Cryptography-Digest Digest #279, Volume #11 Wed, 8 Mar 00 15:13:01 EST
Contents:
Re: Cellular automata based public key cryptography ([EMAIL PROTECTED])
Re: why xor?(look out,newbie question! :) (Mike Rosing)
Re: Universal Language (Darren New)
Mark Twain's advice for Markku J. Saarelainen ([EMAIL PROTECTED])
Re: Your Recommended Choice On Std Crypto Parts (Mike Rosing)
Re: Passphrase Quality ? (DennisN)
Re: Passphrase Quality ? ("Stephen P.")
Re: Cheating in co-operative open-source games, how can we protect from it? (Mike
Rosing)
Re: are self-shredding files possible? (Paul Koning)
Re: sci.crypt Cipher Contest (SCOTT19U.ZIP_GUY)
"Systemic Security Issues Related to Anonymous Electronic Money " --- ("Markku J.
Saarelainen")
An archiver with secure encryption ("Steve A. Wagner Jr.")
Re: Where do I get it? ("Markus Eiber")
Re: Cellular automata based public key cryptography (Tim Tyler)
Re: Newbie Brute Force Question ("Steve A. Wagner Jr.")
Re: Best language for encryption?? ("Steve A. Wagner Jr.")
Re: Cellular automata based public key cryptography (Tim Tyler)
Re: Encryption (only) in a extremely small program? (~1.4KB) ("Steve A. Wagner Jr.")
Differential Cryptanaylsis, Fiestel and PRNG ("��")
Re: DES Permutation (Paul Koning)
Re: Cellular automata based public key cryptography (Tim Tyler)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Cellular automata based public key cryptography
Date: Wed, 08 Mar 2000 17:47:52 GMT
In article <[EMAIL PROTECTED]>,
Mok-Kong Shen <[EMAIL PROTECTED]>
wrote:
> [EMAIL PROTECTED] wrote:
> >
>
> > If "ordinary" CA are given an appropriate
> > initial configuration then they can simulate a
> > universal Turing Machine (TM) and thus
> > perform general computation. The key feature
>
> Doesn't this mean that an ordinary CA is as powerful as a
> universal TM? Could you give references? Thanks.
>
> M. K. Shen
>
Yes, CA and TM are equivalent. A specific type
of CA, a "universal" CA, was used for the
formal proof of this equivalence which is
described here- http://alife.santafe.edu/
alife/topics -Click to the CA FAQ and then
scroll down to the "properties" section and
see the first part of this section.
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Mike Rosing <[EMAIL PROTECTED]>
Subject: Re: why xor?(look out,newbie question! :)
Date: Wed, 08 Mar 2000 12:12:14 -0600
Mok-Kong Shen wrote:
> At least in three types of machine I have worked previously at
> the assembly level, including the IBM/360, I don't remember to have
> seen the instruction manuals mentioning the bit you called attention
> to. I am not familiar with Intel's instructions. Are you sure there
> is such a bit? Does it have a particular name in the manuals?
> Thanks.
The PowerPC has a "swizzle" bit (what a nice name, thanks Vernon!)
and I'm sure there are others. Anything built more than 4 years ago
probably doesn't (that's ~3 generations of hardware).
The main reason for doing it is to make a processor amenable to any OS.
Mac and WinXX being the major home and small business machines, it makes
sense for the chip manufacturer to expand their market to cross into
both sides if they can.
Patience, persistence, truth,
Dr. mike
------------------------------
From: Darren New <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: Universal Language
Date: Wed, 08 Mar 2000 18:13:46 GMT
Lassi Hippel=E4inen wrote:
> > I agree with you. However, I think that it is possible to design,
> > first of all, a grammar that is simple, i.e. rational and without
> > exception rules, redundancies etc. etc. That could save much time
> > of the learner.
> =
> But isn't Esperanto just like that?
No. Any language where "carpet" has a gender is not rational.
> the world. In English you can produce a verb out of everything
Yes. You can verb any word. ;-) That's because verbs and nouns in English=
are independent of their meaning. A verb is something you can conjugate,
regardless of what it means, for example.
> out of anything (including actions). And Chinese seems to be a
> written-only language with several mutually incompatible phonetic
> systems.
