Cryptography-Digest Digest #684, Volume #12 Fri, 15 Sep 00 04:13:01 EDT
Contents:
Re: Decrypt an Adobe serial number? ("Douglas A. Gwyn")
Re: 20 suggestions for cryptographic algorithm designers ("Douglas A. Gwyn")
Re: Decrypt an Adobe serial number? ([EMAIL PROTECTED])
test ("P.C. Teo")
Re: 20 suggestions for cryptographic algorithm designers (Roger Schlafly)
Re: 20 suggestions for cryptographic algorithm designers (Roger Schlafly)
Re: question on the bible code (/dev/null)
Re: question on the bible code (/dev/null)
Re: Lossless compression defeats watermarks (Roger Schlafly)
Re: Police want help cracking code to find Enigma machine (Anders Thulin)
Re: Weaknesses in this algorithm? (Runu Knips)
Re: Comments TC6a please (Runu Knips)
Re: Fresh Meat: New Crypto Algorithms Announced (Mok-Kong Shen)
Re: 20 suggestions for cryptographic algorithm designers (D. J. Bernstein)
Re: "Secrets and Lies" at 50% off (Runu Knips)
Re: Problem with Tiger hash algorithm and binary files (Runu Knips)
Re: 20 suggestions for cryptographic algorithm designers (Runu Knips)
Re: "Secrets and Lies" at 50% off ("Sam Simpson")
Re: 20 suggestions for cryptographic algorithm designers (Runu Knips)
Re: 20 suggestions for cryptographic algorithm designers (D. J. Bernstein)
Re: 20 suggestions for cryptographic algorithm designers (Runu Knips)
Re: Intel's 1.13 MHZ chip (Mok-Kong Shen)
Re: Intel's 1.13 MHZ chip (Mok-Kong Shen)
Re: Recent crypto text (Runu Knips)
----------------------------------------------------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Decrypt an Adobe serial number?
Date: Fri, 15 Sep 2000 00:11:57 -0400
[EMAIL PROTECTED] wrote:
> I have copies of a set of Adobe Pagemaker floppy disks but no
> originals with serial number. Is the SN encrypted on the #1
> install disk? If so, how can I extract?
Seems to me the required-SN is doing its job and you're asking
for help breaking the law (stealing a product). If you in fact
are a licensed user of the software you should have the original
distribution media; if you lost it, you should be registered
with Adobe, so contact them for help.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: 20 suggestions for cryptographic algorithm designers
Date: Fri, 15 Sep 2000 00:24:13 -0400
David Hopwood wrote:
> IMHO the arguments for big-endian order are more compelling.
Unfortunately, some of the ones you gave were bogus.
Both camps can arrange "compelling" arguments for their choice.
I prefer little-endian representation for multiple-precision
applications because it is slightly more efficient on average.
It seldom matters enough to argue about.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Decrypt an Adobe serial number?
Date: Fri, 15 Sep 2000 04:22:52 GMT
NO FURTHER NEED... FIGURED IT OUT AT A "CRACK" WEBSITE.
In article <8prtov$9pu$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> I have copies of a set of Adobe Pagemaker floppy disks but no
originals
> with serial number. Is the SN encrypted on the #1 install disk? If
> so, how can I extract?
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.
>
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: "P.C. Teo" <[EMAIL PROTECTED]>
Subject: test
Date: Fri, 15 Sep 2000 12:40:28 +0800
test
------------------------------
From: Roger Schlafly <[EMAIL PROTECTED]>
Subject: Re: 20 suggestions for cryptographic algorithm designers
Date: Thu, 14 Sep 2000 22:19:18 -0700
"D. J. Bernstein" wrote:
> No. Little-endian is much more widely supported than big-endian, and is
> universally supported by new processors.
Really? I didn't think anyone used it but the Intel Pentium and
DEC Alpha. Sparc, MIPS, etc are big-endian. I believe even some
of the Intel processors can be wired to run big or little endian.
------------------------------
From: Roger Schlafly <[EMAIL PROTECTED]>
Subject: Re: 20 suggestions for cryptographic algorithm designers
Date: Thu, 14 Sep 2000 22:28:11 -0700
David Hopwood wrote:
> + As pointed out in [1], little-endian architectures and protocols are
> often not entirely consistently little-endian, whereas big-endian
> designs tend to be consistently big-endian.
