Cryptography-Digest Digest #320, Volume #13 Wed, 13 Dec 00 12:13:01 EST
Contents:
Re: 64bit CRC (Tom St Denis)
Re: Keymat in Rijndael (Tom St Denis)
Re: YAPRNG (Bill Godfrey)
Re: YAPRNG (Richard Heathfield)
Re: Software PRNG.. (Jorgen Hedlund)
Re: Software PRNG.. (Jorgen Hedlund)
Re: Software PRNG.. (Richard Heathfield)
Probability of collision in hash (Pawel Krawczyk)
Re: important programming languages (Tim Tyler)
Re: YAPRNG (Tim Tyler)
Re: YAPRNG (Richard Heathfield)
Re: important programming languages (Michael Erskine)
Re: Virtual memory security hole? (Shellac)
Re: Software PRNG.. ("John A. Malley")
Re: On using larger substitutions (Mok-Kong Shen)
(help) Its easier to break symetric alg. when ....? ([EMAIL PROTECTED])
Re: important programming languages (John Myre)
Re: Newbie (John Myre)
Re: (help) Its easier to break symetric alg. when ....? ("M.S. Bob")
My SecureTech / CardTech (May, 2000, Miami Beach) contacts ... some of these people
might sell you machines to produce passports and other indentity solutions .. and
crypto of course ... some were printing EUROs (Markku J. Saarelainen)
Re: Unguessable sequence of unique integers? (John Myre)
Re: What's better CAST in PGP or Blowfish 128bit? ("M.S. Bob")
Re: What's better CAST in PGP or Blowfish 128bit? (Ray Dillinger)
----------------------------------------------------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: 64bit CRC
Date: Wed, 13 Dec 2000 12:39:33 GMT
In article <915vjm$615$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (Paul Schlyter) wrote:
> In article <[EMAIL PROTECTED]>,
> Mihai Preda <[EMAIL PROTECTED]> wrote:
>
> > I need two independent 32bit fingerprints for a message. I think CRC
> > would be a good choice (I don't need security).
> > Now, what should I prefer:
> > a) compute two 32bit CRCs(with different polynomials)
> > b) compute one 64bit CRC, and use the lower and higher order 32bits
as
> > the two fingerprints.
>
> You could also choose
>
> c) compute two 32-bit CRC's using the same polynomial, but one of
> them scanning your data "backwards", or "from the middle out towards
> the ends", or in any other order you wish.
That's no better actually. Both crcs are individually limited upto 31
bits of errors before they collide. Chances are high that they will
not collide even with >31 bits of errors. However, the probabilities
are lower with a 64-bit one.
Tom
Sent via Deja.com
http://www.deja.com/
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: Keymat in Rijndael
Date: Wed, 13 Dec 2000 12:35:59 GMT
In article <917chk$f38$[EMAIL PROTECTED]>,
"kihdip" <[EMAIL PROTECTED]> wrote:
> Just wondering:
>
> Could the fact that original key material is used as the fist sub-key
in
> rijndael be exploited in an attack ??
Of course. Can you devise an attack that will find it?
Tom
Sent via Deja.com
http://www.deja.com/
------------------------------
From: Bill Godfrey <[EMAIL PROTECTED]>
Subject: Re: YAPRNG
Date: 13 Dec 2000 13:14:07 +0000
Reply-To: [EMAIL PROTECTED]
Richard Heathfield <[EMAIL PROTECTED]> writes:
> I believe Knuth has written a halfway decent PRNG. Let us take his PRNG
> as R1() and the Twister as R2().
IIUC...
seed_R1(key1)
seed_R2(key2)
For each P
K=R1() xor R2()
C=P xor K
If you know P, (say you know the message begins "The password is") then
you know the value of K (IE, R1 xor R2).
So, given the value of R1 xor R2, can the seed of R1 or R2 be found?
(I dunno)
If the seed can indeed be found, then everything after the known part is
vulnerable.
If you can find a PRNG, or combination of PRNGs, where it is unfeasable
to calculate the seed from the generated values, you may have something.
(Notice: The author of this message (BillG) is no cryptographer.)
