Cryptography-Digest Digest #981, Volume #10 Wed, 26 Jan 00 15:13:01 EST
Contents:
Re: How much does it cost to share knowledge? (Jeff Williams)
Re: Pencil & paper cipher question (Jeff Williams)
Re: A Format for Cipher Challenges (JPeschel)
Re: Pencil & paper cipher question (John Savard)
Re: english word list (Keith A Monahan)
Re: A Format for Cipher Challenges (John Savard)
Re: RSA v. Pohlig-Hellman (John Savard)
Re: code still unbroken (John Savard)
Re: Strong stream ciphers besides RC4? (John Savard)
Re: Newbie to PGP: RSA vs DH/DSS (John Savard)
Should I buy the Dr Dobbs CD? (Victor Zandy)
Re: Should I buy the Dr Dobbs CD? (JPeschel)
Re: english word list (JPeschel)
Re: "Trusted" CA - Oxymoron? (Anne & Lynn Wheeler)
----------------------------------------------------------------------------
From: Jeff Williams <[EMAIL PROTECTED]>
Subject: Re: How much does it cost to share knowledge?
Date: Wed, 26 Jan 2000 11:37:00 -0600
==============B8732955B78866515A0AE3A0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Tom, as far as students go, typically such student rates are aimed at
grad students (masters or doctoral candidates) who, frequently,
can get stipends (or whatever term you like to use) from their
respective institution. When someone else pays all, or part, of
the bill, $300US isn't a big deal.
Many grad students I know are, to some extent, employed by
the university at which they are studying.
Consider yourself flattered that you're on NIST's mailing list.
Jeff
Keith A Monahan wrote:
> Hey Tom,
>
> $300 (or $485 regular) is really a somewhat fair and reasonable price.
> I typically attend other technical conferences for work and they are
> somewhere in the $1500-$2000 range. Remember, this is New York City so
> everything is higher and the New York Hilton is one of the better
> hotels in the area.
>
> I'm not trying to justify their prices but I'll bet you they aren't
> making as much off it as you think.
>
> Besides, with this being a 'niche' type conference, there won't be as
> many reservations as there would be at say, a $50 computer show.
>
> With all this being said, I'm hoping my company is going to send me
> up there for a few days -- and they will be the ones paying for it.
> When I told my boss, $485, his response was, "Is that it? Hell, expenses
> will be more than that." Usually, its the other way around -- or closer
> anyways.
>
> Keith
>
> Tom St Denis ([EMAIL PROTECTED]) wrote:
> : I just got an reservation card from NIST today. 300 bucks for student
> : reservation? What the f'!@#% for? I will most likely just sit their
> : and take notes/etc...
>
> : I think they are being a bit arrogant there.
>
> : For some of you 300 bucks [US none-the-less] may seem perfectly fine,
> : but for a student [and a canadian at that] it's completely insane.
> : That's like 450 or so CDN.
>
> : So if anyone related to nist is reading I have a message for you "Get
> : real!"
>
> : Sorry but had to be said.
>
> : Tom
>
> : Sent via Deja.com http://www.deja.com/
> : Before you buy.
--
Jeff Williams - Alcatel USA.
Did you know that there is enough sand
in North Africa to cover the entire
Sahara desert?
==============B8732955B78866515A0AE3A0
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit
<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
<html>
Tom, as far as students go, typically such student rates are aimed at
<br>grad students (masters or doctoral candidates) who, frequently,
<br>can get stipends (or whatever term you like to use) from their
<br>respective institution. When someone else pays all, or part,
of
<br>the bill, $300US isn't a big deal.
<p>Many grad students I know are, to some extent, employed by
<br>the university at which they are studying.
<p>Consider yourself flattered that you're on NIST's mailing list.
<p>Jeff
<p>Keith A Monahan wrote:
<blockquote TYPE=CITE>Hey Tom,
<p>$300 (or $485 regular) is really a somewhat fair and reasonable price.
