Cryptography-Digest Digest #252, Volume #11 Sat, 4 Mar 00 12:13:00 EST
Contents:
Re: RC4 and salt ([EMAIL PROTECTED])
Re: Can someone break this cipher? (CLSV)
Re: RC4 and salt (Johnny Bravo)
'Free' services with tokens/puzzles (Ville)
Re: Random bit generators (Tim Tyler)
Re: Best language for encryption?? (wtshaw)
Re: Crypto.Com, Inc. (wtshaw)
Re: Can someone break this cipher? (Tim Tyler)
Re: 'Free' services with tokens/puzzles ([EMAIL PROTECTED])
Re: 'Free' services with tokens/puzzles ([EMAIL PROTECTED])
Re: Hidden computation (Re: Cryonics and cryptanalysis) (Tim Tyler)
Re: Best language for encryption?? (wtshaw)
Re: Best language for encryption?? (wtshaw)
Re: Best language for encryption?? (wtshaw)
Re: Cryonics and cryptanalysis (Tim Tyler)
Re: Crypto.Com, Inc. (Mok-Kong Shen)
Re: Random bit generators (Guy Macon)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED]
Subject: Re: RC4 and salt
Date: Sat, 04 Mar 2000 14:33:18 GMT
Tom St Denis <[EMAIL PROTECTED]> wrote:
: In article <Pqwv4.2411$[EMAIL PROTECTED]>,
: [EMAIL PROTECTED] wrote:
: >
: > Hi,
: >
: > I have a question about implementing "salt" with RC4. Basically, what
: > is the standard method?
...
: Just append a 32-bit tag to the session key when you encrypt/decrypt.
: You can even use the time() function if you don't want to code anything
: else. As long as each session key is unique [which is possible in this
: case].
Ok, this was the idea I came up with, too. What you're saying so
succinctly is that you append the tag to the key and then feed the
whole thing into the RC4 init function as if it were all the key.
Is there an RFC or something on the subject? I'm designing part of a
large system, and I need a bit more justification.
: Tom
Charles
: Sent via Deja.com http://www.deja.com/
: Before you buy.
------------------------------
From: CLSV <[EMAIL PROTECTED]>
Subject: Re: Can someone break this cipher?
Date: Sat, 04 Mar 2000 15:07:04 +0000
Mary - Jayne wrote:
>
> "Wesley H. Horton" <[EMAIL PROTECTED]> wrote:
> >You posted the challenge to the crypto news group on the 27th and no one
> >has broken it and returned your cipher text as yet.
> >Therefor:
> >It must be absolutely secure! Sure, encrypt whatever data you need to
> >keep sensitive using your system. No one will ever be able to break it.
> And you think being silly will help?
It is not as silly as you might think. It is quite possible
that a relatively weak cipher can not be broken without knowledge
of the algorithm. Is that what you are aiming for?
Second question: do you believe it is possible to keep something
secret while at the same time it has to be used a lot?
> I did not know you had set a time limit on breaking my cipher.
> Personally, I am in no hurry.
That's a good thing.
Regards,
CLSV
------------------------------
From: Johnny Bravo <[EMAIL PROTECTED]>
Subject: Re: RC4 and salt
Date: Sat, 04 Mar 2000 10:43:03 +0000
On Sat, 04 Mar 2000 14:33:18 GMT, [EMAIL PROTECTED] wrote:
>Ok, this was the idea I came up with, too. What you're saying so
>succinctly is that you append the tag to the key and then feed the
>whole thing into the RC4 init function as if it were all the key.
You might want to go for more than 32 bits of salt, you did state the
system was large. You will need a big enough salt to prevent a collision
based on the total number of files that get encrypted over the life of the
system. The time() function is a bad idea since most systems end up doing
most of the work at roughly the same times every day. Go up to 80 bits,
just start at 0 and go up one for each file that gets encrypted.
--
Best Wishes,
Johnny Bravo
"The most merciful thing in the world, I think, is the inability
of the human mind to correlate all it's contents." - HPL
------------------------------
Date: Sat, 4 Mar 2000 17:47:17 +0200
From: Ville <[EMAIL PROTECTED]>
Subject: 'Free' services with tokens/puzzles
Hi.
