Cryptography-Digest Digest #463, Volume #11 Sat, 1 Apr 00 23:13:01 EST
Contents:
Re: NSA (Jerry Coffin)
Re: Implementation of Blowfish (Tom St Denis)
Re: Implementation of Blowfish (lordcow77)
Re: Chronometric Cryptography ("Joseph Ashwood")
Re: Hash/Mixing SPRN ("Joseph Ashwood")
Re: Implementation of Blowfish ("Joseph Ashwood")
Re: Algorithm to decypher ENIGMA? (Jim Gillogly)
Re: OAP-L3: Semester 1 / Class #1 All are invited. (NFN NMI L.)
Re: Newbie Question: What is a Hash Method? (K. O. Marinely)
Postdoctoral Position at KIAS, Korea (Saebock)
Re: Implementation of Blowfish (Tom St Denis)
Re: Implementation of Blowfish (Tom St Denis)
Re: NSA ("Trevor L. Jackson, III")
Re: I will make ANY software for ANYBODY (Guy Macon)
Re: Using Am-241 to generate random numbers (Guy Macon)
Re: NSA ("Stou Sandalski")
Re: Blowfish (David Hopwood)
----------------------------------------------------------------------------
From: Jerry Coffin <[EMAIL PROTECTED]>
Subject: Re: NSA
Date: Sat, 1 Apr 2000 16:16:03 -0700
In article <8c5pm6$cc2$[EMAIL PROTECTED]>, [EMAIL PROTECTED] says...
[ ... ]
> Myself and others have posted seemingly
> original ideas in sci.crypt. Of course, some of
> these notions may be too speculative, vague or
> useless but, collectively, we might teach an
> old dog (the NSA) a new trick or two.
While I agree that it's possible, I suspect you'd have more
difficulty convincing most of the NSA of the idea. In any case,
given their manpower constraints, I'd expect them to have difficulty
even keeping track of things that have relatively high S/N ratios, so
I doubt they'd spend a lot of time on newsgroups where the ratio is
much lower.
> To return
> the favor, the least the NSA could do is
> contribute to the crypto humor thread I
> started (it might not be illegal for them to do
> this).
It's illegal for them to even _have_ a sense of humor (sorry, but it
was too obvious to resist).
--
Later,
Jerry.
The universe is a figment of its own imagination.
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: Implementation of Blowfish
Date: Sat, 01 Apr 2000 23:25:37 GMT
I heard CB is a cool Crypto API, it includes Blowfish among it's other
symmetric ciphers.
http://24.42.86.123/cb.html
Tom
Jan Krumsiek wrote:
>
> Does anybody know where to get the (c++) source code of an
> implementation of blowfish that supports the encryption of variable
> size strings.
> i don't really know how to correctly encapsulate the core functions.
>
> Jan
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.
------------------------------
Subject: Re: Implementation of Blowfish
From: lordcow77 <[EMAIL PROTECTED]>
Date: Sat, 01 Apr 2000 16:16:48 -0800
This is intellectually dishonest, implying an unbiased
observation or judgement when in fact, CB is your own API. While
I am fairly certain that you have no underhanded motives, fully
disclosing your relationship to a product that you suggest to
others is a standard ethical practice.
* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
The fastest and easiest way to search and participate in Usenet - Free!
------------------------------
From: "Joseph Ashwood" <[EMAIL PROTECTED]>
Subject: Re: Chronometric Cryptography
Date: Sat, 1 Apr 2000 16:32:04 -0000
> You are correct in pointing out that if the attacker knew
how many
> iterations the message had been encrypted for, it would
provide a few bits
> of extended security, but since an attacker would have to
guess at the
> number of iterations, and if he/she were to guess low,
they would never
> decipher the message, I think that would add another layer
of security on
> top of it.
