Cryptography-Digest Digest #88, Volume #12 Thu, 22 Jun 00 17:13:01 EDT
Contents:
Re: breaking encryption - help! (SCOTT19U.ZIP_GUY)
Re: Encryption on missing hard-drives (JimD)
Re: Encryption on missing hard-drives (SCOTT19U.ZIP_GUY)
Re: MD5 Expansion (Simon Johnson)
Re: breaking encryption - help! (Steve Basford)
Re: how to compare the securtity between ECC and RSA (tomstd)
Re: Encryption on missing hard-drives (Darren New)
Re: breaking encryption - help! (Andrew Carol)
Re: Cryptographic voting (zapzing)
Re: MD5 Expansion ("Joseph Ashwood")
Re: Encryption on missing hard-drives ("Trevor L. Jackson, III")
Re: Missing Info in the crypto-gram of MR BS (James Felling)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: breaking encryption - help!
Date: 22 Jun 2000 19:02:52 GMT
[EMAIL PROTECTED] (Steve Basford) wrote in
<[EMAIL PROTECTED]>:
>Sorry, firstly, if this is the wrong group to ask this but I wonder if
>anyone can help me with this little problem.
>
>I use a free proxy server at work, that contains a list of url's that
>are banned. As the administrator I can add to this list from within the
>proxy server, however I want to code a little util to read the
>banned.cfg file and output, in plain text, a list of the banned url's
>for my records.
>
>Here's the problem... the banned.cfg file is encrypted, I'd take a guess
>at a very simple encryption, such as xor, but I'd tried that and so I
>must be missing something.
>
>Here's a sample part of the banned.CFG file (plus my comments)....
>
>
>0F : length of url (15)
>00 00 00 : spacer
>2F 83 92 A3 DC 37 A1 3A 0A FA 29 83 A6 41 D7 : www.aaaaa.co.uk
>01 : index
>
>as you can see the codes 2F,83,92 are in fact the "www" part of the
>text, now if using just xor, that would be the same value.
>
>Anyone any ideas how I can decode this?
>
>BTW I know the www.aaaaa.co.uk is correct because I enter this banned
>url from within the proxy program.
>
>thanx....
>
>
>
I think you need more than one example to see if its XOR what
is the encryption of a second or third site so we can tell.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website NOT FOR WIMPS **no JavaScript allowed**
http://members.xoom.com/ecil/index.htm
Scott rejected paper for the ACM
http://members.xoom.com/ecil/dspaper.htm
Scott famous Compression Page WIMPS allowed ** JavaScript OK**
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
"The road to tyranny, we must never forget, begins with the destruction
of the truth."
------------------------------
From: [EMAIL PROTECTED] (JimD)
Subject: Re: Encryption on missing hard-drives
Date: Thu, 22 Jun 2000 18:12:03 GMT
Reply-To: JimD
On 22 Jun 2000 07:11:39 GMT, [EMAIL PROTECTED] (Mack) wrote:
>But I can't fathom why you would put such a device on a
>WIN based machine where it will just dump content to the
>unencrypted swap file where anyone can read it.
Loads of memory and swapfile disabled?
--
Jim Dunnett.
g4rga at thersgb.net
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Encryption on missing hard-drives
Date: 22 Jun 2000 19:28:57 GMT
[EMAIL PROTECTED] (David A Molnar) wrote in
<8itjho$i3$[EMAIL PROTECTED]>:
>Guy Macon <[EMAIL PROTECTED]> wrote:
>> You are missing the cultural differences. These aren't employees of a
>> high tech firm. Thjese are scientists with a core belief that keeping
>> secrets is silly, futile, moronic, and a big game that they win whenever
>> they circumvent the military security procedures.
>
>Where did this come from? Do you know that the members of NEST hold this
>belief, are you extrapolating from your experience with other Los Alamos
>scientists,are you extrapolating from other scientists you know, or what?
>
>
The individual that you quoted is most likely correct. Scientists
are treated like shit in the DOD. I becase of my nature was frequently
choosen by management to take the "PEE TESTS" but because of the
long drive to where you had to pee many times important tests or meetings
or the running of my code (which many of my peers had trouble following)
cost the government large sums of tax dollars due to the large
unscheduled delays.
What was so insulting was that management with there acces to more highly
classifed documents seldom if ever took such tests. I now of individuals
belonging to the correct religiuos groups that were never "PEE TESTED" yet
when you go to PEE they say everything is random. FUCKIN BULL SHIT. I
offered to write software that would pick people at random and weight
such that those who where never picked would get picked and that your
chances of getting picked go up as a function of time since last pick
and as a function of your access to secrets. GUESS what they don;t give
a fuck.
I think one reason that most scientists are treated like shit is
becasue many science orientated people are those seeking the truth
while manager types are more into controlling and distorting the truth
so they tend not to like the scienve type.
