Cryptography-Digest Digest #192, Volume #11 Thu, 24 Feb 00 11:13:01 EST
Contents:
Wanted : Phd Students (Nigel Smart)
Re: Compression in the Real World (John Savard)
Re: OAP-L3 Encryption Software - Complete Help Files at web site (Tim Tyler)
Re: Passwords secure against dictionary attacks? (Jens Haug)
SAC '2000 Call for Papers (Tom Harper)
Re: DES algorithm ([EMAIL PROTECTED])
Re: Does the NSA have ALL Possible PGP keys? (Canopy Co Tulsa OK)
Re: Passwords secure against dictionary attacks? (John Underwood)
Enigma (Yugo Shimada)
Re: Enigma (DJohn37050)
Re: Passwords secure against dictionary attacks? (Walter Roberson)
Re: DES algorithm (Tim Tyler)
Re: Implementation of Crypto on DSP (Paul Koning)
Re: Transmitting ciphered data (Paul Koning)
Re: NSA Linux and the GPL (Paul Koning)
----------------------------------------------------------------------------
From: Nigel Smart <[EMAIL PROTECTED]>
Subject: Wanted : Phd Students
Date: Thu, 24 Feb 2000 11:34:06 GMT
Hi,
The computer science department at Bristol Uni may have a number of
studentships available from September for those wishing to take PhD's
in Computer Science. In particular there may be a few available for
work in Cryptography and Computational Number Theory. Details about
Bristol and the Computer Science department can be found at...
www.cs.bris.ac.uk
and
www.bris.ac.uk
For those who have no idea where Bristol is, it is about 100 miles
west of London, (UK).
Yours
Nigel
--
Nigel Smart,
Department of Computer Science, University of Bristol,
Merchant Venturers Building, Woodland Road,
Bristol, BS8 1UB, United Kingdom.
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Compression in the Real World
Date: Thu, 24 Feb 2000 11:46:16 GMT
On Wed, 23 Feb 2000 19:39:39 GMT, [EMAIL PROTECTED] wrote, in part:
>Working with large documents, 100-500 pages requires real compressors.
>he claimed he had a text compression system
>with a 100:1 compression ratio...and he was an expert in the field..
It is unlikely that a text compression system could do better than
8:1, as Shannon used techniques to estimate the _actual_ entropy of
English text which did not require being able to design a compressor
to compress that far, and was able to determine that this entropy was
in the area of one bit per letter.
Compression has led many people into serious errors. A company was
taken seriously a few years back when it claimed to have an algorithm
that could compress *any* file, even one made up of pure random data,
to 1/4 its size. Actually, that is as impossible as building a
perpetual-motion machine.
I have no doubt that a compressor specialized to compressing text,
however, could achieve somewhat better results than current
commonly-used compression programs.
------------------------------
Crossposted-To: talk.politics.crypto,alt.privacy
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: OAP-L3 Encryption Software - Complete Help Files at web site
Reply-To: [EMAIL PROTECTED]
Date: Thu, 24 Feb 2000 12:58:39 GMT
In sci.crypt lordcow77 <[EMAIL PROTECTED]> wrote:
: Wagner does not use the word "unbreakable" once in his entire
: posting. I don't know where you're getting this stuff from. He
: asserted the existence of certain algorithms which were provably
: secure *under a specific security model*.
The topic stems from Chuck's original statement:
``Many a clever algorithm that was "mathematically proven" by its designer
to be unbreakable has quickly fallen when analyzed by the world's
leading codebreakers.''
In fact, "unbreakable" /was/ mentioned in Wagner's post: he quoted my use
of it, which was made in direct response to Chuck's statement above.
The section in question reads:
``Any algorithm that comes with a mathematical proof that it's unbreakable
is unlikely to be analysed by the world's leading codebreakers.''
Wagner wrote that my post was "Nonsense" - but then seemd to justify
this by mentioning "[c]ryptosystems that are provably secure (under some
assumptions)". This can be a very far cry from "unbreakable".
He is clearly aware of this, as he continued by saying that some of these
cyphers do, in fact, get broken.
--
__________
|im |yler The Mandala Centre http://www.mandala.co.uk/ [EMAIL PROTECTED]
Strip mining helps prevent forest fires.
------------------------------
From: [EMAIL PROTECTED] (Jens Haug)
Crossposted-To: comp.security.misc,alt.security.pgp
Subject: Re: Passwords secure against dictionary attacks?
