Cryptography-Digest Digest #282, Volume #11 Wed, 8 Mar 00 20:13:02 EST
Contents:
Re: Cellular automata based public key cryptography ([EMAIL PROTECTED])
Pseudo-One Time pad here. Critiques? (Albert Yang)
Re: Best language for encryption?? ("Douglas A. Gwyn")
Re: TEA analysis (Albert Yang)
Re: NIST, AES at RSA conference ("Douglas A. Gwyn")
Re: Passphrase Quality ? (Ian L. Romkey)
Re: Cellular automata based public key cryptography ([EMAIL PROTECTED])
Re: CONFERENCE ON NATURALISM -- FINAL NOTICE ("Douglas A. Gwyn")
Re: Excel password remover ("John E. Kuslich")
Re: Your Recommended Choice On Std Crypto Parts ([EMAIL PROTECTED])
Re: why xor?(look out,newbie question! :) ("Douglas A. Gwyn")
Re: sci.crypt Cipher Contest Web Site ("Douglas A. Gwyn")
Looking for a good Diffie-Hellman modulus? (John Savard)
Re: Cellular automata based public key cryptography (Dr. Yongge Wang)
Re: Encryption (poss blowfish) (drickel)
Re: Looking for a good Diffie-Hellman modulus? (John Savard)
Re: Pseudo-One Time pad here. Critiques? (Andru Luvisi)
Re: Help me to win a challenge! ("Peter L. Montgomery")
Re: Pseudo-One Time pad here. Critiques? ("Steve A. Wagner Jr.")
----------------------------------------------------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Cellular automata based public key cryptography
Date: Wed, 08 Mar 2000 22:58:32 GMT
In article <[EMAIL PROTECTED]>,
Mok-Kong Shen <[EMAIL PROTECTED]>
wrote:
> [EMAIL PROTECTED] wrote:
> >
>
> > > Doesn't this mean that an ordinary CA is as powerful as a
> > > universal TM? Could you give references? Thanks.
> > >
> > Yes, CA and TM are equivalent. A specific type
> > of CA, a "universal" CA, was used for the
> > formal proof of this equivalence which is
> > described here- http://alife.santafe.edu/
> > alife/topics -Click to the CA FAQ and then
> > scroll down to the "properties" section and
> > see the first part of this section.
>
> I am yet having some 'logical' problem. If CA and TM are equivalent
> and, according to a post of Tim Tyler, CA and FSM can be coverted
> to each other, then there seems to be something that is not in order,
> for FSM and TM are not equivalent, if I don't err.
>
> M. K. Shen
>
CA and TM are equivalent but CA and FSMs are
*not* equivalent (as Dr. Wang noted an FSM
does not equal TM). A CA consists of FSMs and
can simulate an FSM but the nature of a CA
also depends on the dimensionality and the
topology of its array. See my reply to Dr.
Wang's second message.
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Albert Yang <[EMAIL PROTECTED]>
Subject: Pseudo-One Time pad here. Critiques?
Date: Wed, 08 Mar 2000 23:16:15 GMT
First, I did not intend this to be a substitution for something like
twofish or serpent or anything that requires "real" crypto, but here is
something I whipped up in place of just plain XOR, and it seems to do a
decent job. So if you guys will take a look at it and let me know what
you think, I'd greatly appreciate it.
The strength of this is based on md5, it takes the key, and generates an
MD5 hash of the key and produces a 32 character string. I then XOR the
the plaintext with the MD5 generated string. The key is iterated after
every character use.
I had a version where the runtime was significantly better, it XORed the
plaintext with the hash string, and only iterated the key after all 32
characters were used up. I don't know if this version actually offers
better security... But for 7 lines, it's not too bad. I guess I can
wrap it in rounds, but I didn't see a need to, again, not ment to secure
stuff against the NSA. The Decrypt function is exactly the same. So
here below is the code in php format.
I have some question about the exportability of this though, because
it's technically just XOR and MD5, which are both exportable...
Open for comments, critiques, criticisms, suggestions, improvements
etc..
Albert.
~~~~~~~~~~~~~~~~~~~~~~~
function crypt ($inputtext, $key) {
for ($i = 0;$i < strlen($inputtext);$i++) {
$key=md5($key);
$inputtext[$i] = chr( (ord($inputtext[$i]) ^ ord($key[($i % 32)])) );
}
return $inputtext;
}
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Best language for encryption??
