Cryptography-Digest Digest #647, Volume #12 Sun, 10 Sep 00 15:13:01 EDT
Contents:
Re: Ciphertext as language (Mok-Kong Shen)
Re: could you please tell me how this calculation has been obtained ? (Your Name)
Re: Scottu19 Broken (Tim Tyler)
Re: RSA Patent -- Were they entitled to it? (Bill Unruh)
The ultimate laptop (Mok-Kong Shen)
Re: Intel's 1.13 MHZ chip (Mok-Kong Shen)
Re: RSA Patent -- Were they entitled to it? (Roger Schlafly)
Re: IDEA - PGP (Bill Unruh)
Re: Scottu19 Broken (SCOTT19U.ZIP_GUY)
Re: RSA Patent -- Were they entitled to it? (Roger Schlafly)
Re: RSA Patent -- Were they entitled to it? (Terry Ritter)
Re: PRNG ("Paul Pires")
----------------------------------------------------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Ciphertext as language
Date: Sun, 10 Sep 2000 19:37:27 +0200
Abyssmal_Unit_#3 wrote:
>
> & as if it isn't complicated enough on the planet with the existing
known spoken(unspoken) languages?
If that's 'complexity' for the opponent, why not?
M. K. Shen
------------------------------
From: [EMAIL PROTECTED] (Your Name)
Crossposted-To: alt.security.pgp
Subject: Re: could you please tell me how this calculation has been obtained ?
Date: Sun, 10 Sep 2000 17:34:19 GMT
On Sun, 10 Sep 2000 10:34:22 GMT, [EMAIL PROTECTED] (those
who know me have no need of my name) wrote:
>>Maybe someone will give me more info on this because
>>I want nothing to do with key servers.
>
>if that's your keyid and you still have the private key for it just send a
>delete request for the key. doesn't guarantee that your key will disappear
>from being publically available though.
Thanks for the info. It sounds like a good plan.
Rich Eramian aka freeman at shore dot net
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: Scottu19 Broken
Reply-To: [EMAIL PROTECTED]
Date: Sun, 10 Sep 2000 17:29:03 GMT
Tom St Denis <[EMAIL PROTECTED]> wrote:
: [EMAIL PROTECTED] wrote:
:> [EMAIL PROTECTED] wrote:
:> : I heard that the NSA broke Scottu19, is that true?
:>
:> Is http://www.deja.com/threadmsg_ct.xp?AN=666637659 the source of your
:> information? The only other mention recently here appears to be
:> http://x60.deja.com/threadmsg_ct.xp?AN=666850697.1
: Both posters are in fact me. [...]
You mean you post under "John Myre <jmyre[at]sandia.gov>" sometimes,
signing yourself as "JM"?
--
__________ Lotus Artificial Life http://alife.co.uk/ [EMAIL PROTECTED]
|im |yler The Mandala Centre http://mandala.co.uk/ VIPAR GAMMA GUPPY.
------------------------------
From: [EMAIL PROTECTED] (Bill Unruh)
Subject: Re: RSA Patent -- Were they entitled to it?
Date: 10 Sep 2000 17:39:26 GMT
In <[EMAIL PROTECTED]> [EMAIL PROTECTED] (Terry Ritter) writes:
]So if the first inventor did *not* publish, they probably did not
]establish "prior art," so there would be nothing to prevent an
]application from another inventor to issue on that invention.
]How could it work any other way? If the first inventor does not apply
]for patent, how could the PTO know anything at all about the
]invention? So how could they know to refuse an application from
]someone else?
Granting of a patent does not establish the validity of the patent. The
fact that examiners granted the patent while ignorant of something which
would have made the patent invalid does not make the patent valid. All
the granting of patent does is give the presumption of validity, a
presumption which can be overturned by other facts.
]As far as I know, US patent law has been essentially unchanged in this
]respect for half a century. It is still "first to invent," but not
]unconditionally so, and that's the way it's always been.
I was under the impression that the US patent system had moved to
"first to file" rather than "first to invent". It certainly used to be
"first to file" in the US as well ( Bell got his patent on the telephone
by filing a few hours befor a competitor, and that was it. No case to
establish that he also invented it first.) Somewhere the US patent
office changed and I thought that I had read that they had now changed
back again.
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: The ultimate laptop
Date: Sun, 10 Sep 2000 19:58:01 +0200
S. Lloyd has published a paper entitled
Ultimate physical limits to computation
in Nature vol.406, p.1047-1054 (see also articles referring
to it in Science and New Scientists), claiming that a 1-kg
ultimate laptop will be able to perform 10^51 operations
per second on 10^31 bits and that that could be attained
in 250 years (through extrapolation of Moore's law).
