Cryptography-Digest Digest #661, Volume #12 Tue, 12 Sep 00 09:13:01 EDT
Contents:
Re: RSA public exponent (Mark Wooding)
Re: Ciphertext as language (Mok-Kong Shen)
Re: For the Gurus (Mok-Kong Shen)
Re: Weaknesses in this algorithm? (Mark Wooding)
Re: Kryptcon (Eric Hambuch)
Re: (Jury Selection) Re: Carnivore article in October CACM _Inside_Risks (Yiorgos
Adamopoulos)
Re: Kryptcon (Runu Knips)
Re: Camellia, a competitor of AES ? (Runu Knips)
Re: Weaknesses in this algorithm? (Runu Knips)
R: PRNG ("Cristiano")
R: PRNG ("Cristiano")
Re: nice simple function (Tom St Denis)
sac fullfilling decorelated functions (Tom St Denis)
Re: Why is TwoFish better than Blowfish? (Mark Wooding)
Re: RSA Patent -- Were they entitled to it? (John Savard)
Re: Problem with Tiger hash algorithm and binary files (Daniel Leonard)
Re: RSA public exponent ([EMAIL PROTECTED])
Open Research Positions (Andreas Friesen)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Mark Wooding)
Subject: Re: RSA public exponent
Date: 12 Sep 2000 09:13:37 GMT
Ed Pugh <[EMAIL PROTECTED]> wrote:
> However, given that there are Aleph-Null possible values of d
> available, I wonder if there might be some, as yet unthought of,
> method of finding a value of d WITHOUT first factoring N (i.e. NOT
> givn the prime factors, p and q) ?
No. The algorithm which recovers the factors needs only knowledge of a
multiple of \lambda(n). It works like this:
* Let 2^s t = e d - 1 be some multiple of \lambda(n), where t is odd.
* Choose an element a \in \Z_n. Compute x_0 = a^t (mod n), and
x_{i+1} = x_i^2 (mod n) for i >= 0. We know that x_s = 1 (mod n).
* Find the lowest i for which x_i = 1 (mod n). If i = 0 then choose
another a and try again.
* We now know that x_{i-1} is a square-root of 1 in \Z_n. If x_{i-1}
= -1 (mod n) then we've not learned anything interesting and should
try again with a different value of a. Otherwise \gcd(x_{i-1}, n)
is a nontrivial factor of n (i.e., you've recovered either p or q,
and it doesn't really matter which).
-- [mdw]
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Ciphertext as language
Date: Tue, 12 Sep 2000 11:34:17 +0200
wtshaw wrote:
>
> Tests show that as long a each consonent-vowel pair is said as indicated,
> the characters can be easily written as heard. I suppose that I will see
> what a speech synthesizer will do with them next.
Maybe this is just because I am a foreigner, but I find
'x' to be disadvantageous for being used as vowel in the
present context, i.e. I would perfer limiting to the
set a,i,o,e,u. Then, I suppose the pairs of consonant-vowel
would sound much like the Japanese alphabet, which means
that these probably are good in their quality for voice
transmission. (I know too little about Japanese. You have
to check whether I said above is true.)
M. K. Shen
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: For the Gurus
Date: Tue, 12 Sep 2000 11:34:42 +0200
"root@localhost " wrote:
>
> If I wanted to design a simple manual system that I felt was very
> difficult to crack, what historical system would you recommend I start
> with and why?
I am no guru, though not a pure beginner. I would suggest that
you employ a transposition and a polyalphabetic substitution
(with independent alphabets) and always use sufficiently long
keys. If you like, you could add such stuffs like homophones.
I can't discuss, though, the issue of strength (concerning your
'why'), for that topic is too difficult for my humble knowledge.
M. K. Shen
------------------------------
From: [EMAIL PROTECTED] (Mark Wooding)
Subject: Re: Weaknesses in this algorithm?
Date: 12 Sep 2000 09:28:12 GMT
Patrick Schultz <[EMAIL PROTECTED]> wrote:
> My main thought was simply that, because every step of the encryption
> uses random data, that the cipher text should be statistically random,
> making it immune to any attacks based on the statistics of the
> plaintext.
Yes. That's not actually the point of attack for most symmetric
ciphers, though: it's in statistical relationships between plaintext and
ciphertext.
