Cryptography-Digest Digest #317, Volume #11 Sun, 12 Mar 00 17:13:01 EST
Contents:
Re: Passphrase Quality ? ("Test")
Re: Random permutations (Tim Tyler)
Re: Just *Germain* primes (John Savard)
Re: Just *Germain* primes (John Savard)
Re: sci.crypt Cipher Contest (wtshaw)
Re: ZIP format is gone in the past. (wtshaw)
Re: Passphrase Quality ? (L. Y. Mekairon)
Re: sci.crypt Cipher Contest Web Site (David A. Wagner)
Re: ascii to binary (John M. Gamble)
Re: Concerning UK publishes "impossible" decryption law (JimD)
Re: Concerning UK publishes "impossible" decryption law (JimD)
Re: Concerning UK publishes "impossible" decryption law (JimD)
Re: Concerning UK publishes "impossible" decryption law (Dave Howe)
tool for cryptanalysis ("Marc-andr� Thibeault")
Re: Passphrase Quality ? ("Test")
Re: ZIP format is gone in the past. ("Kasper Pedersen")
Re: Random permutations (Mok-Kong Shen)
Re: Cheating in co-operative open-source games, how can we protect from it? (NFN NMI
L.)
Comparing M$ CryptoApi providers ("Nick")
----------------------------------------------------------------------------
From: "Test" <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp,comp.security.pgp.discuss
Subject: Re: Passphrase Quality ?
Date: Sun, 12 Mar 2000 13:05:08 -0700
Here's my two cents worth.
Why limit yourself to a two dimensional grid? It seems three or four
dimensions would provide more security (although five or more would make
reconstructing the passphrase harder than simply remembering it for me).
Why do consecutive characters of the passphrase have to be adjacent in the
grid? It would be just as easy for me to remember patterns (letters,
symbols, logos, ect..) that could be overlaid on the grid to reconstruct the
passphrase.
Why create and randomize the grid yourself? Why not use published data? A
printed grid is only secure while you have possession of it. What if you
fall asleep or get drunk or get run over by a bus? If you use publicly
available data for your grid then it cannot be compromised without your
knowledge (or if you are dead).
It seems to me that with a little imagination one could construct a grid
from stock prices, phone books, maps, weather reports, irrational numbers,
physical constants, literature, music, ...you get the picture. Almost
anything.
Any flaws in my thinking or further ideas? I'd love to hear them. Thanks!
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: Random permutations
Reply-To: [EMAIL PROTECTED]
Date: Sun, 12 Mar 2000 20:06:16 GMT
Mok-Kong Shen <[EMAIL PROTECTED]> wrote:
: The common method of generating a random permutation is that
: due to Durstenfeld (see Knuth), utilising uniformly distributed
: real-valued random numbers in (0, 1] to swap pair of elements.
: Since such random numbers are most often derived from integer-
: valued random numbers through division operations, an alternative
: method suggests itself, basing on the idea underlying the
: well-known procedure in classical cryptography of selecting the
: columns of a polyalphabetic substitution table with the aid of a
: given key. That is, one attaches to the elements to be permuted
: a field which is filled with the integer-valued random numbers
: (one for each element). Subsequently one sorts such records
: according to the said field. I guess that this method of doing
: random permutations (which evidently has nothing new in it) is
: equivalent (in quality) to that of Durstenfeld. Any comments?
With the latter method, if the range of the RNG is not large enough,
you will /sometimes/ get collisions among the RNG output - which will
probably translate into some residue of the initial non-random
configuration making its way into the final permutation.
If this is true, it would be a relatively small imperfection.
I'd probably be more interested in relative timings:
Are the same number of operations employed - on average? Is there a
space/time overhead through sorting a combined index and field,
rather than just swapping fields?
--
__________
|im |yler The Mandala Centre http://www.mandala.co.uk/ [EMAIL PROTECTED]
I'm not a complete idiot - several parts are missing.
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Just *Germain* primes
Date: Sun, 12 Mar 2000 20:04:33 GMT
On 11 Mar 2000 22:21:33 -0800, [EMAIL PROTECTED] wrote, in
part:
>What, then, is different about Sophie Germain that we'd single her out in
>this unusual way? I'm afraid the answer is obvious, and it doesn't
>reflect well on the mathematical community.
It *is* true that, without a first name to inform us, we would imagine
an unknown mathematician as male, and it would be jarring to suddenly
discover that this was wrong.
