Cryptography-Digest Digest #676, Volume #12 Wed, 13 Sep 00 23:13:01 EDT
Contents:
Re: MIRACL ("bubba")
Re: security of SKID based msg authentication. ("Scott Fluhrer")
Re: Disappearing Email redux (Tommy the Terrorist)
----------------------------------------------------------------------------
From: "bubba" <[EMAIL PROTECTED]>
Subject: Re: MIRACL
Date: Thu, 14 Sep 2000 02:35:45 GMT
I was able to build factor.exe with M$ VC6.
Ignore the warnings for now. You are closer
than you realize. It looks like I had to edit
mr87v.c and mrmuldv.c.
"Soeren Gammelmark" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> First I tried to run BC32DOIT.BAT directly from the /lib directory but
> the compiler couldn't find the source code (MRCORE.C etc...), so I
> copied the batch-file to the /source directory. When I run the batchfile
> there the compiler compiles the majority of the files, however, when it
> compiles mrmuldv.c (I've chosen the standard one, because I belive it
> fits my compiler and computer)
> Here is some of the error/warningmessages I get:
>
> Warning MRCORE.C 335: Condition is always false in function brand
> Warning MRCORE.C 337: Unreachable code in function brand
> Error: Unable to execute command 'tasm32.exe'
> Warning mrmuldv.c 19: Function should return a value in function muldiv
> Warning: '*.OBJ' file not found, where * is multiple files (e.g.
> mrmonty.obj)
> Error: Unresolved external '*' referenced from module file.CPP, where *
> is quite a bit of functions, and file.CPP is BRENT.CPP,
> BIG.CPP,MRIO2.C,MRPRIME.C, MRXGCD.X, MRPOWER.C and so on...
> It is clear to me that the final bundle of errormessages (unresolved
> external...) is the result of the previous warnings and errors.
>
> SG
>
> "Douglas A. Gwyn" wrote:
>
> > Soeren Gammelmark wrote:
> > > When I try to run the BC32DOIT.BAT to create the
> > > library I get tons of error messages.
> >
> > The content of the error messages, especially the first few,
> > should provide a clue as to what is wrong.
>
============================================================================
----
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MRCORE.C:
> Warning MRCORE.C 335: Condition is always false in function brand
> Warning MRCORE.C 337: Unreachable code in function brand
> Warning MRCORE.C 361: Condition is always false in function brand
> Warning MRCORE.C 363: Unreachable code in function brand
> Warning MRCORE.C 830: 'mr_mip' is assigned a value that is never used in
function mirexit
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MRARTH0.C:
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MRARTH1.C:
> Error: Unable to execute command 'tasm32.exe'
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MRARTH2.C:
> Error: Unable to execute command 'tasm32.exe'
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MRALLOC.C:
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MRSMALL.C:
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MRIO1.C:
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MRIO2.C:
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MRGCD.C:
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MRJACK.C:
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MRXGCD.C:
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MRARTH3.C:
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MRRAND.C:
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MRPRIME.C:
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MRCRT.C:
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MRSCRT.C:
> Warning MRSCRT.C 79: Restarting compile using assembly in function scrt
> Error: Unable to execute command 'tasm32.exe'
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MRMONTY.C:
> Error: Unable to execute command 'tasm32.exe'
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MRPOWER.C:
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MRCURVE.C:
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MRFAST.C:
> Warning MRFAST.C 179: Restarting compile using assembly in function
mr_dif_fft
> Error: Unable to execute command 'tasm32.exe'
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MRSHS.C:
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MRAES.C:
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MRSTRONG.C:
