Cryptography-Digest Digest #427, Volume #12 Sat, 12 Aug 00 22:13:01 EDT
Contents:
Re: Cryptographic Protocol Analyzer (Pawel Krawczyk)
Re: Question? ("Trevor L. Jackson, III")
Crypto Related Professional Attitude (tomstd)
Re: Steganographic encryption system (The Ghost In The Machine)
WinACE encryption algorithm (Corrado Galdini)
Popular Science article ("Danny Johnson")
Re: crypto vs. psychology, was OTP as BBS generator (tomstd)
Re: Crypto Related Professional Attitude ([EMAIL PROTECTED])
Re: Crypto Related Professional Attitude ("Adam Smith")
Re: WinACE encryption algorithm ([EMAIL PROTECTED])
Updated stream cipher (Frank M. Siegert)
Re: Random Number Generator (Tim Tyler)
Re: Random Number Generator (Tim Tyler)
Re: 1-time pad is not secure... (Tim Tyler)
Re: Crypto Related Professional Attitude (tomstd)
Re: 1-time pad is not secure... (Tim Tyler)
Re: 1-time pad is not secure... (Tim Tyler)
Re: 1-time pad is not secure... (Tim Tyler)
Re: 1-time pad is not secure... (Tim Tyler)
Re: 1-time pad is not secure... (John Savard)
Re: 1-time pad is not secure... (John Savard)
Re: Crypto Related Professional Attitude (Frank M. Siegert)
----------------------------------------------------------------------------
From: Pawel Krawczyk <[EMAIL PROTECTED]>
Subject: Re: Cryptographic Protocol Analyzer
Date: 12 Aug 2000 22:49:10 GMT
Reply-To: <[EMAIL PROTECTED]>
Eric Braeden <[EMAIL PROTECTED]> wrote:
> Where can I download or otherwise acquire a good
> cryptographic protocol analyzer?
Search for NRL Protocol Analyzer.
--
Pawe� Krawczyk <http://ceti.pl/~kravietz/>
------------------------------
Date: Sat, 12 Aug 2000 18:52:25 -0400
From: "Trevor L. Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: Question?
John Savard wrote:
> On Sat, 12 Aug 2000 09:55:59 -0400, "Trevor L. Jackson, III"
> <[EMAIL PROTECTED]> wrote, in part:
> >Melinda Harris wrote:
>
> >> A secret document recently intercepted discloses the following:
> >> A virus able to infiltrate, infect and encrypt multiple hardrives? Able to
> >> infect entire networks?
>
> >Microsoft(tm) Office 2000?
>
> Ah, yes: and governments worldwide are going to extreme lengths to get
> computer-eccentric Bill Gates to disclose the source code to the
> Windows operating system, although so far only the antitrust case in
> the United States has progressed very far.
>
> While Windows NT at one time supported other architectures besides the
> 386 architecture, such as MIPS and the Alpha, they never did port it
> to a Cray or anything like that, so we never had the chance to see how
> close it could come to making a supercomputer look like a broken
> abacus.
Well, the Navy claim to be happy with it. I guess Windows on the UYK-20 is a
winner ;-)
------------------------------
Subject: Crypto Related Professional Attitude
From: tomstd <[EMAIL PROTECTED]>
Date: Sat, 12 Aug 2000 16:19:10 -0700
This post is for the professionals such as Biham, Rivest,
Schneier, Wagner, Shamir, Coppersmith, etc...
Why don't you guys ever participate even a little in sci.crypt?
No offense but you claim to be active in crypto, and honest you
guys know way more then most of us (including me). So why not
post from time to time excluding posts to plug your papers?
It seems like there are alot of arrogant professionals in the
world. Honestly there are what 50 posts a day here, and about
25 active posters. It's not like there are 1000s of messages to
read through so time is not an issue. It takes me about 30 mins
to go through the news messages, often under 10mins since alot
of posts are not within my resonable answering range.
I agree that professionals are/may be busy and have work to
attend to, but seriously so do I. Big deal. I post here
because I want to learn and share. Why can't the big shots do
the same?
