Cryptography-Digest Digest #123, Volume #13 Wed, 8 Nov 00 15:13:00 EST
Contents:
Re: On the Limits of Digital Rights Management Systems in Consumer Market Contexts
(Scott Craver)
Re: ECC choice of field and basis (Anwar Hasan)
CHALLENGE TO cryptanalysts ("Melinda Harris")
Re: Updated XOR Software Utility (freeware) Version 1.1 from Ciphile (Anthony
Stephen Szopa)
Re: Updated XOR Software Utility (freeware) Version 1.1 from Ciphile (Scott Craver)
Re: Updated XOR Software Utility (freeware) Version 1.1 from Ciphile (Anthony
Stephen Szopa)
Re: Updated XOR Software Utility (freeware) Version 1.1 from (Anthony Stephen Szopa)
Re: Updated XOR Software Utility (freeware) Version 1.1 from Ciphile (David
Schwartz)
Re: Updated XOR Software Utility (freeware) Version 1.1 from Ciphile (Anthony
Stephen Szopa)
Re: Updated XOR Software Utility (freeware) Version 1.1 from Ciphile (Anthony
Stephen Szopa)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Scott Craver)
Subject: Re: On the Limits of Digital Rights Management Systems in Consumer Market
Contexts
Date: 8 Nov 2000 19:06:02 GMT
In article <[EMAIL PROTECTED]>, <Peter Cassidy at Boston> wrote:
>
>"Will Fixation on Security Silence the Trumpets of Fame?"
>
>by Scott Moskowitz and Peter Cassidy, Blue Spike, Inc.
I couldn't agree more.
Once an industry begins to view new discoveries and new technology
(e.g., the Internet, yeah, that's "new," isn't it) as a threat rather
than a new opportunity, that industry has ceased to adapt. A company
who sees fit to fight online music distribution and MP3 players, does
not understand that the onus is upon the company to adapt; not upon
consumers, nor upon all other companies, nor upon the landscape to
just not change in any manner harmful to market share.
This is especially important with companies heavily reliant upon
technology, which the recording industry is most certainly. All
technologies run the risk of being devalued by future discoveries.
Also, we are beginning to see that the industry must not simply adapt,
but adapt very quickly. The longer we go without that complete music
and entertainment distribution system we've been promised ever since
the Internet became trendy, the more we are exposed to better and
better unencumbered systems, and that sets minimum expectations.
-S
------------------------------
From: [EMAIL PROTECTED] (Anwar Hasan)
Subject: Re: ECC choice of field and basis
Date: 8 Nov 2000 19:22:29 GMT
In article <[EMAIL PROTECTED]>,
Robert Harley <[EMAIL PROTECTED]> wrote:
>
>[EMAIL PROTECTED] (Anwar Hasan) writes:
>> article on a hardware implementation of a versatile GF(2^m) processor.
>> It reports GF(2^192) multiplication [...] as 2.41 [...] micro-seconds
>> at 75 MHz
>
>It takes about 0.64 microseconds on a 750 MHz Alpha... I'm surprised
>that dedicated hardware is slower than a general purpose CPU and only
>gains a factor of 2.5 or so even if you scale 10x for clock speed.
>
>Rob.
I guess it's because of the VLSI technology and the algorithm used.
The timing results of the prototype processor are based on
0.5 micron CMOS technology (commercial 750MHz Alpha uses faster
technologies). The multiplication algorithm internally uses two
bases (polynomial and triangular) together and runs at bit-level
(rather than digit or group level). There is no pre-computation and
no use of look-up tables.
In fact, the finite field processor does not have separate circuits for the
multiplier.
The latter is rather built on the circuits for a finite field inverter.
And the inverter is based on synthesizing a linear feed-back shift register
using the Berlekamp-Massey algorithm. (Compared to the extended Euclid's algorithm,
it seems the use of the Berlekamp-Massey algorithm reduces the number
of registers needed.)
