Cryptography-Digest Digest #988, Volume #11 Fri, 9 Jun 00 12:13:01 EDT
Contents:
Re: Statistics of occurences of prime number sequences in PRBG output as (John)
Re: Thanks Sci.Crypt Readers (tomstd)
Re: Statistics of occurences of prime number sequences in PRBG output as (John)
Re: Solution for file encryption / expiration? (Mark Wooding)
Re: Solution for file encryption / expiration? (Andru Luvisi)
Re: Encoding 56 bit data ---HELP--- ([EMAIL PROTECTED])
Re: Cryptographic voting (Mok-Kong Shen)
Re: DES question (Mok-Kong Shen)
Re: help for rc5 cryptanalysis (David A. Wagner)
Re: My lastest paper on Block Ciphers (Andru Luvisi)
Re: Cryptographic voting (Randy Poe)
Re: Random IV Generation (David A. Wagner)
Re: My lastest paper on Block Ciphers ([EMAIL PROTECTED])
Re: DECT encryption algorithms? (Paul Koning)
Re: My lastest paper on Block Ciphers (Paul Koning)
Re: OT: Starmath font (Runu Knips)
----------------------------------------------------------------------------
Subject: Re: Statistics of occurences of prime number sequences in PRBG output as
From: John <[EMAIL PROTECTED]>
Date: Fri, 09 Jun 2000 08:08:04 -0700
Odd. You would not be able to encrypt much data with just prime
#s, as there aren't that many between 0 and 255. If you go
higher, you even get less primes.
* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
The fastest and easiest way to search and participate in Usenet - Free!
------------------------------
Subject: Re: Thanks Sci.Crypt Readers
From: tomstd <[EMAIL PROTECTED]>
Date: Fri, 09 Jun 2000 08:08:45 -0700
Following the advice of Matthew Fisher I installed a postscript
printer on my win98 machine... There is a .PS copy of the paper
(draft) for ya to read now...
http://tomstdenis.com/ffunctions.ps.gz
Thanks a bunch,
Tom
* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
The fastest and easiest way to search and participate in Usenet - Free!
------------------------------
Subject: Re: Statistics of occurences of prime number sequences in PRBG output as
From: John <[EMAIL PROTECTED]>
Date: Fri, 09 Jun 2000 08:18:19 -0700
Mathematicians and computer scientists view formulas a bit
differently. A mathematical formula can be translated into a
computer program. Some computer programs can't always be
translated into one simple mathematical formula.
* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
The fastest and easiest way to search and participate in Usenet - Free!
------------------------------
From: [EMAIL PROTECTED] (Mark Wooding)
Subject: Re: Solution for file encryption / expiration?
Date: 9 Jun 2000 15:21:15 GMT
RecilS <[EMAIL PROTECTED]> wrote:
> HELLO!?
> Is anyone listening to the question!?
You're rude, and you've clearly not been reading the answers properly.
> We've gotten into a discussion on the viability of PDF's encryption
> algorithm and whether you should take notes in books or not. Does
> anyone realize that he's simply copyright protecting a BOOK?
He's doing more than that. Encrypting the data and using `trusted'
reader software also prevents consumers from properly exercising their
fair use rights, to the same extent as it prevents copying the plaintext
document. (It doesn't, and indeed can't, stop copying of the ciphertext
at all, which is even more of a stupid mess.)
> If someone really really wants the damn book they are going to
[...]
> But most importantly...
> E) They are not going to start up the old decryption engine.
They don't need to. One of the points being made is that the key is
already known to the client computer. It's not a matter of
cryptanalysis: it's a matter of picking the key out of some code which
already knows it.
> As long as the encryption format is decently strong, there may be one
> or at most two idiots out there with enough time and interest to
> decrypt it. (And they're probably the people who replied to you on
> this newsgroup) but all in all if someone wants the book, this is NOT
> how they are going to obtain it.
You've also forgotten that, once an unprotected version has been
produced, by whatever means, it can be made widely available with
negligible cost.
> P.S.> Everything is 'flawed'. Show me one thing on earth that you
> can prove is completely secure and I will call you god.
There's a difference between `flawed' and being a hopelessly misguided
failure with questionable ethics.
-- [mdw]
------------------------------
From: Andru Luvisi <[EMAIL PROTECTED]>
Subject: Re: Solution for file encryption / expiration?
Date: 09 Jun 2000 08:24:41 -0700
"RecilS" <[EMAIL PROTECTED]> writes:
[snip]
> But most importantly...
> E) They are not going to start up the old decryption engine.
