Cryptography-Digest Digest #982, Volume #12 Mon, 23 Oct 00 01:13:01 EDT
Contents:
Re: Looking for C Source Code to stream compression algo (Benjamin Goldberg)
Re: Counting one bits is used how? ("bubba")
Re: How to post absolutely anything on the Internet anonymously (Andre van Straaten)
Re: RSA codes (Benjamin Goldberg)
Re: How to post absolutely anything on the Internet anonymously (jungle)
Re: Quasi philosphical question regarding Index of Coincidence ([EMAIL PROTECTED])
Re: Quasi philosphical question regarding Index of Coincidence ([EMAIL PROTECTED])
new to data encryption please help ([EMAIL PROTECTED])
Re: Actually I want FBI and INS deport me from the U.S.A. to Europe so that I can
have more fun .... (Benjamin Goldberg)
Hypercube/FFT encryption (Benjamin Goldberg)
Re: Steganography books (wtshaw)
----------------------------------------------------------------------------
From: Benjamin Goldberg <[EMAIL PROTECTED]>
Crossposted-To: comp.compression
Subject: Re: Looking for C Source Code to stream compression algo
Date: Mon, 23 Oct 2000 02:10:36 GMT
Cronos wrote to sci.crypt:
>
> Hi,
>
> I am looking for the source code to a public domain stream compression
> algorithm, better than RLE. I've had a look around at some
> implementations of LZ algorithms, but they mostly seem to work on
> blocks and I havent found any really clean source code. I just
> basically want two functions for a win32 program:
> BOOL ReadFileCompressed(HANDLE sfile,byte Rbyte)
> BOOL WriteFileCompressed(HANDLE sfile,byte *Wbyte)
> and maybe a Flush function to clear any buffer.
> or some source code which could be converted to this kind of format
> quite simply. Can someone point me in the right direction please ?
Although I don't have source code to offer you (you can find some easily
with a search), You might wish to consider Huffman encoding, and
arithmetic encoding algorithms. If you want things much better than
those, I would suggest using a pre-built library. The code *in* the
library might not look like 'clean source code', but the interface
should be clean enough to use.
Also, don't you mean
BOOL ReadFileCompressed(HANDLE sfile,byte *Rbyte)
BOOL WriteFileCompressed(HANDLE sfile,byte Wbyte)
instead of
> BOOL ReadFileCompressed(HANDLE sfile,byte Rbyte)
> BOOL WriteFileCompressed(HANDLE sfile,byte *Wbyte)
?
PS, for any future followups, please remove the "sci.crypt" from the
groups to send to, and only go to comp.compression, and the person
you're replying to.
--
"Mulder, do you remember when I was missing -- that time that you
*still* insist I was being held aboard a UFO?"
"How could I forget?"
"Well, I'm beginning to wonder if maybe I wouldn't have been
better off staying abo-- I mean, wherever it was that I was
being held." [from an untitled spamfic by [EMAIL PROTECTED]]
------------------------------
From: "bubba" <[EMAIL PROTECTED]>
Subject: Re: Counting one bits is used how?
Date: Mon, 23 Oct 2000 02:20:41 GMT
I did som experimentation to see how the Galois and Fibonacci
variations are related. It has already been pointed out that if you
consider the output to be the shifted out bit, and not the entire
list of register states, that it is possible to use Galois and Fibonacci
LFSRs to get the same sequence.
