Cryptography-Digest Digest #784, Volume #12 Wed, 27 Sep 00 12:13:01 EDT
Contents:
Anti-Tempest Freeware ("Fabian Hansmann")
Re: PRNG improvment?? (Tim Tyler)
I am only an egg... (David Rush)
Re: DES (Runu Knips)
RSA and Chinese Reminder Theorem (Soeren Gammelmark)
Chaos theory (Soeren Gammelmark)
Re: "Secrets and Lies" at 50% off (Runu Knips)
Josh MacDonald's library for adaptive Huffman encoding (Alex Vinokur)
Re: Other public key systems (John Bailey)
Re: differnetials... (Doug Kuhlman)
Re: Chaos theory ([EMAIL PROTECTED])
Re: Chaos theory (Jim Gillogly)
RC4 - alleged? ([EMAIL PROTECTED])
Re: Question on biases in random-numbers & decompression (John Myre)
Re: Tying Up Loose Ends - Correction (SCOTT19U.ZIP_GUY)
Re: "Secrets and Lies" at 50% off (SCOTT19U.ZIP_GUY)
Re: RC4 - alleged? (Bill Unruh)
DES and Differential Power Analysis ([EMAIL PROTECTED])
Re: Josh MacDonald's library for adaptive Huffman encoding (SCOTT19U.ZIP_GUY)
Re: "Secrets and Lies" at 50% off (Andrew Carol)
----------------------------------------------------------------------------
From: "Fabian Hansmann" <[EMAIL PROTECTED]>
Subject: Anti-Tempest Freeware
Date: Wed, 27 Sep 2000 12:25:05 +0200
Hello,
since decades international secret services use the fact that all electronic
devices emit compromising rays. These rays can be used to recover a picture
displayed by a monitor. These rays even pass walls and a receiver can be
many meters away.
A new software offers you the possibility to defuse these compromising rays.
The windows text editor "Zero Emission Pad" supports an emission defusing
display.
The program is freeware - you can download it at http://www.steganos.com.
Best regards,
Fabian Hansmann
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: PRNG improvment??
Reply-To: [EMAIL PROTECTED]
Date: Wed, 27 Sep 2000 10:52:25 GMT
[EMAIL PROTECTED] wrote:
: If I fill an array of 2560 elements with 10 consecutive instantces of
: 0..255, [and] if I take a readily available pseudo random number
: generator and use the PRNG to generate INDEX values in the range of
: 0-2559, then I could 'randomly' pick elements from my first array and
: populate a second array, in order picked, with the values in the first
: array the PRNG points to. This is a simple shuffling exercise.
: Now if I seed the PRNG with true random numbers [...] will I, after say
: 10,000 shuffles & 30,000 seeds, begin to approach the level of
: patternless 'randomness' necessary for a cryptographical secure One
: Time Pad?
AFAICS, you don't provide enough information to answer this question.
The properties of the system depend in part on the PRNG you choose.
Without knowing how good this is it's not easy to comment.
FWIW, you should probably not use 10 consecutive instances of 0-255.
The "target file" should probably be an unbiased random muddle - not with
each value occurring once in each 0-255 range.
: Where can I find statistical tests for randomness that I can employ to
: test this idea?
http://stat.fsu.edu/~geo/diehard.html
http://www.helsbreth.org/random/diehard.html
http://random.mat.sbg.ac.at/tests/
http://www.fourmilab.ch/random/
http://quartus.net/files/Misc/
These will tell you if they detect that idea fails. If they *don't*
detect problems this says very little about the worth of the idea.
--
__________ http://alife.co.uk/ http://mandala.co.uk/
|im |yler [EMAIL PROTECTED] http://hex.org.uk/ http://atoms.org.uk/
------------------------------
From: David Rush <[EMAIL PROTECTED]>
Subject: I am only an egg...
