Cryptography-Digest Digest #754, Volume #12 Sat, 23 Sep 00 14:13:01 EDT
Contents:
Faraday Cage (Was CDMA tracking) (Guy Macon)
Re: What make a cipher resistent to Differential Cryptanalysis? (Simon Johnson)
Re: Faraday Cage (Was CDMA tracking) (Guy Macon)
Re: Tying Up Loose Ends - Correction (SCOTT19U.ZIP_GUY)
Re: Tying Up Loose Ends - Correction (SCOTT19U.ZIP_GUY)
Re: Software patents are evil. (Runu Knips)
Re: Again a topic of disappearing e-mail? (Runu Knips)
Re: What make a cipher resistent to Differential Cryptanalysis? (Tom St Denis)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Guy Macon)
Subject: Faraday Cage (Was CDMA tracking)
Date: 23 Sep 2000 17:00:30 GMT
I am going to quote 5 posts from this thread and two web pages,
then give my comments at the bottom.
========================================================
Mack wrote:
>
>>Jerry Coffin wrote:
>>
>>If you are concerned about your phone being
>>trackable when it is off, why not just put
>>it in an aluminum briefcase ?
>>
>
>Not terribly effective at attenuating signals.
>It must be properly grounded. The 50 foot of ground
>cable limits the effective range of the phone.
>
========================================================
H. Ellenberger wrote:
>
>Completely wrong, no ground cable is required.
>If the metal briefcase should leak too much rf power,
>just put it into a small and tight metallic box.
>
========================================================
Mack wrote:
>
>For a faraday cage to work properly it should be grounded
>in one of the reference frames. ie. with respect to either the phone or the
>cell tower but now that I think about it the charging plug would provide
>an adequate ground with respect to the phone.
>
========================================================
Sagie wrote:
>I have no doubt that if the safe was a sufficient Faraday's cage, the
>pager would not have received messages -- ground or no ground.
========================================================
Lyalc wrote:
>
>Unless the safe's case forms an integral, seamlessly conductive surface and
>is grounded, the safe's skin can act as a coupled antenna to an internal
>transmitter in some circumstances.
>
>Needing the safe's skin to be electrically seamless and of low impedance at
>the particular frequencies is the first major challenge.
>Highly effective RF attenuation is hard to do right, a bit like computer
>security and cryptography.
========================================================
>From the ESD GLOSSARY at [ http://www.semtronics.com/esdtut/glossary.htm ]
Faraday cage
A conductive, grounded enclosure which completely surrounds an object. It will
shield the contents within from the effects of an external electrostatic field.
This concept is of great practical use in protecting ESD sensitive items. For
example, a metallized bag or a conductive tote box can provide excellent Faraday
cage shielding to protect its contents. This shielding is also effective in most
cases even when the conductive enclosure is not grounded.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
========================================================
>From Design Techniques for EMC, Part 4: Shielding
By Eur Ing Keith Armstrong C.Eng MIEE MIEEE
[ http://www.emc-journal.co.uk/archive1/990810.html ]
(please read the web page - I snipped a lot and omitted the graphs)
4.2 General concepts in shielding
A shield puts an impedance discontinuity in the path of a propagating radiated
electromagnetic wave, reflecting it and/or absorbing it. This is conceptually
very similar to the way in which filters work - they put an impedance
discontinuity in the path of an unwanted conducted signal. The greater the
impedance ratio, the greater the SE.
At thicknesses of 0.5mm or over, most normal fabrication metals provide good
SE above 1MHz and excellent SE above 100MHz. Problems with metal shields are
mostly caused by thin materials, frequencies below 1MHz, and apertures.
Fields come in two flavours: electric (E) and magnetic (M). Electromagnetic
fields consist of E and M fields in a given ratio (giving a wave impedance E/M
of 377W in air). Electric fields are easily stopped by thin metal foils, since
the mechanism for electric field shielding is one of charge re-distribution at
a conductive boundary, so almost anything with a low conductivity will present
a suitably low impedance. At high frequencies quite considerable displacement
currents can result from the rapid rate of charge re-distribution, but even
thin aluminium can cope with this quite nicely.
