Cryptography-Digest Digest #466, Volume #11 Sun, 2 Apr 00 12:13:00 EDT
Contents:
Disc encryption software question ("DIAMOND Mark R")
Re: Is it really NSA ?! ("Douglas A. Gwyn")
Re: after TWINKLE, TWEEDLE? A new step for accelerating factorization (Fred Chen)
Re: I will make ANY software for ANYBODY (Tony L. Svanstrom)
Re: OAP-L3: Semester 1 / Class #1 All are invited. (Taneli Huuskonen)
Re: Sunday People 26/3/2000: "FORGET YOUR PASSWORD... END UP IN JAIL" ("Stormshadow")
Re: OAP-L3: Semester 1 / Class #1 All are invited. (Guy Macon)
Re: Crypto API for C (Tom St Denis)
Re: Blowfish (Tom St Denis)
Re: NSA ("Gary Watson")
Re: Using Am-241 to generate random numbers ("Jed Rothwell")
Stolen Enigma ("Gary Watson")
Re: Stolen Enigma (Rick Smith)
Re: Using Am-241 to generate random numbers (Guy Macon)
----------------------------------------------------------------------------
Date: Sun, 2 Apr 2000 17:36:15 +0800
From: "DIAMOND Mark R" <[EMAIL PROTECTED]>
Subject: Disc encryption software question
I hope this is not an inappropriate place for the following question.
Does anyone know of a review of the software "PC Safe", a disc encryption
package. I'm looking for something which will tell me how secure the
encryption itself is, and whether its security depends only on not being
able to have extended access to the hard disc (say by just pulling it out
of the old machine and putting it as a non-boot drive into a new machine).
I saw the software advertised in a professional (non-computing) magazine as
a method of securing the confidentiality of patient records.
--
Cheers
Mark R Diamond
==========================================================================
Mark R Diamond
Vision Research Laboratory
Department of Psychology
The University of Western Australia
no spam email: markd at psy dot uwa dot edu dot au
Disclaimers: The opinions expressed herein are those of
the author, and are not intended to reflect on any
official positon held by The University of Western
Australia generally, the Department of Psychology
specifically, or any other individual
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: Is it really NSA ?!
Date: Sun, 02 Apr 2000 09:36:21 GMT
[EMAIL PROTECTED] wrote:
> As Doug Gwyn noted, you should be careful about making statements
> that could be construed as too anti- NSA, FBI, etc.
That wasn't quite my point. You can be as anti as you like,
according to the U.S. Constitution (Amendment 1 protects
freedom of political speech and association), including
saying that they should in principle all be snuffed. What
I was warning against was in publicly plotting to commit a
*specific* crime (such as a physical assault on government
buildings), or being readily construed (e.g. in a court
of law) as having been engaged in such activity. If you
indulge in such stuff, it's much like making jokes about
bombs at the airport security scanner -- even if it was
innocently meant, you can find yourself in serious trouble.
------------------------------
From: Fred Chen <[EMAIL PROTECTED]>
Subject: Re: after TWINKLE, TWEEDLE? A new step for accelerating factorization
Date: Sun, 02 Apr 2000 12:04:59 +0200
Aah, it must sound better than shaking that sieve :-)
Japanese secret services are studying this thoroughly (They recieved the
message on Apr. 2) ;-)
Quisquater wrote:
> Following an important rumor just released by Alice Press, Ali
> ce HAMIR just found a new method for accelerating the second step
> of factorization algorithms: this step needs to handle a very large
> matrix (mainly zeroes) with an access to a computer with a very large
> RAM memory (many GBytes) and is not easy.
>
> The theory is based on an idea published very recently by Peter
> Montgomery (micros.ft): Peter shown how to do these computations
> in parallel (using the Lanczos method).
>
> The new method used ultra-sounds and several small bottles of Klein
> in cascade (it is like an accelerator for elementary particles):
> the goal is to obtain a null vector being the vectorial sum
> of many rows of the large matrix. The matrix is encoded using
> digital sounds (the zeroes are changed into ones) and
> the bottles give fast and iterative interferences. A special sensor
> is used to detect the now all-one vector encoded by
> a specific snark: the cracking sound.
