Cryptography-Digest Digest #453, Volume #11 Fri, 31 Mar 00 00:13:00 EST
Contents:
Re: Examples of topology related to crypto ? (Chris Hillman)
Re: Does the NSA have ALL Possible PGP keys? ([EMAIL PROTECTED])
Re: Particular integer factors ("Peter L. Montgomery")
Re: Sunday People 26/3/2000: "FORGET YOUR PASSWORD... END UP IN JAIL" ("Douglas A.
Gwyn")
Re: Examining random() functions (Johnny Bravo)
Re: Does the NSA have ALL Possible PGP keys? ("Douglas J. Renze")
Re: Crypto Webpages (David Hopwood)
Re: Looking for some help on RSA public key/private key generation (David Hopwood)
ECC & Messay-Omura (was Re: Key exchange using Secret Key Encryption)
([EMAIL PROTECTED])
Re: Does anybody know of a secure FTP server? (Abid Farooqui)
----------------------------------------------------------------------------
From: Chris Hillman <[EMAIL PROTECTED]>
Crossposted-To: sci.math
Subject: Re: Examples of topology related to crypto ?
Date: Thu, 30 Mar 2000 19:28:37 -0800
On Thu, 30 Mar 2000 [EMAIL PROTECTED] wrote:
> Just out of curiosity, I am interested in examples of how topology
> (topo)
Bad abbreviation, because there are things called topoi which are very
important in the study of logic and the foundations of mathematics, and
which I think will turn out to be useful to the average mathematician and
computer science in the coming century, for reasons I can't go into here
(too complex).
> might relate to cryptology.
Well, to whet your appetite: there is a general phenomenon in which
various types of problems one can define, including cryptographic
problems, suddenly go from being tractable (solvable by fast algorithsms)
to intractable even in theory. This is related to fundamental ideas of
Shannon which now lie near the heart of modern ergodic theory, and also
the new subject of ergodic Ramsey theory, and to the theory of "random
graphs". Basically, there is a genuine connection to statistical
mechanics and to phase transitions. I am working on trying to develop a
theory of this kind of problem.
I assume you know that Shannon considered certain simple "linear" or
"rational" methods of encryption, and showed how once the cryptographer
has a certain minimum length of codetext, the problem of breaking the
cipher goes from impossible to tractable rather suddenly. AFAIK noone
ever generalized this work---- I'd be very interested to hear from anyone
who knows otherwise.
I assume you also know about the work of Diaconis on riffle shuffles,
where there several riffle shuffles leave a suprising amount of
"information" about the original order of the cards (or more important,
you can guess alot about the order of the shuffled deck from knowing the
order of the original deck), but after seven or eight shuffles, this
correlation suddenly drops to near zero. Diaconis's argument used random
walks on groups, a subject which grows out of the random graph theory
phase transition discovered by Erdos and clarified by Bollobas and others.
> More specifically, I was attempting to use one- point
> compactification, etc. to introduce the concept of limits into
> complexity theory for problems like P/NP
Hmmm.... don't get it, but do you know about Stone-Czech
compacitification? If not, see Folland, Real Analysis--- you'll love it,
I promise! :-) :-)
> I never made any significant progress but, IMHO, Freedman has by
> applying topo to the theory of quantum computation. For instance, his
> work implies that topo quantum field theories (TQFTs) could be used to
> create new quantum algorithms.
I foolishly passed up an opportunity to hear him discuss this work :-/
That was when I was interested in gtr but now I've gone back to tiling
theory, which is pretty much the same thing as symbolic dynamics and thus
includes CA's and the theory of computation and the foundations of
mathematics (e.g. Wang tilings, Game of Life).
> 2) A few weeks ago in sci.crypt, Tim Tyler started the thread
> "Cellular Automata (CA) based public key cryptography". For this
> purpose, one wants reversable CA. Topo is very important in the theory
> of symbolic dynamical systems and this theory is tied into the
> question of reversability in CA- (symbolic dynamics can be an
> application of automata theory, or vice versa).
My gosh, someone who knows what a symbolic dynamical system is!!! :-)
Did you learn this from Lind and Marcus, Introduction to Symbolic Dynamics
and Coding? Or from some other book?