I invite the professionals (a.k.a big shots) to reply to this
thread with their opinions since I want to know why they remain
so silent when they apparently have lots to share.
Sincerely,
Tom
===========================================================
Got questions? Get answers over the phone at Keen.com.
Up to 100 minutes free!
http://www.keen.com
------------------------------
From: [EMAIL PROTECTED] (The Ghost In The Machine)
Crossposted-To: comp.os.linux.development.apps,uk.comp.os.linux
Subject: Re: Steganographic encryption system
Date: Sat, 12 Aug 2000 23:52:37 GMT
In comp.os.linux.development.apps, phil hunt
<[EMAIL PROTECTED]>
wrote
on Thu, 13 Jul 2000 14:26:58 +0100
<[EMAIL PROTECTED]>:
>On Wed, 12 Jul 2000 18:43:34 -0400, jungle <[EMAIL PROTECTED]> wrote:
>>phil hunt wrote:
>>>
>>> On Wed, 12 Jul 2000 00:40:39 -0400, jungle <[EMAIL PROTECTED]> wrote:
>>> >current, well working stego have ration of 1 to 2 ...
>>> >and all are super safe / super stego ...
>>> >you are creating stego that will have ratio of 1 to 30 ...
>>> >
>>> >what a waste of resources ...
>>>
>>> I'm not forcing you to use it, you know.
>>
>>I'm not stopping your from developing un - needed software, to ...
>
>I'm not stoping yu form riting badlee-spellt and punchtuatid mesajiz,
>eyethur ...
I hope you two aren't trying to emulate Tim Palmer.... :-)
[.sigsnip]
--
[EMAIL PROTECTED] -- insert random misquote here
------------------------------
From: Corrado Galdini <[EMAIL PROTECTED]>
Subject: WinACE encryption algorithm
Date: Sun, 13 Aug 2000 00:04:52 GMT
Hi everybody,
(I do hope these questions are not OT for this newsgroup)
Please, who can tell me something about the WinACE encryption algorithm?
Is it a good/strong one (i.e. compared to WinZIP cipher)?
Did anybody out there try to analyze or attack it someway?.
I would like to learn some details about this topic.
Thank you in advance.
Corrado Galdini
------------------------------
From: "Danny Johnson" <[email protected]>
Crossposted-To: alt.security.pgp
Subject: Popular Science article
Date: Sat, 12 Aug 2000 19:02:03 -0500
=====BEGIN PGP SIGNED MESSAGE=====
Hash: SHA1
(Cross posted to alt.security.pgp and sci.crypt)
Found an article on quantum encryption in Popular Science on
page 51 (September issue). Thought you might be interested in
it. I couldn't find it on their site, so no link (yet).
Therefore, please pardon any spelling errors.
Unbreakable Code
An obscure new branch of computing that relies on the quirky
principles of quantum mechanics may provide the key to secure
data transmission in the future, accordin to researchers at Los
Alamos National Laboratories and several European universities.
In the subatomic world of quantum mechanics, matter and the
information it carries can exist in several states
simultaneously ans seemingly at different locations.
Correspondingly, in quantum computing a quantum bit, or qubit,
can represent one and zero, or yes and no, at the same time.
This indeterminate state would be known only by the sender and
receiver -- a profound implication for encryption.
Quantum computing is also attractive to cryptographers because
any attempts to intercept a transmission would alter the quantum
state that is being used to encrypt the message. Not only would
the message become unreadable, but also the sender and receiver
would be alerted than an interception attempt has been made.
In a recent experiment, a Los Alamos team working with
scientists at universities in Geneva and Vienna was able to
encrypt a digital television picture using quantum computing and
transmit it via a computer network. The scientists used a
nonlinear crystal to split each photon into entangled particles
still connected despite their distance apart. This technique
alloed the picture to be viewed in two places at once. The
experiment is considered to be the first practical proof that
quantum cryptograph may be compatible with today's networks of
fiber-optic cable. -- Frank Vizard
- --
Through the modem, off the server, over the T1, past the
frame-relay,
< < NOTHIN' BUT NET > >
Danny
[email protected].