>
> He found this idea just after reading the following page:
>
> http://members.spree.com/seahaas/WONDERLANDWAVS.htm
>
> The realization of such a device is possible with the current
> technology. Adi said: no CRAY, no patent, just a CRY, it is
> like Archimedes: you can now factorize in your bathroom.
> He shown a prototype using Moebius rings interacting with two tweeters.
>
> A presentation at the following hall is scheduled
> http://www.greatwoods.com/
> doing a simulation with violins and batteries,
> sponsored by the National Sound Association.
>
> So by using light (do you remember TWINKLE?
> http://www.geocities.com/EnchantedForest/Cottage/6936/stories/20.htm
> and http://jya.com/twinkle.htm ) and sound
> (without any quantum computations), we now have a multimedia
> factorisation algorithm.
>
> Arjen Lenstra is thinking to change his web page
> http://www.cryptosavvy.com/
> after the year 2000 (a progress for elliptic curves is not
> excluded).
>
> Bob Silperson (RSAink), a leading cryptographer, didn't comment at all
> but repeated again that "You can lead a worse tweedle's ass to
> knowledge, but you can't make him think"
------------------------------
From: [EMAIL PROTECTED] (Tony L. Svanstrom)
Subject: Re: I will make ANY software for ANYBODY
Date: Sun, 2 Apr 2000 12:03:16 +0200
Guy Macon <[EMAIL PROTECTED]> wrote:
> In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
> (Tony L. Svanstrom) wrote:
> >
> >Guy Macon <[EMAIL PROTECTED]> wrote:
> >
> >> In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
> >> (Tony L. Svanstrom) wrote:
> >> >
> >> >Tom St Denis <[EMAIL PROTECTED]> wrote:
> >> >
> >> >> Beat this, I will work for free.
> >> >
> >> >Great, when can I expect the MacOS X ported to Palmcomp. hardware? ;)
> >
> >> There is truth behind the humor here. When Linux is ported to Palmcomp
> >> hardware it will likely be done by someone who works for free.
> >
> >AFAIK they got a Palmunit to start with Linux a cpl of years ago. There
> >wasn't much they could do with it, but it did work... Haven't heard
> >anything about it since then though, most likely because to just get it
> >to start they needed an 8meg Palmunit and at the time they only came
> >with 2 meg. Such a thing could get people to stop working.
>
> Perhaps this explains the lack of a Commodore 64 version of Linux... ;)
Hey... porting the OS of Commodore 64 (whatever it's called) to the
Palmplatform and then pushing Palm IIIc as a Gameboykiller... :-)
/Tony
--
/\___/\ Who would you like to read your messages today? /\___/\
\_@ @_/ Protect your privacy: <http://www.pgpi.com/> \_@ @_/
--oOO-(_)-OOo---------------------------------------------oOO-(_)-OOo--
DSS: 0x9363F1DB, Fp: 6EA2 618F 6D21 91D3 2D82 78A6 647F F247 9363 F1DB
---���---���-----------------------------------------------���---���---
\O/ \O/ �1999 <http://www.svanstrom.com/?ref=news> \O/ \O/
------------------------------
From: [EMAIL PROTECTED] (Taneli Huuskonen)
Crossposted-To: talk.politics.crypto
Subject: Re: OAP-L3: Semester 1 / Class #1 All are invited.
Date: 2 Apr 2000 14:26:01 +0300
=====BEGIN PGP SIGNED MESSAGE=====
Hash: SHA1
In <[EMAIL PROTECTED]> Anthony Stephen Szopa
<[EMAIL PROTECTED]> writes:
[...]
>It is interesting to hear that you have written an algorithm that
>you claim shows a weakness in the random digit generator.
I even posted the source code. However, as I added a few comments while
posting it, I forgot to close two of them near the beginning:
#define BLOCKLEN 1000 /* can be
#define NBLOCKS 100 /* 100 is enough
This should read:
#define BLOCKLEN 1000 /* can be anything > 10 */
#define NBLOCKS 100 /* 100 is enough in practice */
[...]
>Please let us know the answer to these very few and very simple
>questions?
I'm not going to jump through your hoops. My source code contains the
answers to all the relevant questions. You can either test it yourself
or bury your head in the sand. The choice is yours.
