Cryptography-Digest Digest #688, Volume #12 Fri, 15 Sep 00 17:13:01 EDT
Contents:
Re: Diffie-Hellman Questions (Eric Lee Green)
Re: Music Industry Offers US$10K for cracking their encryption system
("Abyssmal_Unit_#3")
Re: Lossless compression defeats watermarks (Mike Rosing)
Re: Lossless compression defeats watermarks (Matthew Skala)
Re: SDMI Crypto Challenge (Jim Gillogly)
Re: 20 suggestions for cryptographic algorithm designers (D. J. Bernstein)
Re: Intel's 1.13 MHZ chip (Mok-Kong Shen)
Re: DH -> 3DES (James Moore)
Re: DH -> 3DES (Tom St Denis)
Re: test (Tom St Denis)
Re: "Secrets and Lies" at 50% off (Tom St Denis)
Re: "Secrets and Lies" at 50% off (Tom St Denis)
Re: Comments TC6a please (Tom St Denis)
Re: "Secrets and Lies" at 50% off ("Donald L. Nash")
Re: "Secrets and Lies" at 50% off (Andrew Carol)
Re: Police want help cracking code to find Enigma machine ("root@localhost "
<[EMAIL PROTECTED]>)
Re: "Secrets and Lies" at 50% off (Bill Unruh)
Re: 20 suggestions for cryptographic algorithm designers (wtshaw)
Re: Intel's 1.13 MHZ chip ("Abyssmal_Unit_#3")
Re: Intel's 1.13 MHZ chip ("Abyssmal_Unit_#3")
----------------------------------------------------------------------------
From: Eric Lee Green <[EMAIL PROTECTED]>
Subject: Re: Diffie-Hellman Questions
Date: Fri, 15 Sep 2000 10:59:41 -0700
Future Beacon wrote:
> for the algorithm? Is there any particular way that
> the base and the modulus must be chosen? I assume that
> they must be different primes. I would appreciate the
The base and modulus must generate a prime field. The base Q generally is a
very small prime (like 2 or 3 or 5) while the modulus M is however many bits
of protection you need (a 1024-bit modulus M is preferable).
> --------------------------------------------------------------
> Diffie-Hellman Encryption uses two constants, the base, Q, and
> the modulus, M.
Regarding traits of Q and M, I don't care to guess. There is some argument
about what they should be. My best suggestion at the moment would be to find a
crypto guy you trust, look at what Q and M he suggests, and use those.
--
Eric Lee Green [EMAIL PROTECTED]
Software Engineer "The BRU Guys"
Enhanced Software Technologies, Inc. http://www.estinc.com/
(602) 470-1115 voice (602) 470-1116 fax
------------------------------
From: "Abyssmal_Unit_#3" <[EMAIL PROTECTED]>
Subject: Re: Music Industry Offers US$10K for cracking their encryption system
Date: Fri, 15 Sep 2000 13:56:59 -0400
sounds like they are looking for a cheap and dirty way to test their system!
$10k is a pittance amount for the millions/billions of buks those song lords ask for
on a daily basis!
crack it and distribute the code worldwide.
hate me, & see if it changes the rotation direction of the globe..... :-||
--
best regards,
hapticz
>X(sign here)____________________________________________<
[EMAIL PROTECTED] wrote in message
<[EMAIL PROTECTED]>...
|http://www.msnbc.com/news/460310.asp?cp1=1
------------------------------
From: Mike Rosing <[EMAIL PROTECTED]>
Subject: Re: Lossless compression defeats watermarks
Date: Fri, 15 Sep 2000 12:55:29 -0500
John Savard wrote:
>
> However, I have to admit that I think it is rather difficult, although
> the papers in the book claimed it possible, to make a watermarking
> scheme whose security relies solely on its key. If you know "where"
> the information is hidden, one should be able to mask it by noise. But
> I have to admit that spread-spectrum noise is difficult to deal with
> in that way, and that is one of the other techniques given.
Being difficult to deal with only raises the price of erasing the
watermark. Physical watermarks are possible to duplicate. So
instead of removing a watermark, people may add something that looks
valid. Usually called "counterfiting" (sp?), a watermark which
allows something to be played or not would be worth duplication
rather than elimination.
If something is unique, then proof of ownership should be easy.
