Cryptography-Digest Digest #227, Volume #11 Wed, 1 Mar 00 06:13:01 EST
Contents:
Re: Can someone break this cipher? (Nemo psj)
Re: "imparting cryptographic information to individual photons"??? ("ink")
Solitiare Algorithm/Math Question? (Chad Lawson)
Pen and Paper Systems (Chad Lawson)
Re: Passwords secure against dictionary attacks? (jungle)
Re: Can someone break this cipher? ([EMAIL PROTECTED])
Re: math error? NOT AT ALL ... (jungle)
Re: Best language for encryption?? (Paul Schlyter)
Re: Best language for encryption?? ("ink")
Re: Can someone break this cipher? ([EMAIL PROTECTED])
Re: Solitiare Algorithm/Math Question? ([EMAIL PROTECTED])
Re: On jamming interception networks (Mok-Kong Shen)
Re: Q: 'Linear encipherment' (Mok-Kong Shen)
Re: Pen and Paper Systems (Mok-Kong Shen)
Re: On jamming interception networks (Mok-Kong Shen)
Re: Q: 'Linear encipherment' ("Douglas A. Gwyn")
Re: On jamming interception networks ("Douglas A. Gwyn")
RE: Ciphering = deciphering; is this a weakness? ("Manuel Pancorbo")
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Nemo psj)
Subject: Re: Can someone break this cipher?
Date: 01 Mar 2000 07:05:11 GMT
Yes your message can look completely random and as such be random and still be
decrypted it all depends on how you created the randomness and then simply
reverse the process. Its rather easy to do actually but im not going to get
into it.
-Pure
------------------------------
From: "ink" <[EMAIL PROTECTED]>
Subject: Re: "imparting cryptographic information to individual photons"???
Date: Wed, 1 Mar 2000 08:48:06 +0100
David Ross wrote...
...
>Anyone know anything about this? From an article on pages 120 & 122
>of the Feb. 21 2000 issue of 'Aviation Week & Space Technology'.
>
[CUT]
>
> There is a lot of present tense verbiage in this paragraph - is
>this stuff actually being done right now?
>
>Dave Ross
British Telecom successfully tested experimental setups using
"quantum cryptography" in the late eighties.
Rgds
Kurt
------------------------------
From: Chad Lawson <[EMAIL PROTECTED]>
Subject: Solitiare Algorithm/Math Question?
Date: 1 Mar 2000 07:58:19 GMT
I've been thinking about the Solitaire system for a while now as I
am a playing card addict and crypto fan.
What I am wondering is this:
Is it possible to determine a method of ordering a deck such that
using the Solitaire system on it produces the message itself?
It occurs to me that with 54! possible orders of the deck that like
the 'monkeys on keyboards' theory that one could order the deck so that
the deck itself was the encoded message, and by using the method one
would generate the message itself.
Granted, this would not be a safe means to send messages as anyone knowing
how the system works could read the message if they got their hands on
the deck. But on a mathematic level the question intrigues me.
Does anyone have any thoughts on how to approach this problem? How could
one determine the order a deck would need to be in to generate a short
message (i.e. "HELLO WORLD" or "DO NOT USE PC")?
Any thoughts on this would be appreciated,
Chad Lawson
--
"He deals the cards as a mediation...the sacred geometry of chance,
the hidden law of a probable outcome, the numbers lead a dance."
--Sting, "Shape of My Heart"
------------------------------
From: Chad Lawson <[EMAIL PROTECTED]>
Subject: Pen and Paper Systems
Date: 1 Mar 2000 08:02:26 GMT
On Bruce Schneier's web page where he discusses Solitaire in detail
(http://www.counterpane.com/solitaire.html), he mentions the book
"Kahn on Codes" as a source of other 'pen and paper' systems.
I have been unable, thus far, in finding this book. Does anyone
know where I can find it, or suggest another source of research on
secure pen and paper systems?