> [1] Danny Cohen,
> "On Holy Wars, and a Plea for Peace,"
> IEN 137, 1 April 1980.
> ftp://ftp.isi.edu/in-notes/ien/ien-137.txt.3
Its complaints about the PDP 11 are not relevant anymore. Since then,
the VAX has died, but Intel and Microsoft have made sure that people
are going to be using little-endian for a long time. All of Microsoft's
binary APIs use little-endian.
------------------------------
From: /dev/null <[EMAIL PROTECTED]>
Crossposted-To: alt.bible.prophecy
Subject: Re: question on the bible code
Date: Fri, 15 Sep 2000 01:31:42 -0400
> Do you realize how almost impossible it is to use the bible code for
> prophecy? The Bible Code is not for telling the future. The bible code
> is simply another dimesion of our Bible, which contains ALL events
> present and past and even those that COULD happen.
The things which COULD happen are irrelevant when the time they MIGHT
happen has passed. Therefore if they are not there for prophecy, why
else would they be there?
> The Bible contains
> all of the wisdom of all time, and that simply is impossible in a
> simple 66 book collection.
No Sir, it is NOT impossible in a 66 book collection. All of the wisdom
of all time can be summed up in just a couple of sentences...
Your comment probably regards knowledge, which is distinctly different
from wisdom.
> Why do you find it so hard to believe that
> there might be a "hidden" dimension to the bible?
Why do you feel that the God of the Bible would hide his truths?
> I think the
> likelihood is great, given our understanding (through his holy word) of
> the nature of God. Very likely.
I think you are thinking emotionally and not logically. If God is
anything
at all he is logical. These things are issues of faith, they always
will
be. It is the requirement of God that we take things on faith. If we
can not believe without physical evidence, we have no faith. If we
believe
with no evidence it is because we love God and choose to believe in what
he has said.
It is a complete waste of your time to put your faith in the mathmatical
manipulations of a book which was written with the full intent that the
most humble could understand it at its face value.
> Romans 1 20 For the invisible things of him from the creation of the
> world are clearly seen,
operative word here is CLEARLY
> being understood by the things that are made,
operative word here is MADE... Created, evident...
> even his eternal power and Godhead;
> so that they are without excuse:
So that those who do not believe are without excuse...
>
Stop worrying yourself with the foolishness of this
trying to decode something which was written in the
plain in the first place... all that it will do in
the end is obscure the simple truth which is right
there on the surface. I have been a Christian for
many, many years and if I could just understand and
live the simple truths which are right there on the
surface, I would have accomplished so very, very much.
This foolishness just blinds you to what you should
concern yourself with.
God has not bothered to HIDE his wisdom or grace or
power. He says it is obvious...
It is, if you have faith.
Have faith, my friend... study the simple truths,
when (and if) you master them, then trouble yourself
with the things which matter so little to humanity
that they may have been hidden from all but a very
few eyes.
> Sent via Deja.com http://www.deja.com/
> Before you buy.
------------------------------
From: /dev/null <[EMAIL PROTECTED]>
Crossposted-To: alt.bible.prophecy
Subject: Re: question on the bible code
Date: Fri, 15 Sep 2000 01:38:11 -0400
> I never have tired to defend the Drosnin book, though I did read it, of
> course, I knew about the code either before or around the same time as
> he did, so I'm not basing any of my findings on his book or his work. I
> am basing my findings on rigorous research by others and myself and
> having proved the code, I need no longer defend anything. I suppose
> there will always be critics, and closed-minded people, who cannot
> understand, or are not willing to spend the time to research the thing
> for themselves. I am the one who is sorry, sorry that I haven't the
> time to share every bit of research I have done, and to teach you
> Hebrew and how the names are transliterated or how the numbers are
> derived, or the calendar dates.. it would take much too long, and I am
> not at all sure anyone would really be interested. I was, and I am now
> quite positive, through over 5 years of research, that the code is
> genuine.
>
Then why aren't you a Christian?
-m-
------------------------------
From: Roger Schlafly <[EMAIL PROTECTED]>
Subject: Re: Lossless compression defeats watermarks
Date: Thu, 14 Sep 2000 23:12:15 -0700
Matthew Skala wrote:
> The success of watermarking schemes, in a world of lossy compression,
> depends upon either the user's willingness to accept signal degradation,
> or the deficiencies of the lossy compression at removing spurious data.