But what if you compare the entire list of register states? For one
primitive polynomial, there are 4 sequences to consired, Galois
left shift, Galois right shift, Fibonacci left shift and Fibonacci
right shift. For example, take the primivitive ploynomial 1000011,
and make the 4 lists:
Fibonacci Galois
left right right left
000001 000001 000001 000001
000011 100000 100001 000010
000111 010000 110001 000100
001111 001000 111001 001000
011111 000100 111101 010000
111111 000010 111111 100000
111110 100001 111110 000011
111101 110000 011111 000110
111010 011000 101110 001100
110101 001100 010111 011000
101010 000110 101010 110000
010101 100011 010101 100011
101011 010001 101011 000101
010110 101000 110100 001010
101100 010100 011010 010100
011001 001010 001101 101000
110011 100101 100111 010011
100110 110010 110010 100110
001101 111001 011001 001111
011011 111100 101101 011110
110111 011110 110111 111100
101110 101111 111010 111011
011101 010111 011101 110101
111011 001011 101111 101001
110110 000101 110110 010001
101101 100010 011011 100010
011010 110001 101100 000111
110100 111000 010110 001110
101001 011100 001011 011100
010010 001110 100100 111000
100100 100111 010010 110011
001001 010011 001001 100101
010011 001001 100101 001001
100111 100100 110011 010010
001110 010010 111000 100100
011100 101001 011100 001011
111000 110100 001110 010110
110001 011010 000111 101100
100010 101101 100010 011011
000101 110110 010001 110110
001011 111011 101001 101111
010111 011101 110101 011101
101111 101110 111011 111010
011110 110111 111100 110111
111100 011011 011110 101101
111001 001101 001111 011001
110010 100110 100110 110010
100101 110011 010011 100111
001010 011001 101000 001101
010100 101100 010100 011010
101000 010110 001010 110100
010001 101011 000101 101011
100011 010101 100011 010101
000110 101010 110000 101010
001100 110101 011000 010111
011000 111010 001100 101110
110000 111101 000110 011111
100001 111110 000011 111110
000010 111111 100000 111111
000100 011111 010000 111101
001000 001111 001000 111001
010000 000111 000100 110001
100000 000011 000010 100001
000001 000001 000001 000001
The difference between right and left shifting is that
the order of the output states is reversed. That is, the
second list is the same as the first list if read from
bottom to top.
One relation between Galois and Fibonacci sequences
that has been previously pointed out is that the output (the
right-most bits of lists 1 and 3) are the same. Or course
the same is true for the right-most bits of list 2 and 4,
because they are the same thing, up-side down.
So we see the right-hand columns of Galois right-shift
and Fibonacci left-shift are the same. But what about the
other columns? It turns out that for any list, all 6 columns
are cyclic shifts (rotates) of each other!
For the first list:
column 1 is column 0 rotated downward 1 times
column 2 is column 0 rotated downward 2 times
column 3 is column 0 rotated downward 3 times
column 4 is column 0 rotated downward 4 times
column 5 is column 0 rotated downward 5 times
For the second list:
column 1 is column 0 rotated upward 1 times
column 2 is column 0 rotated upward 2 times
column 3 is column 0 rotated upward 3 times
column 4 is column 0 rotated upward 4 times
column 5 is column 0 rotated upward 5 times
For the third list:
column 1 is column 0 rotated downward 5 times
column 2 is column 0 rotated downward 4 times
column 3 is column 0 rotated downward 3 times
column 4 is column 0 rotated downward 2 times
column 5 is column 0 rotated downward 1 times
For the last list:
column 1 is column 0 rotated upward 5 times
column 2 is column 0 rotated upward 4 times
column 3 is column 0 rotated upward 3 times
column 4 is column 0 rotated upward 2 times
column 5 is column 0 rotated upward 1 times
Where column zero refers to the right-most bit.
So the right-hand columns of Galois right-shift
and Fibonacci left-shift are the same. In addition,
the remaining columns are also the same, but
in reversed order.
I will post the C-code utility I used to see this
is anyone wants it.
"Rob Warnock" <[EMAIL PROTECTED]> wrote in message
news:8spe4c$bht9k$[EMAIL PROTECTED]...
> Trevor L. Jackson, III <[EMAIL PROTECTED]> wrote:
> +---------------
> | bubba wrote:
> | > I have seen the two variations you describe call Galois LFSR and
> | > Fibonacci LFSR.
> +---------------
>
> I just ran into those terms the other day, but had forgotten them.
> Thanks for reminding me. (Now if I can only remember which is which...)
>
> +---------------
> | > But I don't think properly chosen polynomials
> | > can cause them to produce the same output.
> |
> | There is some fuzz on the term "output" in this context. One can
> | interpret the "output" to be the most recently generated bit or
> | "output" can mean the contents of the register.
> +---------------
>
> I meant it in the former sense, the sequence of bits shifted out of
> the register.
