Cryptography-Digest Digest #338, Volume #10 Thu, 30 Sep 99 15:13:02 EDT
Contents:
Re: Ritter's paper (SCOTT19U.ZIP_GUY)
Re: Hardest ever ECDL solved by INRIA researcher and 195 volunteers (DJohn37050)
Re: Cryptographic bit-length and the meaning
Re: Cryptographic bit-length and the meaning (DJohn37050)
Re: NEMA, Swiss cipher machine
Re: Glossary of undefineable crypto terms (was Re: Ritter's paper) (Patrick Juola)
Re: Q: Burrows-Wheeler transform ([EMAIL PROTECTED])
Re: Twofish and Leapfrog (David Wagner)
Re: Glossary of undefineable crypto terms (was Re: Ritter's paper) (Patrick Juola)
Re: Hardest ever ECDL solved by INRIA researcher and 195 volunteers (Paul Koning)
Re: Glossary of undefineable crypto terms (was Re: Ritter's paper) ("Trevor Jackson,
III")
Re: Q: Burrows-Wheeler transform (SCOTT19U.ZIP_GUY)
RSA in your own code ("Mark Reed")
Re: Schrodinger's Cat and *really* good compression ([EMAIL PROTECTED])
Re: msg for Dave Scott (Jerry Coffin)
Re: factoring with quadratic sieve (jerome)
Cryptanalysis of 2 key TDES (James Muir)
On oldy encryptions (Mok-Kong Shen)
Re: msg for Dave Scott (jerome)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Ritter's paper
Date: Thu, 30 Sep 1999 14:07:20 GMT
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Johnny Bravo)
wrote:
...
> Why would you need either a bigger key or a bigger block size? If you have
>any possible proof that either 256 bit keys or 128 bit blocks are insecure the
>crypto world would love to hear of it.
That is the kind of thinking that we suckered the germans into beliving
in WWII
>
>>But at least in some applications, such as enciphering text on a PC - say,
>>for E-mail - there is little reason to limit oneself to such a short key,
>>or such a small block size! It makes sense not to allow such a large key
>>or block size for the AES competition, since with such parameters it would
>>be too easy to make something that is - or seems - secure...
>
> There is nothing insecure about 256 bit keys or 128 bit blocks. One of the
>requirements was for the AES to work in a smartcard, we are talking about a
> 6805
But way the hell would anyone other than a fool want to use the same
encryption for all applitcations. Unless it was to aid an attacker.
>processor with as little as 64 bytes (not kilobyte)s of ram, and 2k of rom. At
>least one of the AES candidates can still encrypt a 128 bit block, with a 256
>bit key in less than 9ms under such restrictions with the processor running at
>4Mhz.
> And there is no card coded requirement for you to use a standard AES crypto
>for your email program. Many of the candidates can run keys of over 256 bits
>with block sizes of a kilobyte each. If you feel the need to, use one of
> those.
>
>>but once the advanced design principles needed to attain security under
>>such restrictive circumstances are elucidated...
>
> The restrictions are to ensure an efficient implementation with the present
>technology while still retaining enough security to prevent any foreseeable
>technology advance from compromising that security. 256 bit keys are thought
> to
>be big enough to resist attack by quantum computers(assuming we ever see one).
>The restrictions don't prevent the designs from being secure.
Really 256 bits is thought to be resistant to foreseeable attacks by
quantum computers. Sounds the kind of lies some 3 letter group would spread.
But way does one have to use something so small when history has proven
over and over that things in cryptography thought safe till the sum burned out
some how fell short of estimates. Why should this time it by any different.
>
>>well, for _practical_ use, why fail to take advantage of the maximum
>>security your computer's power can give you?
>>
>>And it's certainly true that *none* of the AES candidate ciphers even has
>>a nonlinearly key-dependent S-box with even 65,536 entries, never mind
>>524,288 entries!
>
> And none of the AES candidates requires that the sender pass along a second
>file to the recipient along a separate secure channel consisting of an amount
> of
>data equal to the size of the original message. Dave's algorithm is 100%
>useless for bank issued smart cards, it is 100% useless to email anyone I don't
>meet in person if I want to retain security.
