Cryptography-Digest Digest #25, Volume #13 Sat, 28 Oct 00 11:13:01 EDT
Contents:
Re: Psuedo-random number generator (Tom St Denis)
Re: Psuedo-random number generator (Tim Tyler)
Re: Psuedo-random number generator (Herman Rubin)
Re: BEST BIJECTIVE RIJNDAEL YET? (John Savard)
Re: Is OPT the only encryption system that can be proved secure? (SCOTT19U.ZIP_GUY)
Re: Open Request to Dr. Kaliski, Jr. at RSA Research - looking for your (anish)
Re: DATA PADDING FOR ENCRYPTION (Tim Tyler)
Re: BEST BIJECTIVE RIJNDAEL YET? (Tim Tyler)
Re: BEST BIJECTIVE RIJNDAEL YET? (Tim Tyler)
Re: Rijndael and PGP (SCOTT19U.ZIP_GUY)
Re: BEST BIJECTIVE RIJNDAEL YET? (SCOTT19U.ZIP_GUY)
Re: Hardware RNGs (zapzing)
Re: BEST BIJECTIVE RIJNDAEL YET? (Tom St Denis)
Re: Hardware RNGs (zapzing)
Re: BEST BIJECTIVE RIJNDAEL YET? (SCOTT19U.ZIP_GUY)
----------------------------------------------------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: Psuedo-random number generator
Date: Sat, 28 Oct 2000 13:10:18 GMT
In article <8tecqo$bjr$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (Paul Schlyter) wrote:
> In article <E4yK5.3$[EMAIL PROTECTED]>,
> Nick Field <[EMAIL PROTECTED]> wrote:
> >Hi All,
> > why go to all this trouble when standard itterative formulae can
> > generate absolutely random numbers.
>
> Because such formulae cannot generate "absolutely random numbers". NO
> formula can do that -- you'll need some external unpredictable event
> (such as radiactive decay of atoms, or noise from some hardware noise
> source) to get anywhere near "absolutely random numbers".
I would argue that even real life events are not totally random. The
decay of an atom is not predictable because we can't properly observe
it. Simple as that.
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: Psuedo-random number generator
Reply-To: [EMAIL PROTECTED]
Date: Sat, 28 Oct 2000 13:14:55 GMT
Nick Field <[EMAIL PROTECTED]> wrote:
: why go to all this trouble when standard itterative formulae can
: generate absolutely random numbers.
You are clearly in a state of sin ;-)
--
__________ Lotus Artificial Life http://alife.co.uk/ [EMAIL PROTECTED]
|im |yler The Mandala Centre http://mandala.co.uk/ Chaste makes waste.
------------------------------
From: [EMAIL PROTECTED] (Herman Rubin)
Subject: Re: Psuedo-random number generator
Date: 28 Oct 2000 08:29:05 -0500
In article <E4yK5.3$[EMAIL PROTECTED]>,
Nick Field <[EMAIL PROTECTED]> wrote:
>Hi All,
> why go to all this trouble when standard itterative formulae can
>generate absolutely random numbers.
There is NO way that ANY computer program can generate
"absolutely random numbers". They will fail the test
that they are generated by the formula; random numbers
have the property that no rule not observing the actual
numbers after some point does better than chance at
predicting anything after that point. Computing is not
the same as observing.
--
This address is for information only. I do not claim that these views
are those of the Statistics Department or of Purdue University.
Herman Rubin, Dept. of Statistics, Purdue Univ., West Lafayette IN47907-1399
[EMAIL PROTECTED] Phone: (765)494-6054 FAX: (765)494-0558
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: BEST BIJECTIVE RIJNDAEL YET?
Date: Sat, 28 Oct 2000 12:27:37 GMT
On 27 Oct 2000 12:43:31 GMT, [EMAIL PROTECTED]
(SCOTT19U.ZIP_GUY) wrote, in part:
> What you fail to see is that if one did make a "perfect compreesor"
>for a class of wordprocessors and languages. It would not be perofect
>for a man who only writes in one language and in one style say with
>edit on a DOS machine.
I should have noted here that I didn't fail to see that - I was trying
to illustrate just how difficult and impractical it would be to design
a "perfect compressor", and that is just one more reason why that is
so.
I've known that I have done you one injustice: in my page "Tying up
loose ends", I had completely avoided mentioning your name. Although I
suspect the basic idea behind making Huffman coding bijective
originated quite a while ago - and what I present is not exactly your
method, and so I don't want to misrepresent you either - I have come
up with what I hope is appropriate wording to give credit where it is
due, and add a pointer to Mr. Timmermans' program as well.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Is OPT the only encryption system that can be proved secure?
