Cryptography-Digest Digest #159, Volume #13 Tue, 14 Nov 00 18:13:01 EST
Contents:
Re: The SHAs (David Crick)
Re: The SHAs (David Crick)
Re: On an idea of John Savard (Mok-Kong Shen)
Re: The SHAs (David Crick)
Re: "Secrets and Lies" at 50% off (James Felling)
Re: On an idea of John Savard (James Felling)
Re: The ultimate cipher (James Felling)
Re: On an idea of John Savard (David Schwartz)
Easy Way To Financial Success (Gerry)
Re: Thoughts on the sci.crypt cipher contest (Paul Crowley)
----------------------------------------------------------------------------
From: David Crick <[EMAIL PROTECTED]>
Subject: Re: The SHAs
Date: Tue, 14 Nov 2000 22:29:35 +0000
[EMAIL PROTECTED] wrote:
>
> I have coded the three SHA algorithms (SHA256, SHA384, SHA512) in
> assembly language, and the programs perform properly on the NIST test
> files. Can anyone verify the results below on the file of 1,000,000
> 'a's?
> ---------
> M:\>sha256 abytes.1m
>
> 3903B510 4E2E785A 000FDFF8 9D6CEF49 F867B5B5 5276FA66 2064B15A 248F3EF8
>
> M:\>sha384 abytes.1m
>
> AC5D0302 132C906A 202B6CBD 175CC0AE 75DB16DD A37146D1 1EF70BB1 745677CD
> 952B53D5 10B3656F 1A3E80ED B742DB5D
>
> M:\>sha512 abytes.1m
>
> C247359F CCF33404 F0B5447C DD9B0A39 50A0D444 D3E8BF58 3733373B 21947B0C
> 6C8F4B69 F267E3FE 1ABBF083 CA1DD28E 43CD187C 45F098AF 0174D756 EE6F9904
There were three C programs written shortly after the new SHA specs
came out. It's these I'm testing your code against; I've downloaded
the assembly from your site (but see later).
The Sha256 code matches:
Yours:
CDC76E5C 9914FB92 81A1C7E2 84D73E67 F1809A48 A497200E 046D39CC C7112CD0
C ver:
cdc76e5c 9914fb92 81a1c7e2 84d73e67 f1809a48 a497200e 046d39cc c7112cd0
BUT THE ONE IN YOUR POST ABOVE IS DIFFERENT!
The Sha384.zip file I downloaded from your site was corrupt. However,
comparing what you posted:
> M:\>sha384 abytes.1m
>
> AC5D0302 132C906A 202B6CBD 175CC0AE 75DB16DD A37146D1 1EF70BB1 745677CD
> 952B53D5 10B3656F 1A3E80ED B742DB5D
C ver:
9d0e1809716474cb 086e834e310a4a1c ed149e9c00f24852 7972cec5704c2a5b
07b8b3dc38ecc4eb ae97ddd87f3d8985
These disagree.
As does the Sha512 output. Again, the .COM I extracted from
your site differs from what you posted too!
> M:\>sha512 abytes.1m
>
> C247359F CCF33404 F0B5447C DD9B0A39 50A0D444 D3E8BF58 3733373B 21947B0C
> 6C8F4B69 F267E3FE 1ABBF083 CA1DD28E 43CD187C 45F098AF 0174D756 EE6F9904
Yours:
28B21DE0 CA078958 18C3359A 799E471B 78CF0A3C 9166C4E6 16E40285 5E3131B0
F5AC5933 E20DBA9F 87288A79 063FA05B 76CA9A29 493F285D 204A88E7 419ADCBA
C Ver:
e718483d0ce76964 4e2e42c7bc15b463 8e1f98b13b204428 5632a803afa973eb
de0ff244877ea60a 4cb0432ce577c31b eb009c5c2c49aa2e 4eadb217ad8cc09b
Looks like all these results need looking at again!
--
+-------------------------------------------------------------------+
| David A Crick <[EMAIL PROTECTED]> PGP: (NOV-2000 KEY) 0x710254FA |
| Damon Hill Tribute Site: http://www.geocities.com/MotorCity/4236/ |
| M. Brundle Quotes: http://members.tripod.com/~vidcad/martin_b.htm |
+-------------------------------------------------------------------+
------------------------------
From: David Crick <[EMAIL PROTECTED]>
Subject: Re: The SHAs
Date: Tue, 14 Nov 2000 22:31:34 +0000
If it helps, the Sha-1 sum of the million-a file I'm using is:
milliona.txt: 34AA 973C D4C4 DAA4 F61E EB2B DBAD 2731 6534 016F
If someone can confirm this Sha-1 result then I know I've got a
good file to be testing against!
