Cryptography-Digest Digest #897, Volume #12 Wed, 11 Oct 00 13:13:01 EDT
Contents:
re: working with huge numbers ([EMAIL PROTECTED])
Re: Why trust root CAs ? (Vernon Schryver)
Re: Why trust root CAs ? (Vernon Schryver)
Re: Comments on the AES winner (Future Beacon)
Re: A new paper claiming P=NP (Lieven Marchand)
Re: A new paper claiming P=NP (Aaron Bergman)
Re: Making Rijndael Even Faster (John Worley)
Re: NIST RNG Tests ("Paul Pires")
Re: A new paper claiming P=NP (Jonathan Thornburg)
The state of play on Microsoft CSP signing... ("Simon Dainty")
Re: Dense feedback polynomials for LFSR ("Douglas A. Gwyn")
Re: Rijndael implementations ("Douglas A. Gwyn")
Re: FTL Computation ("Douglas A. Gwyn")
Re: AES Runner ups ("Douglas A. Gwyn")
Re: Comments on the AES winner (Jim Gillogly)
Re: Rijndael implementations ("Paul Pires")
Re: working with huge numbers (Jim Gillogly)
Re: Comments on the AES winner ("Paul Pires")
Re: Rijndael implementations ("Brian Gladman")
----------------------------------------------------------------------------
From: [EMAIL PROTECTED]
Subject: re: working with huge numbers
Date: Wed, 11 Oct 2000 15:02:50 GMT
In article <8s11mi$eo5$[EMAIL PROTECTED]>,
"DeSilva" <[EMAIL PROTECTED]> wrote:
> So can anyone direct me to an online source of info on how to do this?
> Quite frankly right now i dont want to sit and close read sourcecode
in
> order to figure out how and why one specific implementation does
this, i
> would much rather read some sort of tutorial on the subject... and
right now
> i am not really interested in buying books on the subject.
>
If you want a free lunch, then read this, chapter 14:
http://cacr.math.uwaterloo.ca/hac/index.html
They give the algorithms, you just have to implement them in your
favorite language.
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED] (Vernon Schryver)
Subject: Re: Why trust root CAs ?
Date: 11 Oct 2000 08:40:01 -0600
In article <[EMAIL PROTECTED]>,
Paul Rubin <[EMAIL PROTECTED]> wrote:
>> In other words, since when is a DUNS number a proof of identity, honesty,
>> financial stability, or anything else?
>
>It takes more than a DUNS number to get a class 3 certificate, at
>least from Verisign. You also have to control the phone number listed
>for the company, i.e. they look up the number and call it. They don't
>just believe the phone number you give them in the CSR.
You don't need to control the phone number of a target to arrange to answer
a phone call. You need only arrange to answer that particular phone call
(and perhaps others). I'd be moderately impressed by someone who arranged
hijack the phone call from Verisign to 1 206 266 4064 (Amazon.com), but
not at all impressed by anyone who managed to answer my phone when Verisign
called to verify Rhyolite Software's application.
Again, my point is that contrary to Verisign's advertising and "white
papers,", their certificate for Amazon.com depends on Amazon.com being
what it is in the real and network worlds, and by that same token, a
certificate for https://www.rhyolite.com from rhyolite.com gives those
who think about it just as much peace of mind as one from Verisign.
Vernon Schryver [EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Vernon Schryver)
Subject: Re: Why trust root CAs ?
Date: 11 Oct 2000 09:12:13 -0600
In article <[EMAIL PROTECTED]>,
Anne & Lynn Wheeler <[EMAIL PROTECTED]> wrote:
>> In other words, since when is a DUNS number a proof of identity, honesty,
>> financial stability, or anything else?
> ...
>a two person operation ... we didn't at the time have a D&B ... but
>D&B called us up ... gave us a D&B number and took down our
>information over the phone. This information, they provided back to
>the company we were signing a contract with ...
D&B might also have checked your DBA registragion.
I have less good to say about D&B than Verisign. When D&B calls to
try to sell me a subscription (under cover of getting my information),
I invoke the TCPA and demand they put me on their do not call list.
Contemplate the difference between a DUNS number and a Verisign
certificate. Except for Verisign's cryptographic window dressing and
SuperHypeWay .Com mania, there is little that I can see. They both consist
essentially of a handle on statements offered by the authenticatee and
barely supreficially verified by the authenticator. D&B does add a little
gossip gleaned from public records.
