Cryptography-Digest Digest #145, Volume #13 Sun, 12 Nov 00 18:13:01 EST
Contents:
Security of Norton YEO (Your Eyes Only) ([EMAIL PROTECTED])
Re: "Secrets and Lies" at 50% off (Paul Crowley)
Re: "Secrets and Lies" at 50% off (Richard Heathfield)
Re: Algorithm with minimum RAM usage? (Paul Rubin)
Re: Integer encoding on a stream ("D.A.Kopf")
Re: "Secrets and Lies" at 50% off (David A Molnar)
Re: LaGrange Interpolating Polynomial Scheme? (David A Molnar)
Book recommendation, please ("[EMAIL PROTECTED]")
Re: "Secrets and Lies" at 50% off (Bill Unruh)
On an idea of John Savard (Mok-Kong Shen)
Re: Security of Norton YEO (Your Eyes Only) (Simon Johnson)
Re: XOR Software Utility (freeware) available from Ciphile Software (Alan Mackenzie)
Re: Randomness from key presses and other user interaction (David Schwartz)
Re: voting through pgp (David Schwartz)
Re: "Secrets and Lies" at 50% off (Quisquater)
Re: hacker...beware ("Greg H")
Re: Book recommendation, please (Hauke Hansen)
Re: Rotor Machines and Alan Turing the father of modren cryptography (Jim)
looking for help with development of crypto website ([EMAIL PROTECTED])
crypto website ([EMAIL PROTECTED])
help with website ([EMAIL PROTECTED])
Re: Book recommendation, please ("John A. Malley")
----------------------------------------------------------------------------
From: [EMAIL PROTECTED]
Subject: Security of Norton YEO (Your Eyes Only)
Date: Sat, 11 Nov 2000 19:13:50 -0500
Does anyone know of any security issues with Norton YEO? I know that the
encryption methods that they use are good, but I'm wondering if there are any
known bugs or if they left in a backdoor.
Thanks,
Brad
------------------------------
From: Paul Crowley <[EMAIL PROTECTED]>
Crossposted-To: comp.security.misc
Subject: Re: "Secrets and Lies" at 50% off
Date: Sun, 12 Nov 2000 12:56:06 GMT
Richard Heathfield wrote:
> Far be it from me to stick up for a pariah, but I can't let this pass.
I certainly agree that if DS has broken his AUP then his AUP is grossly
unfair - he has acted as a participant in this newsgroup in a way that
no AUP should forbid.
But:
> 3) At least he isn't, IMHO, a snake oil merchant.
Er, *yes he is* - if anyone is a snake oil merchant, it's him.
> I know his code is
> unreadable, and therefore his algorithm is undecipherable(!), but it's
> not as if he rams scott19u down people's throats.
He's about as bad as he could be here. People post to sci.crypt asking
for a recommendation on how best to encrypt something, and he invariably
jumps in to recommend scott19u (or scott16 before that was broken): the
BEST MOST SECURE encryption algorithm. This was bad advice that no
responsible cryptographer would give, and I thought that it was a shame
it was given. One example was so egregious that another participant,
who had mirrored his code in the interests of fairness, felt moved to
take down the mirror, both in disgust at this misleading promotion and
for fear that someone might download it from his site and be misled into
using it for a real application. If there's anything within his power
to ram it down people's throats that he hasn't done, I'd like to know
about it.
I certainly think his presence in this group is unfortunate and it would
be very much richer without his persistantly rude and ignorant
participation. But that doesn't mean it would be fair to eject him even
if it were possible, which it isn't.
David Scott: please feel free to flame me at length, on the newsgroup or
in email, for what I've written here. However, it's unlikely I'll
respond.
--
__
\/ o\ [EMAIL PROTECTED]
/\__/ http://www.cluefactory.org.uk/paul/
------------------------------
Date: Sun, 12 Nov 2000 14:14:30 +0000
From: Richard Heathfield <[EMAIL PROTECTED]>
Crossposted-To: comp.security.misc
Subject: Re: "Secrets and Lies" at 50% off
Paul Crowley wrote:
>
> Richard Heathfield wrote:
> > Far be it from me to stick up for a pariah, but I can't let this pass.
>
> I certainly agree that if DS has broken his AUP then his AUP is grossly
> unfair - he has acted as a participant in this newsgroup in a way that
> no AUP should forbid.
>
> But:
>
> > 3) At least he isn't, IMHO, a snake oil merchant.
>
> Er, *yes he is* - if anyone is a snake oil merchant, it's him.
Well, maybe we are using different definitions. His source code is at
least available...
