Cryptography-Digest Digest #589, Volume #10 Fri, 19 Nov 99 01:13:02 EST
Contents:
Re: What part of 'You need the key to know' don't you people get? (Johnny Bravo)
Re: What part of 'You need the key to know' don't you people get? (SCOTT19U.ZIP_GUY)
Re: What part of 'You need the key to know' don't you people get? (SCOTT19U.ZIP_GUY)
Re: AES cyphers leak information like sieves (SCOTT19U.ZIP_GUY)
Re: What part of 'You need the key to know' don't you people get? (SCOTT19U.ZIP_GUY)
Re: Simpson's Paradox and Quantum Entanglement ([EMAIL PROTECTED])
Public Keys Comparison (UBCHI2)
Backdoor Tactic (UBCHI2)
Re: Simpson's Paradox and Quantum Entanglement ("karl malbrain")
Re: Public Keys Comparison (Justin)
Re: Backdoor Tactic (SCOTT19U.ZIP_GUY)
Re: What part of 'You need the key to know' don't you people get? (SCOTT19U.ZIP_GUY)
Re: Letter Frequency in English Texts vs. Name Lists (William Rowden)
Re: What part of 'You need the key to know' don't you people get? (Tom St Denis)
Re: What part of 'You need the key to know' don't you people get? (Tom St Denis)
rotors (Tom St Denis)
Re: AES cyphers leak information like sieves (Tom St Denis)
technical writing skills required! (Tom St Denis)
Re: Realistic view of AES ("Roger Schlafly")
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Johnny Bravo)
Subject: Re: What part of 'You need the key to know' don't you people get?
Date: Thu, 18 Nov 1999 18:41:58 GMT
On Thu, 18 Nov 1999 18:33:02 GMT, Tim Tyler <[EMAIL PROTECTED]> wrote:
>David demonstrates this by chopping the head and tail from the cyphertext
>message, and decrypting it anyway (using the key). This would be
>impossible if the plaintext information were diffused through the whole
>message.
You might as well assume your attacker just has the middle third of
the plaintext sitting right in front of him as well. Of what
practical use is basing an attack on your attacker having the key?
What are the odds that your attacker will have your key, your IV
(which is usually in the front of the message) and ONLY the middle 1/3
of the ciphertext?
If your security is that compromised, nothing you can do is going to
help. Given that setup no possible crypto in the world will be secure
enough if you are relying on your attacker not getting your entire
ciphertext, that is usually the only thing the attacker has, not the
last thing they get.
Johnny Bravo
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: What part of 'You need the key to know' don't you people get?
Date: Fri, 19 Nov 1999 00:59:10 GMT
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Johnny Bravo) wrote:
>On Thu, 18 Nov 1999 12:18:58 GMT, Tom St Denis <[EMAIL PROTECTED]>
>wrote:
>
>>Assuming 26 pins per wheel you need 28 wheels to match a 128-bit key.
>>Did they have 28 wheels? I am not sure... did they?
>
> The standard version (at least at first) used 3 of 5 wheels, each
>with 26 settings, that's a total initial setting of 1054560 possible
>positions or just about 20 bits exactly.
> Near the end of the war (naval enigma) they were up to 4 out of 8
>wheels for about 29.5 bits worth of starting positions.
> A standard desktop computer can decrypt an enigma message in less
>than 15 mins due to properties of the cipher itself (like no letter is
>ever encrypted as itself for example).
>
> Best Wishes,
> Johnny Bravo
>
Dear Johnny what you have caluculated is based on fixed wheels
You are not considering the possible variations of the Wheel itself.
So that the real key is also not just witch wheel but what that wheel
lookes like. To take an example from scott4u which is based on 4 bits
or 16 states in it there is 40+ bits of info so there is more key
space than that in just the constuction of a single wheel of 26 wirings.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website NOT FOR WIMPS
http://members.xoom.com/ecil/index.htm
Scott rejected paper for the ACM
http://members.xoom.com/ecil/dspaper.htm
Scott famous Compression Page WIMPS allowed
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: What part of 'You need the key to know' don't you people get?
