Cryptography-Digest Digest #418, Volume #13 Thu, 4 Jan 01 01:13:00 EST
Contents:
Re: ---- Which comes first? Posting or the Egg? (Greggy)
Seed data for key generation ([EMAIL PROTECTED])
Re: unique codes ("Joseph Ashwood")
nonstandard MD5 hash function... has anyone seen this? ([EMAIL PROTECTED])
Re: nonstandard MD5 hash function... has anyone seen this? (Paul Rubin)
Re: Seed data for key generation ("Joseph Ashwood")
Re: ---- Which comes first? Posting or the Egg? (Steve Portly)
Re: Test Data for DES? ("Dave Rudolf")
Simple Sublimibimbimal Exercise (wtshaw)
Re: Simple Source Related Question??? ("Dave Rudolf")
Re: Audio-CD steganography? ("Dave Rudolf")
Re: Test values (Wei Dai)
Re: example code for your use ("vrml3d.com")
Re: Very Simple Gift Certificate Scheme (Matthew Skala)
----------------------------------------------------------------------------
From: Greggy <[EMAIL PROTECTED]>
Subject: Re: ---- Which comes first? Posting or the Egg?
Date: Wed, 03 Jan 2001 23:33:03 GMT
In article <91uvb8$m3a$[EMAIL PROTECTED]>,
Greggy <[EMAIL PROTECTED]> wrote:
>
>
> As I read through the latest Q&A from BXA regarding encryption export
> licensing, I come to question 26. It states,
>
> ... encryption source code that would be publicly
> available (and posting to the Internet itself would
> make it publicy available), ...would be
> eligible under License Exception TSU... Under this
> policy, the software may be exported without prior
> submission to the government for technical review...
> ... software exported under this exception may be posted
> to the Internet without restriction and would not be
> subject to any requirement to screen for access.
>
> Now I ask all of you, if I post my source code to this NG, does that
> eliminate all restrictions to post my source code to this NG?
>
> You cannot convince me that the BXA is not a government operation.
I read some additional information on what is required to make source
code freely available last night. The way I read the BXA regs, just
offering to any of you a print out of my source code at a very minimal
cost to cover my mailing and reproduction costs makes it "freely
available". Once I establish the status merely by the offer, then I am
allowed to make it freely available electronically.
Any thoughts are welcomed...
--
I prefer my fourth amendment rights over a dope free
society, even if the latter could actually be achieved.
Al Gore and the Florida Robes - More than just another rock group;
a clear and present danger to America's national security.
Sent via Deja.com
http://www.deja.com/
------------------------------
From: [EMAIL PROTECTED]
Subject: Seed data for key generation
Date: Wed, 03 Jan 2001 23:53:49 GMT
Hi,
If I want to encrypt a document using DES can I use the hash of the
document to seed the DES key generator securely?
Thanks in advance,
Simon.
--
Take the bird out to reply.
email: simonepstein@hot[chick]mail.com
--
Take the bird out to reply.
email: simonepstein@hot[chick]mail.com
Sent via Deja.com
http://www.deja.com/
------------------------------
From: "Joseph Ashwood" <[EMAIL PROTECTED]>
Subject: Re: unique codes
Date: Wed, 3 Jan 2001 15:50:13 -0800
It's actually not difficult to do. Decide on your formatting, for example I
choose based on what I see below as 2-upper-case, 2, digit's, 3 uppercase,
2-digits, 2-upper, digit, 4 upper. This is ~69-bits. I don't like that so
I'm going to lop off the last 5 bits giving me a nice even 64-bits, this can
be neatly filled in with a checksum. Then:
known only to you : X, a 56-bit value (you could use a 3*56-bit value, but I
won't)
counter = initially 0
To compute a unique value (Assumes: DES(Key, Data):
value = DES(X, counter);
counter++;
this will be completely unique for exactly 2^64 values, pad it with a CRC to
get an appropriate value. Then to get it in the correct format:
output[0] = value %26;
value = value /26;
output[1] = value % 26;
value = value/26
....(just fill in the extra code for base conversion)
There will be a way for someone to guess another code, but it'll take
56-bits of work (they aren't given enough information for a more advanced
attack), so it's cheaper to just try a guess at a 64-bit number. If you want
to be absolutely sure, use 3DES instead of DES.
