Cryptography-Digest Digest #306, Volume #13 Mon, 11 Dec 00 11:13:01 EST
Contents:
Re: breaking rsa knowing the original text ("Jakob Jonsson")
Re: EDDF: the intended audience (Roger Schlafly)
Re: 3D-Now any good? (Paul Rubin)
Re: [globera announcement 2] Professional support for Crypto++ available (Mok-Kong
Shen)
Re: 3D-Now any good? (Tom St Denis)
important programming languages (Tuomas Pellonpera)
Re: Encrypting messages in images?? (David Minodier)
Re: important programming languages (Niklas Frykholm)
binary vs. text w/ regard to digital signatures (denis bider)
Bilderbergs --- see also who are there from Finland ... these are people who have
sold Finland out .... of course Henry Kissinger and Bill Clinton have been in
Bilderbergs too (Markku J. Saarelainen)
Re: important programming languages (Bob Silverman)
Re: important programming languages (Mok-Kong Shen)
Re: Modular Arithmetic (Bob Silverman)
Re: weten we die PIN? (David Dylan)
Re: A challenge ([EMAIL PROTECTED])
----------------------------------------------------------------------------
From: "Jakob Jonsson" <[EMAIL PROTECTED]>
Subject: Re: breaking rsa knowing the original text
Date: Mon, 11 Dec 2000 11:37:32 +0100
"Bryan Olson" <[EMAIL PROTECTED]> skrev i meddelandet
news:90p4r0$8d4$[EMAIL PROTECTED]...
> [EMAIL PROTECTED] wrote:
>
> > Hi, I'm trying to figure out if it is much simpler to
> > break RSA knowing the original text and the encrypted text.
> > I mean, if some knows the original and the encrypted data
> > how easy will be to get the key ??
>
> Giving an attacker ciphertext with corresponding
> plaintext will not help him recover the RSA key. It's
> a public key cipher so he can create all the plaintext/
> ciphertext pairs he wants.
He can create *as many* plaintext/ciphertext pairs as he wants but not *all*
plaintext/ciphertext pairs he wants. Namely, he may want to know the
decryption of a particular ciphertext C -- this requires that he actually
knows how to decrypt it or that he is able to ask someone to decrypt it for
him.
This subtle difference is important; there was a chosen-ciphertext attack
against the public-key algorithm NTRU at the CRYPTO 2000 conference
(Jaulmes/Joux): If the adversary is able to ask an "oracle" for the
decryption of ciphertexts chosen by himself, then he can find the key with a
high probability (given that he chooses the ciphertexts in a clever way).
Without the oracle, the task of finding the key would be much harder for the
adversary.
To protect against chosen-ciphertext attacks, one may apply a randomized
encoding algorithm to the message before applying the public-key encryption
algorithm to it. For example, when encrypting a message with RSA, the
encoding method OAEP is normally used. NTRU can be protected with similar
methods (though not with OAEP).
Jakob
------------------------------
From: Roger Schlafly <[EMAIL PROTECTED]>
Subject: Re: EDDF: the intended audience
Date: Mon, 11 Dec 2000 02:52:54 -0800
Benjamin Goldberg wrote:
> > > I think you will agree that, ignoring the human-readability
> > > argument, having a text-based format only brings a bunch of problems
> > > and not much else.
> > No.
>
> One occasional disadvantage with some text based formats is that the
> parser might be sensitive to the difference between LF or CRLF. A
> person who sees that a file is text will tend to automatically send it
> as ascii, not binary, without thinking. This causes problems.
>
> If a person sees that a file is binary, then there is no question that
> he'll send it as binary (unless he's stoopid).
Yes, that's a problem, but if that's the only one then a signature
algorithm could just automatically translate to some standardized
newline coding.
There are other problems, such as loading into a text editor,
letting it word wrap or expand tabs, and saving it. But I don't
think that these reasons are sufficient to switch to some goofy
binary format.