Saying this "doesn't reflect well on the mathematical community"
assumes that including that wanting to include this rather fundamental
human attribute in one's visualization of a person implies hatred.
That kind of assumption is the result of too much exposure to
political correctness.
Since mathematicians talk of Noetherian fields (or is it rings) as
well as Artinian ones, however, this doesn't appear to be a universal
convention. Perhaps there is even another mathematician named Germain.
In any case, given how overwhelmingly male mathematics still is,
raising the visibility of female mathematicians isn't all bad.
John Savard (teneerf <-)
http://www.ecn.ab.ca/~jsavard/index.html
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Just *Germain* primes
Date: Sun, 12 Mar 2000 20:08:48 GMT
On Sun, 12 Mar 2000 09:04:10 GMT, "Douglas A. Gwyn" <[EMAIL PROTECTED]>
wrote, in part:
>I have no idea if Blum, Blum, and Shub are male, female,
>black, white, yellow, red, green, hairy, bald, skinny, fat,
>etc. What does it matter insofar as mathematics is concerned?
I don't _care_ terribly about these attributes, but I'd be lying if I
didn't admit I believe these gentlemen, with a high degree of
probability, to be Jewish.
All three of them.
What would be desirable is for a person's ethnic heritage to be
nothing more than an interesting, colorful background detail in their
biography. Making it, instead, something _unmentionable_ will only
give it *more* power than it deserves to have.
John Savard (teneerf <-)
http://www.ecn.ab.ca/~jsavard/index.html
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: sci.crypt Cipher Contest
Date: Sun, 12 Mar 2000 13:30:18 -0600
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] wrote:
> I think you started out with a good idea; namely to have a cipher
> contest. This would stimulate a lot of people to use their imaginations
> to code a cipher, but then you, immediately, close the door by imposing
> restrictions like... Block Cipher, 64 bit key, 128 bit key etc. A lot of
> people have no idea what that means. They may code that way without
> knowing that they are coding that way. Why only block ciphers? RC4 is a
> stream cipher that is fast, beautiful and extremely hard to crack,
> especially if you add salt.
> So while I like your idea of a contest, IMHO "the restrictions suck".
> This NG is, partially, about getting others interested in the subject
> and not about weeding out the NEWBIES.
> Regards, Peter Rabbit
You've got that right your bunneyship. Crypto means more than being stuck
in one groove, even though some intense efforts might seem to require it
from time to time. Even worse is expecting everyone to get in the same
groove with you, and badmouthing all those who work elsewhere, other than
your particular narrow area, in this big field.
--
Imagine an internet on an up and up basis, where there are no subversive techniques to
rob a person of their privacy or computer
functionality, no hidden schemes used to defraud anyone. :>)
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: ZIP format is gone in the past.
Date: Sun, 12 Mar 2000 13:35:22 -0600
In article <8aegrs$9s8$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> In article <8ab43o$5o8$[EMAIL PROTECTED]>,
> finecrypt <[EMAIL PROTECTED]> wrote:
> >"data" in our terminology) you need at least decompessing software. And if
> >you did encrypt your zip archive (not with WinZip of course :)) you also
> >need decrypting software.
>
> If reading a compressed document requires me to run an untrusted
> executable, I won't do it. ZIP files can be decompressed with my own
> software which I do trust. Documents should NEVER be executable unless
> that's absolutely necessary - the potential for virus and trojan
> transmission is too great. Furthermore, self-extracting packages only
> work on the architecture that created them - which works fine if you only
> ever communicate with PC users, but is completely laughable in the
> heterogeneous Real World.
Last I heard the world did not revolve around a pole decided by greed or
concensus.
--
Imagine an internet on an up and up basis, where there are no subversive techniques to
rob a person of their privacy or computer
functionality, no hidden schemes used to defraud anyone. :>)
------------------------------
From: [EMAIL PROTECTED] (L. Y. Mekairon)
Crossposted-To: alt.security.pgp,comp.security.pgp.discuss
Subject: Re: Passphrase Quality ?
Date: Sun, 12 Mar 2000 20:37:39 GMT
"Test" <[EMAIL PROTECTED]> wrote:
>Why create and randomize the grid yourself? Why not use published data? A
>printed grid is only secure while you have possession of it. What if you
>fall asleep or get drunk or get run over by a bus? If you use publicly
>available data for your grid then it cannot be compromised without your
>knowledge (or if you are dead).
