Cryptography-Digest Digest #552, Volume #10 Fri, 12 Nov 99 14:13:03 EST
Contents:
Re: Ultimate Crypto Protection? ("Trevor Jackson, III")
Re: RC4 in Kremlin US version 2.21 can be cracked !! ([EMAIL PROTECTED])
Group English 1-1 all file compressor (SCOTT19U.ZIP_GUY)
Re: Signals From Intelligent Space Aliens? Forget About It. ("Douglas A. Gwyn")
Re: ENCRYPTOR 4.0 by Comotex USA Inc. CRACKED !! ([EMAIL PROTECTED])
Re: ENCRYPTOR 4.0 by Comotex USA Inc. CRACKED !! (JPeschel)
Re: What sort of noise should encrypted stuff look like? ("Douglas A. Gwyn")
Re: Proposal: Inexpensive Method of "True Random Data" Generation ("Douglas A. Gwyn")
Re: Build your own one-on-one compressor ("Douglas A. Gwyn")
Re: Signals From Intelligent Space Aliens? Forget About It. (Patrick Juola)
Re: Signals From Intelligent Space Aliens? Forget About It. (Patrick Juola)
Re: Research suggestion? (Anton Stiglic)
Re: Build your own one-on-one compressor (Tim Tyler)
Re: PALM PILOT PGP found here (John Savard)
Re: Proposal: Inexpensive Method of "True Random Data" Generation (John Savard)
Public Key w/o RSA? ("Brian Greskamp")
----------------------------------------------------------------------------
Date: Fri, 12 Nov 1999 10:28:32 -0500
From: "Trevor Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: Ultimate Crypto Protection?
Jeremy Nysen wrote:
> "Trevor Jackson, III" wrote:
> >
> > Sundial Services wrote:
> >
> > > Adam Durana wrote:
> > >
> > > > > I have a friend who tells me that the Russian military used double
> > > > enciphered
> > > > > OTP all through the cold war and that NSA, with all it's expertise and
> > > > computer
> > > > > hardware never had much success breaking it.
> > > > >
> > > > > Is double encipherment really all that effective?
> > > >
> > > > No one has ever broken an OTP. Double OTP just seems like an overkill. A
> > > > single OTP provides perfect security.
> > >
> > > Not if one of their spies is at the bottom of the Danube and the enemy
> > > stole a copy of his pad before shooting him. A system involving two OTP
> > > streams would be resistant to either one of them being stolen, and would
> > > further introduce the question of how the streams were combined; the
> > > random nature of OTP streams offering no clues.
> > >
> > > Spy organizations think like that.
> >
> > Hardly. The spy at the bottom of the river had to have both pads. A system
> > involving two pads has security equal to that of a single pad, but is four times
> > as hard to use.
>
> Not if it required two spies meeting to be able to send an important
> long distance message.
Two pads AND two people? 16 times as hard to use and 2^16 times weaker. No serious
organization would interdict communications in this manner. The field problem is to
create redundant comm channels so control gets some idea of what's going on.
Further, you don;t want to create the kind of correlation between spies meeting and
messages going out. That kind of behavior is a glaring hint.
>
>
> This might be the case where there are a number of local operatives who
> can communicate with eachother covertly. And when any of them has to
> send a message across a 'locked down' border, a multi-pad system
> improves the chances of the secret remaining undisclosed.
Nope.
> An enemy agent
> might be able to track down one of the message senders (eg. the bottom
> of the Danube), but chances are the other guy has now been tipped off
> and is burning his pad.
Absolutely not. Each spy has a pad. Each can send messages encrypted independently.
The dead spy will not be sending any messages. The live spy's pad has not been
compromised.
The only issue is whether the opponent can masquerade as the dead spy, sending
messages encrypted with his pad. Requriring a second encipherment not address that
issue, because if the spies meet for every message they will both be on the bottom of
the river and control will get doubly enciphered messages from the opponent.
>
>
> A second scenario might be if I store my two pads in unrelated places,
> so if one is found hopefully the other remains hidden. I could sign the
> message with the first and hide it, then later apply the second pad to
> my signed message and hide the second pad elsewhere.
