Cryptography-Digest Digest #431, Volume #12 Sun, 13 Aug 00 14:13:00 EDT
Contents:
Re: WinACE encryption algorithm ("Marc Beckersjuergen")
Re: Crypto Related Professional Attitude (tomstd)
Re: WinACE encryption algorithm (tomstd)
Re: Best AES candidates ?? (DJohn37050)
Re: Crypto Related Professional Attitude (JPeschel)
Re: Crypto Related Professional Attitude (Bob Silverman)
Re: Secrets and Lies: New Book by Schneier (Bruce Schneier)
Re: Secrets and Lies: New Book by Schneier (Bruce Schneier)
Re: Best AES candidates ?? Slow Skipjack might have advantage (Bruce Schneier)
Re: Secrets and Lies: New Book by Schneier (tomstd)
Re: Best AES candidates ?? Slow Skipjack might have advantage (Quisquater)
Re: crypto vs. psychology, was OTP as BBS generator (wtshaw)
Re: Rebecca (wtshaw)
Re: chap authentication scheme? (Bill Unruh)
Re: chap authentication scheme? (Bill Unruh)
----------------------------------------------------------------------------
From: "Marc Beckersjuergen" <[EMAIL PROTECTED]>
Subject: Re: WinACE encryption algorithm
Date: Sun, 13 Aug 2000 15:26:50 +0200
> Please, who can tell me something about the WinACE encryption algorithm?
> Is it a good/strong one (i.e. compared to WinZIP cipher)?
We have not heard of a tool capable of decrypting WinAce archives
that have been password protected yet.
We actually DO get a lot of requests from people that "lost" their password,
but even we are not able to help them. The encryption is pretty tight,
basically a 160 bit Blowfish code.
Marc B.
one of the winace.com guys
------------------------------
Subject: Re: Crypto Related Professional Attitude
From: tomstd <[EMAIL PROTECTED]>
Date: Sun, 13 Aug 2000 07:30:40 -0700
[EMAIL PROTECTED] wrote:
>In article <[EMAIL PROTECTED]>,
> tomstd <[EMAIL PROTECTED]> wrote:
>> This post is for the professionals such as Biham, Rivest,
>> Schneier, Wagner, Shamir, Coppersmith, etc...
>>
>> Why don't you guys ever participate even a little in
sci.crypt?
>
>Hey, isn't it harsh including Wagner in that list - use Deja
and look
>up how many times he posts per week!
Yea I know I already commented on that.
>Schneier used to post quite regularly, but then that freak
D.Scott
>flamed him every time he wrote. Put yourself in Bruce's shoes -
would
>you give up your (very valuable...) personal time to help
people on
>sci.crypt only to be attacked on a personal level by someone who
>clearly has "deep personal issues"?
Kill file?
>Besides, what kind of questions do you pose that you believe
aren't
>sufficiently answered to your satisfaction by Wagner, Wooding,
>Silverman, Ritter, Rubin, John, Savard, Peschel, Shaw, Gwyn et
al.
Well for starters the break on TC5. I don't get how it actually
works, but noone seemed to help there... I know it takes time
but if you say something like "I broke your cipher using ..."
you had better be able to explain it.
>I think we have some serious minds in the above list that
really do
>justice to topics discussed on sci.crypt.
>
>> No offense but you claim to be active in crypto,
>> and honest you
>> guys know way more then most of us (including me).
>> So why not
>> post from time to time excluding posts to plug your papers?
>>
>> It seems like there are alot of arrogant professionals in the
>> world.
>
>Looking at some of your previous posts, perhaps they could turn
it
>around and call you an arrogant newbie. Some of your
questioning
>of "those more experienced" has been impolite at best...
I admit when I was new to this group I was a bit rude, but since
a few months I think I have been rather helpfull and onkey.