Because you can't destroy published data. I think you missed the whole
point of the password grid strategy. Read it again:
http://www.5x5poker.com/grid/
--
"L. Y. Mekairon" is actually 2643 951087 <[EMAIL PROTECTED]>.
0 1 23456789 <- Use this key to decode my email address and name.
Play Five by Five Poker at http://www.5X5poker.com.
------------------------------
From: [EMAIL PROTECTED] (David A. Wagner)
Subject: Re: sci.crypt Cipher Contest Web Site
Date: 12 Mar 2000 12:04:17 -0800
In article <WGEy4.4535$[EMAIL PROTECTED]>,
Adam Durana <[EMAIL PROTECTED]> wrote:
> People have mentioned variable rounds before and its a good idea.
It's a little scary, too.
If the key-exchange protocol isn't especially careful about ensuring the
integrity of the round count, there are some really devastating attacks.
(Think what happens if one side uses R rounds and the other uses R+1 rounds;
the key falls out as a trivial cryptanalysis exercise.)
And you have to be really careful not to use it as a cop-out.
After all, if the cipher designer can't figure out how many rounds you need
to be secure, probably no user will be able to (and users may be tempted to
take shortcuts and reduce the round count for better performance).
There are pluses and minuses, but don't forget the minuses.
------------------------------
From: [EMAIL PROTECTED] (John M. Gamble)
Subject: Re: ascii to binary
Date: 12 Mar 2000 20:42:40 GMT
In article <[EMAIL PROTECTED]>,
Paul Koning <[EMAIL PROTECTED]> wrote:
>
[cards and tape formats snipped]
>As for that comment, it's about 25 years out of date. In the mid 70s,
>or thereabouts, the ISO 8859 series of codes were defined, which
>use 8 data bits. The lower half corresponds to USASCII; the upper
>half adds more printable characters as well as more control characters.
>There are about a dozen members of that series. As Doug said, Latin-1
>(ISO 8859-1) is the best known in Western countries because it was
>designed to support the languages of Western Europe. If you're
>elsewhere
>in the world you're likely to be using an 8859-somethingelse if you
>have a Latin alphabet, or something entirely different if you have
>a different sort of alphabet (like Cyrillic or Hebrew).
>
>ISO 10589 and Unicode, which are closely related, use wider characters
>to allow coding of essentially any character you might need without
>having to switch back and forth among sets (which was never standardized
>and would have been a processing nightmare even if standardized, which
>is one reason it wasn't).
>
Was there ever, in this scheme of encoding, a standard for the APL character
set? Or was it an escape-in/escapte out method? I remember the DEC
printer terminals (CRTs? Too expensive) that supported this were in
special demand when the general programming class assigned an APL project.
-john
February 28 1997: Last day libraries could order catalogue cards
from the Library of Congress.
--
Pursuant to US Code, Title 47, Chapter 5, Subchapter II, '227,
any and all unsolicited commercial E-mail sent to this address
is subject to a download and archival fee in the amount of $500
US. E-mailing denotes acceptance of these terms.
------------------------------
From: [EMAIL PROTECTED] (JimD)
Crossposted-To:
alt.security.pgp,comp.security.pgp.discuss,alt.security.scramdisk,alt.privacy
Subject: Re: Concerning UK publishes "impossible" decryption law
Reply-To: JimD
Date: Sun, 12 Mar 2000 21:00:37 GMT
On Sun, 12 Mar 2000 12:03:52 +0200, "Stormshadow" <[EMAIL PROTECTED]> wrote:
>"JimD" <[EMAIL PROTECTED]> wrote in message
>news:[EMAIL PROTECTED]...
>> I like that. After you've finished with the computer for the day, have
>> a switch which connects the case to the live side of the supply and
>> have lots of earthed (grounded) metal in the vicinity. Arrange it so
>> that the computer melts and takes the Pig with it!
>But if you'd like to use your computer later, the switch should be safe to
>touch, even for the authorities. And if you're a _really_ bad person, the
>authorities will cut your power before busting in.
>
>And even if this booby-trap works, you would be charged with assaulting a
>police officer or even a murder if your booby-trap is really effective. ):-)
I'd think of it more as an execution.