Anyway, observe that a CA is nothing other than an endomorphism on a shift
space. The evolution operator of a one dimensional CA is an endomorphism
on a Z-shift space X, that is a continous map T:X -> X, the evolution
operator of a two dimensional CA is an endomorphism on a Z^2-shift space,
and so forth. In general, X is many to one although in interesting cases
it has fibers of cardinality at most d ("thickness d" in the terminology
of E. A. Robinson, not to be confused with Raphael Robinson [the husband
of Julia Robinson of Hilbert problem fame], who also did important work on
tiling theory). This is a discrete version of the theory of covering
spaces, and monodromy or Galois groups play a role. Various
mathematicians have studied related ideas.
Reversible CA's are -automorphisms- on shift spaces. It is a notorious
fact in symbolic dynamics that describing such things on a shift of finite
type are -fiendishly- difficult. Aut(X) is -really- big, typically.
Lind and others have studied this problem.
But as a rule, everything is much easier if the shift space is one of
"algebraic origin", for example if it is a "group shift" (a concept
basically introduced by Shannon). See the book by Schmidt, Dynamical
Systems of Algebraic Origin, which features a beautiful correspondence
discovered by the author, which is very reminiscent of Pontryagin duality
and also of the variety/radical ideal correspondence in algebraic
geometry, and of the intermediate field/subgroup correspondence in
classical Galois theory.
A Spanish mathematician whose name slips my mind specifically tried to
apply some of this stuff to CA's. Chris Moore has written many papers on
related ideas, and Milnor has written at least one paper on CA's.
If you want to study CA's, I'd urgently recommend you to study the book by
Schmidt (very dense! but full of fabulous stuff) and maybe recent papers
by Lind and others on Z^d shift spaces, and then to think about CA's
defined as automorphisms on shifts of algebraic origin.
The recent work is closely related to the stuff about polynomial ideals I
have been ranting about in other posts :-/ IIRC, Smale did considerable
work on a theory of computation over rings other than the Z_2 or something
like that--- this is probably a very inaccurate description based on hazy
memories of a talk I attended ten years ago in which Smale confused me by
stating the conclusion of his main theorem and the hypothesis and vice
versa (someone else who noticed this said to me afterward that he knows
Smale well and it is part of his genius that he can confuse the conclusion
with the hypothesis but nonetheless provide a correct and creative proof,
once you unravel all the weird transpositions in his manner of speech).
So you might look for his papers on that.
Chris Hillman
Home Page: http://www.math.washington.edu/~hillman/personal.html
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: comp.security.pgp,misc.survivalism
Subject: Re: Does the NSA have ALL Possible PGP keys?
Date: Fri, 31 Mar 2000 13:40:00 +1000
On Thu, 30 Mar 2000 15:36:38 GMT, [EMAIL PROTECTED] (Gunner) ,
sharing an opinion worldwide on misc.survivalism, and inviting
comments from others, caused the following words to appear on our
monitors:
>On Thu, 30 Mar 2000 08:57:10 GMT, [EMAIL PROTECTED] wrote:
>
>>>
>>> If the NSA, CIA, or FBI wants your PGP key, they've probably also already
>>> got a pretty heavy body of message traffic and a pretty good idea what's in
>>> that traffic; it's not worth it for a fishing expedition. If that's the
>>> case, they've got a lot of ways to get your key. They can pick you up and
>>> pump you full of pentathol. They can beat it out of you. Probably the
>>> fastest way would be to put a gun to your son/daughter/wife's head and say,
>>> "Give me the key or I'll pull the trigger."
>>>
>>
>> This seems nonsensically paranoid.
>>Instead, you should be grateful for the many
>>fine services these agencies provide. For
>>instance, Big Brother now offers this
>>convenience- He'll read your email so you
>>don't have to !-)
>>
>>
>Well the least they could do, is to start filtering my spam for me.
>
>Gunner
>
1==> Gee, Gunner, are you sure that your paranoia score is high enough
to qualify you for this group?
2==> If you need a little help in raising it, consider that what you
think is just "spam" may be something else entirely. Do you think
that others are getting the same "spam" you are getting? Have you
actually checked?
Perhaps what you think are spam messages are actually a secret way
for Microsoft and the government to program your computer for
specific tasks. A message that reads "Make $$$$ raising mink in your
basement" might be an order for your system to disable the sound
output on the modem, dial out, and upload all the secret files on your
system.
