Cryptography-Digest Digest #720, Volume #12 Tue, 19 Sep 00 20:13:00 EDT
Contents:
Re: Proper way to intro a new algorithm to sci.crypt? (Albert Yang)
Re: transformation completeness and avalanche effect (Andru Luvisi)
Re: Proper way to intro a new algorithm to sci.crypt? ("David C. Barber")
Sample RC4 plaintext/ciphertext ([EMAIL PROTECTED])
Re: Proper way to intro a new algorithm to sci.crypt? ("Paul Pires")
Re: RC4: Tradeoff key/initialization vector size? (Gregory G Rose)
Re: Sample RC4 plaintext/ciphertext ("Neal Bridges")
Re: A conjecture - thoughts? (Matthew Skala)
Re: "Secrets and Lies" at 50% off (Terry Ritter)
Re: Sample RC4 plaintext/ciphertext (Doug Stell)
Re: Proper way to intro a new algorithm to sci.crypt? (Albert Yang)
Re: ExCSS Source Code (Eric Smith)
Re: "Secrets and Lies" at 50% off (Alan J Rosenthal)
Re: CDMA tracking (was Re: GSM tracking) (Eric Smith)
Re: Proper way to intro a new algorithm to sci.crypt? ("David C. Barber")
Re: Quasi Algorithms / Quasi Functions and Polymorph Encryption [an (Mok-Kong Shen)
----------------------------------------------------------------------------
From: Albert Yang <[EMAIL PROTECTED]>
Subject: Re: Proper way to intro a new algorithm to sci.crypt?
Date: Tue, 19 Sep 2000 21:17:19 GMT
Paul Pires wrote:
<snip>
> Miss-spell single syllable words, make unfounded and preposterous claims
> and insult anyone who has a clue with reckless abandon.
>
> When folks respond, insult them personally.
>
> Seems to work.
>
> Paul
I can handle the miss-spelling of single syllable words (do it all the
time), I can make unfounded and preposterous claims (took a marketing
class) I can insult anyone who has a clue with reckless abandonment
(I'm Chinese, it's innate!)
When folks respond, insult them personally. That's where I draw the
line, I'm chinese, not a democrat...
Thanks to those of you who sent me the FAQ.
Albert.
------------------------------
From: Andru Luvisi <[EMAIL PROTECTED]>
Subject: Re: transformation completeness and avalanche effect
Date: 19 Sep 2000 14:23:52 -0700
"Stanley" <[EMAIL PROTECTED]> writes:
> Andru,
>
> Could you explain why DES encryption = T(p XOR k) and decryption=U(c) XOR k?
T(x) = DES_ENCRYPT_WITH_ZERO_KEY(x)
U(x) = DES_DECRYPT_WITH_ZERO_KEY(x)
I was not proposing an attack on DES, I was using it to achieve
defusion in a weak algorithm which has avalanch but still stinks.
Andru
--
Andru Luvisi, Programmer/Analyst
------------------------------
From: "David C. Barber" <[EMAIL PROTECTED]>
Subject: Re: Proper way to intro a new algorithm to sci.crypt?
Date: Tue, 19 Sep 2000 14:37:54 -0700
Claim it's your very first cipher, and that it's Absolutely Unbreakable.
:^)
*David Barber*
"Albert Yang" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Can anybody give me a quick run-through of the proper way to introduce a
> new algorithm to Sci.crypt?
>
> I'd like to intro a new algorithm here that I just finished up.
>
> Thanks.
> Albert
------------------------------
From: [EMAIL PROTECTED]
Subject: Sample RC4 plaintext/ciphertext
Date: Tue, 19 Sep 2000 21:53:28 GMT
========================================================================
I recently coded an implementation of RC4 (based on info from the
Internet) - but want to ensure that it has been done right.
Could someone be kind enough to post/send a some sample data by which I
can verify the code. I don't use any salting - so all I would need is
some plaintext, and corresponding ciphertext and the key.