Date: 28 Oct 2000 13:36:44 GMT
[EMAIL PROTECTED] (Richard Heathfield) wrote in
<[EMAIL PROTECTED]>:
>
>If you liked your code to work, you too would pay attention to
>diagnostics. Since you clearly don't care about diagnostics, I must
>conclude that you aren't fussed whether your code works or not.
>
Then your making another mistake. scott18u evolved through
many hours of testing on my 486 which is dead. I no longer even
have all the test code. But I learned years ago testing is the
way to check ones code to see if it works. Not blindly worrying
about warnings that get in your way.
>1) <shrug> I bet Get_nBit_Int() works a damn sight faster under Linux
>than get19() does.
>2) Performance isn't (or, at least, wasn't) the issue here. You said it
>was simply not possible to do this in portable C. But I have shown that
>it is not only possible but trivial.
Actually the issue was wether scott19u could trivially be turned
into funtional highly portable code. You have some code that replace
some of it. Granted it may be one of the harder parts (if it works)
but you have not shown that converting the whole program is protable.
I did have mnay macros that tested while on an individual
basis but when I but them all together the complier went into never
never land. I think some interal stack overflowed.
>3) If speed is so crucial to you, why is your program so bloody slow?
scott16u is more optimezied for speed. I have stated many time
scott19u is dam slow. Even after I made it my son and I use modifed
scott16u for our encryption purposes. It is slow due to the 19 bit
word sizes. I used 19 bits since that is max size with this structure
one could carry a single keyfile on a 3.5" floppy. People thought
scott16u was to big so I made one bigger. However I must say on my
K6-III it really flies and as computers are only going to get faster
with more memory scott21u may not be that far away.
>No, don't do that. These functions belong in C files, not H files. They
>are source code, not type definitions.
THere are no rules about not having function in include files.
Is this some rule that purists are going to force in as just
becasue they don't like the current capabilites that they will
weaken C as they did with octal constant conversions.
>
>> I saved the file and will look at it when I get to it.
>
>So your comments about the code have been based entirely on a quick
>glance? That doesn't sound too bright. But maybe there's something about
>the code you don't understand. If so, please point out the lines of code
>you're having trouble with, and I'll do my best to explain.
If you want I will comment more after I test it but may main concern
know is compression. I hope your still out there six months from
know. I did not say anything I did not understand in it on a quick
glance. But if its good I will palce your name in the include file
which is where I would put it.
>
>> But I have to
>> warn you people made numberous comments on scott16u most where wrong
>> about how it worked.
>
>a) I have never commented on scott16u.
>b) If it's anything like scott19u, I am not surprised people found it
>hard to follow.
>
>> And what people said would work faster did not.
>
>The way to optimise scott19u is to ditch it altogether. I don't know how
>you manage to make it so slow, but it can't be the fault of anything but
>the algorithm. I'm not claiming I understand the algorithm - I don't.
Acatually people complained that scott16u could not do what I said
it would do since many felt it would take to longer to execute code
to build a 16 bit table. That was a single cycle perutation. Even
Ritter at first thought it could not do what it did in such a short
time.
I don't mean to use Ritters name in a bad way. He is an honest
man that had honest doubts. At least he give it an Honest look which
is more than MR BS and Wagner did. I also used his name since his is
easy to remember but it was honest open dialog bewteen us,
>But I do know that it's significantly slower than other algorithms, and
>also can only be built by one compiler. Throw it out and start again,
>this time choosing a faster algorithm - if it's O(n^3), try to make it
>O(n^2) and that would probably be a good enough improvement.
>
I think the actaully nethod is trival if you look at Horst write
up you can see its bascially only a 19 bit look up table. THe part
that is slow is getting building the two tables in memory from the
encrypted keyfile. One easy speed up to make the two tables on 32 bit
arrays where each 19 bits of table space sit in a 32 bit word. But
that wastes a lot of memory and its a memory hog right now.
Many times at work I found it easyer to recode code for a new
machine than to try to port something and get it to work.
>> But I can see that for most C's there will be an implementation
>> problem in general so this might great help to someone interesting
>> in converting it to another compiler. Thanks!
>
>You're welcome. So is anyone else who wants to use that code. Credits in
>the source code comments would be appreciated where appropriate.
No problem. I think I have credit in it now to Paul Onions, He did
not supply the source code but the spark for the first nad last round.
