Cryptography-Digest Digest #988, Volume #12 Mon, 23 Oct 00 16:13:01 EDT
Contents:
Re: Finding Sample implementation for DES and IDEA (Jan Willem Knopper)
Re: Hypercube/FFT encryption (Terry Ritter)
Re: My comments on AES (Mok-Kong Shen)
Re: ---- As I study Rinjdael... (SCOTT19U.ZIP_GUY)
Re: Huffman stream cipher. (SCOTT19U.ZIP_GUY)
Re: How to post absolutely anything on the Internet anonymously (Anthony Stephen
Szopa)
Re: Finding Sample implementation for DES and IDEA (Michael Dales)
Re: Finding Sample implementation for DES and IDEA (jungle)
Re: Visual Basic (Simon Johnson)
Re: new to data encryption please help (Simon Johnson)
Re: On block encryption processing with intermediate permutations (Mok-Kong Shen)
Re: Visual Basic (Ichinin)
Re: toy cipher question ("Kenneth Lantrip")
Re: On block encryption processing with intermediate permutations (Bryan Olson)
Re: On block encryption processing with intermediate permutations (James Felling)
Re: My comments on AES (James Felling)
Re: Visual Basic ("David C. Barber")
Re: ---- As I study Rinjdael... (Mok-Kong Shen)
Re: My comments on AES (Mok-Kong Shen)
Re: who first will break claim that DVD pattern of imprints can't be tampered with,
erased or falsified ? (Matthew Skala)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Jan Willem Knopper)
Subject: Re: Finding Sample implementation for DES and IDEA
Date: 23 Oct 2000 18:14:44 GMT
Ooit in een nieuwsgroep zei Steven Wu hetvolgende:
>Hi everyone,
>
>I am a student and currently interesting in block ciphers. Could
>anyone tell me where to find source code for these two standards ?
>
If you are interested in block ciphers be sure to check out the AES
web-page (http://www.nist.gov/aes). There are links to papers of the
candidates (the winner was Rijndael).
For all these algorithms source is included.
Links and info about the DES algorithm can be found on
http://raphael.math.uic.edu/~jeremy/crypt/des.html
IDEA source can be found on http://www.r3.ch/o_files/products/idea/
(be sure to read the patent section)
Jan Willem
------------------------------
From: [EMAIL PROTECTED] (Terry Ritter)
Subject: Re: Hypercube/FFT encryption
Date: Mon, 23 Oct 2000 18:17:19 GMT
On Mon, 23 Oct 2000 04:26:15 GMT, in
<[EMAIL PROTECTED]>, in sci.crypt Benjamin Goldberg
<[EMAIL PROTECTED]> wrote:
>[...]
>PS to Ritter, in one of your docs, you say that with 1 plaintext /
>ciphertext pair, you can probably uniquely identify a DES key... I
>believe the actual number required is 3 pt/ct pairs.
If we model DES as a key-selected permutation, then for any particular
plaintext value we get a particular 64-bit ciphertext value only one
time in 2**64. And with 2**56 keys the probability of getting a
particular transformation from any key is 2**56 / 2**64. So having
any particular transformation exist is unlikely, and if a key is found
that satisfies one block of known plaintext, about 255 times out of
256 that will be the key we want. In general, we need only one
known-plaintext block.
---
Terry Ritter [EMAIL PROTECTED] http://www.io.com/~ritter/
Crypto Glossary http://www.io.com/~ritter/GLOSSARY.HTM
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: My comments on AES
Date: Mon, 23 Oct 2000 20:51:55 +0200
James Felling wrote:
>
> I believe that given any of the Candidates being declared the AES. There
> will exist an accademic attack versus that cypher before 2006. It is
> simply a matter of enough effort being applied against it. I do not
> believe that any cypher can hold against that kind of attention without
> some minor flaw being found. I have a feeling that this is what Bruce is
> thinking as well.
I have a problem with the definition of 'academic' attack.
Suppose that a new cipher has yet no known attack excepting
brute force. By how much improvement must an attack at
least have in order to be qualified as an academic attack,
or does any epsilon improvement counts, no matter how
neglibly small that is?
M. K. Shen
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: ---- As I study Rinjdael...
