Cryptography-Digest Digest #993, Volume #11 Sat, 10 Jun 00 01:13:00 EDT
Contents:
Re: Comments on "Encase" forum about EE ([EMAIL PROTECTED])
Re: Double Encryption Illegal? ("Adam Durana")
Re: Large S-Boxes (tomstd)
Re: evidence eliminator ASSHOLE is back (tomstd)
Re: randomness tests (tomstd)
Re: Very few encryption algorithms are being implemented at Supercomm2000 ... which
is fortunate ... (Eric Smith)
Re: OT: Starmath font (Bud Ward)
Re: Double Encryption Illegal? (wtshaw)
Random sboxes... real info (tomstd)
Re: Large S-Boxes (tomstd)
Re: Updated: Evidence Eliminator Dis-Information Center (Includes info on false SPAM
accusations) (Lronscam)
Re: Random sboxes... real info (tomstd)
Re: Random IV Generation (Johnny Bravo)
Re: Some dumb questions ("Douglas A. Gwyn")
Re: RIP Bill 3rd Reading in Parliament TODAY 8th May (U Sewell-Detritus)
Re: Observer 4/6/2000: "Your privacy ends here" (U Sewell-Detritus)
Re: Improving DES based MAC ("Tor Rustad")
Re: Updated: Evidence Eliminator Dis-Information Center (Includes info on false SPAM
accusations) (EE Detractor)
Re: Extending the size of polyalphabetic substitution tables ("Douglas A. Gwyn")
----------------------------------------------------------------------------
From: [EMAIL PROTECTED]
Crossposted-To:
alt.security.pgp,comp.security.firewalls,alt.privacy.anon-server,alt.privacy
Subject: Re: Comments on "Encase" forum about EE
Date: Sat, 10 Jun 2000 01:19:29 +0100
On Fri, 9 Jun 2000 17:19:20 -0700, [EMAIL PROTECTED] wrote:
>
>
>Look at what I found on the Guidance Software ("Encase") forum when I
>searched for "Evidence Eliminator". Both threads are interesting.
>
>http://www.guidancesoftware.com/ubb/Forum1/HTML/000183.html (Topic: BC Wipe
>and/or Evidence Eliminator 4.5?)
>http://www.guidancesoftware.com/ubb/Forum1/HTML/000176.html (Topic: Evidence
>Eliminator Software)
>
>Oh yeah, silly me, I forgot that EE is in COLLUSION with Encase, and these
>posts are meant to MAKE us believe that EE is a threat to forensic software.
>Geez, conspiracies sure are complicated :)
>
>EE support -
>I have a question about the following post:
>
>=== (Post on Topic: Evidence Eliminator Software) ===
>
>FYI: I've done some experimenting with Evidence Eliminator. Sometimes you're
>able to view previous internet history by viewing certain .DAT files.
>------------------
>NY State Police
>Computer Crime Unit
>
>=== (End post) ===
>
>1. EE, are you aware of this?
>2. What is the security risk of .DAT files from Norton Utilities Image? They
>facilitate (extremely well) the complete unformatting of a HD, so does that
>mean that they contain info re. internet history (or worse)? Should I not
>run Image? Please don't say it's so!.
>
>3. On an unrelated note, try this: after doing your best wipe, put your
>cursor in the Windows "Address toolbar" of the taskbar (you may have to
>enable it first). Press Ctrl-Up and see what you get. In some cases, I get
>ancient history even after wiping all there can be wiped (short of my entire
>HD :)
>
>Please comment
>
>
>
Notice how one of the "cops" at the guidance page in one of the links
above when discussing EE compares those of us who want privacy with
criminals.
Quote:
We have had a look at an evaluation copy of this. It provides a
general clean up of the hard drive slack space temp files etc.
Although we haven't run any field tests against encase I have no
reason to doubt that it will trash some of the evidence.
It is predictable that these tools will become more popular in the
same way gloves are to a burglar.
End Quote
'Nuff said about their mentality.
------------------------------
From: "Adam Durana" <[EMAIL PROTECTED]>
Subject: Re: Double Encryption Illegal?
