Cryptography-Digest Digest #218, Volume #11 Tue, 29 Feb 00 10:13:01 EST
Contents:
Re: Status of alleged *THIRD* key in MS Crypto API ? (Robert Harley)
Ciphering = deciphering; is this a weakness? ("Manuel Pancorbo")
Re: Can someone break this cipher? (Runu Knips)
Re: Want to poke holes in this protocol? (Runu Knips)
Re: Why aren't there any newsgroups on Steganography?? (Jon Haugsand)
Re: On jamming interception networks ("Douglas A. Gwyn")
Re: Status of alleged *THIRD* key in MS Crypto API ? ("Douglas A. Gwyn")
Re: Ciphering = deciphering; is this a weakness? ("Douglas A. Gwyn")
Re: Can someone break this cipher? ("Douglas A. Gwyn")
Re: Best language for encryption?? ("Vinchenzo")
Re: Why aren't there any newsgroups on Steganography??
([EMAIL PROTECTED])
Re: Ciphering = deciphering; is this a weakness? (SCOTT19U.ZIP_GUY)
Re: Best language for encryption?? ("Douglas A. Gwyn")
Re: Status of alleged *THIRD* key in MS Crypto API ? (DJohn37050)
Re: Source Code Available (SCOTT19U.ZIP_GUY)
Re: OAP-L3 Encryption Software - Complete Help Files at web site (Volker Hetzer)
Re: Want to poke holes in this protocol? (David A Molnar)
Re: Why aren't there any newsgroups on Steganography?? (SCOTT19U.ZIP_GUY)
Re: Best language for encryption?? (SCOTT19U.ZIP_GUY)
I need help ("Ghislaine Resplandy")
Re: On jamming interception networks (Richard Herring)
Re: Processor speeds. ("Clockwork")
Re: Ciphering = deciphering; is this a weakness? ("Adam Durana")
----------------------------------------------------------------------------
From: Robert Harley <[EMAIL PROTECTED]>
Subject: Re: Status of alleged *THIRD* key in MS Crypto API ?
Date: 29 Feb 2000 11:35:37 +0100
"Douglas A. Gwyn" <[EMAIL PROTECTED]> writes:
> The cited article rehashes the old "NSAKEY" issue, repeating
> misleading claims about it that were discredited previously.
As far as I can tell, attempts to discredit such claims ran something
like: 'only loony conspiracy theorists would think that a variable
called NSAKEY is an N.S.A. key'.
Somehow, I doubt that many people were taken in by such obfuscation.
Rob.
------------------------------
From: "Manuel Pancorbo" <[EMAIL PROTECTED]>
Subject: Ciphering = deciphering; is this a weakness?
Date: Tue, 29 Feb 2000 11:20:01 +0100
Hi folks!
I'm designing a block cipher algorithm and I have the option make it in =
such a way that the enciphering process is the same as deciphering. I =
mean:
E(E(m;k) ;k) =3D m
where E(m;k) is the enciphering algorithm of the plaintext 'm' with key =
'k'.
Could this property could be trivially exploited to crack the cipher?
Thanks.
--=20
+ Manuel Pancorbo
+ [EMAIL PROTECTED]
+ "...
+ M=E1s vale aprender una sola l=EDnea de Ciencia
+ que postrarse cien veces en oraci=F3n. (Cor=E1n)
+
+ Pli valoras lerni ech nur unu linion de Scienco
+ ol preghe genui cent fojojn. (Korano)
+ ..."
------------------------------
Date: Tue, 29 Feb 2000 12:41:17 +0100
From: Runu Knips <[EMAIL PROTECTED]>
Subject: Re: Can someone break this cipher?
Mary - Jayne schrieb:
> Similarly, I don't thing
You thing ? Hmm ... Sadomaso or what ?!? ;-)
> the Germans sent an Enigma machine over to England
> in 1939 with a note saying ' Hi chaps, this is our new kit and this is how it
> works'.
Thats exactly what has happened. They only sended it to
poleland, because of an error, and long before 1939. If
you want to argue, argue about things where you have a
clue about ;-)
The attacker _ALWAYS_ knows your system. You CANNOT keep
it hidden. The attacker does NOT care about the laws
against decompiling. The attacker has millions of
chances to get your crypto hardware, and it will take
one of them. The attacker has many ways to fool your
people, and get the algorithm. Is your secretary
underpaid ? The attacker will help her a little bit with
that. Is your programmer lonely ? The attacker will be
female and seduce him. Somewhere is ALWAYS a hole.
