Cryptography-Digest Digest #491, Volume #11 Wed, 5 Apr 00 03:13:01 EDT
Contents:
Re: OAP-L3: Semester 1 / Class #1 All are invited. (Anthony Stephen Szopa)
Re: Download Random Number Generator from Ciphile Software (Anthony Stephen Szopa)
Re: Download Random Number Generator from Ciphile Software (Anthony Stephen Szopa)
Re: OAP-L3: Semester 1 / Class #1 All are invited. (Anthony Stephen Szopa)
Re: OAP-L3: Semester 1 / Class #1 All are invited. (Anthony Stephen Szopa)
Enigma machine stolen (Jeffrey Herman)
Re: Enigma machine stolen ("Stou Sandalski")
Re: Magnetic Remenance on hard drives. (was: Re: Evidence Eliminator - Who is trying
to silence our program? It's not working...) ("Marty")
Re: OAP-L3: Semester 1 / Class #1 All are invited. (DMc)
How much to encrypt? (David Hopwood)
Re: GSM A5/1 Encryption (Arturo)
Re: GSM A5/1 Encryption (Arturo)
Re: GSM A5/1 Encryption (Arturo)
Re: NSA ("Stou Sandalski")
----------------------------------------------------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto
Subject: Re: OAP-L3: Semester 1 / Class #1 All are invited.
Date: Tue, 04 Apr 2000 21:56:07 -0700
Harvey Rook wrote:
>
> "Anthony Stephen Szopa" <[EMAIL PROTECTED]> wrote in message > For any who
> need a lesson: first a random digit triplet is formed
> > directly from the random digit generator. If this number is
> > greater than 767 it is discarded. Otherwise this number is
> > divided by 3 and the remainder is truncated. This and all
> > subsequent random numbers from 000 - 255 calculated in this manner
> > are then stored in RandOut files usually having a length of
> > 18144000 binary bytes each. These several RandOut files are
> > further processed repeatedly using as many as ten different
> > processes. All processes use true random user input as parameters.
> > Finally, these RandOut files are combined randomly in the OTPs again
> > using true random user input. This is it in a nutshell. Read the
> > documentation available in the Help Files for more details at
> > http://www.ciphile.com
> >
>
> Out of curiosity, Why are you generating biased numbers?
> 0 and 255 will show up much less often than 127 and 128.
> This operates on the same principle as rolling 3 dice,
> summing them up and then dividing by 3. The value of 1
> and 6 will only show up about 0.5 % of the time, but the
> value of 3 will show up 8.3% of the time.
>
> Harvey Rook
Your point of contention / question indicates clearly that you
do not have the software, have not thoroughly read the Help Files,
have not run the examples, and have not taken the tutorials.
You are unmotivated and do not deserve any of my time.
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Subject: Re: Download Random Number Generator from Ciphile Software
Date: Tue, 04 Apr 2000 22:01:18 -0700
"Douglas A. Gwyn" wrote:
>
> Anthony Stephen Szopa wrote:
> > I address this issue when I discuss inherent or introduced bias
> > either in the theory or the processes in the Theory Help file.
> > If there are no biases in either then there are no
> > cryptoanalytically exploitable characteristics.
>
> That's simply not true, if you're using "bias" with its usual
> statistical meaning. For example: take *any* (possibly biased)
> binary cipher stream, and map its "0" to "AB", maps its "1" to
> "BA". If you wish, then map "A" to "0" and "B" to "1". The
> result is a totally unbiased binary cipher stream, which can
> readily be converted back into the original (biased) cipher
> stream and then broken however the original cipher could be
> broken. So, the absence of bias doesn't imply anything one
> way or the other about the system's security.
>
> Or perhaps by "bias" you mean something about the elementary
> operators that are composed to construct the encryption system.
