Cryptography-Digest Digest #155, Volume #13 Tue, 14 Nov 00 11:13:00 EST
Contents:
Re: DES advice (John Savard)
Re: On an idea of John Savard (John Savard)
Re: DES advice (John Savard)
Modern Cryptoanalysis? (Jouni Hiltunen)
Re: XORred zipfile chunks = random? (d)
Re: Modern Cryptoanalysis? (Paul Crowley)
Re: PGP still the no1? ([EMAIL PROTECTED])
Re: hardware RNG's (Tim Tyler)
Black Market Internet Information - my visits and tradeshows (Markku J. Saarelainen)
Re: On an idea of John Savard (Mok-Kong Shen)
Re: Chimera ciphers (WAS Re: On an idea of John Savard) (Mok-Kong Shen)
Re: On an idea of John Savard (Mok-Kong Shen)
The ultimate cipher (Mok-Kong Shen)
Re: On an idea of John Savard (Mok-Kong Shen)
Re: "Secrets and Lies" at 50% off (James Felling)
Re: sci.crypt archive ("Thomas J. Boschloo")
Anyone has read / poses / is found of book by M.Schroeder(not the second (Ariel
Burbaickij)
Re: The ultimate cipher (Ariel Burbaickij)
Re: DES advice ("Bob Luking")
Re: On an idea of John Savard (James Felling)
Re: Black Market Internet Information - my visits and tradeshows (Ariel Burbaickij)
Re: Anyone done/doing Schneier's self-study cryptanalysis course? (James Felling)
Re: The ultimate cipher (Juergen Nieveler)
Re: DSS/DSA and DH Parameters (DJohn37050)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: DES advice
Date: Tue, 14 Nov 2000 13:04:04 GMT
On Mon, 13 Nov 2000 22:02:18 GMT, Tom St Denis <[EMAIL PROTECTED]>
wrote, in part:
>First off implementing DES is only a good idea to learn how to
>implement things from specs. DES is not particularly usefull in any
>way today.
Well, there is compatibility with everything that still uses
Triple-DES.
>Also why buy a C compiler when you can easily download one for free?
You mean you can write a program with gcc that runs under Windows?
And even if there is a port of gcc like that - I know you can use it
for writing DOS programs - how easy is it to use? Version 3 of C++
Builder is still available at large discounts in some places, and it
is very useful. (There's a free download of the compiler engine from
version 5 of that, although it's unclear to me how useful that is by
itself.)
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: On an idea of John Savard
Date: Tue, 14 Nov 2000 13:06:21 GMT
On Mon, 13 Nov 2000 23:47:46 GMT, Darren New <[EMAIL PROTECTED]> wrote,
in part:
>What would be the benefit to interleaving the rounds, versus just running
>the two encryptions in sequence?
The danger has to do with messing up the equivalent of "swap halves"
for the combined ciphers.
The benefit is that, with the two encryptions being sufficiently
different in their form, we are changing from operations in one group
to another kind of operation repeatedly, making many forms of
cryptanalysis much more difficult.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: DES advice
Date: Tue, 14 Nov 2000 13:09:01 GMT
On Tue, 14 Nov 2000 09:50:29 +0200, Panu
=?iso-8859-1?Q?H=E4m=E4l=E4inen?= <[EMAIL PROTECTED]> wrote, in part:
>You may have confused the way the bits are numbered. At least, that's what I
>did. Bit 1 is on the left and bit 32 is on the right. (Or was it so? ;))
Yes, it most definitely was. And the byte containing bits 1 through 8
is on the left as well, and bit 1 is on the left of that byte. Thus,
the numbering is consistently big-endian, which is simple to
understand, although it may not be what is expected given the
popularity of little-endian architectures these days.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: Jouni Hiltunen <[EMAIL PROTECTED]>
Subject: Modern Cryptoanalysis?
Date: Tue, 14 Nov 2000 13:22:00 GMT
I'm searching for a good book and/or paper on modern methods of
cryptoanalysis, tools algorithms, even sourcecode if it would be
available.
All suggestions appreciated.
-Jouni Hiltunen
------------------------------
From: d <[EMAIL PROTECTED]>
Subject: Re: XORred zipfile chunks = random?
