Cryptography-Digest Digest #381, Volume #11 Tue, 21 Mar 00 19:13:01 EST
Contents:
Re: What is "Counter mode" and "Interleaved chaining mode" (John Savard)
Re: Using virtually any cipher as public key system? (John Savard)
Re: Factoring Large Numbers - I think I figured it out!
(=?ISO-8859-1?Q?Tim_Gahnstr=F6m?=)
Re: Factoring Large Numbers - I think I figured it out! (Kile Mornay)
Re: NIST, AES at RSA conference (Albert Yang)
Re: Factoring Large Numbers - I think I figured it out! (Paul Rubin)
Re: Factoring Large Numbers - I think I figured it out! (Paul Rubin)
Re: Factoring Large Numbers - I think I figured it out! ("Richard Hein")
Re: Concerning UK publishes "impossible" decryption law (Nemo Outis)
Re: Factoring Large Numbers - I think I figured it out! ("Richard Hein")
Re: Factoring Large Numbers - I think I figured it out! ("Richard Hein")
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: What is "Counter mode" and "Interleaved chaining mode"
Date: Tue, 21 Mar 2000 16:09:14 GMT
Tong Zhang <[EMAIL PROTECTED]> wrote, in part:
>I just read a book aabout block cipher. It mentioned
>two operation mode : Counter mode, and
>Interleaved chaining mode. It said that if the block
>cipher works in these two modes, the cipher can be
>pipelined. But I can't find the definition or explaination
>of them. Where can I find related information? Thanks,
Counter mode is when the block cipher is used to encipher the numbers
starting with 0, and the output of the block cipher is then XORed with
the text to be encrypted.
This mode operates as a stream cipher, and it can be pipelined because
one could split the text to be enciphered into, say, eight streams,
with blocks alternately being directed to successive streams, and have
one block cipher chip encrypting 0, 8, 16, 24... and the next one 1,
9, 17, 25... and so on.
A "chaining mode" is a mode such as CBC, cipher block chaining. If one
directs a stream of plaintext at one end again into eight streams, and
each stream is enciphered by means of the block cipher in CBC mode by
one of the eight block cipher chips, then, if at the other end there
is only a single (but eight times faster) chip to perform the block
cipher, that chip will have to handle an _interleaved chaining mode_;
that is, it will have to do chaining in eight streams separately.
So, if we have eight chips applying CBC to a plaintext message, each
chip simply applying ordinary CBC to the stream it recieves, as if
that stream is the whole message, without any modification, the
ciphertext may run C(8)=E(P(8) xor C(0)), C(9)=E(P(9) xor C(1)),
C(10)=E(P(10) xor C(2)) ... and therefore the chip doing the
decrypting will have to decrypt CBC with a modification: it will need
a circular buffer, so that instead of XORing blocks decrypted with the
block cipher with the previous ciphertext block, it will do it with
the ciphertext block eight blocks further back.
Just as this is interleaved cipher block chaining, there are
interleaved chaining modes corresponding to the other chaining modes.
John Savard (jsavard<at>ecn<dot>ab<dot>ca)
http://www.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Using virtually any cipher as public key system?
Date: Tue, 21 Mar 2000 16:11:35 GMT
[EMAIL PROTECTED] (pink aka Chr. Boesgaard) wrote, in part:
>[EMAIL PROTECTED] (fvw) writes:
>> I don't recall where I read about this, or what it's called, but there
>> was a way that you take a large amount of random keys. Then you add
>> a unique ID to each of the keys. Then you encrypt all the key/ID pairs with
>> a cypher that'll take a few secs on the recipients computer to crack.
>> The recipient then picks one random encrypted Key/ID pair, cracks it, and
>> sends you the ID. You then both know what key to use. An attacker however,
>> would have to brute-force on average half of all the Key/ID pairs, and if
>> you have a sufficiently large number of them, this becomes unviable.
>In B.S. Applied Crypto. there is a description of one of the first
>attempts to make a scheme like this.
This was called the 'puzzle' method, and it was one of the very first
proposals for a public key system. It wasn't considered practical,
even by its author: it was merely an attempt to show people that
public key cryptography was a possibility. I believe it is due to
Merkle.
John Savard (jsavard<at>ecn<dot>ab<dot>ca)
http://www.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: =?ISO-8859-1?Q?Tim_Gahnstr=F6m?= <[EMAIL PROTECTED]>
Subject: Re: Factoring Large Numbers - I think I figured it out!
