Cryptography-Digest Digest #291, Volume #11 Thu, 9 Mar 00 20:13:01 EST
Contents:
Re: sci.crypt Cipher Contest Web Site ([EMAIL PROTECTED])
Re: CONFERENCE ON NATURALISM -- FINAL NOTICE ("Douglas A. Gwyn")
Re: sci.crypt Cipher Contest Web Site ("Adam Durana")
Re: sci.crypt Cipher Contest Web Site ([EMAIL PROTECTED])
Re: Crypto Patents: Us, European and International. ([EMAIL PROTECTED])
Re: Universal Language (drickel)
Re: Best language for encryption?? ("Douglas A. Gwyn")
Re: Universal Language ([EMAIL PROTECTED])
Re: Best language for encryption?? ("Douglas A. Gwyn")
Re: avoid man-in-the-middle known plaintext attack using a stream cipher
([EMAIL PROTECTED])
Re: Universal Language ([EMAIL PROTECTED])
Re: Universal Language (Jim Gillogly)
Re: Crypto Patents: Us, European and International. (Terry Ritter)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED]
Subject: Re: sci.crypt Cipher Contest Web Site
Date: Thu, 09 Mar 2000 23:48:38 GMT
Mr. Silverman,
I have spent a huge amount of time studying the finalist in AES. Just
like everbody else I haven't found much of anything. I have had alot of
fun and education, however.
Studying a cipher that is almost certainly secure is a poor way to
learn. A better way is to study ciphers that have weakness but with the
exact nature of the weakness unknown to you.
FEAL is a good example. I knew it had differential weakness so I
studied it without reading the relevant papers. Once, I had a grasp of
how a differential attack might work, I read the papers. Comparing my
ideas to the experts has taught me quite alot.
Any ciphers that are submitted by members of this group are likely to
contain some weakness. In fact, it would be fun to design in a weakness
and see if anybody could find it, perhaps I'll do that.
If I don't miss my mark, the famous cryptographers got that way by
breaking ciphers. Since DES has been the only standard, most of the
ciphers broken have been relatively obscure. Therefore breaking obscure
ciphers is a good way to get famous. Breaking famous ciphers is a way
to get famous fast, not much chance of that though.
--Matthew
In article <8a92ro$3kj$[EMAIL PROTECTED]>,
Bob Silverman <[EMAIL PROTECTED]> wrote:
> In article <WPAx4.1$[EMAIL PROTECTED]>,
> "Adam Durana" <[EMAIL PROTECTED]> wrote:
> > I put together a web site with the a draft of the requirements for
> entries.
> > I need feedback on the requirements and suggestions from everyone
> planing on
> > participating
>
> Might I suggest to anyone who is planning on participating:
>
> If you actually have time to spend on examining the security of
> symmetric ciphers, that you instead select one of the AES candidates
> and spend time analyzing it instead?
>
> AES is important. If you have spare time, why not spend it on
something
> important, instead of wasting it on a 'cipher' that will never see
> the light of day?
>
> If you want to be taken *seriously* by the crypto community, I can
think
> of no better way of doing so than by exposing a weakness in one of the
> AES ciphers.
>
> --
> Bob Silverman
> "You can lead a horse's ass to knowledge, but you can't make him
think"
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.
>
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: CONFERENCE ON NATURALISM -- FINAL NOTICE
Date: Fri, 10 Mar 2000 00:01:28 GMT
Mike Rosing wrote:
> A real example is the distribution of matter in the universe. It is
> fairly easy to follow the math and we find that the structures we see
> are too complex by "natural" processes to be created in the time the
> universe appears to have existed. (It's off by about 10^10, which is
> a lot, but I'm not done yet :-) Another example is the relaxation time
> of free electrons in a gas. Langmuir showed (around 1910 or so) that
> the equilibrium was reached about 10^16 times faster than any model
> made sense. Nobody yet can explain it either.
