Cryptography-Digest Digest #292, Volume #10 Wed, 22 Sep 99 03:13:04 EDT
Contents:
Re: frequency of prime numbers? (Jerry Leichter)
Re: Second "_NSAKey" (Greg)
Re: Okay "experts," how do you do it? (John Savard)
Re: EAR Relaxed? Really? (Greg)
Re: EAR Relaxed? Really? (Anthony Stephen Szopa)
Re: EAR Relaxed? Really? (Eric Lee Green)
Re: Another bug RE: CryptAPI (Eric Lee Green)
Tim E. Anderson arrested for child pornography (Pat Brown)
Re: EAR Relaxed? Really? (Eric Lee Green)
Re: Second "_NSAKey" (Greg)
Re: low diffie-hellman exponent (Eric Lee Green)
----------------------------------------------------------------------------
From: Jerry Leichter <[EMAIL PROTECTED]>
Subject: Re: frequency of prime numbers?
Date: Tue, 21 Sep 1999 15:18:12 -0400
| >No. What Goedel showed was that any sufficiently rich axiomatic
| >system is incomplete in the sense that there are true statements
| >which can not be proved. [as well as other stuff I won't discuss].
| >Peano arithmetic is "sufficiently rich", BTW.
|
| I'd like to correct this misconception, if I may. Godel's theorem
| does not say that "there are true statements that cannot be proved".
| It says that there are unprovable statements. These statements are
| neither true nor false.
No; the original statement was (more or less) correct. Goedel
constructs, within the system to which is applied, a proposition that
looks essentially like this:
(a) Statement (a) cannot be proved.
If Statement (a) were FALSE, then it could be proved - and since proofs
have finite lengths, we could eventually find that proof. But then we'd
have a contradition, since we'd have the proof in hand that there could
not be a proof.
If Statement (b) were TRUE, on the other hand, it could simply be the
case that it couldn't be proven.
So, what Goedel really proved here was: Any sufficiently rich axiomatic
system is either inconsistent (it can prove a false statement, hence it
can prove *any* statement it can express); OR there are true statements
expressible within the system which cannot be proved (within the
system). What does "true" mean here? Just what you'd naively expect if
you didn't know about the axiomatic method: There are no counter-
examples to be found, no matter how hard you look.
Goedel's results are part of a stream of results, usually seen in
retrospect as starting with Turing's proof of the impossibility of
providing an algorithm for the Halting Problem, that show that truth and
provability are not the same thing. This was obvious in an inconsistent
system, where everything, true or not, is provable. What these results
showed was that if you avoided the Scylla of inconsistency, you would
inevitably run aground on the Charybdis of incompleteness: Some true
statements could not be proved. (In fact, even strong results are now
known - concering independence, and actual bounds on the size of
provable statements (Greg Chaitin's work).)
-- Jerry
------------------------------
From: Greg <[EMAIL PROTECTED]>
Subject: Re: Second "_NSAKey"
Date: Wed, 22 Sep 1999 05:11:35 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (DJohn37050) wrote:
> Rather than say "not let anyone know" it might be "not want
> to need to depend on any other beaucracy besides itself."
They mean different things entirely. I ment to say, they do
not want anyone to know what they are up to.
--
Truth is first ridiculed, then violently opposed, and then it is
accepted as self evident ("obvious").
I love my president... I love my president... I love my president...
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Okay "experts," how do you do it?
Date: Tue, 21 Sep 1999 22:59:27 GMT
Anton Stiglic <[EMAIL PROTECTED]> wrote, in part:
>There is no way to say that we might be
>able to proove that FACTORING is difficult or not?
We can prove that it is or is not as difficult as some other problem,
and this is the sort of thing that is the subject matter of Complexity
Theory, but we can't really prove that it is, in fact, difficult.
John Savard ( teneerf<- )
http://www.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: Greg <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto
Subject: Re: EAR Relaxed? Really?