Date: Wed, 22 Mar 2000 00:23:08 +0100
On Tue, 21 Mar 2000, Bob Silverman wrote:
> In article <MuOB4.5485$[EMAIL PROTECTED]>,
> "Richard Anthony Hein" <[EMAIL PROTECTED]> wrote:
> > It's not an algorithm Bob. It's a methodology. It would eventually
> become
> > a microchip specific to the task. Right now, it's like a vacuum tube
> (no,
> > it doesn't look like a vacuum tube - it's at that level of tech
>
> You really don't know what you are talking about. If it is a
> "method" implementable on a microchip then it is equivalent to some
> finite state machine and hence HAS A DESCRIPTION AS AN ALGORITHM.
>
> Everytime you open your mouth you look more like a crank.
>
> If you want to establish that you are not a total kook, then I suggest
> you factor the number I provided. (or one of the other RSA challenge
> numbers)
Actually why are you trying to make a fool out of this guy?
Statment 1
He think he found an algorithm that will make the world do
an extra turn.
Imagine you find a new fuel that will have no polutions and
no cost.
then you have to options.
one you go public and get famous
two you go get a patent and get rich.
Obviously he have chosen the second way.
Richards problem right now is that he just happens to know
that it is posible to do this magich fuel, but he doesnt
have the tools.
Al he is looking for is someone to have a look at his
pressent thougts.
Is that a reason to try to make him look like a fool???
Tim --who wold gladly have a look at the method but
doesnt have the right skills.
------------------------------
From: [EMAIL PROTECTED] (Kile Mornay)
Subject: Re: Factoring Large Numbers - I think I figured it out!
Date: Tue, 21 Mar 2000 23:47:30 GMT
"Joseph Ashwood" <[EMAIL PROTECTED]> wrote:
>from: : [EMAIL PROTECTED] and
>[EMAIL PROTECTED]
How are those checksums calculated?
--
"Kile Mornay" is actually 4103 789256 <[EMAIL PROTECTED]>.
0123 456789 <- Use this key to decode my email address and name.
Play Five by Five Poker at http://www.5X5poker.com.
------------------------------
From: Albert Yang <[EMAIL PROTECTED]>
Subject: Re: NIST, AES at RSA conference
Date: Tue, 21 Mar 2000 23:51:47 GMT
WOW, I can't believe how this thread has run away!
I think the arguement being presented is the answer to the question:
which is stronger?
f(f(f(x))) or g(h(j(x)))
where f,g,h,j are crypto algorithms. The answer is, it depends. Since
based on Terry's arguement, the use of the same algorithm, even with
increased rounds or times, is still a single point of failure. Good
arguement.
Bruce, I think addresses this in an essay somewhere. Talking about
putting all your eggs in one basket, and watching that basket very
carefully.
3 bad algorithms used in secession doesn't not in any way, compensate
for just one good algoirthm. Now what is a "good" algorithm? Don't
know how to answer that, but I can tell you from my personal experience,
what is a "reasonably secure" algorithm, IMHO, and that's good enough
for me. So while I see Terry's arguement as a valid one, I don't see it
being that significant of one. So will a file encrypted by Serpent,
RC6, Rijndael, Twofish, and Mars, be as stronger than one that is say,
encrypted 5 times with Twofish all with different keys? Probably not.
But then at least if twofish was a point of failure, the other
algorithms might not be cracked by the same thing. True.
If I was protecting national secrets, would I throw more resources at
determining what "reasonably secure" should be? Probably. But when
some of the best cryptographers in the world take a crack at it, and
can't break it, that gives me a few warm fuzzies. That's all I'm
saying.
I can write a secure algorithm. But then I couldn't decrypt it. But we
take things that we know, Feistel rounds make for a guarantee that the
algorithm is reversible, that's all that it promises. How strong the
rounds are, that's up to the cryptographer. But we have building blocks
and we build a better algoirthm each time. That's it.
Albert
------------------------------
From: [EMAIL PROTECTED] (Paul Rubin)
Subject: Re: Factoring Large Numbers - I think I figured it out!
Date: 21 Mar 2000 23:53:15 GMT
In article <[EMAIL PROTECTED]>,
>Imagine you find a new fuel that will have no polutions and
>no cost.
>then you have to options.
>one you go public and get famous
>two you go get a patent and get rich.
>
>Obviously he have chosen the second way.
>
>Richards problem right now is that he just happens to know
>that it is posible to do this magich fuel, but he doesnt
>have the tools.
Two things are wrong this that picture. First of all, what he says
he's figured out is not like a no-pollution fuel. It's more like a way
to defeat a certain kind of car lock that is currently thought unbeatable.
The rest of us are skeptical of Richard's claim, but even if he's right
and proves it, all it means is that people should stop using that kind
of lock. It doesn't give a way to get rich without actually becoming
a criminal and using the technique to break into people's cars.