In case you tend to trust your government and Microsoft, realise that
they might be both be under the control of the U.N. If you trust your
other humans, realise that many think that the U.N. and the earth was
long ago taken over by the little gray aliens with the big eyes and
heads....
...skerrp, skaark, Vega 8 control to Antares 5...dwarrk, errkkk
..Oops, sorry, Gunner, damned crossed lines, would think that
a Galactic Empire such as ours could arrange better net links. Makes
my tentacles writhe every time it happens....
3==> <G> Just kidding Gunner, actually am human and actually am in
Australia, but see how easy it is to indulge in conspiracy fantasies
if you just use your imagination a bit more?
At the moment there are probably only a couple of hundred conspiracy
theories floating around the net. Am sure that if you would only
unleash your creative powers we could be up to 500 in no time at all.
They don't have to be logical, of course.
Make a list of everything you don't like, then invent a conspiracy to
account for it. Large doses of cocaine and amphetamines help here, as
they frequently produce paranoid states in susceptible individuals.
..larryn
"/ Simul Justus et Peccator / "
------------------------------
From: "Peter L. Montgomery" <[EMAIL PROTECTED]>
Crossposted-To: sci.math
Subject: Re: Particular integer factors
Date: Fri, 31 Mar 2000 03:40:03 GMT
In article <[EMAIL PROTECTED]> JCA <[EMAIL PROTECTED]> writes:
>
> When attempting to factorize a (large) integer does it help to know
>that it is
>the product of two unknown factors whose sizes are known?
If the product has n digits, then knowing the sizes of the prime
factors reduces your workload by at most a factor of 2, since you can try
sizes 1 and n
sizes 1 and n-1
sizes 2 and n-1
sizes 2 and n-2
...
all separately. There is a polynomial-time (in n) factoring algorithm
when the sizes are unknown, if and only if there is a polynomial-time
algorithm for each case where the sizes are known.
If a factor is known to have under 60 digits, we can attack using ECM
(elliptic curve method). So far the ECM record is 54 digits,
attained twice.
--
E = m c^2. Einstein = Man of the Century. Why the squaring?
[EMAIL PROTECTED] Home: San Rafael, California
Microsoft Research and CWI
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Sunday People 26/3/2000: "FORGET YOUR PASSWORD... END UP IN JAIL"
Date: Fri, 31 Mar 2000 03:46:14 GMT
Anonymous wrote:
> PS - since you brought up the gun topic, where are the estimated 190 million
> gun owners that are *not* NRA members? Out to lunch? MIA? If every firearm
> owner in Amerika told his or her elected public officials that the gun issue
> is their "litmus test" for getting their vote the whole gun controversy would
> be finished in 10 minutes. The end of firearm ownership by civilians in the
> USSA will be brought about by these 190 million uninvolved people in much the
> same way as those in GB/NZ/Canada/Austrailia who sat around with their heads
> in the sand thinking "It can't happen here". Until it did.
I think one major factor is the remnants of trust in the news media,
which is of course exploited for political agenda. NPR had a segment
where several of the gunowners calling in (a) were not members of NRA,
(b) didn't see anything wrong with so-called "common sense" gun
controls,
and (c) didn't think there was a problem with banning equipment (such as
the so-called "assault weapons", which in actuality are ordinary rifles,
or even handguns) that they themselves didn't personally desire to own.
These attributes were strongly correlated.
When you consider that the debate about the so-called "gun show
loophole"
in Congress is merely over how *long* a waiting period will be imposed,
it becomes clear that the two major parties are ideological cousins.
If you vote, at least vote Libertarian! Otherwise the politicians will
continue to think that nobody really *wants* freedom, privacy, etc.
> "All that evil needs to triumph is for good to do nothing."
Also for good intentions to be based on ignorance and lack of critical
thinking.
------------------------------
From: Johnny Bravo <[EMAIL PROTECTED]>
Subject: Re: Examining random() functions
Date: Thu, 30 Mar 2000 22:51:44 -0500
On Thu, 30 Mar 2000 20:57:22 +0200, Mok-Kong Shen
<[EMAIL PROTECTED]> wrote:
>My point was that the difficulty of interpretation seems to be
>a problem in practical use of Diehard.
