Cryptography-Digest Digest #938, Volume #11 Sun, 4 Jun 00 15:13:00 EDT
Contents:
Re: Cipher design a fading field? ([EMAIL PROTECTED])
Re: Newcomer seeks clarification re download encryption ("Andy Carroll")
Re: P=NP and a polynomial to find all primes. (Daniel A. Jimenez)
Re: Concerning UK publishes "impossible" decryption law (Harald Milz)
Re: Observer 4/6/2000: "Your privacy ends here" ("Anarchist Lemming")
Re: Observer 4/6/2000: "Your privacy ends here" (Phillip Deackes)
Re: Newcomer seeks clarification re download encryption (Mark Wooding)
Re: P=NP and a polynomial to find all primes. ("Scott Fluhrer")
Re: Concerning UK publishes "impossible" decryption law (Jim)
Re: Observer 4/6/2000: "Your privacy ends here" ("Anarchist Lemming")
Re: Good ways to test. (Mok-Kong Shen)
Re: No-Key Encryption (Mok-Kong Shen)
Re: Observer 4/6/2000: "Your privacy ends here" (Ian Wiles)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Cipher design a fading field?
Date: Sun, 04 Jun 2000 16:01:57 GMT
In article <[EMAIL PROTECTED]>,
"Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote:
> [EMAIL PROTECTED] wrote:
> > That being said, is cipher design an obsolete enterprise?
> > If a group of amateurs can design a strong cipher then
> > certainly governments can.
>
> (a) It has not been demonstrated that a group of amateurs can
> in fact design a truly "strong" cipher.
Mr. Gwyn,
(a) It has not been demonstrated that a group of professional
cryptographers can in fact design a truly "strong" cipher. If by strong
you mean provable.
>
> (b) I wish that the amateurs would quit inventing a plethora
> of new encryption schemes until they have figured out how to
> defeat the existing ones. This may be relevant to your thesis.
>
(b) I wish professional cryptographers would quit inventing a plethora
of new encryption schemes a.k.a. AES, until the have figured out how to
defeat the existing ones e.g. DESX, Triple-DES, IDEA, Blowfish, GOST, ad
infinitum. This is exactly my point, why use a new cipher when it may
or may not be more secure than the old one?
> > Will AES be the -final- cipher?
>
> Of course not. It won't even be the final encipherment
> scheme that somebody eventually figures out how to crack.
No one has figured out how to 'crack' the old ones. DES has never been
cracked in a practical sense. In fact, cryptanalysis has done more to
prove the strength of DES than to prove the weakness.
With all the cryptanalysis going on, almost no -practical- attacks have
been invented. Is the reason that no practical attacks exist? If no
practical attacks can be proven to exist, why use something new?
--Matthew
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: "Andy Carroll" <[EMAIL PROTECTED]>
Subject: Re: Newcomer seeks clarification re download encryption
Date: Sun, 4 Jun 2000 17:20:58 +0100
Have you seen Adobe Acrobat Messenger and the new 'WebBuy' technology within
Adobe Acrobat 4. Are they doing the 'impossible' or is their a catch. I'm
looking for alternatives as they ask for a royalty on each sale. Bit unfair
don't you think.
Thanks
"tomstd" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> In article <8hdthp$69r$[EMAIL PROTECTED]>, "Andy Carroll"
> <[EMAIL PROTECTED]> wrote:
> >Hi
> >
> >Here is my problem. I want to sell my book over the internet. I
> want the
> >customer to be able to download the book and then the customer
> dials up and
> >receives a key from my server based on various identifiers e.g.
> name,
> >perhaps CPU ID or Hard Drive ID. This would mean that the
> customers
> >environment would be the only environment where the book could
> be read. I am
> >unsure as to whether I would have to be able to encrypt the
> file for each
> >download. Can anyone offer advice or products capable. I am
> sure this will
> >become a big topic in months / years to come.
