Cryptography-Digest Digest #398, Volume #13 Thu, 28 Dec 00 13:13:01 EST
Contents:
Re: Identifying string with blowfish (Christian =?iso-8859-1?Q?Reitwie=DFner?=)
Re: Identifying string with blowfish (Paul Rubin)
Re: Basic infor for newbies (Simon Johnson)
Re: ___MIPS rating of a Pentium II-400 MHz (Bob Silverman)
Re: ___(WANTED) UPDATED performance figures of elliptic curve multiplications
(Robert Harley)
Windows 98 desktop lockdown application ([EMAIL PROTECTED])
Re: ___ MIRACL 4.43 ("Mike Scott")
Random keys of arbitrary length ("Rkq")
comparison of ciphers' speed ("maciek")
Basic infor for newbies ("Dullboy")
Basic infor for newbies ("Dullboy")
DES java encription problem.(ACME Library) ("Ed")
Re: Basic infor for newbies (Bob Silverman)
Re: Basic infor for newbies (Arturo)
Re: Basic infor for newbies (Arturo)
Basic infor for newbies ("Dullboy")
Basic infor for newbies ("Dullboy")
Basic infor for newbies ("Dullboy")
Basic infor for newbies ("Dullboy")
Some articles of the constitution of Finland .... "Right to privacy" ... " Freedom
of expression and right of access to information" ... " Freedom of assembly and
freedom of association" -- Finnish people violated all ..... (Markku J. Saarelainen)
Re: Foolproof Quantum Cryptography (Tim Tyler)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Christian =?iso-8859-1?Q?Reitwie=DFner?=)
Subject: Re: Identifying string with blowfish
Date: Thu, 28 Dec 2000 13:17:44 +0100
In article <[EMAIL PROTECTED]>, Paul Rubin wrote:
>Finally you can use a combination of all three methods (or a subset):
>
>1) a constant word or byte to identify the algorithm (but not the key).
>2) cryptographic hash of the key, so if the receiver has several keys
> in storage, s/he can choose the right one
What is a cryptographic hash? An encrypted hash value?
>3) checksum of the message, under the encryption.
--
Christian Reitwie�ner <[EMAIL PROTECTED]>
--> http://www.secretstar.de
Kenny the talking bot:
--> kenny_dod #frg on IRCNet
------------------------------
From: Paul Rubin <[EMAIL PROTECTED]>
Subject: Re: Identifying string with blowfish
Date: 28 Dec 2000 05:34:46 -0800
[EMAIL PROTECTED] (Christian Reitwie�ner) writes:
> >1) a constant word or byte to identify the algorithm (but not the key).
> >2) cryptographic hash of the key, so if the receiver has several keys
> > in storage, s/he can choose the right one
>
> What is a cryptographic hash? An encrypted hash value?
A cryptographic hash is a hash value using a function designed to be
very hard to invert, like MD5 or SHA1. That stops it from leaking
info about the real key. I'd say use one of those two functions
(there are lots of implementations available). Of the two, SHA1 is
slightly preferable but either is ok. Also, since all you're trying
to do is identify keys, you can chop the hash value to 32 bits or so.
(MD5 is normally 128 bits, and SHA1 is 160 bits).
What exactly are you doing? You do know that someone has already
implemented CAST encryption in ircii? Are you adding encryption to
some different client? To ircd? Is there some reason you want to use
Blowfish instead of CAST?
------------------------------
From: Simon Johnson <[EMAIL PROTECTED]>
Subject: Re: Basic infor for newbies
Date: Thu, 28 Dec 2000 14:03:48 GMT
In article <0zF26.4783$[EMAIL PROTECTED]>,
"Dullboy" <[EMAIL PROTECTED]> wrote:
> I recently got interested in cryptology reading a book on the subject
and
> was wondering where I can find more information in general and in
specific
> crypto methods. Are there any sites that are more relevant than
others?
>
> Thanks /Fredrik
>
>
It depends which book, 'Applied Cryptography' and the 'The
Codebreakers' are good books to read. They'll supply you with both
technical and historical information.
Of course, the best place to learn from is here, sci.crypt, really. But
make sure your backed up with some reading first, so you actually know
something that you can contribute. :)
As for websites, many of the posters on sci.crypt have good and
different websites. Some specialise on modern cryptography others
specialise on
past cryptography.... They are differnent, but most are good.
Simon.