>
>
>
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.xoom.com/ecil/index.htm
Scott LATEST UPDATED source for scott*u.zip
http://radiusnet.net/crypto/ then look for
sub directory scott after pressing CRYPTO
Scott famous Compression Page
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
------------------------------
From: anish <[EMAIL PROTECTED]>
Subject: Re: Open Request to Dr. Kaliski, Jr. at RSA Research - looking for your
Date: Sat, 28 Oct 2000 15:44:03 +0200
Reply-To: [EMAIL PROTECTED]
"John A. Malley" wrote:
> Dr. Kaliski,
>
> Can you help me find an electronic/on-line copy of your MIT PhD Thesis,
> "Elliptic Curves and Cryptography: A Pseudorandom Bit Generator and
> Other Tools", dated January 1988? I'm researching an interesting
> problem in PRNG with elliptic curves and my search lead to your thesis.
> Unfortunately MIT did not post an electronic copy of it. And a trip to
> Boston is right out. :-)
>
> No email address is given for you at RSA Labs, hence my appeal via this
> USENET group.
>
> Mr. Silverman, should you read this, would you be so kind as to relay my
> request to Dr. Kaliski?
>
> Thank you in advance,
>
> John A. Malley
> [EMAIL PROTECTED]
sir ,
I too would like to say the same about the thesis , search for the same
turned out to be futile . BTW I was a lot more curious to know about the
contents of it , rather a novices interst in the ECC lead me there . Mike
I am sorry for wandering around , I just wanted to see what was inside .
anish
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: DATA PADDING FOR ENCRYPTION
Reply-To: [EMAIL PROTECTED]
Date: Sat, 28 Oct 2000 13:36:50 GMT
SCOTT19U.ZIP_GUY <[EMAIL PROTECTED]> wrote:
[RFC 1423 padding mechanism]
Here's what Applied Cryptography has to say about padding:
``Pad the last block with some regular padding - zeros, ones, alternating
ones and zeros - to make it a complete block. If you need to delete the
padding after decryption, add the number of padding bytes as the last
byte of the last block.'' -2nd ed. p. 190.
So far, not very good (from the known-plaintext POV). However,
we also have a method which does not change the size of the message.
The idea is to encrypt the last full block *again* truncate this to the
size of any short block at the end and XOR this with the plaintext of
the short block (rather than encrypting that with the cypher).
This means that the OFB-like bit-flipping attacks can only be applied to
the short block at the end. (2nd e. p. 195 for details).
This method gets a bijection - at the expense of not encrypting the end
of the file very securely.
--
__________ http://alife.co.uk/ http://mandala.co.uk/
|im |yler [EMAIL PROTECTED] http://hex.org.uk/ http://atoms.org.uk/
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: BEST BIJECTIVE RIJNDAEL YET?
Reply-To: [EMAIL PROTECTED]
Date: Sat, 28 Oct 2000 13:43:27 GMT
Tom St Denis <[EMAIL PROTECTED]> wrote:
: [EMAIL PROTECTED] wrote:
:> Tom St Denis <[EMAIL PROTECTED]> wrote:
:> : [EMAIL PROTECTED] wrote:
:> :> Tom St Denis <[EMAIL PROTECTED]> wrote:
:> :> : [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) wrote:
:> :> :> http://www3.sympatico.ca/mtimmerm/bicom/bicom.html
:> :>
:> :> : Perhaps us "know nothing" people prefer to leave our security to
:> :> : security related algorithms.
:> :>
:> :> I believe that's why the product includes a bijective version of
:> :> Rijndael [...]
:>
:> : Of course Rijndael is bijective it's a friggin block cipher.
:>
:> That's not the point. Have you considered issues related to dealing
:> with files which are not exact multiples of the Rijndael block length?
: Yeah, you pad the last block with nonse and just remove it when you're
: decrypting. [...]
If you do this you are likely to find you don't have a bijection any more.
:> Can you point me at any other implementation of Rijndael where
:> decrypting an arbitrary cyphertext, and re-encrypting again with the
:> same key produces exactly the same file?
: So you're saying because you can decrypt 6-byte (or so) files and re-
: encrypt it to the same 6-byte file that you have done what? [...]
"Obtained a bijection". Consequently, there are 0 bits of probable
known plaintext added.
: Like I said I could use a OFB mode and do that... whoopy-doo.
Not without compromising security - or signing everything.