- -Remove N.o.S.p.A.m. and all dots but the obvious one to reply-
Public PGP Keys & other info: http://dannyj.come.to/pgp/
> > My news server "misses" posts occasionally. If I don't
> > reply to < < a question or something, please repost and/or
> > e-mail me. < <
=====BEGIN PGP SIGNATURE=====
Version: PGPfreeware 6.5.3 for non-commercial use <http://www.pgp.com>
Comment: http://DannyJ.Come.To/PGP/
iQA/AwUBOZXleOrxnFAWPoHvEQL+6ACgnn4Fz9tOptYdZIdf4AHLrcPdDcoAoNSu
1kd9toefJhSNAms+NVRxA09s
=EXZf
=====END PGP SIGNATURE=====
------------------------------
Subject: Re: crypto vs. psychology, was OTP as BBS generator
From: tomstd <[EMAIL PROTECTED]>
Date: Sat, 12 Aug 2000 17:15:59 -0700
[EMAIL PROTECTED] (wtshaw) wrote:
>In article <[EMAIL PROTECTED]>, Mok-Kong Shen
><[EMAIL PROTECTED]> wrote:
>>
>> I am interested to see the result of discussions on the above
>> issue, though I have nothing to contribute myself. A question
>> that occurs to me though is: Is the science of crypto entirely
>> separated from psychology?
>>
>> M. K. Shen
>
>Psychology is as much art as science since humans are not all
wired the
>same and tend to rewire themselves in ungovernable ways. Since
crypto
>depends so much on maverick brains to conceive, use, and
analyze it, it
>can be less science than art at times.
Although OT I strongly disagree that humans can learn in
ungoverned manners. They may be hard to predict or model but
not impossible. That's like saying anything you don't
understand is magic...
Tom
===========================================================
Got questions? Get answers over the phone at Keen.com.
Up to 100 minutes free!
http://www.keen.com
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Crypto Related Professional Attitude
Date: Sun, 13 Aug 2000 01:17:37 GMT
tomstd <[EMAIL PROTECTED]> wrote:
> This post is for the professionals such as Biham, Rivest,
> Schneier, Wagner, Shamir, Coppersmith, etc...
> Why don't you guys ever participate even a little in sci.crypt?
Well, it's for the profesionals, but I'm going to answer anyway. ;)
I've actually had a surprising, to me anyway, amount of contact with
some of the "big names" in various fields online.
> It seems like there are alot of arrogant professionals in the
> world. Honestly there are what 50 posts a day here, and about
> 25 active posters. It's not like there are 1000s of messages to
> read through so time is not an issue. It takes me about 30 mins
> to go through the news messages, often under 10mins since alot
> of posts are not within my resonable answering range.
I think there's more than that, I've seen a couple hundred on days
when there's a really active thread. I'll agree there's not alot of
them, though. On the other hand, I suspect most people, like me, skim
through them.
> I agree that professionals are/may be busy and have work to
> attend to, but seriously so do I. Big deal. I post here
> because I want to learn and share. Why can't the big shots do
> the same?
Alot of them pop up from time to time, usually on areas that interest
them. Mr Silverman pops up pretty regularly in any factoring
discussion, for example. And Mr Schneier has been known to make an
occasional comment on his books, and AES. ;)
I think the real issue is how many posts are genuinly
interesting. Let's face it, for an interesting blcok cipher, it would
have to be one of:
a. Not a Feistel network, which would be interesting by virtue of
novelty
b. Faster than the AES finalists by a substantial margin, while providing
similar performance
c. Somehow provide comperable security with a smaller key, etc.
Now, other people will have different ideas of interesting, of
course. Those just happen to be mine. I also enjoy seeing the toy
ciphers that many readers hate, provided they're posted by someone
actually trying to learn something. (That is, the critisms are taken
to heart, especially when they're obviously correct, and it doesn't
turn into an entire family of bad ciphers)
On the same note, I'll skip posting in threads where the question has
already been answered, or a particuarly damming attack has been
pointed out, and I suspect "the professionals" are no different. It's
fairly similar to the modern Linux communtiy, where Linus chimes in on
the newsgroup and linux-kernel rarely, usually because the question's
already been answered.
