# Cryptography-Digest Digest #126

```Cryptography-Digest Digest #126, Volume #11      Tue, 15 Feb 00 11:13:02 EST

Contents:
Re: What are these Rot-45, Rot-13, Rot-5 algorithms? (Runu Knips)
Re: Which compression is best? (Runu Knips)
Re: Textbook Exercises (John Savard)
Re: Large Floating Point Library? (Paul Schlyter)
Re: Funniest thing I've seen in ages - RSA.COM hacked :) (Bob Silverman)
Re: Large Floating Point Library? (Bob Silverman)
RE: Funniest thing I've seen in ages - RSA.COM hacked :) (Gary)
Re: Fractal Cryptography (Anton Stiglic)
decryption (Pereira)
Re: decryption ("Juergen Nieveler")
Re: What are these Rot-45, Rot-13, Rot-5 algorithms? ("Trevor Jackson, III")
Re: What are these Rot-45, Rot-13, Rot-5 algorithms? (fvw)
Re: Textbook Exercises (Doug Stell)
Re: Does the NSA have ALL Possible PGP keys? ("Trevor Jackson, III")
Re: Funniest thing I've seen in ages - RSA.COM hacked :) (Tony L. Svanstrom)
Re: Which compression is best? (Tim Tyler)
Re: Funniest thing I've seen in ages - RSA.COM hacked :) (Wilfried Kramer)

----------------------------------------------------------------------------

From: Runu Knips <[EMAIL PROTECTED]>
Subject: Re: What are these Rot-45, Rot-13, Rot-5 algorithms?
Date: Tue, 15 Feb 2000 13:28:57 +0100

Eric Lee Green schrieb:
> [EMAIL PROTECTED] wrote:
> > What are these Rot-45, Rot-13, Rot-5 encryption algorithms?
> > How do they work? Any libraries available?
>
> The basic mechanism is to take each ASCII character in the message and
> add 5 or 13 or 45 to it. The result looks like gibberish until the
> recipient subtracts 5 or 13 or 45 from it.

Not really. You take each ALPHABETIC character and replace it
with the 5th, 13th or 45th character which follows it alphabetically
(starting again with a when reaching z, of course).

> Most newsreaders of yore were capable of applying ROT13 to a message
> both at posting and reading time, upon request.

And I wonder what ROT45 should be - because there are only 26
alphabetic characters ... (ROT13(ROT13(x)) == x for any x).

------------------------------

From: Runu Knips <[EMAIL PROTECTED]>
Subject: Re: Which compression is best?
Date: Tue, 15 Feb 2000 13:42:46 +0100

Tim Tyler wrote:
> Runu Knips <[EMAIL PROTECTED]> wrote:
> [...]
> : > 1) From a security perspective, how important is compression?
>
> : If you compress your data before encrypting, the encrypted data has
> : a known structure which can, for example, be easier tested in a
> : brute-force attack, and maybe helps the decrypter in other attacks,
> : too.
>
> Totally the reverse should apply.  This is the primary point in
> compressing in the first place.  The resulting file has /greater/
> entropy-per bit, and thus more closely approaches a random file.

Try writing a test if some byte sequence is some reasonable text
of unknown structure.

Then write a test if some byte sequence is compressed data.

The second program is MUCH simpler, MUCH faster and its results
will ALWAYS be correct. Well of course you have to do a second
check with the first program, but the space of possible answers

Compression adds a KNOWN and FIXED structure which makes attacks
easier, not harder.

------------------------------

From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Textbook Exercises
Date: Tue, 15 Feb 2000 12:21:37 GMT

On Tue, 15 Feb 2000 09:35:26 +0100, "Ghislaine Resplandy"
<[EMAIL PROTECTED]> wrote, in part:

>1) Why do MD4. Md5 and SHS require padding of messages that are already a
>multiple of 512 bits?

If messages that are exactly 2560 bits long, for example, are not
padded, then those messages themselves produce all possible
2560-bit-long messages. Thus, shorter messages, padded to 2560 bits,
will be identical, after padding, to a certain 2560-bit message.

The point of a secure hash function is that no two messages that
differ will hash to the same value - except by a coincidence that is
very hard to find; as hard as cracking a cipher. So without the
padding, there would be a case of two different messages that will
hash the same which is easy to spot.