Neglecting the passphrase thing at the beginning, your construction has
the benefit of eliminating chosen-plaintext attacks. However, knowledge
of plaintext leads to knowledge of pad, which can then be used to
execute a known-plaintext attack against the symmetric cipher. Chosen-
plaintext attacks can be converted into known-plaintext attacks simply
by waiting for the appropriate plaintexts to come along.
Use of an all-or-nothing transform, e.g., Rivest's package transform, or
Bellare and Rogaway's OAEP, gives much less ciphertext expansion,
defends against chosen-plaintext attacks just as effectively, and also
defends against partial-known-plaintext or guessed-plaintext rather
better.
-- [mdw]
------------------------------
From: Eric Hambuch <[EMAIL PROTECTED]>
Subject: Re: Kryptcon
Date: Tue, 12 Sep 2000 11:40:45 +0200
Anon wrote:
>
> My name is Derek and I am a Supercomputing student in Huntsville, AL. I
> created an encryption algorithm last year as a project and was wondering if
> someone would take a stab at breaking it or helping me with my work.
>
> decrypt(void) { /*Subtracts value if option 2 is selected*/
> d = val - inc;
> return d;
> }
>
> encrypt(void) { /*Adds value if option 1 is selected*/
> d = val + inc;
> return d;
Seems to be a joke, isn't it ?
Eric
------------------------------
From: [EMAIL PROTECTED] (Yiorgos Adamopoulos)
Crossposted-To: comp.security.misc,alt.security,talk.politics.crypto,us.legal
Subject: Re: (Jury Selection) Re: Carnivore article in October CACM _Inside_Risks
Date: 12 Sep 2000 10:06:43 GMT
Reply-To: [EMAIL PROTECTED]
In article <[EMAIL PROTECTED]>, Robert H. Risch wrote:
>Don't underestimate the huge difference in who is asking the
>questions. American trials often have 100% of all questions to
>witnesses, asked by the lawyers. Also the lawyers, very often, keep
Depending on the case it could be to 50 - 50 nearly (or this is at least
my understanding from what I have seen).
>objecting to the questions asked by the other lawyers. There are so
This is true here also. But only for questions asked by lawyers.
>many procedural rules about what and how questions are to be asked
>that often, as much time is spent on arguing such things as on
>examining the actual evidence. Among the rules, is the ability of a
>lawyer to recite a speech to a hostile witness and force him to answer
>yes or no as to whether what the lawyer just said is true. The
Here also. But usually it is followed by a judge asking ``why yes?''.
>witness can only explain his answer if a the lawyer on the same side
>as the witness later asks him "non leading" questions that are crafted
>to refute the former lawyer's speech. Any such thing goes on in a
>Greek Court?
-Yiorgos.
------------------------------
Date: Tue, 12 Sep 2000 12:30:08 +0200
From: Runu Knips <[EMAIL PROTECTED]>
Subject: Re: Kryptcon
Eric Hambuch wrote:
> Anon wrote:
> > My name is Derek and I am a [..] student in Huntsville, AL. I
> > created an encryption algorithm last year as a project
>
> encrypt (void) {
> d = val - inc;
> return d;
> }
>
> Seems to be a joke, isn't it ?
Not really, it is a stream cipher, working with addition
instead of XOR, the algorithm itself is in keywork():
u = strlen(key);
for(1; u <=511; 1) {
t = key[u-1] + key[(u-2) % 31];
key[u] = t;
u++;
}
and filework():
i = (i < strlen(key))?i:0;
inc = (pow(key[i],2) * 751 - key[i]);
Its crap anyway.
------------------------------
Date: Tue, 12 Sep 2000 13:05:34 +0200
From: Runu Knips <[EMAIL PROTECTED]>
Subject: Re: Camellia, a competitor of AES ?
[EMAIL PROTECTED] wrote:
> The largest _online economy_, not the largest number of people
> online. I would say we're still several years away from the PRC
> becoming the world leader in electronic commerce.
China was just an example, I wanted to say that how many people
are in the land which developed the algorithm doesn't matter;
only the quality of the algorithm matters. Europe is another
market with more people than the US.
------------------------------
Date: Tue, 12 Sep 2000 13:16:07 +0200
From: Runu Knips <[EMAIL PROTECTED]>
Subject: Re: Weaknesses in this algorithm?
