Cryptography-Digest Digest #72, Volume #12 Tue, 20 Jun 00 14:13:01 EDT
Contents:
Re: "What 'flagrant' bugging abuse?",asks Home Secretary Straw [Was Re: RIP Bill 3rd
Reading in Parliament TODAY 8th May] (JimD)
Re: mother PRNG - input requested (Jerry Coffin)
Comments/analysis requested ([EMAIL PROTECTED])
Re: Is this a HOAX or RSA is REALLY broken?!? (Terry Ritter)
Re: MD5 Expansion (James Felling)
Classical Crypto Books (CryptoBook)
Re: small subgroups in Blum Blum Shub (David A. Wagner)
Re: Encryption on missing hard-drives (Paul Koning)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (JimD)
Crossposted-To:
uk.media.newspapers,uk.legal,alt.security.pgp,alt.privacy,uk.politics.parliament,uk.politics.crime,talk.politics.crypto,alt.ph.uk,alt.conspiracy.spy,uk.telecom
Subject: Re: "What 'flagrant' bugging abuse?",asks Home Secretary Straw [Was Re: RIP
Bill 3rd Reading in Parliament TODAY 8th May]
Date: Tue, 20 Jun 2000 16:31:51 GMT
Reply-To: JimD
On 20 Jun 2000 11:01:38 GMT, [EMAIL PROTECTED] (U Sewell-Detritus)
wrote:
>James Hammerton <[EMAIL PROTECTED]> wrote:
>
>>You have to prove you're not lying when you say that, which is well impossible.
>
>In Letters to the Editor, Jack Straw, the British Home Secretary
>poses the following question to the readers of The Daily Telegraph
>(Monday 19 June 2000):
>
>--------
>Unjustified worries about e-mails
>
>SIR - You peddle many erroneous assumptions about the
>Regulation of Investigatory Powers Bill, including the
>extraordinary assertion that there has been "flagrant"
>abuse of telephone interception.
>
>Where is the evidence for this?
>
>[snip]
> Jack Straw
> Home Secretary
> London SW1
>--------
I believe the evidence can be found at an ostensibly British
Telecomm establishment at Oswestry under the codename 'Tinkerbell'.
--
Jim Dunnett.
g4rga at thersgb.net
------------------------------
From: Jerry Coffin <[EMAIL PROTECTED]>
Subject: Re: mother PRNG - input requested
Date: Tue, 20 Jun 2000 11:32:43 -0600
In article <d7N35.269$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] says...
[ ... ]
> Has anyone used/tinkered with George Marsaglia's MOTHER
> generator?
> What are your thoughts on a PRNG with a 32-bit seed but a
> big-ass period, such as MOTHER - for the purposes of
> medium-security crypto apps?
I suppose that depends on what you mean by "medium-security" -- if
you're planning to use the PRNG in such a way that the 32-bit seed
means you have only a 32-bit key for your cipher, then it's not
likely to be good for much more than "kid-sister" level security
except in _extremely_ tactical situation (i.e. where the attacker has
only a VERY short period of time during which an attack can be
sucessful).
For example, the attacker has to test only a tiny bit over a million
keys a second to be assured of finding the correct key within an
hour.
--
Later,
Jerry.
The universe is a figment of its own imagination.
------------------------------
From: [EMAIL PROTECTED]
Subject: Comments/analysis requested
Date: Tue, 20 Jun 2000 17:31:29 GMT
I am very new to this stuff but I have run across the following
encryption technique. I am curious as to how strong it is.
Particularly if it is possible to take the encrypted text and the
original text and derive the encrypted password.
Thanks, Wayne Price
here it is:
the following will replace the original text with the encrypted text.