Date: 23 Oct 2000 18:37:59 GMT
[EMAIL PROTECTED] (Falissard) wrote in <8t1q0s$14pj$[EMAIL PROTECTED]>:
>http://www.gnupg.org/rfc2440-12.html
Thanks for the info on OPENPGP i see it uses CFB still not
a favorite but I still forgot is this the same as old PGP. I
forget. All I remmber was that it was not CBC.
below is quote from your pointer
12.8. OpenPGP CFB mode
OpenPGP does symmetric encryption using a variant of Cipher Feedback
Mode (CFB mode). This section describes the procedure it uses in
detail. This mode is what is used for Symmetrically Encrypted Data
Packets; the mechanism used for encrypting secret key material is
similar, but described in those sections above.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.xoom.com/ecil/index.htm
Scott LATEST UPDATED source for scott*u.zip
http://radiusnet.net/crypto/ then look for
sub directory scott after pressing CRYPTO
Scott famous Compression Page
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Huffman stream cipher.
Date: 23 Oct 2000 18:30:22 GMT
[EMAIL PROTECTED] (Richard Heathfield) wrote in
<[EMAIL PROTECTED]>:
>"SCOTT19U.ZIP_GUY" wrote:
>>
>> >Here is the output I got:
>> >
>> >D:\alldata\dev\crypto\scott19u>gcc -W -Wall -ansi -pedantic scott19u.c
>> >In file included from scott19u.c:8:
>>
>> I see your mistake. you should have used
>> gcc -O3 scott19u.c -o scott19u.exe
>> then it will work.
>
>You mean, "turn off all the warnings so that the compiler won't tell me
>how crap the code is, and turn off all the portability flags so that the
>compiler won't tell me that this code is as portable as Mount Everest"?
>Okay, let's try that:
>
>D:\alldata\dev\crypto\scott19u>gcc -O3 scott19u.c -o scott19u.exe
>scott19u.c: In function `main':
>scott19u.c:58: warning: return type of `main' is not `int'
>
>So, even when I turn off all the warnings and all the portability flags,
>I /still/ don't get a clean compile.
>
>That, sir, is lame.
>
>> Yes the "long long" type is not standard
>> blessed C
>
>Well, not in the 1990 Standard, anyway. (A newer standard supports long
>long, but is so new that there are no known compilers supporting it yet,
>so long long will not be portable for a year or so, at a guess.)
>
>> but it is stadard DGJPP GNU C to get use of
>> 64 bit chunks of data.
>
>I had no idea that there was an ISO DJGPP Standard. You have a
>reference?
>
>> GNU seems to have many advanced features
>> that allows one to do things normal C lacks.
>
>Yes - most compilers do. They're called 'extensions', and the reason
>they're extensions rather than core C is that they're not portable.
>
>> I most also say that this did not compile on my original
>> 486 intel PC I had to ship it encryped to my son to get it
>> to compile. But on my new machine a K6-III no problem. So if
>> you have low memory it will run out of space during compile.
>
>Why's that? Let's see: Ah yes, it's probably that 1.2 Megabyte buffer.
>Seems like an odd size for a buffer, but I expect you'll explain that
>when you document the algorithm. And you'll have to, if you want to be
>taken seriously - because the source code is, quite simply, illegible.
Maybe the 19x19 bit S tables are bigger than what most people are
use to.
>
>
I guess you don't realize that warning is not the same as error.
I use to get warning from compliers all the time. It just means becare
or use at you on risk which really goes with all software. But a
warning is not an ERROR. Portability to other systems is not a high
priority with me. Getting code to work on the machine I use is. Hell
when I worked for the US gorvernment people who thought they were using
portable fortran also got a shock when there code did not work the same
on next verison of fortran on the same machine. I don't like to change
compiler versiions even in C. I would not be surprised in the next
release of GNU C for DJGPP it may not work. But it does for the current
version. One could chase portability issues for ever but you never
really know the code is portable until you test it on the machine.
My fun is getting it to work on the machine I have access to with the
tools I have. I figure if some one wants to use it in another machine
or compiler of there choice they have to get it to work. However
since I am retired I would be willing to work for CASH to get it to
work on another machine and or version of a compiler.
C was not designed for portability. It was designed to make programing
easyer on NEW machines without having to rely soley on machine language
it is a tool to help nothing more.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.xoom.com/ecil/index.htm
Scott LATEST UPDATED source for scott*u.zip
http://radiusnet.net/crypto/ then look for
sub directory scott after pressing CRYPTO
Scott famous Compression Page
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto,alt.freespeech
Subject: Re: How to post absolutely anything on the Internet anonymously
Date: Mon, 23 Oct 2000 11:42:39 -0700
zapzing wrote:
>
> In article <[EMAIL PROTECTED]>,
> Anthony Stephen Szopa <[EMAIL PROTECTED]> wrote:
> > > Anonymity and privacy seem destined to go the way of the Dodo. When
> the
> > > government's nano-scale spy robots are everywhere, escaping from
> their
> > > view long enough to do anything in private will be very, very
> difficult.