> >
> >Thanks in advance for your assistance
> >
> >Andy Carroll
>
> It is *already* a bit topic, but it is *impossible* to stop
> piracy in the fashion you want. The only other solution is for
> people to order the book online then ship it to them (hard copy).
>
> You can never stop piracy, but you can make it less then
> worthwhile. For example without a good reliable OCR I can't
> copy a hardcopy book and pirate it. I would have to buy it.
> And not alot of people would go out of their way to make copies
> of a book that way.
>
> My advice, sell the book thru Amazon or Chapters.
>
> Tom
>
>
> * Sent from RemarQ http://www.remarq.com The Internet's Discussion Network
*
> The fastest and easiest way to search and participate in Usenet - Free!
>
------------------------------
From: [EMAIL PROTECTED] (Daniel A. Jimenez)
Subject: Re: P=NP and a polynomial to find all primes.
Date: 4 Jun 2000 11:36:09 -0500
In article <8hdrta$9ve$[EMAIL PROTECTED]>,
Simon Johnson <[EMAIL PROTECTED]> wrote:
>I was wondering wether i am correct i asumming that finding a
>polynomial such that f(n)= n'th prime would prove that P=NP.
Almost certainly not. I'm assuming you mean f(n) is an algorithm
finding the n'th prime in polynomial time, not that f(n) is itself
a polynomial, but even this doesn't help with P=NP.
>I reason this must be the case because the only way to deterimine
>wether a number is prime, with 100% acuracy, is to factor it. Since
>factoring is a NP problem and the polynomial is P. It would prove that
>NP equals P. (If this is wrong, please explain why)
There are IIRC algorithms that determine primality with 100% accuracy
that run in polynomial time, without trying to factor the number.
Although factoring is in NP, it isn't known to be NP-complete, and most
people think it's unlikely to be NP-complete. Finding a polynomial
time deterministic algorithm to solve an NP-complete problem implies
P=NP, but unless factoring is proved to be NP-complete, finding a
polynomial time factoring algorithm won't prove anything about P and NP.
On the other hand, if someone proves P=NP, that automatically implies
that there is a polynomial time algorithm for factoring and any other
problem in NP (and ironically proves that factoring is NP-complete).
See the comp.theory FAQ list for some more information about NP and
NP-completeness, including an example showing that factoring is in NP,
at http://www.cs.unb.ca/~alopez-o/comp-faq/faq.html .
--
Daniel Jimenez [EMAIL PROTECTED]
"I've so much music in my head" -- Maurice Ravel, shortly before his death.
" " -- John Cage
------------------------------
From: Harald Milz <[EMAIL PROTECTED]>
Crossposted-To:
alt.security.pgp,comp.security.pgp.discuss,alt.security.scramdisk,alt.privacy
Subject: Re: Concerning UK publishes "impossible" decryption law
Date: 4 Jun 2000 10:57:00 GMT
Reply-To: [EMAIL PROTECTED]
In comp.security.pgp.discuss John G. Otto <[EMAIL PROTECTED]> wrote:
> 128 bit PGP has been cracked according to announcements
> posted here some time ago. 1024 carefully generated
Yes. There was no proof whatsoever, though. I can claim everything if I
want.
--
"I can't complain, but sometimes I still do."
-- Joe Walsh
------------------------------
From: "Anarchist Lemming" <[EMAIL PROTECTED]>
Crossposted-To:
uk.media.newspapers,uk.legal,alt.security.pgp,alt.privacy,uk.politics.parliament,uk.politics.crime,talk.politics.crypto,alt.ph.uk,alt.conspiracy.spy,alt.security.scramdisk,uk.telecom
Subject: Re: Observer 4/6/2000: "Your privacy ends here"
Date: Sun, 4 Jun 2000 17:40:24 +0100
"B Labour" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Over the coming weeks The Observer will print a series of articles and
> opinion pieces on the proposed RIP Bill. If you wish to voice your opinion
> online you can do so at www.observer.co.uk. To find out more about the
Bill
> see www.fipr.org/rip/
I tried to enter their online discussion, but surprise surprise, I couldn't
because I have JavaScript and cookies disabled. Also I found their sign-up
form thoroughly offensive. I've emailed a letter to the editor about this
hypocrisy but I doubt that they'll print it because I used an anonymous
remailer and I didn't enclose my name and address like they ask you to.