Thanks in advance,
Chad Lawson
--
"He deals the cards as a mediation...the sacred geometry of chance,
the hidden law of a probable outcome, the numbers lead a dance."
--Sting, "Shape of My Heart"
------------------------------
From: jungle <[EMAIL PROTECTED]>
Crossposted-To: comp.security.misc,alt.security.pgp
Subject: Re: Passwords secure against dictionary attacks?
Date: Wed, 01 Mar 2000 09:12:35 GMT
Johnny Bravo wrote:
>
> On Wed, 01 Mar 2000 01:31:20 GMT, jungle <[EMAIL PROTECTED]> wrote:
> >my assumption [ 4 random characters ] provide key space of 10 to power of 48
> >I will leave you for evaluation ...
>
> 4 random characters has a keyspace of 32 bits(4.3x10e9).
his proposition has been 10 words ...
10 words, each = 4 random characters is giving keys space of 10 to power 48
we are not talking of pass 4 char long !!!!
but pass build from 10 words ...
read the message that I responded to ...
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Can someone break this cipher?
Date: 1 Mar 2000 09:11:32 GMT
In a previous article, "Trevor Jackson, III" <[EMAIL PROTECTED]> writes:
>> If the message were truly random, it
>> could not be decrypted.
>
>True, but what's the point of a noise message? Misdirecting traffic
analysis?
He replied on a message I wrote. I described a method of using a 600MB large
random key stored on a CD-R. Possibly a practical solution for many systems.
(I am not kidding.)
----- Posted via NewsOne.Net: Free Usenet News via the Web -----
----- http://newsone.net/ -- Discussions on every subject. -----
NewsOne.Net prohibits users from posting spam. If this or other posts
made through NewsOne.Net violate posting guidelines, email [EMAIL PROTECTED]
------------------------------
From: jungle <[EMAIL PROTECTED]>
Crossposted-To: comp.security.misc,alt.security.pgp
Subject: Re: math error? NOT AT ALL ...
Date: Wed, 01 Mar 2000 09:17:40 GMT
I will do again, this time specially for you ...
he is building pass from 10 words, each word is = 2 random char ...
my assumption is, that each word is = 4 random char, not 2 ...
therefore the key space is 4 [ char ] x 10 [ words ] = 40 char long ...
for the 40 char long pass, key space for brut force is
nPr = n!/(n-r)! ; when n = 40 & r=40 [ 26 lower case + 14 other characters to
simplify calculation !!! ]
nPr = 40! = 8.2 x 10 ^ 47 >>>> 8.2 x ( 10 to power 47 ) >>>>> 10 to power 48
the ball is in your court ...
============================================================================
Dave Howe wrote:
>
> In our last episode (<alt.security.pgp>[Fri, 25 Feb 2000 07:17:11
> GMT]), [EMAIL PROTECTED] said :
> >JimD wrote:
> >> >Don't use *any* word in *any* language!
> >>
> >> How about ten English words with different punctuation symbols
> >> as word separators?
> >
> >do you mean that 'English' is not '*any* language' ? :-)
> Hmm. if I had to come up with a rule of thumb here, I would count any
> english word (or $LANGUAGE word for that matter)
> as being two random characters;
for me it is 4 random characters ...
> so ten english words with non-space separators would be
> equivilent to a 29-character truely random password - which is
> definitely non-trivial to crack.
my assumption [ 4 random characters ] provide key space of 10 to power of 48
I will leave you for evaluation ...
===========================================================================
Walter Roberson wrote:
>
> Path: canopus.cc.umanitoba.ca!roberson
> From: [EMAIL PROTECTED] (Walter Roberson)
> Newsgroups: comp.security.misc,alt.security.pgp,sci.crypt
> Subject: Re: Passwords secure against dictionary attacks?