In my own testing, my programme correctly predicted tens of thousands of
unknown digits, using the posted values for NBLOCKS and BLOCKLEN. With
both BLOCKLEN and NBLOCKS equal to 100, the number of predicted digits
was consistently above 2000. Every predicted value was checked; there
were no incorrect predictions whatsoever.
The programme takes as input BLOCKLEN * NBLOCKS known digits, which are
among the first 10! * NBLOCKS output values of the PRNG.
Taneli Huuskonen
=====BEGIN PGP SIGNATURE=====
Version: PGPfreeware 5.0i for non-commercial use
Charset: noconv
iQA/AwUBOOcuJF+t0CYLfLaVEQJlfACeM2fUzonOdxhtaYI1uPm9QQUOig4AoOyo
XZHD+/vyfcsD3orZmTVd79BA
=K7oI
=====END PGP SIGNATURE=====
--
I don't | All messages will be PGP signed, | Fight for your right to
speak for | encrypted mail preferred. Keys: | use sealed envelopes.
the Uni. | http://www.helsinki.fi/~huuskone/ | http://www.gilc.org/
------------------------------
From: "Stormshadow" <[EMAIL PROTECTED]>
Crossposted-To:
uk.media.newspapers,uk.legal,alt.security.pgp,alt.privacy,uk.politics.parliament,uk.politics.crime,uk.politics.censorship
Subject: Re: Sunday People 26/3/2000: "FORGET YOUR PASSWORD... END UP IN JAIL"
Date: Fri, 31 Mar 2000 10:54:20 +0300
"PJS" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> If they were done in the traditional way, with a men in berets waving guns
> and making statements about a victory for people's freedom and so on, you
> may be right, but imagine if Straw were simply run over in the street or
> shot by someone completely anonymous.
I don't know about you, but I get a bit suspicious every time a high-profile
political or economical figure suffers a lethal "accident", even if I have no
way of knowing what really happened. But really, do we have that much to hide
that we need to kill to keep our files encrypted? As I said, there are other
methods of persuasion. Bitch like hell to your MPs. After all, they _are_
supposed to represent you.
--
Stormshadow <[EMAIL PROTECTED]>
http://www.saunalahti.fi/hirvox/
------------------------------
From: [EMAIL PROTECTED] (Guy Macon)
Crossposted-To: talk.politics.crypto
Subject: Re: OAP-L3: Semester 1 / Class #1 All are invited.
Date: 02 Apr 2000 08:19:42 EDT
In article <8c7ao9$4hq$[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Taneli
Huuskonen) wrote:
>
>In <[EMAIL PROTECTED]> Anthony Stephen Szopa
><[EMAIL PROTECTED]> writes:
>
>[...]
>
>>It is interesting to hear that you have written an algorithm that
>>you claim shows a weakness in the random digit generator.
>
>I even posted the source code.
[...]
>>Please let us know the answer to these very few and very simple
>>questions?
>
>I'm not going to jump through your hoops. My source code contains the
>answers to all the relevant questions. You can either test it yourself
>or bury your head in the sand. The choice is yours.
>
>In my own testing, my programme correctly predicted tens of thousands of
>unknown digits, using the posted values for NBLOCKS and BLOCKLEN. With
>both BLOCKLEN and NBLOCKS equal to 100, the number of predicted digits
>was consistently above 2000. Every predicted value was checked; there
>were no incorrect predictions whatsoever.
>
>The programme takes as input BLOCKLEN * NBLOCKS known digits, which are
>among the first 10! * NBLOCKS output values of the PRNG.
>
>Taneli Huuskonen
>
You are answering cheap debating tricks with actual results of actual
experiments. Those who value truth already agree with you. Those who
wish to hide flaws in their work will try to change the subject.
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: Crypto API for C
Date: Sun, 02 Apr 2000 13:01:37 GMT
I simply can't believe it. About 100 people have downloaded cb.zip from
my website, and no comments, suggestions or problems. Am I just that
good of a library writer or are some people shy?