Bill, a pretty good programmer though.
------------------------------
Date: Wed, 13 Dec 2000 13:15:33 +0000
From: Richard Heathfield <[EMAIL PROTECTED]>
Subject: Re: YAPRNG
Tom St Denis wrote:
>
<snip>
> >
> > I'm sure this is old hat, and trivially broken, or everyone and his
> dog
> > would be doing it. I just don't quite see how to break it.
>
> Hmm they are linear?
>
Er... Let's say, for the sake of argument, that they are.
(What difference does it make? quoth the cryptonewbie.)
--
Richard Heathfield
"Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
K&R Answers: http://users.powernet.co.uk/eton/kandr2/index.html
------------------------------
From: Jorgen Hedlund <[EMAIL PROTECTED]>
Subject: Re: Software PRNG..
Date: Wed, 13 Dec 2000 14:39:37 +0100
Reply-To: [EMAIL PROTECTED]
Tom St Denis wrote:
>
> In article <[EMAIL PROTECTED]>,
> [EMAIL PROTECTED] wrote:
> >
> > Are there any (good) software PRNG's on the net, that is also free?
>
> Well depending on your needs a few programmers in here (including me)
> could code you one. There are many types available such as LFGs and
> LFSRs which are non-patented technology.
>
> Tom
Well, I'd rather like to know "how", than get the code from someone
else. I mean, ofcourse it's cool to use something free, but without
completely understand it, then it's kind of impossible to truly
trust it. Also, it would be difficult to know how secure my algorithm
is..
And what is LFG/LFSR?
BR/jh
------------------------------
From: Jorgen Hedlund <[EMAIL PROTECTED]>
Subject: Re: Software PRNG..
Date: Wed, 13 Dec 2000 14:41:49 +0100
Reply-To: [EMAIL PROTECTED]
Paul Crowley wrote:
>
> Jorgen Hedlund wrote:
> >
> > Are there any (good) software PRNG's on the net, that is also free?
>
> Assuming you want a keyed cryptographic PRNG, yes, OpenSSL contains
> several. RC4 is probably the fastest, though it is slightly biased.
> Rijndael in counter mode could provide another. http://www.openssl.org/
I'm checking the URL out, thanks.
Although, I've a question about this term "biased", what do you mean
with that something is "biased"?
BR/jh
------------------------------
Date: Wed, 13 Dec 2000 13:48:34 +0000
From: Richard Heathfield <[EMAIL PROTECTED]>
Subject: Re: Software PRNG..
Jorgen Hedlund wrote:
>
> Paul Crowley wrote:
> >
> > Jorgen Hedlund wrote:
> > >
> > > Are there any (good) software PRNG's on the net, that is also free?
> >
> > Assuming you want a keyed cryptographic PRNG, yes, OpenSSL contains
> > several. RC4 is probably the fastest, though it is slightly biased.
> > Rijndael in counter mode could provide another. http://www.openssl.org/
>
> I'm checking the URL out, thanks.
>
> Although, I've a question about this term "biased", what do you mean
> with that something is "biased"?
I'd guess that it's analogous to a die numbered 1, 2, 3, 3, 4, 5 - and
I'll be interested to see whether my guess is confirmed, or shot down in
flames. :-)
--
Richard Heathfield
"Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
K&R Answers: http://users.powernet.co.uk/eton/kandr2/index.html
------------------------------
From: Pawel Krawczyk <[EMAIL PROTECTED]>
Subject: Probability of collision in hash
Date: Wed, 13 Dec 2000 14:06:01 +0000 (UTC)
I have two quick questions about currenlty used hash functions like MD5
and SHA1.
1. How to estimate probability of collision for a hash trimmed to
given length - for example 96 bits out of total 160 for SHA1 etc.
(like in HMAC-SHA1).
2. Is the avalanche effect distributed equally along the result hash?
I mean, are the terminating bits of the hash equally depending on changes
in plaintext as those from beginning?
I was wondering how to fingerprint keys best, that's why I'm asking.
Thanks for your replies or just pointers to some documents.