Another option which will actually offer less security is to compute an RSA
key which is close to the maximum value (slightly lower), and perform the
same.
Joe
"Eric Mosley" <[EMAIL PROTECTED]> wrote in message
news:tRn46.931$[EMAIL PROTECTED]...
> CLAIM CODE : XM82-VJY26W-H2LCNQ
------------------------------
From: [EMAIL PROTECTED]
Subject: nonstandard MD5 hash function... has anyone seen this?
Date: Wed, 03 Jan 2001 23:58:15 GMT
I am trying to figure out how a particular hash function works. From clues
in the documentation it appears to be some iteration of md5, but I haven't
been able to figure out how it differs. The hashes look like the following:
kS7IA7LOSeSlQQaNSVq1cA==
is the hash for "asdf" (all lower-case). The function is case-sensitive and
functions like any other hash function insomuch that a string of variable
length always results in a 24 character hash. One unique feature of this
function is the hashes contain characters other than letters and numbers.
Another unique feature, and one which continues to puzzle me, is that all
hashes end with "==", such as:
the hash for "aaa" is R7zlx09Yn0hn29V+nKn4CA==
the hash for "Aaa" is 5KzOFMS6+W/sMBfHQJUEzg==
Any help on with this matter would be greatly appreciated. Thanks!
-Mark-
Sent via Deja.com
http://www.deja.com/
------------------------------
From: Paul Rubin <[EMAIL PROTECTED]>
Subject: Re: nonstandard MD5 hash function... has anyone seen this?
Date: 03 Jan 2001 16:13:20 -0800
[EMAIL PROTECTED] writes:
> I am trying to figure out how a particular hash function works. From clues
> in the documentation it appears to be some iteration of md5, but I haven't
> been able to figure out how it differs. The hashes look like the following:
>
> kS7IA7LOSeSlQQaNSVq1cA==
>
> is the hash for "asdf" (all lower-case). The function is case-sensitive and
> functions like any other hash function insomuch that a string of variable
> length always results in a 24 character hash.
This is a MIME base-64 encoded 128 bit hash.
------------------------------
From: "Joseph Ashwood" <[EMAIL PROTECTED]>
Subject: Re: Seed data for key generation
Date: Wed, 3 Jan 2001 16:10:15 -0800
<[EMAIL PROTECTED]> wrote in message news:930e2a$1ok$[EMAIL PROTECTED]...
> If I want to encrypt a document using DES can I use the hash of the
> document to seed the DES key generator securely?
Yes you can. But there is a very significant problem, how are you going to
get the hash of the document after the document is encrypted? You also don't
seem to know much about how DES works, DES does not have a key generator, it
takes a key, uses that key to encrypt a 64-bit block. It might be that you
mean to take the value and key a pRNG using the output of the pRNG as the
key to DES, that is probably not a very good idea, it will be no more secure
than the hash, and can be significantly less secure.
Joe
------------------------------
From: Steve Portly <[EMAIL PROTECTED]>
Subject: Re: ---- Which comes first? Posting or the Egg?
Date: Wed, 03 Jan 2001 20:44:10 -0500
Greggy wrote:
> In article <91uvb8$m3a$[EMAIL PROTECTED]>,
> Greggy <[EMAIL PROTECTED]> wrote:
> >
> >
> > As I read through the latest Q&A from BXA regarding encryption export
> > licensing, I come to question 26. It states,
> >
> > ... encryption source code that would be publicly
> > available (and posting to the Internet itself would
> > make it publicy available), ...would be
> > eligible under License Exception TSU... Under this
> > policy, the software may be exported without prior
> > submission to the government for technical review...
> > ... software exported under this exception may be posted
> > to the Internet without restriction and would not be
> > subject to any requirement to screen for access.
> >
> > Now I ask all of you, if I post my source code to this NG, does that
> > eliminate all restrictions to post my source code to this NG?
> >
> > You cannot convince me that the BXA is not a government operation.
>
> I read some additional information on what is required to make source
> code freely available last night. The way I read the BXA regs, just
> offering to any of you a print out of my source code at a very minimal
> cost to cover my mailing and reproduction costs makes it "freely
> available". Once I establish the status merely by the offer, then I am
> allowed to make it freely available electronically.
