Cryptography-Digest Digest #464, Volume #13 Sat, 13 Jan 01 10:13:01 EST
Contents:
Re: Need of very simple algorithms? (Shawn Willden)
Re: Need of very simple algorithms? (Simon Johnson)
Cavell Challenge #1 (Richard John Cavell)
Re: 16bit collision resistance hash function? (Simon Johnson)
Re: Need of very simple algorithms? (Mok-Kong Shen)
Re: CHES 2001 --- 2nd CFP ("A Al-Sabagh")
Re: On cryptographic proofs and their (lack) of concreteness (Simon Johnson)
Re: NSA and Linux Security (Simon Johnson)
Re: Cavell Challenge #1 (H H Chau)
Re: Cavell Challenge #1 (Richard Heathfield)
Re: Need of very simple algorithms? (Simon Johnson)
----------------------------------------------------------------------------
From: Shawn Willden <[EMAIL PROTECTED]>
Subject: Re: Need of very simple algorithms?
Date: Sat, 13 Jan 2001 02:44:47 -0700
Shawn Willden wrote:
> GSM cellphones carrying smart card chips that are perfectly capable of
> implementing AES, even they currently don't.
Sheez, it must be late. Let me try that sentence again...
GSM cellphones carry smart card chips that are perfectly capable of
implementing AES, even if they currently don't.
> Many of them also have
> cryptographic coprocessors that allow them to implement public key crypto.
> There is no problem here. Further, the phones themselves have much more
> powerful microprocessors which could also easily run sophisticated crypto,
> although they don't have any sort of secure key storage.
Shawn.
------------------------------
From: Simon Johnson <[EMAIL PROTECTED]>
Subject: Re: Need of very simple algorithms?
Date: Sat, 13 Jan 2001 10:42:42 GMT
With someat like SMS, are you talking about upgrading the protocols
to have encryption and authentication, or some sort of off-line
encryption. For off-line encryption, I think Solitaire would be a nice
algorithm....
Simon
--
Hi, i'm the signuture virus,
help me spread by copying me into Signiture File
Sent via Deja.com
http://www.deja.com/
------------------------------
From: Richard John Cavell <[EMAIL PROTECTED]>
Subject: Cavell Challenge #1
Date: Sat, 13 Jan 2001 21:56:16 +1100
Okay turkeys,
I am interested in decryption, and as part of this I searched around for
ciphers to decode as practise. I was unable to find anything suitable for
adults. Though I realise that the leading edge of cryptology is far beyond
what's possible with pen and paper, I decided to create some cryptographs
for you to attempt to solve. This is what I wanted many months ago.
I won't tell you the key or cipher method, but I will tell you that they
are quite solvable using pen and paper and basic techniques. Use your
brain and you will get them.
Here's challenge #1:
LZAKRUAHZWJRAKRESVWRTQRJGLSLAFYRLZWRSDHZSTWLRWAYZLRDWLLWJKRRBMDAMKRUSWKS
JRAFNWFLWVRALRRARZSNWRMKWVRLZWRDWLLWJRRRLGRJWHJWKWFLRKHSUWKRRKWWRAXRQGMR
USFRVWUGVWRLZAKREWKKSYWRR
=============================================================
Richard Cavell - [EMAIL PROTECTED]
Newsgroups - Please keep any discussion on the group, and copy your
replies to me via email. (Server problems). Sending me bulk email
guarantees a nasty response.
Judge Thomas Penfield Jackson on Bill Gates: "He has a Napoleonic concept
of himself and his company, an arrogance that derives from power"
=============================================================
------------------------------
From: Simon Johnson <[EMAIL PROTECTED]>
Subject: Re: 16bit collision resistance hash function?
Date: Sat, 13 Jan 2001 10:51:35 GMT
In article <93n28d$kmg$07$[EMAIL PROTECTED]>,
"[Basic]" <[EMAIL PROTECTED]> wrote:
> Hi,
>
> is there any way to produce a hash value that has only 16bit length
but is
> as collision resistance as possible? There is no other property
needed than
> a maximum of collision resistance.
