Cryptography-Digest Digest #332, Volume #13 Thu, 14 Dec 00 23:13:01 EST
Contents:
Re: Protocol for computer go (David Wagner)
Re: Visual Basic Source Code ("Adam Smith")
Re: binary vs. text w/ regard to digital signatures (Benjamin Goldberg)
Re: Virtual memory security hole? (Baldwins42)
Re: Protocol for computer go (Paul Rubin)
Re: Visual Basic Source Code (Paul Schlyter)
Re: Custom Encryption Algorithm ("Michael")
Re: Crypto Program for HP48GX Calculator ("Veli-Pekka Nousiainen")
Re: Custom Encryption Algorithm ("Michael")
Re: Protocol for computer go (Steve Portly)
Re: Protocol for computer go (Benjamin Goldberg)
Re: Embedded Linux System Vs Smart Card (Benjamin Goldberg)
Re: ethical considerations ... (Benjamin Goldberg)
Re: Software PRNG.. (Mike DeTuri)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (David Wagner)
Subject: Re: Protocol for computer go
Date: 15 Dec 2000 01:53:31 GMT
Reply-To: [EMAIL PROTECTED] (David Wagner)
Paul Rubin wrote:
>The cycle counter isn't enough. The number of cycles needed to do
>something depends on the cache hit ratio, which in turn depends on
>what other processes are doing. There is true physical randomness
>involved: if some process does a disk operation, the time needed for
>the operation is affected by chaotic airflow inside the disk drive,
>which is sensitive to the thermal (random) motion of air molecules.
Yes, you're right. Probably what you want to count is number
of instructions computed, not how many clock cycles they've taken.
------------------------------
From: "Adam Smith" <[EMAIL PROTECTED]>
Subject: Re: Visual Basic Source Code
Date: Fri, 15 Dec 2000 02:03:40 GMT
I apologize for this being my third post on this thread...but...
I found some more stuff (and this will be the last post of the night, I
promise, I finally found something!)...
Here's an implementation of the CryptoAPI that is unrivalled! Why this
person put in the many many hours to make this I don't know, but no licenses
or anything! I was able to cut his probably 1000+ lines of code down to
about 5% of the original size to perform the specific function I
needed...the only thing I don't like about it is the compression library he
included...but it's 200% worth the download for any VB programmer (even if
you don't need crypto right now it might come in a handy, and it is a great
demonstration of VB programming with objects and what-not)!!
http://www.planet-source-code.com/xq/ASP/txtCodeId.13517/lngWId.1/qx/vb/scri
pts/ShowCode.htm
Thanks,
Adam Smith
------------------------------
From: Benjamin Goldberg <[EMAIL PROTECTED]>
Subject: Re: binary vs. text w/ regard to digital signatures
Date: Fri, 15 Dec 2000 02:03:54 GMT
Douglas A. Gwyn wrote:
>
> Benjamin Goldberg wrote:
> > denis bider wrote:
> > > EDDF uses canonical UTF-8 for all character data. Such a UTF-8
> > > string is equal to another UTF-8 string when the encodings are
> > > equal. No dilemma.
> > I have one minor nitpick here. Some characters, such as n with a ~
> > over it, have two graphically identical encodings -- as a single
> > [combined] symbol, and as a letter (the n) followed by a non-spacing
> > symbol (the ~). This applies to most of the letters of latin-1
> > which have the high bit set; they have their own encodings, and they
> > can be encoded as the letter, followed by a non-spacing form of the
> > overmark.
> > Of course, this is a problem with UTF, than with EDDF, but it is
> > there, and you shouldn't overlook it.
>
> UTF-8 does *not* assign two encodings to tilde-n.
True, it doesn't. It has one encoding for tilde-n. It has one encoding
for n. It has one encoding for non-spacing-tilde-as-overmark.
Now consider a word processor which allows you to put a tilde over the
preceding character (regardless of what that preceding character is) by
typing meta-tilde (or whatever). Logically, it would do this by
inserting the non-spacing-tilde-as-overmark symbol after the letter you
want a tilde over. This means that if you see on your screen an n with
a tilde over it, it could either be the symbol n-tilde, or it could be
the letter n, followed by the non-spacing-tilde-as-overmark symbol.