The right tool for the right job. I don't complain because I can't read
an MRI scan. Should I be required to read an MRI I can either learn to do
so, or get help. If you don't understand the tools, you probably also
wouldn't be helped by a dumbed down output. If data samples don't pass
one of the DieHard tests on a regular basis, to fix the problem you need
to understand both the test and why the sample generation technique is
causing the problem. There is no simple solution to be found.
>You may have much experience
>and can interpret the results correctly. But one without experience
>would likely not be able to perform as well, I am afraid.
There isn't a very good substitute for knowledge and experience.
--
Best Wishes,
Johnny Bravo
"The most merciful thing in the world, I think, is the inability
of the human mind to correlate all it's contents." - HPL
------------------------------
From: "Douglas J. Renze" <[EMAIL PROTECTED]>
Crossposted-To: comp.security.pgp,misc.survivalism
Subject: Re: Does the NSA have ALL Possible PGP keys?
Date: Thu, 30 Mar 2000 22:13:08 -0600
<[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> 2==> If you need a little help in raising it, consider that what you
> think is just "spam" may be something else entirely. Do you think
> that others are getting the same "spam" you are getting? Have you
> actually checked?
>
> Perhaps what you think are spam messages are actually a secret way
> for Microsoft and the government to program your computer for
> specific tasks. A message that reads "Make $$$$ raising mink in your
> basement" might be an order for your system to disable the sound
> output on the modem, dial out, and upload all the secret files on your
> system.
More likely, they're messages encrypted with the perfect algorithm...it
takes one message and turns it into another that's not quite nonsense.
After all, who would try to break such an encryption scheme? You don't even
know it's there! Then, of course, to hide the traffic to their intended
recipient, they mail it to everybody on the 'net. The particular subject
tells them who it's designated for.
Now, all we have to do is figure out who they are and what they want.
------------------------------
Date: Fri, 31 Mar 2000 04:21:45 +0100
From: David Hopwood <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: Crypto Webpages
=====BEGIN PGP SIGNED MESSAGE=====
Steve K wrote:
[...]
> Some of my favorite places to go beat my head against the wall of
> mathematical ignorance:
>
John Savard's site:
> http://fn2.freenet.edmonton.ab.ca/~jsavard/index.html
RSA Labs FAQ:
> http://www.rsasecurity.com/rsalabs/faq/
Handbook of Applied Cryptography home page:
> http://cacr.math.uwaterloo.ca/hac/
Counterpane home page:
http://www.counterpane.com/
Cryptography Research home page:
http://www.cryptography.com/
Lars Knudsen and Vincent Rijmen's Block Cipher Lounge (also AES Lounge):
http://www.ii.uib.no/~larsr/bc.html
NIST AES home page:
http://aes.nist.gov/
Lists of crypto researchers' home pages, from Counterpane,
Cryptography Research and David Wagner:
http://www.counterpane.com/researchers.html
http://www.cryptography.com/resources/authors/index.html
http://www.cs.berkeley.edu/~daw/people/crypto.html
Counterpane index of cryptography papers available on-line:
http://www.counterpane.com/biblio/
Cryptography Research index of on-line CRYPTO & EUROCRYPT papers:
http://www.cryptography.com/resources/papers/index.html
The Theory of Cryptography Library (recent papers, mainly since 1996, on
cryptography and cryptanalysis):
http://philby.ucsd.edu/cryptolib/
Helger Lipmaa's Cryptology pointers:
http://www.ioc.ee/home/helger/crypto/
Crypto-Log: Internet Guide to Cryptography.
http://www.uni-mannheim.de/studorg/gahg/PGP/cryptolog1.html
Thomas Jakobsen's page on Cryptanalysis of Block Ciphers.