> It is a fact that any Boolean function can be built solely
> using NAND operators, and the output of a NAND operator is a
> symmetric function of the inputs. Yet the overall system is
> an arbitrary, typically highly unsymmetric, function. One has
> to be careful in asserting that properties of the components
> of a system are inherited by the system as a whole; usually
> that is not true. (When it is true, we have an "algebra", and
> that is mathematically worthy of study.)
Discuss the software. I do not want to have you exploit your
erudition, and pontificate.
If you have a point about the software make it and support it
with fact.
To do this you must have the software, have thoroughly read the
Help Files, run the examples, and taken all the tutorials.
If you will not do this I have no time to spend with such an
unmotivated person.
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Subject: Re: Download Random Number Generator from Ciphile Software
Date: Tue, 04 Apr 2000 22:05:47 -0700
"Douglas A. Gwyn" wrote:
>
> Anthony Stephen Szopa wrote:
> > I just haven't heard of one yet.
>
> Sure you have, but you just replied it was "wrong" then ignored it.
>
> The stepping motion of the first mixfile allows a standard Friedman
> square attack against the mixfiles.
I said the person was wrong because it is obvious that to suggest
this is to clearly misunderstand the software. This can only be
accounted for by the person not having the software, not
thoroughly reading the Help Files, not running the examples,
and not taking all the tutorials.
I also believe this description applies to you.
I have no more time to spend with such an unmotivated person.
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Subject: Re: OAP-L3: Semester 1 / Class #1 All are invited.
Date: Tue, 04 Apr 2000 22:08:00 -0700
DMc wrote:
>
> On Mon, 03 Apr 2000 23:09:46 -0700, Anthony Stephen Szopa
> <[EMAIL PROTECTED]> wrote:
>
> [snip]
>
> >You certainly realize that there is at least one person in this news group
> >that actually thinks that the random digits from the random digit
> >generator are used directly in the encryption process. This is because
> >he hasn't a clue.
>
> >There may even be some in this news group that think that the random
> >numbers from 000 - 255 calculated directly from the random number
> >generator are used directly in the encryption process. These people
> >also haven't a clue.
>
> I may be that one person, or at least one of those persons. Except,
> I took you at your original word that your downloadable "pseudorandom"
> generator was NOT to be used for crypto purposes.
>
> >For any who need a lesson: first a random digit triplet is formed directly
> >from the random digit generator.
>
> I fully understand this is your intended procedure. Currently, I am
> not able to do that procedure. Your "lessons" have a great many words
> about what you are doing, and how great that is for all of us, but
> very little about how to do it in a reasonable fashion.
>
> >If this number is greater than 767 it is discarded. Otherwise this number
> >is divided by 3 and the remainder is truncated. This and all subsequent
> >random numbers from 000 - 255 calculated in this manner are then
> >stored in RandOut files usually having a length of 18144000 binary
> >bytes each. [snip]
>
> This is where you and I presently part company. I am only interested
> how random your "random numbers from 000 - 255" are. So far, after
> reading an enormous number of words from you, I only have your
> assurance they are "true random" numbers.
>
> If "true random" numbers, then it is possible for your final crypto
> product to be what you say it is. If not, I suggest the old saying of
> "making a silk purse out of sow's ear" is relevant.
>
> By the way, it is your burden to define, and explain what you mean
> by, "true random" numbers.
>
> >These several RandOut files are further processed repeatedly using
> >as many as ten different processes. All processes use true random
> >user input as parameters.
>
> [snip]
>
> >Let's now discuss your proposition strictly regarding the random digit
> >generator (this is not a discussion about the OAP-L3 software as a
> >whole.)
>
> Exactly what I want to do. It is you who keeps shifting the subject
> beyond this point. (See your 4th comment below.)
>
> >First let me say this: everyone knows that computer software
> >programs are entirely deterministic.
>
> So far, there are only conjectures about that. I know that some
> mathematicians have presented complexity and finite space theories,
> but none currently raise above mere conjecture.
>
> >Knowing the algorithm and the inputs you can predict the output
> >before even running the process if you are so inclined.