--
Pawe� Krawczyk <http://ceti.pl/~kravietz/>
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: important programming languages
Reply-To: [EMAIL PROTECTED]
Date: Wed, 13 Dec 2000 14:33:14 GMT
John Savard <[EMAIL PROTECTED]> wrote:
: Tim Tyler <[EMAIL PROTECTED]> wrote, in part:
:>Neither Java nor Perl are "more or less interpreted", IMO.
: Well, the JVM code still has to be compiled each time an applet is
: executed, so there is an overhead that doesn't exist when the program
: is compiled once before all the executions.
That's a different question to whether it should be described as
"interpreted".
Java advocates would no-doubt point out that implementations of caching
JVMs exist, so compiled bytecode can be cached, and the cost of compiling
it is a one-off start up thing that only happen once shortly after the
code is downloaded.
: But you're saying Perl is a compiler? I had thought it was an
: interpreter, even if it was bigger and more compiler-like than Awk []
As part of the 5.005 development cycle some compiler technology was
integrated into the main distribution. Perl has been compiling to
perl bytecode before execution for some time now.
I don't think you can call Perl an interpreted language any more.
It still works from plain text files - but employs all sorts of
cleverness and intermediate representations during execution.
It does not wade through the original text as a scripting
language would.
--
__________ http://alife.co.uk/ http://mandala.co.uk/
|im |yler [EMAIL PROTECTED] http://hex.org.uk/ http://atoms.org.uk/
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: YAPRNG
Reply-To: [EMAIL PROTECTED]
Date: Wed, 13 Dec 2000 14:44:33 GMT
Richard Heathfield <[EMAIL PROTECTED]> wrote:
: Let me rephrase my question slightly.
: I believe Knuth has written a halfway decent PRNG. Let us take his PRNG
: as R1() and the Twister as R2().
Knuth's name is not associated with a single algorithm, AFAIK.
As for the MT, that's not intended to be a secure PRNG in the first place.
*If* "Knuth's algorithm" has a large linear component, then the
resulting linear complexity is likely to be low, and an equivalent
LFSR may be accessible, using "the usual" construction, (AKA
the Berlekamp-Massey Algorithm).
In general piling RNGs on top of one another /is/ a road to greater
security - in much the same way that multiple encryption can offer
greater security.
--
__________ http://alife.co.uk/ http://mandala.co.uk/
|im |yler [EMAIL PROTECTED] http://hex.org.uk/ http://atoms.org.uk/
------------------------------
Date: Wed, 13 Dec 2000 15:08:15 +0000
From: Richard Heathfield <[EMAIL PROTECTED]>
Subject: Re: YAPRNG
Tim Tyler wrote:
>
<snip>
>
> In general piling RNGs on top of one another /is/ a road to greater
> security - in much the same way that multiple encryption can offer
> greater security.
Thank you. I'll use a dozen, then. :-D
--
Richard Heathfield
"Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
K&R Answers: http://users.powernet.co.uk/eton/kandr2/index.html
------------------------------
From: Michael Erskine <[EMAIL PROTECTED]>
Subject: Re: important programming languages
Date: Wed, 13 Dec 2000 10:16:13 -0500
Herman Rubin wrote:
> Let the programmer have access to the full power of the
> machine, often in ways which the language people cannot
> come close to understanding.
Ooops. I think the language people have the requirements
of programming languages fairly well down at this point.
There are only four logical constructs required to define
*any* algorythm.
Language arguments are by nature *religious* and not often
logical. They are by nature general because languages are
rarely designed to satisfy a specific programming requirement.
As a long time systems/applications programmer I have
discovered that the algorythm is much more important than
the language in which it is expressed. The use of a debugger
and code profiler can work wonders in the effort to obtain
more speed in any algorythm. In my experience a universal
truth is, "Less than ten percent of the code will consume
more than ninty percent of the processing time." I have
never in my years seen this rule fail to be true. In every
case where I was called in to improve the execution speed
of an algorythm, I was able to do that by isolating the
offending routine and improving the algorythm within that
routine. Improving code performance is an iterative process.