>3) In mod n arithmetic, the quotient of two numbers r and m is a number q
>such that mq = r mod n. Given r, m and n how can you find q? How many q's
>are there? Under what conditions is q unique?

If n is prime, q will always be unique, except where m is zero.

To divide r by m mod n: first, divide r by m, with q1 the quotient,
and r1 the remainder. Then, divide n by m, with q2 the quotient, and
r2 the remainder. Solve for a such that r1 + a*r2 is a multiple of n.
Then, your quotient is q1 + a*q2.

John Savard (teneerf <-)
http://www.ecn.ab.ca/~jsavard/index.html

------------------------------

From: [EMAIL PROTECTED] (Paul Schlyter)
Subject: Re: Large Floating Point Library?
Date: 15 Feb 2000 12:53:39 +0100

In article <PrMp4.663\$[EMAIL PROTECTED]>,
Clockwork <[EMAIL PROTECTED]> wrote:

> There are numerous large integer libraries, but does anyone know of a large
> floating point library?

I presume you mean a library for large f.p. numbers rather than a large
library for ordinary f.p. numbers... :-)

Did you check out apfloat?   http://www.jjj.de/mtommila/apfloat/

Or you could check out Miracl-C:  http://indigo.ie/~mscott/
Miracl-C does not implement reals as floating-point numbers, but
instead as RATIONAL numbers, i.e. numbers of the form  A/B  where
A and B are large integers.  This turns out to work quite well
too.  Miracl-C provides a fairly complete set of log/trig functions
(log,exp,sin,cos,tan,etc) for these rational numbers.

--
================================================================
Paul Schlyter,  Swedish Amateur Astronomer's Society (SAAF)
Grev Turegatan 40,  S-114 38 Stockholm,  SWEDEN
e-mail:  [EMAIL PROTECTED]    [EMAIL PROTECTED]   [EMAIL PROTECTED]
WWW:     http://hotel04.ausys.se/pausch    http://welcome.to/pausch

------------------------------

From: Bob Silverman <[EMAIL PROTECTED]>
Crossposted-To: comp.security.pgp.discuss,alt.security.pgp
Subject: Re: Funniest thing I've seen in ages - RSA.COM hacked :)
Date: Tue, 15 Feb 2000 14:21:22 GMT

In article <[EMAIL PROTECTED]>,
Jerry Coffin <[EMAIL PROTECTED]> wrote:
> In article <889455\$ivh\$[EMAIL PROTECTED]>, [EMAIL PROTECTED] says...
>
> [ ... ]
>
> > Will anyone trust YOU now???
> >
> > Our website address is www.rsasecurity.com   and has been so
> > for some time. www.rsa.com  is no longer a valid URL.
>
> Here's what Network Solutions says in response to a whois lookup of
> "rsa.com":

<snip>

>    Record last updated on 06-Nov-1998.

Note the date!  RSA Security changed its name in fall of 1999.
The database is out of date!

--
Bob Silverman
"You can lead a horse's ass to knowledge, but you can't make him think"

Sent via Deja.com http://www.deja.com/

------------------------------

From: Bob Silverman <[EMAIL PROTECTED]>
Subject: Re: Large Floating Point Library?
Date: Tue, 15 Feb 2000 14:27:53 GMT

In article <PrMp4.663\$[EMAIL PROTECTED]>,
"Clockwork" <[EMAIL PROTECTED]> wrote:
> There are numerous large integer libraries, but does anyone know of a
large
> floating point library?

Yes.  Richard Brent's  MPP library.  It even contains multi-precision
versions of quite a few transcendental functions.

Write to him at oxford.ac.uk
--
Bob Silverman
"You can lead a horse's ass to knowledge, but you can't make him think"

Sent via Deja.com http://www.deja.com/

------------------------------

From: Gary <[EMAIL PROTECTED]>
Subject: RE: Funniest thing I've seen in ages - RSA.COM hacked :)
Date: Tue, 15 Feb 2000 09:44:53 -0500

Should your email be [EMAIL PROTECTED] not [EMAIL PROTECTED]?