Actually in most publuc key methods the pyblic key is so large something
much larger than the actully key is sent. Since my method can use a variable
size key you could send the key the way public key enctyption is done know.
As the key sizes get larger for public key encryption as they will do to
advacnes in factoring and whatever you then send longer keys and use my
method. No problem.
> There was nothing stopping him from submitting his algorithm if he thought it
>was good enough.
Yes there was they want it in ps I wanted to send it in Ascii so there
where many blocks. I cheased the carrot for a while but I would not have
sent scott16u it is to strong for the kind of toy cipher the AES wants to
look at.
>
> Dave's algorithm has all the limitations of the one time pad. Since the one
>time pad is already 100% proven secure, why would I use anything else than
>something already 100% secure against any and every possible cryptanalysis if
Actually the key is orders of magnitude smalles than the OTP and the OTP
is really limited to one message per key. Mine does not have that restriction
but then again you would have to know something about crypto to understand
that.
Be Brave John
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
From: [EMAIL PROTECTED] (DJohn37050)
Subject: Re: Hardest ever ECDL solved by INRIA researcher and 195 volunteers
Date: 30 Sep 1999 13:11:32 GMT
I have read the MIPS paper. You suggest MIPS years is fudgey. You suggest
"normalizing" on 32-bit operations and point out that in that case 1024-bit RSA
=161 bit ECC = 79 (?!) bits symmetric key. NIST and Certicom say 80 bits of
symmetric key.
And what about the MIPS years estimates, anyway?
Don Johnson
------------------------------
From: [EMAIL PROTECTED] ()
Subject: Re: Cryptographic bit-length and the meaning
Date: 30 Sep 99 13:30:59 GMT
[EMAIL PROTECTED] wrote:
: When something is encrypted with 8-bit there is 256 posible keys.
: How does that number climb in follow of the bit size?
: Ie. how many keys are there in a 56 bit encryption??
: And how is it calculated??
Well, suppose instead of 8 bit encryption, the key was 2 digits.
Then there would be 100 keys.
If the key was 3 digits, there would be 1000 keys. (000-999.)
With bits, the same principle applies, but since a bit has only 2 values,
0 or 1, each bit multiplies the number of keys by 2 (while a digit would
multiply by 10, and a letter would multiply by 26).
John Savard
------------------------------
From: [EMAIL PROTECTED] (DJohn37050)
Subject: Re: Cryptographic bit-length and the meaning
Date: 30 Sep 1999 14:06:40 GMT
It is exponential in the keysize. Using ** for exponentiation 3 bits has 2**3
= 8 keys.
56 bits has 2**56 different keys, etc.
Don Johnson
------------------------------
From: [EMAIL PROTECTED] ()
Subject: Re: NEMA, Swiss cipher machine
Date: 30 Sep 99 13:46:49 GMT
Frode Weierud ([EMAIL PROTECTED]) wrote:
: All other machines using wheels should be described as using
: pinwheels, code wheel etc. Hopefully, there will be less confusion this
: way.
Well, I hope so. I have neglected your advice, and there is a description
of the NEMA on my site, but it is only a couple of paragraphs (on the page
where I describe the Typex, the Fialka, and other relatives of the
Enigma). I will eagerly await your article, but I think everything I've
said checks against the simulation program and the description included
with it.
>From the very attractive photos of it on your web site, I see that it uses
a more economical type of contact than the usual spring-loaded ball
contact. That will be an interesting detail to read about in the paper.
And if there are "less straightforward" aspects of the rotor movement and
so on than I've understood, that will be interesting too.
John Savard
------------------------------
From: [EMAIL PROTECTED] (Patrick Juola)
Subject: Re: Glossary of undefineable crypto terms (was Re: Ritter's paper)
Date: 30 Sep 1999 10:35:18 -0400
In article <[EMAIL PROTECTED]>,
jerome <[EMAIL PROTECTED]> wrote:
>On 24 Sep 1999 12:28:31 -0400, Patrick Juola wrote:
>[snip]
>> On the other hand, there's no *proof* that the OTP is impervious
>> to the ouija board attack.
>
>i was just wondering what a ouija board attack ?
