Cryptography-Digest Digest #186, Volume #10 Mon, 6 Sep 99 02:13:04 EDT
Contents:
Re: Quantum computing bit in UK computing magazine.
Re: THE NSAKEY (SCOTT19U.ZIP_GUY)
Re: IDEA- safe? (Johnny Bravo)
Re: RSA the company ("Roger Schlafly")
Re: point of a cipher (SCOTT19U.ZIP_GUY)
Re: One to One Compression updated (SCOTT19U.ZIP_GUY)
Re: point of a cipher (SCOTT19U.ZIP_GUY)
Re: point of a cipher (SCOTT19U.ZIP_GUY)
Re: IDEA- safe? ("Trevor Jackson, III")
Re: Can we have randomness in the physical world of "Cause and Effect" ? (Dave Knapp)
Re: arguement against randomness ("Douglas A. Gwyn")
Re: Description of SQ ("Douglas A. Gwyn")
Re: arguement against randomness ("Trevor Jackson, III")
Re: point of a cipher ("Trevor Jackson, III")
Re: Quantum computing bit in UK computing magazine. ("Trevor Jackson, III")
Re: NSA and MS windows ("Douglas A. Gwyn")
Re: Mystery inc. ("Douglas A. Gwyn")
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] ()
Subject: Re: Quantum computing bit in UK computing magazine.
Date: 6 Sep 99 02:17:32 GMT
Bill Unruh ([EMAIL PROTECTED]) wrote:
: They perform a computation on
: a single input state which, if viewed in a certain way, can be regarded
: as a superpostion of a bunch of input states. however that is a useless
: way of viewing it unless some observatin of the the single output state
: can be made which will give the desered answer. Very very very few
: problems have been found which fit the latter requirement-- essentially
: only factoring or discrete logs (Shor's original algorithm). In addition
: Grover found a search algorithm which is reputed to decrease a search
: time by a factor of a square root.
All right, this explains what the original poster objected to in that
article. However, I am puzzled here. Suppose one is trying to search for
the key that causes a given ciphertext block to decrypt to a known
plaintext block in DES.
The algorithm for solving that seems simple enough: using the 56
superposed bits as the key, decrypt the ciphertext block to form a
plaintext block. XOR this result with the known plaintext block. If the
result is zero, then take the particular value of the key used, and - is
this where the problem arises?
if the problem is that there is no good way of collapsing the wave
function and leaving 56 bits of data behind, one can simply repeat the
computation 56 times: if bit n of the key is 1, then store a bit in
"observed" memory.
As I understand it, quantum computers are still hoped to be able to
execute programs consisting of computational steps, although there are
other models of quantum computation that are less elaborate.
John Savard
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: THE NSAKEY
Date: Mon, 06 Sep 1999 04:42:21 GMT
In article <7quhee$ppg$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (David Wagner) wrote:
>In article <[EMAIL PROTECTED]>,
>Guenther Brunthaler <[EMAIL PROTECTED]> wrote:
>> But as the president of an US-company that is dealing with
>> cryptography, he undoubtedly has to make at least some minor
>> provisions to government agencies, or they would shut down his company
>> one way or the other.
>>
>> So Mr. Schneier has certainly to be very careful about what he's
>> saying, especially regarding alleged government intrusion attempts
>> into popular software (unless proven and verified already).
>
>I call bullshit. You're making allegations that are absolutely unfounded.
>Schneier has been outspoken against _many_ of the US government's crypto
>policies; some might say that he is one of the biggest thorns in their side.
>
>Please take personal attacks like these elsewhere.
How could one consider that an attack. He was if anything explaining why
Bruce anwsers many of the things the way he does. Before I just thought it
was pure arragance and hate for those he considers lower than himself. But
this guy gave reasons for some of Bruces anwsers. Bruce is not a thorn in the
US government crypto. He is after all helping to sucker people into using the
coming AES candidate. How could that be thought of as a thorn. Know maybe
I am a thorn but. Since I don't have a company no one belives so I am less of
a threat but still a small thorn.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
From: [EMAIL PROTECTED] (Johnny Bravo)
Subject: Re: IDEA- safe?