>
> Even more devious: if when signing with my second (hidden separately)
> pad, I spend some extra time creating a third pad that when applied to
> the message decrypts to some unrelated 'safe' message. I could cave
> under torture and divulge this fake pad to the enemy who use it to
> verify my message is relatively harmless. For example, if I have
> encrypted:
>
> 'ENEMY SCUM ATTACK AT MIDNIGHT FIRST JAN 2000X'
>
> and create a third pad that used alone causes the ciphertext decrypt to
>
> 'PLEASE SEND ADDITIONAL MONEY FOR HOUSING LOAN'
>
> then I could plausibly deny any evil intent. :-> To prove otherwise,
> they would need both the first and the second pad.
No, to prove evil intent they need the _last_ pad. The one that decrypts to your
diary in which you confessed everything.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: RC4 in Kremlin US version 2.21 can be cracked !!
Date: Fri, 12 Nov 1999 15:59:40 GMT
Yes i know what Vignere is, the problem is no one seem to understand
that i don't say that RC4 = Vigenere but the bug in Kremlin is like a
Vigenere cipher was used to crypt the files
>
> First off I doubt you know what a Vinegere cipher actually is. Here
is
> the pseudo-code
>
> for i = 0 to n
> Ci = Pi xor K[i mod k_len]
> next i
>
> RC4 is a secure random number generator, a Vinegere cipher is not a
RNG
> at all...
>
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Group English 1-1 all file compressor
Date: Fri, 12 Nov 1999 17:05:05 GMT
If some one gives me the most frequently occurring 3 letter groups
just the top 5.
and the most frequesnt occurring 2 letter groups just the top 5
along with the top 5 words with space and the least used
characters for the substitution.
I will combine it in a set of programs that does the compress
in a one to one way that will still work for all files. Later we
can mod it to work only with text files if that is wihat we wish to
do. I am sugguesting that it works with all files first becasue of
the difference in machines for file formats.
I realize the goal is for just words with no carridge returns and
maybe only one case (upper or lower) but this first step would
give people a taste of where this is headed.
As for Tim rules about strings I think he is correct but one could
use multiplu dictionarys.
Example stage 1 of the 1-1 compress change the dictionary is
made up of "the" and "z'"
stage 2 there is a dictionary of "th" and "q"
when decompressing you reverse the stages run stage 2 and
then stage 1.
Please someone especially Tim comment on this or did I have to
many beers.
Take Care
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website NOT FOR WIMPS
http://members.xoom.com/ecil/index.htm
Scott rejected paper for the ACM
http://members.xoom.com/ecil/dspaper.htm
Scott famous Compression Page WIMPS allowed
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Signals From Intelligent Space Aliens? Forget About It.
Date: Fri, 12 Nov 1999 15:52:48 GMT
"Douglas A. Gwyn" wrote:
> 10^6 ly in 22.5 ship-years at .9 gee
Oops, that was supposed to be 21.5 ship-years.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: ENCRYPTOR 4.0 by Comotex USA Inc. CRACKED !!
Date: Fri, 12 Nov 1999 16:11:11 GMT
> Word 2 and 6 basically used a password XOR'ed with a constant string
and a
> length value to form a 16 byte string, which is then repeatedly
XOR'ed with
> the plain text.
>
> I found encrypting a long string of 000... then 11111... in several
files
> showed the 16 byte XOR pattern.
>
Yes Lyal, you're right, i wanted to say that encryptor 4.0 uses the
same kind of cipher as Word 7.0 ( word 97 not word 6.0 ).
Word 7.0 international version uses RC4-40 bit with no IV to encrypt
the documents.
The password is hashed with MD5 and the MD5 hash is used to init RC4
As there is no IV, the output of RC4 will be always the same with the
same password.
Word 97 encryption, as encryptor 4.0 can be cracked with a statistical
attack with some different ciphertexts encrypted with the same key.
Alexander PUKALL
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED] (JPeschel)
Subject: Re: ENCRYPTOR 4.0 by Comotex USA Inc. CRACKED !!
Date: 12 Nov 1999 16:25:01 GMT
fungus [EMAIL PROTECTED] writes:
>JPeschel wrote:
>>
>> "Alexander PUKALL" [EMAIL PROTECTED] writes:
>>
>> >Why not cracked ??
>> >Encryptor is a stream cipher with no salt key, then Encryptor is dead.