Thanks.
- Grank
========================================================================
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: "Paul Pires" <[EMAIL PROTECTED]>
Subject: Re: Proper way to intro a new algorithm to sci.crypt?
Date: Tue, 19 Sep 2000 15:01:35 -0700
Albert Yang <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
>
>
> Paul Pires wrote:
>
> <snip>
>
> > Miss-spell single syllable words, make unfounded and preposterous claims
> > and insult anyone who has a clue with reckless abandon.
> >
> > When folks respond, insult them personally.
> >
> > Seems to work.
> >
> > Paul
>
> I can handle the miss-spelling of single syllable words (do it all the
> time), I can make unfounded and preposterous claims (took a marketing
> class) I can insult anyone who has a clue with reckless abandonment
> (I'm Chinese, it's innate!)
>
> When folks respond, insult them personally. That's where I draw the
> line, I'm chinese, not a democrat...
Ya got me :-)
Paul
>
> Thanks to those of you who sent me the FAQ.
> Albert.
------------------------------
From: [EMAIL PROTECTED] (Gregory G Rose)
Subject: Re: RC4: Tradeoff key/initialization vector size?
Date: 19 Sep 2000 15:15:05 -0700
In article <[EMAIL PROTECTED]>,
Paul Rubin <[EMAIL PROTECTED]> wrote:
<[EMAIL PROTECTED] writes:
<> It is far from clear that hashing the user key improves the security of RC4.
<
<If hashing doesn't help, then RC4 would be a very simple and fast
<secure hash function all by itself. So why does anyone bother with
<SHA?
Because it is easy to construct collisions.
Resistance to this is required of hash functions,
but not of stream ciphers. There are very few
things out there that look like stream ciphers
which could also be used as hash functions...
Panama was specifically designed with this in
mind, and SEAL probably would work (since it is
based on SHA-1), but those are the only two I know
of.
Greg.
--
Greg Rose INTERNET: [EMAIL PROTECTED]
QUALCOMM Australia VOICE: +61-2-9181 4851 FAX: +61-2-9181 5470
Suite 410, Birkenhead Point http://people.qualcomm.com/ggr/
Drummoyne NSW 2047 B5 DF 66 95 89 68 1F C8 EF 29 FA 27 F2 2A 94 8F
------------------------------
From: "Neal Bridges" <[EMAIL PROTECTED]>
Subject: Re: Sample RC4 plaintext/ciphertext
Date: Tue, 19 Sep 2000 22:48:44 GMT
<[EMAIL PROTECTED]> wrote in message news:8q8n8e$klm$[EMAIL PROTECTED]...
> ------------------------------------------------------------------------
> I recently coded an implementation of RC4 (based on info from the
> Internet) - but want to ensure that it has been done right.
>
> Could someone be kind enough to post/send a some sample data by which I
> can verify the code. I don't use any salting - so all I would need is
> some plaintext, and corresponding ciphertext and the key.
Here are four test vectors, reportedly from BSAFE2, an official RC4 product:
Test vector 0
Key: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef
Input: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef
Output: 0x75 0xb7 0x87 0x80 0x99 0xe0 0xc5 0x96
Test vector 1
Key: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef
Input: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
Output: 0x74 0x94 0xc2 0xe7 0x10 0x4b 0x08 0x79
Test vector 2
Key: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
Input: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
Output: 0xde 0x18 0x89 0x41 0xa3 0x37 0x5d 0x3a
Test vector 3
Key: 0xef 0x01 0x23 0x45
Input: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
Output: 0xd6 0xa1 0x41 0xa7 0xec 0x3c 0x38 0xdf 0xbd 0x61
--
Neal Bridges
<http://www.quartus.net> Quartus Handheld Software!
------------------------------
From: [EMAIL PROTECTED] (Matthew Skala)
Subject: Re: A conjecture - thoughts?