Date: Sun, 05 Sep 1999 23:02:09 GMT
On Sun, 05 Sep 1999 02:31:00 GMT, Tom St Denis
<[EMAIL PROTECTED]> wrote:
>> Can we do simple math?
>> 64 - 56 = 8
>> 8 * 1.5 years = 12 years.
>
>Wouldn't that be 2^(64-56) times harder? not 64-56 times harder?
No, as the power of the computers is doubling as well as the
difficulty. One extra bit is twice as difficult, 18 more months makes
it half as easy. So for each bit add 18 months to keep the difficulty
the same. 8 bits = 12 years for the computing power to catch up to
the extra bits.
However we are looking at 128+ bit keys for most implementations.
So if 56 is easy now, 128 bits will be easy 100 years from now. By
then we could easily be using 2048 bit ciphers with keys in the 64k
range which should be good for three thousand years or so at the
present rates.
>
>Tom
Johnny Bravo
------------------------------
From: "Roger Schlafly" <[EMAIL PROTECTED]>
Subject: Re: RSA the company
Date: Sun, 5 Sep 1999 19:30:11 -0700
Eric Lee Green wrote in message
<[EMAIL PROTECTED]>...
>Diffie-Hellman being in the public domain is important, because the
>expired Diffie-Hellman patent is the one underlying all public key
>cryptography, but it's not a panacea. RSA is an easy-to-understand and
>relatively elegant algorithm, whereas most of the non-patented
>competitors are not. So yes, I think it would not be out of place to
>plan a party for September 20 of next year.
For encryption and key exchange, I actually think that Diffie-Hellman
is the most elegant, and easiest to understand, public key system.
RSA's elegance is mainly in the area of signatures.
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: point of a cipher
Date: Mon, 06 Sep 1999 05:09:47 GMT
In article <7quh4a$pos$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (David Wagner) wrote:
>In article <o1oA3.21146$[EMAIL PROTECTED]>,
>Richard Parker <[EMAIL PROTECTED]> wrote:
>> David Scott is using "w-pcbc" as an all-or-nothing transform (AONT).
>
>I disagree. An AONT transform is unkeyed, and does not itself provide
>confidentiality. Rather, David Scott is using "w-pcbc" as a block cipher
>structure (think of it as an alternative to the Feistel structure).
How can you disagree when ever we start to get technical on my method
you say that you can't follow the C code since the source is appearently
encrypted to hard for you. Since this is true based on your last comments
when the Slide Attack failed against it. How do you know that it is not
"all or nothing".
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: One to One Compression updated
Date: Mon, 06 Sep 1999 05:02:18 GMT
In article <7qutv2$17m$[EMAIL PROTECTED]>, "Vedat Hallac" <[EMAIL PROTECTED]>
wrote:
>In your most arguments about using compression in encryption, I agree with
>you. That is your "one-to-one"ness feature looks like a good idea.
>
>However, if you need to use it as a security component, you should be more
>careful about the symbols that you generate. Because, most of the times in
>adaptive Huffmen sort of algorithms, the first few letters are kept intact
>(depening your initial tree configuration). That means a letter starting
>with "Dear Sir," will most likely have the same string (or an equivalent,
>which is assumed to be known by the attacker) at the beginning. Maybe you
>should have a keyed shuffling algorithm to determine your initial tree
>configuration :-)
>
>Have you got a solution for this problem that you are currently using ?
>
>
I built the staring tree in counting order. But if you check my page
http://members.xoom.com/ecil/compress.htm you can see I most have
picked the wrong order. Since the first character does not match the first
character of the input file. Oh well I could have reveresed the order to make
it match but why bother. I am in theory not allowed to do encryption in the
US. MY "wife" can mode it so that the starting leaves are in a file that is
read in. She could do this when will go to mexcio but I would need a site to
post this since it would be encryption and I am staying away from that for
a while.
