Cryptography-Digest Digest #510, Volume #10 Fri, 5 Nov 99 03:13:03 EST
Contents:
Re: The Beale Mystery (korejwa)
Re: Build your own one-on-one compressor (Don Taylor)
Re: DVD Encryption Broken by Norwegians! (Tom St Denis)
Re: Steganography Academy (korejwa)
Re: Some humble thoughts on block chaining
Nova program on cryptanalysis -- also cipher contest (Jim Gillogly)
Re: Q: Removal of bias ([EMAIL PROTECTED])
Re: "Risks of Relying on Cryptography," Oct 99 CACM "Inside Risks" column
([EMAIL PROTECTED])
Re: How protect HDisk against Customs when entering Great Britain (pgp651)
----------------------------------------------------------------------------
From: korejwa <[EMAIL PROTECTED]>
Subject: Re: The Beale Mystery
Date: Thu, 04 Nov 1999 22:46:49 -0500
Reply-To: [EMAIL PROTECTED]
Ertborbob wrote:
> Can anyone please post some information about the pirate named Beale who
> supposedly has treasure buried in Virginia or direct me to some information?
> Thank You
You mean Thomas Beale was a pirate? Where did you hear about that? I never
heard that he was a pirate - it almost sounds like someone is building on the
legend. Please tell me your source.
I have the three ciphertexts, but I assume you already have those. The Beale
papers are almost certainly a fraud.
-korejwa
------------------------------
From: Don Taylor <[EMAIL PROTECTED]>
Subject: Re: Build your own one-on-one compressor
Crossposted-To: comp.compression
Date: 4 Nov 1999 22:10:28 -0600
In comp.compression SCOTT19U.ZIP_GUY <[EMAIL PROTECTED]> wrote:
> In article <3820e4ad$[EMAIL PROTECTED]>, Don Taylor <[EMAIL PROTECTED]>
>wrote:
...
>>Consider the following dictionary
>>
>> a 1
>> apple 2
>> banana 3
>> house 4
>> ...
>>
>>Now, I claim that the dictionary contains all the words that might be
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>>used in messages, we just mandate that it contains the vocabulary that
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>>people will use for messages.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
...
>>It is guaranteed that it is 1-1.
...
>>All the questions about whether the message is maintained by any number
>>of translations back and forth is settled in a single stroke.
> IF you ordered these 16 bit wordrs so that in hex 00 00 was in general
>the most commmon occuring token then 00 01 and 01 00 and 01 01 where
>the next most common token where you increase and use the next available 8 bit
>token to build this table and so on. So that the table is order based on some
>standard english text. Build your compressor to convert the english only
>words to something like this. Then used a FIXED HUFFMAN TABLE not
>my adaptive huffman table as the starting table.
All this seems to be related to just manipulating the representation of
the codes. I agree. As I said, it seems clear that such things can be
done in a way to make this work, and probably in lots of ways to make
this work. But it's just representation. If someone can find a terrific
way to do this then all the better.
...
> The main disadvantge is that only 2^16words can be used but for most messages
>this should be ok. Since even in WWII the navjho code talkers had to use
>concepts in the language for words that where not in the language. You may
>have to write a program that converts words not in the language to strings of
>letters. This would take away from some of the 2^16 symboles. It would also
>mean people who such like me and can't spell worht a shit will me more apt
>to have longer messages unless some sort of specail spell checker built in.
Three things. If you like make it 2^24 words. All the claims still hold.
Second, I tried to be clear. Above I highlighted with "^^^"s the explicit
claim. The dictionary contains what you can send. That's it. If there is
no code for 'specail' then there is no translation of it and there is no
claim about any of this. As it said, the dictionary IS the vocabulary.
I'm sorry if I was not sufficiently clear in this.
Third, you have not specified exactly how you might implement this
extension to allow words outside the dictionary to be encoded but I
think that doing this requires some degree of care or it will destroy
exactly the 1-1 property that started this whole exchange.
It seems that if you JUST allow for codes to spell out words that are
not in the dictionary then you would send, using one of your example
misspellings
W-code O-code R-code H-code T-code (to send your 'worht')
and the person at the far end would then be able to send
W-code O-code R-code T-code H-code
back and have it potentially retranslated into
WORTH-code (since the word WORTH is in the dictionary)
and sent back and thus your 1-1 property has been violated.
Now I believe after having thought about this fairly carefully for a while
that I can demonstrate that it is possible to avoid such problems but it
seems that it has to be done carefully, to avoid exactly such problems.
