Cryptography-Digest Digest #837, Volume #12 Wed, 4 Oct 00 11:13:01 EDT
Contents:
Re: It's Rijndael (Runu Knips)
Re: It's Rijndael (Tim Tyler)
Where I Went Wrong About Rijndael (John Savard)
Re: It's Rijndael (Runu Knips)
Re: PRNG improvment?? (Tim Tyler)
Re: PRNG improvment?? (Tim Tyler)
Re: Where I Went Wrong About Rijndael (John Savard)
Re: It's Rijndael (Runu Knips)
Re: Mr. Zimmermann, Mr. Price when can we expect this feature ? sig is GOOD (Rich
Wales)
OT: Abortions (Runu Knips)
Re: Mr. Zimmermann, Mr. Price when can we expect this feature ? (Rich Wales)
Re: hourra for europa :) (Runu Knips)
Re: newbie question (Runu Knips)
Rijndael (Net Man)
Re: Rijndael cracked by Biham! (Runu Knips)
Re: Problem with Twofish Round Function (Runu Knips)
Statistics about SSLvX use ?? ciphers use ? (Laure Barrere)
Re: RC6 royalty free or not? (Runu Knips)
Re: Democrats, Republicans, AES... (Dido Sevilla)
Re: Josh MacDonald's library for adaptive Huffman encoding (SCOTT19U.ZIP_GUY)
Re: NIST Statistical Test Suite ("Dann Corbit")
Re: It's Rijndael (Volker Hetzer)
Re: Counterpane Funny Stuff (Richard Heathfield)
----------------------------------------------------------------------------
Date: Wed, 04 Oct 2000 15:12:19 +0200
From: Runu Knips <[EMAIL PROTECTED]>
Subject: Re: It's Rijndael
Jim Gillogly wrote:
> Given their resources, I think NIST did an outstanding job
> of balancing the pros and cons of the ciphers, of taking
> into account all the comments they received, of keeping
> a satisfying amount of the process open, and of sticking
> to their announced schedule. Their report does them
> credit, and while some of us may take issue with the
> importance given to any particular criterion I think most
> of us would be inclined to give them a rousing ovation for
> a job well done.
Well I think if I understand the discussion, the main
reason for Rijndael was that the comitee didn't cared much
about the actual quality which would interest me first:
security.
If there would be another such contest in future, I would
vote for making the round count a parameter, so everybody
can choose higher or lower security, as they wish. This
way one could select a higher number of rounds if one
wishes. I don't know how much such a concept would
actually cost in hardware implementations.
Well, but maybe there will be never such a contest again,
because now a standard has been selected, and it is
unlikely that we will ever need more than 256 bit of
security, not in a hundred of years.
And in 1000 years, when we might have found a way to use
all matter in the universe (and manybe endless masses of
matter in parallel universes) for a gigantic supercomputer,
we'll be able to read the enemies mind directly, so every
secret will be revealed anyway ;-) In a world without
lies, nobody needs secrets.
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: It's Rijndael
Reply-To: [EMAIL PROTECTED]
Date: Wed, 4 Oct 2000 13:03:18 GMT
Mok-Kong Shen <[EMAIL PROTECTED]> wrote:
: I conjecture that 3DES will continue to stay for a quite
: long time. For analogy, see the programming language Cobol.
I'm having a few problems getting the hang of this analogy...
If 3DES <-> Cobol, who can help me with:
BASIC <-> ?
C <-> ?
Java <-> ?
Forth <-> ?
Pascal <-> ?
x86 <-> ?
Lisp <-> ?
...or...
Rijndael <-> ?
DES <-> ?
Skipjack <-> ?
;-)
--
__________ Lotus Artificial Life http://alife.co.uk/ [EMAIL PROTECTED]
|im |yler The Mandala Centre http://mandala.co.uk/ UART what UEAT.
