Cryptography-Digest Digest #924, Volume #12 Sat, 14 Oct 00 09:13:00 EDT
Contents:
CHES 2001 Workshop (Christof Paar)
Re: algo to generate permutations (Tim Tyler)
Re: NIST Random Generator Test Suite Results (Tim Tyler)
Re: Rijndael implementations (Robert Harley)
Re: Rijndael implementations (Tim Tyler)
Re: What is meant by non-Linear... (Tim Tyler)
Re: FTL Computation (ca314159)
Re: block-cipher silly question? (Dido Sevilla)
Re: Challenge... (Dido Sevilla)
Re: SDMI - Answers to Major Questions (Tom St Denis)
Re: CHES 2001 Workshop (Tom St Denis)
Re: Optimisation of SHA-256 (Tom St Denis)
Re: Crypto technology recommendations? (Tom St Denis)
Re: Crypto technology recommendations? (DJohn37050)
Re: Crypto technology recommendations? ("Will Newland")
Re: block-cipher silly question? (N. Weicher)
Re: block-cipher silly question? (N. Weicher)
----------------------------------------------------------------------------
From: Christof Paar <[EMAIL PROTECTED]>
Crossposted-To: comp.arch.fpga,comp.arch.arithmetic
Subject: CHES 2001 Workshop
Date: Sat, 14 Oct 2000 05:57:57 -0400
Workshop on Cryptographic Hardware and Embedded Systems 2001
(CHES 2001)
http://www.chesworkshop.org
Paris - France
May 13 - 16, 2001
First Call for Papers
General Information
The focus of this workshop is on all aspects of cryptographic
hardware and embedded system design. The workshop will be a forum of
new results from the research community as well as from the industry.
Of special interest are contributions that describe new methods for
efficient hardware implementations and high-speed software for
embedded systems, e.g., smart cards, microprocessors, DSPs, etc. We
hope that the workshop will help to fill the gap between the
cryptography research community and the application areas of
cryptography. Consequently, we encourage submission from academia,
industry, and other organizations. All submitted papers will be
reviewed.
This will be the third CHES workshop. The first workshop, CHES '99,
was held at WPI in August of 1999 and was very well received by
academia and industry. There were 170 participants, more than half of
which were from outside the United States. The second workshop, CHES
2000, was also held at WPI in August of 2000 and had an attendance of
180.
The third workshop, CHES 2001, will be held in Paris in May of 2001. The
topics of interest include but are not limited to:
* Computer architectures for public-key cryptosystems
* Computer architectures for secret-key cryptosystems
* Reconfigurable computing and applications in cryptography
* Cryptographic processors and co-processors
* Modular and Galois field arithmetic architectures
* Tamper resistance on the chip and board level
* Smart card attacks and architectures
* Efficient algorithms for embedded processors
* Special-purpose hardware for cryptanalysis
* Fast network encryption
* True and pseudo random number generators
* Cryptography in wireless applications
Instructions for Authors
Authors are invited to submit original papers. The preferred submission form
is by electronic mail to [EMAIL PROTECTED] Papers should be formatted in
12pt type and not exceed 12 pages (not including the title page and the
bibliography). The title page should contain the author's name, address
(including email address and an indication of the corresponding author), an
abstract, and a small list of key words. Please submit the paper in
Postscript or PDF. We recommend that you generate the PS or PDF file using
LaTeX, however, MS Word is also acceptable. All submissions will be
refereed.
Only original research contributions will be considered. Submissions must
not substantially duplicate work that any of the authors have published
elsewhere or have submitted in parallel to any other conferences or
workshops that have proceedings.
Important Dates
Submission Deadline: February 15th, 2001.
Acceptance Notification: March 31st, 2001.
Final Version due: April 21st, 2001.
Workshop: May 13th - 16th, 2001.
NOTE: The CHES dates May 13th - 16th are Sunday - Wednesday
succeeding Eurocrypt 2001 which ends on Thursday, May 10th.
