Cryptography-Digest Digest #461, Volume #11 Sat, 1 Apr 00 14:13:01 EST
Contents:
Algorithm to decypher ENIGMA? (Daniel)
Re: Coderpunks Query on Teledyne Crypto (John Savard)
Re: Algorithm to decypher ENIGMA? (John Savard)
after TWINKLE, TWEEDLE? A new step for accelerating factorization (Quisquater)
I will make ANY software for ANYBODY (ECN UltraTrader)
Re: Observer 26/3/2000: "It's RIP basic human rights as 'worst UK legislation ever'
looms" (Your Name)
[Apology-Humor-Paranoia] Re: legal question ? ([EMAIL PROTECTED])
Hash/Mixing SPRN ([EMAIL PROTECTED])
Re: NSA (Jerry Coffin)
Re: Help decrypt message exercise (Jerry Coffin)
Re: Algorithm to decypher ENIGMA? (Daniel)
Re: I will make ANY software for ANYBODY (Tom St Denis)
Re: Hash/Mixing SPRN (Jerry Coffin)
Re: Is it really NSA ?! ([EMAIL PROTECTED])
Re: Does anybody know of a secure FTP server? (Abid Farooqui)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Daniel)
Subject: Algorithm to decypher ENIGMA?
Date: Sat, 01 Apr 2000 15:38:31 GMT
Hello all,
Can someone help me to find the algorithm to cypher/decypher WWII
Enigma messages? Perhaps the manner/way the Turing Bombe was
designed?
Thanks
Daniel
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Coderpunks Query on Teledyne Crypto
Date: Sat, 01 Apr 2000 15:52:49 GMT
On Thu, 30 Mar 2000 22:39:20 GMT, [EMAIL PROTECTED] (Jim Reeds)
wrote, in part:
>A permutation f of the elements of a group
>is an orthomorphism if the function g(x):=f(x)+x (for
>additive groups, or g(x):=f(x)*x for multiplicative ones)
>is also a permutation. In the case at hand, the group
>is bitwise mod 2 addition of bytes.
Given that definition of an orthomorphism, there are seven
orthomorphisms of GF(2^2):
00 | 00 01 01 10 10 11 11
01 | 10 10 11 00 01 00 01
10 | 11 00 10 01 11 10 00
11 | 01 11 11 11 00 01 10
which I obtained by pencil and paper by starting with the possible
values of substitutes for 00, and going onwards in a tree fashion
(rather than checking all 24 possibilities).
Now then, does the method outlined in the Teledyne patent, when given
two orthomorphisms as input, produce an orthomorphism as output, and
if so, under what conditions?
For one thing, my illustration is wrong. It is necessary to introduce
the additional bit in the same position in both mappings. That way,
the XOR of x and f(x), which was an orthomorphism, will at least
contribute to the resulting mapping's being an orthomorphism, since
now the same bits as were XORed previously will still be XORed again.
Thus, take two orthomorphisms from the list
00 - 10 00 - 11
01 - 00 01 - 00
10 - 01 10 - 10
11 - 11 11 - 01
and expand them by the method outlined
0w0 - 1a0 0W0 - 1D1
0x1 - 0b0 0X1 - 0B0
1y0 - 0c1 1Y0 - 1A0
1z1 - 1d1 1Z1 - 0C1
where A is the complement of a, and so on. This complementation
property is the only property required to ensure the resulting mapping
is a permutation. What is required to ensure that it is also an
orthomorphism? If we expand the table to show x XOR f(x) in addition
to x and f(x), we get
0w0 - 1a0 (1 wa 0) 0W0 - 1D1 (1 wd 1)
0x1 - 0b0 (0 xb 1) 0X1 - 0B0 (0 xb 1)
1y0 - 0c1 (1 yc 1) 1Y0 - 1A0 (0 ya 0)
1z1 - 1d1 (0 zd 0) 1Z1 - 0C1 (1 zc 0)
In this particular case, wa must be not zc, xb must be not xb (so no
orthomorphism is obtainable from the two parent orthomorphisms
chosen), yc must be not wd, and zd must be not ya.
We've discovered one condition: the two parent orthomorphisms, f(x)
and g(x), must be chosen so that f(x)=g(x) is false for all x.