A Ouija board is a silly little psychic prop -- it's a board with
the letters from A-Z written on it, and a little pointer that
everyone puts their hands on and "the spirits" move the pointer
to the appropriate letters and spell a message from the Lands
Beyond or the Higher Planes or somewhere not found in an atlas.
There's no actual proof that it works, of course, and most
reputable scientists think it's a load of cobblers, but that doesn't
stop fortunetellers from using it to sell their patter. And,
of course, there's no *proof* that it *doesn't* work and that a
good fortuneteller couldn't get your plaintext from the Upper
Floors.
-kitten
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Q: Burrows-Wheeler transform
Date: 30 Sep 1999 15:10:36 GMT
SCOTT19U.ZIP_GUY <[EMAIL PROTECTED]> wrote:
> For text it is a very good cmpression. However due to the nature
> of the BWT I think that it would be hard to write a "one to one" compress
> for it. It was the second compression method I looked at and have yet
> to make progress making it one to one. So if you use it. Most of the
> time a wrong key is guessed in an attacke it will not uncompress.
The current implementations may not do it, but there's no real reason
that you couldn't make a BWT compressor that was "one-to-one". You
just need to be careful how you do the coding stage at the end -- the
rest of the transformations are clearly 1-1...
--
Steve Tate --- srt[At]cs.unt.edu | Gratuitously stolen quote:
Dept. of Computer Sciences | "The box said 'Requires Windows 95, NT,
University of North Texas | or better,' so I installed Linux."
Denton, TX 76201 |
------------------------------
From: [EMAIL PROTECTED] (David Wagner)
Subject: Re: Twofish and Leapfrog
Date: 30 Sep 1999 07:58:49 -0700
In article <pRLH3.956$[EMAIL PROTECTED]>,
Some programmers <[EMAIL PROTECTED]> wrote:
> From the S-box function in Twofish:
>
> y0 = q1[q0[q0[y2;0] Xor l1;0] Xor l0;0]
> y1 = q0[q0[q1[y2;1] Xor l1;1] Xor l0;1]
> y2 = q1[q1[q0[y2;2] Xor l1;2] Xor l0;2]
> y3 = q0[q1[q1[y2;3] Xor l1;3] Xor l0;3]
>
> Here, q0 and q1 are fixed permutations on 8-bit values.
>
> From the main function in LeapFrog:
>
> * get the T variables
> T1 = A1(p1), T2 = A2(p2), T3 = A3(p3), T4 = A4(p4)
>
> * note the T variable order
> p5 = p5 Xor A1(A1(T2 Xor T3) Xor T4)
> p6 = p6 Xor A2(A2(T1 Xor T4) Xor T3)
> p7 = p7 Xor A3(A3(T4 Xor T2) Xor T1)
> p8 = p8 Xor A4(A4(T3 Xor T1) Xor T2)
>
> p5 = (p5 + T1) And FF
> p6 = (p6 + T2) And FF
> p7 = (p7 + T3) And FF
> p8 = (p8 + T4) And FF
I have to admit I don't see the similarity.
Yes, both ciphers use S-boxes, but that's not so rare...
And the way the S-boxes are used in the two ciphers differs
in some important ways. For instance, the Twofish F-function
is bijective; LeapFrog's F-function does not seem to be.
The similarity between Blowfish and Twofish is much closer.
Take a look sometime.
------------------------------
From: [EMAIL PROTECTED] (Patrick Juola)
Subject: Re: Glossary of undefineable crypto terms (was Re: Ritter's paper)
Date: 30 Sep 1999 10:39:24 -0400
In article <7sunoe$[EMAIL PROTECTED]>,
Scott Fluhrer <[EMAIL PROTECTED]> wrote:
>In article <[EMAIL PROTECTED]>,
> "Trevor Jackson, III" <[EMAIL PROTECTED]> wrote:
>
>>jerome wrote:
>>
>>> On 24 Sep 1999 12:28:31 -0400, Patrick Juola wrote:
>>> [snip]
>>> > On the other hand, there's no *proof* that the OTP is impervious
>>> > to the ouija board attack.
>>>
>>> i was just wondering what a ouija board attack ?