>> Honestly there are what 50 posts a day here, and about
>> 25 active posters. It's not like there are 1000s of messages
to
>> read through so time is not an issue. It takes me about 30
mins
>> to go through the news messages, often under 10mins since alot
>> of posts are not within my resonable answering range.
>
>And how many of those posts would require the cryptographers
you have
>named to reply in order for the poster(s) to get a reasonable
answer?
>One post a week maybe?
>
>> I agree that professionals are/may be busy and have work to
>> attend to
>
>Tom, wait until you get into the big wide world. Some of the
people
>you list are Professors and as such will be worried about
running
>courses / whole departments in prestigious universities.
Others run
>several recently created businesses etc.
>
>>, but seriously so do I. Big deal.
>
>[Joke!] I'm sure your paper round takes up a lot of time....
[/Joke]
>
This is what I am talking about. You pompous jerk, as if I
don't do other things in my life but post to sci.crypt. Sure I
am not running a university but posting here only takes a few
mins a day.
Also why don't those dudes post here to discuss their findings?
Instead they just plug their work once and a while. Wow they
SPAM this group that's nice.
Tom
===========================================================
Got questions? Get answers over the phone at Keen.com.
Up to 100 minutes free!
http://www.keen.com
------------------------------
Subject: Re: WinACE encryption algorithm
From: tomstd <[EMAIL PROTECTED]>
Date: Sun, 13 Aug 2000 07:31:50 -0700
"Marc Beckersjuergen" <[EMAIL PROTECTED]> wrote:
>> Please, who can tell me something about the WinACE encryption
algorithm?
>> Is it a good/strong one (i.e. compared to WinZIP cipher)?
>
>We have not heard of a tool capable of decrypting WinAce
archives
>that have been password protected yet.
>
>We actually DO get a lot of requests from people that "lost"
their password,
>but even we are not able to help them. The encryption is pretty
tight,
>basically a 160 bit Blowfish code.
Can I take a wild guess you use Blowfish and SHA-1?
Tom
===========================================================
Got questions? Get answers over the phone at Keen.com.
Up to 100 minutes free!
http://www.keen.com
------------------------------
From: [EMAIL PROTECTED] (DJohn37050)
Date: 13 Aug 2000 15:10:54 GMT
Subject: Re: Best AES candidates ??
Do not be too sure about the single winner. We will just need to see.
Remember that NIST has access to possibly more information that the public, as
they accept private comments and analysis.
Don Johnson
------------------------------
From: [EMAIL PROTECTED] (JPeschel)
Subject: Re: Crypto Related Professional Attitude
Date: 13 Aug 2000 15:21:46 GMT
tomstd [EMAIL PROTECTED] writes in part:
>[EMAIL PROTECTED] wrote, in part:
>>Looking at some of your previous posts, perhaps they could turn
>it
>>around and call you an arrogant newbie. Some of your
>questioning
>>of "those more experienced" has been impolite at best...
>
>I admit when I was new to this group I was a bit rude, but since
>a few months I think I have been rather helpfull and onkey.
>>[Joke!] I'm sure your paper round takes up a lot of time....
>[/Joke]
>>
>This is what I am talking about. You pompous jerk, as if I
>don't do other things in my life but post to sci.crypt. Sure I
>am not running a university but posting here only takes a few
>mins a day.
>
Don't you think, Tom, that name-calling might be a reason
many serious professionals don't post here?
>Also why don't those dudes post here to discuss their findings?
>Instead they just plug their work once and a while. Wow they
>SPAM this group that's nice.
Why should they discuss their findings here? The group,
for the most part, is a place to chat about crypto
matters, and some see it as a just another news group
where they can hone their flaming skills.
Joe
__________________________________________
Joe Peschel
D.O.E. SysWorks
http://members.aol.com/jpeschel/index.htm
__________________________________________
------------------------------
From: Bob Silverman <[EMAIL PROTECTED]>
Subject: Re: Crypto Related Professional Attitude
Date: Sun, 13 Aug 2000 15:23:07 GMT
In article <[EMAIL PROTECTED]>,
"Trevor L. Jackson, III" <[EMAIL PROTECTED]> wrote:
> Bob Silverman wrote:
> >
> > There is just too much nonsense posted here, too many who don't
> > want to listen, too many who are convinced they are right even when
> > presented evidence to the contrary and too many who just want to
> > be contrary.