Date: Wed, 08 Mar 2000 23:23:15 GMT
Paul Schlyter wrote:
> In C, unsigned ints and signed ints can be assigned to one another
> without a cast -- that would not be the case in a strongly typed
> language.
> In C, short ints and long ints can be assigned to one another wihtout
> a cast -- that would not be the case in a strongly typed language.
I already said that mixed-mode arithmetic is an exception, by which
I meant to include such things. Because of the value-preserving
rule, this seldom causes a problem, and it is often a great
convenience.
> In C, a typedef'ed data type merely becomes a synonym for the base
> data type, and can be freely assigned from/to it -- that would not be
> the case in a strongly typed language, where it would become its own
> distinct data type.
I don't know what it would mean for a C-specific feature "in another
language". Since typedef (despite its name) does not define a type,
it has nothing to do with whether strong typing exists. Addition
and macro definition do not define types, either.
In C, the way to define a new type is with a struct or union
declaration. Such types *are* treated strongly; there is no
automatic mixing allowed among such types (nor between them and
the built-in types).
> In C, enum's are really int's with some symbolic constants added,
Enums are admittedly a kludge, specified as being selected from
the available integer types.
> In C, virtually anything can be cast into virtually anything else
No -- only when there are well-defined semantics. It requires
an explicit construct (type cast) to convert among types in most
cases (other than the mixed-mode arithmetic already mentioned).
> that would not be the case in a strongly typed language, where the
> ability to cast a data type into another data type is restricted
> on purpose.
When it would be meaningful, what good is served by prohibiting it?
> > and, alas, a "generic" pointer type void* that
> > freely interconverts with all object-pointer types,
> I guess that's the last nail in the coffin for your idea of C as a
> "stronlgy typed language".... such a "feature" would be a cardinal
> sin in a truly stronlgy typed language.
At least in C, if you use pointer types *and do not explicitly
invoke the generic pointer type* you still have fairly strong typing.
> > but these [escapes from strong typing] occur only if the
> > programmer chooses to use them.
> I think you should try to do some programming in Ada or Pascal
I did some programming in Pascal; indeed, it *did* get in the way
of doing perfectly reasonable things. Is that to be commended?
------------------------------
From: Albert Yang <[EMAIL PROTECTED]>
Subject: Re: TEA analysis
Date: Wed, 08 Mar 2000 23:26:16 GMT
Bruce and crew have a few docs about the breaking of TEA.
Here's the link.
http://www.counterpane.com/related-key_cryptanalysis.html
Albert.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: NIST, AES at RSA conference
Date: Wed, 08 Mar 2000 23:28:36 GMT
Tim Tyler wrote:
> I'd agree that it makes sense to alter the cypher algorithm *in the way
> that Ritter recommends* - i.e by combining multiple independent encryption
> schemes, each with their own key.
In other words, it makes sense to lengthen the key.
The real question is, is that the most effective way to use a
given set of key bits? My C/A experience suggests that they
would be better employed in keying a single, integrated system
rather than partitioned among independently operating,
noninteracting subsystems.
------------------------------
From: [EMAIL PROTECTED] (Ian L. Romkey)
Crossposted-To: alt.security.pgp,comp.security.pgp.discuss
Subject: Re: Passphrase Quality ?
Date: Wed, 08 Mar 2000 23:29:20 GMT
John Underwood <[EMAIL PROTECTED]> wrote:
>Is anyone in this whole discussion undertaking any risk analysis? What
>information are you trying to protect that you are considering
>countering torture as a means of getting it out of you?
Sorry, I can't tell you that. :)
Seriously, all my system <http://www.5x5poker.com/grid/> does is give you
the option of destroying your password so that not even you can ever
recover it. In most real-world cases, there's no actual risk of torture or
even legal prosecution, particularly if you're prepared to demonstrate how
the system works and show that there's absolutely nothing that you can do
to help recover the password. It never hurts to keep your options open.
--
"Ian L. Romkey" is actually 6078 219354 <[EMAIL PROTECTED]>.
012 3 456789 <- Use this key to decode my email address and name.