--
+-------------------------------------------------------------------+
| David A Crick <[EMAIL PROTECTED]> PGP: (NOV-2000 KEY) 0x710254FA |
| Damon Hill Tribute Site: http://www.geocities.com/MotorCity/4236/ |
| M. Brundle Quotes: http://members.tripod.com/~vidcad/martin_b.htm |
+-------------------------------------------------------------------+
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: On an idea of John Savard
Date: Tue, 14 Nov 2000 23:34:30 +0100
David Schwartz wrote:
>
> Mok-Kong Shen wrote:
>
> > If you increase a common block cipher from its standar
> > number of rounds to a higher number of rounds, do you
> > think that you would thereby weaken it?
>
> Perhaps. If, for example, one side was doing X rounds and the other
> side was doing X+1 rounds, there might be imaginable compromises.
I am afraid there is some misunderstanding between us.
What do you mean by 'side'? Do you mean the communication
partners? Of course they have to use the same algorithm.
If you mean that a DES-like cipher one round treats only
one half block, then one has to substitute 'cylce',
i.e. two rounds, for what I meant above, for e.g. a
17 round DES is not very good, though I suppose it
should still be stronger than the 16 round one.
M. K. Shen
------------------------------
From: David Crick <[EMAIL PROTECTED]>
Subject: Re: The SHAs
Date: Tue, 14 Nov 2000 22:37:16 +0000
David Crick wrote:
>
> If it helps, the Sha-1 sum of the million-a file I'm using is:
>
> milliona.txt: 34AA 973C D4C4 DAA4 F61E EB2B DBAD 2731 6534 016F
>
> If someone can confirm this Sha-1 result then I know I've got a
> good file to be testing against!
It matches the test vector given in (and the output of) Robert's
Sha-1 assembly implementation, so it looks like I've got the
right file to be testing against.
To confirm then, here are the results of those C implementations
on that million-a file:
cdc76e5c 9914fb92 81a1c7e2 84d73e67 f1809a48 a497200e 046d39cc c7112cd0
9d0e1809716474cb 086e834e310a4a1c ed149e9c00f24852 7972cec5704c2a5b
07b8b3dc38ecc4eb ae97ddd87f3d8985
e718483d0ce76964 4e2e42c7bc15b463 8e1f98b13b204428 5632a803afa973eb
de0ff244877ea60a 4cb0432ce577c31b eb009c5c2c49aa2e 4eadb217ad8cc09b
--
+-------------------------------------------------------------------+
| David A Crick <[EMAIL PROTECTED]> PGP: (NOV-2000 KEY) 0x710254FA |
| Damon Hill Tribute Site: http://www.geocities.com/MotorCity/4236/ |
| M. Brundle Quotes: http://members.tripod.com/~vidcad/martin_b.htm |
+-------------------------------------------------------------------+
------------------------------
From: James Felling <[EMAIL PROTECTED]>
Crossposted-To: comp.security.misc
Subject: Re: "Secrets and Lies" at 50% off
Date: Tue, 14 Nov 2000 16:38:24 -0600
Paul Crowley wrote:
> James Felling wrote:
> > I feel that the methodology behind it ( based upon my readings
> > of the code) is basicly solid if wacky, and that there is some useful technique
> > burried in all that scramble code. Speedwise it is a bit on the slow side, which
> > hurts it, but my investigations thus far reveal little in the way of obvious
> > security holes. I would move it from the mental category "algo that smells
> > snakey" to "interesting algo ( ala mismash or TCn or PIKACHU or any of the
> > sci.crypt summer block cyphers)" -- I'd probably never use it or the other methods
> > to secure real data, but I might use them as "messing about" cyphers.
>
> FWIW, given the choice between SCOTT19U and PIKACHU, I'd use the latter
> in a heartbeat.
> --
> __
> \/ o\ [EMAIL PROTECTED]
> /\__/ http://www.cluefactory.org.uk/paul/
I consider both of them to have not recieved enough analisys for me to form an opinion
one way or the other. I think Pikachu is far more elegant, and more analisys ready, but
neither is anything but a toybox cypher as of now.( given a few years things may
change,
but that is outside our conversation)
------------------------------
From: James Felling <[EMAIL PROTECTED]>
Subject: Re: On an idea of John Savard
Date: Tue, 14 Nov 2000 16:41:42 -0600
Mok-Kong Shen wrote:
> James Felling wrote:
> >
> > Mok-Kong Shen wrote:
> >
> > > Tom St Denis wrote:
> > > >
> > > > Mok-Kong Shen <[EMAIL PROTECTED]> wrote:
> > > >
> > > > > If you interleave two good ciphers I believe that the
> > > > > result is certainly stronger than any single one.