Date: 19 Sep 2000 15:08:53 -0700
In article <[EMAIL PROTECTED]>, John Myre <[EMAIL PROTECTED]> wrote:
>Oops, (four choose two) is six.
You're right. That post was the result of writing a short computer
program to test all the possibilities, attempting to come up with a
theoretical explanation that would be easier to state than just
enumerating them, and (apparently) not thinking it through far enough.
--
Matthew Skala
[EMAIL PROTECTED] I'm recording the boycott industry!
http://www.islandnet.com/~mskala/
------------------------------
From: [EMAIL PROTECTED] (Terry Ritter)
Crossposted-To: comp.security,comp.security.misc
Subject: Re: "Secrets and Lies" at 50% off
Date: Tue, 19 Sep 2000 23:09:36 GMT
On Tue, 19 Sep 2000 16:51:11 GMT, in <[EMAIL PROTECTED]>,
in sci.crypt Albert Yang <[EMAIL PROTECTED]> wrote:
>This is how I see it:
>
>[...]
>2) There are people who are slightly more privileged than others.
I think you see things very, very wrong.
---
Terry Ritter [EMAIL PROTECTED] http://www.io.com/~ritter/
Crypto Glossary http://www.io.com/~ritter/GLOSSARY.HTM
------------------------------
From: [EMAIL PROTECTED] (Doug Stell)
Subject: Re: Sample RC4 plaintext/ciphertext
Date: Tue, 19 Sep 2000 22:56:48 GMT
On Tue, 19 Sep 2000 21:53:28 GMT, [EMAIL PROTECTED] wrote:
>I recently coded an implementation of RC4 (based on info from the
>Internet) - but want to ensure that it has been done right.
>
>Could someone be kind enough to post/send a some sample data by which I
>can verify the code. I don't use any salting - so all I would need is
>some plaintext, and corresponding ciphertext and the key.
>
>Thanks.
>
>- Grank
>------------------------------------------------------------------------
Since RC4 is a stream cipher, you don't really need
plaintext/ciphertext pairs. You just need is the key stream it
generates.
Here's the "official" U.S. State Dept test vector for 40-bit RC4,
supplied once upon a time by Kent Briggs:
key: 0x61 0x8a 0x63 0xd2 0xfb
plaintext: 0xdc 0xee 0x4c 0xf9 0x2c
ciphertext: 0xf1 0x38 0x29 0xc9 0xde
Here's the test vectors from the Internet-Draft for ARCFOUR
Appendix
A. Test Vectors
1. Test Vectors from [CRYPTLIB]:
Plain Text:
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
Key:
0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF
Cipher Text:
0x74, 0x94, 0xC2, 0xE7, 0x10, 0x4B, 0x08, 0x79
2. Test Vectors from [COMMERCE]:
Plain Text:
0xdc, 0xee, 0x4c, 0xf9, 0x2c
Key:
0x61, 0x8a, 0x63, 0xd2, 0xfb
Cipher Text:
0xf1, 0x38, 0x29, 0xc9, 0xde
3. Test Vectors from [SSH ARCFOUR]:
Plain Text:
0x52, 0x75, 0x69, 0x73, 0x6c, 0x69, 0x6e, 0x6e,
0x75, 0x6e, 0x20, 0x6c, 0x61, 0x75, 0x6c, 0x75,
0x20, 0x6b, 0x6f, 0x72, 0x76, 0x69, 0x73, 0x73,
0x73, 0x61, 0x6e, 0x69, 0x2c, 0x20, 0x74, 0xe4,
0x68, 0x6b, 0xe4, 0x70, 0xe4, 0x69, 0x64, 0x65,
0x6e, 0x20, 0x70, 0xe4, 0xe4, 0x6c, 0x6c, 0xe4,
0x20, 0x74, 0xe4, 0x79, 0x73, 0x69, 0x6b, 0x75,
0x75, 0x2e, 0x20, 0x4b, 0x65, 0x73, 0xe4, 0x79,
0xf6, 0x6e, 0x20, 0x6f, 0x6e, 0x20, 0x6f, 0x6e,
0x6e, 0x69, 0x20, 0x6f, 0x6d, 0x61, 0x6e, 0x61,
0x6e, 0x69, 0x2c, 0x20, 0x6b, 0x61, 0x73, 0x6b,
0x69, 0x73, 0x61, 0x76, 0x75, 0x75, 0x6e, 0x20,
0x6c, 0x61, 0x61, 0x6b, 0x73, 0x6f, 0x74, 0x20,
0x76, 0x65, 0x72, 0x68, 0x6f, 0x75, 0x75, 0x2e,
0x20, 0x45, 0x6e, 0x20, 0x6d, 0x61, 0x20, 0x69,
0x6c, 0x6f, 0x69, 0x74, 0x73, 0x65, 0x2c, 0x20,
0x73, 0x75, 0x72, 0x65, 0x20, 0x68, 0x75, 0x6f,
0x6b, 0x61, 0x61, 0x2c, 0x20, 0x6d, 0x75, 0x74,
0x74, 0x61, 0x20, 0x6d, 0x65, 0x74, 0x73, 0xe4,
0x6e, 0x20, 0x74, 0x75, 0x6d, 0x6d, 0x75, 0x75,
0x73, 0x20, 0x6d, 0x75, 0x6c, 0x6c, 0x65, 0x20,
0x74, 0x75, 0x6f, 0x6b, 0x61, 0x61, 0x2e, 0x20,
0x50, 0x75, 0x75, 0x6e, 0x74, 0x6f, 0x20, 0x70,
0x69, 0x6c, 0x76, 0x65, 0x6e, 0x2c, 0x20, 0x6d,
0x69, 0x20, 0x68, 0x75, 0x6b, 0x6b, 0x75, 0x75,
0x2c, 0x20, 0x73, 0x69, 0x69, 0x6e, 0x74, 0x6f,
0x20, 0x76, 0x61, 0x72, 0x61, 0x6e, 0x20, 0x74,
0x75, 0x75, 0x6c, 0x69, 0x73, 0x65, 0x6e, 0x2c,
0x20, 0x6d, 0x69, 0x20, 0x6e, 0x75, 0x6b, 0x6b,
0x75, 0x75, 0x2e, 0x20, 0x54, 0x75, 0x6f, 0x6b,
0x73, 0x75, 0x74, 0x20, 0x76, 0x61, 0x6e, 0x61,
0x6d, 0x6f, 0x6e, 0x20, 0x6a, 0x61, 0x20, 0x76,
0x61, 0x72, 0x6a, 0x6f, 0x74, 0x20, 0x76, 0x65,
0x65, 0x6e, 0x2c, 0x20, 0x6e, 0x69, 0x69, 0x73,
0x74, 0xe4, 0x20, 0x73, 0x79, 0x64, 0xe4, 0x6d,
0x65, 0x6e, 0x69, 0x20, 0x6c, 0x61, 0x75, 0x6c,
0x75, 0x6e, 0x20, 0x74, 0x65, 0x65, 0x6e, 0x2e,