Tom
Tom St Denis wrote:
>
> I have yet another release of my CB for C. This one includes many more
> functions. Such as BBS random bit geneation, or the ability to use 'truly'
> random bit soureces to seed the faster secure rng. I added a few hash
> functions [namely tiger and haval] and added a few ciphers as well.
>
> If you want to check it out, you can at http://24.42.86.123/cb.html
>
> If you notice any bugs, or problems please email me.
>
> Thanks for your time.
> Tom
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: Blowfish
Date: Sun, 02 Apr 2000 13:23:51 GMT
David Hopwood wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
>
> Tom St Denis wrote:
> > Joseph Ashwood wrote:
> > > > Smaller ones (or multiples of 1 bit...) don't work?
> > >
> > > You can always find a way to make it work, a very common way
> > > (one of the AES finalists uses it) is to pad to a usable
> > > value. For example if you have 33 bits pad with 0 to get 40
> > > bits. Just document, document, document.
> > > Joe
> >
> > Even better is to insert a salt there, if you don't already use one. If
> > you input 64 bit keys for example, pad the key to 80 bits to get a 16
> > bit salt [you may want a bigger salt...]
>
> Depending on the protocol used, that's potentially quite a bad idea.
> It could open you up to related key attacks if the salt can be chosen
> or manipulated by the attacker.
That's true, was just an idea.
> IMHO, there is no reason whatsoever to use keys that are not a multiple
> of 8 bits; it just introduces unnecessary complication.
Well unless your platform only has 63 bits of memory for the key... I
dunno. I would always use a key that is a multiple of 8 bits, at least
80 bits, etc..
Tom
------------------------------
From: "Gary Watson" <[EMAIL PROTECTED]>
Subject: Re: NSA
Date: Sun, 2 Apr 2000 15:19:40 +0100
Stou Sandalski <tangui [EMAIL PROTECTED]> wrote in message
news:6JhF4.467$[EMAIL PROTECTED]...
> the nsa probably has extreamly powerful computers and things but I doubt
> they have anything exotic like quantum computers and such because people
in
> general like to brag (especialy engineers) and info would have leacked
out.
> of course that is unless the NSA is conspiring with super-inteligent extra
> terrestrials that have allready discovered a way to store all possible PGP
> keys on a single nutrino and can fold time-space so they can jump through
> worm holes and travel in 0 time... hehehe
Well, I hope not, as I just bought a NSA mousepad on E-Bay and it's sitting
next to me right now, and if it suddenly folds space-time, my Packard Bell
keyboard is a gonner, and maybe parts of my right hand.
Oddly, the mousepad is 10" in diameter, which is huge. Do you suppose they
have special mice at NSA?
--
Gary Watson
[EMAIL PROTECTED] (Change dot sex to dot com to reply!!!)
Nexsan Technologies Ltd.
Derby DE21 7BF ENGLAND
http://www.nexsan.com
------------------------------
From: "Jed Rothwell" <[EMAIL PROTECTED]>
Subject: Re: Using Am-241 to generate random numbers
Date: Sun, 2 Apr 2000 10:31:39 -0400
Guy Macon wrote:
> I still don't see the advantages of using a telescope. Why not
> use one of the many cheaper alternative keyspaces that both parties
> can access?
There may not be any advantages. In fact the whole idea may be impractical.
When I proposed the I was merely speculating, or wondering if it would be
possible. However, it does have some notable advantages over some
"alternative keyspaces:"
* It is completely natural, so not subject to any PRND cracking technique.
* It can be read at two locations simultaneously, as I mentioned.
* You can observe it anonymously. This is not true of keys you hide on an
Internet discussion group (or select at random). An attacker might observe
you and your correspondent looking in the same newsgroup and downloading the
same message.
* There are, as I mentioned, 10^20 stars. I have no idea how many produce
random numbers that can be read accurately, but there might be billions,
which would make it impossible for an attacker to record a significant
fraction of them. Even if there were only a 100,000 and someone recorded
them all, you might combine 2 or 3 streams (one reversed), and I think that
would effectively disguise your source.
Another rich source of random noise might be the human genome data. Again,
you might mix data from two or three spots chosen at random. I do not know
how big the genome data set is but I imagine it take a long time to compute
all permutations of three randomly selected segments, backward or forward.
