Cryptography-Digest Digest #948, Volume #11 Mon, 5 Jun 00 16:13:00 EDT
Contents:
Re: Concerning UK publishes "impossible" decryption law (Your Name)
Re: Cipher design a fading field? ("Paul Pires")
Re: Concerning UK publishes "impossible" decryption law (Your Name)
Re: Can we say addicted? (Mike Rosing)
Re: Good ways to test. (James Felling)
Re: Quantum computers (Mike Rosing)
Re: Observer 4/6/2000: "Your privacy ends here" (Jim)
Re: Observer 4/6/2000: "Your privacy ends here" (Jim)
Re: Could RC4 used to generate S-Boxes? (Simon Johnson)
Re: Observer 4/6/2000: "Your privacy ends here" (Ian Wiles)
Re: Newcomer seeks clarification re download encryption (Mike Rosing)
Re: Concerning UK publishes "impossible" decryption law (Jerry Coffin)
Re: otp breaktrough !!!!!!!!!!!!! (Simon Johnson)
Re: Question about recommended keysizes (768 bit RSA) (Roger Schlafly)
Re: RSA Algorithm (wtshaw)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Your Name)
Crossposted-To:
alt.security.pgp,comp.security.pgp.discuss,alt.security.scramdisk,alt.privacy
Subject: Re: Concerning UK publishes "impossible" decryption law
Date: Mon, 05 Jun 2000 17:14:28 GMT
On Sun, 04 Jun 2000 16:30:11 GMT, [EMAIL PROTECTED]
(Jim) wrote:
>>128 bit PGP has been cracked according to announcements
>>posted here some time ago.
>
>I don't think anyone saw any proof of this, did they?
Some time ago, a 129 bit RSA key (asymmetric) was cracked by
brute force. Maybe it is this fact that is being referenced.
Rich Eramian aka freeman at shore dot net
------------------------------
From: "Paul Pires" <[EMAIL PROTECTED]>
Subject: Re: Cipher design a fading field?
Date: Mon, 5 Jun 2000 10:12:06 -0700
Anton Stiglic <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> [EMAIL PROTECTED] wrote:
>
> > (b) I wish professional cryptographers would quit inventing a plethora
> > of new encryption schemes a.k.a. AES, until the have figured out how to
> > defeat the existing ones e.g. DESX, Triple-DES, IDEA, Blowfish, GOST, ad
> > infinitum. This is exactly my point, why use a new cipher when it may
> > or may not be more secure than the old one?
>
>
> We all know of good reasons why we want DES to be replaced, 56 bit keys
> is not enough security. We know why we want to replace 3-DES, DES was
> designed for hardware, allot of encryption is being done in software, we
> want something that is fast in software (and still keep it fast in
> hardware).
>
> Why don't we use Blowfish for example? Well, one reason is that it has
> not
> gotten the cryptanalysis spotlight yet. Meaning, crytanalysts have not
> been
> motivated enough to try to break it. TwoFish replaces Blowish, and is
> now
> getting the "cryptanalysis spotlight". Of course, we won't get anything
> provably secure out of AES, but at least we'll get an encryption cipher
> that
> performs well under various conditions, and the ciphers have gotten the
> attention of the whole crytanalysis community.
>
> By the way, where is the web page of the little sci.crypt cipher
> contest?
>
> Anton
http://www.wizard.net/~echo/crypto-contest.html
Paul
------------------------------
From: [EMAIL PROTECTED] (Your Name)
Crossposted-To:
alt.security.pgp,comp.security.pgp.discuss,alt.security.scramdisk,alt.privacy
Subject: Re: Concerning UK publishes "impossible" decryption law
Date: Mon, 05 Jun 2000 17:20:23 GMT
On Mon, 05 Jun 2000 02:14:11 +0100, Dave Howe <DHowe@hawkswing> wrote:
>In our last episode (<alt.security.pgp>[Sun, 04 Jun 2000 17:35:52
>-0400]), jungle <[EMAIL PROTECTED]> said :
>>no ...
>>Jim wrote:
>>> >128 bit PGP has been cracked according to announcements
>>> >posted here some time ago.
>>> I don't think anyone saw any proof of this, did they?
>>no ...
>But a 128 bit key is pretty lousy by today's standards. I would be
>horrified to think that anyone would consider 128 bit RSA trustworthy.
I think that the problem is that some people are talking about
symmetric keys while others are talking about asymmetric keys.
Rich Eramian aka freeman at shore dot net
------------------------------
From: Mike Rosing <[EMAIL PROTECTED]>
Subject: Re: Can we say addicted?
Date: Mon, 05 Jun 2000 12:39:21 -0500
Anton Stiglic wrote:
> Ahhh, so that explains some of your past postings!