[snip]
Even if your arguments were correct, and the opposing side has been
represented well enough that I'm not going to get into that in this
post, you are still ignoring the massive inconvenience to users. That
is the reason I will not buy a Rocket eBook. The publisher of an
ebook for the rocket gives you a copy which can only be read on that
one piece of hardware. If it gets run over by a truck, you need to
buy another and get the publisher to give you another copy. If they
are out of business, you are out of luck. When I buy a book, I intend
to keep my ability to read it well into the next decade, and I intend
to be able to sell it to others.
You are also ignoring the point that there can never be a Free
Software reader for such material. Why should someone have to run
proprietary software which doesn't come with source just so that they
can read a book, which is pure *data*? I have to *trust* you in order
to run your proprietary software on *my* system, but I don't have to
trust you at all to read a text file you give me. It should be the
same with books.
As I said, to the extent that any such scheme succeeds, the
perpetrator is harming his users, and hence eventually himself.
Andru
--
==========================================================================
| Andru Luvisi | http://libweb.sonoma.edu/ |
| Programmer/Analyst | Library Resources Online |
| Ruben Salazar Library |-----------------------------------------|
| Sonoma State University | http://www.belleprovence.com/ |
| [EMAIL PROTECTED] | Textile imports from Provence, France |
==========================================================================
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Encoding 56 bit data ---HELP---
Date: Fri, 09 Jun 2000 15:31:38 GMT
In article <[EMAIL PROTECTED]>,
tomstd <[EMAIL PROTECTED]> wrote:
> In article <8hqpm1$r94$[EMAIL PROTECTED]>, dexMilano
> <[EMAIL PROTECTED]> wrote:
> >Is there some good algorithm coding 7 byte in 7 byte using a
> masterkey.
> May I ask why you want to encode only 7 bytes with only a 7 byte
> key? It seems for most purposes a 7 byte key is too small...
This brings to mind a question I have had for some time now; is there
any point in using a key larger than the data to be encrypted? If there
is danger in brute-force-searching the key, why not brute-force search
the plain-text instead? :)
:)
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Crossposted-To: sci.math
Subject: Re: Cryptographic voting
Date: Fri, 09 Jun 2000 17:49:18 +0200
Mark Wooding wrote:
> There's some interesting work happening at IBM on voting systems. See,
> for example, `A Secure and Optimally Efficient Multi-Authority Election
> Scheme', by R. Cramer, R. Gennaro and B. Schoenmakers, at
>
> http://www.research.ibm.com/security/election.ps
Thanks for providing the pointer.
May I reiterate my point concerning trusted party, which is on a basic
level? The trusted party has to do something with me, before I can
vote, right? How can it be sure that I am 'really' the person with the
name that I claim to have, and perphaps with all the other data that
combine to (hopefully) be unique to a physical person, like birth
place, birth date, name of parents, etc.? Or is that immaterial in
such voting? (I happen to know of persons who have lived decades
with identity papers carrying other family names, even one whose
false identification was apparently known to the authorities but
was for some unknown reason tolerated by them.)
M. K. Shen
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: DES question
Date: Fri, 09 Jun 2000 17:49:26 +0200
Paul Pires wrote:
> This is inexcusable. I asked for input and you personally attack the
> respondents. Personal attacks on someone else's knowledge, agenda or motives
> is not cool. Were I come from, stating that some one lies is the gravest
> insult. Its reckless and gratuitous use is a sign of shallowness.
>
> <This is a bunch of BS and you should know better.
>
> <So your point is not valid, and please don't spread such lies.
>
> If you have a personal problem with this guy, take it off line.
>From the phenomenon you described above, I believe it
would be very desirable, if everyone of us could take
care to behave in disciplined ways that are commonly
understood at least in academic circles of all
scientific fields. It is certainly not that difficult
to avoid bad words, personal assults, derision over
other person's poor knowledge, vanity on one's own
expertise, arguing for arguing's sake, 'side-tracking'
(diverting the theme at hand to other only remotely
related topics and eventually to entirely different
fields, while at the same time occupying enormous
bandwidth), hard-neckedly claiming 'truth' without
caring to provide supporting materials and attributing
others' doubts to be a result of their inability to
comprehend or laziness to take efforts to learn, etc.
etc. etc. It may be nice, if some traffic from simple
and often posed questions could be reduced. (If anyone
wishes to help this, he could e.g. add to his signature
informations about how to access the FAQ of our group.)
On the other hand, I suppose the goal of our group is
to enable those who currently know too little of some
topics to enrich their knowledge through informations
obtained from those who know more. It is in my view not
a shame to ask dumb questions. (I am among those, if
not 'the' one, who most frequently ask dumb questions.)
I believe it is a pleasure for those that provide the
answers to have such opportunities to help other people.