0x20, 0x2d, 0x20, 0x45, 0x69, 0x6e, 0x6f, 0x20,
0x4c, 0x65, 0x69, 0x6e, 0x6f
Key:
0x29, 0x04, 0x19, 0x72, 0xfb, 0x42, 0xba, 0x5f,
0xc7, 0x12, 0x77, 0x12, 0xf1, 0x38, 0x29, 0xc9
Cipher Text:
0x35, 0x81, 0x86, 0x99, 0x90, 0x01, 0xe6, 0xb5,
0xda, 0xf0, 0x5e, 0xce, 0xeb, 0x7e, 0xee, 0x21,
0xe0, 0x68, 0x9c, 0x1f, 0x00, 0xee, 0xa8, 0x1f,
0x7d, 0xd2, 0xca, 0xae, 0xe1, 0xd2, 0x76, 0x3e,
0x68, 0xaf, 0x0e, 0xad, 0x33, 0xd6, 0x6c, 0x26,
0x8b, 0xc9, 0x46, 0xc4, 0x84, 0xfb, 0xe9, 0x4c,
0x5f, 0x5e, 0x0b, 0x86, 0xa5, 0x92, 0x79, 0xe4,
0xf8, 0x24, 0xe7, 0xa6, 0x40, 0xbd, 0x22, 0x32,
0x10, 0xb0, 0xa6, 0x11, 0x60, 0xb7, 0xbc, 0xe9,
0x86, 0xea, 0x65, 0x68, 0x80, 0x03, 0x59, 0x6b,
0x63, 0x0a, 0x6b, 0x90, 0xf8, 0xe0, 0xca, 0xf6,
0x91, 0x2a, 0x98, 0xeb, 0x87, 0x21, 0x76, 0xe8,
0x3c, 0x20, 0x2c, 0xaa, 0x64, 0x16, 0x6d, 0x2c,
0xce, 0x57, 0xff, 0x1b, 0xca, 0x57, 0xb2, 0x13,
0xf0, 0xed, 0x1a, 0xa7, 0x2f, 0xb8, 0xea, 0x52,
0xb0, 0xbe, 0x01, 0xcd, 0x1e, 0x41, 0x28, 0x67,
0x72, 0x0b, 0x32, 0x6e, 0xb3, 0x89, 0xd0, 0x11,
0xbd, 0x70, 0xd8, 0xaf, 0x03, 0x5f, 0xb0, 0xd8,
0x58, 0x9d, 0xbc, 0xe3, 0xc6, 0x66, 0xf5, 0xea,
0x8d, 0x4c, 0x79, 0x54, 0xc5, 0x0c, 0x3f, 0x34,
0x0b, 0x04, 0x67, 0xf8, 0x1b, 0x42, 0x59, 0x61,
0xc1, 0x18, 0x43, 0x07, 0x4d, 0xf6, 0x20, 0xf2,
0x08, 0x40, 0x4b, 0x39, 0x4c, 0xf9, 0xd3, 0x7f,
0xf5, 0x4b, 0x5f, 0x1a, 0xd8, 0xf6, 0xea, 0x7d,
0xa3, 0xc5, 0x61, 0xdf, 0xa7, 0x28, 0x1f, 0x96,
0x44, 0x63, 0xd2, 0xcc, 0x35, 0xa4, 0xd1, 0xb0,
0x34, 0x90, 0xde, 0xc5, 0x1b, 0x07, 0x11, 0xfb,
0xd6, 0xf5, 0x5f, 0x79, 0x23, 0x4d, 0x5b, 0x7c,
0x76, 0x66, 0x22, 0xa6, 0x6d, 0xe9, 0x2b, 0xe9,
0x96, 0x46, 0x1d, 0x5e, 0x4d, 0xc8, 0x78, 0xef,
0x9b, 0xca, 0x03, 0x05, 0x21, 0xe8, 0x35, 0x1e,
0x4b, 0xae, 0xd2, 0xfd, 0x04, 0xf9, 0x46, 0x73,
0x68, 0xc4, 0xad, 0x6a, 0xc1, 0x86, 0xd0, 0x82,
0x45, 0xb2, 0x63, 0xa2, 0x66, 0x6d, 0x1f, 0x6c,
0x54, 0x20, 0xf1, 0x59, 0x9d, 0xfd, 0x9f, 0x43,
0x89, 0x21, 0xc2, 0xf5, 0xa4, 0x63, 0x93, 0x8c,
0xe0, 0x98, 0x22, 0x65, 0xee, 0xf7, 0x01, 0x79,
0xbc, 0x55, 0x3f, 0x33, 0x9e, 0xb1, 0xa4, 0xc1,
0xaf, 0x5f, 0x6a, 0x54, 0x7f
>------------------------------------------------------------------------
>
>
>Sent via Deja.com http://www.deja.com/
>Before you buy.