>
> Right. The place is populated by humans. What a waste.
Except that in asking these people to relate their knowledge, you
are asking to be placed in the role of *student*. As such, the
posters would have a right to expect you to act as a *responsible and
mature* student would. Too much of what is here is irresponsible
blater.
--
Bob Silverman
"You can lead a horse's ass to knowledge, but you can't make him think"
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Bruce Schneier <[EMAIL PROTECTED]>
Subject: Re: Secrets and Lies: New Book by Schneier
Date: Sun, 13 Aug 2000 10:34:06 -0500
On Thu, 10 Aug 2000 06:44:27 -0700, tomstd
<[EMAIL PROTECTED]> wrote:
>
>I know you have to make a living but do you care to post some
>chapters online to show off what it looks like?
Perfectly reasonable question. Unfortunately, the answer is not mine
to give, but John Wiley & Sons' (the publisher). I believe that a
chapter will appear in Upside Magazine (and on their website) in a
couple of months or so. As to other chapters, I'm still working on
it.
So the answer is "probably one and maybe others, but not for a couple
of months or so."
Bruce
**********************************************************************
Bruce Schneier, Counterpane Internet Security, Inc. Tel: 408-556-2401
3031 Tisch Way, Suite 100PE, San Jose, CA 95128 Fax: 408-556-0889
Free crypto newsletter. See: http://www.counterpane.com
------------------------------
From: Bruce Schneier <[EMAIL PROTECTED]>
Subject: Re: Secrets and Lies: New Book by Schneier
Date: Sun, 13 Aug 2000 10:35:45 -0500
On 10 Aug 2000 18:43:13 -0500, [EMAIL PROTECTED]
(Larry Kilgallen) wrote:
>In article <[EMAIL PROTECTED]>, tomstd
><[EMAIL PROTECTED]> writes:
>> Bruce Schneier <[EMAIL PROTECTED]> wrote:
>>>Secrets and Lies: Digital Security in a Networked World
>
>> I know you have to make a living but do you care to post some
>> chapters online to show off what it looks like?
>
>Isn't that what book reviews are for ?
There will be book reviews, but probably not for at least a month. I
will post links to them on the Secrets and Lies webpage when I see
them:
http://www.counterpane.com/sandl.html
>Given that he has a track record as an author, I would think it would
>be straightforward to find in a bookstore. My assumption would be that
>if your local technical bookstore doesn't order it in general, they are
>not doing their job. (I find it hard to imagine a bookstore buyer who
>would look at some book Bruce wrote and make a reasoned decision that
>on technical merits it did not deserve to be offered for sale.)
Initial sell-in is good; about 10,000 copies.
Bruce
**********************************************************************
Bruce Schneier, Counterpane Internet Security, Inc. Tel: 408-556-2401
3031 Tisch Way, Suite 100PE, San Jose, CA 95128 Fax: 408-556-0889
Free crypto newsletter. See: http://www.counterpane.com
------------------------------
From: Bruce Schneier <[EMAIL PROTECTED]>
Subject: Re: Best AES candidates ?? Slow Skipjack might have advantage
Date: Sun, 13 Aug 2000 10:37:40 -0500
On Fri, 11 Aug 2000 08:20:59 +0200, Runu Knips <[EMAIL PROTECTED]>
wrote:
>John Savard wrote:
>> Actually, the advantages of a slow algorithm - or, more specifically,
>> a fast algorithm with slow key setup - for hindering brute-force
>> search _were_ thought of before.
>> Have we all forgotten Blowfish so soon?