The prominent mention of DUNS numbers by Verisign is probably because
those who put great store in a D&B rating do the same for a Verisign
certificate, and vice versa. I wonder if Verisign will buy D&B when CA
and .com registration revenues stops growing so nicely.
>with regard to a domain name ... i can register a DBA and open a
>checking account with that DBA, get D&B registration ... hijack a
>domain name and provide all information to the CA that correctly
>validates (i.e. the domain name validates with the domain name
>infrastructure ... and all the other information provided also
>validates).
Exactly!--provided you pick the unknown name of a small or tiny outift
like Rhyolite Software instead of Amazon.com.
>in the ssl domain name server certificate case ... all the client is
>doing is checking that the web address they are using and the domain
>name in the certificate match.
Some people will misunderand that. Verisign signs your domain name, not
your IP address. The distinction has significant security implications.
It is also unavoidable for any authenticator other than the DNS system.
>if there is any addition information in a certificate & it doesn't
>correspond with what a client might expect, oh well ... out of the millions
>of people that might do a SSL operation with the server & also
>actually physically look at any other information that may be part of
>a ssl domain name server certificate is possibly countable on fingers
>& toes.
Unless you've suffered serious accidents, you don't need so many digits.
It's easy to delete the lists of PKI authorities in Internet Explorer,
and then you get lots of complaints about miss-matches. There are bound
to be many people who've done that, but do you suppose any have complained
Then there are the multiple domain names that a single big outfit uses.
I regulraly get the "are you sure" warning from Netscape because an https
link points is to the wrong domainname that happens to resolve to the
correct IP adress. Do you suppose anyone ever worries about those
warnings?
>a CA can authenticate stuff it has direct knowledge of and for the
>rest relies on authoritative sources for that information ...
Yes, suckers for PKI should read
http://www.verisign.com/server/enroll/globalpreparing.html to find
the sum total of Verisign's knowledge and then ask themselves which
parts are direct.
Vernon Schryver [EMAIL PROTECTED]
------------------------------
From: Future Beacon <[EMAIL PROTECTED]>
Subject: Re: Comments on the AES winner
Date: Wed, 11 Oct 2000 11:32:48 -0400
On Tue, 10 Oct 2000, Douglas A. Gwyn wrote:
> Future Beacon wrote:
> > Does anybody think that the United States Government cannot crack
> > this code?
>
> Does anybody think that they can?
OK. Does anybody think that the United States Government can crack
this code?
> What is the point of asking such questions in the absence of the
> *knowledge* it takes to answer them?
I'm not ready to assume that there is no valuable opinions available
from this news group. Besides, I asked a question. I didn't make
any claims.
My curiosity about the matter is prompted by my observation that a
famous opponent of absolute e-mail privacy has endorsed an encryption
method. Also, the government does not seem indifferent about how to
implement it. If anybody thinks it is absolutely secure or exceedingly
secure, I would like to hear that opinion. Maybe somebody knows
something. There are lots of possible theories.
If I were in charge of government communication and I was also
interested in reading certain transmissions, I would encourage the
world to standardize on something I could crack and put a layer
under it for the really important stuff the government needs to
transmit; but I didn't intend to argue that with my question. There
are, no doubt, other opinions.
Jim Trek
Future Beacon Technology
http://eznet.net/~progress
[EMAIL PROTECTED]
------------------------------
Crossposted-To: comp.theory,sci.math,sci.op-research
Subject: Re: A new paper claiming P=NP
From: Lieven Marchand <[EMAIL PROTECTED]>
Date: 10 Oct 2000 23:34:15 +0200
[EMAIL PROTECTED] writes:
> I've often seen O(nlogn) algorithms beat O(n), or O(n^2) beat
> O(n^lg(3)), but it would be extremely rare for an O(n^2) algorithm to
> beat an O(n) algorithm on moderately large inputs (say, n>=10,000).
I believe one example is triangularisation of polygons. Chazelle has
found a O(n) algorithm that has never been implemented because it is
far too complicated to be useful and many of the algorithms in
practical use have bounds of the type O(kn) where k is a factor
dependent on the geometry of the polygon (such as the number of
concave vertices) that can be O(n) in real cases.
