Cryptography-Digest Digest #830, Volume #11 Sun, 21 May 00 15:13:01 EDT
Contents:
Re: Compare 3DES's. (long) (Was: Mixmasters encrypt how?) (David A. Wagner)
Re: On-line authentication protocol (Richard Heathfield)
Re: quantum crypto breakthru? (Roger Schlafly)
Re: Interpretation of Hitachi patent claims (Jerry Coffin)
Re: Interpretation of Hitachi patent claims (Jerry Coffin)
Re: Plain simple (?) question (Jerry Coffin)
Re: Plain simple (?) question (SCOTT19U.ZIP_GUY)
Re: AES final comment deadline is May 15 (Mok-Kong Shen)
Re: Q: Recording on magnetic cards (Mok-Kong Shen)
Re: Interpretation of Hitachi patent claims (Mok-Kong Shen)
Re: Is OTP unbreakable? (Mok-Kong Shen)
Re: Q: How to find good characteristics for differential cryptanalysis? (David A.
Wagner)
Re: AES final comment deadline is May 15 (Jerry Coffin)
Re: Plain simple (?) question (tomstd)
Re: Who has got RSA simple program (sources on C/C++)? ("Jesper Stocholm")
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (David A. Wagner)
Subject: Re: Compare 3DES's. (long) (Was: Mixmasters encrypt how?)
Date: 21 May 2000 10:11:27 -0700
In article <[EMAIL PROTECTED]>,
Trevor L. Jackson, III <[EMAIL PROTECTED]> wrote:
> These comments ignore the storage costs of the attacks.
I've written this many times here on sci.crypt before,
so I won't repeat the details, but I'll simply mention
that van Oorschot and Wiener have developed techniques
that greatly reduce the storage costs of the attack on
2DES.
------------------------------
Date: Sun, 21 May 2000 18:38:25 +0100
From: Richard Heathfield <[EMAIL PROTECTED]>
Subject: Re: On-line authentication protocol
stanislav shalunov wrote:
>
<an excellent set of questions, which I've snipped for brevity>
Thanks to you and to Thomas Wu for giving me a month's thinking
material. And I was ***convinced*** I had it all worked out. (sigh)
Life's never simple, is it?
Thanks again. I'll consider what you've said and see if I can answer
some of the issues.
--
Richard Heathfield
"Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
37 K&R Answers: http://users.powernet.co.uk/eton/kandr2/index.html (60
to go)
------------------------------
From: Roger Schlafly <[EMAIL PROTECTED]>
Subject: Re: quantum crypto breakthru?
Date: Sun, 21 May 2000 10:49:44 -0700
Tim Tyler wrote:
> :> Measuring the state (interceptor's receiver) interferes with the
> :> state, and the quantum-cryptographic protocol used by the
> :> legitimate communicants detects that interference has occurred.
>
> : I do understand why passively eavesdropping a communication link
> : is made impossible with QC (eavesdropping destroys the message
> : being transmitted)
>
> : However, what about active eavesdropping ? [...]
>
> That also fails for /exactly/ the same reasons. Alice and Bob can detect
> a man in the middle during the verification stage.
No. There are some papers that claim QC protection against
active attacks. Eg,
N. Lutkenhaus, Security against individual attacks for realistic
quantum key distribution, quantu-ph/9910093
E. Biham, M. Boyer, G. Brassard, J. van de graaf, and T. Mor,
Security of Quantum Key Distribution Against All Collective Attacks,
quant-ph/9801022
E. Biham and T. Mor, On the Security of Quantum Cryptography Against
Collective Attacks, quant-ph/9605007
You can find these papers at:
http://arxiv.org/
Eg, Lutkenhaus assumes a secure channel in addition to the QC
channel, and then sends error correcting codes thru it.
It seems bogus to me, but read it for yourself.
------------------------------
From: Jerry Coffin <[EMAIL PROTECTED]>
Subject: Re: Interpretation of Hitachi patent claims
Date: Sun, 21 May 2000 11:52:56 -0600
In article <dlAV4.4$[EMAIL PROTECTED]>, [EMAIL PROTECTED]
says...
> Has anyone compared the Hitachi patents to the two RC5 patents?
Not that I know of. Do you happen to know the numbers of those
patents?
--
Later,
Jerry.
The universe is a figment of its own imagination.
------------------------------
From: Jerry Coffin <[EMAIL PROTECTED]>
Subject: Re: Interpretation of Hitachi patent claims
Date: Sun, 21 May 2000 11:52:53 -0600
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
says...