--
Hi, i'm the signuture virus,
help me spread by copying me into Signiture File
Sent via Deja.com
http://www.deja.com/
------------------------------
From: Bob Silverman <[EMAIL PROTECTED]>
Subject: Re: ___MIPS rating of a Pentium II-400 MHz
Date: Thu, 28 Dec 2000 14:17:05 GMT
In article <[EMAIL PROTECTED]>,
David Schwartz <[EMAIL PROTECTED]> wrote:
>
> Bob Silverman wrote:
>
> > In article <[EMAIL PROTECTED]>,
> > kctang <[EMAIL PROTECTED]> wrote:
> > > What is the MIPS rating of a Pentium II-400 MHz?
>
> > There isn't one. Anyone who believes they have such a number
> > is deceiving himself.
>
> Sure there is, you just have to remember what it means though.
> Meaningless Information to Promote Sales.
Amazing! I learn new things every day. All along I thought that
MIPS = Meaningless Indicator of Processor Speed
--
Bob Silverman
"You can lead a horse's ass to knowledge, but you can't make him think"
Sent via Deja.com
http://www.deja.com/
------------------------------
From: Robert Harley <[EMAIL PROTECTED]>
Subject: Re: ___(WANTED) UPDATED performance figures of elliptic curve
multiplications
Date: 28 Dec 2000 15:50:34 +0100
"Michael Scott" <[EMAIL PROTECTED]> writes:
> However there seems to be a
> lot of fundemental disagreement as to the fastest way to implement. Some say
> Affine co-ordinates are faster, others projective.
I think affine co-ordinates are recommended by people who spend time
optimising division but not enough on multiplication. They find
division only 3 or 4 times as expensive as multiplication, say,
instead of 8 or 10 and then affine coordinates don't seem so bad.
I find projective to be about twice as fast as affine.
>Perhaps point-halving is the way to go? Some say yes, others no.
I'm not convinced that it makes a big difference either way. Its
advocates say most operations are linear. Sure, but that's no
panacea. Solving l^2+l = a+x costs about 3 or 4 times as much as
multiplication. A square root costs a bit more than a multiplication.
And there is a (non-linear) multiplication in there plus some other
little bits. So you have a cost equivalent to 5 or 6 multiplications
per point halving. More testing is needed before giving a definitive
pronouncement, IMO.
>Karatsuba??
Yes, definitely, everywhere.
> BTW which Montgomery trick? - he has so many! I know of 2 which might be
> relevant here - his representation of elliptic curves and a fast algorithm
> for multiplication using same,
I meant his trick for computing P+Q from P, Q and P-Q, using just the
X and Z projective coordinates without needing Y.
> and his fast method of using Affine
> co-ordinates to add points on several curves simultaneously (by batching the
> field inversions).
Batching inversions is folklore. I wouldn't attribute it to Peter...
It doesn't appear to be useful for sequential operations on a single
curve, though.
Bye,
Rob.
.-. [EMAIL PROTECTED] .-.
/ \ .-. .-. / \
/ \ / \ .-. _ .-. / \ / \
/ \ / \ / \ / \ / \ / \ / \
/ \ / \ / `-' `-' \ / \ / \
\ / `-' `-' \ /
`-' http://www.xent.com/~harley/ `-'
------------------------------
From: [EMAIL PROTECTED]
Subject: Windows 98 desktop lockdown application
Date: Thu, 28 Dec 2000 15:03:15 GMT
Hello,
I have a Windows 98 desktop that is shared by many people in a lab.
Is there a way that I can create a base installation (operating system
plus applications) and have that boot every time? That way, if the user
make changes to the desktop, registry, etc., it will always boot into
the base configuration.
Thanks!
Brian
Sent via Deja.com
http://www.deja.com/
------------------------------
From: "Mike Scott" <[EMAIL PROTECTED]>
Subject: Re: ___ MIRACL 4.43
Date: Thu, 28 Dec 2000 16:15:21 -0000
> the type of the finite field bases used,
The curves can be found in the file bmark.c. Polynomial basis, NIST standard
curves.
> method for field multiplications, any special tricks, method for
"exponentiations", NAF or ...
Same question? None really. A small table with 10 entries is pre-computed,
and a NAF used. Standard stuff really.
> method for field inverses, any special tricks,
The almost inverse method, no special tricks, its not particularly optimised
since I find projective co-ordinates faster.
> method for sum, double of points, affine or projective?
Either affine or projective can be used - specified when the curve is
initialised. Mostly I find the latter is faster, but there are (rare)
occasions when working on multiple curves simultaneously that Affine is
better. Sum, double of points - standard P1363 method.
