Cryptography-Digest Digest #352, Volume #11 Fri, 17 Mar 00 07:13:00 EST
Contents:
Re: Enigma encryption updated (Adam D) ("Joseph Ashwood")
Re: Enigma encryption updated (Adam D) ("Joseph Ashwood")
Re: Enigma encryption updated (Adam D) (Nemo psj)
Re: NSA competitors ("J�rgen Baumann")
Re: Off Topic AND Newbie-ish! Security... (Martin Kahlert)
Re: Enigma encryption updated (Adam D) ("Joseph Ashwood")
Re: How does % operator deal with negative numbers? ("David Thompson")
Re: NIST, AES at RSA conference (Mok-Kong Shen)
Re: new/old encryption technique (Samuel Paik)
The Breaking of Cyber Patrol� 4 ("seifried")
Quantum crypto flawed agains Mallory? ([EMAIL PROTECTED])
[Fwd: How to disable Cyber Patrol is described in ...] (jungle)
[Fwd: Cyber Patrol Software Co. sues hackers ...] (jungle)
----------------------------------------------------------------------------
From: "Joseph Ashwood" <[EMAIL PROTECTED]>
Subject: Re: Enigma encryption updated (Adam D)
Date: Thu, 16 Mar 2000 21:17:28 -0000
I far from missed your word doc. Your entire problem is poor
implementation. You take the ascii value of the first byte
of the key, "rotate" an otherwise normally order ascii list,
then swap each pair.
I have reduced it to 8 states instead of 256 for the
following example:
0
1
2
3
4
5
6
7
Keyed with 3
3
4
5
6
7
0
1
2
If you can't see that all it takes to create this on the fly
is adding 3 mod 8 then you need to go back to learning masic
math.
After that swap each value giving
4
3
6
5
0
7
2
1
Gee this looks vaguely like the statement I gave that if the
location is even (labeling begins with 0) add one, otherwise
subtract one.
This is basic algorithmic enhancement. There is your entire
key generation, and without the worthless comparison to
"Something" since there is no way to achieve that ordering.
I think my point is suitably proven, your version of your
algorithm is slow, my version is significantly faster. And
I'm sorry, but this version of RC4 is weakened by the so
called fix, so my estimate of your security was high.
Joe
"Nemo psj" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> ' Inserting fix for ch(0) bite
> If Chr(cipherby) = Chr(0) Then
> cipherby = 1
------------------------------
From: "Joseph Ashwood" <[EMAIL PROTECTED]>
Subject: Re: Enigma encryption updated (Adam D)
Date: Thu, 16 Mar 2000 21:19:51 -0000
I far from missed your word doc. Your entire problem is poor
implementation. You take the ascii value of the first byte
of the key, "rotate" an otherwise normally order ascii list,
then swap each pair.
I have reduced it to 8 states instead of 256 for the
following example:
0
1
2
3
4
5
6
7
Keyed with 3
3
4
5
6
7
0
1
2
If you can't see that all it takes to create this on the fly
is adding 3 mod 8 then you need to go back to learning masic
math.
After that swap each value giving
4
3
6
5
0
7
2
1
Gee this looks vaguely like the statement I gave that if the
location is even (labeling begins with 0) add one, otherwise
subtract one.
This is basic algorithmic enhancement. There is your entire
key generation, and without the worthless comparison to
"Something" since there is no way to achieve that ordering.
I think my point is suitably proven, your version of your
algorithm is slow, my version is significantly faster. And
I'm sorry, but this version of RC4 is weakened by the so
called fix, so my estimate of your security was high.
Joe
"Nemo psj" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> ' Inserting fix for ch(0) bite
> If Chr(cipherby) = Chr(0) Then
> cipherby = 1
------------------------------
From: [EMAIL PROTECTED] (Nemo psj)
Subject: Re: Enigma encryption updated (Adam D)
Date: 17 Mar 2000 06:06:40 GMT
Ah true but your still missing the point of how the letter is encrypted with
this my dear friend. You see that part is very and extremely simple BUT when
you take those strings or as I call them wheels and continuously change them
after each character using a or an encryption method after each byte is passed
through, the encryption becomes much more complicated and thus your explanation
of how my algy works is still yet incorrect. (Note: the wheels change after
each letter with a new pass governing them)For you see its not the way the
wheels are made its how they are changed and how the letter is passed threw the
wheels which is the important part. Now as to your statement regarding my
understanding of math this will amuse you.