<br>I typically attend other technical conferences for work and they are
<br>somewhere in the $1500-$2000 range. Remember, this is New York
City so
<br>everything is higher and the New York Hilton is one of the better
<br>hotels in the area.
<p>I'm not trying to justify their prices but I'll bet you they aren't
<br>making as much off it as you think.
<p>Besides, with this being a 'niche' type conference, there won't be as
<br>many reservations as there would be at say, a $50 computer show.
<p>With all this being said, I'm hoping my company is going to send me
<br>up there for a few days -- and they will be the ones paying for it.
<br>When I told my boss, $485, his response was, "Is that it? Hell, expenses
<br>will be more than that." Usually, its the other way around --
or closer
<br>anyways.
<p>Keith
<p>Tom St Denis ([EMAIL PROTECTED]) wrote:
<br>: I just got an reservation card from NIST today. 300 bucks for
student
<br>: reservation? What the f'!@#% for? I will most likely
just sit their
<br>: and take notes/etc...
<p>: I think they are being a bit arrogant there.
<p>: For some of you 300 bucks [US none-the-less] may seem perfectly fine,
<br>: but for a student [and a canadian at that] it's completely insane.
<br>: That's like 450 or so CDN.
<p>: So if anyone related to nist is reading I have a message for you "Get
<br>: real!"
<p>: Sorry but had to be said.
<p>: Tom
<p>: Sent via Deja.com <a href="http://www.deja.com/">http://www.deja.com/</a>
<br>: Before you buy.</blockquote>
<pre>--
Jeff Williams - Alcatel USA.
Did you know that there is enough sand
in North Africa to cover the entire
Sahara desert?</pre>
</html>
==============B8732955B78866515A0AE3A0==
------------------------------
From: Jeff Williams <[EMAIL PROTECTED]>
Subject: Re: Pencil & paper cipher question
Date: Wed, 26 Jan 2000 11:40:11 -0600
==============BD1C325B05D863FB1A6E91D7
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Neil,
you really need to spcify your security requirements more thoroughly.
For example, how long must the messages remain secure?
Who are your adversaries (ie: US Gov, your wife, your mom, KGB...)?
"reasonable results" requires a context.
Jeff
Neil Bell wrote:
> If one has a need for a reasonably secure pencil and paper cipher
> that:
>
> 1. Cannot risk one time pad discovery
> 2. Cannot use mechanical aids
> 3. Prefers not to have to construct LENGTHY polyalphabetic tables
> 4. Knows transposition, playfair, 6x6 squares yielding digraphs, etc
> 5. Sends messages weekly, about 400 characters
> 6. CAn share short phrases, sentences or commonly known text
>
> What combinations or multiple applications of these cipher techniques
> would yield reasonable results?
>
> Newbie
--
Jeff Williams - Alcatel USA.
Did you know that there is enough sand
in North Africa to cover the entire
Sahara desert?
==============BD1C325B05D863FB1A6E91D7
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit
<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
<html>
Neil,
<p>you really need to spcify your security requirements more thoroughly.
<br>For example, how long must the messages remain secure?
<br>Who are your adversaries (ie: US Gov, your wife, your mom, KGB...)?
<br>"reasonable results" requires a context.
<p>Jeff
<p>Neil Bell wrote:
<blockquote TYPE=CITE>If one has a need for a reasonably secure pencil
and paper cipher
<br>that:
<p>1. Cannot risk one time pad discovery
<br>2. Cannot use mechanical aids
<br>3. Prefers not to have to construct LENGTHY polyalphabetic tables
<br>4. Knows transposition, playfair, 6x6 squares yielding digraphs,
etc
<br>5. Sends messages weekly, about 400 characters
<br>6. CAn share short phrases, sentences or commonly known text
<p>What combinations or multiple applications of these cipher techniques
<br>would yield reasonable results?
<p>Newbie</blockquote>
<pre>--
Jeff Williams - Alcatel USA.