Date: 27 Sep 2000 12:20:29 +0100
But I've been trying to ramp up my crypto knowledge. Terry Ritter's
pages have been a tremendously good source of information and
idea-generation. In particular, his description of encipherment as the
operation of mixing the key material in with plaintext turned on a few
lights.
So at the risk of opening the door to those wiser than I patenting
ideas I don't know how to develop (*yet*), I'm wondering what has been
done in the area of using the convolution operation (from signals
analysis) as an encryption transformation. It certainly would combine
every bit of the key with every bit of the plaintext. Of course,
convolution is also computationally expensive to perform, although
there are ways to work around/with that.
Thanks in advance,
david rush
--
Research is what I am doing when I don't know what I am doing."
-- Wernher von Braun
------------------------------
Date: Wed, 27 Sep 2000 14:59:45 +0200
From: Runu Knips <[EMAIL PROTECTED]>
Subject: Re: DES
[EMAIL PROTECTED] wrote:
> I am looking for a C implementation of DES to try to see how it works
> in practice and eventually, i have to come up with a HC05 assembler
> version of DES.
>
> Has anyone got any suggestions on how i should approach the assembler
> implementation?
>
> Thank you,
>
> Brice.
There is a good DES source available at
http://www.btinternet.com/~brian.gladman/cryptography_technology/index.htm
You can get also good sources for all AES candidates from there.
Btw, I would recommend Serpent if you want something of DES-like
design, but with very much improved security.
------------------------------
From: Soeren Gammelmark <[EMAIL PROTECTED]>
Subject: RSA and Chinese Reminder Theorem
Date: Wed, 27 Sep 2000 15:02:14 +0200
Hi
I know that you can use the CRT to solve a system of equations: x mod
p(i) =3D a(i) where p(i) is prime. I've been trying to realise how this
can be combined with the RSA-decryption equation. So far I havent been
able to see how to form these two equations from the RSA decryption
equation. If anyone could show me, in detail if possible, I would
appreciate it. (I have read the section of number theory in Applied
Cryptography by Bruce Schneider - if it helps the explanation)
S=F8ren Gammelmark
------------------------------
From: Soeren Gammelmark <[EMAIL PROTECTED]>
Subject: Chaos theory
Date: Wed, 27 Sep 2000 15:05:47 +0200
Hi
I was woundering if anyone ever thought about using chaos theory in
order to make cryptographic algorithms. The idea occured to me a while
ago when I was reading about the H=E9non attraction. I haven't studied
chaos theory indepth, so thats why I'm asking.
S=F8ren Gammelmark
------------------------------
Date: Wed, 27 Sep 2000 15:08:28 +0200
From: Runu Knips <[EMAIL PROTECTED]>
Crossposted-To: comp.security,comp.security.misc
Subject: Re: "Secrets and Lies" at 50% off
Menial Roky wrote:
> A good example is the frequent questions that we see here about the proper
> implementation of Blowfish and Twofish. Bruce Schneier is able to offer
> such helpful advice on these issues that you'd almost think he invented
> those algorithms himself!
No surprise. He actually IS the inventor of Blowfish, and he's
member (leader?) of the group which developed Twofish...
That, many publications on attacks, and because he's the author
of 'Applied Cryptography' makes him one of the current crypto
gurus, together with Eli Biham, Ron Rivest, and Coppersmith.
------------------------------
From: Alex Vinokur <[EMAIL PROTECTED]>
Crossposted-To: comp.compression,comp.theory
Subject: Josh MacDonald's library for adaptive Huffman encoding
Date: Wed, 27 Sep 2000 13:03:58 GMT
Josh MacDonald's library for adaptive Huffman encoding :
http://www.xcf.berkeley.edu/~ali/K0D/Algorithms/huff/
I think this site may be of interest to many users.