-AH
------------------------------
From: "Melinda Harris" <[EMAIL PROTECTED]>
Subject: CHALLENGE TO cryptanalysts
Date: Wed, 08 Nov 2000 19:35:15 GMT
The notorious Crypto-Eccentric is preparing to issue a challenge on January
1st 2001 to cryptanalyst and hackers alike including all government agencies
to crack his braintwisting ANEC code. It is to support his claim of having a
statistically crack-proof encryption scheme. Participants may download the
encrypted text embodying ANEC cryptographic algorithms and employ any tools,
or methodologies they can, to attempt to decrypt the message. There will be
no-holds barred hacking rules to illustrate the confidence in the strength
of A.N.E.C. The message will be sealed in an envelope and stored in an
independent safety deposit box and revealed if deciphered prior to its
twelve month deadline. If the twelve month deadline expires and encrypted
text is not deciphered it would certainly help validate his claim. He will
upload to a site where it is available worldwide.
Please note: The self proclaimed crypto-eccentric does not conform to the
traditional practices, beliefs, or standards within the cryptography
profession
A.N.E.C techniques to produce chaos within the analytic process are as
follows:
Intricate hypercubes,hieroglyphic ciphers,triple cross cipher transition,
computational cipher base charts, coincidental cipher repetitions,reversed
standard alphabet,null ciphers,multi-algo transitions,Idiosyncratic inverse
ciphers,multi-transpositional cipher base charts,equivalent primary
component alternatives/anec cifax,kanji ciphers,ideogram ciphers,matrix
technique, manipulation of constant movement and shifting strategy,
stay tuned....
questions email
[EMAIL PROTECTED]
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Crossposted-To: alt.freespeech,talk.politics.misc,talk.politics.crypto
Subject: Re: Updated XOR Software Utility (freeware) Version 1.1 from Ciphile
Date: Wed, 08 Nov 2000 11:33:43 -0800
Scott Craver wrote:
>
> Anthony Stephen Szopa <[EMAIL PROTECTED]> wrote:
> >"Trevor L. Jackson, III" wrote:
> >>
> >> Pointing out the limitations of your software is to amusement as Jerry Springer is
> >> to entertainment.
> >
> >You said it: so what are the limitations of the XOR software
> >utility?
>
> We just *told* you. It's a huge binary, not open, and only runs on a
> single platform.
>
> -S
You know why it is as large as it is. Don't complain to me. This
is the nature of the modern GUI interface. People have decided
that this is how they want to interact with their computer programs
and are even demanding that such programs be provided to them. Are
you saying that most computer users are stupid but you are the smart
one?
Why do you need it open source? It does what it is intended to do
and what it is claimed to do and does no more than it is supposed
to do and you can prove this by using it, especially if you have
firewall software and virus software which many many people do
since these programs are free. No one has claimed that there is
any problems with the software. You are ranting just like a
lunatic. Don't you have something better to do?
You are not getting the source code. I thought of it and engineered
it and I am not going to just give it to you all. Yes, it's simple
but as most of you should realize by now with all the posturing and
pretending in these news groups that all this cannot be too easy
because almost none of you are thinking of new ideas or innovations
or even producing the simplest of software and making it available
to the public. Your lack of creativity and imagination has been
demonstrated by your deciding that your place in these news groups
is as pseudo consumer advocate. But you have merely become trivial
clowns.
It probably runs on 85% of computers in the entire world. It is not
my fault that there is more than one platform in use worldwide with
one dominant. Why haven't you provided a Linux or Mac or Etc.
version? When it really comes down to it, don't you give a damn?
All we are hearing from most of you is give me, give me, me me me ...
Quit complaining and start contributing something that people might
benefit from, if you can.
Are you figgin' deaf?
By the way, Gore hasn't lost yet. 11/8/00 11:35 am PST
------------------------------
From: [EMAIL PROTECTED] (Scott Craver)
Crossposted-To: alt.freespeech,talk.politics.misc,talk.politics.crypto
Subject: Re: Updated XOR Software Utility (freeware) Version 1.1 from Ciphile
Date: 8 Nov 2000 19:24:23 GMT
Richard Heathfield <[EMAIL PROTECTED]> wrote:
>
>Mr Szopa's program is 315392 bytes in size after decompression. No
>source code is provided. I know I'm not the only one to think this to be
>the height of lameness.
