Cryptography-Digest Digest #943, Volume #10 Fri, 21 Jan 00 02:13:02 EST
Contents:
Re: MIRDEK: more fun with playing cards. ("r.e.s.")
Re: MIRDEK: more fun with playing cards. ([EMAIL PROTECTED])
Re: MIRDEK: more fun with playing cards. ("r.e.s.")
Re: McDonald's claims Nobel peace fries [off-topic] (Paul Schlyter)
Re: MIRDEK: more fun with playing cards. ("r.e.s.")
Re: What's with transposition? (Boris Kazak)
Re: Intel 810 chipset Random Number Generator ("Trevor Jackson, III")
----------------------------------------------------------------------------
From: "r.e.s." <[EMAIL PROTECTED]>
Subject: Re: MIRDEK: more fun with playing cards.
Date: Thu, 20 Jan 2000 21:31:41 -0800
"Paul Rubin" <[EMAIL PROTECTED]> wrote in message
news:868kgb$ffg$[EMAIL PROTECTED]...
: Paul Crowley <[EMAIL PROTECTED]> wrote:
: re: [RC4 with a deck of cards]
:
: >But third and most importantly, I very much doubt that
: >encryption/decryption would be relatively fast as you say. I suggest
: >you try it with a real deck of cards and see how fast you can go;
: >compare to a computer implementation to see whether you're getting the
: >right answers. You'll have to count lots of cards to index into the
: >deck, swap cards without losing your place, and do Vigenere addition
: >(or for decryption, subtraction, which is worse) in your head. Try
: >feeding the output of the Unix "fortune" program into your
: >implementation and decrypting it; I suspect you'll find it a
: >demoralising experience, with lots of time burned on incorrect
: >decryptions.
:
: You'd lay out 4 rows of 13 cards face up, with a pair of coins
: (not identical) to mark where the X and Y pointers are. Losing
: your place swapping cards doesn't sound like a problem. Since 4 and 13
: are co-prime, you'd do the arithmetic mod 4 and 13 separately, so
: you'd go up 2 columns and over 5, or etc. I've gone through this
: in my head and it doesn't seem too bad. I'll have to try it with
: an actual deck of cards sometime when I get around to borrowing one
: (I don't have one handy and don't feel like buying one just for this).
:
: >You can see that Solitaire is strongly influenced by RC4, but the
: >differences are there because Solitaire is a relatively practical hand
: >cipher and RC4 turns out not to be.
:
: I think Bruce just didn't like the idea of laying out all the cards
: face up (he and I discussed this stuff by email sometime before he
: designed Solitaire).
:
: >Mirdek is IMHO considerably more practical than Solitaire. As you'll
: >see from the website, I've spent quite a bit of time with a stopwatch
: >and a pack of cards, making sure I've got a cipher that can be done in
: >reasonable time. I've successfully decrypted thirty character
: >ciphertexts with six character keyphrases in just over twenty minutes,
: >using only a conversion chart (which is easily drawn from memory) and
: >a pack of cards. Once you've tried doing RC4 by hand and got bored,
: >try doing Mirdek, and I think you'll appreciate why I felt the need to
: >design a new cipher.
:
: One character/minute sounds pretty painful. How about RC4 (even with
: 255 = 15*17 elements) with pencil, paper, 2 coins, and an eraser?
:
:
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: MIRDEK: more fun with playing cards.
Date: Fri, 21 Jan 2000 05:25:25 GMT
Trial Results of ARC4-52 compared with Solitaire.
Well, I did get around to an initial attempt at ARC4-52 and, at least
at first is does seem more difficult to me than Solitaire. However,
I seem to be having trouble with a different part of it than some of
you would expect. I can do addition mod 52 in my head rather easily,
but remembering i an j while counting and swapping cards seems to
befuddle me. Maybe it is just because I don't do that too often,
or maybe I am just not wired that way.
This does bring up a point that may never be agreed upon - which
operation take longer, or are more complex, for a human. The time
it takes a Pentium or K6 processor to do a particular operation can
be looked up in a book - and it is likely if one operation is quicker
than another (addition is quicker than division) on one processor it
is likely to be quicker on most of them. Humans are much more
variable. I can do some math functions in my head that astonish
most algebra and trig teachers - but as I stated above, trying to
remember a couple of numbers while counting to 31 befuddles me.
Also, while I can do some fairly descent gymnastics with my mind
(admittedly not as fast as most people in this forum), manipulations
done with my hands are slower than average. These individual
differences are likely to mean one cypher will be faster for one
person, and a different one for someone else.
Rex Stewart
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: "r.e.s." <[EMAIL PROTECTED]>
Subject: Re: MIRDEK: more fun with playing cards.