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MRLUCAS.C:
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MRBRICK.C:
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MREBRICK.C:
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MRECGF2M.C:
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MRFLASH.C:
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MRFRND.C:
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MRDOUBLE.C:
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MRROUND.C:
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MRBUILD.C:
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MRFLSH1.C:
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MRPI.C:
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MRFLSH2.C:
> Warning MRFLSH2.C 21: Parameter 'w' is never used in function expon
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MRFLSH3.C:
> Warning MRFLSH3.C 62: Parameter 'w' is never used in function tan1
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MRFLSH4.C:
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> mrmuldv.c:
> Warning mrmuldv.c 19: Function should return a value in function muldiv
> Warning mrmuldv.c 29: Function should return a value in function muldvm
> Warning mrmuldv.c 41: Function should return a value in function muldvd
> Error: Unable to execute command 'tasm32.exe'
> TLIB 4.00 Copyright (c) 1987, 1997 Borland International
> TLIB 4.00 Copyright (c) 1987, 1997 Borland International
> TLIB 4.00 Copyright (c) 1987, 1997 Borland International
> TLIB 4.00 Copyright (c) 1987, 1997 Borland International
> Warning: 'mrfast.OBJ' file not found
> TLIB 4.00 Copyright (c) 1987, 1997 Borland International
> Warning: 'mrarth2.OBJ' file not found
> TLIB 4.00 Copyright (c) 1987, 1997 Borland International
> Warning: 'mrmonty.OBJ' file not found
> Warning: 'mrarth1.OBJ' file not found
> Warning: 'mrmuldv.OBJ' file not found
> TLIB 4.00 Copyright (c) 1987, 1997 Borland International
> TLIB 4.00 Copyright (c) 1987, 1997 Borland International
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> BIG.CPP:
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> CRT.CPP:
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> MONTY.CPP:
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> ELLIPTIC.CPP:
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> EC2.CPP:
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> BRENT.CPP:
> Turbo Link Version 2.0.68.0 Copyright (c) 1993,1997 Borland International
> Error: Unresolved external '_divide' referenced from module BRENT.CPP
> Error: Unresolved external '_premult' referenced from module BIG.CPP
> Error: Unresolved external '_multiply' referenced from module BIG.CPP
> Error: Unresolved external '_subdiv' referenced from module BIG.CPP
> Error: Unresolved external '_bytes_to_big' referenced from module BIG.CPP
> Error: Unresolved external '_big_to_bytes' referenced from module BIG.CPP
> Error: Unresolved external '_mad' referenced from module BIG.CPP
> Error: Unresolved external '_normalise' referenced from module BIG.CPP
> Error: Unresolved external '_prepare_monty' referenced from module BIG.CPP
> Error: Unresolved external '_nres' referenced from module BIG.CPP
> Error: Unresolved external '_redc' referenced from module BIG.CPP
> Error: Unresolved external '_nres_negate' referenced from module BIG.CPP
> Error: Unresolved external '_nres_modmult' referenced from module BIG.CPP
> Error: Unresolved external '_nres_premult' referenced from module BIG.CPP
> Error: Unresolved external '_nres_modadd' referenced from module BIG.CPP
> Error: Unresolved external '_nres_modsub' referenced from module BIG.CPP
> Error: Unresolved external '_nres_moddiv' referenced from module BIG.CPP
> Error: Unresolved external '_mr_pmul' referenced from module MRIO2.C
> Error: Unresolved external '_remain' referenced from module MRPRIME.C
> Error: Unresolved external '_muldvm' referenced from module MRXGCD.C
> Error: Unresolved external '_muldiv' referenced from module MRXGCD.C
> Error: Unresolved external '_mr_sdiv' referenced from module MRGCD.C
> Error: Unresolved external '_subdivisible' referenced from module
MRPOWER.C
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> FACTOR.C:
> Warning FACTOR.C 21: Redefinition of 'min' is not identical