A watermark isn't really needed. Proof of authorship is something
different, and duplication of watermarks becomes a problem. I think
crypto can help with the duplication problem, but nothing can
stop removal.
Patience, persistence, truth,
Dr. mike
------------------------------
From: [EMAIL PROTECTED] (Matthew Skala)
Subject: Re: Lossless compression defeats watermarks
Date: 15 Sep 2000 10:58:37 -0700
In article <[EMAIL PROTECTED]>, Tim Tyler <[EMAIL PROTECTED]> wrote:
>Matthew Skala <[EMAIL PROTECTED]> wrote:
>: depends upon either the user's willingness to accept signal degradation,
>: or the deficiencies of the lossy compression at removing spurious data.
>
>...or the fact that some thieves may be unaware of the presence
>of the watermark, and thus make no effort to remove it.
But it's quite likely for "thieves" to put their "stolen goods" through
lossy compression for other reasons anyway; and stripping watermarks is a
property of lossy compression per se, even when not deliberately invoked
for that purpose.
--
Matthew Skala
[EMAIL PROTECTED] I'm recording the boycott industry!
http://www.islandnet.com/~mskala/
------------------------------
From: Jim Gillogly <[EMAIL PROTECTED]>
Subject: Re: SDMI Crypto Challenge
Date: Fri, 15 Sep 2000 18:19:47 +0000
"Douglas A. Gwyn" wrote:
> Quite often, such things are done so the purveyor can then assure
> their customers that nobody was able to break their stuff, i.e.
> false feeling of security used as a marketing tool.
Yup. And it might not even be the full three weeks of dedicated
hackery -- there's still no content at http://www.hacksdmi.org .
Looks pretty meaningless so far, like the Jaws and Meganet challenges
of fond memory.
--
Jim Gillogly
Sterday, 24 Halimath S.R. 2000, 18:17
12.19.7.9.18, 7 Edznab 1 Chen, Ninth Lord of Night
------------------------------
From: [EMAIL PROTECTED] (D. J. Bernstein)
Subject: Re: 20 suggestions for cryptographic algorithm designers
Date: 15 Sep 2000 18:26:36 GMT
Runu Knips <[EMAIL PROTECTED]> wrote:
> PPC and UltraSparc are big endian.
No. Both architectures now support little-endian loads and stores. IBM
and Sun both say that the speed is the same as big-endian on their
current chips.
---Dan
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Intel's 1.13 MHZ chip
Date: Fri, 15 Sep 2000 21:17:53 +0200
Jerry Coffin wrote:
>
> Rather the contrary: as I said, I'm quite certain reasonable uses to
> justify the purchases were found after the fact. This happens both
> inside and outside of the government on an _extremely_ regular basis.
I like to say that my experiences in a domain of public
services conform very well to what you stated above. On
the other hand it is common knowledge that users' appetite
for computing resources is insatiable. If one suddenly
augments the capacity by tenfold, one would very likely
find after one year that one is again at the point of
full load.
M. K. Shen
------------------------------
From: James Moore <[EMAIL PROTECTED]>
Subject: Re: DH -> 3DES
Date: Fri, 15 Sep 2000 19:07:19 GMT
In article <8prhkb$ric$[EMAIL PROTECTED]>,
Tom St Denis <[EMAIL PROTECTED]> wrote:
> > Any need to check for weak DES keys? And what if you find them?
>
> There are so few weak DES keys that checking is generally not
> required. You can though, test and reject them if you like...
If you find a set of D-H parameters that generate weak DES keys, please
post your results !
Jim Moore
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: DH -> 3DES
Date: Fri, 15 Sep 2000 19:28:43 GMT
In article <8pts0o$f9l$[EMAIL PROTECTED]>,
James Moore <[EMAIL PROTECTED]> wrote:
> In article <8prhkb$ric$[EMAIL PROTECTED]>,
> Tom St Denis <[EMAIL PROTECTED]> wrote:
> > > Any need to check for weak DES keys? And what if you find them?
> >
> > There are so few weak DES keys that checking is generally not
> > required. You can though, test and reject them if you like...
>
> If you find a set of D-H parameters that generate weak DES keys,
please
> post your results !
When you either hash the secret or use a random symmetric key it's
possible to get a des weak key.