Still, it would be nice if they run a series of articles about online
democracy. Anyone think they'll have the courage to mention the "E" word?
Lemming
www.hellnet.org.uk
------------------------------
From: [EMAIL PROTECTED] (Phillip Deackes)
Crossposted-To:
uk.media.newspapers,uk.legal,alt.security.pgp,alt.privacy,uk.politics.parliament,uk.politics.crime,talk.politics.crypto,alt.ph.uk,alt.conspiracy.spy,alt.politics.uk,alt.security.scramdisk,uk.telecom
Subject: Re: Observer 4/6/2000: "Your privacy ends here"
Date: Sun, 04 Jun 2000 16:29:36 GMT
In article <[EMAIL PROTECTED]>, B Labour wrote:
>http://www.observer.co.uk/focus/story/0,6903,328071,00.html
>
>Your privacy ends here
>
>A Bill which is slipping through the House of Lords will allow MI5 access to
>all our online communications, says John Naughton. It could mean we're all
>guilty until proven innocent. So why don't we care more?
>
>Free speech on the net: special report
>
The answer is simple. A massive campaign to get all email users to
include certain words in every email they send. The words should be
those MI5 might be looking for. Secondly, *all* email users should
encrypt their emails and *refuse* to hand over the keys. The legal
forces can deal with a few cases of law-breaking, but they *cannot* deal
with mass civil disobedience.
Does anyone have any info on the organisations who are against this
major violation of personal freedom? Web addresses would be great.
--
Phillip Deackes
Using Storm Linux 2000
------------------------------
From: [EMAIL PROTECTED] (Mark Wooding)
Subject: Re: Newcomer seeks clarification re download encryption
Date: 4 Jun 2000 16:46:46 GMT
Andy Carroll <[EMAIL PROTECTED]> wrote:
> Have you seen Adobe Acrobat Messenger and the new 'WebBuy' technology
> within Adobe Acrobat 4. Are they doing the 'impossible' or is their a
> catch. I'm looking for alternatives as they ask for a royalty on each
> sale. Bit unfair don't you think.
It can't possibly work.
The user's machine must be able to read the data in order to display
it. If it can read the data, it can also store it for later.
Trivial attacks: grab the text off the screen as an image; type it all
in again. There is nothing at all you can do, while the user still has
control over the computer. (And I for one won't use a computer which
doesn't give me that control.)
-- [mdw]
------------------------------
From: "Scott Fluhrer" <[EMAIL PROTECTED]>
Subject: Re: P=NP and a polynomial to find all primes.
Date: Sun, 4 Jun 2000 09:59:06 -0700
Simon Johnson <[EMAIL PROTECTED]> wrote in message
news:8hdrta$9ve$[EMAIL PROTECTED]...
>
>
> I was wondering wether i am correct i asumming that finding a
> polynomial such that f(n)= n'th prime would prove that P=NP.
If, by polynomial, you mean the usual meaning:
a1 * (n**e1) + a2 * (n**e2) + ... + an * (n**0)
then it is easily shown that no such polynomial exists. One way of showing
this is, if e1 > e2 > ... > 0,
(a1 * (n**e1) + ... + an * (n**0)) / (n/log(n)) -> a1 * (n**(e1-1)) *
log(n) as n -> oo
pi(n) / (n/log(n)) -> 1 as n -> oo
(where pi(n) is the value of the n'th prime).
Since there is no a1, e1 such that
a1 * (n**(e1-1)) * log(n) = 1 as n -> oo
The above polynomial cannot be equal to pi(n).
