Cryptography-Digest Digest #320, Volume #11 Mon, 13 Mar 00 05:13:01 EST
Contents:
Re: RC4 and salt (Impervious)
how to encrypt ("propersideshowbob")
Re: Cyber Patrol 4 reversed (Raphael Phan Chung Wei)
Re: why xor?(look out,newbie question! :) (Mok-Kong Shen)
Re: Concerning UK publishes "impossible" decryption law (Terje Mathisen)
Re: why xor?(look out,newbie question! :) ("r.e.s.")
Re: sci.crypt Cipher Contest (Runu Knips)
Re: Random permutations (Mok-Kong Shen)
Re: sci.crypt Cipher Contest (Runu Knips)
Re: Best language for encryption?? (Runu Knips)
Re: how to encrypt (Runu Knips)
Re: RC4 and salt ("Joseph Ashwood")
Re: If we spent as much time.. ("Joseph Ashwood")
Re: Comparing M$ CryptoApi providers ([EMAIL PROTECTED])
Re: Cipher Contest ("Joseph Ashwood")
Re: sci.crypt Cipher Contest ("Joseph Ashwood")
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Impervious)
Subject: Re: RC4 and salt
Date: Mon, 13 Mar 2000 07:07:47 GMT
On Sun, 12 Mar 2000 14:15:00 -0000, "Joseph Ashwood"
<[EMAIL PROTECTED]> wrote:
>All the hashing alone will privide is obfuscation of
>entropy, meaning that it provides only a small complication.
>What you need to do is something like:
>middleKey = string concatenation(key, salt);
>finalKey = sha-1(middleKey);
>encrypt(data, finalKey);
Thank you Joe, the above fits better info my "math poor but
programming good" level of inteligence. I will try implementing this
in the next release of my program. :)
Thank you also for answering my question about SHA and SHA-1.
Best regards,
Manuel
------------------------------
From: "propersideshowbob" <[EMAIL PROTECTED]>
Subject: how to encrypt
Date: Mon, 13 Mar 2000 07:17:49 GMT
Hello
I studying C++ as my primary language. I would like to know if it is
possible to create a encrypting program using C++.
Is encrypting the main part of security software if not tell me of
other major factors. To get on with encrypting , how would I go about
designing an encryption program would I change letters to number or
jumble things up or confuse the commands of thre program. I ask this
because I want to learn more and see how well I can do but i want to
encrypt using the most modern goalsof encryption. Please help me.
--
Free audio & video emails, greeting cards and forums
Talkway - http://www.talkway.com - Talk more ways (sm)
------------------------------
Date: Mon, 13 Mar 2000 14:25:24 +0800
From: Raphael Phan Chung Wei <[EMAIL PROTECTED]>
Subject: Re: Cyber Patrol 4 reversed
It seems the article is not complete? up to Chapter 4 only
[EMAIL PROTECTED] wrote:
> [Note: this article may be especially of interest to sci.crypt readers
> because it includes a description, on a simple level, of how to reverse
> the CRC32 algorithm. That's a topic that was recently discussed here.]
>
> March 11, 2000 - ANNOUNCEMENT
>
> Cyber Patrol(R) 4, a "censorware" product intended to prevent users from
> accessing undesirable Internet content, has been reverse engineered by
> youth rights activists Eddy L O Jansson and Matthew Skala. A detailed
> report of their findings, titled "The Breaking of Cyber Patrol(R) 4", with
> commentary on the reverse engineering process and cryptographic attacks
> against the product's authentication system, has been posted on the World
> Wide Web at this address:
>
> http://hem.passagen.se/eddy1/reveng/cp4/cp4break.html
>
> The abstract of the report:
>
> Several attacks are presented on the "sophisticated anti-hacker
> security" features of Cyber Patrol(R) 4, a "censorware" product intended
> to prevent users from accessing Internet content considered harmful.
> Motivations, tools, and methods are discussed for reverse engineering
> in general and reverse engineering of censorware in particular. The
> encryption of the configuration and data files is reversed, as are the
> password hash functions. File formats are documented, with commentary.
> Excerpts from the list of blocked sites are presented and commented
> upon. A package of source code and binaries implementing the attacks
> is included.
>
> Eddy L O Jansson
> [EMAIL PROTECTED]
> http://hem.passagen.se/eddy1/index.html
>
> Matthew Skala
> [EMAIL PROTECTED]
> http://www.islandnet.com/~mskala/
> --
> Matthew Skala "Ha!" said God, "I've got Jon Postel!"
> [EMAIL PROTECTED] "Yes," said the Devil, "but *I've* got
> http://www.islandnet.com/~mskala/ all the sysadmins!"