Play Five by Five Poker at http://www.5X5poker.com.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Cellular automata based public key cryptography
Date: Wed, 08 Mar 2000 23:16:35 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
>
> To my mind, gate arrays and spatially non-uniform CA are very similar
> systems.
>
Right, the goal would be to have an
architecture (a combination of CA and gate
arrays) that allows many gate operations to
be done simultaneously and also at sites
irregularly distributed throughout the
structure. It seems to me this could help with
quantum computing but do you think it could
also be beneficial for cryptography?
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: CONFERENCE ON NATURALISM -- FINAL NOTICE
Date: Wed, 08 Mar 2000 23:33:08 GMT
John Savard wrote:
> funding, I fail to understand the point of stirring up needless
> controversy by making it appear that there is some sort of conflict
> between science and the religious beliefs of many people.
Maybe that's because it has nothing to do with funding,
but rather with scientists' desire to discover the truth
about things. Science *does* conflict with religious
beliefs of many people. Why do you think there is a
Creationist movement affecting selection of textbooks
for public school science classes in many states in the
"Bible belt" of the US? They recognize that there is a
conflict, and are fighting back.
------------------------------
From: "John E. Kuslich" <[EMAIL PROTECTED]>
Subject: Re: Excel password remover
Date: Wed, 8 Mar 2000 16:35:18 -0700
What you are referring to is the Write protection that may be applied to
worksheets. I do not think you have the capability to recover the file
level password protection. This password protection for Office 97 and
beyond is quite sophisticated and as far as I know is only cracked by brute
force password or key search. The encryption at the file level uses MD5
hash and RC4. The key search is the only way to recover files that have
well chosen, long passwords.
I am correct, no??
JK http://www.crak.com Password Recovery Software
Tobiass Mai <[EMAIL PROTECTED]> wrote in message
news:89u6s8$f10$[EMAIL PROTECTED]...
> Hello!
>
> I've written a program which removes the protection of
> Excel-workbooks/-sheets.
> Can anybody tell me if i can get in trouble with Microsoft?
>
> Regards
> Tobiass
>
>
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Your Recommended Choice On Std Crypto Parts
Date: Wed, 08 Mar 2000 23:26:12 GMT
In article <8a3k01$3b0$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
>
>
> Technical Question.
>
> If I want speed and good security for encrypting
> a data stream, and I only want one choice of
> crypt algorithim for each part, with no patent $
> issues, what should i choose, more importantly
> what would You use.
>
>
> - Symetric? : TwoFish 128 bit key
> - Key setup times is important % as may be
> small sessions.
> - Must be FPGA friendly
Use Blowfish. It fits in some of the larger Altera 10K devices.
Its free. It has a long key schedule, though.
Or use DES, since you don't seem to care much about security.
Its about a third the gates and uses no memory.
......
For your PK & protocol ops, you might consider a 'secure' cpu
instead of a FPGA.
---
The disappearance of a sense of responsibility is the most far-reaching
consequence of submission to authority. [Stanley Milgram]
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: why xor?(look out,newbie question! :)
Date: Wed, 08 Mar 2000 23:41:16 GMT
"Lassi Hippel�inen" wrote:
> Mike Rosing wrote:
> > Today bus width is the same or larger than the register width. So
> > endianness doesn't matter.
> ...unless you are dealing with communications.
There are other contexts even within a single host where endianness
matters. Apart from mapping memory words to/from external storage,
there is also character packing, and other forms of "punning". One
advantage of little-endian order is that a pointer to a longer
integer can be punned as a pointer to a shorter integer, and it
will work (so long as the value fits). This isn't usually a wise
programming practice, but back in the days of little, slow
machines, it certainly helped.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: sci.crypt Cipher Contest Web Site
Date: Wed, 08 Mar 2000 23:43:32 GMT
Adam Durana wrote:
> Does anyone think resistance to linear and differential analysis is
> too much to ask of the intermediate category?
I think you should ask for resistance to cryptanalysis, period.
For systems where linear and/or differential C/A is applicable,
lack of resistance to it should count a few negative points in
the score.
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Looking for a good Diffie-Hellman modulus?