Yes, that's correct, and makes the subject especially tricky.
------------------------------
From: Anders Thulin <[EMAIL PROTECTED]>
Subject: Re: Police want help cracking code to find Enigma machine
Date: Fri, 15 Sep 2000 06:24:08 GMT
"root@localhost " wrote:
> Well it seems to be gone... Was the machine really stolen on April 1st?
http://www.bletchleypark.org.uk/press.htm#theft seems to say so in the
message dated 2 April 2000.
--
Anders Thulin [EMAIL PROTECTED] 040-10 50 63
Telia Prosoft AB, Box 85, S-201 20 Malm�, Sweden
------------------------------
Date: Fri, 15 Sep 2000 08:37:41 +0200
From: Runu Knips <[EMAIL PROTECTED]>
Subject: Re: Weaknesses in this algorithm?
Benjamin Goldberg wrote:
> Runu Knips wrote:
> > Patrick Schultz wrote:
> > > Ok, I see the weakness is in the fact that RC4 is just \xoring a
> > > psuedo-random string with the one-time pad.
> >
> > No, the problem is that sending an OTP encrypted means that
> > you always weaken the security of the whole protocol to the
> > security of the encryition of the OTP. Therefore you can
> > drop the OTP and use that encrytion directly.
>
> But what if that the plaintext has much structure/guessability, eg being
> mostly zeros? If numbers in the range 0..1000 are sent as 4-byte
> values, we *know* 2 bytes are 0, and 6 bits of a 3rd byte are also 0.
> If we encrypt this data directly with a block cipher, we have quite a
> bit of known plaintext, which will significantly assist in breaking that
> block cipher. Doing the thing with the OTP means that the block cipher
> cannot be so easily attacked.
*sigh*
A block cipher which can't resist known plaintext attacks
is considered broken and shouldn't be used.
You can ALWAYS guess some plaintext correctly ! That is a
well-known and old technique to break ciphers. See for
example the ways how the Enigma was broken in WW II.
You might say that there is no check if the decryption was
correct if the encrypted stream was a OTP, i.e. true random
data, but you can simply apply that OTP to the real message
and viola you have the check.
And it is pretty easy to do a plain text attack on this
protocol. Just guess the plain text correctly, then you
have the OTP. With this OTP you can do a plain text
attack on the encrypted OTP. If your cipher is weak,
then you can break the encryption no matter how fantastic
random the OTP is.
You simply gain NOTHING, really, really NOTHING with this
technique.
------------------------------
Date: Fri, 15 Sep 2000 08:40:37 +0200
From: Runu Knips <[EMAIL PROTECTED]>
Subject: Re: Comments TC6a please
Tom St Denis wrote:
> The source is on my webpage at http://geocities.com/tomstdenis/
Hey, Tom, this sounds quite cool and interesting :)
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Fresh Meat: New Crypto Algorithms Announced
Date: Fri, 15 Sep 2000 09:10:28 +0200
David A Molnar wrote:
>
> Mok-Kong Shen <[EMAIL PROTECTED]> wrote:
>
> >> documents, sigh). I see prices of 100 and 1000 EURO's; I think
> >> this is per algorithm.
>
> > So that excludes analysts that are poor and one has 'security
> > through high cost' :-)
>
> Er, do they plan on *deploying* these ciphers in anything?
What could people without money do? In the worst case
they would die for bad nutrition.
M. K. Shen
------------------------------
From: [EMAIL PROTECTED] (D. J. Bernstein)
Subject: Re: 20 suggestions for cryptographic algorithm designers
Date: 15 Sep 2000 06:43:33 GMT
Roger Schlafly <[EMAIL PROTECTED]> wrote:
> Sparc, MIPS, etc are big-endian.
SPARC now supports little-endian access and big-endian access at the
same speed. MIPS can be configured either way. Which ``etc'' did you
have in mind?
---Dan
------------------------------
Date: Fri, 15 Sep 2000 09:05:38 +0200
From: Runu Knips <[EMAIL PROTECTED]>
Crossposted-To: comp.security,comp.security.misc
Subject: Re: "Secrets and Lies" at 50% off
Tom St Denis wrote:
> In article <[EMAIL PROTECTED]>,
> Bruce Schneier <[EMAIL PROTECTED]> wrote:
> > This is the cheapest I've seen the book. I know what the publisher
> > sells the book for, and FatBrain is losing money on every sale. I
> > have no idea if this is a temporary promotion, or how long it will
> > last. But I figured I should get the word out:
> >
> > http://www1.fatbrain.com/asp/bookinfo/bookinfo.asp?theisbn=0471253111
>
> I know you are well intentioned but for the same reason I don't like
> other spammers, I would suggest that you don't do this.
