Cryptography-Digest Digest #1, Volume #13 Wed, 25 Oct 00 19:13:00 EDT
Contents:
Re: I can post absolutely anything on the Internet for you to download.
([EMAIL PROTECTED])
New Cipher ([EMAIL PROTECTED])
Re: I can post absolutely anything on the Internet for you to download. (zapzing)
Re: New Cipher (SCOTT19U.ZIP_GUY)
nothing has been posted between 2 am & 12 am today ... (jungle)
Re: nothing has been posted between 2 am & 12 am today ... ("Tony T. Warnock")
DATA PADDING FOR ENCRYPTION (SCOTT19U.ZIP_GUY)
Re: idea for spam free email ("David C. Barber")
Is DES without IP/FP just as strong? ("David C. Barber")
Re: On block encryption processing with intermediate permutations (James Felling)
Re: nothing has been posted between 2 am & 12 am today ... (jungle)
Re: idea for spam free email (jungle)
Re: Is DES without IP/FP just as strong? (Tom St Denis)
Re: idea for spam free email (Vernon Schryver)
Re: New Cipher ([EMAIL PROTECTED])
Re: On block encryption processing with intermediate permutations (Mok-Kong Shen)
Re: New Cipher (Simon Johnson)
Re: Is DES without IP/FP just as strong? (Simon Johnson)
Factoring Polynomials (Simon Johnson)
Is OPT the only encryption system that can be proved secure? ("Peter Thorsteinson")
----------------------------------------------------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: talk.politics.crypto,alt.freespeech,talk.politics.misc
Subject: Re: I can post absolutely anything on the Internet for you to download.
Date: Wed, 25 Oct 2000 18:32:18 GMT
In article <[EMAIL PROTECTED]>,
Anthony Stephen Szopa <[EMAIL PROTECTED]> wrote:
> I can post absolutely anything on the Internet for you to download.
Yeah, and I can break into your house while you are away and steal all
your stuff. And when I get my hands on your bank book and credit card
records, I will take all of your money.
I hope you don't mind. This is a free country, after all!
>
> Although I did think of it spontaneously, I do realize and have to
> admit I thought of it a few days after reading about Publius.
>
> Scientific American
>
> http://www.sciam.com/2000/1000issue/1000techbus1.html
>
> Publius Site
>
> http://www.cs.nyu.edu/~waldman/publius/publius.html
>
> Here is how it works:
>
> Let's say you have a software program that has been deemed illegal
> to distribute, and illegal to link to a site where it is available
> for download.
>
> Yet you want to make the software available for download.
>
> I will give the basics then some suggestions.
>
> Basics:
>
> Do not identify the file in any manner.
>
> Encrypt the file using simple XOR with random data then make the
> encrypted file available for download.
>
> Because the file is secretly encrypted no one can object since it
> is only a file composed of gibberish or garbage or otherwise useless
> data.
>
> Make the secret key available for download. Because the secret key
> is also gibberish or garbage or otherwise useless data no one can
> object.
>
> You may want to distribute the key through the underground or
> black-market or some such secure or less obvious channel.
>
> Then the recipient can XOR the key with the encrypted file to
> generate the prohibited software or file.
>
> Suggestions:
>
> Break the encrypted file into two or more pieces to be assembled
> after downloading all parts. This is so no one can say the single
> encrypted file available for direct download is the exact same
> length as the prohibited file.
>
> Or you can simply generate random data to the exact length of the
> prohibited software and post this. This file is truly gibberish
> or garbage or useless data.
>
> Then write a program that generates a key such that when this key is
> XORed with the file containing gibberish or random data, the result
> is the prohibited software.
>
> Basically this is what Publius does with the added features of
> breaking up the key, posting the key parts and the prohibited
> file on to many many different servers across the Internet, allowing
> the entire key to be generated by combining only 20% of the key
> parts, etc.
>
> But then I suppose the government will outlaw the posting or making
> available for download any file that is or appears to be random data.
>
> But you can use any file. Here's an example: create a file
> containing the text from an online encyclopedia. Then distribute
> a key such that when this key is XORed with the encyclopedia text
> file it results in the prohibited software.
