Cryptography-Digest Digest #352, Volume #10 Sat, 2 Oct 99 11:13:01 EDT
Contents:
Re: Compress before Encryption ("Richard Parker")
Re: crypto export rules changing (wtshaw)
Re: on linear keyspaces (wtshaw)
Re: Yarrow + Panama: an idea (long) (Paul Crowley)
Re: Addition/subtraction mod 256 vs. XOR (Tom St Denis)
Re: on linear keyspaces (Tom St Denis)
FW: rc5-128 - Is a trivial solution possible? ("A Poster")
Re: Are small block sizes less secure? (SCOTT19U.ZIP_GUY)
Re: Compress before Encryption (SCOTT19U.ZIP_GUY)
Re: Compress before Encryption (SCOTT19U.ZIP_GUY)
Paper announcement ([EMAIL PROTECTED])
Re: ݯ��,�Ҧ��ɲߪ�,���ܦU�j�M�ͦ����ɲߦѮv,�Ϊ̷Qݯ�ɲߦѮv,�Ш쥻���n�O.
("�����P")
----------------------------------------------------------------------------
From: "Richard Parker" <[EMAIL PROTECTED]>
Subject: Re: Compress before Encryption
Date: Sat, 02 Oct 1999 08:17:35 GMT
Oops, perhaps I should mention that I'm using the notation A* to mean
the following:
A* = FM(A) = A^0 union A^1 union A^2 union ...
So {0,1}* consists of all the finite sequences of 0s and 1s:
{0,1}* = FM({0,1}) = {e,0,1,00,01,10,11,000,001,...}
-Richard
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Crossposted-To: talk.politics.crypto
Subject: Re: crypto export rules changing
Date: Fri, 01 Oct 1999 23:54:46 -0600
In article <7t34g3$fst$[EMAIL PROTECTED]>, Greg <[EMAIL PROTECTED]> wrote:
> Do I ever expect to get a license for my software? No. The app
> itself will not have any holes to penetrate, unless the NSA
> has a way around MFC.
>
Don't assume too much too fast. And, consider that incompentence is as bad
an enemy as chicanery.
--
Still a good idea from Einstein: If you can't explain something clearly to a child,
you do not understand it well enough.
So much for models of trust, they generally are ill-founded.
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: on linear keyspaces
Date: Fri, 01 Oct 1999 23:48:57 -0600
In article <7t2ti4$a97$[EMAIL PROTECTED]>, Tom St Denis
<[EMAIL PROTECTED]> wrote:
>
> And another thing is that if your routines are 'functions' (i.e reversible)
> then you can still look for patterns in the output. I could for example look
> for words or structured grammer in the output and not just ascii text. It's
> not hard, just takes linearly more time....
I would consider a better cipher as not being so easily attacked, but, I
consider most popular ciphers as on the wrong side of this.
--
Still a good idea from Einstein: If you can't explain something clearly to a child,
you do not understand it well enough.
So much for models of trust, they generally are ill-founded.
------------------------------
From: Paul Crowley <[EMAIL PROTECTED]>
Subject: Re: Yarrow + Panama: an idea (long)
Date: 2 Oct 1999 09:52:18 +0100
John Myre <[EMAIL PROTECTED]> writes:
> So suppose we have two Panama instances, um, P and Q. While
> P is busy producing PRNG output (with pull calls as needed),
> Q is busy accumulating entropy (with pushes). When we decide
> we want to reseed, we pull some out of P, push that into Q,
> and then start pulling out of Q (discarding the first 32) for
> the PRNG, and pushing entropy into P. That is, P and Q just
> switch roles. Actually we don't even need both P and Q,
> except that we want to continue to collect entropy while we
> are producing our (pseudo) random numbers.
This is the bit I don't understand. Why not just interleave "push"
operations for adding entropy with "pull" operations for extracting
it? The only tricky question is deciding whether you always need 32
"blank pulls" between each (push,pull) pair of operations.