Date: Tue, 14 Nov 2000 13:41:08 GMT
In article <8urac6$q3j$[EMAIL PROTECTED]>,
Tom St Denis <[EMAIL PROTECTED]> wrote:
> In article <8ur3se$lj0$[EMAIL PROTECTED]>,
> [EMAIL PROTECTED] wrote:
> > (sorry to post this again, but deja doesn't seem to carry
> > sci.crypt.random-numbers)
[I'm mistaken - they do]
> >
> > This easy to implement, quick and dirty method may be naive,
> > simplistic, trivial etc. but it seems to work...
> >
> > Take a 3 minute audio cd .wav file (or record your own), zip it to
> > improve uniformity of bits, giving around 30MB. Compile and run
> program
> > below (or use my one time pad program at
> <http://www.vidwest.com/otp/>,
> > creating an 11MB file and test with DIEHARD. If it doesn't pass,
> repeat
> > above using a longer .wav - it will eventually.
>
> The problem is that wav files are not particularly random and if you
> took something off a CD there is a chance that I own it too.
>
> Sound cards were not meant to be RNG's so you have to be very carefull
> if you're trying to justexpos it's job.
>
> Tom
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.
>
My contention is that it's really quite easy to generate large
quanitiies of (externally sourced) randomness:
- a large jpeg of a tree in early spring or autumn; a recording of a
noisy bar (yes, even put through a sound card); captured home video -
all these can be as 'noisy' and big as you want them to be.
Further, using as trivial a mixing function as zip-and-multiple-XOR
produces 'good enough' randomness (whatever that is, and not meaning to
offend any of you 'purists' ;-)
Lastly, To produce even a floppie's worth of bits from
Linux's /dev/random (at least on my PC) would take several hours. I
don't know about specialized hardware RNGs - what sort of throughput do
they have?
--
Thanks for giving this your attention,
David West. <[EMAIL PROTECTED]>
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Paul Crowley <[EMAIL PROTECTED]>
Subject: Re: Modern Cryptoanalysis?
Date: Tue, 14 Nov 2000 14:05:28 GMT
Jouni Hiltunen wrote:
>
> I'm searching for a good book and/or paper on modern methods of
> cryptoanalysis, tools algorithms, even sourcecode if it would be
> available.
Probably the best introduction is Bruce Schneier's self-study course in
block cipher cryptanalysis.
http://www.counterpane.com/self-study.html
--
__
\/ o\ [EMAIL PROTECTED]
/\__/ http://www.cluefactory.org.uk/paul/
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: PGP still the no1?
Date: Tue, 14 Nov 2000 14:07:36 GMT
In article <8uq596$lo9$03$[EMAIL PROTECTED]>,
"Sascha Klein" <[EMAIL PROTECTED]> wrote:
> im afraid about the new versions of PGP.
Why are you afraid?
someone told me, the crypted
data
> could be decrypted by police and so on. which is the best encryption
method?
You dont have to worry much about this. An adversary has to have
significant resources in order to attempt to crack your PGP messages.
And there are not many in this world who have this kind of resource.
Also you have to be a special VIP in order to get that kind of
attention.
> still pgp? or does any other program exist?
As long as PGP has been in existance there has been rumours and counter
rumours to backdoors and weak key generation etc. The best place to
discuss this is on alt.security.pgp.
If you are really worried about the latest version of PGP, dont use it.
Use an older version...and you can go back as far as PGP 2.6.3 ( but
watch out for the key compatibility issue...the older versions use RSA
and the newer versions use DH key generation . The header formats also
changed and are not forward compatible.
check out this url for compatibility issues:
http://rmarq.pair.com/pgp
>
> and no :) im not on the run, i dont write any mean mails, iam just
> interested about beeing controled.
>
>
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: hardware RNG's
Reply-To: [EMAIL PROTECTED]
Date: Tue, 14 Nov 2000 14:48:25 GMT
David Schwartz <[EMAIL PROTECTED]> wrote:
: Alan Rouse wrote:
:> David Schwartz wrote:
:> > Nonesense. Random is not absolute. If I roll a die with a '1'
:> > on one side and a '2' on five other sides, the result is random,
:> > however it will have biases. Your formulation defies common usage as well.