BTW: there are known polynomials (on multiple integer variables) that, when
positive, can take on any prime value (and will never take on a positive
composite value). They will, on occasion, take on zero or negative
values...
>
> I reason this must be the case because the only way to deterimine
> wether a number is prime, with 100% acuracy, is to factor it
That is incorrect: there are known polynomial time methods for determining
whether a number is prime (as so, the primality problem is known to be in
P). People usually use randomized tests because they are considerably
faster; not for lack of alternatives.
> Since factoring is a NP problem and the polynomial is P. It would prove
that
> NP equals P. (If this is wrong, please explain why)
Two reasons why this is wrong:
- The primability problem (is a number N prime?) is not the factorization
problem (what are N's factors?)
- Ignoring that, remember, all problems in P are in NP, but (if P!=NP) not
all problems in NP are in P. If you take a problem known in NP, and show it
is in P, you haven't shown that there isn't another problem in NP that's not
in P. For example, the evenness problem (is a number N even?) is also in
NP, and it can also be shown to be in P -- this doesn't say whether the
travelling salesman problem is in P.
Now, there is a class of problems (called NPComplete) that, if any one
of them is shown to be in P, then P=NP. This is known because it turns out
to be possible to transform any problem within NP into an instance of an
NPComplete problem, and so if you can solve the NPComplete problem quickly
(quickly == in polynomial time), you can solve the original problem quickly.
However, neither primality nor factorization is known to be within the set
NPComplete.
>
> Now, hasn't it already been proven that such a polynomial can't exist,
> if so where can i find the proof?
See above. Fill in the details to make it a formal proof.
> Hi, I'm the signature virus,
> prevent me from spreading by not copying me into your signature file
--
poncho
------------------------------
From: [EMAIL PROTECTED] (Jim)
Crossposted-To:
alt.security.pgp,comp.security.pgp.discuss,alt.security.scramdisk,alt.privacy
Subject: Re: Concerning UK publishes "impossible" decryption law
Date: Sun, 04 Jun 2000 16:30:11 GMT
Reply-To: Jim
On Sat, 03 Jun 2000 12:01:28 -0700, [EMAIL PROTECTED] (John G. Otto) wrote:
>> richard.herring wrote:
>>> (dredd) wrote:
>>> and I have heard that 56 k has been decoded by authorities.
>
>> 56-*bit*? PGP may be crackable with available computer power, but
>> triple-DES is probably still way beyond that kind of attack.
>
>DES, single, double or triple was designed to allow governments
>to crack it.
>
>128 bit PGP has been cracked according to announcements
>posted here some time ago.
I don't think anyone saw any proof of this, did they?
--
amadeus at netcomuk.co.uk
nordland at lineone.net
g4rga at thersgb.net
------------------------------
From: "Anarchist Lemming" <[EMAIL PROTECTED]>
Crossposted-To:
uk.media.newspapers,uk.legal,alt.security.pgp,alt.privacy,uk.politics.parliament,uk.politics.crime,talk.politics.crypto,alt.ph.uk,alt.conspiracy.spy,alt.security.scramdisk,uk.telecom
Subject: Re: Observer 4/6/2000: "Your privacy ends here"
Date: Sun, 4 Jun 2000 19:16:39 +0100
There are countless groups that oppose the RIP Bill but only a few have been
particularly vocal about it:
www.liberty-human-rights.org.uk
www.stand.org.uk
www.schnews.org.uk
www.fipr.org/rip
www.urban75.com
www.hellnet.org.uk (expect relaunch mid-July)
Most underground hacking and anti-capitalist groups in the UK are also
fiercely opposed to this clampdown on our rights. I agree that electronic
civil disobedience like the methods you mentioned are the only effective
method of resistance, but first we have to raise public awareness - this
will affect everyone in the UK even if they do not use the Internet
regularly.
Lemming
www.hellnet.org.uk
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Good ways to test.