>
> I have at least one text that claims that the two feedback styles
> can generate the same output-bit-stream sequence if one style uses
> the reciprocal polynomial of the other. [I'll look up the exact
> reference, of anyone thinks it's a biggy...]
>
>
> -Rob
>
> -----
> Rob Warnock, 31-2-510 [EMAIL PROTECTED]
> Network Engineering http://reality.sgi.com/rpw3/
> Silicon Graphics, Inc. Phone: 650-933-1673
> 1600 Amphitheatre Pkwy. PP-ASEL-IA
> Mountain View, CA 94043
------------------------------
From: Andre van Straaten <[EMAIL PROTECTED]>
Subject: Re: How to post absolutely anything on the Internet anonymously
Crossposted-To: talk.politics.crypto
Date: Mon, 23 Oct 2000 02:33:10 GMT
In sci.crypt Anthony Stephen Szopa <[EMAIL PROTECTED]> wrote:
> How to post absolutely anything on the Internet anonymously
> http://www.sciam.com/2000/1000issue/1000techbus2.html
What does mean absolutely?
You can produce an absolutely anonymous posting through some services
(where you don't know who really has control over these servers).
But if someone is tapping your modem or cable line, or your ISP, too, they
can see everything you send, even faked headers in messages for
(childish) DoS attacks.
So, to these people, your posting is not anonymous.
-- avs
(If you're paranoid, that doesn't mean that nobody is behind you.)
Andre van Straaten
http://www.vanstraatensoft.com
______________________________________________
flames please to [EMAIL PROTECTED]
------------------------------
From: Benjamin Goldberg <[EMAIL PROTECTED]>
Subject: Re: RSA codes
Date: Mon, 23 Oct 2000 02:48:56 GMT
SCOTT19U.ZIP_GUY wrote:
[snip]
> Obviously you don't follow much of Tommys comments
> he is seldom willing to admit to himself and us where he is ignorant
> he kind of reminds me of you. Are you one of Toms many fasle identies
> that he uses to attack people with? I admit that my writting
> sucks shit but I try to live with my handicap. In spite of the
> literate asshokes that think there god just becuase they can speel
> better than me.
It's not that us people who can read and write properly think we're
gods, we are happy to admit that we're only mortals. And, as they say,
man is dog's concept of god. Your insistance that we're not gods
displays your belief that we are, and your preference to deny that
belief. This in turn shows us that you are, in fact a dog. Just
offhand, how do you type with paws, anyway?
--
"Mulder, do you remember when I was missing -- that time that you
*still* insist I was being held aboard a UFO?"
"How could I forget?"
"Well, I'm beginning to wonder if maybe I wouldn't have been
better off staying abo-- I mean, wherever it was that I was
being held." [from an untitled spamfic by [EMAIL PROTECTED]]
------------------------------
From: jungle <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto
Subject: Re: How to post absolutely anything on the Internet anonymously
Date: Sun, 22 Oct 2000 22:48:49 -0400
Andre van Straaten wrote:
>
> In sci.crypt Anthony Stephen Szopa <[EMAIL PROTECTED]> wrote:
> > How to post absolutely anything on the Internet anonymously
> > http://www.sciam.com/2000/1000issue/1000techbus2.html
>
> What does mean absolutely?
my understanding of "absolutely anything" is >> everything ...
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Quasi philosphical question regarding Index of Coincidence
Date: Mon, 23 Oct 2000 02:40:51 GMT
Perhaps I am misunderstanding you, but it sounds to me like your talking
more cyptography whereas I'm asking crytpanalysis.
In other words, if your facing a ciphertext that looks like this:
U kujw Nqet qbs Vwrrt vye bir Higb! Ai, U rgubj.......
Would you a) assume that upper and lower case version of the same
letters are equivalent and thus convert all to lowercase by setting U =
u in frequency tabulations --or-- b) allow U and u to be distinct
elements in your freq tablulation (thus potenially a 52 character
alphabet)? I can see advantages and disadvantages both ways.
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (John Savard) wrote:
> That depends strongly on the particular encoding scheme used. 8-bit
> ASCII? A 52-character set? A Huffman encoding?