On final note too, which is especially applicable to this forum, is
that for some unknown reason people have a tendancy to argue with
people that are acclaimed experts in their field. Now, personality
issues aside, I wouldn't argue with any of the names you listed
without double-checking my own math first. ;) I know that I get argued
with in other places over technical issues, even when I'm obviously
correct. Frankly, it peturbs me when it happens, and being much bigger
targets, I suspect they get their share of annoyance too.
--
Matt Gauthier <[EMAIL PROTECTED]>
------------------------------
From: "Adam Smith" <[EMAIL PROTECTED]>
Subject: Re: Crypto Related Professional Attitude
Date: Sun, 13 Aug 2000 01:18:37 GMT
If they even do read this ng...I doubt they do...
I wish they would, but I see their point...I mean, it does take time away
from further developments...but maybe if they helped us out maybe eventually
we could make a meaningful contribution...oh well...I'll stop my ranting
there, as it probably won't do much good...
For all it's good for I second the motion, though...
"tomstd" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> This post is for the professionals such as Biham, Rivest,
> Schneier, Wagner, Shamir, Coppersmith, etc...
>
> Why don't you guys ever participate even a little in sci.crypt?
>
> No offense but you claim to be active in crypto, and honest you
> guys know way more then most of us (including me). So why not
> post from time to time excluding posts to plug your papers?
>
> It seems like there are alot of arrogant professionals in the
> world. Honestly there are what 50 posts a day here, and about
> 25 active posters. It's not like there are 1000s of messages to
> read through so time is not an issue. It takes me about 30 mins
> to go through the news messages, often under 10mins since alot
> of posts are not within my resonable answering range.
>
> I agree that professionals are/may be busy and have work to
> attend to, but seriously so do I. Big deal. I post here
> because I want to learn and share. Why can't the big shots do
> the same?
>
> I invite the professionals (a.k.a big shots) to reply to this
> thread with their opinions since I want to know why they remain
> so silent when they apparently have lots to share.
>
> Sincerely,
> Tom
>
>
> -----------------------------------------------------------
>
> Got questions? Get answers over the phone at Keen.com.
> Up to 100 minutes free!
> http://www.keen.com
>
>
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: WinACE encryption algorithm
Date: Sun, 13 Aug 2000 01:23:13 GMT
Corrado Galdini <[EMAIL PROTECTED]> wrote:
> Hi everybody,
> (I do hope these questions are not OT for this newsgroup)
> Please, who can tell me something about the WinACE encryption algorithm?
> Is it a good/strong one (i.e. compared to WinZIP cipher)?
> Did anybody out there try to analyze or attack it someway?.
> I would like to learn some details about this topic.
It's not off-topic, but in the future a pointer to the algorithm and a
note on if it's available or proprietary is a nice touch. I, for
example, have never heard of WinACE until now. (It also sounds like a
program, rather than algorithm but I don't know)
Odds are, if it's an algorithm it's probably poor, since it hasn't
been much of a topic for discussion. And anything improving on the
current crop propbably would be. ;)
If it's an application, then it may or may not be, depending on which
algorithms it implements. That question may be better addressed in a
computer-centric group.
--
Matt Gauthier <[EMAIL PROTECTED]>
------------------------------
From: [EMAIL PROTECTED] (Frank M. Siegert)
Subject: Updated stream cipher
Date: Sun, 13 Aug 2000 01:36:18 GMT
I put some work into my cipher 'stepfive' and updated the algorithm
and the documenation. As you can see from the name it is based on the
general method used by 'Arcfour' however it implements some new (?)
ideas. Comments anyone?
Please do not be upset as the link points to a 'c' file, the
description of the method is part of the file as a large comment
section at the beginning - you can read it in any web browser or ascii
editor - only that it compiles on most ANSI-C compilers right out of
the box to create a test program for the creation of data files for
random tests alike DIEHARD (yes - it passes DIEHARD and other tests I
have thrown at it).
http://www.this.net/~frank/stepfive3.c
Thanks,
Frank
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: Random Number Generator
Reply-To: [EMAIL PROTECTED]
Date: Sun, 13 Aug 2000 00:54:28 GMT
Trevor L. Jackson, III <[EMAIL PROTECTED]> wrote:
: Tim Tyler wrote:
:> tomstd <[EMAIL PROTECTED]> wrote:
:> : [...] a random string should compress a little over lots of data.
