Cryptography-Digest Digest #315, Volume #10 Sat, 25 Sep 99 23:13:03 EDT
Contents:
All 15 chapters of Handbook of Applied Cryptography available for free download
(Alfred John Menezes)
Re: Proving cipher strength (Toby Kelsey)
Re: EAR Relaxed? Really? (wtshaw)
Re: EAR Relaxed? Really? (wtshaw)
Re: EAR Relaxed? Really? (wtshaw)
free crypto C/C++ lib (Josef Hartmann)
Re: Brute forcing salt instead of storing it (Was: Increasing password (David
Wagner)
Re: steganography
Re: free crypto C/C++ lib ("Richard Parker")
Re: Second "_NSAKey" (wtshaw)
Re: free crypto C/C++ lib (Tom St Denis)
Re: Second "_NSAKey" (Greg)
Re: Securing Executables (jerome)
Re: All 15 chapters of Handbook of Applied Cryptography available for free download
(jerome)
Re: Securing Executables (Tom St Denis)
Re: All 15 chapters of Handbook of Applied Cryptography available for free download
(Keith A Monahan)
Re: frequency of prime numbers? (Donald Welsh)
Re: frequency of prime numbers? (Donald Welsh)
Re: frequency of prime numbers? (Donald Welsh)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Alfred John Menezes)
Subject: All 15 chapters of Handbook of Applied Cryptography available for free
download
Date: 25 Sep 1999 19:06:04 GMT
In the past few months, we have made available 14 chapters
from our "Handbook of Applied Cryptography" for free download
from our web site: www.cacr.math.uwaterloo.ca/hac/
Our publisher, CRC Press, has generously given us permission
to place the last chapter on the site. We have just uploaded
Chapter 11 (Digital Signatures).
We hope to have the appendices, bibliography, and index uploaded
to the web site in a few weeks.
We hope that these chapters will be of use to people in their
cryptographic work and study. We hope that by making the chapters
available for free download, the book will be accessible to those
who cannot afford to buy it, and to those who may only have a
cursory interest in the material presented in the book.
- Alfred
==========================================================================
| Alfred Menezes | Email: [EMAIL PROTECTED] |
| Department of C&O | Phone: (519) 888-4567 x6934 |
| University of Waterloo| Web page: www.cacr.math.uwaterloo.ca/~ajmeneze |
| Waterloo, Ontario | Web page for Handbook of Applied Cryptography: |
| Canada N2L 3G1 | www.cacr.math.uwaterloo.ca/hac/ |
| Centre for Applied Cryptographic Research: www.cacr.math.uwaterloo.ca |
==========================================================================
------------------------------
From: Toby Kelsey <[EMAIL PROTECTED]>
Subject: Re: Proving cipher strength
Date: Sat, 25 Sep 1999 00:36:36 +0100
In article <[EMAIL PROTECTED]>, John Savard <jsavard@te
nMAPSONeerf.edmonton.ab.ca> writes
>Toby Kelsey <[EMAIL PROTECTED]> wrote, in part:
>
>> (c) Show, using an exhaustive search of possible faster programs,
>> that for a trivial key-length (e.g. 8 bits), brute-force search of
>> the key-space is the most efficient method of breaking the cipher.
>
>Well, you can exhaustively search *short* programs that are also
>fast...
All operations have a non-zero weight, so all possible faster programs
can be enumerated.
Toby
--
Toby Kelsey
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Crossposted-To: talk.politics.crypto
Subject: Re: EAR Relaxed? Really?
Date: Sat, 25 Sep 1999 15:03:56 -0600
In article <7sg9up$s7h$[EMAIL PROTECTED]>, [EMAIL PROTECTED]
(Bill Unruh) wrote:
>
> That makes it almost funny. You can export arbitrarily strong crypto
> with arbitrry key lengths. However, if we cannot break it you cannot
> export it. Seems NSA is setting itself up as a crypto vetting
> institution. Instead of people posting their latest and greatest crypto
> here in sci.crypt, they just send it to NSA for export approval. If NSA
> passes it, you know it is weak. At least this will serve some useful
> prupose if only to supply a canned reply to people posting their latest
> invention here.
I hear that the time period for review will be something like 15 to 30
days. Perhaps the length of delay become a new standard of strength.
Results should make for some interesting discussions. I figure that
application for review is NOT consent to be gagged.
--
Note the latest ad from Apple reflecting the government's
philosophy that good computers should not be exported. It is
interests of our government foreign computers be vulnerable.
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Crossposted-To: talk.politics.crypto
Subject: Re: EAR Relaxed? Really?