However, magnetic fields are much more difficult to stop. They need to generate
eddy currents inside the shield material to create magnetic fields that oppose
the impinging field. Thin aluminium is not going to be very suitable for this
purpose, and the depth of current penetration required for a given SE depends
on the frequency of the field, and on the characteristics of the metal used for
the shield, and is known as the "skin effect".
One skin depth is the depth in the shield material at which the "skin effect"
causes the currents caused by the impinging magnetic field to be reduced by
approximately 9dB. So a material which was as thick as 3 skin depths would have
an approximately 27dB lower current on its opposite side and have an SE of
approximately 27dB for that M field.
Skin effect is especially important at low frequencies, where the fields
experienced are more likely to be predominantly magnetic with a lower wave
impedance than 377W. The formula for skin depth is given in most textbooks,
but requires knowledge of the shielding material's conductivity and relative
permeability. Figure 4B solves this for aluminium and steel, with copper thrown
in for comparison. Pure zinc will have skin depths close to those of aluminium.
(For Aluminum, the chart shows 10mm @ 50 Hz, 0.1mm @ 1 MHz 0.01mm @ 100 MHz)
Copper and aluminium have over 5 times the conductivity of steel, so are very
good at stopping electric fields, but have a relative permeability of 1 (the
same as air). Typical mild steel has a relative permeability of around 300 at
low frequencies, falling to 1 as frequencies increase above 100kHz, and its
higher permeability gives it a reduced skin depth, making reasonable thicknesses
of mild steel better than aluminium for shielding low frequencies. Different
grades of steels (especially stainless) have different conductivities and
permeabilities, and their skin depths will vary considerably as a result.
A good material for a shield will have high conductivity and high permeability,
and sufficient thickness to achieve the required number of skin depths at the
lowest frequency of concern. 1mm thick mild steel plated with pure zinc (say,
10 microns or more) is fine for many applications.
4.5 Apertures
It is easy to achieve SE figures of 100dB or more at frequencies above 30MHz
with ordinary constructional metalwork. But this assumes a perfectly enclosing
shield volume with no joints or gaps, which makes assembly of the product rather
difficult unless you are prepared to seam-weld it all around and also have no
external cables, antennae, or sensors (rather an unusual product). In practice,
whether shielding is being done to reduce emissions or improve immunity, most
shield performance is limited by the apertures in it.
4.6 Low frequency (magnetic field) shielding
The frequency of 50Hz is highlighted on figure 4B, to show how difficult it is
to achieve good SE at this frequency with any reasonable thickness of ordinary
metals.
Special materials such as Mumetal and Radiometal have very high relative
permeabilities, often in the region of 10,000. Their skin depth is
correspondingly very small, but they are only effective up to a few tens
of kHz. Care must be taken not to knock items made of these materials,
as this ruins their permeability and they have to scrapped or else
re-annealed in a hydrogen atmosphere. These exotic materials are used
rather like channels to divert the magnetic fields away from the volume
to be protected - a different concept to that used by ordinary shielding.
All metals shield materials with relative permeability greater than 1 can
saturate in intense magnetic fields, and then don't work well as shields
and often heat up. A steel or Mumetal shield box over a mains transformer,
to reduce its hum fields, can saturate and fail to achieve the desired
effect. Often, all that is necessary is to make the box larger so it does
not experience such intense local fields.
Another shielding technique for low frequency shielding is active cancellation,
and at least two companies have developed this technique specifically for
stabilising the images of CRT VDUs in environments polluted by high levels of
power frequency magnetic fields.
========================================================
Guy's comments:
The idea of grounding a Faraday shield was Faraday's, and it is very
important in Faraday's application, which was to protect humans from
large electrostatic charges. Without the ground, the cage can hold
a charge and zap you as you step out of it.
For RF shielding in the cell phone range, the plain truth is that you
can't get a good RF ground using ordinary construction techniques.