>
> Using a 52-character set just to allow upper- and lower- case would be
> awfully wasteful, and thus it would weaken the cipher used, by
> providing redundancy.
>
> John Savard
> http://home.ecn.ab.ca/~jsavard/crypto.htm
>
--
"Wife who put husband in doghouse, soon find him in cathouse."
-- Wisdom of the Tao
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Quasi philosphical question regarding Index of Coincidence
Date: Mon, 23 Oct 2000 02:41:59 GMT
Please see my responde to John, above.
Thanks!!
In article <[EMAIL PROTECTED]>,
"Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote:
> [EMAIL PROTECTED] wrote:
> > "Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote:
> > > Index of Coincidence has nothing to do with case and everything
> > > to do with correlation. What you need to do is to determine how
> > > the I.C. is going to be *used*; generally it is used to detect a
> > > deviation from a purely random (coincidental) behavior in some
> > > specific test. When you study the situation it should become
> > > obvious what to do.
> > Sorry, but I don't follow you here.
> > Granted the IC is used to detect deviation from randomness. But it
seems
> > to me that it may be the case that if the cipher scheme used upper
and
> > lower case (effectiviely at 52 character alphabet), butit was
assumed to
> > only be a 26 letter alphabet, the IC might give results that would
lead
> > one to believe two cipher alphabet were used.....I think.
>
> You're making a start at identifying the *use* of the IC.
> Apparently this particular use consists of a monographic IC
> to estimate the number of alphabets used in a polyalphabetic
> system. I don't see how you could have any doubt as to what
> the ciphertext gamut of characters is from simple inspection:
> if it doesn't involve more than 26 symbols, then obviously
> the PT alphabet was not 52 characters. No need to use any
> IC-based approach for this.
>
--
"Wife who put husband in doghouse, soon find him in cathouse."
-- Wisdom of the Tao
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED]
Subject: new to data encryption please help
Date: Mon, 23 Oct 2000 02:53:45 GMT
hi
i am a biology student with nothing whatsoever to do with encryption
yet i have written some programs to do the same just for fun but now i
want to learn the real methods of doing it. Can anyone please help me ?
i would like to know any online references for beginners and if
possible books .
thank you
ashwin
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Benjamin Goldberg <[EMAIL PROTECTED]>
Subject: Re: Actually I want FBI and INS deport me from the U.S.A. to Europe so that I
can have more fun ....
Date: Mon, 23 Oct 2000 03:36:38 GMT
Edward Taylor wrote:
>
> You want more fun in Europe? Hell - here in britain we used to be
> freee. But now we have the regultary of investigatiory powers bill. In
> America you can't encrypt beyond a certain level right? Well, we can,
> but we have to tell the police when they want to read our mail.
> Suppose that's allright if you're not doing anything illegal ...
> however ...
There is nothing that prevents us from encrypting beyond any particular
level, but there used to be limits on what kind of cryptographic
programs we could export. I.e. we could (and can) encrypt using a
greater-than-40-bit key, but we couldn't (but can now) export a program
that did that.
--
"Mulder, do you remember when I was missing -- that time that you
*still* insist I was being held aboard a UFO?"
"How could I forget?"
"Well, I'm beginning to wonder if maybe I wouldn't have been
better off staying abo-- I mean, wherever it was that I was
being held." [from an untitled spamfic by [EMAIL PROTECTED]]
------------------------------
From: Benjamin Goldberg <[EMAIL PROTECTED]>
Subject: Hypercube/FFT encryption
Date: Mon, 23 Oct 2000 04:26:15 GMT
This is a multi-part message in MIME format.
==============FF50644489AF637836CE0C80
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Attached as a .txt document is my new cipher, based on the idea of the
use of a hypercube (in parallel programming) to most efficiently
distribute data. A bit of looking around, and I learned that similar
ideas had been done (Terry Ritter, Tom Denis). However, Ritter's cipher
uses a layer of unkeyed mixing, followed by keyed substitution, which is
quite different from what I want. Tom's TC2, which uses a keyed mixing
step, making it similar to my design, uses what I believe is a weaker
mixing step, and a weaker key schedule. Furthermore, my cipher uses
only 1 sbox, so it takes up less room, and uses loops instead of lookup
tables to get the hypercube/FFT pattern of bytes to mix, so a compiler
may be able to optimize it more easily. The expanded key is 512 bytes,
the same as TC2 uses. Does anyone want to give me some comparisons of
speed of the two ciphers? I only have a C interpreter, not a compiler,
so I can't test speeds myself. Also, I would *love* if someone out
there could give an attack, either against this or against TC2.