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Where I Went Wrong About Rijndael
Date: Wed, 04 Oct 2000 13:17:23 GMT
In my analogy between Rijndael and DES, I compared the Shift Row step
to the swapping of halves in DES.
Actually, Rijndael doesn't need anything like the swapping of halves:
the Mix Column step causes each row to be modified, based on all the
other rows. It doesn't just change one row per round based on the
other three, for example, so the _rows_ are never swapped in Rijndael.
Instead, the Shift Row step is more properly compared to the
_expansion permutation_ in the DES f-function, since its function is
to ensure that the columns of the cipher block aren't isolated from
each other.
This is why existing cryptanalytic results against Rijndael don't have
the same pattern as those against DES in that table in AC.
Although I believe I am correct in not counting the final round for
this purpose (without a Mix Column step, there is no interaction
between bytes, hence no "round") and that the residue class of the
number of Rijndael rounds may still have some significance, this makes
it more of a second-order problem than a first-order problem; instead
of a fatal flaw, the way DES with an odd number of rounds would be
afflicted, it may indeed be a 'weakness' so minor as not to be worth
worrying about.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
Date: Wed, 04 Oct 2000 15:20:10 +0200
From: Runu Knips <[EMAIL PROTECTED]>
Subject: Re: It's Rijndael
John Savard wrote:
> But if Rijndael is _significantly_ faster than Twofish
AFAIK it is about as fast as Twofish in most (software)
environments. In hardware it is more than twice as fast
than Twofish even in the 256 bit case, and, if used with
a key size below 256 bits, also somewhat faster than
Serpent.
> If you want more security, you can always use Triple-Rijndael.
Tripple-Something is always very inefficient, and only
an option if key size is too short, which isn't the
case for Rijndael.
> I much admired his Panama, even if I never paid Rijndael the
> attention it deserved.
Me too.
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: PRNG improvment??
Reply-To: [EMAIL PROTECTED]
Date: Wed, 4 Oct 2000 13:08:48 GMT
David Schwartz <[EMAIL PROTECTED]> wrote:
: [EMAIL PROTECTED] wrote:
:> Now if I seed the PRNG with true random numbers, license plates,
:> system clock, keyboard latency measurements, etc. and seed often, and
:> shuffle often, will I, after say 10,000 shuffles & 30,000 seeds, begin
:> to approach the level of patternless 'randomness' necessary for a
:> cryptographical secure One Time Pad? It's uniform. It's long. The
:> question is, will this method introduce enough randomness?
: All you've done is make things worse! If the first output is 200, I
: know the second output has a less than usual chance of also being 200.
I don't think that's true. The original post may not have described
the algorithm very precisely; but I can see no way to interpret it
that would result in the effect described.
--
__________ http://alife.co.uk/ http://mandala.co.uk/
|im |yler [EMAIL PROTECTED] http://hex.org.uk/ http://atoms.org.uk/
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: PRNG improvment??
Reply-To: [EMAIL PROTECTED]
Date: Wed, 4 Oct 2000 13:10:48 GMT
Douglas A. Gwyn <[EMAIL PROTECTED]> wrote:
: Paul Pires wrote:
:> <[EMAIL PROTECTED]> wrote:
:> > But isn't one of the criteria for a One Time Pad truly uniform
:> > distribution of the key values?
: Uniform distribution emphatically does *not* mean that all
: values occur exactly the same number of times in any given
: finite sample. [...]
Nor does this appear to be true of the output of ds908's generator.
--
__________ http://alife.co.uk/ http://mandala.co.uk/
|im |yler [EMAIL PROTECTED] http://hex.org.uk/ http://atoms.org.uk/
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Where I Went Wrong About Rijndael
Date: Wed, 04 Oct 2000 13:23:14 GMT
On Wed, 04 Oct 2000 13:17:23 GMT, [EMAIL PROTECTED]
(John Savard) wrote, in part:
>Instead, the Shift Row step is more properly compared to the
>_expansion permutation_ in the DES f-function, since its function is
>to ensure that the columns of the cipher block aren't isolated from
>each other.