Again, sorry if I was not sufficiently clear about this
don
-----------== Posted via Newsfeeds.Com, Uncensored Usenet News ==----------
http://www.newsfeeds.com The Largest Usenet Servers in the World!
======== Over 73,000 Newsgroups = Including Dedicated Binaries Servers =======
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto,talk.politics.misc
Subject: Re: DVD Encryption Broken by Norwegians!
Date: Fri, 05 Nov 1999 04:06:55 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> DVD Encryption Broken by Norwegians!
>
> Can you please help me.
>
> Email me the Norwegian web site address where the free program to
remove
>
> the encryption from a DVD video disc and copy the unencrypted video to
> my
> hard drive can be downloaded?
>
> The site may shut down before I can download the program. Can you
make
> a copy of the program just in case so I can still get it from you if
> necessary?
>
> Many thanks.
For someone trying to maintain a professional manner you are failing
miserably.
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: korejwa <[EMAIL PROTECTED]>
Subject: Re: Steganography Academy
Date: Thu, 04 Nov 1999 23:18:13 -0500
Reply-To: [EMAIL PROTECTED]
JPeschel wrote:
> It, like his main site and other mirrors, has been attacked by hackers
> for over a year.
>
> It seems Fravia "froze" his main mirror around October 11.
>
> None of the mirrors, as far as I know, has ever included the advanced
> steganography page. I had an essay there, but it only explained
> the way I cracked a Steganos carrier image. Other essays, in particular
> those by Flynn and Massimiliano, included source code for cracking
> Steganos and Contraband carriers.
>
> Joe
> __________________________________________
>
> Joe Peschel
> D.O.E. SysWorks
> http://members.aol.com/jpeschel/index.htm
> __________________________________________
Joe:
I would be interested in reading your essay, if you still have it.
Although I have also "cracked" Fravia's Steganos Image, you may have done it
in a different way and know things which I do not.
Jean Flynn mentioned "Siko's Method" on the "Light" version of his essay
available on all the Fravia Mirrors. Are you able to describe this method?
-korejwa
------------------------------
From: [EMAIL PROTECTED] ()
Subject: Re: Some humble thoughts on block chaining
Date: 5 Nov 99 04:15:18 GMT
Douglas A. Gwyn ([EMAIL PROTECTED]) wrote:
: John Savard wrote:
: > It is a fact, though, that most of today's stream ciphers do just XOR
: > to a plaintext bitstream, ...
: I don't know where you get that idea, but that is not true of
: military-strength stream ciphers.
I should be clearer. Most of the stream ciphers discussed in the open
literature seem to do this; I can't recall one example of a stream cipher
- other than non-ECB modes of block ciphers - in Applied Cryptography that
does otherwise.
Terry Ritter seems to be just about the only one out there to be working
with stream ciphers that involve whole-byte substitutions.
It may be that there are numerous proprietary stream ciphers that were
patented in the 70s that do involve whole bytes, and of course rotor
machines aren't usually binary (SIGCUM excepted...). Of course, it goes
without saying that I am discussing only cipher systems whose
specifications are publicly known; I "only know what I read in the
papers", and am quite happy not to be burdened with secrets that I bear
the responsibility of keeping.
It is definitely true at present that there seems to be this huge gap
between 64-bit block ciphers and PRNG stream ciphers, with nothing much in
between. That is the impression one gets from AC and from the open
literature in general.
John Savard
------------------------------
From: Jim Gillogly <[EMAIL PROTECTED]>
Subject: Nova program on cryptanalysis -- also cipher contest
Date: Fri, 05 Nov 1999 04:43:00 +0000
Nova, a PBS program, will be airing the first show in a WW2 cryptanalysis
series on 9 Nov, next Tuesday. It includes material from the popular
British series "Station X", about the work of Bletchley Park in breaking
Nazi ciphers. The related web page is http://www.pbs.org/wgbh/nova/decoding/
I prepared a cipher contest for them with a flavor of WW2 hand ciphers,
partly inspired by "Between Silk and Cyanide", and partly by some research
I did in NSA's "Open Door" materials last month at the National Archives.
Solve one of the ciphers and you're in the pool to win stuff, but nobody can
win for more than one cipher. There's a two-week time frame.
I won't be able to discuss attacks and solutions until after the contest
ends, but do send in your solutions and explanations, and Nova will forward
them on to me for checking.