>
> :)
Yup! Check out this picture:
http://www.terracom.net/~eresrch/float/rho3.png
It's a plot of rho(z, tau) for a selected angle of z and range of tau.
I've got 17 angles for each "zoom" which makes for a pretty cool movie.
I'll put it up once I figure out how. You don't need drugs to be
addicted to math, but some of them don't hurt the view :-)
Patience, persistence, truth,
Dr. mike
------------------------------
From: James Felling <[EMAIL PROTECTED]>
Subject: Re: Good ways to test.
Date: Mon, 05 Jun 2000 13:05:18 -0500
tomstd wrote:
> <snip>
>
> You are missing the picture.
>
> Crypto: I can say a block cipher has 'X' resistance to 'Y'
> attacks.
>
> Medicine: I can say 'X' people get better and 'Y' people get
> dead.
>
> Same thing. In crypto I can say 'DES has a resistance to linear
> attacks effectively of O(2^43) work' making it 'strong'. In
> medicine I can say 99.99% people got better but 0.01% died
> making it 'a cure'.
>
> We didn't know (or now either) if DES could have been broken
> easily, same for medicine. Those 0.01% may have had kids before
> they died that have some wierd genetic disease making 0.01%
> become much larger.
>
> That's why I called it comparative. You wouldn't use FEAL-8
> over Blowfish would you? Why because given all that we know
> Blowfish is more secure. Is that definative? Not a shot in
> hell. But it's better then "What cipher will I use today?".
Whilst I agree that there are tools in existence that allow one to compare
cypher effectiveness, at best they allow an establishment of an UPPER bound for
how secure those codes are. This will allow one to compare Blowfish to FEAL and
say "Well, blowfish's UPPER bound on security is much higher than FEAL's, and
the length of time that they have been studied will allow one to say, based upon
our study over the time period X, we have found no more effective attack than
attack Y. This is evidence of a purely "statistical" nature that the strength
of said cypher is "close" to its theoreical upper bound. The reason I claim it
is "statistical" is because effectively every break attempt may be viewed as a
"random" attack vs. the structure over time more of these random trials will
occur, and statistical confidence of strength will accumulate. However, all
this means is that the cypher is PROBABLY that secure, not PROOVABLY that
secure, and thus our trust in any cypher is a matter of faith, not fact.
> <annother big snip>
>
> Tom
>
> * Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
> The fastest and easiest way to search and participate in Usenet - Free!
------------------------------
From: Mike Rosing <[EMAIL PROTECTED]>
Subject: Re: Quantum computers
Date: Mon, 05 Jun 2000 13:10:30 -0500
JCA wrote:
> I am sure they don't. Actually, I have the feeling that the NSA's
> capabilities are usually exaggerated. They are good, but not
> gods. In fact, elliptic curve cryptography seems to have escaped
> them completely, and caught them off balance when originally
> published in the mid-eighties.
I'd like to point out that this a particularly clueless comment. The
NSA has
several members who publish papers and visit every crypto conference
where
ECC is discussed. They also have members on the IEEE P1363 crypto
standards
committee and are actively specifying ECC standards. I suspect they
stay
tuned in with all the crypto conferences and are well aware of what's
interesting. Whether they use it or not is a different parameter, they
are,
and probably have been, very well aware of ECC for a long time.
Patience, persistence, truth,
Dr. mike
------------------------------
From: [EMAIL PROTECTED] (Jim)
Crossposted-To:
uk.media.newspapers,uk.legal,alt.security.pgp,alt.privacy,uk.politics.parliament,uk.politics.crime,talk.politics.crypto,alt.ph.uk,alt.conspiracy.spy,alt.politics.uk,alt.security.scramdisk,uk.telecom
Subject: Re: Observer 4/6/2000: "Your privacy ends here"
Date: Mon, 05 Jun 2000 17:23:13 GMT
Reply-To: Jim
On Sun, 4 Jun 2000 21:59:14 +0100, George Edwards
<[EMAIL PROTECTED]> wrote:
>In article <[EMAIL PROTECTED]>, B
>Labour <[EMAIL PROTECTED]> writes
>>encryption will have become a necessity.
> This reminds me off the poll tax.They know it won't work, but they
>won't back of until it is a disaster.
>
>If we are forced into enryption, we will use new tools. Or old ones.
>Keys don't have to be held in cybrespace. A copy of the bible will do
>as well.
>
>Rdtss ffyres bbtreeas kkifi98lrr.
>
>OK, decrypt it. It says "Two taco dinners at nine please" Leviticus
>12.4.
>
>Helps you catch spies, eh?