Actually, _permutation P_ would be a better analogy. But Rijndael
isn't all that DES-like; Mix Column is a bit more like the PHT stages
in SAFER.
Still, the analogy with DES just seemed to be the simplest way to
explain the purpose of Rijndael's parts, even if it is a cipher with a
very different structure, because DES is so familar to many.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
Date: Wed, 04 Oct 2000 15:34:58 +0200
From: Runu Knips <[EMAIL PROTECTED]>
Subject: Re: It's Rijndael
Arturo wrote:
>
> On Mon, 02 Oct 2000 19:50:12 -0700, David Schwartz <[EMAIL PROTECTED]> wrote:
>
> >
> >John Savard wrote:
> >
> >> given that all the algorithms were of satisfactory security.
> >
> > Yes, but the lesson of DES is that "satisfactory" security is not good
> >enough.
> >
> What lesson? DES has proved to be extremely resistance to
> cryptanalysis. It only fell out of favor because its limited keysize makes it
> vulnerable to brute-force attacks.
That was excatly what the original poster meant. Its key was too short.
------------------------------
From: [EMAIL PROTECTED] (Rich Wales)
Crossposted-To: alt.security.pgp
Subject: Re: Mr. Zimmermann, Mr. Price when can we expect this feature ? sig is GOOD
Date: 4 Oct 2000 13:37:52 -0000
"jungle" wrote:
> I installed Guerilla version 263, imported your 4k
> RSA key & verified your sig GOOD ... NOW let see that
> you will be able to decrypt with your 4k RSA key ...
It worked. The result of decrypting your message was the text of
my original signed message. So, my own modified 2.6.3ia would
appear to be compatible with Guerrilla PGP 2.6.3.
Rich Wales [EMAIL PROTECTED] http://www.webcom.com/richw/
PGP 2.6+ key generated 2000-08-26; all previous encryption keys REVOKED.
RSA, 2048 bits, ID 0xFDF8FC65, print 2A67F410 0C740867 3EF13F41 528512FA
------------------------------
Date: Wed, 04 Oct 2000 15:44:31 +0200
From: Runu Knips <[EMAIL PROTECTED]>
Subject: OT: Abortions
Hmm this is really off-topic...
Joseph Ashwood wrote:
> You also have to remember that just recently Bush's brat stated rather
> plainly that the ok of RU-486 was "wrong", while Gore praised it
> (Source:San Jose Mercury News), this is much more likely to be a
> catalizing point, and considering that half of america is almost
> certainly pro-choice (the female half), and most of the male half is
> also pro-choice, this could become a major issue.
Ooops ? Don't you know that it is nearly impossible for new
american doctors today to learn how an abortion is done ?
And that the maybe small minority, which in fact also
includes many women, is actually very agressive and, yes,
criminal, so everyone fears them, for they kill people which
don't share their opinions ? Abortion doctors live a
dangerous life there in america !
So, stating that there are more people which are 'pro-choice'
might be true (or might not, I'm not that sure about that),
but democracy doesn't always work this way !
------------------------------
From: [EMAIL PROTECTED] (Rich Wales)
Crossposted-To: alt.security.pgp
Subject: Re: Mr. Zimmermann, Mr. Price when can we expect this feature ?
Date: 4 Oct 2000 13:45:42 -0000
"jungle" wrote:
> attempt to import file made with your key [ richw.asc ] to
> v262 resulted in : PGP did not find any key at this file ...
Right. PGP 2.6.2 can't handle RSA keys longer than 2048 bits, so
this failure would be expected. The same is true of the vanilla
2.6.3ia version, which uses Zimmermann's MPILIB (instead of RSAREF),
but which still has a hard-coded key length limit of 2048 bits.