>
> ebfe
>
>
Try making a complexity theortic generator based on say the discrete
log problem. Pick a P, which will make the complexity of solving the
problem backwards equal or greater to that of brute-forcing the
algorithm. This should work, but i don't know how to determine the
complexities.
--
Hi, i'm the signuture virus,
help me spread by copying me into Signiture File
Sent via Deja.com
http://www.deja.com/
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Need of very simple algorithms?
Date: Sat, 13 Jan 2001 12:06:10 +0100
Simon Johnson wrote:
>
> With someat like SMS, are you talking about upgrading the protocols
> to have encryption and authentication, or some sort of off-line
> encryption. For off-line encryption, I think Solitaire would be a nice
> algorithm....
I know not much about Solitaire than its name. What's your
experience of using it to encrypt, say, some 80 characters?
Thanks.
M. K. Shen
------------------------------
From: "A Al-Sabagh" <[EMAIL PROTECTED]>
Crossposted-To: comp.arch.fpga,comp.arch.arithmetic
Subject: Re: CHES 2001 --- 2nd CFP
Date: Sat, 13 Jan 2001 06:19:34 -0500
testing
--
Al Sabagh
98081-2150 Burnhamthorpe Rd W.
Mississauga, ON L5L 3A0
Canada
Fax: 530 504 9330
"Christof Paar" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> We apologize for multiple mailings. -Christof Paar
>
> ===================================================================
>
> WORKSHOP ON CRYPTOGRAPHIC HARDWARE AND EMBEDDED SYSTEMS
> (CHES 2001)
>
> www.chesworkshop.org
>
> Paris - France
> May 13 - 16, 2001
>
> Second Call for Papers
>
> General Information
>
> The focus of this workshop is on all aspects of cryptographic
> hardware and embedded system design. The workshop will be a forum of
> new results from the research community as well as from the industry.
> Of special interest are contributions that describe new methods for
> efficient hardware implementations and high-speed software for
> embedded systems, e.g., smart cards, microprocessors, DSPs, etc. We
> hope that the workshop will help to fill the gap between the
> cryptography research community and the application areas of
> cryptography. Consequently, we encourage submission from academia,
> industry, and other organizations. All submitted papers will be
> reviewed.
>
> This will be the third CHES workshop. The first workshop, CHES '99,
> was held at WPI in August of 1999 and was very well received by
> academia and industry. There were 170 participants, more than half of
> which were from outside the United States. The second workshop, CHES
> 2000, was also held at WPI in August of 2000 and had an attendance of
> 180.
>
> The third workshop, CHES 2001, will be held in Paris in May of 2001.
> The topics of interest include but are not limited to:
>
> * Computer architectures for public-key cryptosystems
> * Computer architectures for secret-key cryptosystems
> * Reconfigurable computing and applications in cryptography
> * Cryptographic processors and co-processors
> * Modular and Galois field arithmetic architectures
> * Tamper resistance on the chip and board level
> * Smart card attacks and architectures
> * Efficient algorithms for embedded processors
> * Special-purpose hardware for cryptanalysis
> * Fast network encryption
> * True and pseudo random number generators
> * Cryptography in wireless applications
>
>
> Instructions for Authors
>
> Authors are invited to submit original papers. The preferred
> submission form is by electronic mail to [EMAIL PROTECTED]
> Papers should be formatted in 12pt type and not exceed 12 pages (not
> including the title page and the bibliography). The title page should
> contain the author's name, address (including email address and an
> indication of the corresponding author), an abstract, and a small
> list of key words. Please submit the paper in Postscript or PDF. We
> recommend that you generate the PS or PDF file using LaTeX, however,
> MS Word is also acceptable. All submissions will be refereed.
>
> Only original research contributions will be considered. Submissions
> must not substantially duplicate work that any of the authors have
> published elsewhere or have submitted in parallel to any other
> conferences or workshops that have proceedings.
>
>
> Important Dates
>
> Submission Deadline: February 15th, 2001.
> Acceptance Notification: March 31st, 2001.
> Final Version due: April 21st, 2001.
> Workshop: May 13th - 16th, 2001.
