Cryptography-Digest Digest #513, Volume #10 Fri, 5 Nov 99 15:13:06 EST
Contents:
Re: How protect HDisk against Customs when entering Great Britain (Gurripato)
Re: The Code Book ("Simon Birt")
Re: The Code Book Mailing List ("David Pearce")
Re: Nova program on cryptanalysis -- also cipher contest (wtshaw)
Re: Nova program on cryptanalysis -- also cipher contest (John Savard)
Re: PGP Cracked ? (Patrick Juola)
Re: The Code Book ("Sandy Macpherson")
Re: Bit/byte orientation in SHA-1 (Paul Koning)
Re: PGP Cracked ? (Matt Curtin)
Re: How protect HDisk against Customs when entering Great Britain ("Douglas A. Gwyn")
Re: The Code Book Mailing List ("Sandy Macpherson")
Re: An encryption proposal from a Newbie... <- A modification ("Douglas A. Gwyn")
Re: Lenstra on key sizes (Bob Silverman)
Re: Steganography Academy ("Douglas A. Gwyn")
Re: my own crypt function (Bob Silverman)
Re: Nova program on cryptanalysis -- also cipher contest (John Kennedy)
Re: Lenstra on key sizes (Bill McGonigle)
Re: Proposal: Inexpensive Method of "True Random Data" Generation (Bill McGonigle)
Re: How protect HDisk against Customs when entering Great Britain (Patrick Juola)
Re: The Code Book ("Douglas A. Gwyn")
Re: The Code Book Mailing List ("David Pearce")
Re: The Code Book Challenge ("David Pearce")
----------------------------------------------------------------------------
From: [EMAIL PROTECTED]=NOSPAM (Gurripato)
Crossposted-To:
alt.security.pgp,comp.security.pgp.discuss,comp.security.pgp.tech,alt.privacy,alt.privacy.anon-server
Subject: Re: How protect HDisk against Customs when entering Great Britain
Date: Fri, 05 Nov 1999 15:23:50 GMT
On Fri, 5 Nov 1999 08:15:01 +0000, Andrew Brydon
<[EMAIL PROTECTED]> wrote:
>Once upon a time, pgp651 <[EMAIL PROTECTED]> wrote
>>
>>Don't we all have the right to privacy ?
>
>And don't all the children in the world have the right not to be
>molested and abused? That is why they scan (though I had not heard of
>it being done).
>
They do. But they can�t be used as an excuse to enact
legislation that would harm citizens' rights in the long turn.
In Spain one of the top news today is about the discovery of a
16-years-old girl who was murdered and whose corpse has been found.
As it is believed that the murderer is from the same town, a DNA test
is being required, and many tonwpeople are voluntarily joining in. I
don�t know what the results will be. But if the sampling leads to the
murderer being found, does it mean that a natiowide DNA should be
established? Yes, a hundred murderers will be sentenced and people
will feel happy in the short run; but the potential privacy concerns
are far more serious that what it seems.
Didn�t Franklin say something like "those who sacrifice
liberty to ger some security will get none and will deserve none"?
Beware of the man who sells you Orwellian dreams for the sake of
security.
------------------------------
From: "Simon Birt" <[EMAIL PROTECTED]>
Subject: Re: The Code Book
Date: Fri, 5 Nov 1999 16:10:21 -0000
Am I then correct in assuming that each of our n hundred symbols (be they
digrams trigrams or whatever) should appear an equal number of times in the
ciphertext?
Sandy Macpherson <[EMAIL PROTECTED]> wrote in message
news:7vuq8f$qap$[EMAIL PROTECTED]...
> My apologies: it reads like gibberish to me as well now. What I meant to
> draw your attention to is this:
> in creating a homophonic substitution cipher, the cryptographer bases the
> distribution of homophones according to the frequency that each
(plaintext)
> letter occurs. Since the total of all these frequencies must equal 100%,
it
> follows that the number of homophones in the ciphertext will be 100, or a
> multiple thereof.
> The cryptanalyst, working on the assumption that the ciphertext is a
> homophonic substitution cipher, will examine the ciphertext, looking for
> homophones, on the basis that the number of homophones is a multiple of
100.
> So, if the ciphertext contains 26 letters of the alphabet, 10 digits, and
64
> other symbols like ! " � $ ^ %& * ( ) }{ [ ] + =, etc., the cryptanalyst
> might assume that each character in the ciphertext is a homophone - since
> the total number of different characters in the cyphertext equals 100.