Did you know that there is enough sand
in North Africa to cover the entire
Sahara desert?</pre>
</html>
==============BD1C325B05D863FB1A6E91D7==
------------------------------
From: [EMAIL PROTECTED] (JPeschel)
Subject: Re: A Format for Cipher Challenges
Date: 26 Jan 2000 18:19:19 GMT
[EMAIL PROTECTED] (John Savard) outlines:
[his proposal for presenting cipher challeges]
Seems like a good idea.
John,
What do you think of presenting cipher
cracking challeges wherein the encryptor is
a commercial program? I'm thinking, of course,
of those programs that make outlandish claims
about their cryptographic strength. True, these
encryption processes are almost always unknown,
but there do seem to be quite a few folks
around here who can (or claim they can)
reverse-engineer software.
Any ideas for a format?
Joe
__________________________________________
Joe Peschel
D.O.E. SysWorks
http://members.aol.com/jpeschel/index.htm
__________________________________________
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Pencil & paper cipher question
Date: Wed, 26 Jan 2000 11:52:25 GMT
Neil Bell <[EMAIL PROTECTED]> wrote, in part:
>3. Prefers not to have to construct LENGTHY polyalphabetic tables
The use of a straddling checkerboard, so that you can add digits
instead of using a 26 x 26 Vigenere table is then advisable.
You might get some ideas from my page. I'd recommend something
involving fractionation.
John Savard (jsavard<at>ecn<dot>ab<dot>ca)
http://www.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: [EMAIL PROTECTED] (Keith A Monahan)
Subject: Re: english word list
Date: 26 Jan 2000 18:57:23 GMT
Joe,
Thanks for the response.
I found http://www.bryson.demon.co.uk/wordlist.html today and the UK
Advanced Cryptics dictionary was pretty darn nice.
JPeschel ([EMAIL PROTECTED]) wrote:
: Good luck recovering your password!
Thanks. I'm not sure if you caught the thread about my harddrive, but I did
finally recover the entire passphrase!
As far as today's task, it was successful too. I was cracking an
administrator account on a local NT machine which we needed access to.
The dictionary attack (using L0phtCrack 2.5) found it in like milliseconds
on the PIII 500mhz :) I had to run NTFSDOS to get the SAM database file
since it was protected from opening.
Thanks again,
Keith
: Joe
: __________________________________________
: Joe Peschel
: D.O.E. SysWorks
: http://members.aol.com/jpeschel/index.htm
: __________________________________________
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: A Format for Cipher Challenges
Date: Wed, 26 Jan 2000 11:55:33 GMT
[EMAIL PROTECTED] (JPeschel) wrote, in part:
>What do you think of presenting cipher
>cracking challeges wherein the encryptor is
>a commercial program? I'm thinking, of course,
>of those programs that make outlandish claims
>about their cryptographic strength. True, these
>encryption processes are almost always unknown,
>but there do seem to be quite a few folks
>around here who can (or claim they can)
>reverse-engineer software.
>Any ideas for a format?
Not really, although there an explanation of the technique of cracking
is proof enough - since now the program, rather than any messages, is
the 'format'.
While I'm not an expert at that kind of thing myself, I don't think
that a claim of being able to reverse-engineer software is that
outrageous; inherently, that is easier than breaking ciphers, since
all the information is available. (Although I've noted a technique of
protecting software that may have _some_ frustration value.)
John Savard (jsavard<at>ecn<dot>ab<dot>ca)
http://www.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: RSA v. Pohlig-Hellman
Date: Wed, 26 Jan 2000 11:57:19 GMT
"Roger Schlafly" <[EMAIL PROTECTED]> wrote, in part:
>Greg <[EMAIL PROTECTED]> wrote in message
>news:86lbo7$612$[EMAIL PROTECTED]...
>> I was reading through one of counterpane's web pages on the RSA
>> patent. And it said basically that the Pohlig-Hellman is one
>> good prior art to challenge the RSA patent with.