>
> Any thoughts are welcomed...
Well if you posted the source code for a strong algorithm to this newsgroup
it would probably get buried quite quickly. There are enough people
selling commercial products here that would love to take on any
competition. Besides a lot of the best ciphers were written years ago.
What programmer if asked to write a strong cipher would not think up
something like the old four in one cipher on their own? Unless you have
done a patent search chances are good that your cipher has been thought of
before and posting it in a public forum may be disclosing someone elses
trade secrets.
>
>
> --
> I prefer my fourth amendment rights over a dope free
> society, even if the latter could actually be achieved.
> Al Gore and the Florida Robes - More than just another rock group;
> a clear and present danger to America's national security.
>
> Sent via Deja.com
> http://www.deja.com/
------------------------------
From: "Dave Rudolf" <[EMAIL PROTECTED]>
Subject: Re: Test Data for DES?
Date: Wed, 3 Jan 2001 19:45:50 -0600
Well, the only way to be *certain* that the implementation was correct would
be to test all possible plaintexts with all possible keys. If I could do
this, then DES wouldn't be that usefull, since this takes way longer than a
brute-force attack :)
Anyway, if you have a link to a good implementation, send 'er this way. I
actually stubbled across some stuff to work with (both implementations and
several test vectors).
<[EMAIL PROTECTED]> wrote in message news:92uds2$bd9$[EMAIL PROTECTED]...
> hi dave,
>
> In article <1Vt46.22377$[EMAIL PROTECTED]>,
> "Dave Rudolf" <[EMAIL PROTECTED]> wrote:
> > Fair enough, though all I really need are some more plaintext-
> ciphertext pairs,
> > and it would be nice to have some intermediate values (say the output
> of each
> > round, to make sure mine isn't finicky). But if you're just aching to
>
> i had used Earl and Youngs DES implementation in ssl source code to
> check against my implementation.. u may select ny other implementation
> that u can follow t check against. i followed the same tests as
> prescribed to the aes candidates last year.
>
> secondly i think stinson or schneier's books (sorry i don't remember
> which one... although i think have intermediate values for sample input
> and keys... but mind u even if u get those correct that does not prove
> ur implementation as _entirely_ correct.
>
> -regards,
> Shailesh.
>
>
> Sent via Deja.com
> http://www.deja.com/
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Simple Sublimibimbimal Exercise
Date: Wed, 03 Jan 2001 19:30:43 -0600
Pull up www.radiofreetexas.com/wts/pix/text.GIF.
Save it and see if you can find the process to see the contents. I left a
few clues to egg you on, the confined spaces is some letters, but they
could be eliminated.
Whereever there are black areas in a graphic, the same technique is good
for hiding content and most probably already have what you need to read
it, the Gates Secret Decoder Ring, otherwise known as MS Photo Editor.
--
History repeats itself when given the opportunity.
Question repeating old mistakes.
Be certain of the outcome of repeating mistakes.
------------------------------
From: "Dave Rudolf" <[EMAIL PROTECTED]>
Subject: Re: Simple Source Related Question???
Date: Wed, 3 Jan 2001 20:09:07 -0600
I have also just completed a simple Java implementation of the ECB mode of
DES, and the complete algorithm (as I have implemented and tested it) is
explained on my site. It does encrypt and decrypt, but I'm still testing it
to see if it is up to NBS's specs. Come hither, if you are interested...
http://members.home.net/dave.t.rudolf/prog/crypto/
Dave.
"Bob Mariotti" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> After reading hundreds of these posts here, in sci.electronics,
> searching the web for days and days yes, reading info in several books
> and articles, I still have not been able to come up with what I am
> looking for. Perhaps one of you "experts" can assist.
>
> I am charged with creating a routine in our development logic that
> will calculate the PIN offsets for new ATM/POS cards using the DES
> encryption common to banking.
>
> I have searched for sample source code in ANY language and found only
> one in C++ what was quite 'cryptic'.
>
> Can anyone please point me to a site or email me an example of a
> simple ECB routine to calculate the DES value (pin offset to be
> specific).