Second, "he just happens to know" is pure conjecture. The best we can say
is "he just happens to think he knows".
>Al he is looking for is someone to have a look at his
>pressent thougts.
Since he is trying to get rich from his "invention", why does he think
other people should help him with it for free?
>Is that a reason to try to make him look like a fool???
He is making himself look like a feel. The rest of us are just pointing
this fact out.
------------------------------
From: [EMAIL PROTECTED] (Paul Rubin)
Subject: Re: Factoring Large Numbers - I think I figured it out!
Date: 21 Mar 2000 23:53:33 GMT
In article <8b921b$kh7$[EMAIL PROTECTED]>,
Paul Rubin <[EMAIL PROTECTED]> wrote:
>He is making himself look like a feel. The rest of us are just pointing
>this fact out.
Oops, "feel"->"fool". Typo.
Foolishly yours
Paul
------------------------------
From: "Richard Hein" <[EMAIL PROTECTED]>
Subject: Re: Factoring Large Numbers - I think I figured it out!
Date: Tue, 21 Mar 2000 18:54:05 -0500
Bob, if we could talk without name calling and insults, then this might be
more productive. I think that you could figure out an algorithm by using
the method. And yes, patterns do exist in math and physics, that's how
people come up with equations that can apply to different numbers. I don't
know why you debate that. I guess I'm stupid. But I am pretty sure Galileo
came up with his knowledge of movement of planets by looking at the data
time and again to try to spot some pattern.
Take elliptic curves ... that's a method used to encrypt and decrypt ... I
don't know much about it, but it seems to me that someone had to develop the
method on paper or in their mind first before figuring out an algorithm that
describes it and can be coded. I am saying that this method is akin to the
elliptic curve method, but different in many ways. In time, after using the
method and seeing the results, one may be able to model the system using an
algorithm. If that happens, great.
I'm surprised to hear that a ten digit number is easy to do ... that's a
sure sign of my lack of knowledge in the subject. But it got me to this
point, so I am not worried one bit.
About patents ... of course an algorithm is not patentable ... but a device
that uses the method is. That's what I am trying to build. I didn't
realize I could get this notarized ... thanks - that helps a lot - at least
I garnered some wisdom from this discussion.
In addition, I said eventually it could be made into a microchip - first you
have to figure out the algorithm which models the real world methodology.
And yes, I wish I could go back to school ... that would be great!
Although I may only be able to factor a ten digit number, by the way, it
would demonstrate all I need to demonstrate ... that the method will reveal
the solution. I would leave the advancement up to 1000 digits and more up
to people who know much more than I do about electronics, and cryptography.
The speed and size of the digits is probably not the most important thing
right now ... if I can use a pencil and paper to solve an equation then I
can do it faster using computers. The same thing applies in this case.
I will get a notarized paper sent to you as soon as I can. I think that you
will be surprised when you read it, because it's simple and looks very
promising. Remember, I did say, "I think I figured it out".
Peace,
Richard Hein
"Bob Silverman" <[EMAIL PROTECTED]> wrote in message
news:8b8ilq$oh0$[EMAIL PROTECTED]...
> In article <MuOB4.5485$[EMAIL PROTECTED]>,
> "Richard Anthony Hein" <[EMAIL PROTECTED]> wrote:
> > It's not an algorithm Bob. It's a methodology. It would eventually
> become
> > a microchip specific to the task. Right now, it's like a vacuum tube
> (no,
> > it doesn't look like a vacuum tube - it's at that level of tech
>
> You really don't know what you are talking about. If it is a
> "method" implementable on a microchip then it is equivalent to some
> finite state machine and hence HAS A DESCRIPTION AS AN ALGORITHM.
>
> Everytime you open your mouth you look more like a crank.
>
> If you want to establish that you are not a total kook, then I suggest
> you factor the number I provided. (or one of the other RSA challenge
> numbers)
>
> I think it would also be useful if you went back to school to learn
> some mathematics and some computer science.
>
>
> --
> Bob Silverman
> "You can lead a horse's ass to knowledge, but you can't make him think"
>
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.
------------------------------
Crossposted-To:
alt.security.pgp,comp.security.pgp.discuss,alt.security.scramdisk,alt.privacy
From: [EMAIL PROTECTED] (Nemo Outis)
Subject: Re: Concerning UK publishes "impossible" decryption law
Date: Tue, 21 Mar 2000 23:58:58 GMT
It is *easy* to encounter/use a magnet strong enough to disrupt the *normal*
read process of a hard drive - however, it is *extremely difficult* (i.e.,
virtually impossible for ordinary folks) to build/buy/acquire a magnet
sufficiently strong to remove all residual magnetic traces of data to the
point that very sophisticated EM microscopy techniques cannot recover the
data.