? I don't think either of those is correct, according to current
best scientific knowledge. What easy-to-follow math could there
possibly be that describes the complexity of structures created
by natural processes??
> We can always say scientific knowledge is incomplete. By Goedel, we
> can claim it is consistent.
I don't think Gödel has anything to do with it.
------------------------------
From: "Adam Durana" <[EMAIL PROTECTED]>
Subject: Re: sci.crypt Cipher Contest Web Site
Date: Thu, 9 Mar 2000 19:04:21 -0500
> Might I suggest to anyone who is planning on participating:
>
> If you actually have time to spend on examining the security of
> symmetric ciphers, that you instead select one of the AES candidates
> and spend time analyzing it instead?
Analyzing ciphers is only part of the competition, the other part is
designing your own cipher. Personally I think the design phase is the most
enjoyable part, because you get to work on your own ideas.
> AES is important. If you have spare time, why not spend it on something
> important, instead of wasting it on a 'cipher' that will never see
> the light of day?
Well if you have an entry in the contest then your cipher will see the light
of day. Also the AES canidates are designed by some very highly respected
cryptographers, and if they design thier entries so they cannot break them
what makes you think the average sci.crypt reader could find a weakness?
I'm not saying the average reader couldn't but the AES canidates took a long
time to design and analyze, I believe Schneier said 1000+ man hours were put
into the analysis of Twofish. Thats a lot of time, I know I don't have that
much free time to spend on my hobby.
> If you want to be taken *seriously* by the crypto community, I can think
> of no better way of doing so than by exposing a weakness in one of the
> AES ciphers.
Maybe you should be spending your time analyzing Twofish, or the other
candidates competing with RC6, instead of trying to convince people this
contest is pointless.
- Adam Durana
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: sci.crypt Cipher Contest Web Site
Date: Thu, 09 Mar 2000 23:59:24 GMT
Mr. Scott,
Please submit such a cipher. I would like to understand the design
behind it. In order for a whole file to change, a multiple pass
algorithm would be needed, correct? Couldn't you use one of the AES
candidates with 3 or 4 pass to do this?
On another note, what makes you think the NSA can break modern ciphers?
I am not saying they cannot but if you have any -proof- I would
certainly like to hear about it. With all the security holes in most
OS's, why bother with complex attacks?
--Matthew
In article <8a8bnr$1c4g$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) wrote:
> In article <8a7b5e$q85$[EMAIL PROTECTED]>, [EMAIL PROTECTED]
wrote:
...
> I disagree that that have to work in any mode. Again you will just
be
> playing in the hands of the NSA. I think points should be given if for
a one
> byte chainge in either the key or input file the whole output file
should
> change and that the output file should not be longer than the input
file.
> This goes against the trend in crypto but why should we fall into the
trap of
> making the cipher easy for the NSA
>
> >
> >It will be tough to meet all the criteria. Just look at the AES
> >candidates that have been eliminated. The fun is in the trying.
>
> The AES is a phony contest designed to fool stupid people
> into using something that the NSA will be able to read. IF you knew
> anything about the histroy or the honesty of the agency you would
> see why this is true. If your not to old you can see the honesty
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Crypto Patents: Us, European and International.
Date: 10 Mar 2000 00:09:31 GMT
1. A patent is not always necessary. If you make your findings public noone
else will be able to patent any closely related algorithm.
2. In many cases and for many purposes copyright protection might be more
effective. Patents may protect a method. Copyrights protect results of
intellectual processes, viewed as contextually dependent conceptual
integers.
For example: I would violate the IDEA U.S. patent (but probably not the IDEA
copyright) if I implemented the IDEA algorithm, called it something else and
marketed my implementation in the USA. I would probably not violate that
patent if I implemented IDEA, adjusted it slightly, and still called it "the
IDEA-cipher". In such case, I would however violate the IDEA copyright,
virtually regardless of the extent of my adjustments.