--
__
\/ o\ [EMAIL PROTECTED] Got a Linux strategy? \ /
/\__/ Paul Crowley http://www.hedonism.demon.co.uk/paul/ /~\
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: Addition/subtraction mod 256 vs. XOR
Date: Sat, 02 Oct 1999 12:08:00 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (Mike DeTuri) wrote:
> I was wondering if there is any benefit to encrypting using addtion
> mod 256 in RC4 instead of the standard XOR. Of course, decryption
> would be subtraction mod 256. Has anyone tried this? I've searched
> DejaNews but found nothing conclusive.
>
You mean block[i] += state[(state[x] + state[y]) mod 256]; instead of the xor?
The problem there is you have to program a decryption routine. A novel
feature of RC4 is you only need two functions to use it (one to make the key,
one to encrypt/decrypt). Why make the code harder?
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: on linear keyspaces
Date: Sat, 02 Oct 1999 12:11:40 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (wtshaw) wrote:
> In article <7t2ti4$a97$[EMAIL PROTECTED]>, Tom St Denis
> <[EMAIL PROTECTED]> wrote:
> >
> > And another thing is that if your routines are 'functions' (i.e reversible)
> > then you can still look for patterns in the output. I could for example look
> > for words or structured grammer in the output and not just ascii text. It's
> > not hard, just takes linearly more time....
>
> I would consider a better cipher as not being so easily attacked, but, I
> consider most popular ciphers as on the wrong side of this.
I'm afraid you don't have an option. In a AES cipher for example you have a
1 in 65,536 of getting an ascii block out from a trial decryption. A smart
brute force (is that a contradiction?) would look for structure grammar on
each decryption (or maybe just vocab...). This takes linearly more time, not
exponential. So you will have to search with an effort of x(2^n).
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: "A Poster" <[EMAIL PROTECTED]>
Subject: FW: rc5-128 - Is a trivial solution possible?
Date: Sat, 2 Oct 1999 08:32:32 -0400
I found these in alt.security.pgp and thought that they might be of interest to this
newsgroup...
Path:
tor-nn1.netcom.ca!tor-nx1.netcom.ca!hermes.visi.com!news-out.visi.com!feed1.news.rcn.net!rcn!wn4feed
!worldnet.att.net!wnmaster2!not-for-mail
From: "John Croll" <[EMAIL PROTECTED]>
Newsgroups: alt.security.pgp
Subject: RC5-32/12/8 IS DEAD!
Date: Thu, 23 Sep 1999 14:08:28 -0500
Organization: AT&T WorldNet Services
Lines: 32
Message-ID: <7sdtn7$l1b$[EMAIL PROTECTED]>
NNTP-Posting-Host: 12.75.211.192
X-Trace: bgtnsc02.worldnet.att.net 938113575 21547 12.75.211.192 (23 Sep 1999 19:06:15
GMT)
X-Complaints-To: [EMAIL PROTECTED]
NNTP-Posting-Date: 23 Sep 1999 19:06:15 GMT
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 5.00.2314.1300
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300
Xref: tor-nx1.netcom.ca alt.security.pgp:113990
challenge: RC5-32/12/8
solution: B7 5C 0F 56 B9 8C 6A EF D1 5D 3E 56 A1 DF 39 B1
name: richard lee king jr.
address: r l king
p.o.box 236
st. bernice, in.
email: [EMAIL PROTECTED]
phone: 765-832-2916
time: 2.5 days.
method: trivial solution based on ignoring the algorithym and just
sequencing
from 32 to 90 and simultaneously doing and, or, xor, mod, to see if
coincidences showed up. i jotted down suspects which were not many.
then i descrambled the message using my hash table. once the message was
clear i applied the clear text against the cypher text to get the sub keys.
then i anded them 4 at a time. i may have a couple in the wrong order. i
have been awake a long time. please let me know if i failed and i will try
again.
secret message::
RC5-32/12/8 RAPI
D GROWTH IN FAST
COMPUTERS HAS M
ADE THIS OLD HAT
done:
Path:
tor-nn1.netcom.ca!tor-nx1.netcom.ca!newsfeed.direct.ca!wn4feed!worldnet.att.net!wnmaster2!not-for-ma
il
From: "John Croll" <[EMAIL PROTECTED]>
Newsgroups: alt.security.pgp
Subject: Re: RC5-32/12/8 IS DEAD!