Date: Sun, 04 Jun 2000 20:29:26 +0200
tomstd wrote:
> This is pointless babbling. The arguement was that Cryptography
> is a black art science and that we should not trust it.
>
> [snip]
>
> The irony is that we trust medicine and not cryptography, when
> in my view, they are on the say 'boat of trust'.
Similar issues have been discussed many times in the past in
the group, perhaps before you joined us. I don't like to repeat
my view again and again and again. So this is my last follow-up
in this thread. If you are not at all convinced, you could, if
you like, take it for granted that you are entirely right and
I am completely wrong.
Medicine and pharmacology are, like crypto and other matters of
the society (aviation, etc. etc.), under government supervision.
But there is in my conviction a subtle and essential difference.
While there is a common basis of interest of the governments
(represented by the politicians) and the people in other fields,
namely to get the best security that is economically achievable
(e.g.the best security for airplanes), this is not so in the
field of crypto. Witness export regulations, key escrow, crypto
clauses of Wassenaar Arrangements, etc. etc. The governments
simply do not consider it 'desirable' that the common people
have very high security of communications such that the
3-lettered agencies can't get to them. Whether they are right
in that I don't want to argue here. But the fact remains,
anyway, that they are not very pleased to see that really
strong crypto is in the hands of the common people. I mentioned
several times in the group that decades ago there were even
thoughts to censor crypto publications in scientific journals
with the goal to prevent people from possessing advanced
cryptographical knowledge. It should thus not be difficult to
see that the nature or quality of supervision by the
governments in the field of crypto is something 'special' and
different from other fields. (A perhaps a bit far-fetched
analogy is stepchildren, who are mostly treated differently
in their families.) It is hence understandable, for example,
that the question of possible presence of back doors rose
right after the introduction of DES. If you think that's
paranoid, it's o.k. But you should at least take some time to
reflect on the question why on earth there are so many people
that were (or are) paranoid in that matter while you are sane.
My point is that you can't rely on the assistance of the
governments to ensure the quality of crypto products in the
same measure as for other products or services, e.g. drugs.
Regarding black art, let me assure you that I have read once
in a mailing list a well-known cryptologist actually saying
that crypto is yet a black art. I personally don't have such
a very sombre view of crypto. But the at least plausible fact
that part of the scientific knowledge is kept secret by
certain government agencies and not available to the public
does cause one to have some natural reservation when
evaluating the state of the art of crypto as compared to other
fields of science, e.g. physics. It is not entirely
unrealistic to reflect on the possibility that a crypto
algorithm that is claimed to be strong and that one is using
has actually already been broken (though not yet by the
academics). To equate the state of the art in crypto with
what the academics have published is in my view a highly
risky thought. There may be also advancements in cryptanalysis
that are obtained in private sectors but that are never
disclosed. I happened to know that back in 1984 there was a
project conducted by a private firm to crack DES. I don't
believe that they ever got any success but I also highly doubt
that they would have let the public know if they had succeed.
So crypto is perhaps a grey art.
Consider now your favourite subject, medicine, and let's
concentrate on the healing effects of drugs. There, a new drug
is in the last phase tested on humans. One can use statistical
methods to evaluate the efficacy of the treatment with the
drug. The persons to be tested can be easily identified, namely
those who have the disease the drug is meant to cure. The
success or failure can be quantified, fairly objectively and
accurately. Is there anything parallel to that in crpto? My
personal answer is no. How is one actually going to test a
new encryption algorithm? Who are to serve as the ones that
correspond to the patients in the medical tests? The men from
the street, or members of our group, or academics, or analysts
in the three-lettered agencies? Through what kind of precise
scientific procedure is one going to recruit these persons?
>From the unavailibility of the latter category of persons for
a public project to test the algorithm it shouldn't be
difficult to realize that such a test, even if conducted with
comparable care, can hardly be expected to have the same level
of dependability as compared to the drug tests. We can see
whether a drug helps a patient or not. What is the equivalent
of that in a crypto test? Yes, if we find an effective way
to crack an algorithm, then it fails the test, much like a
drug that has no observed effect on the disease. But what if
such a means to crack is not yet found? Do we need to set a
time frame for the test, analogous to most drug tests? How
long should that be? Suppose we take a period of two years.