:>
:> Ok we have established that our differences are semantics. If I am to
:> communicate further with you on this subject I need a new word that
:> means to you what "random" means to me. How about arfbixqy? Good
:> enough? Just replace all my previous usages of "random"
:> with "arfbixqy" and we'll be fine. ;->
: How about "unpredictable" or even "random"?
To my mind a sequence that is one 80% 2s hardly qualifies as "random" or
"unpredictable".
I don't know if there's a term for such sequences. I would probably call
it "a biased stram with an unpredictable element" - which is a bit longer
than "arfbixqy" I confess...
--
__________ http://alife.co.uk/ http://mandala.co.uk/
|im |yler [EMAIL PROTECTED] http://hex.org.uk/ http://atoms.org.uk/
------------------------------
From: Markku J. Saarelainen <[EMAIL PROTECTED]>
Crossposted-To: alt.security,alt.2600,comp.security
Subject: Black Market Internet Information - my visits and tradeshows
Date: Tue, 14 Nov 2000 14:54:47 GMT
In many Internet tradeshows I have purposefully requests to purchase
the customer and other traffic information from many backbone ISPs and
domain name services / controllers. These requests have resulted in the
following conclusion: In all cases people were willing to sell their
customer and other traffic information. So if I can do it by myself
alone, what can an intelligence agency such as the CIA, NSA, FBI,
Mossad to do with their thousands of employees. My recommendation: The
strongest possible encryption of all personal, official, business and
other communications without implementing the NSA crackable AES
(Advanced Encryption Standard). The reality: "Who wins the crypto war,
wins the whole war."
Markku
P.S. Did you know that the CIA and Mossad have very close tie and share
satellite and other intelligence information daily and very regularly.
In addition, the Jewish communicaty in the U.S.A. operates as a
facilitator to enable improved Mossad intelligence activities. Did you
also know that Mossad actually kills people. In addition, when I made
negative comments regarding to Jews in 1999 I was attacked by Jews and
the U.S. Government. The U.S. Government seems to think that it has the
greater responsibility to protect Jews than ordinary people.
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: On an idea of John Savard
Date: Tue, 14 Nov 2000 15:58:04 +0100
David Schwartz wrote:
>
> Mok-Kong Shen wrote:
> >
> > In context of multiple encryption one is generally
> > considering purposedly ciphers of different natures
> > in order to avoid possible 'cancelling' effect.
>
> However, each of those individual ciphers is designed to have an
> avalanche affect. Their combination may or may not have such an affect.
It is my view that each cycle of a well-designed cipher
contributes to some diffusion effect. These cycles are
equivalent. Cycles of different ciphers do the same,
though maybe in different measure. The avalanche effect
gets enlarged when there are more rounds both in the
original cipher and in the compound cipher. Since the
ciphers are different, there is unlikely to be appreciable
'cancelling' effect, if any, in my view. Certainly, this
is no 'proof' at all. If you really don't like the idea,
you can still do multiple encryption in the commonly known
way via concatenation but permute the round keys in each
individual cipher, which should be very safe in general.
M. K. Shen
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Chimera ciphers (WAS Re: On an idea of John Savard)
Date: Tue, 14 Nov 2000 15:57:10 +0100
John Savard wrote:
>
[snip]
> I should have been clearer. Not counting the one-time pad, of course
> no cipher is immune to the brute-force attack.
>
> I mean simply that in current understanding, attacks we already know
> about, like differential and linear cryptanalysis, should seem
> hopelessly inapplicable.
Certainly many would disagree with me, but I have doubts
from principle grounds whether these 'hopelessly inapplicable'
attacks are VALID means to classify the ciphers in repect
of their suitability of usage in practice. An analogy would
be a person in the tropics buying clothes with the criteria
whether these are good for temperatures of -20 degrees C.
If he is ignorant of other criteria to choose among the
candidate costumes, it does NOT follow at all that he has
to use the criteria that he happens to know for an
environment that it totally irrelevant for him. For a
choice based on casting a die is evidently just as well,
if not likely to be much better, for his purpose at hand.
M. K. Shen
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: On an idea of John Savard
Date: Tue, 14 Nov 2000 15:58:18 +0100
Tom St Denis wrote:
>
> Mok-Kong Shen <[EMAIL PROTECTED]> wrote:
>
> > If you interleave two good ciphers I believe that the
> > result is certainly stronger than any single one.
>
> Why?