While such visions are valuable, highly attractive and
fasinating, I suppose that, as far as crypto is concerned,
we should continue to be highly aware of the importance
of short-term (10-30 years) advancements of encryption
(and analysis) techniques. Matters like AES and its
potential competitors clearly deserve more attention
than what is going to be at the forefront of cryptology
in the 22nd or 23rd century.
M. K. Shen
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Intel's 1.13 MHZ chip
Date: Sun, 10 Sep 2000 19:58:11 +0200
Sorry that my typos and the improper designation 'GHZ'
have caused some confusion and distaste.
GHz is certainly the correct designation. But I have often
seen advertisements of computers (here in Germany) using
MHZ instead of MHz. In one German technical lexicon I
found 'Hz (EDV: HZ)' (EDV means 'data processing'). Further
I saw in one and the same issue of an English PC journal
Khz, KHz, KHZ and kHz. Often I have seen also kw, kW and KW.
So, while I definitely recognize the importance of using
correct technical designations, I could perhaps console
myself with the thought that I am not the single person
that has committed that kind of cardinal error.
M. K. Shen
------------------------------
From: Roger Schlafly <[EMAIL PROTECTED]>
Subject: Re: RSA Patent -- Were they entitled to it?
Date: Sun, 10 Sep 2000 10:45:35 -0700
Jim Gillogly wrote:
> My remarks to the effect that "scientists who don't publish openly
> don't deserve credit for advancing science" still stand.
Ok, fine. But some people are under the impression that R,S&A
invented public key cryptography. Aztech's original post alludes
to this.
Granted, GCHQ did not advance science because they didn't publish
openly. But if you want to apply that standard, how much did R,S&A
advance science by its publication?
M,H&D had already invented public key cryptography, and had
given a practical, efficient, and secure public key cryptosystem.
The only thing missing was a good way of doing signatures, but
Rabin had indepedently discovered signatures similar to RSA
signatures. If the RSA paper had never been published, it is
hard to see how the advancement of science would have suffered.
------------------------------
From: [EMAIL PROTECTED] (Bill Unruh)
Subject: Re: IDEA - PGP
Date: 10 Sep 2000 17:55:21 GMT
In <[EMAIL PROTECTED]> "December"
<[EMAIL PROTECTED]> writes:
]Right, my computer setup is a Commodore Amiga 1200. It is likely I am
]going offline soon and wish to send a friend in the US disks now and
]again, which will contain personal texts. I want this to be encrypted and
]currently the best looking method is IDEA - found in PGP.
No. IDEA is an algorithm which is encumbered by patent in t
Europe, USA and Japan. Thus for example I do not belive GPG uses IDEA.
IDEA was what Zimmermann used in his second incarnation of PGP, however,
so most, for compatibility, do allow you to use IDEA.
However, for private encryption, there are loads of totally unencumbered
crypto systems around-- eg 3DES and Blowfish as two examples.
](I assume it exists in all versions of PGP, across all platforms.)
]This method doesn't require exchange of keys, only a passphrase.
]Stop me at any time if I'm wrong.
]So, I can read and write to PC disks fine on this platform but I'm having
]problems trying to find a decrypter. On the Amiga PGP 2.6.3 is a pathetic
]little 400,000 byte archive in complete form. The Windows98 version is
]7mb and she's not too happy to download and attempt install of this, to
]allow decryption of any future files.
So, get a few byte decryptor, like 3DES or Blowfish.
You can get the former in Eric Young's libdes package
ftp://ftp.psy.uq.oz.au/pub/Crypto/DES/libdes.tar.gz
(Note they seem to have broken their ls on that machine, so the
directory files are not listed, but the files are there).
These need to be compiled
This will give you 3des which is probably about as strong as anything
else right now.
]Is there a stand-alone PC IDEA decrypter, and could you point me to..?
]I also have Amiga RC4 and RC6 encryption tools if they are easier to deal
]with. The ZIP password thang was originally considered, but is weak as
]hell, apparently:)
RC4 is not the right thing to use here as it demands a separate password
for each file encrypted, which is not of great use for you I suspect.
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Scottu19 Broken
Date: 10 Sep 2000 17:44:14 GMT
[EMAIL PROTECTED] (Tim Tyler) wrote in <[EMAIL PROTECTED]>:
>Tom St Denis <[EMAIL PROTECTED]> wrote:
>: [EMAIL PROTECTED] wrote:
>:> [EMAIL PROTECTED] wrote:
>
>:> : I heard that the NSA broke Scottu19, is that true?
>:>
>:> Is http://www.deja.com/threadmsg_ct.xp?AN=666637659 the source of your
>:> information? The only other mention recently here appears to be
>:> http://x60.deja.com/threadmsg_ct.xp?AN=666850697.1
>
>: Both posters are in fact me. [...]