Let's try again:
00 - 10 00 - 11
01 - 00 01 - 01
10 - 01 10 - 00
11 - 11 11 - 10
These two meet that condition.
Proceeding directly to the expanded table:
0w0 - 1a0 (1 wa 0) 0W0 - 1D1 (1 wd 1)
0x1 - 0b0 (0 xb 1) 0X1 - 0C1 (0 xc 1)
1y0 - 0c1 (1 yc 1) 1Y0 - 0B0 (0 yb 0)
1z1 - 1d1 (0 zd 0) 1Z1 - 1A0 (1 za 0)
we get the conditions wa = ~za, xb = ~xc, yc = ~wd, and zd = ~yb.
Hence, in this particular case, w=~z, b=~c, hence the last two
conditions can be changed to yb = wd and wd = yb, which are at least
consistent. But I don't see a simple mechanical condition for
guaranteeing an orthomorphism immediately. Perhaps there is one
somewhere in that patent.
John Savard (teneerf <-)
http://www.ecn.ab.ca/~jsavard/index.html
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Algorithm to decypher ENIGMA?
Date: Sat, 01 Apr 2000 15:54:18 GMT
On Sat, 01 Apr 2000 15:38:31 GMT, [EMAIL PROTECTED] (Daniel)
wrote, in part:
>Can someone help me to find the algorithm to cypher/decypher WWII
>Enigma messages? Perhaps the manner/way the Turing Bombe was
>designed?
My web site carefully describes the methods that were used to attack
the Enigma historically.
John Savard (teneerf <-)
http://www.ecn.ab.ca/~jsavard/index.html
------------------------------
From: Quisquater <[EMAIL PROTECTED]>
Subject: after TWINKLE, TWEEDLE? A new step for accelerating factorization
Date: Sat, 01 Apr 2000 18:56:47 +0200
Following an important rumor just released by Alice Press, Ali
ce HAMIR just found a new method for accelerating the second step
of factorization algorithms: this step needs to handle a very large
matrix (mainly zeroes) with an access to a computer with a very large
RAM memory (many GBytes) and is not easy.
The theory is based on an idea published very recently by Peter
Montgomery (micros.ft): Peter shown how to do these computations
in parallel (using the Lanczos method).
The new method used ultra-sounds and several small bottles of Klein
in cascade (it is like an accelerator for elementary particles):
the goal is to obtain a null vector being the vectorial sum
of many rows of the large matrix. The matrix is encoded using
digital sounds (the zeroes are changed into ones) and
the bottles give fast and iterative interferences. A special sensor
is used to detect the now all-one vector encoded by
a specific snark: the cracking sound.
He found this idea just after reading the following page:
http://members.spree.com/seahaas/WONDERLANDWAVS.htm
The realization of such a device is possible with the current
technology. Adi said: no CRAY, no patent, just a CRY, it is
like Archimedes: you can now factorize in your bathroom.
He shown a prototype using Moebius rings interacting with two tweeters.
A presentation at the following hall is scheduled
http://www.greatwoods.com/
doing a simulation with violins and batteries,
sponsored by the National Sound Association.
So by using light (do you remember TWINKLE?
http://www.geocities.com/EnchantedForest/Cottage/6936/stories/20.htm
and http://jya.com/twinkle.htm ) and sound
(without any quantum computations), we now have a multimedia
factorisation algorithm.
Arjen Lenstra is thinking to change his web page
http://www.cryptosavvy.com/
after the year 2000 (a progress for elliptic curves is not
excluded).
Bob Silperson (RSAink), a leading cryptographer, didn't comment at all
but repeated again that "You can lead a worse tweedle's ass to
knowledge, but you can't make him think"
------------------------------
From: [EMAIL PROTECTED] (ECN UltraTrader)
Subject: I will make ANY software for ANYBODY
Date: 01 Apr 2000 16:42:54 GMT
Hi,
I manage a VAST group of programmers specializing in all fields of software
development. If you have an idea for software that you would like to develop
or are currently working on software but would like to save time & money, I can
help. I offer the CHEAPEST software development rates in the United States. I
can help you in developing ANY type of software with any provisions you may
have (confidentiality, time limitations, etc). If you are interested, email
me, and I will personally send you more information.