Mailing List
If you want to receive emails with subsequent Call for Papers and
registration information, please send a brief mail to [EMAIL PROTECTED]
Program Committee
Ross Anderson, Cambridge University, England
Jean-Sebastien Coron, Gemplus, France
Kris Gaj, George Mason University, USA
Jim Goodman, Chrysalis-ITS, Canada
Anwar Hasan, University of Waterloo, Canada
Peter Kornerup, Odense University, Denmark
Bart Preneel, Katholieke Universiteit Leuven, Belgium
Jean-Jacques Quisquater, Universite Catholique de Louvain, Belgium
Christoph Ruland, University of Siegen, Germany
Erkay Savas, cv cryptovision, Germany
Joseph Silverman, Brown University and NTRU Cryptosystems, Inc., USA
Jacques Stern, Ecole Normale Superieure, France
Colin Walter, Computation Department - UMIST, U.K.
Michael Wiener, Entrust Technologies, Canada
Organizational Committee
All correspondence and/or questions should be directed to either of the
Organizational Committee Members:
Cetin Kaya Koc
(Publications Chair)
Dept. of Electrical & Computer Engineering
Oregon State University
Corvallis, Oregon 97331, USA
Phone: +1 541 737 4853
Fax: +1 541 737 8377
Email: [EMAIL PROTECTED]
David Naccache
(Program Chair and Local Organization)
Gemplus Card International
34 Rue Guynemer
92447 Issy les Moulineaux Cedex, FRANCE
Phone: +33 1 46 48 20 11
Fax: +33 1 46 48 20 04
Email: [EMAIL PROTECTED]
Christof Paar
(Publicity Chair)
Dept. of Electrical & Computer Engineering
Worcester Polytechnic Institute
Worcester, MA 01609, USA
Phone: +1 508 831 5061
Fax: +1 508 831 5491
Email: [EMAIL PROTECTED]
Workshop Proceedings
The post-proceedings will be published in Springer-Verlag's Lecture Notes
in Computer Science (LNCS) series. Notice that in order to be included
in the proceedings, the authors of an accepted paper must guarantee to
present their contribution at the workshop.
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: algo to generate permutations
Reply-To: [EMAIL PROTECTED]
Date: Sat, 14 Oct 2000 10:39:38 GMT
stephane longchamp <[EMAIL PROTECTED]> wrote:
: Do someone know an algo to generate all permutations of a string [...]
http://mandala.co.uk/permutations/ contains an exhaustive permutation
generator, in the form of a Java applet.
The algorithm employed is from E. W. Dijkstra, A Discipline of
Programming, Prentice-Hall, 1976, p.71.
The source code is available. Dealing with a string is obviously simply a
case of indexing the characters.
--
__________ http://alife.co.uk/ http://mandala.co.uk/
|im |yler [EMAIL PROTECTED] http://hex.org.uk/ http://atoms.org.uk/
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: NIST Random Generator Test Suite Results
Reply-To: [EMAIL PROTECTED]
Date: Sat, 14 Oct 2000 10:46:02 GMT
Douglas A. Gwyn <[EMAIL PROTECTED]> wrote:
: Cristiano wrote:
:> I use this C routine (**warning** UBYTE is unsigned long):
: Gee, you're going to upset Tom St.Denis and Tim Tyler.
Indeed. I demand the offending identifier be renamed forthwith! ;-)
--
__________ Lotus Artificial Life http://alife.co.uk/ [EMAIL PROTECTED]
|im |yler The Mandala Centre http://mandala.co.uk/ Chaste makes waste.
------------------------------
From: Robert Harley <[EMAIL PROTECTED]>
Subject: Re: Rijndael implementations
Date: 14 Oct 2000 13:09:53 +0200
"Douglas A. Gwyn" <[EMAIL PROTECTED]> writes:
> Correct use of technical terminology is never obsolete.
> "Automobile" does not connote "4 wheels" even if all
> 3-wheeled models are currently out of production.