Patrick Schultz wrote:
> Ok, I see the weakness is in the fact that RC4 is just \xoring a
> psuedo-random string with the one-time pad.
No, the problem is that sending an OTP encrypted means that
you always weaken the security of the whole protocol to the
security of the encryition of the OTP. Therefore you can
drop the OTP and use that encrytion directly.
------------------------------
From: "Cristiano" <[EMAIL PROTECTED]>
Subject: R: PRNG
Date: Tue, 12 Sep 2000 13:09:13 +0200
NP wrote:
> Simple test: I write a file containing all results > 1Gbytes
>
> I count the number collision for each 16 bits value ( 16 bits is what I
> want )
>
> Result is a gauss repartition of collision.
>
> After 400 million values collected, I see some sub-wave in the gauss
curve.
If I understand your test, it seems the poker test of FIPS140 (with m=16).
In this case yours collisions approximately follows a chi-square
distribution with 65535 d.o.f. (as stated in HAC).
If for "sub-wave" you mean a multimodal distribution, I think this is due to
local degeneration of PRNG; with this I mean that periodically (the period
is many millions of numbers) the several PRNG I tested puts out a sequence
of 32 bits numbers that Diehard consider very bad; after this sequence of
bad number, the generator come back to some good sequences and so on.
To check collision I have found useful the autocorrelation test. When a PRNG
put out numbers with anomalous number of collisions, I have seen that
autocorrelation test fail always for some fixed distance of bits (but I
don't have any proof of this).
> It is meaning FFT gives some frequencies ...
> It's a bias in the gauss repartition ( !? )
I don't know the FFT test, but I'd like to implement it. Do you can suggest
me the way?
Cristiano
------------------------------
From: "Cristiano" <[EMAIL PROTECTED]>
Subject: R: PRNG
Date: Tue, 12 Sep 2000 13:16:50 +0200
> > Please quiet down!
>
> For you.. my pleasure.
Merci beaucoup Monsiueur Pires.
Cristiano
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: nice simple function
Date: Tue, 12 Sep 2000 11:31:35 GMT
In article <[EMAIL PROTECTED]>,
Mok-Kong Shen <[EMAIL PROTECTED]> wrote:
>
> I guess that, while employing different fields/rings may
> buy you some complexity, always using linear functions is
> much poorer than using non-linear functions. Now you
> yourself will have the difficulty of inverting non-linear
> functions. However, this is no problem if the functions
> are used e.g. in a Feister cipher so that no inversion
> is needed.
>
> I might be wrong and experts would like to correct me.
Well the idea is to use it in a Feistel Network.
The function is actually not a linear problem to solve without two
pairs of inputs and outputs. I.e It can't be solved with linear
algebra with only one pair.
Also the std pair-wise decorrelation function f(x) = a.x + b is immune
to order 2 differential and linear cryptanalysis iff (a, b) are random
variables and you cannot find two pairs of inputs/outputs.
My goal is to change the function so even knowledge of two pairs is not
sufficient, but somehow I have the feeling my other idea f(x) = (a.x ++
b.x) + c, won't work well either... I have to think it over
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: sac fullfilling decorelated functions
Date: Tue, 12 Sep 2000 11:53:07 GMT
Let's take F(x) = a.x + b in GF(2)^32, now we want to know for any
multiple of 'a' in the same field what is the prob of at laest 16 bits
being set... so I take out some new finite I learnt and plug in (32
choose 16)/2^32 = 2^-2.837. This means about 1 in 6 will be SAC
fullfilling functions.
Over the entire multiplcation we find 32/6 ~ 5.3 which means of the 32
multiples of 'a' only 5 are sac fullfilling. If 'a' is random there
distribution should be random (?). Now consider the lower bits, such
as with only four bits set. We find them with a prob of 2^-16.865 much
less then with 16 bits.
In any GF multiply the chances of any being of only four bits is about
2^-11 or 1 in 2048. This means that GF multiplication is a closely-sac-
like function most of the time, and for a fraction of the time not.
Can this be used to extract information from the function in those
specific cases (extreme cases?)
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED] (Mark Wooding)
Subject: Re: Why is TwoFish better than Blowfish?
Date: 12 Sep 2000 12:08:14 GMT
David C. Barber <[EMAIL PROTECTED]> wrote:
> TwoFish is newer, and I would think better, than BlowFish (unless the AES
> requirements required a worse cipher), but I've never seen a list of reasons
> just why. While I expect that Bruce is the logical person to answer this
> (btw, is my 2nd edition Applied Cryptography still the current version?),
> even a pointer to a web-page would be fine.