--
Regards,
Raphael Phan
Faculty of Engineering
Cyberjaya Campus
Multimedia University
+603-83125314
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: why xor?(look out,newbie question! :)
Date: Mon, 13 Mar 2000 08:36:44 +0100
Douglas A. Gwyn schrieb:
>
> Mok-Kong Shen wrote:
> > Independence of random varaibles is defined in any textbook of
> > statistics. You think I need to cite the definition?
>
> You didn't ask about random variables, you asked about bit streams,
> then quibbled when I interpreted that as being essentially about
> independence of random variables.
A random number stream is a realization of random variables.
M. K. Shen
------------------------------
From: Terje Mathisen <[EMAIL PROTECTED]>
Crossposted-To:
alt.security.pgp,comp.security.pgp.discuss,alt.security.scramdisk,alt.privacy
Subject: Re: Concerning UK publishes "impossible" decryption law
Date: Mon, 13 Mar 2000 09:05:46 +0100
JimD wrote:
>
> On Sun, 12 Mar 2000 07:06:56 -0600, Chuck <[EMAIL PROTECTED]> wrote:
>
> >On Sun, 12 Mar 2000 00:34:25 +1100, "�R���" <[EMAIL PROTECTED]> wrote:
> >
> >>i have been trying to work out a way of using the windows login to booby
> >>trap the hd, say if they ask you what your logon is, and you tell em its
> >>your name and ph number, when its not, and they use it, poof, a batch file
> >>wipes all sensitive data and does a pgp free space wipe as it boots up, i
> >>can figure out how to write the batch file, but not where to put it, perhaps
> >>in the new user run once registry line? any ideas?
> >
> >Doesn't work. The first thing they do is turn everything off. The
> >second thing they do is plug your hard drive into a system that boots
> >from their own hard drive, and create an exact image of every sector
> >(including freespace) for later analysis. There's no need to boot from
> >your hard drive or to run any of your programs from it. If they need
> >to run one of your programs, they copy the image to an identical test
> >drive and do it there. Self-destruct code only wipes the test drive
> >and provides a neon sign pointing to the stuff you want to keep
> >secret.
>
> You seem to know a lot about it, or appear to. Are you one of THEM?
Probably not.
What Chuck writes is simply common sense.
OTOH, I have heard about a BBS system (back in the bad old days) which
employed a hacked-up set of SCSI connectors, so that when the drive was
plugged into a different system, the data was unreadable.
I.e. you pretty much had to use the original system to access the
drives.
Terje
--
- <[EMAIL PROTECTED]>
Using self-discipline, see http://www.eiffel.com/discipline
"almost all programming can be viewed as an exercise in caching"
------------------------------
From: "r.e.s." <[EMAIL PROTECTED]>
Subject: Re: why xor?(look out,newbie question! :)
Date: Mon, 13 Mar 2000 00:27:33 -0800
That would be convenient, but I don't think it's correct.
First a counterexample, then reasoning for the general case.
Counterexample:
To show how "within-stream" dependency can invalidate the=20
chi-square test for "between-stream" independence, let two=20
random streams, a and b, be defined as follows:
---
a_1, b_1 iid uniform {0,1}
for i =3D 2..n
{
a_i =3D 1 - a_(i-1)
b_i =3D 1 - b_(i-1)=20
}
---
Then the streams will be observed as either=20
a =3D 0101010101...
b =3D 1010101010...
or=20
a =3D 0101010101...
b =3D 0101010101...
or
a =3D 1010101010...
b =3D 0101010101...
or
a =3D 1010101010...
b =3D 1010101010...
each of the four cases being equally likely.
Now as random streams, a is independent of b; but the=20
chi-square statistic turns out to equal n, thus ensuring=20
a spurious "significant" result with enough observations,=20
incorrectly rejecting independence between the streams.=20
(Sometimes the chi-square test is stated with a "rule of=20
thumb" to the effect that each expected cell-count be at=20
least some small number, but we could satisfy that by=20
tweaking the present example.)=20
In general:
Suppose the null hypothesis about the two bit-streams is
H0: The a-stream is independent of the b-stream
and let T=3DT(x) be the chi-square test statistic based on=20
observations x_i =3D (a_i, b_i)(i=3D1..n). =20
Independence is a specific condition, allowing the=20
probability pr( T > t | H0, independent x_i(i=3D1..n))=20
to be calculated, because T is asymtotically chi-square=20
given the assumption of independent observations x_i.
On the other hand, very little can be said about =20
pr( T > t | H0, dependent x_i(i=3D1..n)) because "dependency"
is a non-specific condition -- there are any number of ways=20
in which the x_i may be dependent when H0 is true.
So it seems very unlikely that any definite relationship
can be established between=20
pr( T > t | H0, independent x_i(i=3D1..n))=20
and
pr( T > t | H0, dependent x_i(i=3D1..n))
without some specific assumptions about the structure of=20
the dependencies. =20
--r.e.s.
"Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote in message =
news:[EMAIL PROTECTED]...
| "r.e.s." wrote:
| > Suppose your bit streams are a_i and b_i (i=3D1..n). You're asking
| > about independence "between streams" (a_i)(i=3D1..n) and =
(b_i)(i=3D1..n).
| > But to address that, it happens that the tests mentioned require an
| > assumption that (a_i, b_i)(i=3D1..n) are mutually independent.
|=20
| Actually, they don't require that assumption, but they of course
| have less discriminating power when it's not true. If they find
| a significant correlation, it is still significant; if they don't
| find a significant correlation, it may still be the case that some
| other form of correlation exists but went undetected.
------------------------------
Date: Mon, 13 Mar 2000 09:35:29 +0100
From: Runu Knips <[EMAIL PROTECTED]>
Subject: Re: sci.crypt Cipher Contest
Peter Rabbit wrote:
> A lot of people have no idea what that means.
Eh ? This is basic knowledge about cryptography ! If you don't
know that you're not interested in that field anyway.
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Random permutations
Date: Mon, 13 Mar 2000 09:45:58 +0100
Terry Ritter wrote:
>
> It probably takes a little longer to sort than to shuffle directly,
> even when about a quarter of the random values are discarded. Also,
> sorting can be a more complex operation, and thus harder to get right,
> and also harder to see that it is right when people check the code.
I agree that storage requirement and speed are weak points of
the scheme. On the other hand, since sorting algorithms are so
to say standard, getting the code right doesn't seem to be an
issue in practice in my view. If one can use, say, C++, library
sorting routines can be employed.
An associate thought I like to express is that, if different methods
of implementing a function (regarded as at high-level) lead to
different numerical results -- these methods being equivalent
as in the present case -- then we have (practically) a 'diversity'
or 'variability' of the encryption algorithm concerned, which
could probabably be exploited to some advantage of the communication
partners, I guess. (I hope there could be some discussions on
this more general issue.)
M. K. Shen
------------------------------
Date: Mon, 13 Mar 2000 09:43:00 +0100
From: Runu Knips <[EMAIL PROTECTED]>
Subject: Re: sci.crypt Cipher Contest
Adam Durana schrieb:
> [...] I thought it might be fun to have a contest such as AES. [...]
Until now, nobody has published any cipher for that contest.
So thats a nice but dead idea, isn't it ?
Too, creating a new standard block cipher is basically very
simple: add a whitening at start and end, put a 16-, 20- or
whatever halfround Feistel in between... the only problem is,
(a) how to create the whitening and round key data and
(b) how should the Feistel look like ?
This is really time consuming, I think.
And how should we do the contest itself ? I'm not a
professional, not even a mathematican, so how can I finally
state "hey this cipher is not attackable" ?
I think we should just continue like before, let anyone
publish his or her cipher if she or he wants, and discuss
them - if the people are so graceful to publish the
algorithm itself, not only some random data saying "Hey
try to break this" 8-)))
------------------------------
Date: Mon, 13 Mar 2000 09:54:32 +0100
From: Runu Knips <[EMAIL PROTECTED]>
Subject: Re: Best language for encryption??
Jerry Coffin wrote:
> On Windows NT, any pointer into the first 4 megabytes of the address
> space is a null pointer. I don't think it's entirely conforming, but
> there's at least one compiler around that assigns different values to
> null pointers of different types, so attepting to dereference one
> will tell you the type without having to trace back to the code that
> did it.
Hey, thats a cool feature :)))
------------------------------
Date: Mon, 13 Mar 2000 09:59:12 +0100
From: Runu Knips <[EMAIL PROTECTED]>
Subject: Re: how to encrypt
propersideshowbob wrote:
> I studying C++ as my primary language. I would like to know if it is
> possible to create a encrypting program using C++.
> Is encrypting the main part of security software if not tell me of
> other major factors. To get on with encrypting , how would I go about
> designing an encryption program would I change letters to number or
> jumble things up or confuse the commands of thre program. I ask this
> because I want to learn more and see how well I can do but i want to
> encrypt using the most modern goalsof encryption. Please help me.
Why don't you just read a good book about cryptography first ?
And yes, C++ is perfect for writing crypto.
------------------------------
From: "Joseph Ashwood" <[EMAIL PROTECTED]>
Subject: Re: RC4 and salt
Date: Mon, 13 Mar 2000 00:58:52 -0000
> Thank you also for answering my question about SHA and
SHA-1.
Anytime.
------------------------------
From: "Joseph Ashwood" <[EMAIL PROTECTED]>
Subject: Re: If we spent as much time..