PS to Ritter, in one of your docs, you say that with 1 plaintext /
ciphertext pair, you can probably uniquely identify a DES key... I
believe the actual number required is 3 pt/ct pairs.
--
"Mulder, do you remember when I was missing -- that time that you
*still* insist I was being held aboard a UFO?"
"How could I forget?"
"Well, I'm beginning to wonder if maybe I wouldn't have been
better off staying abo-- I mean, wherever it was that I was
being held." [from an untitled spamfic by [EMAIL PROTECTED]]
==============FF50644489AF637836CE0C80
Content-Type: text/plain; charset=us-ascii; name="hypercrypt.txt"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline; filename="hypercrypt.txt"
/*
* This cipher was inspired by an algorithm connecting a set of 2**N
* nodes up to each other with minimum number of connections so that
* the longest path is N; this arrangement is called a hypercube.
* An order 0 hypercube is 1 node. An order N hypercube is a pair of
* order N-1 hypercubes connected with each node in the first connected
* to it's corresponding node in the second. Graphically, a sequence
* of hypercubes is a point, a line, a square, a cube, and then
* something which can only be called a hypercube (an order 3 one in
* this case), which consists of a pair of 3-d cubes which are one unit
* apart in a 4 dimensional space, with 8 connections along the w axis.
*
* Since a hypercube is the fastest way of distributing information
* over a network, I figured it would be a good way to get diffusion
* for a cipher if each connected pair of nodes represented mixing
* of some sort rather than an exchange of data. The most common way
* of reversibly, securely mixing a pair of equal range integers is to
* use a fiestel structure.
*
* Thinking of how to represent such a thing in software, I recalled
* Tom Denis's "balanced block mixing" cipher, TC2, which uses a
* mixing pattern identical to what a hypercube, but instead of a
* fiestel, he uses a keyed substitution followed by unkeyed mixing.
* Thus, his round function which is faster but weaker than a 4 round
* fiestel, and more complicated (and thus prone to typoes).
*
* The sbox and the key expansion here are stolen from TC5.
* The mixing step of key schedule, however, a scaled up version of the
* encryption step, but unkeyed; This should make for a stronger
* schedule than TC2's.
*
* One definite advantage of using a hypercube style of mixing, is that
* the 8 pairs of bytes can be mixed in parallel if the cipher is
* implemented in hardware. In fact, the key setup should take 1/256th
* the time if done in hardware, with parallelism, than it does in
* software, with no parallelism.
*
* The primary advantages of this cipher over TC2 are:
* 1) Decryption and encryption are almost identical, except for order
* order of loop indices. TC2 has substitute, then PHT for encrypt,
* and PHT, then substitute for decrypt.
* 2) The byte-pair mixing function is stronger.
* 3) Only one sbox is needed, not two.
* 4) No global array is used to know which pair of bytes to mix.
* 5) It is much easier for a compiler to see how and where operations
* can be unrolled or done in parrallel.
* 6) The key schedule is stronger.