>>
>>Also Known As the Karnak Atack. You hold the cipher text up to your
>>forehead and guess the plaintext. There is no possible cryptologic
>>defense against someone who can guess your message.
>
>However, with OTP, there is no way of verifying that your guess is
>right (other than, I suppose, calling the psychic pals network)
Sure there is. If I guess the message is "Ten thousand black-market
Beanie Babies will be arriving on the Ametta Too into Bedford harbor
10am Sunday morning," I can just go to Bedford and wait. When the
Ametta shows up and disgorges her cargo, I have verified my guess.
-kitten
------------------------------
From: Paul Koning <[EMAIL PROTECTED]>
Subject: Re: Hardest ever ECDL solved by INRIA researcher and 195 volunteers
Date: Thu, 30 Sep 1999 11:38:38 -0400
Medical Electronics Lab wrote:
> ...
> What's really going to be fun is to watch how the marketing
> guys go after all this. Every application has different
> requirements, and figuring out how to sell RSA vs ECC on each
> one will be hard. I think ECC is going to gain while RSA
> lags over the next 10 years, but I'm biased :-)
Actually, as of Sept 20, 2000, RSA will have a big advantage...
paul
------------------------------
Date: Thu, 30 Sep 1999 12:41:02 -0400
From: "Trevor Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: Glossary of undefineable crypto terms (was Re: Ritter's paper)
Scott Fluhrer wrote:
> In article <[EMAIL PROTECTED]>,
> "Trevor Jackson, III" <[EMAIL PROTECTED]> wrote:
>
> >jerome wrote:
> >
> >> On 24 Sep 1999 12:28:31 -0400, Patrick Juola wrote:
> >> [snip]
> >> > On the other hand, there's no *proof* that the OTP is impervious
> >> > to the ouija board attack.
> >>
> >> i was just wondering what a ouija board attack ?
> >
> >Also Known As the Karnak Atack. You hold the cipher text up to your
> >forehead and guess the plaintext. There is no possible cryptologic
> >defense against someone who can guess your message.
>
> However, with OTP, there is no way of verifying that your guess is
> right (other than, I suppose, calling the psychic pals network)
Well, objectively you're correct. But my understanding of the psychic
process is that one "Just Knows" and objective confirmation is
superfluous.
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Q: Burrows-Wheeler transform
Date: Thu, 30 Sep 1999 17:25:52 GMT
In article <7svuhc$[EMAIL PROTECTED]>, [EMAIL PROTECTED] wrote:
>SCOTT19U.ZIP_GUY <[EMAIL PROTECTED]> wrote:
>
>> For text it is a very good cmpression. However due to the nature
>> of the BWT I think that it would be hard to write a "one to one" compress
>> for it. It was the second compression method I looked at and have yet
>> to make progress making it one to one. So if you use it. Most of the
>> time a wrong key is guessed in an attacke it will not uncompress.
>
>The current implementations may not do it, but there's no real reason
>that you couldn't make a BWT compressor that was "one-to-one". You
>just need to be careful how you do the coding stage at the end -- the
>rest of the transformations are clearly 1-1...
>
OK let me ask you a question suppose that I have sequenced that is
defined by "AAABBB" this sequence was arrived at by someone
using the wrong key by decryption. (make the index point to first entry if you
want) know to get the reverse transform one creates two columns in this
case the two columns are identical and all you have is A is before A and B is
before B. The file could not be hte result of a BWT transform so it clearly is
not reversaable. Note BWT counts on compressing the column that is a result
of the BWT so to be fully reversable one would need to define a reverse for
a random set of characters. I hope I am wrong please show me. I lived in
Missouri.
how do you do the reverse traansform
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
From: "Mark Reed" <[EMAIL PROTECTED]>
Subject: RSA in your own code
Date: Thu, 30 Sep 1999 14:11:32 -0400
Are you allowed to write a program that implements say 512 bit RSA
encryption
in the US? Its so darn easy to do ;) I dont see why we cant have better
encryption (and i dont understand the laws)
Taking a CS class on algorithms so we did RSA and such fun stuff :)
Mark
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Schrodinger's Cat and *really* good compression
Date: Thu, 30 Sep 1999 16:43:48 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (John Savard) wrote:
> Alan Braggins <[EMAIL PROTECTED]> wrote, in part:
>
> >One explanation I've seen is that the cat is just as good an observer
> >and causes a collapse inside the box, but leaves the box as whole in
a
> >superposition. Then when the box is opened there is another collapse,
> >but the cat/box/experimenter system is still in a superposition. Then
> >when the lab door is opened and someone else asks "How's the cat?"