:>
:> From this it looks like you don't share Chaitin and Kolmogorov's notion
:> of what randomness is.
: Calling compressibility randomness does not lead to enlightenment. [...]
Indeed, if anything, that path goes directly to hell.
Compressibility is the antithesis of randomness. High compressibility
equates to high order - not high disorder.
--
__________ Lotus Artificial Life http://alife.co.uk/ [EMAIL PROTECTED]
|im |yler The Mandala Centre http://mandala.co.uk/ Namaste.
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: Random Number Generator
Reply-To: [EMAIL PROTECTED]
Date: Sun, 13 Aug 2000 00:56:57 GMT
[EMAIL PROTECTED] wrote:
: [EMAIL PROTECTED] (David A. Wagner) wrote:
:> Slower than Triple-DES counter-mode, in other words?
: Sorry but DES has nothing to do with random number generation.
: Would you like comparing with something similar?
Triple-DES in counter mode *is* a random number generator.
It's imperfect (birthday-wise) and pretty slow, though.
--
__________ Lotus Artificial Life http://alife.co.uk/ [EMAIL PROTECTED]
|im |yler The Mandala Centre http://mandala.co.uk/ Namaste.
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: 1-time pad is not secure...
Reply-To: [EMAIL PROTECTED]
Date: Sun, 13 Aug 2000 01:01:57 GMT
Guy Macon <[EMAIL PROTECTED]> wrote:
: Tim Tyler wrote:
:>Guy Macon <[EMAIL PROTECTED]> wrote:
:>: Actually, oddly enough, what I learned in Seminary explains why we
:>: keep seeing this idea much better than anything I ever learned in
:>: a Physics class.
:>
:>: There is a branch of theology that seems to be influencing people
:>: who don't know the root source of the ideas they hold. [...]
:>
:>: Alas, by this time enough people were infected with the "no randomness"
:>: meme that it became a self-sustaining memeplex which attempts to
:>: propagate into sci.crypt on a regular basis.
:>
:>Save your psychoanalysis until you have a "perfect" random number
:>generator which you can demonstrate has the property in question.
: Please learn the difference between psychoanalysis and memetics.
``There is a branch of theology that seems to be influencing people
who don't know the root source of the ideas they hold.''
This looks more like psychoanalysis than memetics to me.
Also, there's no need to patronise me. I'm quite aware of the
similarities and differences between psychoanalysis and memetics.
--
__________ Lotus Artificial Life http://alife.co.uk/ [EMAIL PROTECTED]
|im |yler The Mandala Centre http://mandala.co.uk/ Namaste.
------------------------------
Subject: Re: Crypto Related Professional Attitude
From: tomstd <[EMAIL PROTECTED]>
Date: Sat, 12 Aug 2000 18:32:30 -0700
Actually I apologize since Silverman (Bob) and Wagner do
participate in the group. Sorry for generalizing there.
My point is still valid that not alot of serious know-how gets
discussed here.
And I still don't get how TC5 is broken, but that's another
story....
Tom
===========================================================
Got questions? Get answers over the phone at Keen.com.
Up to 100 minutes free!
http://www.keen.com
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: 1-time pad is not secure...
Reply-To: [EMAIL PROTECTED]
Date: Sun, 13 Aug 2000 01:12:38 GMT
Douglas A. Gwyn <[EMAIL PROTECTED]> wrote:
: Tim Tyler wrote:
:> ... Even if there *were* fundamentally random processes in
:> basic physics = which is far from proven - [...]
: Actually it is about as "proven" as anything we know about
: the physical world. [...]
We don't agree at all.
Any process that appears random may be the deterministic outcome of events
at a lower level. The rational scientist can't currently say one way or
the other about whether there is determinism in physics - he plain doesn't
know.
This is quite a different state of affairs from - say - the laws of
gravity - which may be wrong in detail, but are likely to be broadly
correct.
