Cryptography-Digest Digest #937, Volume #10 Thu, 20 Jan 00 14:13:01 EST
Contents:
Re: Wagner et Al. (Shawn Willden)
Re: Blowfish Question (Shawn Willden)
Re: Ciphers for Parallel Computers (Tim Tyler)
Re: Mispronounce words. (OT Re: How to pronounce "Vigenere"?) (Derek Bell)
Re: McDonald's claims Nobel peace fries - Who cares? (Glenn Larsson)
Re: NIST, AES at RSA conference (Michael Sierchio)
Re: ECC vs RSA - A.J.Menezes responds to Schneier (James Felling)
Re: Wagner et Al. (Jerry Coffin)
Re: Blowfish Question (Eric Lee Green)
Re: Forward secrecy for public key encryption: MYH (David Wagner)
Re: LSFR (Mike Rosing)
Re: ECC vs RSA - A.J.Menezes responds to Schneier (Mike Rosing)
importance of crypto (Keith A Monahan)
Re: Wagner et Al. (James Felling)
TwoFish module for Python (Eric Lee Green)
Re: Question about Digital Cash (Mike Rosing)
Re: LSFR (David Wagner)
Re: Mispronounce words. (OT ) (William Rowden)
Re: TwoFish module for Python (Eric Lee Green)
----------------------------------------------------------------------------
Date: Mon, 17 Jan 2000 18:06:40 -0700
From: Shawn Willden <[EMAIL PROTECTED]>
Subject: Re: Wagner et Al.
Guy Macon wrote:
> A normal NT installation does not give
> ordinary users debugging rights. or access to certain portions of the
> disk (and you can add your crypto directory to the portions that
> ordinary users cannot access).
Can an NT installation be set up such that some files are not accessible even to the
Administrator? For an system I'm building, I'm seriously considering locking out the
Administrator account.
Shawn.
------------------------------
Date: Tue, 18 Jan 2000 15:13:40 -0700
From: Shawn Willden <[EMAIL PROTECTED]>
Subject: Re: Blowfish Question
Chung W Leong wrote:
> Even if you have control over the original text, analyzing the resulting
> encrypted text would still yield no information (even or odd, divisibility,
> the number of 1s and 0s, tendency, attitude, psychological state) about the
> secret key? What if you have multiple (say 1000) original-encrypted text
> pairs?
>
> My firm is currently working on a e-commerce site, where we're planning to
> encrypt the credit card numbers of customers with Blowfish before storing
> them into the database, in case the security of the database is compromised.
A good way to characterize the assumptions used in cryptanalytic attacks on
algorithms is as follows:
Assume that the attacker has full details of the design and implementation of
the algorithm. Further, assume that the attacker has access to an "oracle", a
device that will encrypt and decrypt anything the attacker wants, using a key
that is *not* known to the attacker. Assume that the attacker has the time,
interest and ability to perform a very large number of computations, up to, but
not including, 2^n, where n is the key size in bits (i.e. assume that the
attacker can't mount a brute force attack, but can get close).
Under those assumptions, the algorithm is weak if:
o The attacker can determine any bit of the key correctly with probability
greater than 1/2 (he can determine correctly with probability equal to 1/2 just
by guessing). Determining any bit of any value derived from the key counts too.
o The attacker can correctly predict any bit of ciphertext from the plaintext
(by any means other than obtaining the ciphertext from the oracle) with
probability greater than 1/2.
o The attacker can correctly predict any bit of plaintext from the ciphertext
(by any means other than obtaining the ciphertext from the oracle) with
probability greater than 1/2.
If that weren't enough, even papers that describe theoretical, impractical
attacks on reduced-strength variations of major ciphers are often worthy of
publication, and often enough to disqualify a cipher as weak.
So, those are the standards used to judge Blowfish and algorithms like it. Our
only real measure of security is the amount of analysis that an algorithm has
received without displaying any weakness, per the definitions above.
So, what about Blowfish? It is young, but has received a fair amount of
scrutiny and cryptographers still consider it strong.
Shawn.
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: Ciphers for Parallel Computers
Reply-To: [EMAIL PROTECTED]
Date: Thu, 20 Jan 2000 17:05:45 GMT
John Savard <[EMAIL PROTECTED]> wrote:
: Well, maybe, but I can't think of a way to force an attacker to
: perform a brute-force search of the keyspace serially.
