Cryptography-Digest Digest #220, Volume #11 Tue, 29 Feb 00 14:13:01 EST
Contents:
Re: I need help ("Keith Monahan")
"imparting cryptographic information to individual photons"??? (David Ross)
Re: brute force attack on a 128 bit SSL key? (Bill Unruh)
Re: "imparting cryptographic information to individual photons"??? (Bill Unruh)
Some of the best security intelligence books that I have read are : 1. ("Markku J.
Saarelainen")
Re: OpenSSL and Netscape ([EMAIL PROTECTED])
Re: NSA now has a FAQ ([EMAIL PROTECTED])
IDEA question. (Chris DiTrani)
Re: NSA now has a FAQ ([EMAIL PROTECTED])
Re: "imparting cryptographic information to individual photons"??? (Mike Rosing)
Re: On jamming interception networks (Jerry Coffin)
Re: Q: 'Linear encipherment' ([EMAIL PROTECTED])
Re: On jamming interception networks (Mok-Kong Shen)
Re: Q: 'Linear encipherment' (Mok-Kong Shen)
Re: brute force attack on a 128 bit SSL key? (Jerry Coffin)
Re: Can someone break this cipher? (JPeschel)
Re: Status of alleged *THIRD* key in MS Crypto API ? ("Trevor Jackson, III")
----------------------------------------------------------------------------
From: "Keith Monahan" <[EMAIL PROTECTED]>
Subject: Re: I need help
Date: Tue, 29 Feb 2000 16:58:43 GMT
Have you tried mailing the publishers?
Keith
Ghislaine Resplandy <[EMAIL PROTECTED]> wrote in message
news:ViGQdLsg$[EMAIL PROTECTED]...
> I am studying cryptography on my own through the book "Network Security:
> Private Security in a Public World" (Kaufman, Perlman and Speciner). Do
you
> know if I can find somewhere the answers to the exercises at the end of
each
> chapter? I do not have a clue sometimes... and I do not want to bother
each
> time I do not understand a question.
> Thanks for your help
> Ghislaine
>
>
>
------------------------------
From: [EMAIL PROTECTED] (David Ross)
Subject: "imparting cryptographic information to individual photons"???
Date: Tue, 29 Feb 2000 17:17:59 GMT
Anyone know anything about this? From an article on pages 120 & 122
of the Feb. 21 2000 issue of 'Aviation Week & Space Technology'.
(note - the 'NIS' referred to is the 'Nonproliferation and
International Security' division at the Los Alamos National
Laboratory. H. Terry Hawkins is mentioned as its Director.)
One NIS project --- supported by the National Security Agency --- is
focused on quantum encryption techniques, which eventually could
become the ultimate information protection mechanism. "We're
imparting cryptographic information to individual photons and passing
them through fiber optic cables," Hawkins said. "We can pick up the
photon at the other end of the cable and look at the encrypted
information contained in it. Under the Heisenberg uncertainty
principle, you cannot stop that photon along its path and read the
information without altering the information. It's the only method we
know that is absolutely secure."'
There is a lot of present tense verbiage in this paragraph - is
this stuff actually being done right now?
Dave Ross
------------------------------
From: [EMAIL PROTECTED] (Bill Unruh)
Subject: Re: brute force attack on a 128 bit SSL key?
Date: 29 Feb 2000 17:28:02 GMT
In <[EMAIL PROTECTED]> Domenico Signorello <[EMAIL PROTECTED]>
writes:
>128-bit-SSL-encrypted data sequence?
Say it takes one operation to generate a key, and one to encrypt and one
to test that the encryption is the right one. Then it would take 3x 2^128
operations to crack That is approximately 10^38 operations, which would
require all of the world's current computers operating for more than the lifetime
of the universe to break. Of course if SSL has a weakness then that time
could be cut substantially.
( the 2^128 is the number of keys which need to be generated and tested)
------------------------------
From: [EMAIL PROTECTED] (Bill Unruh)
Subject: Re: "imparting cryptographic information to individual photons"???
Date: 29 Feb 2000 17:33:08 GMT
In <[EMAIL PROTECTED]> [EMAIL PROTECTED] (David Ross) writes:
> One NIS project --- supported by the National Security Agency --- is
>focused on quantum encryption techniques, which eventually could
...
> There is a lot of present tense verbiage in this paragraph - is
>this stuff actually being done right now?