Most scientists types are not stupid they know the POLYGRAPH shit is
a joke. It works best on idiots that break down during an enteragation
yet the media as part of american dummying down makes it sound as if
it can get to the truth.
One thing that stands out in the PEE test that was so stupid was
all the forms you had to sign and the bottle you had to pour you PEE
in was all in indivual sealed plastic bags opened under you eyes. THen
they give you a cup off of an open stack of cups and have you pee in it
first so they can pour it in the bottle. I complianed he could have
put drugs in this open stack of cups. IT just makes them angry. IT
also amde them angry that I get so nervous peeing in the cup that I
usually fillit all up and spill pee all over my hands the cup and floor.
They hate that. But what can I do I get nervous when forced to PEE
for uncle so much more than most. THe up side is at least upper
management gives you a phone call and says why give the pee assitant
so much trouble he is only following orders.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website NOT FOR WIMPS **no JavaScript allowed**
http://members.xoom.com/ecil/index.htm
Scott rejected paper for the ACM
http://members.xoom.com/ecil/dspaper.htm
Scott famous Compression Page WIMPS allowed ** JavaScript OK**
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
"The road to tyranny, we must never forget, begins with the destruction
of the truth."
------------------------------
Subject: Re: MD5 Expansion
From: Simon Johnson <[EMAIL PROTECTED]>
Date: Thu, 22 Jun 2000 12:47:19 -0700
I think i see your point.
It looks like, if you want a more secure hashing function. U've
either got to make one yourself or implement a hash with a
larger hash size!
Got questions? Get answers over the phone at Keen.com.
Up to 100 minutes free!
http://www.keen.com
------------------------------
From: Steve Basford <[EMAIL PROTECTED]>
Subject: Re: breaking encryption - help!
Date: Thu, 22 Jun 2000 20:54:08 +0100
On 22 Jun 2000 19:02:52 GMT, [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
wrote:
> I think you need more than one example to see if its XOR what
>is the encryption of a second or third site so we can tell.
0F := length
00 00 00 := spacer
2F 83 92 A3 D5 78 82 42 78 97 22 43 E3 E6 E6 : www.hotmail.com
01 := index
0F := length
00 00 00 := spacer
2F 83 92 A3 DC 37 A1 3A 0A FA 29 83 A6 41 D7 : www.aaaaa.co.uk
01 := index
0F := length
00 00 00 := spacer
2F 83 92 A3 DF B8 7C 4D 89 CC 29 5C 77 7D 60 : www.bbbbb.co.uk
01:= index
0B := length
00 00 00 := spacer
2F 83 92 A3 8D E7 DF 66-6C 80 F1 : www.000.com
01:= index
hope that's a bit more of a help?
thanks....
------------------------------
Subject: Re: how to compare the securtity between ECC and RSA
From: tomstd <[EMAIL PROTECTED]>
Date: Thu, 22 Jun 2000 13:03:05 -0700
You are comparing apples and organges by including symmetric and
asymmetric keys in your discussion. A symmetric key can be
searched regardless of space however most asymmetric keys can be
solved with regard to space. For example factoring a number
requires a SPACE of the square root of the effort. Which means
that if for examplea 1024-bit number is factorable in 10^20
steps it needs 10^10 space, etc...
So it's not so simple to say oh a 256-bit symmetric key provides
the same security as a 8kbit RSA key.
Tom
Got questions? Get answers over the phone at Keen.com.
Up to 100 minutes free!
http://www.keen.com
------------------------------
From: Darren New <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: Encryption on missing hard-drives
Date: Thu, 22 Jun 2000 20:13:25 GMT
Mack wrote:
> But I can't fathom why you would put such a device on a
> WIN based machine where it will just dump content to the
> unencrypted swap file where anyone can read it.
If you have an encrypting disk controller, why would you not put the swap
file on the encrypted disk?
--
Darren New / Senior MTS & Free Radical / Invisible Worlds Inc.
San Diego, CA, USA (PST). Cryptokeys on demand.
"You know Lewis and Clark?" "You mean Superman?"
------------------------------
From: Andrew Carol <[EMAIL PROTECTED]>
Subject: Re: breaking encryption - help!
Date: Thu, 22 Jun 2000 13:24:02 -0700
In article <[EMAIL PROTECTED]>, Steve Basford
<[EMAIL PROTECTED]> wrote:
> On 22 Jun 2000 19:02:52 GMT, [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
> wrote:
>
>
> > I think you need more than one example to see if its XOR what
> >is the encryption of a second or third site so we can tell.