[ ... ]
> Now what you have classified as '!' and '@' are, as
> you pointed out, not clearly defined and general (all
> encompassing??) and fuzzy. Such are far from being
> acceptable in any serious preliminary specifications of
> any software projects, not to mention prototype coding.
> Thus what the patent claims is indefinite, incomplete,
> ambigious, unclear and misleading.
For better or worse, that doesn't necessarily follow. It may simply
be that _any_ method of deriving that particular piece of data is
covered. I don't have the wording of the claim handy at the moment,
but if a court interpreted it as a "means claim", then they might be
restricted to means that are outlined in the disclosure of the patent
or "reasonable equivalents thereof."
> Consequently the
> patent should be considered to be invalid.
_If_ the disclosure of the patent didn't provide any suggestions as
to how this derivation might take place, and/or it was important that
the derivation be done in a way that isn't known to a person of
ordinary skill in the art, then the patent might well be invalid.
Based only on this claim, by itself, that would be a nearly
impossible argument to make though.
> Anyway,
> the scheme has a certain structure consisting of eight
> steps. So any other scheme differing either in the
> nature of the individual steps or in the number of
> steps are certainly not covered by the scheme.
Yes and no -- simply adding more steps would NOT (by itself) prevent
the claim from applying. If you added something like more steps in
the middle, it migth no longer apply; if you simply added more to the
beginning or end, but those steps remained intact somewhere in the
overall sequence, it would almost certainly still apply.
> In the above, I have attempted to develop some
> arguments that eventually could be useful to refute
> Hitachi's claims. (The claim 1 and 10 are basically of
> the same nature and can be treated together.) It would
> be nice, if a number of persons of the group would
> attempt the same task so that with joint efforts there
> may soon result in something that is really strong and
> useful.
I might take a shot at it, but I don't think most of the arguments
you've advanced are very strong the way they sit right now.
> On the other hand, does anyone know a good way to
> 'elicite' the opinions of the patent experts of NIST,
> IBM and RSA?
I'm not at all sure NIST _has_ any patent experts. Most large
companies (including IBM) DO, but getting their time devoted to this
would probably require convincing some high-ranking IBM executives
that it was going to make some sort of difference to IBM to do it.
I'm not ready to say that's impossible, but I'm not at all sure how
you'd even make a serious attempt at it either.
--
Later,
Jerry.
The universe is a figment of its own imagination.
------------------------------
From: Jerry Coffin <[EMAIL PROTECTED]>
Subject: Re: Plain simple (?) question
Date: Sun, 21 May 2000 12:13:02 -0600
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] says...
[ ... ]
> Anyone here knows which encoding algorithm/implementation uses only those
> printable ascii characters except lowercase letters ?
> What about something that contains a left quote and a right quote (that could
> pass, there are ascii equivalents), but now, what about left double quote and
> right double quote, this ain't ascii ??? The whole lot of the rest is ascii.
It would be relatively easy to design an encoding along the same
general lines as UUencoding that would produce nearly any specific
set of output characters you preferred. OTOH, I've never heard of
anything that used everything but lower-case characters.
--
Later,
Jerry.
The universe is a figment of its own imagination.
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Plain simple (?) question
Date: 21 May 2000 18:21:35 GMT
[EMAIL PROTECTED] (Alain CULOS) wrote in
<[EMAIL PROTECTED]>:
>Hi all,
>
>I'll accept if you tell me (politely) to get lost, but hey I'm damn too
>curious so I'll ask the experts at the risk of being flamed.
>
>Anyone here knows which encoding algorithm/implementation uses only
>those printable ascii characters except lowercase letters ?
>What about something that contains a left quote and a right quote (that
>could pass, there are ascii equivalents), but now, what about left
>double quote and right double quote, this ain't ascii ??? The whole lot
>of the rest is ascii.
>
>In case you wonder what I'm trying to decipher, I'm talking about some
>text pages in the french translation of the novel tilted microserfs. I
>don't know whether the codes are a hoax (like just varnish for the
>novel) or for real. Later on in the novel there is also a binary
>session, that I'll try to decode, but it does not even fall on a byte
>boundary (short 3 bits) so either this really is a hoax, or this is a
>fragment badly terminated.
>
>Thanks for your attention,
>Regards,
>Alain.