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: test
Date: Fri, 15 Sep 2000 19:34:10 GMT
In article <8ps97n$eu8$[EMAIL PROTECTED]>,
"P.C. Teo" <[EMAIL PROTECTED]> wrote:
> test
>
Congrats you passed!
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Crossposted-To: comp.security,comp.security.misc
Subject: Re: "Secrets and Lies" at 50% off
Date: Fri, 15 Sep 2000 19:32:19 GMT
In article <[EMAIL PROTECTED]>,
"Sam Simpson" <[EMAIL PROTECTED]> wrote:
> And you wonder why Bruce never posts here any more? ;)
So that means I can post information-less posts about products I sell
too?
Why are we letting him do this?
Hey Bruce, wanna mention your book, how about discussing aspects of it?
Oh I forgot he's Bruce he can do whatever he wants because he does no
wrong.
and BTW I am not attacking him if that is what you were alluding to. I
was merely pointing out the circumstances.
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Crossposted-To: comp.security,comp.security.misc
Subject: Re: "Secrets and Lies" at 50% off
Date: Fri, 15 Sep 2000 19:32:59 GMT
In article <[EMAIL PROTECTED]>,
Runu Knips <[EMAIL PROTECTED]> wrote:
> Tom St Denis wrote:
> > In article <[EMAIL PROTECTED]>,
> > Bruce Schneier <[EMAIL PROTECTED]> wrote:
> > > This is the cheapest I've seen the book. I know what the
publisher
> > > sells the book for, and FatBrain is losing money on every sale. I
> > > have no idea if this is a temporary promotion, or how long it will
> > > last. But I figured I should get the word out:
> > >
> > > http://www1.fatbrain.com/asp/bookinfo/bookinfo.asp?
theisbn=0471253111
> >
> > I know you are well intentioned but for the same reason I don't like
> > other spammers, I would suggest that you don't do this.
>
> Hmm ? But it is Bruce Schneier ??? Why shouldn't he provide
> links where one can get his book cheaper ???? I think many
> people in this NG are interested in it.
If I was interested in his book I would want to know about the contents
and the purpose, not just the cost.
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: Comments TC6a please
Date: Fri, 15 Sep 2000 19:33:36 GMT
In article <[EMAIL PROTECTED]>,
Runu Knips <[EMAIL PROTECTED]> wrote:
> Tom St Denis wrote:
> > The source is on my webpage at http://geocities.com/tomstdenis/
>
> Hey, Tom, this sounds quite cool and interesting :)
Good comments (thanks for replying) any technical/mathy comments?
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: "Donald L. Nash" <[EMAIL PROTECTED]>
Crossposted-To: comp.security,comp.security.misc
Subject: Re: "Secrets and Lies" at 50% off
Date: Fri, 15 Sep 2000 14:57:35 -0500
In article <8pttha$hf6$[EMAIL PROTECTED]>, Tom St Denis
<[EMAIL PROTECTED]> wrote:
>If I was interested in his book I would want to know about the contents
>and the purpose, not just the cost.
That has already been discussed. At the very least, links to web pages
describing the book (even containing excerpts from it), have been
posted. Bruce probably didn't want to repeat what had already been said.
--
Donald L. Nash, <[EMAIL PROTECTED]>, PGP Key ID: 0x689DA021
The University of Texas System Office of Telecommunication Services
------------------------------
From: Andrew Carol <[EMAIL PROTECTED]>
Crossposted-To: comp.security,comp.security.misc
Subject: Re: "Secrets and Lies" at 50% off
Date: Fri, 15 Sep 2000 13:11:50 -0700
In article <8pttha$hf6$[EMAIL PROTECTED]>, Tom St Denis
<[EMAIL PROTECTED]> wrote:
> If I was interested in his book I would want to know about the contents
> and the purpose, not just the cost.
Few usenet posts live in isolation. Other posts have provided
information regarding the content of that on-subject book. His post
simply added more facts (specificly availability and price) on a book
that has already garnered some interest and discussion here.
Unlike SPAM, his post was short, about a book of interest to this
particular forum, and sent only once.
He does not have a history of simply popping in to shill books but
contributes enourmous amounts of useful information to this group.
While you may not be interested in the availibility and price of the
book, other might be. It is quite easy for you to simply skip those
posts.