FWIW, after I generated my 4096-bit key (using a patched version of
PGP 2.6.3ia), the regular 2.6.3ia was no longer able to access any
key on my secret keyring -- not even my "real" 2048-bit key. If I
use my patched 2.6.3ia, on the other hand, I can access both my real
(2048-bit) key and my 4096-bit experimental key.
Rich Wales [EMAIL PROTECTED] http://www.webcom.com/richw/
PGP 2.6+ key generated 2000-08-26; all previous encryption keys REVOKED.
RSA, 2048 bits, ID 0xFDF8FC65, print 2A67F410 0C740867 3EF13F41 528512FA
------------------------------
Date: Wed, 04 Oct 2000 15:53:38 +0200
From: Runu Knips <[EMAIL PROTECTED]>
Subject: Re: hourra for europa :)
alex wrote:
> [bla]
Why do you praise all europeans for the work of some
scientist, which could have been as well worked in
america or asia or maybe the backside of the moon ?
Does that matter ?
I will never understand why people say 'WE have won',
if an athlet of their country has won, say, a medal
in olympia.
Praise the scientists themselves, it is THEIR work,
not, for example, mine.
Too, it never was my favorite cipher...
------------------------------
Date: Wed, 04 Oct 2000 15:55:04 +0200
From: Runu Knips <[EMAIL PROTECTED]>
Subject: Re: newbie question
Aaron Cannon wrote:
>
> Aaron Cannon <[EMAIL PROTECTED]> wrote:
> : Thank you all for your helpful responses! I very much appreciate it. I
> : think I'll just try to find a good secure prebuilt c library and use that.
> : any recommendations on what single key algorithms are best and easiest to
> : use? I was considering IDEA but I haven't heard anything on it for a
> : while, and so I don't know if any weaknesses have been found in it.
> : Thanks again for the help!
>
> I did a little more research since posting that message and realized that
> IDEA won't work because of the patent issue. So, I think I'd like to use
> 3DES. Does anyone know where I can obtain a public domain or freely
> usable c library for 3des? Once again, thanks for any and all help!
Don't use 3DES, it is horribly slow.
Use AES, Twofish, Serpent, or Blowfish.
------------------------------
From: Net Man <[EMAIL PROTECTED]>
Subject: Rijndael
Reply-To: [EMAIL PROTECTED]
Date: Wed, 04 Oct 2000 13:56:19 GMT
What about Rijndael Look at:
http://www.vnunet.com/News/1112013
http://www.nist.gov/public_affairs/releases/g00-176.htm
http://csrc.nist.gov/encryption/aes/
Rijndael: what's type of algorithm?
Bye...
Net.
___________________________________________
Per rispondere levare NEWS dall'indirizzo.
To Repaly me remove NEWS from address.
------------------------------
Date: Wed, 04 Oct 2000 15:58:01 +0200
From: Runu Knips <[EMAIL PROTECTED]>
Subject: Re: Rijndael cracked by Biham!
[EMAIL PROTECTED] wrote:
> The article on :
> http://sectedesax.ctw.cc
*laugh*
You really shocked me for a millisecond ;-)
Eli Biham doesn't write in french, and he would
publish such a paper in english on his homepage
(http://www.cs.technion.ac.il/~biham/).
------------------------------
Date: Wed, 04 Oct 2000 16:02:28 +0200
From: Runu Knips <[EMAIL PROTECTED]>
Subject: Re: Problem with Twofish Round Function
Tom St Denis wrote:
> I just realized that the output of the round function is merely...
>
> T1 = 2a + b
> T2 = a + b
Yep, a 2PHT.
> Where the difference is in the 'a' term. What if I sent a differential
> into the that function without a difference in 'a' (i.e the first g
> function). Obviously in the next round it would affect the other side
> but you get a round for quasi free.
Yep.
> Also that doesn't look like the best way to distribute the entropy
> in 'a' and 'b' (pretend a is the output of the first g function, and b
> the output of the second).