>
> Fascinating bull hockey; Take the simple Park and Miller minimal
> standard generator with an initial seed of 1. Now tell me the 1 073
> 741 825th seed value without running the generator.
>
> >You can also go the other way.
>
> Double, maybe quadruple, bull hockey!
>
> >Regarding encryption software I like to think of there being an
> >explicit key and an implicit key.
>
> [snip]
>
> See, here you are talking crypto use again. Maybe you, like William
> Jefferson Clinton, have a unique definition of "strictly regarding."
>
> >I do agree that you can at least show your employer that you have
> >done something in the hopes of justifying your salary but
> >unfortunately you have gotten no further to the goal of cracking
> >the OAP-L3 software.
>
> I get that you are attempting to sell your crypto system to some
> group of people. Do you honestly think you are going to do well with
> that goal by insulting people?
>
> [EMAIL PROTECTED]
Explain to me why you do not have the software, have not
thoroughly read the Help Files, not run the examples, and
taken all the tutorials?
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Subject: Re: OAP-L3: Semester 1 / Class #1 All are invited.
Date: Tue, 04 Apr 2000 22:09:00 -0700
"Trevor L. Jackson, III" wrote:
>
> DMc wrote:
>
> > On Mon, 03 Apr 2000 23:09:46 -0700, Anthony Stephen Szopa
> > <[EMAIL PROTECTED]> wrote:
> >
> > I get that you are attempting to sell your crypto system to some
> > group of people. Do you honestly think you are going to do well with
> > that goal by insulting people?
>
> Actually it may be worse than that. If he's been selling software as
> cryptologicaly secure in spite of the criticisms he's received and said
> software turns out to be the junk/snake-oil the criticisms claimed it to be, he
> may be subject to suits for recovery of the money he collected and any
> consequential damages those customers sustains through the use of his
> software. If someone publishes a credible "crack" of his software, those
> customers may also have conversion costs attributable to their reliance on his
> software and the need to hastily replace it with something that works.
>
> On the criminal side, purveyance of a flawed product, one _not_ suitable for
> its intended use, may be fraud. Ignoring cautions regarding the worthlessness
> of said software may be negligence, which is manifest as a "careless disregard
> for another's welfare".
>
> Thus using insults as rejoinders may cost him much more than simply lost
> customers. If insults are all he offers in defense of his actions and
> statements those insults may be expensive in terms of money (damages) and time
> (prison).
Running out of ideas?
------------------------------
From: [EMAIL PROTECTED] (Jeffrey Herman)
Subject: Enigma machine stolen
Date: 5 Apr 2000 05:43:35 GMT
One of a small handful of existing WWII German Enigma encryption
machines was stolen from a London museum as per CNN. Please alert
any Enigma collectors that you might know of. CNN said the museum
has posted an announcement on a web site, but didn't give a URL.
Jeff KH6O
------------------------------
From: "Stou Sandalski" <tangui [EMAIL PROTECTED]>
Subject: Re: Enigma machine stolen
Date: Tue, 4 Apr 2000 23:06:49 -0700
"Jeffrey Herman" <[EMAIL PROTECTED]> wrote in message
news:8cejq7$rdt$[EMAIL PROTECTED]...
> One of a small handful of existing WWII German Enigma encryption
> machines was stolen from a London museum as per CNN. Please alert
> any Enigma collectors that you might know of. CNN said the museum
> has posted an announcement on a web site, but didn't give a URL.
> Jeff KH6O
>
There's been a whole thread about this for some time... and it just got
returned btw
Stou
------------------------------
Reply-To: "Marty" <[EMAIL PROTECTED]>
From: "Marty" <[EMAIL PROTECTED]>
Subject: Re: Magnetic Remenance on hard drives. (was: Re: Evidence Eliminator - Who is
trying to silence our program? It's not working...)
Date: Tue, 4 Apr 2000 23:23:14 -0700
Guy Macon <[EMAIL PROTECTED]> wrote in message
news:8c8l1u$[EMAIL PROTECTED]...
