Cryptography-Digest Digest #939, Volume #11 Sun, 4 Jun 00 18:13:01 EDT
Contents:
Re: Cipher design a fading field? (John Savard)
Re: P=NP and a polynomial to find all primes. (John Savard)
RSA Algorithm ("Andrew Hamilton")
Re: RSA Algorithm (tomstd)
Re: Observer 4/6/2000: "Your privacy ends here" (George Edwards)
Re: Observer 4/6/2000: "Your privacy ends here" (George Edwards)
Re: RSA Algorithm ("Joseph Ashwood")
Re: Observer 4/6/2000: "Your privacy ends here" (Antelope)
Re: Observer 4/6/2000: "Your privacy ends here" (U Sewell-Detritus)
Re: Newcomer seeks clarification re download encryption ("Axel Lindholm")
Call for evaluating and testing a stream cipher program
([EMAIL PROTECTED])
Re: Concerning UK publishes "impossible" decryption law (jungle)
Re: P=NP and a polynomial to find all primes. ("Axel Lindholm")
Re: Evidence Eliminator, is it patented, copyrighted, trademarked ? ("Hiram Yaeger")
Re: RSA Algorithm (tomstd)
Re: Call for evaluating and testing a stream cipher program (tomstd)
Re: XTR independent benchmarks (Wei Dai)
Re: Could RC4 used to generate S-Boxes? (Guy Macon)
Re: Evidence Eliminator, is it patented, copyrighted, trademarked ? (jungle)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Cipher design a fading field?
Date: Sun, 04 Jun 2000 19:19:03 GMT
On Sun, 04 Jun 2000 16:01:57 GMT, [EMAIL PROTECTED] wrote, in
part:
>With all the cryptanalysis going on, almost no -practical- attacks have
>been invented. Is the reason that no practical attacks exist? If no
>practical attacks can be proven to exist, why use something new?
When you go shopping for a new car, do you buy the first one that you
see which you are unable to *prove* is a lemon?
John Savard (teneerf <-)
http://www.ecn.ab.ca/~jsavard/
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: P=NP and a polynomial to find all primes.
Date: Sun, 04 Jun 2000 19:17:31 GMT
On Sun, 04 Jun 2000 15:17:07 GMT, Simon Johnson
<[EMAIL PROTECTED]> wrote, in part:
>I was wondering wether i am correct i asumming that finding a
>polynomial such that f(n)= n'th prime would prove that P=NP.
That's quite irrelevant, since it has been proven that no such
polynomial exists.
John Savard (teneerf <-)
http://www.ecn.ab.ca/~jsavard/
------------------------------
From: "Andrew Hamilton" <[EMAIL PROTECTED]>
Subject: RSA Algorithm
Date: Sun, 4 Jun 2000 16:01:16 -0400
I am investigating the RSA algorithm as a means of compression. I have
noticed that taking a random message, with an entropy of 1 bit per bit, and
encrypted it with the RSA algorithm, which results in an encrypted message
containing a higher amount of either binary digit, and therefore a lower
entropy. Due to the fact that that encryption seems to lower the entropy,
it appears to be possible to compress the message.
Although Huffman coding works on each individual message, a different system
is necessary each time, so some extra information must be included, such as
a header to determine which Huffman code will be used. This seems to reduce
the information saved by the Huffman code. As the message length increases,
the probabilities for the binary digits approach .5, so any Huffman
compression must be performed on sections of the message. I have wondered
if there is any way that a compression system could be implemented by the
RSA algorithm such that a message with an entropy of 1 bit per bit could be
reduced. I am curious to know if this seems to be a useful line of
investigation, and whether anyone knows of any work which has been done in
this area.
Thanks,
[EMAIL PROTECTED]
------------------------------
Subject: Re: RSA Algorithm
From: tomstd <[EMAIL PROTECTED]>
Date: Sun, 04 Jun 2000 13:08:28 -0700
In article <#7icZ$lz$GA.420@cpmsnbbsa08>, "Andrew Hamilton"
<[EMAIL PROTECTED]> wrote:
>I am investigating the RSA algorithm as a means of
compression. I have
>noticed that taking a random message, with an entropy of 1 bit
per bit, and
>encrypted it with the RSA algorithm, which results in an
encrypted message
>containing a higher amount of either binary digit, and
therefore a lower
>entropy. Due to the fact that that encryption seems to lower
the entropy,
>it appears to be possible to compress the message.