That's simplistic. There are several languages in china (mandarin and
cantonese being the big ones), all spelled the same way. That doesn't mak=
e
chinese "written only", unless you're talking about "written chinese", at=
which point you've just stated a tautology. Since written chinese is
ideographic, there's no relationship between the pictures and the spoken
word. Instead, the relationship is between the written word and the real
world. E.g., the word for "rooster" is the same as the word for "bird"
except with a bigger tail. Makes it easier to learn written chinese than
spoken chinese for some of us.
> > Of course, phonetics is also
> > important; a spoken word should not sound almost the same as
> > another, thus creating ambiguity.
> =
> Add to that the requirement that pronunciation should have a one-to-one=
> mapping to spelling. Like Esperanto.
It'll never happen. English already has standardized spelling, and it can=
be
difficult to understand someone from as little as 1000 miles away. =
-- =
Darren New / Senior MTS / Invisible Worlds Inc.
San Diego, CA, USA (PST). Cryptokeys on demand.
There is no safety in disarming only the fearful.
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: alt.politics.org.cia
Subject: Mark Twain's advice for Markku J. Saarelainen
Date: Wed, 08 Mar 2000 18:12:49 GMT
"Better to remain silent and though a fool,
than to speak up and remove all doubt"
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Mike Rosing <[EMAIL PROTECTED]>
Subject: Re: Your Recommended Choice On Std Crypto Parts
Date: Wed, 08 Mar 2000 12:27:07 -0600
[EMAIL PROTECTED] wrote:
> If I want speed and good security for encrypting
> a data stream, and I only want one choice of
> crypt algorithim for each part, with no patent $
> issues, what should i choose, more importantly
> what would You use.
Check out http://www.terracom.net/~eresrch
That's *my* choice, based on doing a lot of reading.
> I do not want to support N different algorithims,
> or key length choices, etc..
> The data is not ultra-sensitive, ie., not e-
> commerce, or long-term secrets.
sounds like a match to me so far.
[....]
> Desperatly want to avoid feature creap / allow
> for easier analsys.
Yeah, that's why I picked stuff that's already been
fairly well analyzed to death.
> Is there an existing minimilistic style protocol
> that meets the above requirements, otherwise My
> initial preferences are listed, but seeking
> consensus, alternatives.
>
> - Public Key? : D & H
Lots more choices than that, but it'll do.
> - Symetric? : TwoFish 128 bit key
Can't go wrong with that.
> - Key setup times is important % as may be
> small sessions.
> - Must be FPGA friendly
Bang, hit the nail on the head with this one :-)
> - Cryptographic Hash? : SHA-1???
> - Is SHA1 $ free in all situations?
Yup.
> - Is there an acceptible hybrid (aware of SSH
> crc-32 fiasco)
> - Given data is not high sensitive, is a weaker
> faster crypt hash acceptible.
Your call. What's the threat model? How good are
your "enemies"?
> - Is writting 'n' of the first bits of the key
> in the encrypted stream an acceptable soloution
> to reduce data expansion, or is this an
> instrinsically bad practice [ as optionally
> available in ssh ].
"Bad Practice" (TM)
> - PRNG : Yarrow-160 for wintel : and on unix?
> - Any Ports in the pipe line ?? ;-)
I got a hardware RNG for ya :-)
> - Your Gut Feelings and Any other
> recommendations.
Sounds like you're already on the right track. Each of
the compenents is straight forward. Putting the whole
thing together and still staying somewhat secure is harder.
You really ought to have a good threat model. Who's
going to try to break in and what do they gain? Can you
raise the price of attack to just over the gain, or can
you make it 10 times? In the latter case, only a nut
case will break the security, but what do you lose when
they do?
If you have an idea of what the threat model is, your already
basic common sense will work quite well :-)
Patience, persistence, truth,
Dr. mike
------------------------------
Subject: Re: Passphrase Quality ?
From: DennisN <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp,comp.security.pgp.discuss
Date: Wed, 08 Mar 2000 10:27:48 -0800
In article <8a0i99$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (Guy Macon) wrote:
>Write a sentence that you will remember. Something never
published. ...
Are you saying this is a nifty way of deriving a passphrase so
you won't have to write it down and let someone steal it, or
that you won't "spit it out" if someone tries to sweat it out of
you.
If it's the latter, then it's of little use. I can sweat out
the method of derivation almost as easily as the passphrase. If
it's in your brain, it can be got out.
