Cryptography-Digest Digest #941, Volume #12 Tue, 17 Oct 00 01:13:00 EDT
Contents:
Re: MS's fast modular exponentiation claims II (David A Molnar)
Re: Pegwit group started to make a alternative to PGP based on ECC (Paul Rubin)
Counting one bits is used how? (Peter van der Linden)
Re: DNA encoding (Tom St Denis)
Simple Intro Encryption Info Wanted (Chris Frost)
Re: Pegwit group started to make a alternative to PGP based on ECC (Frank M. Siegert)
Re: Basic skills and equipment... (Scott Craver)
Re: Pegwit group started to make a alternative to PGP based on ECC (Paul Rubin)
Re: Basic skills and equipment... (Scott Craver)
Re: Basic skills and equipment... (Paul Rubin)
Re: Algorithm Performance (David A Molnar)
Re: DNA encoding ([EMAIL PROTECTED])
Re: Pegwit group started to make a alternative to PGP based on ECC ("Benny Nissen")
Re: SDMI - Answers to Major Questions (David A Molnar)
Re: Pegwit group started to make a alternative to PGP based on ECC ("Benny Nissen")
Re: DNA encoding ("John A. Malley")
Re: Counting one bits is used how? (David Wagner)
Re: Pegwit group started to make a alternative to PGP based on ECC (Paul Rubin)
----------------------------------------------------------------------------
From: David A Molnar <[EMAIL PROTECTED]>
Subject: Re: MS's fast modular exponentiation claims II
Date: 17 Oct 2000 02:29:40 GMT
Jim Gillogly <[EMAIL PROTECTED]> wrote:
> JCA wrote:
>>
>> I asked a few days ago a question about some claims the MS made (at
>> Crypto '95,
>> I believe) to the effect that they possess an algorithm that outperforms
>> Montgomery's
>> techniques when doing modular exponentiation. Much to my surprise, given
>> the high
>> caliber of some of the regulars in this group, nobody has said anything
>> yet.
> I don't see anything in the Crypto '95 table of contents that looks like
> what you describe. Do you have an author or title? Perhaps there would
> be more comment if there were enough information to identify the claim you
> reference.
The original post mentioned that this was a presentation at the rump
session, so it's unlikely that the table of contents would reveal it.
The question arises because it seems that MS decided to not to publish the
algorithm in the next series of conferences. So it's a "where is it now?"
kind of question.
I *do* vaguely remember hearing about this algorithm in 1996 or so, but
can add nothing more than that. Sorry.
-David
------------------------------
From: Paul Rubin <[EMAIL PROTECTED]>
Subject: Re: Pegwit group started to make a alternative to PGP based on ECC
Date: 16 Oct 2000 19:40:47 -0700
"Benny Nissen" <[EMAIL PROTECTED]> writes:
> Pegwit is a program for performing public key encryption and authentication
> using an elliptic curve. Pegwit is a simple Open Source alternative to PGP
Is there a web page somewhere about pegwit's goals? There's already
a perfectly good free PGP-compatible crypto program, www.gnupg.org.
------------------------------
From: [EMAIL PROTECTED] (Peter van der Linden)
Subject: Counting one bits is used how?
Date: 17 Oct 2000 02:46:12 GMT
How does counting the number of 1 bits in a word
relate to crypto?
Just curious about why this seemingly recondite instruction
pops up in various instruction sets. How is it useful?
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: DNA encoding
Date: Tue, 17 Oct 2000 02:37:29 GMT
In article <KkOG5.111791$[EMAIL PROTECTED]>,
"binary digit" <[EMAIL PROTECTED]> wrote:
> Hey, if any of you heard last year the winner of the inetl science
research
> contest took a message and encoded it in DNA. When I first heard
this I was
> skeptical on how she did this task. I searched around to see if
theer was
> any explanatyion on how she did it and i found a video of her at the
rewards
> explaining how it worked. She said she took a group of acids and
made them
> reprtesent a letter of the alphabet. for ie 'ccc' = x and so on. I
also
> read that she claimed her encryption to be 'unbreakable', which i
giggled at
> cause if thats the way she actually did her project, how did she win
the
> intel contest and how could she even claim that was unbreakable. Can
anyone
> verify any of this, on how she actually encoded a message 'into' dna?