--
============================================
Alex Vinokur
mailto:[EMAIL PROTECTED]
http://go.to/alexv_math
-----------------------------------------
Please visit Lvov's School#52 Alumni Page
http://lv52sc.homepage.com/alumni.html
============================================
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED] (John Bailey)
Subject: Re: Other public key systems
Date: Wed, 27 Sep 2000 13:18:56 GMT
On Wed, 27 Sep 2000 04:01:13 GMT, "some guy named Dave"
<[EMAIL PROTECTED]> wrote:
>I'm researching for different encryption techniques, and am hard-pressed to
>find much for dual-key systems. There is a slew of stuff about RSA, and I
>managed to find a bit about the so-called "Knap-sack" algorithm, but is that
>all there truly is for such algorithms?
AFAIK the most recent is:
Hoffstein, Pipher and Silverman patent 6,081,597 owned by NTRU
http://www.patents.ibm.com/details?&pn=US06081597__
The patent page contains 14 references, about half of which appear to
also be new public key systems. The rest look like improvement
patents on known systems.
The NTRU system is described in a NYTimes article:
New Encryption System Would Protect Digital Music
http://www.nytimes.com/library/tech/00/07/biztech/articles/03pate.html
(don't register just to read the article, but registering is
worthwhile--for the other material you can access.)
Also the book:
Elliptic Curves in Cryptography, by Blake, Seroussi, and Smart (London
Mathematical Society Lecture Note Series 265) outlines several
protocols, two of which are not mentioned in other responses::
Massey-Omura and Nyberg-Rueppel. Both lend themselves to any of
several basis fields (groups) eg Elliptic curves, prime integers as do
also, the other more well known ones, RSA, El Gamal, etc.
John
------------------------------
From: Doug Kuhlman <[EMAIL PROTECTED]>
Subject: Re: differnetials...
Date: Wed, 27 Sep 2000 07:57:22 -0500
Tom St Denis wrote:
>
> In article <[EMAIL PROTECTED]>,
> Doug Kuhlman <[EMAIL PROTECTED]> wrote:
> >
<SNIP>
>
> > Also, Tom, in GF(2^8), -1/x^2 *is* a bijection, if you make a little
> > proviso that 0 goes to 0.... This follows from the fact that squaring
> > is an isomorphism of a field of characteristic two (Frobenius).
>
> but x^2 in GF(257) is not a bijection... so is it just in GF(2^8)?
>
In any finite field GF(p^n), raising to the pth power is a bijection.
So x^257 is a bijection in GF(257). Really, GF(2^8) and GF(257) are
VERY different finite fields.
In fact, in any field of odd characteristic (think finite fields of odd
size), squaring will never be 1-1. Cubing is 1-1 in fields like GF(7),
GF(13), GF(16), but not GF(11), GF(8), or GF(17) [See the pattern?].
Doug
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Chaos theory
Date: Wed, 27 Sep 2000 13:58:45 GMT
Soeren Gammelmark <[EMAIL PROTECTED]> wrote:
> I was woundering if anyone ever thought about using chaos theory in
> order to make cryptographic algorithms. The idea occured to me a while
> ago when I was reading about the H�non attraction. I haven't studied
> chaos theory indepth, so thats why I'm asking.
It occured to me that some systems might make interesting bases for
random number generators. After thinking about it for a while, I
dissmissed it as anything beyond a toy for a couple of reasons.
Most worrisome is that any single output value effectively contains
the entire state of most systems, allowing you to generate the rest of
the sequence after a single succesful guess.
Also troubling is the performance issue. Almost any implementation
will be based on repeated solvings of a system of equations. That's
just more work than the normal bit-wise operations, so it will
probably be much slower than conventional generators.
On the other hand, I'm sure there's something I've overlooked, and I
do expect a clever "chaos-inspired" application to spring up eventually.
--
Matt Gauthier <[EMAIL PROTECTED]>
------------------------------
From: Jim Gillogly <[EMAIL PROTECTED]>
Subject: Re: Chaos theory
Date: Wed, 27 Sep 2000 14:40:47 +0000
[EMAIL PROTECTED] wrote:
> Most worrisome is that any single output value effectively contains
> the entire state of most systems, allowing you to generate the rest of
> the sequence after a single succesful guess.