>
> I find the topics quite interesting and I would enjoy devoting all my
> working and leisure time to studying it. However, project deadlines
> loom and I must make progress. ANY help will be greatly appreciated.
>
> Thank you.
>
------------------------------
From: "Dave Rudolf" <[EMAIL PROTECTED]>
Subject: Re: Audio-CD steganography?
Date: Wed, 3 Jan 2001 20:38:54 -0600
Agreed, although it rather than inserting the occasional "sound sample" of
hidden data, one could hide data in one bit (or two or probably even 4) from
each a 16-bit sample, and only golden-eared sound techies would be able to
distinguish it. This applies to pixels of an image (with rather high colour
depth). Perhaps, better than this, one could run the sound files through
lossy compression (ie. MP3), and the secret bits could be further hidden by
the aliasing and masking og the compression. Of course, a lot of planning
would have to go into the compression method, so that the secret bits don't
get lost. Just a though.
<[EMAIL PROTECTED]> wrote in message
news:DrH46.38652$[EMAIL PROTECTED]...
> Mok-Kong Shen <[EMAIL PROTECTED]> wrote:
> > Graphical files allow hiding of bits through appropriate
> > modification of pixels. Wouldn't it be possible to do
> > analogous modifications to audio data? If yes, how good
> > is that? Thanks.
>
> I would hazard a guess that it's an even more fertile field to plow,
> since on average a digital audio clip has many more samples than an
> image has pixels. As a naive approach, simply replacing an occasional
> sample will most likely go unnoticed by the casual listener, since the
> pop or hiss introduced will be well under a millisecond.
>
> For anything that can be expressed as a waveform, you might be able to
> compose the hidden message with the original recording. I'm not sure
> how practical that is, since you'd have to avoid audible differences,
> but I suspect it's possible.
>
> As far as cd's go though, I'm not sure that's a particuarly practical
> place to conceal messages, given the amount of work in creating one. A
> cd-r, for example, won't be too convincing to a non-casual
> observeror. On the other hand, an actual replicated platter is quite a
> bit more expensive.
>
> If you're playing the "unlimited budget" game, however, it's possible
> to hide your message on another layer, which won't even be readable by
> normal cd players. Either that, or use a different frequency laser to
> read smaller pits in between the normal tracks.
>
> --
> Matt Gauthier <[EMAIL PROTECTED]>
------------------------------
From: Wei Dai <[EMAIL PROTECTED]>
Subject: Re: Test values
Date: Wed, 3 Jan 2001 19:59:57 -0800
In article <930b3o$v6s$03$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] says...
> I once again request test values for the gost 28147-89 algo. Could pls
> anyone encrypt a sample block of plaintext in ecb mode and post the
> plaintext, the ciphertext, the key and the sboxes here.
>From Crypto++:
// these are the S-boxes given in Applied Cryptography 2nd Ed., p. 333
const byte GOST::sBox[8][16]={
{4, 10, 9, 2, 13, 8, 0, 14, 6, 11, 1, 12, 7, 15, 5, 3},
{14, 11, 4, 12, 6, 13, 15, 10, 2, 3, 8, 1, 0, 7, 5, 9},
{5, 8, 1, 13, 10, 3, 4, 2, 14, 15, 12, 7, 6, 0, 9, 11},
{7, 13, 10, 1, 0, 8, 9, 15, 14, 4, 6, 12, 11, 2, 5, 3},
{6, 12, 7, 1, 5, 15, 13, 8, 4, 10, 9, 14, 0, 3, 11, 2},
{4, 11, 10, 0, 7, 2, 1, 13, 3, 6, 8, 5, 9, 12, 15, 14},
{13, 11, 4, 1, 3, 15, 5, 9, 0, 10, 14, 7, 6, 8, 2, 12},
{1, 15, 13, 0, 5, 7, 10, 4, 9, 2, 3, 14, 6, 11, 8, 12}};
key plaintext ciphertext:
BE5EC2006CFF9DCF52354959F1FF0CBFE95061B5A648C10387069C25997C0672
0DF82802B741A292 07F9027DF7F7DF89
B385272AC8D72A5A8B344BC80363AC4D09BF58F41F540624CBCB8FDCF55307D7
1354EE9C0A11CD4C 4FB50536F960A7B1
AEE02F609A35660E4097E546FD3026B032CD107C7D459977ADF489BEF2652262
6693D492C4B0CC39 670034AC0FA811B5
320E9D8422165D58911DFC7D8BBB1F81B0ECD924023BF94D9DF7DCF7801240E0
99E2D13080928D79 8118FF9D3B3CFE7D