Yes, in experimental situations as far as I know. It is primarily a way
of discovering whether or not the line is being listened to. Ie,
cuttting the line is still an attacker option. Listening in undetected
is not.
------------------------------
From: "Markku J. Saarelainen" <[EMAIL PROTECTED]>
Crossposted-To:
alt.politics.org.cia,alt.2600,alt.security,soc.culture.russian,comp.security.misc,alt.security.cointel,fido7.security,comp.security.pgp.discuss
Subject: Some of the best security intelligence books that I have read are : 1.
Date: Tue, 29 Feb 2000 17:50:00 GMT
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: OpenSSL and Netscape
Date: Tue, 29 Feb 2000 17:57:56 GMT
=====BEGIN PGP SIGNED MESSAGE=====
Hash: SHA1
> look, this message is signed by my self generated 2048 bit key !
ohh, netscape shows that sig is invalid,
but thats because i added .NOSPAM.NET to my email address
- --
Disastry http://i.am/disastry/
remove .NOSPAM.NET for email reply
=====BEGIN PGP SIGNATURE=====
Version: Netscape PGP half-Plugin 0.14 by Disastry / PGPsdk v1.7.1
Comment: get this Plugin at http://disastry.dhs.org/pgp.htm
iQA/AwUBOLvsaDBaTVEuJQxkEQI0QQCfWQpLUaD3ZWpYGjPo2N/rTAONR2kAnRGE
hgNCZydVX2aug3xMaVAJe+e6
=T560
=====END PGP SIGNATURE=====
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: NSA now has a FAQ
Date: Tue, 29 Feb 2000 17:45:15 GMT
In article <[EMAIL PROTECTED]>,
Nuno Jaime Cardoso <
[EMAIL PROTECTED]> wrote:
> You liked it??
>
> I Loved it. I am Portuguese so, NSA doesn't have that big efect on me but, I
> realy loved this question:
>
> "Lately, I've seen NSA/CSS a lot in movies and on TV. Do you
> assassinate people? Do you secretly perform experiments on us?
>
> Because we work with highly sensitive information, we are
> frequently the
> subject of speculation - and highly imaginative and creative
> fictitious
> pieces in the media. However, it is important to distinguish
> fiction from fact.
> The fact is that the Executive Order 12333 (EO 12333) strictly
> prohibits any
> intelligence agency from conducting these unethical
> activities, and we
> strictly abide by the Order. "
>
> I don't know mutch about US recent History but, that makes me want to say:
>
> "I am not a murderer, I am not a murderer" :)))))
>
The NSA actively gathered intelligence on
American citizens until the 1970s. On the
History Channel, Lt. Col. Dan Marvin told about
his days as an assassin for the Green Berets
and that he was requested to kill a U.S. Naval
Officer in 1965. Former Army seargent
Clifford Stone has also spoken about U.S.
Goverment- led assassination of American
citizens. Nowadays, for the sake of the
security of deep black projects, a hitman
would be contracted from the private WFO
(work for others contracting) sector. This is
done for reasons of cover-up, i.e. plausible
deniability. The NSA is NOT involved in any of
this.
> //Jaime Cardoso
>
> Volker Hetzer wrote:
>
> > "Douglas A. Gwyn" wrote:
> > >
> > > http://www.nsa.gov:8080/about_nsa/faqs_internet.html
> > I liked it. Especially the part about "declassifying" paper, films
> > and printed circuit boards. :-)
> >
> > Greetings!
> > Volker
> > --
> > Hi! I'm a signature virus! Copy me into your signature file to help me spread!
>
>
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED] (Chris DiTrani)
Subject: IDEA question.
Date: Tue, 29 Feb 2000 17:09:43 GMT
I wrote a little utility to en/decrypt files using IDEA, building the
encryption key from a user provided pass phrase. In order to confirm
that a file is being decrypted with the correct pass phrase, I encrypt
a block containing known (but not secret) data and append it to the
file before encrypting the file (so this block is encrypted twice). I
can look at the block after decrypting the file to confirm (to some
certainty). My question is, am I appreciably weakening the encryption
with this approach? Is there a better way?
Thanks,
CD
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: NSA now has a FAQ
Date: Tue, 29 Feb 2000 17:59:09 GMT
In article <[EMAIL PROTECTED]>,
Nuno Jaime Cardoso <
[EMAIL PROTECTED]> wrote:
> You liked it??