Therefore, if you want someone to test your crypto,
publish the algorithm and then the professionals can
discuss it.
------------------------------
Date: Tue, 29 Feb 2000 12:47:03 +0100
From: Runu Knips <[EMAIL PROTECTED]>
Subject: Re: Want to poke holes in this protocol?
Johan Hoogenboezem schrieb:
> I'm using the key generation that comes with cryptix.org's cleanroom
> implementation of Sun's Java Cryptography Extension. I'm using RSA (1536-bit
> key) for the public-private key encryption and Blowfish (128-bit key) for the
> symmetrical part. I am considering El-Gamal for the public-private key
> encryption though, because I might have picked up a bug in the implementation
> of the RSA algorithm. I'm not sure yet. If you think of anything else, I'd be
> happy to know about it
Hmm I would suggest El-Gamal, because its free (even if RSA will be free
soon,
too, end of June if I remember correctly), and Twofish or one of the
other AES
candidates for symmetric encryption, because Blowfish works only with a
64 bit
blocksize. You know that DES can be broken today just because of its
small 64
bit blocksize ? You can buy machines for brute-force attacks which can
break
any DES-encrypted message in about a week. Really, Blowfish is not what
I
would be using for my money ! Twofish is as free as Blowfish, btw. The
other
AES candidates are not, at least they state it not in that way.
But the major problem in your protocol (besides good random numbers of
course,
I just hope thats not the problem here) is how does the bank get B's
public
key ? You see, B has to generate its public/private key, but a man in
the
middle can always simulate 'I'm B' with an own public/private key. I
would
suggest that you think a little more about that point. You need a
validation.
For example, if you give your client the public key of your bank, he or
she
may send his or her public key encrypted with the public key of the
bank. Then
the man of the middle, if he cannot alter the public key of the bank
which you
gave B, will fail, and you have an authentification. But you have to be
sure
the client get the correct bank key ! It would be good if you send your
software to him on a physical CD or such. That is really hard to fake.
------------------------------
From: Jon Haugsand <[EMAIL PROTECTED]>
Subject: Re: Why aren't there any newsgroups on Steganography??
Date: 29 Feb 2000 12:52:55 +0100
* Amit IG
> Why aren't there any newsgroups on Steganography? At least it doesn't show
> up on my list. Please let me know if there is one. Steganography provides a
> new dimension to encryption and it is a field unto itself
Steganographs do it in the hidden.
--
Jon Haugsand
Norwegian Computing Center, <http://www.nr.no/engelsk/>
<mailto:[EMAIL PROTECTED]> Pho: +47 22852608 / +47 22852500,
Fax: +47 22697660, Pb 114 Blindern, N-0314 OSLO, Norway
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: On jamming interception networks
Date: Tue, 29 Feb 2000 13:09:04 GMT
Mok-Kong Shen wrote:
> So all the EU-papers on that topic are nothing but fairy tales.
I know you were being sarcastic, but that is fairly accurate.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Status of alleged *THIRD* key in MS Crypto API ?
Date: Tue, 29 Feb 2000 13:17:38 GMT
Robert Harley wrote:
> As far as I can tell, attempts to discredit such claims ran something
> like: 'only loony conspiracy theorists would think that a variable
> called NSAKEY is an N.S.A. key'.
> Somehow, I doubt that many people were taken in by such obfuscation.
Hopefully, few people are taken in by such "straw man" arguments.
The actual function of the secondary key (variable name "NSAKEY")
is evident upon examining the disassembly. It is applied to
authenticate a downloaded encryption module if and only if
authentication with the primary Microsoft key fails. So long as
you're using modules that pass the primary authentication, there
is no opportunity for the secondary key to do *any*thing.
Microsoft explained the origin of the secondary key and the
origin of its name; whether or not you believe them, surely you
can't think the NSA sticks its name on things it covertly touches.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Ciphering = deciphering; is this a weakness?
Date: Tue, 29 Feb 2000 13:29:46 GMT
Manuel Pancorbo wrote:
> E(E(m;k) ;k) = m
> Could this property could be trivially exploited to crack the cipher?