A server spitting out encrypted URLs to a client it has established a
shared secret with it may not necessarily *want* to sign each message -
since that is likely to bump up the bandwidth and take longer to process.
--
__________ http://alife.co.uk/ http://mandala.co.uk/
|im |yler [EMAIL PROTECTED] http://hex.org.uk/ http://atoms.org.uk/
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: BEST BIJECTIVE RIJNDAEL YET?
Reply-To: [EMAIL PROTECTED]
Date: Sat, 28 Oct 2000 13:49:13 GMT
Tom St Denis <[EMAIL PROTECTED]> wrote:
: [EMAIL PROTECTED] wrote:
:> Tom St Denis <[EMAIL PROTECTED]> wrote:
:> : Of course I could use Rijndael in a feedback mode (OFB) to get a
:> : keystream and encode 5-bit msgs if I like.
:>
:> [...] that would allow bit-flipping attacks on the cyphertext in the
:> absence of signatures - not desirable.
:>
:> OFB mode is not widely used for this sort of good reason. [...]
: True, which is why I wouldn't do it. I am just showing that I too can
: encrypt odd sized messages.
It's easy to encrypt odd-size messages - use a Caesar cypher.
The trick is to deal with the odd sizes as securely as possible.
--
__________ Lotus Artificial Life http://alife.co.uk/ [EMAIL PROTECTED]
|im |yler The Mandala Centre http://mandala.co.uk/ Chaste makes waste.
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Rijndael and PGP
Date: 28 Oct 2000 14:05:41 GMT
[EMAIL PROTECTED] (Richard Heathfield) wrote in
<[EMAIL PROTECTED]>:
>"SCOTT19U.ZIP_GUY" wrote:
>>
>> [EMAIL PROTECTED] wrote in <8tciik$31q$[EMAIL PROTECTED]>:
>>
>> >In article <[EMAIL PROTECTED]>,
>> > [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) wrote:
>> >> I disagree strongly.
>> >Right there you've given enough information for a reasonable person to
>> >strongly agree. Of course it doesn't hurt that you have contradicted
>> >the statements of every major cryptanalyst, made a mockery of yourself,
>> >and been a pretender to the thrown for as long as I've been around.
>> >
>>
>> I'm retired so I don't have to kiss ass. I am still allowed
>> to tell the truth. I have never been a pretender to the throne
>
>That's not what he said. He said "thrown", not "throne". It was a pun,
>which is a kind of joke based on homophones which have distinctly
>different spellings and meanings.
Tricky I didn't catch it thanks. When I read I sound things out
in my mind and get the word that way. It hard to catch things like
that with out lots of thoufht. Some words have no sound like Rijndael
so I guess I currently spell it the same way in most new posts. IN
old I may have just written R. I do have trouble reading and spelling
I always have, I called my last boss after I retired and when I took
a job suposily to do real engineering all that had my do was to correct
documents in WORD. My old boss jut started rolling on the floor laughing
I can;t even read my handwritting if its a few weeks old. But that
is life. I also don't see many misspellings till I read what I wrote
a day later. I think my mind correctly changes the word to a sound
so its not easy to catch mistakes when writting. With out so much
thought that its hard to remember what was really being written.
It slows one down so much. I prefer code with comments at
start of routine but just want simple symbols for the work. I
really tried to make soctt19u easy for some one to follow there
are really lots of comments, Much more than in the source code
of bzip2.
>
>As for telling the truth, you claim to be a former Government Real Time
>Computer Expert, yet you can't spell "Government" consistently (in fact,
>you can't spell /anything/ consistently, but we'll skip over that), your
>code is so slow that it can't even run in Pretend Time, let alone real
>time, and as for being a computer expert, you don't even properly know
>the definition of the language in which you program, and are incapable
>of understanding the importance either of portability or of compiler
>diagnostics. If you are indeed telling the truth about all this, you
>make a mockery of your Government's staff selection procedures.
>
Actually most of the work envolved quick work in the machine
language of the machine in use. I was even put on projects that
others worked for years. And had to start from strach and got results
in less than a few weeks. On machines or boards I have only seen
for that project only. I was pretty good in my day on ttl logic
design. One day helping a guy trouble shout his board and replaced
the whole thing with a few nand gates with feedback. Those where
the good old days. As one boss said that makes me proud. He said
I have never meet ant one like you in gvenrment service before
some people totally hate your guts. And others totally like you.
Yet you seem to not interact with most management well. Will have
to hide you in the back room so you can fix the problems no one
else seems to be able so solve.