>
> Your only minor problem is distribution of the key.
>
> So for all you defeatists out there, I guess the government can
> always prohibit posting or making any file available on the Internet
> to stop the transfer of prohibited material over the Internet.
>
> Oh, well.
>
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED]
Subject: New Cipher
Date: Wed, 25 Oct 2000 18:49:28 GMT
I have a currently unnamed cipher design sitting
here in front of me. It's extremely recent but
it's showing some promise, if not for speed, than
for security.
First let me define the primitive, the primitive
that I will call SHA, is SHA-256 WITHOUT the
final counter, so if padding needs to be done, it
is done using a 1 followed by 0s to fill the
space, I've avoided the need for padding as much
as possible
| is concatenation
XOR is the bitwise eXclusive-OR of the two values
% is modular division
Key = an arbitrarily sized key, 128 bits or
longer, preferably 256+n*512 bits.
RoundKey = SHA(Key)
Block = 1024 bit block of binary data, split into
four parts referred to as Block(0) through Block
(3)
Feistel is a 256-bit temporary variable
for Round = 0 to ceiling(length(key)/16)
for i = 0 to 3
RoundKey = SHA(RoundKey | Key)
Feistel = SHA(RoundKey | Block(i+1 % 4) |
Block(i+2 % 4) | Block(i+3 % 4))
Block(i) = Block(i) XOR Feistel
end for i
end for Round
The basic concept for security is that it is
expectable that breaking the cipher will be
equivalent to breaking SHA-256, or proving that
unbalanced feistel networks are by nature flawed.
It is also very possible to create other ciphers
of very similar structure by using a hash other
than SHA-256 and scaling the various portions
accordingly.
Joseph Ashwood
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: zapzing <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto,alt.freespeech,talk.politics.misc
Subject: Re: I can post absolutely anything on the Internet for you to download.
Date: Wed, 25 Oct 2000 18:54:53 GMT
In article <[EMAIL PROTECTED]>,
Anthony Stephen Szopa <[EMAIL PROTECTED]> wrote:
> zapzing wrote:
> >
> > In article <[EMAIL PROTECTED]>,
> > Anthony Stephen Szopa <[EMAIL PROTECTED]> wrote:
> > > I can post absolutely anything on the Internet for you to
download.
> > >
> > > But then I suppose the government will outlaw the posting or
making
> > > available for download any file that is or appears to be random
data.
> >
> > Oh, why in the world would they do that?
> > Surely they would never suspect that a
> > file of apparently random numbers is
> > actually an encrypted file!
> >
> > > But you can use any file. Here's an example: create a file
> > > containing the text from an online encyclopedia. Then distribute
> > > a key such that when this key is XORed with the encyclopedia text
> > > file it results in the prohibited software.
> > >
> > > Your only minor problem is distribution of the key.
> >
> > And a minor problem it is, for sure.
> > They key is only as large as the original
> > file!
> >
> > > So for all you defeatists out there, I guess the government can
> > > always prohibit posting or making any file available on the
Internet
> > > to stop the transfer of prohibited material over the Internet.
> > >
> > > Oh, well.
> >
> > They have been there, done that, and
> > got the T-shirt. A conspiracy is already
> > illegal, whether the Internet is used
> > or not.
> >
> > --
> > Void where prohibited by law.
> >
> > Sent via Deja.com http://www.deja.com/
> > Before you buy.
>
> That's my point: why would they prohibit the posting or making
> available for download a random data file? A reasonable government
> wouldn't. But just try it in China or Russia or N. Korea. You
> might find yourself in prison where the door does not have key
> access to unlock it.
Well, to look at an analogous situation
in another area, it is already illegal in
many places to wear masks in public. I
think that sending encrypted files is not
much different, and it is probably only
a short time before they get around to
banning that activity, also.
And I don't think that "Gosh your honor,
it is just a file of random numbers,
really!" will work.
Or the government might not even bother
with passing a law, they would just make
sure that anyone who dared to send encrypted
files was ruined, economically and otherwise.