http://www.mat.dtu.dk/persons/Jakobsen_Thomas/capapers.html
My crypto pages (under heavy construction):
http://www.users.zetnet.co.uk/hopwood/crypto/
- --
David Hopwood <[EMAIL PROTECTED]>
PGP public key: http://www.users.zetnet.co.uk/hopwood/public.asc
RSA 2048-bit; fingerprint 71 8E A6 23 0E D3 4C E5 0F 69 8C D4 FA 66 15 01
=====BEGIN PGP SIGNATURE=====
Version: 2.6.3i
Charset: noconv
iQEVAwUBOOQnmDkCAxeYt5gVAQHZ8QgAx8VtZ7dMRqVeqpbkkDCELB6wJ94UoTNf
IB4kzZ9MJs3gaqGr9Md2hixEj96n96xzM4um2Ip9zm6Z0X/Th2IIhaqsXZun2UPl
v4SckOAIMu+InPm5uMgxQGcRnAmQMX1GOA1vclIbtBn204b3Aj0dtsewnfGzG9NF
Is2spvVO2mKhROfk0Ob+7+AFBeiKlwuMqBh2p9n/VWdietoDZwxRaeqToi0o41gF
BWlMl6acMzjEET4CSZvlnYg3XN839vSZLDqtAwbFWXC9fauISCK/QX7ty9sBgYSC
+18jR7keqRejcN8cii/5VbzBfy4ieSz5+E+Eek3+ueQSyt75H+I4mg==
=pbFy
=====END PGP SIGNATURE=====
------------------------------
Date: Fri, 31 Mar 2000 03:45:43 +0100
From: David Hopwood <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: Looking for some help on RSA public key/private key generation
=====BEGIN PGP SIGNED MESSAGE=====
Joseph Ashwood wrote:
> Paul Rubin wrote:
> > Joseph Ashwood wrote:
> > >Yes, but by using a large e, the size of your d
> > >decreases.
> >
> > Whaaaaaaat? No, d is the size of the modulus and
> > supposedly unpredictable.
>
> No, length(d)+length(e) should be very close to
> length(modulus), as in within 1
No, Paul Rubin is correct. If e is chosen first, then d = e^-1 mod m
will be approximately the size of m, regardless of the length of e
(where m is either lcm(p-1, q-1) or phi(n)).
Alternatively you can choose d first, in which case e = d^-1 mod m will
be approximately the same size as m. However, it is definitely not secure
to make d less than n^0.292 [1], and according to [2], d should not be
less than n^0.5.
[1] Dan Boneh, G. Durfee,
"New results on cryptanalysis of low private exponent RSA,"
preprint, 1998.
[2] Dan Boneh,
"Twenty Years of Attacks on the RSA Cryptosystem,"
(this is on the web somewhere; do a search for it)
- --
David Hopwood <[EMAIL PROTECTED]>
PGP public key: http://www.users.zetnet.co.uk/hopwood/public.asc
RSA 2048-bit; fingerprint 71 8E A6 23 0E D3 4C E5 0F 69 8C D4 FA 66 15 01
=====BEGIN PGP SIGNATURE=====
Version: 2.6.3i
Charset: noconv
iQEVAwUBOOQfGDkCAxeYt5gVAQGSeggAlmJl3RJERteNC1tNbdvehOE2Tp9rX8c0
dmd9yKj0XpM75N3kZiSs4/j6XaTJbgJeerRGJfVEA+D2niFB2PGE5R+UFPV+Dqjz
TdQrlPopI2vzlMzzTMkOnbtycxGDfeZM5Vxl+K6hFyG6OKwgX9xUuuTUawCaK+oT
36fVqhn1vchYgpoekqU8ywGPaouPSlQtucEEDFUA+BnLLQhd7sle8oTv6wfj0O0L
t8S+7yU5Wjqb1+UVPtyBK4dtoltkVQwuu4LYaXWn8GHZdttjNHb3niLy3pim6RVz
JtEk9rce6F7HbQrsieaXjGSTTYSs9eBi9W+2lz8Tn8BEU7Np3MEb3g==
=95c9
=====END PGP SIGX=Mozilla=Status: 0009Fri Mar 31 04:21:45 2000
X-Mozilla-Status: 0801
X-Mozilla-Status2: 00000000
FCC: /N|/Programs/Netscape/Users/david.hopwood/Mail/Sent
X-Mozilla-News-Host: znews.zetnet.co.uk
Message-ID: <[EMAIL PROTECTED]>
Date: Fri, 31 Mar 2000 04:21:45 +0100
From: David Hopwood <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Organization: David Hopwood Network Security
X-Mozilla-Draft-Info: internal/draft; vcard=0; receipt=0; uuencode=0; html=0;
linewidth=0
X-Mailer: Mozilla 4.7 [en] (WinNT; I)
X-Accept-Language: en-GB,en,fr-FR,fr,de-DE,de,ru
MIME-Version: 1.0
Newsgroups: sci.crypt
Subject: Re: Crypto Webpages
References: <8c0kaj$ool$[EMAIL PROTECTED]> <8c0pd4$gla$[EMAIL PROTECTED]>
<[EMAIL PROTECTED]>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
=====BEGIN PGP SIGNED MESSAGE=====
Steve K wrote:
[...]
