Cryptography-Digest Digest #986, Volume #11 Fri, 9 Jun 00 11:13:01 EDT
Contents:
Re: Observer 4/6/2000: "Your privacy ends here" (George Edwards)
Re: Observer 4/6/2000: "Your privacy ends here" (George Edwards)
How did Mr. Schneier calcuate this figure? ("Jeff Moser")
Re: Random IV Generation (Tim Tyler)
Re: Arithmetic Coding (Tim Tyler)
probabilistic primality tests - error probability % ([EMAIL PROTECTED])
Re: Some dumb questions (Mok-Kong Shen)
Re: My lastest paper on Block Ciphers (tomstd)
randomness tests ([EMAIL PROTECTED])
Re: Random IV Generation (Mok-Kong Shen)
Re: Encoding 56 bit data ---HELP--- (tomstd)
Re: Arithmetic Coding (tomstd)
Re: testing non linearity of arithmetic-logic combinations (Tim Tyler)
Re: testing non linearity of arithmetic-logic combinations (Tim Tyler)
Thanks Sci.Crypt Readers (tomstd)
Re: Solution for file encryption / expiration? ("RecilS")
----------------------------------------------------------------------------
From: George Edwards <[EMAIL PROTECTED]>
Crossposted-To:
uk.media.newspapers,uk.legal,alt.security.pgp,alt.privacy,uk.politics.parliament,uk.politics.crime,talk.politics.crypto,alt.ph.uk,alt.conspiracy.spy,alt.politics.uk,alt.security.scramdisk,uk.telecom
Subject: Re: Observer 4/6/2000: "Your privacy ends here"
Date: Fri, 9 Jun 2000 15:13:29 +0100
In article <[EMAIL PROTECTED]>, Bob <this.address.is.fake@ya
hoo.co.uk> writes
>there's surely no way they
>could do you.
surely you are confusing natural justice with what would actually happen
... :-)
--
George Edwards
------------------------------
From: George Edwards <[EMAIL PROTECTED]>
Crossposted-To:
uk.media.newspapers,uk.legal,alt.security.pgp,alt.privacy,uk.politics.parliament,uk.politics.crime,talk.politics.crypto,alt.ph.uk,alt.conspiracy.spy,alt.politics.uk,alt.security.scramdisk,uk.telecom
Subject: Re: Observer 4/6/2000: "Your privacy ends here"
Date: Fri, 9 Jun 2000 15:14:51 +0100
In article <[EMAIL PROTECTED]>, me
<[EMAIL PROTECTED]> writes
>Article 11
>
>(1) Everyone charged with a penal offence has the right to be presumed innocent
Speed cameras?
>
>until proved guilty according to law in a public trial at which he has had all
>the guarantees necessary for his defence.
What guarantees? One learns from experience. I wouldn't trust in this
for a moment.
--
George Edwards
------------------------------
From: "Jeff Moser" <[EMAIL PROTECTED]>
Subject: How did Mr. Schneier calcuate this figure?
Date: Fri, 9 Jun 2000 09:11:17 -0500
On page 323 of Applied Cryptography 2nd Edition, 3/4 of the way down the
page. Schneier explains that weak keys are (in hex)
0000, 0000, 0x00, 0000, 0000, 000x, xxxx, x000
To me, this seems like a total of up to 28 bits (7 * 4). Therefore, the
likelihood of getting one seems to be 2^28/2^128 = 1/2^100, however the
books says 1 in 2^96. Could somehow tell me where I'm making a mistake?
Thank you for your time,
Jeff
(I apologize if this message was received twice, I don't think the other one
made it to the server)
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: Random IV Generation
Reply-To: [EMAIL PROTECTED]
Date: Fri, 9 Jun 2000 13:58:46 GMT
tomstd <[EMAIL PROTECTED]> wrote:
: In article <8hpb0c$q1i$[EMAIL PROTECTED]>, [EMAIL PROTECTED] wrote:
:> tomstd <[EMAIL PROTECTED]> wrote:
:>A strong IV will help prevent dictionary attacks. A weak one (such as
:>the pathological case of "none") provides no help against dictionary
:>attacks.
:>
:>[...] dictionary attack 1024 times. By these feelings, the
:>more 'difficult to guess' bits in the IV, the more difficult a
:>dictionary attack will be.
:>Thus an IV could be judged Strong or Weak based on how many
:>bits of entropy went into its generation.
: The thing is that your IV don't need to be random at all... so
: how does 'randomness' or strength come into this at all?
