Cryptography-Digest Digest #238, Volume #11 Thu, 2 Mar 00 14:13:02 EST
Contents:
Re: Far out crypto claims ([EMAIL PROTECTED])
Re: I was just wondering... (Jeffery Williams)
RE: Microcontroller Cipher (Gary)
Re: brute force attack on a 128 bit SSL key? (Michael Sierchio)
Re: ...but what about my cipher? (Glenn Larsson)
Re: very tiny algorithm - any better than XOR? (Carl Byington)
Re: https (Michael Sierchio)
Re: Passwords secure against dictionary attacks? (Dave Howe)
Re: Can someone break this cipher? (Mary - Jayne)
Re: Can someone break this cipher? (Andru Luvisi)
Re: Crypto.Com, Inc. ([EMAIL PROTECTED])
Re: Crypto.Com, Inc. (Mok-Kong Shen)
Re: Visual C++ Decompiling Service/Software Needed (Jerry Coffin)
Re: Microcontroller Cipher (Mike Rosing)
Re: Visual C++ Decompiling Service/Software Needed (Jerry Coffin)
Re: very tiny algorithm - any better than XOR? (Carl Byington)
Re: On jamming interception networks (JimD)
Re: brute force attack on a 128 bit SSL key? (Paul Koning)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Far out crypto claims
Date: Thu, 02 Mar 2000 17:16:20 GMT
In article <[EMAIL PROTECTED]>,
"Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote:
>
> I looked at that page and the rest of the Web site,
> which actually I had seen before. It is typical of
> the "true believer" lampooned by early X-Files
> episodes, including completely incorrect descriptions
> of "establishment" physics, and far too much taking
> of claims at face value without critical testing to
> see if they hold up when confronted with reality.
>
I agree with you that some of this website's
discussion of physics seems dubious and some
seems highly speculative. For instance,
outside of classified physics, there is no clear
physical evidence *yet* for the existence of
higher dimensions. Theoretically, physicists
don't even know if these dimensions would be
compact (ala the Calabi-Yau model) or infinite
albeit localized (ala the Randall-Sundrum
model).
> To get back to cryptology, and to provide an example,
> UFO fanatics have interpreted as evidence that the US
> government has been covering up knowledge of UFOs as
> actual alien spacecraft the two FOIA-released papers
> by Callimahos (see below), one concerning the technical
> possibility of communication with extraterrestrials
> who share no common cultural background with humans,
> the other a philosophical speculation on possible
> implications of the UFO phenomenon (not necessarily
> implying existence of extraterrestrial beings) on
> the survival of the human species. But the facts are
> that the first paper was the result of Callimahos
> being invited to advise on a Congressional panel
> investigating the subject (resulting in a report that
> I have on file, containing among other articles one
> that is very similar to the one from NSATJ released
> under FOIA), which Callimahos seems to have taken on
> originally as an interesting intellectual challenge,
> and the second paper (unpublished) was not pursued
> as part of his official duties, but apparently was
> the result of continuing to muse on UFO issues.
> There is also one more NSATJ article (by the first
> Editor of the NSATJ) that continues the train of
> development of Callimahos's first paper, but is
> still classified (for cryptologic security reasons,
> not as any sort of UFO cover-up). There are no
> other articles on this subject in NSATJ nor its
> successor publication. It was simply an amusing
> exercise, not at all indicative of government
> knowledge of actual alien spacecraft.
If I were a fanatic believer in ETs and their
UFOs then I might have to accuse you of being
affiliated with the Government and of trying
to lead us astray. I would also say it is
suspicious that you seem to know so much
about this topic and cryptography as well and
that you have the time and inclination for such
a lengthy and detailed reply.
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Jeffery Williams <[EMAIL PROTECTED]>
Subject: Re: I was just wondering...
Date: Thu, 02 Mar 2000 11:50:08 -0600
Weeeellll,
one potential problem is that it ought to be fairly easy for someone to spot the
plaintext email being sent to BB. Conspiracies that are easily spotted tend to
cause the conspirators considerable trouble.
Can PGP run under Linux? If so, BB is OOL. Linux being open source and all.
Granted, Linux is only a small portion of the world so far. But if such a
conspiracy were proven, smilin ole Bill Gates wouldn't be smilin for long.