Date: Thu, 20 Jan 2000 21:48:38 -0800
sorry about the double post -- the other one escaped prematurely ;-)
"Paul Rubin" <[EMAIL PROTECTED]> wrote ...
[re ARC4 using cards]
: You'd lay out 4 rows of 13 cards face up, with a pair of coins
: (not identical) to mark where the X and Y pointers are. Losing
: your place swapping cards doesn't sound like a problem. Since 4 and 13
: are co-prime, you'd do the arithmetic mod 4 and 13 separately, so
: you'd go up 2 columns and over 5, or etc. I've gone through this
: in my head and it doesn't seem too bad. I'll have to try it with
: an actual deck of cards sometime when I get around to borrowing one
: (I don't have one handy and don't feel like buying one just for this).
:
: >You can see that Solitaire is strongly influenced by RC4, but the
: >differences are there because Solitaire is a relatively practical hand
: >cipher and RC4 turns out not to be.
:
: I think Bruce just didn't like the idea of laying out all the cards
: face up (he and I discussed this stuff by email sometime before he
: designed Solitaire).
Laying out the cards as you say is a great idea.
When done that way, I find "52-card ARC4" is even faster than MIRDEK,
and leaves Solitaire way behind. Using two different coins as pointers,
there is no card movement at all except when swapping, which is now
*very* easy. (Just leave a bit of space for the coins between rows.)
The whole procedure is now practically effortless.
--
r.e.s.
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Paul Schlyter)
Subject: Re: McDonald's claims Nobel peace fries [off-topic]
Date: 21 Jan 2000 05:45:56 +0100
In article <867p78$[EMAIL PROTECTED]>,
Guy Macon <[EMAIL PROTECTED]> wrote:
> In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] (David Hopwood)
>wrote:
>
>> Guy Macon wrote:
>>> New research in America has uncovered a previously unrecognised
>>> fact of diplomacy: no country with a McDonald's has ever gone to
>>> war with another.
>>
>> Counterexamples:
>> - UK against Argentina.
>> - Western countries against Iraq,
>> - NATO countries against Serbia,
>> - Russia against Chechnya.
>
> I would be more impressed with your counterexamples if there had
> actually been a McDonald's in both countries at the time of the
> war. I realize that the part you quoted (not my words but those
> of the news report) are unclear as to whether "another" means
> "another country" or "another country with a McDonald's", but the
> rest of the article makes the latter meaning clear and even
> points out that the first McDonald's in Argentina went up after
> the falklands war with the UK.
So what's your conclusion? Does McDonalds presence in a cuntry
somehow prevent it from going to war with another country with
McDonalds presence? Or is McDonalds presence in virtually every
country such a recent phenomenon that so far, no nations at war have
both had McDonalds?
Likewise one could conclude:
"No country with an atomic bomb has ever gone to war with another
country with an atomic bomb"
Conclusons? Will spreading atomic bombs to all countries help
prompting worldwide peace? <g>
--
================================================================
Paul Schlyter, Swedish Amateur Astronomer's Society (SAAF)
Grev Turegatan 40, S-114 38 Stockholm, SWEDEN
e-mail: [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
WWW: http://hotel04.ausys.se/pausch http://welcome.to/pausch
------------------------------
From: "r.e.s." <[EMAIL PROTECTED]>
Subject: Re: MIRDEK: more fun with playing cards.
Date: Thu, 20 Jan 2000 22:11:30 -0800
Rex,
I suppose you mean you have trouble adding the *swapped* cards.
The pointers themselves have no value except as the cards they
mark, i.e. the ones that get swapped. ("y=y+S(x)" as a source
code instruction translates into "move the y-pointer ahead by
jumping over a number of cards equal to the value of the card
pointed to by the x-pointer", just as "x=x+1" means "move the
x-pointer ahead by jumping over 1 card".)
As far as adding the two swapped cards mod 52, I use the suits
to keep things straight. (I'm visually-oriented, and see
Diamonds,Spades,Hearts,Clubs as visually suggestive of 0,1,2,3
respectively -- spades & clubs have "stems" with 1 and 3 globs
attached; diamond and spades look "roundish" (even) with a
diamond resembling a 0. Thus an X of diamonds has value X + 0*13,
while an X of spades has value X + 1*13, etc with X + 2*13 and
X + 3*13 for hearts & clubs, respectively.)
*Note*
Paul Rubin's idea of laying out all the cards in a 4x13 array,
and using two different coins as pointers in the space between
rows, allows *very* fast operation. You'll like it better, I'm
sure. The only card movement is the swap, which is a cinch.
This is now the fastest card cipher I've seen.
--
r.e.s.
[EMAIL PROTECTED]
<[EMAIL PROTECTED]> wrote in message news:868qjo$b8e$[EMAIL PROTECTED]...
: Trial Results of ARC4-52 compared with Solitaire.