>
>You mean you post under "John Myre <jmyre[at]sandia.gov>" sometimes,
>signing yourself as "JM"?
Well that is the kind of crap an Asshole like Tommy would do.
Since it makes him feel like a man. But would one expect from
an ignorant worm. Who has to pretend he has the ability to learn.
I thought it was a real address. But I guess tommy is much lower
of a man than I thought. Of course no wonder he worships the phony
crypto Gods.
I would not be surprised if Tommy is an invention of Mr BS. or
his partner David Wagner. Since his lack of knowledge is so appearant.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.xoom.com/ecil/index.htm
Scott LATEST UPDATED source for scott*u.zip
http://radiusnet.net/crypto/ then look for
sub directory scott after pressing CRYPTO
Scott famous Compression Page
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
------------------------------
From: Roger Schlafly <[EMAIL PROTECTED]>
Subject: Re: RSA Patent -- Were they entitled to it?
Date: Sun, 10 Sep 2000 10:57:41 -0700
Bill Unruh wrote:
> I was under the impression that the US patent system had moved to
> "first to file" rather than "first to invent". It certainly used to be
> "first to file" in the US as well ( Bell got his patent on the telephone
> by filing a few hours befor a competitor, and that was it. No case to
> establish that he also invented it first.)
No. The US is "first to invent". But as a practical matter, the
first to file usually wins. Bell had to survive a legal fight
with that competitor.
For the past several years, there has been an effort in Congress
to "harmonize" US patent law with other countries. Changing to
"first to file" was on the list of "reforms", because that is
how almost all the other countries do it. But instead of harmonizing,
the proponents of the bill were really much more interested in
shifting the balance of power towards the interests of big companies
as opposed to small inventors. So it became a battle between
inventors versus companies. In the end, Congress passed a bill
consisting of minor and fairly insignificant reforms. The "first
to file" section was dropped.
------------------------------
From: [EMAIL PROTECTED] (Terry Ritter)
Subject: Re: RSA Patent -- Were they entitled to it?
Date: Sun, 10 Sep 2000 19:00:06 GMT
On 10 Sep 2000 17:39:26 GMT, in <8pgh0e$2bj$[EMAIL PROTECTED]>,
in sci.crypt [EMAIL PROTECTED] (Bill Unruh) wrote:
>In <[EMAIL PROTECTED]> [EMAIL PROTECTED] (Terry Ritter) writes:
>
>]So if the first inventor did *not* publish, they probably did not
>]establish "prior art," so there would be nothing to prevent an
>]application from another inventor to issue on that invention.
>
>]How could it work any other way? If the first inventor does not apply
>]for patent, how could the PTO know anything at all about the
>]invention? So how could they know to refuse an application from
>]someone else?
>
>Granting of a patent does not establish the validity of the patent.
Right.
>The
>fact that examiners granted the patent while ignorant of something which
>would have made the patent invalid does not make the patent valid.
But secret work does not constitute "prior art" in the meaning used in
patent law. Secret work does not invalidate all future patents on the
secret invention.
>All
>the granting of patent does is give the presumption of validity, a
>presumption which can be overturned by other facts.
As far as I know, secret work simply does not invalidate a later
patent by someone else on that same invention.
Just as "prior art" does *not* mean "previously done by anybody
anywhere," "first to invent" does *not* mean "the first person in
history to do this."
As far as I know, the point of the "first to invent" concept comes in
interference: normally, pending patent applications by different
inventors on the same invention. But I think that if another inventor
wants to dispute an issued patent, he has a year after issuance to
file an application with an identical claim, which also starts an
interference.
>]As far as I know, US patent law has been essentially unchanged in this
>]respect for half a century. It is still "first to invent," but not
>]unconditionally so, and that's the way it's always been.
>
>I was under the impression that the US patent system had moved to
>"first to file" rather than "first to invent". It certainly used to be
>"first to file" in the US as well ( Bell got his patent on the telephone
>by filing a few hours befor a competitor, and that was it. No case to
>establish that he also invented it first.) Somewhere the US patent
>office changed and I thought that I had read that they had now changed
>back again.
There have been proposals to change "first to invent" for many years,
because a "first to file" scheme is much clearer in a bureaucratic
sense: all one need do is look at filing dates.
One problem with "first to file" is the apparent possibility of great
wealth from stealing an invention and filing first. That would be a
felony fraud against the PTO, but could tempt some people, and could
be awkward to reverse, especially if the real inventor was poor.
The change does not appear to have happened.