A handy passphrase derivation method can be very useful. I used
to use a simple method to "remember" safe combinations. I would
use a simple mathematical function, and calculate the
combination each time. Something like e^1.5. Throw away the
decimal point and the first two digits.
As long as no one knows that I'm even calculating the
combination, let alone the method, I can even write the formula
down - suitable garbled.
The same would work for passphrase derivation, if the method was
clever enough. A key to the security is to not let it be known
that there IS a method. Unfortunately, the cleverness of
cryptanalysts is legendary, and clever to you might be obvious
to someone else. Fortunately, the security of very short
messages is greater, because there is simply less data to work
with.
But if someone held my feet to the fire, I could be made to spit
out the method.
-Dennis
* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
The fastest and easiest way to search and participate in Usenet - Free!
------------------------------
From: "Stephen P." <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp,comp.security.pgp.discuss
Subject: Re: Passphrase Quality ?
Date: Wed, 08 Mar 2000 18:42:17 GMT
x-no-archive: yes
hey. that's a great idea too! you guys are really thinkin.
steve
"Michael A. Greenly" wrote:
>
> Combine this table with a remembered password and you indeed have very
> strong protection. Since the table can be destroyed you can not be forced
> into revealing the key, and since the password is remembered the table is
> useless without it.
>
> --
> [EMAIL PROTECTED]
> http://www.pinenet.com/~mgreenly
------------------------------
From: Mike Rosing <[EMAIL PROTECTED]>
Subject: Re: Cheating in co-operative open-source games, how can we protect from it?
Date: Wed, 08 Mar 2000 12:48:08 -0600
I don't think there's any way to stop a determined hacker. However, how
about a game that assumes you can hack? People are going to "cheat" so
they can win, so why not make it not cheating? The server can constrain
the data flow and it's meaning, but each user can run an entirely
different
program.
Rather than defend a weak position, attack from a different direction
:-)
Patience, persistence, truth,
Dr. mike
------------------------------
From: Paul Koning <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp,comp.security.pgp.discuss
Subject: Re: are self-shredding files possible?
Date: Wed, 08 Mar 2000 13:59:23 -0500
Michael Sierchio wrote:
>
> Paul Koning wrote:
>
> > That's not how I read what they say on the website. What you
> > describe makes no sense at all. If you only think about
> > two parties and neither is malicious, all you need is
> > plaintext email.
>
> It's clear that you just don't get it -- what DI is protecting
> against is: unwanted disclosure of sensitive emails that
> are internal to a company (cf. US vs. Microsoft). So, even
> deleted files that might normally be retrieved from backups
> or forensic analysis are safe from disclosure.
I get it perfectly well. But perhaps I explained it poorly.
I wasn't talking about the backups at the customer site,
I'm talking about backups at Disappearing. Clearly, to have
reliable service, they have to backup keys etc. needed to
recover mail during the intended lifetime of that mail.
Since there are potentially millions of messages with thousands
of overlapping lifetimes, it is not possible to physically
destroy all backed up keying data for any given email message
shortly after it expires. So when a subpoena comes in for
a message that was unexpired at the time one of the backups
that is on file was made, that key will exist.
If the key exists, answering "we're sorry but we don't have
that key" is not legal, and will get you in big trouble if
found out. Answering "we have that key but don't want to
give it to you" won't work.
The exposure can be limited by not keeping any backups that
are older than a few days, of course.
There's a second problem: governments often come knocking
(warrant in hand) to set up a wiretap. In that case,
having your mail handled by one of these supposed protective
services actually puts you at far *greater* risk, because
the target almost certainly won't even find out about it
and won't have a chance to fight it. If you keep your
email in-house, the warrant will have to come to your own
company and your own counsel can try to have it quashed.
paul
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: sci.crypt Cipher Contest
Date: Wed, 08 Mar 2000 20:04:35 GMT
In article <[EMAIL PROTECTED]>, Mike Rosing
<[EMAIL PROTECTED]> wrote:
>Bob Silverman wrote:
>> I intend no offense to you or anyone else. BUT:
>
>Glad you said that part...
>
>> Ever heard the phrase "a little knowledge is dangerous"?
>> In my opinion, there is no such thing as an "amateur cryptographer",
>> any more than there is such a thing as an "amateur brain surgeon".
>> "amateur" is a synonym for "I have not studied this subject sufficiently
>> to be competent".