Hmm ? But it is Bruce Schneier ??? Why shouldn't he provide
links where one can get his book cheaper ???? I think many
people in this NG are interested in it.
------------------------------
Date: Fri, 15 Sep 2000 09:13:37 +0200
From: Runu Knips <[EMAIL PROTECTED]>
Subject: Re: Problem with Tiger hash algorithm and binary files
David Hopwood wrote:
> [...] In practice that is also how it is treated for hash function inputs,
> despite most hashes being defined for inputs that are bit sequences. For
> that to work it's essential that hash designers don't change their mind
> about which bit order is meant.
Yep, agreed.
------------------------------
Date: Fri, 15 Sep 2000 09:18:35 +0200
From: Runu Knips <[EMAIL PROTECTED]>
Subject: Re: 20 suggestions for cryptographic algorithm designers
"D. J. Bernstein" wrote:
> David Hopwood <[EMAIL PROTECTED]> wrote:
> > If there is a completely arbitrary choice of byte order, use big-endian.
>
> No. Little-endian is much more widely supported than big-endian, and is
> universally supported by new processors.
????
I'm sorry, but x86/Intanium and Alpha are little endian, while
PPC and UltraSparc are big endian. Do you want to say that PPC
and UltraSparc are NOT actual processors ???
Too, it is not a 'support', its only a architecture decision. It
doesn't change any meaning, it has only to be clear which order
should be used. And it is a bad idea to use something weird such
as the PDP byte ordering.
------------------------------
From: "Sam Simpson" <[EMAIL PROTECTED]>
Crossposted-To: comp.security,comp.security.misc
Subject: Re: "Secrets and Lies" at 50% off
Date: Fri, 15 Sep 2000 08:20:18 +0100
And you wonder why Bruce never posts here any more? ;)
--
Sam Simpson
Comms Analyst
http://www.scramdisk.clara.net/ for ScramDisk hard-drive encryption &
Delphi Crypto Components. PGP Keys available at the same site.
Tom St Denis <[EMAIL PROTECTED]> wrote in message
news:8prii3$sla$[EMAIL PROTECTED]...
> In article <[EMAIL PROTECTED]>,
> Bruce Schneier <[EMAIL PROTECTED]> wrote:
> > This is the cheapest I've seen the book. I know what the
publisher
> > sells the book for, and FatBrain is losing money on every sale.
I
> > have no idea if this is a temporary promotion, or how long it
will
> > last. But I figured I should get the word out:
> >
> >
http://www1.fatbrain.com/asp/bookinfo/bookinfo.asp?theisbn=0471253111
>
> I know you are well intentioned but for the same reason I don't
like
> other spammers, I would suggest that you don't do this.
>
> If you want to talk about your book by all means go ahead, but you
> really are spamming this group.
>
> Just my two cents, and seriously no offence intended.
>
> Tom
>
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.
------------------------------
Date: Fri, 15 Sep 2000 09:23:43 +0200
From: Runu Knips <[EMAIL PROTECTED]>
Subject: Re: 20 suggestions for cryptographic algorithm designers
Roger Schlafly wrote:
> "D. J. Bernstein" wrote:
> > No. Little-endian is much more widely supported than big-endian, and is
> > universally supported by new processors.
>
> Really? I didn't think anyone used it but the Intel Pentium and
> DEC Alpha. Sparc, MIPS, etc are big-endian. I believe even some
> of the Intel processors can be wired to run big or little endian.
Mips is not little or big endian, it is simply switchable.
------------------------------
From: [EMAIL PROTECTED] (D. J. Bernstein)
Subject: Re: 20 suggestions for cryptographic algorithm designers
Date: 15 Sep 2000 07:09:55 GMT
David Hopwood <[EMAIL PROTECTED]> wrote:
> Potentially unaligned data generally needs to be accessed as bytes
So align your data properly. A networking stack built for high speed
will align packets.
> I don't think that the cost of byte order conversion is a significant
> concern for most applications.
