Cryptography-Digest Digest #999, Volume #12 Wed, 25 Oct 00 14:13:01 EDT
Contents:
Re: idea for spam free email ("G. Orme")
Re: idea for spam free email (Richard Heathfield)
Re: Finding Sample implementation for DES and IDEA ([EMAIL PROTECTED])
Re: Decrypted Secrets ("John A. Malley")
hardware vs. software vs. crypto accelerators ("Simon")
Re: How to post absolutely anything on the Internet anonymously (zapzing)
Re: I can post absolutely anything on the Internet for you to download. (zapzing)
Re: Rijndael file encryption question. (SCOTT19U.ZIP_GUY)
Re: idea for spam free email (Ben Clifford)
Re: idea for spam free email (Ben Clifford)
Re: Rijndael file encryption question. (SCOTT19U.ZIP_GUY)
Re: How to post absolutely anything on the Internet anonymously (Anthony Stephen
Szopa)
Re: Visual Basic (Ichinin)
Re: hardware vs. software vs. crypto accelerators (Tom St Denis)
Re: I can post absolutely anything on the Internet for you to download. (Anthony
Stephen Szopa)
----------------------------------------------------------------------------
From: "G. Orme" <[EMAIL PROTECTED]>
Subject: Re: idea for spam free email
Date: Wed, 25 Oct 2000 14:34:08 GMT
"jungle" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> "G. Orme" wrote:
> ===
> > Of course whoever
> > uses the program must agree as part of the license not to send
advertising
> > by email anyway.
>
> and you call this spam free idea ?
>
>
>
G. To get access to sending people on the system emails one would have to
agree not to send spam. If they did they would get banned. Not only that,
but for people to sign up to use the network they have to accept an
agreement not to spam. If a company did this wilfully they could be sued.
------------------------------
Date: Wed, 25 Oct 2000 15:50:00 +0100
From: Richard Heathfield <[EMAIL PROTECTED]>
Subject: Re: idea for spam free email
"G. Orme" wrote:
>
> "jungle" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > "G. Orme" wrote:
> > ===
> > > Of course whoever
> > > uses the program must agree as part of the license not to send
> advertising
> > > by email anyway.
> >
> > and you call this spam free idea ?
> >
> >
> >
>
> G. To get access to sending people on the system emails one would have to
> agree not to send spam. If they did they would get banned. Not only that,
> but for people to sign up to use the network they have to accept an
> agreement not to spam. If a company did this wilfully they could be sued.
I think 'jungle' is saying that a system which claims to prevent spam
should not rely on people promising not to send it.
I can sell you a car that never needs you to fill it with petrol.
The small print says that you promise to carry a passenger with you with
the bucks to fill the tank if it ever runs low.
Interested? I thought not.
--
Richard Heathfield
"Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
K&R Answers: http://users.powernet.co.uk/eton/kandr2/index.html
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Finding Sample implementation for DES and IDEA
Date: Wed, 25 Oct 2000 14:36:32 GMT
In article <8t5ak0$5eo$[EMAIL PROTECTED]>,
Steven Wu <[EMAIL PROTECTED]> wrote:
>
> Thanks! But what is ECB ?
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.
>
Read HAC chapter 7 on block cipher "modes of operation" for details.
http://cacr.math.uwaterloo.ca/hac/index.html
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: "John A. Malley" <[EMAIL PROTECTED]>
Subject: Re: Decrypted Secrets
Date: Wed, 25 Oct 2000 07:55:42 -0700
John Savard wrote:
>
[snip backroung to question: where can one find a list explaining all
the symbology used in Chapter 2 of Bauer's "Decrypted Secrets"]
>
> I think that A --> B means a mapping of set A to set B, and x |-> y
> means that element x of a set is mapped to element y of a set. The
> other symbols are standard; thus, in 2.2.2.1 we get "if x maps to z,
> and y maps to z, then x is the same as y".