>
> I Loved it. I am Portuguese so, NSA doesn't have that big efect on me but, I
> realy loved this question:
>
> "Lately, I've seen NSA/CSS a lot in movies and on TV. Do you
> assassinate people? Do you secretly perform experiments on us?
>
> Because we work with highly sensitive information, we are
> frequently the
> subject of speculation - and highly imaginative and creative
> fictitious
> pieces in the media. However, it is important to distinguish
> fiction from fact.
> The fact is that the Executive Order 12333 (EO 12333) strictly
> prohibits any
> intelligence agency from conducting these unethical
> activities, and we
> strictly abide by the Order. "
>
> I don't know mutch about US recent History but, that makes me want to say:
>
> "I am not a murderer, I am not a murderer" :)))))
>
The NSA actively gathered intelligence on
American citizens until the 1970s. On the
History Channel, Lt. Col. Dan Marvin told about
his days as an assassin for the Green Berets
and that he was requested to kill a U.S. Naval
Officer in 1965. Former Army seargent
Clifford Stone has also spoken about U.S.
Goverment- led assassination of American
citizens. Nowadays, for the sake of the
security of deep black projects, a hitman
would be contracted from the private WFO
(work for others contracting) sector. This is
done for reasons of cover-up, i.e. plausible
deniability, and major governmental entities
like the NSA are not knowingly involved in
this kind of activity.
> //Jaime Cardoso
>
> Volker Hetzer wrote:
>
> > "Douglas A. Gwyn" wrote:
> > >
> > > http://www.nsa.gov:8080/about_nsa/faqs_internet.html
> > I liked it. Especially the part about "declassifying" paper, films
> > and printed circuit boards. :-)
> >
> > Greetings!
> > Volker
> > --
> > Hi! I'm a signature virus! Copy me into your signature file to help me spread!
>
>
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Mike Rosing <[EMAIL PROTECTED]>
Subject: Re: "imparting cryptographic information to individual photons"???
Date: Tue, 29 Feb 2000 12:12:31 -0600
David Ross wrote:
>
> Anyone know anything about this? From an article on pages 120 & 122
> of the Feb. 21 2000 issue of 'Aviation Week & Space Technology'.
>
> (note - the 'NIS' referred to is the 'Nonproliferation and
> International Security' division at the Los Alamos National
> Laboratory. H. Terry Hawkins is mentioned as its Director.)
>
> One NIS project --- supported by the National Security Agency --- is
> focused on quantum encryption techniques, which eventually could
> become the ultimate information protection mechanism. "We're
> imparting cryptographic information to individual photons and passing
> them through fiber optic cables," Hawkins said. "We can pick up the
> photon at the other end of the cable and look at the encrypted
> information contained in it. Under the Heisenberg uncertainty
> principle, you cannot stop that photon along its path and read the
> information without altering the information. It's the only method we
> know that is absolutely secure."'
>
> There is a lot of present tense verbiage in this paragraph - is
> this stuff actually being done right now?
Yes, it was the first form of "quantum cryptography" published in the
late 1980's. There have been several experimental runs in free space,
so moving things up to fiber cables make the run length far larger
and photon loss far less.
Patience, persistence, truth,
Dr. mike
------------------------------
From: Jerry Coffin <[EMAIL PROTECTED]>
Subject: Re: On jamming interception networks
Date: Tue, 29 Feb 2000 11:18:44 -0700
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
says...
> > My point is that the vast majority of people are
> > *not* targets of surveillance, and in particular communication
> > strictly between US citizens is not targeted by US intelligence
> > agencies except under certain limited, controlled conditions
> > (such as when there is probable cause that the persons are
> > involved in espionage or terrorism).
>
> As far as I am aware, what you said IS virtually the 'official'
> position. If you believe that, I certainly can't argue to convince
> you of the opposite.
I think Doug is (mostly) right, though I think it's dictated far more
by practicality than the law. The simple fact is that there's just
WAY to much communication going on for it to be practical to monitor
it all. Even if Echelon has done a LOT to let a computer help pick
out the conversations and such that are interesting, you've STILL got
to pick your targets carefully, or you end up with a _huge_ amount of
garbage to try to pick the few nuggets of real information out of.