:
: Well, I did get around to an initial attempt at ARC4-52 and, at least
: at first is does seem more difficult to me than Solitaire. However,
: I seem to be having trouble with a different part of it than some of
: you would expect. I can do addition mod 52 in my head rather easily,
: but remembering i an j while counting and swapping cards seems to
: befuddle me. Maybe it is just because I don't do that too often,
: or maybe I am just not wired that way.
...
------------------------------
From: Boris Kazak <[EMAIL PROTECTED]>
Subject: Re: What's with transposition?
Date: Thu, 20 Jan 2000 22:17:00 -0800
Reply-To: [EMAIL PROTECTED]
"Douglas A. Gwyn" wrote:
>
> KitKat wrote:
> > I'd like to have the explanation as to
> > why transposition (-only) cryptosystems are easily defeated
>
> Basically, it's because it is so easy to match up adjacent pieces.
> For example, the English-letter transposition cipher text
> OENNNTPUERAAEVKSQSOKWEE is moderately well scrambled, but look:
> Q is followed by U; perhaps nearby letters have similar connections,
> brought out by writing segemnts of ciphertext down the columns:
> ..VN.. ?
> ..KT.. ?
> ..SP..
> ..QU.. <-
> ..SE.. !
> ..OR.. !
> ..KA..
> ....................
> In a more elaborate example, for example with a spiral route,
> not so many characters would line up, but so long as the
> pattern has a fair amount of localization, this sort of
> matching up of adjacent likely n-grams often works.
>
> For harder cases, it may be necessary to collect more than
> one message *of the same length* and anagram them concurrently;
> e.g. QU in one might correspond to NG in the other, suggesting
> ING which would produce whatever precedes QU in the first, etc.
======================================
Among various transposition systems one certainly worth noting
is
the rectangular grille cipher. Its origin is largely unknown to me, but
it
was very popular in the 19-th century among Italian and Russian
revolutionaries.
The principle of this cipher is best understood with an example.
A revolutionary emissary wants to send a message:
MEETING IN PALERMO ARRESTED CHELENTANO TRAITOR CLOSE ANTONIO HOUSE
SILVAN
obviously without any spaces, commas, dots etc. Here is the method he
uses.
The following sketch represents an 8x8 square, where 16 of 64
small squares are punched out, and the remaining are in place, holding
the
system together. In practice such a grille would be cut of a paper sheet
with the help of a knife or small scissors.
-----------------------
|WW| |WW|WW|WW|WW| |WW|
|--|--|--|--|--|--|--|--|
|WW| |WW| |WW| |WW|WW|
|--|--|--|--|--|--|--|--|
|WW|WW|WW| |WW|WW|WW| |
|--|--|--|--|--|--|--|--|
| |WW|WW|WW| |WW|WW|WW|
|--|--|--|--o--|--|--|--|
|WW|WW|WW|WW|WW| |WW|WW|
|--|--|--|--|--|--|--|--|
|WW| |WW|WW|WW| |WW| |
|--|--|--|--|--|--|--|--|
|WW|WW|WW| |WW|WW|WW|WW|
|--|--|--|--|--|--|--|--|
|WW|WW|WW|WW| |WW|WW| |
-----------------------
Our emissary starts writing. He places the grille on a blank
page
and pins the middle of it to the paper (the small "o" in the center). He
writes the letters in the openings, one letter per square. The message
reads now:
M E
E T I
N G
I N
P
A L E
R
M O
Not much of a ciphertext yet, the words are clearly visible. But
wait, the emissary turns his grille 90 degrees clockwise. All the
letters
already written are now hidden under the grille, and punched holes open
new places for writing. The message continues:
M A E
E R T I R E
N G
I S N T E
D C P
A H E L L E
R E
N T M A O
That's already much better, but this is only half of the story.
The
emissary turns the grille another 90 degrees clockwise and keeps
writing:
N M O A E
E R T T I R E
R A N I G
I S T N T E
D O C P R
C A H E L L L E
O R S E N
T A A M N N O
And here the grille turns another 90 degrees:
N M T O A O E N
I E R T T I R E
R O A N H O I G
I S T U N T E S
D E S O C P I R
C A H E L L L E
L V O R S A E N
T A A N M N N O
Obviously, deciphering is the same as enciphering, the recepient
just
reads the scrambled message through the grille, rotating it 90 degrees
in
order to read the next section.
Now let us look at the grille in more detail. In particular let
us
figure out how the grille spacings are positioned and how many different
grilles of a given size can be constructed.
In order to do this, let us draw the square grille as if it
consists
of 4 quadrants, each one comprising 16 small squares numbered from 1 to
16.