Consider IVs that go 1,2,3,2,3,1,2,3,1,2,3,2,1,2,2,3,3... on consecutive
messages.
These IVs are weak. IVs that don't trivially repeat would be stronger.
--
__________ Lotus Artificial Life http://alife.co.uk/ [EMAIL PROTECTED]
|im |yler The Mandala Centre http://mandala.co.uk/ Namaste.
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: Arithmetic Coding
Reply-To: [EMAIL PROTECTED]
Date: Fri, 9 Jun 2000 14:06:38 GMT
tomstd <[EMAIL PROTECTED]> wrote:
: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) wrote:
:>[...] matt's site that has the best info on useful with source code
:>adaptive unadulterated arithmetic coding. [...]
: To the best of my knowledge no arithmetic coder adds anything
: that doesn't need to be there. So your logic is flawed my friend.
What if the arithmetic stream does not terminate on a byte boundary?
Think about it - an arithmetic coding stream is pretty good - but it
is only rarely as perfect as you will find at:
http://www3.sympatico.ca/mtimmerm/biacode/biacode.html
--
__________ Lotus Artificial Life http://alife.co.uk/ [EMAIL PROTECTED]
|im |yler The Mandala Centre http://mandala.co.uk/ Legalise IT.
------------------------------
From: [EMAIL PROTECTED]
Subject: probabilistic primality tests - error probability %
Date: Fri, 09 Jun 2000 14:18:50 GMT
hello all,
when i implement probabilistic primality tests,
i know that
with Millrob for one base error possibility 0.25
(and with n bases (0.25)^n )
with Lehman 0.5
with Lucas 5/16
with Frobenius 1/7710
say that i implement 20 bases with MillRob i get (0.25)^20
but how much this error probability decrease by checking 8691 primes
before this test? (is there a formula?)
(i firstly Test for easy division of primes upto 8691)
thanks for any help ....
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Some dumb questions
Date: Fri, 09 Jun 2000 16:47:44 +0200
Jim Gillogly wrote:
> Mok-Kong Shen wrote:
> > from other viewpoints, e.g. operating expenses/difficulties. (To
> > avoid flames from other readers due to misunderstanding, let me
> > repeat that I don't 'recommend' or 'propose' using n-OTP with
> > frequency flattening as desciribed above and that I am in fact not
> > even sympathetic to OTP as such.)
>
> Why, then, did you restart this discussion? Trying to help somebody
> out who was trying to breathe new life into the rotting corpse of
> a dead system seemed like a worthy goal, but wanking around with
> something <nobody> believes in seems like a waste of time. I'm out
> of this one.
Pardon. Which discussion? The frequency distribution issue? Since
you in your previous post once again touched about the issue of
cracking based on frequencies, I thought that it were consequently
allowed to respond to that on my part. Or was that perhaps a sin
of mine?
Nonetheless, I like to point out it is a subjective matter whether
OTP is a 'dead system'. At least till recently there have been several
discussion threads on that in the group. (For instance, in one thread
Guy Mason proposed to pad the plain text with random bits at the
beginning and the end.) So apparently there are people who have
'deviant' opinions concerning whether OPT is dead, which I think
is not only an inevitable fact in sciences but also an indication of the
healthy state of sciences.
M. K. Shen
------------------------------
Subject: Re: My lastest paper on Block Ciphers
From: tomstd <[EMAIL PROTECTED]>
Date: Fri, 09 Jun 2000 07:34:10 -0700
In article <8hqnne$pi5$[EMAIL PROTECTED]>, Simon Johnson
<[EMAIL PROTECTED]> wrote:
>In article <[EMAIL PROTECTED]>,
> tomstd <[EMAIL PROTECTED]> wrote:
>> In article <[EMAIL PROTECTED]>, "Sam Simpson"
>> <[EMAIL PROTECTED]> wrote:
>> >The "Starmath" font you use for mathematical symbols is not a
>> >standard font supplied with Windows/Office - perhaps you
could
>> either
>> >embed the font or use a portable document format (ps / pdf?).
>> >
>> >Apart from that, the paper is an interesting and generally
well
>> >written piece.
>> >
>>
>> I have never "embeded" a font before, but I will look into it.
>>
>> Sorry about the mess.
>>
>> Tom
>>
>> * Sent from RemarQ http://www.remarq.com The Internet's
Discussion
>Network *
>> The fastest and easiest way to search and participate in
Usenet -
>Free!
>>
>>
>
>Well, rather than moaning about trival portibility issues, i
downloaded
>word view from softseek.com.