Date: Sat, 25 Sep 1999 15:14:46 -0600
In article <7sh87t$1ie$[EMAIL PROTECTED]>, Greg <[EMAIL PROTECTED]> wrote:
>
> It is obvious that the NSA's role is to crack ciphers.
> If everyone used strong ciphers, they would be out of
> work. There is nothing hidden about that.
>
They have a real problem, crypto no longer being a dark pastime. It is so
simple to do the very things that kill cracking ciphers, and that
knowledge will not diminish, but grow at they would see it like a cancer.
It is good to see the individual being able to
protect himself when privacy invasion is epidemic.
--
Note the latest ad from Apple reflecting the government's
philosophy that good computers should not be exported. It is
interests of our government that foreign computers be vulnerable.
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Crossposted-To: talk.politics.crypto
Subject: Re: EAR Relaxed? Really?
Date: Sat, 25 Sep 1999 15:06:58 -0600
In article <7sggil$gn3$[EMAIL PROTECTED]>, Greg <[EMAIL PROTECTED]> wrote:
I wrote:
>
> > Note the latest ad from Apple reflecting the government's
> > philosophy that good computers should not be exported. It is
> > interests of our government foreign computers be vulnerable.
>
> Where can I see this at? Is it on the web?
>
It's playing on cable here, could be a reflected local channel. Next time
I see it, I will note the particuliars.
--
Note the latest ad from Apple reflecting the government's
philosophy that good computers should not be exported. It is
interests of our government that foreign computers be vulnerable.
------------------------------
From: Josef Hartmann <[EMAIL PROTECTED]>
Subject: free crypto C/C++ lib
Date: Fri, 24 Sep 1999 20:27:46 +0200
Reply-To: [EMAIL PROTECTED]
Hi,
does anybody know a few good C/C++ crypto libs which implement a few
block chiffers and a few public key algorithms??
Thanks
JH
------------------------------
From: [EMAIL PROTECTED] (David Wagner)
Crossposted-To: alt.security.pgp,comp.security.pgp
Subject: Re: Brute forcing salt instead of storing it (Was: Increasing password
Date: 25 Sep 1999 13:58:03 -0700
Take a look at the following two papers:
M. Abadi, T.M.A. Lomas, R. Needham, ``Strengthening passwords,''
http://www.research.digital.com/SRC/personal/Martin_Abadi/Papers/pwd-revised/pwd-revised.html
J. Kelsey, B. Schneier, C. Hall, D. Wagner,
``Secure applications of low-entropy keys,''
http://www.cs.berkeley.edu/~daw/papers/keystretch.ps
You will find that the first paper describes exactly your scheme, and
the second describes an alternate approach.
------------------------------
From: [EMAIL PROTECTED] ()
Subject: Re: steganography
Date: 25 Sep 99 21:42:23 GMT
marta ([EMAIL PROTECTED]) wrote:
: i'm looking for articles about steganography.
: please mail me links on this e-mail
: [EMAIL PROTECTED]
Due to overwhelming demand (one E-mail request; but I think I may have
recieved another one quite a long time ago) I've finally added a mere
mention of steganography to my site, at
http://www.ecn.ab.ca/~jsavard/mi0604.htm
The classical methods are there, with a brief explanation of one method of
.GIF format steganography.
John Savard
------------------------------
From: "Richard Parker" <[EMAIL PROTECTED]>
Subject: Re: free crypto C/C++ lib
Date: Sat, 25 Sep 1999 22:17:52 GMT
Josef Hartmann <[EMAIL PROTECTED]> wrote:
> does anybody know a few good C/C++ crypto libs which implement a few
> block chiffers and a few public key algorithms??
Josef,
Wei Dai's "Crypto++" C++ library contains both block ciphers and
public key algorithms. It is available at the following URL:
<http://www.eskimo.com/~weidai/cryptlib.html>
Peter Gutmann's "cryptlib" C library also contains the algorithms that
interest you. The URL is:
<http://www.cs.auckland.ac.nz/~pgut001/cryptlib/index.html>
You might also consider taking a look at the OpenSLL and GnuPG
projects. You can find them here:
<http://www.opensll.org>
<http://www.gnupg.org>
-Richard
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: Second "_NSAKey"
Date: Tue, 21 Sep 1999 20:28:45 -0600
In article <[EMAIL PROTECTED]>, "Trevor Jackson, III"
<[EMAIL PROTECTED]> wrote:
> Clearly we disagree and are basing our positions on subjectivce
> criteria. You appear to be willing to give them the benefit of the
> doubt. Based on past experience, I'm not.
>
In a local group of developers, the discussion got around to explaining
the full capacities of programs. Some admit claiming to their customers
that they are being given all of the facts when that is not the case at
all.