------------------------------
From: Paul Rubin <[EMAIL PROTECTED]>
Subject: Re: 3D-Now any good?
Date: 11 Dec 2000 03:41:47 -0800
3dnow is almost certainly useless for computing RSA.
SSE2 has an outside chance of being useful.
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: [globera announcement 2] Professional support for Crypto++ available
Date: Mon, 11 Dec 2000 12:52:48 +0100
Tom St Denis wrote:
>
> [EMAIL PROTECTED] wrote:
> > IMHO the announcement was perfectly reasonable, on-topic, and not
> spam.
> > Although I have no evidence, positive or negative, about the
> competence
> > of this particular company, in general professional support for open-
> source
> > crypto libraries is something to be encouraged, and is likely to be of
> > interest to a fair proportion of the readers of this group. At least
> > they've chosen a well-designed library to support.
> >
> > Even if the article had been spam, quoting it in full and adding a
> single
> > line saying that it is spam in your opinion, is simply annoying, and
> not
> > at all helpful.
>
> Not to drag this on forever (I respect that you have different views)
> but unwarranted solicitation of services is SPAM. I do not remember
> anyone specifically asking for "customer service". If they want to do
> us a favour they should offer free services for the hobbiest.
It is my humble opinion that we could have, at least tolerate,
some limited (i.e. not excessive, again and again from the
same source) amount of concise informations about the products
and business that the crypto companies are doing, if we are
not to loose sight of the practical side of crypto and dwell
entirely in a 'theoretical' world. On the other hand, it is
very desirable always to strive to keep the signal/noise ratio
high 'in general' (i.e. for all kinds of posts, whether
related to commerce or not).
M. K. Shen
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: 3D-Now any good?
Date: Mon, 11 Dec 2000 12:40:14 GMT
In article <8T0Z5.1611$[EMAIL PROTECTED]>,
"Michael Brown" <[EMAIL PROTECTED]> wrote:
> Hi there,
>
> I was wondering if anyone had tried implementing RSA using 3D-Now? If
so,
> did it work well?
In case you didn't know, the 3d-now instruction set is for vector
floating point operations. It's much faster and easier todo bignum
calcs using scalar integers (or if you are clever vector integer I
suppose).
Either case 3d-now is not usefull for bignum math thus not usefull for
RSA.
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Tuomas Pellonpera <[EMAIL PROTECTED]>
Subject: important programming languages
Date: Mon, 11 Dec 2000 13:11:26 GMT
Hi!
I found out that at the end of last February there was a rather lengthy
(50 articles or so) discussion about 'the best programming language for
encryption'. However, as some questions remained unanswered to me, and
as I have just joined this group, I dare pose them now.
To begin with, I got interested in programming thanks to Eric S.
Raymond's aricle 'How to become a hacker' (= wizard programmer). He
recommends these languages: C/C++, Python, Perl, Java and LISP. As my
main area of interest is cryptography, I have tried to select languages
that would offer a steady basis for writing and developing encryption
programs (last February's discussion on the subject helped me). They are
(not in order of importance):
1. C
2. Java
3. Perl
4. Assembler
My questions are:
1.) Would you agree that these language are, not the only right and best
ones, but ones that offer a solid background for encryption?
2.) Would it be useful to know both C and C++?
3.) How widely used (in encryption) are Perl and especially Assembler?
4.) Can Python be used in encryption? If so, IS it being used, too? :)
5.) Did I miss an important language? (I will be switching to Linux so
Visual Basic, for example, is out of the question.)
A HUGE thank you for your help! I hope to be able to pay it back some
day.
Best wishes,
Tuomas
--
// tuope()
BENE VIXIT QUI BENE LATUIT
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: David Minodier <[EMAIL PROTECTED]>
Crossposted-To: comp.security.misc,alt.2600.hacker,alt.security
Subject: Re: Encrypting messages in images??