(Note: There are different opinions regarding the extent to which algorithms
may be protected by copyright. I argue that such protection exists, just as
well, and in a closely related sense, as a one line poem is protected by
copyright. You might say or write the sentence of the poem without violating
the copyright, but not in public if the context makes it obvious that you are
quoting that line.)
One might also ask oneself why anyone would like to market an implementation
of IDEA without calling it IDEA... It seems like an odd marketing strategy.
;-)
Conclusion: Patenting a cipher will at most protect you from being ripped of
by your partners at an early stage of development.
In a previous article, Glenn Larsson <[EMAIL PROTECTED]> writes:
[---]
>The Swedish patent law (1967:837,paragraph 1) cannot approve
>ONLY mathmatical algorithms as patentable, it (according to
>the patent engineer i spoke to) also have to have a physical
>or a graspable "technical effect" and have "uniqueness".
----- Posted via NewsOne.Net: Free Usenet News via the Web -----
----- http://newsone.net/ -- Discussions on every subject. -----
NewsOne.Net prohibits users from posting spam. If this or other posts
made through NewsOne.Net violate posting guidelines, email [EMAIL PROTECTED]
------------------------------
Subject: Re: Universal Language
From: drickel <[EMAIL PROTECTED]>
Date: Thu, 09 Mar 2000 16:17:22 -0800
In article <[EMAIL PROTECTED]>, Jim Gillogly
<[EMAIL PROTECTED]> wrote:
>Interestingly, Heinlein in his short story "Gulf" postulated
that Loglan
>(not referenced by name) was successful and allowed people who
knew it
>to think faster and better. Whorf/Sapir lives on...
>--
> Jim Gillogly
> 18 Rethe S.R. 2000, 22:27
> 12.19.7.0.8, 12 Lamat 16 Kayab, Eighth Lord of Night
quibble--the artificial language had a one-one mapping between
basic words and phonemes--a syllable might be three words.
People who thought in it would think faster the same way people
who spoke it would speak faster (more words (ideas)/second).
david rickel
* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
The fastest and easiest way to search and participate in Usenet - Free!
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Best language for encryption??
Date: Fri, 10 Mar 2000 00:17:38 GMT
Paul Schlyter wrote:
> long l = 1000000L;
> short s;
> s = l;
Of course, if your algorithm is wrong, you get wrong results.
> And integer overflows are silent too in C/C++.....
Signed integer overflow is undefined behavior.
Most practical procedural languages, strongly typed or not,
don't check for such overflow, because it greatly slows down
the non-overflow case in the generated code (unless the
particular machine provided suitable traps, not something
the language can depend on in general).
> > In C, the way to define a new type is with a struct or union
> > declaration. Such types *are* treated strongly; there is no
> > automatic mixing allowed among such types (nor between them and
> > the built-in types).
> ...and you can't do any operations on them either, except assignment,
> sizeof and and "address-of" (&). In good ol' K&R C you couldn't evne
> do struct assignment....
Since one has to define the semantics of such operations anyway,
the fact that in plain C the syntactic form has to be a function
call is a minor nuisance. Of course, C++ provides a way to define
the semantics for built-in operators for user-defined types. This
doesn't seem to be a matter of "strong typing", since the same
criticism could be made of most languages other than C++, say,
Pascal, which you used as an example of a strongly typed language.
> Which there almost are: if a floating-point type is converted to/from
> an integer type, some actual conversion is done, otherwise the bit
> pattern is just copied.
No, in C conversions are of values, not representations. It may
well happen that two types have similar representation, for
example in C implementations on many word-addressable machines,
all pointers to objects of size >= wordsize have the same
representation, while pointers to objects < wordsize often have
one or more different representations. Conversion among pointers
having different representations is definitely not done by copying
the bit pattern.
> This originate from the K&R C paradigm "Everything is an int"
That was never quite true (consider "char"), and certainly is
not the current paradigm.