No, if the attacker knew the number of iterations, there is
absolutely no additional protection. However it is safe to
assume that an attacker knows approximately how long you
will take to encrypt, and know approximately what computing
power. I have never met you and I made an estimate on the
computing power in front of you, was I correct? If so then
based on effectively no information I have reduced the
maximum impact of the variable rounds function to an
addition 2 bits if I chose to attack something you
encrypted, and remember an attacker is likely to know more
about you than I do. Also by storing the XOR of all the keys
you supply additional information about the key that I could
use to speed up an attack, simply by computing the cheap
function you use for verification. The likelihood of a
collision is very small, and you have effectively eliminated
even more of the protection.
Looking at it, I think it is best to view it as a tree
search, where the tree depth is infinite, but knowledge of
what depth in the tree the answer will be found is known.
Given that information, only that depth in the tree needs to
be searched, so insted of searching an infinite tree, you
are searching only a very finite section of the tree. You
also supply the XOR of the total path to the correct node of
the tree, which means that one can eliminate in bulk massive
quantities of the remaining tree. From this point it is a
simple matter of checking each of the potential solution
nodes in the tree. I don't see where your proposal offers
enough extra security, but I think it may be possible to
make it secure, it's just non-obvious how.
Joe
------------------------------
From: "Joseph Ashwood" <[EMAIL PROTECTED]>
Subject: Re: Hash/Mixing SPRN
Date: Sat, 1 Apr 2000 16:44:13 -0000
There are actually a couple reasons for it taht I can think
of.
As was pointed out it is useful for distilling the entropy.
The other important one is that if a cryptgraphically strong
one-way function (typically a hash function) is used on the
output it becomes vastly more difficult to determine the
internal state, and with using something like SHA-1 it is
generally assumed to require brute force. The effect is that
the pRNG whether good or bad becomes a stronger point than
before.
Joe
<[EMAIL PROTECTED]> wrote in message
news:8c5e5d$5f$[EMAIL PROTECTED]...
> I have asked this question before...sadly no one
replied..it may be too
> easy for you guys to answer...but would appreciate a
response...
>
> What is the mathematical/logical basis for using Hash
functions (MD5 and
> SHA1) in a Pseudo Random Generator...
>
> Does the mixing of the input seed bits into the Hash mixer
increaes the
> entropy and makes the output data more random? Is there
any
> mathematical analysis or proof of this...or is it just a
sound practice?
>
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.
------------------------------
From: "Joseph Ashwood" <[EMAIL PROTECTED]>
Subject: Re: Implementation of Blowfish
Date: Sat, 1 Apr 2000 16:48:21 -0000
That being said, CB probably offers what was requested
probably as well as any other source, so it is a logical
recommendation that I too would probably have made.
Joe
"lordcow77" <[EMAIL PROTECTED]> wrote in
message news:[EMAIL PROTECTED]...
> This is intellectually dishonest, implying an unbiased
> observation or judgement when in fact, CB is your own API.
While
> I am fairly certain that you have no underhanded motives,
fully
> disclosing your relationship to a product that you suggest
to
> others is a standard ethical practice.
>
> * Sent from RemarQ http://www.remarq.com The Internet's
Discussion Network *
> The fastest and easiest way to search and participate in
Usenet - Free!
>
------------------------------
From: Jim Gillogly <[EMAIL PROTECTED]>
Subject: Re: Algorithm to decypher ENIGMA?
Date: Sun, 02 Apr 2000 01:16:35 +0000
Daniel wrote:
> Can someone help me to find the algorithm to cypher/decypher WWII
> Enigma messages? Perhaps the manner/way the Turing Bombe was
> designed?
My Cryptologia paper on solving Enigma with modern hardware (and no crib)
is available on Joe Peschel's website:
http://members.aol.com/jpeschel/historical.htm
The latest Cryptologia has a paper by Heidi Williams describing some
improvements to my results.