Like always the facts are all fudged up.
She "encoded" a message in DNA not "encrypted" and "unbreakable" is not
an issue considering it's not cryptography.
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Chris Frost <[EMAIL PROTECTED]>
Subject: Simple Intro Encryption Info Wanted
Date: Tue, 17 Oct 2000 03:29:56 -0000
I've read some about computer-targeted methods of encryption, but have only
really dabbeled. I'd like to start learning more, starting with more
human-targetted methods and see what is like. Anyway, to spur my interests
a friend gave me these two messages:
C2d73bAB11c9CA6
42175484c2bB 1CF6b359C
Without any other info. I'd guess they are indead human-targeted algorthiums
(or at least they use only letters and numbers and not all of ascii or binary,
etc). What are some good [online] resources that I should begin reading
to enable myself to decrypt the two snippets?
thanks!
--
- Chris
-- http://www.frostnet.net/ --
------------------------------
From: [EMAIL PROTECTED] (Frank M. Siegert)
Subject: Re: Pegwit group started to make a alternative to PGP based on ECC
Date: Tue, 17 Oct 2000 03:39:28 GMT
On 16 Oct 2000 19:40:47 -0700, Paul Rubin <[EMAIL PROTECTED]>
wrote:
>"Benny Nissen" <[EMAIL PROTECTED]> writes:
>> Pegwit is a program for performing public key encryption and authentication
>> using an elliptic curve. Pegwit is a simple Open Source alternative to PGP
Was unable to register, this egroup server only gives me some database
error -9988 (I really enjoy these informative error messages ;-()
>Is there a web page somewhere about pegwit's goals? There's already
>a perfectly good free PGP-compatible crypto program, www.gnupg.org.
As far as I know gnupg does not use elliptic curves. I don't know
about gnupg (only about pgp) but pegwit is small and semms to do just
what's designed for. No freaking big wool-giving dogcow with zillions
of features.
Beside diversity is good.
------------------------------
From: [EMAIL PROTECTED] (Scott Craver)
Subject: Re: Basic skills and equipment...
Date: 17 Oct 2000 03:35:34 GMT
Tom St Denis <[EMAIL PROTECTED]> wrote:
>Bob Silverman <[EMAIL PROTECTED]> wrote:
>>
>> You are STILL EVADING the question that was ASKED. The poster asked a
>> very specific question. He didn't ask "how can I get an elementary
>> intro to crypto?" He did ask "what math background is required?"
>
>Then you should have told the poster to use sci.math or alt.math
>instead. His post is irrevelant and off topic.
Asking what math background is relevant to crypto is
off topic for sci.crypt??!!
Of course, his question was perfectly on-topic, and without
your retorts the rest of the thread would be on-topic too.
>> Further, learning the crypto is EASY with the right math background.
>> Learning it without the background is very HARD.
>
>No, it isn't. I know some people with strong math+computer science
>background that don't have a clue about cryptography (despite recently
>forming a company to market crypto solutions).
Your second sentence does not imply your first sentence.
For a number of reasons.
Seriously, learning crypto without a math background is
hard. Without it, the best you can do is go on facts
already published in Applied Cryptography (use these
polynomials, here's source code for RSA, et cetera.)
If by "learning crypto" you mean learning enough to talk
about it or implement existing algorithms, fine. If
by "learning crypto" you mean being able to design or
analyze systems, sorry, but you need lots and lots of math.
-S
------------------------------
From: Paul Rubin <[EMAIL PROTECTED]>
Subject: Re: Pegwit group started to make a alternative to PGP based on ECC
Date: 16 Oct 2000 20:45:16 -0700
[EMAIL PROTECTED] (Frank M. Siegert) writes:
> As far as I know gnupg does not use elliptic curves. I don't know
> about gnupg (only about pgp) but pegwit is small and semms to do just
> what's designed for. No freaking big wool-giving dogcow with zillions
> of features.
Why does it matter whether gnupg uses elliptic curves? Also, I
remember Pegwit used to have security problems. Is it being
redesigned?