The fact that tilde-n has one and only one encoding does not help use
avoid the fact that two different sequences have precisely the same
visual effect.
It's rather like replacing spaces (ascii 32) with ascii 160, which for
some encidings, is non-breaking-space. It prints exactly the same, but
it has a different value.
--
There are three methods for writing code in which no bug can be found:
1) Make the code so straightforward that there are obviously no bugs.
2) Make the code so complicated that there are no obvious bugs.
3) Insist that any apparent bugs were really intentional features.
------------------------------
From: [EMAIL PROTECTED] (Baldwins42)
Date: 15 Dec 2000 02:08:03 GMT
Subject: Re: Virtual memory security hole?
Thanks to everyone for the very informative responses!
don ([EMAIL PROTECTED])
------------------------------
From: Paul Rubin <[EMAIL PROTECTED]>
Subject: Re: Protocol for computer go
Date: 14 Dec 2000 18:16:03 -0800
[EMAIL PROTECTED] (David Wagner) writes:
> Yes, you're right. Probably what you want to count is number
> of instructions computed, not how many clock cycles they've taken.
I don't see how to do that on any current processor without orders of
magnitude worth of performance loss.
------------------------------
From: [EMAIL PROTECTED] (Paul Schlyter)
Subject: Re: Visual Basic Source Code
Date: 15 Dec 2000 02:38:26 +0100
In article <3a39439f$0$17729$[EMAIL PROTECTED]>,
Jason Bock <[EMAIL PROTECTED]> wrote:
> Tom St Denis <[EMAIL PROTECTED]> wrote in message
> news:91b151$404$[EMAIL PROTECTED]...
>> In article <91b0mp$3gl$[EMAIL PROTECTED]>,
>> [EMAIL PROTECTED] wrote:
>>> Does anyone know where i can get GOOD source code for MD4, MD5, SHA1,
>>> DES, IDEA, and CAST in VB??
>>
>> Why is everyone interested in VB? Arrg!
>
> Why not? Any good reasons why millions of VB programmers should give up
> their tool of choice?
>
> Just curious.
You're right! 50 billion flies can't be wrong -- eat shit!!! <g>
--
================================================================
Paul Schlyter, Swedish Amateur Astronomer's Society (SAAF)
Grev Turegatan 40, S-114 38 Stockholm, SWEDEN
e-mail: pausch at saaf dot se or paul.schlyter at ausys dot se
WWW: http://hotel04.ausys.se/pausch http://welcome.to/pausch
------------------------------
From: "Michael" <[EMAIL PROTECTED]>
Subject: Re: Custom Encryption Algorithm
Date: Fri, 15 Dec 2000 02:58:53 GMT
"Tom St Denis" <[EMAIL PROTECTED]> wrote in message
news:91agto$l2l$[EMAIL PROTECTED]...
> In article <J6XZ5.48126$[EMAIL PROTECTED]>,
> "Michael" <[EMAIL PROTECTED]> wrote:
> > I have been interested in Cryptanalysis for a while now, and just
> started
> > reading this newsgroup a few weeks ago.
> > By far, the biggest surprise I have found here is that you 'experts'
> (only
> > in quotes because I don't really know you) don't have a program that
> you can
> > cut and paste these EXTREMELY weak cipher texts into an spit out the
> plane
> > text.
> > Not knowing any better, I thought you would.
> > I ended up here due to MY quest for such a program.
>
> Because if you knew anything about "real cryptography" you would
> realize that such programs are hardly practical at all. Sure I could
> write a program to break monoalphabetic messages with a known plaintext
> language. However, real block ciphers are often very incompatible.
> For example the analysis of RC5 is not applicable to that of Serpent.
>
> > As I said in one of my first postings, I have written my own
> (admittedly
> > weak) algorithm.
> > Reading this news group makes me less proud of my algorithm, but also
> feel
> > like my ciphertext is much much more secure than I though it was.
>
> Well it isn't :-). Did you post your algorithm yet?
No, and I don't know that I ever will. It definatly isn't worth your time.
>
> > Your standard answer to the people who post their cipher text is why
> would I
> > waste my time decoding it.