They've never caught a spy off their own backs ever. The only time they
found spies was when a traitor from Russia gave them the information
to do so.
>get off the case mi5
Amen!
--
amadeus at netcomuk.co.uk
nordland at lineone.net
g4rga at thersgb.net
------------------------------
From: [EMAIL PROTECTED] (Jim)
Crossposted-To:
uk.media.newspapers,uk.legal,alt.security.pgp,alt.privacy,uk.politics.parliament,uk.politics.crime,talk.politics.crypto,alt.ph.uk,alt.conspiracy.spy,alt.politics.uk,alt.security.scramdisk,uk.telecom
Subject: Re: Observer 4/6/2000: "Your privacy ends here"
Date: Mon, 05 Jun 2000 17:23:14 GMT
Reply-To: Jim
On Sun, 4 Jun 2000 22:01:53 +0100, George Edwards
<[EMAIL PROTECTED]> wrote:
>In article <511.393a83f0.6d2e@scgf>, Phillip Deackes <[EMAIL PROTECTED]>
>writes
>>nclude certain words in every email they send.
>
> I suggested this some time ago
>
>--
>George Edwards
>bomb
>blair
>iran
>nuclear
>nhs
>TAX
>DISGRUNTLED
Who the hell's George Edwards?
Shouldn't the name that ex spook of theirs who's in Paris (forget
his name) be added to the list. That'd stir up their paranoia a bit.
--
amadeus at netcomuk.co.uk
nordland at lineone.net
g4rga at thersgb.net
------------------------------
From: Simon Johnson <[EMAIL PROTECTED]>
Subject: Re: Could RC4 used to generate S-Boxes?
Date: Mon, 05 Jun 2000 18:24:33 GMT
Strictly by definition, RC4 does have an s-box; One value get
substituted for another. Wether it slowly evolves makes no difference
to its name; it is still an s-box. However, like one of you stated, it
is not an S-Box in the fiestel sense of the word.
However, here is another question. I believe it is true that a random s-
box become increasingly 'better' as the size of them increases. Is this
true, and at which size does it become acceptable to use a random, but
fixed, s-box?
=======
Hi, i'm the signuture virus,
help me spread by copying me into Signiture File
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Ian Wiles <[EMAIL PROTECTED]>
Crossposted-To:
uk.media.newspapers,uk.legal,alt.security.pgp,alt.privacy,uk.politics.parliament,uk.politics.crime,talk.politics.crypto,alt.ph.uk,alt.conspiracy.spy,alt.security.scramdisk,uk.telecom
Subject: Re: Observer 4/6/2000: "Your privacy ends here"
Date: Mon, 5 Jun 2000 19:29:29 +0100
Meanwhile lurking by a stone in the mud , two eyes looked to see what I
was and then U Sewell-Detritus spoke and this is what it said to
me.......Observer 4/6/2000: "Your privacy ends here"
>James Winsoar <[EMAIL PROTECTED]> wrote:
>
>>"B Labour" <[EMAIL PROTECTED]> wrote:
>
>>> http://www.observer.co.uk/focus/story/0,6903,328071,00.html
>>>
>>> Your privacy ends here
>>>
>>> A Bill which is slipping through the House of Lords will allow MI5
>>> access to all our online communications, says John Naughton. It
>>> could mean we're all guilty until proven innocent. So why don't we
>>> care more?
>>
>>We are suggesting people download PGP from
>>ftp://tucows.belgium.eu.net/Tucows/files/PGPfreeware_6.5.3.zip
>
>PGP et al suit being coupled with a steganography package. [1]
>
>Today, the Beeb reports yet another industry plea for RIP to
>be scrapped. [2]
Well once all the e-business buggers off to Ireland then they'll realise
what a cock up they've made. It'll all end in tears.
Oh and BTW, what's a
>steganography package
?
Scuse my ignorance.
Cheers,
--
Ian Wiles
--
Please Remove NOUCE before replying via E-mail
------------------------------
From: Mike Rosing <[EMAIL PROTECTED]>
Subject: Re: Newcomer seeks clarification re download encryption
Date: Mon, 05 Jun 2000 13:37:02 -0500
Andy Carroll wrote:
>
> Have you seen Adobe Acrobat Messenger and the new 'WebBuy' technology within
> Adobe Acrobat 4. Are they doing the 'impossible' or is their a catch. I'm
> looking for alternatives as they ask for a royalty on each sale. Bit unfair
> don't you think.
Haven't seen it, but I suspect that's different. Buying a Weber grill
off
the Web is one thing, buying a book in electronic form is another. Once
the
data is in the clear (which it has to be for the user to read it), it
will
be possible to copy it. A Weber grill or hardback book can also be
copied,
but it takes a *lot* of effort, more cost and time than just ordering
the real
thing. It takes *no* effort to copy electronic data - that's the catch.