I'm interested in an ECC-based standard message format for specific
purposes but am not sure whether Pegwit's goals are the same as mine.
If it's just supposed to be a pgp replacement, I'd say stick with gnupg.
> Beside diversity is good.
Great, let's get rid of counting in decimal. We should use balanced
ternary instead. Diversity is good.
------------------------------
From: [EMAIL PROTECTED] (Scott Craver)
Subject: Re: Basic skills and equipment...
Date: 17 Oct 2000 03:42:39 GMT
Alexandros Andreou <[EMAIL PROTECTED]> wrote:
>Hello all!
>I am beginning to enjoy cryptography, but I don't know where to start from.
>What are the essential mathematics skills one should have? Moreover, which
>books/online text files would you recommend? Any special
>(freeware/open-source) computer programs?
Hi,
What level of mathematics are you interested in? College
level, graduate level? I wouldn't want to recommend
Hungerford's _Algebra_ to a high school student (or even to
an interested non-mathematician; it's a dry read.)
Hey Bob? AYT? What would you recommend as a book on
abstract algebra to a young'un?
One book you should definitely check out is Arto Salomaa's
book, _Public-Key Cryptography_. Don't let the name fool
you, as there is plenty symmetric cryptography. That's
a book I'd recommend to just about everyone. Except people
who hate saunas.
>Alexandros Andreou <[EMAIL PROTECTED]>
-S
------------------------------
From: Paul Rubin <[EMAIL PROTECTED]>
Subject: Re: Basic skills and equipment...
Date: 16 Oct 2000 20:57:16 -0700
[EMAIL PROTECTED] (Scott Craver) writes:
> What level of mathematics are you interested in? College
> level, graduate level? I wouldn't want to recommend
> Hungerford's _Algebra_ to a high school student (or even to
> an interested non-mathematician; it's a dry read.)
> Hey Bob? AYT? What would you recommend as a book on
> abstract algebra to a young'un?
I'd start with: Neil Koblitz, A Course in Number Theory and Cryptography.
------------------------------
From: David A Molnar <[EMAIL PROTECTED]>
Subject: Re: Algorithm Performance
Date: 17 Oct 2000 03:57:46 GMT
[EMAIL PROTECTED] wrote:
> I was curious if anyone had a quick and easy application to measure the
> speed of crypto algorithms.
> That way if I wanted to test Seal and RC4, or perhaps an rsa signature
> vs. a DSA signature.
a quick and dirty method is to just look at the algorithm and count bit
operations. e.g. O(log^3 N) per modexp, O(log^2 N) per mult, etc. etc.
this has the singular advantage of giving results without needing to
implement the algorithm.
it has the singular disadvantage that it doesn't take into account
niceties of your target platform at _all_.
but for a first approximation it's not so bad.
-david
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: DNA encoding
Date: Tue, 17 Oct 2000 04:09:04 GMT
In article <8sge19$l08$[EMAIL PROTECTED]>,
Tom St Denis <[EMAIL PROTECTED]> wrote:
> In article <KkOG5.111791$[EMAIL PROTECTED]>,
> "binary digit" <[EMAIL PROTECTED]> wrote:
> > Hey, if any of you heard last year the winner of the inetl science
> research
> > contest took a message and encoded it in DNA. When I first heard
> this I was
> > skeptical on how she did this task. I searched around to see if
> theer was
> > any explanatyion on how she did it and i found a video of her at the
> rewards
> > explaining how it worked. She said she took a group of acids and
> made them
> > reprtesent a letter of the alphabet. for ie 'ccc' = x and so on. I
> also
> > read that she claimed her encryption to be 'unbreakable', which i
> giggled at
> > cause if thats the way she actually did her project, how did she win
> the
> > intel contest and how could she even claim that was unbreakable.
Can
> anyone
> > verify any of this, on how she actually encoded a message 'into'
dna?
>
> Like always the facts are all fudged up.
>
> She "encoded" a message in DNA not "encrypted" and "unbreakable" is
> not an issue considering it's not cryptography.