> Date: 1 Mar 2000 04:38:29 GMT
> Organization: National Research Council Canada
> Lines: 27
> Message-ID: <89i6s5$8v9$[EMAIL PROTECTED]>
> References: <891bds$8pp$[EMAIL PROTECTED]> <[EMAIL PROTECTED]>
><[EMAIL PROTECTED]> <[EMAIL PROTECTED]>
> NNTP-Posting-Host: zeno.ibd.nrc.ca
> X-Trace: canopus.cc.umanitoba.ca 951885509 9193 192.70.172.132 (1 Mar 2000 04:38:29
>GMT)
> X-Complaints-To: [EMAIL PROTECTED]
> NNTP-Posting-Date: 1 Mar 2000 04:38:29 GMT
> Xref: canopus.cc.umanitoba.ca comp.security.misc:62762 alt.security.pgp:124632
>sci.crypt:130556
>
> In article <[EMAIL PROTECTED]>, jungle <[EMAIL PROTECTED]> wrote:
> :my assumption [ 4 random characters ] provide key space of 10 to power of 48
> :I will leave you for evaluation ...
>
> For a key space of 10^48 over four characters, each character would have to
> be chosen from amongst 10^(48/4) = 10^12 = different values.
> You would have to be using an alphabet of a billion different symbols
> to give the keyspace you claim with only four characters.
>
> If you are selecting from the binary alphabet of 255 different symbols
> (0 being reserved for end-of-string) [we'll ignore the difficulties
> in convincing your keyboard to enter characters with their high bit set
> for the moment], then four characters would give a keyspace of 255^4
> possibilities, which is about 4.2 * 10^9. TOTAL. Which is not at all
> difficult to iterate over on a modern computer.
>
> If you are selecting from the ASCII X.3 printable alphabet, you
> have 95 different symbols -- decimal 32 (space) to decimal 126 (tilde),
> with decimal 127 (delete) not being printable (and probably being
> interpreted as indicating you want to correct what you just typed in anyhow.)
> Four random characters from that have at most 95^4 possibilities,
> which is only 81450625 -- which is only 81 1/2 million. That's easy
> for a modern computer.
>
> I think you must have made a large math error somewhere along the line...
------------------------------
From: [EMAIL PROTECTED] (Paul Schlyter)
Subject: Re: Best language for encryption??
Date: 1 Mar 2000 08:39:40 +0100
In article <1SYu4.12$[EMAIL PROTECTED]>,
Adam Durana <[EMAIL PROTECTED]> wrote:
> BASIC is great for learning structured programming,
:-) ... no, it's indeed not! But it's great for learning
spagetti programming....
--
================================================================
Paul Schlyter, Swedish Amateur Astronomer's Society (SAAF)
Grev Turegatan 40, S-114 38 Stockholm, SWEDEN
e-mail: pausch at saaf dot se or paul.schlyter at ausys dot se
WWW: http://hotel04.ausys.se/pausch http://welcome.to/pausch
------------------------------
From: "ink" <[EMAIL PROTECTED]>
Subject: Re: Best language for encryption??
Date: Wed, 1 Mar 2000 10:36:57 +0100
Paul Schlyter schrieb in Nachricht <89ihfs$3m7$[EMAIL PROTECTED]>...
>In article <1SYu4.12$[EMAIL PROTECTED]>,
>Adam Durana <[EMAIL PROTECTED]> wrote:
>
>> BASIC is great for learning structured programming,
>
>:-) ... no, it's indeed not! But it's great for learning
>spagetti programming....
With all due respect, Adam, I have to second Paul's
opinion. I've been through most of the common languages,
and if there's one that is *not* suitable for learning
structured programming, it's BASIC - any kind of BASIC.
If you want to *learn* structured programming, try
Pascal, Modula, Objective C or something like that.
Regards
Kurt
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Can someone break this cipher?
Date: 1 Mar 2000 09:31:16 GMT
In a previous article, "Trevor Jackson, III" <[EMAIL PROTECTED]> writes:
>I'm not getting your message because you are using an undefined term. Do you
mean
>random in the sense of independent? Do you mean random in the sense of
>unpredictable? Do you mean random in the sense of a uniform distribution?
AFAICT
>the proposed ciphertext shares these properties with the key.