I'm quite new as a subscriber to this newsgroup, but I couldn't resist
posting as I was unable to find any exact matches in Deja or Google on
what I had in mind. Nor did the FAQ exactly cover my thought-
Some months ago we begun with a project related to providing free IPv6
services. Admittedly, not awfully related, but a goal is to keep the
services as accessible as possible without letting any quick drop-by
or abusive people allocate too much of the resources.
It's an important point that the service is continued to be provided
'free' ie "the pay a buck and we'll add you" way won't be of an option
(with a number of separate organizations funding it, it'd be nothing
but a mess, anyhow).
I was thinking of only having the very restricted, basic service open
and all additional access being for an additional cost - of CPU. Thus
permitting people to slowly gain better access-levels of a kind.
As I discussed this, I was told RSA Security is developing something
of the name 'puzzles'. This is not exactly what I am looking for, at
least based on the brief intro I got.
I am more wanting to "sell" services without money. It doesn't matter
if the client-program requesting to be hired is computing 1+1 or some
advanced crypto, but what I worry about is really getting the client
boxes to do the job, and not perform complex tricks to fool our server
into believing it did the job, while it was in fact doing nada.
As I participated in the administration of one RC5 project earlier, it
seemed quite obvious a number of competing projects was assuming
reliability on the clients' computed blocks simply based on the closed
source client-software and silly serverside sanity-checking. It didn't
look the least bit of a real solution for reliability/trust to me.
Is there any easy or real way of having this implemented? How feasible
is it in your opinion? I'd be very much for releasing the protocol-
details and client-sources to the intended users if we were to ever
get to that point.
I'd rather not be trying to reinvent the wheel and would thus be quite
interested in any fair pointers, books or drafts on similar techniques
or anything relating to some aspects of it.
All thoughts are welcome - especially at this point. .-)
Thanks.
--
Ville([EMAIL PROTECTED], 'Cryptlink Networking');
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: Random bit generators
Reply-To: [EMAIL PROTECTED]
Date: Sat, 4 Mar 2000 16:10:48 GMT
Joseph Ashwood <[EMAIL PROTECTED]> wrote:
: <[EMAIL PROTECTED]> wrote:
:> Joseph Ashwood wrote:
[combining RNGs]
:> > Suggestions similar to this come up quite often. And the
:> > only conclusion that can be derived from it without
:> > knowing the functions involved is to say that there exists an
:> > optimal function f() that is equivalent to your
:> > suggestion, and that your security depends solely on the
:> > security of that function. OTOH your speed does not, your
:> > speed will not be optimal. I suggest that if you are truly
:> > interested in the security of such a method you find the
:> > function f() so that it can be accurately reviewed, by you
:> > and others.
:> What exactly are you replying to?
:
: I was replying to what you wrote.
: Take the output of three prngs and use the 3rd one to choose
: from the other 2.
I'm not sure I followed your comments, either.
Using three congruental generators and using one to choose between
the output of the other two may be the simplest way to express the
function f() you describe.
You don't present any reason /why/ you think this will be slower than
"the optimal function".
I suspect - in the case where the three congruential generators in
question have relatively prime periods - it will *be* the optimal
function, in terms of concise expression/memory usage/speed of
operation, when implemented on most systems.
--
__________
|im |yler The Mandala Centre http://www.mandala.co.uk/ [EMAIL PROTECTED]
Standards aren't.
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: Best language for encryption??
Date: Sat, 04 Mar 2000 09:45:12 -0600
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (JPeschel) wrote:
> [EMAIL PROTECTED] (wtshaw) writes:
>
>
> >One has to start somewhere, and I have not the time to waste if I can help
> >it.
>
> W.T., if you are trying to learn C, might I suggest you forget
> about coding philosophy and style, and the way things are done
> in BASIC. Get a C book for beginners and start coding simple
> stuff, for example, a C program to do frequency analysis.
>
> Get the feel of the language first by doing simple things,
> find ways to do those simple things more efficiently,
> then move on to developing your style and philosophy.
>
Crypto is simple enough, and I am learning the semantics of C.
--
Imagine an internet on an up and up basis, where there are no subversive techniques to
rob a person of their privacy or computer
functionality, no hidden schemes used to defraud anyone. :>)
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: Crypto.Com, Inc.
Date: Sat, 04 Mar 2000 09:43:21 -0600
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
(Tony L. Svanstrom) wrote:
> Mok-Kong Shen <[EMAIL PROTECTED]> wrote:
>
> > wtshaw wrote:
> > >
> > > <[EMAIL PROTECTED]> wrote:
> > >
> > > > Another possibility: Telepathy! Believe it or not, it was only a few
> > > > days ago that pre-cognition of animals and such stuffs were earnestly
> > > > discussed in a French radio broadcast.