Date: Fri, 9 Jun 2000 21:35:29 -0400
This is just a guess, since I have never used this software. I would guess
that this software uses a small key size so it can be exported, and double
encrypting with two _different_ keys would increase the key space to
something beyond what is allowed to be exported.
- Adam
"Crypto-Boy" <[EMAIL PROTECTED]> wrote in message
news:8hrbrf$a5b$[EMAIL PROTECTED]...
> On page 10-10 and 10-14 of the Oracle Advanced Security Administrator's
> Guide (from release 8.1.6 December 1999), it says the following (in bold
> no less):
>
> "Warning: You can use SSL encryption in combination with another Oracle
> Advanced Security authentication method. When you do this, you must
> disable any non-SSL encryption to comply with government regulations
> prohibiting double encryption."
>
> Since when is it illegal to double encrypt in the US? I don't believe
> this is true.
>
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.
------------------------------
Subject: Re: Large S-Boxes
From: tomstd <[EMAIL PROTECTED]>
Date: Fri, 09 Jun 2000 18:55:16 -0700
In article <8hs3v4$35n$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (David A. Wagner) wrote:
>In article <8hrtja$nte$[EMAIL PROTECTED]>,
>Simon Johnson <[EMAIL PROTECTED]> wrote:
>> I think i'm flogging a dead-horse here, but i'm after
evidence in 'a
>> dummies guide to' style to the pro's and con's of randomly
generated S-
>> boxes.
>
>Don't hold your breath waiting for ``a dummy's guide to cipher
design.''
>There's no such thing, and for a good reason. Cipher design is
subtle,
>and designing ciphers without any training in the field invites
disaster.
>
>This truly isn't meant as a flame, but if you think you need
such a
>``dummy's guide'', you might take that as a hint that you
probably
>shouldn't be doing cipher design!
While I agree beginners should not be *fielding* there own
designs there is no lack of merit from *breaking* their own
designs. There is a difference.
I admit I am still new here, but I find that I can better point
out problems with my toy ciphers *now*, then say 3 months ago...
Tom
* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
The fastest and easiest way to search and participate in Usenet - Free!
------------------------------
Subject: Re: evidence eliminator ASSHOLE is back
From: tomstd <[EMAIL PROTECTED]>
Date: Fri, 09 Jun 2000 18:56:45 -0700
In article <8hs0vl$qav$[EMAIL PROTECTED]>, [EMAIL PROTECTED]
wrote:
>This is not an advertising forum, period. I know
>of no other legitimate company, ala Norton, etc.
>that would intrude on newsgroup readers like this
>unprofessional clown. I urge others to join in
>total distain for these tactics. By the way,
>check out the Internic WHOIS for this goof
Nah a flamewar is not the way to go. Just ignore him and he
will go away.
BTW if EE is reading this. Please don't advertise closed-for-
sale software in sci.crypt. If you want to release white papers
or source code for peer review then go ahead. Otherwises buzz-
off.
Tom
* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
The fastest and easiest way to search and participate in Usenet - Free!
------------------------------
Subject: Re: randomness tests
From: tomstd <[EMAIL PROTECTED]>
Date: Fri, 09 Jun 2000 18:59:16 -0700
In article <8hqut9$vjb$[EMAIL PROTECTED]>, [EMAIL PROTECTED]
wrote:
>
>
>hello all,
>
>in order to check randomness of my random number(bit) generator
>i use
>1. ent package
>2. diehard package
>
>i read about FIPS PUB 140-1, any implementation around?
>
>can anyone suggest me any tests?
>
>thanks for any help ...
Diehard and ent are completely useless. Why? Because the only
usefull test is specific to *what* you want to use the prng for.
If you want to pick five cards randomly for poker, then test to
make sure your prng has a good random dsitribution of cards. If
you want to pick 0/1 answers make sure it's not serially
correlated or biased...
But performing DNA/OPSQ/Sphere/Etc.. tests are meaningless if
you can't interpret their results in a manner related to your
use of the prng.
Tom
* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
The fastest and easiest way to search and participate in Usenet - Free!
------------------------------
From: Eric Smith <[EMAIL PROTECTED]>
Subject: Re: Very few encryption algorithms are being implemented at Supercomm2000 ...
which is fortunate ...