There are techniques that will give you a both unpredictable and uniformly
distributed random sequence, both internally when counting the frequency of
the 256 byte values inside any portion of the key compared to the probability
measure of that distribution (at least up to some degree), and as a
probability measure of exactly that entire key being generated. E.g. by
logging measurements of the radiation from radioactive isotopes, possibly
with some statistical corrections (which might do as long as each key only
have to be 600MB).
>Note that from any ciphertext I can extract any message I choose of the same
>size. So there is no particular specialness between such a ciphertext and
and the
>message that was originally enciphered.
That is not relevant: If you know which encryption technique has been used the
set of messages you can extract from a given ciphertext will often be
radically diminished. But not if you use the random-data-CD-technique.
----- Posted via NewsOne.Net: Free Usenet News via the Web -----
----- http://newsone.net/ -- Discussions on every subject. -----
NewsOne.Net prohibits users from posting spam. If this or other posts
made through NewsOne.Net violate posting guidelines, email [EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Solitiare Algorithm/Math Question?
Date: 1 Mar 2000 09:58:42 GMT
In a previous article, Chad Lawson <[EMAIL PROTECTED]> writes:
>It occurs to me that with 54! possible orders of the deck that like
>the 'monkeys on keyboards' theory that one could order the deck so that
>the deck itself was the encoded message, and by using the method one
>would generate the message itself.
If you are using a deck with 54 different cards, there are 54! = 7.11e+74 ways
of ordering them. You need at least |log2(54!)| = 249 bits to store any
number in the range 0..54!-1. Consequently, you could not use this technique
to unequivocally generate any message which could not be unequivally
represented by only 249 bits. That is, this technique could only be used to
transmit relatively short or very compressed messages.
How to encrypt? That's not too hard: Convert your message to base54. Use a
formula on the result that will give you a number to subtract from the base54
message, as to account for the base54 numbers lower than your message that
includes repetitions of any of the 54 digits. You might e.g. use a bayer-tree
to do this, i.e. some sort of spell check algorithm with ordinal numbers
stored in the leaves. Then convert the message back to base2 (or whatever).
----- Posted via NewsOne.Net: Free Usenet News via the Web -----
----- http://newsone.net/ -- Discussions on every subject. -----
NewsOne.Net prohibits users from posting spam. If this or other posts
made through NewsOne.Net violate posting guidelines, email [EMAIL PROTECTED]
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: On jamming interception networks
Date: Wed, 01 Mar 2000 11:28:30 +0100
Jerry Coffin schrieb:
>
> In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
> says...
>
> [ ... ]
>
> > Certainly, where good targets can be located, it would be a folly
> > to ignore these and instead either look at everything or randomly
> > pick a certain percentage of the whole traffic. Such targets are
> > certainly followed with priority. But besides these definitely
> > interesting targets it is evidently a reasonable strategy to also
> > look at some of the rest materials as long as the resources permit.
> > (Why let machines be idle sometimes and not run to their full
> > capacity?)
>
> Given economic realities, the question is NOT whether you let
> machines sit idle, or use them to look at randomly selected garbage.
> It's whether you can manage to hit the 10% of the most important
> targets, or only 5 or even 1%.
I am entirely sure I would be fully satisfied for my whole life
if I could once get 0.001% of one hundred billions of dollars
(I am satisfied even with the same amount of Euro and would be
ready to let you share 10% of that, if you like!)
> > I am not considering any particular national agency. If anything,
> > I am considering machineries on the scale of the legendary Echelon,
> > which is an multi-national project.
>
> This makes only a little difference: multiplying the budget size by
> 10 or even 100 or 1000 STILL leaves it in the situation of only being
> able to do useful monitoring of quite a small percentage of the most
> important communications.
Compare the above.
M. K. Shen
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Q: 'Linear encipherment'
Date: Wed, 01 Mar 2000 11:28:20 +0100
Douglas A. Gwyn wrote:
>
> > > > 1. What is a 'linear encipherment'?