*/
static const unsigned char sbox[256] = {
0x70, 0xd5, 0xe5, 0x93, 0x4f, 0xf5, 0x50, 0x8a, 0x05, 0x91, 0xcb, 0xf4,
0xf9, 0x60, 0xc3, 0xb4, 0x34, 0x2c, 0x5b, 0x71, 0x4d, 0x9c, 0xfe, 0x7f,
0x75, 0xd4, 0xd0, 0xf3, 0xd7, 0xf2, 0x52, 0xd2, 0xba, 0x77, 0x84, 0x46,
0x80, 0xd1, 0x7d, 0xc9, 0xe9, 0x1e, 0xc1, 0x0b, 0xa6, 0x65, 0x6b, 0x8b,
0xfa, 0xa7, 0x2d, 0xdd, 0x9a, 0xc0, 0x73, 0xb8, 0x17, 0xe1, 0x4c, 0xec,
0xc4, 0x30, 0xb9, 0xaf, 0x6a, 0x45, 0x94, 0x76, 0xae, 0x1c, 0x2a, 0xa1,
0x66, 0x09, 0x13, 0x57, 0x2f, 0x44, 0x89, 0xd6, 0xe6, 0xef, 0x0e, 0x20,
0x9e, 0x1d, 0x3e, 0xff, 0x28, 0xc6, 0x26, 0x40, 0xe8, 0xe3, 0x24, 0xdc,
0xde, 0x6e, 0xfd, 0x00, 0xa8, 0xd8, 0xcc, 0x27, 0xa0, 0x5d, 0x8e, 0x97,
0xcd, 0xca, 0xd9, 0x0c, 0xc7, 0xab, 0x79, 0xb5, 0xa3, 0x56, 0xed, 0xa4,
0x12, 0x35, 0x82, 0xfc, 0x01, 0x03, 0x3d, 0x72, 0x81, 0x25, 0x61, 0xe4,
0x99, 0xda, 0xc5, 0x88, 0x59, 0xdf, 0xb2, 0x5f, 0x2b, 0xb7, 0xf8, 0x83,
0xaa, 0xd3, 0x3c, 0x0d, 0x47, 0xad, 0x1f, 0x33, 0x3a, 0x5e, 0x32, 0x87,
0x4e, 0x7a, 0x0f, 0x5c, 0x49, 0x02, 0x95, 0xbd, 0x07, 0xeb, 0x90, 0x9f,
0xbe, 0x78, 0x51, 0xe0, 0xce, 0x92, 0x16, 0x5a, 0x7b, 0x43, 0xe7, 0x04,
0xea, 0x53, 0x9d, 0x1a, 0x8f, 0x67, 0x7c, 0x55, 0x22, 0x10, 0xa9, 0x06,
0xac, 0x63, 0x7e, 0x6c, 0xbb, 0x48, 0xb0, 0x19, 0xf7, 0xc2, 0xdb, 0x68,
0xf0, 0xf6, 0x21, 0xf1, 0x98, 0x8c, 0x85, 0x86, 0x0a, 0x58, 0x64, 0x31,
0x14, 0x15, 0x54, 0x41, 0xb3, 0xcf, 0xbf, 0x6d, 0x69, 0x96, 0x23, 0x18,
0xc8, 0x1b, 0xa5, 0x3f, 0x6f, 0xe2, 0x74, 0x4a, 0x2e, 0xee, 0xa2, 0x08,
0x39, 0x37, 0x3b, 0x8d, 0xbc, 0xfb, 0x11, 0xb6, 0x38, 0x29, 0x62, 0x42,
0xb1, 0x4b, 0x36, 0x9b };
#define OROUNDS 4 /* outer rounds */
#define IROUNDS 4 /* inner rounds */
#define BLOCKSIZE 16 /* 16 byte blocksize (128 bits) */
#define HALFBLOCKSIZE 8 /* 16/2 */
#define LOG2BLOCKSIZE 4 /* log2(16) */
#define EXPANDEDKEY (OROUNDS*LOG2BLOCKSIZE*HALFBLOCKSIZE*IROUNDS)
void hypercrypt_encrypt(
unsigned char text[BLOCKSIZE],
const unsigned char key[EXPANDEDKEY] ) {
const unsigned char * k = key;
int x, y, z, w, v;
for( x = 0; x < OROUNDS; ++x )
for( y = 1; y < BLOCKSIZE; y <<= 1 )
for( z = 0; z < BLOCKSIZE; z += (y<<1) )
for( w = 0; w < y; ++w ) {
unsigned char *a = text+z+w, *b = a+y;
unsigned char aa = *a, bb = *b;
for( v = 0; v < IROUNDS; v += 2 ) {
aa ^= sbox[ bb ^ *k++ ];
bb ^= sbox[ aa ^ *k++ ]; }
*a = aa; *b = bb;
}
}
void hypercrypt_decrypt(
unsigned char text[BLOCKSIZE],
const unsigned char key[EXPANDEDKEY] ) {
const unsigned char * k = key + EXPANDEDKEY;
int x, y, z, w, v;
for( x = OROUNDS; x > 0; --x )
for( y = BLOCKSIZE>>1; y > 0; y >>= 1 )
for( z = BLOCKSIZE - (y<<1); z >= 0; z -= (y<<1) )
for( w = y-1; w >= 0; --w ) {
unsigned char *a = text+z+w, *b = a+y;
unsigned char aa = *a, bb = *b;
for( v = IROUNDS; v > 0; v -= 2 ) {
bb ^= sbox[ aa ^ *--k ];
aa ^= sbox[ bb ^ *--k ]; }
*a = aa; *b = bb;
}
}
void hypercrypt_setup(const unsigned char *ukey, int keylen,