>Although Huffman coding works on each individual message, a
different system
>is necessary each time, so some extra information must be
included, such as
>a header to determine which Huffman code will be used. This
seems to reduce
>the information saved by the Huffman code. As the message
length increases,
>the probabilities for the binary digits approach .5, so any
Huffman
>compression must be performed on sections of the message. I
have wondered
>if there is any way that a compression system could be
implemented by the
>RSA algorithm such that a message with an entropy of 1 bit per
bit could be
>reduced. I am curious to know if this seems to be a useful
line of
>investigation, and whether anyone knows of any work which has
been done in
>this area.
>
>Thanks,
>
>
This is junk as well. If your RSA modulus is n-bits (n > 1)
then you can't encrypt 1-bit messages with RSA, you can only
encrypt n bit messages (well there abouts it's actually the log2
(pq) where 'p,q' are your primes). This means the ciphertext
has n bits as well, you can't remove bits from this or it's not
reversible.
So by taking only one bit at a time (and adding appropriate
padding) you are actually *expanding* not compressing the
message.
Tom
* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
The fastest and easiest way to search and participate in Usenet - Free!
------------------------------
From: George Edwards <[EMAIL PROTECTED]>
Crossposted-To:
uk.media.newspapers,uk.legal,alt.security.pgp,alt.privacy,uk.politics.parliament,uk.politics.crime,talk.politics.crypto,alt.ph.uk,alt.conspiracy.spy,alt.politics.uk,alt.security.scramdisk,uk.telecom
Subject: Re: Observer 4/6/2000: "Your privacy ends here"
Date: Sun, 4 Jun 2000 21:59:14 +0100
In article <[EMAIL PROTECTED]>, B
Labour <[EMAIL PROTECTED]> writes
>encryption will have become a necessity.
This reminds me off the poll tax.They know it won't work, but they
won't back of until it is a disaster.
If we are forced into enryption, we will use new tools. Or old ones.
Keys don't have to be held in cybrespace. A copy of the bible will do
as well.
Rdtss ffyres bbtreeas kkifi98lrr.
OK, decrypt it. It says "Two taco dinners at nine please" Leviticus
12.4.
Helps you catch spies, eh?
get off the case mi5
--
George Edwards
------------------------------
From: George Edwards <[EMAIL PROTECTED]>
Crossposted-To:
uk.media.newspapers,uk.legal,alt.security.pgp,alt.privacy,uk.politics.parliament,uk.politics.crime,talk.politics.crypto,alt.ph.uk,alt.conspiracy.spy,alt.politics.uk,alt.security.scramdisk,uk.telecom
Subject: Re: Observer 4/6/2000: "Your privacy ends here"
Date: Sun, 4 Jun 2000 22:01:53 +0100
In article <511.393a83f0.6d2e@scgf>, Phillip Deackes <[EMAIL PROTECTED]>
writes
>nclude certain words in every email they send.
I suggested this some time ago
--
George Edwards
bomb
blair
iran
nuclear
nhs
TAX
DISGRUNTLED
------------------------------
From: "Joseph Ashwood" <[EMAIL PROTECTED]>
Subject: Re: RSA Algorithm
Date: Sun, 4 Jun 2000 14:04:56 -0700
Unfortunately it is comletely impossible to create a message
that is actually smaller than one with entropy of 1 bit per
bit, this is easily proven because by reducing the size of
the message the space to hold the entropy must decrease, and
hence we lose information. I don't know if in cases where
there is less than 1 bit per bit of entropy it would be
possible to compress the encrypted data, but if it is
possible you will have made significant progress against
RSA, because you will have proven with absolute assuredness
that RSA is not strong cryptography.
Joe
"Andrew Hamilton" <[EMAIL PROTECTED]> wrote in message
news:#7icZ$lz$GA.420@cpmsnbbsa08...
> I am investigating the RSA algorithm as a means of
compression. I have
> noticed that taking a random message, with an entropy of 1
bit per bit, and
> encrypted it with the RSA algorithm, which results in an
encrypted message
> containing a higher amount of either binary digit, and
therefore a lower
> entropy. Due to the fact that that encryption seems to
lower the entropy,
> it appears to be possible to compress the message.