It takes heroic measures to get the series inductance low enough.
The good news is that there is NO NEED to ground a Faraday Shield that
is meant to stop cell phone transmissions. Instead, care should be
taken to avoid openings (especially long slotlike openings) in the shield.
I believe that both the safe and the aluminum briefcase have long open
slots that will let RF in and out. A better scheme would be Aluminum foil
With one big sheet wrapped so that there are at least three layers and all
"seams" have a lot of overlap.
I find it dismaying that "Mack" ignored all comments about grounding not
being needed in this application and merely repeated the assertion.
This mode of discourse, which is all too common on Usenet, works against
the process of examining and correcting one's beliefs that is such an
important part of technical discussions such as this one.
------------------------------
From: Simon Johnson <[EMAIL PROTECTED]>
Subject: Re: What make a cipher resistent to Differential Cryptanalysis?
Date: Sat, 23 Sep 2000 17:00:47 GMT
In article <8qh03n$cji$[EMAIL PROTECTED]>,
Tom St Denis <[EMAIL PROTECTED]> wrote:
> In article <8qgqab$e85$[EMAIL PROTECTED]>,
> "David C. Barber" <[EMAIL PROTECTED]> wrote:
> > DES, for example is considered resistant to Differential
> Cryptanalysis,
> > particularly in its selection of S-boxes. What about them, or any
> cipher,
> > makes it DF resistant?
>
> Having a low probable differentials, having no impossible
> differentials, having no high probable nonzero to zero differences, um
> and being a markov cipher.
>
> Tom
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.
>
does differential = difference, or is it something different?
--
Hi, i'm the signuture virus,
help me spread by copying me into Signiture File
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED] (Guy Macon)
Subject: Re: Faraday Cage (Was CDMA tracking)
Date: 23 Sep 2000 17:14:35 GMT
...and then there is this, from the great Cecil Adams
[ http://www.straightdope.com/columns/000609.html ]...
Dear Cecil:
Some people believe that wearing a tinfoil helmet will protect them from mind
control rays (or other forms of secret coercion). But if their intent is to
create a "Faraday cage" to protect the brain from intrusive electromagnetic
rays, wouldn't it be more effective to use something a little more solid--say, an
infantry helmet?
And even then, wouldn't it have to be grounded to work?
Admittedly, looking for logical consistency in a conspiracy theory isn't the
wisest thing in the world, but usually they have a semblance of internal
coherence. --L. Hammer, Tucson, Arizona
Cecil replies:
A lot of people probably think helmets to ward off mind control rays were
invented by some smart-ass having a little fun with the feebs. Uh-uh. Check
out the detailed instructions for creating your own helmet (using metal
window-screen mesh) at morethanconquerors.simple net.com/MCF/starshld.htm.
"What I did was make a hood like you see on a hooded sweatshirt," inventor Lei
Jessira Starfire writes, "and to make this thing look 'natural' you can actually
attach this hood to a sweatshirt so that you don't stand out like a sore thumb
and look like a dork. The more odd we look the easier it is for others to justify
their claims that we are just a bunch of loonies making this all up. Even if we
do have miles of evidence and X-ray proof. . . . I also put a drawstring under
this as well to cinch the back down because this is the important area where most
transmitter/receivers seem to be." One more thing: "Duct tape--very important."
Ms. Starfire says the shield works. "For me this has been such a relief. As for
the telepaths, I have learned to recognize them and ignore them and without their
transmitters to force me to acknowledge them and force me to open up to them I
can keep all the voices out because of the [radio frequency] shield hood!!!"
See, scoffers? It works. Every bit as effective as homeopathic pills. Still, you
have to wonder whether this is truly a cost-effective solution. As Straight Dope
Science Advisory Board stalwart Jill notes, "I just ignore the telepaths. The
worst thing you can do is block them and piss them off. When it gets to be too
much, I put my fingers in my ears and sing, 'FLINTSTONES, MEET THE FLINTSTONES.'"