There are many links to "first to invent"; see, for example:
http://www.heckel.org/Issues/issftf.htm
(Last Modified: Tuesday, July 25, 2000 17:47:53 GMT)
"First to file versus First to invent: the legal significance
"This issue has to do with what happens if two inventors file a patent
on the same invention at roughly the same time. Under the (current)
first to invent system the person entitled to the patent is the one
who invented it first (Even if he filed later provided he did not
suppress, conceal or abandon his patent). Under the First to file
system, the first person to file for the patent is entitled to the
patent even though someone else invented it first."
Also see:
http://www.usip.com/articles/1st2fil.htm
(Last Modified: Friday, September 08, 2000 15:56:38 GMT)
"The first-to-invent doctrine has been part of U.S. law for more than
150 years. For the last two decades, Congress, U.S. industry and the
American Bar Association, have consistently rebuffed attempts to adopt
a first-to-file system. However, recently, an influential movement
advocating adoption of the first-to-file system has emerged. Recently,
Donald J. Quigg, the Deputy Commissioner of the U.S. Patent and
Trademark Office (hereinafter "Patent Office"), announced to the WIPO
that the U.S. Patent Office would consider dropping its 150 year old
first-to-invent rule in return for improved patent-protection
standards around the world."
I am not a patent lawyer and none of this is advice.
---
Terry Ritter [EMAIL PROTECTED] http://www.io.com/~ritter/
Crypto Glossary http://www.io.com/~ritter/GLOSSARY.HTM
------------------------------
From: "Paul Pires" <[EMAIL PROTECTED]>
Subject: Re: PRNG
Date: Sun, 10 Sep 2000 12:07:21 -0700
Cristiano <[EMAIL PROTECTED]> wrote in message
news:8pfvnn$f7l$[EMAIL PROTECTED]...
>
> NP wrote:
>
> > I test my PRNG on FIPS
> >
> > DIEHARDC ok (no 0.00 no 1.00)
> > FIPS1401 ok
> > FIPS1402 4 fails at runs test for 1000 blocs tested
> >
> > What is criterion for FIPS1402 ?
>
> FIPS PUB 140-2 supersedes FIPS PUB 140-1 so if you use the former is useless
> to ulitize te latter.
> Version 2 is more stringent in the sense that the tests results are given
> with a significance level equal to .0001.
> The sequence to test must be of 20000 bits, so I don't understand the
> meaning of: "FIPS1402 4 fails at runs test for 1000 blocs tested".
>
> If you accept my observation, it is very rare to find a generator that fail
> FIPS PUB 140-2 test.
>
> If you use DiehardC I think you are able to modify its code. In this case,
> if you don't need to see any single p-value, I can suggest a method that I
> have found very useful.
> At the end of DiehardC, you'll have many p-values (if you run all test there
> are 234 p-values). Be sure that p-values are sorted from 0 to 1.
> Now calculate the error between each p-value and the expected p-value in
> this way:
>
> double e=0;
> for(int i=0;i<pvalue_count;i++) {
> double y=i/double(pvalue_count-1);
> e+=(y-pvalues[i])*(y-pvalues[i]);
> }
>
> and then calculate the error with respect to the total area of the triangle
> shaped by the two axes (x and y) and the ideal segment between (0,0) and
> (pvalue_count-1,1):
>
> e=e/double(pvalue_count-1)*2.*1e6 [ppm]
>
> That's all!
>
> In this way you have an absolute reference for the goodness of a PRNG
> (obviously with respect to DiehardC test).
Absolute reference for goodness? How? what is the reasoning behind this
statement? Please, don't show test results and say "look, it's true". Say
why you think it should be so.
How can there be a difference in expected values between the results of
different tests? This expectation assumes a relationship between the tests
that has not been proven (or even suggested). Processing the 234
different results from Diehard against each other makes no sense. Apples
and oranges. My apologies if I offend, but this sounds like "hocus pocus".
(Not latin, I believe it's first use was in a Buggs Bunny cartoon)
>
> If you want to compare many PRNG, my suggestion is to collect (for each
> generator) the p-values from 10, 20 or 50 DiehardC test with different
> initializzations of the PRNG. In this case may be useful to consider the
> mean and the standard deviation of the whole set of p-values and the error
> of all p-values collected.
Maybe looking at the sets per test but surely not the results lumped together.
Logically, this could only "Sensitize" the tests already there. A statement that
this is a way to "An absolute reference to goodness" is saying that this oracle
property is already in diehard and you just figured out how to tickle it out.
Is that what you are saying?
Paul
>
> The best result is e=0 (the p-values are axactly as expected, but this will
> never happen) the worst is about e=670000 ppm (depend on pvalue_count), this
> happen when all p-values are equal to 1.
>
>
> Cristiano
>
>
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