Date: 24 Feb 2000 13:42:18 GMT
Reply-To: [EMAIL PROTECTED]
In article <[EMAIL PROTECTED]>, Tom Holroyd
<[EMAIL PROTECTED]> writes:
> Say "passphrase" instead of "password" and be free. Assuming your crypt
> implementation doesn't truncate at 8 characters (many still do -- trash
> yours if it does). Then set your passphrase to something like
> "in the summer avec vous"
> or
> "frequently backwards hotdogs"
> or anything you care to type. Go ahead and use spaces, quotes, etc. You
> want your passphrase to have high entropy (hard to guess) but still be
> easy to remember (which high entropy 8 character passwords are not).
>
> After setting your passphrase, check that just typing in the first 8
> characters doesn't work. If it does, complain to the authorities that
> they need to upgrade. There's no excuse for limiting users to 8 character
> passwords.
How do you change the crypt implementation of a Unix system
running something like NIS+?
Jens
------------------------------
From: Tom Harper <[EMAIL PROTECTED]>
Subject: SAC '2000 Call for Papers
Date: Thu, 24 Feb 2000 08:45:04 -0500
CALL FOR PAPERS
SAC 2000
Seventh Annual Workshop on Selected Areas in Cryptography
to be held at:
University of Waterloo
Waterloo, Ontario, Canada
Dates: August 14-15, 2000
Co-Chairs:
Doug Stinson, University of Waterloo
Stafford Tavares, Queen's University
Workshop Themes:
1. Design and analysis of symmetric key cryptosystems.
2. Primitives for private key cryptography, including
block and stream ciphers, hash functions and MACs.
3. Efficient implementations of cryptographic systems
in public and private key cryptography.
4. Cryptographic solutions for web/internet security.
Program Committee:
D. Stinson U. of Waterloo, Canada
S. Tavares Queen's U., Canada
L. Chen Motorola, U.S.A.
H. Heys Memorial U. of Newfoundland, Canada
L. Knudsen U. of Bergen, Norway
S. Moriai NTT Labs., Japan
L. O'Connor IBM Zurich
S. Vaudenay EPFL, Switzerland
A. Youssef U. of Waterloo, Canada
R. Zuccherato Entrust Technologies
Instructions for Authors
Submissions must consist of an extended abstract of at most 15
double-spaced pages, clearly indicating the results achieved,
their significance, and their relation to other work in the area.
Authors can either email one copy of a Postscript file to
[EMAIL PROTECTED] or send ten copies of the extended abstract to
SAC 2000
c/o Stafford Tavares
Department of Elect. and Computer Eng.
Queen's University
Kingston, Ontario K7L 3N6
CANADA
Important Dates:
Submission Deadline May 1
Notification of Acceptance June 19
Workshop Dates August 14-15
Deadline for Proceedings September 18
Proceedings
It is intended that the Proceedings will be published by
Springer-Verlag in the Lecture Notes in Computer Science
(LNCS) Series. In order to to be included in the Proceedings,
papers must be presented at the Workshop. As in previous years,
the Workshop Record will be available to participants during
the Workshop.
For further information contact:
Doug Stinson, University of Waterloo [EMAIL PROTECTED]
Stafford Tavares, Queen's University [EMAIL PROTECTED]
Conference web page:
http://www.cacr.math.uwaterloo.ca/conferences/2000/SAC2000/announcement.html
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: DES algorithm
Date: Thu, 24 Feb 2000 13:43:39 GMT
In article <[EMAIL PROTECTED]>,
"Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote:
> [EMAIL PROTECTED] wrote:
> > I never get anything except a blank browser page from these even
> > though I see the Acrobat Reader logo for a few seconds. What would
> > cause this?
>
> Lots of possibilities, but perhaps you just didn't wait long enough.
> PDF files often take a long time to download, especially via dial-up.
>
It looks like the Acrobat Reader fails after displaying the logo.
If I go to http://www.ams.org/notices and access the article from there
everything works fine.
By the way, I enjoyed that review of The Code Book by Jim Reeds.
Thanks for mentioning it.
-- Jeff Hill
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED] (Canopy Co Tulsa OK)
Subject: Re: Does the NSA have ALL Possible PGP keys?
Date: 24 Feb 2000 14:08:15 GMT
This is based on the assumption that they would use the information that they
gained in such small cases as this. Doing so would also give away the fact that
they can break the code. This would alert others as to not depending on the
code to protect them. Then a new, unbroken, code would be invented.
There SOP shows that they will keep quiet, let people use the code with out
restriction, and, just before the statute of limitations runs out, arrest
everyone.
After all, they have let entire cities be bombed into oblivion, just to hide
the
fact that they had broken a code.
----Sig.----
There is only one war, and it's not the rich against the poor,
the blacks against the whites, liberals against the conservatives,
or the Democrats versus the Republicans.
It's those of us who aren't complete idiots against those of us who are.