--
Lieven Marchand <[EMAIL PROTECTED]>
Lambda calculus - Call us a mad club
------------------------------
From: Aaron Bergman <[EMAIL PROTECTED]>
Crossposted-To: comp.theory,sci.math,sci.op-research
Subject: Re: A new paper claiming P=NP
Date: Wed, 11 Oct 2000 12:14:54 -0400
In article <[EMAIL PROTECTED]>, glenn
<[EMAIL PROTECTED]> wrote:
> Irrelevant question, but is there any way of converting a pdf
> file to ps?
Just print from Acrobat to a file.
Aaron
--
Aaron Bergman
<http://www.princeton.edu/~abergman/>
------------------------------
From: John Worley <[EMAIL PROTECTED]>
Subject: Re: Making Rijndael Even Faster
Date: Wed, 11 Oct 2000 10:18:30 -0600
John -
Your comment about speeding up Rijndael is valid iff you explicitly
implement the ShiftRow step. It is possible, on 32-bit and 64-bit processors,
to implement each round as a single set of look-ups and XORs, effectively
combining all three steps into one operation. The theory behind this is quite
well explained in the author's submission paper (see Section 5.2.1). This is
the technique I used for the PA-RISC and IA-64 implmentations (look at
http://csrc.nist.gov/encryption/aes/round2/conf3/aes3agenda.html for more
information).
John Worley
[EMAIL PROTECTED]
------------------------------
From: "Paul Pires" <[EMAIL PROTECTED]>
Subject: Re: NIST RNG Tests
Date: Wed, 11 Oct 2000 09:25:16 -0700
<[EMAIL PROTECTED]> wrote in message news:8s17jd$otb$[EMAIL PROTECTED]...
> Well, i managed to get the test data supplied by NIST. So far i've only
> tried the data.pi file and i am running into problems with the
> overlapping and non-overlapping tempplates tests. I don't the same
> results as those specified in the user manual.
I noticed that in my download, some of the template files were zipped
within the zip. Did you try unpacking all of the individual files in the
template directory?
>
> Also, i have emailed NIST asking about porting the code to a PC and the
> answer i got was:
> >I do not have a list of specific changes that are necessary for porting
> >to a PC. If you have a PC with Linux, the code seems to work fine as
> >is.
Our tax dollars at work. $%@%$@$@
Paul
>
> Regards,
>
> Brice.
>
> In article <CFHE5.1969$[EMAIL PROTECTED]>,
> "Paul Pires" <[EMAIL PROTECTED]> wrote:
> >
> > <[EMAIL PROTECTED]> wrote in message
> news:8runi9$maq$[EMAIL PROTECTED]...
> > > I have actually compiled the code on a Sun computer running the
> Solaris
> > > OS. I was hoping maybe that version would work properly. I have run
> it
> > > on some data but i can't check it against anything.
> > >
> > > The test data mentioned in the user documentation provided by NIST
> > > doesn't seem to be present when i unpack the compressed files
> (sts.tar &
> > > sts.data.tar).
> > >
> > > I will email the implementors to see if they can provide me with
> test
> > > data.
> > >
> > > Brice.
> > >
> > > In article <[EMAIL PROTECTED]>,
> > > Mok-Kong Shen <[EMAIL PROTECTED]> wrote:
> > > >
> > > >
> > > > [EMAIL PROTECTED] wrote:
> > > >
> > > > > I have finally managed to compile the new NIST Random Number
> > > Generator
> > > > > tests. However, i don't have any data to make sure the code does
> > > what
> > > > > it's supposed to do. Could anyone supply me with some data they
> have
> > > > > used and then i could compare my results with theirs?
> > > >
> > > > As discussed recently, the package could have some problems
> > > > on PC. Please contact the implementors at NIST and let us
> > > > know that the suite runs correctly on PC and about the
> > > > checks you mentioned.
> >
> > A buddy helped me out and I have a copy copiled to run under Windows
> > I have not had time to work with it yet (work intrudes). NIST could
> have
> > specified a simple, concise confidence check since they opted not to
> > release compiled and verified code. I hope to be back at it later this
> > week and will advise on what I find.
> >
> > Paul
> >
> > > >
> > > > M. K. Shen
> > > >
> > >
> > >
> > > Sent via Deja.com http://www.deja.com/
> > > Before you buy.