If you isolate and improve the ten percent which you
identify as running too slowly, you will find the next
profiling sequence will still produce a code segment that
is consuming ninty percent of the run time of the code.
Usually one can repeat this process atleast three times and
obtain a run time improvement of atleast ten and often one
hundred or even a thousand. Here is an example:
A few years ago I was asked to work with a bit of code that
looked into a database of polygons which defined a world
map and all the nations. The code merely checked to discover
what country a set of coordinates was nearest (or in). It
could do 300 points per second when they gave it to me. I
and another programmer worked upon it. In the first pass
of profiling I discovered two functions in the program that
were eating the time. I cleaned it up and went to about
1500 points per second. That was not fast enough so I
profiled again and isolated the offending three or four lines
of code in a function called "in_poly". We fixed that and went
to about 4000 points per second. I moved on to another task
the other programmer decided to tweak it some more and managed
to take it to about 5500 points per second. Later I came back
and discovered that he had reworked one line of code to get
that improvement. Naturally I had to try again, I changed
one line of code. When we reran the tests the limiting factor
to measure the performance of the algorythm finally appeared,
we could not move enough data across the lan fast enough to
find the limit of the algorythm. We hit the wall at around
6000 points per second.
So what does all that prove? Not much really, it is my long
winded way of saying, foolish people argue about what language
is better than what language. What language were we using on
that project? Doesn't matter. It was fast enough, portable
enough, and easy enough for the programmers to use.
--
Buy a good book on Linux or UNIX and read it. Be intuitive when trying to
solve problems. Love all people, animals and plants alike. Watch out not
to get sucked into /dev/null. Grega Bremec
------------------------------
From: Shellac <[EMAIL PROTECTED]>
Subject: Re: Virtual memory security hole?
Date: 13 Dec 2000 15:27:53 +0000
=====BEGIN PGP SIGNED MESSAGE=====
Hash: SHA1
Paul Rubin <[EMAIL PROTECTED]> writes:
> > 2. Not exactly an encryption question so an offline response would
> > be greatly appreciated. In theory, computers using operating systems
> > with virtual memory can introduce a security risk when plaintext
> > is left on disk in the page/swap file. Can anyone recommend a book
> > or article that discusses this, assessment of risk level, solutions?
>
> Yes, this is a well known issue. Some operating systems (OpenBSD?)
> encrypt the swap partition. Linux currently doesn't, but I heard
> someone was working on it.
Linux can prevent prevent pages being swapped out. For example gnupg
does this, but it has to be setuid root. Given that gnupg is often
passed the passphrase by some mail prog (in my case,
Xemacs/gnus/mailcrypt) it is questionable how successful this is. The
truely paranoid will encrypt from the cmdline, I guess.
Shellac
- --
Key fingerprint = FC31 23CA 3EBA E30D 2F20 D7EA 8C8F BB0A 49CA 5201
I use and endorse MkLinux, MacOS, GnuPG, Xemacs, Alpha (text
processor), wwwoffle, w3m, Gnus, Leafnode, Cherry Coke, PG Tips. They
do not sponsor me. Despite endless requests.
=====BEGIN PGP SIGNATURE=====
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.5 and Gnu Privacy Guard <http://www.gnupg.org/>
iEYEARECAAYFAjo3lXYACgkQjI+7CknKUgHc9wCglS3mmninYL7CmXIbWADRrD+5
3OEAoK7trh2I/uts9hdHXSnnU9EL3XnR
=WCjN
=====END PGP SIGNATURE=====
------------------------------
From: "John A. Malley" <[EMAIL PROTECTED]>
Subject: Re: Software PRNG..
Date: Wed, 13 Dec 2000 07:57:50 -0800
Richard Heathfield wrote:
>
> Jorgen Hedlund wrote:
> >
[snip]
> >
> > Although, I've a question about this term "biased", what do you mean
> > with that something is "biased"?
>
> I'd guess that it's analogous to a die numbered 1, 2, 3, 3, 4, 5 - and
> I'll be interested to see whether my guess is confirmed, or shot down in
> flames. :-)
That's a good example of a means to generate a biased random variable
(where the variable is the value of the die face facing up after its
cast and comes to rest, and the experiment is casting the die.)