Date: Mon, 11 Dec 2000 13:59:57 +0100
[EMAIL PROTECTED] wrote:
> I saw this on a documentary on my plane flight and I cant
>
> find my notes on it.
>
> A model created a method of embedding messages (like PGP)
>
> inside an image so its not obvious the message is encrypted.
>
> I remember she is from England and posed nude earlier in her
>
> career and she invented this technique I believe.
>
> Does anyone have any ideas who she is or where I can
>
> find her software, etc.........
>
> thanks in advance!!!!
>
> george
>
> ====================From the mind of George Lewycky==========
>
> http://georgenet.net
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.
Have a look at:
http://www.innovatools.com/software/isecrets/index.htm
You actually hide some text into an image file and encode your text
with a 5 characters key
(free download version). Can be quite useful !!!
david.
------------------------------
From: [EMAIL PROTECTED] (Niklas Frykholm)
Subject: Re: important programming languages
Date: 11 Dec 2000 14:01:03 GMT
On Mon, 11 Dec 2000 13:11:26 GMT, Tuomas Pellonpera <[EMAIL PROTECTED]> wrote:
> 1. C
> 2. Java
> 3. Perl
> 4. Assembler
>
>My questions are:
>1.) Would you agree that these language are, not the only right and best
>ones, but ones that offer a solid background for encryption?
These are good languages to know. But there are many things that are
more important than programming languages when it comes to understanding
cryptography. I would start with learning one language and spend
the rest of the time learning about math, cryptography, protocols and
security vulnerabilities.
It is a bit unclear from your message whether you are interested in
implementing low level encryption algorithms or in building high level
security applications using cryptographic library functions. If the
case is the first, I would suggest you go with C. It is as close to
a lingua franca as you can get and gives you reasonable speed.
If you are more interested in building applications, then the language
doesn't really matter from a cryptographic viewpoint. There are
crypto libraries for most languages. Other factors determine which
language is best, you may want to ask the question in another
newsgroup.
>2.) Would it be useful to know both C and C++?
No, there's no point in learning C++ for doing cryptography.
(But if you are more interested in building applications, C++ will be
useful to know.)
>3.) How widely used (in encryption) are Perl and especially Assembler?
Perl is slow and is not very useful for low level work. It can be
useful for prototyping and for building applications.
Assembler is used to get the best speed out of an algorithm. It is good
to know a little assembler since it helps you estimate how fast an
encryption algorithm will run. Most algorithms are (eventually)
implemented in assember, but this is usually done be people who are
more interested in assembler than in encryption.
>4.) Can Python be used in encryption? If so, IS it being used, too? :)
Python falls in the same category as Perl. Python's advantage is that it
is much easier to learn. The disadvantage is that it is harder to
find good third-party modules. Still, I would learn Python before
learning Perl.
// Niklas
------------------------------
From: [EMAIL PROTECTED] (denis bider)
Subject: binary vs. text w/ regard to digital signatures
Date: Mon, 11 Dec 2000 14:44:06 GMT
On Mon, 11 Dec 2000 02:52:54 -0800, Roger Schlafly
<[EMAIL PROTECTED]> wrote:
>> One occasional disadvantage with some text based formats is that the
>> parser might be sensitive to the difference between LF or CRLF. A
>Yes, that's a problem, but if that's the only one then a signature
>algorithm could just automatically translate to some standardized
>newline coding.
OK... The LF/CRLF issue could hardly be considered a problem as far as
problems with text-based formats go. :-)
I am listing a few real problems off the top of my head:
(1) Whitespace in general.
In XML, the sequence:
<Element>content</Element> <A> blah </A>
is semantically equivalent to
<Element> content </Element>
<A>blah</A>
When an XML document is transferred through an application, it is
completely legal for whitespace to change as in this example.
EDDF solves this by being a binary format. There is no whitespace.
(2) Escape sequences.