> Passing the key is only a minor problem. For example, beforehand, I
> could pass OAP-L3 encryption software with several keys to everyone
> I hoped to communicate with. This would put me in a position to
> generate unlimited decryption keys, encrypt them, and post them to
> these recipients. The postings or emails or whatever would appear
> to be nothing but random data or even encrypted messages. There is
> no law in passing encrypted messages. And if there were such a
> prohibitive law the software could be modified such that the
> encrypted messages could not be determined to be anything but
> random data and not necessarily encrypted messages.
>
> If you didn't know it, the keys in OAP-L3 are user determined. For
> instance, the key could be 20kb in length but with this encryption
> software it could generate 10 trillion random bytes.
>
> A conspiracy is not illegal. Everyone conspires every day of their
> lives. I think what you meant to say is a conspiracy to commit an
> illegal act is illegal. Yes?
Exactly. That was the context we were discussing.
--
Void where prohibited by law.
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: New Cipher
Date: 25 Oct 2000 19:35:17 GMT
[EMAIL PROTECTED] wrote in <8t79vl$pba$[EMAIL PROTECTED]>:
>I have a currently unnamed cipher design sitting
>here in front of me. It's extremely recent but
>it's showing some promise, if not for speed, than
>for security.
>
>First let me define the primitive, the primitive
>that I will call SHA, is SHA-256 WITHOUT the
>final counter, so if padding needs to be done, it
>is done using a 1 followed by 0s to fill the
>space, I've avoided the need for padding as much
>as possible
>
>
Do you mean your avoiding trying to solve the
problem of padding. How does one know that 1000 to fill
the space is not really part of the orignal file.
Why do people seem to mess this up so bad. FOLKS it
really is not that hard.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.xoom.com/ecil/index.htm
Scott LATEST UPDATED source for scott*u.zip
http://radiusnet.net/crypto/ then look for
sub directory scott after pressing CRYPTO
Scott famous Compression Page
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
------------------------------
From: jungle <[EMAIL PROTECTED]>
Subject: nothing has been posted between 2 am & 12 am today ...
Date: Wed, 25 Oct 2000 15:48:12 -0400
today nothing has been posted between 2 am & 12 am ...
yesterday nothing has been posted between 8 am & 3 pm ...
is this right ?
------------------------------
From: "Tony T. Warnock" <[EMAIL PROTECTED]>
Subject: Re: nothing has been posted between 2 am & 12 am today ...
Date: Wed, 25 Oct 2000 14:33:13 -0600
Reply-To: [EMAIL PROTECTED]
jungle wrote:
> today nothing has been posted between 2 am & 12 am ...
> yesterday nothing has been posted between 8 am & 3 pm ...
>
> is this right ?
Would that be daylight savings time?
Or GMT?
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: DATA PADDING FOR ENCRYPTION
Date: 25 Oct 2000 20:50:33 GMT
I did a search of the internet for IEEE encryption padding
I could not find much but below is a cutout of what was
typically found
http://www.google.com/search?q=cache:www.security.ece.orst.edu/documents/P1
363/12S_9403.txt+IEEE+padding+during+encryption+01+0202+030303&hl=en
the above is the URL to get it yourself
I stated I would look and comment on it for people.
one good thing is that in some ways it is unambigous.
What I mean by that is you can take can any byte type of
file pad and encrypt with key X then decrpyt with key X
and take the padding off cleanly and get the original
file. But it is not a good way to do padding for encryption
and only a fool or someone who does not know what they are
doing would use such a method since for example only certain
possible blocks exist for the last block. THIs means that
most test keys an enemy uses will not create a block that
could have resulted from the encryption. THis folks is not
good. It is adding information into the file that can make
it easier for an attacker to break. Why on earth would any
one recomend this unless it is for the NSA to make it easier
to break encryption.
It is not that hard to modify it so sometimes you add something
but not all the time that is a big mistake. Please AES people
do the dam thing correct in some sort of bijective way so that
an attacker doesn't get to rule out most of the keys as bad with
out really having to do so much work.
You can even use my code to do it if your people aren't smart
enough to figure out how to do it.