Playing double agent to your customers is not cleary patriotic, much less
honest,
--
Mark my return, in a somewhat limited way.
Less us keep up the good fight for reasonable laws.
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: free crypto C/C++ lib
Date: Sat, 25 Sep 1999 22:56:50 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> Hi,
>
> does anybody know a few good C/C++ crypto libs which implement a few
> block chiffers and a few public key algorithms??
>
> Thanks
What buzzwords do you want fulfill today?
Really you should be more specific. I for example believe in coding it
myself (see peekboo :)). If you want help ask you can borrow code out of
peekboo if you want.
If you want a complete lib try CryptLib 3.1 (Wai Dai ?)... just do a search
on it. It doesn't compile with djgpp but apparently lots of people like
it... bah... coding ciphers is generally not hard (xcept maybe some tedious
bit twiddlers like ICE).
Tom
peekboo - http://www.cell2000.net/security/peekboo/index.html
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Greg <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto
Subject: Re: Second "_NSAKey"
Date: Sun, 26 Sep 1999 00:23:51 GMT
> >> It can't be refuted. ever. Let's move on, shall we?
> >
> >Let's put things into perspective- Santa is too busy making
> >toys that he aint a threat to my privacy.
> >
>
> How wrong you are. He knows when you are sleeping. He knows when
> you're awake. He knows if you've been bad or good. He also keeps
> lists. Santa is a grave threat to both privacy and individual liberty.
Santa aint got my credit card numbers, my SS #, nor the number of
guns I have in the house. He doesn't know how fast I drive on the
freeway, nor does he keep track of my spending habbits. What he
learns about my being good or bad, or my sleeping habbits, most
likely is from his subscription to Voyeur Magazine.
All in all, I would say that Santa is not much of a threat to
spend my time working to shut his operation down over. But if
you are concerned of his abilities, I suggest you pull the shades
down at night. :)
P.s.- I have seen his list, and it is not impressive- children!
All of them children! When is he going to grow up?
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED] (jerome)
Subject: Re: Securing Executables
Date: 26 Sep 1999 00:35:08 GMT
Reply-To: [EMAIL PROTECTED]
On Fri, 24 Sep 1999 15:02:51 -0400, Trevor Jackson, III wrote:
>>
>> with cards who physically freeze the computer (timer included)
>> it is much harder.
>
>It is extremely hard to freeze a system totally. Typically the DRAM refresh
>cannot be frozen unless the program is running on specialized hardware (e.g.,
>SRAM). It's also hard to freeze video sync. And it's extremely hard to freeze
>a disk drive, which on older controllers may make the current sector ID
>available. If any of these become discontinuous or drift strangely you are
>under attack.
ok my words werent proper.
>Like the arms race between offense and defense, there's no ultimate or permanent
>victory. Only ongoing technology and ingenuity.
>
>Note that in a less sophisticated environment, CoreWars, I understand there's an
>unkillable program. It doesn't win much because all of its time is spent on
>defense. But I think there's a proof that it can't lose. Of course it's
>fighting a peer rather than a human. It would be an interesting form of reverse
>Turing Test to see if a human could do what a program cannot.
interesting indeed, i already though about that and in very short,
think that the difference is the human is undertiministic and so by
its errors, it creates new situations and thus is able to discover
things. whereas a computer is just able to deduce.
but it is really off topic on sci.crypt :)
------------------------------
From: [EMAIL PROTECTED] (jerome)
Subject: Re: All 15 chapters of Handbook of Applied Cryptography available for free
download
Date: 26 Sep 1999 02:13:17 GMT
Reply-To: [EMAIL PROTECTED]
thanks a lot.
i really appreciate for your effort to make your book freely
available. i like your book because it is clear and well organized.
thanks again
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: Securing Executables
Date: Sun, 26 Sep 1999 02:19:39 GMT
In article <7sb75f$f49$[EMAIL PROTECTED]>,
"Peter Johnson" <[EMAIL PROTECTED]> wrote:
> I'm designing a client/server application that will run in real-time.
> Assuming that the network traffic is secure by using strong encryption, a
> good random number generator for packet sequencing, compression, etc. how do
> I protect against an attack on the client executable?
>
> For example, if the attacker were running the executable in a debugger could
> he breakpoint at the point in which the data is sent and then backtrack to
> discover the plain text. Or simply search memory for the plain text (if
> known) and work from there?
>
> I've thought of some solutions:
>
> 1. Use something like SHA-1 to check the exe at load time for tampering.
> 2. Check with SHA-1 periodically as the client is running.
> 3. Can we check we're running inside a debugging environment and crash out?