Jeff
Julian Lewis wrote:
> I was just curious, if I was big brother and it was my job to snoop on
> internet traffic
> then the character sequence PGP would set off an alarm bell. The next step
> would be
> send them a spam email with a virus in it. Of course Bill Gates would have
> provided me
> with a back door I could use (I am his big brother). From then on every
> encrypted email
> would send a plain text copy to me .... am I being simply paranoid, the
> big conspiracy
> syndrome, or is this the best method of attack....
>
> that's what I was wondering about... it seems so obvious a thing to do,
> child's play,
> Microsoft security is a joke, in fact it doesn't exist at all.... I thought
> someone here
> would know about it. Surely this must be going on, if a total beginner like
> me can
> think of it, I dread to think what you guys could think up !! The ahem
> outlook bug
> set me thinking.
>
> "Tom McCune" <[EMAIL PROTECTED]> wrote in message
> news:_Esv4.18102$[EMAIL PROTECTED]...
> > In article <89l4n6$4f4$[EMAIL PROTECTED]>, "Julian Lewis"
> <[EMAIL PROTECTED]> wrote:
> > > Once upon a time, there was a guy who read a book by Simon Singe
> > >called the code book, and as a result he got interested in encryption.
> > >Naturally he installed PGP on his computer, and got some of his friends
> > >to do likewise, so that he could have fun exchanging encrypted emails,
> > >well boys will be boys, you know how it is. One day he sent an encrypted
> > >email to a friend, and guess what, although it was encrypted in his out
> > >box, it arrived in plain text at his friends in box. Ohhh replied his
> friend
> > >"careful, you forgot to encrypt that one !!". "No I didn't", the man
> > >replied,
> > >I guess it must just be a bug in outlook !!!
> >
> > I recall that there was a PGP plugin with one of the PGP versions that
> when
> > used with a particular version of Outlook, sent the message both encrypted
> and
> > in plaintext (they were not versions that were suppose to be used
> together).
> > I don't use Outlook, so don't remember the particulars as to version
> numbers.
> >
> > Tom McCune
> > My PGP Page & FAQ: http://Tom.McCune.net/PGP.htm
> > or http://home.twcny.rr.com/tmccune1/PGP.htm
------------------------------
From: Gary <[EMAIL PROTECTED]>
Subject: RE: Microcontroller Cipher
Date: Thu, 2 Mar 2000 12:50:09 -0500
Thanks, I'll check them out.
Purely from an academic point of view is it possible to use a key's bits
ONLY
to conditionally (using the choice of 2 exclusively non linearly compatible
mixing operations) mix two halves 'securely'?
No S-Boxes, No accumulating sums to mix in, just the original data.
>===== Original Message From [EMAIL PROTECTED] (David A.
Wagner) =====
>This is insecure: everything in sight is linear, so it can be broken
>with standard linear algebra (e.g., Gaussian elimination) with something
>like 128 known texts. (Better attacks probably exist, too.)
>
>Don't use this. Have you looked at, e.g., Skipjack or GOST? They
>appear quite convenient for 8-bit microcontrollers.
------------------------------
From: Michael Sierchio <[EMAIL PROTECTED]>
Subject: Re: brute force attack on a 128 bit SSL key?
Date: Thu, 02 Mar 2000 10:05:48 -0800
Randy Given wrote:
> Some people in the press and on the net have missquoted something
> from the Aug 1977 Scientific American article and claimed that
> scientists thought it would take 40 quadrillion years to break
> RSA-129.
Apples and oranges. Cracking an RSA or DH keypair (retrieving the
private key) is presumably a hard problem, but because the mathematical
problem is well-know there's always a chance that someone will win
the next Field Medal by devising a novel way of solving the search
for prime factors or calculation discrete logarithms. Then we'll
choose longer moduli, use three primes in RSA, etc.
Symmetric ciphers, properly implemented, are generally assumed to
derive their strength from the size of the keyspace and their
resistance to linear and differential cryptanalysis, for example.
Properly designed, the number of rounds will make these forms
of cryptanalysis as difficult as a brute force search for the key.
The example you cite is a straw man, since no one uses 129-bit keys,
and RSA recommends 768-bit keys as the minimum.
------------------------------
From: Glenn Larsson <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: ...but what about my cipher?
Date: Thu, 02 Mar 2000 19:08:49 +0100
Seems like it only rely on a password and a fixed
key = as weak as the password is.
Hint: Dictionary attack.