encryptedpassword
= '<90h,44h,ABh,95h,30h,D9h,B1h,92h,34h,83h,40h,91h,78h,D5h,9Ah,A2h>'&|
'<C4h,2Ch,2Bh,69h,90h,A9h,D5h,B5h,64h,25h,D5h,64h,98h,2Dh,D1h,B5h>' & |
'<50h,58h,D2h,49h,48h,35h,6Bh,61h,48h,E6h,22h,97h,A0h,5Ah,CAh,E2h>' & |
'<CCh,94h,90h,21h,60h,6Bh,ABh,F4h,A4h,2Dh,42h,53h,D8h,B9h,29h,95h>'
OriginalText = All('<B0h>',64)
Loop Counter = 1 to 16
ecx = EncryptedPasswordValue[Counter]
esp20 = ecx
esi = ecx
esi = band(esi,0Fh)
edx = OriginalTextValue[Counter]
esp24 = edx
ebp = OriginalTextValue[ esi+1 ]
edi = ebp
edi = band(edi,ecx)
ecx = bxor(ecx,0ffffffffh)
edx = band(edx,ecx)
edi = bor(edi,edx)
edx = EncryptedPasswordValue[Counter]
edi = edi + edx
OriginalTextValue[ esi+1 ] = edi
esi = esp24
esi = band(esi,edx)
ebp = band(ebp,ecx)
esi = bxor(esi,ebp)
esi = esi + edx
OriginalTextValue[ Counter ] = esi
End
the following will put it back:
Loop Counter = 16 to 1 By -1
eax = EncryptedPasswordValue[Counter]
ecx = band(EncryptedPasswordValue[Counter],0Fh)
ebp = OriginalTextValue[ Counter ]
if ebp < eax
ebp = maxulong + 1 + ebp - eax
else
ebp = ebp - eax
end
edi = OriginalTextValue[ ecx+1 ]
if edi < eax
edi = maxulong + 1 + edi - eax
else
edi = edi - eax
end
esp24 = edi
esi = band(ebp,eax)
edx = bxor(eax,0ffffffffh)
edi = band(edi,edx)
esi = bor(esi,edi)
OriginalTextValue[ Counter ] = esi
esi = esp24
esi = band(esi,eax)
ebp = band(ebp,edx)
esi = bor(esi,ebp)
OriginalTextValue[ ecx+1 ] = esi
End
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED] (Terry Ritter)
Subject: Re: Is this a HOAX or RSA is REALLY broken?!?
Date: Tue, 20 Jun 2000 17:46:35 GMT
On Tue, 20 Jun 2000 11:19:11 -0600, in
<[EMAIL PROTECTED]>, in sci.crypt Jerry
Coffin <[EMAIL PROTECTED]> wrote:
>[...]
>IOW, for the most part "AI" is simply used to refer to areas we don't
>know how to deal with effectively yet. As we learn to deal with any
>particular area effectively, it simply gets re-categorized so it's no
>longer AI.
I would say that the term "AI" was used to represent alternate ways to
think about programming a computer. In particular, AI stuff was to in
some sense make its own decisions, instead of simply following a rigid
program. But it turns out that fairly-conventional programs can be
written to solve some of the AI problems, in which case the solution
is not AI.
---
Terry Ritter [EMAIL PROTECTED] http://www.io.com/~ritter/
Crypto Glossary http://www.io.com/~ritter/GLOSSARY.HTM
------------------------------
From: James Felling <[EMAIL PROTECTED]>
Subject: Re: MD5 Expansion
Date: Tue, 20 Jun 2000 12:44:32 -0500
Arthur Dardia wrote:
> [EMAIL PROTECTED] wrote:
>
> > In article <10839b68.9f89254c@usw-ex0104-
> > 031.remarq.com>,
> > tomstd <[EMAIL PROTECTED]> wrote:
> > > Andrew Bortz <[EMAIL PROTECTED]> wrote:
> > > >In the interest of increasing the size of a
> > MD5 hash, I have
> > > been
> > > >thinking of a fairly simple method:
> > > >
> > > >1) Calculate the MD5 hash of the data
> > > >2) Permute the data, preferable at the
> > beginning, in some small
> > > manner
> > > >3) Calculate the MD5 hash of the new data, and
> > append to the
> > > original
> > > >hash
> > > >4) Lather, rinse, repeat as necessary/paranoid
> > > >
> > > >It seems as though it would work, and using
> > the 256-bit variant
> > > (one new
> > > >hash) it would appear as though it yields huge
> > advances in
> > > protection,
> > > >utilizing the apparent collision-free nature
> > of MD5.
> > > >
> > > >Finally getting the root of my question...
> > Since the hash
> > > method in its
> > > >entirety will/must be disclosed, it will be
> > possible for
> > > attackers to
> > > >possibly utilize the two hashes in some attack
> > to reveal the
> > > data
> > > >originally hashed. My question is, is MD5
> > secure enough to
> > > withstand
> > > >giving an attacker a significant statistical
> > peep at the data
> > > that was
> > > >hashed?