Some characters cannot be used in XML in their raw form since they are
XML delimiters. Hence, XML provides escape sequences in which you are
free to use such characters. But unfortunately, XML provides multiple
ways to do it - to represent the string "abc<defg" you can either use
"abc<defg" or you can enclose the whole string in a CDATA escape
sequence.
Hence, the following sequence:
<Element> abc<defg
</Element>
is semantically equivalent to
<Element> <![CDATA[abc<defg]]> </Element>
EDDF solves this by being a binary format. It uses content length
instead of delimiters; hence, no need for escape sequences.
(3) Encoding of national characters.
The same XML document may validly appear in any conceivable encoding;
UTF-8, UTF-16, ISO-8859-2, EUC-JP, you name it. Most national
characters will be encoded differently in one encoding than in
another.
Hence, if you want to compare two XML documents, you have to know the
character encodings of BOTH documents.
EDDF uses canonical UTF-8 for all character data. Such a UTF-8 string
is equal to another UTF-8 string when the encodings are equal. No
dilemma.
(4) Binary data.
How are you going to include binary data in an XML document?
There are two widespread ways to do it: HEX and Base64 encoding.
This means that the following sequence:
<Element encoding="hex">
XXXXXXXX
</Element>
is semantically equivalent to
<Element encoding="base64">YYYYYY</Element>
EDDF is a binary format and has no difficulties with binary data. The
parser can literally paste binary data in an EDDF document; there is
no need for conversions.
(5) Encoding of values.
The sequence:
<Element>1024.10</Element>
is equivalent to
<Element>
1024.100000
</Element>
EDDF specifies a canonical (binary) form for the encoding of numeric
values.
(6) ...
and so on.
I think you can see that comparing two XML documents is not a trivial
task. A complex bunch of rules is required to handle comparisons
between XML documents. Yes, these rules have been defined and in the
near future, they will be implemented in conforming XML parsers. But
technically, the whole thing is rather awkward. As far as security is
concerned, choosing a text-based format was the wrong decision.
EDDF has been designed to provide all the functionality of XML, plus
the ability to compare two documents on a binary basis. If their
encodings are equal, the documents are equal.
Regards,
denis
------------------------------
From: Markku J. Saarelainen <[EMAIL PROTECTED]>
Crossposted-To: alt.security,comp.security
Subject: Bilderbergs --- see also who are there from Finland ... these are people who
have sold Finland out .... of course Henry Kissinger and Bill Clinton have been in
Bilderbergs too
Date: Mon, 11 Dec 2000 14:59:04 GMT
http://ourworld.compuserve.com/homepages/grattan_healy/Bild-az-tab.html
Ahlström, Krister, President and CEO, Ahlström Group
Aho, Esko, Prime Minister
Ahtisaari, Martti President of the Republic of Finland
Ehrnrooth, Georg, President and CEO Metra Corporation
Erkko, Aatos, Publisher, Helsingin Sanomat
Hämäläinen, Sirkka, Chairman of the Board, Bank of Finland
Harmaia, Jukka, CEO, Enzo Gutzeit Oy,
Ihamoutila, Jaakko, Chairman of the Board, Neste
Iloniemi, Jaakko. MD, Centre for Finnish Bus & Policy
Jakobson, Max, Consultant; Former Ambassador to the UN and Sweden
Köhler, Jarl, President Finnish Forest Industries
Koroma, Johannes, Director General, Finnish Industry
Liikanen, Erkki - Member of the European Commission
Lipponen, Paavo - Prime Minister
Mattsson, Bjorn, CEO Cultor, Ltd.
Niinisto, Sauli V. Minister of Finance.
Ollila, Jorma, Chairman and CEO, Nokia Corporation.
Sundqvist, Ulf L, Chair, Social Democratic Party
Suominen, Ilkka, Minister of Trade and Industry
Vanhala, Matti - Chairman of the Board, Bank of Finland
Vartia, Pentti - Managing Director, Research Institute of the Finnish
Economy (ETLA).