Curiously, I've just come across one such scheme that /claims/ to be able
to offer this type of resistance against parallel keyspace searches.
This is the NTRU system. http://www.ntru.com/tutorials/techsecurity.htm :
``It is worth pointing out that the process of breaking a key pair does
not seem to have much chance of being significantly improved by the
use of many computers working in parallel. This technique can be
effective in attacks on an RSA key - using the quadratic or number
field sieve to factor a large number. [...]''
The page concludes falteringly, though:
``It is not inconceivable that the process of completing one step could
be speeded up by a factor of about N by using N processors, (though this
has never been tried), but even this would only reduce the time by
an insignificant factor of N.''
I'm not qualified to evaluate these claims, based on my current knowledge
of the NTRU public-key cryptosystem. Can anyone more in the know comment?
--
__________
|im |yler The Mandala Centre http://www.mandala.co.uk/ [EMAIL PROTECTED]
Computer engineers do it bit-by-bit.
------------------------------
From: Derek Bell <[EMAIL PROTECTED]>
Subject: Re: Mispronounce words. (OT Re: How to pronounce "Vigenere"?)
Date: 20 Jan 2000 17:32:03 -0000
Trevor Jackson, III <[EMAIL PROTECTED]> wrote:
: "Douglas A. Gwyn" wrote:
:> Mike McCarty wrote:
:> *Sometimes* the better MT programs actually translate a limited
:> sample correctly, it's just that they can't be counted on to always
:> do so.
: Neither can humans. Consider Carter's translator's gaffes (in Poland I
: believe).
ISTR two examples: Poles were told Carter had left America "never to
return" and a phrase was translated as "lusts for the future". Both appeared in
either _The Book of Heroic Failures_ or _The Return of Heroic Failures_, both
by Stephen Pile.
Derek
--
Derek Bell [EMAIL PROTECTED] | Socrates would have loved
WWW: http://www.maths.tcd.ie/~dbell/index.html| usenet.
PGP: http://www.maths.tcd.ie/~dbell/key.asc | - [EMAIL PROTECTED]
------------------------------
From: Glenn Larsson <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: McDonald's claims Nobel peace fries - Who cares?
Date: Thu, 20 Jan 2000 18:23:13 +0100
>No country with a McDonald's outlet has ever gone to war with
>another
Good morning and welcome to our planet - Earth.
Please; continue this discussion in ALT.POLITICS.MCDONALDS.
Regards,
Glenn
(BurgerKing-guy ;o)
------------------------------
From: Michael Sierchio <[EMAIL PROTECTED]>
Subject: Re: NIST, AES at RSA conference
Date: Thu, 20 Jan 2000 09:35:37 -0800
Serge Vaudenay wrote:
> ...
> Actually, if an expert do not have any personal interest about AES, he should better
>wait
> for the final standard before doing some substantial work....
This is a salient point -- unless you're an academician, why bother cryptanalyzing
a cipher that won't be deployed?
--
QUI ME AMET, CANEM MEUM ETIAM AMET
------------------------------
From: James Felling <[EMAIL PROTECTED]>
Subject: Re: ECC vs RSA - A.J.Menezes responds to Schneier
Date: Thu, 20 Jan 2000 11:37:27 -0600
There are composite numbers that will work as P/Q for RSA. They are VERY,
VERY rare-- it is much much more likely that a randomly chosen number is
prime than a usable composite number.
Tom St Denis wrote:
> In article <865vmm$8es$[EMAIL PROTECTED]>,
> Greg <[EMAIL PROTECTED]> wrote:
> > Perhaps I leave myself open to a known attack of a well studied
> > curve, but it seems to me that this is prefered to leaving one's
> > self open to a weakness in a random curve. Does this make sense?
>
> Sorry no comment.
>
> > > > I could not see using a random prime.
> > >
> > > Again, why? Please tell us what you think is wrong with
> > > randomly chosen primes.
> >
> > Well, I mentioned in another thread that I am not sold on primes
> > that are so large that they are tested and then at some point
> > simply assumed to be prime. Some have told me that this does not
> > weaken the cryptosystem, but I have always wondered why that would
> > be if the strength depended on primes to begin with.
>
> Well there are ways to make primse and tests them. See Knuth Vol2 for
> info on that. The problem is spending an hour making a key is a bad
> idea. If it takes 2 mins to verify a key is ok that's not so shotty.