> In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Thor Arne
Johansen) wrote:
> >
>.....
> for the space shuttle, and most recently DVD-RAMs. None of this
> experience is with modern disk drives, but I understand the basics,
> and have recovered "erased" data from these various recoding devices
> using fine iron powder and a good microscope. I have also failed to
> recover the data many times. This opsolete technique wouldn't work
> withy modern disk drives, of course - a quick calculation shows that
> the features are too small for that. It is important to realize that
> we had plenty of nonlinearity, Spindle Jitter, Clock Jitter, poor
> signal to noise, and correlated noise, and that this did not prevent
> recovery.
>
Ah, Magna-See. Good up to at least 800bpi as I recall.
-Marty
------------------------------
From: DMc <[EMAIL PROTECTED]>
Subject: Re: OAP-L3: Semester 1 / Class #1 All are invited.
Date: Wed, 05 Apr 2000 06:28:03 GMT
On Tue, 04 Apr 2000 22:08:00 -0700, Anthony Stephen Szopa
<[EMAIL PROTECTED]> wrote:
>DMc wrote:
>>
>> On Mon, 03 Apr 2000 23:09:46 -0700, Anthony Stephen Szopa
>> <[EMAIL PROTECTED]> wrote:
>>
>> [snip]
>>
>> >You certainly realize that there is at least one person in this news group
>> >that actually thinks that the random digits from the random digit
>> >generator are used directly in the encryption process. This is because
>> >he hasn't a clue.
>>
>> >There may even be some in this news group that think that the random
>> >numbers from 000 - 255 calculated directly from the random number
>> >generator are used directly in the encryption process. These people
>> >also haven't a clue.
>>
>> I may be that one person, or at least one of those persons. Except,
>> I took you at your original word that your downloadable "pseudorandom"
>> generator was NOT to be used for crypto purposes.
>>
>> >For any who need a lesson: first a random digit triplet is formed directly
>> >from the random digit generator.
>>
>> I fully understand this is your intended procedure. Currently, I am
>> not able to do that procedure. Your "lessons" have a great many words
>> about what you are doing, and how great that is for all of us, but
>> very little about how to do it in a reasonable fashion.
>>
>> >If this number is greater than 767 it is discarded. Otherwise this number
>> >is divided by 3 and the remainder is truncated. This and all subsequent
>> >random numbers from 000 - 255 calculated in this manner are then
>> >stored in RandOut files usually having a length of 18144000 binary
>> >bytes each. [snip]
>>
>> This is where you and I presently part company. I am only interested
>> how random your "random numbers from 000 - 255" are. So far, after
>> reading an enormous number of words from you, I only have your
>> assurance they are "true random" numbers.
>>
>> If "true random" numbers, then it is possible for your final crypto
>> product to be what you say it is. If not, I suggest the old saying of
>> "making a silk purse out of sow's ear" is relevant.
>>
>> By the way, it is your burden to define, and explain what you mean
>> by, "true random" numbers.
>>
>> >These several RandOut files are further processed repeatedly using
>> >as many as ten different processes. All processes use true random
>> >user input as parameters.
>>
>> [snip]
>>
>> >Let's now discuss your proposition strictly regarding the random digit
>> >generator (this is not a discussion about the OAP-L3 software as a
>> >whole.)
>>
>> Exactly what I want to do. It is you who keeps shifting the subject
>> beyond this point. (See your 4th comment below.)
>>
>> >First let me say this: everyone knows that computer software
>> >programs are entirely deterministic.
>>
>> So far, there are only conjectures about that. I know that some
>> mathematicians have presented complexity and finite space theories,
>> but none currently raise above mere conjecture.
>>
>> >Knowing the algorithm and the inputs you can predict the output
>> >before even running the process if you are so inclined.
>>
>> Fascinating bull hockey; Take the simple Park and Miller minimal
>> standard generator with an initial seed of 1. Now tell me the 1 073
>> 741 825th seed value without running the generator.