> Consulting a frequency table, the cryptanalyst then proceeds on the basis
> that 16 of these characters represent the letter 'a', 2 represent 'b',
and
> so on. Which is to say, "you're looking for a collection of ciphertext
> representations of letters in this text that is approximately divisible by
> 100." : )
------------------------------
From: "David Pearce" <[EMAIL PROTECTED]>
Subject: Re: The Code Book Mailing List
Date: Fri, 5 Nov 1999 16:09:12 -0000
Oooh, shirty! It strikes me that this is precisely the most appropriate
place to discuss this. It's an interesting topic, and is likely to be of
interest to a wide range of people. The onelist you just created as a
diversion is not fooling me. Also, mailing lists are a pain, if you use
email for more serious things like work.
You will have to get over this aversion to newbies, 'Sandy'.
DHP
Sandy Macpherson <[EMAIL PROTECTED]> wrote in message
news:7vurnk$r5k$[EMAIL PROTECTED]...
> It strikes me that sci.crypt may not be the most appropriate place to
> discuss the "Cipher Challenge", so for anyone who's interested, there's
now
> a mailing list which you can join by going to
> http://www.onelist.com/subscribe/CipherChallenge. Newbies especially
> welcome!
>
>
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: Nova program on cryptanalysis -- also cipher contest
Date: Fri, 05 Nov 1999 12:17:34 -0600
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (John Savard) wrote:
>
> So this *is* a new show! Well, I'll be rushing to tune in.
>
Same here. Digging into the history will probably never recover
everything, but the more the merrier.
--
Those who think that all useful encryption is done in binary
are destined to be thought of as mere bit-players.
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Nova program on cryptanalysis -- also cipher contest
Date: Fri, 05 Nov 1999 16:22:44 GMT
Jim Gillogly <[EMAIL PROTECTED]> wrote, in part:
>Nova, a PBS program, will be airing the first show in a WW2 cryptanalysis
>series on 9 Nov, next Tuesday. It includes material from the popular
>British series "Station X", about the work of Bletchley Park in breaking
>Nazi ciphers. The related web page is http://www.pbs.org/wgbh/nova/decoding/
>I prepared a cipher contest for them
So this *is* a new show! Well, I'll be rushing to tune in.
John Savard ( teneerf<- )
http://www.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: [EMAIL PROTECTED] (Patrick Juola)
Subject: Re: PGP Cracked ?
Date: 5 Nov 1999 13:04:39 -0500
In article <[EMAIL PROTECTED]>,
Harry Solomon <[EMAIL PROTECTED]> wrote:
>A security expert at my place of work states that PGP can be cracked. He
>says that today being Friday he will give me my passphrase by cracking the
>code the following Tuesday, Is this possible?
Only if you picked a bad passphrase.
-kitten
------------------------------
From: "Sandy Macpherson" <[EMAIL PROTECTED]>
Subject: Re: The Code Book
Date: Fri, 5 Nov 1999 16:51:21 -0000
Simon Birt <[EMAIL PROTECTED]> wrote in message
news:7vuvgl$b8g$[EMAIL PROTECTED]...
> Am I then correct in assuming that each of our n hundred symbols (be they
> digrams trigrams or whatever) should appear an equal number of times in
the
> ciphertext?
Nope. Random distribution of homophones isn't the same as even, for one
thing. But I've posted a fuller explanation on the Onelist mailing list
(practicing what I preach.)
------------------------------
From: Paul Koning <[EMAIL PROTECTED]>
Subject: Re: Bit/byte orientation in SHA-1
Date: Fri, 05 Nov 1999 11:53:00 -0500
JohnSmith wrote:
>
> Hello,
>
> I am trying to verify a module which implements the FIPS PUB 180-1 SHA-1
> specification which is bit oriented. This means it does not pad the '1'
> bluntly after the last byte but after the last bit which is specified
> through the size of the message. However, the C-implementation of Steve
> Reid, which I use currently for verification, is byte orientated. Can
> anyone point me to C-implementation which is bit orientated ?
Why don't you just make the 3-line change needed to deal with this
little detail? Something like this:
if (bit_count & 7)
*byte_ptr |= 0x80 >> (bit_count & 7);
else
*++byte_ptr = 0x80;
/paul
------------------------------
From: Matt Curtin <[EMAIL PROTECTED]>
Subject: Re: PGP Cracked ?
Date: 05 Nov 1999 12:10:26 -0500
>>>>> On Fri, 5 Nov 1999 16:58:41 -0000,
"Harry Solomon" <[EMAIL PROTECTED]> said:
Harry> A security expert at my place of work states that PGP can be
Harry> cracked. He says that today being Friday he will give me my
Harry> passphrase by cracking the code the following Tuesday, Is this
Harry> possible?