Quadrant 1 Quadrant 2
-----------------------
| 1| 2| 3| 4|13| 9| 5| 1|
|--|--|--|--|--|--|--|--|
| 5| 6| 7| 8|14|10| 6| 2|
|--|--|--|--|--|--|--|--|
| 9|10|11|12|15|11| 7| 3|
|--|--|--|--|--|--|--|--|
|13|14|15|16|16|12| 8| 4|
|--|--|--|--o--|--|--|--|
| 4| 8|12|16|16|15|14|13|
|--|--|--|--|--|--|--|--|
| 3| 7|11|15|12|11|10| 9|
|--|--|--|--|--|--|--|--|
| 2| 6|10|14| 8| 7| 6| 5|
|--|--|--|--|--|--|--|--|
| 1| 5| 9|13| 4| 3| 2| 1|
-----------------------
Quadrant 4 Quadrant 3
The actual design is very simple. One of four squares #1 is
punched
out, then one of four squares #2, and so on until there will be 16 holes
comprising all the numbers. It should be obvious that in 4 rotations all
64 places will be covered, 16 at a time.
This procedure immediately answers the question about the total
number of possible grilles. Since there are 4 different possible
positions
for each hole, the total number of combinations is equal to 4^16 or
2^32,
in other words about 4 billion different grilles size 8x8 are possible.
Bigger grilles will provide better security due to larger number
of possible combinations, for example a 10x10 grille has 2^50 variants,
or about 10^15 - 250,000 times more than 8x8 grille.
Grilles need not be square, rectangular grilles can be made
which
can be better suited to the paper sheet size. An example of a 4x6 grille
template shows that the numbering system is slightly changed - adjacent
quadrants are now numbered as a mirror image of one another.
-----------------
| 1| 2| 3| 3| 2| 1|
|--|--|--|--|--|--|
| 4| 5| 6| 6| 5| 4|
|--|--|--|--|--|--|
| 4| 5| 6| 6| 5| 4|
|--|--|--|--|--|--|
| 1| 2| 3| 3| 2| 1|
-----------------
The design is basically the same, one of four squares #1 is
punched
out, then one of four squares #2, and so on until there will be 6 holes
comprising all the numbers. The usage, however, is a little different -
after the first section is written, the grille must be turned 180
degrees,
after the second section it must be flipped over, after the third
section it
must be again rotated 180 degrees. Readers are welcome to experiment and
to find out the proper usage of the grilles of different kinds.
Now the last (but not least important) subject. How can the
grille
be memorized, so that our amateur cryptographer would not carry around
the
actual grille or a picture of it in the pocket? A method exists which
makes
use of the binary numbering system.
Taking as an example the 8x8 grille used by Mr. Silvan, one can
write down the position of its holes as 8 binary numbers, where 1 stands
for the hole and 0 stands for the solid paper:
01000010 = 42 hex = 66 decimal
01010100 = 54 hex = 84 decimal
00010001 = 11 hex = 17 decimal
10001000 = 88 hex = 136 decimal
00000100 = 04 hex = 4 decimal
01000101 = 45 hex = 69 decimal
00010000 = 10 hex = 16 decimal
00001001 = 09 hex = 9 decimal
Hex numbers or decimal numbers are easy to memorize, to pass to
a
partner, and what is most important, the 8 numbers allow to easily
reconstruct the original grille whenever it is needed.
An alternative way is to write down the numbers of the quadrants
where successive holes have been punched. In case of Mr. Silvan's grille
the
sequence will be:
3 1 2 3 2 1 4 1 3 2 3 1 1 4 3 2
just like a long telephone number, and can be disguised as such in a
notebook:
(31)-232-1-413-321-1432
In the expert opinion of contemporary cryptanalysts, grilles
alone
do not provide adequate security, which is due to the fact that
transposition
ciphers do not change the alphabet codes relative frequencies. However,
in
my humble opinion, short delay is sometimes all that is needed. Imagine
that
it would take carabineros 2 days to break Mr. Silvan's code and to read
the
message. By this time unlucky Chelentano with his throat slashed would
be
already feeding the octopuses at the bottom of the Bay of Naples,
marshals
raiding the Antonio House would find it abandoned, and Silvan would
already
be known as Pietro and would use another grille out of 4 billion
possible.
Finally, the combination of Vigenere polyalphabetic substitution
with
a subsequent grille permutation is to be taken VERY seriously...
Presented by Boris N. Kazak
------------------------------
Date: Fri, 21 Jan 2000 01:57:49 -0500
From: "Trevor Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: Intel 810 chipset Random Number Generator
Peter Pearson wrote:
> If any followers of this thread are still interested in
> information on the Intel RNG, it was reviewed by Ben Jun
> and Paul Kocher, of Cryptography Research, in a paper
> available at www.cryptography.com/intelRNG.pdf.
Thank you for the reference. The mood of this paper makes me want to
ask who paid for the study.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