>
>
if you go to my site you can see that by using my conditonal one to one
compression decompression programs it is easy to compress any set of
symbols to a binary file then encrypt that binary file to another binary
file and transfrom that result to a file of any what every character set
you disire. With proper weighting you can even map the random looking file
you got with the encryption to a weighted subset of any ascii symbol set
you choose so that even certain symbols would appear to have special
meaning to idiots who look at frequency data in something encrypted with
methods like this would be blinly lead astray.
http://members.xoom.com/ecil.index
site best viewd with netscape all advanced features disabled.
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: AES final comment deadline is May 15
Date: Sun, 21 May 2000 20:34:17 +0200
DJohn37050 wrote:
> Key agility is the ability to change keys fast or not. Contrast with
> encrypting a large file with one key. The most extreme case is changing a key
> for every block. In practise, it is say 4 blocks.
Earlier I learned that for DES hardware the generation of the
subkeys could be done parallel with the round processing, i.e.
available just in time for the next round. Doesn't that fact at
least greatly reduce the significance of the key agility issue?
Thanks.
M. K. Shen
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Q: Recording on magnetic cards
Date: Sun, 21 May 2000 20:34:41 +0200
Francois Grieu wrote:
> Mok-Kong Shen <[EMAIL PROTECTED]> wrote :
>
> > I can't detect the presence of any chip on it
>
> The IC can be embeded inside the card. Try to look thru the card with
> a bright light behind, you'll probably see a dark area where the IC
> is, and a moreless rectangular coil at the periphery of the card.
>
> Be sure
> - not to look at the bright light unless it is hidden by the card
> - not to let the light melt the card
>
I tried. Except the part covered by the black stripe, which I
couldn't look through, there was no indication of presence of
a chip. BTW, why do you think that it is 'necessary' to
secretly hide the presence of a chip? The normal telephone
cards clearly show where the chips are. Note also that the
amount to be recorded on the paying cards of the kind I use
is small. Further, if someone has the ability to do frauds, then he
certainly has also the technique to locate the chip, if there is one.
M. K. Shen
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Interpretation of Hitachi patent claims
Date: Sun, 21 May 2000 20:34:33 +0200
"Trevor L. Jackson, III" wrote:
> What may appear novel to a patent examiner may not be novel to someone fully
> aware of prior art. This is why patent apps have to disclose prior art. Such
> disclosures inform the examiners in areas they cannot be expected to be
> adequately informed. Unobviousness it not as easy as novelty. The ISO unit of
> measure for prior art is the second. There is no unit for unobviousness, so a
> patent application cannot support the unobviousness requirement with objective
> information. Thus disputes about the obviousness of patent applications resolve
> down to subjective evaluations.
This underlines the desirability of having public review of patent applications.
M. K. Shen
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Is OTP unbreakable?
Date: Sun, 21 May 2000 20:34:27 +0200
Paul Schlyter wrote:
> Mok-Kong Shen <[EMAIL PROTECTED]> wrote:
>
>
> > A slight disadvantage could be that the receiver can't surely know
> > whether part of the random partions may be errors due to transmission
> > or manipulated, I guess. But generally it should work.
>
> This problem can be solved by an agreed-upon convention between
> sender and receiver. For instance:
>
> 1. The valid message starts at the beginning and lasts until some
> agreed-upon end-of-message mark, which must never appear in the
> actual plaintext. Anything beyond that is to be considered random
> garbage.
>
> 2. An arbitrary number of space characters are inserted in the
> plaintext at the beginning or the end of the message. The receiver
> will surely know to skip spaces! And with a true OTP key, adding
> extra spaces to the plaintext will be just as secure as adding
> random garbage.
Yes, introducing a begin-of-information and a end-of-information
mark is a way of adding arbitrary amount of random stuffs before
and after the proper message.
M. K. Shen
------------------------------
From: [EMAIL PROTECTED] (David A. Wagner)
Subject: Re: Q: How to find good characteristics for differential cryptanalysis?
Date: 21 May 2000 11:25:12 -0700
In article <[EMAIL PROTECTED]>, JBR <[EMAIL PROTECTED]> wrote:
> Given an iterated cipher, how would you go about finding
> high-probability characteristics for differential cryptanalysis?
Typically, with your wits. But Matsui has written a very
interesting paper on algorithms for automating the search
for DES (and FEAL?), so there are apparently some cases
where the task can be automated. In any case, this is heavy,
technical stuff, so expect to be doing some serious studying
if you want to understand it deeply.