[Neither name is BiCapitalized. They're `Blowfish' and `Twofish'.]
Some will tell you that Twofish is faster. It depends. If you really
pull all of the stops out, then Twofish is faster on some
architectures.
Twofish has a bigger block size. This is good. It means you can use it
longer between rekeyings. Most applications don't need to worry about
this, probably.
Twofish has much more flexible tradeoffs between memory use, key setup
time, and bulk encryption speed. Blowfish just does its stuff the only
way it can.
On the other hand, Blowfish is simple. *Really* simple. There are no
clever bits optimized against particular classes of attacks (e.g.,
differential cryptanalysis); it just resists them anyway. There's no
hairy maths to understand if you want to implement it.
Blowfish is much easier to implement correctly. Twofish has loads of
fiddly little details which are a nuisance to get right. Blowfish just
works.
And Blowfish has been around for eight years, compared to Twofish's two
and a half (in public, that is).
I know which I trust more at the moment. Ask me again in five years
time and I might give you a different answer.
-- [mdw]
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: RSA Patent -- Were they entitled to it?
Date: Tue, 12 Sep 2000 12:10:39 GMT
On Sun, 10 Sep 2000 22:49:58 GMT, [EMAIL PROTECTED] (Terry Ritter) wrote,
in part:
>On Sun, 10 Sep 2000 14:06:11 -0700, in
><[EMAIL PROTECTED]>, in sci.crypt Roger Schlafly
><[EMAIL PROTECTED]> wrote:
>>It is rare for that to happen, but technically the secret work
>>can invalidate a later patent.
>>Sec. 102. Conditions for patentability; novelty and loss of right to
>>patent
>>A person shall be entitled to a patent unless -
>> (a) the invention was known or used by others in this country, or
>>patented or described in a printed publication in this or a foreign
>>country, before the invention thereof by the applicant for patent, or
>> (b) the invention was patented or described in a printed publication
>>in this or a foreign country or in public use or on sale in this
>>country, more than one year prior to the date of the application for
>>patent in the United States, or ...
>>http://www4.law.cornell.edu/uscode/35/102.html
>I disagree. Not with the law, obviously, but with the implication
>that telling someone *without* expectation of secrecy is the same as
>telling someone *with* an expectation of secrecy, such as telling an
>organization like the NSA.
Note that 'patented or described' occurs in both a) and b); hence,
since a) is a separate clause from b), it makes sense that some other
condition in addition to patented, described in print, or public use
or sale, applies to the period 'before the invention', as opposed to
the period 'more than one year prior to the date of the application'.
And in a), 'use' is mentioned without the qualification that it be
public use.
This seems odd, because the basic point of a patent system is to
reward disclosure of inventions. However, it is reasonable that
someone shouldn't be able to patent, for example, the standard
techniques of silversmithing or winemaking, used by all the persons in
the trade, that had been handed down for hundreds of years - even if
they had only been handed down through word of mouth, and had not
appeared in the open literature.
Since the wording of (a) does seem to support an interpretation which
appears bizarre from what is generally understood about patent law,
probably the knowledge of case law involving (a) that a lawyer would
have might resolve the matter. After all, if a) did work in the way
that the other poster had claimed, why had Noll's claim triumphed over
Hebern's?
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: Daniel Leonard <[EMAIL PROTECTED]>
Subject: Re: Problem with Tiger hash algorithm and binary files
Date: Tue, 12 Sep 2000 12:31:31 GMT
On Mon, 11 Sep 2000, Jim Gillogly wrote:
> [EMAIL PROTECTED] wrote:
> > binary files. For example, when reading a binary file into an array, th=
e
> > first null character (0) encountered will terminate the string (array).
>=20
> Your problem is in the hash() macro:
>=20
> > #define hash(str) tiger((byte*)str, strlen(str), res); \
>=20
> You don't want strlen(str) here: you want count or i.
> strlen() is a string function, and terminates when it sees a '\0'.
>=20
> You should also look more closely at your loops: you're
> stepping on your string when you read it in. You shouldn't
> need to decrement "count" or step on your input string at all.
