Cryptography-Digest Digest #844, Volume #10 Wed, 5 Jan 00 17:13:01 EST
Contents:
Re: how good is RC4? ([EMAIL PROTECTED])
Re: Truly random bistream ("Trevor Jackson, III")
Re: byte representation (mike cardeiro)
Re: Secure Delete Smart ("Trevor Jackson, III")
Re: Unsafe Advice in Cryptonomicon ("Trevor Jackson, III")
Identifier anonymization (Al Wang)
Re: Prime series instead (Re: Pi) ([EMAIL PROTECTED])
----------------------------------------------------------------------------
From: [EMAIL PROTECTED]
Subject: Re: how good is RC4?
Date: Wed, 05 Jan 2000 20:59:06 GMT
Tom St Denis wrote:
[...]
> Technically you don't have todo 'mod key_length' if you stretch the
key
> to 256 bytes... as was shown in AC.
How is that relevent? You didn't stretch the key either.
--Bryan
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
Date: Wed, 05 Jan 2000 16:15:53 -0500
From: "Trevor Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: Truly random bistream
James Felling wrote:
> TohuVohu wrote:
>
> > I don't see why this is impossible. Isn't radioactive decay "random" enough
> > for this. I thought one of the fundamentals of quantum behaviour is this
> > randomness.
> > I sort of new to all this stuff so please explain.
> >
> > >: I would like to get hold of a truly random bitstream - about 2^24 bits long
> > >: should be plenty. Does anyone know if such a thing exists for download ?
> > >
> > >No such thing is known to exist anywhere on the planet.
> > >
> > >If anyone were ever foolish enough to puport to offer such a service,
> > >it would not be possible to verify whether their material was genuine.
>
> It is possible to produce bitstreams that are arbitrarilally random, but "truly"
> random is impossible -- it is like producing the largest integer -- you can always
> find a bigger intreger(or a system flaw which induces some potential correlation
> that can be corected byv some method), but "truly" random is not an achievable
> goal.
Perhaps the term "provably random" would make it clear that the goal is unattainable.
One can believe that a particular stream is "truly" random in the sense that each bit
is completely independent of every other bit, but there does not seem to be any way to
prove that is the case.
------------------------------
From: mike cardeiro <[EMAIL PROTECTED]>
Subject: Re: byte representation
Date: Wed, 05 Jan 2000 21:08:35 GMT
In article <84t7is$4ah$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (Keith A Monahan) wrote:
> Yes, eight binary ones is 255 for an unsigned 8bit byte. Do you have
> a scientific calculator? Perhaps 'calc' in windows95/98/nt ? Be
great
thanks for your help
mike cardeiro
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
Date: Wed, 05 Jan 2000 16:31:22 -0500
From: "Trevor Jackson, III" <[EMAIL PROTECTED]>
Crossposted-To: alt.privacy
Subject: Re: Secure Delete Smart
Henry wrote:
> Why go to all the trouble when you can absolutely destroy portable magnetic
> media records by passing the media near a powerful magnet?
This does not destroy the data, it merely makes it inaccessible to the normal read
mechanism. Using more sophisticated equipment it can be recovered because the data is
still present.
> [Has the added
> advantage of permitting the re-use of the media] As for Hard Drives, there
> is simple software available which completely overwrites a file you wish
> deleted [instead of just obscuring the file name] making it impossible to
> recover, or, of course, there is always the Format command which wipes the
> entire disk beyond recovery.
Beyond recovery by who? Someone with out an UnFormat command? The PC-DOS UnFormat
command is several versions old, perhaps 10 years. If you meant a low-level, AKA
sector format, it only overwrites the data, it does not obliterate it.
For non classified data the recommended minimum is 17 passes with data patterns that
depends on the recording mechanism. For classified data, not amount of recording is
sufficient to obliterate the original data completely. So destruction of the medium
is required.
>
>
> "John G. Otto" wrote:
>
> > > Guy Macon wrote:
> > >> Mark D wrote:
> > >> So here's your solution: burn all your information to cd, and if you
> > >> want to 'secure delete' it, you just smash the cd. Since they're only
> > >> about a buck a piece, it would be fairly inexpensive.
> >
> > Sand them, first. :B-)
> >
> > > I actually do this, but I use floppies and toss them in the fireplace
> > > (I know, bad gasses, but it's just one floppy and it mostly goes up
> > > the stack if you toss it in deep).
> >
> > Not too bad. If it's hot enough, the heat alone destroys the
> > magnetic pattern, and the "bad gasses".
> >
> > Some places, I've heard, take their old hard drives apart and
> > drop the platters in acid to eat up the metal oxide coatings.
> > --
> > John G. Otto Nisus Software, Engineering
> > http://www.nisus.com SuperSleuth QUED/M
> > http://www.mathhelp.com GIA Nisus Writer
> > http://www.infoclick.com Easy Alarms Mail Keeper
> > Opinions expressed are not those of Nisus Software.
------------------------------
Date: Wed, 05 Jan 2000 16:32:56 -0500
From: "Trevor Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: Unsafe Advice in Cryptonomicon
Mok-Kong Shen wrote:
> John Savard wrote:
> >
> > However, although the display is the _easiest_ target, given a
> > competent adversary, the actual computations the computer is
> > performing, signals to and from the keyboard, signals to and from the
> > hard drive, and so on, are also targets, and thus, TEMPEST-type
> > precautions deal with *all* RF emissions from a computing device.
>
> In view of tempest related attacks, that I guess could only be
> eliminated in rather clumsy ways, it would appear reasonable to
> have some components of one's encryption system to be mechanical
> ones, hence without emissions. This would mean sort of renascence
> of the classical devices. Or am I speculating on an entirely wrong
> track?
Well, mechanical devices emit acoustic signals...
------------------------------
From: Al Wang <[EMAIL PROTECTED]>
Subject: Identifier anonymization
Date: Wed, 05 Jan 2000 16:22:12 -0500
Hi all,
I'm looking for a process by which to take a set of 9-digit identifiers
for a data set, and to anonymize them, so as to generate a new set of
unique strings. This should be deterministic, so that a given
identifier will always be translated into the same string, but that it
is not possible to determine the original identifier from the generated
string.
Is what I'm describing possible? Are there algorithms available? I'm
quite naive in this field, but I read the FAQ, and I'm not sure i can do
what I'm describing without either keeping the algorithm private, or
keeping a key to the algorithm private. As I don't ever have any need
to "decrypt" the string, I would prefer a method in which I don't need
to secure any sort of key. The other requirement is that the generated
string be of reasonable length (no more than twice the length of the
identifier?).
Any help would be greatly appreciated,
Al Wang
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Prime series instead (Re: Pi)
Date: Wed, 05 Jan 2000 21:19:12 GMT
Paul Crowley wrote:
> [EMAIL PROTECTED] writes:
> > Tony Warnock
> >
> > > It converges. There is a theorem that states that
> > > if lim |a(n)| goes to zero
> > > as n goes to infinity then the alternating
> > > sum a(1)-a(2)+a(3)... converges.
> >
> > Well, not quite; the theorem also requires that
> > |a[n]| is decreasing. For example, consider the
> > sequence:
> > 1/2, 0, 1/3, 0, 1/4, 0, 1/5, 0, 1/6, 0, ...
>
> There is another theorem which states that finding the sum of an
> infinite sequence is trickier than you think. I'm trying to remember
> one of the famous example where you can change the sum by re-ordering
> the numbers in the sequence...
One cool trickiness theorem is that if the series
converges but the series of absolute values diverges,
then for any real x there is some re-ordering of the
terms producing a series that converges to x.
--Bryan
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