>There is some dispute about this. There was going to be a
>court case on this, but the challenger was paid to destroy
>the evidence.
A pity that isn't illegal, as it would prejudice future civil cases.
Preventing civil actions in the future from reaching accurate outcomes
is as much an obstruction of justice as destroying evidence relating
to a criminal matter.
John Savard (jsavard<at>ecn<dot>ab<dot>ca)
http://www.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: code still unbroken
Date: Wed, 26 Jan 2000 12:00:48 GMT
Tom St Denis <[EMAIL PROTECTED]> wrote, in part:
>maybesomeoneshouldreadthefaqbeforeposting
a) the message did not contain any encrypted text, but a pointer to a
web site
b) this message came up for discussion previously; it's believed to be
a paper-and-pencil cipher (simple substitution with homophones)
c) the people you should really have criticized were the people who
posted "I need help cracking this message" without revealing that they
wanted to take our help cracking it, and then keep the prize money ...
that's how this puzzle got discussed on this group the previous time.
In general, the kind of posting you're thinking of does deserve a loud
Bronx cheer, but I think you'll need to be a bit more selective before
charging into posters.
John Savard (jsavard<at>ecn<dot>ab<dot>ca)
http://www.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Strong stream ciphers besides RC4?
Date: Wed, 26 Jan 2000 12:09:08 GMT
[EMAIL PROTECTED] (Terry Ritter) wrote, in part:
>You can wish and hope all you want, but Algorithm M is still not
>secure. Sorry.
The attack used in those Cryptologia articles required that the entire
pseudo-random output from the linear congruential generator be used.
Just use the most significant byte, and a sufficiently large integer
to make the required arrays impractical (16-bit arithmetic is no good,
but 128-bit arithmetic works nicely) and such attacks on a simple
MacLaren-Marsaglia generator fall apart.
Use the XOR of the output of two MacLaren-Marsaglia generators with
different periods.
However, since these attacks were shown against a weak version of
MacLaren-Marsaglia, there's been very little study of that method when
used properly, so one should perhaps use a better-studied method, if
that is how one seeks confidence. Except for the slow Blum-Blum-Shub
method, I can't think of anything offhand.
Using, for encryption, the _whole integer_ produced by a linear
congruential generator, to my mind, is like using a rotor machine that
enciphers one letter using all five rotors, the next one using only
the first four rotors, and so on until the fifth letter is enciphered
using only the first rotor, and *then* steps the rotor mechanism.
(Remember, the last bit has period 2, the second-last bit has period
4, and so on.) Which is why I didn't feel that attack really proved
much about MacLaren-Marsaglia when used properly.
John Savard (jsavard<at>ecn<dot>ab<dot>ca)
http://www.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Newbie to PGP: RSA vs DH/DSS
Date: Wed, 26 Jan 2000 12:13:07 GMT
"Danny Johnson" <[email protected]> wrote, in
part:
>I've also noticed that at least one
>person in this newsgroup had a line in his/her signature stating they
>would only accept RSA. Why is this? Is one superior to the other?
The older, DOS version of PGP didn't use DH. Early freeware versions
of the newer versions of PGP didn't use RSA. So this has to do with a
protest against the incompatibility, not a technical issue between
public-key algorithms.
John Savard (jsavard<at>ecn<dot>ab<dot>ca)
http://www.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: Victor Zandy <[EMAIL PROTECTED]>
Subject: Should I buy the Dr Dobbs CD?
Date: 26 Jan 2000 13:29:58 -0600
I need a copy of Stinson's "Cryptography: Theory and Practice".
Instead of buying the paper edition, I am considering the Dr Dobbs
Journal CDROM collection of cryptography books, which supposedly
contains Stinson and several other titles. The price difference is
small and the CD contains several other books that interest me.
Is this CD a good product?