7.6.1.1.1 RFC 1423 Mechanism
The following padding mechanism from [w] should be used with DES-
CBC
if the data to be encrypted is octet aligned, unless the
security
policy dictates otherwise:
The input to the DES CBC encryption process must be padded to
a
multiple of 8 octet, in the following manner. Let n be the length
in
octets of the input. Pad the input by appending 8-(n mod 8) octet
to
the end of the message, each having the value 8-(n mod 8), the
number
of octets being added. In hexadecimal, the possible paddings
are:
01, 0202, 030303, 04040404, 0505050505, 060606060606,
07070707070707,
and 0808080808080808. All input is padded with 1 to 8 octets
to
produce a multiple of 8 octets in length. The padding can be
removed
unambiguously after decryption.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.xoom.com/ecil/index.htm
Scott LATEST UPDATED source for scott*u.zip
http://radiusnet.net/crypto/ then look for
sub directory scott after pressing CRYPTO
Scott famous Compression Page
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
------------------------------
From: "David C. Barber" <[EMAIL PROTECTED]>
Subject: Re: idea for spam free email
Date: Wed, 25 Oct 2000 13:58:07 -0700
"Ben Clifford" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> On Wed, 25 Oct 2000 01:01:46 GMT, G. Orme <[EMAIL PROTECTED]> wrote:
>
> A condition of use of most ISPs is that the subscriber agrees not to send
> spam. If someone receives spam, they can complain and perhaps after a
> warning that person is kicked out of the network.
> You scheme is already implemented.
The problem here is that you expect all ISPs to become your cops. Doesn't
happen. A new ISP can go for the business of people thrown off of other
ISPs. No law will stop them, and the Internet Death Penalty is seldom even
threatened.
*David Barber*
------------------------------
From: "David C. Barber" <[EMAIL PROTECTED]>
Subject: Is DES without IP/FP just as strong?
Date: Wed, 25 Oct 2000 14:00:42 -0700
After all these years of analysis, has a reason ever been found for the
initial/final permutation? I know it's not [true] DES without it, but has
it ever been found to strengthen or weaken the cipher?
*David Barber*
------------------------------
From: James Felling <[EMAIL PROTECTED]>
Subject: Re: On block encryption processing with intermediate permutations
Date: Wed, 25 Oct 2000 16:49:30 -0500
Bryan Olson wrote:
> <snip an excellent attack vs. Mok's scheme>
Mok:
Now the only way I can see of this scheme working in an even remotely
plausible way is by seperating the mixing from the feistel. This is
only accomplishable if the feistel is unballanced, or in the case of a
balanced feistel, if the block is divided into an odd number of pieces
by the permuataion. Otherwise this attack applies, as one can always
find a set of properly formed blocks to peel off a 2 round pair.
Unfortunately most cyphers use block sizes that are power of two bits in
size. This will limit the aplicability of this method. In addition
such splitting will likely result in a substantial slowdown of the
cypher. OTOH, in these cases, this attack fails, and I have trouble
seeing an alternate line of attack. Brian?
------------------------------
From: jungle <[EMAIL PROTECTED]>
Subject: Re: nothing has been posted between 2 am & 12 am today ...
Date: Wed, 25 Oct 2000 17:55:53 -0400
NYC time, -4 hours adjustment from GMT ...
"Tony T. Warnock" wrote:
>
> jungle wrote:
>
> > today nothing has been posted between 2 am & 12 am ...
> > yesterday nothing has been posted between 8 am & 3 pm ...
> >
> > is this right ?
>
> Would that be daylight savings time?
> Or GMT?
------------------------------
From: jungle <[EMAIL PROTECTED]>
Subject: Re: idea for spam free email
Date: Wed, 25 Oct 2000 17:58:07 -0400
law will stop spam, but we don't have ANTI - SPAM law
"David C. Barber" wrote:
>
> "Ben Clifford" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > On Wed, 25 Oct 2000 01:01:46 GMT, G. Orme <[EMAIL PROTECTED]> wrote:
> >
> > A condition of use of most ISPs is that the subscriber agrees not to send
> > spam. If someone receives spam, they can complain and perhaps after a
> > warning that person is kicked out of the network.