Date: Wed, 22 Sep 1999 05:28:54 GMT
In article <[EMAIL PROTECTED]>,
"Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote:
> Greg wrote:
> > .... What market exists today anywhere in the world
> > for use of 128 bit compromised (by definition of NSA examination)
> > encryption software?
>
> Why is that "compromised"? It is axiomatic in cryptology that
> the strength of a cryptosystem should not depend on the adversary's
> lack of knowledge of the general system, but only upon the key.
Good point. Has nothing to do with the NSA examining the software.
As I understand it, the NSA must still bless the software and that
means that if they don't like it they can stall it forever. This
is not disputed.
I have also heard that there are non disclosure agreements between
NSA and the vendor. This is fine, except it can prevent the vendor
from telling all about the negotiations with NSA. For example, if
the NSA says, "We need two back doors into your software to examine
the plain text before it is encrypted," then we would never hear of
it. The encryption is sound, as you point out. But the application
software is buggy with holes for the NSA to drive through.
The point of my post is that IF a license is required to do business,
then the application software itself is compromised by the very
definition of the secret association between vendor and NSA. To
be more specific, you and I have no absolute assurance that there
are no planted or discovered and non publicized back doors as a
requirement for the license. This is also indicative by the new
rule that law enforcement does not have to disclose how they got
the plain text. (They can illegally obtain it and never be held
accountable- have you thought that through yet? This is far more
dangerous than it appears- and they thought we would be throwing
a party right about now!)
>
> The interesting question is whether the "technical review"
> will be allowed to end with the product failing to be approved
> (presumably because it is too secure, although that might not
> be the officially stated reason).
Again, with the NDA, you and I will never know- unless someone
is ready to go to jail over it. Then the government will paint
them as a disguntled vendor who did not get what they wanted and
tried to pressure the NSA by means of extortion tactics.
--
Truth is first ridiculed, then violently opposed, and then it is
accepted as self evident ("obvious").
I love my president... I love my president... I love my president...
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto
Subject: Re: EAR Relaxed? Really?
Date: Tue, 21 Sep 1999 11:01:48 -0700
Reply-To: [EMAIL PROTECTED]
fungus wrote:
> Greg wrote:
> >
> > Did you ever ask yourself, "well if we cannot export it, why not
> > set up a small shop overseas to import from?" It is such a simple
> > solution to the EAR, why hasn't anyone, including MS, gone that
> > route and formed a standard for all America to use?
> >
>
> A lot of people have, and will continue to do so until the
> regs are completely removed.
>
> --
> <\___/>
> / O O \
> \_____/ FTB.
It's a problem for American software.
The regs as they are cover this quite well. An American simply cannot
get around the regs.
------------------------------
From: Eric Lee Green <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto
Subject: Re: EAR Relaxed? Really?
Date: Tue, 21 Sep 1999 21:51:59 -0700
fungus wrote:
> Greg wrote:
> > Did you ever ask yourself, "well if we cannot export it, why not
> > set up a small shop overseas to import from?" It is such a simple
> > solution to the EAR, why hasn't anyone, including MS, gone that
> > route and formed a standard for all America to use?
>
> A lot of people have, and will continue to do so until the
> regs are completely removed.
One thing to consider is that it is illegal for American citizens to
provide technical assistance to overseas subsidiaries who are working on
cryptographic code. This even if the American citizen has not taken a
single stitch of code over the border, has not taken anything across the
border except the clothes on his back and whatever knowledge is in his
head. The government has granted broad exemptions as people press them
both in court and in Congress (the regulation is an obvious breach of
the 1st Amendment to the U.S. Constitution, which guarantees free
speech, even speech that is not liked by the government such as speech
that tells cryptographic details), but it still remains on the books.
Still, people ARE setting up foreign subsidiaries. If my employer has
trouble getting export permissions for our software once I finish adding
cryptographic components to it, we may even be in the market for a
foreign subsidiary (even if said subsidiary is one kid in Canada who
knows enough about encryption to stuff it into our code in the most
logical place, which U.S. law prohibits me from saying but there have
been threads about where to put it all over this board lately :-).