>
> Animals can spend a long time before we can detect an earthquake being
> very very afraid; and that is just as much "magic" as telepathy would be
> to us. Looking into such matters we can either, at the end, learn
> something fantastic that will make the "magic" true science, or we might
> learn something about how we read data when we know what the result will
> be. In either case we've taken something unknown and made it known
> instead of just pushing it aside.
>
It is probably merely a problem of coding and recognition, as many animals
can hear things that we cannot. This is far from telepathy, like night
vision that we have learned to adapt to us weak-sensory organisms.
What is coding to some many be encryption to others, as learning what
dophins mean when they speak, or trying to understand a foreign language
that has nothing in common with your own or one you do may have some
understanding of.
--
Imagine an internet on an up and up basis, where there are no subversive techniques to
rob a person of their privacy or computer
functionality, no hidden schemes used to defraud anyone. :>)
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: Can someone break this cipher?
Reply-To: [EMAIL PROTECTED]
Date: Sat, 4 Mar 2000 16:24:08 GMT
Mary - Jayne <[EMAIL PROTECTED]> wrote:
: On Thu, 2 Mar 2000 00:40:38 GMT, Tim Tyler <[EMAIL PROTECTED]> wrote:
:>Mary - Jayne <[EMAIL PROTECTED]> wrote:
:>: [EMAIL PROTECTED] (Mary - Jayne) wrote:
:>:>http://www.xarabungha.btinternet.co.uk/xicrypt/xichallenge.htm
:>: OK guys. I have succumbed to persuasion and posted some details of the
:>: encryption method on the web page [URL above]
:>
:>All I can see along these lines is:
:>
:>``The original plaintext was encrypted using traditional cryptological
:> methods. These include polyalphabetic encryption, randomised
:> cipher alphabets, and transformation; the whole process requiring two
:> keys to complete (or reverse).''
:>
:>Not terribly specific [...] did they really get uploaded?
: As you reproduced them in the previous paragraph, I would suggest you have
: answered your own question. Now just how specific did you want me to be?
: Shall I send you the plaintext and a copy of the program source code?
Source code is not /absolutely/ essential - but an algorithm is.
Plaintext /should/ not help much in recovering the key - with a sensible
algorithm, knowing the plaintext won't make much difference.
If I have the algorithm, I can generate as many plaintext/cyphertext pairs
as I like.
I feel you didn't "succumb to persuasion" to a great enough extent ;-(
I also feel I wasted my time visiting your site ;-(
--
__________
|im |yler The Mandala Centre http://www.mandala.co.uk/ [EMAIL PROTECTED]
Knowing Murphy's law won't help either.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: 'Free' services with tokens/puzzles
Date: 4 Mar 2000 16:40:30 GMT
Correct me if I am wrong. You want to provide a service and in exchange be
allowed to have modules running on the computers of your clients. However,
you want to check whether or not these modules are actually executed, and
that your client does not only fake that it is. You also wish to distribute
the modules as open source and explain the client-server protocol in detail.
If the modules are exchanged regularly (e.g. the clients have to download new
dll-files every week) I might have an idea:
Simply have your server frequently request some value (e.g. the current value
of EAX or some other CPU register which in some way might be anticipated by
your server) that is not likely to be produced unless your client execute
your module or your client have spent an irrationally large amount of
resources on analyzing your module.
I don't know if it will work, though. I have never tried myself, and I don't
know if someone else has.
In a previous article, Ville <[EMAIL PROTECTED]> writes:
---snip---
>I was thinking of only having the very restricted, basic service open
>and all additional access being for an additional cost - of CPU. Thus
>permitting people to slowly gain better access-levels of a kind.
---snip---
>I am more wanting to "sell" services without money. It doesn't matter
>if the client-program requesting to be hired is computing 1+1 or some
>advanced crypto, but what I worry about is really getting the client
>boxes to do the job, and not perform complex tricks to fool our server
>into believing it did the job, while it was in fact doing nada.