>
> > I know his code is
> > unreadable, and therefore his algorithm is undecipherable(!), but it's
> > not as if he rams scott19u down people's throats.
...even if it's unreadable. :-)
Anyway, I'll stop there before we get into a silly fight over
terminology, because I think we're both broadly in agreement.
<snip>
>
> I certainly think his presence in this group is unfortunate and it would
> be very much richer without his persistantly rude and ignorant
> participation.
Actually, if he could participate without being persistently rude, that
would be a plus.
I am in no position to judge his ignorance or lack thereof, being pretty
ignorant of cryptography myself.
> But that doesn't mean it would be fair to eject him even
> if it were possible, which it isn't.
Then we are, in fact, in agreement.
<snip>
--
Richard Heathfield
"Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
K&R answers, C books, etc: http://users.powernet.co.uk/eton
------------------------------
From: Paul Rubin <[EMAIL PROTECTED]>
Subject: Re: Algorithm with minimum RAM usage?
Date: 12 Nov 2000 06:42:55 -0800
You want Skipjack, which was designed for precisely what you're asking.
Besides the 8-byte data block, and the key (which might be in rom in
your application), it needs only 3 bytes of scratch ram.
See http://www.brouhaha.com/~eric/crypto for a sample implementation
(PIC microcontroller).
------------------------------
From: "D.A.Kopf" <[EMAIL PROTECTED]>
Crossposted-To: comp.compression
Subject: Re: Integer encoding on a stream
Date: 12 Nov 2000 16:26:26 GMT
Reply-To: [EMAIL PROTECTED]
Benjamin Goldberg wrote:
>
> A while back, I asked a few questions about how one should store an
> integer on a bit stream in a way that uses few bits. I found this
> method in Knuth (volume 3), for a method which had the additional
> requirements for being prefix free, and having larger integers be
> lexicographically greater than smaller integers.
>
> Here's some psuedocode for it.
>
> writeIntegerOnStream( p ) {
> if( p == 0 ) { writeBits( "0" ); return; }
> writeBits( "1" );
> writeIntegerOnStream( bitLength(p) - 1 );
> writeBits( tobase2String(p).substring(1) );
> }
>
> readIntegerFromStream() {
> if( readBits(1) == "0" ) return 0;
> length = readIntegerFromStream();
> return base2toInteger( "1" + readBits(length) );
> }
>
> Any comments on how efficient this method is compared to the others that
> had been suggested?
This is basically the (code-length, code-value) pair used in baseline jpeg for
the change in DC coefficient (except with jpeg the code length is further
huffman encoded, which gives some additional small compression). US patent
5,463,699 (Wilkinson, 1995) would seem to apply to typical implementations.
It's obviously an efficient way to encode zero, but adds a lot of overhead
when the numbers aren't zero. Then it is often better to use a fixed bit field
that accomodates most numbers, with an escape code to flag the occasional
out-of-range number (this would appear to preserve the lexicographic
ordering). The patent is worth reading; also
http://dakx.com/theory/jpegbaseline.html might give you some ideas.
> --
> There are two methods for writing code in which no bug can be found:
> 1) Make the code so straightforward that there are obviously no bugs.
> 2) Make the code so complicated that there are no obvious bugs.
3) Insist that any apparent bugs were really intentional features.
------------------------------
From: David A Molnar <[EMAIL PROTECTED]>
Crossposted-To: comp.security.misc
Subject: Re: "Secrets and Lies" at 50% off
Date: 12 Nov 2000 16:25:08 GMT
In sci.crypt Stuart Krivis <[EMAIL PROTECTED]> wrote:
> I vote that David A Scott be henceforth banned from Usenet. He's as bad as
> that Sternlight guy that hangs around the encryption groups and has a
> woodie about pgp.
You know, you could use a killfile.
> David Scott... David Sternlight...one and the same person?
Unlikely but possible. At least until a Verisign cert is required before
usenet posting.
Maybe this is a cryptographic problem - design a usenet posting protocol
which prevents someone from posting under two different names at
once...but does not reveal what the person's "real" name is.
-David
------------------------------
From: David A Molnar <[EMAIL PROTECTED]>
Subject: Re: LaGrange Interpolating Polynomial Scheme?
Date: 12 Nov 2000 16:27:40 GMT
Bruce C. Goldstein <[EMAIL PROTECTED]> wrote:
> cryptography applications. There GOTTA BE some source code and/or freeware
> (shareware?) out there that we could utilize. But where? I'm afraid my
Wei Dai's Crypto++ has secret sharing code.
http://www.weidai.com/
-David
------------------------------
From: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]>
Subject: Book recommendation, please
Date: Sun, 12 Nov 2000 19:25:51 GMT
My 16 year old son has become interested in cryptography (after
reading Cryptonomicon). He is very computer literate, takes AP
Computer Science in school, and does a fair amount of C++ programming
in school and for fun. What book or books can this group recommend as
an introduction to the science of Cryptography? I'd like to encourage
his interest with a good introduction, without overwhelming him.