/Ichinin
_________________________________________________
Spammers will be reported to their government and
Internet Service Provider along with possible legal
reprocussions of violating the Swedish "Personal
Information Act" of 1998. (PUL 1998:204)
This is punishable by a fine or 6 month to 2 years
imprisonment (Paragraph 49)
------------------------------
From: [EMAIL PROTECTED] (Carl Byington)
Subject: Re: very tiny algorithm - any better than XOR?
Date: 2 Mar 2000 18:11:35 GMT
=====BEGIN PGP SIGNED MESSAGE=====
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
says...
>Yes, CSS was cracked, but since you actually contemplated XOR, it seem
>like you primarly want whatever security you can get from 50 bytes of
>code, right?
Well, the XOR was simply an example of something that I knew could be
implemented in 50 bytes but is trivially insecure. You are correct, we
want whatever security this processor is capable of in 50 bytes. Speed
is also a consideration but secondary at this point.
>Terje
>
>PS. I've taken a look at the instruction set for your Atmel cpu:
>
>There is no rotate register opcode, so your rotate_left() must be
>synthesized. I am not sure what the best way to do this would be, but it
>seems like it would take several instructions, and/or a temporary
>register:
>
> MOV temp,reg
> ADD temp,temp
> ROL reg ; reg = reg*2, new bottom bit from carry
Actually, that ROL rotates 9 bits (register+carry) one bit to the left.
CLC
ROL reg
ADC reg,keybyte ;reg = rotate(reg)+key
>It should be possible to code up an LFSR fairly simply:
>
>You have 32 8-bit registers, so it is feasible to use 3 or 4 of them to
>store the current state of the shift register:
>
>; Update one bit:
> add s0,s0 ; Do a 32-bit wide shift left
> adc s1,s1
> adc s2,s2
> adc s3,s3
>
>; Remember the top bit
> sbc t0,t0 ; t0 = -1 if carry
>
>; Go through the LFSR tap points (assume 4 taps)
> sbrc T0_REG,TAP0 ; Skip the next instruction if bit is clear
> inc t0 ; Conditionally invert the bit accumulator
> sbrc T1_REG,TAP1 ; Skip the next instruction if bit is clear
> inc t0 ; Conditionally invert the bit accumulator
> sbrc T3_REG,TAP2 ; Skip the next instruction if bit is clear
> inc t0 ; Conditionally invert the bit accumulator
> sbrc T3_REG,TAP3 ; Skip the next instruction if bit is clear
> inc t0 ; Conditionally invert the bit accumulator
>
>; Update the bottom bit of the shift register
> andi t0,1 ; We only want a single bit
> add s0,t0 ; Increment if (t0 == -1)
>
>This is 15 instructions for the inner loop, probably about 20 (?) bytes
>of code.
Almost surely 30 bytes, since I have yet to see any single byte
instructions out of this thing.
We need to be able to decrypt several small data blocks (keys), as well
as a large buffer. The stream ciphers would work nicely for the buffer,
but I feel they would be insecure for decrypting the small blocks. Am
I wrong here? We only have room for one decrypt routine.
- --
PGP key available from the key servers.
Key fingerprint 95 F4 D3 94 66 BA 92 4E 06 1E 95 F8 74 A8 2F A0
=====BEGIN PGP SIGNATURE=====
Version: 4.5
iQCVAgUBOL6ux9ZjPoeWO7BhAQGW6gQAmJZH7frHKWXnrHeAK5cMysIa+qbB5PST
4qlSpGfOOZlo8O4Yrbw0IALBacccEigRWrlGRzsfFP4zHiVy/nIQlVIfSU6vuFIi
yGKLGXruqtqRjsyaYV7HgshEKlnD6zn0FCJrmvoEW3DOfnf1pHDZ40cBmSPZatWF
1mucHnR+BJU=
=Kn6F
=====END PGP SIGNATURE=====
------------------------------
From: Michael Sierchio <[EMAIL PROTECTED]>
Subject: Re: https
Date: Thu, 02 Mar 2000 10:15:00 -0800
Paul Rubin wrote:
> I've never heard of anyone issuing free certificates that are recognized
> by most browsers. The usual supplier of low-cost certificates is Thawte
> (www.thawte.com), which is now part of Verisign but will continue to
> issue certificates for 125 USD til the end of this year. Some certificate
> vendors offer "free trial certificates", but those are only recognized
> by browsers that you specially set up to accept them. That's really
> no better than issuing your own certificates.
Presumably all it takes to get your CA cert embedded in a Netscape
release is some assurance that you're operating the CA properly and
paying Netscape $150,000 (last quoted price). Maybe the EFF would
like to fund a non-profit CA?