Not in general, although it might be a serious flaw in certain
designs. The property is traditionally called "involution",
and it was exhibited by systems such as Enigma and Hagelin
machines. One way to achieve an involutory cipher is to use
(dynamic) substitution alphabets that are "reciprocal", i.e. if
K goes to Q, then Q goes to K. If reciprocal alphabets are used,
then methods written up long ago by Kullback in a monograph
"Reciprocal Alphabets and Friedman Squares" can be used to help
crack the system. (I have made a Word document, thus PDF etc.
of this monograph, and expect to post it on my Web site when I
get around to setting it up.)
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Can someone break this cipher?
Date: Tue, 29 Feb 2000 13:33:13 GMT
Runu Knips wrote:
> The attacker _ALWAYS_ knows your system.
No, he doesn't, but you don't want the cryptosystem's security
to *require* that the system remain unknown to the attacker.
It is simply too difficult to guarantee that in practice,
and if something goes wrong, you are put in a real bind.
------------------------------
From: "Vinchenzo" <[EMAIL PROTECTED]>
Subject: Re: Best language for encryption??
Date: Tue, 29 Feb 2000 08:52:32 -0500
I know Visual Basic perfectly...but the only problem is the memory size
allocated for big numbers...4*10^309
What is the largest data type in C?
"Douglas A. Gwyn" <[EMAIL PROTECTED]> a écrit dans le message news:
[EMAIL PROTECTED]
> wtshaw wrote:
> > It all depends on your purpose. C appears useful, but tends to be
> > more cryptic than BASIC, which is a higher level language than C.
> > C and C++ are powerful, but for demonstration purposes BASIC is much
> > more apparent in source, and tends not to rely on brand x classes or
> > header files as training wheels to get the most out of it, as it
> > already works at a sopistocated level.
>
> French is "cryptic" to those who don't understand French.
> Arabic is "cryptic" to those who don't understand Arabic.
> Chinese is "cryptic" to those who don't understand Chinese.
> etc.
>
> You have really mischaracterized those programming languages,
> apparently from lack of familiarity with all of them except
> (perhaps) BASIC.
>
> The vast majority of crypto programming is currently done in C,
> C++, or Java. However, it *can* be achieved in any language
> that is not too crippled. Choosing a programming language is
> an issue that has many relevant factors to be considered, none
> of which did you address. (Nor shall I, as that thread would
> have little relevance to sci.crypt.) If you know BASIC, feel
> free to use it, but even if you manage to overcome all the
> obstacles it puts in the way of implementing RSA (hint: you
> need a bignum library), the result will be much slower than
> if you had chosen any of several other possible languages.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Why aren't there any newsgroups on Steganography??
Date: Tue, 29 Feb 2000 13:54:29 GMT
=====BEGIN PGP SIGNED MESSAGE=====
Hash: SHA1
Jon Haugsand wrote:
> * Amit IG
> > Why aren't there any newsgroups on Steganography? At least it doesn't show
> > up on my list. Please let me know if there is one. Steganography provides a
> > new dimension to encryption and it is a field unto itself
>
> Steganographs do it in the hidden.
yes.. they are hidding in alt.binaries.pictures.erotica ;-))
- --
Disastry http://i.am/disastry/
remove .NOSPAM.NET for email reply
=====BEGIN PGP SIGNATURE=====
Version: Netscape PGP half-Plugin 0.14 by Disastry / PGPsdk v1.7.1
Comment: get this Plugin at http://disastry.dhs.org/pgp.htm
iQA/AwUBOLuzczBaTVEuJQxkEQICPwCgyV2aJc1Q5sufw9gB+x/3mWPJ2C4An2DW
cWxkKesngt8C4N9FXuaVAToG
=4diE
=====END PGP SIGNATURE=====
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Ciphering = deciphering; is this a weakness?
Date: Tue, 29 Feb 2000 14:59:01 GMT
In article <89g6k3$pjb$[EMAIL PROTECTED]>, "Manuel Pancorbo" <[EMAIL PROTECTED]> wrote:
>Hi folks!
>
>I'm designing a block cipher algorithm and I have the option make it in =
>such a way that the enciphering process is the same as deciphering. I =
>mean:
>
> E(E(m;k) ;k) =3D m
>
>where E(m;k) is the enciphering algorithm of the plaintext 'm' with key =
>'k'.
>
>Could this property could be trivially exploited to crack the cipher?
>
>Thanks.