>
> 0F := length
> 00 00 00 := spacer
> 2F 83 92 A3 D5 78 82 42 78 97 22 43 E3 E6 E6 : www.hotmail.com
> 01 := index
>
> 0F := length
> 00 00 00 := spacer
> 2F 83 92 A3 DC 37 A1 3A 0A FA 29 83 A6 41 D7 : www.aaaaa.co.uk
> 01 := index
>
> 0F := length
> 00 00 00 := spacer
> 2F 83 92 A3 DF B8 7C 4D 89 CC 29 5C 77 7D 60 : www.bbbbb.co.uk
> 01:= index
>
> 0B := length
> 00 00 00 := spacer
> 2F 83 92 A3 8D E7 DF 66-6C 80 F1 : www.000.com
> 01:= index
Whatever they do, it's not a simple XOR with a single key because the
".uk" suffix (of identical length strings) do not all map to the same
thing.
Yet notice the leading "www." DO match. Perhaps they are employing a
carry from left to right between characters? Or some other feedback
system between characters.
Another thing to try to is use a web address such as "aaaaaaaaaa.com",
"bbbbbbbbbb.com", and "cccccccccc.com" to see if there is a common
change which would suggest a simple carry.
--- Andy
------------------------------
From: zapzing <[EMAIL PROTECTED]>
Crossposted-To: sci.math
Subject: Re: Cryptographic voting
Date: Thu, 22 Jun 2000 20:31:42 GMT
In article <8ioitq$c5p$[EMAIL PROTECTED]>,
"Rick Braddam" <[EMAIL PROTECTED]> wrote:
<snip>
> The voter could be required to show a picture ID (driver's license)
which
> has their address on it to establish identity (as is done in Florida),
and
> registration could be limited in the sense that you must register
within
> the county where you reside. The county's computers could easily
determine
> if you were already registered.
I think it must be at least 10 times easier to
get a fake passport than to get a legitimate one.
The passport agency has been giving me the hardest
time renewing my passport because they said it
was "unacceptably damaged" or some such thing.
I don't think that I'm *ever* going to get my
birth certificate from California. Just don't know
who to bribe, I guess.
Oh, yes, I was supposed to have a point.
Well, the thing is, it is just so easy to get fake
ID that I think something based on biometrics
would be much better, for such a large number of
people. But try telling that to the feds! Millions
for defense, but not one penny for security is
their motto, I think.
--
If you know about a retail source of
inexpensive DES chips, please let
me know, thanks.
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: "Joseph Ashwood" <[EMAIL PROTECTED]>
Subject: Re: MD5 Expansion
Date: Thu, 22 Jun 2000 13:54:55 -0700
Actually it's looking worse and worse for being able to combine smaller hash
functions to build a larger one. The function I suggested as it turns out
has some subtle errors that reduce the complexity, I figure it's no better
than 192 bits at best (even though I don't understand the attack well enough
to communicate it yet), making the hash double that size, and a
cryptographic attack at at least the speed of a guessing attack, which I
personally don't like, so anyone that was even remotely considering using my
suggestion, please don't.
Joe
"Simon Johnson" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> I think i see your point.
>
> It looks like, if you want a more secure hashing function. U've
> either got to make one yourself or implement a hash with a
> larger hash size!
>
> Got questions? Get answers over the phone at Keen.com.
> Up to 100 minutes free!
> http://www.keen.com
>
------------------------------
Date: Thu, 22 Jun 2000 17:12:47 -0400
From: "Trevor L. Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: Encryption on missing hard-drives
JimD wrote:
> On 22 Jun 2000 07:11:39 GMT, [EMAIL PROTECTED] (Mack) wrote:
>
> >But I can't fathom why you would put such a device on a
> >WIN based machine where it will just dump content to the
> >unencrypted swap file where anyone can read it.
>
> Loads of memory and swapfile disabled?
On the 32-bit versions of Microsoft(tm) Windows(!tm) you cannot disable the
swapfile because the memory management subsystem goes through the disk
subsystem. If you disable swapping the system becomes (ahem) "unstable".
------------------------------
From: James Felling <[EMAIL PROTECTED]>
Subject: Re: Missing Info in the crypto-gram of MR BS
Date: Thu, 22 Jun 2000 15:58:17 -0500
Tim Tyler wrote:
> James Felling <[EMAIL PROTECTED]> wrote:
>
> : I will state that I feel that in all likelyhood there is a "recognisability"
> : factor that a compression algorithim posseses. Similarly there is a
> : "recognisability" factor that any type of input may have. I believe that if
> : the compression is more easily recognised than the input then do NOT
> : compress, as you make the situation worse. If that is not the case, you will
> : make the situation no worse than it previously was.( assuming that your
> : compression either shrinks or leaves the file size equal)
>
> While I largely agree with this, there's enough present for me to want to
> pick at.
>
> Firstly, if the plaintext is recognisable, it does /not/ follow that the
> result of arbitrary decompressions is recognisable.