Would Applied Cryptography by Bruce Schneier be the way to go ?
Thanks in advance
------------------------------
From: [EMAIL PROTECTED] (Bill Unruh)
Crossposted-To: comp.security.misc
Subject: Re: "Secrets and Lies" at 50% off
Date: 12 Nov 2000 19:41:28 GMT
In <[EMAIL PROTECTED]> [EMAIL PROTECTED] (Stuart Krivis) writes:
]I vote that David A Scott be henceforth banned from Usenet. He's as bad as
]that Sternlight guy that hangs around the encryption groups and has a
]woodie about pgp.
Actually Sternlight has not been heard from in a long long time. Hope he
is OK.
]David Scott... David Sternlight...one and the same person?
No, totally different personalities.
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: On an idea of John Savard
Date: Sun, 12 Nov 2000 21:20:37 +0100
I remember that John Savard has mentioned in discussions on
articles of others that the rounds (or cycles) of two different
block ciphers may be interleaved. In my view this is indeed
a very remarkable and useful generalization of the common
multiple encryption through concatenation of the two ciphers
and can be easily done in case of software implementations.
It may be observed that, using additionally a suggestion of
mine to permute the round keys of a block cipher, an extremely
huge number of different constellations (to be chosen by some
additional key material) may be thereby obtained. For, if the
two ciphers have m and n rounds (or cycles) respectively, then
there are (m+n)! different permutations of these. Of course,
one can trivially generalize the scheme to the case with more
than two block ciphers.
M. K. Shen
==========================
http://home.t-online.de/home/mok-kong.shen
------------------------------
From: Simon Johnson <[EMAIL PROTECTED]>
Subject: Re: Security of Norton YEO (Your Eyes Only)
Date: Sun, 12 Nov 2000 20:19:18 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> Does anyone know of any security issues with Norton YEO? I know that
the
> encryption methods that they use are good, but I'm wondering if there
are any
> known bugs or if they left in a backdoor.
>
> Thanks,
>
> Brad
>
I _THINK_ that this program uses DES56. DES-56 is insecure against
brute-force. To quantify this statement, it took distributed.net (a
server dedicated to breaking ciphers by brute-force) managed to break
des-56 in well under 24-hours.
This said, it is probably well outside the reach of most people. I'd
say about 98% of individuals and 85% of companies.
As for back-doors, the program isn't open-source so there is no way
this can be determined. Unless, of course, you reverse engineer the
program but this always against the terms and conditions the program
has you agree to before installation.
PGP is open source, and can be downloaded from pgpi.org..... The
algorithms it uses are more secure, and since it is open-source you know
that the copy you compile is free of back doors.
hope i was of some use,
Simon.
--
Hi, i'm the signuture virus,
help me spread by copying me into Signiture File
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Alan Mackenzie<[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto,alt.hacker,talk.politics.misc
Subject: Re: XOR Software Utility (freeware) available from Ciphile Software
Date: Sun, 12 Nov 2000 19:45:32 +0000
Anthony Stephen Szopa <[EMAIL PROTECTED]> wrote on Tue, 07 Nov 2000
20:39:23 -0800:
[ .... ]
> If you downloaded OAP-L3 and checked it out, you would have found that
> there are tutorials that test every aspect of the encryption software.
> You are also at liberty to design your own files to test the various
> processes.
> You can be sure that OAP-L3 performs exactly as described and you can
> prove it to yourself.
Anthony, I think you are mistaken here. Suppose a copy of OAP-L3 somehow
got infected with a virus - it happens, some people are not as careful as
they might be.
The infected copy of the software would pass all tests, whether supplied
by the author or constructed by the user, apparently behaving identically
to the clean version. Yet OAP-L3-infected does _not_ perform exactly as
OAP-L3-clean. Since these tests do not distinguish between the clean and
dirty versions of the software, they cannot be said to test every aspect
of it.
> I don't know how many crypto software products provide you with the
> means to check every process included with the software and allow you
> to create your own verification files?
The point people are making is that they cannot know that OAP-L3 is
totally clean without having access to the source code, and no amount of
testing can demonstrate this cleanliness.
I think it's been mathematically proven that testing _cannot_ demonstrate
a program to be flawless.
[ .... ]
--
Alan Mackenzie (Munich, Germany)
Email: [EMAIL PROTECTED]; to decode, wherever there is a repeated letter
(like "aa"), remove one of them (leaving, say, "a").