This comes from my view of a block cipher with n rounds
as a multiple encryption with n tiny individual ciphers.
It is then intuitively clear that n+m ciphers together
is stronger than n ciphers of one kind or m ciphers of
another. I certainly admit that this is no proof at all
but simply my intuition.
M. K. Shen
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: The ultimate cipher
Date: Tue, 14 Nov 2000 15:58:40 +0100
In discussion of a recent thread John Savard has propagated
an ideal goal in encryption: We should make a cipher such
that it is difficult for the opponent to even visualize where
to begin looking for an attack.
The opponent can, depending on the diverse prevailing attack
models, access or even choose plaintext and/or ciphertext.
In other words, he is not assumed to peek into the middle of
the algorithm when this is actually running. It natually
aspires (and in fact trivial) that the right means to realize
the above goal is to make the path from the input (plaintext)
to the output (ciphertext) as confounding to him as possible.
A viable global strategy I can see is the following:
Have a large number of components of different classes
that are each simple enough to be free of troubles due to
implementation bugs etc. The encryption is then a long
path consisting of a (key-dependent) number of nodes such
that at each node one of the applicable component is chosen
in key-dependent manner. This way, the opponent is like a
traveller who wants to go to a destination but has no clue
at all of the direction he should take at each intermediate
station of his journey. It is easy to see how fast the
combinatorics helps us to reduce his chance of success to
virtually zero. This means that the encryption algorithm
has to be organized in modules to be selected by the key
dynamically (the modules themselves have also parameters
that can be dynamically set). Of course, it is advantageous
not to have a statical mapping of the user-given key to the
algorithm (i.e. fixed at setup time) but to utilize the
informations obtained during the processing to further
influence the (dynamic) choice of the modules and their
parameters and even vary the number of nodes on the path
from plaintext to ciphertext. Thus the algorithm is in some
sense a 'living' organism instead of a totally static piece
of code of most of the block ciphers today that the opponent
can take time to devise effective means of analysis.
(Compare the big difficulty in medicine of combating against
influenza which stems from the fact that the virus mutate
in ways totally unknown.) Such a scheme would correspond to
a full application of the principle of variability that I
suggested sometime ago in this group.
To avoid misunderstanding, I like to stress that the above
is a general idea and is not limited to block encryption
schemes with a fixed block size.
M. K. Shen
==========================
http://home-t-online.de/home/mok-kong.shen
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: On an idea of John Savard
Date: Tue, 14 Nov 2000 15:58:29 +0100
Darren New wrote:
>
[snip]
> What would be the benefit to interleaving the rounds, versus just running
> the two encryptions in sequence?
There is at least a larger possibility of permuting the
rounds in a (key-dependent) manner that is unknown to the
opponent.
M. K. Shen
------------------------------
From: James Felling <[EMAIL PROTECTED]>
Crossposted-To: comp.security.misc
Subject: Re: "Secrets and Lies" at 50% off
Date: Tue, 14 Nov 2000 09:24:39 -0600
Paul Crowley wrote:
> James Felling wrote:
> > As to the snake oily ness of his product, while it does seem a little oily,
> > esp the tangle code as documentation, it also seems to do what it says it
> > would reasonably well. So if it is snake oil it is high grade snake oil. My
> > personal opinion is that it is not snake oil, just somewhat iffy and if it
> > were cleaned up and vetted I might just use it.
>
> Why would you use this rather than a system based on a peer-reviewed,
> well regarded encryption algorithm such as Rijndael?
I'd have to see how well the rest of the system in which Rijndael was embeded was
setup, but assuming the system passes a reasonable examination I'd use the
Rijndael based system.
>
>
> Either you have some extraordinary reason to believe good things about
> his program that I'm not privy to, or it's snake oil that you're almost
> prepared to drink. How did you conduct your security analysis of this
> program? I'm under the impression that no serious cryptanalysis of this
> algorithm has been attempted - am I mistaken?
There have been some attempts by list members to dig meaning out of the "code as
documentation" that is provided.
>
>
> This is a very odd assertion. I would certainly like to hear more about
> the reasoning behind it.