------------------------------
From: Jerry Coffin <[EMAIL PROTECTED]>
Subject: Re: AES final comment deadline is May 15
Date: Sun, 21 May 2000 12:30:38 -0600
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] says...
[ ... ]
> However, JIT has nothing to do with self-modifying code. There is NO
> self-modifying code, that technique is absolutely forbidden now !
> For modern processors can't handle that well anymore. You would have
> to disable the first and second level cache to make that work.
Quite the contrary -- nearly all processors have logic specifically
to support self-modifying code. It can be ugly from a viewpoint of
performance, but that's about it.
If anything, modern processors tend to make self-modifying code
easier to deal with than older processors did though. For example,
if you tried to modify code that was in the prefetch queue on older
Intel processors (up to the 486) you had to include a jump
immediately afterwards to flush the queue and force the modified code
to be executed. This is no longer necessary on current processors.
--
Later,
Jerry.
The universe is a figment of its own imagination.
------------------------------
Subject: Re: Plain simple (?) question
From: tomstd <[EMAIL PROTECTED]>
Date: Sun, 21 May 2000 11:37:06 -0700
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) wrote:
>[EMAIL PROTECTED] (Alain CULOS) wrote in
><[EMAIL PROTECTED]>:
>
>>Hi all,
>>
>>I'll accept if you tell me (politely) to get lost, but hey I'm
damn too
>>curious so I'll ask the experts at the risk of being flamed.
>>
>>Anyone here knows which encoding algorithm/implementation uses
only
>>those printable ascii characters except lowercase letters ?
>>What about something that contains a left quote and a right
quote (that
>>could pass, there are ascii equivalents), but now, what about
left
>>double quote and right double quote, this ain't ascii ??? The
whole lot
>>of the rest is ascii.
>>
>>In case you wonder what I'm trying to decipher, I'm talking
about some
>>text pages in the french translation of the novel tilted
microserfs. I
>>don't know whether the codes are a hoax (like just varnish for
the
>>novel) or for real. Later on in the novel there is also a
binary
>>session, that I'll try to decode, but it does not even fall on
a byte
>>boundary (short 3 bits) so either this really is a hoax, or
this is a
>>fragment badly terminated.
>>
>>Thanks for your attention,
>>Regards,
>>Alain.
>>
>>
>
>if you go to my site you can see that by using my conditonal
one to one
>compression decompression programs it is easy to compress any
set of
>symbols to a binary file then encrypt that binary file to
another binary
>file and transfrom that result to a file of any what every
character set
>you disire. With proper weighting you can even map the random
looking file
>you got with the encryption to a weighted subset of any ascii
symbol set
>you choose so that even certain symbols would appear to have
special
>meaning to idiots who look at frequency data in something
encrypted with
>methods like this would be blinly lead astray.
>
>http://members.xoom.com/ecil.index
>
>site best viewd with netscape all advanced features disabled.
Wow, been a few months but you are still as ignorant as ever.
Ok Mr.Scott I have a job for you, I need a encryption routine
so I can secure tcp packets for a secure telebroadcasting
system. It has to encrypt at, at least 50 mbps, and be
deployable using under a couple of kilobytes of ram.
Upon succesfull completion of the tasking, your contract fees
will be paid (10,000 dollars).
Tom
(snicker snicker)
* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
The fastest and easiest way to search and participate in Usenet - Free!
------------------------------
From: "Jesper Stocholm" <[EMAIL PROTECTED]>
Subject: Re: Who has got RSA simple program (sources on C/C++)?
Date: Sun, 21 May 2000 21:01:18 +0200
"tomstd" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> In article <[EMAIL PROTECTED]>, Maxim L <maxim-
> [EMAIL PROTECTED]> wrote:
> >Hello All,
> >
> >Please HELP ME,
> >Who has got a simple RSA program with source on C++ (or C), can
> you
> >share it with me. I'm trying to write my own program (My diploma
> >work), but no success. It's really a bad trouble for me.
>
> If you live in <insert non-us place> you can get a copy of a
> cryptographic library (in C) that I wrote...
>
> http://www.tomstdenis.com/cb.html
>
> Even if you live in the states it, you can pick it up to see how
> RSA can be used.
>
or if you would like it in Java 1.1, then you can pick up a program, that I
wrote with a couple of friends a few years ago. Get it at
www.pop.k-net.dk/homepage/n/taz/kryptering/fagpakke/source_code.zip
Jesper
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