No, it's a question of concealing the message rather than encrypting
it. If the message is placed between a pair of specified primer
sequences that the creator and reader keep secret (like a secret
key) then the DNA can be mixed with other DNA and be basically
undetectable unless you know the primer sequences. The primer
sequences can be used to PCR amplify the encoded DNA and read the
message.
So there is an analogy to 'unbreakable', but it's more like
'undetectable'.
Ingrid
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: "Benny Nissen" <[EMAIL PROTECTED]>
Subject: Re: Pegwit group started to make a alternative to PGP based on ECC
Date: Tue, 17 Oct 2000 06:28:03 +0200
"Paul Rubin" <[EMAIL PROTECTED]> skrev i en meddelelse
news:[EMAIL PROTECTED]...
> [EMAIL PROTECTED] (Frank M. Siegert) writes:
> > As far as I know gnupg does not use elliptic curves. I don't know
> > about gnupg (only about pgp) but pegwit is small and semms to do just
> > what's designed for. No freaking big wool-giving dogcow with zillions
> > of features.
>
> Why does it matter whether gnupg uses elliptic curves? Also, I
> remember Pegwit used to have security problems. Is it being
> redesigned?
It has been redesigned, yes!
> I'm interested in an ECC-based standard message format for specific
> purposes but am not sure whether Pegwit's goals are the same as mine.
> If it's just supposed to be a pgp replacement, I'd say stick with gnupg.
It will be generic code that can be used for many other purposes. There will
also be created a programmers library from the code.
We try to make it more simpel then all the others ;-)
>
> > Beside diversity is good.
>
> Great, let's get rid of counting in decimal. We should use balanced
> ternary instead. Diversity is good.
;)
------------------------------
From: David A Molnar <[EMAIL PROTECTED]>
Subject: Re: SDMI - Answers to Major Questions
Date: 17 Oct 2000 04:18:49 GMT
Paul Pires <[EMAIL PROTECTED]> wrote:
[dmolnar suggests:]
>> pigs (I'm assuming their ears are relatively good)? Maybe you could even
>> get a psych major to set up and run experiments as a thesis topic, thus
>> saving you the trouble...
> It's already been done.
> Although not as fun, there are better uses for students than scientific
> experiment :-)
I'll have to mention this to a thesis-writing Psych friend of mine, who
may not believe me until the thesis is over. :)
(also to a friend of mine who made enough $$ for a Palm Pilot by
participating in psych studies...)
> Audio professionals are
> A, pre-selected to be talentened.
> B, trained and experienced to recognise and inderstand what they hear.
> The one I know is astounding.
Ah, so you do have access to such people. Never mind then.
-David
------------------------------
From: "Benny Nissen" <[EMAIL PROTECTED]>
Subject: Re: Pegwit group started to make a alternative to PGP based on ECC
Date: Tue, 17 Oct 2000 06:37:42 +0200
"Frank M. Siegert" <[EMAIL PROTECTED]> skrev i en meddelelse
news:[EMAIL PROTECTED]...
> On 16 Oct 2000 19:40:47 -0700, Paul Rubin <[EMAIL PROTECTED]>
> wrote:
>
> >"Benny Nissen" <[EMAIL PROTECTED]> writes:
> >> Pegwit is a program for performing public key encryption and
authentication
> >> using an elliptic curve. Pegwit is a simple Open Source alternative to
PGP
>
> Was unable to register, this egroup server only gives me some database
> error -9988 (I really enjoy these informative error messages ;-()
Try to send a mail to [EMAIL PROTECTED]
>
> >Is there a web page somewhere about pegwit's goals? There's already
> >a perfectly good free PGP-compatible crypto program, www.gnupg.org.
No not really, we will find out on the way :-( I think the main goal is to
create something very user friendly, small and easy to understand.
The good thing about ECC is that you are able to select your private key
from something you can remember (ordinay text for exampel) no need to store
the private key anywhere. Like with symetric algo.
>
> As far as I know gnupg does not use elliptic curves. I don't know
> about gnupg (only about pgp) but pegwit is small and semms to do just
> what's designed for. No freaking big wool-giving dogcow with zillions
> of features.
>
> Beside diversity is good.
>
This is my own opinion and drive to participate in this work, compared to
PGP etc.