Hmm. So what would you do instead ?
------------------------------
From: Laure Barrere <[EMAIL PROTECTED]>
Subject: Statistics about SSLvX use ?? ciphers use ?
Date: Wed, 04 Oct 2000 16:00:11 +0200
This is a multi-part message in MIME format.
==============242D9642188FE62176E730DF
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Hi,
I'm doing a model where I need to do a benchmark to estimate SSL
impact in our product. To do that, I have to estimate what is the most
common used. I am a newbie in crypto. Do you have any information/URL on
"what version of SSL is the most used, what are the ciphers the most
used ?". I really have no idea on that.
Please, help me :) !
Thanks in advance,
Laure.
==============242D9642188FE62176E730DF
Content-Type: text/x-vcard; charset=us-ascii;
name="lbarrere.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for Laure Barrere
Content-Disposition: attachment;
filename="lbarrere.vcf"
begin:vcard
n:Barrere;Laure
tel;fax:+33 4 92 29 39 00
tel;work:+33 4 92 29 22 80
x-mozilla-html:TRUE
org:Lucent Technologies
version:2.1
email;internet:[EMAIL PROTECTED]
title:System Design Engineer - Performance modeling
adr;quoted-printable:;;Aeropole Zac Arenas=0D=0A=0D=0A455, promenade des Anglais;06299
Nice Cedex 3;;;France
fn:Laure Barrere
end:vcard
==============242D9642188FE62176E730DF==
------------------------------
Date: Wed, 04 Oct 2000 16:06:17 +0200
From: Runu Knips <[EMAIL PROTECTED]>
Subject: Re: RC6 royalty free or not?
"Sami J. M�kinen" wrote:
> I couldn't tell by reading the papers from RSA webpage that
> is RC6 royalty free or not (to use in shareware program)?
> I'm talking about the algorithm itself, not any implementation.
Use any of the other AES finalists. RSADSI has AFAIK only
stated that RC6 will be free _IF_ it would become AES,
and it hasn't.
If at all, I would use RC6 with at least 12, better 16
rounds, btw.
Use any of AES/Rijndael, Twofish, or Serpent. They should
be secure. For pure software implementations I would
still recomment Twofish :-) - fast and very secure.
------------------------------
From: Dido Sevilla <[EMAIL PROTECTED]>
Subject: Re: Democrats, Republicans, AES...
Date: Wed, 04 Oct 2000 22:13:31 +0800
Albert Yang wrote:
>
> <snip>
> > So it is likely for one of the candidates to increase the
> > round number by a factor of 100, thus gains the 'highest
> > level of security margin' and win. Does that correspond to
> > what you mean?
> >
> > [snip]
>
> No, this is not what I mean. I mean leaning on the side of
> conservatism, that means no new math, concepts that are well understood,
> SP network has been around for a LONG time, it's well understood, same
> with Feistels. Using primatives that we know a lot about, using sound
> logic, nothing new and flashy, I mean if I wanted "new and improved",
> wouldn't I have rooted for the Decorollated one? Nope. I think Serpent
> was way overly conservative, used things we know a lot about, had great
> pedigree, and probably gave me the most confidence and the warmest
> fuzzies..
>
I'm an engineer whose main task lies more in the implementation of
ciphers rather than in their design, and I think that you're missing a
very important consideration that went into the AES process, one that
has people like me in mind. Your metaphor about politics is very apt,
except not in the way you have presented it. The whole process was
about *compromise*. That's the key word. There are other
considerations that go into the choice of a cipher for any given task
besides level of security. Maybe you're one of those people who lives
in a world where security is the holy grail and something you must
strive for regardless of anything else, but in the real world, things
don't work that way. You always have to make compromises. NIST wanted
AES to run reasonably efficiently on a wide range of computing
platforms, as well as providing a great deal of flexibility. Serpent
just doesn't provide that. I've had the experience of implementing it on
an embedded processor significantly more powerful than the lowest
smart-card processors that NIST was thinking about, and it was still
incredibly slow. Far more so on the bottom end!