Date: Mon, 13 Mar 2000 01:12:55 -0000
> (Did you notice Bob Silverman's post on the Cipher Contest
> thread? The one where he suggests spending time analyzing
> AES candidate(s)? About the same, with approximately zero
> response. Really, anyone who could do a durn thing about
it
> doesn't need to be told.)
Actually it did get some response, not from me since I was
already examining them. I haven't made any headway on any of
the designs, but I will gladly state my reversal of my prior
position (at which time I stated my preference for RC6 or
MARS. After looking at the proposals, RC6 strikes me as
potentially having flaws that we simply haven't seen yet,
and MARS reminds me of the Titanic, lumbaring, slow, and
quite kludgy in appearance, with it's own self-apparent flaw
(the key schedule problem). The other 3 seem more suitable
to long-term usage.
Joe
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Comparing M$ CryptoApi providers
Date: Mon, 13 Mar 2000 09:21:02 GMT
=====BEGIN PGP SIGNED MESSAGE=====
Hash: SHA1
Hash: SHA1
Nick wrote:
> I would like to compare CryptoApi providers from export version against US
> version. I know there is "Enhanced Cryptographic Provider" in US version. I
> would like to compare the other provider. I know - sending any provider -
> dlls may by illegal,
just get it from www.microsoft.com
http://www.microsoft.com/windows/ie/download/128bit/detect_and_recommend.asp?FinishURL=%2Fdownloads%2Frelease%2Easp%3FReleaseID%3D17792%26redirect%3Dno
now its available worldwide
- --
Disastry http://i.am/disastry/
remove .NOSPAM.NET for email reply
=====BEGIN PGP SIGNATURE=====
Version: Netscape PGP half-Plugin 0.14 by Disastry / PGPsdk v1.7.1
Comment: get this Plugin at http://disastry.dhs.org/pgp.htm
iQA/AwUBOMyWsjBaTVEuJQxkEQIDHgCZAaalCnS2juMOxpE2uR7neusEx4wAn1EK
daZkn03MmznT29KVwwEg1HIa
=Nrue
=====END PGP SIGNATURE=====
------------------------------
From: "Joseph Ashwood" <[EMAIL PROTECTED]>
Subject: Re: Cipher Contest
Date: Mon, 13 Mar 2000 01:21:40 -0000
I think it would be more useful to up the block size to
128-bit. I for one would find it easier to deal with the
creation process in terms of 128-bits. Not to mention the
fact that it will tend to provide stronger ciphers. I would
still like to see either a stream or unlimited category
added, but I'll probably be submitting anyway (eventually).
Also, what point is there in requiring chaining? According
to the original specification of the chaining, the cipher
function takes only key and data arguments, with one or both
being altered prior to being submitted.
Joe
"Adam Durana" <[EMAIL PROTECTED]>
wrote in message
news:4r%y4.5853$[EMAIL PROTECTED]...
> I revised the requirements, they can be found at
> http://www.wizard.net/~echo/crypto-contest.html This time
lets try to stay
> on the topic at hand.
>
> - Adam
>
>
------------------------------
From: "Joseph Ashwood" <[EMAIL PROTECTED]>
Subject: Re: sci.crypt Cipher Contest
Date: Mon, 13 Mar 2000 01:29:10 -0000
I'm not viewing the contest as a fixed timeframe contest. I
see these as a set of ciphers that will be continually
analysed, with people learning from each consecutive
revision. Perhaps one of the ciphers submitted will be
strong enough for real use, but it's not likely. As to your
concept of making a secure cipher, it's not that simple, I
could easily build a feistel network, with strong round
keys, and it still being a weak cipher. Like I said before,
I think the main purpose of this process is to learn how to
cryptanalyze, and how to build a strong cipher. Many of us
will probably make some of the most basic errors in our
creations, this being an amateur contest there should be no
pride lost when someone sucessfully attacks one's cipher.
Joe
"Runu Knips" <[EMAIL PROTECTED]> wrote in
message news:[EMAIL PROTECTED]...
> Adam Durana schrieb:
> > [...] I thought it might be fun to have a contest such
as AES. [...]
>
> Until now, nobody has published any cipher for that
contest.
> So thats a nice but dead idea, isn't it ?
>
> Too, creating a new standard block cipher is basically
very
> simple: add a whitening at start and end, put a 16-, 20-
or
> whatever halfround Feistel in between... the only problem
is,
> (a) how to create the whitening and round key data and
> (b) how should the Feistel look like ?
> This is really time consuming, I think.
>
> And how should we do the contest itself ? I'm not a
> professional, not even a mathematican, so how can I
finally
> state "hey this cipher is not attackable" ?
>
> I think we should just continue like before, let anyone
> publish his or her cipher if she or he wants, and discuss
> them - if the people are so graceful to publish the
> algorithm itself, not only some random data saying "Hey
> try to break this" 8-)))
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