>===== Original Message From Bob Silverman <[EMAIL PROTECTED]> =====
>In article <[EMAIL PROTECTED]>,
>  Jerry Coffin <[EMAIL PROTECTED]> wrote:
>> In article <889455\$ivh\$[EMAIL PROTECTED]>, [EMAIL PROTECTED] says...
>>
>> [ ... ]
>>
>> > Will anyone trust YOU now???
>> >
>> > Our website address is www.rsasecurity.com   and has been so
>> > for some time. www.rsa.com  is no longer a valid URL.
>>
>> Here's what Network Solutions says in response to a whois lookup of
>> "rsa.com":
>
><snip>
>
>
>>    Record last updated on 06-Nov-1998.
>
>Note the date!  RSA Security changed its name in fall of 1999.
>The database is out of date!
>
>--
>Bob Silverman
>"You can lead a horse's ass to knowledge, but you can't make him think"
>
>
>Sent via Deja.com http://www.deja.com/

------------------------------

From: Anton Stiglic <[EMAIL PROTECTED]>
Subject: Re: Fractal Cryptography
Date: Tue, 15 Feb 2000 09:59:56 -0500

Mok-Kong Shen wrote:

> M. Hackett wrote:
> >
>
> Quite recently there was a thread on this topic. Look there, if
> your news server has a sufficiently long retention period. (Mine
> unfortunately doesn't.)
>
> M. K. Shen

Or he can just search on www.deja.com of course, where all the
newgroups posts are archived...

Anton

------------------------------

From: Pereira <[EMAIL PROTECTED]>
Subject: decryption
Date: Tue, 15 Feb 2000 15:15:34 GMT

Hi I need some help!  I have a cryptology course and I have no clue what
I'm doing.  Can someone help me decrypt this message!

pegarvlywieeijbagfacmoxzcwwdqrizwzsmtibtintseupcuzvpxytfvxmetuifespjmeiikzkqw

sxktagbtiizhwaratfrhvmmwztiktirevzmrupcwfpvhjeavbiyizqrcpwflvgfxfmfcjnnxcdtsqvn

lnjuxcdtsqvtddizhwaratfrhveiawaratfrhvkaqrgvxmvkdwizinlrdqswpgxxmtpkqarjtidugv

eiwhmutiaflrigzazzsveqfspjmpzvgjqarjdwibtcxtifmfcjqzxyxjkmwvqfbtfzicwoovgrvpjcp

jpnejtrzqseazvqhrirjmwvhznkslsfvfqzcubtekjjmdwjtvjmretiipwnwvvflvnlaqcfjinavdhsw

fljtidugvhrzqechfndivbrsurxiymmtggfiolgtinqgkufzagtpjqarralaqvjifoqxixuwrxytrlecfjyih

ikdgikjfgkpqwvgmqoirnvidjfgsqfpfrbmdwggfnqwjxfvmpgptsmkvpelmqfckprsiucielspj

metitdqqvggfodedpjeuxypegiisqraqhjtkcbxzbvqeyeqvifesavjaxyhzbqwctkcehvuzvqay

pkqzjfgdifmfc

Stacey

------------------------------

From: "Juergen Nieveler" <[EMAIL PROTECTED]>
Subject: Re: decryption
Date: Tue, 15 Feb 2000 16:17:24 +0100

"Pereira" <[EMAIL PROTECTED]> schrieb im Newsbeitrag
news:[EMAIL PROTECTED]...
> Hi I need some help!  I have a cryptology course and I have no clue what
> I'm doing.  Can someone help me decrypt this message!
>
<SNIP>
Sorry, wrong group... try alt.do.my.homeworks ;-)

CU
Juergen Nieveler

------------------------------

Date: Tue, 15 Feb 2000 10:27:30 -0500
From: "Trevor Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: What are these Rot-45, Rot-13, Rot-5 algorithms?

Runu Knips wrote:

> Eric Lee Green schrieb:
> > [EMAIL PROTECTED] wrote:
> > > What are these Rot-45, Rot-13, Rot-5 encryption algorithms?
> > > How do they work? Any libraries available?
> >
> > The basic mechanism is to take each ASCII character in the message and
> > add 5 or 13 or 45 to it. The result looks like gibberish until the
> > recipient subtracts 5 or 13 or 45 from it.