> The other one would be RC6, which had a lot of attacks against it
> because it has a lot of cryptoanalysis under it's belt, via the RC5
> inheritance. It's elegant, simple, easy to remember, easy to program
> from memory, easy to check for proper coding, and no S-boxes to
> memorize. While the "margin of security" was not as good as Serpent, I
> have to say that something I can put on the back of a napkin has got to
> be impressive regardless what people say...
>
You may be able to write the algorithm on the back of a napkin, and
remember it easily, but that doesn't mean you can implement it so that
it runs quickly. On my embedded system, RC6 was so slow as to be
completely unusable, mainly because the processor didn't support the
required operations quickly enough. Try implementing RC6 on any
processor that doesn't directly support 32-bit rotates, and see how
quickly it runs! Most newer processors don't have such instructions
either (e.g. DEC Alpha and IA-64/Itanium), and AES also has the future
in mind as well as the present. You might be able to write a very fast
implementation of RC6 on a Pentium-class or PowerPC, but when you get to
the next generation of processors, it'll only run so-so.
Good cryptography is not just about unbreakability. It's also about
ease of implementation and flexibility. Any idiot with an exposure to
the theory of SP-networks and Feistel structures can create a cipher
nobody can break, only it will run much too slowly for it to be used
anywhere. Why do you suppose hardly anyone uses one-time pads? If you
wanted real warm fuzzies, you'd use that! Of course, it's because a
proper one-time pad implementation is far too expensive to use in the
real world. The real challenge in creating a good cipher is not to
design one that just provides good security, but one that provides good
security *and* runs well. The real world is full of processors that
don't have enough computing power, don't have enough memory, or don't
implement certain operations, IC fabrication plants that charge too much
when you ask them for too many gates at a given feature size, impatient
users who are more interested in getting their data at once than getting
it securely, and so on. We engineers are not mathematicians; we're
willing to tolerate some error if it means we can get an answer that's
close enough to the truth reasonably, rather than an absolutely correct
answer that's obscenely difficult to obtain. The same goes for
cryptography. We're willing to tolerate an algorithm that might be
*broken* (using a stronger definition of "broken" than you crypto types
are wont to use) at a certain time, if it can provide security for the
present, and sufficient security in the foreseeable future. What we
won't tolerate is an algorithm that may provide absolute security but is
also obscenely expensive to implement.
Our project wound up settling on Rijndael long before it was announced
as AES, probably because NIST had in mind our same considerations, which
should be typical of any real-world project that incorporates
cryptography. Implementing all of the finalist algorithms on a real
processor with real constraints, as part of a real project with
deadlines and budget limitations was incredibly instructive. As an
engineer who has had late experience implementing nearly all of the AES
second round finalists in assembly language for a mid-range embedded
processor, I have to agree with NIST's choice. Undoubtedly, many of
your concerns will be addressed once Rijndael becomes a FIPS, and then
people like me and people like you can reach a middle ground. Let's
just wait and see.
--
Rafael R. Sevilla <[EMAIL PROTECTED]> +63 (2) 4342217
ICSM-F Development Team, UP Diliman +63 (917) 4458925
OpenPGP Key ID: 0x0E8CE481
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Crossposted-To: comp.compression,comp.theory
Subject: Re: Josh MacDonald's library for adaptive Huffman encoding
Date: 4 Oct 2000 14:21:27 GMT
[EMAIL PROTECTED] (Kent Paul Dolan) wrote in
<1sEC5.97$[EMAIL PROTECTED]>:
>
>So far the funniest part of this series of David destroying his reputation
>on the Internet is this part:
>
>Organization: Retired US Government Real Time computer Xpert
>
>
>Happening to be retired from US Government service, still a real time
>computer programmer, as occasion demands, and disavowed to be an
>"expert" at anything because even in my case, when it comes to my
>profession rather than my personal life, humility works better than
>hubris, I have to say that the "prime" skill in being a "computer
>expert" is clear communication. David is clearly no expert.