One of the problems is that a sizeable portion of fees will
need to go towards insurance against what one litigation expert
has called (somewhat gleefully) "huge pools of liability" in PKI.
A small CA might also need to contract with an online verification
service provider, such as Valicert -- managing revocation is hard,
issuing certs is easy.
So, I can imagine a CA in which individual S/MIME certs cost $5,
and server certs cost $100. My current employment bars me from
engaging in this business, but expect to see me when I cash out ;-)
------------------------------
From: Dave Howe <DHowe@hawkswing>
Crossposted-To: comp.security.misc,alt.security.pgp
Subject: Re: Passwords secure against dictionary attacks?
Date: Thu, 02 Mar 2000 18:17:33 +0000
Reply-To: DHowe@get_email_from_sig
In our last episode (<alt.security.pgp>[Wed, 01 Mar 2000 01:31:20
GMT]), jungle <[EMAIL PROTECTED]> said :
>for me it is 4 random characters ...
hmm. it's a safety thing - I am willing to assume a given english word
has 16 bits worth of entropy; obviously, this depends heavily on the
size of the vocabulary used, if the passphrase obeys gramatical rules
and so forth; It's a safety thing. The non-space, non-character spacer
is also actually only worth about four bits or so - but I am giving it
full value to compensate for deliberately taking a conservative value
for the words themselves.
>your assumption creates 10 to power of 30 key space = impossible to crack today
>& you are saying "non-trivial"
>very funny ...
I did say it was *definitely* non-trivial, but of course it's not
10^30 but a 29 * 8 bit keyspace - 2^232 or ~10^69.8.
However, with PGP the keyphrase is hashed to 128bits, so all but 2^128
(~10^38.5) is lost; This doesn't invalidate the passphrase's security,
but means 10 words is unneeded - 6 is sufficient. If hashes increase
to 256 bit as they may in a later release, it will be less than the
hash again.
>my assumption [ 4 random characters ] provide key space of 10 to power of 48
>I will leave you for evaluation ...
2^392 or ~10^118 - even further over the 128bit limit - you now only
need four words to exceed the hash size. Even doubling the hash, this
is still overkill :+)
------------------------------
From: [EMAIL PROTECTED] (Mary - Jayne)
Subject: Re: Can someone break this cipher?
Date: Thu, 02 Mar 2000 18:22:48 GMT
On Thu, 2 Mar 2000 00:40:38 GMT, Tim Tyler <[EMAIL PROTECTED]> wrote:
>Mary - Jayne <[EMAIL PROTECTED]> wrote:
>: [EMAIL PROTECTED] (Mary - Jayne) wrote:
>
>:>http://www.xarabungha.btinternet.co.uk/xicrypt/xichallenge.htm
>
>: OK guys. I have succumbed to persuasion and posted some details of the
>: encryption method on the web page (of which the address above is now
>: correct).
>
>All I can see along these lines is:
>
>``The original plaintext was encrypted using traditional cryptological
> methods. These include polyalphabetic encryption, randomised
> cipher alphabets, and transformation; the whole process requiring two
> keys to complete (or reverse).''
>
>Not terribly specific.
>
>It *says* ``with method clues added 01-03-2000'' - but of them there's no
>sign - did they really get uploaded?
As you reproduced them in the previous paragraph, I would suggest you have
answered your own question. Now just how specific did you want me to be?
Shall I send you the plaintext and a copy of the program source code?
Perhaps you would like the keys as well?
Almost forgot! Can I get you a coffee or something?
:-)
Regards,
MJ
http://www.xarabungha.btinternet.co.uk/
http://website.lineone.net/~auntie_min/
------------------------------
From: Andru Luvisi <[EMAIL PROTECTED]>
Subject: Re: Can someone break this cipher?
Date: 02 Mar 2000 10:12:01 -0800
John <[EMAIL PROTECTED]> writes:
[snip]
> The next few questions are:
>
> Which vendors (assuming they are well known.) devulge their
> source? Does Microsoft do so? Did Borland ever release its
> source code for it RNG? I recall Borland was once selling the
> source-code for BP 5.0.
There's one of the most widely distributed encryption applications,
Netscape. They published their encryption source code for review
after their PRNG was attacked. Then there's PGP, one of the most
widely used email encryption applications. ssh, one of the most
widely used encrypted login applications. The Roxen SSL web server,
which is even GPLd. These are all commercial, for profit products.