Date: Fri, 19 Nov 1999 01:18:10 GMT
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Johnny Bravo) wrote:
>On Thu, 18 Nov 1999 18:33:02 GMT, Tim Tyler <[EMAIL PROTECTED]> wrote:
>
>>David demonstrates this by chopping the head and tail from the cyphertext
>>message, and decrypting it anyway (using the key). This would be
>>impossible if the plaintext information were diffused through the whole
>>message.
>
> You might as well assume your attacker just has the middle third of
>the plaintext sitting right in front of him as well. Of what
>practical use is basing an attack on your attacker having the key?
>What are the odds that your attacker will have your key, your IV
>(which is usually in the front of the message) and ONLY the middle 1/3
>of the ciphertext?
> If your security is that compromised, nothing you can do is going to
>help. Given that setup no possible crypto in the world will be secure
>enough if you are relying on your attacker not getting your entire
>ciphertext, that is usually the only thing the attacker has, not the
>last thing they get.
>
This was only to show where the information of the file was. It was
not a suggested form of attack. But seeing your other posts I can
see why you may mistaken about the concepts. Since it seems to
be over your head.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website NOT FOR WIMPS
http://members.xoom.com/ecil/index.htm
Scott rejected paper for the ACM
http://members.xoom.com/ecil/dspaper.htm
Scott famous Compression Page WIMPS allowed
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: AES cyphers leak information like sieves
Date: Fri, 19 Nov 1999 01:13:19 GMT
In article <[EMAIL PROTECTED]>, "Peter K. Boucher"
<[EMAIL PROTECTED]> wrote:
>Let's look at the motivation for giving up error recovery with wrapped
>PCBC.
>
>A brute-force attack must be prepared to try 2^keysize decryptions of
>the whole file (2^keysize * blocks_in_file decryptions), as opposed to
>the 2^keysize decryptions to brute-force CBC. So, wrapped PCBC
>effectively adds log(blocks_in_file) worth of bits to the keysize.
>
>Suppose we're talking about large files ~100 Mbytes. Why not just add
>32 more bits to the keysize, use CBC, and make the brute-force
>decryption 4 *billion* times as expensive, while maintaining error
>recovery, instead? This would make the brute-force decryption 40 times
>as expensive as would wrapped PCBC on a 100 Mbyte file, while reducing
>the cost of encryption/decryption by the people with the keys.
>Furthermore, the encryption of smaller files would not be weaker, as it
>is with wrapped PCBC.
>
>What does wrapped PCBC get you that couldn't be better and more cheaply
>achieved by adding a few more key bits and using CBC?
For one thing it is not always so easy to just add keybits to a cipher
you could make it weaker unless you know exactly what your doing.
The point is why not use "wrapped PCBC" instead of trying yo find
a cipher that has your extra key bits. Also you can you various lenghts
of files much easer instead of trying to create random data or what ever
to match the block size of your favorite AES cipher.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website NOT FOR WIMPS
http://members.xoom.com/ecil/index.htm
Scott rejected paper for the ACM
http://members.xoom.com/ecil/dspaper.htm
Scott famous Compression Page WIMPS allowed
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: What part of 'You need the key to know' don't you people get?
Date: Fri, 19 Nov 1999 01:15:18 GMT
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Johnny Bravo) wrote:
>On Thu, 18 Nov 1999 15:22:30 GMT, [EMAIL PROTECTED]
>(SCOTT19U.ZIP_GUY) wrote:
>
>> are you a complete fool where did you get such a rediculus number.
>
> He used math moron, something you seem totally incapable of.
>Each wheel has 26 positions, ln(26^26) is 131 bits, but what the hell
>do you know about cryptography and mathematics.