>>
>> >You can also go the other way.
>>
>> Double, maybe quadruple, bull hockey!
>>
>> >Regarding encryption software I like to think of there being an
>> >explicit key and an implicit key.
>>
>> [snip]
>>
>> See, here you are talking crypto use again. Maybe you, like William
>> Jefferson Clinton, have a unique definition of "strictly regarding."
>>
>> >I do agree that you can at least show your employer that you have
>> >done something in the hopes of justifying your salary but
>> >unfortunately you have gotten no further to the goal of cracking
>> >the OAP-L3 software.
>>
>> I get that you are attempting to sell your crypto system to some
>> group of people. Do you honestly think you are going to do well with
>> that goal by insulting people?
>>
>> [EMAIL PROTECTED]
>
>Explain to me why you do not have the software, have not
>thoroughly read the Help Files, not run the examples, and
>taken all the tutorials?
>
I do have the downloadable software [again, just in case I missed
anything the first time], I read the help files several times [again],
and the same for the tutorials. I have not run the examples because
they are for encrypt/decrypt purposes.
You have once again changed the subject.
My tentative conclusion is you are a mere crazymaker. It follows
from the principle that you are what you do, not what you say.
Until you disclose something technically revealing about anything
you purport to do here, I will no longer consider and respond to your
incessant demands, insults, and specious technoravings.
[EMAIL PROTECTED]
------------------------------
Date: Wed, 05 Apr 2000 05:53:02 +0100
From: David Hopwood <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: How much to encrypt?
=====BEGIN PGP SIGNED MESSAGE=====
[EMAIL PROTECTED] wrote:
> In a previous article, David Hopwood <[EMAIL PROTECTED]> writes:
> >[EMAIL PROTECTED] wrote:
> >> I disagree. Information about the structure of the plaintext is bound
> >> to eventually leak out anyway, and when it does a long encrypted
> >> message (which includes the tags) will be vulnerable to a known plain
> >> text attack - simply because the tags are known.
> >
> >I disagree strongly. It's sensible not to assume that the structure is
> >unknown, but that's very different from assuming that it is always
> >"bound to eventually leak out anyway", and therefore shouldn't be
> >encrypted. If the possibility of parts of a data stream being known
> >were a valid argument for leaving those parts in the clear, you'd end
> >up not encrypting anything.
>
> Well, it is not necessarily a bad thing to encrypt nothing. Encryption (a)
> takes time,
Yes, that can be a valid consideration (although IME, it is not normally
the case that the "content" or "body" part of a data stream is significantly
smaller than the whole stream, for most protocols).
> and (b) increases the risks, if even remotely, of a key recovery attack.
But this is not. It is a complete red herring for modern ciphers. Not
encrypting something reveals it to an eavesdropper 100% of the time
with zero additional effort (of course she may have known it already; in
general we don't know whether she did or not). Compare that with a
theoretical attack that the cipher was designed to be resistant to, and
that if it is not to be considered hopelessly weak by modern standards,
would require more than 2^40 or so exactly-known plaintext/ciphertext
pairs (or the equivalent keystream for a stream cipher).
> Only encrypt what you need to protect.
It seems we really do have a substantive disagreement. Following, as a
rule of thumb, the principle "only encrypt what you need to protect", is
far more likely to result in cryptosystems that leak information that the
user(s) would have wanted to be secret, than following "encrypt everything
that can be encrypted".
(Of course these are both overstated versions of our actual positions,
and there are considerations that would override them in some cases.)
I'm not suggesting encrypting things that are explicitly intended to be
public (except where that helps to provide anonymity or other desirable
features). I am suggesting that where you have some data that needs to be
secret, you should as far as possible encrypt *all of it*, including any
associated meta-data, headers, structure, etc., and that it is in most
cases irrelevant whether doing that would provide known plaintext.
> But of course you have to balance these considerations.