>
>From what i've read its really very good. I'm sure there is a
wealth of
>knowledge in there for when i take a closer look.
>
>Just one tip:
>
>For completeness, make sure you leave no 'crypto' lingo
undescribed.
>e.g. Round, Fiestel network (altough you describe who made it,
u don't
>describe what it is)
Page two has a nice picture of a feistel network.... if there is
any other def'n missing please let me know. I am still working
on the paper.
Tom
* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
The fastest and easiest way to search and participate in Usenet - Free!
------------------------------
From: [EMAIL PROTECTED]
Subject: randomness tests
Date: Fri, 09 Jun 2000 14:28:17 GMT
hello all,
in order to check randomness of my random number(bit) generator
i use
1. ent package
2. diehard package
i read about FIPS PUB 140-1, any implementation around?
can anyone suggest me any tests?
thanks for any help ...
e-mail : [EMAIL PROTECTED]
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Random IV Generation
Date: Fri, 09 Jun 2000 16:50:28 +0200
Mark Wooding wrote:
> Mok-Kong Shen <[EMAIL PROTECTED]> wrote:
>
> > I agree with your first sentence, but I think that it helps, if one
> > can keep the IV unknown to the opponent.
>
> For CBC and CFB it can only protect the first plaintext block. I don't
> think there's any point in keeping it secret.
One could e.g. arrange to have IV derived from another key. That
way, one could add some difficulty to the opponent, if utilized in some
way better than e.g. CFB, I guess.
M. K. Shen
------------------------------
Subject: Re: Encoding 56 bit data ---HELP---
From: tomstd <[EMAIL PROTECTED]>
Date: Fri, 09 Jun 2000 07:37:12 -0700
In article <8hqpm1$r94$[EMAIL PROTECTED]>, dexMilano
<[EMAIL PROTECTED]> wrote:
>Is there some good algorithm coding 7 byte in 7 byte using a
masterkey.
>
>I thought about variable length and cipher but I can't fined
any good
>source to study.
You will most likely want a stream cipher for this case.
May I ask why you want to encode only 7 bytes with only a 7 byte
key? It seems for most purposes a 7 byte key is too small...
Tom
* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
The fastest and easiest way to search and participate in Usenet - Free!
------------------------------
Subject: Re: Arithmetic Coding
From: tomstd <[EMAIL PROTECTED]>
Date: Fri, 09 Jun 2000 07:39:49 -0700
In article <[EMAIL PROTECTED]>, Tim Tyler <[EMAIL PROTECTED]>
wrote:
>tomstd <[EMAIL PROTECTED]> wrote:
>: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) wrote:
>
>:>[...] matt's site that has the best info on useful with
source code
>:>adaptive unadulterated arithmetic coding. [...]
>
>: To the best of my knowledge no arithmetic coder adds anything
>: that doesn't need to be there. So your logic is flawed my
friend.
>
>What if the arithmetic stream does not terminate on a byte
boundary?
>
>Think about it - an arithmetic coding stream is pretty good -
but it
>is only rarely as perfect as you will find at:
>
> http://www3.sympatico.ca/mtimmerm/biacode/biacode.html
While your site looks nice, it's pure crap. Nowhere in any OS
does it state that your file must contain at least or a boundary
of 8 bits of *information*.
Note: It is possible to write 7 bits of *information* to a file
using ms-dos for example, you just end of wasting the last bit.
All real arithmetic coders do is calculate the high/low and when
they match in the upper decimal (bit) they shift the bit out.
This isn't secret hidden information, it's part of the bloody
number!!!
Tom
* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
The fastest and easiest way to search and participate in Usenet - Free!
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: testing non linearity of arithmetic-logic combinations
Reply-To: [EMAIL PROTECTED]
Date: Fri, 9 Jun 2000 14:20:18 GMT
tomstd <[EMAIL PROTECTED]> wrote:
: In article <[EMAIL PROTECTED]>, Tim Tyler <[EMAIL PROTECTED]> wrote:
:>Of those you mention only + and - have any non-linearity at all.
:>
:>AND and OR are normally considered non-linear operations, but
:> destroy information and do not immediately offer invertability.
: This is not true. Consider the following
: a' = (a and c) or (b and ~c)
: b' = (b and c) or (a and ~c)
: Which is completely invertable [...]
You seem bent on misunderstanding what I am trying to say.
AND and OR do not ***"immediately"*** offer reversibility - in the sense
of XOR does - and *can* destroy information.