That's a pretty big increase between versions. Wow. And
all it does is XOR?
>So, perhaps not unnaturally, I wondered (purely in the spirit of scientific
>enquiry, as befits a sci. newsgroup) if it were possible to write an
>even lamer program. I tried hard. But did I succeed?
[snip] Amazing. Maybe you should run speed tests.
The funny thing about Mr. Szopa's utility is that, before he
posted it, we were only suspicious of his algorithm, and his animosity
towards people who wanted to analyze his algorithm. Now, he
accidentally gives away that his skills as a programmer might be a
problem too, by making an unbeatably HUGE binary to perform one of the
simplest operations on two files, *and* somehow making the first
version unable to XOR files in different directories. I didn't even
know that this kind of deficiency was possible with the full-blown
canned File Open dialog boxes in Win32 and MFC.
But the really funny part is his apparent air of superiority as
a result, despite very obvious size and performance difference between
his and others' software.
-S
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Crossposted-To: alt.freespeech,talk.politics.misc,talk.politics.crypto
Subject: Re: Updated XOR Software Utility (freeware) Version 1.1 from Ciphile
Date: Wed, 08 Nov 2000 11:39:49 -0800
Richard Heathfield wrote:
>
> Scott Craver wrote:
> >
> > Anthony Stephen Szopa <[EMAIL PROTECTED]> wrote:
> > >"Trevor L. Jackson, III" wrote:
> > >>
> > >> Pointing out the limitations of your software is to amusement as Jerry Springer
>is
> > >> to entertainment.
> > >
> > >You said it: so what are the limitations of the XOR software
> > >utility?
> >
> > We just *told* you. It's a huge binary, not open, and only runs on a
> > single platform.
> >
> > -S
>
> Mr Szopa's program is 315392 bytes in size after decompression. No
> source code is provided. I know I'm not the only one to think this to be
> the height of lameness. So, perhaps not unnaturally, I wondered (purely
> in the spirit of scientific enquiry, as befits a sci. newsgroup) if it
> were possible to write an even lamer program. I tried hard. But did I
> succeed? That's for the scientific community to judge. (I was going to
> save this till April 1st, but the moment seems ripe.)
>
> I'm afraid I can't challenge the original for file size, even though I
> made every effort not to tell the compiler to optimise for size, and
> even copied the OP's idea to bloat the binary by making the interface
> graphical. I included some radio buttons and a progress bar, in a
> desperate attempt to add even more bloat. I managed to scrape together
> 302592 bytes of binary - just 12800 bytes short of the target.
>
> I chose C++ Builder as my development platform, and Borland are working
> hard to make Builder portable to Linux, so although I match the original
> on lack of actual portability, my program is - alas - potentially
> portable.
>
> Unfortunately, the full source code (C++ Builder files, I'm afraid) is
> available at http://users.powernet.co.uk/eton/crypto/SNAsrc.zip (around
> 8 kilobytes zipped). This doesn't bode well for the title challenge.
>
> On features, I think I have him. My program doesn't just do the XOR
> thing. It also has two other settings - Vigenere (re-using the shorter
> file to ensure that the longer file is fully encrypted) and Bit Flip -
> the original SNA-Coil algorithm which some of you may remember.
>
> You can get the binary at
> http://users.powernet.co.uk/eton/crypto/SNACoil.zip (around 150
> kilobytes zipped), if you're the kind of person who runs Windows
> binaries without having first personally built them from source code.
> (You have my word, for whatever you think my word is worth, that the
> program is non-destructive in all respects EXCEPT it will happily
> overwrite an existing file if you specify it as an OUTPUT file. It never
> modifies its input files.)