>> >
>>
>> I think you've found a faulty implementation, but you haven't cracked the
>> cipher, or for that matter identified it.
>>
>
>Huh?
>
>Read the subject line "Encryptor 4.0 by Comotex.. .... cracked",
>not "Algorithm XXX cracked"
You read it. This guy hasn't cracked anything.
Joe
__________________________________________
Joe Peschel
D.O.E. SysWorks
http://members.aol.com/jpeschel/index.htm
__________________________________________
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: What sort of noise should encrypted stuff look like?
Date: Fri, 12 Nov 1999 15:40:07 GMT
[EMAIL PROTECTED] wrote:
> That is correct. However, the result of decryption - before uncompression
> is applied - with a wrong key is almost certain to be white noise; this
> should be noted, as it might be the answer to the question.
That still depends on the encryption scheme. A code (codebook encoding)
is in itself an encryption, if the enemy doesn't have ready access to
the
code book, yet the argument I gave applies to this form of encryption.
------------------------------
Crossposted-To: sci.math,sci.misc,sci.physics
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Proposal: Inexpensive Method of "True Random Data" Generation
Date: Fri, 12 Nov 1999 15:58:46 GMT
"james d. hunter" wrote:
> Quantum Mechanics looks and -is- a randomly generated theory
> of the universe.
I don't know where you got your low opinion of science, but
quantum theory was hardly generated "at random".
> The only people who really use stuff like atomic decay
> processes are the national defense applications and the
> very highest level security. The reason it's mostly used
> in those areas concerns actual -physical- integrity rather
> than mathematical properties.
The *only* reason for preferring a physical source of
randomness is that it has *better* relevant mathematical
properties than any deterministic (pseudo-random) algorithm.
------------------------------
Crossposted-To: comp.compression
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Build your own one-on-one compressor
Date: Fri, 12 Nov 1999 16:01:26 GMT
Mok-Kong Shen wrote:
> For anything not in the dictionary, some escape mechanism must be
> used.
You guys seem to be trying to reinvent the syllabary or code book.
Please study how this has been done in the long history of
cryptography, in order to avoid wasting time and making dumb
mistakes.
------------------------------
From: [EMAIL PROTECTED] (Patrick Juola)
Subject: Re: Signals From Intelligent Space Aliens? Forget About It.
Date: 12 Nov 1999 11:35:52 -0500
In article <80hbt7$[EMAIL PROTECTED]>,
Juergen Nieveler / CompuNet <[EMAIL PROTECTED]> wrote:
>Patrick Juola <[EMAIL PROTECTED]> schrieb in im Newsbeitrag:
>80h7ds$sc3$[EMAIL PROTECTED]
>> In article <80gi33$[EMAIL PROTECTED]>,
>> Juergen Nieveler / CompuNet <[EMAIL PROTECTED]> wrote:
>> >Douglas A. Gwyn <[EMAIL PROTECTED]> schrieb in im Newsbeitrag:
>> >[EMAIL PROTECTED]
>> >> Juergen Nieveler / CompuNet wrote:
>> >> > The only problem being that you need _huge_ amounts of energy to
>> >accelerate
>> >> > heavy objcets (Humans) to something near light speed... isn�t E=MC�
>an
>> >> > exponential function?
>> >>
>> >> No, and you don't need so very much energy *on the spaceship*.
>> >
>> >If you don�t put the energy source on the spaceship, where else do you
>want
>> >to put it?
>>
>> I'd put it at a nice handy star and use solar panels. Dr. Bussard
>> scooped it out of interstellar space. I've also seen proposals
>> to put it into a ground-based laser and fire the laser at the
>> solar panels.
>>
>> If all else fails, just use a REALLY LONG extension cord.
>>
>
>The solar-panel-idea leads to another interesting thought: How do photons
>reach a ship moving near lightspeed?
The same way they reach a ship moving not near lightspeed, of course.
A ship moving near lightspeed is still moving slower than light,
so the photons will (eventually) catch it. Of course, they won't
transfer much momentum and they will appear to be strongly
red-shifted to observers on the ship -- but wtf.
>Of course, a laser based on earth wouldn�t work too well, because you are
>accelerating away from it, the energy would take longer and longer to reach
>your ship, and wouldn�t reach you at all once lightspeed is reached.