>
>That's absurd. An amateur is someone who's not spending their life
>studying the subject. I'm definitly an amateur cryptographer, to
>claim otherwise would be a blatent lie. That doesn't make me
In the field of crypto amateurs who do cyrpto for the love of knowledge
can have a far better understanding of crypto then the phony crypto
professionals who have to bed with the likes of the NSA to keep sucking
money.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website NOT FOR WIMPS
http://members.xoom.com/ecil/index.htm
Scott rejected paper for the ACM
http://members.xoom.com/ecil/dspaper.htm
Scott famous Compression Page WIMPS allowed
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
"The road to tyranny, we must never forget, begins with the destruction of the
truth."
------------------------------
From: "Markku J. Saarelainen" <[EMAIL PROTECTED]>
Crossposted-To: alt.politics.org.cia,soc.culture.nordic
Subject: "Systemic Security Issues Related to Anonymous Electronic Money " ---
Date: Wed, 08 Mar 2000 19:37:15 GMT
"Systemic Security Issues Related to Anonymous Electronic Money " ---
actually voting related too.. your time and intelligence is as valuable
as your money .. I read this in 1996 .. fine but not great ..
National Security Agency Report Raises
Systemic Security Issues Related to Anonymous Electronic Money
A recent report prepared by the Cryptology Division of the National
Security Agency's Office of Information Security Research and Technology
discusses the
potential for security failures in certain electronic cash systems and
their likely consequences. While demonstrating concern over the
attributes of non-traceable
electronic money, the report points out methods that may be used to
minimize security breaches and losses, including limiting the number of
coins that can be affected by a single compromise, requiring
traceability for large transactions or large numbers of transactions in
a given period, and the creation of a mechanism to restore
http://www.ffhsj.com/bancmail/21starch/961017.htm
------------------------------
From: "Steve A. Wagner Jr." <[EMAIL PROTECTED]>
Subject: An archiver with secure encryption
Date: Wed, 08 Mar 2000 15:55:09 -0800
*** The United States government may restrict download of this software.
***
Fully enabled Shareware -- http://mndrppr.home.mindspring.com/
I hope you find it useful, and send me some comments either way.
Algorithms: Triple-DES, TwoFish (256bit), BlowFish (448bit)
Compression: Store, Zip4, Zip6, Zip9, and an added proprietary method
for large redundancies.
Platform: Windows32 console.
Source code: Depending on the interest I receive, the source may or may
not be available in the future.
------------------------------
From: "Markus Eiber" <[EMAIL PROTECTED]>
Subject: Re: Where do I get it?
Date: Wed, 8 Mar 2000 20:42:12 +0100
Hi John,
at http://www.epm.ornl.gov/~dunigan/security.html you'l find a lot of links
to various crypto api's. Although I had only a short look on it, it seems to
cover all the modern algos, including ecc.
I think this might help you.
Bye
"John" <[EMAIL PROTECTED]> schrieb im Newsbeitrag
news:[EMAIL PROTECTED]...
> How do I go about getting source and/or algorithms for RSA and
> the other well-known encryption methods? How much will it cost
> me? Are these available on the Net?
>
>
> * Sent from RemarQ http://www.remarq.com The Internet's Discussion Network
*
> The fastest and easiest way to search and participate in Usenet - Free!
>
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: Cellular automata based public key cryptography
Reply-To: [EMAIL PROTECTED]
Date: Wed, 8 Mar 2000 19:40:26 GMT
[EMAIL PROTECTED] wrote:
: [EMAIL PROTECTED] wrote:
:> [EMAIL PROTECTED] wrote:
:> : [A side question- Earlier, was the Garden of Eden problem (deriving the
:> : starting pattern from an n-th iteration) the main obstacle to
:> : implementing CA based cryptosystems [...] ?
:>
:> Reversibility in CA has been fairly well studied by now. The
:> Garden-of-Eden "problem" is simply not a problem any more.
: By "earlier" I meant historically, i.e. initially.
: In this thread, Trevor Jackson mentioned the
: weaknesses of Wolfram's cryptographic
: approach and I conjectured to myself that the
: Garden of Eden problem might have been the
: greatest such weakness.
The rule-30 automaton Wolfram used was not reversible when it was
implemented as a finite automata - and thus there were "Garden of Eden"
configurations present in it.