> > You scheme is already implemented.
>
> The problem here is that you expect all ISPs to become your cops. Doesn't
> happen. A new ISP can go for the business of people thrown off of other
> ISPs. No law will stop them,
law will stop spam, but we don't have ANTI - SPAM law
> and the Internet Death Penalty is seldom even
> threatened.
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: Is DES without IP/FP just as strong?
Date: Wed, 25 Oct 2000 21:55:53 GMT
In article <8t7hp9$10q7$[EMAIL PROTECTED]>,
"David C. Barber" <[EMAIL PROTECTED]> wrote:
> After all these years of analysis, has a reason ever been found for
the
> initial/final permutation? I know it's not [true] DES without it,
but has
> it ever been found to strengthen or weaken the cipher?
Yes, without the IP/IP' the cipher is weak when in a CFB-m mode where
m<64.
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED] (Vernon Schryver)
Subject: Re: idea for spam free email
Date: 25 Oct 2000 16:12:23 -0600
In article <8t7hkf$10mc$[EMAIL PROTECTED]>,
David C. Barber <[EMAIL PROTECTED]> wrote:
> ...
>The problem here is that you expect all ISPs to become your cops. Doesn't
>happen. A new ISP can go for the business of people thrown off of other
>ISPs. No law will stop them, and the Internet Death Penalty is seldom even
>threatened.
That is wrong on several counts. See news.admin.net-abuse.* and consider
the various anti-spam mechanisms from laws to commercial outfits like
Brightlight to non-profit organizations such as MAPS.
Laws have already had significant effects on email spam and more are
coming.
In the long run, the Internet will be segregated into reputable and other
kinds of regions. The reputable parts will refuse all email from the
other parts, and the other parts will be filled with spam. To a large
extent, that has already happened, since for a year or three, about 40%
of all mailboxes have been protected by the RBL.
The main form of the RBL is a BGP feed of blackhole routes. IP addreses
in the RBL are unreachable by about 40% of the Internet. Read more about
the RBL, DUL, and RSS at MAPS's home at http://www.mail-abuse.org
Vernon Schryver [EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: New Cipher
Date: Wed, 25 Oct 2000 22:17:08 GMT
> Do you mean your avoiding trying to solve the
> problem of padding.
You obviously can't pay attention even long enough to comprehend even a
very simple cipher. I was defining a building block of the cipher, in
defining that building block the length of the information is known,
therefore the padding is simply to accomodate the length requirements
of the hash being used (SHA-256). Since the length is known, and since
these hash values are not going to be published, there is no need for
the counter, all the counter does is add compute time, therefore I
removed it.
>How does one know that 1000 to fill
> the space is not really part of the orignal file.
Because you know the length of the KEY, there is no file involved with
this, only a key and a block.
You really should try taking your head out of whatever smelly place
it's in and thinking. I of course welcome any (thought-based) comments
on the cipher.
Joe
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: On block encryption processing with intermediate permutations
Date: Thu, 26 Oct 2000 00:45:02 +0200
Bryan Olson wrote:
..........
[snip]
Thank you very much for helping me understand your ingeneous
attack.
I think that it could be said that the disaster comes from
the interesting fact that permutation, while tending to
produce some mixing-up thus confounding the analyst, may
itself under circumstances provide certain information
which could be very significant and overweighing as your
attack clearly indicates.
A potential way of repair to avoid the attack is through
introducing still more 'complications' and thus more
computing cost via inter-cycle block chanining (with random
IVs) and random rotations as I mentioned in addenda to my
original post. Of course, the question whether such
'complicated' maneuvres could be justified must be very
carefully examined.
Thanks once again for letting me learn a lot.
M. K. Shen
------------------------------
From: Simon Johnson <[EMAIL PROTECTED]>
Subject: Re: New Cipher
Date: Wed, 25 Oct 2000 22:34:56 GMT
In article <8t79vl$pba$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> I have a currently unnamed cipher design sitting
> here in front of me. It's extremely recent but
> it's showing some promise, if not for speed, than
> for security.