>
> NOTE: The CHES dates May 13th - 16th are the Sunday - Wednesday
> succeeding Eurocrypt 2001 which ends on Thursday, May 10th.
>
>
> Mailing List
>
> If you want to receive emails with subsequent Call for Papers and
> registration information, please send a brief mail to:
> [EMAIL PROTECTED]
>
>
> Invited Speakers
>
> Ross Anderson, University of Cambridge, U.K.
> Protecting Embedded Systems - the Next Ten Years
>
>
> Program Committee
>
> Ross Anderson, University of Cambridge, England
> Jean-Sebastien Coron, Gemplus, France
> Kris Gaj, George Mason University, USA
> Jim Goodman, Chrysalis-ITS, Canada
> Anwar Hasan, University of Waterloo, Canada
> Peter Kornerup, Odense University, Denmark
> Bart Preneel, Katholieke Universiteit Leuven, Belgium
> Jean-Jacques Quisquater, Universite Catholique de Louvain, Belgium
> Christoph Ruland, University of Siegen, Germany
> Erkay Savas, cv cryptovision, Germany
> Joseph Silverman, Brown University and NTRU Cryptosystems, Inc., USA
> Jacques Stern, Ecole Normale Superieure, France
> Colin Walter, Computation Department - UMIST, U.K.
> Michael Wiener, Entrust Technologies, Canada
>
>
> Organizational Committee
>
> All correspondence and/or questions should be directed to either of the
> Organizational Committee Members:
>
> Cetin Kaya Koc
> (Publications Chair)
> Dept. of Electrical & Computer Engineering
> Oregon State University
> Corvallis, Oregon 97331, USA
> Phone: +1 541 737 4853
> Fax: +1 541 737 8377
> Email: [EMAIL PROTECTED]
>
> David Naccache
> (Program Chair and Local Organization)
> Gemplus Card International
> 34 Rue Guynemer
> 92447 Issy les Moulineaux Cedex, FRANCE
> Phone: +33 1 46 48 20 11
> Fax: +33 1 46 48 20 04
> Email: [EMAIL PROTECTED]
>
> Christof Paar
> (Publicity Chair)
> Dept. of Electrical & Computer Engineering
> Worcester Polytechnic Institute
> Worcester, MA 01609, USA
> Phone: +1 508 831 5061
> Fax: +1 508 831 5491
> Email: [EMAIL PROTECTED]
>
>
> Workshop Proceedings
>
> The post-proceedings will be published in Springer-Verlag's Lecture
> Notes in Computer Science (LNCS) series. Notice that in order to be
> included in the proceedings, the authors of an accepted paper must
> guarantee to present their contribution at the workshop.
>
------------------------------
From: Simon Johnson <[EMAIL PROTECTED]>
Subject: Re: On cryptographic proofs and their (lack) of concreteness
Date: Sat, 13 Jan 2001 11:05:45 GMT
In article <Oyy2E4OfAHA.275@cpmsnbbsa07>,
"Joseph Ashwood" <[EMAIL PROTECTED]> wrote:
> Recently on sci.crypt there has been a lot of discussion regarding
> mathematical proofs, and their validity. These are my thoughts, and
> hopefully some answers for some people.
>
> (Almost) Every mathematical proof makes some assumptions. These
assumptions
> range in assuredness from the mundane (1+1=2), to things that we know
> are fundamentally flawed but we use regardless (the random oracle
> model).
I think 1+1=2 can actually be proved. But i think there is a idea in
maths that a system of logic must contain an assumption.
> Each of these has varying uses. The main use of these security proofs
is in
> reducing the specifics that must be examined.
>
> The common assumptions are things like:
> The RSA problem is hard
> The Discrete Log problem is hard
> SHA-1 acts as a random oracle
These are not proof as such, it just no attack has been found that can
solve them in a practicle amount of time.
> Given a short list of these assumptions it is possible to make it far
easier
> to determine if the algorithm in question suits the needs of the
situation.
> For most purposes, SHA-1 is effectively a Random Oracle, and the RSA
problem
> is hard. However if the requirements are to have a public key of only
500
> bits, and since 512-bit factoring has occured, the RSA problem
hardness
> assumption is violated.