A biased random variable has a non-uniform probability density function.
The probability that the random variable takes on a value between x_1
and x_2 is just the integral of the area under the pdf between x_1 and
x_2. The total area under the pdf, integrated from -infinity to +
infinity, must equal 1. It's more likely for the random variable to take
on some values than others when the pdf is non-uniformly distributed
between -infinity and + infinity.
For example, consider a Gaussian (a.k.a. normal) pdf of a random
variable. Taking on the values in the area under the tails of the
density function is not as likely as taking on the values under the
mouth of the "bell" of the pdf ( where there's a "bell-shaped" curve for
the pdf.) (Side note - pdf's also exist for discrete random variables.
The mathematically description thereof relies on the Dirac delta
function.)
John A. Malley
[EMAIL PROTECTED]
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: On using larger substitutions
Date: Wed, 13 Dec 2000 16:59:03 +0100
Tom St Denis wrote:
>
> Mok-Kong Shen <[EMAIL PROTECTED]> wrote:
> >
> >
> > Tom St Denis wrote:
> > >
> >
> > > If it's not the best we know how todo then what's the point?
> >
> > You apparently overlooked the following in my original post:
> >
> > In situations where one could be satisfied with the
> > quality of such substitutions, ......
> >
> > where reference was made to Playfair. See also my response
> > to Simon Johnson.
>
> Well I could make you 100s of bad ciphers in an hour. So what?
>
> I think the point is to get the most bang for your buck. So something
> like an MDS is a step in the right direction. Something that is
> vulnerable to differential attacks by a high school student is a step
> in the wrong direction.
I conclude from your requirement always to get the best
that you never take your lunch and supper excepting at
a 5-star restaurant. Every equipment/device has its field
of use.
M. K. Shen
------------------------------
From: [EMAIL PROTECTED]
Subject: (help) Its easier to break symetric alg. when ....?
Date: Wed, 13 Dec 2000 16:04:36 GMT
Hi,Imagine this situation. You have a process that encrypts
data using a symetric algorithm that you know (lets say DES). You
can encrypt anything you want. Will these variables (knowing the
original message and the encrypted message) make it easier
to find the key used to encrypt the data?
thanks in advance for any reply
Jorge
Sent via Deja.com
http://www.deja.com/
------------------------------
From: John Myre <[EMAIL PROTECTED]>
Subject: Re: important programming languages
Date: Wed, 13 Dec 2000 09:43:22 -0700
Tuomas Pellonpera wrote:
<snip>
> 1.) Would you agree that these language are, not the only right and best
> ones, but ones that offer a solid background for encryption?
<snip>
This subject has already been beaten to death, so I don't
know why I can't resist adding to it, but here goes. I'm
going to address what the above question actually says.
No computing language will give you any "background"
whatsoever for encryption. By that I mean that no language
meant for implementing computer programs will help you
understand encryption. (This is really just a paraphrase
of what Gladman and Silverman agreed on, before their
discussion degenerated.)
If you actually want to program some encryption, then I
would recommend the obvious: start by understanding your
"requirements". In this case, perhaps you should start by
clarifying what you think you want.
Do you want to write programs to verify that you are
understanding encryption algorithms? Do you want to
implement practical encryption programs? For sale? For
fun? I just mean to suggest here that there are a *lot*
of possible reasons to write encryption code, and unless
you have some idea of what *your* reason are, you can't
even begin to pick implementation languages.
JM
------------------------------
From: John Myre <[EMAIL PROTECTED]>
Subject: Re: Newbie
Date: Wed, 13 Dec 2000 09:46:42 -0700
Andre van Straaten wrote:
<snip>
> I have another method which is as secure as the OTP:
> I just don't have secrets.
> LOL
ditto LOL.
Although actually, your method could be said to be even
*more* secure: it doesn't leak the (maximum possible)
size of a secret.
JM
------------------------------
From: "M.S. Bob" <[EMAIL PROTECTED]>
Subject: Re: (help) Its easier to break symetric alg. when ....?