> >there is another collapse. Then when the paper is published there is
> >another collapse for each reader who previously didn't know what
state
> >the cat was in, and so on, ad infinitum.
>
> Actually, opening the lab door won't cause a collapse; that collapse
> will have happened beforehand, unless the lab was *very* well
> insulated.
The wave function collapses no matter whether the door is very well
insulated or not.
My understanding is this: the wave function collapses when it can be
observed. In other words, when information is emitted then, trivially,
the probabilistic wave function disappears. No human observer, or
feline observer, or sentient observer is necessary for this to happen.
Schroediger's cat is really either dead or alive. We, outside the box
don't know for sure. A fly inside the box knows. The air inside the box
"knows" too (it is cold, so the cat is dead). The wave function
collapsed long before we opened the box. For the same reason a quantum
computer doesn't require "observers", it only requires processes that
can be observed.
The wave function is a property of matter. I don't think it is right to
say that each time we find out something, a wave function collapses. It
is not our personal act of observing that collapses the wave function.
It is the other way around: when a wave function collapses (but not
only then) information is created and therefore it is possible for us
to find out something. Or: every time information must be created (e.g.
a photon - or a bullet - strikes a wall) then its wave function
collapses.
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED] (Jerry Coffin)
Subject: Re: msg for Dave Scott
Date: Thu, 30 Sep 1999 11:02:59 -0600
In article <7svi25$qb8$[EMAIL PROTECTED]>, [EMAIL PROTECTED]
says...
[ ... ]
> > Hmmm...I guess it depends on how you define "popular." There are
> > certainly a LOT of people who write programs using encryption that's
> > readily crackable. Most of their web sites contain all manner of rave
> > reviews, and many of them seem to sell quite a few copies of their
> > garbage.
>
> Just what are you alluding to here? That my program is garbage?
How in the world could you get that idea? I talk about web sites
where programs are sold. At least the last I heard, you have no web
site, and you give your program away.
Rest assured that if I'd intended to flame you/your program, you
wouldn't have to guess about it at all. Unfortunately, as one PR
person once said, there's no such thing as bad publicity. Thus, I
prefer to refrain from mentioning the names of the garbage programs in
case somebody happens to remember the name but forget that I said it
was trash and figures that it's something they've heard of before, so
maybe it's better than those others they don't recognize...
> Thanks for
> the review, I bet you haven't even seen it yet. Oh well.
In case you'd forgotten, I have seen it -- in fact you emailed me the
source-code yourself. If I'd seen a major problem with it, I would
have sent you a reply telling you about it.
You do seem to be getting a bit sensitive about the situation though.
Just as a personal suggestion, you might want to think of something
unrelated to computers to do for a little while, simply to give
yourself a chance to unwind a bit. This time of year I personally
find a hike in the mountains to be particularly efficacious, but of
course everybody has their own idea of how to relax.
> I think what I was trying to say (about 3 days ago) is sure you can break RC5
> with 2^53 known plaintexts ...etc or Blowfish with 3x2^51 ... etc... but you
> can't use that to break a msg of only 10 blocks. Which is why brute force
> would be the only real attack against the symmetric cipher.
Keep in mind that most of the attacks that require large amounts of
known plaintext (or chosen plaintext, related keys, etc.) are
statistical in nature: you collect information on one block and that
gives you an indication that some bit in the key is a tiny bit more
likely to be a one than a zero or vice versa. After you put together
enough of these tiny chances, you get a pretty strong indication of
what a particular bit in the key is likely to be.
There is, however, no hard and fast lower bound on the amount of text
needed to collect _some_ information about the key, and improve your
chances over a brute-force attack at least somewhat.