> Warning FACTOR.C 1192: Comparing signed and unsigned values in function
qsieve
> Warning FACTOR.C 1202: Comparing signed and unsigned values in function
qsieve
> Warning FACTOR.C 1256: Comparing signed and unsigned values in function
qsieve
> Warning FACTOR.C 1272: Comparing signed and unsigned values in function
qsieve
> Warning FACTOR.C 1304: Comparing signed and unsigned values in function
qsieve
> Turbo Link Version 2.0.68.0 Copyright (c) 1993,1997 Borland International
> Error: Unresolved external '_subdiv' referenced from module FACTOR.C
> Error: Unresolved external '_mad' referenced from module FACTOR.C
> Error: Unresolved external '_divide' referenced from module FACTOR.C
> Error: Unresolved external '_nres_modmult' referenced from module FACTOR.C
> Error: Unresolved external '_nres_modsub' referenced from module FACTOR.C
> Error: Unresolved external '_nres_modadd' referenced from module FACTOR.C
> Error: Unresolved external '_prepare_monty' referenced from module
FACTOR.C
> Error: Unresolved external '_nres' referenced from module FACTOR.C
> Error: Unresolved external '_nres_premult' referenced from module FACTOR.C
> Error: Unresolved external '_nres_moddiv' referenced from module FACTOR.C
> Error: Unresolved external '_premult' referenced from module FACTOR.C
> Error: Unresolved external '_remain' referenced from module FACTOR.C
> Error: Unresolved external '_multiply' referenced from module FACTOR.C
> Error: Unresolved external '_mr_pmul' referenced from module MRIO2.C
> Error: Unresolved external '_muldvm' referenced from module MRXGCD.C
> Error: Unresolved external '_muldiv' referenced from module MRXGCD.C
> Error: Unresolved external '_mr_sdiv' referenced from module MRGCD.C
> Error: Unresolved external '_normalise' referenced from module MRARTH3.C
> Error: Unresolved external '_redc' referenced from module MRPOWER.C
> Error: Unresolved external '_subdivisible' referenced from module
MRPOWER.C
> Error: Unresolved external '_nres_negate' referenced from module MRPOWER.C
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> PK-DEMO.CPP:
> Turbo Link Version 2.0.68.0 Copyright (c) 1993,1997 Borland International
> Error: Unresolved external '_premult' referenced from module BIG.CPP
> Error: Unresolved external '_multiply' referenced from module BIG.CPP
> Error: Unresolved external '_subdiv' referenced from module BIG.CPP
> Error: Unresolved external '_divide' referenced from module BIG.CPP
> Error: Unresolved external '_bytes_to_big' referenced from module BIG.CPP
> Error: Unresolved external '_big_to_bytes' referenced from module BIG.CPP
> Error: Unresolved external '_mad' referenced from module BIG.CPP
> Error: Unresolved external '_normalise' referenced from module BIG.CPP
> Error: Unresolved external '_prepare_monty' referenced from module BIG.CPP
> Error: Unresolved external '_nres' referenced from module BIG.CPP
> Error: Unresolved external '_redc' referenced from module BIG.CPP
> Error: Unresolved external '_nres_negate' referenced from module BIG.CPP
> Error: Unresolved external '_nres_modmult' referenced from module BIG.CPP
> Error: Unresolved external '_nres_premult' referenced from module BIG.CPP
> Error: Unresolved external '_nres_modadd' referenced from module BIG.CPP
> Error: Unresolved external '_nres_modsub' referenced from module BIG.CPP
> Error: Unresolved external '_nres_moddiv' referenced from module BIG.CPP
> Error: Unresolved external '_mr_pmul' referenced from module MRIO2.C
> Error: Unresolved external '_remain' referenced from module MRPRIME.C
> Error: Unresolved external '_muldvm' referenced from module MRXGCD.C
> Error: Unresolved external '_muldiv' referenced from module MRXGCD.C
> Error: Unresolved external '_mr_sdiv' referenced from module MRGCD.C
> Error: Unresolved external '_subdivisible' referenced from module
MRPOWER.C
> Error: Unresolved external '_nres_multi_inverse' referenced from module
MRCURVE.C
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> BMARK.C:
> Turbo Link Version 2.0.68.0 Copyright (c) 1993,1997 Borland International
> Error: Unresolved external '_mr_pmul' referenced from module MRIO2.C
> Error: Unresolved external '_divide' referenced from module MRIO1.C
> Error: Unresolved external '_subdiv' referenced from module MRRAND.C
> Error: Unresolved external '_mad' referenced from module MRPRIME.C