No that is a Prime Skill of a manager who claime to be a computer
expert. Where I worked we had Tech Writers do the BS documentation.
I was generally to busy writting code and introducing new algorithms.
>
>Oh, and do your short fused best David, I retired from sea service,
>The foul language you bandy about was my daily vocabulary for a couple
>of decades. I grew out of it before I left service, and your ability
>to insult me doesn't exist. You do make me laugh, however, so carry on
>as you wish.
>
Well maybe I never grew out of it. Is seens in many projects I had
to work with crusty old navy cheifs and they had a language all
there own. But over the years I learned that the cheifs where far
more honest and trustworthy than the officer corps. Who may be
more skilled at pretending to be gentlemen. I prefer the more
honest company of beer drinking cheifs.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.xoom.com/ecil/index.htm
Scott LATEST UPDATED source for scott*u.zip
http://radiusnet.net/crypto/ then look for
sub directory scott after pressing CRYPTO
Scott famous Compression Page
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
------------------------------
From: "Dann Corbit" <[EMAIL PROTECTED]>
Crossposted-To: sci.crypt.random-numbers
Subject: Re: NIST Statistical Test Suite
Date: Tue, 3 Oct 2000 15:56:47 -0700
"Mok-Kong Shen" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
>
>
> [EMAIL PROTECTED] wrote:
>
> >
> > Has anyone got code for the function erfc() that i could include in the
> > software as this function does not seem to be available when using
> > Visual C++ 6.0.
>
> There is code on p.551 of
>
> H. K. Lau, A numerical library in C for scientists
> and engineers. CRC, 1995.
>
> The code computes erf and erfc simultaneously. Maybe
> you have to adapt it to the needs of the NIST package.
The Cephes collection from NETLIB has erfc() in ndtr.c also.
--
C-FAQ: http://www.eskimo.com/~scs/C-faq/top.html
"The C-FAQ Book" ISBN 0-201-84519-9
C.A.P. FAQ: ftp://38.168.214.175/pub/Chess%20Analysis%20Project%20FAQ.htm
------------------------------
From: Volker Hetzer <[EMAIL PROTECTED]>
Subject: Re: It's Rijndael
Date: Wed, 04 Oct 2000 16:54:21 +0200
Runu Knips wrote:
> Well, but maybe there will be never such a contest again,
> because now a standard has been selected, and it is
> unlikely that we will ever need more than 256 bit of
> security, not in a hundred of years.
I think a new contest is more likely to be initiated
if a shortcut attack on Rijndael is found.
Greetings!
Volker
--
The early bird gets the worm. If you want something else for
breakfast, get up later.
------------------------------
Date: Wed, 04 Oct 2000 15:56:40 +0100
From: Richard Heathfield <[EMAIL PROTECTED]>
Subject: Re: Counterpane Funny Stuff
Tom St Denis wrote:
>
> at http://www.counterpane.com/pr-funding.html
>
<snip quote>
>
> What the heck is a "scalable security business model that broadly
> leverages unparalelled security expertise...."
"scalable security" - a lock for a ladder.
"business model" - an executive toy.
"broadly leverages" - you can use it to get the lid off boxes of
paper-clips.
"unparalleled" - it's a /wonky/ ladder.
"security" - you can't move it very far.
"expertise" - it's clever.
So, in summary,it's a neat little toy ladder, chained to your desk,
which you damaged while using it to jemmy open your office stationery
packaging.
An odd thing to advertise on the Web. I reckon Counterpane should have
stuck to what they know best - quilting.
<g,d&r>
[BTW I was rooting for TwoFish]
--
Richard Heathfield
"Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
K&R Answers: http://users.powernet.co.uk/eton/kandr2/index.html
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