>
>Was that a design criteria from the start of the design ? I doubt
>that. Looks more like 'now try to get somehow something noone
>could ever break', and to break it one truely has to break the
>encryption itself first.
Actually, that was a design criteria from the start. I said so in the
initial Blowfish paper: that I deliberately chose a slow key setup
algorithm. This had the downside of making the algorithm unsuitable
for short messages in some circumstances, but you can't have
everything.
Bruce
**********************************************************************
Bruce Schneier, Counterpane Internet Security, Inc. Tel: 408-556-2401
3031 Tisch Way, Suite 100PE, San Jose, CA 95128 Fax: 408-556-0889
Free crypto newsletter. See: http://www.counterpane.com
------------------------------
Subject: Re: Secrets and Lies: New Book by Schneier
From: tomstd <[EMAIL PROTECTED]>
Date: Sun, 13 Aug 2000 08:42:57 -0700
Bruce Schneier <[EMAIL PROTECTED]> wrote:
>On Thu, 10 Aug 2000 06:44:27 -0700, tomstd
><[EMAIL PROTECTED]> wrote:
>>
>>I know you have to make a living but do you care to post some
>>chapters online to show off what it looks like?
>
>Perfectly reasonable question. Unfortunately, the answer is
not mine
>to give, but John Wiley & Sons' (the publisher). I believe
that a
>chapter will appear in Upside Magazine (and on their website)
in a
>couple of months or so. As to other chapters, I'm still
working on
>it.
>
>So the answer is "probably one and maybe others, but not for a
couple
>of months or so."
Thanks, I applaud your commitment to the subject as well. I
look forward to purchasing my copy of it soon (getting a job,
woohoo).
Tom
===========================================================
Got questions? Get answers over the phone at Keen.com.
Up to 100 minutes free!
http://www.keen.com
------------------------------
From: Quisquater <[EMAIL PROTECTED]>
Subject: Re: Best AES candidates ?? Slow Skipjack might have advantage
Date: Sun, 13 Aug 2000 19:18:34 +0200
Bruce Schneier wrote:
>
> On Fri, 11 Aug 2000 08:20:59 +0200, Runu Knips <[EMAIL PROTECTED]>
> wrote:
>
> >John Savard wrote:
> >> Actually, the advantages of a slow algorithm - or, more specifically,
> >> a fast algorithm with slow key setup - for hindering brute-force
> >> search _were_ thought of before.
> >> Have we all forgotten Blowfish so soon?
> >
> >Was that a design criteria from the start of the design ? I doubt
> >that. Looks more like 'now try to get somehow something noone
> >could ever break', and to break it one truely has to break the
> >encryption itself first.
>
> Actually, that was a design criteria from the start. I said so in the
> initial Blowfish paper: that I deliberately chose a slow key setup
> algorithm. This had the downside of making the algorithm unsuitable
> for short messages in some circumstances, but you can't have
> everything.
Well, a slow key setup is not enough for hindering brute-force search,
you also need to have the following property: having one (or several)
complete key setup values is not an advantage to compute faster the key
setup values of other (related) keys in software and/or in hardware
(think here about the hardware implementation of DES using pipelining for
the 16 rounds).
See also
J.-J. Quisquater, Y. Desmedt, and M. Davio: The importance of "good" key
scheduling schemes (how to make a secure DES* scheme with 48 bit keys ?). In
H.C. Williams, ed., Advances in Cryptology -- Crypto '85, vol. 218 of
Lectures Notes in Computer Science, Springer-Verlag, pp. 537-542, 1986.
(Think it was written in 1986).
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: crypto vs. psychology, was OTP as BBS generator
Date: Sun, 13 Aug 2000 11:04:14 -0600
In article <[EMAIL PROTECTED]>, tomstd
<[EMAIL PROTECTED]> wrote:
> >Psychology is as much art as science since humans are not all
> wired the
> >same and tend to rewire themselves in ungovernable ways. Since
> crypto
> >depends so much on maverick brains to conceive, use, and
> analyze it, it
> >can be less science than art at times.