unsigned char key[EXPANDEDKEY]) {
unsigned char temp[EXPANDEDKEY+32];
int i;
/* copy user key into array */
for( i = 0; i < 32; ++i )
temp[i] = sbox[ ukey[i%keylen] ^ sbox[i] ];
/* expand the key first with an order-31 primitive polynomial */
for( i = 0; i < EXPANDEDKEY; ++i )
key[i] = temp[i+32] =
temp[i+00] ^ temp[i+01] ^ temp[i+11] ^
temp[i+12] ^ temp[i+16] ^ temp[i+17] ^
temp[i+26] ^ temp[i+29] ^ temp[i+31];
/* mix up the key */
for( i = 0; i < OROUNDS; ++i ) {
int j, k, m, n;
/* the computations for each value of k can be done */
/* independent of the others. This means that we can */
/* do them in parrallel in hardware, if the j loop is */
/* unrolled. The m loop can also be parrallelized. */
/* The n loop can be unrolled, but must be done in */
/* order, and cannot be made parrallel. */
for( j = 1; j < EXPANDEDKEY; j <<= 1 )
for( k = 0; k < EXPANDEDKEY; k += (j<<1) )
for( m = 0; m < j; ++m ) {
unsigned char *a = key+k+m, *b = a+j;
for( n = 0; n < IROUNDS; n += 2 )
*a ^= sbox[*b], *b ^= sbox[*a];
}
}
}
#include <stdio.h>
void hypercrypt_test(void) {
/* Test setup, encrypt, decrypt */
unsigned char blk[BLOCKSIZE], ukey[16];
unsigned char key[EXPANDEDKEY], x, y;
for (x = 0; x < 16; x++) ukey[x] = 0;
for (x = 0; x < BLOCKSIZE; x++) blk[x] = x;
printf("key schedule:\n");
hypercrypt_setup(ukey, 16, key);
for (x = 0; x < (EXPANDEDKEY/32); ++x ) {
for( y = 0; y < 32; ++y )
printf("%02x", key[(x<<5)|y] );
printf("\n");
}
hypercrypt_encrypt(blk, key);
for (x = 0; x < BLOCKSIZE; x++)
printf("%02x ", blk[x]); printf("\n");
/* eb 56 76 27 3e 3f 71 c5 52 f5 c9 bd 88 cd 6a 93 */
hypercrypt_decrypt(blk, key);
for (x = 0; x < BLOCKSIZE; x++)
printf("%02x ", blk[x]); printf("\n");
}
==============FF50644489AF637836CE0C80==
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: Steganography books
Date: Sun, 22 Oct 2000 22:28:59 -0600
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (CryptoBooks) wrote:
...
>
> The following book was the primary reference for the remarkable, and
> well-received talk by photon (David Smith) at the ACA convention in Providence
> two months ago. The techniques of steganography were cleverly demonstrated by
> hiding, and retrieving a picture of the conference host inside another digital
> image.
>
Although the image was recoverable from the electronic image file, it was
not from the printed image. One question I am now working on is to what
extent images can store *recoverable* hidden data in a printed form,
variations not noticable to the handler of the print, but obvious to a
scanner. The problem is not as simple as it appears since chemical inks
retransmit several spectral lines, and inks vary, and scanners vary...lots
to learn here, and image processing can be another source of variables.
--
52) *Part of job is making whimsical, zippy, and vexing key sequences.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