You can't reach lightspeed.
>There is an interesting book about the physics blunders in Star Trek (The
>physics of Star Trek, IIRC) that deals with a lot of this problems. For
>example the "Bussard ramscoop" which gets energy by collecting hydrogen
>wouldn�t actually produce enough energy to power itself, let alone a
>spaceship, because the amount of hydrogen in space is quite low, except in
>nebulas.
Until you get up to relativistic speeds, at which point the space
surrounding the ship is "compressed" (w.r.t. the ship) and there's
lots of hydrogen available. Your source was wrong, sir -- Bussard
ramscoops are easily practical if the technology were available.
-kitten
------------------------------
From: [EMAIL PROTECTED] (Patrick Juola)
Subject: Re: Signals From Intelligent Space Aliens? Forget About It.
Date: 12 Nov 1999 11:36:55 -0500
In article <[EMAIL PROTECTED]>, Douglas A. Gwyn <[EMAIL PROTECTED]> wrote:
>Patrick Juola wrote:
>> Because the rocket puts out a constant thrust (force) and the
>> acceleration decreases, we know from F = m*a that the mass must
>> be increasing.
>
>No, it is inappropriate to use the simplified Newtonian
>formula in the relativistic case.
In context, it's not inappropriate... Force is still mass times
acceleration; even at relativistic speeds. We simply can no
longer assume constant mass.
-kitten
------------------------------
From: Anton Stiglic <[EMAIL PROTECTED]>
Subject: Re: Research suggestion?
Date: Fri, 12 Nov 1999 11:48:30 -0500
==============231E3D27A9382DE1237D4E46
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
I just found a ref to an article that might be of interest to you:
(you can get the article at:
http://www.bell-labs.com/user/bleichen/bib.html )
here is the abstract
filename : Digital_Signatures
title : Directed Acyclic Graphs, One-way Functions and Digital
Signature
author : Bleichenbacher D., Maurer U.
type : inproceedings
organisation : Institute for Theoretical Computer Science, ETH Z�rich
month :
year : 1994
booktitle : Advances in Cryptology - CRYPTO '94
editor : Y. Desmedt
series : Lecture Notes in Computer Science
publisher : Springer-Verlag, Berlin
volume : 839
pages : 75-82
abstract :
The goals of this paper are to formalize and investigate the general
concept of a digital signature scheme based on a general one-way function
without trapdoor for signing a predetermined number of messages.
It generalizes and unifies previous work of Lamport, Winternitz, Merkle,
Even et al. and Vaudenay. The structure of the computation yielding a
public
key from a secret key corresponds to a directed acyclic graph G.
A signature scheme for G can be defined as an antichain in
the poset of minimal verifyable sets of vertices of G with the
naturally defined computability relation as the order relation
and where a set is verifyable if and only if the public key can be
computed
from the set.
==============231E3D27A9382DE1237D4E46
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit
<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
<html>
I just found a ref to an article that might be of interest to you:
<p>(you can get the article at: <a
href="http://www.bell-labs.com/user/bleichen/bib.html">http://www.bell-labs.com/user/bleichen/bib.html
)</a>
<p>here is the abstract
<br>
<p>filename : Digital_Signatures
<br>title : Directed Acyclic
Graphs, One-way Functions and Digital Signature
<br>author : Bleichenbacher D.,
Maurer U.
<br>type : inproceedings
<br>organisation : Institute for Theoretical Computer Science, ETH
Zürich
<br>month :
<br>year : 1994
<br>booktitle : Advances in Cryptology - CRYPTO
'94
<br>editor : Y. Desmedt
<br>series : Lecture Notes in
Computer Science
<br>publisher : Springer-Verlag, Berlin
<br>volume : 839
<br>pages : 75-82
<br>abstract :
<p>The goals of this paper are to formalize and investigate the general
<br>concept of a digital signature scheme based on a general one-way function
<br>without trapdoor for signing a predetermined number of messages.
<br>It generalizes and unifies previous work of Lamport, Winternitz, Merkle,
<br>Even et al. and Vaudenay. The structure of the computation yielding
a public
<br>key from a secret key corresponds to a directed acyclic graph G.