Date: Fri, 24 Sep 1999 13:51:48 -0500
Organization: AT&T WorldNet Services
Lines: 24
Message-ID: <7sgh42$265$[EMAIL PROTECTED]>
NNTP-Posting-Host: 12.75.211.102
X-Trace: bgtnsc02.worldnet.att.net 938198978 2245 12.75.211.102 (24 Sep 1999 18:49:38
GMT)
X-Complaints-To: [EMAIL PROTECTED]
NNTP-Posting-Date: 24 Sep 1999 18:49:38 GMT
X-Newsreader: Microsoft Outlook Express 5.00.2314.1300
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300
Xref: tor-nx1.netcom.ca alt.security.pgp:114095
Contest identifier: RC5-32/12/16
Cipher: RC5-32/12/16 (RC5 with 32-bit wordsize, 12 rounds, and 16*8=128-bit
key)
Start of contest: 28 January 1997, 9 am PST
State of contest: ongoing
IV: a7 8b 00 e8 15 e6 2f 5d
Hexadecimal ciphertext:
i can't make keys but i have demonstrated that i
can decipher any rc5 message regardless of the
length of the key.
there is a trivial solution. it took me 4.5 hours to
crack this code. if i could program then it could
be cracked in a second. rsa is totally ignoring me.
rc5 is dead.
secret message:
rc5-32/12/16
128 bit keys make
finding it hard
Path:
tor-nn1.netcom.ca!tor-nx1.netcom.ca!hermes.visi.com!news-out.visi.com!nntp.abs.net!attmtf!ip.att.net
!wn4feed!worldnet.att.net!wnmaster2!not-for-mail
From: "John Croll" <[EMAIL PROTECTED]>
Newsgroups: alt.security.pgp
Subject: rc5-128 trivial solution
Date: Fri, 24 Sep 1999 15:08:53 -0500
Organization: AT&T WorldNet Services
Lines: 156
Message-ID: <7sglkr$g77$[EMAIL PROTECTED]>
NNTP-Posting-Host: 12.75.211.27
X-Trace: bgtnsc01.worldnet.att.net 938203611 16615 12.75.211.27 (24 Sep 1999 20:06:51
GMT)
X-Complaints-To: [EMAIL PROTECTED]
NNTP-Posting-Date: 24 Sep 1999 20:06:51 GMT
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 5.00.2314.1300
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300
Xref: tor-nx1.netcom.ca alt.security.pgp:114103
Contest identifier: RC5-32/12/16
Cipher: RC5-32/12/16 (RC5 with 32-bit wordsize, 12 rounds, and 16*8=128-bit
key)
Start of contest: 28 January 1997, 9 am PST
State of contest: ongoing
IV: a7 8b 00 e8 15 e6 2f 5d
Hexadecimal ciphertext:
secret message:
rc5-32/12/16
128 bit keys make
finding it hard
done
i can't make keys but i have demonstrated that i
can decipher at least part of any any rc5 message
regardless of the length of the key.
there is a trivial solution. it took me 4.5 hours to
crack this code. if i could program then it could
be cracked in a second. rsa is totally ignoring me.
enclosed is my cpp source for examining the relation
ship of the cypher characters to potential clear characters.
i found that if i input the correct clear character that
the out put looks different. please test my algorythim
and tell me where i am right and where i am wrong.
my code is stupid but if you examine it you see what
it does. it really does work.
i used microsoft c++.
ps.
my theory is based on the idea that each cypher character
can only represent 4 or 5 letters of plain text. after i find the
possibilities then i look at which combinations make sense.
this makes it possible to decypher normal language messages.