Moreover, from an engineering standpoint, the Starfire shield frankly bites.
What these people need is professional help. A Faraday cage can protect against
radio-frequency energy, but only if properly designed. The Faraday cage was
originally conceived as a shield against static electricity: the free electrons
carrying whatever charge the cage has repel each other and spread out along the
cage's convex conductive surface, leaving the interior electrically neutral. In a
dynamic electromagnetic environment (radio waves), things are a little more
complicated, but you do have something called the "skin effect," in which a
Faraday cage will cause significant attenuation of an incoming signal, depending
on the cage's construction and the signal's frequency. To work properly, however,
the cage must fully enclose the shieldee. If, like a dork (excuse me, Ms.
Starfire, but one must call a spade a spade), you cover only a portion of yourself
with the helmet, not only will the cage not shield you, the edges of the helmet
will serve as an antenna, broadcasting your innermost thoughts (or electromagnetic
traces thereof) to the world.
A partial solution is to ground the cage. Initially I thought one might drag a
chain for this purpose, in the manner of the old gasoline trucks, but Uncle Al,
the well-known sci.physics guru, sternly informed me, "Dragging a chain won't do
it. You must drive a thick steel spike into the water table and connect to it
with a substantial copper or aluminum cable." There's also cage construction to
consider. Uncle Al recommended "multiple layers of grounded conductive foil
interleaved with electrically resistively lossy high-dielectric-constant stuff as
per stealth plating (ferrite in carbon-loaded polymer)." Clearly he's thinking of
increasing the cage's capacitance, with obvious salubrious consequences. "One
might add further interleaved layers of carefully annealed Co-Netic alloy or
mu-metal, too, to bleed off magnetic fields," but admittedly this is tougher to
come by at the supermarket than Reynolds Wrap.
Some prefer a completely different approach. Check out
accessnewage.com/articles/HEA LTH/psyack2.htm from New Age author Eileen Nauman
(courtesy of Straight Dope friend of science James Carr): "Whenever I go on the
road and have to give seminars or talks, I always pack my trusty Saran Wrap! It is
three sheets or layers, one on top of the other. I tuck it beneath my bra so that
it hangs over and covers my solar plexus. . . . [If] my attention is too scattered
and pulled and I can't focus like I need to, then I excuse myself and go slap on
my Saran Wrap and there's a happy ending. The only bad thing about this is: you'll
sweat like a pig beneath it." But at least your solar plexus will be safe.
--CECIL ADAMS
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Tying Up Loose Ends - Correction
Date: 23 Sep 2000 17:24:21 GMT
[EMAIL PROTECTED] (Mok-Kong Shen) wrote in <39CCE423.7E37B9D7@t-
online.de>:
>
>
>"SCOTT19U.ZIP_GUY" wrote:
>> If your "STATIC HUFFMAN TREE IS SECRECT" then having
>> a EOF symbol still sucks. I am not saying finding the tree is
>> easy it may be very hard. But still the EOF symbol is likely
>> to be the longest symbol and the last symbol. Why use it at
>> all. But if you can't see a reason then by all means you can
>> use it.
>
>Since the whole tree is unknown, how does the opponent
>identify the eof, even if he knows it is longer than
>the rest?
Gee I guess he looks at the end of file for a clue
>BTW, does your program deals with also word or block
>boundary in addition to byte boundary?
>
Check my site out. I doubt you would belive me if I told
you so I will not.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.xoom.com/ecil/index.htm
Scott LATEST UPDATED source for scott*u.zip
http://radiusnet.net/crypto/ then look for
sub directory scott after pressing CRYPTO
Scott famous Compression Page
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Tying Up Loose Ends - Correction
Date: 23 Sep 2000 17:25:42 GMT
[EMAIL PROTECTED] (Mok-Kong Shen) wrote in <39CCE431.7A2BA0EE@t-
online.de>:
>
>
>"SCOTT19U.ZIP_GUY" wrote:
>> I am surprised you took back anything it must be a trick.