> > Well, this place is all about Cryptanalysis. However, if I email a
> friend
> > using my algorithm and the email with the cipher text gets printed
> out and
> > left on my friend's desk at work, people as crypto savvy as you guys
> won't
> > be there, BUT the 'why should I waste my time' attitude WILL be there.
>
> See the problem is how do you share a "key" to decrypt messages? You
> will have to hand deliver the program to decode it. And if your cipher
> is truly stateless it can be used only once to encode a message before
> it's useless.
>
How do you share the key in any non public key system (which the NSA happens
to love and find secure!)
They have the program.
I don't know (yet) what 'stateless' means in this context.
> Real ciphers are known algorithms with secret keys. Sharing the keys
> are a bit easier then a program since you can use a PK style algorithm
> to distribute a short bit string.
>
> Often ciphers where the construction of the cipher is key dependent are
> weak. Such as FROG.
>
> > On another subject, I am very disappointed no one replied to my
> earlier
> > posting where I describe a piece of hardware that I want to figure
> out. I
> > described the fact that I have the ability to do a Chosen-plaintext
> attack,
> > Adaptive-chosen-plaintext attack, Chosen-ciphertext attack, and
> Chosen-key
> > attack and I was looking for advice on how to proceed. Not a single
> reply.
>
> Well what algorithm does the device use? Doing black-box cryptanalysis
> of a unknown algorithm is very difficult (given the algorithm is in
> fact decent).
The algorithm is porpiretary and unpublished. However, I am quite sure it
is an afterthought and extreamly weak. Something as simple as a simple XOR.
As I stated in my first post virtually noone even uses the password feature
of the piece. The only reason I want to figure it out is the fact that I
want it to be my first 'baby step' in the extreamly long and arduous road
ahead of me in my quest to learn more about cryptanalysis. I don't think I
can find an easier target.
Since I have never done anything like this, even something that would take
you guys seconds to figure out is not so strait forward to me. But I want
to learn and I am reading. I just don't have free time.
Michael
>
> Tom
>
>
> Sent via Deja.com
> http://www.deja.com/
>
------------------------------
Reply-To: "Veli-Pekka Nousiainen" <[EMAIL PROTECTED]>
From: "Veli-Pekka Nousiainen" <[EMAIL PROTECTED]>
Crossposted-To: comp.sys.hp48
Subject: Re: Crypto Program for HP48GX Calculator
Date: Fri, 15 Dec 2000 04:05:10 +0200
Hi, Tom !
Maybe he is just starting to program and not for living...
:-D
VPN
"Tom St Denis" <[EMAIL PROTECTED]> wrote in message
news:91bqjk$pjp$[EMAIL PROTECTED]...
> In article <[EMAIL PROTECTED]>,
> "Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote:
> > Tom St Denis wrote:
> > > [EMAIL PROTECTED] wrote:
> > > > I am looking for some crypto programs for the HP48GX. ...
> > > Why can't anyone do something for THEMSELVES! Try writting your own
> > > code and if you get stumped ask for help.
> >
> > Why do you assume that brice98 isn't already stumped?
>
> Well why post programming questions to sci.crypt anyways?
>
> >
> > > For christ sake is everyone in this newsgroup incapable of their own
> > > work?
> >
> > Some people might not be capable of some kinds of programming.
> > Others might prefer standing on the shoulders of others to
> > tripping over their own feet.
>
> You don't see me posting in sci.brain.surgery asking for people to do
> my operations. I ain't no surgene so I don't ask. If you can't
> program then either read a book and teach yourself or get a new job.
>
> Tom
>
>
> Sent via Deja.com
> http://www.deja.com/
------------------------------
From: "Michael" <[EMAIL PROTECTED]>
Subject: Re: Custom Encryption Algorithm
Date: Fri, 15 Dec 2000 03:09:08 GMT
"Marc" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> >Your standard answer to the people who post their cipher text is why
> >would I waste my time decoding it.
>
> Make a contest, with a $10,000 US price for the first to decode
> your message.
>
> This will a) make sure that you don't waste your/their time with
> algorithms that you yourself don't see secure enough to protect
> $10,000 US worth of secrets,
>
> and b) motivate those who can crack the message to actually do it
> instead of just explaining in theory how it can be cracked and
> leave the rest as excercise for the reader.