If randomness in physics /were/ as well established as the law of gravity,
there would be less discussion about its existence.
: And in fact there *are* random bitstream generators based
: on fundamentally random physical processes.
Indeed. However, nobody really knows how close to perfect randomness the
results of such generators get.
--
__________ Lotus Artificial Life http://alife.co.uk/ [EMAIL PROTECTED]
|im |yler The Mandala Centre http://mandala.co.uk/ Namaste.
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: 1-time pad is not secure...
Reply-To: [EMAIL PROTECTED]
Date: Sun, 13 Aug 2000 01:15:42 GMT
Douglas A. Gwyn <[EMAIL PROTECTED]> wrote:
: Tim Tyler wrote:
:> Time between radioactive decays /may/ be random - or it may not be.
:> Without vertain access to a complete theory of physics nobody knows.
: Actually, we do know.
No. Humanity may well be grossly ignorant about matters of fundamental
physics. We certainly don't know enough to decide this point.
:> ...but this is beside the point - even *if* such a random process were
:> available, there's no way of measuring it without using a detector
:> which is potentially subject to non-random environmental interference.
: Actually, I measured this stuff all the time as a grad student.
...using a detector which is demonstrably immune to all non-random
environmental interferences? I seriously doubt it.
--
__________ Lotus Artificial Life http://alife.co.uk/ [EMAIL PROTECTED]
|im |yler The Mandala Centre http://mandala.co.uk/ Namaste.
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: 1-time pad is not secure...
Reply-To: [EMAIL PROTECTED]
Date: Sun, 13 Aug 2000 01:24:09 GMT
Guy Macon <[EMAIL PROTECTED]> wrote:
: Tim Tyler wrote:
:>fvw <[EMAIL PROTECTED]> wrote:
:>: <8mth1u$vpt$[EMAIL PROTECTED]> ([EMAIL PROTECTED]):
:>:>Can you generate truly random numbers? No.
:>
:>: yes. time between radioactive decays for instance is a
:>: textbook example of a perfect random generator.
:>
:>No such thing as a perfect random number generator has ever been created.
:>
:>Time between radioactive decays /may/ be random - or it may not be.
:>Without vertain access to a complete theory of physics nobody knows.
:>...but this is beside the point - even *if* such a random process were
:>available, there's no way of measuring it without using a detector
:>which is potentially subject to non-random environmental interference.
: Speaking as someone who does this kind of measuring for a living, I can
: with confidence set an upper bound for such non-random environmental
: interference. [...]
Not realistically, you can't. The problem is that if you're trying to
generate these nubbers for cryptographic purposes, you /have/ to consider
the possibility that your opponent is actively trying to interfere with
your goals.
This sort of interference can include replacing your components at
source, infiltrating the labs of your component suppliers, hypnotising
you, stealing your supposedly random numbers as you generate them,
and a zillion other things.
In the face of this sort of possibility, I believe that to think it's
possible to set low rigorous upper bounds on the degree of randomness of
any streams you generate is likely to be foolhardy - an underestimation of
the power of your potential opponents.
--
__________ Lotus Artificial Life http://alife.co.uk/ [EMAIL PROTECTED]
|im |yler The Mandala Centre http://mandala.co.uk/ Namaste.
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: 1-time pad is not secure...
Reply-To: [EMAIL PROTECTED]
Date: Sun, 13 Aug 2000 01:27:54 GMT
Mickey McInnis <[EMAIL PROTECTED]> wrote:
: In article <[EMAIL PROTECTED]>, Tim Tyler <[EMAIL PROTECTED]> writes:
: |> fvw <[EMAIL PROTECTED]> wrote:
: |> : <8mth1u$vpt$[EMAIL PROTECTED]> ([EMAIL PROTECTED]):
: |> :>Can you generate truely random numbers? No.
: |>
: |> : yes. time between radioactive decays for instance is a
: |> : textbook example of a perfect random generator.
: |>
: |> No such thing as a perfect random number generator has ever been created.
: |>
: |> Time between radioactive decays /may/ be random - or it may not be.