>=20
> I'd also re-write it to work in one pass -- you'll probably have
> to look at the tiger code to see how to do it a chunk at a time.
> --=20
> =09Jim Gillogly
> =09Trewesday, 20 Halimath S.R. 2000, 22:16
> =0912.19.7.9.14, 3 Ix 17 Mol, Fifth Lord of Night
>=20
You could take a look at Tiger.java and MyMessageDigestSuperClass.java at
http://megasun.bch.umontreal.ca/~leonard/
While on the subject, which reference implementation is the right one: the
one from Eli Biham site, or the one from Ross Anderson site ?
==========
Daniel L=E9onard
OGMP Informatics Division E-Mail: [EMAIL PROTECTED]
D=E9partement de Biochimie Tel : (514) 343-6111 ext 5149
Universit=E9 de Montr=E9al Fax : (514) 343-2210
Montr=E9al, Quebec Office: Pavillon Principal G-312
Canada H3C 3J7 WWW :
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: RSA public exponent
Date: 12 Sep 2000 08:34:56 -0400
Ed Pugh <[EMAIL PROTECTED]> wrote:
> AFAIK, current thought is that the easiest way to break an RSA key
> is to factor the modulus to recover the prime factors, p and q, and
> then use these with the public exponent, e, to find "the" secret
> exponent, d.
Yes. It is *thought* (for example) that finding cube roots modulo n is not
much easier than finding square roots (finding square roots modulo n is
equivalent to factoring).
> However, given that there are Aleph-Null possible values of d available,
> I wonder if there might be some, as yet unthought of, method of finding
> a value of d WITHOUT first factoring N (i.e. NOT givn the prime factors,
> p and q) ?
> If ANY such value could be found (not necessarily one of the two or
> more values less than N), then can N still be factored given e and
> the found value of d?
Yes (that is the point - doing so shows that any such new method of
finding such a d can actually be used as a new factoring method and would
make factoring "as easy" as finding such a "d" - so if factoring cannot be
made easy (if factoring is hard) then finding such a "d" is hard - finding
such a "d" is just one of (many) different approaches to factoring n).
--
(how to factor if you know a multiple of lambda(n)
The trick is that if you know e and d you have x^(ed)=x mod n for all x
(or ed-1 is a multiple of
lambda(n)=LCM(orders_of_elements_of_the_multiplicative_group_of_Z_n)
Suppose ed-1=K. You know e and somehow got d. Thence you have K (some
multiple of lambda(n)).
Factor K=A*B where A=2^j and B is odd (factor out all the powers
of 2 in K and call that A).
Pick any old x. First check that GCD(x,n)=1 (if not, you just happened to
guess at a factor of n! Not likely, but check anyway).
If GCD(x,n)>1 you are done (that GCD is a factor).
If not, let X=x^B mod n.
If X=1 or X=-1 mod n, then pick another x.
Now start calculating the sequence:
X mod n
X^2 mod n
(X^2)^2 mod n
((X^2)^2)^2 mod n
(keep squaring the prior result mod n)
You know that X^(2^j)=1 mod n, so after enough (at most j) steps, this is
1. The first element in the sequence is not 1 or -1.
So ... what is the number right before you get a 1 in the sequence?
If it is -1, pick another x.
OK ... so you wind up with this sequence (after picking another x,
perhaps) with the sequence of X squares ending:
...
R mod n
R^2=1 mod n
Where the number right before you got a 1 is not -1 (and since this is the
number *before* you got a 1, it is not 1 either!)
You have R<>1 mod n and R<>-1 mod n, but R^2=1 mod n
(i.e. (R-1)(R+1)=0 mod n).
Well, R-1 is not divisible by n and R+1 is not divisible by n
(R<>+/-1 mod n) but (R-1)(R+1) IS divisible by n. So, R-1 must have one of
the factors of n and R+1 the other (for n=pq, p,q distinct odd primes).
Then GCD(R-1,n) is a factor of n. BINGO! A factor of n.
At least half the x's will lead to a factorization of n.
(If you have a multiple of lambda(n) you can use this probabalistically to
factor n.)
So ... just pick a few x's and soon you will have a factor of n (IF you
have a multiple of lambda(n) - as you would, ed-1, if you have a public
and private key pair).