If you are worried about wasted bandwidth and being "off-topic" I would
point out that you have spent much more bandwidth and been more
"off-topic" than the original post.
---- Andy
------------------------------
From: "root@localhost <spamthis>" <[EMAIL PROTECTED]>
Subject: Re: Police want help cracking code to find Enigma machine
Date: Fri, 15 Sep 2000 16:09:16 -0400
Anders Thulin wrote:
Anders, Is the initial post with the message text still on the servers
that you are getting your news from?
It is gone on this end... The original post seems to have dropped off
of the news server I read.
???
--
If children don't know why their grandparents did what they
did, shall those children know what is worth preserving and what
should change?
http://www.cryptography.org/getpgp.htm
------------------------------
From: [EMAIL PROTECTED] (Bill Unruh)
Crossposted-To: comp.security,comp.security.misc
Subject: Re: "Secrets and Lies" at 50% off
Date: 15 Sep 2000 20:40:31 GMT
In <8pttg3$hda$[EMAIL PROTECTED]> Tom St Denis <[EMAIL PROTECTED]> writes:
]In article <[EMAIL PROTECTED]>,
] "Sam Simpson" <[EMAIL PROTECTED]> wrote:
]> And you wonder why Bruce never posts here any more? ;)
]So that means I can post information-less posts about products I sell
]too?
Try it and see if people are interested.
]Why are we letting him do this?
Because "we" are interested in the subject.
]Hey Bruce, wanna mention your book, how about discussing aspects of it?
]Oh I forgot he's Bruce he can do whatever he wants because he does no
]wrong.
No, he can do this because people are interested.
You raised a possibly legitimate point, in asking whether the community
felt that post was appropriate. The consensus was that it was. You might
not, but then there is lots that is posted that I do not like, but just
ignore. That is one of the "expenses" of a free public forum.
Is it "fair"? Sure. If you realise that the purpose of these things is
to be a public forum in which people can try things and see what the
response is. This is not some public debate where all sides must be
given equal airtime. This is a discussion group where the topics for
discussion are determined by the interests of the group. Sometimes they
wander far afield, and have to be brought back.
At this point your harping on this issue begins to make you look like
the looney here. You have also brought far far far more attention to
Bruce's post than the post itself ever got.
]and BTW I am not attacking him if that is what you were alluding to. I
]was merely pointing out the circumstances.
But what is the purpose of this post? It is not merely pointing out the
circumstances. It is railing at the group for its opinion that they find
such a posting by Bruce acceptable ( where they might not find a similar
post by you acceptable).
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: 20 suggestions for cryptographic algorithm designers
Date: Fri, 15 Sep 2000 14:18:13 -0600
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] (D. J.
Bernstein) wrote:
> Runu Knips <[EMAIL PROTECTED]> wrote:
> > PPC and UltraSparc are big endian.
>
> No. Both architectures now support little-endian loads and stores. IBM
> and Sun both say that the speed is the same as big-endian on their
> current chips.
>
> ---Dan
Again, John Swift should be animated with laughter over his old parody on
senseless arguments.
--
Rats! (What Gov. Bush is apt to say the morning after the election)
------------------------------
From: "Abyssmal_Unit_#3" <[EMAIL PROTECTED]>
Subject: Re: Intel's 1.13 MHZ chip
Date: Fri, 15 Sep 2000 16:52:34 -0400
he he he,,,,,
i thought the ibm 1620 with its banks of incandescent flashing bulbs along with the
clatter of hundreds of relays was definitely a
crowd pleaser. made all my friends think some powerful stuff was actually being done.
actually the quantity of energy being
squandered to solve a petty equation ten million times over was really quite
ridiculous as i think back.
then there was the ibm 1130, much quieter and useful.
but still those blasted card punch stations made a nice resounding commotion...
and this was 1969/70 or so, i think....
ahhhhhh, memory lane, such a gas!
anybody want to collaborate on a book full of anecdotes about "old" computers??