>
> Johnny Bravo
Obviously I know more about it that you no wonder you don't
know shit about crypto.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website NOT FOR WIMPS
http://members.xoom.com/ecil/index.htm
Scott rejected paper for the ACM
http://members.xoom.com/ecil/dspaper.htm
Scott famous Compression Page WIMPS allowed
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: comp.ai.fuzzy,sci.physics,sci.math
Subject: Re: Simpson's Paradox and Quantum Entanglement
Date: Fri, 19 Nov 1999 00:30:23 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> Simpson's paradox has nothing to do with quantum mechanics.
> It's just an artifact of using multiple comparisons.
Like comparing two entangled particles ?
> It has occurred in baseball.
Yes. It occurs so insidiously that I'm surprised it
doesn't get more hype than it does.
Certainly it must be [ab]used in advertising and
political polls quite a bit.
http://ink.yahoo.com/bin/query?p=simpson%27s+paradox&hc=0&hs=0
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED] (UBCHI2)
Subject: Public Keys Comparison
Date: 19 Nov 1999 00:45:31 GMT
Has anyone mounted an effort to download all the public keys posted on the
internet to see how many of them exhibit similarities? If there are similar
public keys, that would prove damning evidence that a backdoor was in use.
------------------------------
From: [EMAIL PROTECTED] (UBCHI2)
Subject: Backdoor Tactic
Date: 19 Nov 1999 00:43:42 GMT
Anyone ever wonder why the commercial encryption programs always leave a tag on
the messages. They also won't permit you to decipher a message unless the tag
stays attached. Examples
Encrypted with PGP v6.0 or Encrypted with Norton For Your Eyes Only.
I challenge the readers of this message to identify a single commercial
encryption product that does not leave a plaintext tag or one that permits you
to decrypt without the tag.
This insures the cryptanalyst that even if you superencipher your message, he
will have known plaintext. In the worst possible case for the truly paranoid,
the tags insure that the snoopers know which basket of keys to use depending
upon product.
------------------------------
Reply-To: "karl malbrain" <[EMAIL PROTECTED]>
From: "karl malbrain" <[EMAIL PROTECTED]>
Crossposted-To: comp.ai.fuzzy,sci.physics,sci.math
Subject: Re: Simpson's Paradox and Quantum Entanglement
Date: Thu, 18 Nov 1999 16:58:17 -0800
Andy Spragg <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Are you MALBRAIN by name, malbrain by NATURE, or WHAT? You're going to
> damage your VOICE, alternately speaking and SHOUTING like that -
> particularly when neither MODE seems to convey anything WORTHWHILE.
Well, what exactly is your point? Yes, I have a name. No, I didn't
personally choose it. Go ask someone in BELGIUM were it comes from or why,
not me.
> Did you learn the art of communication from Carl Sagan, the man WHO
> put THE emphasis ON all THE wrong words?
Sorry, I'm of absolutely NO help with this question. Karl M
------------------------------
From: Justin <[EMAIL PROTECTED]>
Subject: Re: Public Keys Comparison
Date: Thu, 18 Nov 1999 20:52:01 -0500
On 19 Nov 1999, UBCHI2 wrote:
> Has anyone mounted an effort to download all the public keys posted on the
> internet to see how many of them exhibit similarities? If there are similar
> public keys, that would prove damning evidence that a backdoor was in use.
e-mail MIT or some other PGP key server organization, and get them to
offer all public keys in one giant archive, or publish stats on them.
Justin
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Backdoor Tactic
Date: Fri, 19 Nov 1999 03:34:34 GMT
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
(UBCHI2) wrote:
>Anyone ever wonder why the commercial encryption programs always leave a tag on
>the messages. They also won't permit you to decipher a message unless the tag
>stays attached. Examples
>
>Encrypted with PGP v6.0 or Encrypted with Norton For Your Eyes Only.
>
>I challenge the readers of this message to identify a single commercial
>encryption product that does not leave a plaintext tag or one that permits you
>to decrypt without the tag.
Well scott16u and scott19u leave no tags or traces you even have
the option of encryption without the file size changing.