Also you are correct "Dear Sir" would appear the same in my current
compression if at start of file. But if you go to my site I offer code to
reverse the file and have a method of huffman compression I use for the
second pass. This means there is a forward huffman pass through the file
and a reverse huffman pass thought the file. This means that even for the
nonencrypting huffman compression that the "Dear Sir" would not convert
to the same code even if at the front of file becasue of the reverse huffman
passes. Would make the starting bits a function of the rest to the
file. Please check the code it my site I include examples of this.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: point of a cipher
Date: Mon, 06 Sep 1999 05:06:27 GMT
In article <[EMAIL PROTECTED]>, Enterrottacher Andreas
<[EMAIL PROTECTED]> wrote:
>"SCOTT19U.ZIP_GUY" schrieb:
>>
>> In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] () wrote:
>> >Tom St Denis ([EMAIL PROTECTED]) wrote:
>> >: Now tell me where 'magical' compression methods come in. Either you know
> the
>> >: key, and get the message, or you don't know the key and you only get
> random
>> >: crap. I agree that compression helps remove redundancies, but it doesn't
>> >: hinder brute-force or any other attack outisde of just trying to
> decompress
>> >: what you guessed M could be.
>> >
>> >Well, ciphertext-only attacks exploit partial knowledge of the plaintext.
>> >This partial knowledge is the redundancy which compression suppresses.
>> >
>> >Thus, one of the ways in which the DES-cracker built by the EFF is
>> >configured to be used is to search for decrypted blocks where the first
>> >two bits of each byte all have the same value.
>> >
>> >Dave Scott's compression idea, "one-to-one compression" is intended to
>> >totally frustrate a brute-force search. Normally, if a file is being
>> >compressed using Huffman compression, the resulting file will consist of
>> >any old number of bits. For transmission, it might be padded out to an
>> >even number of bytes: then, some indication of how many bits of padding
>> >are applied is needed.
>> >
>> >Usually, this means that there is a way to check an attempted decrypted
>> >file for validity; if we remove the bits claimed to be padding, do the
>> >remaining bits end on a Huffman symbol, or in the middle of one?
>> >
>> >Mr. Scott is trying to devise a method of Huffman compression which
>> >removes this (very weak) opportunity for the attacker to narrow down the
>> >space of possible keys. However, he is doing so at the price of
>> >introducing other forms of redundancy, which I think are worse.
>> >
>> >John Savard
>>
>> Ok John I bite. What are those worse form of redundancy that make it
>> worse.
>>
>> David A. Scott
>
>At least the output of the one-to-one-compression is compressable while
>encrypted text isn't: In a brute-force-attack one could try keys until
>he
>gets compressable data. The weak one-to-one-compression can be broken
>afterwards.
>
>Other attacks may be based on the fact that there exists redundancy
>without
>knowledge of the kind of redundancy.
>
>
What are you talking about. I don't think your "one to one" is the
"one to one" I have been talking about these several days.
Mine is this:
1 any file A can compress to a FILE then that FILE when uncompressed goes to A
2 any file B can uncompress to a FILE then that FILE when compressed goes to B
What do you mean and what does it have to do with what I was talking about
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: point of a cipher
Date: Mon, 06 Sep 1999 05:34:44 GMT
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] () wrote:
>Tom St Denis ([EMAIL PROTECTED]) wrote:
>: The thing is you can still brute force his method. I can try a key, then
>: decompress and test for ASCII.... not that hard.
>
>That's a good point.
But as a better writter than me said. Brute force is nice to talk about.
But in general that is not how encryption is broken. My compression method
gives less information to an attacker so that it is more likely that a Brute
Force search is the only way. IF my compression takes away structure an
attacker can use that is good. If you don't have a clue why that is good I
can't help you.
>
>: My point is that his
>: compression SHOULD NOT be a factor in considering the security of the system,
>: only as a bandwidth optimization.
Well I disagree. But you can remain free to belive what you want
since it is obvious you really don't want to understand
>
>You're basing that conclusion on an argument which, correctly, notes that
>compression doesn't increase the security of a cipher system against a
>_known plaintext_ attack.
John if you are using only ascii message it would be very hard
to get the person to use data to create the files you want. But yes
if the person is encrypting binary files. And if you can do a "whole
choosen plain file attack" against the system. Then you can choose
the files you want to attack with. Uncompress them and give them to
the person. When he compresses them you get the target files you wanted
to do against the system. This form of compression will not make
a silk purse out of a sows ear. But it also will not give extra info
to the attacker like most compression methods.