Anything that can be sold electronicly can be stolen electronicly.
There are
ways to slow that down, but you can't stop it. By making it worth while
to
own the real thing, you won't have to worry about piracy destroying your
company.
By worrying about piracy, you destroy your company with foolish demands.
Selling knowledge and information is good business. I don't see how
selling
books electronicly fits that model. Make your information in a book
format,
and change it once a month so people keep coming back for more (and so
they
can update their reader to the new machine) and you probably have a good
business model.
Patience, persistence, truth,
Dr. mike
------------------------------
From: Jerry Coffin <[EMAIL PROTECTED]>
Crossposted-To:
alt.security.pgp,comp.security.pgp.discuss,alt.security.scramdisk,alt.privacy
Subject: Re: Concerning UK publishes "impossible" decryption law
Date: Mon, 5 Jun 2000 12:45:21 -0600
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
says...
[ ... ]
> Some time ago, a 129 bit RSA key (asymmetric) was cracked by
> brute force. Maybe it is this fact that is being referenced.
I think there's still some confusion here -- I'd guess you meant to
refer to an RSA key of 129 decimal digits rather than one of 129
bits.
Breaking a 129-bit RSA key will take well under a minute, even with
something like the slowest, cheapest Celeron machine you can buy
anymore. Even when RSA was invented, 129-bits was too small of a key
for anything approaching serious use.
--
Later,
Jerry.
The universe is a figment of its own imagination.
------------------------------
From: Simon Johnson <[EMAIL PROTECTED]>
Subject: Re: otp breaktrough !!!!!!!!!!!!!
Date: Mon, 05 Jun 2000 18:43:06 GMT
In article <%TXZ4.4153$[EMAIL PROTECTED]>,
"Axel Lindholm" <[EMAIL PROTECTED]> wrote:
> did what? figured out how xor works? successfully installed w95?
Personaly, i thought he figured out how to put his socks on.....
Then again i might be wrong.
> "analyser" <[EMAIL PROTECTED]> wrote in message
> news:Oftw3V$y$GA.303@net025s...
> > analyser did it again !!!!!!!!!!!!
> >
> > it works......
> >
> >
> >
> >
>
>
--
=======
Hi, i'm the signuture virus,
help me spread by copying me into Signiture File
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Roger Schlafly <[EMAIL PROTECTED]>
Subject: Re: Question about recommended keysizes (768 bit RSA)
Date: Mon, 05 Jun 2000 11:57:27 -0700
DJohn37050 wrote:
> The Bob Silverman SPACE model includes TIME, but also includes calculations
> for SPACE (storage) needed by the current known best methods. If the method
> was improved so that SPACE requierments were reduced, but not TIME, then Bob's
> model might need to be changed, but not the TIME model.
IOW, there might be advances that make Bob's model inaccurate,
but we know that the TIME model will be inaccurate no matter what!
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: RSA Algorithm
Date: Mon, 05 Jun 2000 12:43:08 -0600
In article <ebgda4qz$GA.331@cpmsnbbsa09>, "Joseph Ashwood"
<[EMAIL PROTECTED]> wrote:
> I think you need a restatement of one of crypto's basic
> lemmas, the output of a strong cipher MUST be
> indistinguishable from a random number. Your idea can be
> distinuished from a random number by a human, therefore your
> idea must not be a strong cipher. If you'd care to argue
> your point a bit more, I suggest you also consider that what
> you have proposed is the application of 2 algorithms, not
> just one, the first one being 3DES (keyed), the second being
> a keyless alteration. The strength of the first is of course
> not being questioned, what I am stating is that the nesting
> of the two functions, becomes highly distinguishable from
> random data, and hence the stream is no longer as strong as
> possible (as covered by my assertion above).
> Joe
>
Dear Joe,
You are wrong, or rather the lemma is more like a lemming, with an
overriding goal to drown itself in the ocean, never to acquire the finer
meanings of what can be done with experience. The appearance of ciphertext
can be non-random, yet even be indecipherable. It may well be that
content that appears non-random had nonrandom appearing aspects that will
help an attacker, but it can be so that it gives no help.
I have previously demonstrated that I can sculpt changes in ciphertext
that skew it to appear as any predetermined other ciphertext. Discounting
the role of deception and that non-random appearances may not be helpful
is helpful in steering many away from developing really strong crypto, not
good for the field at all, but rather the party line of those who are
opposed to inovation.
Do you work for the government, or do you just believe their propaganda?
--
If you wonder worry about the future enough to adversely limit
yourself in the present, you are a slave to those who sell security.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