------------------------------
From: David Schwartz <[EMAIL PROTECTED]>
Subject: Re: Randomness from key presses and other user interaction
Date: Sun, 12 Nov 2000 13:02:39 -0800
Terry Ritter wrote:
> >The letters which users type certainly aren't random,
> >but the intervals between keystrokes by users certainly
> >contains a fair bit of entropy.
>
> Keystroke intervals *as* *typed* may indeed contain "a fair amount of
> entropy." Unfortunately, the keyboard scanning process quantizes most
> of that away.
Especially if you know exactly what the user typed and have some
experience timing the keystrokes of that particular user. There's
probably somewhat more entropy if you just ask the user to bang on the
keys randomly. The problem is, without a good model of how much entropy
there is and how much survives the scanning process, you don't really
know how much entropy you have. Looking at the randomness of the
measured times doesn't help, because it's never obvious how much of that
was created by the user.
DS
------------------------------
From: David Schwartz <[EMAIL PROTECTED]>
Subject: Re: voting through pgp
Date: Sun, 12 Nov 2000 13:04:22 -0800
David Wagner wrote:
>
> Ok, I see. Witnessing helps with authenticating voters. But it doesn't
> help me if my computer has been silently infected with an "Election Day"
> virus which secretly changes my vote. (Crypto can't help if one of the
> endpoints is not trustworthy.) So it's not a silver bullet, but it still
> seems like it could be useful. Right?
Who says your computer has to understand the data it's processing? For
example, suppose each voter received a computerized sheet that only they
received. It contained the unique codes that they would use to vote, say
'43' for Bush and '90' for Gore. If a virus tried to change these, odds
are it would produce an invalid vote, which would immediately trigger an
investigation into the source of the discrepancy.
All of the problems being mentioned can be solved. It's just a matter
of coming up with a system that solves all of them. (Or at least comes
close enough.)
DS
------------------------------
From: Quisquater <[EMAIL PROTECTED]>
Crossposted-To: comp.security.misc
Subject: Re: "Secrets and Lies" at 50% off
Date: Sun, 12 Nov 2000 23:05:38 +0100
> Actually Sternlight has not been heard from in a long long time. Hope he
> is OK.
Seems OK. See http://www.sternlight.com
------------------------------
From: "Greg H" <[EMAIL PROTECTED]>
Crossposted-To:
alt.lang.basic,alt.permaculture,alt.surfing,alt.surfing.europe.uk,aus.computers.linux,comp.os.linux.setup
Subject: Re: hacker...beware
Date: Sun, 12 Nov 2000 21:59:01 -0000
Talking about things gettin out of hand. And Toataly OFF topic
Greg
Gary <[EMAIL PROTECTED]> wrote in message
<3a0884ad$0$19405$[EMAIL PROTECTED]>...
>The following person (who posts on the above newsgroups)has been detected
by
>my firewall as attempting to hack into my system. He/she has been reported
>to the isp concerned and details are as follows.
>
>Name E-mail address Date Thread Newsgroup
>Vic Drastik [EMAIL PROTECTED] 00/04/20 comp.lang.basic.misc
>Mongolian Horde [EMAIL PROTECTED] 00/01/05 alt.surfing
>*Lauren* [EMAIL PROTECTED] 99/11/06 alt.music.moffatts
>Mongolian Horde [EMAIL PROTECTED] 99/11/05 alt.surfing
>Mongolian Horde [EMAIL PROTECTED] 99/11/05
>Location of 203.101.94.94:
> Country = Australia
> Region = New South Wales
> City = Sydney
>Standard network info
>[ nslookup (1): ip=203.101.94.94,
hostname=async93-wol-isp-1.nas.one.net.au]
>
>
>
------------------------------
From: Hauke Hansen <[EMAIL PROTECTED]>
Subject: Re: Book recommendation, please
Date: Sun, 12 Nov 2000 23:17:02 +0100
Reply-To: [EMAIL PROTECTED]
On Sun, 12 Nov 2000 19:25:51 GMT, "[EMAIL PROTECTED]"
<[EMAIL PROTECTED]> wrote:
>Would Applied Cryptography by Bruce Schneier be the way to go ?
I mostly use the books written by Albrecht Beutelspacher, but i dont
know which of his books are available in english.
For what i can say about the german editions, they are simply great,
most of them are not too hard for beginners.
You may check your favorite online bookstore (and -if available-
reviews there) for his books and if they cover the topics you may ask
for.