Wolfram used one bit from the generator as a PRNG-based stream cypher.
There are a few weak keys - but the system is dominated by a single
large-period cycle.
I would try to avoid the use of an irreversible system in this context -
but irreversibility doesn't *necessarily* translate into weakness.
: A side note- I mentioned David Cary's belief
: that architectures built from arrays of
: identical cells would be close to the optimum
: architecture for nanocomputers. Though, at
: the quantum scale, it seems to me that a
: combination of CA and gate array architecture
: might be more optimal.
To my mind, gate arrays and spatially non-uniform CA are very similar
systems.
This seems especially so if the gate arrays are "cellular-style" - as
opposed to the "island-style" - architectures of some FPGA and CPLD
vendors.
: Earlier, I examined CA for their artificial life
: potential but did not consider their role in
: cryptography until recently.
FWIW, http://alife.co.uk/hal/ (Java applet) is my implementation of a
self-reproducing cellular automaton, capable of universal computation,
with artificial selection.
--
__________
|im |yler The Mandala Centre http://www.mandala.co.uk/ [EMAIL PROTECTED]
Smoking cures weight problems eventually.
------------------------------
From: "Steve A. Wagner Jr." <[EMAIL PROTECTED]>
Subject: Re: Newbie Brute Force Question
Date: Wed, 08 Mar 2000 16:10:07 -0800
2 (base-2 0's and 1's) to the (^) 128 bits (size of IDEA KEY) = 3.4e+38
possible keys-- trillions of years given the power of all the computers
that exist.
http://www.counterpane.com/
Schneier has books that will answer all your questions, and have charts
showing how long it takes to brute-force the various key-lengths.
PGP 6.5.2 supports 2048bit (possible 4096bit) RSA keys.
http://www.pgpi.org/
"Anthony L. Celeste" wrote:
> I'm curious as to how long these brute force attacks take. Suppose you
> have a well selected, long passphrase, encrypted with 3DES or
> Blowfish. Approximately how long does a brute force attack take ? Is
> it minutes, weeks, months ?
>
> Also, I've seen some references here to RSA 2048 bit encyption, what
> products are available that use this ?
>
> Thnx, Tony
------------------------------
From: "Steve A. Wagner Jr." <[EMAIL PROTECTED]>
Subject: Re: Best language for encryption??
Date: Wed, 08 Mar 2000 16:17:08 -0800
The RSAREF library that PGP uses is available in C and possibly other languages.
Various encryption extensions exist for Pascal, C, C++, Java, Visual Basic and
other languages, though, you will find that much of the published code is
written for C.
As for Unix, atleast one flavour of BSD uses BlowFish as its standard.
http://www.cryptography.org/ has C reference code for many algorithms. Also,
Weidai's C++ Crypto library includes just about any algorithm you would wish to
use; symmetric and public key.
Vinchenzo wrote:
> I would like to know what would be the best programming language to write an
> encryption/decryption utility, I expect to use RSA or some public key
> algorithms.
>
> My second question is: what encryption algo does the Unix encryption
> standard uses?
>
> Thanks
>
> Vinchenzo
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: Cellular automata based public key cryptography
Reply-To: [EMAIL PROTECTED]
Date: Wed, 8 Mar 2000 19:53:09 GMT
Mok-Kong Shen <[EMAIL PROTECTED]> wrote:
: [EMAIL PROTECTED] wrote:
: From the big difference in power, it seems that the universal
: cellular automata is quite different from the ordinary cellular
: automata, right? Could you please give a few salient features of
: the universal one, just for having some rough ideas? Thanks.
Universal automata are - in general - difficult to recognise.
For a number of automata, there are constructive proofs of universality.
For John Conway's "Game of Life", for example, there's an extended proof
of the capability to perform universal computation by Conway himself, as
part of "Winning Ways (for your mathematical plays)", by Berlekamp,
Conway, Guy. There's a synopsis of this proof in "The Revursive
Universe", by William Poundstone.
Generally speaking if you can show signal propagation in all directions,
signal crossover, and a minimal set of logic gates (e.g. Fredkin's gate),
then that's usually sufficient.
See:
http://kelp.ke.sys.hiroshima-u.ac.jp/projects/rca/urpca/rectangular/
http://kelp.ke.sys.hiroshima-u.ac.jp/projects/rca/urpca/triangular/
...for the sort of work often required to prove universality.