However youd be proud of my government today. I don't think
its as honest and I don't think as much gets done. But they
where nice cloths and lie with a smile on there face. But the
form and not the sbustance is what you seem to like.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.xoom.com/ecil/index.htm
Scott LATEST UPDATED source for scott*u.zip
http://radiusnet.net/crypto/ then look for
sub directory scott after pressing CRYPTO
Scott famous Compression Page
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: BEST BIJECTIVE RIJNDAEL YET?
Date: 28 Oct 2000 14:21:16 GMT
[EMAIL PROTECTED] (Tim Tyler) wrote in <[EMAIL PROTECTED]>:
>Tom St Denis <[EMAIL PROTECTED]> wrote:
>: In article <[EMAIL PROTECTED]>,
>: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) wrote:
>:> [EMAIL PROTECTED] (Tom St Denis) wrote in
>: <8tc87m$phb$[EMAIL PROTECTED]>:
>:> > [EMAIL PROTECTED] wrote:
>:> >> Tom St Denis <[EMAIL PROTECTED]> wrote:
>:> >> : [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) wrote:
>
>:> >> :> http://www3.sympatico.ca/mtimmerm/bicom/bicom.html
>:> >>
>:> >> : Perhaps us "know nothing" people prefer to leave our security to
>:> >> : security related algorithms.
>:> >>
>:> >> I believe that's why the product includes a bijective version of
>:> >> Rijndael - without that there would be no security at all.
>:> >
>:> >Of course Rijndael is bijective it's a friggin block cipher. [...]
>:>
>:> Tom you always shot your mouth off with out little thought,
>:> What other implementaion of Rijndael is really bijective[?]
>
>: Rijndael is not defined for 1-byte blocks so technically what "matt"
>: did is not Rijndael.
>
>What Matt did is wrap Rijndael in a bijection to 8-bit units and wrap that
>in a compression routine. It's still Rijndael underneath.
>
>You might as well claim PGP doesn't use IDEA - because it adds compression
>before encrypting.
>
>: Of course I could use Rijndael in a feedback mode (OFB) to get a
>: keystream and encode 5-bit msgs if I like.
>
>: So what?
>
>So - that would allow bit-flipping attacks on the cyphertext in the
>absence of signatures - not desirable.
>
>OFB mode is not widely used for this sort of good reason. I would not
>recommend that people use Rijndael in OFB mode for encrypting messages.
Tim I am not sure it is worth replying to Tom. THough I make that
mistake myself form time to time. He is so full of shit. He really
has not the foggest idea of what Matt did. He thinks Matt used some
preiously used mode. His pee brain can't comprehend some one actually
using intelligent optimal endhandling to make the thing completely
bijective. He has no idea what bijection to the whole 8bit file space
means. I really can't see why this is not commonly done unless somehow
people like TOM get a software virus of the brain that does not allow
them to see the obvious. I really find it hard to bleieve Mr BS and
Wagner seem so clueless in this ares of crypto too. Unless they want
to keep people in the dark about information theorical concerns with
encryption. I would like to hear you thoughts on why this actaully
realitively simple concept casues such hostility and why peoples
brains seem so incapble of seeing the obvious. Especailly after the
work Shanon did.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.xoom.com/ecil/index.htm
Scott LATEST UPDATED source for scott*u.zip
http://radiusnet.net/crypto/ then look for
sub directory scott after pressing CRYPTO
Scott famous Compression Page
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
------------------------------
From: zapzing <[EMAIL PROTECTED]>
Subject: Re: Hardware RNGs
Date: Sat, 28 Oct 2000 14:19:31 GMT
In article <8tah71$e15$[EMAIL PROTECTED]>,
Tom St Denis <[EMAIL PROTECTED]> wrote:
> In article <[EMAIL PROTECTED]>,
> David Schwartz <[EMAIL PROTECTED]> wrote:
> >
> > Tom St Denis wrote:
> >
> > > The problem is that virtually of the lsb's on my comp are zeroes,
> with
> > > a few ones... In fact last time I counted the ratio was about 7 to
> 1.
> > > This means you need to gather about 100,000 bits before you can
> safely
> > > have about 160 bits (using SHA-1). However, the problem gets
> > > worse...you must sample very slowly, otherwise the samples are
> > > correlated... Thus sample at about 8khz. At 8khz it will take
12.5
> > > seconds to gather enough inputs....
> >
> > If you are correct that one in every eight bits is a one and
> they are
> > otherwise uncorrelated, you should need no more than 512 bits of
input
> > to get 160 bits of entropy. Two hundred milliseconds worth of data
> > should be perfect.