<<If you can't see that all it takes to create this on the fly
is adding 3 mod 8 then you need to go back to learning masic
math.>>
Maybe my dear friend you are in need of basic spelling..... Now putting the
offhanded bashing aside I know what your saying about the algy and that is
correct in what you said, but that is not the entire algy and therefore is
meaningless. Oh and on a side not that is ONLY the key generation for the
FIRST time the password is used to encrypt the FIRST letter. After words its
becomes much more complicated and includes RC4 which you are correct in the
fact that it is weakened by my "FIX." I couldn't think of any other way around
the problem since visual basic sucks in the areas of handling these kind of
functions.
Now if you still insist that it is poor encryption I'll except that on one case
ill take out the part of RC4 in it and by what you said it should have about 2
bits worth of encryption. So therefor if I send you some plain and cipher text
you should be able to crack it no? Hell I'll even send the source if you like.
-Pure
------------------------------
From: "J�rgen Baumann" <[EMAIL PROTECTED]>
Subject: Re: NSA competitors
Date: Fri, 17 Mar 2000 08:01:00 +0100
Yes, forget about the BND, in Germany its called BSI (Bundesamt fuer
Sicherheit
in der Informationstechnik).
Volker Hetzer schrieb in Nachricht
<[EMAIL PROTECTED]>...
>Bruce Schneier wrote:
>> There's also MI5 and MI6 in the UK, SDECE in France, and the BND in
>> Germany. Israel has Mossad.
>Just *forget* about the BND.
>Not too long ago they got their head washed because the only thing
they
>ever do
>is sending newspaper clippings to their government.
>As a former east german (y'know, we've got the Stasi) I'm really
>embarassed by
>the quality of the secret service I've been handed with the
unification.
>
>Greetings!
>Volker
>--
>FOR SALE: Parachute, used once, never opened, slightly stained.
------------------------------
From: [EMAIL PROTECTED] (Martin Kahlert)
Subject: Re: Off Topic AND Newbie-ish! Security...
Date: 17 Mar 2000 07:44:54 GMT
Reply-To: [EMAIL PROTECTED]
[Posted and mailed]
>: Apologies for off-topic post. <sycophant>But the people on this list have
>: the highest average competence I know of--mailing list wise.</sycophant>
>
>: How secure is a pkzipped file that has been zipped with a password? My
>: company is considering exchanging data, possibly sensitive, with another
>: company who wants to "encrypt" by pkzipping to a password. Isn't the
>: algorithm for pkzip too well known to be secure?
>
>: I think they want to use it because they can easily call it from a command
>: line; they batch data from their dbase and ship it out to us. They don't
>: like human intervention, and pkzip works with batch files. Does PGP (Yes,
>: we would pay for appropriate licenses.) have a similar capability?
>
>: Any thoughts are appreciated. I'm relatively new even to thinking about
>: security, and here I am having to make a decision about it. I love the
>: corporate life.
You can get a pkzip file cracker for free somewhere on the web -
sorry, you have to use altavista for yourself.
If you want a good encryption tool for the command line
take a look at http://www.gnupg.org/
Hope that helps,
Martin.
--
The early bird gets the worm. If you want something else for
breakfast, get up later.
------------------------------
From: "Joseph Ashwood" <[EMAIL PROTECTED]>
Subject: Re: Enigma encryption updated (Adam D)
Date: Thu, 16 Mar 2000 23:48:18 -0000
I was far from missing the point. Your algorithm uses every
piece of data in the key in each step, which of course means
that there is no unrevealed state, this is your basic flaw.
I don't care how often you change your wheels, if you reveal
the entire state, I can compute your next state from it.
> Maybe my dear friend you are in need of basic spelling
[editors note: we both seem to have the problem in equal
amounts]..... Now putting the
> offhanded bashing aside I know what your saying about the
algy and that is
> correct in what you said, but that is not the entire algy
and therefore is
> meaningless.