> > > --
> > > __________ Lotus Artificial Life http://alife.co.uk/
> [EMAIL PROTECTED]
> > > |im |yler The Mandala Centre http://mandala.co.uk/ Surf against
> sewage.
> >
> > Then you accept the total destruction of the US Constitution and our
> > way of life?
> >
> > I just don't think you can have unbridled use of nano technology and
> > seriously harbor any hopes of preserving our political system.
> >
>
> I do not seriously harbor any hopes of preserving
> "our" political constitution. What is it about
> the present political system that you like, BTW?
>
> --
> Void where prohibited by law.
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.
I like the fact that you are not President or Speaker of the House
or Majority leader in the Senate, etc. and never will be.
Tell all your friends and associates what you have just said here.
Tell us what their reaction is to you afterwards.
Thanks.
------------------------------
From: [EMAIL PROTECTED] (Michael Dales)
Subject: Re: Finding Sample implementation for DES and IDEA
Date: 23 Oct 2000 18:09:53 GMT
On a related note, where can I find simple test vectors for DES? I tried
to find the standard, which seem to be in SP 500-20 from the NIST, but
you can't just download that doc.
--
Michael Dales --- email: [EMAIL PROTECTED] --- tel: +44 141 330 6297
Department of Computing Science, University of Glasgow, Glasgow, G12 8QQ
------------------------------
From: jungle <[EMAIL PROTECTED]>
Subject: Re: Finding Sample implementation for DES and IDEA
Date: Mon, 23 Oct 2000 14:54:21 -0400
two nice quotes from the IDEA link ...
As this new cipher continues to attract attack efforts from the most
formidable quarters of the cryptanalyic world, confidence in IDEA is
growing with the passage of time."
Philip Zimmermann, 1992
In my opinion, it is the best and most secure block algorithm available to
the public at this time
Bruce Schneier, Applied Cryptography Second Edition, 1996
Jan Willem Knopper wrote:
===
> IDEA source can be found on http://www.r3.ch/o_files/products/idea/
------------------------------
From: Simon Johnson <[EMAIL PROTECTED]>
Subject: Re: Visual Basic
Date: Mon, 23 Oct 2000 18:51:53 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> Yes, bit, they exist and someone has already posted one.
>
> What's more practical is to get (or buy) a cipher package that,
ideally,
> is packaged as an ActiveX (OCX) control. Then simply call its methods
> appropriately. DLLs (dynamic link libraries) can also be called from
VB
> although it takes a little bit more work.
>
> Cipher algorithms usually require so much "bit twiddling" that it is
> much more efficient for the cipher core to be done in a compiled
> language. Visual Basic is simpler for the less compute-intensive
tasks.
>
> >binary digit wrote:
> >
> > Anyone know where I can find some encryption algorithms that have
been coded
> > in Vb and have good documentation on them?
>
> ------------------------------------------------------------------
> Sundial Services :: Scottsdale, AZ (USA) :: (480) 946-8259
> mailto:[EMAIL PROTECTED] (PGP public key available.)
> > Fast(!), automatic table-repair with two clicks of the mouse!
> > ChimneySweep(R): "Click click, it's fixed!" {tm}
> > http://www.sundialservices.com/products/chimneysweep
>
Indeed, i know of a Tea, twofish and Des56 implementation in VB.
--
Hi, i'm the signuture virus,
help me spread by copying me into Signiture File
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Simon Johnson <[EMAIL PROTECTED]>
Subject: Re: new to data encryption please help
Date: Mon, 23 Oct 2000 19:08:42 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) wrote:
> [EMAIL PROTECTED] (Dido Sevilla) wrote in
> <[EMAIL PROTECTED]>:
>
> >[EMAIL PROTECTED] wrote:
> >>
> >> hi
> >> i am a biology student with nothing whatsoever to do with
encryption
> >> yet i have written some programs to do the same just for fun but
now i
> >> want to learn the real methods of doing it. Can anyone please help
me ?
> >> i would like to know any online references for beginners and if
> >> possible books .
> >
> >
> >Find a copy of Bruce Schneier's "Applied Cryptography". Try visiting
> >http://www.cacr.math.uwaterloo.ca/hac/ as well. And read the FAQ
too.