Date: 09 Jun 2000 19:08:35 -0700
Markku J. Saarelainen <[EMAIL PROTECTED]> writes:
> Only some encryption algorithms are being implemented at
> Supercomm2000 ... which is unfortunate ...
Why would anyone want to implement an encryption algorithm in the
midst of a trade show? Surely an office or home would be a better
place to do it?
------------------------------
From: Bud Ward <[EMAIL PROTECTED]>
Subject: Re: OT: Starmath font
Date: Fri, 09 Jun 2000 19:32:35 -0700
Tom,
The font worked fine for me; the Word document now matches the PostScript
version.
---Bud
On Fri, 09 Jun 2000 12:24:16 -0700, tomstd <[EMAIL PROTECTED]>
wrote:
>In article <[EMAIL PROTECTED]>, Runu Knips
><[EMAIL PROTECTED]> wrote:
>>tomstd wrote:
>>> You can get the starmath True Type Font off my website at
>>> http://tomstdenis.com/files/starmath.ttf
>>
>>Thank you, but my Windows says its corrupted :-(
>
>Hmm just pick up the ps copy of the paper then
>
>http://tomstdenis.com/ffunctions.ps.gz
>
>Tom
>
>
>* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
>The fastest and easiest way to search and participate in Usenet - Free!
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Crossposted-To: comp.databases.oracle
Subject: Re: Double Encryption Illegal?
Date: Fri, 09 Jun 2000 20:10:36 -0600
In article <8hrbrf$a5b$[EMAIL PROTECTED]>, Crypto-Boy
<[EMAIL PROTECTED]> wrote:
> On page 10-10 and 10-14 of the Oracle Advanced Security Administrator's
> Guide (from release 8.1.6 December 1999), it says the following (in bold
> no less):
>
> "Warning: You can use SSL encryption in combination with another Oracle
> Advanced Security authentication method. When you do this, you must
> disable any non-SSL encryption to comply with government regulations
> prohibiting double encryption."
>
> Since when is it illegal to double encrypt in the US? I don't believe
> this is true.
>
This is to make it still breakable. All the noise about unregulated
domestic crypto seems to justify you doing just about anything crypto you
want to.
Regulations can be mere whims, expressive of wishful thinking; government
regulations are often written to make thing convenient for the
government. Good regulations make good sense, but government does not
have a right to get everything it wants to the expense of needed security
of the public; your business may be none of theirs.
--
If you wonder worry about the future enough to adversely limit
yourself in the present, you are a slave to those who sell security.
------------------------------
Subject: Random sboxes... real info
From: tomstd <[EMAIL PROTECTED]>
Date: Fri, 09 Jun 2000 19:50:54 -0700
at
http://tomstdenis.com/sboxes.txt
Is some testing on random 8x8 sboxes... (about 200 or so). I
will leave the test go overnight and see what it comes up with.
This should help settle the futile argument.
Tom
* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
The fastest and easiest way to search and participate in Usenet - Free!
------------------------------
Subject: Re: Large S-Boxes
From: tomstd <[EMAIL PROTECTED]>
Date: Fri, 09 Jun 2000 20:16:38 -0700
In article <8hs2m0$rgs$[EMAIL PROTECTED]>, zapzing <zapzing@my-
deja.com> wrote:
>In article <8hrtja$nte$[EMAIL PROTECTED]>,
> Simon Johnson <[EMAIL PROTECTED]> wrote:
>>
>>
>> I think i'm flogging a dead-horse here, but i'm after
evidence in 'a
>> dummies guide to' style to the pro's and con's of randomly
generated
>S-
>> boxes.
>>
>> I'm thinking 16x16 for a block-cipher i'm devolping (don't
hold u're
>> breath, i don't have 1/2 a clue what i'm doing :), i just
having fun.)
>>
>
>Well the DES s-boxes are quite small. They are
>designed to be optimal against differential
>cryptograpohy, but they are in the lowest
>9-16% of the similar sized sboxes in terms
>of resitance to linear cryptography. So much,
>I say,for trying to design them optimally.
>
>Big random sboxes are resistant to both
>differential and linear crypto :)
>And it's easy for mere mortals to "design" them.
While they are easy to design, they are hardly secure. Just
wait till I publish my test results on 8x8 sboxes (which will
also be in my paper as well).