>
>This insures the cryptanalyst that even if you superencipher your message, he
>will have known plaintext. In the worst possible case for the truly paranoid,
>the tags insure that the snoopers know which basket of keys to use depending
>upon product.
>
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website NOT FOR WIMPS
http://members.xoom.com/ecil/index.htm
Scott rejected paper for the ACM
http://members.xoom.com/ecil/dspaper.htm
Scott famous Compression Page WIMPS allowed
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: What part of 'You need the key to know' don't you people get?
Date: Fri, 19 Nov 1999 03:40:26 GMT
In article <811eqh$39q$[EMAIL PROTECTED]>, Tom St Denis <[EMAIL PROTECTED]> wrote:
>In article <811236$2ija$[EMAIL PROTECTED]>,
> [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) wrote
>> are you a complete fool where did you get such a rediculus number.
>> Are you stuoid enough to think that the number 26 is a binary number.
>> You really are full of shit Mr Tom. Each wheel is a specail arrangement
>> of 26 characters and don't forget the plug borad in the front of machine.
>
>
>Let's do some math review for the newbie here. 26 positions per wheel
>gets you 26^x = 2^128, therefore x = log26(2^128) = ~28
>
>Sorry if this is too complex for the mastermind behind scottu ciphers...
>
>Tom
>
Well Tom I have to admit I have no idea what you are trying to do.
Maybe you can tell me how big my key should have been for scott4u
which is like wiring up a wheel with only 16 character instead of the
26 as in an engima wheel. Maybe you found something. But I doubt it.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website NOT FOR WIMPS
http://members.xoom.com/ecil/index.htm
Scott rejected paper for the ACM
http://members.xoom.com/ecil/dspaper.htm
Scott famous Compression Page WIMPS allowed
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
------------------------------
From: William Rowden <[EMAIL PROTECTED]>
Subject: Re: Letter Frequency in English Texts vs. Name Lists
Date: Fri, 19 Nov 1999 02:48:36 GMT
In article <81203k$h20$[EMAIL PROTECTED]>, [EMAIL PROTECTED] wrote:
> Does anyone have a program that will calculate
> letter frequency patterns when given a text data
> file that they can share with me? Or even common
> letter frequencies for name sets?
For what platform do you want a program? How fast do you want it to
work? I have slow bu simple Unix/Linux awk and shell scripts that
process nearly a million characters in a few minutes.
--
-William
SPAM filtered; damages claimed for UCE according to RCW19.86
PGP key: http://www.eskimo.com/~rowdenw/pgp/rowdenw.asc until 2000-08-01
Fingerprint: FB4B E2CD 25AF 95E5 ADBB DA28 379D 47DB 599E 0B1A
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: What part of 'You need the key to know' don't you people get?
Date: Fri, 19 Nov 1999 03:37:51 GMT
In article <8124qm$2itg$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) wrote:
> Obviously I know more about it that you no wonder you don't
> know shit about crypto.
First off, please translate the above from idiot to english.
Second, admit that your remark that the keys in the rotors being bigger
then modern ciphers, is totally false. Because well it is.
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: What part of 'You need the key to know' don't you people get?
Date: Fri, 19 Nov 1999 03:40:36 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (wtshaw) wrote:
> In article <810qrg$jg0$[EMAIL PROTECTED]>, Tom St Denis
> <[EMAIL PROTECTED]> wrote:
>
> >
> > Assuming 26 pins per wheel you need 28 wheels to match a 128-bit
key.
> > Did they have 28 wheels? I am not sure... did they?
> >
> Should be 83.68 bits x 28 = 2343.04, not that it matters.
What are you talking about?
Solve this equation 26^x = 2^128 and you will get about 27.23, since
you can't have a fraction of a rotor, you must have at least 28 rotors
to get a 128 bit keyspace.