--
Jim Dunnett.
dynastic at cwcom.net
Exiled in Somerset
Right at the heart of England's BSE Industry.
------------------------------
From: [EMAIL PROTECTED] (JimD)
Crossposted-To:
alt.security.pgp,comp.security.pgp.discuss,alt.security.scramdisk,alt.privacy
Subject: Re: Concerning UK publishes "impossible" decryption law
Reply-To: JimD
Date: Sun, 12 Mar 2000 21:00:38 GMT
On Sun, 12 Mar 2000 10:29:20 GMT, [EMAIL PROTECTED] (Lincoln Yeoh)
wrote:
>>Exiled in Somerset
>>Right at the heart of England's BSE Industry.
>
>Hey what happened to your old address? You now in cow zone? Great
>atmosphere eh? ;).
What old address? I've been here for seventeen years!
--
Jim Dunnett.
dynastic at cwcom.net
Exiled in Somerset
Right at the heart of England's BSE Industry.
------------------------------
From: [EMAIL PROTECTED] (JimD)
Crossposted-To:
alt.security.pgp,comp.security.pgp.discuss,alt.security.scramdisk,alt.privacy
Subject: Re: Concerning UK publishes "impossible" decryption law
Reply-To: JimD
Date: Sun, 12 Mar 2000 21:00:39 GMT
On Sun, 12 Mar 2000 07:06:56 -0600, Chuck <[EMAIL PROTECTED]> wrote:
>On Sun, 12 Mar 2000 00:34:25 +1100, "�R���" <[EMAIL PROTECTED]> wrote:
>
>>i have been trying to work out a way of using the windows login to booby
>>trap the hd, say if they ask you what your logon is, and you tell em its
>>your name and ph number, when its not, and they use it, poof, a batch file
>>wipes all sensitive data and does a pgp free space wipe as it boots up, i
>>can figure out how to write the batch file, but not where to put it, perhaps
>>in the new user run once registry line? any ideas?
>
>Doesn't work. The first thing they do is turn everything off. The
>second thing they do is plug your hard drive into a system that boots
>from their own hard drive, and create an exact image of every sector
>(including freespace) for later analysis. There's no need to boot from
>your hard drive or to run any of your programs from it. If they need
>to run one of your programs, they copy the image to an identical test
>drive and do it there. Self-destruct code only wipes the test drive
>and provides a neon sign pointing to the stuff you want to keep
>secret.
You seem to know a lot about it, or appear to. Are you one of THEM?
--
Jim Dunnett.
dynastic at cwcom.net
Exiled in Somerset
Right at the heart of England's BSE Industry.
------------------------------
From: Dave Howe <DHowe@hawkswing>
Crossposted-To:
alt.security.pgp,comp.security.pgp.discuss,alt.security.scramdisk,alt.privacy
Subject: Re: Concerning UK publishes "impossible" decryption law
Date: Sun, 12 Mar 2000 21:05:52 +0000
Reply-To: DHowe@get_email_from_sig
In our last episode (<alt.security.pgp>[Sun, 12 Mar 2000 00:34:25
+1100]), "�R���" <[EMAIL PROTECTED]> said :
>i have been trying to work out a way of using the windows login to booby
>trap the hd, say if they ask you what your logon is, and you tell em its
>your name and ph number, when its not, and they use it, poof, a batch file
>wipes all sensitive data and does a pgp free space wipe as it boots up, i
>can figure out how to write the batch file, but not where to put it, perhaps
>in the new user run once registry line? any ideas?
Problem is, they will use Ghost or something similar to take a
"snapshot" of your hard drive before they attempt to examine it - all
you will get is them pissed at you for having to restore their image
file before they try the "real" password.
------------------------------
From: "Marc-andr� Thibeault" <[EMAIL PROTECTED]>
Subject: tool for cryptanalysis
Date: Sun, 12 Mar 2000 16:14:00 +0100
where i can find tool for analysis cipher like the one proposed at
sci.crypt cipher.
Thank for your assistance.
------------------------------
From: "Test" <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp,comp.security.pgp.discuss
Subject: Re: Passphrase Quality ?
Date: Sun, 12 Mar 2000 14:19:00 -0700
OK, I read it again. Don't get me wrong, I like the 5x5 idea. I'm just
trying to extend it.
So, the point is that you can destroy the grid and honestly say that you
cannot reproduce the passphrase.