> --
I would not use it as a primary means of encoding-- perhaps a better way of saying
what I menat would have been "I might consider using it" or "I would use it as a
'toybox' cypher" . I feel that the methodology behind it ( based upon my readings
of the code) is basicly solid if wacky, and that there is some useful technique
burried in all that scramble code. Speedwise it is a bit on the slow side, which
hurts it, but my investigations thus far reveal little in the way of obvious
security holes. I would move it from the mental category "algo that smells
snakey" to "interesting algo ( ala mismash or TCn or PIKACHU or any of the
sci.crypt summer block cyphers)" -- I'd probably never use it or the other methods
to secure real data, but I might use them as "messing about" cyphers.
I feel that ScottXu is a good amateur cyphering method, achieves the goals it is
trying to achieve, and with documentation would be an interesting analisys/
thinking about security project.
>
> __
> \/ o\ [EMAIL PROTECTED]
> /\__/ http://www.cluefactory.org.uk/paul/
------------------------------
From: "Thomas J. Boschloo" <[EMAIL PROTECTED]>
Subject: Re: sci.crypt archive
Date: Tue, 14 Nov 2000 16:23:05 +0100
[EMAIL PROTECTED] wrote:
>
> Does anyone know where I can find an archive of sci.crypt postings from
> 1998-1999? The ftp sites listed in the FAQ only go up to 1997 as far as
> I can see, and deja.com only gives access to posts from sometime in 1999
> onwards.
I thought this at first too, but deja has older articles online. You
just have to include a date at the bottom of your form. If your search
turns up nothing, you are given the option to search in an older
database. Here is the link I use for deja:
<http://www.exit109.com/~jeremy/news/deja.html>
The FAQ for sci.crypt is however tremendiously out of date. I believe
not even the AES contest is mentioned and it probably hasn't got much on
SSL/SSH and no up-to-date books on crypto.
I was doing some searches on 'cypherpunks' and found an even older
sci.crypt FAQ from 1993 by Detweiler:
<http://www.cs.cmu.edu/afs/cs/project/theo-3/data/20_newsgroup/sci.crypt/15177>
Maybe the site's got more.
I noticed that David Wagner was once a cypherpunk too. I just love that.
If we had people like that in Holland, I would do my best to get
lectured by them. But even Belgium seems to be better on that :(
Regards to all you cypherpunks!,
Thomas
[BTW, before I get flamed, I see there is a project going on to update
the FAQ from 1994 a bit, but that anouncement is over a year old]
--
We live in the Matrix <http://www.whatisthematrix.com>
http://wwwkeys.pgp.net:11371/pks/lookup?op=get&search=0x225CA009
Email: boschloo_at_multiweb_dot_nl
------------------------------
From: Ariel Burbaickij <[EMAIL PROTECTED]>
Subject: Anyone has read / poses / is found of book by M.Schroeder(not the second
Date: Tue, 14 Nov 2000 16:31:32 +0100
In case anyone should .Give me a notice please . I have a question about his
way of arguing about
distribution of prime numbers.
Regards.
------------------------------
From: Ariel Burbaickij <[EMAIL PROTECTED]>
Subject: Re: The ultimate cipher
Date: Tue, 14 Nov 2000 16:34:36 +0100
Mok-Kong Shen wrote:
>
> In discussion of a recent thread John Savard has propagated
> an ideal goal in encryption: We should make a cipher such
> that it is difficult for the opponent to even visualize where
> to begin looking for an attack.
I guess it is one-time pad what you a looking about.
All texts are equal apt for choosing them as key.
Tough luck for cryptoanalytic.
------------------------------
From: "Bob Luking" <[EMAIL PROTECTED]>
Subject: Re: DES advice
Date: Tue, 14 Nov 2000 15:40:24 GMT
> Bob Luking wrote:
>
> > Unfortunately, the ciphertext is incorrect (according to FIPS 81).
Somehow,
> > my interpretation
> > of the DES specification is lacking...
>
> You may have confused the way the bits are numbered. At least, that's what
I
> did. Bit 1 is on the left and bit 32 is on the right. (Or was it so? ;))
Quite possibly. I am a hardware person by trade and we tend to think little
endian,
but I was aware of this and coded all buses in the style (1:64) rather than
(63:0).
I've found the rounds, so I should now be able to solve the problem...