>
>However, compression does increase security against a ciphertext-only
>attack.
>
>Since both kinds of attacks are possible, that does not seem to imply to
>me that compression is irrelevant to security.
>
>Of course, since a known plaintext attack is easier than a ciphertext-only
>attack, when *rating* the security of a system one wants to assess its
>vulnerability in the worst case. Perhaps this is what you mean, but then
>you should distinguish between what doesn't affect worst-case security and
>what does not benefit security in any case.
>
>John Savard
john the whole point of this was that if one wants to use compression
one should use one that gives no hooks to the attacker. Example some
terroists are using compression and encryption. It my be hard to get the
terroists to send the desired plain text messages that you want. But lets
say they are stupid enough to use PKZIP to compress the messages
before they send them. Well the NSA could use that fact to break the
method since the sturctre of a PKZIP file is so well known. They could
use this hook provided by the compression method to help break the
method without even getting the enemy to use choosen plain texts of
ones choice.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
Date: Mon, 06 Sep 1999 00:57:41 -0400
From: "Trevor Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: IDEA- safe?
Tom St Denis wrote:
> In article <[EMAIL PROTECTED]>,
> "Trevor Jackson, III" <[EMAIL PROTECTED]> wrote:
> >
> >
> > jerome wrote:
> >
> > > typo, replace 4.5months by 4.5years
> > >
> > > On 3 Sep 1999 19:03:28 GMT, jerome wrote:
> > > >
> > > >and these attacks can use the key even if they are different than
> > > >brute force...
> > > >
> > > >moreover if currently everybody says that 56bits is easy to reach, 64bits
> > > >is only 256 times more, so in 4.5months 64bits would be as easy as
> > > ^^^^^^^^^
> > > 4.5 years obviously
> > >
> > > >56bits now, according to the principle "the cpu power double every 18months"
> >
> > Can we do simple math?
> > 64 - 56 = 8
> > 8 * 1.5 years = 12 years.
>
> Wouldn't that be 2^(64-56) times harder? not 64-56 times harder?
Yes. And after 12 years the CPU power has doubled 8 times. So the ratio of the CPU
power before and after 12 years is 2^8. 256 times faster.
------------------------------
From: Dave Knapp <[EMAIL PROTECTED]>
Crossposted-To: sci.physics
Subject: Re: Can we have randomness in the physical world of "Cause and Effect" ?
Date: Mon, 06 Sep 1999 04:26:46 GMT
John Savard wrote:
>
> Dave Knapp <[EMAIL PROTECTED]> wrote, in part:
>
> >Quantum mechanics requires either true randomness or nonlocality.
>
> While, as someone has pointed out, many worlds can substitute for
> randomness, I don't see how either one substitutes for nonlocality -
> required by the EPR experiment.
I also don't understand how one can distinguish between MW and
randomness experimentally.
> However, I do *have* a substitute for nonlocality; faster-than-light
> phenomena, so far internal to quantum systems.
That results in problems with causality.
> But that is still a separate and additional requirement in addition to
> randomness, as I understand it.
I think not; if you use FTL, you lose causality, and you can use hidden
variables and eliminate randomness.
-- Dave
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: arguement against randomness
Date: Mon, 06 Sep 1999 05:16:53 GMT
Tom St Denis wrote:
> Hmm... well let's take the geiger counter (spelling?) for the result
> to be truly random the alpha particles must be spontaneously created,
> otherwise there would be some means to predict the decay...
Actually the Geiger counter is just a detector. An example of an
alpha source is radioactive Polonium, used in destatic brushes etc.
Preliminary mesaurements on an alpha source can be used to find its
parameters (source quantity and strength, half-life, etc.) to a fair
degree of accuracy, which then allows *statistical* prediction of
forthcoming alpha particle emission (detection intervals closely
approximate an exponential distribution, as I recall, so long as
the characteristic interval is much longer than the detector
recovery time). It is absolutely true (to the best of our knowledge
of the principles of physics) that the times of *individual* emissions
cannot be precisely predicted even in principle, no matter what
constraints the emitter is subjected to (near abs. zero, strong
magnetic field, etc.). The fundamental theory yields probabilistic
predictions, not due to simple ignorance which could be remedied,
but to a fundamental inability to gain knowledge past a certain
level (Planck's constant again, or what amounts to the same thing,
noncommutativity of certain measurement operations).
