as the full keyspace of
RC4-40.
------------------------------
Date: Mon, 30 Aug 1999 12:47:59 -0400
From: "Trevor Jackson, III" <[EMAIL PROTECTED]>
Crossposted-To: misc.legal.computing
Subject: Re: Can I export software that uses encryption as copy protection?
Eric Lee Green wrote:
> Timur Tabi wrote:
> > I'm planning on developing software that decrypts the registration
> > information that's embedded in the binary. That is, before we ship the
> > software to the customer, we use a public-key encryption to generate an
> > encrypted message that contains the user's registration information (name,
> > etc). This message is then written to the application's binary (.EXE), and
> > the binary is e-mailed to the user. The application, whenever it's run,
> > decrypts the message (with the other half of the public-key) and verifies the
> > contents. If it's invalid, the software terminates.
>
> Yes, that is legal, but note that I could crack this "registration"
> scheme within minutes using a normal binary editor to change the output
> of your verification routine to always say "verified!".
What if there is no such routine? What if the security routine simply decrypts the
operable binary image?
To circumvent this you have to intercept the "plaintext binary" and replay it.
That can be made difficult.
> Back in the early 80's software publishers tried to create "unbreakable"
> copy protection schemes. They failed. If I have physical access to your
> software, I can load it into a binary debugger, trace its execution, and
> 'break' it.
In theory this is always possible, but in some cases it requires enormous hardware
support. For instance, most debuggers are slightly invasive in that they intercept
a few of the more interesting interrupt vectors. An application can make this
difficult by using those vectors for other purposes -- purposes critical tot he
operation of the software.
In theory one can provide a perfect virtualization of any environment, single
stepping the application as necessary. But this will skew the instruction rate in
a manner detectable to the application. In order to prevent the skew the attacker
needs the equivalent of an extremely fast in-circuit-emulator.
It's not impossible, but, like most modern crypto, it can be made unreasonably
expensive. The failure of the software vendors around the time PCs were introduced
does not indicate the difficulty of creating debug-proof software. It indicates
the amateurishness of the software vendors.
> In recognition of this fact, I did not bother encrypting the
> registration file in the licensing routine that I recently wrote. I
> include a MD5 checksum including an internal "secret" to filter out the
> "script kiddies", but doing any more than that is just creating work for
> me, since the "real" crackers will always be able to break it.
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: One to One Compression updated
Date: Mon, 30 Aug 1999 16:57:11 GMT
In article <7qe37l$ngl$[EMAIL PROTECTED]>, Tom St Denis <[EMAIL PROTECTED]> wrote:
>In article <7q7nst$1r0m$[EMAIL PROTECTED]>,
> [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) wrote:
>> I updated my "one to one" adaptive huffman compression
>> routines. These are routines that treat any file as a compressed
>> file or as an uncompressed file there are no headers. Would
>> be of great use as a first pass before encryption see my
>> compression page at
>>
>> http:/members.xoom.com/ecil/compress.htm
>>
>
>Why?
Why not?
>
>Tom
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
From: [EMAIL PROTECTED] (Boudewijn W. Ch. Visser)
Subject: Re: What if RSA / factoring really breaks?
Date: 30 Aug 1999 17:32:25 GMT
[EMAIL PROTECTED] (DJohn37050) writes:
>There are free word and powerpoint viewers (with print capability) from the
>microsoft website.
Do they run on Linux x86 and Linux Alpha ?
Boudewijn
--
+--------------------------------------------------------------+
|Boudewijn Visser | E-mail:[EMAIL PROTECTED] |
| -finger for PGP-keys.- | http://www.ph.tn.tudelft.nl/~visser |
+-- my own opinions etc ---------------------------------------+
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: I HOPE AM WRONG
Date: Mon, 30 Aug 1999 16:10:47 GMT
"SCOTT19U.ZIP_GUY" wrote:
> In article <[EMAIL PROTECTED]>, "Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote:
> Actually I have tried several times to write to sci.crypt.research ...