--
Jim Gillogly
Hevensday, 12 Astron S.R. 2000, 01:14
12.19.7.1.12, 10 Eb 20 Cumku, Fifth Lord of Night
------------------------------
From: [EMAIL PROTECTED] (NFN NMI L.)
Subject: Re: OAP-L3: Semester 1 / Class #1 All are invited.
Date: 02 Apr 2000 01:28:14 GMT
<<You'll hear from me in a few more days.>>
Oh no.
-*---*-------
S.T. "andard Mode" L.
STL's Quotation Archive: http://quote.cjb.net
------------------------------
From: [EMAIL PROTECTED] (K. O. Marinely)
Subject: Re: Newbie Question: What is a Hash Method?
Date: Sun, 02 Apr 2000 01:46:14 GMT
"Vinchenzo" <[EMAIL PROTECTED]> wrote:
>I would like to know what is a hash method? Is it like a subkey generation?
One of the version 2.6.3 releases of PGP includes a program called
MD5SUM.EXE, which is apparently a program to generate MD5 hashes, however I
can't figure out how it works and I couldn't find any documentation for it
in the Zip file. It could be useful for learning about hashes if someone
here can tell us where to get it and how to use it.
--
"K. O. Marinely" is actually 2507 639814 <[EMAIL PROTECTED]>.
0 1 23456789 <- Use this key to decode my email address and name.
Play Five by Five Poker at http://www.5X5poker.com.
------------------------------
From: [EMAIL PROTECTED] (Saebock)
Subject: Postdoctoral Position at KIAS, Korea
Date: 02 Apr 2000 01:53:45 GMT
KIAS(Korea Institute for Advanced Study) has postdoctoral positions in the area
of <Mathematics of Public Key Cryptography> starting from July 1, 2000.
Potential applicants with background in algebra, combinatorics, or number
theory are encouraged to apply.
KIAS is located in Seoul, Korea.
These positions with other postdoctoral positions were advertised in the Noties
of AMS(American Mathematical Society) last year.
For further information, please check the KIAS homepage http://www.kias.re.kr.
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: Implementation of Blowfish
Date: Sun, 02 Apr 2000 01:55:47 GMT
lordcow77 wrote:
>
> This is intellectually dishonest, implying an unbiased
> observation or judgement when in fact, CB is your own API. While
> I am fairly certain that you have no underhanded motives, fully
> disclosing your relationship to a product that you suggest to
> others is a standard ethical practice.
I was trying to be funny and informative. If you find any problems with
CB though [which I am not doubting] please let me know.
Tom
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: Implementation of Blowfish
Date: Sun, 02 Apr 2000 01:56:20 GMT
Joseph Ashwood wrote:
>
> That being said, CB probably offers what was requested
> probably as well as any other source, so it is a logical
> recommendation that I too would probably have made.
> Joe
Yup, that's why I made it.
Tom
------------------------------
Date: Sat, 01 Apr 2000 21:07:44 -0500
From: "Trevor L. Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: NSA
Jerry Coffin wrote:
> In article <8c5pm6$cc2$[EMAIL PROTECTED]>, [EMAIL PROTECTED] says...
>
> [ ... ]
>
> > Myself and others have posted seemingly
> > original ideas in sci.crypt. Of course, some of
> > these notions may be too speculative, vague or
> > useless but, collectively, we might teach an
> > old dog (the NSA) a new trick or two.
>
> While I agree that it's possible, I suspect you'd have more
> difficulty convincing most of the NSA of the idea. In any case,
> given their manpower constraints, I'd expect them to have difficulty
> even keeping track of things that have relatively high S/N ratios, so
> I doubt they'd spend a lot of time on newsgroups where the ratio is
> much lower.
>
> > To return
> > the favor, the least the NSA could do is
> > contribute to the crypto humor thread I
> > started (it might not be illegal for them to do
> > this).
>
> It's illegal for them to even _have_ a sense of humor (sorry, but it
> was too obvious to resist).