Date: Wed, 08 Mar 2000 16:55:43 GMT
Well, it may not be too practical, but at
http://perso.wanadoo.fr/yves.gallot/primes/chrrcds.html
there are listed the last 20 largest Sophie Germain primes known to
mathematics. So, if you want to do Diffie-Hellman with 1812-digit
numbers...or even 9825-digit numbers, you can find them there.
John Savard (jsavard<at>ecn<dot>ab<dot>ca)
http://www.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: [EMAIL PROTECTED] (Dr. Yongge Wang)
Subject: Re: Cellular automata based public key cryptography
Date: 9 Mar 2000 00:07:02 GMT
: > I have just checked that page. I am not familiar with CA. But I am
: > familiar with FSM (from Hopcroft etc. book). It seems that
: > CA is a completely different notion than the Finite Automaton.
: > CA equiv Turing machine, so are different from Finitte Automaton.
: > If your notion of FSM is not Finite Automaton.i
: > then we may talk about completely different things. And if I am wrong
: > then I would like to apologize for the previous email.
: >
: You and your previous message are *correct*,
: not wrong. Cellular Automata (CA) are arrays
Thanks! It seems that i have figured out the relationships from your
several messages.
======================================================.
Yongge Wang |
Center for Applied Cryptographic Research |
University of Waterloo |
Waterloo, Ontario, N2L 3G1 |
Canada |
Phone:(519)8884567 x 5295 |
[EMAIL PROTECTED] |
http://cacr.math.uwaterloo.ca/~ygwang |
======================================================'
------------------------------
Subject: Re: Encryption (poss blowfish)
From: drickel <[EMAIL PROTECTED]>
Date: Wed, 08 Mar 2000 16:23:14 -0800
In article <8a5dbi$drn$[EMAIL PROTECTED]>, "Rob Kings"
<[EMAIL PROTECTED]> wrote:
>All
>
>I'm putting together some encryption routines, to hide medical
data from
>prying eyes. I was looking at Blowfish. I need to write in C as
I want the
>code to work on both a PC and on various Unix variants (DG-UX,
AIX, etc.)
>I've a number of questions.
>
>1. When I look around the net, I find lots of examples of
algorithms, but no
>larger examples of how to encrypt a file. Anyone got any? (Must
be pretty
>'bog-standard' ANSI C)
Hmm, i'm not sure if there are any; it probably depends on what
level of security you're shooting for. If you don't care about
what gets written to swap files or how to securely remove the
unencrypted file then it should be fairly straightforward. If
you're trying to cover those holes then you start getting pretty
OS-specific.
>
>2. Will the 'bit-ness' of the differing computers affect an
algorithm? eg.
>The file could be encrypted on a 64bit Unix box, and decrypted
on a PC?
There are some gotchas you may need to watch out for.
sizeof(int) could be 2 or 4 or 8, depending. sizeof(long) could
be 4 or 8. You might need to define an INT32 type. This could
be a bit annoying.
>3. Same as 2 but with respect to the endion differences between
most
>non-intel machines and PC's
This might have cause some speed problems if you try to read and
write blocks at a time, instead of character by character.
Again, this isn't all that hard to deal with--some machines
will need to do byte swapping during read and writes.
If it's a database, do you have floating point numbers to deal
with? That might present a bit of a problem, as you'll have to
concoct a machine-independent floating point format. That's not
an encryption problem, though.
david rickel
* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
The fastest and easiest way to search and participate in Usenet - Free!
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Looking for a good Diffie-Hellman modulus?
Date: Wed, 08 Mar 2000 17:29:28 GMT
[EMAIL PROTECTED] (John Savard) wrote, in part:
>Well, it may not be too practical, but at
>http://perso.wanadoo.fr/yves.gallot/primes/chrrcds.html
>there are listed the last 20 largest Sophie Germain primes known to
>mathematics. So, if you want to do Diffie-Hellman with 1812-digit
>numbers...or even 9825-digit numbers, you can find them there.
But you can find a means of finding primes of a more practical length
at
http://www.utm.edu/research/primes/programs/gallot/
...however, I ran the program searching for Sophie Germain primes, and
in that mode, I got the message that a certain number P was prime...
and the documentation said that it printed the numbers P such that 2P
+ 1 was also prime.