#include <stdlib.h>
#include <stdio.h>
#include <math.h>
#include <iostream.h>
#include <conio.h>
#include <ios.h>
void main()
{
void WaitKey(char ASCIIcode);
unsigned int n;
n=32+36;
unsigned int m;
m=95;
unsigned int o;
o=0;
int b[17];
char a;
a=1;
char f;
f=n;
printf( "ASCII %1c \n", f );
char *h[1];
h[1]="5";
f=n;
printf( "ASCII %1d \n", h );
for( int i = 1; i < 255; ++i )
{
f=n;
printf( "ASCII %1c \n", f );
printf( " PLAIN Dec %d tHex: %Xh \n", n , n );
// printf( " SUBTRACT Dec %d tHex: %Xh \n", o, o );
o= _rotl(m,n);
printf( " ROTL Dec %d tHex: %Xh \n", o, o );
o= _rotl(n,m);
printf( " RROTL Dec %d tHex: %Xh \n", o, o );
o= _rotr(m,n);
printf( " ROTR Dec %d tHex: %Xh \n", o, o );
o= _rotr(n,m);
printf( " ROTR Dec %d tHex: %Xh \n", o, o );
o= m & n;
printf( " AND Dec %d tHex: %Xh \n", o, o );
o= n & m;
printf( " AND Dec %d tHex: %Xh \n", o, o );
o= m ^ n;
printf( " XOR Dec %d tHex: %Xh \n", o, o );
o= n ^ m;
printf( " XOR Dec %d tHex: %Xh \n", o, o );
o= m % n;
printf( " MODULA Dec %d tHex: %Xh \n", o, o);
o= n % m;
printf( " MODULA Dec %d tHex: %Xh \n", o, o);
o= m | n;
printf( " OR Dec %d tHex: %Xh \n", o, o);
o= n | m;
printf( " OR Dec %d tHex: %Xh \n", o, o);
// n ++;
b[1]=139^120^18^95;
b[2]=34^184^74^250
b[3]=221 116 55 66 67 71 16 46;
b[5]=164 187 165 117 118 112 89 69;
b[7]=81 193 61 81 27 148 85;
b[9]=64 227 241 251 113 113 191 191;
b[11]=13 42 3 155 108 232 47 27;
printf( "key %Xh %Xh %Xh %Xh \n", b[1], b[3], b[5], b[7]);
printf( "key %Xh %Xh %Xh %Xh \n", b[9], b[11], b[13], b[15]);
WaitKey(0);
}
}
void WaitKey( char ASCIICode )
{
char chTemp;
chTemp = getchar();
while( chTemp != 32 )
{
chTemp = getchar();
}
}
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Are small block sizes less secure?
Date: Sat, 02 Oct 1999 13:37:53 GMT
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Johnny Bravo)
wrote:
>On Sat, 02 Oct 1999 01:52:17 GMT, [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
>wrote:
>
>> You clipped the text but that is ok. If you want proof which I doubt you
>>do. You and your asshole friends can make up a contest that is like
>>my scott19u contest and I will solve it for you. But do you have the brains
>>to make such a contest.
>> I doubt it. Your are talk and no action.
>>
>>David A. Scott
>
> In other words you have no such proof, your entire argument consists of
>unsubstantiated statements and insults. No wonder people don't take you
>seriously. You made the claim, back it up if you can.
>
> Johnny Bravo
>
No in other words I can prove mine stronger by example at least in this
areaa but obviously your todumb to understand or even create an example.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Compress before Encryption
Date: Sat, 02 Oct 1999 13:53:21 GMT
In article <[EMAIL PROTECTED]>, "Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote:
>"SCOTT19U.ZIP_GUY" wrote:
>> ... What the hell is your problem.
>
>I explained that: You're misusing a standard mathematical term,
>and an attempt to understand your intent raises the question of
>how to accurately formulate the property you're calling "one to one".
>
>> ... The "one to one" means that any file can be run through the
>> compressor and and any file can be run through the decompressor
>> so that there is a "one to one" relationship.
>
>It can't be the first part of that, which merely says that the
>programs accept any old garbage (and presumably output transformed
>garbage). And the last part is exactly what is not clearly
>expressed.