>
> > Again, I believe a well studied cryptosystem and all of its
> > components are superior to anything randomly selected on the
> > fly- the latter seems like a crap shoot. If anything is
> > randomly selected, it should be just as equally capable
> > of being a strong candidate as any other. With primes,
> > you do not have this. With integers used for ECC private keys,
> > you get exactly that- except in a few cases, like 0, 1, and n-1,
> > which are too easy not to avoid.
>
> Funny you say that but even in symmetric ciphers round keys are made on
> the fly. In RC5 for example it has never been proven to be a strong
> key schedule, yet people trust it....
>
> > IMHO, every cryptosystem today has its own small element
> > of unknown. I simply have more confidence in one set of unknowns
> > than I do in others. I really can't sleep at night knowing that
> > my data is hanging from a crap shoot. It just does not work
> > for me.
>
> Umm... maybe smoothness will be defined for ecc? hehehe
>
> > > > RSA relies on
> > > > this approach since primes are not "studied" ahead of use.
> > >
> > > I can't understand what you are saying here. What does it mean to
> > > "study" a prime? Also, what is the antecedent of the word "this"
> > > in the phrase "this approach"?
> >
> > As I understand it, RSA randomly generates prime candidates
> > to use for private keys. You cannot take a lot of time and
> > a lot of people to study a pair of primes to ensure they are
> > really primes like you can an elliptic curve, because to do
> > so exposes the keys. But again, others would say that this
> > is not important- that a number does not have to be a pure
> > prime. If you could explain that to me, I would be all ears.
>
> If you choose p and q, and say p actually is p = a * b, then your rsa
> key will not work since
>
> n = pq
> phi(n) = phi(pq) = (p - 1) * (q - 1)
>
> But the order of the group is not that.. it's actually
>
> phi(n) = (a - 1) * (b - 1) * (q - 1)
>
> But since p and q are random you can't be sure of either. Finally you
> will find that the original definition of phi will not let you find a
> decryption exponent.
>
> So the chances that a) the candidates survies testing and b) works
> flawlessly in RSA and c) are not prime, is very very very very slim...
>
> Tom
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.
------------------------------
From: Jerry Coffin <[EMAIL PROTECTED]>
Subject: Re: Wagner et Al.
Date: Thu, 20 Jan 2000 10:42:22 -0700
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] says...
[ ... ]
> Can an NT installation be set up such that some files are not accessible even to the
> Administrator? For an system I'm building, I'm seriously considering locking out the
> Administrator account.
IIRC, no. When a user requests access to a secured object, the first
security check the system does is to find whether the user has the
ability to take ownership of the object. If they do, the user is
immediately granted access without any other checks being done.
--
Later,
Jerry.
The universe is a figment of its own imagination.
------------------------------
From: Eric Lee Green <[EMAIL PROTECTED]>
Subject: Re: Blowfish Question
Date: Thu, 20 Jan 2000 10:48:35 -0700
Shawn Willden wrote:
> Chung W Leong wrote:
>
> > Even if you have control over the original text, analyzing the resulting
> > encrypted text would still yield no information (even or odd, divisibility,
> > the number of 1s and 0s, tendency, attitude, psychological state) about the
> > secret key? What if you have multiple (say 1000) original-encrypted text
> > pairs?
> > My firm is currently working on a e-commerce site, where we're planning to
> > encrypt the credit card numbers of customers with Blowfish before storing
> > them into the database, in case the security of the database is compromised.
>
> A good way to characterize the assumptions used in cryptanalytic attacks on
> algorithms is as follows:
>
> Assume that the attacker has full details of the design and implementation of
> the algorithm. Further, assume that the attacker has access to an "oracle", a
> device that will encrypt and decrypt anything the attacker wants, using a key
> that is *not* known to the attacker. Assume that the attacker has the time,
> interest and ability to perform a very large number of computations, up to, but
> not including, 2^n, where n is the key size in bits (i.e. assume that the
> attacker can't mount a brute force attack, but can get close).
>
> Under those assumptions, the algorithm is weak if:
...
You forgot one other thing: the algorithm is weak if the SYSTEM is weak. I.e.,
if the key can be obtained without the need to "crack" the algorithm.