>
> So, my question is: have I succeeded in outlaming the lamer? Only you
> can decide.
>
> --
> Richard Heathfield
> "Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
> C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
> K&R answers, C books, etc: http://users.powernet.co.uk/eton
Here's the difference between most of you and myself:
I ACT and you react: BIG difference.
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Crossposted-To: alt.freespeech,talk.politics.misc,talk.politics.crypto
Subject: Re: Updated XOR Software Utility (freeware) Version 1.1 from
Date: Wed, 08 Nov 2000 11:44:11 -0800
Scott Craver wrote:
>
> Anthony Stephen Szopa <[EMAIL PROTECTED]> wrote:
> >>
> >> I, like you, marvel at how poor the programming had to have been such that
> >> 1.0 couldn't open up files in 2 different directories. :-)
>
> >With all your (all those in this news group) experience in
> >programming and encryption and aesthetics, it is I and not most of
> >you with the ideas and the software products and the strategy and
> >the GOOD will to get these fully functional products out to the
> >public.
>
> You can't read. Others have already written this utility and
> made it available to the public. I mean, even the source code.
>
> And it's such a dinky little utility too. Who's going to download
> hundreds of kilobytes of executable code to perform a simple XOR?
>
> Could someone please submit Mr. Szopa's executable to bloatbusters?
> It's not like 7MB large, but it is huge for its intended purpose.
> And the fact that, somehow, the first version couldn't open files
> in separate directories (despite all the functionality available
> in file open dialogs) really makes it funny.
>
> -S
Am I doing things just so you can rant and rave and waste all your
time?
------------------------------
From: David Schwartz <[EMAIL PROTECTED]>
Crossposted-To: alt.freespeech,talk.politics.misc,talk.politics.crypto
Subject: Re: Updated XOR Software Utility (freeware) Version 1.1 from Ciphile
Date: Wed, 08 Nov 2000 11:45:32 -0800
Anthony Stephen Szopa wrote:
> Here's the difference between most of you and myself:
>
> I ACT and you react: BIG difference.
So ACTing stupidly is better than reacting to stupidity?
DS
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Crossposted-To: alt.freespeech,talk.politics.misc,talk.politics.crypto
Subject: Re: Updated XOR Software Utility (freeware) Version 1.1 from Ciphile
Date: Wed, 08 Nov 2000 11:51:38 -0800
Andre van Straaten wrote:
>
> In sci.crypt Anthony Stephen Szopa <[EMAIL PROTECTED]> wrote:
> > Andre van Straaten wrote:
> >>
> >> In sci.crypt Anthony Stephen Szopa <[EMAIL PROTECTED]> wrote:
> >> > Tom St Denis wrote:
> >> >>
> >> >> In article <[EMAIL PROTECTED]>,
> >> >> Hawke <[EMAIL PROTECTED]> wrote:
> >> >> > sorry for the massive crosspost...
> >> >> >
> >> >> > too bad this software is winblows only.
> >> >> > it'd be nice to have an app like this in linux...
> >> >>
> >> >> You are kidding right?
> >> >>
> >> >> Tom
> >> >>
> >> >> Sent via Deja.com http://www.deja.com/
> >> >> Before you buy.
> >>
> >> > The software does what it says it does and this fellow seems to
> >> > think he has need or feels he may have need for such a program.
> >>
> >> > So you feel you have the right and need to ridicule him?
> >>
> >> > Can you stoop any lower?
> >>
> >> > Show this fellow some respect and write him a similar program for
> >> > Linux.
> >>
> >> > Here are the specs: the ability to select any two files from any
> >> > two drives/directories and logically XOR them outputting the
> >> > resulting file to any drive/directory. Stopping the XOR process
> >> > upon reaching the end of file of the shortest file selected. And
> >> > allow for any file length to be processed.
> >>
> >> Eh ... apart from the "unlimited" length of the file ...I read the
> >> files into memory ...
> >> I posted a Tcl/Tk file on alt.sources.crypto which does just this.