> Error: Unresolved external '_remain' referenced from module MRPRIME.C
> Error: Unresolved external '_mr_sdiv' referenced from module MRARTH3.C
> Error: Unresolved external '_multiply' referenced from module MRARTH3.C
> Error: Unresolved external '_premult' referenced from module MRARTH3.C
> Error: Unresolved external '_normalise' referenced from module MRARTH3.C
> Error: Unresolved external '_nres' referenced from module MRPOWER.C
> Error: Unresolved external '_nres_modmult' referenced from module
MRPOWER.C
> Error: Unresolved external '_prepare_monty' referenced from module
MRPOWER.C
> Error: Unresolved external '_redc' referenced from module MRPOWER.C
> Error: Unresolved external '_subdivisible' referenced from module
MRPOWER.C
> Error: Unresolved external '_nres_modadd' referenced from module MRPOWER.C
> Error: Unresolved external '_nres_modsub' referenced from module MRPOWER.C
> Error: Unresolved external '_nres_negate' referenced from module MRPOWER.C
> Error: Unresolved external '_nres_premult' referenced from module
MRCURVE.C
> Error: Unresolved external '_nres_moddiv' referenced from module MRCURVE.C
> Error: Unresolved external '_nres_multi_inverse' referenced from module
MRCURVE.C
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> FLASH.CPP:
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> SAMPLE.CPP:
> Turbo Link Version 2.0.68.0 Copyright (c) 1993,1997 Borland International
> Error: Unresolved external '_multiply' referenced from module MRFLSH1.C
> Error: Unresolved external '_premult' referenced from module MRFLASH.C
> Error: Unresolved external '_divide' referenced from module MRFLASH.C
> Error: Unresolved external '_subdiv' referenced from module MRFLASH.C
> Error: Unresolved external '_muldvm' referenced from module MRROUND.C
> Error: Unresolved external '_muldiv' referenced from module MRROUND.C
> Error: Unresolved external '_mr_pmul' referenced from module MRIO2.C
> Error: Unresolved external '_mr_sdiv' referenced from module MRARTH3.C
> Error: Unresolved external '_normalise' referenced from module MRARTH3.C
> Error: Unresolved external '_mad' referenced from module MRARTH3.C
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> ECSGEN.CPP:
> Turbo Link Version 2.0.68.0 Copyright (c) 1993,1997 Borland International
> Error: Unresolved external '_premult' referenced from module BIG.CPP
> Error: Unresolved external '_multiply' referenced from module BIG.CPP
> Error: Unresolved external '_subdiv' referenced from module BIG.CPP
> Error: Unresolved external '_divide' referenced from module BIG.CPP
> Error: Unresolved external '_bytes_to_big' referenced from module BIG.CPP
> Error: Unresolved external '_big_to_bytes' referenced from module BIG.CPP
> Error: Unresolved external '_mad' referenced from module BIG.CPP
> Error: Unresolved external '_normalise' referenced from module BIG.CPP
> Error: Unresolved external '_prepare_monty' referenced from module BIG.CPP
> Error: Unresolved external '_nres' referenced from module BIG.CPP
> Error: Unresolved external '_redc' referenced from module BIG.CPP
> Error: Unresolved external '_nres_negate' referenced from module BIG.CPP
> Error: Unresolved external '_nres_modmult' referenced from module BIG.CPP
> Error: Unresolved external '_nres_premult' referenced from module BIG.CPP
> Error: Unresolved external '_nres_modadd' referenced from module BIG.CPP
> Error: Unresolved external '_nres_modsub' referenced from module BIG.CPP
> Error: Unresolved external '_nres_moddiv' referenced from module BIG.CPP
> Error: Unresolved external '_mr_pmul' referenced from module MRIO2.C
> Error: Unresolved external '_remain' referenced from module MRPRIME.C
> Error: Unresolved external '_muldvm' referenced from module MRXGCD.C
> Error: Unresolved external '_muldiv' referenced from module MRXGCD.C
> Error: Unresolved external '_mr_sdiv' referenced from module MRGCD.C
> Error: Unresolved external '_subdivisible' referenced from module
MRPOWER.C
> Error: Unresolved external '_nres_multi_inverse' referenced from module
MRCURVE.C
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> ECSIGN.CPP:
> Turbo Link Version 2.0.68.0 Copyright (c) 1993,1997 Borland International
> Error: Unresolved external '_divide' referenced from module ECSIGN.CPP