>
> First let me define the primitive, the primitive
> that I will call SHA, is SHA-256 WITHOUT the
> final counter, so if padding needs to be done, it
> is done using a 1 followed by 0s to fill the
> space, I've avoided the need for padding as much
> as possible
>
> | is concatenation
> XOR is the bitwise eXclusive-OR of the two values
> % is modular division
>
> Key = an arbitrarily sized key, 128 bits or
> longer, preferably 256+n*512 bits.
> RoundKey = SHA(Key)
> Block = 1024 bit block of binary data, split into
> four parts referred to as Block(0) through Block
> (3)
> Feistel is a 256-bit temporary variable
>
> for Round = 0 to ceiling(length(key)/16)
> for i = 0 to 3
> RoundKey = SHA(RoundKey | Key)
> Feistel = SHA(RoundKey | Block(i+1 % 4) |
> Block(i+2 % 4) | Block(i+3 % 4))
> Block(i) = Block(i) XOR Feistel
> end for i
> end for Round
>
> The basic concept for security is that it is
> expectable that breaking the cipher will be
> equivalent to breaking SHA-256, or proving that
> unbalanced feistel networks are by nature flawed.
> It is also very possible to create other ciphers
> of very similar structure by using a hash other
> than SHA-256 and scaling the various portions
> accordingly.
> Joseph Ashwood
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.
>
SHA-256 is probably a bad choice of hash, since its quite slow for this
purpose. A self-shrinking LFSR would work faster, with (probably)
better security. I know you said speed isn't a priority, but if you can
make it faster why not?
As for the security of the construction, who knows? I'm not in a
position to make any original comments on this construction. But bear
in mind, Linear cryptanalysis isn't a viable attack on Hashing
Algorithm. Its dangerous using such a construction, because you're
allowing the Hash to be attacked in ways it probably wasn't designed to
be resistant to.
I therefore a reason that replacing a Self-Shrinking LFSR would be
fast and probably more secure. Who knows?
--
Hi, i'm the signuture virus,
help me spread by copying me into Signiture File
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Simon Johnson <[EMAIL PROTECTED]>
Subject: Re: Is DES without IP/FP just as strong?
Date: Wed, 25 Oct 2000 22:42:11 GMT
In article <8t7kt5$3jd$[EMAIL PROTECTED]>,
Tom St Denis <[EMAIL PROTECTED]> wrote:
> In article <8t7hp9$10q7$[EMAIL PROTECTED]>,
> "David C. Barber" <[EMAIL PROTECTED]> wrote:
> > After all these years of analysis, has a reason ever been found for
> the
> > initial/final permutation? I know it's not [true] DES without it,
> but has
> > it ever been found to strengthen or weaken the cipher?
>
> Yes, without the IP/IP' the cipher is weak when in a CFB-m mode where
> m<64.
>
> Tom
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.
>
Hrm, did not know this. But, it affects ECB in no-way what's so ever.
--
Hi, i'm the signuture virus,
help me spread by copying me into Signiture File
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Simon Johnson <[EMAIL PROTECTED]>
Subject: Factoring Polynomials
Date: Wed, 25 Oct 2000 22:45:55 GMT
Is factoring polynomials also an NP problem for large order
polynomials just as factoring an integer is?
If so, it should be possible to make a type of RSA using polynomials
yeah? - Just an idea. :)
--
Hi, i'm the signuture virus,
help me spread by copying me into Signiture File
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: "Peter Thorsteinson" <[EMAIL PROTECTED]>
Subject: Is OPT the only encryption system that can be proved secure?
Date: Wed, 25 Oct 2000 23:06:26 GMT
This much I know:
Currently, it is commonly accepted that the xor-based one time pad (OTP) is
the only perfectly secure cipher encryption system that has been
mathematically proven impregnable by way of cryptanalysis. No other
encryption systems currently in the public knowledge have been proven
secure.
Now, my question is:
Has there been any mathematical proof developed that shows that the OTP is
the only encryption system that can be provably secure. If anyone knows of
any references, I would much appreciate it.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