Examples of non-encryption commercial products that come with source
code abound. GNAT, an ada compiler; kaffe, a JVM; gnu-win32, a unix
compatibility library for win32; ghostscript, a postscript engine;
rpm, the RedHat Package Manager; linuxconf, a system administration
framework from RedHat; CVS, a popular version control system, and on
and on...
> The biggest, and probably most importance to the person who made
> the code would be: "OK, I'll by all that, BUT...How do I
> balance the interest of the encryption community with mine? How
> do I protect my intellectual property if I am divulging it?"
In the long term, as more people are willing to buy the products that
come with source code, and aren't willing to buy the products that
come without source code, this won't be an issue. It will be more
profitable to release source code. In the short term, you guard your
source code the same way you guard your binaries: with licenses and
lawyers.
Andru
--
==========================================================================
| Andru Luvisi | http://libweb.sonoma.edu/ |
| Programmer/Analyst | Library Resources Online |
| Ruben Salazar Library |-----------------------------------------|
| Sonoma State University | http://www.belleprovence.com/ |
| [EMAIL PROTECTED] | Textile imports from Provence, France |
==========================================================================
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Crypto.Com, Inc.
Date: Thu, 02 Mar 2000 18:19:45 GMT
In article <[EMAIL PROTECTED]>,
Mok-Kong Shen <[EMAIL PROTECTED]>
wrote:
> wtshaw wrote:
> >
>
> > > press release states:
> > >
> > > "... The technology provides for absolute security on open circuits
> > > between two users without the use of a key. The new cryptography
> > > concept creates absolutely unbreakable ciphers allowing software to be
> > > absolutely secure for the Internet, networks, and telephone lines. ..."
> > >
> > This seems a bit of a strong statement. The only theory that might be
> > applied there would be of quantum mechanics design, which has not proven
> > practical for current needs.
>
> Another possibility: Telepathy! Believe it or not, it was only
> a few days ago that pre-cognition of animals and such stuffs
> were earnestly discussed in a French radio broadcast.
>
This is a statement worthy of Markku J.
Saarelainen! ! There is no reason why
telepathy should be secure enough let alone
accurate enough for reliable communications.
The experiments done by the Pentagon, etc.
show, for example, that the fidelity of remote
viewing is unpredictable. But, speaking of
animals, if I were a bad guy I might use the
old method of having trained birds carry
encrypted messages because listening
networks like Echelon are used to monitor IT-
based communications. Even if the authorities
suspected a bird they would have to send an
operative into the field to intercept it. Also, I
like birdies.
>
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Crypto.Com, Inc.
Date: Thu, 02 Mar 2000 19:39:55 +0100
Douglas A. Gwyn wrote:
>
> Mok-Kong Shen wrote:
> > Another possibility: Telepathy! Believe it or not, it was only
> > a few days ago that pre-cognition of animals and such stuffs
> > were earnestly discussed in a French radio broadcast.
>
> They were discussed today in Moe's Bar. So what?
You probably meant that there are plenty of rather 'low class'
stations which broadcast all kinds of stuffs. The one I was
referring to is however not a minor one, it's Europe I.
M. K. Shen
------------------------------
From: Jerry Coffin <[EMAIL PROTECTED]>
Subject: Re: Visual C++ Decompiling Service/Software Needed
Date: Thu, 2 Mar 2000 11:45:54 -0700
In article <89khb4$tri$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] says...
> Decompiling copyrighted software is a crime (as long as you don't do it only
> to correct errors or need to make changes for compatibility reasons).
I don't know of anywhere this this is true. Decompiling,
disassembling, etc., are themselves legal almost everywhere. The
part that may be illegal is making use of the results. If, for
example, you disassemble or decompile some code to see if it
infringes upon something you've patented, or to produce something
that's compatible with it, I believe you're probably on the right
side of the law.
If, OTOH, you decompile some code and put it into your own program,
your program then becomes a "derived work" of the other program --
unless the other happens to be public-domain software, you're then
infringing their copyright.
In still another possibility (and it sounds like what the OP was
talking about) you could use reverse-engineering to discover the
algorithms being used in the other programs. While some might
consider this less than ethical, I don't know of any law it breaks.
Even so, it might be illegal to actually use the algorithms, even
though you discovered them legally: if the original author has
patented the algorithm(s) in question, you need their permission to
use it/them.
--
Later,
Jerry.
The universe is a figment of its own imagination.