> >
> >
>
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.
------------------------------
From: [EMAIL PROTECTED] (Jonathan Thornburg)
Crossposted-To: comp.theory,sci.math,sci.op-research
Subject: Re: A new paper claiming P=NP
Date: 11 Oct 2000 18:31:32 +0200
In <[EMAIL PROTECTED]> glenn <[EMAIL PROTECTED]> writes:
>Irrelevant question, but is there any way of converting a pdf file to
>ps?
xpdf ( http://www.foolabs.com/xpdf/ ) is a free (GPL) pdf viewer
which runs on most Unix flavors. It's about an order of magnitude
smaller and faster than Acrobat. xpdf includes both the command pdftops
and a GUI "print" command which produces a postscript file.
--
-- Jonathan Thornburg <[EMAIL PROTECTED]>
http://www.thp.univie.ac.at/~jthorn/home.html
Universitaet Wien (Vienna, Austria) / Institut fuer Theoretische Physik
Q: Only 7 countries have the death penalty for children. Which are they?
A: Congo, Iran, Nigeria, Pakistan[*], Saudi Arabia, United States, Yemen
[*] Pakistan moved to end this in July 2000. -- Amnesty International,
http://www.amnesty.org/ailib/aipub/2000/AMR/25113900.htm
------------------------------
From: "Simon Dainty" <[EMAIL PROTECTED]>
Subject: The state of play on Microsoft CSP signing...
Date: Wed, 11 Oct 2000 15:49:17 +0100
Hey all, how's life? Good, good... I've only got two questions, so
I won't keep you long.
Can anybody tell me what the current state of play is, regarding
the signing - by Microsoft - of Cryptographic Service Providers
destined for a party outside of North America (Britain, actually)?
Further more, Microsoft have noted that in the future, elements of
Microsoft outside of North America (Microsoft UK, Microsoft
Germany, etc, etc, etc) will/may support the signing of CSPs. Does
anybody know the current status of this proposal?
Any information you may have would be greatly appreciated. Thanks.
Simon Dainty
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Dense feedback polynomials for LFSR
Date: Wed, 11 Oct 2000 15:40:47 GMT
bubba wrote:
> "zapzing" <[EMAIL PROTECTED]> wrote:
> > On another note, it seems to me that making the
> > polynomial itself a part of the key would
> > greatly increase security, but that possibility
> > is barely mentioned in his book.
In the trade it is usually called "variable taps".
At least one commercial outfit is conducting research
into such algorithms, but procurement regulations
preclude me from saying which one.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Rijndael implementations
Date: Wed, 11 Oct 2000 15:42:34 GMT
Jim Gillogly wrote:
> Network throughput is usually measured in bits/s, and storage is usually
> measured in bytes.
In the latter case, they always assume 8-bit bytes, known in the
networking world as "octets" to avoid ambiguity.
------------------------------
Crossposted-To: sci.astro,sci.physics.relativity,sci.math
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: FTL Computation
Date: Wed, 11 Oct 2000 15:48:48 GMT
ca314159 wrote:
> Definitely. Velocities/speeds are considered relative
> to _inertial_ reference frames. One cannot do FTL this
> way. Non-inertial reference frames must be used; to cheat.
Nonsense. Speed is the magnitude of velocity, and
velocity is the rate of change of the spatial coordinates
of some well-defined physical "thing" with respect to the
time coordinate. This is true in noninertial frames as
well as in inertial frames. The speed of light is the
(local) conversion factor between the units used for
spatial vs. time coordinates. Its role as an upper bound
for propagation of physical effects is no more surprising
than that the sine of a real number cannot exceed 1.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: AES Runner ups
Date: Wed, 11 Oct 2000 15:53:41 GMT
Greggy wrote:
> Let me rephrase - has the government stated any one of the other five
> finalists would be their backup deployment strategy if a problem was
> uncovered with Rijndael on some type of official level?
No, that would be pretty stupid, since if the process
resulted in a flawed algorithm for #1 choice why would
one think that the #2 choice would fare any better?