> If so, then it would be a simple matter to
> continue from there to recover p and q, and then "THE" value of d
> (i.e. the one less than lambda(N)) and have the further advantage
> (to the attacker) to be able to use CRT to decrypt the target's
> messages.
Yes ... or you could just use your original value of d (but it may be a
bit larger and make using it a bit slower) (once you have lambda(n) then
d+k*lambda(n) where k is an integer give the private exponents that work
since we want (if d,d' are two possible exponents): ed=1=ed' mod lambda(n)
or ed=ed' mod lambda(n) and as e is rel. prime to lambda(n),
d=d' mod lambda(n) - so once you a multiple of n, you can find the
factors, you can calculate lambda(n) then (not just a multiple) and then
reduce d mod lambda(n) to get a smaller working d.
> If not, then the attacker could still decrypt the target's messages,
> abeit less efficiently, with the found (larger) value of d and the
> modulus N, even without knowing p and q.
But once you have a working d, you can (with a bit of work, but none of
the steps above are intractable) factor n and use a smaller d if you want.
AND IN FACT, if you had such a d and the encoder changed his public
exponent but not his modulus(!) - heck, you used the old version of the
public exponent and the working d to factor n, so you can work out the
private exponent for his new public exponent (well, you don't even need to
factor in this case. If e,d were the old public and private (that you
somehow got) exponents, then ed-1 is a multiple of lambda(n). If e' is the
new public exponent, just find d' with e'd'=1 mod (ed-1) (you don't HAVE
to find lambda(n) and take e'd'=1 mod lambda(n). Finding a d with e'd'=1
modulo a MULTIPLE of lambda(n) allows you to decode messages - of course,
using lambda(n) gives you a smaller d' making the decoding faster, but is
not necessary).
If factoring is "hard" then finding any working "d" (for any fixed e
tractably determinable from the modulus) is hard. If, for example, for
some modulus finding a d for e=3 were easy, then do so. That gives AN e,d
pair for that modulus. From that you can determine a d' for any other e'
public exponent (and in fact you can factor the modulus).
------------------------------
Date: Tue, 12 Sep 2000 15:00:04 +0100
From: Andreas Friesen <[EMAIL PROTECTED]>
Crossposted-To: de.comp.security,comp.security.misc
Subject: Open Research Positions
This is a multi-part message in MIME format.
==============0975DB554DCCF1A9E8C2D7F6
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Open Positions in the Field of Information and Communication Security
The Institute for Data Communications Systems of the University of
Siegen (Germany) is looking for:
5 Scientists/Scientific Assistants
to join national and international project teams working on
information and communication security.
The positions are limited to 2 years, but a prolongation is usually
granted.
Requirements:
- Diploma (university) or M.Sc. in computer science, electrical
engineering, data communication, etc.
- Experiences and know how at least on one of the following areas:
cryptography, cryptographic applications, Internet security,
LINUX system programming, wireless communication, Crypto API
(programming languages: C, C++, JAVA, XML).
The opportunity to achieve a Dr. or Ph.D. degree in a reasonable time
is given.
Note:
Applicants with a M.Sc. degree, please refer to
http://www.nue.et-inf.uni-siegen.de/englisch/e_postgr.html for
potential complications with the acknowledgement of your degree.
The University of Siegen is committed to increasing the number of
women in academic positions. Therefore, qualified women are encouraged
to apply.
Applications of persons with disabilities are appreciated.
To receive further information or to submit your application
(CV, photo, copies of diploma, grades), please contact:
Prof. Dr. Christoph Ruland
University of Siegen
Hoelderlinstrasse 3
D-57068 Siegen / Germany
Phone: +49-271-740-2522
Fax: +49-271-740-2536
e-mail: [EMAIL PROTECTED]
URL: www.nue.et-inf.uni-siegen.de
==============0975DB554DCCF1A9E8C2D7F6
Content-Type: text/x-vcard; charset=us-ascii;
name="friesen.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for Andreas Friesen
Content-Disposition: attachment;
filename="friesen.vcf"
begin:vcard
n:Friesen;Andreas
tel;work:+49(0)271-740-2332
x-mozilla-html:FALSE
org:University of Siegen;Institute for Data Communications Systems
adr:;;;;;;
version:2.1
email;internet:[EMAIL PROTECTED]
title:Dipl.-Ing.
fn:Andreas Friesen
end:vcard
==============0975DB554DCCF1A9E8C2D7F6==
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