Let me guess... next you're going to claim that "car" means
"horse-drawn carriage", eh?
ObWebster:
Main Entry: byte
Pronunciation: 'bIt
Function: noun
Etymology: perhaps alteration of bite
Date: 1959
: a group of eight binary digits processed as a unit by a
computer and used especially to represent an
alphanumeric character -- compare WORD
Welcome to the year 2000, Doug.
.-. .-.
/ \ .-. .-. / \
/ \ / \ .-. _ .-. / \ / \
/ \ / \ / \ / \ / \ / \ / \
/ \ / \ / `-' `-' \ / \ / \
\ / `-' `-' \ /
`-' [EMAIL PROTECTED] `-'
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: Rijndael implementations
Reply-To: [EMAIL PROTECTED]
Date: Sat, 14 Oct 2000 11:06:47 GMT
Douglas A. Gwyn <[EMAIL PROTECTED]> wrote:
: Tim Tyler wrote:
:> "Byte" should mean "octet"
: It didn't mean that in the first place, and only a parochial
: view of computing based on limited exposure to the gamut of
: possibilities would allow anyone to think what you suggest.
Whoa - that sounds dreadful ;-)
Meanings change, *including* those of technical terms that attain popular
usage.
Consider the term "gender". This is a linguistic term relating to
the classification of nouns and pronouns in languages such as French.
However, it has widely been used as a term to refer to the sex of
individuals, without use of the broader term, "sex". A few (e.g.
Richard Dawkins) lament this theft - but it is now by far the more
common usage.
I think the popular term and the term that refers to 8-bits should
intersect - since clumps of 8 bits are cetainly common and show little
sign of going away.
Since nobody's likely to start calling all unicode characters "bytes"
at this point, the original meaning looks like it will go
(or perhaps I should say has gone) severely bankrupt.
--
__________ Lotus Artificial Life http://alife.co.uk/ [EMAIL PROTECTED]
|im |yler The Mandala Centre http://mandala.co.uk/ Free gift.
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: What is meant by non-Linear...
Reply-To: [EMAIL PROTECTED]
Date: Sat, 14 Oct 2000 11:11:08 GMT
Stephen M. Gardner wrote (in response to a post of mine):
: The problem with your 'straight line' definition is that I don't think it
: maps very intuitively to finite fields. [...]
You have to think of the field as wrapped into a torus. Apart from that
there seem to be no special problems.
--
__________ http://alife.co.uk/ http://mandala.co.uk/
|im |yler [EMAIL PROTECTED] http://hex.org.uk/ http://atoms.org.uk/
------------------------------
From: ca314159 <[EMAIL PROTECTED]>
Crossposted-To: sci.astro,sci.physics.relativity,sci.math
Subject: Re: FTL Computation
Date: Sat, 14 Oct 2000 12:02:25 GMT
In article <[EMAIL PROTECTED]>,
"Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote:
> ca314159 wrote:
> > "Paul Lutus" <[EMAIL PROTECTED]> wrote:
> > > and the spot does not move at FTL.
> > If _it_ doesn't, then what does _it_ do ?
> > Does _it_ exist at all ?
> > The spot, is a symbol.
> > It, moves FTL.
>
> Nuts! One can focus one's attention on an object here on
> Earth, then within a second or so move the focus of his attention
> to something on Mars. Has anything actually travelled faster
> than light in this thought experiment? If you think so, then
> your notion of FTL is utterly useless.
>
> > Here's someone who's exploited FTL shutters to holograph
> > the actual motion of light. He's basically done what Einstein
> > asked: what's it like to ride on a beam of light ?
> > http://www.matpr.kth.se/personal/nilsa/
> > If _it_ was an illusion, Nils Abramson would not have been
> > able to exploit _it_, now would he ?
>
> Nothing in his apparatus moves faster than light.
> The patterns are Moire effect, i.e. standing waves.