------------------------------
From: Jim Gillogly <[EMAIL PROTECTED]>
Subject: Re: Comments on the AES winner
Date: Wed, 11 Oct 2000 16:44:01 +0000
Future Beacon wrote:
> If I were in charge of government communication and I was also
> interested in reading certain transmissions, I would encourage the
> world to standardize on something I could crack and put a layer
> under it for the really important stuff the government needs to
> transmit; but I didn't intend to argue that with my question. There
> are, no doubt, other opinions.
Try it this way. Suppose you personally had set up an AES-like competition,
and had gotten the same submissions and the same feedback from the best
interested academic cryptographers in the world, as well as the same
hardware implementation support from the NSA, any of which you are free
to ignore. Suppose further that you have free choice to pick the next
Future Beacon Encryption Standard. Given that feedback and your own
native decision-making abilities and intelligence, how different would
your choice have been, and why? Are you ready to declare the new FBES?
I note that nobody who's talking has seen a show-stopper with the
security of any of the five final candidates, nor, in fact, with
many of the semi-finalists. The consensus is that <we> don't know
how to break it, but nobody outside knows whether NSA, CSE, CESG, or
anybody else does. I suspect that they can't, and that they can't
break 3DES, but I don't have any firm basis for believing that one
way or the other. I <strongly> suspect that they have much easier
ways of getting the plaintext. The Robert H. Morris talk at
http://chacs.nrl.navy.mil/ieee/cipher/old-conf-rep/conf-rep-Crypto95.html
that I referenced a day or two ago says cryptanalysis is no longer the
most effective means for governments (well, the US government
anyway) to obtain plaintext, and that this was true by the middle
to late 1960s, even before the introduction of DES.
I think NIST should be commended for the way they ran the competition
and paid attention to the comments received.
--
Jim Gillogly
Mersday, 20 Winterfilth S.R. 2000, 16:17
12.19.7.11.4, 7 Kan 7 Yax, Eighth Lord of Night
------------------------------
From: "Paul Pires" <[EMAIL PROTECTED]>
Subject: Re: Rijndael implementations
Date: Wed, 11 Oct 2000 09:43:37 -0700
Brian Gladman <[EMAIL PROTECTED]> wrote in message
news:t4VE5.35457$Cl1.824040@stones...
>
> "Paul Pires" <[EMAIL PROTECTED]> wrote in message
> news:LxNE5.527$[EMAIL PROTECTED]...
> > <snip>
> > >
> http://www.btinternet.com/~brian.gladman/cryptography_technology/rijndael/in
> > > dex.html
> > >
> > > where I have just updated my own implementation (in C++). On the
> 200MHz
> > > Intel reference platform it offers around 70Mbits/second using large
> tables
> > > but other options are provided as well.
> >
> > Hope you don't mind a dumb question. If a Megabyte is 1024^2 bits
> (1.048576
> > million
> > bytes) as opposed to1 million bytes, is a Mbit 1 million bits or something
> else?
> >
> > Paul
>
> In my code 1Mbit/second = 10^6 bits/second - that is, the M is being used in
> its scientific meaning as a prefix for 10^6.
>
> I simply measure the number of cycles to encrypt a 128 bit block and then
> calculate how many bits per second this represents and then divide by 10^6.
> The speed would be reported 5% lower if the 2^20 convention was being used.
Thanks for the clarification. BTW, is there some reason why a Clock speed
independent
measure (clocks per byte) is not used more often? Granted, you still need to
know the general
architecture but it does seem to avoid a lot of mis-understanding.
Thanks
Paul
>
> Brian Gladman
>
>
------------------------------
From: Jim Gillogly <[EMAIL PROTECTED]>
Subject: Re: working with huge numbers
Date: Wed, 11 Oct 2000 16:52:41 +0000
DeSilva wrote:
>
> So can anyone direct me to an online source of info on how to do this?
> Quite frankly right now i dont want to sit and close read sourcecode in
> order to figure out how and why one specific implementation does this, i
> would much rather read some sort of tutorial on the subject... and right now
> i am not really interested in buying books on the subject.
The Handbook of Applied Cryptography is on-line. You should also buy
Knuth vol. 2 on general principles. If all you want is to do some fat
arithmetic without knowing how it works, pick any good library -- the
GNU mp library, for example -- and read the manual.