I must be able to easily print quality, full size copies of the
pages I need from the CD. It would be fine if the CD contains
postscript or pdf copies of the books. I prefer postscript or pdf
generated from the computer sources of the texts, not scans of paper
editions (of course, that may not be possible for all titles on the
CD, but it should be for Stinson). I don't care about search tools on
the CD, if any, as long as they don't interfere with printing. I
don't want to have to rely on software provided on the CD to view or
print the book contents.
I found one article in deja.com that says some of the text on the
CD is "garbled". What does that mean? Is it still true of more
recent pressings of the CD?
Thanks.
Vic Zandy
------------------------------
From: [EMAIL PROTECTED] (JPeschel)
Subject: Re: Should I buy the Dr Dobbs CD?
Date: 26 Jan 2000 19:38:04 GMT
Victor Zandy [EMAIL PROTECTED] writes, in part:
>Is this CD a good product?
Yes. Buy it.
Joe
__________________________________________
Joe Peschel
D.O.E. SysWorks
http://members.aol.com/jpeschel/index.htm
__________________________________________
------------------------------
From: [EMAIL PROTECTED] (JPeschel)
Subject: Re: english word list
Date: 26 Jan 2000 20:03:46 GMT
[EMAIL PROTECTED] (Keith A Monahan) writes, in part:
>Thanks. I'm not sure if you caught the thread about my harddrive, but I did
>finally recover the entire passphrase!
Nope, but I just looked it up. Seems you recovered it while
I was out of the country. Shame on you! :-)
Congratulations!
Joe
__________________________________________
Joe Peschel
D.O.E. SysWorks
http://members.aol.com/jpeschel/index.htm
__________________________________________
------------------------------
Crossposted-To:
alt.privacy,alt.security.pgp,comp.security.pgp,comp.security.pgp.discuss
Subject: Re: "Trusted" CA - Oxymoron?
Reply-To: Anne & Lynn Wheeler <[EMAIL PROTECTED]>
From: Anne & Lynn Wheeler <[EMAIL PROTECTED]>
Date: Wed, 26 Jan 2000 20:07:15 GMT
the other issue is what does a certificate convey?
standard certification represents some vetting of information that
occured at the time the certificate was manufactored. It does a poor
job when timely information &/or information aggregation is involved.
oSCP goes a little way torwards providing timely indication of whether
the stale information is still valid or not (it is a direct analoge of
numerous distributed caching algorithms developed in the '70s and '80s
for things like files &/or pieces of files; the difference is that
most of these caching infrastructures not only had timely invalidation
protocol ... but also timely cached information refresh semantics).
One of the possible certificate targets was something akin to the
semantics of a check with a limited signing limit (i.e. a check that
carried printing that said it was limited to $5000). However, as was
discovered in the 60s & 70s ... this lacked timely information &
information aggregation capability ... i.e. somebody did a one million
dollar order by signing two hundred $5000 checks. The 60s & 70s
started to see emerging online transaction operations which provided
both timely information & information aggregation paradigm support.
The certificate paradigm is targeted at offline, atomic operations
(i.e. infrastructures not requiring timely information, online
information, and/or information aggregation). Attempting to actually
translate certificates into something like a offline, electronic check
transaction scenerio ... would be equivalent to reversing the online
direction to an offline pre-60s paradigm.
In some cases (as per prior note), CAs may be authenticating the wrong
information (i.e. leading to things like privacy compromises). In
other cases, a CA can absolutely authenticate some piece of
information at some point of time ... but having manufactored a
certificate at some point in the past with stale information, its
application is irrelevant to online, timely information, and/or
information aggregation paradigm. The trust isn't in question but
infrastructure failures occur because the paradigms didn't intersect
(aka making sure that nobody could fudge the "$5000" on a signing
limit check to read "one million" ... when the problem was the use of
two hundred $5000 checks).
similar thread:
http://www.garlic.com/~lynn/99.html#228
--
Anne & Lynn Wheeler | [EMAIL PROTECTED], [EMAIL PROTECTED]
http://www.garlic.com/~lynn/ http://www.adcomsys.net/lynn/
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