Thanks for correcting the name of the newsgroup.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: WT Shaw temporarily sidelined
Date: Mon, 30 Aug 1999 17:16:11 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (John Savard) wrote:
> [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) wrote, in part:
>
> >I think he is in Texas
> >is he not.
>
> Yes, I think so too. And I thought you were in New York or
> thereabouts, so you probably wouldn't get the chance to just drop by.
>
> But I do wish him a speedy recovery.
>
> John Savard ( teneerf<- )
> http://www.ecn.ab.ca/~jsavard/crypto.htm
>
This may be a dumb question, but what's wrong with him?
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: I HOPE AM WRONG
Date: Mon, 30 Aug 1999 16:36:45 GMT
Boris Kazak wrote:
> C'est une idee vraiment superbe, moi je suis entierement d'accord.
> Le seul obstacle, quand meme mineur, sera le fact que je suis
> d'origine Russe et ne suis pas si proficient en langue Francaise
> que les parleurs natives.
> Parlant un argot cryptographique, le langue Russe avec son
> alphabet cyrillique est une approximation beaucoup plus proche a
> un ideal du ciphre forte. Meme les cracqueurs ordinatrices ne
> pourront pas reconnaitre un tel texte parmi le abondance des
> caracteres non-ASCII. Voila!
> Au bientot BNK
It is a really superb idee, me I agree entirely The only obstacle,
when same minor, will be the fact that I am of Russian origin and am
not if proficient in French language that the speakers native.
Speaking a cryptographic slang, the Russian language with its
Cyrillic
alphabet is an approximation much nearer has a ideal ciphre strong.
Same the cracqueurs ordinatrices will not be able reconnaitre such a
text among the abundance of the characters non-ASCII. Veiled!
The so long BNK.
Cracquers ordinaire aren't a big eavesdropping threat.
As to Cyrillic, or Russian, it has lower per-character
entropy than English, but of course to convey the same
information the total information content of a message
has to be nearly the same in either language.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: 512 bit number factored
Date: Mon, 30 Aug 1999 17:08:58 GMT
Note that factoring a 512-bit number is in itself not interesting;
I can do that myself for certain numbers. What would be interesting
would be the development of a method that can rapidly factor *any*
512-bit number, e.g. the product of randomly-selected primes having
widths around 250 bits. (If the method is any good, it could be
used in the process of selecting primes, to verify their primeness.)
One hopes that that is what was reported. (My Dutch isn't good
enough to read the original article.)
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Q: Cross-covariance of independent RN sequences in practice
Date: Mon, 30 Aug 1999 17:16:38 GMT
Mok-Kong Shen wrote:
> Perhaps I have not expressed myself clear enough. I meant what
> magnitude of the value of computed cross-covariance can be safely
> considered to be 0 in practice (even though that is non-zero) and
> hence assume that there is indeed independence.
That's not proper statistical practice. The question that *can*
be answered by such statistics is "How likely is it that I would
have seen a statistic this large if the hypothesis of independence
is actually true?" Fortunately, such a model (independence) makes
computing the expected values of such statistics fairly easy.
This is treated in many textbooks on communications.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: compress then encrypt?
Date: Mon, 30 Aug 1999 16:44:31 GMT
Anton Stiglic wrote:
> One thing that I have asked myself is, if you have a perfect coder,
> that takes away all redundancy, isn't the entropy of the message
> smaller, and thus, decryption harder?
Sure, but remember, both the sender and intended recipient have
to agree on the encoding. Perfect coding would require exact
advance knowledge of the plaintext statistics.
In practice, a first approximation to this is to use a codebook
(at each end of the channel), where entire concepts and phrases
are encoded with only a few bits. Historically, such codes were
used in Morse telegraphy, where errors were frequent, so code
groups were designed with high redundancy themselves to allow
detection and (sometimes) correction of errors in the received
data. When such codes were superenciphered, the underlying
redundancy helped cryptanalysts to strip off the superencipherment.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: I HOPE AM WRONG
Date: Mon, 30 Aug 1999 16:30:12 GMT
"SCOTT19U.ZIP_GUY" wrote:
In article <[EMAIL PROTECTED]>, vincent <[EMAIL PROTECTED]>
wrote:
> >Eh les gars, j'ai une superbe idee, et si maintenant on se mettait a
> >parler francais uniquement, ca changerait, en plus c'est pas une idee si
> >eloignee de la cryptographie, en effet, qui peut bien comprendre cette
> >vieille langue decrepie qu'est le francais?