--
best regards,
hapticz
>X(sign here)____________________________________________<
Mok-Kong Shen wrote in message <[EMAIL PROTECTED]>...
|
|
|"Trevor L. Jackson, III" wrote:
|>
|> Guy Macon wrote:
|>
|> > Mok-Kong Shen wrote:
|> >
|> > >To gain impressiveness is in fact often a motivation of
|> > >purchasing expensive exquisite things. (Ladies buy diamonds
|> > >for that, though artificial diamonds would look almost as
|> > >well.)
|> >
|> > Correction: The best imitation (not the same as artificial)
|> > diamonds are indistinguishable from real diamonds with the
|> > naked eye.
|> >
|> > >Right in the sixties one company in Munich had an
|> > >IBM 360/20 (its mode of operation must be ridiculous
|> > >for those acquanited only with today's computers) operating
|> > >right behind its show-window so that everybody knew that
|> > >it employed wonderful high-tech.
|> >
|> > Don't be silly! Nobody did such a thing - I was there and
|> > saw for myself. Companies put banks of tape drives and
|> > operator consoles behind the big windows. The actual
|> > computer was always put in the background.
|> >
|> > (Exception: Connection Machines and soe Crays looked cool
|> > enough to put up front. Not the IBM or DEC metal cabinets,
|> > though - too boring.)
|>
|> I'm not sure it was the /20, but the models with the register displays
|> often caused trouble during extended floating point operations. Since
|> FP instruction sequences do not influence the contents of the integer
|> registers, the register display will appear to freeze during extended
|> (supercomputer-like) FP calculations.
|>
|> Since this was a big enough problem to fool operators into IPLing the
|> machine because they thought it had crashed, imagine what effect this
|> would have upon an audience marveling at the speed of the machine!
|
|I doubt that there are readers of this thread that had
|experience with the IBM 360/20. This was at the lowest end
|of the 360 series. It would be heaven and earth if one were
|to compare, say, the IBM 360/91 with it. The 360/20 had an
|extremely small memory. The only compilier available was an
|assmbler, of course with a very limited instruction set
|specific to that tiny model. One first loaded the assembler
|(a deck of cards) into the machine. Then one loaded one's
|program (a deck of cards) into it. The machine then punched
|out a deck of cards. One loaded that deck again into the
|machine to be processed by the assembler a second time. The
|machine punched out again a card deck. One finally loaded
|this deck into the machine (overwriting the assmebler)
|and started the program run. I would be interested to
|know if any readers had had comparable experiences.
|
|M. K. Shen
------------------------------
From: "Abyssmal_Unit_#3" <[EMAIL PROTECTED]>
Subject: Re: Intel's 1.13 MHZ chip
Date: Fri, 15 Sep 2000 16:57:45 -0400
yes, that is it, it is exactly the benefit of a coherently associated system provided
by the "supercomputer" that give it the vast
advantage over other mechanical composites provided by a spread of various machine's
more loosely coupled.
simulation of realtime stuff demands "atom-like" interaction capacity. ;-))
(but it still doesnt grow enough corn to feed my family!)
-
-
best regards,
hapticz
>X(sign here)____________________________________________<
Douglas A. Gwyn wrote in message <[EMAIL PROTECTED]>...
|Mok-Kong Shen wrote:
|> That the PC-chips become very fast have two implications.
|> First, it is possible to use lots of them to obtain rather
|> cheap supercomputing power (for appropriate programs) that
|> was not possible previously. (Whether supercomputers are
|> to be superceded by clusters in the near future is debatable.
|> But that's not the point here.) Second, because of that, the
|> export bans of supercomputers to the unfriendly nations are
|> no longer very effective. (I read somewhere, though, that
|> the export bans as such were at no time absolutely effective
|> as a matter of fact.)
|
|The bans were based on the notion that good supercomputers
|made it easier to design nuclear weapons etc., which was
|very likely true at one time.
|
|Loosely coupled toy computers like PCs were never real
|competitors for true supercomputers, because the latter
|gained synergy from tight coupling and extremely high I/O
|bandwidth. However, for certain classes of problems,
|namely those for which parallel computation can proceed
|for quite a ways without any communication between
|processing nodes, loosely coupled arrays can be effective.
|At BRL, early on we acquired an array of high-end Silicon
|Graphics multiprocessors for distributed ray-tracing
|applications; each ray (pixel) required considerable
|computation that did not involve knowing anything about
|other rays (pixels), so the interprocessor communication
|costs were relatively unimportant in that application.
|But for a massive finite-element model, computations at
|one "node" percolate to other nodes, so distributing such
|a computation would be a mistake; a real supercomputer is
|desired.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