>
> > Ideas (correlations) can be communicated
> > instantaneously, deterministic (new) information
> > must be communicated less than the speed of light.
>
> The concept of "communication" requires that information
> be conveyed.
>
Having fun, usually means, going alittle nuts;
is there no fun left in science ? And whether
one thinks the twin paradox, particle-wave duality,
Schrodinger's dead and alive cat (they really knew
how to have fun with science back then) are nutty
ideas or valid conjectures, depends on your
subjective attitude often more than the measurements.
Optical 'illusions' present similar distressing, or fun,
opportunities for anyone wishing to make empirical
measurements upon them, depending on one's attitude:
http://dir.yahoo.com/Science/Biology/Vision/Optical_Illusions/
Indeed in these cases, when one's focus is 'shifted
from earth to mars' the perceived effect changes
and so does the information change. But the information
is within the combined 'earth-mars' picture in these
cases via correlations. The information we are perceiving,
communicating, is not located in any one spatial place and
therefore we are permitted to say that it travels FTL
if our focus can so move.
* It is pointless to say that the information is not moving
when it's exact position is spread over space and cannot
be located.
It is a bending of concepts no less, than to say a quantum
is a wave-particle or a cat is both dead and alive
or that superluminal plasma jets are seen in space,
or that a quantum particle was teleported instantaneously,...
but bendingconcepts in those cases found their value
in science and so will the concept of superluminal
information propagation.
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Dido Sevilla <[EMAIL PROTECTED]>
Subject: Re: block-cipher silly question?
Date: Sat, 14 Oct 2000 20:04:19 +0800
"N. Weicher" wrote:
>
> I hope this isn't too silly a question to ask, but is there such a
> thing as a credible block cipher that works on a single-byte block?
Yes. It's called a stream cipher.
--
Rafael R. Sevilla <[EMAIL PROTECTED]> +63 (2) 4342217
ICSM-F Development Team, UP Diliman +63 (917) 4458925
OpenPGP Key ID: 0x0E8CE481
------------------------------
From: Dido Sevilla <[EMAIL PROTECTED]>
Subject: Re: Challenge...
Date: Sat, 14 Oct 2000 20:10:08 +0800
[EMAIL PROTECTED] wrote:
>
> That's all you'll get from me - to be honest I don't know why I
> actually bothered posting here in the first place...???
>
Because you're so full of s--t that you have no idea what this newsgroup
really is about, perhaps? Or perhaps your cryptosystem is so weak that
it can't stand up to the scrutiny of these people who do have some idea
what this newsgroup is about?
--
Rafael R. Sevilla <[EMAIL PROTECTED]> +63 (2) 4342217
ICSM-F Development Team, UP Diliman +63 (917) 4458925
OpenPGP Key ID: 0x0E8CE481
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: SDMI - Answers to Major Questions
Date: Sat, 14 Oct 2000 12:23:21 GMT
In article <[EMAIL PROTECTED]>,
stl/*This_is_a_comment*[EMAIL PROTECTED] (Stephan T. Lavavej) wrote:
> >Stupid SDMI people. I routinely listen to MP3 shoutcast streams at
128
> >kbps, and it sounds very good. If your watermark makes it worse then
> >phhtt!
>
> MP3 compression is NOT transparent at 128kbps. In fact, it's quite
> bad. Anyone who doesn't hate 128kbps doesn't care about quality.
> Even 256 or 320 kbps doesn't quite cut it; the codec always mangles
> specific input signals, even those found in regular music. I listen
> to MP3, but when I burn CDs, I go straight from my original WAVs. I
> do indeed agree that SDMI is stupid, stupid, stupid.
Are you mental? You really can't hear alot of noise (if any at all) at
say 192kbps. Even at 128kbps it sounds decent.