It will absolutely not be PGP compatibable in any way.
------------------------------
From: "John A. Malley" <[EMAIL PROTECTED]>
Subject: Re: DNA encoding
Date: Mon, 16 Oct 2000 21:40:15 -0700
binary digit wrote:
>
> Hey, if any of you heard last year the winner of the inetl science research
> contest took a message and encoded it in DNA. When I first heard this I was
> skeptical on how she did this task. I searched around to see if theer was
> any explanatyion on how she did it and i found a video of her at the rewards
> explaining how it worked. She said she took a group of acids and made them
> reprtesent a letter of the alphabet. for ie 'ccc' = x and so on. I also
> read that she claimed her encryption to be 'unbreakable', which i giggled at
> cause if thats the way she actually did her project, how did she win the
> intel contest and how could she even claim that was unbreakable. Can anyone
> verify any of this, on how she actually encoded a message 'into' dna?
The young scientist is Ms.Viviana Risca. Here's the abstract for her
work, at
http://www.siemens-foundation.org/science/99_abstracts/risca_vivianna_ny.htm
This paper presents an implementation of steganography using DNA
molecules.
We first encode a plaintext message into a DNA sequence using a
randomly
generated single-substitution key. An oligonucleotide containing
the encoded
message, designated the message strand, is synthesized and mixed
with a large
amount of background DNA. To retrieve the message, the intended
recipient must
know the sequences of two primers that anneal to target regions
present on the
message strand. Polymerase chain reaction (PCR) and sequencing are
used to
retrieve the encoded sequence, which is decoded into the original
plaintext via the
single substitution key. This study shows that the
steganographically hidden
message can only be retrieved by using the two secret primers,
meaning that the
only applicable cryptanalytic approach is a brute-force search for
the two primer
sequences. Since each primer can have 420 different possible
sequences, the
amount of time required to crack DNA-based steganography is long
enough to
qualify the technique as essentially unbreakable.
Technically she hid a substitution encrypted plaintext as a secretly
marked ciphertext in a jumble of other ciphertexts.
John A. Malley
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (David Wagner)
Subject: Re: Counting one bits is used how?
Date: 17 Oct 2000 04:41:42 GMT
Reply-To: [EMAIL PROTECTED] (David Wagner)
Peter van der Linden wrote:
>How does counting the number of 1 bits in a word
>relate to crypto?
I don't know, but here are two uses:
1. Calculating the dot-product x.y can be computed in three instructions
as popcount(x^y)&1, if the GF(2)-vectors x,y are represented as machine
words. Dot-products are used all over the place in GF(2) math: e.g.,
in LFSR's.
2. Calculating the Hamming distance between two GF(2)-vectors x,y can be
done in two instructions as popcount(x^y) if x,y are represented as
machine words. This might come up in, e.g., exhaustive keysearch, if
you have a ciphertext C and know that it decrypts to something "close
to" a known plaintext P.
The above list is just speculation, so there may be missing items, and
the items I did include may or may not be relevant; I just don't know.
------------------------------
From: Paul Rubin <[EMAIL PROTECTED]>
Subject: Re: Pegwit group started to make a alternative to PGP based on ECC
Date: 16 Oct 2000 21:56:39 -0700
"Benny Nissen" <[EMAIL PROTECTED]> writes:
> > >Is there a web page somewhere about pegwit's goals? There's already
> > >a perfectly good free PGP-compatible crypto program, www.gnupg.org.
>
> No not really, we will find out on the way :-( I think the main goal is to
> create something very user friendly, small and easy to understand.
OK, good, I have some ideas along these lines and will try to write
them down.
> The good thing about ECC is that you are able to select your private key
> from something you can remember (ordinay text for exampel) no need to store
> the private key anywhere. Like with symetric algo.
Actually, nothing stops you from generating El Gamal (or these days
even RSA) private keys from a passphrase. What's nice about ECC is
that it's reasonably practical to type *public* keys into a program
(example: AF646-BEJTR-BTGAP-7MFPW-GRVYX-RRGQW = 150 bits of info).
This is a central feature of the program I've been wanting to write.
It'll be cool if Pegwit can do stuff like this.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