> >>
> >> If he has Tcl on his Linux box, he can use this in the meantime or
> >> forever, until someone posts a C/C++ GUI version.
> >>
> >> If he can't access alt.sources.crypto, he can e-mail me.
> >>
> >> (But a few people only please, I don't want to become an "XOR"
> >> monger.)
> >>
> >> -- avs
> >>
> >> Andre van Straaten
> >> http://www.vanstraatensoft.com
> >> ______________________________________________
> >> flames please to [EMAIL PROTECTED]
> >>
> >> -----= Posted via Newsfeeds.Com, Uncensored Usenet News =-----
> >> http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
> >> -----== Over 80,000 Newsgroups - 16 Different Servers! =-----
>
> > At least you try.
>
> > That's certainly more than just giving lip service.
>
> I posted this piece of software only because someone indirectly asked for
> it.
> The OTP has only a few applications in real-life cryptography, but for
> private people are there some interesting points as key management for
> private people is somewhat different as in organizations.
> I wrote this script particularly for my own needs and have no interest in
> the work to be done to make it idiot-proof for every user and write a
> short introduction about OTPs and XOR ciphers. I would take this a
> responsibility.
>
> The discussion in these threads began, as sci.crypt discusses (less often
> in the last time) generally ALGORITHMS or PROTOCOLS with any relation to
> cryptography.
>
> The xor algorithm can be found in many FAQs of the frequent posters. Few
> people discuss it.
> Personal behavior and considerations why to use it seem also to me quite
> irrelevant.
>
> The problems started as you posted the promotion of your program in
> different newsgroups where it might be appropriate, but unfortunately not
> in sci.crypt, as there is no algorithm to discuss.
>
> Many people in sci.crypt can write their own xor programs, at least
> without GUI.
>
> What people was concerned about is the fact that no source code has been
> given and the program COULD bear additional hidden features as
> backdoors, trojans, etc.
>
> That there exist people who are not programmers and who are not interested
> in cryptography, but want to encrypt their files, and have to be happy
> with a solution like yours, is another point, which should also be
> discussed better in the other NGs of your first postings.
>
> It bears always various risks to use XOR and OTPs, without at least a
> little knowledge about what somebody is doing.
>
> I only hope that this was the last promotion of a program where is nothing
> to discuss from the view of _sci_._crypt_.
>
> If not it ends up in discussing programming techniques and compiler
> settings, and everything ...
>
> Many people subscribe to only a few NGs and discuss there everything,
> alt.2600 is an example.
>
> Well, I have to blame myself, too, as I easily get off-topic, and there
> is a question which recently was a thread in alt.2600: Why do we respond
> to these inappropriate messages, blow up irrelevant threads, and make the
> NG more difficult to read ?
>
> -- avs
>
> Andre van Straaten
> http://www.vanstraatensoft.com
> ______________________________________________
> flames please to [EMAIL PROTECTED]
It could be called disinformation and psychological warfare.
Do you think everyone in these news groups are honest sincere
people?
You just have to look at the reply posts and what they really
contribute to a particular thread to make this determination.
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Crossposted-To: alt.freespeech,talk.politics.misc,talk.politics.crypto
Subject: Re: Updated XOR Software Utility (freeware) Version 1.1 from Ciphile
Date: Wed, 08 Nov 2000 11:52:56 -0800
CiPHER wrote:
>
> In article <[EMAIL PROTECTED]>,
> Anthony Stephen Szopa <[EMAIL PROTECTED]> wrote:
>
> > Have you provided something of real use to any of us, besides your
> > opinions?
>
> Well, have you? A shitty coded XOR program, that is inherently
> pointless and even more obviously badly coded?
>
> I mean, _I_ could even write a more useful cross-platform XOR program in
> Java if I had the time and didn't have to spend it making stupid
> maze-solving programs.
>
> --
> Marcus
> ---
> [ www.cybergoth.cjb.net ] [ alt.gothic.cybergoth ]
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.
Or going way over the top ranting and raving in these news groups.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************