The way I see it, if you looked at the grid and copied a passphrase from it
then it is very possible that you can still remember the passphrase. None of
my ideas solved that problem either. Accepting that the person who creates
the grid/passphrase *is* the security risk, why increase the risk by
printing out a custom grid? There is so much publicly available data that
could be used. And the person who knows exactly which data is used is the
same guy who created the grid/passphrase (ie. no additional security risk).
Lemme know if still "don't get it". Thanks.
L. Y. Mekairon wrote in message
<[EMAIL PROTECTED]>...
>"Test" <[EMAIL PROTECTED]> wrote:
>
>>Why create and randomize the grid yourself? Why not use published data? A
>>printed grid is only secure while you have possession of it. What if you
>>fall asleep or get drunk or get run over by a bus? If you use publicly
>>available data for your grid then it cannot be compromised without your
>>knowledge (or if you are dead).
>
>Because you can't destroy published data. I think you missed the whole
>point of the password grid strategy. Read it again:
>
>http://www.5x5poker.com/grid/
>
>--
>"L. Y. Mekairon" is actually 2643 951087 <[EMAIL PROTECTED]>.
> 0 1 23456789 <- Use this key to decode my email address and name.
> Play Five by Five Poker at http://www.5X5poker.com.
------------------------------
From: "Kasper Pedersen" <[EMAIL PROTECTED]>
Subject: Re: ZIP format is gone in the past.
Date: Sun, 12 Mar 2000 20:01:35 GMT
"finecrypt" <[EMAIL PROTECTED]> wrote in message
news:8aar8b$it7$[EMAIL PROTECTED]...
> It's more and more people prefer to use self-extracting executables
instead
> of zip archives. FineCrypt is the most popular tool in the world for
> creating strong encrypted self-extractors. Try it now.
There are the usual problems:
1) Platform. I have a platform here that it won't run on. Guaranteed, as
it's the only one of it's kind in existence. But it has ZIP.
2) Threat. Any reasonable security policy prohibits executing untrusted
executables in the trusted zone.
3) Time. I can store a ZIP file for the forseeable future. If I have a C
compiler, I also have ZIP. Unless your code is open and has been
cross-platform optimized, no such luck.
And as for ZIP selfextractors, I can decompress those without running the
SFX.
/Kasper
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Random permutations
Date: Sun, 12 Mar 2000 22:53:40 +0100
Tim Tyler wrote:
>
> With the latter method, if the range of the RNG is not large enough,
> you will /sometimes/ get collisions among the RNG output - which will
> probably translate into some residue of the initial non-random
> configuration making its way into the final permutation.
>
> If this is true, it would be a relatively small imperfection.
The integer-valued random numbers have normally a large range.
Even if there are collisions, I don't think that it matters.
I base my consideration on the fact that a random vector (with
discrete values) in an n dimensional space does not need to have
all its elements distinct. (In fact such a constraint would render
that vector non-random.) But maybe you see some points that I
am not aware.
> I'd probably be more interested in relative timings:
>
> Are the same number of operations employed - on average? Is there a
> space/time overhead through sorting a combined index and field,
> rather than just swapping fields?
I don't know. I just have thought about the issue and posted the
article and haven't yet any experience. It would be fine, if someone
could say something useful without necessitating experiments.
Perhaps the fact that the scheme does not need any real value
operations might be taken as a tiny little plus. By the way, it may
be noted that sorting can be done with standard library function
calls in some programming languages, which means that the scheme is
not inferior from the point of view of coding.
M. K. Shen
------------------------------
From: [EMAIL PROTECTED] (NFN NMI L.)
Subject: Re: Cheating in co-operative open-source games, how can we protect from it?
Date: 12 Mar 2000 21:56:46 GMT
<<Only MD5 required>>
Why do people have this MD5 fetish?
S. "HA-1" L.
------------------------------
From: "Nick" <[EMAIL PROTECTED]>
Subject: Comparing M$ CryptoApi providers
Date: Sun, 12 Mar 2000 22:09:23 GMT
I would like to compare CryptoApi providers from export version against US
version. I know there is "Enhanced Cryptographic Provider" in US version. I
would like to compare the other provider. I know - sending any provider -
dlls may by illegal, but you can send me just entries from your system
registry. Its enough because there are signatures of providers dlls.
Please export and send me from registry following branch(only from US
version of Widows !!!) :
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Defaults\Provider
Nick
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