If you read the sign at the X-ray machine at the airport you'll find a list of
threats regarding passenger behavior, including the fact that it's a felony to
make _jokes_ about security.
Now imagine having such a sign on your desk at work.
------------------------------
From: [EMAIL PROTECTED] (Guy Macon)
Subject: Re: I will make ANY software for ANYBODY
Date: 01 Apr 2000 22:06:59 EST
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Tony L.
Svanstrom) wrote:
>
>Guy Macon <[EMAIL PROTECTED]> wrote:
>
>> In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
>> (Tony L. Svanstrom) wrote:
>> >
>> >Tom St Denis <[EMAIL PROTECTED]> wrote:
>> >
>> >> Beat this, I will work for free.
>> >
>> >Great, when can I expect the MacOS X ported to Palmcomp. hardware? ;)
>
>> There is truth behind the humor here. When Linux is ported to Palmcomp
>> hardware it will likely be done by someone who works for free.
>
>AFAIK they got a Palmunit to start with Linux a cpl of years ago. There
>wasn't much they could do with it, but it did work... Haven't heard
>anything about it since then though, most likely because to just get it
>to start they needed an 8meg Palmunit and at the time they only came
>with 2 meg. Such a thing could get people to stop working.
Perhaps this explains the lack of a Commodore 64 version of Linux... ;)
------------------------------
From: [EMAIL PROTECTED] (Guy Macon)
Subject: Re: Using Am-241 to generate random numbers
Date: 01 Apr 2000 22:19:57 EST
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Jerry
Coffin) wrote:
>
>In article <8c5nk8$[EMAIL PROTECTED]>, [EMAIL PROTECTED]
>says...
>
>[ ... ]
>
>> There are a lot of Usenet postings too. If you depend on someone not
>> looking in the right place, then you are using steganographry, which
>> is a legitimate way to hide information but is not cryptography.
>
>Rather the contrary -- here we're talking only about key
>distribution. It's perfectly normal for a secret-key cipher to be
>used with one key from a finite-sized set, and to use a separate,
>secure channel for transmitting the key. You can question whether
>this particular channel is secure (I'm certainly not convinced) but
>it doesn't change the basic mode of operationa a bit: in every case,
>you're depending on an opponent not guessing the correct key.
>
>> No cryptographic system is secure if the attacker has the same key that
>> the recipient has.
>
>I don't see a fundamental difference between the attacker choosing
>the correct one of (say) 2^56 different possible keys, and guessing
>the correct star and observation schedule.
>
>> If steganographry is good enough, there is no need
>> for a telescope and it's limited set of "random" variable stars. Just
>> anonymously post your key in one of the binary newsgroups and don't
>> say what it is.
>
>I think you're getting the fundamentals incorrect here. The only
>real question is whether there are enough variable stars easily
>visible from both locations to provide a large enough key that the
>attacker can't reasonably exhaust your key space. That's not
>fundamentally any different from any other secret-key cipher.
>
(Guy takes a break, thinks about it for a while, returns)
I believe that you are right. There really is no difference.
(Oops! Sorry! I thought that I was in soc.religion.quaker.
make that "If you lack the mentality to understand my arguments
I am not going to bother enlightening you." <grin>)
I still don't see the advantages of using a telescope. Why not
use one of the many cheaper alternative keyspaces that both parties
can access?
------------------------------
From: "Stou Sandalski" <tangui [EMAIL PROTECTED]>
Subject: Re: NSA
Date: Sat, 1 Apr 2000 19:30:49 -0800
"Jerry Coffin" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> In article <6JhF4.467$[EMAIL PROTECTED]>, "Stou
> Sandalski" <tangui [EMAIL PROTECTED]> says...
>
> [ ... talking about the NSA ]
>
> > Also if you look at the jobs they have/research they
> > do it includes stuff like mass storage, and data mining, now thats not
> > exactly bad but it makes me think that they are looking for better ways
to
> > tap everyone... store and mine the data (to find msgs from god I am
> > guessing).