Far from meaningless, your method requires ~256 times the
compute and memory resources. Also I never claimed it was
the entire algorithm, you have not revealed your entire
algorithm, I could only optimize what has been revealed. But
if you are using ARC4 as expected, there are sime rather
simple algebraic solutions that you can use. What I expect
is that you are not using RC4 is a strong way, I suspect you
are re-initializing a fresh RC4 on each round, and
encrypting your prior key based on that recent
initialization.
> Oh and on a side not that is ONLY the key generation for
the
> FIRST time the password is used to encrypt the FIRST
letter.
The point is that you reveal the entire state of your
machine when you encrypt each and every character, if you
look at RC4 it reveals 1/256th of the state. Even Enigma
which you have named your cipher after reveal 1/26^3 of it's
state with each encryption. There has never and will never
be a secure stream cipher that reveals it's entire state at
any one time.
> After words its
> becomes much more complicated and includes RC4 which you
are correct in the
> fact that it is weakened by my "FIX." I couldn't think of
any other way around
> the problem since visual basic sucks in the areas of
handling these kind of
> functions.
Simple, use an integer instead of treating it as character,
that gives 2^32 possible values, far greater than the 256
needed. Alternately you could move a programming language
that is more suited to the task.
>
> Now if you still insist that it is poor encryption I'll
except that on one case
> ill take out the part of RC4 in it and by what you said it
should have about 2
> bits worth of encryption. So therefor if I send you some
plain and cipher text
> you should be able to crack it no? Hell I'll even send the
source if you like.
My statement was basically that the attack exists, I'm just
not going to waste my time finding it. I have given reasons
for my stands, what are yours? Other than a belief that your
algorithm can't be as weak as I have stated.
Joe
------------------------------
From: "David Thompson" <[EMAIL PROTECTED]>
Crossposted-To: comp.lang.javascript
Subject: Re: How does % operator deal with negative numbers?
Date: Fri, 17 Mar 2000 07:57:42 GMT
Bob Silverman <[EMAIL PROTECTED]> wrote :
...
> You may want to deal only with positive numbers; if so it is easy
> enough to do
>
> if (s = (a % b) < 0) s = b + s;
>
Small but important C nit: assignment binds weakest so you need
if( (s = a % b) < 0) s = b + s;
(or more idiomatically, ... s += b)
--
- David.Thompson 1 now at worldnet.att.net
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: NIST, AES at RSA conference
Date: Fri, 17 Mar 2000 09:59:17 +0100
John Savard wrote:
>
> Also, this statement certainly _sounds_ like "since the AES isn't
> provably strong, it might be terribly weak", which is why people turn
> around and say that multi-ciphering, not being provably strong either,
> has the same problem. Unless this is all an argument about who should
> bear the burden of proof, you will need stronger evidence of a
> probability that the AES may be weak to get people to take the extra
> effort that multi-ciphering involves.
I believe the word 'probability' above means 'subjective probability',
which is a measure that can be different from one person to another.
Providing evidences can affect that measure. But how can one SHOW
that AES may be weak except by demonstrating a concrete method
that, eventually on the basis of some technological advancements
that are apparently within the reach of the opponent in the
foreseeable future, to attack it with certain quantifiable measure
of efficiency? The best of the academics are doing exactly that
very job, I suppose. So, unless one is actually (or believes oneself
to be) smarter than these academics, one is left with a decision
that is in my humble view not very much different from a decision
that one makes in many sorts of common gambling situations. Because
one lacks pertinent informations, one has to guess (speculate)
and more or less by intuition (and probably influenced by some
intended/unintended mal-informations) estimate the benefits and
risks involved, i.e. rather 'arbitrarily' (when viewed from a
rigorous scientific standpoint) assign values to the diverse
(subjective) probabilities that control the security at issue. In
the present context, one cannot seriously 'know' (has no scientific
information of) whether AES may be weak. (The academics themselves
don't yet know.) Consequently, if one (subjectively) assigns to
the event 'AES is weak' a probability of 0, then one can (and
probably should) employ AES and it follows that no 'problem'
whatsoever exists. If, on the other hand, one assigns a nonzero
probability to that, then, depending on its magnitude and the
concrete application environment, one may have to consider ways
of obtaining higher security. In that case, Terry Ritter's
cipherstack offers a methodology (among possibly others that may
also exist) which, on the assumption that it is applied properly,
can be shown (as he did) to be useful and consequently 'can' be
applied if the (subjectively) determined cost/benefit ratio in
fact justifies it. On the other hand, given a specific stack of
ciphers, it should be clear that, if we could manage to get the
designers of these and in addition some best academics together
and give them sufficient time and resources to improve that
compound algorithm, there is a positive probability that they
will sooner or later eventually come out with a better one. The
question however is whether we want (can afford) to do that. If
the answer is no, then it appears that Terry Ritter's proposal is
at least one of the best of its genre that we currently have.