If an algorithm hasn't been successfully cracked by a
selected group of persons in that time, is it good enough?
For which kind of applications is it good enough? Is it safe
against mighty opponents, whose resources are themselves
secret matters and hence unknown to us? Could we say that an
algorithm is 95% efficient against a (presumably average)
opponent, if he can read 5 out of 100 of our messages? I
suppose you have no difficulty to see that there are problems
in evaluation of crypto algorithms that don't have parallels
in the evaluation of drugs.
I hope that I have sufficiently expressed my view point on
your theme of whether we can trust in medicine and
cryptography in essentially the same manner. This is my
opinion. As already noted previously, you can have your
opinion and I can have mine. You may disagree, partly or
entirely. Let me state, however, that for personal reasons
this is unfortunately the LAST follow-up that I post to the
current thread. You may provide counter-arguments, but I
wouldn't argue further. In closing I like to repeat what
was written at the beginning: You could, if you like, take
it for granted that you are entirely right and I am
completely wrong.
M. K. Shen
=========================
http://home.t-online.de/home/mok-kong.shen
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: No-Key Encryption
Date: Sun, 04 Jun 2000 20:38:54 +0200
"David Formosa (aka ? the Platypus)" wrote:
> Mok-Kong Shen<[EMAIL PROTECTED]> wrote:
>
> >David Hopwood wrote:
> >
> >> What identity? '*' was not stated to form a group [1], so A/A is not
> >> necessarily the same for all A. Even if it were, (A/A)*A is not
> >> necessarily equal to A (note that this is *not* implied by (A*A)/A = A),
> >> and certainly (A/A)*B is not necessarily equal to B, which your argument
> >> implicitly relies on.
> >
> >Sorry for a dumb question: '/' is the inverse of '*', isn't it? What does
> >'inverse' mean? Could you give a tiny easily comprehensible example?
> >Thanks.
>
> Inverse means the function that gose backwards, so if
>
> f(a) = b then
>
> f^-1(b) = a is the inverse.
>
> So '-' is the inverse of +
> / is the inverse of * (if * is times)
> square root is the inverse of squaring ect ect.
Could you please give a concrete example to illustrate the points
that David Hopwood has made? Thanks in advance.
M. K. Shen
------------------------------
From: Ian Wiles <[EMAIL PROTECTED]>
Crossposted-To:
uk.media.newspapers,uk.legal,alt.security.pgp,alt.privacy,uk.politics.parliament,uk.politics.crime,talk.politics.crypto,alt.ph.uk,alt.conspiracy.spy,alt.security.scramdisk,uk.telecom
Subject: Re: Observer 4/6/2000: "Your privacy ends here"
Date: Sun, 4 Jun 2000 19:43:37 +0100
Meanwhile lurking by a stone in the mud , two eyes looked to see what I
was and then Anarchist Lemming spoke and this is what it said to
me.......Observer 4/6/2000: "Your privacy ends here"
>
>"B Labour" <[EMAIL PROTECTED]> wrote in message
>news:[EMAIL PROTECTED]...
>> Over the coming weeks The Observer will print a series of articles and
>> opinion pieces on the proposed RIP Bill. If you wish to voice your opinion
>> online you can do so at www.observer.co.uk. To find out more about the
>Bill
>> see www.fipr.org/rip/
>
In the Observer article (which I just read in the paper..that's how I
got here :) ) it said something about the bill contrvening the EU right
to privacy aswell as other laws. So if someone was banged up for not
disclosing or misplacing their encryption key then surely there'd be one
helluva storm about it?
Cheers,
--
Ian Wiles
--
Please Remove NOUCE before replying via E-mail
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