--
Jim Gillogly
Mersday, 20 Winterfilth S.R. 2000, 16:48
12.19.7.11.4, 7 Kan 7 Yax, Eighth Lord of Night
------------------------------
From: "Paul Pires" <[EMAIL PROTECTED]>
Subject: Re: Comments on the AES winner
Date: Wed, 11 Oct 2000 09:58:23 -0700
Future Beacon <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
>
>
>
> On Tue, 10 Oct 2000, Douglas A. Gwyn wrote:
>
> > Future Beacon wrote:
> > > Does anybody think that the United States Government cannot crack
> > > this code?
> >
> > Does anybody think that they can?
>
> OK. Does anybody think that the United States Government can crack
> this code?
>
> > What is the point of asking such questions in the absence of the
> > *knowledge* it takes to answer them?
>
> I'm not ready to assume that there is no valuable opinions available
> from this news group. Besides, I asked a question. I didn't make
> any claims.
>
> My curiosity about the matter is prompted by my observation that a
> famous opponent of absolute e-mail privacy has endorsed an encryption
> method. Also, the government does not seem indifferent about how to
> implement it. If anybody thinks it is absolutely secure or exceedingly
> secure, I would like to hear that opinion. Maybe somebody knows
> something. There are lots of possible theories.
>
> If I were in charge of government communication and I was also
> interested in reading certain transmissions, I would encourage the
> world to standardize on something I could crack and put a layer
> under it for the really important stuff the government needs to
> transmit; but I didn't intend to argue that with my question. There
> are, no doubt, other opinions.
You bet. The problem with conspiracy theories is that
they tend to violate profound rules of human behavior.
1, The likelihood of a secret remaining so is the
inverse square of the size of the group who knows it.
2, A conspiracy cannot require more intelligence or
judgement than that attributed to the average
bureaucrat.
3, If a conspiracy is uncovered, it is probably to
conceal a hidden blunder as this activity is where
most bureaucratic labor is invested. CYA
Paul
>
> Jim Trek
> Future Beacon Technology
> http://eznet.net/~progress
> [EMAIL PROTECTED]
>
------------------------------
From: "Brian Gladman" <[EMAIL PROTECTED]>
Subject: Re: Rijndael implementations
Date: Wed, 11 Oct 2000 18:05:41 +0100
"Paul Pires" <[EMAIL PROTECTED]> wrote in message
news:PP0F5.6364$[EMAIL PROTECTED]...
> Brian Gladman <[EMAIL PROTECTED]> wrote in message
> news:t4VE5.35457$Cl1.824040@stones...
> >
> > "Paul Pires" <[EMAIL PROTECTED]> wrote in message
> > news:LxNE5.527$[EMAIL PROTECTED]...
> > > <snip>
> > > >
> >
http://www.btinternet.com/~brian.gladman/cryptography_technology/rijndael/in
> > > > dex.html
> > > >
> > > > where I have just updated my own implementation (in C++). On the
> > 200MHz
> > > > Intel reference platform it offers around 70Mbits/second using large
> > tables
> > > > but other options are provided as well.
> > >
> > > Hope you don't mind a dumb question. If a Megabyte is 1024^2 bits
> > (1.048576
> > > million
> > > bytes) as opposed to1 million bytes, is a Mbit 1 million bits or
something
> > else?
> > >
> > > Paul
> >
> > In my code 1Mbit/second = 10^6 bits/second - that is, the M is being
used in
> > its scientific meaning as a prefix for 10^6.
> >
> > I simply measure the number of cycles to encrypt a 128 bit block and
then
> > calculate how many bits per second this represents and then divide by
10^6.
> > The speed would be reported 5% lower if the 2^20 convention was being
used.
>
> Thanks for the clarification. BTW, is there some reason why a Clock speed
> independent
> measure (clocks per byte) is not used more often? Granted, you still need
to
> know the general
> architecture but it does seem to avoid a lot of mis-understanding.
I use clocks more than Mbit/second speed (since I don't have a 200 MHz
system any longer to do measurements on).
I agree that Mbit/sec can be very misleading - I have a number of emails
from people claiming that they can achieve 100Mbit/sec on Rijndael but
forgetting to mention that they are using systems with 600, 800 or 1GHz
clock speeds.
I tend to use clocks/block rather than clocks/byte since it is then easier
to decide how to combine key setup and block timings for particular
encryption scenarios (eg 1 keying operation + 3/4 blocks per ATM cell).
Brian Gladman
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