It sounds like he has access to your key and is going to try a brute
force search against your passphrase. Or perhaps he has another means
of getting access to your passphrase.
In any case, PGP hasn't been "broken", but a weakness in how it's
being used is the target of the attack. (This is a valid attack for
determining security, not of PGP, but how it's being used.)
--
Matt Curtin [EMAIL PROTECTED] http://www.interhack.net/people/cmcurtin/
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: How protect HDisk against Customs when entering Great Britain
Date: Fri, 5 Nov 1999 16:37:43 GMT
CoyoteRed wrote:
> Child pornographers deserve nothing less that the abuse that they,
> themselves, dish out.
The abuse is done by the parents/guardians of the children,
not by the viewer of photos.
------------------------------
From: "Sandy Macpherson" <[EMAIL PROTECTED]>
Subject: Re: The Code Book Mailing List
Date: Fri, 5 Nov 1999 17:15:30 -0000
David Pearce <[EMAIL PROTECTED]> wrote in message
news:7vuvfu$h06$[EMAIL PROTECTED]...
> Oooh, shirty! It strikes me that this is precisely the most appropriate
> place to discuss this. It's an interesting topic, and is likely to be of
> interest to a wide range of people. The onelist you just created as a
> diversion is not fooling me. Also, mailing lists are a pain, if you use
> email for more serious things like work.
> You will have to get over this aversion to newbies, 'Sandy'.
You've grasped the wrong end of the stick here, David. I don't have an
aversion to newbies: I feel totally out of my depth here myself, and I
assumed others might feel the same. Having read and been utterly non-plussed
by a lot of the posts here, I assumed that most posters here would actively
dislike low-tech discussions about long-redundant methods of cryptography. I
may be wrong about that, so apologies. A mailing list isn't stopping anyone
from discussing anything here, it's just another option.
As for you not being fooled, I'm assuming that you think I've set up a
mailing list for my own personal gain. You'll have to talk me through that
one, especially as you're right about mailing lists being a pain, if too
many people post to them every day. (I'd suggest that if that's all that's
stopping you, you can use different e-mail addresses for work and list.)
Sorry to have offended you, or anyone else. By the way, those inverted
commas round my name - are they ironic? Or are they "ironic"? Or is it the
whole concept of them that's ironic?
- Sandy
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: An encryption proposal from a Newbie... <- A modification
Date: Fri, 5 Nov 1999 15:12:07 GMT
CoyoteRed wrote:
> I've noticed a weakness that some of you picked up on and that's the
> index keys. So, I proposes the following change: ...
Aargh! That's why we discourage posting of newbie attempts at
cryptosystem design. No matter how much work people put into
analyzing the flaws, the newbie will just make another change
and the process starts all over again. Eventually, people get
tired of pointing out the flaws, at which point the newbie
thinks that he has finally devised a great system because
nobody seems to be able to find a flaw in it.
------------------------------
From: Bob Silverman <[EMAIL PROTECTED]>
Subject: Re: Lenstra on key sizes
Date: Fri, 05 Nov 1999 17:13:54 GMT
In article <7vu424$[EMAIL PROTECTED]>,
"Roger Schlafly" <[EMAIL PROTECTED]> wrote:
> DJohn37050 <[EMAIL PROTECTED]> wrote in message
> But I found it odd that they treated RSA and discrete log
> modulus sizes the same. The NFS asymptotics are similar,
> but as they say, solving the discrete logarithm problem
> "is considerably more difficult than factoring".
>
> So far (in the open literature) a 512-bit RSA key has
> been broken, but the largest discrete log attack has been
> 283 bits (EuroCrypt '98). It looks to me like 512-bit
> discrete log (SDL in the paper's terminology) is a whole
> lot more secure than 512-bit RSA.
We have not put in the same level of effort.
What mostly makes the DL problem harder is that solving the matrix is
harder. Sieving also requires a larger factor base.
--
Bob Silverman
"You can lead a horse's ass to knowledge, but you can't make him think"
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Steganography Academy
Date: Fri, 5 Nov 1999 15:17:14 GMT
JPeschel wrote:
> [EMAIL PROTECTED] (wtshaw) writes:
> >In the light of my definition of what constitutes a strong cipher, how
> >much plaintext must be involved to confirm the correct key, all AES
> >candidates are near or in the weak category axiomaticaly.