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Crossposted-To: comp.arch.fpga,comp.arch.arithmetic
Subject: Re: CHES 2001 Workshop
Date: Sat, 14 Oct 2000 12:32:26 GMT
In article <[EMAIL PROTECTED]>,
Christof Paar <[EMAIL PROTECTED]> wrote:
> The focus of this workshop is on all aspects of cryptographic
> hardware and embedded system design. The workshop will be a forum of
> new results from the research community as well as from the industry.
> Of special interest are contributions that describe new methods for
> efficient hardware implementations and high-speed software for
> embedded systems, e.g., smart cards, microprocessors, DSPs, etc. We
> hope that the workshop will help to fill the gap between the
> cryptography research community and the application areas of
> cryptography. Consequently, we encourage submission from academia,
> industry, and other organizations. All submitted papers will be
> reviewed.
Would a paper on a block cipher geared towards low end microcontrollers
be suited for this conference?
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: Optimisation of SHA-256
Date: Sat, 14 Oct 2000 12:26:10 GMT
In article <[EMAIL PROTECTED]>,
Daniel =?iso-8859-1?Q?L=E9onard?= <[EMAIL PROTECTED]> wrote:
> Some people (including me) already implemented SHA-256.
>
> The compression function of SHA-256 looks like the one in SHA-1 and
> RIPEMD-160. They look alike because after each pass, they shuffle and
> modify their registers. I saw a implementation of such algorithm with
> "assignment" shuffling, SHA-1 for example:
>
> e += ((a << 5) | (a >>> 27)) + F1(b, c, d) + W[ 0]; b = ((b <<
30)
> | (b >>> 2));
> d += ((e << 5) | (e >>> 27)) + F1(a, b, c) + W[ 1]; a = ((a <<
30)
> | (a >>> 2));
> c += ((d << 5) | (d >>> 27)) + F1(e, a, b) + W[ 2]; e = ((e <<
30)
> | (e >>> 2));
> b += ((c << 5) | (c >>> 27)) + F1(d, e, a) + W[ 3]; d = ((d <<
30)
> | (d >>> 2));
> a += ((b << 5) | (b >>> 27)) + F1(c, d, e) + W[ 4]; c = ((c <<
30)
> | (c >>> 2));
> e += ((a << 5) | (a >>> 27)) + F1(b, c, d) + W[ 5]; b = ((b <<
30)
> | (b >>> 2));
> ....
>
> this comes from Cryptix IIRC. It seems better (but less compact :)
than:
>
> for (t = 0; t < 20; t++)
> {
> temp = ((a << 5) | (a >>> 27)) + F1(b, c, d) + W[t];
> e = d; d = c; c = ((b << 30) | (b >>> 2)); b = a; a = temp;
> }
> for (t = 20; t < 40; t++)
> ....
>
> which is what is described in FIPS 180-1. RIPEMD-160 has the same kind
> of shuffling.
>
> As for SHA-256, whose described compression function is:
>
> for (int i = 0; i < 64; i++) {
> T1 = h + SIGMA1(e) + Ch(e, f, g) + K[i] + W[i];
> T2 = SIGMA0(a) + Maj(a, b, c);
> h = g;
> g = f;
> f = e;
> e = d + T1;
> d = c;
> c = b;
> b = a;
> a = T1 + T2;
> }
>
> is there a way to convert it to the "better" form ?