Virkkunen, Janne - Senior Editor in Chief, Helsingin Sanomat
Voutilainen, Pertti - Primerita Bank
Wendt, Gerhard MH, President, Kone Corporation
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Bob Silverman <[EMAIL PROTECTED]>
Subject: Re: important programming languages
Date: Mon, 11 Dec 2000 14:56:47 GMT
In article <912jps$5vr$[EMAIL PROTECTED]>,
Tuomas Pellonpera <[EMAIL PROTECTED]> wrote:
> Hi!
>
> I found out that at the end of last February there was a rather
lengthy
> (50 articles or so) discussion about 'the best programming language
for
> encryption'.
And the discussion was nonsensical and irrelevent. Just as it is
now.
>However, as some questions remained unanswered to me, and
> as I have just joined this group, I dare pose them now.
>
> To begin with, I got interested in programming thanks to Eric S.
> Raymond's aricle 'How to become a hacker' (= wizard programmer). He
> recommends these languages: C/C++, Python, Perl, Java and LISP. As my
> main area of interest is cryptography, I have tried to select
languages
> that would offer a steady basis for writing and developing encryption
> programs (last February's discussion on the subject helped me). They
are
> (not in order of importance):
> 1. C
> 2. Java
> 3. Perl
> 4. Assembler
>
> My questions are:
> 1.) Would you agree that these language are, not the only right and
best
> ones, but ones that offer a solid background for encryption?
This entire discussion is "wrong-headed". Allow me to quote a
colleague: "It is possible to write Fortran in any language".
There is really only one language that matters for encryption:
assembler.
This is for reasons of efficiency and speed. What wrapper one choses
to place around the assembly code really doesn't matter. Use whatever
you feel comfortable with.
There is no language that is "best". Especially since "best" would imply
that there is a metric for comparing languages. I have never seen such
a metric and would be highly suspicious of a purported one.
My recommendation to become a "wizard crypto programmer"???
Learn the MATH, learn about computer ARCHITECTURE, and learn how to
efficiently map different algorithms onto different CPU's.
Without a SOLID understanding of the math, you will NEVER be able to
write truly optimized crypto code.
--
Bob Silverman
"You can lead a horse's ass to knowledge, but you can't make him think"
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: important programming languages
Date: Mon, 11 Dec 2000 16:15:57 +0100
Tuomas Pellonpera wrote:
> To begin with, I got interested in programming thanks to Eric S.
> Raymond's aricle 'How to become a hacker' (= wizard programmer). He
> recommends these languages: C/C++, Python, Perl, Java and LISP. As my
> main area of interest is cryptography, I have tried to select languages
> that would offer a steady basis for writing and developing encryption
> programs (last February's discussion on the subject helped me). They are
> (not in order of importance):
> 1. C
> 2. Java
> 3. Perl
> 4. Assembler
There is an article in IEEE Computer Oct 2000 on an emprical
comparison of seven PLs which you might be interested to
read. But everyone has his pet PL and the article covers
only a subset of the interesting PLs. If you start to learn
programming, then I suggest that you don't start with
assembler and learn it only later when you desperately
want to squeeze everything out of your processor.
M. K. Shen
------------------------------
From: Bob Silverman <[EMAIL PROTECTED]>
Subject: Re: Modular Arithmetic
Date: Mon, 11 Dec 2000 15:08:24 GMT
In article <[EMAIL PROTECTED]>,
"Paul Pires" <[EMAIL PROTECTED]> wrote:
> > I find myself figuring out its rules and properties by experiment
> > because there doesn't seem to be any 'complete' description of it
> > anywhere.
<snip>
.
>
> Try "Remainder" as in:
>
> 10/7 = 1 remainder 3
>
> It just yeilds the remainder after the interger multiples have
> been divided out. If you are looking at code, watch for shortcuts.
> in C.
This is not a flame, so please don't take it as such.
Your definition of 'mod' as a 'remainder' function is both wrong
and misleading. And I hear it all the time.