- Jed
------------------------------
From: "Gary Watson" <[EMAIL PROTECTED]>
Subject: Stolen Enigma
Date: Sun, 2 Apr 2000 15:58:44 +0100
CNN is reporting that someone has stolen the Enigma machine from the
Blechley Park exhibit in the UK. They say it's one of 3 in the world.
Although it's a fairly obnoxious crime, you would think that they would
padlock something so valuable before opening the place to the public.
--
Gary Watson
[EMAIL PROTECTED] (Change dot sex to dot com to reply!!!)
Nexsan Technologies Ltd.
Derby DE21 7BF ENGLAND
http://www.nexsan.com
------------------------------
From: Rick Smith <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: Stolen Enigma
Date: Sun, 02 Apr 2000 15:48:58 GMT
Gary Watson wrote:
>
> CNN is reporting that someone has stolen the Enigma machine from the
> Blechley Park exhibit in the UK. They say it's one of 3 in the world.
> Although it's a fairly obnoxious crime, you would think that they would
> padlock something so valuable before opening the place to the public.
Hmm. I seem to remember seeing 3 different Enigma machines (including
one rigged up for visitors to use) on display at the NSA Museum in
Maryland. So the "3 in the world" sounds like careless reportage.
Rick.
[EMAIL PROTECTED]
"Internet Cryptography" at www.visi.com/crypto
------------------------------
From: [EMAIL PROTECTED] (Guy Macon)
Subject: Re: Using Am-241 to generate random numbers
Date: 02 Apr 2000 11:59:32 EDT
In article <8c7lqv$gl6$[EMAIL PROTECTED]>, [EMAIL PROTECTED]
(Jed Rothwell) wrote:
>
>Guy Macon wrote:
>
>> I still don't see the advantages of using a telescope. Why not
>> use one of the many cheaper alternative keyspaces that both parties
>> can access?
>
>There may not be any advantages. In fact the whole idea may be impractical.
>When I proposed the I was merely speculating, or wondering if it would be
>possible. However, it does have some notable advantages over some
>"alternative keyspaces:"
>
>* It is completely natural, so not subject to any PRND cracking technique.
Please excuse me for being confused. It is almost certainly my fault.
There are two mthings here:
[1] A very large collection of keys that are freely accessable by anyone
(including any attacker) who wishes access. These could be stars,
pages from published books, usenet posts, etc.
[2] A method for the sender and reciever to pick the same star/bookpage/etc
without the attacker knowing which one was picked.
You don't need to crack [1]. It is freely available. A PRND crack
that gives the attacker the choice in [2] is the same no matter what
method you use for [1].
>* It can be read at two locations simultaneously, as I mentioned.
As can all other candidates for [1].
>* You can observe it anonymously. This is not true of keys you hide on an
>Internet discussion group (or select at random). An attacker might observe
>you and your correspondent looking in the same newsgroup and downloading the
>same message.
I was assuming that you would get a complete Usenet feed and pick
from that. Certainly making the choice from a remote site opens you
to this attack, whether its a remote news server or a remote telescope.
Thinking about it, if you consider your property safe (can the attacker
who intercepts your TCP/IP packets see which way your telescope is
pointed?), then starlight has a LOT more bandwidth than your internet
connection, which would be a big advantage.
>* There are, as I mentioned, 10^20 stars. I have no idea how many produce
>random numbers that can be read accurately, but there might be billions,
>which would make it impossible for an attacker to record a significant
>fraction of them. Even if there were only a 100,000 and someone recorded
>them all, you might combine 2 or 3 streams (one reversed), and I think that
>would effectively disguise your source.
Yes, but the same technique has the same advantages if you pick some
other large collection of keys that are freely accessable by anyone
who wishes access.
>Another rich source of random noise might be the human genome data. Again,
>you might mix data from two or three spots chosen at random. I do not know
>how big the genome data set is but I imagine it take a long time to compute
>all permutations of three randomly selected segments, backward or forward.
This has the same flaw as usenet posts. An attacker might observe you and
your correspondent looking at the same section of the human genome and
downloading the same gene sequence. Unless you download the whole thing,
which is just as hard as downloading all usenet posts.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