>
> So far, I have:
>
> T1 = h + SIGMA1(e) + Ch(e, f, g) + K[0] + W[0]; T2 = SIGMA0(a) + Maj
(a,
> b, c); h = T1 + T2; d += T1;
> T1 = g + SIGMA1(d) + Ch(d, e, f) + K[1] + W[1]; T2 = SIGMA0(h) + Maj
(h,
> a, b); g = T1 + T2; c += T1;
> T1 = f + SIGMA1(c) + Ch(c, d, e) + K[2] + W[2]; T2 = SIGMA0(g) + Maj
(g,
> h, a); f = T1 + T2; b += T1;
> T1 = e + SIGMA1(b) + Ch(b, c, d) + K[3] + W[3]; T2 = SIGMA0(f) + Maj
(f,
> g, h); e = T1 + T2; a += T1;
> T1 = d + SIGMA1(a) + Ch(a, b, c) + K[4] + W[4]; T2 = SIGMA0(e) + Maj
(e,
> f, g); d = T1 + T2; h += T1;
> T1 = c + SIGMA1(h) + Ch(h, a, b) + K[5] + W[5]; T2 = SIGMA0(d) + Maj
(d,
> e, f); c = T1 + T2; g += T1;
> T1 = b + SIGMA1(g) + Ch(g, h, a) + K[6] + W[6]; T2 = SIGMA0(c) + Maj
(c,
> d, d); b = T1 + T2; f += T1;
> T1 = a + SIGMA1(f) + Ch(f, g, h) + K[7] + W[7]; T2 = SIGMA0(b) + Maj
(b,
> c, e); a = T1 + T2; e += T1;
> T1 = h + SIGMA1(e) + Ch(e, f, g) + K[8] + W[8]; T2 = SIGMA0(a) + Maj
(a,
> b, d); h = T1 + T2; d += T1;
> ....
>
> but it does not work.
Of course if you unroll the compression loop (64 times) you can still
do SHA-256. You just need to get the order of the variables right.
However, that would bloat the code quite a bit.
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: Crypto technology recommendations?
Date: Sat, 14 Oct 2000 12:30:07 GMT
In article <8s8ijk$4pn$[EMAIL PROTECTED]>,
David A Molnar <[EMAIL PROTECTED]> wrote:
> Will Newland <[EMAIL PROTECTED]> wrote:
>
> > C-based
> > libs. I'm not certain if their pick is because of some techincal
> > superiority or just
> > their Borg-like adherence to all things M$. I'm willing to listen,
though.
> > Let me know
> > what you think.
>
> There's also the Java Cryptix toolkit http://www.cryptix.org/
> On the C++ front, Wei Dai's Crypto++ 3.2 deserves a serious look.
> http://www.eskimo.com/~weidai/
Why? His C++ kit will not compile with DJGPP. Seems rather half-assed
to me since it hasn't worked with DJGPP for other two years. As far as
I know DJGPP is (like GCC) a "standard" compliant compiler. So it's
his code that makes use of some compiler specific thingy...
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED] (DJohn37050)
Subject: Re: Crypto technology recommendations?
Date: 14 Oct 2000 12:41:14 GMT
I recomend you at least ask what Certicom's license cost is.
Don Johnson
------------------------------
From: "Will Newland" <[EMAIL PROTECTED]>
Subject: Re: Crypto technology recommendations?
Date: Sat, 14 Oct 2000 12:45:47 GMT
"DJohn37050" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> I recomend you at least ask what Certicom's license cost is.
> Don Johnson
Thanks! I put in a request-for-info yesterday, we'll see what theirs is
like.
---Will
------------------------------
From: N. Weicher <[EMAIL PROTECTED]>
Subject: Re: block-cipher silly question?
Reply-To: [EMAIL PROTECTED]
Date: Sat, 14 Oct 2000 12:46:13 GMT
A stream cipher would imply some sort of feedback. I was looking for
something that did not rely on that.
Thanks.
Neil
_____________________________________
> On Sat, 14 Oct 2000 20:04:19 +0800, Dido Sevilla <[EMAIL PROTECTED]> wrote:
>"N. Weicher" wrote:
>>
>> I hope this isn't too silly a question to ask, but is there such a
>> thing as a credible block cipher that works on a single-byte block?
>
>Yes. It's called a stream cipher.
------------------------------
From: N. Weicher <[EMAIL PROTECTED]>
Subject: Re: block-cipher silly question?
Reply-To: [EMAIL PROTECTED]
Date: Sat, 14 Oct 2000 12:46:49 GMT
<< Yes. It's called a stream cipher. >>
A stream cipher would imply some sort of feedback. I was looking for
something that did not rely on that.
Thanks.
Neil
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