------------------------------
Crossposted-To:
uk.media.newspapers,uk.legal,alt.security.pgp,alt.privacy,uk.politics.parliament,uk.politics.crime,uk.politics.censorship
Subject: Re: Observer 26/3/2000: "It's RIP basic human rights as 'worst UK legislation
ever' looms"
From: [EMAIL PROTECTED] (Your Name)
Date: Sat, 01 Apr 2000 17:48:59 GMT
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] says...
>
>In an article <[EMAIL PROTECTED]> of
>great significance, NoSpam <[EMAIL PROTECTED]> stipulated:
>>Specifically, the bill stipulates that if a message or device traced to yo
>u
>>contains encrypted data, you can be required by a statutory order to hand
>>over the key needed to decrypt that data. If you have lost or forgotten th
>at
>>key, you will be presumed to be guilty of an offence and required to prove
>>to a court that you have indeed lost or forgotten it. If convicted, you wi
>ll
>>go down for two years.
>
>One reason why I have no plans on using PGP.
Good boy. You have been trained well in the art
of obedience. Now go fetch my slippers or you
will be punished. :)
Rich Eramian aka freeman at shore dot net
------------------------------
From: [EMAIL PROTECTED]
Subject: [Apology-Humor-Paranoia] Re: legal question ?
Date: Sat, 01 Apr 2000 17:52:10 GMT
Earlier I posted the thread "Legal question ?" and claimed that
someone was actively trying to block me from posting a message. It did
turn out to be spam domain error *but* from a different source *and*
there was also a posting delay problem over at deja.com. Aided by too
little sleep, and, without carefully checking first, I had jumped to a
more gripping albeit more improbable and alarmist conclusion. I'm sorry
for the earlier posting and from now on I will try to post accurately as
I have attempted with all my other posts.
I have 2 brains but sometimes find their operation difficult,
especially when one is lost and the other is looking for it. If these
brains were taxed, I'd get a refund. As a young American I occasionally
exert my right to be a gross ignoramus- 144 times worse than an
ordinary ignoramus.
I remind you that I am not actually paranoid. In fact, I have a very
firm grasp on reality- I can reach forth and twist it anytime !-)
"I'm not paranoid but one night, returning to my apartment, I
realized that everything had been stolen and replaced with an exact
duplicate."
- Steven Wright
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED]
Subject: Hash/Mixing SPRN
Date: Sat, 01 Apr 2000 18:12:09 GMT
I have asked this question before...sadly no one replied..it may be too
easy for you guys to answer...but would appreciate a response...
What is the mathematical/logical basis for using Hash functions (MD5 and
SHA1) in a Pseudo Random Generator...
Does the mixing of the input seed bits into the Hash mixer increaes the
entropy and makes the output data more random? Is there any
mathematical analysis or proof of this...or is it just a sound practice?
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Jerry Coffin <[EMAIL PROTECTED]>
Subject: Re: NSA
Date: Sat, 1 Apr 2000 11:24:58 -0700
In article <6JhF4.467$[EMAIL PROTECTED]>, "Stou
Sandalski" <tangui [EMAIL PROTECTED]> says...
[ ... talking about the NSA ]
> Also if you look at the jobs they have/research they
> do it includes stuff like mass storage, and data mining, now thats not
> exactly bad but it makes me think that they are looking for better ways to
> tap everyone... store and mine the data (to find msgs from god I am
> guessing).
This doesn't sound to me like looking for ways to tap into people at
all -- rather the opposite, it's looking for ways of finding
information without having to tap into anything illegal.
Just for example, if you suspect that a particular country is working
on putting together nuclear devices, you've got a couple of choices.
You can tap directly into communications between the people you think
are likely to be involved, in which case you don't need a huge amount
of storage or data mining capability.
OTOH, if you want to get this sort of information without tapping
into things, you have to approach it from a different angle. You're
likely (for example) to try to find a serious mismatch between the
amount of mining equipment going into the country and the amount of
ore the country produces.