------------------------------
From: Albert Yang <[EMAIL PROTECTED]>
Subject: Re: Proper way to intro a new algorithm to sci.crypt?
Date: Tue, 19 Sep 2000 23:20:51 GMT
"David C. Barber" wrote:
>
> Claim it's your very first cipher, and that it's Absolutely Unbreakable.
> :^)
>
> *David Barber*
You forgot the part where I claim that it will take a 1,000,000 bit key,
and would take longer to crack than it takes to get a refund check from
the IRS...
Albert
------------------------------
From: Eric Smith <[EMAIL PROTECTED]>
Subject: Re: ExCSS Source Code
Date: 19 Sep 2000 16:25:47 -0700
David A Molnar <[EMAIL PROTECTED]> writes:
> Sorry, what I meant was that you had to license CSS from the consortium
> to build a player. In order to license CSS, you need to agree to the
> consortium's rules. If you implement CSS otherwise, you're in violation
> of patent.
In violation of WHAT patent? There are lots of patents relating to
MPEG 2 video, but I don't recall seeing any on CSS. That would have
defeated the purpose (security through obscurity).
------------------------------
Crossposted-To: comp.security.misc
From: [EMAIL PROTECTED] (Alan J Rosenthal)
Subject: Re: "Secrets and Lies" at 50% off
Date: 19 Sep 2000 22:22:32 GMT
>> But... exactly WHAT is the purpose of this group?
>
>It's called sci.crypt.
Actually it's called comp.security.misc.
You seem to be under the misimpression that this is a sci.crypt
thread cross-posted to comp.security.misc, whereas really this is a
comp.security.misc thread cross-posted to sci.crypt.
Cross-posted threads are more likely to be noisy. We're never going to
agree about what's on topic because even in the ideal situation there are
two distinct answers.
As for the initial posting by the the redoubtable Dr Schneier, I winced
when I saw it because I knew it looked really bad. But I don't think that
anyone would have minded it in the old days before we were so sensitized
to the commercialization-of-usenet issue.
I'm not saying that the sensitization is bad; people who post advertisements
where they're unwelcome are being really scummy, they are riding on this
cooperative network and doing things which would have prevented usenet
news from being cooperative if people did them in the beginning. Tragedy of
the commons, blah blah blah.
But we do have to consider that a message which says "here is a book for
50% off" might possibly NOT be a scam, even though that's a rare state of
affairs these days.
I think he could have made the original article sound a lot less spammy if he
had said "my book" rather than "the book", etc. But I assume he assumed that
people would recognize him as the author. However, pretending dissociation
is a frequent spammer technique so these days, so with people sensitized,
you have to stay clear of wording which might suggest that that's what
you're doing. BUT... that doesn't mean the wording is problematic if it's
not intentionally deceptive, which I assume it wasn't.
Speaking of the decline of usenet news, I hate to have to say this, but
just to be clear, my bit about which newsgroup is the main one and which is
the cross-posted one is a joke. By the way, there is no "comp.security" any
more, it's renamed comp.security.misc (quite a while ago now).
------------------------------
From: Eric Smith <[EMAIL PROTECTED]>
Subject: Re: CDMA tracking (was Re: GSM tracking)
Date: 19 Sep 2000 16:31:23 -0700
Jerry Coffin <[EMAIL PROTECTED]> writes:
> It's mostly just keeping its list of "nearby" base stations up to
> date and ensuring that its clock stays in sync -- without trying to
> go into the details, CDMA phones can't work without keeping their
> clocks in sync with the base station. Doing this periodic update
> while the phone is turned off allows it to turn on almost immediately
> without having to search for nearby base stations and sync up its
> clock.