> > >
> > > From what I gather you want todo this
> > >
> > > A = H(M)
> > > B = H(L(A))
> > >
> > > Where M is the original message, L is a linear
> > transform and H
> > > is the hash function.
> > >
> > > This is no more secure then the original
> > underlying hash
> > > function and I will show why.
> > >
> > > We know that a collision by the birthday
> > paradox will take 2^64
> > > effort against MD5 (since it's a 128-bit
> > hash). However, a
> > > collision in A is sufficient to find a
> > collision in the entire
> > > hash. In otherwords your 256-bit hash can be
> > broken in 2^64
> > > guesses which is far under the birthday paradox
> > limit for a 256-
> > > bit hash.
> > >
> > > Tom
> > >
> > > Got questions? Get answers over the phone at
> > Keen.com.
> > > Up to 100 minutes free!
> > > http://www.keen.com
> > >
> > >
> >
> > Sorry, my news server sucks, so I'm using Deja.
> > Anyway, Your logic evades me. Just because we can
> > find 2 messages that have the same MD5 hash
> > doesn't mean those two messages, run through the
> > linear function, will have the same 2nd hash!
> > That is where I see the security of using 2
> > hashes: Even when a collision is found in MD5, it
> > will rarely have a collision in the 2nd hash
> > because one bit change in the message will
> > (supposed to) change on average half the bits of
> > the hash. The attacker is back to searching...
> >
> > Sent via Deja.com http://www.deja.com/
> > Before you buy.
>
> I'm a newbie, so here it goes:
>
> Instead of doing what the original poster came up with. Why can't you
> just hash the original message with MD5. Use the output as the input to
> another hash algorithm (say SHA-1), and then to be safe repeat the same
> thing replacing TIGER/192 for SHA-1.
>
> A=MD5(M);
> B=SHA-1(MD5(M));
> C=TIGER/192(SHA-1(MD5(M)));
>
> C would be the final output.
>
> How does this increase security, by what percentage, if it does at all?
>
> --
> Arthur Dardia Rensselaer Polytechnic Institute [EMAIL PROTECTED]
> PGP 6.5.1 Public Key http://www.webspan.net/~ahdiii/ahdiii.asc
This is only as secure as MD5(M). Assign F(X) to one of the hashes, G(X) to
annother, and H(x) to the third. then
( If you want to use all 3, and only hash 3 times.)
A=F(M)
B=G(M)
C=H(A || B)
should be about as secure as you can manage given the criteria.
This is more secure than the construction you propose.
Reasonong. One must either find an M and M' s.t. F(M)=F(M') and G(M)=G(M') (
which will give C=C') or find a collision in C' where H(A'|| B') =H(A || B)
by what would effectively be brute force.
------------------------------
From: [EMAIL PROTECTED] (CryptoBook)
Subject: Classical Crypto Books
Date: 20 Jun 2000 18:02:57 GMT
20 June 2000
Classical Crypto Books is pleased to announce the following recent updates to
the CCB catalog, including new items, recent additions, price changes, and
listing updates.
MAGAZINE ARTICLES
THE CODE WAR: The Code-Breaking Machines of World War II Took Data-Processing
Technology to Its Very Limits in the Era Before Computers
by Stephen Budianski
This feature article occupies eight pages (36-43) in the Summer issue. Other
articles discuss: Teflon, cog railways, "Going Wireless in 1880," ATM machines,
and the great 1950's uranium rush. Quantities are extremely limited. Volume 16,
Number 1.
MG, American Heritage of Invention & Technology, 2000, 64 pp.
Nonmember $6.95, Member $4.95
FOR BEGINNERS AND ENTHUSIASTS
CODES & CIPHERS: Hundreds of Unusual and Secret Ways to Send messages
by Christina Ashton
A lively, wide-ranging introduction to the history, use, and cryptanalysis of
codes and ciphers, including Caesar, Cardano grille, Della Porta, pigpen, route
transposition, simple substitution, St. Cyr, and Vigenere systems. Ages 12 and
up. Out of Print.
SB, Betterway Books, 1993, 110 pp.
Nonmember $9.95, Member $7.95
FICTION AND LITERATURE
CRYPTONOMICON
by Neal Stephenson, Appendix on the Solitaire Encryption Algorithm by Bruce
Schneier
A brilliant, hilarious, historical, adventure novel about a genius
cryptanalyst/inventor charged with keeping Nazis from guessing the Ultra secret
and about his hacker-entrepreneur grandson, who must crack a WWII cipher to
find a fortune in stolen gold. Published at $16.00. [The hardbound edition is
still available; please inquire.]