> >There are lots of references there although admittedly it's somewhat
> >dated. The Counterpane website (http://www.counterpane.com/) is
another
> >nice site with lots of useful information. They publish their
research
> >online and it's nice to be able to study how the professionals do it.
> >
>
> Beaware remember crypto is a black art. And part of the game is to
> mislead people into how to do safe secure crypto. So any book you read
> should be done with a jaundice eye. Try reading various sources and
> don't buy any books. A good book to read is "THe code breakers"
> "the Puzzle Palace" and checkout my site. I am a black sheep of
> the open crypto community.
>
> David A. Scott
> --
> SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
> http://www.jim.com/jamesd/Kong/scott19u.zip
> Scott famous encryption website **now all allowed**
> http://members.xoom.com/ecil/index.htm
> Scott LATEST UPDATED source for scott*u.zip
> http://radiusnet.net/crypto/ then look for
> sub directory scott after pressing CRYPTO
> Scott famous Compression Page
> http://members.xoom.com/ecil/compress.htm
> **NOTE EMAIL address is for SPAMERS***
> I leave you with this final thought from President Bill Clinton:
>
To be honest, u're just parranoid (but healthly)..... People won't agree
with me, but i don't think you're a 'Black Sheep'. No-one is, i think
we should all respect other peoples opinions more :)
--
Hi, i'm the signuture virus,
help me spread by copying me into Signiture File
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: On block encryption processing with intermediate permutations
Date: Mon, 23 Oct 2000 21:45:48 +0200
Bryan Olson wrote:
>
> Mok-Kong Shen wrote:
> > I have to understand you stuff step by step.
> > So let me ask questions of the very first part (and later
> > on in another post about the remaining part). What do you
> > mean by having the 'first five permutations preserve block
> > equality'? I mean (1) What is preservation of block equality
>
> It means that assuming the blocks are equal before the
> permutation, then they are equal after the permutation.
>
> I see I switched notation mid-sentence in one explanation, so
> here's the fixed version: Suppose the two blocks going into
> a permutation are the same; say the words are (x, y, x, y).
> Eight of the 24 permutations keep the two blocks the same,
> four of them producing (x, y, x, y), and four producing
> (y, x, y, x).
Suppose one encrypts many double blocks (u, v, u, v) in
a very long message and (u, v) goes to (x, y), then one will
have a probability of finding a double block (x, y, x, y)
after permutation with a probability of 2^(-4), since the
permutation can be regarded to have mixed the stream
x,y,x,y,.... perfectly so that x and y each occurs with
the probability of 1/2, if I don't err. Note that there are
other type of double blocks, e.g.(x, x, x, y). If one now
encrypt all the permuted blocks in the next cycle and suppose
(x, y) encrypts to (w, z) and (x, x) encrypts to (w1, z1)
etc., what is the probability of getting (w, z, w, z)
after the next permutation? Wouldn't there then be similar
double blocks (s, t, s, t) that has the same frequency
or almost the same frequency as (w, z, w, z)? I am afraid
that, by going through 8 cycles it would be extremely
hard to identify a path like (u,v,u,v)-->(x,y,x,y)-->
(e,f,e,f) .... --> (j,k,j,k) (say) by examining the
frequency distribution alone. Further, I admit that
I don't yet quite understand the deep intention of your
using double blocks instead of single blocks. Could you
please kindly help a little bit also in that point?
Thanks in advance.
M. K. Shen
------------------------------
From: Ichinin <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: Visual Basic
Date: Mon, 23 Oct 2000 09:34:51 +0200
How is
A)
n * 2 = <<
n / 2 = >>
n mod 2 = extract bit state
or
B)
Declare Function Rotl Alias Lib "CPlusPlus.DLL" (Byval Rotl_Data as
Integer) as Integer
(etc)
hard to do in vb?
Regards,
Ichinin
Sundial Services wrote:
>
> Actually, Paul, Borland's take on language-design has always been
> different from Microsoft's and in many cases much more advanced.
> However, the fact remains that the bit-twiddling required for fast and
> effective cryptography (in most cases) is: (a) better done using a
> different language; AND (b) probably ALREADY DONE.
>
> My original suggestion was simply that "while you can do it, you won't
> be able to do it as easily or as well and ... why do it, except as a
> purely academic exercise?"
------------------------------
From: "Kenneth Lantrip" <[EMAIL PROTECTED]>
Subject: Re: toy cipher question
Date: Mon, 23 Oct 2000 14:27:19 -0500
I'm not very proficient with C yet, as I'm just dabbling a bit in it now.