Does a cold start, e.g., if batteries were left out for long enough,
then fresh batteries installed and power turned on, take a long time?
I haven't tried that with a CDMA phone, but with TDMA it's fast enough
that there's no need for any power-off synchronization.
------------------------------
From: "David C. Barber" <[EMAIL PROTECTED]>
Subject: Re: Proper way to intro a new algorithm to sci.crypt?
Date: Tue, 19 Sep 2000 16:45:48 -0700
And that NSA (the famous No Such Agency) tried to first buy it from you,
then suppress it entirely through personal threats against you, your family,
your friends, and your dog, because they couldn't break it and are afraid if
it gets out it will be the end of democracy and the entire free world.
Oh, and be sure to patent it. That's how people will know it's a Really
Good cipher.
Pointing out that you have to keep the actual algorithm secret, to make it
harder to break, will also help you be taken seriously.
</sarcasm>
*David*
"Albert Yang" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> "David C. Barber" wrote:
> >
> > Claim it's your very first cipher, and that it's Absolutely Unbreakable.
> > :^)
> >
> > *David Barber*
>
> You forgot the part where I claim that it will take a 1,000,000 bit key,
> and would take longer to crack than it takes to get a refund check from
> the IRS...
>
> Albert
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Quasi Algorithms / Quasi Functions and Polymorph Encryption [an
Date: Wed, 20 Sep 2000 02:09:21 +0200
Kostadin Bajalcaliev wrote:
> Mok-Kong Shen wrote:
> >Kostadin Bajalcaliev wrote:
> >>
> >[snip]
> >> I hope you will find a little time to read my thesis, it is not the
> regular
> >> amateur-eureka-work.
> >
> >I have looked at your paper. The following are my comments:
> >
> >You have apparently thought that a function must be something
> >written as a common mathematical expression like x^3+5. This
> >is not true. Every mapping from one set to another set
> >defines a function. In the discrete case, a function can
> >be given by a table and there is no need to give a nice
> >mathematical expression to describe it. If a blackbox
> >delivers an ouput for each input, then it realizes a
> >function. (The output for the same input may even be different
> >at different times, but we shall not go that far here.)
>
> Not at all, i agree that any maping from one set to another is function, but
> it is very anpractical solution. Let the balck box accept 64-bit number in
> and produce a 64-bit number as output. Since the box is assumed to exist in
> the real world it is imossible to map it there are to many entries. Even
> more there is some algorithm in side that make the transformation (if we
> exculed random mapings). In order to analize this box we need to find the
> algo inside. Maping it will be of no use.
A mapping from n elements all to one single element
is still a function, only that the function cannot
be inverted. I used the box to emphasize that it
is important only to know all pairs of input/output
to define a function. How the output is computed from
the input is essential to the implementor but for
the user of the function it is of no significance.
The implementation detail doesn't belong to the
definition of a function.
>
> >A piece of code in the programming language, normally one
> >having as header 'function', gives the explicit steps
> >of computation and realizes a function. That in such code
> >one uses different constructs of the programming languages
> >like 'if', 'case' to determine exactly what to do (among
> >a number of options) in any concrete situation (cf. your
> >example with the case construct) is what every programmer
> >has been doing. Thus I am afraid that your newly constructed
> >term 'quasi-function' is very confusing.