>> But the answer above is obvious. when he said 32 he was referring
>> to a afactor of 32 which for 5 bits is 32 = 2*2*2*2*2 in short
>> two to the the power 5. But you must known that just as you must
>> know that haveing an EOF symbol in a compresson of huffman or
>> arithmetic type before the file is encrypted is a mistake.
>
>It was indeed my error in employing the zero fill in
>the argument I gave, for that provides known information.
>If I had written '5 random bits' instead, then everything
>would have been o.k.
>
>Using eof in a secret Huffman scheme is not a mistake, as
>I argue in a parallel follow-up.
>
I can see that for you use of an EOF is not a mistake.
But it is still stupid waste of space.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.xoom.com/ecil/index.htm
Scott LATEST UPDATED source for scott*u.zip
http://radiusnet.net/crypto/ then look for
sub directory scott after pressing CRYPTO
Scott famous Compression Page
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
------------------------------
Date: Sat, 23 Sep 2000 19:44:59 +0200
From: Runu Knips <[EMAIL PROTECTED]>
Subject: Re: Software patents are evil.
Jerry Coffin wrote:
> In article <[EMAIL PROTECTED]>,
> [EMAIL PROTECTED] says...
> > Nope. The american patent office doesn't do many checks,
> > compared to those in europe, and even worse the people
> > there are paid for the number of patents that they have
> > given (not those they have testet, or the hours they
> > have worked).
>
> Patent examiners do NOT get paid based on the number of patents
> they allow to be issued.
Well, I've been told that. Of course this might have been a
misinformation.
> Looking through patent file wrappers, you could almost get
> the opposite impression: that they seem to go to almost absurd
> lengths to prevent patents from being issued even when the
> invention is clearly original and useful and thoroughly merits
> a patent.
That only means they have not enough people. Like in europe.
> > > IOW, no, you can't get a patent on any piece of math you wish.
> >
> > Okay, then the practical question: So I can design a cipher
> > using multiplication mod 2**16+1, addition and xor, and
> > don't violate the IDEA patent ? I can easily construct, for
> > example, a Feistel network with these operations !
>
> I haven't read the European patent(s?) on it, but certainly the US
> patent doesn't cover all ciphers using these operations. Just for
> one really obvious example, the US patent has only one independent
> claim, which appears to me to only apply to block ciphers, so any
> stream cipher that used those operations would apparently be safe.
>
> At least as I read the patent, it would be fairly easy to produce a
> block cipher using the basic elements you cite above without
> infringing the patent. Just for one example, the patent requires
> that the "initial block" be divided into at least two sub-blocks (in
> IDEA it's divided into four sub-blocks). As I read it, there is
> probably also a requirement on the relative size of the key to the
> block size -- it requires that the key be received as at least two
> blocks each the same size as one of the sub-blocks above, so if (for
> example) the entire key is the size of one sub-block in the cipher, I
> can't see how it would infringe.
>
> Interestingly enough, the independent claim doesn't mention the types
> of operations carried out by each operation unit at all. IOW, the
> use of multiplication mod 2**16+1, addition and xor aren't what's
> covered by the patent. Instead, it covers the specific way of
> stringing the operation units together.
Whow - that was indeed very detailed, thank you !
> > > In fact the examples
> > > they first used (e.g. on RSA encryption) are now expired. Look
> > > around, and try to tell me that there's less free software today than
> > > there was 20 or 30 years ago.
> >
> > AFAIK PGP has simply violated the RSA patent. And GnuPG
> > became possible because ElGamal expired.
>
> PGP _licensed_ the RSA patent. Expired patents being put into the
> public domain aren't exceptions: they're part of the rule. IOW,
> that's _exactly_ what we (the public) receive in return for giving
> the inventor a monopoly for a limited period of time. To summarize,
> you're giving fine examples of how well the patent system really
> works.
PGP is (or was) free (at least partly) -> how can they ever have
licensed RSA ???