>
Agreed.
>
> The counterexample is where practically all decompressions result in
> plausible looking target text.
>
> My usual example of this involves compression using message numbering.
>
> I.e. 0 -> "All clear on the western front"
> 1 -> "It rains on the plains of Spain"
> 2 -> "Send more troops" ... etc.
>
> Such a "compressor" can retain a bijection between the set of all possible
> messages and the resulting compressed files, by an expanding encoding
> scheme used for unrecognised inputs, if this is considered desirable.
So far so good.
>
>
> Here, valid plaintext messages are normally easily distinguished from
> random files. They are (after all) ASCII text. However, for most messages
> decrypting with the wrong key will result in a message that decompresses
> to something very plausible looking :-(
A "random file" is not ascii text as I have been using it. However if we call it a
random snippet of ASCII text I will accept the statement.
>
>
> How "easy" the original message plaintext is to recognise is not
> relevant. Whether this is ASCII text or not doesn't come into it.
Wrong( I think). Here is my logic. Given we have a compressor C and its inverse
C', and an encryption E(P,K) and its inverse E'(P,K).
I am assuming that the adversary knows whether compression is being used or not,
and also knows in a general sense the type of file that the plaintext is. Assuming
that he recives a coded transmission X , then he will compute E'(X,guess) for his
guessed keys. I claim that unicity distance is maximised when the set G = {E'(X,
guess), for all possible guesses} has the largest possible intersection with the
set P of possible pre encrypted data.
Since we assume G is randomly distributed throughout the space of all possible
inputs( it is a good code), this boils down to attempting to maximise the size of
the set P.
This will have the effect of increasing unicity distance. This has nothing to do
with how the data was generated, merely with how much of the space of potential
inputs is used. If you encrypt a file of totally random numbers the unicity
distance is infinite, as P is the space of all possible inputs, and G intersect P
is always exactly equal to G. As P shrinks away from filling the space of all
possible numbers it becomes possible to have finite unicity distances as each time
a guessed key falls outside of P we discard that guess, eventually we will be left
with but a single guess being possible. This is the unicity distance.-- the amount
of data necessary for this to be likely. Therefore the larger P is the larger the
expected unicity distance.
If the set P1 is the set of all possible ASCII text files of N bits, and P2 is the
set of all possible compressed files of N bits. I claim that P2 is larger than or
equal to P1. This is why I claim that given a function F, if F(P) fills the space
of possible inputs more fully than P does, you are best off (as far as unicity
distance goes) applying F all type P inputs. If on the other hand F(P) fills less
of the space than P does, then you are worse off.
This has absolutely nothing to do with how the data is compressed( assuming your
compression does not write known data as a header or some such similar thing), or
even whether it is compressed at all. It has only to do with how much of the space
of possible inputs is occupied.
>
>
> What matters is how easy it is to identify a correct decrypt
> form the encryption component - i.e. how easy it is to distinguish
> a genuine compressed message from some random garbage.
>
> The other problem I noticed was in the idea that if it is easier to
> recognise the plaintext than the compression method, using an identifiable
> compression method will not make things worse.
>
> To my ears this sounds like the idea that if it's generally easier to spot
> spies based on their accent, than by checking their employment references,
> you shouldn't bother with getting their faked references straight.
I am talking only in re: Unicity distance here. I agree that there are reasons to
use compression other than increasing your unicity distance. However, I feel that
those are outside the scope of this particular discussion. If you wish to expand
the scope of this discussion feel free to do so, but to extend your example, all I
am saying is that to get past a face to face interview a spy must have their accent
right, and if they do not have it right they will look suspicious. ( their
refrences are outside the scope of this discussion)
>
>
> One problem is that sometimes use of methods to recognise the plaintext
> do not uniquely identify the correct plaintext.
>
> In such a case, the availability of *additional* halting criteria can help
> extract the correct meaning from the cyphertext.
>
> Another problem is that different halting criteria may be useful in
> different circumstances.
>
> Say there's problem (caused by a bug) that allows the last half of each
> block to be successfully decrypted - while the first half remains unknown.
>
> Here decompressing is likely to be impossible; since there are a
> stupendous number of possible decompressed files.
>
> However, imagine the case of a non 1-1 compressor which uses each 32nd
> bit as a CRC check.
>
> Under such circumstances it will be much easier to check for the
> signature of a poor compression method than to check for plaintext,
> even if checking for the plaintext is normally very easy.
>
> In short, you can't normally make a blanket statement that one halting
> criteria is harder to use than the other. Thay may be of differing
> utility under different circumstances.
Agreed.
>
> --
> __________ Lotus Artificial Life http://alife.co.uk/ [EMAIL PROTECTED]
> |im |yler The Mandala Centre http://mandala.co.uk/ Namaste.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