SB, Perennial, 2000, 928 pp.
Nonmember $14.95, Member $12.95
THE FOX IN THE FIELD: A WWII Novel of India
by Maynard Allington
A young British intelligence agent penetrates Axis covert operations in India.
Published at $19.95.
HB, Brassey's (US), 1994, 222 pp.
Nonmember $17.95, Member $15.95
ENIGMA (LARGE PRINT EDITION)
by Robert Harris
Out of Print.
HB, Wheeler Publishing, 459 pp.
Nonmember $29.95, Member $26.95
ESPIONAGE AND INTELLIGENCE
THE CICERO SPY AFFAIR: German Access to British Secrets in World War II
by Richard Wires
Published at $27.95.
HB, Praeger, 1999, 281 pp.
Nonmember $25.95, Member $23.95
PIERCING THE REICH: The Penetration of Nazi Germany by American Secret Agents
during World War II
A BEST BUY!
HB, Barnes & Noble Books, 2000, 396 pp.
Nonmember $12.95, Member $10.95
COMRADE KRYUCHKOV'S INSTRUCTIONS: Top Secret Files on KGB Foreign Operations,
1975-1985
by Christopher Andrew, Oleg Gordievsky
Published at $15.95.
HB, Stanford University Press, 1993, 258 pp.
Nonmember $14.95, Member $12.95
THE UNSEEN WAR IN EUROPE: Espionage and Conspiracy in the Second World War
by John H. Waller
Published at $35.00. Out of Print.
HB, Random House, 1996, 489 pp.
Nonmember $31.95, Member $27.95
CLASSICAL CRYPTO
MILITARY CRYPTANALYTICS, PART II - VOLUME 1
by Lambros D. Callimahos, William F. Friedman
SB, Aegean Park Press C-44, 1985, 328 pp.
Nonmember $42.80, Member $34.25
MILITARY CRYPTANALYTICS, PART II - VOLUME 2: Includes Problems and Computer
Programs
by Lambros D. Callimahos, William F. Friedman
[Note: part 1, volumes 1 and 2 are available; please inquire.]
SB, Aegean Park Press C-45, 1985, 342 pp.
Nonmember $42.80, Member $34.25
MACHINE CRYPTOGRAPHY AND MODERN CRYPTANALYSIS
by Cipher A. Deavours, Louis Kruh
HB, Artech House, 1985, 273 pp.
Nonmember $89.95, Member $79.95
SOLVING CIPHER PROBLEMS: Cryptanalysis, Probabilities, and Diagnostics
by Frank W. Lewis
SB, Aegean Park Press C-58, 1992, 259 pp.
Nonmember $30.80, Member $24.65
TRAFFIC ANALYSIS
TRAFFIC ANALYSIS AND THE ZENDIAN PROBLEM: An Exercise in Communications
Intelligence Operations
SB, Aegean Park Press C-53, 1989, 260 pp.
Nonmember $32.80, Member $26.25
HISTORY
DOUBLE-EDGED SECRETS: U.S. Naval Intelligence Operations in the Pacific During
World War II
Serving in the Combat Intelligence Unit at Honolulu, with Ultra access, the
author shared the painful moral dilemma faced daily by Pacific commanders: use
COMINT from broken Japanese codes and risk losing it, or fail to act and risk
U.S. lives and ships. Published at $16.95.
SB, Naval Institute Press, 1998, 252 pp.
Nonmember $15.95, Member $13.95
ENIGMA: How the German Machine Cipher Was Broken and How It Was Read by the
Allies in World War Two
by Wladyslaw Kozaczuk, Christopher Kasparek (Editor and Translator)
Definitive account of how the Poles broke the enigma machine cipher. Three
appendices (51 pp) by Marian Rejewski explain their methods. A fourth (28 pp)
by Kasparek and Woytak, describe Polish and British methods of solution. Out of
Print.
[Note: quantities are getting low. If you are interested in getting this
classic volume in new condition, and haven't yet done so, please don't delay
any longer. Available in new condition only from CCB.]
HB, University Publications of America, 1985, 362 pp.
Nonmember $59.95, Member $52.95
LINCOLN IN THE TELEGRAPH OFFICE: Recollections of the United States Military
Telegraphs Corps during the Civil War
by David Homer Bates, James A. Rawley
SB, Bison Books, 1995, 454 pp.