> > The reason why open software projects haven't been destroyed
> > by patents yet is simply that (a) they violate them and are
> > hard to catch, and (b) there where no software patents in
> > europe.
>
> There are many reasons, but the primary one is that the vast majority
> of software simply doesn't need to use patented methods to accomplish
> its ends.
Every programmer uses XOR to get the inverse color, for example.
> Keep in mind that if something is currently protected by a valid
> patent, then nobody did it more than 20 years ago.
Correct would be: ...then nobody had the idea to patent it just
before that time. They have even patented the way to handle the
century wrap in America !
> At least to me, it's hard to imagine something that
> nobody had ever done up until 1980, but is now of such absolute
> necessity that you absolutely can't get along without it. If you're
> impatient enough that you WANT to do it before the patent expires,
> then you can virtually always license the patent to do so.
The main problem with patents is always: you have to (a) find out
they exist and (b) have the money and time to proove that invalid
patents are invalid and (c) your software can't be free if it
requires a license.
> > > Furthermore, the inventor has provided assistance so any person of
> > > ordinary skill in the art can implement the invention as it was
> > > intended to work.
> >
> > But _IF_ I don't want to get such a help ?
>
> Fine, don't take it. If you don't want to use the patented
> invention, nobody says you have to.
_BUT_ I still have to find out that there is actually someone
which has already patented the way I used without further
thinking. Such as the "1-click patent" of Amazon.
> > Before a while
> > I have heared someone tried to create a open sound format,
> > patentfree. He has checked the U.S. patents and finally
> > gave up. Even the simplest things are patented there...
>
> There have been open sound formats for years.
Which ones ? Raw sound data ? Quite useless we need something
highly compressed or people will only laugh about that product.
Well, finally those patents are not the problem. It is more
a problem that, for example, getting a good commercial
mpeg-encoder for Linux was as cheap as only 600 deutschmarks
(!!!) last time I've checked for that (well okay that was
long ago, I don't know how the situation at the moment, but
the serious windows encoders where far cheaper at that time).
I bet you pardon - a simple thing like a mpeg-encoder ! This
way they kill Linux - intentionally or not. Thank god that
there is a little hole in their licensing, which made it
possible to simply provide patches to their reference
implementation.
Otherwise there would be no acceptable mpeg-software for
Linux - would YOU want to use such a crippled OS ? The kids
surely not. Such is the power of software patents - destroying
whole OS just because the patent giver likes to do so !
------------------------------
Date: Sat, 23 Sep 2000 19:45:52 +0200
From: Runu Knips <[EMAIL PROTECTED]>
Subject: Re: Again a topic of disappearing e-mail?
Mok-Kong Shen wrote:
> Runu Knips wrote:
> > Pfft as if this is something noticeable. Using PGP and removing
> > the email by hand has the same effect, doesn't it ?
> I don't know either way. I only reproduced the stuff.
Yep. Thank you !
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: What make a cipher resistent to Differential Cryptanalysis?
Date: Sat, 23 Sep 2000 17:45:27 GMT
In article <8qinjm$6nm$[EMAIL PROTECTED]>,
Simon Johnson <[EMAIL PROTECTED]> wrote:
> In article <8qh03n$cji$[EMAIL PROTECTED]>,
> Tom St Denis <[EMAIL PROTECTED]> wrote:
> > In article <8qgqab$e85$[EMAIL PROTECTED]>,
> > "David C. Barber" <[EMAIL PROTECTED]> wrote:
> > > DES, for example is considered resistant to Differential
> > Cryptanalysis,
> > > particularly in its selection of S-boxes. What about them, or any
> > cipher,
> > > makes it DF resistant?
> >
> > Having a low probable differentials, having no impossible
> > differentials, having no high probable nonzero to zero differences,
um
> > and being a markov cipher.
> >
> > Tom
> >
> > Sent via Deja.com http://www.deja.com/
> > Before you buy.
> >
> does differential = difference, or is it something different?
I consider a differential to be (a, b)where 'a' is the input difference
and 'b' is the output difference.
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