In article <890i84$[EMAIL PROTECTED]>, "csabine" <[EMAIL PROTECTED]> writes:
>
>Mmmm
>Lets assume for a moment that tiwolf is correct. The government do know all
>the codes and every bit of conversation that is carried out around the
>world. In this 'tiwolf' universe:
>
>All the mafia warlords have been locked up.
>All the drug dealers have been dealt with.
>80% of 'intents to murder' have have been pre-empted.
>All child pornographers have been exposed.
>Blackmailers have been thrown in jail.
>Extortionists have been ex-communicated.
>etc, etc
>
>But, alas, this 'tiwolf' universe does not exist. I think that perhaps this
>is proof enough that mathematical laws are still holding out. And that
>government employees are, after all, only human and not demi-gods.
------------------------------
From: John Underwood <[EMAIL PROTECTED]>
Crossposted-To: comp.security.misc,alt.security.pgp
Subject: Re: Passwords secure against dictionary attacks?
Date: Thu, 24 Feb 2000 08:22:39 +0000
On Thu, 24 Feb 2000 at 07:19:20, Jens Haug <[EMAIL PROTECTED]>
wrote in alt.security.pgp:
(Reference: <892m1o$hou$[EMAIL PROTECTED]>)
>Our computer centre suggest choosing a phrase an using every first (or second,
>or last or whatever) character for the password. For example: My grandma takes 5
>glasses of whine per evening = Mgt5gowpe, who could guess that password?
In that case, the second letter would produce an even more confusing
one, provided you remembered the deliberate mis-spelling. I find the
deliberate mistake in a well-known (to me) phrase or saying can be quite
useful - provided it is not a mistake I always make. "To see or not to
see, that is the answer" (or your own, wrong translation of something
from another language).
--
John Underwood
------------------------------
From: Yugo Shimada <[EMAIL PROTECTED]>
Subject: Enigma
Date: Thu, 24 Feb 2000 14:30:44 GMT
Hi,
I am interesting in the CAST-128 Encryption Algorithm.
although I ran throught the RFC spec, I'd like to get
the source code. Does someone give me the point to the
C source of it?
Best regards,
Yugos
[EMAIL PROTECTED]
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED] (DJohn37050)
Subject: Re: Enigma
Date: 24 Feb 2000 14:57:55 GMT
Check out the NIST AES submission.
Don Johnson
------------------------------
From: [EMAIL PROTECTED] (Walter Roberson)
Crossposted-To: comp.security.misc,alt.security.pgp
Subject: Re: Passwords secure against dictionary attacks?
Date: 24 Feb 2000 15:37:47 GMT
In article <892m1o$hou$[EMAIL PROTECTED]>,
Jens Haug <[EMAIL PROTECTED]> wrote:
:Our computer centre suggest choosing a phrase an using every first
:(or second, or last or whatever) character for the password. For
:example: My grandma takes 5 glasses of whine per evening = Mgt5gowpe,
I once went to do that, and decided that I'd use the first characters
of the opening of (folk-singer) Joni Mitchell's song "Blue", which starts:
Songs are like tatoos,
You know, I've been to sea before
I gave up when I realized that the first letters approach had produced
the word 'salty'.
In 19th Century England and "literate" USA, poetry often had words
and (especially) names hidden in it using the first or last letter pattern.
See for example the dedicatory poem 'Alice' to Lewis Carol's
(real name Charles Dodgson) "Alice in Wonderland": the first letters of
every line spell out 'Alice Pleasance Liddle', the full name of the
little girl who inspired the book.
:who could guess that password?
If I were an intelligence agent trying to break a particular person's
password, I would make a study of the person's tastes -- e.g.,
get myself invited into the person's home to fix a pipe or install cable
or something. People seldom generate -random- passwords, they
generate passwords based on something that is meaningful to them
(because that's what they can remember.)
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: DES algorithm
Reply-To: [EMAIL PROTECTED]
Date: Thu, 24 Feb 2000 15:43:10 GMT
JPeschel <[EMAIL PROTECTED]> wrote:
: [EMAIL PROTECTED] (John Savard) writes:
:>I can do that if the URL is on a web page. But when the URL is in a
:>USENET article, the only thing I can do with it in a browser is to
:>type it in in the URL box.
: Highlight the URL, right click, copy, and paste.
That doesn't work from within tin, using my telnet client.
All this sort of thing is newsreader-specific.
The problem is pretty OS-specific anyway. There's no good reason why you
should experience difficulties in downloading or viewing a PDF file
directly from an URL.
--
__________
|im |yler The Mandala Centre http://www.mandala.co.uk/ [EMAIL PROTECTED]
The faster you go, the shorter you are - Einstein.