> > > Kahn should have said, "vector".
> > Unfortunately I am also ignorant of the concept 'vector' in
> > cryptology.
>
> We were talking about linear algebra!
>
> > Would you please (1) give the definition of 'vector' alias
> > 'linear encipherment', ...
>
> No, Kahn already has the example. He is contrasting the case
> he first describes, where *every* PT character (within the span
> of the enciphering equations) is a component of each CT character,
> with the case he later described, where the PT characters are
> arranged in (sub)blocks within a matrix and the enciphering
> equations apply to the blocks of the matrix. If you are familiar
> with linear algebra, you should be familiar with the idea of
> partitioning matrices into blocks.
>
> > This is because the linear encipherment employs a greater
> > number of arbitrary key constants in its equations.
> > Doesn't the phrase 'employs a greater number of arbitrary key
> > constants' mean 'uses a larger key'?
>
> No, he is referring in effect to the *density* of non-zero key
> constants entering into the transformation.
>
> In one sense, Kahn is making too much of the distinction between
> the vector and matrix methods. They are really quite similar.
I find it difficult to argue without examples. I mentioned at the
very beginning that I had a (very uncertain) 'guess'. Now I am
presenting that in order to be better able to carry on our discussions.
An example of Hill cipher is the following:
| C1 C2 | | K1 K2 | | P1 P2 |
| | = | | * | |
| C3 C4 | | K3 K4 | | P3 P4 |
which expands to
C1 = K1*P1 + K2*P3
C2 = K1*P2 + K2*P4
............
Now a more general scheme is the following:
C1 = L11*P1 + L12*P2 + L13*P3 + L14*P4
C2 = L21*P1 + L22*P2 + L23*P3 + L24*P4
..........................
The second scheme should be stronger than the first since it uses
16 key constants (L11, L12, .....) instead of 4 key constants
(K1, K2, K3, K4).
My 'guess' is that the second scheme is what he called 'linear
encipherment'. Reasons: (1) it is a 'linear' transformation, (2)
there are more 'key constants'. (Compare his sentences with respect
to the quoted words.)
But then, as I said, his argument about comparative strength
is invalid. One can't compare two algorithms of different
key lengths. It doesn't make sense to do that. Now one could argue
that in Hill's scheme it is not 'possible' to bring in more key
constants. But this can not be true. As I indicated in my original
post, one can apply, for example, Hill's scheme twice, thus utilising
twice as much key materials.
Would you please elaborate your points to clearly show my errors in
the arguments above? Many thanks in advance.
M. K. Shen
===========================
http://home.t-online.de/home/mok-kong.shen
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Pen and Paper Systems
Date: Wed, 01 Mar 2000 11:28:13 +0100
Chad Lawson schrieb:
>
> On Bruce Schneier's web page where he discusses Solitaire in detail
> (http://www.counterpane.com/solitaire.html), he mentions the book
> "Kahn on Codes" as a source of other 'pen and paper' systems.
>
> I have been unable, thus far, in finding this book. Does anyone
> know where I can find it, or suggest another source of research on
> secure pen and paper systems?
Look at the literature references of Schneier's book.
M. K. Shen
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: On jamming interception networks
Date: Wed, 01 Mar 2000 11:29:30 +0100
Douglas A. Gwyn wrote:
>
> Mok-Kong Shen wrote:
> > But besides these definitely
> > interesting targets it is evidently a reasonable strategy to also
> > look at some of the rest materials as long as the resources permit.
> > (Why let machines be idle sometimes and not run to their full
> > capacity?)
>
> First of all, it is *not* "reasonable" to violate the law
> that was drawn up to specifically address that kind of activity.
> Second, you seem to think that NSA et al. have surplus capacity.
Ah, I understand that you mean that, since a goverment 'by definition'
abides with laws, anything any government institution does 'must'
be impeccable, right? Why are there plenty of cases in which
government officials are sentenced, because of corruption, espionage
for foreign countries, etc. etc.? Could you, for example, exclude
the possibility that some mafias infiltrate into such institutions?