However, when I went to the option to search for just plain primes, I
found that 2P+1 was not prime, however, Q such that my P was 2P+1 was
prime was prime.
So there is (or appears to be; perhaps I just did not read carefully
enough) a little mistake in the documentation; the numbers turned up
in the Sophie Germain mode are the ones usable as actual moduli.
John Savard (jsavard<at>ecn<dot>ab<dot>ca)
http://www.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: Andru Luvisi <[EMAIL PROTECTED]>
Subject: Re: Pseudo-One Time pad here. Critiques?
Date: 08 Mar 2000 16:26:51 -0800
> Subject: Re: Pseudo-One Time pad here. Critiques?
^^^^^^^^^^^^^^^^^^^
It's an Output Feedback Cipher, using a hash function.
Albert Yang <[EMAIL PROTECTED]> writes:
[snip]
> Open for comments, critiques, criticisms, suggestions, improvements
> etc..
>
> Albert.
> ~~~~~~~~~~~~~~~~~~~~~~~
>
> function crypt ($inputtext, $key) {
> for ($i = 0;$i < strlen($inputtext);$i++) {
> $key=md5($key);
> $inputtext[$i] = chr( (ord($inputtext[$i]) ^ ord($key[($i % 32)])) );
> }
> return $inputtext;
> }
I'm not sure if this is supposed to be perl or not...
First, md5 produces 16 bytes (128 bits), not 32.
My suggestions are:
Use the key as part of each transform.
Use an Initialization Vector, so that you can reuse the same key
for multiple messages. This makes encryption different from
decryption though...
Here's my suggested changes to the code. Thoughts?
use Digest::MD5 qw(md5);
sub encrypt {
my($inputtext, $key) = @_;
my($pad) = my($IV) = time(); # Don't use more than once per second!
for ($i = 0; $i < length($inputtext); $i++) {
$pad=md5($pad . $key) if !($i & 15);
substr($inputtext, $i, 1) ^= substr($pad, $i & 15, 1);
}
return pack("N", $IV) . $inputtext;
}
sub decrypt {
my($inputtext, $key) = @_;
my($pad, $inputtext) = unpack("NA*", $inputtext);
for ($i = 0; $i < length($inputtext); $i++) {
$pad=md5($pad . $key) if !($i & 15);
substr($inputtext, $i, 1) ^= substr($pad, $i & 15, 1);
}
return $inputtext;
}
Andru
--
==========================================================================
| Andru Luvisi | http://libweb.sonoma.edu/ |
| Programmer/Analyst | Library Resources Online |
| Ruben Salazar Library |-----------------------------------------|
| Sonoma State University | http://www.belleprovence.com/ |
| [EMAIL PROTECTED] | Textile imports from Provence, France |
==========================================================================
------------------------------
From: "Peter L. Montgomery" <[EMAIL PROTECTED]>
Subject: Re: Help me to win a challenge!
Date: Thu, 9 Mar 2000 00:48:16 GMT
In article <[EMAIL PROTECTED]>
Oriol =?iso-8859-1?Q?Quinquill=E0?= Capdevila <[EMAIL PROTECTED]> writes:
>Hello!
>I'm a studying in Catalan Polytechnic University, in Barcelona.
>The students of IEA (something like Introduction to Algorithmics),
>have been challenged to solve a [very easy, I know] cryptographic
>problem.
>Given the English alphabet, they're going to make a permutation
>(for example: A->C (C->A), B->Z (Z->B), D->K (K->D), and so on),
>and using it they will encrypt a text. Given the cipher, we have to
>recover
>the original text.
>* * * The winer is the one who develops the algorithm which consumes
>less CPU ***
>I belive the best way should be implementing the A* (or maybe
>Branch&Bound)
>algorithm, using the freq�ency of use of letters in English as
>heuristic.
>
>Does anyone know a better idea? Any comment or suggestion?
>Where can I find usefull information? I may also need powerfull data
>structures (maybe a dictionary)... where can I find it?
>Thanks!!
>
Make a list of common words with repeated letters. In your
message, for example, INTRODUCTION has the I, N, T, O all repeated.
STRUCTURES is not common enough to include in the dictionary, but
has STRU repeated. BELIEVE (correctly spelled) has three E's.
CATALAN has three A's and a nontrivial chance of appearing in
your professor's chosen message.