> Some of my favorite places to go beat my head against the wall of
> mathematical ignorance:
>
John Savard's site:
> http://fn2.freenet.edmonton.ab.ca/~jsavard/index.html
RSA Labs FAQ:
> http://www.rsasecurity.com/rsalabs/faq/
Handbook of Applied Cryptography home page:
> http://cacr.math.uwaterloo.ca/hac/
Counterpane home page:
http://www.counterpane.com/
Cryptography Research home page:
http://www.cryptography.com/
Lars Knudsen and Vincent Rijmen's Block Cipher Lounge (also AES Lounge):
http://www.ii.uib.no/~larsr/bc.html
NIST AES home page:
http://aes.nist.gov/
Lists of crypto researchers' home pages, from Counterpane,
Cryptography Research and David Wagner:
http://www.counterpane.com/researchers.html
http://www.cryptography.com/resources/authors/index.html
http://www.cs.berkeley.edu/~daw/people/crypto.html
Counterpane index of cryptography papers available on-line:
http://www.counterpane.com/biblio/
Cryptography Research index of on-line CRYPTO & EUROCRYPT papers:
http://www.cryptography.com/resources/papers/index.html
The Theory of Cryptography Library (recent papers, mainly since 1996, on
cryptography and cryptanalysis):
http://philby.ucsd.edu/cryptolib/
Helger Lipmaa's Cryptology pointers:
http://www.ioc.ee/home/helger/crypto/
Crypto-Log: Internet Guide to Cryptography.
http://www.uni-mannheim.de/studorg/gahg/PGP/cryptolog1.html
Thomas Jakobsen's page on Cryptanalysis of Block Ciphers.
http://www.mat.dtu.dk/persons/Jakobsen_Thomas/capapers.html
My crypto pages (under heavy construction):
http://www.users.zetnet.co.uk/hopwood/crypto/
- --
David Hopwood <[EMAIL PROTECTED]>
PGP public key: http://www.users.zetnet.co.uk/hopwood/public.asc
RSA 2048-bit; fingerprint 71 8E A6 23 0E D3 4C E5 0F 69 8C D4 FA 66 15 01
=====BEGIN PGP SIGNATURE=====
Version: 2.6.3i
Charset: noconv
iQEVAwUBOOQnmDkCAxeYt5gVAQHZ8QgAx8VtZ7dMRqVeqpbkkDCELB6wJ94UoTNf
IB4kzZ9MJs3gaqGr9Md2hixEj96n96xzM4um2Ip9zm6Z0X/Th2IIhaqsXZun2UPl
v4SckOAIMu+InPm5uMgxQGcRnAmQMX1GOA1vclIbtBn204b3Aj0dtsewnfGzG9NF
Is2spvVO2mKhROfk0Ob+7+AFBeiKlwuMqBh2p9n/VWdietoDZwxRaeqToi0o41gF
BWlMl6acMzjEET4CSZvlnYg3XN839vSZLDqtAwbFWXC9fauISCK/QX7ty9sBgYSC
+18jR7keqRejcN8cii/5VbzBfy4ieSz5+E+Eek3+ueQSyt75H+I4mg==
=pbFy
=====END PGP SIGNATURE=====
------------------------------
From: [EMAIL PROTECTED]
Subject: ECC & Messay-Omura (was Re: Key exchange using Secret Key Encryption)
Date: Fri, 31 Mar 2000 04:11:12 GMT
In article <8bvdfk$ghs$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> Usually the Diffie-Hellman key exchange is used. However, this method
is
> NOT immune to man-in-the-middle attacks. In order to protect against
> man-in-the-middle attacks, you can use digital signatures on the
> messages exchanged in the key exchange. However, this requires that
> Alice and Bob can securely transfer each others public keys, and since
> in this scenario we can only communicate using the internet, it is not
> possible.