The good news is that such EM microscopy techniques are (almost) never used in
ordinary or even not-so-ordinary police investigations - they are the preserve
of NSA type agencies.
Regards,
In article <8b8rvq$eop$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (Otto Sykora) wrote:
>>> an electric magnet is not so hard to make or get hold of, its
>harmless
>> unless power is given to it, and when powered, can be easily be strong
>> enough to destroy data an the disks.
>
>I find that difficult to believe Can you provide figures to
>justify your assertion?
><<
>
>why should it be difficult to destroy data on disk with a magnet?
>Small example , this time with small permanent magnet:
>in some trains in Germany, they have seats similar like in airplane,
>the small table integrated in the seat in front of you is held in the
>stoved position by two small permament magnets. When people used this
>table as support for some types of laptop computer, their harddrivs
>were sudenly partialy erased. Just because of the small magnet placed
>abt half inch from the drive.
>
------------------------------
From: "Richard Hein" <[EMAIL PROTECTED]>
Subject: Re: Factoring Large Numbers - I think I figured it out!
Date: Tue, 21 Mar 2000 18:58:43 -0500
Not free Paul ... for a share. I am not greedy, but I would have to have a
patent. I have tried to explain in a post that I would actually have to
build a machine to do this. That requires knowledge I don't have ... in
electronics.
You are right about one thing for sure: I only think I know. I need people
like you to verify the truth of the situation.
"Paul Rubin" <[EMAIL PROTECTED]> wrote in message
news:8b921b$kh7$[EMAIL PROTECTED]...
> In article
<[EMAIL PROTECTED]>,
> >Imagine you find a new fuel that will have no polutions and
> >no cost.
> >then you have to options.
> >one you go public and get famous
> >two you go get a patent and get rich.
> >
> >Obviously he have chosen the second way.
> >
> >Richards problem right now is that he just happens to know
> >that it is posible to do this magich fuel, but he doesnt
> >have the tools.
>
> Two things are wrong this that picture. First of all, what he says
> he's figured out is not like a no-pollution fuel. It's more like a way
> to defeat a certain kind of car lock that is currently thought unbeatable.
> The rest of us are skeptical of Richard's claim, but even if he's right
> and proves it, all it means is that people should stop using that kind
> of lock. It doesn't give a way to get rich without actually becoming
> a criminal and using the technique to break into people's cars.
>
> Second, "he just happens to know" is pure conjecture. The best we can say
> is "he just happens to think he knows".
>
> >Al he is looking for is someone to have a look at his
> >pressent thougts.
>
> Since he is trying to get rich from his "invention", why does he think
> other people should help him with it for free?
>
> >Is that a reason to try to make him look like a fool???
>
> He is making himself look like a feel. The rest of us are just pointing
> this fact out.
------------------------------
From: "Richard Hein" <[EMAIL PROTECTED]>
Subject: Re: Factoring Large Numbers - I think I figured it out!
Date: Tue, 21 Mar 2000 19:01:27 -0500
Yes, you have every reason to be sceptical. There is a difference between
sceptical and close-minded. I am not saying you are close-minded since you
sent those RSA numbers to me. And of course, believe it when you see it ...
but look for it first!
Richard Hein
"Paul Rubin" <[EMAIL PROTECTED]> wrote in message
news:8b73lu$1pb$[EMAIL PROTECTED]...
> In article <nUDB4.1936$[EMAIL PROTECTED]>,
> Richard Anthony Hein <[EMAIL PROTECTED]> wrote:
> >Paul, forming an opinion on something without having the information to
make
> >a logical decision is called prejudice. It has kept humanity from many
> >achievements in the past, and will probably be around forever. That's
life.
>
> The information to make a logical decision is knowing that many, many,
> deeply knowledgeable mathemeticians have worked on the factoring
> problem and nobody to my knowledge has any way to factor numbers of
> the size used in cryptography. Your post is not much different than
> someone coming out of nowhere claiming to have developed a way to (for
> example) transmute elements cheaply on a large scale. It's not
> absolutely impossible, but it's unlikely enough that "I'll believe it
> when I see it" (or perhaps less charitably, "I'll be happy to examine
> your methods under NDA for a reasonable consulting fee paid in
> advance") are the most rational responses.
>
> Anyway, the RSA factoring challenge numbers are available via:
>
> http://www.rsasecurity.com/rsalabs/challenges/factoring/lists.html
>
> If you can factor any of the ones that aren't already factored, then
> you probably have something. Otherwise, as far as I can tell, you've
> got nothing. It's your move.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