> > > >
> > > > Why?
> > >
> > > This comes from my view of a block cipher with n rounds
> > > as a multiple encryption with n tiny individual ciphers.
> > > It is then intuitively clear that n+m ciphers together
> > > is stronger than n ciphers of one kind or m ciphers of
> > > another. I certainly admit that this is no proof at all
> > > but simply my intuition.
> >
> > the question here is not if n rounds of cypher X plus m rounds of Y is
> > stronger than either alone. The question is if this combination is
> > stronger than (m+n) rounds of X or (m+n) rounds of Y. That is what we
> > are questioning.
>
> I certainly have no proof but I believe that it should be
> stronger than the minimum of the two. Note that bruteforce
> is practically infeasible anyway due to the unknown
> permutation of the rounds.
>
> M. K. Shen
I can accept that barring rare cases this compostion would be stronger than
the weaker of (m+n) round X and (m+n) round Y. But I still don't understand
why the stronger of those two is not prefered to a mix.
------------------------------
From: James Felling <[EMAIL PROTECTED]>
Subject: Re: The ultimate cipher
Date: Tue, 14 Nov 2000 16:46:07 -0600
The problem here is that without defined sub modules all that can be said is
may be, and should ,and similar vague murmurings. Spec something out, and
see what you get. My guess is that first off you will run into some issues
of speed( as keysetup is gonna be UGLY) and memory. Ignoring those you may
come up with something of interest.
------------------------------
From: David Schwartz <[EMAIL PROTECTED]>
Subject: Re: On an idea of John Savard
Date: Tue, 14 Nov 2000 14:45:01 -0800
Mok-Kong Shen wrote:
>
> David Schwartz wrote:
> >
> > Mok-Kong Shen wrote:
> >
> > > If you increase a common block cipher from its standar
> > > number of rounds to a higher number of rounds, do you
> > > think that you would thereby weaken it?
> >
> > Perhaps. If, for example, one side was doing X rounds and the other
> > side was doing X+1 rounds, there might be imaginable compromises.
>
> I am afraid there is some misunderstanding between us.
> What do you mean by 'side'? Do you mean the communication
> partners? Of course they have to use the same algorithm.
Right, the two sides have to use the same algorithm. That means the
number of rounds must be chosen in advance.
> If you mean that a DES-like cipher one round treats only
> one half block, then one has to substitute 'cylce',
> i.e. two rounds, for what I meant above, for e.g. a
> 17 round DES is not very good, though I suppose it
> should still be stronger than the 16 round one.
No, I'm saying that if you create a cipher where the number of rounds
is negotiable, you need a secure negotiation protocol. If you're
creating a cipher where the number of rounds must be chosen in advance,
then you might as well just choose a number.
DS
------------------------------
From: Gerry <[EMAIL PROTECTED]>
Subject: Easy Way To Financial Success
Date: Tue, 14 Nov 2000 19:06:53 -0330
READING THIS COULD CHANGE YOUR LIFE!!!
I found this on a bulletin board and decided to try it. A little while
back,
I was browsing through newsgroups and came across an article similar to
this
that said you could make thousands of dollars within weeks with only an
initial investment of $6.00! So I thought, "Yeah right, this must be a
scam", but like most of us, I was curious, so I kept reading. Anyway, it
said that you send $1.00 to each of the 6 names and addresses stated in
the
article. You then place your name and address in the bottom of the list
at
#6, and post the article in at least 200 newsgroups. (There are
thousands)
No catch, that was it. So after thinking it over, and talking to a few
people first, I thought about trying it. I figured: "what have I got to
lose
except 6 stamps and $6.00, right?" Then I invested the measly $6.00.
Well
GUESS WHAT!!... within 7 days, I started getting money in the mail! I
was
shocked?