>
> >A general rule of thumb is to encrypt everything that can be encrypted,
> >and to use a cipher that is designed to resist known (and chosen) plaintext
> >attack, and has been extensively analysed under that attack model.
>
> You sound like a physician who prescribes antibioticum as a cure for
> everything.
As it happens, I have been ranting for years about the folly of
inappropriate use of antibiotics (in both animals and humans), but
that is not on-topic for this group.
> Such prescriptions are prone to lead to huge problems with multi
> resistent bacteria.
Your analogy doesn't make sense, because there is nothing analogous to
a resistance problem that would be caused by the approach I suggested.
Antibiotic resistance in bacteria is:
a) transmissible
b) increases over time
c) is a global, generally irreversible problem that extends beyond the
context in which the antibiotics were originally (mis)used.
Where are the corresponding features of encrypting something that didn't
strictly need to be encrypted?
- --
David Hopwood <[EMAIL PROTECTED]>
PGP public key: http://www.users.zetnet.co.uk/hopwood/public.asc
RSA 2048-bit; fingerprint 71 8E A6 23 0E D3 4C E5 0F 69 8C D4 FA 66 15 01
=====BEGIN PGP SIGNATURE=====
Version: 2.6.3i
Charset: noconv
iQEVAwUBOOrGOjkCAxeYt5gVAQGr8gf/QEUyPdaR/PMCa8gdaJjvy1ww6i6SI0Mm
vYlmx0ULt/UW9nuUBymivKR0hXJcvyxw2yLtI21dIWvkd+tZIed4evoQed6AQDZF
CSy9xm4cV5nVmCREYiXIHWdBprlUeYE+ZBOvhu+07RHYes+uJW5RCSdL6yfvFEBz
2F0aXzCmkbGLXWZL4UKo9Pk8wTW4wDpNL95eSmuXX0CrC6tj32EiEtESFplaUgx2
r92icM4uQi612r9RV9EZ6aXB8Cu10nWZHdn5q2w/EjuTAfRjpEwDERpWbIuqiIsT
ON71Tx0uTEsSE+Rl7QcnipXi+FZBk+Qd7RdMb032NmbstXjLZue4hg==
=3i1Y
=====END PGP SIGNATURE=====
------------------------------
From: [EMAIL PROTECTED]=NOSPAM (Arturo)
Subject: Re: GSM A5/1 Encryption
Date: Wed, 05 Apr 2000 06:47:12 GMT
On Tue, 04 Apr 2000 02:34:30 GMT, Matt Linder <[EMAIL PROTECTED]> wrote:
>My question is how difficult is it or would it be to decrypt (in real
>time) the over the air voice traffic in GSM (and TDMA) that have been
>encrypted using the A5/1 stream cypher?
>I have done some research on the internet, and have found conflicting
>information. some make it sound like its not so hard, but others make
>it sound almost impossible (especially in real time) I think the latter
>is the general consensus.
>My naive understanding is that with a 64 bit key, it would take forever
>to try each key.
>What is the truth?
64 bits means a lot, but there�s more to it
a) a DES (56 bits) cracking machine was built with off-shelf
technology by the Electronic Frontiers Foundation. If they can break DES in
a few hours, 64 bit keys are within reach. Fine, 64 bit means 256 times a
larger keyspace, but ...
b) seems like 10 of those 64 bits are zero, so the strength of the
algorithm is only about 54 bits, puls ...
c) recent cryptanalytical attacks suggests that it has a strength
equivalent to only 40 bits (that is, 2^20 flops and you got it). Plus
d) (to be filled as new advances are known).
You might find interesting to read about the Berkeley team that
broke the algorithm. It can be found at the SmartCard Developers
Association at www.scard.odg
>I have seen some ads from companies like G-com in new york that
>advertise GSM intercept equipment for sale (to law enforcement only of
>course !)
It is posslble. Would you share the url, please?
>P.S. Some people imply that the NSA made it weak on purpose, but after
>doing some research it sounds like it would be difficult even for
>them. Do you think they have a machine that can do it?