Date: Wed, 13 Dec 2000 16:53:13 +0000
[EMAIL PROTECTED] wrote:
>
> Hi,Imagine this situation. You have a process that encrypts
> data using a symetric algorithm that you know (lets say DES). You
> can encrypt anything you want. Will these variables (knowing the
> original message and the encrypted message) make it easier
> to find the key used to encrypt the data?
Having a single known plaintext and corresponding ciphertext is known as
a known plaintext attack.
Having the ability of encrypt a plaintext to get the resulting
ciphertext, is known as a chosen plaintext attack. Such an attack
occured historically with the Enigma, see The Codebreakers by D. Kahn
for details.
Any (symmetric or otherwise) cipher should be resistance to such
attacks.
See the sci.crypt FAQ part 4 for more details
http://www.faqs.org/faqs/cryptography-faq/
------------------------------
From: Markku J. Saarelainen <[EMAIL PROTECTED]>
Crossposted-To: alt.security,comp.security,alt.2600
Subject: My SecureTech / CardTech (May, 2000, Miami Beach) contacts ... some of these
people might sell you machines to produce passports and other indentity solutions ..
and crypto of course ... some were printing EUROs
Date: Wed, 13 Dec 2000 16:46:09 GMT
SecureTech / CardTech May 2000 contacts .....
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
Sent via Deja.com
http://www.deja.com/
------------------------------
From: John Myre <[EMAIL PROTECTED]>
Subject: Re: Unguessable sequence of unique integers?
Date: Wed, 13 Dec 2000 10:01:46 -0700
Paul Crowley wrote:
>
> Bob Silverman wrote:
<snip>
> > Impossible.
>
> Sure, but it's possible the real need can be met all the same.
<snip>
And as usual, "it would be nice" if people could learn to
understand the concept, at least, of distinguishing the
real need (requirements). It is *amazing* how seldom a
customer for a program can describe what the problem is,
without having already added unnecessary constraints (based
on a fuzzy predefined solution). Shoot, it's usually like
an onion, with several layers of assumptions that have to
be stripped away.
Or maybe I should just stop being amazed.
JM
------------------------------
From: "M.S. Bob" <[EMAIL PROTECTED]>
Subject: Re: What's better CAST in PGP or Blowfish 128bit?
Date: Wed, 13 Dec 2000 17:03:30 +0000
> > Read the article at
> > http://www.cs.aucland.ac.nz/~pgut001/pubs/secure_del.html.
> >
http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html
------------------------------
From: Ray Dillinger <[EMAIL PROTECTED]>
Subject: Re: What's better CAST in PGP or Blowfish 128bit?
Date: Wed, 13 Dec 2000 17:04:55 GMT
Tom St Denis <[EMAIL PROTECTED]> wrote:
: In article <VPDZ5.597$[EMAIL PROTECTED]>,
: Ray Dillinger <[EMAIL PROTECTED]> wrote:
:> Tom St Denis <[EMAIL PROTECTED]> wrote:
:>
:>
:> Read the article at
:> http://www.cs.aucland.ac.nz/~pgut001/pubs/secure_del.html.
:>
:> It was published at the sixth Usenix security conference, in 1996.
:> Its title is "Secure Deletion of Data from Magnetic and Solid-State
:> Memory".
:> You'll find it enlightening.
: I will find it nothing I couldn't get a DNS entry for the website.
Woops, that's my fault. I mistyped the URL the first time.
Try
http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html
instead.
I agree that your point about the drive being inefficient is true;
but anything made of matter has to make some tradeoffs in design.
Hard drive read heads may be exceeding fine, but they are not in
the same class as scanning tunnelling microscopes measuring magnetic
force. So if someone takes your hard drive to a clean room, cracks
it open, and inspects the drive platters using magnetic force microscopy,
it isn't that surprising that they can read more data.
The annoying thing about this is, these devices are cheap. There's
an article about building your own STM for about $1400, and in the
$3000-$10000 range a lot of companies offer commercial "data retrieval"
devices. And a fair number of contractors do data retrieval using
these techniques and devices as a consulting service for clients
who don't have clean rooms of their own.
Bear
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