I figured it would end soon, but the money just kept coming in. In my
first
week, I made about $25.00. By the end of the second week I had made a
total
of over $1,000.00! In the third week I had over $10,000.00 and it's
still
growing. This is now my fourth week and I have made a
total of just over $42,000.00 and it's still coming in rapidly. It's
certainly worth $6.00, and 6 stamps, I have spent more than that on the
lottery!! Let me tell you how this works and most importantly, why it
works... Also, make sure you print a copy of this article NOW, so you
can get the information off of it, as you need it. I promise you that if
you
follow the directions exactly, that you will start making more money
that
you thought possible by doing something so easy! Suggestion: Read this
entire message carefully! (print it out or download it.) Follow the
simple
directions and watch the money come in! It's easy. It's legal. And, your
investment is only $6.00 (plus postage). IMPORTANT: This is not a
rip-off;
it is not indecent; it is not illegal; and it is virtually no risk - it
really works!!! If all of the following instructions are adhered to, you
will receive extraordinary dividends.
PLEASE NOTE: Please follow these directions EXACTLY, and $50,000 or more
can
be yours in 20 to 60 days. This program remains successful because of
the
honesty and integrity of the participants. Please continue its success
by
carefully adhering to the instructions. You will now become part of the
Mail
Order business. In this business your product is not solid and tangible,
it's a service. You are in the business of developing Mailing Lists.
Many
large corporations are happy to pay big bucks for quality lists.
However,
the money made from the mailing lists is secondary to the income, which
is
made from people like you and me
asking to be included in that list. Here are the 4 easy steps to
success:
STEP 1:
Get 6 separate pieces of paper and write the following on each piece of
paper "PLEASE PUT ME ON YOUR MAILING LIST." Now get 6 US $1.00 bills and
place ONE inside EACH of the 6 pieces of paper so the bill will not be
seen
through the envelope (to prevent thievery). Next,
place one paper in each of the 6 envelopes and seal them. You should now
have 6 sealed envelopes, each with a piece of paper stating the above
phrase, your name and address, and a $1.00 bill. What you are doing is
creating a service. This is absolutely legal? You are requesting a
legitimate service and you are paying for it! Like most of us I was a
little
skeptical and a little worried about the legal aspects of it all. So I
checked it out with the U.S. Post Office (1-800-725-2161) and they
confirmed
that it is indeed legal! Mail the 6 envelopes to the following
addresses:
1) M. Treat, 617 Carpenter, Jacksonville, AR. 72076, USA
2) C. Koibita, 6400 West Boulevard #222, Los Angeles, CA 90043, USA
3) Ed Gaio, 1675 East Main St. #330 Kent, OH 44240, USA
4) Sarah Little #208 1676 W.11th Ave, Vancouver BC,V6J 2B9, Canada
5) John Hassell AMB 1299, 1112 Weston Road / PMB 300, Fort Lauderdale,
Fl
33326
6) Gerard Knight 46 Nfld. Dr. St. John's, NF A1A 3E8 Canada
Step 2:
Now take the #1 name off the list that you see above, move the other
names
up (6 becomes 5, 5 becomes 4, etc....) and add YOUR name as number 6 on
the
list.
STEP 3: C
Change anything you need to, but try to keep this article as close to
the
original as possible. Now, post your amended article to at least 200
newsgroups. (I think there are close to
24,000 groups.) All you need is 200, but remember, the more you post,
the
more money you make! This is perfectly legal! If you have any doubts,
refer
to Title 18 Sec. 1302 & 1241 of the Postal lottery laws. Keep a copy of
these steps for yourself and, whenever you need money,
you can use it again, and again. PLEASE REMEMBER that this program
remains
successful because of the honesty and integrity of the participants and
by
their carefully adhering to the directions. Look at it this way, if you
are
of integrity, the program will continue and the
money that so many others have received will come your way, too. NOTE:
You
may want to retain every name and address sent to you, either on a
computer
or hard copy and keep the notes people send you.
This VERIFIES that you are truly providing a service. (Also, it might be
a
good idea to wrap the $1 bill in dark paper to reduce the risk of mail
theft.) So, as each post is downloaded and the directions carefully
followed, six members will be reimbursed for their participation as a
List
Developer with one dollar each. Your name will move up the list
geometrically so that when your name reached the #1 position you will be
receiving thousands of dollars in CASH!!! What an opportunity for only
$6.00
($1.00 for each of the first six people listed above). Send it now, add
your
own name to the list and you're in business!
DIRECTIONS FOR HOW TO POST TO NEWSGROUPS
STEP 1:
You do not need to re-type letter to your own posting. Simply put your
cursor at the beginning of this letter and drag your cursor to the
bottom of
this document, and select 'copy' from the edit menu. This will copy the
entire letter into the computer's memory.
STEP 2:
Open a blank 'notepad' file and place your cursor at the top of the
blank
page. From the 'edit' menu select 'PASTE'. This will paste a copy of the
letter into notepad so that you can add your name to the bottom of the
list
and to change the numbers of the list.