(1) You assume that the remainder is always positive. In many instances
it makes more sense to use a balanced representation of the integers
mod p [i.e. the ints from -(p+1)/2 to +(p-1)/2 rather than from
0 to p-1. Note that the average absolute value is smaller in the first
case I mentioned]
(1a) If one insists on only using positive remainder, it is hard to
understand that -11 = -4 = 3 = 10 = 17 = ..... mod 7. These
are all equivalent (hence mod as an equivalence relation).
(2) It is necessary to consider mod as an equivalence relation to fully
understand the Chinese Remainder Theorem.
(3) In order to be able to READ about cryptography, one needs a firm
grasp of number theory. You won't be able to understand questions
such as "when does -1 have a square root mod p' and other questions
involving residues and reciprocity if you only believe that 'mod'
returns a positive answer.
I suggest consulting a good book on elementary number theory and
FORGETTING about so-called 'computer-based' definitions of 'mod'.
--
Bob Silverman
"You can lead a horse's ass to knowledge, but you can't make him think"
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED] (David Dylan)
Crossposted-To:
alt.cracks.nl,alt.nl.telebankieren,nl.comp.crypt,nl.financieel.bankieren,nl.juridisch
Subject: Re: weten we die PIN?
Date: Mon, 11 Dec 2000 15:34:59 GMT
On Sat, 09 Dec 2000 01:54:51 +0100, Olaf Biemond <[EMAIL PROTECTED]>
wrote:
Hoi hoi,
>sprake van medewerking van mensen binnen de bank. Zoals je noemde een
>lijntje aftappen en er dan iets mee doen is vrijwel ondoenlijk en zeker
>niet rendabel (te veel moeite voor te weinig opbrengst).
[grin] Yup, ik krijg alleen de kriebels als mensen beweren dat iets
"veilig" is. Niks is veilig, alles is relatief, etc.
Groetz.
DD.
--
Kijk eens op mijn community site:
http://www.grep.nu/beleggers
Of op mijn persoonlijke site:
http://www.xs4all.nl/~nobeard
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: A challenge
Date: Mon, 11 Dec 2000 15:36:22 GMT
In article <9121pi$csf$[EMAIL PROTECTED]>,
> I think this is a quite good exercise, at least if the students (or
> whatever they are) have some cryptographic experience in advance (but
> don't expect them to break it within an hour unless they are
> particularly clever).
That's actually a growing concern. I may have made the code a little
too difficult to crack for the target audience.
The ultimate curse of writing something designed to be broken. The
solution is "obvious" when you know the answer, but it's a total pain
in the tail when you don't.
> By the way, there seem to be plenty of errors in the ciphertext:
>
> [ cyphertext removed ]
>
> (Or I may have misinterpreted something...) Are those errors
> deliberate? They make the cryptanalysis a bit harder, but they
> certainly give the cipher a flavor of authenticity.
Doubled letters have a special rule associated with them. 8)
The document was encrypted with a small script, so barring any bugs,
there aren't any errors in the document (the whole thing is around 50+
pages). The random sections I checked were correct, but if you could
email me your translation I'll read through it to make sure everything
is on the up and up.
> A suitable hint for students who get stuck: Tell them to guess the
> meaning of obk and ive and ask them to find the correct way of
> decrypting these words. They can check their hypotheses by decrypting
> obkrw and ivelq. (This is the way I broke it.)
>
> Finally (this is clearly a spoiler):
>
> Where does the text come from? To me, it sounds like a Star
> Wars/Tolkien-inspired poem. When I tried to decrypt "Ftfjlkai", the
> only thing that was close to making sense was "Shinuawa". Is there
> some error in "Ftfjlkai" or is Shinuawa the name of the kingdom in
> the poem?
The entire document (I only posted a portion) is part of a running
plotline in a medieval/fantasy LARP. It's been out for quite a long
time now, thankfully it isn't time sensitive. :)
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