--
Eric Lee Green http://members.tripod.com/e_l_green
mail: [EMAIL PROTECTED]
There Is No Conspiracy
------------------------------
From: Eric Lee Green <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto
Subject: Re: Another bug RE: CryptAPI
Date: Tue, 21 Sep 1999 23:07:12 -0700
Paul Mikesell wrote:
> I'd like to point out that a non-dll implementation only will only make
> the system more secure through obfuscation, which does not really make it
> more secure.
Well, if you statically link it into your code, you can at least assume
that you are running your own code, not somebody else's. Unless somebody
has compromised your actual binary, of course, but (shrug) what can you
do about that? At least this way somebody has to specifically target
your binary, rather than being able to fire a shotgun and hit every app
that uses crypto.
--
Eric Lee Green http://members.tripod.com/e_l_green
mail: [EMAIL PROTECTED]
There Is No Conspiracy
------------------------------
Date: Tue, 21 Sep 1999 23:19:41 -0700 (PDT)
From: Pat Brown <[EMAIL PROTECTED]>
Subject: Tim E. Anderson arrested for child pornography
so i heard, anyway...
i hear he's out on bail already, too
--
just me, pat
__________________________________________________
Do You Yahoo!?
Bid and sell for free at http://auctions.yahoo.com
------------------------------
From: Eric Lee Green <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto
Subject: Re: EAR Relaxed? Really?
Date: Tue, 21 Sep 1999 23:11:04 -0700
Greg wrote:
> I have also heard that there are non disclosure agreements between
> NSA and the vendor. This is fine, except it can prevent the vendor
> from telling all about the negotiations with NSA. For example, if
> the NSA says, "We need two back doors into your software to examine
> the plain text before it is encrypted," then we would never hear of
> it.
Oh poop. You'd hear of it alright, because we would never agree to put
two back doors into our software. We'd issue it sans encryption instead,
and tell folks overseas that they can't get it because the NSA is being
idiots. Which is the basic status today, BTW (we do not currently have
plans to release an encrypting version of our product overseas, due to
the onerous reporting requirements, though the new rules look like they
relax that enough so that we can actually afford to create an export
version and thus we may have one sometime next year).
--
Eric Lee Green http://members.tripod.com/e_l_green
mail: [EMAIL PROTECTED]
There Is No Conspiracy
------------------------------
From: Greg <[EMAIL PROTECTED]>
Subject: Re: Second "_NSAKey"
Date: Wed, 22 Sep 1999 05:08:06 GMT
> > ...I would put money on it.
> How much money? For enough money, I'd be motivated to go
> find out.
How would you do that? I would myself, but I seriously don't
think the NSA will tell you the truth here.
--
Truth is first ridiculed, then violently opposed, and then it is
accepted as self evident ("obvious").
I love my president... I love my president... I love my president...
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: Eric Lee Green <[EMAIL PROTECTED]>
Subject: Re: low diffie-hellman exponent
Date: Tue, 21 Sep 1999 22:59:09 -0700
Tom St Denis wrote:
> BTW does anybody care? I haven't gotten any replies!!! Common, it's free,
> it's small, it packs features and it's not a homebrew!!! common!!!
>
> (please?)
>
> http://www.cell2000.net/security/peekboo/index.html
Sorry, I live in the U.S.A., and it would be illegal for me to download
an unlicensed implementation of RC5 or RC6 (they are patented here in
the U.S., or, rather, one of the mathematical operations within them is
patented here in the U.S. -- I don't know how that can be, that one can
patent mathematics, but so it goes here in the funny farm!).
Anyhow, you may want to look at TwoFish or Rijndael, both of which
promise that they will forever remain patent-unencumbered. So far both
look okay from a security aspect. You can find implementations at
http://www.seven77.demon.co.uk/cryptography_technology/AES2/index.htm
These are under a BSD-style license that allows free use as long as you
let folks know that you're using Dr. Gladman's stuff.
--
Eric Lee Green http://members.tripod.com/e_l_green
mail: [EMAIL PROTECTED]
There Is No Conspiracy
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