----- Posted via NewsOne.Net: Free Usenet News via the Web -----
----- http://newsone.net/ -- Discussions on every subject. -----
NewsOne.Net prohibits users from posting spam. If this or other posts
made through NewsOne.Net violate posting guidelines, email [EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: 'Free' services with tokens/puzzles
Date: 4 Mar 2000 16:41:32 GMT
Correct me if I am wrong. You want to provide a service and in exchange be
allowed to have modules running on the computers of your clients. However,
you want to check whether or not these modules are actually executed, and
that your client does not only fake that it is. You also wish to distribute
the modules as open source and explain the client-server protocol in detail.
If the modules are exchanged regularly (e.g. the clients have to download new
dll-files every week) I might have an idea:
Simply have your server frequently request some value (e.g. the current value
of EAX or some other CPU register which in some way might be anticipated by
your server) that is not likely to be produced unless your client execute
your module or your client have spent an irrationally large amount of
resources on analyzing your module.
I don't know if it will work, though. I have never tried myself, and I don't
know if someone else has.
In a previous article, Ville <[EMAIL PROTECTED]> writes:
---snip---
>I was thinking of only having the very restricted, basic service open
>and all additional access being for an additional cost - of CPU. Thus
>permitting people to slowly gain better access-levels of a kind.
---snip---
>I am more wanting to "sell" services without money. It doesn't matter
>if the client-program requesting to be hired is computing 1+1 or some
>advanced crypto, but what I worry about is really getting the client
>boxes to do the job, and not perform complex tricks to fool our server
>into believing it did the job, while it was in fact doing nada.
----- Posted via NewsOne.Net: Free Usenet News via the Web -----
----- http://newsone.net/ -- Discussions on every subject. -----
NewsOne.Net prohibits users from posting spam. If this or other posts
made through NewsOne.Net violate posting guidelines, email [EMAIL PROTECTED]
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: Hidden computation (Re: Cryonics and cryptanalysis)
Reply-To: [EMAIL PROTECTED]
Date: Sat, 4 Mar 2000 16:38:25 GMT
Kim G. S. OEyhus <[EMAIL PROTECTED]> wrote:
: Is it possible to do computation where data is encrypted on all stages,
: all the time? Say, an encrypted universal Turing machine?
: What I am thinking about, is a computer doing computations, but where
: it is not possible to understand what the computation does, unless one
: decrypts it. Is this possible at all? If so, how efficient can it be
: done?
An interesting question. Obfuscation of the program /and/ its data
seems in principle to be possible. Copy-protection folks aspire to
this sort of thing.
The idea may find application in techniques used to foil side-channel
attacks.
--
__________
|im |yler The Mandala Centre http://www.mandala.co.uk/ [EMAIL PROTECTED]
So, it's you again.
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: Best language for encryption??
Date: Sat, 04 Mar 2000 10:13:42 -0600
In article <[EMAIL PROTECTED]>, "Douglas A. Gwyn"
<[EMAIL PROTECTED]> wrote:
> wtshaw wrote:
> > > > what a crock, ...
> > <[EMAIL PROTECTED]> wrote:
> > > It certainly is a crock, but it's your fault for having a crappy
> > > program design. Instead of trying to write BASIC in C, you should
> > > learn to use C on its own merits. (Same for *any* language.)
> > One has to start somewhere, and I have not the time to waste if I
> > can help it.
>
> My point was that you are wasting your time if you're trying to
> program in C as if it were BASIC.
I have no problem trying to extend my capabilities, but in as direct a
line as possible. I have lots of finished applications that the rest of
the world cannot easily use. My goals include something more than console
appls, which in all something like vanilla C or Basic can do.
For serious crypto, that includes a credible security paradigm, PC tends
to offers choices that are slim or none. Knowing C/C++ does not attack
that problem if wrong choices reguarding security are already built in to
the architecture/OS. Open source perhaps offers some alternative, so the
real reason to learn new programming is to ultimately fix such major
problems at the source, which is important cryptographically.
--
Imagine an internet on an up and up basis, where there are no subversive techniques to
rob a person of their privacy or computer
functionality, no hidden schemes used to defraud anyone. :>)
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: Best language for encryption??
Date: Sat, 04 Mar 2000 09:59:00 -0600
In article <89pebv$gmv$[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Paul
Schlyter) wrote:
> I checked his "The C++ Programming Language" though, and was surprised
> to find that you're right: I couldn't find it. It wasn't in the index,
> and I didn't find it in the chapter about exceptions either. However
> to exclude setjmp/longjmp in a book about C++ could be understandable,
> since C++ offers a replacement: exceptions. A good C book should
> never omit them though, since in C setjmp/longjmp and signal are the
> only ways to do non-local jumps.