MfG
HH
------------------------------
From: [EMAIL PROTECTED] (Jim)
Subject: Re: Rotor Machines and Alan Turing the father of modren cryptography
Reply-To: Jim
Date: Sun, 12 Nov 2000 22:38:49 GMT
On Sat, 11 Nov 2000 12:09:54 GMT, [EMAIL PROTECTED] wrote:
>In 1939, British intelligence, with the help of Polish spies, managed to
Polish Army Intelligence. They weren't spies.
>obtain a working replica of a new and secret coding
>machine known as Enigma. Unfortunately, the Germans changed the machine
>settings (the key) on a daily basis. The British
>equivalent of the NSA, the Government Code and Cipher School,
GCHQ is the British equivalent of the NSA. GC&CS preceeded both GCHQ
and the NSA.
>formed a
>Top Secret group set up for the purpose of developing
>a method for extracting the daily Enigma key from the morning messages,
>or traffic. Alan Turing, a brilliant mathematician and
>an expert in Boolean algebra, invented a computer, the Turing Bombe,
>which accomplished this feat.
The 'Bombes' were in fact invented by the Poles. Turing developed and
refined them.
--
______________________________
Posted by Jim Dunnett
dynastic at cwcom.net
nordland at lineone.net
------------------------------
From: [EMAIL PROTECTED]
Subject: looking for help with development of crypto website
Date: Sun, 12 Nov 2000 22:32:38 GMT
Hello i'm in the process of getting the website
www.cryptopunks.com up and going.
it will be a site that only deals with crypto
r&d, analysis, stegography,discussion lists,
mathmatics, and archives. if you have any
questions please fell free to email me at
[EMAIL PROTECTED]
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED]
Subject: crypto website
Date: Sun, 12 Nov 2000 22:32:39 GMT
Hello i'm looking for help with a website that
i'm building that only deals with cryptanalysis,
theory, mathmatics, r&d, cypher design,
discussions, and current crypto laws in different
country's.
if anybody is interested please email me at
[EMAIL PROTECTED]
thank you
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED]
Subject: help with website
Date: Sun, 12 Nov 2000 22:36:14 GMT
hello,
im in the process of building a website on crypto, stego, theory,
design, attacks, current crypto laws, discussions, mathmatics, etc
if interested please contact me at [EMAIL PROTECTED]
thanks
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: "John A. Malley" <[EMAIL PROTECTED]>
Subject: Re: Book recommendation, please
Date: Sun, 12 Nov 2000 15:01:40 -0800
"[EMAIL PROTECTED]" wrote:
>
> My 16 year old son has become interested in cryptography (after
> reading Cryptonomicon). He is very computer literate, takes AP
> Computer Science in school, and does a fair amount of C++ programming
> in school and for fun. What book or books can this group recommend as
> an introduction to the science of Cryptography? I'd like to encourage
> his interest with a good introduction, without overwhelming him.
> Would Applied Cryptography by Bruce Schneier be the way to go ?
>
A book like "Basic Methods of Cryptography" by Jan C. A. Van Der Lubbe,
Cambridge University Press, ISBN 0-521-55559-0 helps fill in some of the
theory behind the hands-on examples of Bruce Schneier's "Applied
Cryptography."
"Cryptanalysis, a study of ciphers and their solution" by Helen Fouche
Gaines, Dover Publications, ISBN 0-486-200097-3 is also recommended. The
book covers classical ciphers and their cryptanalysis.
"Number Theory in Science and Communication, with Applications in
Cryptography, Physics, Digital Information, Computing and
Self-Similarity" by M.R. Schroeder, published by Springer, ISBN
3-540-62--6-0, helps build the background in number theory so essential
to understanding the public key systems used today. This is a FUN book!
Your son will probably enjoy it.
Where this my son, I'd start with just (1) "Cryptanalysis" by Helen
Fouche Gaines and then (2) "Basic Methods of Cryptography" by Jan C.A.
Van Der Lubbe and see what happens - gauge his appetite for the subject
without risking "mental indigestion." And consider reading these two
books along with him - he's sure to have questions about the subject as
he reads. You could explore the subject together. (Just a thought.)
As questions arise about the mathematics behind the cipher systems, I'd
consider introducing him to (3) and to more advanced introductory texts
on cryptology (cryptanalysis and cryptography) like "Making, Breaking
Codes, and Introduction to Cryptology" by Paul Garret, ISBN
0-13-030369-0. And, I'd introduce other books on Number Theory, Group
Theory and Abstract Algebra. (In fact, Dover Publications feature many
books on these subjects, all in paperback, most below $10 - $15 US,
incredibly inexpensive for the density of knowledge therein!)
Hope this helps,
John A. Malley
[EMAIL PROTECTED]
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