> unsinged int u = -1;
> if ( u < 0 ) .....
None of the C programmers I know would make that mistake,
and indeed the compilers (or "lint" on the older systems)
generally warn you about comparison of unsigned with
negative integers (it's a constant condition, so it is
most likely a bug).
> The C paradigm of "trust the programmer" worked fine when the C
> programmers were quite few and very skilled, but often lead to
> disasters when C became a "language of the masses" and many
> not-so-trustworthy programmers started using it.
C is the Ginsu knife of procedural programming.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Universal Language
Date: Fri, 10 Mar 2000 00:09:57 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> [EMAIL PROTECTED] wrote:
> > Huh? Esperanto doesn't have grammatical gender. Whatever gave you
that
> > idea? See <http://www.esperanto.net>.
>
> An Esperanto book I bought probably 20 years ago. Either they've
updated the
> language to simplify it even more, or I'm misremembering something. Ah
well.
> Sorry about that.
Hey, no problem! But E-o has _never_ had grammatical gender, since Dr.
Z first published it in 1887, so (I'm sorry to say) it's your memory...
unless there's a _really bad_ textbook out there (and even the USArmy
"Aggressor Language" manual, which was surplused to a lot of public
libraries and hence was frequently the _only_ Esperanto textbook
available in many small US towns) wasn't _that_ bad!)
Also, although English _does- have "standardized spelling" (actually
multiple standards, e.g. kerb/curb, jail/gaol, color/colour etc), that's
not really what the poster to whom you were replying meant, I think. I
believe he was referring to fact that there's virtually a one-to-one
correspondence between a sound and a letter in the alphabet in
Esperanto... vs in English, where "bough" and "rough" are certainly
standardized spellings for those two words, but the final 4-letter
combination represents completely different sounds. Maybe "consistent
spelling" would be a better name.
George (plugging my favorite Esperanto website,
<http://home.wxs.nl/~lide/paspserv.htm>)
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Best language for encryption??
Date: Fri, 10 Mar 2000 00:20:06 GMT
John Myre wrote:
> ... I don't think you can say C is "weakly typed", ...
Indeed, that was my original complaint. I wasn't arguing that
C is *really strongly* typed, but that calling it "weakly typed"
is wrong in the opposite direction.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: avoid man-in-the-middle known plaintext attack using a stream cipher
Date: 10 Mar 2000 00:29:09 GMT
In a previous article, <[EMAIL PROTECTED]> writes:
>You're not thinking like an attacker.
>The attacker doesn't care *which* try succeeds, so he doesn't
>need to check every time (that'd be silly). Instead, he just
>tries over and over again, and checks his bank statement at the
>end of the month.
That would be attacking at random. The result might be that Alice Babs in
Helsinki ends up as a millionaire.
Also, there is no way to be 100% protected against such attacks, not even if
you append a 1024-bit signature at the end of each message. You may alter the
probabilities, but these probabilities are not the only factor that will
affect the expected utility of the security measures.
(If I had run a bank transfer system I would have chosen to use Diffie-Hellman
signatures too...)
>The point is, sure, maybe if you use this, you might happen to
>get lucky, and the various properties of your system might conspire
>to make the obvious attacks fail. But you're not getting
>cryptographic-quality strength here, you're just getting lucky,
>and that's hardly the type of security foundation I'd want to
>build on.
What kind of argument is this? We were asked to suggest how to improve the
security of a particular stream cipher implementation given some consice
efficiency and practicallity restrictions. Are you suggesting that we should
have disregarded these restrictions and argued that they were a lucky
coincidence?