I went on to point out that by combining them with other operations (for
example in a Feistel network), these functions can be usefully employed.
Your argument and example appear to be superfluous.
--
__________ Lotus Artificial Life http://alife.co.uk/ [EMAIL PROTECTED]
|im |yler The Mandala Centre http://mandala.co.uk/ Be good, do good.
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: testing non linearity of arithmetic-logic combinations
Reply-To: [EMAIL PROTECTED]
Date: Fri, 9 Jun 2000 14:11:20 GMT
tomstd <[EMAIL PROTECTED]> wrote:
: That's not true [...]
I think it was.
, bent functions are functions that are maximally
: non linear (I don't have the specific def on me, but I will post
: it when I get home)
: Anyways, a balanced sbox can be bent, take matsuis sboxes for
: example.
That's not true.
: Similarly CAST sboxes are bent.
[snip]
--
__________ Lotus Artificial Life http://alife.co.uk/ [EMAIL PROTECTED]
|im |yler The Mandala Centre http://mandala.co.uk/ This tagline no verb.
------------------------------
Subject: Thanks Sci.Crypt Readers
From: tomstd <[EMAIL PROTECTED]>
Date: Fri, 09 Jun 2000 07:45:53 -0700
Well about 100 people have gotten my paper so far, and I have
had lots of usefull feedback. I would like to thank you guys
(and gals) a million times over for reading it.
It means alot to me, so once again... thanks.
Tom
* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
The fastest and easiest way to search and participate in Usenet - Free!
------------------------------
From: "RecilS" <[EMAIL PROTECTED]>
Subject: Re: Solution for file encryption / expiration?
Date: Fri, 9 Jun 2000 10:50:53 -0400
=====BEGIN PGP SIGNED MESSAGE=====
Hash: SHA1
HELLO!?
Is anyone listening to the question!?
We've gotten into a discussion on the viability of PDF's encryption
algorithm and whether you should take notes in books or not.
Does anyone realize that he's simply copyright protecting a BOOK? If
someone really really wants the damn book they are going to
A) Go BUY it for at most $40
B) Go find someone who has it and borrow it
C) Find someone who has it, borrow it and type it.
D) Steal the damn thing from a real store
But most importantly...
E) They are not going to start up the old decryption engine.
People decrypt things that pertain to government secrecy and
corporate intelligence.
As long as the encryption format is decently strong, there may be one
or at most two idiots out there with enough time and interest to
decrypt it. (And they're probably the people who replied to you on
this newsgroup) but all in all if someone wants the book, this is NOT
how they are going to obtain it.
The cross-platform thing is still an issue but can be overcome if
you're creative enough.
The $8/hr thing is still an issue but can also be overcome by
'quitting' and finding a job.
P.S.> Everything is 'flawed'. Show me one thing on earth that you
can prove is completely secure and I will call you god.
Follow this equation...
R = Reward
T = Time
E = Effort
S = Is it simplest?
If R > T * E Then it will be done Unless S = False
Will Dormann <[EMAIL PROTECTED]> wrote in message
news:393d0d05$0$[EMAIL PROTECTED]...
> Hello!
>
> I work for a web site that provides books for free in PDF format on
> the internet. Most of our material is public domain, but in order
> to attract new authors, my boss is wanting to look into some sort
> of "protected" format. (Which cannot be displayed after a certain
> amount of time, and I guess encrypted to prevent copying too)
>
> 1) Is this practical? I would assume that this would require a
> speical software viewer? (which he would want me to program
> myself). This would make it a platform-specific item, too, I would
> assume. Currently books are in PDF format, which just about
> anybody can view.
>
> 2) Is it possible? I'm from the school of "If it can be viewed, it
> can be copied!" And as for the file "expirint" (not viewable, say,
> after 30 days)... You've got me!
>
> 3) Would anybody in their right mind even attempt such a project at
> $8 / hour?!? (boy, I need a new job!)
>
> TIA for any comments, suggestions, etc...
> (CC my E-mail if at all possible)
>
> -WD
>
> ____________________________________________________________________
> _ Need More Help?
> Check out the Abika Experts section at
http://www.Abika.com
=====BEGIN PGP SIGNATURE=====
Version: PGPfreeware 6.5.3 for non-commercial use <http://www.pgp.com>
iQA/AwUBOUEESxJETAFqh0RgEQJc+gCg+mQyBtXvYwmf7eQ24b54n4awHscAoIiD
2BO5pg+domJ87svIKRTobUwU
=+vp5
=====END PGP SIGNATURE=====
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