Any block cipher with the correct weak Chaining method can appear to have
this property. It is surely something the NSA could exploit because it is a
weakness. However if that is the only wekness and the key is long enough
My guess is that the effective key length is maybe cut in half. maybe someone
else has other guesses.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website NOT FOR WIMPS
http://members.xoom.com/ecil/index.htm
Scott rejected paper for the ACM
http://members.xoom.com/ecil/dspaper.htm
Scott famous Compression Page WIMPS allowed
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
"The road to tyranny, we must never forget, begins with the destruction of the
truth."
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Best language for encryption??
Date: Tue, 29 Feb 2000 14:09:24 GMT
> What is the largest data type in C?
C's type system is open-ended; the programmer can define types
that are built up from the built-in types, usually as structure
types, and functions to operate on them. C++ provides support
for deriving types from other (base) types, inheriting many
of the base type properties so that less needs to be specified,
and "objects" of these types can be used in operator context,
e.g. A + B * C, unlike C's structure types (where usually
function calls or macros are used for operations).
Of course, C or C++ programmers are more likely to just use one
of the readily available bignum libraries than to roll their
own from scratch, but the nice thing about C/C++ is that if
you have a genuine need to roll your own, you can, and if you
know what you're doing, it will be highly efficient *and*
highly portable.
------------------------------
From: [EMAIL PROTECTED] (DJohn37050)
Subject: Re: Status of alleged *THIRD* key in MS Crypto API ?
Date: 29 Feb 2000 14:10:22 GMT
For me, the best rationale is one or both of:
1) backup key to primary key.
2) key to allow non-MS entity to install crypto module.
It depends on who owns the associated private key.
Don Johnson
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Source Code Available
Date: Tue, 29 Feb 2000 15:21:01 GMT
In article <[EMAIL PROTECTED]>,
<[EMAIL PROTECTED]> wrote:
>
> SOURCE CODE AVAILABLE
> Does anyone remember Fauzan Mirza's TinyIdea program, a DOS based
>encryption program using the IDEA cipher and coded in less than 512 bytes?
>I was so impressed that I have coded several other encryption programs in that
>TINY format. Of course, to achieve this program size, the source code must be
> in
>assembly language. My code can be assembled on Eric Isaacson's A386 assembler,
>and two of the programs (TINYRIJN and TINYSAFR) use only 16-bit instructions,
>making it possible to assemble them on the shareware A86 assembler (available
>from www.eji.com). And now with the new EAR regulations, (and after the
>required notice to [EMAIL PROTECTED]) I have posted the source code for these
>programs. There are three mirror sites for these:
> www.afn.org/~afn21533/
Way to go I hope the bastards at [EMAIL PROTECTED] don't come after you.
By the way did they write you back. I wrote the bastards with a few questions
but they never answered. I assume since you practiced law you must know what
you are doing. Please post what you think the crypto rules are for those of us
who write free software.
> members.tripod.com/~afn21533/
> members.xoom.com/afn21533/ (Note lack of tilde here)
> All these programs use CFB block chaining and run from the DOS
>command line. Encryption is done 'in place', so the original file is
>overwritten by the encrypted one. (Great for file wiping, too). Direction
>(encrypt/decrypt) is handled like TinyIdea (+ or - on the command line).
> The first program, DOSFISH (dosfish.zip), is Bruce Schneier's
>BLOWFISH in the above form. While the executable is only 425 bytes, it
>requires the hex digits of PI as initialization. This can be loaded from an
>auxiliary file which is 4168 bytes long. The cipher section of this program
>has been successfully tested with the BLOWFISH test vectors.
> Bruce had stated in a post to this NG at one time that there was
>nothing 'magic' about PI as an initialization, and the use of a file so
>long for initialization seemed a little silly to me, so I created GOLDFISH
>which substituted the 'golden ratio' initialization used by Ron Rivest in
>RC5 and RC6 for the long external file while continuing to use the rest of the
>BLOWFISH algorithm. This reduced the executable to only 373 bytes. Look for it
>as goldfish.zip.
> I found several of the AES candidates suitable for this treatment.
>Of the four that I coded, (RC6, SAFER+. SERPENT and RIJNDAEL) three have made
>it to the second round. The files are tinyrc.zip, tinysafr.zip, tinyserp.zip
>and tinyrijn.zip on the above sites.