------------------------------
From: Paul Koning <[EMAIL PROTECTED]>
Subject: Re: Implementation of Crypto on DSP
Date: Thu, 24 Feb 2000 10:28:11 -0500
[EMAIL PROTECTED] wrote:
>
> >
> > Given that all this stuff exists in portable C, and you can get decent
> > C compilers these days, you could just run the code through a
> compiler.
> > DES might benefit from hand-tuning; the rest probably not all that
> much.
> > (As I recall, there's even a GCC for TI, don't know if it's 100% done
> > yet.)
> >
>
> I am surprised that there is not much benefit in hand optimisation. 10
> years ago it was a rule of thumb that a good assembler program would get
> you speed benefits of 5 or more.... Things must have really
> changed....Are C compilers that good..? All they all the same
> quality...or some more super optimised then others..
>
> But I must point out, that maybe the case for perhaps a Uni-processor
> SISD machine, but with pipleline and multi-architecture DSP's..I would
> suggest that hand optimisation plays a very significant gain...
> Vectorising compilesr have not reached the staet of the art of ordinary
> optimizing compilers.
Good points. I don't know about the factor of 5, that sounds plausible
for low quality PC class C compilers of a few years ago but not
necessarily for others; high grade optimizing compilers have existed
for quite some time. That includes vectorizing etc. -- ask Cray...
Nevertheless, it is true and will remain true that the very best
assembly
language programmers can out-code any compiler. That's true simply
because
the programmer can know more about the nature of the problem than you
can
express in the programming language, so the programmer can do
optimizations
the compiler cannot make because the compiler cannot be told they are
valid.
Note I said "the very best...programmers". Chances are by now a good
compiler
will outperform an average skill assembly programmer. And the bar is
going
up over time, as the properties of processors become more complex. For
example,
it was claimed that you can't justify assembly language programming for
RISC machines, especially machines like the Alpha. That's not true, I
have
the test cases to prove that, but it certainly is the case you have to
study
hard and know a lot to beat the best compilers.
> We have done some hand calculations for 3DES on an SIMD machine, and it
> turns out that the bottleneck in the algorithm is the Table lookup. The
> excl OR runs super fast ( few orders of magnitude faster then table
> lookup)...
So read Shamir's papers on how to do DES fast, in particular the
observation
that you can convert the S-box lookups into sequences of boolean
operations.
In the "bit slice" approach (not useable for DES CBC encrypt,
unfortunately,
but useable for some other modes and also with Serpent) that easily
helps;
if your table lookups are sufficiently horrible it might even help with
ordinary (not bit sliced) DES.
paul
--
!-----------------------------------------------------------------------
! Paul Koning, NI1D, D-20853
! Lucent Corporation, 50 Nagog Park, Acton, MA 01720, USA
! phone: +1 978 263 0060 ext 115, fax: +1 978 263 8386
! email: [EMAIL PROTECTED]
! Pgp: 27 81 A9 73 A6 0B B3 BE 18 A3 BF DD 1A 59 51 75
!-----------------------------------------------------------------------
! "A system of licensing and registration is the perfect device to deny
! gun ownership to the bourgeoisie."
! -- Vladimir Ilyich Lenin
------------------------------
From: Paul Koning <[EMAIL PROTECTED]>
Subject: Re: Transmitting ciphered data
Date: Thu, 24 Feb 2000 10:31:10 -0500
Markus Eiber wrote:
>
> Hi there,
> I am looking for some aspects on how ciphering data might influence the
> efficiency of transmission systems.
> Are there any references on this topic?
Don't know about references.
Two observations:
1. Any compression algorithms in the transmission system (such as the
compression now standard in all dialup modems) become entirely useless.
So your actual throughput goes down to the base wire rate (53 kb/s for
the latest modems) rather than the 2x to 4x gain you can get at least
for
text data with compression.
2. Any transition density worries in your clock recovery system
disappear, but you probably didn't want to count on that. You can
also stop worrying about accidental synchronization with whatever
scrambler the transmission system may have.
paul
------------------------------
From: Paul Koning <[EMAIL PROTECTED]>
Subject: Re: NSA Linux and the GPL
Date: Thu, 24 Feb 2000 10:33:58 -0500
"Trevor Jackson, III" wrote:
>
> Mike Rosing wrote:
>
> > John E. Kuslich wrote:
> > >...
> > > Why has John Deutch not been arrested and charged with violations of the
> > > law regarding care of classified information?????????
> >
> > Because he knows all the illegal crap a lot of other high level people
> > have done, and half the government would be implicated in some kind of
> > judicial proceeding if he is. Lot's easier to let him go.
>
> Does "mens rea" (intent) count for nothing?
It should count but in practice it hasn't always. Apart from that, if
the
charge is carelessness or recklessness in the handling of classified
material (rather than intentional mishandling) mens rea wouldn't seem to
be an issue.
paul
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