Yes, in an utopic world everybody abides to laws and everything
is top fine. But then law would loose its very raisons d'etre!!
>
> > Operators are humans. What if a few of these are corrupt and use
> > the machinaries to carry out economical espionages in return for
> > money to earn a better living, although such activities are
> > not on the list of their 'official' duties?
>
> It's pretty hard to do that on the scale suggested without
> getting caught by the overseers, and the penalties are severe.
If you ever know that in some countries there are sometimes
mafias (general term for certain class of bad guys, not necessarily
of particular geographical origin) sitting right in the local police
stations (I happen to know one concrete case that caused big
troubles to a friend of my friend), I suppose you would change your
mind a little bit. Often, the more the 'overseers' are mighty, the
higher is the chance that there are problems, because the overseers
themselves are tempted to do the very things they are supposed to
catch. Yes, overseers have higher-level overseers. But this
'recursion' mechanism, which works very fine and elegantly in
solving problems in computer science, doesn't work well outside
that particular field of science at all. I suppose you are familiar
with a relatively recent affair in Europe that involves, among others,
one of the (previously) mightiest politicians of the world (and
honorary citizen of some country, if I don't err).
Happy dreaming in a lawful New World! (Where is Antonin Dvorak
of the 21st century?)
M. K. Shen
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Q: 'Linear encipherment'
Date: Wed, 01 Mar 2000 10:50:52 GMT
Mok-Kong Shen wrote:
> C1 = K1*P1 + K2*P3
> ............
Yes, that's the "matrix" version.
> C1 = L11*P1 + L12*P2 + L13*P3 + L14*P4
> ..........................
Yes, that's the vector version, which Kahn called "linear".
> The second scheme should be stronger than the first since it uses
> 16 key constants (L11, L12, .....) instead of 4 key constants
> (K1, K2, K3, K4).
No, it is stronger because it uses 4 key constants per CT value
instead of 2 key constants per CT value; in other words, it mixes
together 4 PT values into one CT value, rather than just 2 PT
values.
Key length has no direct bearing on this.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: On jamming interception networks
Date: Wed, 01 Mar 2000 10:53:25 GMT
Mok-Kong Shen wrote:
> Ah, I understand that you mean that ...
No, you don't show signs of understanding my meaning at all.
------------------------------
From: "Manuel Pancorbo" <[EMAIL PROTECTED]>
Subject: RE: Ciphering = deciphering; is this a weakness?
Date: Wed, 1 Mar 2000 11:22:00 +0100
Firstly, thanks to everybody for the answers, many of them very =
interesting.
>=20
> You would e.g. need at least a 1684-bit key to exploit every possible
> substitution cipher on 8-bit blocks, and at least a 1556-bit key to =
exploit
> every reciprocal substitution cipher on the same block size.
>=20
> Note: 1684 is the smallest integer larger than log2(256!), and 1556 is =
the
> smallest integer larger than log2(256!*(2**-128)).
My last thoughts are in this direction; in fact I calculated the =
cardinal of the set of all posible substitutions and I reached the same =
conclusion: (2**N)! where N is the bit block number; I thank you for the =
expression of the reciprocal substitution set.
I think there is a small weakness under a known plaintext attack; if the =
attacker needs (2**M) plaintexts to break the cipher, the involution =
property makes twice easy the work: (2**M)/2 =3D (2**(M-1)); if M is, =
let's say, 50, then the new exponent drives to 49: not so much help!
I love too much elegance; so if this is the only weakness I will design =
the cipher with involution property.
--=20
+ Manuel Pancorbo
+ [EMAIL PROTECTED]
+ "...
+ M=E1s vale aprender una sola l=EDnea de Ciencia
+ que postrarse cien veces en oraci=F3n. (Cor=E1n)
+
+ Pli valoras lerni ech nur unu linion de Scienco
+ ol preghe genui cent fojojn. (Korano)
+ ..."
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