----- Posted via NewsOne.Net: Free Usenet News via the Web -----
----- http://newsone.net/ -- Discussions on every subject. -----
NewsOne.Net prohibits users from posting spam. If this or other posts
made through NewsOne.Net violate posting guidelines, email [EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Universal Language
Date: Fri, 10 Mar 2000 00:22:58 GMT
In article <[EMAIL PROTECTED]>,
Jim Gillogly <[EMAIL PROTECTED]> wrote:
(snip)
>
> Interestingly, Heinlein in his short story "Gulf" postulated that
Loglan
> (not referenced by name) was successful and allowed people who knew it
> to think faster and better. Whorf/Sapir lives on...
Ummm... sorry, that's not quite right (amazingly this thread seems to
have drifted into some areas about which I actually _know_ something!).
Heinlein mentions Loglan in _The Moon is a Harsh Mistress_ (although he
gives no examples of it), just as he mentions Esperanto, Interlingua,
and Basic English in other stories (plus other languages he made up,
like "Ortho" in Podkayne and "Galacta" (apparently a sort of spanish or
Interlingua descendant) in _Time Engoush for Love_, but the language in
Gulf is something completely different called IIRC "Speedtalk". It's
based on the idea that making each possible distinguishable sound
semantically unique would allow someone to express the
meaning-equivalent of an entire rather lengthy english sentence in a
single fairly short word. The linguists I've talked to about it seem to
think it's really theoretically impossible... and, in any case, although
he did postulate that it would allow its users to think clearer and
faster, it was based on the premise that in order to learn it you
_already_ had to be so intellectually gifted that you effectively
belonged to a separate species, _homo superior_. Not for us lowly
old-fashioned primates. Interestingly enough, it makes no appearance in
_Friday_, whose eponymous heroine is descended from (among others; she's
a genetically-engineered "artificial person") a couple important
characters in _Gulf_, and whose "Boss" is "KettleBelly" Baldwin, one of
the "supermen" from _Gulf_. Makes me wonder if "Speedtalk" was one of
those ideas Joh Campbell was always tossing out, and RAH had discovered
in the intervening years that it was a non-starter, and hence just left
it out of the later book.
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Jim Gillogly <[EMAIL PROTECTED]>
Subject: Re: Universal Language
Date: Fri, 10 Mar 2000 00:52:14 +0000
drickel wrote:
>
> In article <[EMAIL PROTECTED]>, Jim Gillogly
> <[EMAIL PROTECTED]> wrote:
> >Interestingly, Heinlein in his short story "Gulf" postulated
> that Loglan
> >(not referenced by name) was successful and allowed people who
> knew it
> >to think faster and better. Whorf/Sapir lives on...
> quibble--the artificial language had a one-one mapping between
> basic words and phonemes--a syllable might be three words.
> People who thought in it would think faster the same way people
> who spoke it would speak faster (more words (ideas)/second).
Still, I had it from Jerry Pournelle's lips that he <knew> Heinlein
had started from Loglan with the idea... and he wasn't all <that>
many sheets to the wind at the time. I agree that there wasn't a
perfect mapping between real Loglan and Kettle-Belly Baldwin's
language (yes, <that> Baldwin).
--
Jim Gillogly
19 Rethe S.R. 2000, 00:49
12.19.7.0.9, 13 Muluc 17 Kayab, Ninth Lord of Night
------------------------------
From: [EMAIL PROTECTED] (Terry Ritter)
Subject: Re: Crypto Patents: Us, European and International.
Date: Fri, 10 Mar 2000 00:59:11 GMT
On 10 Mar 2000 00:09:31 GMT, in <8a9efr$9ud$[EMAIL PROTECTED]>, in
sci.crypt [EMAIL PROTECTED] wrote:
>1. A patent is not always necessary. If you make your findings public noone
>else will be able to patent any closely related algorithm.
This is, of course, only true if "you" are the first one to publish
the idea, or apply for the patent. "You" can give up your rights, but
you cannot give up the rights of others.
---
Terry Ritter [EMAIL PROTECTED] http://www.io.com/~ritter/
Crypto Glossary http://www.io.com/~ritter/GLOSSARY.HTM
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