M. K. Shen
=========================
http://home.t-online.de/home/mok-kong.shen
------------------------------
From: Samuel Paik <[EMAIL PROTECTED]>
Subject: Re: new/old encryption technique
Date: Fri, 17 Mar 2000 09:17:05 GMT
Reuben Sumner wrote:
> You have rediscovered the one time pad.
...
Can we stop calling synchronous stream ciphers "one time pads" please.
--
Samuel S. Paik | http://www.webnexus.com/users/paik/
3D and multimedia, architecture and implementation
You dont know enough about X86 or kernel architectures to argue with me.
- <38b2dc12$0$[EMAIL PROTECTED]> "Leon Trotsky" to Terje Mathisen
------------------------------
From: "seifried" <[EMAIL PROTECTED]>
Subject: The Breaking of Cyber Patrol� 4
Date: Fri, 17 Mar 2000 10:36:23 GMT
ftp://ftp.cryptoarchive.net/pub/cryptoarchive/censorware/CyberPatrol/
cp4break.zip
cp4break.html
The aforementioned zip file contains the documentation, source code
and windows executable for the "cpbreak" program. This program
allows you to decrypt the Cyber Patrol list of blocked sites. I am
distributing this for a number of reasons:
1) The html file that explains how they did it, it covers some crypto /
software basics quite nicely
2) It is an example of what people can accomplish with relatively little
effort, cryptographically speaking
3) I feel it is important to encourage this type of work, and distribute the
information that results from it
4) The software company the owns Cyber Patrol (Microsystems Software Inc.)
is quoted as:
"Microsystems also asked the judge to order the Swedish Internet company
where the bypass utility is published to turn over records identifying
everyone who visited the Web site or downloaded the program."
4 continued) This rather worries me, not so much what they are doing but how
they are doing it. Obviously by posting this to Usenet it will be available
to a large number of people, and virtually impossible to track down.
5) Generally speaking I believe in the spread of strong cryptography, and
tools that help test / break it, and examples thereof.
P.S. access to ftp.cryptoarchive.net is currently limited to that directory,
CryptoArchive will be opening up "officially" sometime in mid-April.
--
Kurt Seifried - Senior Analyst
[EMAIL PROTECTED]
http://www.securityportal.com/
http://www.cryptoarchive.net/
------------------------------
From: [EMAIL PROTECTED]
Subject: Quantum crypto flawed agains Mallory?
Date: Fri, 17 Mar 2000 10:56:15 GMT
Hi, people!
I've just learned about Quantum Cryptography and how it is so
unbreakable... Very interesting indeed!
But I question arised in my head and I didn't get an answer for me
so far... Isn't Quantum Cryptography flawed against a malicious
attacker, a traditional man-in-the-middle?
Suppose I have Alice, Bob and Mallory, this time not just
eavesdropping, but also changing the communcation. She has a device in
the middle of the cable/satellite/etc that can forge messages sent by
Alice to Bob and forge the answers. Could not she estabilish 2 separate
communications negotiating keys with Alice and Bob and listening to
everything?
Daniel.
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: jungle <[EMAIL PROTECTED]>
Subject: [Fwd: How to disable Cyber Patrol is described in ...]