> As I said, the problem is not only (1) what the criteria are but
> also (2) how the criteria are applied in practice. (2) is no
> less important than (1).
There ARE likely to be differences between the two, but I'd bet that
to a large extent the differences tend toward the real criteria being
even more restrictive than the official ones. It all comes back to
bandwidth: the NSA is really a relatively small agency with
comapratively limited capabilities. They've _got_ to be as
intelligent as possible in choosing their targets to have any hope of
accomplishing anything.
Compare the probably size of the NSA's budget to that of a large but
much more mundane organization, and you quickly realize that the NSA
simply can't afford to spend much time, effort or money on wild goose
chases.
--
Later,
Jerry.
The universe is a figment of its own imagination.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Q: 'Linear encipherment'
Date: Tue, 29 Feb 2000 18:16:27 GMT
In article <[EMAIL PROTECTED]>,
Mok-Kong Shen <[EMAIL PROTECTED]>
wrote:
> Kahn (p.407) wrote in connection with the Hill cipher the following:
>
> But from a purely theoretical standpoint, the matrix
> encipherment is less secure than a linear encipherment
> of the same number of letters. This is because the linear
> encipherment employs a greater number of arbitrary key
> constants in its equations. Many of the matrix constants
> reduce to zero when the matrix equatins are written out
> in their linear equivalent.
>
What does Kahn say about affine encoding with
matrices? Consider the affine transformation
v --> Av + b mod p where A is an n x n
matrix, and b and v are n- vectors
representing character strings. Let the matrix
A be invertible by requiring that the
determinant of A be nonzero and share no
common factors with p. Then the Hill cipher is
the linear version of this encoding, i.e.
v--> Av.
> I guess I know what Kahn 'probably' meant, but that's only a very
> uncertain 'guess'. Hence questions:
>
> 1. What is a 'linear encipherment'? I didn't find that in the
> index of Kahn's book. Further, aren't matrix operations
> 'linear' operations?
>
> 2. When comparing the strength of algorithms, one has to use the
> same amount of key materials (the same entropy) in order to
> be fair. When Kahn claimed that one is less secure than the
> other, wasn't he basing his argument on different amounts of
> key materials? (One certainly could employ more key materials
> with the Hill cipher by applying the scheme twice, for
> example.) But that would mean that his argument is invalid.
> Could someone please elaborate his point with a mini-example?
>
> Thanks in advance.
>
> M. K. Shen
>
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: On jamming interception networks
Date: Tue, 29 Feb 2000 19:52:01 +0100
Douglas A. Gwyn worte:
>
> Mok-Kong Shen wrote:
> > So all the EU-papers on that topic are nothing but fairy tales.
>
> I know you were being sarcastic, but that is fairly accurate.
I find it an interesting fact that I learn in this thread some
opinions on machineries (whose very existence was previously denied)
that I expect would be able to hear from speakers of certain
governments. Like everywhere in life, finding truth is indeed
exceedingly difficult, particularly where politics is involved
(cf. the interesting political platform in Germany currently).
M. K. Shen
=======================
http://home.t-online.de/home/mok-kong.shen
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Q: 'Linear encipherment'
Date: Tue, 29 Feb 2000 19:51:48 +0100
Douglas A. Gwyn wrote:
>
> Mok-Kong Shen wrote:
> > 1. What is a 'linear encipherment'?
>
> Kahn should have said, "vector".
Unfortunately I am also ignorant of the concept 'vector' in
cryptology. Understandably, the term could not be found in the
index in Kahn's book. I also failed to find it in a few crypto
textbooks that I have, including F. L. Bauer's, which seems to
cover classical cryptology fairly well. Would you please (1) give
the definition of 'vector' alias 'linear encipherment', eventually
with a mini-example, (2) give a literature reference where the
term 'vector' is used? I know 'vector' only in the context of
linear algebra.
> > 2. ... When Kahn claimed that one is less secure than the
> > other, wasn't he basing his argument on different amounts of
> > key materials?
>
> No, re-read his entire discussion. He pointed out that there
> is a different amount of what we now call "diffusion" of the
> plaintext through the ciphertext.
Following your kind advice, I have re-read Kahn's text but
unfortunately once again faialed to find an answer to the question
I raised. Consider what he wrote:
This is because the linear encipherment employs a greater
number of arbitrary key constants in its equations.