--
Jim Gillogly
15 Blotmath S.R. 1999, 04:37
12.19.6.12.3, 4 Akbal 11 Zac, Ninth Lord of Night
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Q: Removal of bias
Date: Fri, 05 Nov 1999 04:35:18 GMT
Mok-Kong Shen wrote:
> Suppose one does a frequency count and finds that there is quite
> a bit deviation from uniform distribution
So you rule out a generator if the frequency count
is far enough from the expected value to reject
the hypothesis that all sequences are equally
likely?
> and applies different
> methods to obtain a sequence of improved distribution, I like to
> know which method is better, i.e. how they compare with one another
> in practice, including also the computational costs.
A large range of methods pass the test. Since
the test doesn't distinguish any of them, we have
to say that in practice they tie. For example,
take enough of the input stream that we expect
128 bits of entropy, hash it with SHA-1 and key
RC-4 with the digest. Output the RC-4 stream.
In practice the method works well and efficiently
for producing an unbiased stream from a biased
one. Practice can be so misleading.
--Bryan
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: "Risks of Relying on Cryptography," Oct 99 CACM "Inside Risks" column
Date: Fri, 05 Nov 1999 05:18:13 GMT
Terry Ritter wrote:
>
> [EMAIL PROTECTED] wrote:
> >You certainly have heard such a suggestion. Yes, you
> >failed to consider the chosen cipher attack, and now
> >it seems that you confuse failure to recognize the
> >problem with not having it.
>
> A "chosen cipher attack" would imply that the opponent could choose
> the cipher to be used. That is not possible here.
>
> Under my proposals (multi-level ciphering, dynamically changing
> ciphers, and many ciphers), the cipher would be chosen at random from
> the set of ciphers acceptable to both ends. The cipher lists may or
> may not be secret, but the negotiation and selection *would* be
> secret. This process would be conducted under cipher.
One more time: secret is not the issue. Authenticated
is the issue. One side can certainly make a random
choice, but your method calls for them to agree, and
thus the choice must be influenced by messages between
them. You have simply assumed the choice would be
random, without ever presenting how they ensure it
will be random when an attacker may modify the messages
that influence the choice.
[...]
Ritter:
> >> On the contrary, I have suggested
> >> that each user be able to create a list of ciphers they will
accept,
> >> and then negotiate agreement -- automatically, in the background,
and
> >> secretly, under the cover of cipher. This would be an ordinary
> >> handshake selection, not a cryptographic protocol, but nevertheless
> >> clearly neither exposed to nor under the control of the opponents.
> >> How is that related to the adversary choosing the cipher?
> >
> >As I noted some time ago, your writings made the point
> >that the choice of cipher was secret, but were clearly
> >oblivious to the fact that authentication of the choice
> >is more important.
>
> OBVIOUSLY, any cipher code can be compromised. [...]
Whether an authentication code be compromised is
beyond the scope of the protocol. The point is the
need for authentication and its absence from your
proposal.
> >The details of your protocols have
> >never appeared, so we cannot tell whether the attack
> >would work. The fact that you still compare the
> >negotiation of the cipher to modem protocols, and call
> >it "an ordinary handshake selection, not a cryptographic
> >protocol" is rather ominous.
>
> How hard do you want to make this?
>
That could be the mantra of designers of failed
protocols.
> Selecting a cipher from among a list of approved ciphers simply does
> not require a cryptographic protocol. I'm sure we could do all sorts
> of fancy things, and it may be that the selection channel should have
> additional protection. But the selection itself is straightforward.
> It is just like two people talking. It is unimportant which cipher we
> select, as long as both ends agree. The idea is not to select the
> "best." Indeed, we want to *avoid* selecting "the" best cipher, so
> that we can select arbitrarily from among a rather large set.
A communications protocol specifies the procedure
each node executes, including the messages it sends
and its response to each possible message received.
The attack people are pointing out is one in which
the adversary looks at the protocol, and tries to
find how he can alter the messages to influence the
choice of cipher towards those that he would prefer.
It does not weaken the choice to below the strength
of weakest cipher that the sender would agree to use.
Whether such attacks would work depends upon the
protocol, and yours has never appeared.
--Bryan
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
Date: 5 Nov 1999 06:31:36 -0000
From: pgp651 <[EMAIL PROTECTED]>
Subject: Re: How protect HDisk against Customs when entering Great Britain
Crossposted-To:
alt.security.pgp,comp.security.pgp.discuss,comp.security.pgp.tech,alt.privacy,alt.privacy.anon-server
=====BEGIN PGP SIGNED MESSAGE=====
To all offended by my cross posting, I'm very sorry for what you are feeling.
My intention was & is to receive help from 2 groups of people [ Privacy & PGP
]. I do not consider cross posting to be bad when someone need help.