Of course, getting information from this general direction requires
storing and correlating HUGE amounts of data to get anywhere. The
NSA, FBI, etc., may have lobbied for increased wire-tapping
capability, but they've got smart enough people that they've GOT to
realize that it's quickly getting to the point that anybody who cares
can encrypt almost any kind communication they want to in ways that
nobody can reasonably plan on decrypting. This wil force them to use
less direct methods a great deal more as time goes on.
> Also I am almost 100% sure that they (maybe not officialy but people from
> the nsa) read this newsgroup, probably not to spy on people but to get
> information, this being one of the most (the most maybe?) famous crypto
> related newsgroup on usenet.
I really doubt that they read it with the intent or belief that
they'll learn anything new about cryptology. They might, however,
read other parts of Usenet for indications of people committing
crimes -- as you mentioned, people DO have a tendency to brag, and I
suspect most criminals are thoroughly human in this respect.
--
Later,
Jerry.
The universe is a figment of its own imagination.
------------------------------
From: Jerry Coffin <[EMAIL PROTECTED]>
Subject: Re: Help decrypt message exercise
Date: Sat, 1 Apr 2000 11:24:53 -0700
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] says...
[ ... ]
> Besides individual letter frequencies, go through and underline
> repeated strings. In this case the symbol 8 is indeed an E, and
> the word THE appears here and there, as you would expect in
> English. Try each of the likely 3-letter repeats for THE and
> see if anything recognizable pops out.
Allow me to add that what "pops out" for Jim Gillogly usually takes
quite a lot of work for most of the rest of us, so don't get
discouraged if it takes more time and effort than he implies above.
It takes a while, but it's definitely solvable.
--
Later,
Jerry.
The universe is a figment of its own imagination.
------------------------------
From: [EMAIL PROTECTED] (Daniel)
Subject: Re: Algorithm to decypher ENIGMA?
Date: Sat, 01 Apr 2000 18:30:00 GMT
On Sat, 01 Apr 2000 15:54:18 GMT, [EMAIL PROTECTED]
(John Savard) wrote:
>On Sat, 01 Apr 2000 15:38:31 GMT, [EMAIL PROTECTED] (Daniel)
>wrote, in part:
>
>>Can someone help me to find the algorithm to cypher/decypher WWII
>>Enigma messages? Perhaps the manner/way the Turing Bombe was
>>designed?
>
>My web site carefully describes the methods that were used to attack
>the Enigma historically.
>
>John Savard (teneerf <-)
>http://www.ecn.ab.ca/~jsavard/index.html
Great! I'll have a go at it.
Daniel
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: I will make ANY software for ANYBODY
Date: Sat, 01 Apr 2000 18:34:19 GMT
Beat this, I will work for free.
Tom
ECN UltraTrader wrote:
>
> Hi,
>
> I manage a VAST group of programmers specializing in all fields of software
> development. If you have an idea for software that you would like to develop
> or are currently working on software but would like to save time & money, I can
> help. I offer the CHEAPEST software development rates in the United States. I
> can help you in developing ANY type of software with any provisions you may
> have (confidentiality, time limitations, etc). If you are interested, email
> me, and I will personally send you more information.
------------------------------
From: Jerry Coffin <[EMAIL PROTECTED]>
Subject: Re: Hash/Mixing SPRN
Date: Sat, 1 Apr 2000 11:42:42 -0700
In article <8c5e5d$5f$[EMAIL PROTECTED]>, [EMAIL PROTECTED] says...
[ ... ]
> What is the mathematical/logical basis for using Hash functions (MD5 and
> SHA1) in a Pseudo Random Generator...
>
> Does the mixing of the input seed bits into the Hash mixer increaes the
> entropy and makes the output data more random? Is there any
> mathematical analysis or proof of this...or is it just a sound practice?
No -- you can't transform the bits so there's any more entropy than
you started with. What you're normally trying to do is distill the
entropy -- your input will typically contain entropy at a rate of 1
or 2 bits per byte, or so. Using a hash function allows you to take,
say, a hundred bytes of input, and distill the hundred bits (or so)
of entropy, and produce some output that's at least intended to be
substantially closer to pure entropy.