>
> Although OT I strongly disagree that humans can learn in
> ungoverned manners. They may be hard to predict or model but
> not impossible. That's like saying anything you don't
> understand is magic...
>
> Tom
Magic is a relative term. Surely, what we don't know about the world
seems as magic if known and used by somebody else. Cryptography is all
about this, as Magic was appropriately so named. The game is to know more
than the other fellow.
If the tricks remain hidden, they might still be discovered by those who
have not learned well enoough not to look. To disbelieve what I said is
to disbelieve in your potential to be an exception, and cripple yourself.
--
Too bad from the party members point of view that Ventura has
gone, for what the Reform Party needs is a good referee and
someone who understands how to *fix* things, before hurt sets in.
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: Rebecca
Date: Sun, 13 Aug 2000 11:07:13 -0600
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (John Savard) wrote:
> Doubtless, many people remember the novel entitled "The Key to
> Rebecca" which is a spy novel set in World War II. I had wondered why
> the author happened to choose the Daphne du Maurier novel (which was
> also the basis of Alfred Hitchcock's first movie) as the base for his
> fictional agent's book cipher...
>
> and in a web search, I happend across
>
> http://www.wabash.lib.in.us/wcpl/homefront.htm
>
> which noted that the _Kondor_ spy ring actually did use that book as
> the basis for a book cipher during World War II! One learns something
> new every day.
>
> John Savard
> http://home.ecn.ab.ca/~jsavard/crypto.htm
The Key to Rebecca is better than Rebecca.
--
Too bad from the party members point of view that Ventura has
gone, for what the Reform Party needs is a good referee and
someone who understands how to *fix* things, before hurt sets in.
------------------------------
From: [EMAIL PROTECTED] (Bill Unruh)
Subject: Re: chap authentication scheme?
Date: 13 Aug 2000 18:07:20 GMT
In <[EMAIL PROTECTED]> Thomas Wu <[EMAIL PROTECTED]> writes:
]I think it's provably impossible. If you allow only one server challenge
]and one client response message, and you assume that the server in the
]first message doesn't know the identity of the user, the server can't
]make the first message a function of some user-specific secret. A
]fake server can always issue a legitimate first challenge and then
]dictionary-attack the response from the client.
]I'm not sure we gain much by operating within this arbitrary and
]fundamentally limited authentication model. Allow at least an
]initial message from the client, and that opens up the door for
]secure protocols like SRP and its functional equivalents.
Again, we gain by being able to use an existing protocol with in the ppp
standard. To get a new protocol approved is a long process. As far as I
know the rules I set up would just drop in.
The only attack against the protocols suggested seems to be dictionary
attacks. I am willing to live with that. after all, all crypto schemes
are vulnerable to exhaustive search, and the database is already
vulnerable. Note that ppp is often used over phone lines, in which case
tapping the line and making sense of the echo cancelling signals from
modern modems is a hard job in and of itself. Of course ppp is also used
over the ethernet, where the issue becomes more difficult.
I was interested both in the specific situation of the chap protocol as
I understand it, and also in the more general problem of how secure can
you make such a two stage process. Yes, it will not be totally secure,
but what is the best that you can do.
------------------------------
From: [EMAIL PROTECTED] (Bill Unruh)
Subject: Re: chap authentication scheme?
Date: 13 Aug 2000 18:09:08 GMT
In <[EMAIL PROTECTED]> [EMAIL PROTECTED] (Cryptocol) writes:
]Right, that's what I am saying. :) I mentioned A-CHAP also fails unless there
]is such a unreasonable assumption that Bob should be always Bob, not Bap(fake
]Bob). So I said, "Making a secure password protocol using two messages is just
]similar to Making a safe car using two wheels." That means, I also thought it
]was impossible in a reasonable way. ;) sorry for confusing the matter.
Well, bicycles and motorcycles work pretty well.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