------------------------------
From: Mike Rosing <[EMAIL PROTECTED]>
Subject: Re: Microcontroller Cipher
Date: Thu, 02 Mar 2000 12:51:03 -0600
Gary wrote:
>
> Thanks, I'll check them out.
> Purely from an academic point of view is it possible to use a key's bits
> ONLY
> to conditionally (using the choice of 2 exclusively non linearly compatible
> mixing operations) mix two halves 'securely'?
> No S-Boxes, No accumulating sums to mix in, just the original data.
Sure, it's called a Feistal cipher. You use the key to generate sub
keys
which are fed to each round, and each half of the raw data is either
passed
thru the F() function or switched around it. Generating subkeys from
the
main key is an art in itself, but for a microcontroller something like
what DES does should work fine.
Check out IDEA too, that's similar to what you're talking about as well.
Patience, persistence, truth,
Dr. mike
------------------------------
From: Jerry Coffin <[EMAIL PROTECTED]>
Subject: Re: Visual C++ Decompiling Service/Software Needed
Date: Thu, 2 Mar 2000 11:49:45 -0700
In article <89leif$f6j$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] says...
> In a previous article, <[EMAIL PROTECTED]> writes:
> >Interesting. Where is "decompiling" software a crime? Europe?
>
> Correct, at least in a couple of European contries.
I rather doubt it, and even if there are, I _really_ doubt they ARE
enforced, or really even CAN be enforced, at least without causing
the country in question some serious problems -- there's an EU
directive that absolutely requires all member countries to allow
reverse engineering for certain purposes.
--
Later,
Jerry.
The universe is a figment of its own imagination.
------------------------------
From: [EMAIL PROTECTED] (Carl Byington)
Subject: Re: very tiny algorithm - any better than XOR?
Date: 2 Mar 2000 18:46:35 GMT
=====BEGIN PGP SIGNED MESSAGE=====
After 8 rounds, we should be getting some diffusion from the 8th byte
of the data block into the 1st byte of the data block, given that we
have 7 overlapping 16 bit sub-blocks. I presume that using fewer than
four rounds would seriously weaken this scheme.
Assuming that perfomance constraints require the use of only a few
rounds, are there any magic round numbers where the strength/weakness
of this dramatically changes as a function of the number of rounds?
=====BEGIN PGP SIGNATURE=====
Version: 4.5
iQCVAgUBOL63A9ZjPoeWO7BhAQGFTAQAlu1FD+sAV2hAX757qPOMVAka10IG+6qu
EejdO1Z0jJ2tfjlVS1oDFCeTDc6Q4yLOnWNordsBk+A1MhoWAIJjePZsgpMVZTOw
hLqqGGzi640cJHQBm5bMUWPAo0c9n6Ag4E35OK7GfTmQWfEYVJQ5G0q4fuok3sqY
CQHhj5l6+h4=
=ONrV
=====END PGP SIGNATURE=====
------------------------------
From: [EMAIL PROTECTED] (JimD)
Subject: Re: On jamming interception networks
Reply-To: JimD
Date: Thu, 02 Mar 2000 18:55:51 GMT
On Thu, 02 Mar 2000 05:33:48 GMT, "Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote:
>[EMAIL PROTECTED] wrote:
>> "... NSA's signals analysts are ..."
>
>I thought we were speaking about intelligence analysts,
>not signals analysts.
Signals Analysts = traffic analysis,
Intelligence Analysts = analysis of traffic-analysis(?)/end-
product reporting.
--
Jim Dunnett.
dynastic at cwcom.net
------------------------------
From: Paul Koning <[EMAIL PROTECTED]>
Subject: Re: brute force attack on a 128 bit SSL key?
Date: Thu, 02 Mar 2000 14:04:35 -0500
"Douglas A. Gwyn" wrote:
>
> Harvey Rook wrote:
> > Instead of calculating brute force difficulty using time,
> > try use energy consumed.
>
> No, please don't. That's a spurious approach.
Would you care to explain that? In particular, do you
mean that the bounds obtained by this approach give
a false sense of security?
Re in the earlier note
> For example, wasn't it 30 years ago that
> some "expert" said it would take 40 quadrillion
> years (40,000,000,000,000,000 years) to break
> DES. Hmmm. Was he right? I don't think so.
No, of course not. But I don't think too many people
who know what they are talking about took that "expert"
seriously. Instead, we believed Diffie & Hellman.
paul
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