I would emphasis again that I believe it is possible to achieve a 2-3 times
speed up by writing code specifically for a particular m in GF(2^m). For
example in our code the fact that many of the top order bits are 0 in, say,
a 32-bit repesentation of a curve co-ordinate, is not exploited. So m=163 is
particularly inefficient as the top 29 bits of the 6 32-bit integers
required to represent a co-ordinate are all 0 - but this isn't used to speed
up operations. Loop unrolling avoids the loop control overhead, and a
possible pipeline break. Its hard to write efficient generalised code that
works well for specific cases - well anyway I found it hard - and the aim
was to write generalised code.
Hope this helps
Mike Scott
------------------------------
From: "Rkq" <[EMAIL PROTECTED]>
Subject: Random keys of arbitrary length
Date: Thu, 28 Dec 2000 11:13:51 -0500
Key generation is a pain. Users usually don't enter secure keys (or don't
like having to bang keys or waggle the mouse to generate bits), and
computers aren't random enough to create them. Besides, random bytes have
to be stored somewhere since they cannot be reproduced (if they're truly
random). I need to be able to generate reasonably random keys of 10 - 16
bytes (ten for Skipjack, sixteen for IDEA) and 8-byte initialization
vectors. The keys have to be reproducible, obviously. Sometimes I have to
generate several keys per session.
So here's what I've been doing. Basically, I use the hash of a passphrase
to key a stream cipher, and then use the stream cipher's keystream to create
keys and IVs:
1. Have the user enter a passphrase. Make sure it's at least twenty
characters long.
2. Run the passphrase through both SHA1 and MD5 (separately), giving two
hashes.
3. Concatenate the hashes, giving a 288-bit value, and initialize RC4 with
that.
4. Whenever a random byte is needed, have RC4 return a byte of "keystream"
and use that.
How secure do you think that is? Is it a good or bad idea to create IVs
from the same source as the keys? And is it a good or bad idea to create
multiple keys from the same data?
That last question bothered me at one time, so I used to have two more
steps. The first step was between steps 3 and 4 above, and the other
followed step 4:
3a. Call RC4 twenty-five times and save the "keystream" bytes. Store the
first 16 bytes as an IDEA key, the next 8 as an initialization vector, and
the last byte as a count value.
4a. After every COUNT (where COUNT is the count value from step 3a) calls to
RC4, encrypt RC4's s-box with IDEA in CBC mode using the key and IV from
step 3a.
(So after a certain number of RC4 calls, RC4's data gets replaced with new
data that's based on the old data.)
Any thoughts?
------------------------------
From: "maciek" <[EMAIL PROTECTED]>
Subject: comparison of ciphers' speed
Date: Thu, 28 Dec 2000 17:23:31 +0100
I checked common cipher algorithms for their speed. I used demo program
from Delphi Encryption Compendium by Hagen Reddmann. My question is whether
this results are proportional. What I mean is that the implementation in
Delphi might not be the fastest one but I need to know if there are no huge
disproportions beetween the results. Would the relations be the same using
maximally optimized implementation?
this is a table with speeds of encryption, decryption and average:
Memory Speed Test for Cipher in Mode: cmECB
Algorithm Encode Mb/sec Decode Mb/sec � Mb/sec
3Way 8,29 7,67 7,980
Blowfish 19,47 19,71 19,594
Gost 9,97 11,53 10,746
IDEA 7,56 7,52 7,542
Q128 17,59 35,23 26,410
SAFER-K40 8,95 9,13 9,043
SAFER-SK40 8,96 9,26 9,108
SAFER-K64 7,13 7,29 7,213
SAFER-SK64 7,57 7,42 7,498
SAFER-K128 4,79 4,76 4,777
SAFER-SK128 4,82 4,76 4,790
SCOP 49,61 76,70 63,156
Shark 11,98 10,31 11,141
Square 21,46 22,53 21,995
TEA 16,29 18,18 17,239
TEA extended 15,11 17,89 16,500
Twofish 15,29 18,08 16,683
Sample Cipher 32,10 46,01 39,058
Cast 128 16,26 21,21 18,737
Cast 256 10,96 11,95 11,453
DES Single 8byte 9,28 10,14 9,712
DES Double 8byte 3,45 3,55 3,502
DES Double 16byte 3,55 3,61 3,581
DES Triple 8byte 3,54 3,56 3,553
DES Triple 16byte 3,51 3,61 3,562
DES Triple 24byte 3,46 3,55 3,504
DESX 9,04 9,98 9,510
Diamond II 4,26 4,29 4,272
Diamond II Lite 3,83 4,02 3,926
FROG 5,52 7,60 6,563
Mars 12,00 12,47 12,231
Misty 1 6,15 6,62 6,386
NewDES 6,15 6,10 6,124
RC2 4,11 3,58 3,843
RC4 22,43 25,62 24,027
RC5 21,30 25,61 23,455
RC6 13,87 15,23 14,548
Rijndael 17,46 17,42 17,437
Sapphire II 13,46 14,52 13,990
Skipjack 4,99 5,22 5,105
I would appreciate very much your help. (I need this comparison for my
assignment, it's quite important for me)
Maciek
------------------------------
From: "Dullboy" <[EMAIL PROTECTED]>
Subject: Basic infor for newbies
Date: Thu, 28 Dec 2000 12:35:46 +0100
I recently got interested in cryptology reading a book on the subject and
was wondering where I can find more information in general and in specific
crypto methods. Are there any sites that are more relevant than others?