STEP 3:
Save your new notepad file as a ".text" file. If you want to do your
postings in different settings, you'll always have this file to go back
to.
STEP 4:
Use Netscape or Internet Explorer and try search for various newsgroups
(on-line forums, message boards, chat sites, discussions).
STEP 5:
Visit these message boards and post this article as a new message by
highlighting the text of this letter and selecting 'PASTE' from the edit
menu. Fill in the Subject, this will be the header that everyone sees as
they scroll through the list of postings in a particular group, click
the post message button. You're done with your first one!
Congratulations... That is it! All you have to do is jump to different
newsgroups and post away, after you get the hang of it, it will take
about
30 seconds for each newsgroup! ** REMEMBER, THE MORE NEWSGROUPS YOU POST
IN,
THE MORE MONEY YOU WILL MAKE!! BUT YOU HAVE TO POST A MINIMUM OF 200**
That
is it! You will begin receiving money form around the world within days!
You
may eventually want to rent a P.O. Box due to
the large amount of mail you will receive. If you wish to stay
anonymous,
you can invent a name to use, as long as the postman will deliver it.
**JUST
MAKE SURE ALL THE ADDRESSES ARE CORRECT. ** Now the WHY part: Out of 200
postings, say I receive only 5 replies (a very low example). So then I
made
$5.00 with my name at #6 on the letter. Now,
each of the 5 persons who just sent me $1.00 make the MINIMUM 200
postings,
each with my name at #5 and only 5 persons respond to each of the
original
5, this is an additional $25.00 for me. Now those 25 each make 200
MININUM
posts with my name at #4 and only 5 replies each. This brings in an
additional $125.00. Now, those 125 persons turn around and
post the MINIMUM 200 with my name at #3 and receive 5 replies each, I
will
make an additional $625.00. Ok, now here is the fun part, each of those
625
people post a MINIMUM 200 letters with my name at #2 and they receive 5
replies each. That just made me $3,125.00!!! Those 3,125 persons will
all
deliver this message to 200 newsgroups with my name at #1 and if still 5
persons per 200 react, I will receive an additional $15,625.00!! With an
investment of only $6.00! AMAZING! When your name is no longer on the
list,
you just take the latest posting in the newsgroups, and send out another
$6.00 to names on the list, putting your name at number 6 again. And
start
posting again. The thing to remember is: do you realize that thousands
of
people all over the world are joining the internet and reading these
articles everyday? JUST LIKE YOU are now!! So, can you afford $6.00 and
see
if it really works?? I think so...People have said, "what if the plan is
played out and no one
sends you the money? So what! What are the chances of that Happening
when
there are tons of new honest users and new honest people who are joining
the
internet and newsgroups everyday and are willing to give it a try?
Anyway,
it is only $6.00 for a chance at thousands. Estimates are at 20,000 to
50,000 new users, every day, with thousands of those
joining the actual internet. Remember, play FAIRLY and HONESTLY and this
will really work. You wouldn't want someone to cheat you the same way
you
may be cheating!
------------------------------
From: Paul Crowley <[EMAIL PROTECTED]>
Subject: Re: Thoughts on the sci.crypt cipher contest
Date: Tue, 14 Nov 2000 22:54:36 GMT
Paul Pires wrote:
> What would be interesting from a large block size standpoint?
> Are we talking 8x (512bits) or x^2? Any interesting points
> along the way?
For disk encryption the important thing is the 4096-bit block size. The
other tricky consideration is that you need not just one random
permutation for each key, but a whole family, one for each sector of the
disk. You could use incrementing keys across the disk, but only if you
can achieve truly outstanding key agility.
A truly variable size block cipher, applicable to 1 or a million bits,
would be a useful primitive to have though. Note that if the key
agility is good (or the cipher accepts a "spice" or randomiser alongside
the key) then a 1-bit block cipher could be useful under some
circumstances.
> New stream cipher ideas would be worthwhile
> but aren't they harder to analyze?
I guess. Partly I wish there was more analysis and discussion of stream
ciphers designed to be efficient in software, designed using the lessons
from block cipher cryptanalysis, and I hoped sci.crypt could have fun
getting the ball rolling. There are sometimes equivalent ways of
weakening stream ciphers; RC4, for example, has obvious variants on the
size of the output word (8 bits in full RC4). But you're right, the
lack of an obvious family of variants of varying strength to attack
could be a serious problem.
--
__
\/ o\ [EMAIL PROTECTED]
/\__/ http://www.cluefactory.org.uk/paul/
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