This is useful primarily because most block ciphers use fixed-size
keys. If you're using, say, IDEA, you need a 128-bit key. If you
take 128 bits directly from the user, your'e likely to end up with a
LOT less than 128 bits of entropy, so it's relatively easy for an
attacker to guess the key. If you collect, say, 80 bytes of input
from the user and hash that to produce a 128-bit key, you may not end
up with 128-bits of entropy in your key, but you're likely to end up
with a lot more entropy than if you used what they entered.
There's also a slow-down factor involved that can be useful: if you
repeatedly hash the input, you slow down the key-setup phase. Since
a normal user typically sets up a key once, and then uses it for
quite a while, this has little effect on normal use. By contrast, an
attacker attempting to exhaust the key space typically sets up a key,
encrypts or decrypts only a TINY amount of material, and then sets up
another key. Making key setup take (say) a millisecond instead of a
microsecond makes essentially no difference at all to the normal
user, but slows the brute-force attacker by a HUGE amount.
--
Later,
Jerry.
The universe is a figment of its own imagination.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Is it really NSA ?!
Date: Sat, 01 Apr 2000 18:37:16 GMT
In article <[EMAIL PROTECTED]>,
Arthur Dardia <[EMAIL PROTECTED]> wrote:
> These guns do exist, as far as how advanced I wouldn't know.
Sandia National Labs has tested electromagnetc pulse (EMP) weapons
and also, according to the National Atomic Museum, has achieved
"advanced particle acceleration capabilities that can deliver a
100-trillion-volt burst of ions using a lithium diode one inch thick".
Project ARIES, the Advanced Research EMP Simulator Site, was built for
the Defense Nuclear Agency by EG&G and is one hell of an EMP generator
and weapon. On the lesser side, there was one or more articles in
Popular Science or Popular Mechanics magazine related to EMP technology.
As Doug Gwyn noted, you should be careful about making statements
that could be construed as too anti- NSA, FBI, etc. Regarding Big
Brother (BB) it is sometimes better to mask your views by, e.g., using
combos of info that is true, false, and undecidable. BB can easily
determine my real identity but I conduct myself in a way that prevents
BB from gauging the truth of my intentions or expertise. I no longer do
this, but to increase obfuscation, I once even used separate netizens
with different levels of knowledge, personalities, and IDs.
Remember, "Only the paranoid survive" - Andy Grove
In another post in sci.crypt, I said that I don't believe Grove's
statement. BB finds contradiction annoying but so do others and thus
it's best used sparingly.
"I'm a paranoid agnostic. I doubt the existence of God, but I'm sure
there is some force, somewhere, working against me."
- Marc Moran
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Abid Farooqui <[EMAIL PROTECTED]>
Subject: Re: Does anybody know of a secure FTP server?
Date: Sat, 01 Apr 2000 18:23:56 GMT
Yeah, Athlon has left PIII in the dust for right now with a 200 MHz bus and
all that but are there any 8 way, 4 way or 6 way multi-processor servers
out there using Athlon and does all server/webserver software with say SSL
for security run on it just as good as on Pentium. What about SSL
accelerator cards like Rainbow that does >500 TPS, does it work well with
Athlon servers?
Got to look at every thing.
Abid Farooqui
P.S. I would love to have Intel face real competetion for this middle
market of servers but I don't know if Intel is worrying about the server
market with Athlon yet. PC market of cource but for server market Intel is
probably more worried about Sun than Athlon.
Lincoln Yeoh wrote:
> On 31 Mar 2000 07:13:29 GMT, [EMAIL PROTECTED] (Paul Rubin) wrote:
>
> >I am saying this after having benchmarked all four processors I've
> >mentioned. From fastest to slowest: K7, PII/III, K6, Sparc.
> >I haven't done any timings on SGI or Alpha but I don't see how they
> >can approach the X86's in cost effectiveness if you're just doing SSL.
>
> Go Athlon go! Just wait till Sledgehammer comes out and the competition
> really heats up.
>
> Pity that good Athlon motherboards aren't easy to find.
>
> I figure Athlons would be great on SMP server boards.
>
> Cheerio,
> Link.
> ****************************
> Reply to: @Spam to
> lyeoh at @[EMAIL PROTECTED]
> pop.jaring.my @
> *******************************
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