No one can nowadays be the absolute master in even a
very narrow subfield of science. Even Gauss, if he lived
today, wouldn't be able to know 'everything' of the
modern mathematics exceedingly well. Surely there are
many good experts in some subfields of crypto in our
group. But these can (almost inevitably) be less
knowledgeable in some other subfields. That's way
everybody is benefited from the possibility of rapid
and uncomplicated knowledge exchange mechanism provided
by our group. (He who believes that he always 'gives'
and never 'takes' is likely to get bored and will sooner
or later leave the group, if he acts rationally as a
human.) It is unfair to look down and laugh at people
who have not learned as much as one has oneself. Even
the Nobel prize laureates are once unknowledgeable
beginners in their respective fields. It is indeed very
often true that those who strive to demonstrate at all
opportunities the richness of their knowledge are in
fact among those who are rather poor in that very
'property'. A Chinese proverb says that a genius often
looks like someone that is uningelligent. The philosopher
Confucius said: 'Of three men from the street there is
at least one who can be my teacher'. It certainly can't
hurt, if one manages to be friendly or even a little bit
humble towards the others.
M. K. Shen
==========================
http://home.t-online.de/home/mok-kong.shen
------------------------------
From: [EMAIL PROTECTED] (David A. Wagner)
Subject: Re: help for rc5 cryptanalysis
Date: 9 Jun 2000 08:41:15 -0700
In article <[EMAIL PROTECTED]>,
Mark Wooding <[EMAIL PROTECTED]> wrote:
> Just to check: the round function, on a pair of words (x, y), is
> x = (x ^ y) + k_{2r}
> y = (y ^ x) + k_{2r+1}
> [...]
> Finally: the biggest problem I see with analysing this cipher is the
> large number of equivalent and nearly-equivalent keys there are.
Here's one more. The low n bits of both halves of the ciphertext
only depend on the low n bits of both halves of the plaintext, eek.
------------------------------
From: Andru Luvisi <[EMAIL PROTECTED]>
Subject: Re: My lastest paper on Block Ciphers
Date: 09 Jun 2000 08:33:44 -0700
Simon Johnson <[EMAIL PROTECTED]> writes:
[snip]
> Well, rather than moaning about trival portibility issues, i downloaded
> word view from softseek.com.
[snip]
Does it come with source? Does it compile on Linux?
If the answer is "no" to either of the above, the portability issues
are *not* trivial.
The word format is proprietary, and hence support by Free Software
will probably be sketchy for a long time. This is a significant
portability issue.
Furthermore, there will *always* be significant portability issues if
you lock your data up in a proprietary format.
Andru
--
==========================================================================
| Andru Luvisi | http://libweb.sonoma.edu/ |
| Programmer/Analyst | Library Resources Online |
| Ruben Salazar Library |-----------------------------------------|
| Sonoma State University | http://www.belleprovence.com/ |
| [EMAIL PROTECTED] | Textile imports from Provence, France |
==========================================================================
------------------------------
From: [EMAIL PROTECTED] (Randy Poe)
Crossposted-To: sci.math
Subject: Re: Cryptographic voting
Date: Fri, 09 Jun 2000 15:11:06 GMT
On Thu, 08 Jun 2000 19:56:10 GMT, Greg <[EMAIL PROTECTED]> wrote:
>I am pretty certain this is a ruling that effects all of America. I
>know in CA there is a stink about hispanics voting at multiple
>precincts. They get on a bus and travel from one voting booth to
>another all day long. They are not required to show identification
>because that would violate their rights.
And who do they vote as? And why do you say this form of fraud, if it
exists, is only among hispanics?
I can't recall if I show ID when I vote. I do know that I have to give
them my name, and that the name and address I give them must be a name
and address that appears on their rolls, and that the signature I give
them is checked against a signature they have on file.
Are you saying that California does not have voter registration?
- Randy
------------------------------
From: [EMAIL PROTECTED] (David A. Wagner)
Subject: Re: Random IV Generation
Date: 9 Jun 2000 08:49:58 -0700
In article <qPY%4.1111$[EMAIL PROTECTED]>,
Adam Durana <[EMAIL PROTECTED]> wrote:
> An initialization vector (IV), does not need to be generated by a secure
> random number generator. It does not even need to be random. It just has
> to be unique for each message.
This is a common myth, but it's not true. Consider CBC mode, where
C[i] = Encrypt(C[i-1] xor P[i]), and C[0] = IV.
Suppose you see two encryptions whose first block is the same, i.e.,
C'[1] = C[1]. Then, since encryption is bijective, you may conclude that
C'[0] xor P'[1] = C[0] xor P[1], or equivalently, that P'[1] xor P[1]
= IV' xor IV. This reveals information on 64 bits of the plaintexts.