> Then you better re-work your definition.
Right! To call a system "weak" when you have no idea how to
go about attacking it *in practice* is an abuse of terminology.
You might as well say that almost every cryptosystem is "weak"
because it is in principle susceptible to known-plaintext
attack, although the work factor of the best known attack is
vastly higher than anybody could actually muster.
------------------------------
From: Bob Silverman <[EMAIL PROTECTED]>
Subject: Re: my own crypt function
Date: Fri, 05 Nov 1999 17:23:38 GMT
In article <7vu1ps$o3p$[EMAIL PROTECTED]>,
"David Beckwith" <[EMAIL PROTECTED]> wrote:
> Hi,
> I want to write my own crypt function to encrypt passwords.
Why? Is there something wrong with the ones you have available?
> Can somebody explain to me how to do this?
No. Noone can. It would take a good 6-8 years of education before
you could learn enough to do it competently. This includes at
minimum an undergrad degree in mathematics and a Ph.D. in crypto
or computer science. (or some combo thereof)
> Do you know any good tutorial sites
to get me started?
They don't exist.
--
Bob Silverman
"You can lead a horse's ass to knowledge, but you can't make him think"
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: John Kennedy <[EMAIL PROTECTED]>
Subject: Re: Nova program on cryptanalysis -- also cipher contest
Date: Fri, 05 Nov 1999 12:27:39 -0500
On Fri, 05 Nov 1999 16:22:44 GMT, [EMAIL PROTECTED]
(John Savard) wrote:
>Jim Gillogly <[EMAIL PROTECTED]> wrote, in part:
>
>>Nova, a PBS program, will be airing the first show in a WW2 cryptanalysis
>>series on 9 Nov, next Tuesday. It includes material from the popular
>>British series "Station X", about the work of Bletchley Park in breaking
>>Nazi ciphers. The related web page is http://www.pbs.org/wgbh/nova/decoding/
>
>>I prepared a cipher contest for them
>
>So this *is* a new show! Well, I'll be rushing to tune in.
Your enthusiasm is contagious John, but I don't think it comes on any
sooner if you rush.
-
John Kennedy
The Wild Shall Wild Remain!
http://members.xoom.com/rational1/wild/
------------------------------
From: [EMAIL PROTECTED] (Bill McGonigle)
Subject: Re: Lenstra on key sizes
Date: Fri, 05 Nov 1999 12:35:37 -0500
In article <7vu424$[EMAIL PROTECTED]>, "Roger Schlafly"
<[EMAIL PROTECTED]> wrote:
> So far (in the open literature) a 512-bit RSA key has
> been broken, but the largest discrete log attack has been
> 283 bits (EuroCrypt '98). It looks to me like 512-bit
> discrete log (SDL in the paper's terminology) is a whole
> lot more secure than 512-bit RSA.
Do we know people are trying as hard on discrete logs? Lack of a
successful attack doesn't mean security, right?
-Bill
=====
[EMAIL PROTECTED] / FAX: (419) 710-9745
Dartmouth-Hitchcock Medical Center Clinical Computing
------------------------------
From: [EMAIL PROTECTED] (Bill McGonigle)
Crossposted-To: sci.math,sci.misc,sci.physics
Subject: Re: Proposal: Inexpensive Method of "True Random Data" Generation
Date: Fri, 05 Nov 1999 12:09:51 -0500
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (John Savard) wrote:
> Ditto Rand's One Million Digits (avalable on
> the web for free from Rand, good guys!).
>
> There are times in cryptography when you _really_ need randomness.
If everybody can order a copy is it good for cryptography? I can see how
it'd be useful for private things like simulations.
-Bill
=====
[EMAIL PROTECTED] / FAX: (419) 710-9745
Dartmouth-Hitchcock Medical Center Clinical Computing
------------------------------
From: [EMAIL PROTECTED] (Patrick Juola)
Crossposted-To:
alt.security.pgp,comp.security.pgp.discuss,comp.security.pgp.tech,alt.privacy,alt.privacy.anon-server
Subject: Re: How protect HDisk against Customs when entering Great Britain
Date: 5 Nov 1999 13:04:13 -0500
In article <[EMAIL PROTECTED]>,
Trevor Jackson, III <[EMAIL PROTECTED]> wrote:
>Andrew Brydon wrote:
>
>> Once upon a time, pgp651 <[EMAIL PROTECTED]> wrote
>> >
>> >Don't we all have the right to privacy ?
>>
>> And don't all the children in the world have the right not to be
>> molested and abused? That is why they scan (though I had not heard of
>> it being done).