> >
> This second oppinion is somthing closer to definition of function in
> general. Function is an algorithm that executing finit number of steps make
> some transformation over the input or more theoreticly map the set of input
> values into the set of output values. May be the term Quasi Algorithms is
> not the lakyest choise but i thing it is an existing form. If you expand any
> function into elementar steps (let say in ASM code) than it is easy to
> notice that each step (instruction / operation) care 2 different types of
> information in it, what should be done, and what are the argments
> (operators). If the the operation is abstracted than we have a structure
> that specifed by the order of step the kind of operation taking place in
> each step and operand, but which operation is realy taking place in those
> steps in unkown. Any algorithm have a skeleton, vertainly not all the
> operations from the steps can be abstracted but most of tham can. In the
> thsis there is a simple exmaple, a polynom function (they are not the only
> king of functions). Let say f(x)=ax^2 + bx +c a simple equante of 2nd
> degree. there are 5 operation inside, if we abstract tham we can write
> Qf(x)=a o x o 2 o b o x o c where o is any operation. second function
> g(x)=a+x-2+b-xc have the same skeleton only different operations are placed
> in side. Qf is what I named quasi algorithm, becuase it determine a finit
> class of functions, all of them will hace the same skeleton but very
> different properties. The cryptographycal significance of this is explained
> in the thesis.
Look into a mathematical dictionary to see if you can find
an entry of quasi-function. If given one specific input
you get one single output then there is no class of
functions but only one single function. That the function
for one value of input has an implementation using one
operator type, while for another value of input has
an implementation using another operator type, doesn't
change that fact.
> >Polymorphism has been known in computer science since
> >decades, though much popularized only after C++. Already
> >in Algol68 one can use a datatype 'union' such that at
> >runtime one can obtain first the type and then the value
> >of an object and with these determine what is to be
> >computed next. Polymorphic Types have been much studied
> >by researchers of the functional languages. In procedural
> >languages, ADA and C++ are two recent examples that much
> >deploy polymorphism, with ADA having parametric types and
> >generics and C++ having classes, inheritence and dynamic
> >binding.
> >
> there is nothing common between Polymorph encryption and polymorphism in
> programing languages, even some analogies can be found.
Your using data in a 'case' construct to do different
things depending on the data is a typical characteristic
of polymorphic function in programming language. And
you apparently implement your crypto exactly in that way.
>
> >Restricting ourselves now to matters of crypto, it is
> >true that, as you mentioned, the use of data dependent
> >rotations, substitutions and S-boxes can be advantageous.
> >All these can, however, be subsumed under the concept
> >'variability'. If a cipher is not 'fixed' like DES but
> >has its components (e.g. S-boxes) different for
> >different messages or even dynamically modified during
> >encryption processing (e.g. a PRNG-driven cipher with
> >feedback to PRNG), then the opponent is in general in an
> >evidently much more difficult position to do the analysis.
> >As you mentioned, techniques like differential analysis
> >would no longer function. That's why I have many times
> >in the past propagated the 'principle of variability'
> >(my terminology) and suggested the use of parametrized
> >ciphers (where the user has choice of different
> >parameters, e.g. round numbers, optional processing
> >steps, etc.) as well as dynamic random selection of
> >encryption algorithms (see the thread of 28th May),
> >which latter you also deal with in your paper.
> >
>
> I am happy you are one of propagater of "principle of variability", i will
> be glad to read some of your works if possible. However my intention
> formulating Polymorph encryption was to give a theoretical model of this
> variability. Quasi algorithms are just the mathematical model.
Try to find in a dictionary of mathematics or computer
science the term quasi algorithm. You would find none.
>
> >It is true that the well-known ciphers don't have
> >variability or have only little variability. Thus
> >suggesting introducing variability by dynamically
> >changing the type of operators in expressions to be
> >computed, as you have done, is in fact a good idea.
> >(There have been use of such in some ciphers, though.)
> >However, on the other hand, I believe you should
> >avoid using the terms 'quasi-algorithm' (any piece of
> >program that computes something and terminates is an
> >'algorithm', there is nothing quasi) and 'quasi-
> >function' (as explained above).
> >
>
> A expalined this prior, but Quasi Algorithms are unable to compute anything,
> That why i introduce the phi notation, Phi(F,sigma,x) is an algorithm but F
> the skeleton certainly is not.
I know what an algorithm is and what a function is.
But what is a skeleton? Is that a template of ADA
and C++? If yes, then you have polymorphism of programming
language, which you however denied above.
M. K. Shen
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