>
> I wouldn't trust it either way. It's not meant to be a RNG....
:) As if anything was *meant* to
be an HRNG :)
--
Void where prohibited by law.
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: BEST BIJECTIVE RIJNDAEL YET?
Date: Sat, 28 Oct 2000 14:17:00 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> "Obtained a bijection". Consequently, there are 0 bits of probable
> known plaintext added.
Well if you append random garbage how much of it is "probable"? :-)
> : Like I said I could use a OFB mode and do that... whoopy-doo.
>
> Not without compromising security - or signing everything.
>
> A server spitting out encrypted URLs to a client it has established a
> shared secret with it may not necessarily *want* to sign each
message -
> since that is likely to bump up the bandwidth and take longer to
process.
You could use a HASH-MAC or something then.
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: zapzing <[EMAIL PROTECTED]>
Subject: Re: Hardware RNGs
Date: Sat, 28 Oct 2000 14:26:12 GMT
In article <[EMAIL PROTECTED]>,
David Schwartz <[EMAIL PROTECTED]> wrote:
>
> David Schwartz wrote:
> >
> > Tom St Denis wrote:
> >
> > > The problem is that virtually of the lsb's on my comp are zeroes,
with
> > > a few ones... In fact last time I counted the ratio was about 7 to
1.
> > > This means you need to gather about 100,000 bits before you can
safely
> > > have about 160 bits (using SHA-1). However, the problem gets
> > > worse...you must sample very slowly, otherwise the samples are
> > > correlated... Thus sample at about 8khz. At 8khz it will take
12.5
> > > seconds to gather enough inputs....
> >
> > If you are correct that one in every eight bits is a one and
they are
> > otherwise uncorrelated, you should need no more than 512 bits of
input
> > to get 160 bits of entropy. Two hundred milliseconds worth of data
> > should be perfect.
>
> If anyone cares, if a bit has a one in eight change of being a
one and
> a seven in eight chance of being a zero and are otherwise random, each
> bit contains .5275 bits of entropy. Therefore you theoretically need
303
> bits in to get 160 out. 512 should be more than enough.
Indeed. I didn't bother to do the
math, I just thought of it this way:
if an eight dbit byte has exactly one
"1" and seven "0"s , then it would take
three bits to describe the position of
the "1". As a matter of fact, this could
yield an improvenet in the Von Neumann
compensator, by examining eight bits at
a time instead of two. You would only have
to throw out the cases where you got
eight "1"s or eight "0"s. Cases with
exactly one "1" or "0" would yield
three bits, but it gets a little more
complex from there.
--
Void where prohibited by law.
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: BEST BIJECTIVE RIJNDAEL YET?
Date: 28 Oct 2000 14:36:11 GMT
[EMAIL PROTECTED] (John Savard) wrote in
<[EMAIL PROTECTED]>:
>On 27 Oct 2000 12:43:31 GMT, [EMAIL PROTECTED]
>(SCOTT19U.ZIP_GUY) wrote, in part:
>
>> What you fail to see is that if one did make a "perfect compreesor"
>>for a class of wordprocessors and languages. It would not be perofect
>>for a man who only writes in one language and in one style say with
>>edit on a DOS machine.
>
>I should have noted here that I didn't fail to see that - I was trying
>to illustrate just how difficult and impractical it would be to design
>a "perfect compressor", and that is just one more reason why that is
>so.
>
I see lying is OK if you can strech a point. Youd be one hell of
a politician I poiont out your lying and then you say that it proves
your own point.
>I've known that I have done you one injustice: in my page "Tying up
>loose ends", I had completely avoided mentioning your name. Although I
>suspect the basic idea behind making Huffman coding bijective
>originated quite a while ago - and what I present is not exactly your
>method, and so I don't want to misrepresent you either - I have come
I think I fixed you method by pointing out obvious errors. I think
though its hard to really judge your method since words are so
impercise. I would have to have REAL CODE TO TEST. it one thing to
clain something yet mess the lose ends until you have a working
program.
>up with what I hope is appropriate wording to give credit where it is
>due, and add a pointer to Mr. Timmermans' program as well.
Where is this pointer to Matts I would like to see the page
Im curous as to what you say about it before you point to it.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.xoom.com/ecil/index.htm
Scott LATEST UPDATED source for scott*u.zip
http://radiusnet.net/crypto/ then look for
sub directory scott after pressing CRYPTO
Scott famous Compression Page
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