>>
>> Almost every "freedom of X" argument has a counter-side (and I am not
>> specifically taking sides, merely pointing it out).
>
>Not all counter sides are valid.
>
>>
>>
>> E.g. murder is illegal, but your "right to murder" is considered lower
>> than everyone else's "right to live in peace and no fear".
>
>This example is invalid. Murder is referred to as "taking a life". Since
>you have no right to another posessions, and each person posesses their
>own life, there is no right to take another's life.
Unfortunately, you can't simply make this statement -- for example,
both soldiers and hangmen have not only a "right," but a positive
duty to "take a life" under some circumstances. So your "right to
live in peace and fear" isn't absolute, and there *IS* a (potentially)
valid counterside.
More generally, validity is in the eye of the beholder -- I have opinions
about the relative importance of various rights, you of course have
your own, which I hope largely agree with mine. There is, however,
no absolute scale by which you can say "not all countersides are
valid," since there's almost always at least one person who would
disagree with you (in some situations).
>The relevance of this to the issue of privacy is that one may affirm the
>posession of prohibited materials, but justify their posession in some
>manner. The two classic manners are to show that the posession has a
>purpose that overrides the prohibition or to show the the prohibition is
>flawed (too vague, unconstitutional, improperly applied, etc.). The
>homicide example is based on the first kind of assertion, typically the
>claim to be acting in defense of innocent life -- one's own. One rarely
>attacks the validity of the laws against murder. ;-)
>
>OTOH, in the privacy realm it is much harder to show a competing harm, but
>often not hard to show a flaw in the prohibition.
>
>In _neither_ case are competing rights involved in the conflict.
This, bluntly, is nonsense. I have a "right" to privacy, just as
children have a "right" to be free exploitation. As society itself
is the ultimate judge of the validity of laws (after all, if they
find a particular law to be invalid, they'll either change the laws
*or* the rules of validity), the question is whether one of
society as a whole values privacy over child protection (to an
enforceable degree.)
-kitten
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: The Code Book
Date: Fri, 5 Nov 1999 16:32:28 GMT
Sandy Macpherson wrote:
> in creating a homophonic substitution cipher, the cryptographer bases the
> distribution of homophones according to the frequency that each (plaintext)
> letter occurs. Since the total of all these frequencies must equal 100%, it
> follows that the number of homophones in the ciphertext will be 100, or a
> multiple thereof.
That doesn't follow at all. The total number of symbols can be any
number greater than the alphabet size.
------------------------------
From: "David Pearce" <[EMAIL PROTECTED]>
Subject: Re: The Code Book Mailing List
Date: Fri, 5 Nov 1999 18:05:02 -0000
> You've grasped the wrong end of the stick here, David. I don't have an
> aversion to newbies: I feel totally out of my depth here myself, and I
> assumed others might feel the same. Having read and been utterly
non-plussed
> by a lot of the posts here, I assumed that most posters here would
actively
> dislike low-tech discussions about long-redundant methods of cryptography.
I
> may be wrong about that, so apologies. A mailing list isn't stopping
anyone
> from discussing anything here, it's just another option.
>
Ok. Wrong end of stick well and truly grasped. I thought you were implying
that this group is above discussion of the sort of codes Simon Singh is on
about. To my mind, discussions like this are very helpful, as at the very
least it gives people a better idea about what codes are all about. It
helps, of course, having read the book, but anyone who's puzzled maybe
should go and do a bit of reading. If people reading this newsgroup know
what PGP, D-H and RSA are about, but not what a simple monoalphabetic
substitution cipher is, then a bit of education is in order, nicht wahr?
Anyway, so far we have only been discussing the first few ciphers in the
challenge. They get a lot harder, going right up to the present day coding
techniques. Anyone know how to factorise a number of the order of 10^138
into two prime numbers?
> Sorry to have offended you, or anyone else. By the way, those inverted
> commas round my name - are they ironic? Or are they "ironic"? Or is it the
> whole concept of them that's ironic?
>
> - Sandy
>
Not being ironic, just thinking of the film 'Grease'. ;-)
DHP
------------------------------
From: "David Pearce" <[EMAIL PROTECTED]>
Subject: Re: The Code Book Challenge
Date: Fri, 5 Nov 1999 18:06:01 -0000
Peter Wilkinson <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> I have just started. Anyone know where to get the encrypted text
> in machine readable form. Typing all that stuff in is going to be
> quite a trial...
>
Scan it or type it in by hand. That's part of the challenge...
DHP
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