I read it the same way. The |-> symbol represents the reduction of one
element in one set to another element in another set. That symbol is
used with that meaning in other books. And, A <---- B means the inverse
of the mapping from A to B.
John A. Malley
[EMAIL PROTECTED]
------------------------------
From: "Simon" <[EMAIL PROTECTED]>
Subject: hardware vs. software vs. crypto accelerators
Date: Wed, 25 Oct 2000 17:01:59 +0100
Could anybody point me in the direction of a good resource comparing and
contrasting the various approaches to delivering cryptographic services for
enterprise customers?
Replies to [EMAIL PROTECTED] would be appreciated.
------------------------------
From: zapzing <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto,alt.freespeech
Subject: Re: How to post absolutely anything on the Internet anonymously
Date: Wed, 25 Oct 2000 16:07:49 GMT
In article <[EMAIL PROTECTED]>,
Anthony Stephen Szopa <[EMAIL PROTECTED]> wrote:
> zapzing wrote:
> >
> > In article <[EMAIL PROTECTED]>,
> > Anthony Stephen Szopa <[EMAIL PROTECTED]> wrote:
> > > > Anonymity and privacy seem destined to go the way of the Dodo.
When
> > the
> > > > government's nano-scale spy robots are everywhere, escaping from
> > their
> > > > view long enough to do anything in private will be very, very
> > difficult.
> > > > --
> > > > __________ Lotus Artificial Life http://alife.co.uk/
> > [EMAIL PROTECTED]
> > > > |im |yler The Mandala Centre http://mandala.co.uk/ Surf
against
> > sewage.
> > >
> > > Then you accept the total destruction of the US Constitution and
our
> > > way of life?
> > >
> > > I just don't think you can have unbridled use of nano technology
and
> > > seriously harbor any hopes of preserving our political system.
> > >
> >
> > I do not seriously harbor any hopes of preserving
> > "our" political constitution. What is it about
> > the present political system that you like, BTW?
> >
> > --
> > Void where prohibited by law.
> >
> > Sent via Deja.com http://www.deja.com/
> > Before you buy.
>
> I like the fact that you are not President or Speaker of the House
> or Majority leader in the Senate, etc. and never will be.
>
> Tell all your friends and associates what you have just said here.
>
> Tell us what their reaction is to you afterwards.
>
> Thanks.
What if I did and what if they all said I
was crazy? what would that prove ?
Nothing! That's what. It's an Argument
Ad Populem, and is therefore invalid.
--
Void where prohibited by law.
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: zapzing <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto,alt.freespeech,talk.politics.misc
Subject: Re: I can post absolutely anything on the Internet for you to download.
Date: Wed, 25 Oct 2000 16:32:45 GMT
In article <[EMAIL PROTECTED]>,
Anthony Stephen Szopa <[EMAIL PROTECTED]> wrote:
> I can post absolutely anything on the Internet for you to download.
>
> But then I suppose the government will outlaw the posting or making
> available for download any file that is or appears to be random data.
Oh, why in the world would they do that?
Surely they would never suspect that a
file of apparently random numbers is
actually an encrypted file!
> But you can use any file. Here's an example: create a file
> containing the text from an online encyclopedia. Then distribute
> a key such that when this key is XORed with the encyclopedia text
> file it results in the prohibited software.
>
> Your only minor problem is distribution of the key.
And a minor problem it is, for sure.
They key is only as large as the original
file!
> So for all you defeatists out there, I guess the government can
> always prohibit posting or making any file available on the Internet
> to stop the transfer of prohibited material over the Internet.
>
> Oh, well.
They have been there, done that, and
got the T-shirt. A conspiracy is already
illegal, whether the Internet is used
or not.
--
Void where prohibited by law.
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Rijndael file encryption question.