>
> Not really. You take each ALPHABETIC character and replace it
> with the 5th, 13th or 45th character which follows it alphabetically
> (starting again with a when reaching z, of course).
>
> > Most newsreaders of yore were capable of applying ROT13 to a message
> > both at posting and reading time, upon request.
>
> And I wonder what ROT45 should be - because there are only 26
> alphabetic characters ... (ROT13(ROT13(x)) == x for any x).

The extended rot routine works on printable ASCII.  You drop the space
(because it is not reliably transmitted) and the tilde (because you need an
even number), and you have 94 characters.  Rotation by 47 within the set is
invertible.  Thus rot-47.

Note that for all rot functions it is important that the space be even so
that the receiver does not have to wonder about rotl and rotr variants.

For normal communications, i.e., text, rot-13 is perfectly adequate.  Note
that it preserves capitalization and punctuation so that word and sentence
structure are visible.  Since it does not affect numbers, they are not
obscured by the technique.

------------------------------

From: [EMAIL PROTECTED] (fvw)
Subject: Re: What are these Rot-45, Rot-13, Rot-5 algorithms?
Date: Tue, 15 Feb 2000 15:20:00 GMT

In <[EMAIL PROTECTED]>, [EMAIL PROTECTED] wrote:
>> Most newsreaders of yore were capable of applying ROT13 to a message
>> both at posting and reading time, upon request.
>
>And I wonder what ROT45 should be - because there are only 26
>alphabetic characters ... (ROT13(ROT13(x)) == x for any x).

I've never heard of rot45 either, but I assume they've just added numbers
and other random chars... Can't imagine why really.

--

Frank v Waveren
[EMAIL PROTECTED]
ICQ# 10074100

------------------------------

From: [EMAIL PROTECTED] (Doug Stell)
Subject: Re: Textbook Exercises
Date: Tue, 15 Feb 2000 15:10:29 GMT

On Tue, 15 Feb 2000 12:21:37 GMT, [EMAIL PROTECTED]
(John Savard) wrote:

>On Tue, 15 Feb 2000 09:35:26 +0100, "Ghislaine Resplandy"
><[EMAIL PROTECTED]> wrote, in part:
>
>>1) Why do MD4. Md5 and SHS require padding of messages that are already a
>>multiple of 512 bits?

To prevent splicing attacks, they all append a flag and the length of
the message to the message itself. If the message is a multiple of 512
bits, the appendages will no be a multiple of 512 bits and padding is
necessary.

If the message plus the appendages is a multiple of 512 bits, whether
padding is necessary or not is pretty much up to the author of the
standard. What is important is that everybody does it the same way.

>The point of a secure hash function is that no two messages that
>differ will hash to the same value - except by a coincidence that is
>very hard to find; as hard as cracking a cipher. So without the
>padding, there would be a case of two different messages that will
>hash the same which is easy to spot.

Huh?

>>2) In DSS, other than saving users the trouble of calculating their own p, q
>>and g, why is there an efficiency gain if the value p, q and g are constant,
>>determined in the specification?

Universals or parameters p, q, and g are not determined by the
specification. Only their size and relationship is. Generating them is
not an efficiient process.

For signatures, p, q, and g need to be certified along with the public
key. Also, there needs to be some assurance that they have been
generated correctly. In DSS/KEA CA systems I have worked on, the
universals are supplied by either the certification authority or some
higher authority.

doug

------------------------------

Date: Tue, 15 Feb 2000 10:46:37 -0500
From: "Trevor Jackson, III" <[EMAIL PROTECTED]>
Crossposted-To: misc.survivalism
Subject: Re: Does the NSA have ALL Possible PGP keys?

tiwolf wrote:

> Mr. Collier I am only thinking that history is filled with governments bent
> on gain the knowledge that men wish to hide. Knowing this do you really that
> governments are really not going to eventually put enough effort into
> breaking the unbreakable. It is only a matter of time and money Mr. Collier.

No.

It is a matter of mathematics.  If you are unwilling to understand the
mathematics of cryptography you will never understand the unbreakability of some
codes.