Well what if P=NP? Depending of the exact nature of the equivlence,
then this could write off RSA all together. However i'm told there is
evidence that P=/NP, but no proof of it.
> Proof like this, proofs that define more sharply the requirements for
> security, are of great use and interest to those who depend on these
> primitives. It not only allows us to judge primitives faster and with
better
> accuracy, but for maintainance it is at least, perhaps more, helpful.
Proofs
> about the security of protocols relying on certain basic assumptions
become
> ever more important. When I finish a protocol I generally hand off the
> maintainance of it to someone less capable. Being able to make
statements
> like, "You need only worry about the Discrete Log problem at 1024
bits and
> the strength of SHA-1" greatly reduces the level of expertise needed
by that
> person.
>
> For cryptanalysis it is also extremely useful. If a proof can be
built that
> problem X relies only on the strength of it's 2 assumptions (DL-1024
and
> SHA-1), then a cryptanalyst can determine that avenues other than
attacking
> SHA-1 and DL-1024 don't even need to be considered, and real work on
the
> problem can begin much sooner, with fewer false starts, and a much
better
> chance for real results.
>
> While the proofs are not of the form, therefore this is provably
secure,
> they are of great use, and the maintainance and examination of the
> primitives and protocols is far less costly. I depend on this kind of
> proof
> every day, some are obvious, some are not, but if my judgement is ever
> called into question, I can justify myself.
> Joe
Yes, but what if the assumptions are wrong? The whole system of logic
collapses.
>
--
Hi, i'm the signuture virus,
help me spread by copying me into Signiture File
Sent via Deja.com
http://www.deja.com/
------------------------------
From: Simon Johnson <[EMAIL PROTECTED]>
Subject: Re: NSA and Linux Security
Date: Sat, 13 Jan 2001 11:09:14 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (John Savard) wrote:
> On Wed, 10 Jan 2001 22:43:31 GMT, Greggy <[EMAIL PROTECTED]>
> wrote, in part:
> >In article <935b2q$5jv$[EMAIL PROTECTED]>,
> > Simon Johnson <[EMAIL PROTECTED]> wrote:
>
> >> Since this role doesn't exist in the same capacity as before, they
> >must
> >> be forced to do other work.
>
> >What on earth could you possibly point to as the basis for your
> >statement?
>
> How about the computer you're using to connect to the Internet?
>
> If people used to go to lots of trouble to send secret messages on
> machines like the old-time Enigma, then they could - if they wanted -
> exchange secret keys physically, and let their computers churn for
> like five minutes to encrypt an E-mail.
>
> This probably *would* put the NSA out of the business of
> cryptanalysis, if everyone with an important secret message to send
> went to that length.
>
> Of course, 'something could happen' is not the same thing as
> 'something is happening'...even when the something is not something
> stupid, but something actually in the interest of the people who could
> be doing it.
>
> John Savard
> http://home.ecn.ab.ca/~jsavard/crypto.htm
>
indeed, if every user needed this kind of security they could use OTPS
and the NSA are really out of buisness then ;)
--
Hi, i'm the signuture virus,
help me spread by copying me into Signiture File
Sent via Deja.com
http://www.deja.com/
------------------------------
From: H H Chau <[EMAIL PROTECTED]>
Subject: Re: Cavell Challenge #1
Date: Sat, 13 Jan 2001 11:06:43 GMT
Hi, Cavell
> I won't tell you the key or cipher method, but I will tell you that they
> are quite solvable using pen and paper and basic techniques. Use your
> brain and you will get them.
> Here's challenge #1:
> LZAKRUAHZWJRAKRESVWRTQRJGLSLAFYRLZWRSDHZSTWLRWAYZLRDWLLWJKRRBMDAMKRUSWKS
> JRAFNWFLWVRALRRARZSNWRMKWVRLZWRDWLLWJRRRLGRJWHJWKWFLRKHSUWKRRKWWRAXRQGMR
> USFRVWUGVWRLZAKREWKKSYWRR
I wonder if you can decrypt the following too:
40342 40342 434243 43420 024 334 024 3433 3433 3324 3430 3430 044042
I won't tell you the key or cipher method, but I will tell you that they
are quite solvable using pen and paper and basic techniques. Use your
brain and you will get them.