Thanks /Fredrik
------------------------------
From: "Dullboy" <[EMAIL PROTECTED]>
Subject: Basic infor for newbies
Date: Thu, 28 Dec 2000 12:35:46 +0100
I recently got interested in cryptology reading a book on the subject and
was wondering where I can find more information in general and in specific
crypto methods. Are there any sites that are more relevant than others?
Thanks /Fredrik
------------------------------
From: "Ed" <[EMAIL PROTECTED]>
Subject: DES java encription problem.(ACME Library)
Date: Thu, 28 Dec 2000 17:26:05 +0100
Hi!!!
I have a Java code that encripts with the DES algorithm.
The code uses the ACME library
http://www.acme.com/java/software/Package-Acme.Crypto.html
I have to decrypt from a C program and I'm using the SSLeay library.
But I'm not able to decrypt the strings. I thought that the problem
could be the translation to hexadecimal codes but even the decimal
codes are different. Very different.
I have test with all DES modes to decript, cfb64, cfb, ecb, cbc and nothing.
Anyone knows what kind of mode uses the Acme library to encrypt?
Any idea?
Bye.
------------------------------
From: Bob Silverman <[EMAIL PROTECTED]>
Subject: Re: Basic infor for newbies
Date: Thu, 28 Dec 2000 16:27:46 GMT
In article <92fh81$9de$[EMAIL PROTECTED]>,
Simon Johnson <[EMAIL PROTECTED]> wrote:
> Of course, the best place to learn from is here, sci.crypt, really.
NO! This is not the best place to learn from. There is much too much
misinformation posted by non-experts. There is no way for a novice
to know the difference.
--
Bob Silverman
"You can lead a horse's ass to knowledge, but you can't make him think"
Sent via Deja.com
http://www.deja.com/
------------------------------
From: Arturo <[EMAIL PROTECTED]=NOSPAM>
Subject: Re: Basic infor for newbies
Date: Thu, 28 Dec 2000 17:29:50 +0100
On Thu, 28 Dec 2000 12:35:21 +0100, "Dullboy" <[EMAIL PROTECTED]> wrote:
>I recently got interested in cryptology reading a book on the subject and
>was wondering where I can find more information in general and in specific
>crypto methods. Are there any sites that are more relevant than others?
>
>Thanks /Fredrik
>
http://www.cacr.math.uwaterloo.ca/hac/ containst the Handbook of Applied
Cryptography. It�s all in pdf or ps format. A little too rocket-science stuff,
but give it a try.
------------------------------
From: Arturo <[EMAIL PROTECTED]=NOSPAM>
Subject: Re: Basic infor for newbies
Date: Thu, 28 Dec 2000 17:30:18 +0100
On Thu, 28 Dec 2000 12:35:21 +0100, "Dullboy" <[EMAIL PROTECTED]> wrote:
>I recently got interested in cryptology reading a book on the subject and
>was wondering where I can find more information in general and in specific
>crypto methods. Are there any sites that are more relevant than others?
>
>Thanks /Fredrik
>
BTW, please check your newsreader. You posted the same message 6-8 times.
------------------------------
From: "Dullboy" <[EMAIL PROTECTED]>
Subject: Basic infor for newbies
Date: Thu, 28 Dec 2000 12:35:46 +0100
I recently got interested in cryptology reading a book on the subject and
was wondering where I can find more information in general and in specific
crypto methods. Are there any sites that are more relevant than others?
Thanks /Fredrik
------------------------------
From: "Dullboy" <[EMAIL PROTECTED]>
Subject: Basic infor for newbies
Date: Thu, 28 Dec 2000 12:35:46 +0100
I recently got interested in cryptology reading a book on the subject and
was wondering where I can find more information in general and in specific
crypto methods. Are there any sites that are more relevant than others?