It can be worse than this: because chaotic systems have attractors,
a close guess rather than a spot-on guess may yield islands of
plaintext. Other guesses may get into other attractor orbits,
allowing the plaintext to be stitched together from the different
passes, all without ever finding the actual key or state. This of
course depends on specific implementations of how one uses chaos,
but it worked for one challenge posted to sci.crypt some years ago.
> On the other hand, I'm sure there's something I've overlooked, and I
> do expect a clever "chaos-inspired" application to spring up eventually.
I suspect the motivation of people wanting to apply chaos to crypto
has to do with the seductive name: chaos in common English implies
a complete lack of order, which is what we're trying to achieve in
crypto. In mathematics, however, chaos lies on the boundary between
order and disorder, and is a study of systems that have behavior
that's largely predictable statistically... not at all what we need.
--
Jim Gillogly
Mersday, 6 Winterfilth S.R. 2000, 14:31
12.19.7.10.10, 6 Oc 13 Chen, Third Lord of Night
------------------------------
From: [EMAIL PROTECTED]
Subject: RC4 - alleged?
Date: Wed, 27 Sep 2000 14:40:40 GMT
Did RSA Security ever verify that the Alleged RC4 algorithm posted in
the in early 90's is in fact the original RC4 algorithm? I realise that
everyone is in agreement that it is.
ajd
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: John Myre <[EMAIL PROTECTED]>
Subject: Re: Question on biases in random-numbers & decompression
Date: Wed, 27 Sep 2000 08:47:51 -0600
David Hopwood wrote:
<snip>
> A simpler, almost equally efficient method is to find a power of 2 (2^n)
> that is just greater than a power of 3 (3^m), e.g. 2^27 and 3^17. Then
> convert blocks of n bits into blocks of m trits. When the block of
> bits has a value >= 3^m, subtract 3^m from it, and use the fact that
> the result is an unbiased value between 0 and 2^n - 3^m - 1 to generate
> more trits.
<snip>
Here is a side note for more general cases.
(I can't find a short way to say this without backtracking
into a bunch of terminology, which isn't worth the trouble.
So I'm just giving an example.)
Suppose that instead of trits we are looking for (base ten)
digits. Suppose that we choose to begin with 10 bits at a
time, giving us values from 0 to 1023. So if the value is
from 000 to 999, we output the three digits. If on the other
hand the 10-bit value is from 1000 to 1023, then we can only
get one digit out of it, since the remaining range is less
than 100. But we don't have to limit ourselves to just using
inputs from 1000 to 1009, discarding the rest: we can use 1000
to 1019 (discarding 1020 to 1023).
So the point is that the remaining range might cover a multiple
of a power of the destination base (without reaching the next
power, that is). In such a case, you want to use the entire
multiple; you don't get any more digits out but you discard
fewer inputs.
JM
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Tying Up Loose Ends - Correction
Date: 27 Sep 2000 15:04:18 GMT
[EMAIL PROTECTED] (Bryan Olson) wrote in
<8qs2qm$7i4$[EMAIL PROTECTED]>:
>Tim Tyler wrote:
>
>> This is what "a priori" means: "in advance of knowledge
>> from experience".
>>
>> The knowledge I was referring to was knowledge of the
>> characteristics of the plaintext - not knowledge of
>> the cyphertext.
>
>You refuse to get the point. Knowledge of the
>ciphertext is not enough. With no better attack than
>exhaustive search, you have to do a trial decryption,
>for each key, and those alone make the attack
>intractable.