Secure MACs are now very, very, very fast---if you provide aligned
little-endian data. Unnecessary twiddling reduces the forgery volume
that you can handle.
> Internet protocols almost universally use big-endian conventions.
Fortunately, this mistake doesn't have much effect on speed. Very few
numbers have to be converted.
---Dan
------------------------------
Date: Fri, 15 Sep 2000 09:40:12 +0200
From: Runu Knips <[EMAIL PROTECTED]>
Subject: Re: 20 suggestions for cryptographic algorithm designers
David Hopwood wrote:
> [big endian is better]
None of your arguments was worth anything. Little endian or
big endian - it just doesn't matter. It has only to be clear
which ordering should be used.
Of course it would be better if all architectures would use
the same ordering, no matter if big or little. We would get
rid of all these problems with network messages and binary
files.
On the other hand, even experienced and good programmers
would then start to write really ugly code which relies on
the byte order.
I prefer big endian for binary formats because one can
read it better in binary dumps. I prefer little endian if
I have to convert a stream of bytes into numbers because
I can save the conversion step. But finally it doesn't
matter, it is just a matter of taste.
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Intel's 1.13 MHZ chip
Date: Fri, 15 Sep 2000 10:03:26 +0200
Jerry Coffin wrote:
>
> I'm convinced that export bans never were effective at all. Call me
> cynical if you will, but I've always been convinced that they were to
> allow ignorant politicians say "ours are bigger than theirs", not to
> protect national security at all.
It apparently did reduce the flow in some measure, though.
Essentially it enabled certain persons who had the proper
'threads' at hand to earn big money.
> The usual thing for generals to brag about is the number of people
> they have under them, but DIRNSA couldn't play that game (the numbers
> are classified, and almost certainly too small to be impressive
> anyway). Therefore, since he couldn't compete directly with them, he
> get something they couldn't. Though I gave rational reasons for
> cancelling Cray IV orders previously, I strongly suspect a lot of the
> REAL reason they cancelled the orders was that Cray IV's were enough
> smaller than they just didn't LOOK so impressive anymore...
To gain impressiveness is in fact often a motivation of
purchasing expensive exquisite things. (Ladies buy diamonds
for that, though artificial diamonds would look almost as
well.) Right in the sixties one company in Munich had an
IBM 360/20 (its mode of operation must be ridiculous
for those acquanited only with today's computers) operating
right behind its show-window so that everybody knew that
it employed wonderful high-tech. Computing centres use to
vaunt the power of their supercomputers, for reasons, among
others, of obtaining more funding. I was told that currently
one supercomputer fairly high at the top of the list of
world's fastest computers is situated in my city.
M. K. Shen
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Intel's 1.13 MHZ chip
Date: Fri, 15 Sep 2000 10:03:37 +0200
"Douglas A. Gwyn" wrote:
>
> The bans were based on the notion that good supercomputers
> made it easier to design nuclear weapons etc., which was
> very likely true at one time.
>
> Loosely coupled toy computers like PCs were never real
> competitors for true supercomputers, because the latter
> gained synergy from tight coupling and extremely high I/O
> bandwidth. However, for certain classes of problems,
> namely those for which parallel computation can proceed
> for quite a ways without any communication between
> processing nodes, loosely coupled arrays can be effective.
> At BRL, early on we acquired an array of high-end Silicon
> Graphics multiprocessors for distributed ray-tracing
> applications; each ray (pixel) required considerable
> computation that did not involve knowing anything about
> other rays (pixels), so the interprocessor communication
> costs were relatively unimportant in that application.
> But for a massive finite-element model, computations at
> one "node" percolate to other nodes, so distributing such
> a computation would be a mistake; a real supercomputer is
> desired.
It is though a cynical historical fact that nowadays
nuclear weapon design depends on computers consisting
of lots of small chips rather than the giant computers
with a few powerful processors.
M. K. Shen
------------------------------
Date: Fri, 15 Sep 2000 09:58:49 +0200
From: Runu Knips <[EMAIL PROTECTED]>
Subject: Re: Recent crypto text
John Savard wrote:
> From the table of contents referenced in the post, it seems to be a
> very mathematical book. [...]
Yep.
> I was surprised to see that the very recent NTRU cryptosystem is among
> those dealt with in the book.
Hey THATS cool ! :-)
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