It doesn't matter if you have 5,000,000 bit encrption with the most powerful
encryption algorithm in the world if the key is lying around somewhere. This
is like a fortress with the key to the front door left under the front
doormat. In the previous example of encrypting credit card numbers prior to
placing them into the database, this is only reasonable if you assume that the
machine doing the encrypting/decrpyting is not compromised. Presumably the
BlowFish key has to live on that machine somewhere, else the numbers can't get
encrypted/decrypted. Well, unless somebody is sitting at the keyboard manually
typing in a passphrase everytime somebody buys something off that web site!
Encryption is nice for network security in such cases (to keep people from
sniffing credit card #'s off the network!), and is useful for the case where
somebody cracks the database server (but most of the time the database server
is not accessible from outside the organization), but if somebody cracks the
machine doing the encrypting/decrypting, a simple XOR mask offers the same
level of security -- i.e., just enough to keep script kiddies from accessing
the actual data, but not enough to stop real attackers.
--
Eric Lee Green [EMAIL PROTECTED]
Software Engineer Visit our Web page:
Enhanced Software Technologies, Inc. http://www.estinc.com/
(602) 470-1115 voice (602) 470-1116 fax
------------------------------
From: [EMAIL PROTECTED] (David Wagner)
Subject: Re: Forward secrecy for public key encryption: MYH
Date: 20 Jan 2000 10:17:13 -0800
Ahh, I see, that didn't work. I didn't read far enough....
Ok, let's try again. We have
y_t^h = F(R,t)^{2 s h} = y^{2 s x_t} mod m
where y_t,h,R,t,y,m are public, s is secret, and x_t may be assumed to be
available to the adversary in an attack against the forward secrecy. Yes?
(The right-hand side follows because y_t^h = alpha^{2 s x_t log(y)}.)
Now I want to play the same games as before. Let a = F(R,t)^h mod m and
b = y^x_t mod m, and notice that
(a^2)^s = (b^2)^s mod m.
I think s will be relatively prime to phi(m) with high probability, and
in this case even though we don't know s we may conclude that
a^2 = b^2 mod m.
Of course, a and b may be computed using only the quantities known to the
adversary, and then gcd(a-b,m) might be expected to reveal a non-trivial
factor of m with high probability if a and b behave randomly.
Again, the same caveats as before apply -- I have no idea whether this
should work, because there are many heuristic assumptions and many places
where I could have gone wrong again. (For example, for all I know, maybe
the definitions ensure that a = +/-b always holds, and then of course the
"attack" won't work.)
What do you think?
------------------------------
From: Mike Rosing <[EMAIL PROTECTED]>
Subject: Re: LSFR
Date: Thu, 20 Jan 2000 12:15:46 -0600
r.e.s. wrote:
> If LFSR is generalized to mod B addition with say n registers holding
> base-B digits, are there known taps to produce maximum cycle-length?
>
> Example ("Running keys" like [4902846718]39202...):
> Taking B=10, n=10, registers labeled (0123456789); tapping (01) produces
> the simple "decimal chain-addition" of some pencil & paper ciphers:
> initialize x(0),x(1),...,x(9); then x(i) = x(i-10) + x(i-9), i=10,11,...
> Is the cycle structure known for this example? Are there other taps
> instead of (01) that will tend (or be guaranteed) to give a longer cycle?
> Are any taps known to be maximal?
>
> (David Wagner kindly posted some pointers on these questions a while back,
> but I fear my math hasn't proved adequate to generalize the bit-register
> LSFR theory referenced in the literature.)
Yes, it's basicly the same thing. But instead of mod 2, your
coefficients
are mod 10. Your first choice is the "history", the maxium degree you
want
to pick from. If you chose to go back 10 steps, then it's a degree 10
polynomial. In the above example, you chose the coefficients to be 1.
You may find that the maximal length polynomial has different
coeffients:
x(i) = x(i-10) + 3*x(i-5) + 5*x(i-1) [mod 10]. The same math rules
apply,
as long as the taps are given by a primitive polynomial, you'll get the
maximal length possible (in this case 10^10 - 1).
Which might be useful for a hand cipher :-)
Patience, persistence, truth,
Dr. mike
------------------------------
From: Mike Rosing <[EMAIL PROTECTED]>
Subject: Re: ECC vs RSA - A.J.Menezes responds to Schneier
Date: Thu, 20 Jan 2000 12:30:48 -0600
Bob Silverman wrote:
> Solving the matrix for a 1024 bit RSA key will take 6 x 10^6 times as
> long as solving one for 512 bits and will require ~10 Terabytes of
> memory to hold the matrix. That's about 100,000 machines each with
> 100 Mbytes of memory.