I do need advise & cross posting to 2 different groups of people indicates that
this is serious one.
What I will have at crossing ? The PC [ notebook with 8GB HD, about 1GB free ],
CD-RW drive, CD-RW disks.
The steganography looks like not very practical with this amount of info.
The amount of info is not small, it is mostly adult oriented. It should be
legal by USA, Denmark or Germany standard to. With adult oriented content you
never know what these fuckers will consider appropriate & what will consider
inappropriate. I'm not trafficker, my intention is not to transport it to GB. I
could stay longer than planed & this is my data which I like to have with me
all the time. The is nothing inappropriate on the HD. The other part of the
data that is very sensitive & for my view only, does not comprise huge amount
of space. It can be hold by ZIP floppy disk.
I do not know what they are looking for but it's very likely they are looking
for GIF, JPG, MPEG & very likely with child pornography content. This type of
info [ visuals ] can be very easily recognized by file type signature imbedded
in it. The article described actual procedure in place. At scanning the
suspected data is displayed on the screen. With the past & recent child
pornography paranoia associated with NET, this is very likely content they are
looking for. With visual content, as opposite to the text content, automatic
search can only render & isolate possible objects.
I downloaded Scramdisk today & will go over it this weekend. It looks to me
that it presents the best option combining encryption & camouflage. I'm
considering to use the bait approach [ lose a fly to catch a fish ] with not
very sensitive private information encrypted by PGP to create small amount of
my resistance in decrypting for them & bypassing large amount protected by
Scramdisk.
Apparently they can not scan anything except DOS & WIN, but this is not
reliable state, any time soon this status can change. Do you know more details
how potential innocent suspects are selected, how this scan is made ?
What do you think ? Will small bait work ?
But what this all is about. Why me, why every traveler with computer at hand is
a suspect of illegal content trafficking ? It starting to look like the current
Florida legal innovation, claiming every running person [ suspect ? ] will be
consider as potential crime suspect & handled appropriately.
Don't we all have the right to privacy ? Lets fuck Customs scanning every
traveler PC.
Any practical methods to camouflage encrypted Scramdisk folders ? What to do,
How to do, What tools to use ? When you can, be as practical as possible [
links will help ].
Let start they blood run.
=======
[EMAIL PROTECTED]
PGP key at http://www.mit.edu:8001/finger?[EMAIL PROTECTED]
============================================================================
On 4 Nov 1999 22:06:21 -0000 , pgp651 <[EMAIL PROTECTED]> wrote
>I'm considering to be crossing border of Great Britain [ GB ] very soon on
>business & pleasure trip.
>My friend did tell me that GB is scanning in / out coming computers for some
>specific data / images / information. I'm privacy advocate & can not allow this
>invasion of privacy to occur to me & my possessions.
>I'm using PGP day in / day out but excluding PGPdisk. I'm protecting my files
>by PGP on folders or / and individual files routinely.
>
>I need now to implement more advance disk protection to protect myself when
>entering GB.
>- From my knowledge, we have 2 comparable products : PGPdisk & Scramdisk.
>Please
>provide advise which I should implement to achieve the best hide & camouflage
>results.
>
>The points of interest are:
>- - I do not like to create precedence at the border.
>- - Very possible, when Customs can not scan / read info, they may opt for
>detention / seizure & this will ruin my trip.
>- - The best will be to camouflage the encrypted disk / partition / folders and
>not to have encrypted disk / partition / folders readily visible / recognize by
>Customs Scan as ENCRYPTED.
>- - I need the appropriate balance between encrypt & camouflage.
>- - Where the camouflage should play more important role than encryption.
>- - I'm encrypting now my files but I'm not implementing camouflage technique.
>- - Should be applicable to HD, CD-rom, CD-RW, CD-R [ Iomega ZIP when possible
>]
>
>With the above preferences what I should implement to protect my privacy ?
>Any other techniques should I use ?
>
>=======
>[EMAIL PROTECTED]
===================================================================
=====BEGIN PGP SIGNATURE=====
Version: N/A
iQCVAwUBOCJ24ASqer1ykwjnAQETygQAj6svunj36FHUtx3PUXBsfVWd2Zo0CpCs
e5AEy4d8epJxGvTq6t6Hyp1oXBSQ2AmCHXBVkZS6I4JhjtVAwr9MBViRiSJEapPv
P4Up2cDsuZt6BCfuto1ySMam5tvDwZuy/lbjXY1lqCdhsAJcyIRgDWkQCLt5VFxO
j0Vb7JI4Kic=
=y+Ry
=====END PGP SIGNATURE=====
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