You appear to have missed one of my main points. I designed the program to
protect my emails to my very close friends from ANYONE who would want to
read an email from me to them. I beleive I have accomplished that. As I
stated before, I beleive that more now than two weeks ago. And of course,
there isn't the $10,000 incentive to read my email.
>
>
> I hope you are not too disappointed with the usenet. It's a
> valuable resource of information, even when sometimes the people
> don't "function" like desired..
>
No, not at all. Any disappointment at all comes from my lack of keeping up
with current technology.
When 'Big Blue' won I thought that hurtle had been conquered 20 years ago.
Another example where I thought computer technology was further along than
it was. I don't have time to keep up with everything. My job keeps me
plenty busy.
------------------------------
From: Steve Portly <[EMAIL PROTECTED]>
Subject: Re: Protocol for computer go
Date: Thu, 14 Dec 2000 22:11:31 -0500
Paul Rubin wrote:
> [EMAIL PROTECTED] (David Wagner) writes:
> > Yes, you're right. Probably what you want to count is number
> > of instructions computed, not how many clock cycles they've taken.
>
> I don't see how to do that on any current processor without orders of
> magnitude worth of performance loss.
The amount of entropy that can be got from physical air currents within
the hard drive is quite small according to a FAQ that was posted here a
while back ( Hard drives only spin at 10000 rpm). The actual system
overhead for the timing is quite small only 24 cycles out of the
1,000,000,000 per second available from a contemporary 1 ghz system. The
tricky part is finding a dirty process that will yield a suitably
unpredictable, non repeating pseudo random value. Systems vary quite a
bit in terms of wait states and buffering. I have used time stamp
methods on older pentium machines with pretty good results.
------------------------------
From: Benjamin Goldberg <[EMAIL PROTECTED]>
Subject: Re: Protocol for computer go
Date: Fri, 15 Dec 2000 03:38:15 GMT
Paul Rubin wrote:
>
> [EMAIL PROTECTED] (David Wagner) writes:
> > >It does? Even on a modern superscalar machine, under an operating
> > >system with preemptive multitasking?
> >
> > If it doesn't, pick something that does! :-)
> >
> > Preemptive multitasking shouldn't hurt. You just need a per-process
> > cycle counter.
> >
> > If superscalar hurts, then you put a barrier before you query the
> > cycle counter. Remember, "query cycle counter" can be a `privileged
> > operation', and thus the underlying computing infrastructure can
> > enforce that it be implemented in whatever way ensures that it will
> > have the needed properties.
>
> The cycle counter isn't enough. The number of cycles needed to do
> something depends on the cache hit ratio, which in turn depends on
> what other processes are doing. There is true physical randomness
> involved: if some process does a disk operation, the time needed for
> the operation is affected by chaotic airflow inside the disk drive,
> which is sensitive to the thermal (random) motion of air molecules.
Those things effect how much real time memory operations take, but they
don't effect *how many* operations the program takes, which is what the
cycle counter should be counting. If, instead of counting cycles of
program operation as you should be doing, you strangely decide to count
cycles of program operation PLUS cycles taken by operating system stuff
(putting stuff in cache from main memory, puttting stuff in main memory
from disk), then of course you are going to have a non deterministic
counter.
--
There are three methods for writing code in which no bug can be found:
1) Make the code so straightforward that there are obviously no bugs.
2) Make the code so complicated that there are no obvious bugs.
3) Insist that any apparent bugs were really intentional features.
------------------------------
From: Benjamin Goldberg <[EMAIL PROTECTED]>
Subject: Re: Embedded Linux System Vs Smart Card
Date: Fri, 15 Dec 2000 03:38:18 GMT
Michael Schmidt wrote:
>
> > > Depends what smart card platform/product you use. Products such
> > > as MULTOS/VOP or Cryptoflex protect the card memory by firewalling
> > > it from other card based applications and unauthorized
> >
> > But how can you say firewall can effectively block all unauthorized
> > access to some data on smart card?
> >
> > and how can you compare the effectiveness in securing the data in
> > the smart card and the Embedded Linux System board?
> >
> > Can such board also have a firewall architecture to protect the data
> > on-board too?
> >
>
> It's not exactly the firewalling architecture that's relevant here.