But only 1000 machines each with 1GB of memory. Or 100 machines with
10 GB of memory. The former is off the shelf today, the latter will
be soon (and at a reasonable price).
> While I readily believe that one could probably get several hundred
> PC's working in parlallel to solve the matrix, I also know that these
> will NOT yield linear speedup. This has been proven repeatdly in many
> experiments in many contexts involving large linear algebra problems.
> And the speed improvement will fall off even further from linear as
> more machines are added. Suppose a set of 1024 machines gives
> a 350 fold speed improvement. Doubling the number of machines might
> then yield only a 500 fold improvement over 1 machine.
This is clearly a hardware problem. If the bandwidth can be scaled,
then the problem can be solved with "closely coupled" machines. I
doubt that will ever be off the shelf, so I think your basic argument
is sound.
> The problem is that coupled matrix solving DOES NOT SCALE WELL.
> Even if one could somehow get a 1000 fold speed improvement over a
> CRAY, solving the matrix for 1024 bits will still take 60,000 days
> (164 years!) Note that 1000 x Cray = 6000 to 8000 PC's *IF* linear
> speedup can be achieved. I would be surprised if one could get more
> than 10% efficiency from each machine if one hooked together 10,000
> PC's. I would expect to need "about" 100,000 PC's to get "about" 1000
> fold faster than a CRAY.
>
> I do believe that one can get a parallel matrix solver that can handle
> a 512-bit modulus in reasonable time. But it will NOT scale to the
> point where one can do 1024-bits in reasonable time.
It will be an interesting hardware problem. Possibly a combination
of algorithms and hardware would make 1024 viable in 1 year of
computation.
But that probably won't happen any time soon, so I agree that 1024 is
pretty safe.
Patience, persistence, truth,
Dr. mike
------------------------------
From: [EMAIL PROTECTED] (Keith A Monahan)
Crossposted-To: talk.politics.crypto
Subject: importance of crypto
Date: 20 Jan 2000 18:38:53 GMT
Has anyone seen a paper which describes why crypto is important for
the LAN/WAN engineer? I know the reasons but I need some piece
of credible work done which outlines them.
I would think topics would include things like Virtual Private Networking(
desire for corporate traffic over internet to be secure), SSL(desire to
keep e-commerce web applications secure), PGP for mail over an unsecure
connection, etc.
Thanks,
Keith
------------------------------
From: James Felling <[EMAIL PROTECTED]>
Subject: Re: Wagner et Al.
Date: Thu, 20 Jan 2000 12:39:17 -0600
You can lock the administrator account out of some services, but it has the power to
unlock
those lockouts, so it is kind of pointless.
Jerry Coffin wrote:
> In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] says...
>
> [ ... ]
>
> > Can an NT installation be set up such that some files are not accessible even to
>the
> > Administrator? For an system I'm building, I'm seriously considering locking out
>the
> > Administrator account.
>
> IIRC, no. When a user requests access to a secured object, the first
> security check the system does is to find whether the user has the
> ability to take ownership of the object. If they do, the user is
> immediately granted access without any other checks being done.
>
> --
> Later,
> Jerry.
>
> The universe is a figment of its own imagination.
------------------------------
From: Eric Lee Green <[EMAIL PROTECTED]>
Subject: TwoFish module for Python
Date: Thu, 20 Jan 2000 11:45:58 -0700
I have obtained permission from company management to release this for public
consumption under a BSD-style license. It is currently available as source
code as:
ftp://ftp.estinc.com/unsupported/twofishmodule-0.1.tar.gz
I have sent the notification as required by the latest export regs to
[EMAIL PROTECTED] . We shall see what happens.
--
Eric Lee Green [EMAIL PROTECTED]
Software Engineer Visit our Web page:
Enhanced Software Technologies, Inc. http://www.estinc.com/
(602) 470-1115 voice (602) 470-1116 fax
------------------------------
From: Mike Rosing <[EMAIL PROTECTED]>
Subject: Re: Question about Digital Cash
Date: Thu, 20 Jan 2000 12:45:17 -0600
Jeff Moser wrote:
>
> In Applied Crypto, Bruce mentions a scheme where "Alice" has to present the
> left or right half of the shared identity secret for each pair depending on
> the random bit she is given. He says that these halves are all bit committed
> and signed.
>
> Now, I know I probably didn't read too heavily into it, but how exactly does
> the merchant know it is getting authentic bits and not some random string?