In fairness though, you're absolutely correct that with most modern
ciphers, trying such an attack using only 5 or 10 blocks is going to
be a complete waste of time -- you're simply not improving your
chances enough that you're at all likely to notice a difference in the
final search time.
--
Later,
Jerry.
The universe is a figment of its own imagination.
------------------------------
From: [EMAIL PROTECTED] (jerome)
Crossposted-To: sci.math
Subject: Re: factoring with quadratic sieve
Reply-To: [EMAIL PROTECTED]
Date: Thu, 30 Sep 1999 17:33:14 GMT
i found it in factor.c/initv()/line1078 of the miracl sources.
with d = number of digits (radix 10) of the number to factor
if d > 20 use a factor base of (d^4)/4096 elements
if d >= 8 && d <= 20 use a factor base of 25 elements
if d < 8 use a factor base of d elements
does it seems reasonable to those who have experience in factoring ?
On Thu, 30 Sep 1999 04:49:49 GMT, Clifford Stern wrote:
>
>factor.exe from Shamus Software does it automatically for numbers up to
>82 digits (and extending partially into the 83-digit range). Perhaps you
>can obtain the answer to your question by studying the source code. The
>following is taken from the output when executed without an argument on
>the DOS command line:
------------------------------
From: James Muir <[EMAIL PROTECTED]>
Subject: Cryptanalysis of 2 key TDES
Date: Thu, 30 Sep 1999 17:33:39 GMT
I am curious about the complexity of the best known attack on 2 key
triple DES.
I have recently read that the best known attack on 3 key triple DES
uses a known plaintext / meet in the middle technique requiring 3
plaintext/ciphertext pairs, 2^113 steps of analysis, and 2^56 memory.
Certainly this attack can be applied to 2 key TDES, but intuitively it
seem as though there should be a short cut which exploits the fact that
K1=K3.
Does anyone know of an attack on two key TDES with a lower complexity
than the one above?
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: On oldy encryptions
Date: Thu, 30 Sep 1999 18:56:40 +0200
In the old days most secret messages were very short and infrequent
and employed only the normal alphabet and spaces in the texts were
usually omitted. For binary representation of such stuffs 5 bits for
each character is obviously sufficient. Even for transmission of
normal texts with a much larger character set, 5-bit telegraphic
code served fairly well in the sixties, with shift keys helping
to extend the coding space beyond what is directly representable
with 5 bits.
I often wonder whether the time has indeed so drastically changed
our world that nowadays really top secret messages can no longer be
written except through pushing several megabytes down the
communication channels. If the messages are of the oldy style and
infrequent and the 5-channel telegraphic code is used, how easy
really is the job of the analyst, if a (general) polyalphabetic
substitution is used, together with sufficiently good key management
and frequent change of the substitution table? It is also fairly
easy to employ homophones for a few critical keys and even to
implement digram substitution (10 bit to 10 bit instead of 5 bit
to 5 bit). Evidently, almost every least-educated criminal of our
time can do this sort of things with a PC and probably quite well.
How many percent of the huge funds for national or international
crime control would be needed in order to develop a good tool for
the law enforcement to effectively crack such 'trivial and
primitive' (relative to state-of-the-art technology) encryption
systems? As to the minority of crimials hiving high IQ, what
hinders them from using quadruple or quintuple AES, despite
Wassenaar and other regulations that for some plain or secret
reasons are reportedly going to be relaxed?
M. K. Shen
==========================
http://home.t-online.de/home/mok-kong.shen
(Origin site of WEAK2-EX, WEAK3-EX and WEAK4-EX, three
Wassenaar-conform algorithms based on the new paradigm Security through
Inefficiency.)
------------------------------
From: [EMAIL PROTECTED] (jerome)
Subject: Re: msg for Dave Scott
Reply-To: [EMAIL PROTECTED]
Date: Thu, 30 Sep 1999 18:12:47 GMT
On Thu, 30 Sep 1999 11:34:03 GMT, Tom St Denis wrote:
>
>Yeah but with only 10 blocks or so?
>
your prog is made to crypt only 10 blocks per key ?
btw: with only 1 block, even a caesar cypher is unconditionaly secure
with a random key.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