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: rotors
Date: Fri, 19 Nov 1999 03:45:12 GMT
Blush ... I messed up oh well.
it's 128 / log2(26!) for the num of rotors, or 2 rotors. Assuming all
permutations are secure. At any rate rotors were not attacked via
brute force so this line of thinking is moot.
I apologize for this error...
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: AES cyphers leak information like sieves
Date: Fri, 19 Nov 1999 04:04:29 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> Jerry Coffin <[EMAIL PROTECTED]> wrote:
> : In article <80tg4o$tg6$[EMAIL PROTECTED]>, [EMAIL PROTECTED]
says...
>
> :> You will see that all you pet modes are an illusion. They do
> :> not spread the information though the file. But either you
> :> don't understand or are to lazy to test.
>
> : Quite the contrary: that's a well-known feature of (for example)
CBC.
> : Its self-synchronizing property is well-known and useful. [...]
>
> You *don't* think having a known relationship between bits of text and
> bits of cyphertext assists analysis?
>
> I don't understand. What is your problem with this notion?
Um, by using a deterministic cipher you already have a clearly defined
relationship of the ciphertext and plaintext [assuming you have the
key]. This undeniable fact leads to cryptanalysis. This applies to
any cipher and mode of operation.
> Would sprinkling 0s through the plaintext file also be OK if there
was no
> known-plaintext attack? What about chopping bits from the key - is
that
> all right too, so long as *you* don't know a method of cracking the
> result? What about duplicating the message a few times before
encryption?
> If the cypher is secure what harm are you doing?
Well for the most part I could send 'tomwasheretomwashere' encrypted
with a random key and IV, and you would not be able to tell if it were
repeated or not.
> You /have/ to try and make things as secure as you possibly can,
within
> the constraints laced on you. This means making things as hard as
you can
> for the analyst. Letting him know that there's an almost one to one
> relationship between bits of text and bits of cyphertext is not a good
> start.
And usefull as possible ... [whistling sound] ...
> You disagree?! You think (for example) that people do generally have
the
> software to recover from such a mess? Or perhaps you think that
hardly
> anybody uses the software in question, so it doesn't matter? Or
perhaps
> you think that there's no possible way knowledge that certain small
> regions of cyphertext correspond with certain regions of plaintext can
> help attackers? Perhaps you would like to clarify which, if any, of
> these false views do you hold?
Yak yak yak. I would read this but what's the point. We probably
can't agree on the colour of the sky. [for starters it's blue].
> No you do not.
I know you are but what am I?
> Quantifying security in absolute terms is diffucult. However, seeing
> (for example) that adding known plaintext before direct encryption
with
> a block cypher weakens the resulting system does not require this.
> This case is directly analogous.
Yak yak yak, clap clap, sit down now please... put the mike down....
sit the heck down!
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: technical writing skills required!
Date: Fri, 19 Nov 1999 04:22:55 GMT
I want to write a technical 'data book' on peekboo [my neato crypto
program] in which I want to document how peekboo works [every nitty
detail] and attack trees.
What I would like [pretty please with a cherry on top] is someone[s]
with technical writing skill [or just time to waste] to help write this
thing. I would imagine it would be a rather large document ...
Anyways takers? [please?] This is the sort of thing sci.crypt should
be perfect at!
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: "Roger Schlafly" <[EMAIL PROTECTED]>
Subject: Re: Realistic view of AES
Date: Thu, 18 Nov 1999 19:39:47 -0800
Jerry Coffin <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> In article <[EMAIL PROTECTED]>,
> [EMAIL PROTECTED] says...
> > NIST has said there will be a winner or winners to AES contest. Not
> > necessarily only one winner.
>
> In fact, anybody interested in this question may want to visit the
> NIST AES web site -- they have a white paper pointing out some of the
> strengths and weaknesses of each decision, and seem _quite_ interested
> in comments on this particular subject.
I intend to send a comment that one winner would be best. It would
seem silly for them to do all this work and then be too wishy-washy
to make a decision. For the paranoid people who want to combine
multiple ciphers, they can just combine the top 5.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