> While TINYRC and TINYSAFR are true examples of the parent cipher, a
>short note about the implementation of TINYSERP is in order. From the
>description in Ross Anderson's submission document, it appears that the IP
>and FP routines are for the purpose of matching the 4-bit S-boxes to the
>cipher space, and Ross says that these routines add no cryptographic strength
>to the system. In order to save space, I omitted these routines and devised
>a way to run the substitution on the proper bits using the XOR function
>instead of substitution. This required that the initial S-box values be XORed
>with their index into the S-box. In order to fit the S-box into the 512-
>byte limit, it was also compressed as data, and expanded by the program.
> TINYRIJN has received the most attention, and I would like to thank
>Vincent Rijmen for his invaluable assistance as I worked with this program.
>It incorporates the true RIJNDAEL cipher, in 128, 192, and 256-bit form,
>along with a Davies-Meyer key hash which allows matching the entropy of the
>user input more properly to that inherent in the cipher keyspace. (But this
>does require that the key size and block size be the same, not a requirement
>of RIJNDAEL). In addition, the IV is derived from the filename, ensuring a
>different encryption for different files starting with the same sequence.
>I/O is redirectable, making it possible to run from .BAT files, but error
>messages are always displayed on the screen. The S-box values are generated
>based on the formulas found in Dr. Brian Gladman's C implementation and match
>the original RIJNDAEL S-box values. The 128-bit executable of this program
>runs 485 bytes, while in 256-bit form it is 507 bytes.
>
>================
>My home page URL=http://members.xoom.com/afn21533/ Robert G. Durnal
>Hosting HIDE4PGP, HIDESEEK v5.0, TinyIdea, BLOWFISH, [EMAIL PROTECTED]
>and tiny DOS versions of RC6, RIJNDAEL, SAFER+, and [EMAIL PROTECTED]
>SERPENT. EAR may apply, so look for instructions.
>
>
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website NOT FOR WIMPS
http://members.xoom.com/ecil/index.htm
Scott rejected paper for the ACM
http://members.xoom.com/ecil/dspaper.htm
Scott famous Compression Page WIMPS allowed
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
"The road to tyranny, we must never forget, begins with the destruction of the
truth."
------------------------------
From: Volker Hetzer <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto,alt.privacy
Subject: Re: OAP-L3 Encryption Software - Complete Help Files at web site
Date: Tue, 29 Feb 2000 14:29:10 +0000
Anthony Stephen Szopa wrote:
>
> Tim Tyler wrote:
> > I don't rate the "description" of the algorithm as being very coherent,
> > either. For example, there's lots of stuff abouit "rotating sets",
> > without specifying the direction of rotation. I doubt the information
> > provided is sufficient for a third-party to write either a decryptor or an
> > encryptor.
> If I wrote a program that says it will add any two numbers and
> give you the result all you would need to do is run it with test
> data and see if it works.
> This is what you can do with OAP-L3. All the test data and
> explanations are provided.
The point of his evaluation is not to check whether it runs, but to check
whether it is secure. You need the source code for this, not some "test data".
Greetings!
Volker
--
Hi! I'm a signature virus! Copy me into your signature file to help me spread!
------------------------------
From: David A Molnar <[EMAIL PROTECTED]>
Subject: Re: Want to poke holes in this protocol?
Date: 29 Feb 2000 14:27:54 GMT
Runu Knips <[EMAIL PROTECTED]> wrote:
> Hmm I would suggest El-Gamal, because its free (even if RSA will be free
> soon,
> too, end of June if I remember correctly), and Twofish or one of the
September 20, 2000
Mark your calendar.
-David
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Why aren't there any newsgroups on Steganography??
Date: Tue, 29 Feb 2000 15:35:34 GMT
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>Jon Haugsand wrote:
>> * Amit IG
>> > Why aren't there any newsgroups on Steganography? At least it doesn't show
>> > up on my list. Please let me know if there is one. Steganography provides a
>> > new dimension to encryption and it is a field unto itself
>>
>> Steganographs do it in the hidden.
>
>yes.. they are hidding in alt.binaries.pictures.erotica ;-))
>
Why did you post this here. I was happy just having the NSA think that I was
a pervert downloading all those hot pictures. Now they may take a finer look
at the ones I have been down loading. Especially those hot latina series.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website NOT FOR WIMPS
http://members.xoom.com/ecil/index.htm
Scott rejected paper for the ACM
http://members.xoom.com/ecil/dspaper.htm
Scott famous Compression Page WIMPS allowed
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
"The road to tyranny, we must never forget, begins with the destruction of the
truth."