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Description of SQ
Date: Mon, 06 Sep 1999 05:22:02 GMT
Eric Lee Green wrote:
> ... A classical example is F=ma, ...
That is clearly not a mathematical theory, but a physical one.
(And not correct even within the Newtonian domain; an object's
mass can vary for nonrelativistic reasons -- think "rocket".)
------------------------------
Date: Mon, 06 Sep 1999 01:25:51 -0400
From: "Trevor Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: arguement against randomness
Tom St Denis wrote:
> (pardon my ignorance....)
>
> Isn't one of the laws of thermaldynamics stating the spontaneuous creation of
> energy is impossible (or something to that effect)?
>
> Also wouldn't something truly random fall into this category?
>
> If I am dead wrong, please let me know.
>
I think you are wrestling with the phrase "truly random". For our purposes this
means "completely unpredictable". This is equivalent to saying that the output
of the generation process has no use in predicting the future of that process.
The easiest way to get this condition is to measure a sequence of physical events
where the events are all independent. Proving that independence can be tough.
Quantum events such as beta decay are supposed to be completely unpredictable,
but we still do not understand entanglement completely. There's wiggle room for
a claim of complete interdepence of all particles that share a light cone (have
been "within reach of each other" at some point following the big bang).
None of this has anything to do with the creation of energy. In fact there's
research that shows there is no fundamental lower limit on the amout of energy
needed to perform a calculation. There is a physical limit on the amount of
energy required to detect an event (see Plank's constant).
------------------------------
Date: Mon, 06 Sep 1999 01:28:31 -0400
From: "Trevor Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: point of a cipher
Douglas A. Gwyn wrote:
> Tom St Denis wrote:
> > The point of a cipher is to hide the contents of a message M with an
> > encryption method E, and the key K. The goal is without knowledge
> > of K, nothing of M can be derived from E_K(M).
>
> First of all, that is an overly restrictive view.
> More accurate would be the goal of requiring an eavesdropper
> to perform more work than is economically feasible in order
> to have a significant chance of recovering the plaintext.
>
> > Now tell me where 'magical' compression methods come in. Either
> > you know the key, and get the message, or you don't know the key
> > and you only get random crap. I agree that compression helps
> > remove redundancies, but it doesn't hinder brute-force or any
> > other attack outisde of just trying to decompress what you guessed
> > M could be.
>
> As I've advised before, one should develop some practical experience
> in cryptanalysis before trying to discuss its feasibility in any
> particular case. In fact, I've cracked messages in some systems
> without ever recovering the key. Precompression *does* hinder
> cryptanalysis, because it obscures underlying statistical properties
> of the source language that could otherwise be exploited. I don't
> know why you even mention exhaustive keyspace search ("brute-force
> attack"), because no competent cryptosystem designer is going to
> choose a key so small as to make that attack feasible.
In your opinion, does you last phrase apply to dscott?
------------------------------
Date: Mon, 06 Sep 1999 01:49:40 -0400
From: "Trevor Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: Quantum computing bit in UK computing magazine.
[EMAIL PROTECTED] wrote:
> Bill Unruh ([EMAIL PROTECTED]) wrote:
> : They perform a computation on
> : a single input state which, if viewed in a certain way, can be regarded
> : as a superpostion of a bunch of input states. however that is a useless
> : way of viewing it unless some observatin of the the single output state
> : can be made which will give the desered answer. Very very very few
> : problems have been found which fit the latter requirement-- essentially
> : only factoring or discrete logs (Shor's original algorithm). In addition
> : Grover found a search algorithm which is reputed to decrease a search
> : time by a factor of a square root.
>
> All right, this explains what the original poster objected to in that
> article. However, I am puzzled here. Suppose one is trying to search for
> the key that causes a given ciphertext block to decrypt to a known
> plaintext block in DES.