> Modern crypto smart cards simply do not allow reading of the files
> where private keys for asymmetric crypto are stored, regardless
> whether internally or externally. The only thing you can do with these
> private keys is en-/decryption, i. e. you provide data to be
> en-/decrypted, and you get the en-/decrypted results.
>
> If you want to attack (i. e. read) the private keys stored inside, you
> have to open the chip. Secret services are probably able to do this,
> an average attacker isn't, since the chip self-destroys as soon as it
> encounters tampering. That's a matter of > 100000 US$ (maybe tens of
> it).
While it is indeed true that you need to open the chip, it is not quite
so expensive as you claim -- if you already have a lab, such as a chip
manufacturer might have, or access to one, the costs are closer to
$1000, or less. And if you're building a lab, I think that the costs
would be in the low tens of thousands of dollars, not tens of hundreds
of thousands of dollars.
The self-destroy on tampering usually depends of physically prying the
chip open, or exposure of some component of the chip to light. There
are easily available chemicals (acetone or things like it) which can
dissolve the casing without harming the circutry or triggering the self
destruct. Blocking the optical sensor is as easy as working in a
darkroom, with only one frequency of light -- one which is detectable to
human eyes, but not to the electronic sensor. After the casing is
dissolved in the darkroom, a bit of opaque glue can be placed over the
sensor.
Of course, once you have the card opened, you can place wires on the
chip, fiddle with the power supply, system clock, etc, and try such
things as single-stepping the clock, or perhaps fluctuate the power in
jsut such a way that the key memory (which is for write and use but not
read) outputs its contents.
> A different story is attacks on the private key by not trying to read
> it, but performing "chosen plaintext" attacks, timing analysis, power
> analysis etc.
Power analysis requires having the card open. Timing attacks don't, but
they can be made much more accurate if you can measure the clock count
while enciphering is being done.
> Even competing apps on the smart card are only able to read the
> en-/decrypted results, but not the key itself. Isolation of these apps
> against each other is where firewalling comes into play.
This sounds more like sandboxing than firewalling. A sandbox isolates
applicationletts from each other, a firewall isolates the local network
from malicious internet traffic, and prevents trojan horses from sending
private data out of the local network onto the internet.
--
There are three methods for writing code in which no bug can be found:
1) Make the code so straightforward that there are obviously no bugs.
2) Make the code so complicated that there are no obvious bugs.
3) Insist that any apparent bugs were really intentional features.
------------------------------
From: Benjamin Goldberg <[EMAIL PROTECTED]>
Subject: Re: ethical considerations ...
Date: Fri, 15 Dec 2000 03:38:24 GMT
Peter Thorsteinson wrote:
>
> Thanks for your response. However, now that you have persuaded me, I
> am puzzled about what your response has to do with cryptography.
Of course his response has nothing to do with cryptography; your
original question had nothing to do with cryptography.
This group is sci.crypt, and its for discussion of how to do crypto. If
you want to talk about they *why*s and *why not*s instead of the *how*s,
perhaps you should try talk.politics.crypto (or whatever it's called).
--
There are three methods for writing code in which no bug can be found:
1) Make the code so straightforward that there are obviously no bugs.
2) Make the code so complicated that there are no obvious bugs.
3) Insist that any apparent bugs were really intentional features.
------------------------------
From: [EMAIL PROTECTED] (Mike DeTuri)
Subject: Re: Software PRNG..
Date: Fri, 15 Dec 2000 03:55:42 GMT
I like RC4 and ISAAC (http://burtleburtle.net/bob/rand/isaacafa.html).
Mike
On Tue, 12 Dec 2000 16:55:55 +0100, Jorgen Hedlund
<[EMAIL PROTECTED]> wrote:
>
>Are there any (good) software PRNG's on the net, that is also free?
>
>I've scoured the FAQ, but, well let's say that I didn't come up
>with anything by doing so..
>
>BR/jh
>
>PS!
>
>Excerpt from the only reference of PRNG (in sci.crypt), according
>to www.faqs.org:
>"...where Prngxor() [FTPPX] is a simple stream cipher driven from
>a long-period pseudo-random number generator (PRNG),..."
>
>DS!
====== Posted via Newsfeeds.Com, Uncensored Usenet News ======
http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
======= Over 80,000 Newsgroups = 16 Different Servers! ======
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