Date: 25 Oct 2000 16:34:39 GMT
[EMAIL PROTECTED] (Volker Hetzer) wrote in
<[EMAIL PROTECTED]>:
>"SCOTT19U.ZIP_GUY" wrote:
>>
>> [EMAIL PROTECTED] (Mike Rosing) wrote in
>> <[EMAIL PROTECTED]>:
>> >Fill the remaining block with extra known data. The IEEE standard
>> >says to fill with 01, 0202, 030303, etc up to the number of bytes
>> >you've filled with. that's binary, so you can make it ascii if you
>> >like: 1, 22, 333, 4444, etc.
>> >
>> >That way you always send a correct multiple of block data bytes and
>> >it's pretty easy to pick off the padding.
>> Actually this is a dumb method since what if the real file had
>> a ending likt 01 then how would you know not to toss it. No wonder
>> I never joined IEEE if this is there standard maybe we should wait
>> for the Europeans because this is plain stupid.
>I suppose, if the real file ends with 01 it *still* would have to be
>padded with an additional 01, which you could then remove at the
>receiving end.
>
ACtually the solution is pretty dam easy. I would hope the IEEE is not
that stupid but I think there is a dumbing down going on since CLinton
took power so maybe they have it screwed up.
THe orignial poster made it sound like padding was added to fill a
incomplete encryption block. If the last chatarter is 01 then the last
block is
filled and adding a single 01 does not fill to the correct block size.
Does anyone really know what the so called IEEE standard really is.
It it realy as bad as the original poster made it out to be or what
is missing. I know several solutions but did the IEEE solve it or
was it something made up by managers who don't know what the fuck
there doing. Which unfortunately is happening in government more and
more and thanks to the new government secrets act clinton is rushing
to sign only more such stupid descisions will occur.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.xoom.com/ecil/index.htm
Scott LATEST UPDATED source for scott*u.zip
http://radiusnet.net/crypto/ then look for
sub directory scott after pressing CRYPTO
Scott famous Compression Page
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
------------------------------
From: [EMAIL PROTECTED] (Ben Clifford)
Subject: Re: idea for spam free email
Date: Wed, 25 Oct 2000 13:58:42 +0000
Reply-To: [EMAIL PROTECTED]
On Wed, 25 Oct 2000 01:09:57 GMT, G. Orme <[EMAIL PROTECTED]> wrote:
>G. The code could include a kind of checksum of the size of certain files
>that is sent with emails, and if it is wrong the emails are not accepted. A
>hacker couldn't know what the checksum was.
But he could hack the checksum code so that it read
if(1==1) ok();
instead of
if(checksum()=437243) ok;
Then the checksum is defeated.
>> That is still too inconvenient.
>G. It only has to be done the first time, and then once a month. It depends
>whether it is more or less convenient than getting spam.
I think on the whole, people will put up with spam and just whinge about
it.
Why not make it so that you have to install GPG/PGP and digitally
sign all your messages to me? Then I reject all non-signed messages.
At least I have some authentication on the sender, if you can get
into my web of trust.
>G. Once you join the network you correspond perfectly freely, no
>restricitons except you agree not to send spam.
And what if I do send spam? You cut me off and you get no support for
my globe applet any more? And I have made my money so I don't care.
--
http://www.hawaga.org.uk/ben/
GPG key 30F06950 on key servers & my web page. You are encouraged to use it!
Visit my page for benno.globe - rotating world map applet.
------------------------------
From: [EMAIL PROTECTED] (Ben Clifford)
Subject: Re: idea for spam free email
Date: Wed, 25 Oct 2000 14:00:26 +0000
Reply-To: [EMAIL PROTECTED]
On Wed, 25 Oct 2000 01:01:46 GMT, G. Orme <[EMAIL PROTECTED]> wrote:
>G. The idea is that to send you email people have to download a small
>program which does the encrypting. If they accept an agreement to not send
>spam they can then freely use the network. If someone receives spam they can
>complain and perhaps after a warning that person is kicked out of the
>network. So you see anyone can send you anything, they just have to agree
>first not to send you spam. A hmmm folder can be added for people who don't
>accept the agreement though this would probably be all spam anyway.