C9F703BBBFC63691BFA3B7B87EA8FD5E8E8EF384EF733F1A61AEF68C8FFA265F
D1E787749C72814C A083826A790D3E0C
728FEE32F04B4C654AD7F607D71C660C2C2670D7C999713233149A1C0C17A1F0
D4C05323A4F7A7B5 4D1F2E6B0D9DE2CE
35FC96402209500FCFDEF5352D1ABB038FE33FC0D9D58512E56370B22BAA133B
8742D9A05F6A3AF6 2F3BB84879D11E52
D416F630BE65B7FE150656183370E07018234EE5DA3D89C4CE9152A03E5BFB77
F86506DA04E41CB8 96F0A5C77A04F5CE
--
http://cryptopp.com - a free C++ class library of cryptographic schemes
------------------------------
From: "vrml3d.com" <[EMAIL PROTECTED]>
Subject: Re: example code for your use
Date: Thu, 4 Jan 2001 00:10:03 -0500
Simon Johnson <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
[snip]
> >
> I often wonder how successful that export legislation has been, have
> any convictions been made on it?
The last time I had to download strong encryption, when it asked for my
information I put:
Name: Hafez the Enforcer
Address: 1 Jihad Way, Baghdad
What does that tell you? I mean, like, how hard is it for foreign nationals
to get 500 free hours of AOL and download whatever they want anyway? I've
been wanting to go over to CIA headquarters, knock on their foreheads and
say "Hello! McFly!!".
--Steve
------------------------------
From: [EMAIL PROTECTED] (Matthew Skala)
Subject: Re: Very Simple Gift Certificate Scheme
Date: 3 Jan 2001 21:16:53 -0800
In article <[EMAIL PROTECTED]>,
John A. Malley <[EMAIL PROTECTED]> wrote:
>What does the hash help protect against if Alice, Bob and Carol pass the
>certificates to one another via secure channels, only Alice knows the
>complete set of serial numbers issued, and the serial numbers are
>selected at random uniformly distributed across 0 - (2^k - 1)?
I don't think the hash is necessary at all, although as Tom says in his
followup, it may make it easier to issue the certificates if no good
random number generator is available when the certificates are being
issued (although in that case, where did the secure key from? why not use
it as a PRNG seed?).
The Kosmos Online project discussed a similar concept under the heading of
"issuing servers". There, we had a situation where players and
subordinate servers in a role-playing game would be given "items"
representing things in the game, and permitted to transfer them amongst
each other but with a need for the transfers to be one-way: I can give you
something but then once you have it I can't take it back. Also, we wanted
to prevent things like double-spending. Some aspects of our situation were:
* Items had to be testable for authenticity
* Forging of items had to be impossible
* Items had to be transferable
* Little, if any, requirement for anonymity
* All transactions could involve interactions among all the parties
* Plenty of computer power available
* The central server that gave out the items was trusted
Our solution was simple: when the server creates an item, it gives it a
random serial number. When I want to give you an item, you take it to the
server and say, "Is this genuine?, and if so, give it a new serial
number." The server, which knows about all the numbers it has issued,
gives you a fresh number, transfers the value to that number, and marks
the old one invalid. That way I can't take the item back unless you give
me the new number. I can't forge an item because I can't guess the
server's serial numbers. Interestingly, before cooking up the simple
serial-number system we looked at a more elaborate system involving keyed
hashes, quite similar to Tom's; we rejected that because it seemed to be
simply unnecessary.
This is discussed, buried among lots of interesting but non-cryptographic
content, in the mailing list archive slice at
http://www.islandnet.com/~mskala/kosmos1.txt
Search on "issuing server" for messages about this topic.
--
Matthew Skala
[EMAIL PROTECTED] :CVECAT DELENDA EST
http://www.islandnet.com/~mskala/
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