>
> This doesn't sound to me like looking for ways to tap into people at
> all -- rather the opposite, it's looking for ways of finding
> information without having to tap into anything illegal.
> OTOH, if you want to get this sort of information without tapping
> into things, you have to approach it from a different angle. You're
> likely (for example) to try to find a serious mismatch between the
> amount of mining equipment going into the country and the amount of
> ore the country produces.
>
Damn I can not belive I didn't think of this while I was looking at it I
understand research of mass storage methods can lead me to belive they are
taping everyone. but data mining is perfect for gathering intel without
using invasive tactics. Exactly why would you (problaby could be useful in
same way) need to mine data from taps... you allready have the info you
need, but with d.m. you can get what you need out of information avaiable to
the public...
> > Also I am almost 100% sure that they (maybe not officialy but people
from
> > the nsa) read this newsgroup, probably not to spy on people but to get
<snip>
> I really doubt that they read it with the intent or belief that
> they'll learn anything new about cryptology. They might, however,
> read other parts of Usenet for indications of people committing
> crimes -- as you mentioned, people DO have a tendency to brag, and I
> suspect most criminals are thoroughly human in this respect.
I ment to say that they read it to see how much we know about crypto, not so
much about learning new tricks. Since we don't know how the nsa is
organized internaly... they might laugh at someone saying "I found this on
usenet" or they might be so obsessed with it they are archiving it like
there's no tomorow... infact the more assumptions we make the more we start
to look like berkeley graduate students in mathematics... : )
------------------------------
Date: Sun, 02 Apr 2000 03:12:16 +0100
From: David Hopwood <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: Blowfish
=====BEGIN PGP SIGNED MESSAGE=====
Tom St Denis wrote:
> Joseph Ashwood wrote:
> > > Smaller ones (or multiples of 1 bit...) don't work?
> >
> > You can always find a way to make it work, a very common way
> > (one of the AES finalists uses it) is to pad to a usable
> > value. For example if you have 33 bits pad with 0 to get 40
> > bits. Just document, document, document.
> > Joe
>
> Even better is to insert a salt there, if you don't already use one. If
> you input 64 bit keys for example, pad the key to 80 bits to get a 16
> bit salt [you may want a bigger salt...]
Depending on the protocol used, that's potentially quite a bad idea.
It could open you up to related key attacks if the salt can be chosen
or manipulated by the attacker.
IMHO, there is no reason whatsoever to use keys that are not a multiple
of 8 bits; it just introduces unnecessary complication.
- --
David Hopwood <[EMAIL PROTECTED]>
PGP public key: http://www.users.zetnet.co.uk/hopwood/public.asc
RSA 2048-bit; fingerprint 71 8E A6 23 0E D3 4C E5 0F 69 8C D4 FA 66 15 01
=====BEGIN PGP SIGNATURE=====
Version: 2.6.3i
Charset: noconv
iQEVAwUBOOasQjkCAxeYt5gVAQFL7AgAq+7PQbNYP/tThE2HL87TV0blTYIqC7XT
Uezxewt+g1UUrypZfTjmfJQqbgTBTEsjCtBq47AHUPCl50E4JgoCafay1cb5TUPB
eqxGYaXEXEheVe6v7dxowcO4O9TuKYsYntkJMgN2aP91KswE4yY7pcrfjSVuYe8N
9ZpO1n2ZW6J5y1VJt0MkMtitrscMdx1DEdHFJuosxMYJS9NNOy0teZIwFxMo3nVE
bA6rd08jMG90SXT7Ue1AAmBI44T4KqwlLm7zT5LpXarZwCMAXlZQys5lurBhUvFG
n5kp8hRvzpXP9O2ut8rQ5aIyGaNDKefYrpS2BSW7RDWlI+GxqkiX7A==
=qZLg
=====END PGP SIGNATURE=====
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