BETTER and LETTERS have ET repeated. If any words in the passage
match these candidates, check whether they fit well into the rest
of the sentence. Look especially for THAT and PEOPLE.
Try each three-letter word (without repeating letters)
against THE, AND, FOR, ARE, YOU, ONE, ITS, HAS, HAD, WAS, NOT,
WHO, HIM, HER, HIS, OUT, OUR, NEW, BUT.
Look at punctuation. Have a table of contractions like COULDN'T
end THEY'D which you try whenever you see an apostrophe --
if nothing on your list matches it must be a possessive.
If the sentence is a question, looks for words like WHERE or DOES
at the front. BUT, AND, THEN may follow a comma.
Many UNIX systems have a SPELL command. Do `man spell' to
find the location of its dictionary. Plurals and other compound
words do not appear.
Test your program by typing a passage from some convenient source,
encrypting it, and having your program reproduce it. Have fun!
--
E = m c^2. Einstein = Man of the Century. Why the squaring?
[EMAIL PROTECTED] Home: San Rafael, California
Microsoft Research and CWI
------------------------------
From: "Steve A. Wagner Jr." <[EMAIL PROTECTED]>
Subject: Re: Pseudo-One Time pad here. Critiques?
Date: Wed, 08 Mar 2000 21:18:21 -0800
You can increase the security of this. OFB is not good for re-use with the
same password unless you are using a secure random session key. I suggest
using a CFB approach, where you begin with a 16byte RIV.
XOR hash of [previous block+key] with the current block. You can make this act
as a stream-cipher (CFB) by XOR'ing a byte at a time, cycling 1..16. It should
be pretty secure, and this is not a new invention. It's certainly more secure
than DES. Also, consider using a 20byte hash algorithm such as RIPEM160 or
SHA-1.
Andru Luvisi wrote:
> > Subject: Re: Pseudo-One Time pad here. Critiques?
> ^^^^^^^^^^^^^^^^^^^
>
> It's an Output Feedback Cipher, using a hash function.
>
> Albert Yang <[EMAIL PROTECTED]> writes:
> [snip]
> > Open for comments, critiques, criticisms, suggestions, improvements
> > etc..
> >
> > Albert.
> > ~~~~~~~~~~~~~~~~~~~~~~~
> >
> > function crypt ($inputtext, $key) {
> > for ($i = 0;$i < strlen($inputtext);$i++) {
> > $key=md5($key);
> > $inputtext[$i] = chr( (ord($inputtext[$i]) ^ ord($key[($i % 32)])) );
> > }
> > return $inputtext;
> > }
>
> I'm not sure if this is supposed to be perl or not...
>
> First, md5 produces 16 bytes (128 bits), not 32.
>
> My suggestions are:
> Use the key as part of each transform.
> Use an Initialization Vector, so that you can reuse the same key
> for multiple messages. This makes encryption different from
> decryption though...
>
> Here's my suggested changes to the code. Thoughts?
>
> use Digest::MD5 qw(md5);
> sub encrypt {
> my($inputtext, $key) = @_;
> my($pad) = my($IV) = time(); # Don't use more than once per second!
> for ($i = 0; $i < length($inputtext); $i++) {
> $pad=md5($pad . $key) if !($i & 15);
> substr($inputtext, $i, 1) ^= substr($pad, $i & 15, 1);
> }
> return pack("N", $IV) . $inputtext;
> }
>
> sub decrypt {
> my($inputtext, $key) = @_;
> my($pad, $inputtext) = unpack("NA*", $inputtext);
> for ($i = 0; $i < length($inputtext); $i++) {
> $pad=md5($pad . $key) if !($i & 15);
> substr($inputtext, $i, 1) ^= substr($pad, $i & 15, 1);
> }
> return $inputtext;
> }
>
> Andru
> --
> --------------------------------------------------------------------------
> | Andru Luvisi | http://libweb.sonoma.edu/ |
> | Programmer/Analyst | Library Resources Online |
> | Ruben Salazar Library |-----------------------------------------|
> | Sonoma State University | http://www.belleprovence.com/ |
> | [EMAIL PROTECTED] | Textile imports from Provence, France |
> --------------------------------------------------------------------------
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