> Error: Unresolved external '_premult' referenced from module BIG.CPP
> Error: Unresolved external '_multiply' referenced from module BIG.CPP
> Error: Unresolved external '_subdiv' referenced from module BIG.CPP
> Error: Unresolved external '_bytes_to_big' referenced from module BIG.CPP
> Error: Unresolved external '_big_to_bytes' referenced from module BIG.CPP
> Error: Unresolved external '_mad' referenced from module BIG.CPP
> Error: Unresolved external '_normalise' referenced from module BIG.CPP
> Error: Unresolved external '_prepare_monty' referenced from module BIG.CPP
> Error: Unresolved external '_nres' referenced from module BIG.CPP
> Error: Unresolved external '_redc' referenced from module BIG.CPP
> Error: Unresolved external '_nres_negate' referenced from module BIG.CPP
> Error: Unresolved external '_nres_modmult' referenced from module BIG.CPP
> Error: Unresolved external '_nres_premult' referenced from module BIG.CPP
> Error: Unresolved external '_nres_modadd' referenced from module BIG.CPP
> Error: Unresolved external '_nres_modsub' referenced from module BIG.CPP
> Error: Unresolved external '_nres_moddiv' referenced from module BIG.CPP
> Error: Unresolved external '_mr_pmul' referenced from module MRIO2.C
> Error: Unresolved external '_remain' referenced from module MRPRIME.C
> Error: Unresolved external '_muldvm' referenced from module MRXGCD.C
> Error: Unresolved external '_muldiv' referenced from module MRXGCD.C
> Error: Unresolved external '_mr_sdiv' referenced from module MRGCD.C
> Error: Unresolved external '_subdivisible' referenced from module
MRPOWER.C
> Error: Unresolved external '_nres_multi_inverse' referenced from module
MRCURVE.C
> Borland C++ 5.2 for Win32 Copyright (c) 1993, 1997 Borland International
> ECSVER.CPP:
> Turbo Link Version 2.0.68.0 Copyright (c) 1993,1997 Borland International
> Error: Unresolved external '_divide' referenced from module ECSVER.CPP
> Error: Unresolved external '_premult' referenced from module BIG.CPP
> Error: Unresolved external '_multiply' referenced from module BIG.CPP
> Error: Unresolved external '_subdiv' referenced from module BIG.CPP
> Error: Unresolved external '_bytes_to_big' referenced from module BIG.CPP
> Error: Unresolved external '_big_to_bytes' referenced from module BIG.CPP
> Error: Unresolved external '_mad' referenced from module BIG.CPP
> Error: Unresolved external '_normalise' referenced from module BIG.CPP
> Error: Unresolved external '_prepare_monty' referenced from module BIG.CPP
> Error: Unresolved external '_nres' referenced from module BIG.CPP
> Error: Unresolved external '_redc' referenced from module BIG.CPP
> Error: Unresolved external '_nres_negate' referenced from module BIG.CPP
> Error: Unresolved external '_nres_modmult' referenced from module BIG.CPP
> Error: Unresolved external '_nres_premult' referenced from module BIG.CPP
> Error: Unresolved external '_nres_modadd' referenced from module BIG.CPP
> Error: Unresolved external '_nres_modsub' referenced from module BIG.CPP
> Error: Unresolved external '_nres_moddiv' referenced from module BIG.CPP
> Error: Unresolved external '_mr_pmul' referenced from module MRIO2.C
> Error: Unresolved external '_remain' referenced from module MRPRIME.C
> Error: Unresolved external '_muldvm' referenced from module MRXGCD.C
> Error: Unresolved external '_muldiv' referenced from module MRXGCD.C
> Error: Unresolved external '_mr_sdiv' referenced from module MRGCD.C
> Error: Unresolved external '_subdivisible' referenced from module
MRPOWER.C
> Error: Unresolved external '_nres_multi_inverse' referenced from module
MRCURVE.C
>
------------------------------
From: "Scott Fluhrer" <[EMAIL PROTECTED]>
Subject: Re: security of SKID based msg authentication.
Date: Wed, 13 Sep 2000 19:16:17 -0700
Roger Gammans <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> I was looking for a `simple' msg auth schema, and found the following
> in a quick persual of Schneier + some of my thoughts as I coudn't find
> quite what I wanted:-
>
> So based on SKID we get:-
> Alice needs message M from Bob, and be sure it came from Bob.
>
> 0) Alice & Bob have a pre-arranged long-lived secret K,
> identity token B (for Bob ), and a cryptographic
> hash function H().
>
> 1) Alice choses a random number (Ra) and sends it to Bob.
> with a request for message M.