>
> The algorithm for solving that seems simple enough: using the 56
> superposed bits as the key, decrypt the ciphertext block to form a
> plaintext block. XOR this result with the known plaintext block. If the
> result is zero, then take the particular value of the key used, and - is
> this where the problem arises?
>
> if the problem is that there is no good way of collapsing the wave
> function and leaving 56 bits of data behind, one can simply repeat the
> computation 56 times: if bit n of the key is 1, then store a bit in
> "observed" memory.
>
> As I understand it, quantum computers are still hoped to be able to
> execute programs consisting of computational steps, although there are
> other models of quantum computation that are less elaborate.
The model I've seen does not permit you to create a superposition of the 2^56
possible keys. Instead it attempts to make invalid keys interfere with
themselves and valid keys reinforce themselves. Thus the only way to get a
detectable result is to get the true key. My understanding of the dynamics of
the process is weak, but it appears to me that the time required to obtain a
detectable result is not predetermined.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: NSA and MS windows
Date: Mon, 06 Sep 1999 05:04:41 GMT
David Wagner wrote:
> But regardless: If it's just a symptom, why are there huge headlines
> reporting that, thanks to the "_NSAKEY", the NSA may be able to spy on
> every Windows machine in the world?
Heh, heh, I have an "NSA Hitachi" monitor on my desk...
Must have a hidden camera in it?
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Mystery inc.
Date: Mon, 06 Sep 1999 06:07:08 GMT
sha99y00000 wrote:
> I can see your point here, but discussions on the feasibility of it
> (Beale's] genuineness. How people have attack the problem. What
> resources have they used etc. etc.
Rowlett, Sinkov, Kullback, and Hurt worked on Beale during their
training, and Rowlett at least believed it was a hoax.
> For 1. Has anyone noticed a possible clue to the key actually visible
> within the codes
No; have you? That would indeed be interesting.
When I was at USASATC&S some 25 years ago, I had our TIC (library)
get hold of the Beale documents from Roanoke and did some analysis.
Carl Hammer had already determined that the unsolved messages had
similar statistical proerties to the solved message. My approach
was to assume that the others were enciphered the same way, but
using a different document. Consideration of Beale's name and his
choice of document for the known message indicated that a generally
available work of Thomas Jefferson would be worth trying. Harvard's
law library (Widener library, was it?) let me into their (normally
closed) stacks, and I rummaged though the collected works of T.J.
The only one I found that had enough words for the maximum cipher
value was also what T.J. himself considered his most important
document, "A Bill to Abolish Slavery in Virginia". I ran that
against the unsolved Beale messages every which way and never found
a crack. At which point I decided that I had better things to do...
> 2 Reasons for fake: someone found lines like ABCDEFGHIJKLMN
> when deciphering #1 with DOI.
> Why would someone code ABCDEFGHIJKLMN than randomly
> writing any code numbers to create garbage?
> Would finding ABCDEFGH, etc. show that some sort of
> transposition has been used within the code?
Jim Gillogly wrote an article about this in Cryptologia, V4N2.
Decrypting Beale-1 with the Declaration of Independence produced
ABFDEFGHIIJKLMMNOHPP. He considers that evidence of a hoax, but
I don't think it's conclusive. If it had been precisely
ABCDEFGHIJKLMNOP then I would agree it must be a hoax, but an
"approximately alphabetic" stretch could be found by accident.
(Gillogly pointed out that the first F and last H could have
been off-by-one encipherments of C and O, respectively, which
makes it somewhat more suspicious.) I think that anyone who was
laboriously encrypting garbage for a hoax, once he "got bored"
and decided to encrypt a stretch of the alphabet, would very
likely proceed to encrypt various words such as "FOOLED YOU".
Finding ABCDEFGH etc. either in clear or by decrypting with DOI
would not indicate anything about use of transposition.
> And I'm not just on about Poe and Beale codes. Those are just
> examples. There are codes out there that have been unresolved
> for too long.
Rowlett mentioned a "Swift Silver Mine" (in SW VA near Cumberland
Gap) cipher, which he also believed was a hoax; I have no further
information about that.
Feel free to work on the Zendian problem! Most of it has been
solved, but the solutions have not been published.
And of course there is still the final 97 characters of the Kryptos
sculpture.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