--
__________
|im |yler The Mandala Centre http://www.mandala.co.uk/ [EMAIL PROTECTED]
Ignorance can be cured. Stupidity is forever.
------------------------------
From: "Steve A. Wagner Jr." <[EMAIL PROTECTED]>
Subject: Re: Encryption (only) in a extremely small program? (~1.4KB)
Date: Wed, 08 Mar 2000 16:18:42 -0800
Probably in assembly.
dywalsh wrote:
> Is it possible to do public key ENcryption in a program of
> approx. one and a half kilobytes?
>
> [Backround:
> I am investigating the idea of doing application level
> encryption for WAP. There is a lower-level protocol for
> encryption, WTLS, but apart from the weakness of that (see other
> messages in this group), there a other issues in that you either
> have to provide you own WAP gateway ($$$,hassle) or deal with
> all the network providers (who may not have WTLS).]
>
> This system would encrypt only. There is no need for decryption
> (i.e. only need to encrypt sensitive user-entered info such as
> passwords or credit details), and the keys would be generated on
> the server. So all that is required is that this program encrypt
> certain data using a public key provided by the server. The
> language used would be WMLScript, a language derived from
> javascript.
>
> I am no expert on cryptography. What algorithms could be provide
> this in such a small program, and how would the strength of
> these algorithms compare with whatever is used in SSL?
>
> For instance I have looked at the code of an implementation of
> Blowfish, but for starters it defines a set of arrays with
> values for Pi,Ss0 to S3, which alone is a massive amount of data
> in this context.
>
> Thank you for any help/pointers you can provide.
>
> * Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
> The fastest and easiest way to search and participate in Usenet - Free!
------------------------------
From: "��" <[EMAIL PROTECTED]>
Subject: Differential Cryptanaylsis, Fiestel and PRNG
Date: Wed, 8 Mar 2000 20:05:25 -0000
This is a semi-newbie set of questions.....
What is differential Cryptanylsis?
When looking at the official documentation for TEA - i saw i refrence to a
Fiestel Network. What is this, is it secure and more importantly have i
spelt it right. :)
What is the PRNG implemented Mircosoft's Visual Studio range. Has any
cryptanyalsis been on done it?
(background: Working on a custom cipher to be reasonably secure to all
methods of attack which is easily implementable in VB)
Any answers to any of these questions would be welcome.
Thanxs,
Pabalo
[EMAIL PROTECTED]
------------------------------
From: Paul Koning <[EMAIL PROTECTED]>
Subject: Re: DES Permutation
Date: Wed, 08 Mar 2000 14:06:13 -0500
Doug Stell wrote:
> ...
> Think of the IP as an 8_X_8 matrix. Bits are loaded in horizontally,
> row by row, with the rows in order. Bits are read out vertically,
> column by column, with the columns NOT in order. (The columns do have
> an order, which is 5, 1, 6, 2, 7, 3, 8, 4.)
>
> The fastest implementations use a lookup table for the IP and IP-1.
Not necessarily; it depends on your memory speeds. Eric Young's
DES implementation uses a small number of bit fiddling operations
in a *very* clever way to implement IP/FP without table lookups.
Take a look at it, but be prepared to spend quite a bunch of
hours figuring out why it works...
paul
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: Cellular automata based public key cryptography
Reply-To: [EMAIL PROTECTED]
Date: Wed, 8 Mar 2000 19:59:56 GMT
Mok-Kong Shen <[EMAIL PROTECTED]> wrote:
: Tim Tyler wrote:
:> Both FSM and cellular automata are capable of simulating Turing universal
:> systems - anything one can do, so can the other.
: Could you give litterature pointers to doing conversion between
: FSM and cellular automata? Thanks.
Finite CA *are* FSM - so no conversion is required in this direction.
You can embed an FSM (or any other computational construction) in a CA
*providing* the CA is universal - and it is large enough in extent.
The details of /exactly/ how to build the various logic components
required is generally complex - and is different for different automata.
For literature relating to showing proofs of universality for *particular*
automata, see the references I have provided in another post on this
thread, to "Winning Ways", "The Recursive Universe" - and the work of
Keuichi Morita and his colleagues.
--
__________
|im |yler The Mandala Centre http://www.mandala.co.uk/ [EMAIL PROTECTED]
Taglines are irrelevant to those who don't fully understand them.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