> 2) Bob choses a random number (Rb) , He then sends Alice:-
> Rb,M,H(K,Ra,Rb,M,B)
>
> 3) Alice can then also compute H(K,Ra,Rb,M,B) to
> verify the message came from Bob.
>
> So are there any _really_ glaring errors in this? - Beyond of
> course the security of H().
Obvious problems:
- Mallet can request any message he wants from Bob. He pretends to be
Alice, picks a random number (aka nonce) Ra, and sends it to Bob with a
request for message M. Bob sends back the response which includes M in the
cleartext. Now, Mallet can't verify that Bob really sent it, but he may be
willing to take his chances.
- When Alice asks Bob for message M, Mallet can intercept that message, and
replace it for a request for message N with the same nonce Ra. Bob then
sends back Rb,N,H(K,Ra,Rb,N,B), and Alice then procedes with the assumption
that message N is the message she asked for.
--
poncho
------------------------------
From: Tommy the Terrorist <[EMAIL PROTECTED]>
Crossposted-To: alt.privacy,uk.legal
Subject: Re: Disappearing Email redux
Date: 14 Sep 2000 02:08:09 GMT
I don't trust this scheme. Sorry, but it sounds like yet another variant
on "key escrow", which is inherently MEANT to be unreliable. While
perhaps someone who has a Windows system to install it on gets some last
minute message I don't know about, so far I see no clear GUARANTEE on the
site that every last copy of the key will really BE deleted. To the
contrary, I see this stuff in the privacy policy (which to be fair is no
more weaselly-worded than any other privacy policy on the Internet......)
"Disappearing Inc. may disclose information about users or information
about their use of the service for the following reasons: as required by
law, such as the Electronic Communications Privacy Act, regulations, or
governmental or legal requests for such information; to disclose
information that is necessary to identify, contact or bring legal action
against someone who may be violating our Terms of Service or other user
policies; to operate the Services properly; or to protect Disappearing
Inc. and our users. This site contains links to other sites. Disappearing
Inc. is not responsible for the privacy practices or the content of these
Web sites."
In other words, they can give away your key whenever they feel like it,
right up until the moment they "destroy" it. More to the point, it
sounds like they can be ordered to hand over the company key that was
supposed to be destroyed on any given day in response to a single court
process. Provided that the FBI or other agencies can maintain a single
simulated "child molestor" on their service sending E-mail every day,
they can confiscate EVERY key and decode EVERY message. (Admittedly, I
didn't see details on how the company-specific key and user-specific key
are combined, but we know the company can display any E-mail that hasn't
expired using ordinary HTML, and I doubt they delete the user specific
key; and if they do then I also am skeptical that the messages are hard
to crack provided the company-specific key is compromised)
Security
"While we make every effort to ensure the integrity and security of our
network and systems, we cannot guarantee that our security measures will
prevent third-party "crackers" from illegally obtaining this information.
Disappearing Inc. is not responsible or liable for any such unauthorized
uses of the Disappearing Email Service or its data."
In other words, when an NSA listening post or CIA tap on the Internet
(such as the one across the street from the AOL Reston facility that all
AOL traffic passes through) intercepts keys being transmitted between the
mirrored servers they say they have, and a single Canadian or Australian
agent hits the "BEER" key (well, the "Spy On Americans" key, actually)
and then "decides" to "share" this intelligence with the U.S. agencies,
all the crypto keys are divulged and this company is not responsible.
P.S. There's also an issue with anonymity. This company,
unsurprisingly, demands the receipt and sending back of an E-mail code
before allowing the software to be downloaded. One "feature" of that
system is that the software could be designed to use that key number as a
built-in identification number, placed in every E-mail sent with it. In
other words, if you send a "disappearing email" through twenty chained
remailers to someone, the E-mail itself is coded with a number directly
tied to the E-mail address you specified before download and the IP
number you used to download with (which they also say they retain in the
"privacy" policy)
In short: "Trusted third parties" AREN'T. If you want secure,
unrecoverable E-mail for yourself or your company, you can run PGP 2.3a
and regularly subject your keys to unrecoverable erasure. I am very
skeptical that this really works (there are too many back doors built
into the operating systems, mail programs, and word processors,
especially Microsoft's) but it has to be better than this.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