> Although Huffman coding works on each individual message,
a different system
> is necessary each time, so some extra information must be
included, such as
> a header to determine which Huffman code will be used.
This seems to reduce
> the information saved by the Huffman code. As the message
length increases,
> the probabilities for the binary digits approach .5, so
any Huffman
> compression must be performed on sections of the message.
I have wondered
> if there is any way that a compression system could be
implemented by the
> RSA algorithm such that a message with an entropy of 1 bit
per bit could be
> reduced. I am curious to know if this seems to be a
useful line of
> investigation, and whether anyone knows of any work which
has been done in
> this area.
>
> Thanks,
>
>
> [EMAIL PROTECTED]
>
>
>
>
>
------------------------------
Date: 4 Jun 2000 21:19:47 -0000
Subject: Re: Observer 4/6/2000: "Your privacy ends here"
Crossposted-To:
uk.media.newspapers,uk.legal,alt.security.pgp,alt.privacy,uk.politics.parliament,uk.politics.crime,talk.politics.crypto,alt.ph.uk,alt.conspiracy.spy,alt.politics.uk,alt.security.scramdisk,uk.telecom
From: [EMAIL PROTECTED] (Antelope)
>
>The answer is simple. A massive campaign to get all email users to
>include certain words in every email they send. The words should be
>those MI5 might be looking for. Secondly, *all* email users should
>encrypt their emails and *refuse* to hand over the keys. The legal
>forces can deal with a few cases of law-breaking, but they *cannot* deal
>with mass civil disobedience.
Problem: Most people are too uninterested to use encryption. The only way
is to use a very small encryption program that has seamless Outlook
integration. Why Outlook? Most people are too lazy to try anything else
out. Why small? So that it can be mailed en masse to UK users. I for one
would be willing to help out with a project to do this, to the best of my
limited abilities (programming-wise)
>Does anyone have any info on the organisations who are against this
>major violation of personal freedom? Web addresses would be great.
>
>--
>Phillip Deackes
>Using Storm Linux 2000
------------------------------
From: [EMAIL PROTECTED] (U Sewell-Detritus)
Crossposted-To:
uk.media.newspapers,uk.legal,alt.security.pgp,alt.privacy,uk.politics.parliament,uk.politics.crime,talk.politics.crypto,alt.ph.uk,alt.conspiracy.spy,alt.politics.uk,alt.security.scramdisk,uk.telecom
Subject: Re: Observer 4/6/2000: "Your privacy ends here"
Date: 4 Jun 2000 21:26:46 GMT
In <[EMAIL PROTECTED]>,
B Labour <[EMAIL PROTECTED]> wrote:
>http://www.observer.co.uk/focus/story/0,6903,328071,00.html
>
>Your privacy ends here
>
>A Bill which is slipping through the House of Lords will allow MI5 access to
>all our online communications, says John Naughton. It could mean we're all
>guilty until proven innocent. So why don't we care more?
>
>Free speech on the net: special report
>
>Sunday June 4, 2000
>....' A UK firm which handed over the key of a multinational client
>would be vulnerable to a compensation claim in an overseas court for
>compromising that client's global security. US businesses are not happy
>about that liability and will opt to work in countries like Ireland.'
That seems a very salient point in the article.
>
>Over the coming weeks The Observer will print a series of articles and
>opinion pieces on the proposed RIP Bill. If you wish to voice your opinion
>online you can do so at www.observer.co.uk. To find out more about the Bill
>see www.fipr.org/rip/
>
>
>
------------------------------
From: "Axel Lindholm" <[EMAIL PROTECTED]>
Subject: Re: Newcomer seeks clarification re download encryption
Date: Sun, 4 Jun 2000 23:30:27 +0200
Anything can be pirated, there's no such thing as the perfect
copyprotection! But tomstd has a good point, the best you can do is make it
easier to buy than to pirate.
"Andy Carroll" <[EMAIL PROTECTED]> wrote in message
news:8hdthp$69r$[EMAIL PROTECTED]...
> Hi
>
> Here is my problem. I want to sell my book over the internet. I want the
> customer to be able to download the book and then the customer dials up
and
> receives a key from my server based on various identifiers e.g. name,
> perhaps CPU ID or Hard Drive ID. This would mean that the customers
> environment would be the only environment where the book could be read. I
am
> unsure as to whether I would have to be able to encrypt the file for each
> download. Can anyone offer advice or products capable. I am sure this will
> become a big topic in months / years to come.