Thanks,
Bob
[EMAIL PROTECTED]
------------------------------
From: James Felling <[EMAIL PROTECTED]>
Subject: Re: On an idea of John Savard
Date: Tue, 14 Nov 2000 09:42:50 -0600
Mok-Kong Shen wrote:
> Tom St Denis wrote:
> >
> > Mok-Kong Shen <[EMAIL PROTECTED]> wrote:
> >
> > > If you interleave two good ciphers I believe that the
> > > result is certainly stronger than any single one.
> >
> > Why?
>
> This comes from my view of a block cipher with n rounds
> as a multiple encryption with n tiny individual ciphers.
> It is then intuitively clear that n+m ciphers together
> is stronger than n ciphers of one kind or m ciphers of
> another. I certainly admit that this is no proof at all
> but simply my intuition.
>
> M. K. Shen
the question here is not if n rounds of cypher X plus m rounds of Y is
stronger than either alone. The question is if this combination is
stronger than (m+n) rounds of X or (m+n) rounds of Y. That is what we
are questioning.
------------------------------
From: Ariel Burbaickij <[EMAIL PROTECTED]>
Crossposted-To: alt.security,alt.2600,comp.security
Subject: Re: Black Market Internet Information - my visits and tradeshows
Date: Tue, 14 Nov 2000 16:43:11 +0100
"Markku J. Saarelainen" wrote:
>
> In many Internet tradeshows I have purposefully requests to purchase
> the customer and other traffic information from many backbone ISPs and
> domain name services / controllers. These requests have resulted in the
> following conclusion: In all cases people were willing to sell their
> customer and other traffic information. So if I can do it by myself
> alone, what can an intelligence agency such as the CIA, NSA, FBI,
> Mossad to do with their thousands of employees. My recommendation: The
> strongest possible encryption of all personal, official, business and
> other communications without implementing the NSA crackable AES
> (Advanced Encryption Standard). The reality: "Who wins the crypto war,
> wins the whole war."
>
> Markku
>
> P.S. Did you know that the CIA and Mossad have very close tie and share
> satellite and other intelligence information daily and very regularly.
Are sattelites under responsibility of CIA ?
I guess National Reconisance(or whatever it is first time I use this word
and I am not native speaker :)) ) Agency.
Besides many other agencies do the same . Photos for exchange are
preselected
by agency holding them before bid.
> In addition, the Jewish communicaty in the U.S.A. operates as a
> facilitator to enable improved Mossad intelligence activities. Did you
> also know that Mossad actually kills people.
I would be far more surpised if it would be involved and support some
charity and not for
profit organization.
In addition, when I made
> negative comments regarding to Jews in 1999 I was attacked by Jews and
> the U.S. Government.
Go to Bronx .Cry fucking negroes. Feel results.
Same holds for any community offended.
The U.S. Government seems to think that it has the
> greater responsibility to protect Jews than ordinary people.
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.
------------------------------
From: James Felling <[EMAIL PROTECTED]>
Subject: Re: Anyone done/doing Schneier's self-study cryptanalysis course?
Date: Tue, 14 Nov 2000 09:48:03 -0600
I would be interested in this as well.
------------------------------
From: [EMAIL PROTECTED] (Juergen Nieveler)
Subject: Re: The ultimate cipher
Date: 14 Nov 2000 15:56:37 GMT
[EMAIL PROTECTED] (Ariel Burbaickij) wrote:
> I guess it is one-time pad what you a looking about.
> All texts are equal apt for choosing them as key.
> Tough luck for cryptoanalytic.
Actually, I think choosing a text as key in a OTP system is a bad idea...
it isn't nearly as random as you would want.
Of course, cryptanalysing a system that uses a key as long as the plaintext
is hard even so...
--
Juergen Nieveler
Support the ban of Dihydrogen Monoxide: http://www.dhmo.org/
"The people united can never be ignited!"- Sgt. Colon, Ankh-Morpork Watch
PGP-Key available under www.netcologne.de/~nc-nievelju/
------------------------------
From: [EMAIL PROTECTED] (DJohn37050)
Date: 14 Nov 2000 16:00:09 GMT
Subject: Re: DSS/DSA and DH Parameters
Usually, a CA sets up a set of domain parameters to be used. The domain
parameters need to be trusted, if someone gives you a set, you need to have
assurance of their validity, for example, X9.42 has a domain parameter
validation routine specified.
Don Johnson
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