>
> In conclusion, there must be some way of securely exchanging
information
> in order to setup a completely secure connection. If we only
> have the Internet, we have a cach 22 situation where we can
> only setup a secure connection if we have already done so
> before.
>
> Strangely enough, many "secure" connections, such as those used in
> browsers, completely ignore the man-in-the-middle problem.
>
> -Erik Runeson
>
Thank you for your reply.
I gather there is no equivalent Massey-Omura key exchange protocol for
symmetric key encryption.
What if Alice and Bob now also has ECC & Messay-Omura key exchange at
their disposal. Seeing as they are online at the same time, a multipass
protocol like Messay-Omura could be used.
Would the use of Messay-Omura protocol with ECC ensure a secure
session ?
Petang
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Abid Farooqui <[EMAIL PROTECTED]>
Subject: Re: Does anybody know of a secure FTP server?
Date: Fri, 31 Mar 2000 04:43:33 GMT
Thanks once again for the info.
I just have one comment about you recommending to stay away from intel platform for SSL
because SSL is very CPU intensive and the CPU architecture (the set of assembly
instructions architected and implemented for that CPU) can really determine what kind
of
performance one would get. This really depends on whether the SSL implementation has
been optimized for intel CPU instruction set or not. The better the compiler you use to
compile on intel platform the better and faster results you would see. You could go
right down to the assembly language level and really crank out some fast code (albeit
that would be a humongous effort). Usually the newest C compilers for intel platform
give performance pretty close to the assembly code now a days. Also if I were using
something like the Rainbow hardware accelerator card, then intel CPU really would not
come into play that much with doing SSL calculations, right?? And think about it you
could probably buy 2 accelarator cards for intel for the price of 1 on SPARC.
Ah, in college I did a co-op for intel for a semester in their micro-electronics
division ... may be I am just being biased here. I need to look at SPARC instruction
set
more closely to see why exactly SSL calculations would be faster on it. But then I
would
need SSL code in assembler for both SPARC and INTEL to really be able to tell for sure.
Would be an interesting learning experiance if I could get some assembler crypto code
for both SPARC and INTEL. Hmmm ....
I will definitely mail you if I ever do come to Lisbon, I know my fiance wants to go to
France (not to Paris) but to some other towns there where supposedly, knight Templars
have Jesus' body buried. She says that that would blow away the whole idea about Jesus'
physical resurrection ...I guess ahe is kind of obsessed with that. may be I will leave
her in France and take a trip to Lisbon if she will promise to not to kill me after I
do
something like that ... hehehe :).
Abid Farooqui
Jaime Cardoso wrote:
> Hy there.
>
> Sorry for the delay but, work waits for no one and my time to check Ng has been
> none.
>
> I see you already checked Rainbow, Has far as i know, this one is the faster SSL
> acelerator card I know and it can do wonders to your web site performance. You still
> need to have SSL enabled (at least with Netscape Enterprise Server, you do) but, Wy
> don't you pay a visit to http://www.rainbow.com and use theire e-mail to have them
> to answer your questions?
>
> I don't know a lot about theire offer because I don't wandle directly with them,
> when I have a business that they may join, I simply redirect the customer to my
> contact in the rainbow reseller in Portugal.
>
> If this card works with Apache? I realy don't know, i believe so because Apahe is
> quite an open platform (obvious, isn't it??) and it has quite a market share for
> this guys to ignore it. Just ask them, it's the easiest way.
>
> I wouldn't use a relational DB to store and authenticate my user's certificates, I
> woul realy recomend you use a Ldap Server. The most performant is Netscpe Directory
> Server but, if you don't have the budget to the big thing, you can get along well
> enouth with an Source free LDAP server.
>
> For the hardware, be aware, SSL uses a lot of calculations so, Intel should be the
> last resource HW platform for you. If you are going with an SSL server, you can
> increse your performance xfold (10X to 20X or more) if you use a CPU that is good
> with math (UltraSparc, Alpha or SGI).
>
> Bye
>
> //Jaime Cardoso
>
> PS. I would be honored if, when you came to Lisbon, you would mail me. Has I am
> doing a paper about criptography, I read this NG a lot, but this is the first thread
> i got involved but, like "them" I will keep watching :)))))
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