If the IV is random, this will happen with low probability (just 1/2^64,
for each pair of messages), so you don't need to worry about it.
BUT, if the IV is non-random, it can happen with much higher probability,
e.g., in the following way. If we use, e.g., a counter for the IV,
we often have two consecutive IV's differing only in their low bit, so
that IV' xor IV = 1. Moreover, if we are encrypting ASCII text, it can
arise that the messages differ for the first time in the 8th character,
and even there differ only in the low bit of the 8th character, so that
P'[1] xor P[1] = 1. Then, in this case, the first block of ciphertext
will reveal information, and this happens with non-negligible probability.
Use random, unpredictable IV's. Non-random IV's are risky.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: My lastest paper on Block Ciphers
Date: Fri, 09 Jun 2000 15:48:35 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (Mark Wooding) wrote:
> Tom: Please take a look at LaTeX some time.
Tom, I am assuming you are rather stuck on Windows for the time being;
if that is the case, look at MikTeX.de -- they have a free TeX
distribution for windows, though I don't know how nice it is.
> Good books are available. You have to pay money for them, which is a
> shame. Starting at the beginning: `The LaTeX2e Document Processing
> System' by L. Lamport is the reference to LaTeX;
I have found this one book more than sufficient for my LaTeXing needs.
Here is some boilerplate (off the top of my head, so this might not work
*perfectly* :) to give you a feel for it:
\documentclass[twocolumn]{article}
\author{Seth Arnold}
\title{An example boilerplate for LaTeX}
\begin{document}
\maketitle
\section{Sections are easy!}
If we want to solve $x^{2}=4$ for $x$ we can take square roots:
$\sqrt{x^{2}}=\sqrt{4}$ which gives $x_{0}=\pm 2$.
New paragraphs are blakn-line-delimited.
\section{Solving for $\pi$}
Solving for \[\pi=3\frac{\alpha}{\beta}\].
That last equation is `displayed' --- it is centered in the body of text
surrounding it.
\end{document}
It takes a little while to get good at the entry, but it will probably
be a lot faster than using Word. I remember using word's equation editor
and not liking it one bit. I imagine it will take you perhaps one paper
to get used to using LaTeX, and you will see returns on the second
paper.
I must say, I love using LaTeX, because the professors that don't know
about LaTeX can't understand why my papers are so beautiful. The
professors that do know about LaTeX are *thrilled* that their students
are so interested in using it.
Without a doubt, I wish someone (like Mark :) had told me years ago
about LaTeX. Just spend the money on the Lamport book (never mind that
the illustrations are .. uhh .. ``different'') and give it a shot. I
think you will like it, and probably your teachers will like it too. :)
One last parting thought --- it certainly helps to have a texteditor
that does latex syntax highlighting. My personal favorite is vim, I
think there might be a windows port of that beast. vim is certainly not
for everyone.
:)
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Paul Koning <[EMAIL PROTECTED]>
Subject: Re: DECT encryption algorithms?
Date: Fri, 09 Jun 2000 11:29:36 -0400
Roman Maeder wrote:
>
> quite in contrast to GSM, whose encryption algorithm A5 has been the
> topic of widespread discussion on the Net, almost nothing can be found
> on the encryption techniques used for DECT (the digital standard for
> cordless phones). There is a "DSC" (DECT Standard Cipher), mentioned
> at ETSI, but it is available only under nondisclosure and for a fee
> (http://www.etsi.org/dvbandca/ALGO/listtest.htm). Is anything known
> publicly about DECT encryption?
I don't know, but given the origin and the fact that it's
secret, you should start with the assumption that it is weak.
paul
------------------------------
From: Paul Koning <[EMAIL PROTECTED]>
Subject: Re: My lastest paper on Block Ciphers
Date: Fri, 09 Jun 2000 11:54:58 -0400
tomstd wrote:
>
> I have just finished the Draft of my latest paper. It's called
>
> "On Cryptographically Strong F Functions"
>
> And is available (sorry) only in Word97 format at
You're going to find it much easier to get people interested
in looking at things if you post PDF files. Or even PS files.
PDF files you can do easily, though it may cost you a small
sum to get the needed software. (Or perhaps not anymore?).
PS you can do with Word at no charge, just install the PostScript
printer driver.
paul
------------------------------
Date: Fri, 09 Jun 2000 18:01:40 +0200
From: Runu Knips <[EMAIL PROTECTED]>
Subject: Re: OT: Starmath font
tomstd wrote:
> You can get the starmath True Type Font off my website at
> http://tomstdenis.com/files/starmath.ttf
Thank you, but my Windows says its corrupted :-(
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