Doesn't the phrase 'employs a greater number of arbitrary key
constants' mean 'uses a larger key'? If yes, then, as I said in
my original post, Kahn's point concerning comparative strength
is invalid. If no, would you please elaborate his sentences,
in particular the above one, eventually with a mini-example, to
clearly point out where my misunderstanding stems?
Many thanks in advance.
M. K. Shen
------------------------------
From: Jerry Coffin <[EMAIL PROTECTED]>
Subject: Re: brute force attack on a 128 bit SSL key?
Date: Tue, 29 Feb 2000 11:49:08 -0700
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] says...
> I have searched the Web for the answer for my question:
>
> How much time will a (local/distributed) computer system need to crack a
>
> 128-bit-SSL-encrypted data sequence?
>
> some boulevard computer press has announced in capitals that it would
> need a trillion of a trillion years... but nowhere it is explained how
> this result is generated...
>
> my idea is:
>
> t = op / (MOPS)
>
> op: total # of operations performed to generate a 128 bit key and use it
> for a crack attempt on a encrypted data sequence
>
> MOPS: Millions Of Ops Per Second
>
> but what is an approx. value of op and MOPS (e.g. a Pentium 700) ? I
> have no idea.
A Pentium III has about 8 functional units. For the moment, I'll
assume a truly best-case assumption, which is that each functional
unit can do one trial encryption each clock cycle. This is clearly
impossible, but we'll make the assumption anyway. For the sake of
argument, we'll also assume a 1 GHz CPU, that it never ends up
waiting for anything from main memory, etc. -- i.e. we do trial
encryptions at a rate of 8 billion/second.
In this case, we're looking at having done half the possible
encryptions in a 128-bit keyspace in approximately 4.3e28 seconds.
Doing a bit of division shows that's approximately 1.4e18 millenia.
Even if we use, say, 10 billion computers in parallel on the problem,
and assume there are no delays due to communication between them,
etc., we STILL don't get much of anywhere: we reduce the time to
around 140 million millenia.
In reality, we can generally execute instructions at a rate of about
2 per clock cycle, and it probably takes around 6 instructions to
carry out even quite a fast encryption, meaning around 3 clock cycles
per encryption. If we assume we can use 100,000 machines in
parallel, we get approximately 1e25 seconds or 3.2e14 millenia.
Obviously I'm still not trying to be particularly precise, but that
number probably bears at least some minimal relationship with
reality.
--
Later,
Jerry.
The universe is a figment of its own imagination.
------------------------------
From: [EMAIL PROTECTED] (JPeschel)
Subject: Re: Can someone break this cipher?
Date: 29 Feb 2000 18:50:29 GMT
John [EMAIL PROTECTED] writes, in part:
> If the text is truly
>random, brute force is the only way to go without any other
>knowledge.
If by random "text" you mean the plaintext was truly random,
brute-force will fail.
If you mean the ciphertext is truly random, I think you
have said the thing that cannot be.
Joe
__________________________________________
Joe Peschel
D.O.E. SysWorks
http://members.aol.com/jpeschel/index.htm
__________________________________________
------------------------------
Date: Tue, 29 Feb 2000 14:11:51 -0500
From: "Trevor Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: Status of alleged *THIRD* key in MS Crypto API ?
"Douglas A. Gwyn" wrote:
> Robert Harley wrote:
> > As far as I can tell, attempts to discredit such claims ran something
> > like: 'only loony conspiracy theorists would think that a variable
> > called NSAKEY is an N.S.A. key'.
> > Somehow, I doubt that many people were taken in by such obfuscation.
>
> Hopefully, few people are taken in by such "straw man" arguments.
>
> The actual function of the secondary key (variable name "NSAKEY")
> is evident upon examining the disassembly.
*ONE* of the functions of the secondary key is evident. There is mechanism
by which a reasonable inspector can conclude that this is the *ONLY*
function.
> Microsoft explained the origin of the secondary key and the
> origin of its name; whether or not you believe them, surely you
> can't think the NSA sticks its name on things it covertly touches.
The NSA need not be involved at all. I cannot conceive of them being so
clumsy, nor of them trusting Micrso~1 at all. But it is a matter of
historical fact that Microsoft routinely lies about both their actions and
their intentions. So Micros~1's explanation does not bound the possible
purposes of the extra keys.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