Here's a hint.  You probably have an intuitive understanding of a mile.  Do you
understand one hundred million miles?  Those are the distances between planets
(1e8 ~= 1AU).  Do you understand one hundred million AU?  Those are the
distances between starts (1e8 AU ~= 1ly).  Do you understand ten billion light
years?  That is the size of the universe.  Now take everything in the universe
(the mind of god if you will) and put it to work cracking cipher keys.

Your progress indicator will sit at 0% complete forever*.  You will never* get
to 1% complete.

So piling up time and money is a silly idea.
========================================
*forever, never: for the technically inclined these terms are defined to
indicate the the period of time between now and the heat death of the universe.
The heat death of the universe arrives when the mean free path of particles in
the universe exceed the size of the universe at that point in time -- long after
the evaporation of galactic black holes.  For the purposes of this discussion,
this is the point at this time stops -- no further interaction events are of
interest.

>
>
> PS Once upon a time educated men said that the earth was flat and man would
> never fly with the birds. I am not a scholar, I am however a good observer
> of history and history show us that governments want control.
>
> W A Collier wrote in message ...
> >In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
> >says...
> >> Does anyone here really think that any cryto program self made or
> commercial
> >> is not broken already or can't be broken given a little effort by the NSA
> >> geeks. I know that someone might use some type of cryto that might give
> them
> >> trouble for a while, but if they really want to I think that the NSA
> geeks
> >> can break it.
> >
> >They can "really want to" all they like, but they cant change fundamental
> >nature of NP-Hard and other mathematic concepts upon which modern crypto
> >is based.  Try reading up before you make a jackass out of yourself
> >again.
> >

------------------------------

From: [EMAIL PROTECTED] (Tony L. Svanstrom)
Crossposted-To: comp.security.pgp.discuss,alt.security.pgp
Subject: Re: Funniest thing I've seen in ages - RSA.COM hacked :)
Date: Tue, 15 Feb 2000 16:47:23 +0100

Bob Silverman <[EMAIL PROTECTED]> wrote:

> In article <[EMAIL PROTECTED]>,
>   Jerry Coffin <[EMAIL PROTECTED]> wrote:
> > In article <889455\$ivh\$[EMAIL PROTECTED]>, [EMAIL PROTECTED] says...
> >
> > [ ... ]
> >
> > > Will anyone trust YOU now???
> > >
> > > Our website address is www.rsasecurity.com   and has been so
> > > for some time. www.rsa.com  is no longer a valid URL.
> >
> > Here's what Network Solutions says in response to a whois lookup of
> > "rsa.com":
>
> <snip>
>
>
> >    Record last updated on 06-Nov-1998.
>
> Note the date!  RSA Security changed its name in fall of 1999.
> The database is out of date!

RSA Data Security, Inc. (RSA-DOM)
100 Marine Parkway, Suite 500
Redwood City, CA 94065

Domain Name: RSA.COM

Administrative Contact, Technical Contact, Zone Contact:
Pablo, Archie  (AP2786)  [EMAIL PROTECTED]
415-595-8782 (FAX) 415-595-1873
Billing Contact:
De La Cruz, Ramon  (RD2761)  [EMAIL PROTECTED]
415-595-8782 (FAX) 415-595-1873

Record last updated on 06-Nov-1998.
Record created on 08-Jun-1990.
Database last updated on 15-Feb-2000 07:44:58 EST.

Domain servers in listed order:

RSA.COM                      192.80.211.33
DNS1.NCAL.VERIO.NET          204.247.247.20
DNS2.NCAL.VERIO.NET          207.20.247.20
NS1.VERIO.NET                204.91.99.140

Security Dynamics Technolgies Incorporated (RSASECURITY-DOM)
20 Crosby Drive
Bedford, MA 01730
US

Domain Name: RSASECURITY.COM

Penfield, Edward  (EPP50)  [EMAIL PROTECTED]
781 301 5562 (FAX) 781 301 7015
Technical Contact, Zone Contact:
Ritchea, Shawn  (SR1650)  [EMAIL PROTECTED]
781-687-7662 (FAX) 781-687-7014
Billing Contact:
Penfield, Edward  (EPP50)  [EMAIL PROTECTED]
781 301 5562 (FAX) 781 301 7015

Record last updated on 19-Jan-2000.
Record created on 08-Mar-1999.
Database last updated on 15-Feb-2000 07:44:58 EST.