I have various forms but take the set of all fintinte binary files from
one to whatever number of 8-bit bytes MY general compression routine can take
any every such file and map (transform them ). to tanother file. Like wise
the inverse program can map any finite from one to whatever 8-bit bytes file
to another file. THe mappings are "one to one" but then you wouls have
to know something about mathematics to understanf this and you dont'
seem to. IF I am using the tem wrong. Like I have asked you more than
once what would you call it.
Oh its called compression since the hope is that most files of interest
get shorter. But you can call it something else it that is to hard for you.
...
>Maybe somebody else who purports to understand your scheme can
>re-express it precisely, in conventional terms, so the rest of
>us to whom terms such as "one to one" have their established
>mathematical meaning can understand it.
I think most real mathematicians underetand what I mean. Maybe some
one can dumb it down for you.
>A cryptanalyst, among other things.
If your a cryptanalyst I can see why your not working for the NSA you
need to learn a lot.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Compress before Encryption
Date: Sat, 02 Oct 1999 14:11:14 GMT
In article <zcjJ3.2956$[EMAIL PROTECTED]>, "Richard Parker"
<[EMAIL PROTECTED]> wrote:
>Oops, perhaps I should mention that I'm using the notation A* to mean
>the following:
>
> A* = FM(A) = A^0 union A^1 union A^2 union ...
>
>So {0,1}* consists of all the finite sequences of 0s and 1s:
>
> {0,1}* = FM({0,1}) = {e,0,1,00,01,10,11,000,001,...}
Will then you obvious don''t understand the problem.
Becasue I am only working with 8-bit byte files. so that 0,1,01,00 ...etc
that are not in mulitples of 8 bit bytes and not used.
When I took set theroy years a go a one to one mapping meant that any
member of set A maps to a member of set B. And if any member of B was
a mapping of a unique member form set A then that was a one to one
mapping.
However I see you argument for symmetric and mathematics is rich enough
that I suppose you could argue the use of several terms. The question is. Is
there a common term for the properties of compression that I am using that
has been in general use. Have you checked on any texts in compression that
talk about compressions that are "full complete mappings on the 8 bit binary
file space such that there are no gaps and that any file could be thought of
as a compressesd file or equally as a uncompressed file"?
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
From: [EMAIL PROTECTED]
Subject: Paper announcement
Date: Sat, 02 Oct 1999 13:18:47 GMT
I would like to take this opportunity to invite comments on the
following paper:
http:/www.angelfire.com/nv/papers/
that I am hosting for the author.
The main claim of the paper is a construction
using coherent optics and the wavefront
reconstruction property to solve computationally
hard problems (i.e. NP-complete and trapdoor
functions such as prime factorisation) very
quickly.
It's a very significant claim, and I understand
that the paper has been circulated amongst
researchers in the fields of both optics and
computational complexity for several months now.
No errors have been found, but the author (perhaps
understandably) wishes to remain anonymous.
Please direct all correspondence either to an
appropriate newsgroup, or to the e-mail address
given at the named site.
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: "�����P" <[EMAIL PROTECTED]>
Crossposted-To:
alt.binaries.pictures.erotica.cartoons,sci.astro,sci.chem,sci.environment,sci.geo.satellite-nav,sci.image.processing,sci.math,sci.med,sci.med.dentistry,sci.med.nutrition,sci.physics,sci.physics.fusion,sci.skeptic,seattle.general,s
Subject: Re: ݯ��,�Ҧ��ɲߪ�,���ܦU�j�M�ͦ����ɲߦѮv,�Ϊ̷Qݯ�ɲߦѮv,�Ш쥻���n�O.
Date: Sat, 2 Oct 1999 20:41:43 +0800
�����P <[EMAIL PROTECTED]> wrote in message news:...
> ݯ��,�Ҧ��ɲߪ�,���ܦU�j�M�ͦ����ɲߦѮv,�Ϊ̷Qݯ�ɲߦѮv,�Ш쥻���n�O.
> http://go.to/teisei
>
>
>
>
>
>
>
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