But from what I've gathered from studying a few of the famous algorythms
used, that any good algorythm must have a trap door function.
If I have the cyphertext and the plaintext, is there any way to recover the
key, other than brute force? Or even give any clues to the key?
If I have this function C = (P * K) mod 256... K cannot be determined from
knowing C and P. However if I have C = (P xor K), then K can be determined
from K = (C xor P).
I didn't see any trap door functions used in your code. However, I may be
overlooking something as I'm not yet proficient with the C language.
Others here may offer way more insight as to the rights and wrongs of the
above logic.
Disclaimer: I am just a beginner when it comes to state of the art
encryption algorythms. I only know that I should not try to invent my own
cypher yet.
------------------------------
From: Bryan Olson <[EMAIL PROTECTED]>
Subject: Re: On block encryption processing with intermediate permutations
Date: Mon, 23 Oct 2000 19:26:39 GMT
James Felling wrote:
> Perhaps I can help. I think I understand Mr. Olson's method,
> and I also think I may see the root of your objection.
>
> Proposed. Submit a block of form (u,v) to the code. out will
> come block (x,y) at the end.
>
> Attn Mok:
> If the PRNG's output is not keyed somehow to block number/message
> length then by repeatedly doing this single encryption. what will
> happen is that the set of all possible single block encryptions of
(u,v)
> will be eventually generated. Similary by submitting a double block
one
> may access a set of blocks that will allow you to identify special
pairs
> of blocks from the 1 block stream. Your system falls in this case.
I agree with this description. (There are also other useful
blocks among the two-block outputs.)
> Attn Brian:
> There will be only 1 possible output of a 1block encryption if the
> PRNG is keyed to block number/message length. ( i.e. all n block
> messages are permuted the same way( under the same keying).)
>
> However, in this case one may have a chance (on casual
> examination) of seperating the permutation off of the code via some
> form of differential attack.
Again I agree. In the long history of this thread, that was
the basic line of my first attack. That attack depends upon
each chosen message being encrypted using the same
permutations. Shen now requires a constantly-updating PRNG
state to generate the permutations.
--Bryan
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: James Felling <[EMAIL PROTECTED]>
Subject: Re: On block encryption processing with intermediate permutations
Date: Mon, 23 Oct 2000 14:41:54 -0500
Mok-Kong Shen wrote:
> James Felling schrieb:
> >
> > Perhaps I can help. I think I understand Mr. Olson's method, and I also
> > think I may see the root of your objection.
> >
> > Proposed. Submit a block of form (u,v) to the code. out will come block
> > (x,y) at the end.
> >
> > Attn Mok:
> > If the PRNG's output is not keyed somehow to block number/message
> > length then by repeatedly doing this single encryption. what will
> > happen is that the set of all possible single block encryptions of (u,v)
> > will be eventually generated. Similary by submitting a double block one
> > may access a set of blocks that will allow you to identify special pairs
> > of blocks from the 1 block stream. Your system falls in this case.
>
> Yes, all possible blocks will eventually be generated with
> a fairly good chance, if one encrypts a very long message
> with each block the same (u,v). So one can get a set of
> possible blocks on the ciphertext side. With 8 cycles this
> set is likely to be not too small and hence the message
> length. One point I don't yet understand is how to pick
> a 'particular' subset from that set that promises to well
> deliver information about the key and moreover what is the
> chance of picking that. Could you help me a bit on that?
> Thanks in advance.
>
> M. K. Shen
No. I am NOT claiming a long message. What is being done is a single
block(u,v) is submitted and encrypted. producing output (x,y). If the PRNG is
keyed in the proper manner(i.e. Message M with key K at time T encodes to a
different value than Message M with Key K at time T+1), then there are 64
possible outputs from this program, which will apear at random and one can by
repeatedly submiting 1 block messages to the system eventually see in the
outputs all 64 possible messages. Then one may submit 2 block messages in
the same manner. This will produce a substantially larger space of possible
outputs( and once a sulficient proportion of those are collected the "special"
pairs drop out, and the attack procedes as normal.
Mr. Olson is not submitting a stream of messages, he is submitting very small
messages repeatedly. This allows him to use statistical tools to pull out the
special pairs, and then make the attack.
------------------------------
From: James Felling <[EMAIL PROTECTED]>
Subject: Re: My comments on AES
Date: Mon, 23 Oct 2000 14:45:10 -0500
An accademic attack is ANY attack that improves upon brute force. If you can
eliminate even a single key from the pool of potential candidates via
mathematical means it is a valid accademic attack. Heck if you can assign an
ordering of likelyhood to potential keys that is an attack. Any method that is
more efficient than straight brute force is an attack.