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Best language for encryption??
Date: Tue, 29 Feb 2000 15:31:35 GMT
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
(wtshaw) wrote:
>In article <89fa5p$2ork$[EMAIL PROTECTED]>, [EMAIL PROTECTED]
>(SCOTT19U.ZIP_GUY) wrote:
>
>> In article <uSCu4.1256$[EMAIL PROTECTED]>, "Vinchenzo"
><[EMAIL PROTECTED]> wrote:
>> >I would like to know what would be the best programming language to write an
>> >encryption/decryption utility, I expect to use RSA or some public key
>> >algorithms.
>>
>> If you have a good assembler that is the best to write in. However
>> if you go with a high level language C is a good bet.
>>
>It all depends on your purpose. C appears useful, but tends to be more
>cryptic than BASIC, which is a higher level language than C.
>
>I know David does assembler, and C is surely higher that that.
>
>C and C++ are powerful, but for demonstration purposes BASIC is much more
>apparent in source, and tends not to rely on brand x classes or header
>files as training wheels to get the most out of it, as it already works at
>a sopistocated level.
I have used Basic on and off for well over 20 years and for ease of use
it is hard to beat a good multipurpose BASIC. But I don't have one for my
PC. I do have access to LIBERTY BASIC in mexico and it seems ok but it
still lacks many features in old BASIC. Basic is fine for encryption that does
not make many demands on the processor like your GVA. But it is way to
slow to try to impliment an encryption program that demands a large amount
of processing like scott19u. I don't think current machines and current
versions of BASIC and handle an encryption method like scott19u in any
reasonable amount of time.
>
>Of course, lots depends on the compiler and platform needs. And, what you
>like is as important as anything else. Good luck.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website NOT FOR WIMPS
http://members.xoom.com/ecil/index.htm
Scott rejected paper for the ACM
http://members.xoom.com/ecil/dspaper.htm
Scott famous Compression Page WIMPS allowed
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
"The road to tyranny, we must never forget, begins with the destruction of the
truth."
------------------------------
Reply-To: "Ghislaine Resplandy" <[EMAIL PROTECTED]>
From: "Ghislaine Resplandy" <[EMAIL PROTECTED]>
Subject: I need help
Date: Tue, 29 Feb 2000 15:33:32 +0100
I am studying cryptography on my own through the book "Network Security:
Private Security in a Public World" (Kaufman, Perlman and Speciner). Do you
know if I can find somewhere the answers to the exercises at the end of each
chapter? I do not have a clue sometimes... and I do not want to bother each
time I do not understand a question.
Thanks for your help
Ghislaine
------------------------------
From: [EMAIL PROTECTED] (Richard Herring)
Subject: Re: On jamming interception networks
Date: 29 Feb 2000 14:51:22 GMT
Reply-To: [EMAIL PROTECTED]
In article <eUcu4.1193$[EMAIL PROTECTED]>, Amical ([EMAIL PROTECTED])
wrote:
> The easiest would be a secure plug in for Outlook Express
^^^^^^ ^^^^^^^^^^^^^^^
Oxymoron.
--
Richard Herring | <[EMAIL PROTECTED]>
------------------------------
From: "Clockwork" <[EMAIL PROTECTED]>
Subject: Re: Processor speeds.
Date: Tue, 29 Feb 2000 09:07:54 -0600
http://www.msnbc.com/news/375221.asp?0m=-12Q
------------------------------
From: "Adam Durana" <[EMAIL PROTECTED]>
Subject: Re: Ciphering = deciphering; is this a weakness?
Date: Tue, 29 Feb 2000 10:06:55 -0500
> E(E(m;k) ;k) = m
This is not a weakness itself, infact many ciphers do this. It can be an
advantage in some cases, such as when you are implementing the cipher in
hardware were space is limited. If you have one function that can decrypt
and encrypt data then you save yourself some space. A lot of stream ciphers
do this such as RC4, and its considered secure. I cannot think of any block
ciphers that do this off the top of my head, but I'm sure there are some out
there that have this property. A simple one time pad using xor would have
this property, and OTP is said to provide perfect security, but thats
because of the overall method not just this property. So the fact that your
encrypting and decrypting methods are the same function does not decide that
your algorithm is weak or strong.
- Adam Durana
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