Tom
* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
The fastest and easiest way to search and participate in Usenet - Free!
------------------------------
From: Lronscam <[EMAIL PROTECTED]>
Crossposted-To:
alt.security.pgp,comp.security.firewalls,alt.privacy.anon-server,alt.privacy
Subject: Re: Updated: Evidence Eliminator Dis-Information Center (Includes info on
false SPAM accusations)
Date: Fri, 9 Jun 2000 23:26:55 -0400
The addy of [EMAIL PROTECTED], In article ID
<[EMAIL PROTECTED]>, On or about Fri, 09 Jun 2000
20:45:50 +0100,
EE Support says...
>We don't "SPAM" but we strongly believe in our right to dispute and
>counter the hundreds of "SPAMMING" false messages posted to security
>newsgroups about our software. It has become commonly said by posters
>to these newsgroups that the ones posting the "anti-Evidence
>Eliminator" messages in all their disguises, are wearing badges and
>intend to compromise your privacy and security, by stopping you
>downloading a free Evidence Eliminator.
Get bent.... get real. Go to hell. What a loon you are.
I haven't even looked at EE and I hate the product. Don't you get that the
old way of selling things doesn't work anymore on the Internet?
Why don't you go and join the ranks of all the other conspiracy theorists
in the world.
------------------------------
Subject: Re: Random sboxes... real info
From: tomstd <[EMAIL PROTECTED]>
Date: Fri, 09 Jun 2000 20:29:34 -0700
Test on about 250,000 4x4 sboxes...
http://tomstdenis.com/sbox4.txt
Tom
* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
The fastest and easiest way to search and participate in Usenet - Free!
------------------------------
From: Johnny Bravo <[EMAIL PROTECTED]>
Subject: Re: Random IV Generation
Date: Sat, 10 Jun 2000 00:29:56 -0400
On Fri, 9 Jun 2000 13:58:46 GMT, Tim Tyler <[EMAIL PROTECTED]> wrote:
>: The thing is that your IV don't need to be random at all... so
>: how does 'randomness' or strength come into this at all?
>
>Consider IVs that go 1,2,3,2,3,1,2,3,1,2,3,2,1,2,2,3,3... on consecutive
>messages.
>
>These IVs are weak. IVs that don't trivially repeat would be stronger.
But they still don't have to be random.
1,2,3,4,5,6,7,8,9,10,11,12... Is acceptable as long as no value is
reused.
--
Best Wishes,
Johnny Bravo
"The most merciful thing in the world, I think, is the inability
of the human mind to correlate all it's contents." - HPL
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Some dumb questions
Date: Sat, 10 Jun 2000 04:41:29 GMT
Mok-Kong Shen wrote:
> But on reflection I came to the question of whether it could be that
> fatal if it were reused in an environment where everything excepting
> the reuse were impacable. [impeccible?]
The answer is, yes, for normal usage where the security is critically
dependent on the OTP component, then pad reuse compromises security.
> The book was not precise about code breaking at all.
That's good, because there are still some genuine secrets involved
with book breaking. However, study of the open literature on
classical cryptanalysis will show you plenty about the procedure(s).
There is a good practical codebook breaking exercise in the Zendian
problem. (If anybody has figured out the mapping between the code
word sequence [against the plaintext dictionary] and the code words
themselves, I'd appreciate hearing it. That would enable a great
deal more progress to be made past the point where most of us have
gotten.)
> On the other hand, there were some indications that a number of
> other errors than the reuse probably also have materially
> contributed to NSA's success.
If you mean VENONA, that was really an ASA success. Of course the
cryptanalyst takes advantage of *all* lucky breaks, but for the
most part it was just hard work springing from the break of the
pad reuse.
> The book also mentioned rumors of Venona not being actually
> cracked as such.
If you mean, it wasn't successfully cryptanalyzed, wrong! If you
mean, some of the plaintext was never recovered, right! (That is
usual for codebook-based systems.)