Mok-Kong Shen wrote:
> James Felling wrote:
> >
> > I believe that given any of the Candidates being declared the AES. There
> > will exist an accademic attack versus that cypher before 2006. It is
> > simply a matter of enough effort being applied against it. I do not
> > believe that any cypher can hold against that kind of attention without
> > some minor flaw being found. I have a feeling that this is what Bruce is
> > thinking as well.
>
> I have a problem with the definition of 'academic' attack.
> Suppose that a new cipher has yet no known attack excepting
> brute force. By how much improvement must an attack at
> least have in order to be qualified as an academic attack,
> or does any epsilon improvement counts, no matter how
> neglibly small that is?
>
> M. K. Shen
------------------------------
From: "David C. Barber" <[EMAIL PROTECTED]>
Subject: Re: Visual Basic
Date: Mon, 23 Oct 2000 12:52:52 -0700
"Sundial Services" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Cipher algorithms usually require so much "bit twiddling" that it is
> much more efficient for the cipher core to be done in a compiled
> language. Visual Basic is simpler for the less compute-intensive tasks.
Actually, since Version 5, VB is a compiled language.
*David Barber*
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: ---- As I study Rinjdael...
Date: Mon, 23 Oct 2000 22:16:11 +0200
"SCOTT19U.ZIP_GUY" wrote:
>
> [EMAIL PROTECTED] (Mok-Kong Shen) wrote:
> >
> >Greggy wrote:
> >>
> >> As I study Rijndael, I am constantly haunted by the question I hope
> >> someone can answer:
> >>
> >> If Rijndael is so strong, why does the US government choose NOT to use
> >> it for ANY (not all) classified information?
> >
> >I am not aware that the US government 'chooses' not to use
> >Rijndael for any classified information. Why should it tell
> >you what it uses to encrypt classified information? By
> >definition, classified information doesn't concern you
> >as normal citizen at all. (You are not supposed to care
> >about it.)
> >
> >M. K. Shen
>
> Actually every concerned citizen should care about what
> the government ecnrypts otherwise we will go down the same
> path as the soviets. The amount and type of information the
> government tries to hide should be closely watched unless one
> wants to be taken care of cradle to grave with little contorl
> over ones life. The govenment assumes it knows more than
> every one else so they use internal methods that have an additional
> security feature of the algorithms being kept secret. Rijndael
> fails since the method is not secret. I also suspect it may fail
> since there is a gook chance the NSA can already break it. Unless
> one uses a chaining mod like "wrapped PCBC" and those kind of
> modes will not be approved for use.
Aren't you suggesting that a government should keep no
secret so that it is entirely open even to hostile
foreign countries?
M. K. Shen
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: My comments on AES
Date: Mon, 23 Oct 2000 22:19:18 +0200
James Felling wrote:
>
> An accademic attack is ANY attack that improves upon brute force. If you can
> eliminate even a single key from the pool of potential candidates via
> mathematical means it is a valid accademic attack. Heck if you can assign an
> ordering of likelyhood to potential keys that is an attack. Any method that is
> more efficient than straight brute force is an attack.
For me that has the flavour of department stores of
having $99.99 instead of $100.00 counting as a discount.
M. K. Shen
------------------------------
From: [EMAIL PROTECTED] (Matthew Skala)
Subject: Re: who first will break claim that DVD pattern of imprints can't be
tampered with, erased or falsified ?
Date: 23 Oct 2000 12:53:48 -0700
In article <[EMAIL PROTECTED]>,
H.Bruijn <[EMAIL PROTECTED]> wrote:
>>Bachrach said that, unlike other coding technologies, the pattern of imprints
>>can't be tampered with, erased or falsified.
>
>Basically what they claim is that the dvd/cd stamping process leaves
>certain marks on the product. Forensic science can then tie a certain
>machine to the discs it produced. Just like in the old detectives where
>the note printed with a mechanical type writer can be used to tie the
>owner of it to a crime.
It's also worth remembering that since these "imperfections" are
implicitly on a lower level of abstraction than the actual signal, they
won't be copied when the DVD is copied - just as if someone retypes a
letter, forensic examination of the retyped copy will only give
information about the typewriter used for the retyping, not the
typewriter that might have been used for the original.
--
Matthew Skala
[EMAIL PROTECTED] :CVECAT DELENDA EST
http://www.islandnet.com/~mskala/
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