>
Generally, the book is entertaining and helps let you get into his head on
several subjects.
--
Imagine an internet on an up and up basis, where there are no subversive techniques to
rob a person of their privacy or computer
functionality, no hidden schemes used to defraud anyone. :>)
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: Best language for encryption??
Date: Sat, 04 Mar 2000 09:54:40 -0600
In article <[EMAIL PROTECTED]>, "Trevor Jackson, III"
<[EMAIL PROTECTED]> wrote:
> wtshaw wrote:
>
> > In article <[EMAIL PROTECTED]>, "Trevor Jackson, III"
> > <[EMAIL PROTECTED]> wrote:
> > >
> > > Djikstra commented on this issue, claiming that people he encountered
> > (students)
> > > who learned languages like BASIC first were mentally damaged in that it
> > was very
> > > difficult for them to think certain ways. I'd be willing to bet the
effect is
> > > measurable.
> >
> > This could be that people trained to cut through the crap are unsettled
> > when they meet those that like to pile it on.
>
> Do you _really_ think Djikstra is the kind of person to "pile on the
crap"? If
> you've read any of his writing, even his travel journals, I suspect you
might modify
> that opinion.
Now, now....mental damage has nothing to do with being caused by
learning. It is rather a case of prejudice that can cut both ways, which
is why I put into the words I did. Best yet is to understand the choices
and be able to function either way, or draw the best from seemingly
contradictory concepts and make something which is surely what I have had
a habit of doing.
Programing has one effect, it either does what you want it to do, or it
doesn't; all else is unimportant.
--
Imagine an internet on an up and up basis, where there are no subversive techniques to
rob a person of their privacy or computer
functionality, no hidden schemes used to defraud anyone. :>)
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: Cryonics and cryptanalysis
Reply-To: [EMAIL PROTECTED]
Date: Sat, 4 Mar 2000 16:47:46 GMT
Darren New <[EMAIL PROTECTED]> wrote:
: Ralph C. Merkle wrote:
:> But can people be described by bits? [...]
: Well, Penrose points out that there are quantum structures in the brain
: which he believes are necessary to concious thought. Regardless of whether
: you agree with him, there is the question of whether quantum states of the
: atoms making up the human are necessary to the continued existance of that
: person as the same person. If so, you'd be unable to record that
: information, and anyone you managed to wake up would be someone else.
Some amphibians can survive freezing for extended periods.
/Perhaps/ the frog that awakes is not the same frog that is frozen.
Then again, /perhaps/ I am not the same person when I awake in the morning
from a night of dreams.
The animals that can survive freezing seem to offer hope for cryonics.
Any attempt to maintain that humans have souls - or some quantum do-dah
in their brains - while other animals do not - appears to me to be
special pleading.
--
__________
|im |yler The Mandala Centre http://www.mandala.co.uk/ [EMAIL PROTECTED]
Life would be easier if I had the source code.
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Crypto.Com, Inc.
Date: Sat, 04 Mar 2000 18:03:49 +0100
wtshaw wrote:
>
> It is probably merely a problem of coding and recognition, as many animals
> can hear things that we cannot. This is far from telepathy, like night
> vision that we have learned to adapt to us weak-sensory organisms.
We can see light only in a limited frequency range. However, I
suppose transmission over radio can be over a very large range.
If a message is split and sent over a number of frequencies and
if these frequencies could be managed to be varying with time,
I wonder how easy is this for the opponent to track in practice.
Crpto textbooks don't seem to treat this. Could someone please say
a bit about that issue? Thanks.
M. K. Shen
------------------------------
From: [EMAIL PROTECTED] (Guy Macon)
Subject: Re: Random bit generators
Date: 04 Mar 2000 12:00:56 EST
In article <uipGWubh$GA.265@cpmsnbbsa02>, [EMAIL PROTECTED] (Joseph Ashwood) wrote:
>Take the output of three prngs and use the 3rd one to choose
>from the other 2.
..thus creating a single PRNG that is more complex. Not a bad idea if
having a more complex PRNG is your goal. I am unsure how this is better
than XORing the outputs of all 3 PRNGs.
Keep in mind that there may be a corralation between the outputs of your
initial 3 PNRGs that you don't know about that makes the output a lot less
random than you think it is.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