A condition of use of most ISPs is that the subscriber agrees not to send
spam. If someone receives spam, they can complain and perhaps after a
warning that person is kicked out of the network.
You scheme is already implemented.
--
http://www.hawaga.org.uk/ben/
GPG key 30F06950 on key servers & my web page. You are encouraged to use it!
Visit my page for benno.globe - rotating world map applet.
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Rijndael file encryption question.
Date: 25 Oct 2000 17:23:44 GMT
[EMAIL PROTECTED] (Mike Rosing) wrote in
<[EMAIL PROTECTED]>:
>ajd wrote:
>> b) Save the entire final encrypted block before sending to Bob (so we
>> save 112 bytes of encrypted data instead of 99). The problem here is
>> that Bob doesn't know how long the original encrypted file was. When
>> he decrypts he then gets:
>> oh I do like to be beside the seaside.
>> Oh I do like to be beside the sea.
>> where the brass band pl�������������
>>
>> We have the whole original method but some extra stuff as well. For
>> non-text files this could prove to be a problem. Do I use this method
>> and send the file length to Bob as well or is there another way to get
>> around the problem?
>
>Fill the remaining block with extra known data. The IEEE standard says
>to fill with 01, 0202, 030303, etc up to the number of bytes you've
>filled with. that's binary, so you can make it ascii if you like: 1,
>22, 333, 4444, etc.
>
>That way you always send a correct multiple of block data bytes and it's
>pretty easy to pick off the padding.
>
>Patience, persistence, truth,
>Dr. mike
>
I would like to see the IEEE standard. I am begining to have a
gut feelling that they screwed up and asshole manager types may
have made the actual standard. Anyone know what it really is and
if there where dumb enough so that some files are ambiguous?
I wil report anything I learn about this so called standard and
I will say if its messed up assuming its written so the reading
itself is not ambiguous.
I will make one quick point. If it is for use to only fill the
last encryption block if it is not full it sucks big time.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.xoom.com/ecil/index.htm
Scott LATEST UPDATED source for scott*u.zip
http://radiusnet.net/crypto/ then look for
sub directory scott after pressing CRYPTO
Scott famous Compression Page
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto,alt.freespeech
Subject: Re: How to post absolutely anything on the Internet anonymously
Date: Wed, 25 Oct 2000 10:36:39 -0700
zapzing wrote:
>
> In article <[EMAIL PROTECTED]>,
> Anthony Stephen Szopa <[EMAIL PROTECTED]> wrote:
> > zapzing wrote:
> > >
> > > In article <[EMAIL PROTECTED]>,
> > > Anthony Stephen Szopa <[EMAIL PROTECTED]> wrote:
> > > > > Anonymity and privacy seem destined to go the way of the Dodo.
> When
> > > the
> > > > > government's nano-scale spy robots are everywhere, escaping from
> > > their
> > > > > view long enough to do anything in private will be very, very
> > > difficult.
> > > > > --
> > > > > __________ Lotus Artificial Life http://alife.co.uk/
> > > [EMAIL PROTECTED]
> > > > > |im |yler The Mandala Centre http://mandala.co.uk/ Surf
> against
> > > sewage.
> > > >
> > > > Then you accept the total destruction of the US Constitution and
> our
> > > > way of life?
> > > >
> > > > I just don't think you can have unbridled use of nano technology
> and
> > > > seriously harbor any hopes of preserving our political system.
> > > >
> > >
> > > I do not seriously harbor any hopes of preserving
> > > "our" political constitution. What is it about
> > > the present political system that you like, BTW?
> > >
> > > --
> > > Void where prohibited by law.
> > >
> > > Sent via Deja.com http://www.deja.com/
> > > Before you buy.
> >
> > I like the fact that you are not President or Speaker of the House
> > or Majority leader in the Senate, etc. and never will be.
> >
> > Tell all your friends and associates what you have just said here.