------------------------------
From: [EMAIL PROTECTED] (U Sewell-Detritus)
Crossposted-To:
uk.media.newspapers,uk.legal,alt.security.pgp,alt.privacy,uk.politics.parliament,uk.politics.crime,talk.politics.crypto,alt.ph.uk,alt.conspiracy.spy,alt.politics.uk,uk.telecom
Subject: Re: RIP Bill 3rd Reading in Parliament TODAY 8th May
Date: 10 Jun 2000 04:49:42 GMT
Fergus O'Rourke <[EMAIL PROTECTED]> wrote:
>
>I have been accused of being "related to the legislature" (no, I don't
>understand how to be, either), but this is too starry-eyed even for me.
No, buddy, you've been accused and you're guilty unless you can prove
otherwise.
------------------------------
From: [EMAIL PROTECTED] (U Sewell-Detritus)
Crossposted-To:
uk.media.newspapers,uk.legal,alt.security.pgp,alt.privacy,uk.politics.parliament,uk.politics.crime,talk.politics.crypto,alt.ph.uk,alt.conspiracy.spy,alt.security.scramdisk,uk.telecom
Subject: Re: Observer 4/6/2000: "Your privacy ends here"
Date: 10 Jun 2000 04:49:41 GMT
John Nuttall <[EMAIL PROTECTED]> wrote:
>On another note (as a UK citizen) - what is the position re the Channel
>Islands? They have their own legislative body - so if all the UK ISPs pulled
>out and migrated, I presume the lunatic Bill would be dead in the water.
It seems Sealand has taken the lead here.
http://www.suffolk-now.co.uk/Content/News/htm/000609sealand.htm
------------------------------
From: "Tor Rustad" <[EMAIL PROTECTED]>
Subject: Re: Improving DES based MAC
Date: Sat, 10 Jun 2000 05:42:17 +0200
"Scott Fluhrer" <[EMAIL PROTECTED]> wrote in message
> The computational costs for 3 key 3DES is no less than for 2 key 3DES, and
> in many applications, the additional key bits are available anyways.
Since
> 3 key 3DES is believed to be strictly more secure than 2 key 3DES, and has
> (for those "many applications") no disadvantages, why go with 2 key 3DES?
>
The point is that in hardware devices, NVRAM space can be very restricted,
going from single DES to 2K3DES, double the space requirements already. If I
can't hold the key table inside NVRAM, then I need to export/import DES key
to external storage, that means extra DES encryption/decryption, which will
hurt performance badly...
> None of these is much stronger than DES -- they can all be broken in
> O(2**64) operations, with neglicable memory, and 2 known
plaintex/ciphertext
> pairs. To take case b, you take your known plaintext/ciphertext pairs
> (P1,C1) and (P2,C2), and rearrange the equations:
>
> C1 = k2 XOR (DESk( k XOR P1 ))
> C2 = k2 XOR (DESk( k XOR P2 ))
>
> C1 XOR C2 = DESk( k XOR P1 ) XOR DESk( k XOR P2 )
>
> Then, you iterate through the various possible values of k until you find
> values that satisfy this last equation.
>
I did not see the above, nice! So you are stating that the strenght of
C = k XOR (DESk( k XOR P ))
is 2^64?
Is that also the case if one of the XOR operations are removed?
--
Tor
------------------------------
From: EE Detractor <[EMAIL PROTECTED]>
Crossposted-To:
alt.security.pgp,comp.security.firewalls,alt.privacy.anon-server,alt.privacy
Subject: Re: Updated: Evidence Eliminator Dis-Information Center (Includes info on
false SPAM accusations)
Date: Fri, 09 Jun 2000 22:50:10 -0500
On Sat, 10 Jun 2000 00:52:15 +0100, [EMAIL PROTECTED] wrote:
> The
>average person simply doesn't begin to know enough about the
>architecture of Windows to find all of the nooks and crannies where
>passwords, damning evidence, etc., could be hiding, just waiting for
>Encase to find it.
Thank you for admitting to my point. :-)
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Extending the size of polyalphabetic substitution tables
Date: Sat, 10 Jun 2000 04:55:12 GMT
Mok-Kong Shen wrote:
> ... That is not to imply at all that their design is simple but
> only that high quality S-boxes are well within the current state of
> the art ...
You're "begging the question". On what grounds do you say that
those [AES] S-box sets are "high quality"? Maybe they aren't, in
which case that would support the position you're arguing against.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