>
The point is that Knowledge of the cipherstext and
the algorithms involved could lead to methods of attack
far faster than an exhaustive search. It is far better to
close the door on that possibility all together than to
assume that an enemy can't find a way to exploit the added
weaknesses from poor compression. One such way to exploit it
would be through the use of a quantum computer if only one
valid inverse existed. No I don't have one but they are on
the way and you can bet your sweet ass the NSA or China will
have many large working ones decades before they become wide
spread in the non black world of the public,
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.xoom.com/ecil/index.htm
Scott LATEST UPDATED source for scott*u.zip
http://radiusnet.net/crypto/ then look for
sub directory scott after pressing CRYPTO
Scott famous Compression Page
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Crossposted-To: comp.security,comp.security.misc
Subject: Re: "Secrets and Lies" at 50% off
Date: 27 Sep 2000 15:22:08 GMT
[EMAIL PROTECTED] (Runu Knips) wrote in
<[EMAIL PROTECTED]>:
>Menial Roky wrote:
>> A good example is the frequent questions that we see here about the
>> proper implementation of Blowfish and Twofish. Bruce Schneier is able
>> to offer such helpful advice on these issues that you'd almost think
>> he invented those algorithms himself!
>
>No surprise. He actually IS the inventor of Blowfish, and he's
>member (leader?) of the group which developed Twofish...
>
>That, many publications on attacks, and because he's the author
>of 'Applied Cryptography' makes him one of the current crypto
>gurus, together with Eli Biham, Ron Rivest, and Coppersmith.
>
I think the previous sender was joking. Of course he knew those
were written by MR BS. But how could you insult such great crypto
gurus like Ron Rivest by saying that Mr. BS is in the same class.
Do you really belive that? I wonder if MR Rivest is offended?
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.xoom.com/ecil/index.htm
Scott LATEST UPDATED source for scott*u.zip
http://radiusnet.net/crypto/ then look for
sub directory scott after pressing CRYPTO
Scott famous Compression Page
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
------------------------------
From: [EMAIL PROTECTED] (Bill Unruh)
Subject: Re: RC4 - alleged?
Date: 27 Sep 2000 15:29:49 GMT
In <8qt0t7$urp$[EMAIL PROTECTED]> [EMAIL PROTECTED] writes:
>Did RSA Security ever verify that the Alleged RC4 algorithm posted in
>the in early 90's is in fact the original RC4 algorithm? I realise that
>everyone is in agreement that it is.
No.
Why would they? They make money licensing RC4. Why would they inform the
world that it can get the same thing for free?
However see Ron Rivest's page (He was the inventor of RC4).
------------------------------
From: [EMAIL PROTECTED]
Subject: DES and Differential Power Analysis
Date: Wed, 27 Sep 2000 15:20:25 GMT
Hi,
I am looking for papers dealing with Differential Power Analysis
applied to DES. I am looking in particular for possible countermeasures
on DPA when implementing DES.
Thank you,
Brice.
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Crossposted-To: comp.compression,comp.theory
Subject: Re: Josh MacDonald's library for adaptive Huffman encoding
Date: 27 Sep 2000 15:29:18 GMT
[EMAIL PROTECTED] (Alex Vinokur) wrote in <8qsr7q$pjq$[EMAIL PROTECTED]>:
>http://www.xcf.berkeley.edu/~ali/K0D/Algorithms/huff/
Sounds interesting I will look at it and mod it to be 1-1 if
Knuth has not already done so.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.xoom.com/ecil/index.htm
Scott LATEST UPDATED source for scott*u.zip
http://radiusnet.net/crypto/ then look for
sub directory scott after pressing CRYPTO
Scott famous Compression Page
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
------------------------------
From: Andrew Carol <[EMAIL PROTECTED]>
Crossposted-To: comp.security,comp.security.misc
Subject: Re: "Secrets and Lies" at 50% off
Date: Wed, 27 Sep 2000 08:57:01 -0700
In article <[EMAIL PROTECTED]>, SCOTT19U.ZIP_GUY
<[EMAIL PROTECTED]> wrote:
> I think the previous sender was joking. Of course he knew those
> were written by MR BS. But how could you insult such great crypto
> gurus like Ron Rivest by saying that Mr. BS is in the same class.
> Do you really belive that? I wonder if MR Rivest is offended?
Perhaps you should ask him the next time you play golf together.
Oh well....
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