Thanks /Fredrik
------------------------------
From: "Dullboy" <[EMAIL PROTECTED]>
Subject: Basic infor for newbies
Date: Thu, 28 Dec 2000 12:35:46 +0100
I recently got interested in cryptology reading a book on the subject and
was wondering where I can find more information in general and in specific
crypto methods. Are there any sites that are more relevant than others?
Thanks /Fredrik
------------------------------
From: "Dullboy" <[EMAIL PROTECTED]>
Subject: Basic infor for newbies
Date: Thu, 28 Dec 2000 12:35:46 +0100
I recently got interested in cryptology reading a book on the subject and
was wondering where I can find more information in general and in specific
crypto methods. Are there any sites that are more relevant than others?
Thanks /Fredrik
------------------------------
From: Markku J. Saarelainen <[EMAIL PROTECTED]>
Crossposted-To: alt.2600,comp.security,alt.security
Subject: Some articles of the constitution of Finland .... "Right to privacy" ... "
Freedom of expression and right of access to information" ... " Freedom of assembly
and freedom of association" -- Finnish people violated all .....
Date: Thu, 28 Dec 2000 17:29:53 GMT
Actually Finnish people (the government reps .. I have records of this)
violated my rights to privacy ... Tina Nelin, my ex-relatives together
with my ex-spouse violated my privacy ..... "Section 10 - The right to
privacy"
=======================
"
Section 10 - The right to privacy
Everyone's private life, honour and the sanctity of the home are
guaranteed. More detailed provisions on the protection of personal data
are laid down by an Act.
The secrecy of correspondence, telephony and other confidential
communications is inviolable.
Measures encroaching on the sanctity of the home, and which are
necessary for the purpose of guaranteeing basic rights and liberties or
for the investigation of crime, may be laid down by an Act. In
addition, provisions concerning limitations of the secrecy of
communications which are necessary in the investigation of crimes that
jeopardise the security of the individual or society or the sanctity of
the home, at trials and security checks, as well as during the
deprivation of liberty may be laid down by an Act.
"
--- the government reps of Finland tried to prevent me from using my
freedom of speech / expression rights .... "Section 12 - Freedom of
expression and right of access to information"
"
Section 12 - Freedom of expression and right of access to information
Everyone has the freedom of expression. Freedom of expression entails
the right to express, disseminate and receive information, opinions and
other communications without prior prevention by anyone. More detailed
provisions on the exercise of the freedom of expression are laid down
by an Act. Provisions on restrictions relating to pictorial programmes
that are necessary for the protection of children may be laid down by
an Act.
Documents and recordings in the possession of the authorities are
public, unless their publication has for compelling reasons been
specifically restricted by an Act. Everyone has the right of access to
public documents and recordings.
"
======= and the government reps of Finland tried to hurt me and prevent
me from arranging internet meetings and hold demostrations without a
permit .... "Section 13 - Freedom of assembly and freedom of
association"
"
Section 13 - Freedom of assembly and freedom of association
Everyone has the right to arrange meetings and demonstrations without a
permit, as well as the right to participate in them.
Everyone has the freedom of association. Freedom of association entails
the right to form an association without a permit, to be a member or
not to be a member of an association and to participate in the
activities of an association. The freedom to form trade unions and to
organise in order to look after other interests is likewise guaranteed.
More detailed provisions on the exercise of the freedom of assembly and
the freedom of association are laid down by an Act.
"
=============================
http://www.om.fi/constitution/3340.htm
Sent via Deja.com
http://www.deja.com/
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: Foolproof Quantum Cryptography
Reply-To: [EMAIL PROTECTED]
Date: Thu, 28 Dec 2000 17:55:25 GMT
John Savard <[EMAIL PROTECTED]> wrote:
: Looking at the cited article, it claims these single photons are
: useful in both, but it's the cryptography (the EPR one-time-pad
: sharing stuff) that is 'foolproof' in that the interception of a
: single photon will always be detected.
I've not yet seen a quantum cryptography protocol that defends against
the interception of individual photons. Typically an active attacker
can get a very small number of bits from the message without being
detected. Only attempts to get more than a few bits have a slender chance
of success.
Attempts to defeat such attacks can partially succeed - at the cost of
wasting much of the available bandwidth with checking designed to detect
interference.
There are also MITM attacks involving the side channel to consider, if
this is not properly authenticated.
--
__________ http://alife.co.uk/ http://mandala.co.uk/
|im |yler [EMAIL PROTECTED] http://hex.org.uk/ http://atoms.org.uk/
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