>
> Thanks in advance for your assistance
>
> Andy Carroll
>
>
------------------------------
From: [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
Subject: Call for evaluating and testing a stream cipher program
Date: Sun, 04 Jun 2000 14:40:38 -0700
We are offering $200 reward to the person who can break our new, fast
stream cipher. The details are available on this website:
http://CascadeResearch.ebz.com/
You can obtain an executable, source code, and description.
Cascade Research
------------------------------
From: jungle <[EMAIL PROTECTED]>
Crossposted-To:
alt.security.pgp,comp.security.pgp.discuss,alt.security.scramdisk,alt.privacy
Subject: Re: Concerning UK publishes "impossible" decryption law
Date: Sun, 04 Jun 2000 17:35:52 -0400
no ...
Jim wrote:
> >128 bit PGP has been cracked according to announcements
> >posted here some time ago.
>
> I don't think anyone saw any proof of this, did they?
no ...
------------------------------
From: "Axel Lindholm" <[EMAIL PROTECTED]>
Subject: Re: P=NP and a polynomial to find all primes.
Date: Sun, 4 Jun 2000 23:43:23 +0200
That won't help to solve the N?=NP matter since you'll need to prove an NPC
problem solvable in polynomial time to prove that P=NP. An NPC problem is a
type of problem to which all NP problems can be translated, so prove that an
NPC problem exists in P and you've proven that P=NP.
"Simon Johnson" <[EMAIL PROTECTED]> wrote in message
news:8hdrta$9ve$[EMAIL PROTECTED]...
>
>
> I was wondering wether i am correct i asumming that finding a
> polynomial such that f(n)= n'th prime would prove that P=NP.
>
> I reason this must be the case because the only way to deterimine
> wether a number is prime, with 100% acuracy, is to factor it. Since
> factoring is a NP problem and the polynomial is P. It would prove that
> NP equals P. (If this is wrong, please explain why)
>
> Now, hasn't it already been proven that such a polynomial can't exist,
> if so where can i find the proof?
>
> --
> -------
> Hi, i'm the signuture virus,
> help me spread by copying me into Signiture File
>
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.
------------------------------
From: "Hiram Yaeger" <no@email>
Subject: Re: Evidence Eliminator, is it patented, copyrighted, trademarked ?
Date: Sun, 4 Jun 2000 14:42:27 -0700
Crossposted-To: alt.privacy,alt.privacy.anon-server,alt.security.pgp
"jungle" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> the other 2 ?
>
> Lucifer wrote:
> >
> > On Sat, 03 Jun 2000 06:13:12 -0400 jungle <[EMAIL PROTECTED]> wrote:
> >
> > >Evidence Eliminator, is it patented, copyrighted, trademarked ?
> >
> > It's copyrighted when it's written.
> >
> > No filing is required.
I would assume that "Evidence Eliminator" is legally their trademark. As
for patented, they use methods for overwriting data that are well known and
have been in use for years. They didn't invent it. No patent.
------------------------------
Subject: Re: RSA Algorithm
From: tomstd <[EMAIL PROTECTED]>
Date: Sun, 04 Jun 2000 14:47:57 -0700
In article <#j82pimz$GA.328@cpmsnbbsa09>, "Joseph Ashwood"
<[EMAIL PROTECTED]> wrote:
>Unfortunately it is comletely impossible to create a message
>that is actually smaller than one with entropy of 1 bit per
>bit, this is easily proven because by reducing the size of
>the message the space to hold the entropy must decrease, and
>hence we lose information. I don't know if in cases where
>there is less than 1 bit per bit of entropy it would be
>possible to compress the encrypted data, but if it is
>possible you will have made significant progress against
>RSA, because you will have proven with absolute assuredness
>that RSA is not strong cryptography.
> Joe
That's not true. If you make a crypto-system where the
ciphertext is larger then the plaintext the ciphertext will have
less information then the input (well if you don't count the key
bits). That doesn't mean it's insecure, just inefficient.
Tom
* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
The fastest and easiest way to search and participate in Usenet - Free!
------------------------------
Subject: Re: Call for evaluating and testing a stream cipher program
From: tomstd <[EMAIL PROTECTED]>
Date: Sun, 04 Jun 2000 14:50:19 -0700
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
>We are offering $200 reward to the person who can break our
new, fast
>stream cipher. The details are available on this website:
>
>http://CascadeResearch.ebz.com/
>
>You can obtain an executable, source code, and description.