> Surely the bank can't sign each half blindly?
Why not, they created the bits in the first place.
The string has to obey certain rules, and if it can pass all the math,
then
it's legit. The merchant has to have the banks public keys, so if the
theif can replace the merchant's copy they can "mint money". The
merchant will
get burned when they try to deposit a bogus coin. So the security for
the
merchant is to make sure they really do have the banks' public key when
checking on each coin.
This is a really complicated problem, and a lot has changed since Bruce
published his last version. If you like the subject, check out lots of
papers by Chaum and Brands and the papers they reference. It'll be lots
of fun :-)
Patience, persistence, truth,
Dr. mike
------------------------------
From: [EMAIL PROTECTED] (David Wagner)
Subject: Re: LSFR
Date: 20 Jan 2000 10:56:40 -0800
In article <[EMAIL PROTECTED]>,
Mike Rosing <[EMAIL PROTECTED]> wrote:
> You may find that the maximal length polynomial has different
> coeffients:
> x(i) = x(i-10) + 3*x(i-5) + 5*x(i-1) [mod 10]. The same math rules
> apply,
> as long as the taps are given by a primitive polynomial, you'll get the
> maximal length possible (in this case 10^10 - 1).
Are you sure? I think you need to look at the feedback polynomial
mod 2 and mod 5. If both of those are primitive, I'd expect the
period to be either (2^10 - 1) * (5^10 - 1), 2^10 - 1, 5^10 - 1, or 1.
For example, if I initialize the register with all zeros, it stays all
zeros. If I initialize the register with values that are all even,
it stays this way. If I initialize the register with values that are
all divisible by 5, this too stays the same. So (at best) there will
be four cycles, one of each of the lengths mentioned above.
------------------------------
From: William Rowden <[EMAIL PROTECTED]>
Subject: Re: Mispronounce words. (OT )
Date: Thu, 20 Jan 2000 18:50:05 GMT
In article <[EMAIL PROTECTED]>,
Paul Gover <[EMAIL PROTECTED]> wrote:
> Guy Macon wrote:
> > William Rowden wrote:
> > > ...
> > >I, too, was a reading child. "Omnipotent" is logically "omni-
potent"
> > >/om'nee poe'tent/, right? I also remember the quizzical look I
> > >received when I first said "annihilation," complete with two short
> > >i's. Why is that "h" there?
> > ...
>
> In my version (:-) of UK English, annihilation can be pronounced
> "an-eye-ilation" - two Is, but no h. I can believe that US practice
> is to slur them together.
Actually, at least on the West Coast, most pronounce it similarly:
\uh neye' uh lay.shun\--with a long 'i' and a schwa, but no 'h'. (It's
unfortunate I can't put phonetic symbols here.)
> There "h" is there from Latin - the word's
> root is "nihil", Latin for "nothing", also the root for "nil".
My question was the echo of my question as a child for whom spelling
was not logical, but thanks to all who explained the etymology.
> I was told by a foreign friend that the normal rule for English is
> that the emphasis is on the third syllable of the word. Hence the
> normal pronunciation of omnipotent. It's always amused me how much
> better foreigners' understanding of English is than native speakers'.
I don't understand this. In both "annihilation" and "omnipotent," as I
say those words (now that I've heard others say them :-)), the emphasis
is on the second syllable (with a secondary emphasis on the penultimate
syllable in "annihilation"). What's your pronunciation of "omnipotent"?
--
-William
SPAM filtered; damages claimed for UCE according to RCW19.86
PGP key: http://www.eskimo.com/~rowdenw/pgp/rowdenw.asc until 2000-08-01
Fingerprint: FB4B E2CD 25AF 95E5 ADBB DA28 379D 47DB 599E 0B1A
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Eric Lee Green <[EMAIL PROTECTED]>
Subject: Re: TwoFish module for Python
Date: Thu, 20 Jan 2000 12:02:04 -0700
Eric Lee Green wrote:
> ftp://ftp.estinc.com/unsupported/twofishmodule-0.1.tar.gz
Correction: the proper URL is
ftp://ftp.estinc.com/pub/unsupported/twofishmodule-0.1.tar.gz .
--
Eric Lee Green [EMAIL PROTECTED]
Software Engineer Visit our Web page:
Enhanced Software Technologies, Inc. http://www.estinc.com/
(602) 470-1115 voice (602) 470-1116 fax
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