Cheers
Hau Hing
------------------------------
Date: Sat, 13 Jan 2001 12:06:28 +0000
From: Richard Heathfield <[EMAIL PROTECTED]>
Subject: Re: Cavell Challenge #1
Richard John Cavell wrote:
>
> Okay turkeys,
Hmmm.
<snip>
>
> I won't tell you the key
Fair enough.
> or cipher method,
Oops.
> but I will tell you that they
> are quite solvable using pen and paper and basic techniques.
Irrelevant.
> Use your
> brain and you will get them.
This is not rec.puzzles. Still, let's see just how far we can get
without a key or an algorithm.
>
> Here's challenge #1:
>
> LZAKRUAHZWJRAKRESVWRTQRJGLSLAFYRLZWRSDHZSTWLRWAYZLRDWLLWJKRRBMDAMKRUSWKS
> JRAFNWFLWVRALRRARZSNWRMKWVRLZWRDWLLWJRRRLGRJWHJWKWFLRKHSUWKRRKWWRAXRQGMR
> USFRVWUGVWRLZAKREWKKSYWRR
Well, that was tough, I agree. Still, I used my brain and I worked it
out.
It's a one-time pad. Here's the key:
1C 1F 0E 1B 1E 10 16 00 15 07 05 01 15 08 1B 15
1B 13 05 06 11 09 06 1E 08 1F 10 05 05 09 0D 11
1E 03 07 06 04 0D 1C 12 1C 01 03 1E 17 16 05 10
14 0B 13 0A 13 02 03 03 03 05 15 06 0A 08 02 00
1C 0D 1B 07 00 03 0A 01 0F 1E 08 0D 0B 1B 1F 18
18 10 1B 0F 08 06 1A 00 06 0E 1B 0B 1E 00 0C 19
03 1F 11 00 1F 04 13 16 12 18 1E 12 0B 06 17 16
1B 0E 06 02 16 0B 0F 05 1F 16 0F 02 16 0E 0F 01
10 12 04 14 11 04 19 03 17 0C 08 06 10 09 09 05
1C 07 0E 15 19 18 11 15 13 16 01 03 14 06 04 00
00 16 0F 1F 1B 1C 11 13 03
Thus, XORing each byte of the ciphertext (take ASCII value) with each
byte of the key will reveal the plaintext.
The plaintext is, therefore,
1C ^ 'L'
1F ^ 'Z'
0E ^ 'A'
etc.
I won't insult your intelligence by spelling out the whole plaintext "in
clear".
Please note that my cracking method has general applicability to
ciphertexts without accompanying algorithms. I really ought to patent
it.
--
Richard Heathfield
"Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
K&R answers, C books, etc: http://users.powernet.co.uk/eton
------------------------------
From: Simon Johnson <[EMAIL PROTECTED]>
Subject: Re: Need of very simple algorithms?
Date: Sat, 13 Jan 2001 14:15:32 GMT
In article <[EMAIL PROTECTED]>,
Mok-Kong Shen <[EMAIL PROTECTED]> wrote:
>
>
> Simon Johnson wrote:
> >
> > With someat like SMS, are you talking about upgrading the protocols
> > to have encryption and authentication, or some sort of off-line
> > encryption. For off-line encryption, I think Solitaire would be a
nice
> > algorithm....
>
> I know not much about Solitaire than its name. What's your
> experience of using it to encrypt, say, some 80 characters?
> Thanks.
>
> M. K. Shen
>
Well first off, its on bruce's site (counterpane.com), it uses a pack
of card. The position of the cards in the pack is the key. Then by
following the algorithm, you produce a stream of digits to encipher
your message with. For 80 characters, and with a bit of practice, it
shouldn't take very long.
Counterpane have apparently done some analysis on it, and said it is
unlikely that there any short cycles and it holds up will against
analysis, though i can't remember a link to this analysis.
Simon.
--
Hi, i'm the signuture virus,
help me spread by copying me into Signiture File
Sent via Deja.com
http://www.deja.com/
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