>thanks.
It is easy for them, and surely they do have such machine.
------------------------------
From: [EMAIL PROTECTED]=NOSPAM (Arturo)
Subject: Re: GSM A5/1 Encryption
Date: Wed, 05 Apr 2000 06:49:11 GMT
On Tue, 04 Apr 2000 03:34:49 GMT, Tom St Denis <[EMAIL PROTECTED]> wrote:
>
>
>Matt Linder wrote:
>Nope. The avg joe can decrypt A5/1 encrypted messages in a matter of a
>week or so at the most. It's just not a secure cipher.
>
>I think it's www.iyj.com or something that talks about it in more
>detail.
>
>Tom
Tom, you mean John Young�s Archive, don�t you. He has some of the
best archives I know of, not only about GSM. The GSM section is at
http://jya.com/cryptout.htm#GSM
------------------------------
From: [EMAIL PROTECTED]=NOSPAM (Arturo)
Subject: Re: GSM A5/1 Encryption
Date: Wed, 05 Apr 2000 06:51:33 GMT
On 4 Apr 2000 04:52:56 GMT, David A Molnar <[EMAIL PROTECTED]> wrote:
>Matt Linder <[EMAIL PROTECTED]> wrote:
>> My question is how difficult is it or would it be to decrypt (in real
>> time) the over the air voice traffic in GSM (and TDMA) that have been
>> encrypted using the A5/1 stream cypher?
>
>Do a web search for "Fast Software Encryption 2000". On the program is
>a paper by Biryukov, Shamir, and Wagner on a "Real-Time Cryptanalysis
>of the Alleged A5/1 Stream Cipher." There is some information about it
>online at
>
>http://cryptome.org/a51-bs.htm (preliminary draft with Biryukov and
> Shamir only; I don't know what Wagner
> added, but am confident it was cool)
>
>http://cryptome.org/a51-crack.htm (discussion)
>
>The preliminary version required 128 MB RAM and 2 73 GB hard disks.
>
Keep in mind, however, that these are results obtained for a couple
researchers working with limited time, budget and staff. Wonder how much
better the 3-letter-agencies can do it.
------------------------------
From: "Stou Sandalski" <tangui [EMAIL PROTECTED]>
Subject: Re: NSA
Date: Tue, 4 Apr 2000 22:58:15 -0700
"Johnny Bravo" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> On Tue, 04 Apr 2000 03:52:47 GMT, [EMAIL PROTECTED] wrote:
> >necessary). It's illegal for the NSA to spy on
> >Americans living in the U.S., and, thus, it
> >might be illegal for them to gather potentially
> >incriminating intel from or about Americans
> >here who are using the Internet, usenet, etc.
> >Perhaps Britain, e.g., does collect the intel and
> >shares some of its findings with the U.S.
>
> But nothing prevents other three letter agencies from doing so.
> The FBI would probably be interested, and due to the public nature
> of the net they wouldn't even have to worry about getting a warrant
> to read posts from people they have an interest in.
>
Infact the FBI already does investigate people without any real cause or at
least a cause IMHO... a few friends of my sister's are grad students in
physics at Berkeley and they work ( I guess do some kind of research or
something ) at the Laurence Livermore(sp) Lab... they told her that they are
required to report the name(s) of the girls they are dating to their
superiors so the FBI can check the background of them. I wasn't really
paying attention to what she was saying (her Noise to Signal ratio is pretty
high and conversations jump from topic to topic... not your typical
mathematician)... but I am guessing maybe LLNL are afraid that the guys will
disclose to nuclear launch codes in their sleep or something. after that
chinese guy got accused of stealing all the plans for the ultra compact
nukes they require you to be at least 18 and a US citizen to visit the LLNL,
I understand nuclear secrets are precious... but to be 18? now an 18 year
old person is more likely to jack the secrets then a 9 year old kid... ?
Stou
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