Date: Fri, 17 Mar 2000 11:48:28 GMT
======== Original Message ========
Subject: How to disable Cyber Patrol is described in ...
Date: Fri, 17 Mar 2000 06:47:40 GMT
From: jungle <[EMAIL PROTECTED]>
Organization: You can't force Privacy on people ...
Newsgroups: alt.privacy
How to disable Cyber Patrol is described in
http://peacefire.org/bypass/Cyber_Patrol/
the above is quoted in article from dec/99
http://www.politechbot.com/p-00795.html
===================================================
politechbot.com
The "XXXX" may be from CyberPatrol, not Windows
Date: Fri, 17 Dec 1999 11:12:03 -0500
To: [EMAIL PROTECTED]
Subject: FC: The "XXXX" may be from CyberPatrol, not Windows
From: Declan McCullagh <[EMAIL PROTECTED]>
*******
>Date: Fri, 17 Dec 1999 10:08:02 -0500 (EST)
>From: [EMAIL PROTECTED]
>To: [EMAIL PROTECTED], [EMAIL PROTECTED]
>Subject: the "XXXX" is from Cyber Patrol
>
>Cyber Patrol replaces four-letter words with "XXXX" when you type
>them. Most likely the computer once had Cyber Patrol installed on
>it and it has nothing to do with Windows.
>
>However, normally when Cyber Patrol runs, there's an icon for it
>on the taskbar. It sounds like someone tried removing Cyber Patrol
>but only managed to get rid of part of it, so Web sites are not
>blocked and the icon doesn't show up on the taskbar, but there
>are still traces of Cyber Patrol on the machine.
>
>When the computer is in censoring mode, try hitting Ctrl-Alt-Del
>for the task list. If "progic" is listed there, that's Cyber
>Patrol. (However, you can't get rid of it just by terminating
>progic, as that will usually crash Windows.)
>
>If CP turns out to be the problem, the instructions at
> http://www.peacefire.org/bypass/Cyber_Patrol
>
>should be helpful for permanently getting Cyber Patrol off of the
>machine. However, the instructions assume that you're starting
>with a machine that has CP fully installed on it, so they might
>not be totally reliable for a machine where someone tried to remove
>it partially and didn't get it off all the way. In that case you
>can call Cyber Patrol and tell them someone tried uninstalling their
>program and couldn't get rid of it completely, and they *might*
>help if you don't sound too much like a 12-year-old boy trying to
>deepen his voice and trick Cyber Patrol tech support into helping
>him get rid of his parents' blocking software :-)
>
>-Bennett
==========================================================================
POLITECH -- the moderated mailing list of politics and technology
To subscribe: send a message to [EMAIL PROTECTED] with this text:
subscribe politech
More information is at http://www.well.com/~declan/politech/
==========================================================================
------------------------------
From: jungle <[EMAIL PROTECTED]>
Subject: [Fwd: Cyber Patrol Software Co. sues hackers ...]
Date: Fri, 17 Mar 2000 11:49:26 GMT
======== Original Message ========
Subject: Cyber Patrol Software Co. sues hackers ...
Date: Fri, 17 Mar 2000 06:58:00 GMT
From: jungle <[EMAIL PROTECTED]>
Organization: You can't force Privacy on people ...
Newsgroups: alt.privacy
Cyber Patrol Software Co. sues hackers ...
as reported in the silicon valley news
http://www.sjmercury.com/svtech/news/breaking/ap/docs/321750l.htm
small quote from above article posted 20000315 ...
===============================
Software Co. sues hackers
BY TED BRIDIS AP Technology Writer
WASHINGTON (AP) -- A company that makes popular software to block
children from pornographic Internet sites filed an unusual lawsuit late
Wednesday against two computer experts who developed a method for kids
to deduce their parents' password and access those Web sites.
Microsystems Software Inc. of Framingham, Mass., which sells the widely used
Cyber Patrol, asked U.S. District
Judge Edward F. Harrington for a temporary restraining order requiring Eddy L.
O. Jansson and Matthew Skala
to stop distributing their ``cphack'' program immediately.
....................
============================
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