Nonmember $14.95, Member $13.95
BRITISH INTELLIGENCE IN THE SECOND WORLD WAR, VOLUME 5: Strategic Deception
by Michael Howard
Out of Print.
HB, HMSO, 1990, 285 pp.
Nonmember $27.95, Member $24.95
COMBINED FLEET DECODED: The Secret History of American Intelligence and the
Japanese Navy in World War II
by John Prados
Out of Print.
HB, Random House, 1995, 861 pp.
Nonmember $44.95, Member $39.95
THE PUZZLE PALACE: Inside the National Security Agency, America's Most Secret
Intelligence Organization
SB, Penguin Books, 1983, 655 pp.
Nonmember $15.95, Member $14.95
MODERN AND ADVANCED CRYPTO
CRACKING DES: Secrets of Encryption Research, Wiretap Politics, & Chip Design
by John Gilmore, Paul Kocher, Yvo Desmedt, Michael J. Wiener
Published at $29.95.
SB, O'Reilly & Associates, 1988, 281 pp.
Nonmember $26.95, Member $23.95
JAVA CRYPTOGRAPHY
by Jonathan Knudsen
Published at $29.95.
SB, O'Reilly & Associates, 1998, 361 pp.
Nonmember $23.95, Member $21.95
ENIGMA BULLETIN
NUMBER 1
by Zdzislaw Jan Kapera (Editor)
SB, Enigma Press, 1998, 72 pp.
Nonmember $19.95, Member $17.95
NUMBER 2
by Zdzislaw Jan Kapera (Editor)
SB, Enigma Press, 1997, 120 pp.
Nonmember $19.95, Member $17.95
NUMBER 3
by Zdzislaw Jan Kapera (Editor)
SB, Enigma Press, 1998, 128 pp.
Nonmember $19.95, Member $17.95
BIOGRAPHIES AND MEMOIRS
WAR OF NUMBERS: An Intelligence Memoir
by Sam Adams, Introduction by Col. David Hackworth
Published at $22.00.
HB, Steerforth Press, 1994, 285 pp.
Nonmember $19.95, Member $17.95
==============
HB = Hardbound
SB = Softbound
MG = Magazine
==============
All items are in stock and available now. Member prices are available to
members of the American Cryptogram Association, the U.S. Naval Cryptologic
Veterans Association, and full-time students. Shipping and handling are extra.
For complete ordering information, a free catalog of crypto books by return
e-mail, or for information about membership in the American Cryptogram
Association, please send e-mail to: [EMAIL PROTECTED]
Best Wishes,
Gary
Gary Rasmussen
Classical Crypto Books
E-Mail: [EMAIL PROTECTED]
Fax: (603) 432-4898
------------------------------
From: [EMAIL PROTECTED] (David A. Wagner)
Subject: Re: small subgroups in Blum Blum Shub
Date: 20 Jun 2000 11:02:20 -0700
In article <[EMAIL PROTECTED]>,
Tony T. Warnock <[EMAIL PROTECTED]> wrote:
> I think people are missing the point here. It's not that RSA, etc. are
> not secure but that the BBS generator using all the BBS bells and
> whistles can be proven secure.
I think I got the point pretty well. BBS can be proven secure if you
include all the bells and whistles. Or, it can also be proven secure
if omit the bells and whistles.
------------------------------
From: Paul Koning <[EMAIL PROTECTED]>
Subject: Re: Encryption on missing hard-drives
Date: Tue, 20 Jun 2000 13:26:19 -0400
"Trevor L. Jackson, III" wrote:
> ...
> There may be a simpler method. Due to the volume of cooling air required,
> most laptops and all PCs quickly become coated with a layer of dust. Merely
> opening the case will disturb the dust sufficiently to be detectable.
Yes, if the issue were detection of the fact that a drive has
been removed from a PC. I don't think that's the issue here.
First of all, that's known to be the case (because they were
found outside a PC). Second, this is probably one of those
places that removes hard drives all the time for security
reasons. (You can store a drive more easily in a safe than
a whole desktop PC.)
That makes me wonder whether the "look at the pins" technique
will work here. No problem for a drive that's been plugged in
only once or twice in its life, but if it gets plugged and
unplugged daily, the pins may be so scuffed with so many random
marks that one more set, even from a different unit, may not
be visible.
paul
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