<br>A signature scheme for G can be defined as an antichain in
<br>the poset of minimal verifyable sets of vertices of G with the
<br>naturally defined computability relation as the order relation
<br>and where a set is verifyable if and only if the public key can be
computed
<br>from the set.
<br>
<pre></pre>
</html>
==============231E3D27A9382DE1237D4E46==
------------------------------
Crossposted-To: comp.compression
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: Build your own one-on-one compressor
Reply-To: [EMAIL PROTECTED]
Date: Fri, 12 Nov 1999 16:48:38 GMT
In sci.crypt Don Taylor <[EMAIL PROTECTED]> wrote:
: A proposal follows:
: There are 2^15 plus approximately 2^13 pairs in this dictionary. These
: are code numbered in two different ranges, in binary 1bbb bbbb,bbbb bbbb
: and approximately 010b bbbb,bbbb bbbb.
[...]
: Note: This thus mandates A solution to the prefix/suffix/infix debate.
: There is an additional pairing outside of this dictionary process.
: NON-lower case char in 0...2^7-1 range <---> that char
: And, as a concession to those concerned with odd byte length files.
: first byte of a word code followed by EOF <---> that byte followed by EOF
Either those 2^15 + 2^13 sumbols encode every possible single ASCII
symbol - or I see no sign of a demonstration that the system can represent
all possible uncompressed files when in a compressed state.
*If* all single characters are represented, then a file ending with the
16-bit symbol for (say) "A" will decompress to the same file as
one ending with the 8-bit string "A" EOF. This destroys the 1-1 property.
I have not yet looked at your scheme very closely.
However, I have to say that my immediate impression is that a scheme along
these lines is unlikely to wind up being 1-1 ;-/
The 1-1 property is easy to test for. If you want, you can build your system
and test it with lots of random files. This would not be a /proof/ that the
system had the property, but it would pretty rapidly find any problems.
--
__________
|im |yler The Mandala Centre http://www.mandala.co.uk/ [EMAIL PROTECTED]
I don't care who you are, fatso! - get those reindeer off my roof!
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Crossposted-To: alt.security.pgp,comp.sys.palmtops.pilot
Subject: Re: PALM PILOT PGP found here
Date: Fri, 12 Nov 1999 17:23:36 GMT
[EMAIL PROTECTED] (Keith A Monahan) wrote, in part:
>http://cryptography.org/crypto/hnKpw9sv/pgp/palmopgp/
Probably the name of the directory "hnKpw9sv" changes each day or
hour: since the archive is North American, this may be part of
compliance with export controls.
Thus, one should go to their main page, rather than attempting to go
directly to an URL in this form.
John Savard ( teneerf<- )
http://www.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Crossposted-To: sci.math,sci.misc,sci.physics
Subject: Re: Proposal: Inexpensive Method of "True Random Data" Generation
Date: Fri, 12 Nov 1999 17:31:41 GMT
"james d. hunter" <[EMAIL PROTECTED]> wrote, in part:
>I think you better define random first, before you discuss it.
>"Random" only makes sense in terms of a random process.
>Strings are usually interpreted as -fixed- outputs of a
>random process. "Incompressibility" has to do with the information
>content of the -fixed- string. There is nothing really "random" about
>it.
You are correct here, as far as that goes.
However:
- there is a relationship between randomness and incompressibility.
Given a properly random - or shall I be highfalutin' and say
"stochastic" - message source, its output will be incompressible;
there will be no net benefit in attempting to compress the occasional
accidentally patterned output from it.
- if I use the output of a random process for my one-time-pad, I am
safe. If I use an incompressible string as a one-time-pad, I am *also*
safe, since if the string was easy for an adversary to guess, that
means that it could be compressed (i.e. to "the first 1000 digits of
pi" from 14159 26535 89793...) for the purpose of communicating it to
my adversary. The physical process of randomness is recommended,
simply because you can't always *know* if a given string is
incompressible ("the contents of the fake one-time-pad I slipped into
their pile").
John Savard ( teneerf<- )
http://www.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: "Brian Greskamp" <[EMAIL PROTECTED]>
Subject: Public Key w/o RSA?
Date: Fri, 12 Nov 1999 09:36:55 -0500
How many public-key crypto algorithms are there? I'm new to this, and I
keep hearing about RSA, but are there others? And if so, then why is RSA in
particular so popular?
Brian
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