Domain servers in listed order:

NIC.NEAR.NET                 192.52.71.4
VIENNA1-DNS-AUTH1.BBNPLANET.COM 4.1.16.4
DNSAUTH1.SYS.GTEI.NET        4.2.49.2
DNSAUTH2.SYS.GTEI.NET        4.2.49.3

/Tony
--
\_@ @_/  Protect your privacy:  <http://www.pgpi.com/>  \_@ @_/
--oOO-(_)-OOo---------------------------------------------oOO-(_)-OOo--
DSS: 0x9363F1DB, Fp: 6EA2 618F 6D21 91D3 2D82  78A6 647F F247 9363 F1DB
---ôôô---ôôô-----------------------------------------------ôôô---ôôô---
\O/   \O/  ©1999  <http://www.svanstrom.com/?ref=news>  \O/   \O/

------------------------------

From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: Which compression is best?
Date: Tue, 15 Feb 2000 15:18:20 GMT

Runu Knips <[EMAIL PROTECTED]> wrote:
: Tim Tyler wrote:
:> Runu Knips <[EMAIL PROTECTED]> wrote:

:> : > 1) From a security perspective, how important is compression?
:>
:> : If you compress your data before encrypting, the encrypted data has
:> : a known structure which can, for example, be easier tested in a
:> : brute-force attack, and maybe helps the decrypter in other attacks,
:> : too.
:>
:> Totally the reverse should apply.  This is the primary point in
:> compressing in the first place.  The resulting file has /greater/
:> entropy-per bit, and thus more closely approaches a random file.

: Try writing a test if some byte sequence is some reasonable text
: of unknown structure.

: Then write a test if some byte sequence is compressed data.

: The second program is MUCH simpler, MUCH faster and its results
: will ALWAYS be correct.

You don't seem to have this correct.

I'm not even sure it makes sense to try to write "a test if some byte
sequence is some reasonable text of unknown structure".

If the structure of the text is unknown, how can you test for it?

: Compression adds a KNOWN and FIXED structure which makes attacks
: easier, not harder.

This is a description of many crap compressors.

You don't show any signs of having followed the compression discussions
in this forum.

Compressors exist that add absolutely zero bits of information to the
files they compress.  That represents an absence of added structure
- and since the files are shorter, they're rather likely to have less
"KNOWN" and "FIXED" structure than the original texts.

It's still /possible/ that such compressors will have small areas of
concentrated, patterned information, that's easier to target than an
equivalent section of the original plaintext - but the better the
compression ratio, the less likely this is - since the shorter the files
are the greater the entropy-per-bit and the closer they become to
apparently random sequences.
--
__________
|im |yler  The Mandala Centre  http://www.mandala.co.uk/  [EMAIL PROTECTED]

Sigmund's wife wore Freudian slips.

------------------------------

From: Wilfried Kramer <[EMAIL PROTECTED]>
Crossposted-To: comp.security.pgp.discuss,alt.security.pgp
Subject: Re: Funniest thing I've seen in ages - RSA.COM hacked :)
Date: Tue, 15 Feb 2000 17:07:08 +0100

On Tue, 15 Feb 2000 14:21:22 GMT, Bob Silverman <[EMAIL PROTECTED]> wrote:

>In article <[EMAIL PROTECTED]>,
>  Jerry Coffin <[EMAIL PROTECTED]> wrote:

>>    Record last updated on 06-Nov-1998.
>
>Note the date!  RSA Security changed its name in fall of 1999.
>The database is out of date!

Though this is not a proof, it strongly suggests RSA.COM is your
domain. And the idea of www.rsa.com seems not far away.

Bye
Wilfried

--
VS Vision Systems GmbH, Industrial Image Processing
Aspelohe 27A, D-22848 Norderstedt, Germany           HTTP://www.VisionSystems.de
Tel.+49-40-5284010 Fax.+49-40-52840199               Mailto:[EMAIL PROTECTED]
Wilfried Kramer                                   (privat [EMAIL PROTECTED])

------------------------------

The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:

Internet: [EMAIL PROTECTED]

You can send mail to the entire list (and sci.crypt) via:

Internet: [EMAIL PROTECTED]

End of Cryptography-Digest Digest
******************************
```