> >
> > Tell us what their reaction is to you afterwards.
> >
> > Thanks.
>
> What if I did and what if they all said I
> was crazy? what would that prove ?
> Nothing! That's what. It's an Argument
> Ad Populem, and is therefore invalid.
>
> --
> Void where prohibited by law.
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.
Come on, try it. Also, be sure to tell your immediate family and
other relatives.
Test your position in logic.
After all, you said it made no difference.
I says it does.
------------------------------
From: Ichinin <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: Visual Basic
Date: Wed, 25 Oct 2000 07:41:35 +0200
mdc wrote:
> But in VB, integers are signed. If you're coding an algorithm that
> uses 32-bit unsigned integer values, you have to either split your
> values into high/low 16-bit values or overload all the integer
> functions like mod to work with long or variant data types.
Hi.
(AFAIK they are unsigned)
One option would be to tweak the c++ source to only use unsigned
data and to accept
__int64 ENCRYPT_STUFF(unsigned long int HighOrder32Bits, LowOrder32Bits)
{
...place code here...
};
then convert the internal __int64 variable to a vector or
something you could catch from vb. (like through an COMponent)
Regards,
Ichinin
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: hardware vs. software vs. crypto accelerators
Date: Wed, 25 Oct 2000 17:54:10 GMT
In article <8t7023$sde$[EMAIL PROTECTED]>,
"Simon" <[EMAIL PROTECTED]> wrote:
> Could anybody point me in the direction of a good resource comparing
and
> contrasting the various approaches to delivering cryptographic
services for
> enterprise customers?
What exactly are your needs?
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto,alt.freespeech,talk.politics.misc
Subject: Re: I can post absolutely anything on the Internet for you to download.
Date: Wed, 25 Oct 2000 11:03:20 -0700
zapzing wrote:
>
> In article <[EMAIL PROTECTED]>,
> Anthony Stephen Szopa <[EMAIL PROTECTED]> wrote:
> > I can post absolutely anything on the Internet for you to download.
> >
> > But then I suppose the government will outlaw the posting or making
> > available for download any file that is or appears to be random data.
>
> Oh, why in the world would they do that?
> Surely they would never suspect that a
> file of apparently random numbers is
> actually an encrypted file!
>
> > But you can use any file. Here's an example: create a file
> > containing the text from an online encyclopedia. Then distribute
> > a key such that when this key is XORed with the encyclopedia text
> > file it results in the prohibited software.
> >
> > Your only minor problem is distribution of the key.
>
> And a minor problem it is, for sure.
> They key is only as large as the original
> file!
>
> > So for all you defeatists out there, I guess the government can
> > always prohibit posting or making any file available on the Internet
> > to stop the transfer of prohibited material over the Internet.
> >
> > Oh, well.
>
> They have been there, done that, and
> got the T-shirt. A conspiracy is already
> illegal, whether the Internet is used
> or not.
>
> --
> Void where prohibited by law.
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.
That's my point: why would they prohibit the posting or making
available for download a random data file? A reasonable government
wouldn't. But just try it in China or Russia or N. Korea. You
might find yourself in prison where the door does not have key
access to unlock it.
Passing the key is only a minor problem. For example, beforehand, I
could pass OAP-L3 encryption software with several keys to everyone
I hoped to communicate with. This would put me in a position to
generate unlimited decryption keys, encrypt them, and post them to
these recipients. The postings or emails or whatever would appear
to be nothing but random data or even encrypted messages. There is
no law in passing encrypted messages. And if there were such a
prohibitive law the software could be modified such that the
encrypted messages could not be determined to be anything but
random data and not necessarily encrypted messages.
If you didn't know it, the keys in OAP-L3 are user determined. For
instance, the key could be 20kb in length but with this encryption
software it could generate 10 trillion random bytes.
A conspiracy is not illegal. Everyone conspires every day of their
lives. I think what you meant to say is a conspiracy to commit an
illegal act is illegal. Yes?
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