> >Alors qu'est-ce que vous en pensez ?
> in English:
> Do Eh the guy, I have superb a idee, and so now it was put has to speak
> French
> only, Ca would change, in more it is not a idee if eloignee of the
^moved away from
the^
> cryptography,
> indeed, which can understand well this old language decrepie which is
> French?
> Whereas think you?
The Systran on-line translator produced the above improvement.
Of course, part of the problem is that the original French text
failed to use properly accented characters. "idee" should
translate to "idea" and "ca" as "that". I guess "decrepie"
should translate to "decrepit".
------------------------------
From: Bob Silverman <[EMAIL PROTECTED]>
Subject: Re: What if RSA / factoring really breaks?
Date: Mon, 30 Aug 1999 17:55:35 GMT
In article <7qc4rb$4gl$[EMAIL PROTECTED]>,
David A Molnar <[EMAIL PROTECTED]> wrote:
> In sci.crypt David J Whalen-Robinson <[EMAIL PROTECTED]> wrote:
> > which demonstrated that large numbers could be factored in constant
>
> Discrete log could be unaffected, though. As far as I know, there's no
> reduction from one to the other. If there is, then the rest of this post
> is wrong.
There is a reduction from discrete logs over Z/NZ to factoring N.
> > What would this contibute to the NP vs. P problem?
>
> It shows us that a problem not known to be NP-complete is in P.
Huh? Justify this statement!!
If P != NP, it is well known that there are infinitely many
problems that are neither in P nor in NPC.
Why would showing that factoring is in P show that any
problem not in NPC must be in P? [hint: It wouldn't]
> The joke will be on us if
> discrete log is easy and factoring is hard.
This is unlikely.
--
Bob Silverman
"You can lead a horse's ass to knowledge, but you can't make him think"
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: public key encryption - unlicensed algorithm
Date: Mon, 30 Aug 1999 17:13:20 GMT
In article <[EMAIL PROTECTED]>,
"shivers" <[EMAIL PROTECTED]> wrote:
> I could really use a decent (i.e. strong) public key encryption
algorithm
> that is unlicensed for commercial use - I am interested in
Blowfish/Twofish
> for a private key algorithm - but my requirements really need a public
key
> one.
>
> Is there any such algorithm about?
El Gamal is currently free if you need public key encryption. If you
are just using it for key exchange, you may wish to consider
Diffie-Hellman or better yet, a variation of it called SPEKE.
>
> Also, on the legal side - I hear is is legal to export the details on
a
> strong algorithm - but not an actual implementation of it? If this is
> true - and I write an implementation of a strong algorithm - what am I
> allowed (and not allowed) to do with it?
>
> (please email a reply as well as posting here)
>
> Thanx a lot,
>
> Shane Wright
> ProActive Computing
>
> Email:
> work: [EMAIL PROTECTED]
> home: [EMAIL PROTECTED]
>
>
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Vigenere Variant Problem
Date: Mon, 30 Aug 1999 16:57:28 GMT
[EMAIL PROTECTED] wrote:
> For the common letters in each alphabet, you could look
> for variety of contact to sort out the consonants and vowels.
Unfortunately, that doesn't work as well in such systems
as it does for monoalphabetic substitutions.
If the encipherment is known (or likely) to use fixed
alphabets at different slides, then symmetry of position
is the best available technique. Eventually, unless it
is some sort of Aristocrat-like puzzle, one can guess a
probable word/phrase that works.
Are there *any* repeats (length 2 or greater, column-aligned)?
Sometimes one gets lucky and finds something like XY...XY
matching up to THingTHat, where the additional T aids in
the symmetry-of-position attack.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