> 4. Compress and encrypt local data files
>
> What do you think?
>
Anything legitimately used (i.e decrypted or accessed or both) by any user
can be tampered by any user. If you put a hash in their for example I can
change fhe executable and put another hash. If you use a signature I can
replace the public key ... etc..
The SMART thing todo is to only compromise data BOTH users would know anyways
and to compromise nothing of the server.
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED] (Keith A Monahan)
Subject: Re: All 15 chapters of Handbook of Applied Cryptography available for free
download
Date: 26 Sep 1999 02:20:04 GMT
Hi there,
I wanted to thank everyone involved for making that material available online!
It is an excellent resource and hopefully will generate some interest
in obtaining the physical book as well.
I know that is how I typically purchase items. If I have the ability to
really determine an items quality BEFORE I purchase it, I'm much
happier.
Thanks again,
Keith M
University of Pittsburgh
Undergraduate Computer Science
Alfred John Menezes ([EMAIL PROTECTED]) wrote:
: In the past few months, we have made available 14 chapters
: from our "Handbook of Applied Cryptography" for free download
: from our web site: www.cacr.math.uwaterloo.ca/hac/
: Our publisher, CRC Press, has generously given us permission
: to place the last chapter on the site. We have just uploaded
: Chapter 11 (Digital Signatures).
: We hope to have the appendices, bibliography, and index uploaded
: to the web site in a few weeks.
: We hope that these chapters will be of use to people in their
: cryptographic work and study. We hope that by making the chapters
: available for free download, the book will be accessible to those
: who cannot afford to buy it, and to those who may only have a
: cursory interest in the material presented in the book.
: - Alfred
: --------------------------------------------------------------------------
: | Alfred Menezes | Email: [EMAIL PROTECTED] |
: | Department of C&O | Phone: (519) 888-4567 x6934 |
: | University of Waterloo| Web page: www.cacr.math.uwaterloo.ca/~ajmeneze |
: | Waterloo, Ontario | Web page for Handbook of Applied Cryptography: |
: | Canada N2L 3G1 | www.cacr.math.uwaterloo.ca/hac/ |
: | Centre for Applied Cryptographic Research: www.cacr.math.uwaterloo.ca |
: --------------------------------------------------------------------------
------------------------------
From: [EMAIL PROTECTED] (Donald Welsh)
Subject: Re: frequency of prime numbers?
Date: Sun, 26 Sep 1999 03:00:37 GMT
On 22 Sep 1999 12:11:42 -0400, [EMAIL PROTECTED] (Patrick Juola)
wrote:
>And, of course, if he's using an inconsistent set, he can show
>anything.
Only if he's using a logic that permits fallacy of relevance.
------------------------------
From: [EMAIL PROTECTED] (Donald Welsh)
Subject: Re: frequency of prime numbers?
Date: Sun, 26 Sep 1999 03:00:37 GMT
On 22 Sep 1999 11:42:43 -0400, [EMAIL PROTECTED] (Patrick Juola)
wrote:
>But at least some of the statements *are* either true or false...
Okay. But would you agree that there are unprovable statements which
are neither true nor false?
------------------------------
From: [EMAIL PROTECTED] (Donald Welsh)
Subject: Re: frequency of prime numbers?
Date: Sun, 26 Sep 1999 03:00:38 GMT
On Tue, 21 Sep 1999 15:18:12 -0400, Jerry Leichter
<[EMAIL PROTECTED]> wrote:
>So, what Goedel really proved here was: Any sufficiently rich axiomatic
>system is either inconsistent (it can prove a false statement, hence it
>can prove *any* statement it can express);
Not "*any*" statement. There are axiomatic systems that forbid
irrelevant deductions.
> OR there are true statements
>expressible within the system which cannot be proved (within the
>system). What does "true" mean here? Just what you'd naively expect if
>you didn't know about the axiomatic method: There are no counter-
>examples to be found, no matter how hard you look.
In other words, there are no bindings of variables that make the
statement false under interpretation.
>Goedel's results are part of a stream of results, usually seen in
>retrospect as starting with Turing's proof of the impossibility of
>providing an algorithm for the Halting Problem, that show that truth and
>provability are not the same thing.
If truth and provability are not the same thing, and a system is
either inconsistent or incomplete, doesn't that imply that there are
unprovable statements that are neither true nor false, but independent
of a consistent axiomatic system? If so, why refer (as above) only to
the true statements which cannot be proved?
>(In fact, even strong results are now
>known - concering independence, and actual bounds on the size of
>provable statements (Greg Chaitin's work).)
Jerry, I'd be interested to read about that. Would you please post or
email references?
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