>
>Cascade Research
>
Why not make your white papers a bit more accessible? I don't
want to register with your site!!!
Tom
* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
The fastest and easiest way to search and participate in Usenet - Free!
------------------------------
From: Wei Dai <[EMAIL PROTECTED]>
Subject: Re: XTR independent benchmarks
Date: Sun, 04 Jun 2000 14:52:47 -0700
On Sun, 4 Jun 2000 13:43:43 +0200, "Eric Verheul"
<[EMAIL PROTECTED]> wrote:
>*Almost* certainly?? Do you have shares in LUCDIF, or something?
Of course not. If I had any commercial interest in LUCDIF or in any of
the other cryptosystems I would certainly have said so already.
>The point is that you said: "XTR is actually slower than
>LUCDIF", and I'm disproving that.
No, what I said was that "XTR is actually slower than LUCDIF in this
test", which clearly does not include parameter generation. Plus I
already said that I agree with you about LUCDIF having slower
parameter generation. What else do you want?
>This seems like an implementational issue to me. By choosing the
>right optimalizations, XTRDIF can be made a lot faster than
>LUCDIF.
I have already improved XTR's performance beyond the claims in your
own paper. If you believe XTR can be made even faster (which I do
think is possible given enough effort), then please show us how,
preferably with code.
>As a final note: in your comparison you mandate a group
>membership validation for XTR, while in LUCDIF you use (without
>saying
>that) short exponents.
>
>There are several practical ways to avoid such a group member
>valdiation in XTR and using short exponents are theoretically
>risky as you don't get security from a genuine
>DL problem anymore. That is to say: your comparison is not fair.
A DL problem where you know that the discrete log is in a certain
range is still a DL problem. It's not all that different from using
subgroups. I don't know of any theoretically reasoning to suggest that
one is riskier than the other. Do you?
And what are the practical ways to avoid a group membership validation
in XTR? I didn't see anything in the paper about this issue.
------------------------------
From: [EMAIL PROTECTED] (Guy Macon)
Subject: Re: Could RC4 used to generate S-Boxes?
Date: 04 Jun 2000 17:54:39 EDT
tomstd wrote:
>
>
>In article <8hdt3k$apl$[EMAIL PROTECTED]>, Simon Johnson
><[EMAIL PROTECTED]> wrote:
>>I've read somewhere that RC4 is secure against both diff & lin
>>cryptanalyis. I figure this secuirty must be derived from its s-
>box. My
>>real question is, is the secrecy of the s-box that makes it
>secure or
>>does the algorithm generate diff & lin optimized s-boxes?
>
>Chances are you have a bit of reading todo on sbox construction.
>
>The reason RC4 is secure is that it's hard to model the internal
>state based on output only. Some 'weak keys' have been
>identified which leak more information about the state.
>
>The sboxes RC4 makes are by no means secure on their own (i.e in
>a feistel cipher), and don't always have optimial cryptographic
>properties (SAC, BIC, non-linear, bijective, low xor-pairs).
>
>Tom
Sorry for being a bother, but I am a clueless newbie who has a
special interest in RC4 (the ciphersaber implementation, really)
and the above went over my head. Could someone explain the above
in simple terms?
------------------------------
From: jungle <[EMAIL PROTECTED]>
Crossposted-To: alt.privacy,alt.privacy.anon-server,alt.security.pgp
Subject: Re: Evidence Eliminator, is it patented, copyrighted, trademarked ?
Date: Sun, 04 Jun 2000 17:53:49 -0400
where trademarked ? what country ?
it is not trademark in USA ...
Hiram Yaeger wrote:
>
> "jungle" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > the other 2 ?
> >
> > Lucifer wrote:
> > >
> > > On Sat, 03 Jun 2000 06:13:12 -0400 jungle <[EMAIL PROTECTED]> wrote:
> > >
> > > >Evidence Eliminator, is it patented, copyrighted, trademarked ?
> > >
> > > It's copyrighted when it's written.
> > >
> > > No filing is required.
>
> I would assume that "Evidence Eliminator" is legally their trademark. As
> for patented, they use methods for overwriting data that are well known and
> have been in use for years. They didn't invent it. No patent.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