: |> Without vertain access to a complete theory of physics nobody knows.
: |> ...but this is beside the point - even *if* such a random process were
: |> available, there's no way of measuring it without using a detector
: |> which is potentially subject to non-random environmental interference.
: The RNG doesn't have to be perfect. It just has to be something that
: your enemy can't find any useful non-randomness in.
Of course. I was discussing the claims made about "truely random
numbers" and "perfect" random number generators made above.
--
__________ Lotus Artificial Life http://alife.co.uk/ [EMAIL PROTECTED]
|im |yler The Mandala Centre http://mandala.co.uk/ Namaste.
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: 1-time pad is not secure...
Date: Sun, 13 Aug 2000 01:44:07 GMT
On Fri, 11 Aug 2000 21:39:10 -0400, "Douglas A. Gwyn"
<[EMAIL PROTECTED]> wrote, in part:
>Guy Macon wrote:
>> So why haven't you published it yourself on the Internet?
>I haven't had time to set up a Web site. Whenever I get
>a round tuit, that will be one of the things I'll include.
Back when I was a graduate student at the local University, I remember
seeing one of those - the joke, of course, being that someone who says
that he will perform a task when he gets "around to it" isn't really
waiting for an object called a "round tuit".
I looked up that paper you mentioned earlier, that spoke of backwards
propagating waves as being the answer to many apparent "paradoxes" in
quantum mechanics. I believe that idea is also paradoxical and
unphysical in its own way - but I also think I heard or read somewhere
that it was kicked around right at the very dawn of quantum mechanics,
although I can't remember the details.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: 1-time pad is not secure...
Date: Sun, 13 Aug 2000 01:52:38 GMT
On Sat, 12 Aug 2000 00:19:21 GMT, [EMAIL PROTECTED] wrote, in part:
>Also false. Any probability thoery book does not prove that random
>numbers exist. Randomness is assumed to exist; and then an entire field
>is built on top of this assumption.
Yes, that is correct.
But it is also true that things that behave sufficiently like random
numbers _do_ exist to make that field relevant and useful.
If someone generates random numbers by throwing dice in the privacy of
his home, and you are trying to decode one-time-pad communications
between him and his friend, on what basis are you going to construct a
simulation of his dice throwing that is sufficiently accurate and
detailed to predict the numbers that will come up on the dice for him?
If you can't sneak into his house to plant a video camera to watch him
throw the dice - which is *way* easier than establishing the position
and motion of the individual air molecules in the room, never mind
trying to predict when his neurons will fire - and must rely on
cryptanalysis to read his messages, there is no meaningful sense in
which numbers so obtained are _not_ random.
Yet, if he used a supercomputer to perform a fantastically detailed
mathematical simulation of dice throwing, you *would* have a vastly
better chance of reading his messages - because then the _starting
point_ would have to be fed into the computer somehow. With real dice,
the starting point comes from the messy nature of the real world.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: [EMAIL PROTECTED] (Frank M. Siegert)
Subject: Re: Crypto Related Professional Attitude
Date: Sun, 13 Aug 2000 01:54:54 GMT
On Sat, 12 Aug 2000 16:19:10 -0700, tomstd
<[EMAIL PROTECTED]> wrote:
>I invite the professionals (a.k.a big shots) to reply to this
>thread with their opinions since I want to know why they remain
>so silent when they apparently have lots to share.
Sorry, no big shot posting here, just a mere mortal. I just want to
give some ideas for their lack:
Maybe they
- do not want to sort out relevant messages out of the general noise
level of usenet.
- are simply uninterested to talk with others here as they know
already more then most of us together. So they do not want to listen -
beside - cryptography is a mathematical profession (sort of) and some
of us comes from the side of computer science, so we talk different,
think different and what is even worse may use the wrong words and
phases. The 'practical' approach to cryptography is seen more or less
as some meddling around without any theoretical foundation.
- want to keep their knowledge safe inside their heads until the next
patent was filed or talk was spoken.
- are under some NDA
- the [fill in your favourite three letter agency here] has put
several back helicopter in front of their houses and that causes some
reluctance to speak out. :-))
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
