Cryptography-Digest Digest #511, Volume #13 Sun, 21 Jan 01 05:13:01 EST
Contents:
Re: Kooks (was: NSA and Linux Security) (Greggy)
Re: Kooks (was: NSA and Linux Security) (Greggy)
Re: Dynamic Transposition Revisited (long) ("John A. Malley")
Re: NSA and Linux Security (Greggy)
Re: Dynamic Transposition Revisited (long) ("John A. Malley")
Re: 32768-bit cryptography (Dido Sevilla)
Re: JPEG infidelity for crypto (Dido Sevilla)
Re: Any good source of cryptanalysis source code (C/C++)? ("Lu�s Casanova")
Try this ("Lu�s Casanova")
----------------------------------------------------------------------------
From: Greggy <[EMAIL PROTECTED]>
Subject: Re: Kooks (was: NSA and Linux Security)
Date: Sun, 21 Jan 2001 07:01:07 GMT
> > > > Their actions show absolutely conclusively that they knew it was
> > > > properly ratified.
> > >
> > > The primary available evidence of a "ratification"
> > > action by the Virginia legislature is the publication
> > > of their civil code booklet in 1819. As has been
> > > explained by others, in those days of poor
> > > communication (before the invention of the telegraph)
> > > there was often confusion about the status of
> > > amendments. There is nothing in the historical
> > > record showing a previous ratification action in
> > > Virginia. And I already explained why even if one
> > > wanted to interpret the publication of the booklet
> > > as the act of ratification, (12+1)/21 < 3/4 so it
> > > still wouldn't result in adoption of the amendment.
> >
> > The constitution is silent as to whether the additional four states
> > should have been included.
>
> But it was already established by 1810 that they needed to be.
>
> Article V of the Constitution does not specify whether the
> states that are to ratify an amendment are those in existence
> when an amendment is submitted to the states, or also includes
> those that join the Union after the amendment has been submitted
> to the states but prior to ratification. History, however,
> provides an answer. When the Bill of Rights was submitted to
> the states on September 25, 1789, only 11 states were operating
> under the Constitution; each amendment then required 9
> ratifications to become part of the Constitution. But North
> Carolina ratified the Constitution on November 21, 1789 and
> Rhode Island on May 29, 1790, raising the number of
ratifications
> required to 10.(123) Vermont then joined the Union on March 4,
> 1791,(124) raising the number of ratifications required to 11.
> The official notice of the ratification of the Bill of Rights
> was not issued by Secretary of State Thomas Jefferson until
> March 1, 1792, after notices of ratification had been received
> from 11 states.
>
> On March 2, 1797, before the Eleventh Amendment was known to
> have become part of the Constitution, Congress passed a
> resolution requesting the President to obtain information from
> states about what action they had taken on the amendment,
> including Tennessee, which had not been part of the Union when
> the amendment was proposed. On October 16, 1797, Secretary of
> State Timothy Pickering wrote to Tennessee Governor John Sevier,
> enclosing a copy of the Eleventh Amendment. Pickering stated
that
> he thought it "expedient to transmit . . . a copy of the
> resolution, to be laid before the legislature of Tennessee, for
> their adoption or rejection."(130) The principle that new states
> are to be included in the ratification process of a
> constitutional amendment has continued into the twentieth
> century. When New Mexico and Arizona joined the Union in 1912,
> the number of states required to ratify the Sixteenth
> Amendment increased to 36, which they were among.
I have heard this before (as I said before I had) and I will make a
deal with you here and now. If you can explain the following, I will
believe you, recant, and apologize profusely. What say you?
Why is it that the standard (as you declare) was in the 1810's that
states being brought in should also vote on an unratified amendment,
YET no one in the state legislature in Virginia stood up and
said, "What the hell are you doing including the 13th amendment in the
publications? The other four states have not even been consulted yet!"
Why is it that the president asked about only the seventeen states, yet
there were twenty one?
Why is it that none of the new four ever lodged a complaint but
included the ratified amendment in their publications later?
Why is it that no one in that time shows any action to resemble what
one would expect to see if you were right - no one. Until many years
later and by suspecious characters (which can be shown suspecious by
their actions)?
If you can answer me in a sound and logical way, I will recant the
whole story and apologize profusely. Of course, you cannot.
The greatest problem you and Jol Silversmith have is explaining what is
in the open for all to see. You try desparately to distract your
audience into venues of uncertainty and complexity hoping that they
never look back at what is lying in the open - the actions of those at
the time who knew what the hell they were doing.
Give it a rest, will you?
--
Jol Silversmith - I wasn't there so I cannot say why no one
protested within the Virginian legislature that day in 1819
not to include the 13th amendment in their publications, or to
require all 21 states to ratify the same. But I am absolutely
certain I know more than they did back then what was really
going on all around them. Boy, I'm good!
Sent via Deja.com
http://www.deja.com/
------------------------------
From: Greggy <[EMAIL PROTECTED]>
Subject: Re: Kooks (was: NSA and Linux Security)
Date: Sun, 21 Jan 2001 07:02:59 GMT
In article <[EMAIL PROTECTED]>,
"Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote:
> Greggy wrote:
>
> > The constitution is silent as to whether the additional four states
> > should have been included.
>
> It says 3/4 of the states. That is clearly a
> function of time: Threshold(t) = 3/4 * States(t).
> There is another time-dependent function: Ratifiers(t).
> At no time T did Ratifiers(T) >= Threshold(T).
Ooops. Someone forgot to tell those poor bastards back in 1819!
Give it a break, will you?
>
> > Are you trying to say you knew better than they?
>
> Federal matters are not up to just a handful of
> Virginia legislators (possibly with their own
> personal agenda) to determine, much less up to you
> kooks. After the War of 1812 there was a query of
> the Virginia legislature by the US executive branch
> to find out if they had ever managed to ratify that
> amendment; no clear notice of the ratification was
> ever received by the federal government. Thus, so
> far as the federal government is concerned, that
> amendment never met the requirement to become law
> of the land. That's why the next amendment that
> *did* become law was numbered 13 instead of 14.
And no inquiry was made of the new four states. An oversight on your
part, I am certain...
>
>
--
Jol Silversmith - I wasn't there so I cannot say why no one
protested within the Virginian legislature that day in 1819
not to include the 13th amendment in their publications, or to
require all 21 states to ratify the same. But I am absolutely
certain I know more than they did back then what was really
going on all around them. Boy, I'm good!
Sent via Deja.com
http://www.deja.com/
------------------------------
From: "John A. Malley" <[EMAIL PROTECTED]>
Subject: Re: Dynamic Transposition Revisited (long)
Date: Sat, 20 Jan 2001 23:15:40 -0800
Terry Ritter wrote:
[snip]
> DYNAMIC TRANSPOSITION
>
> A Dynamic Transposition cipher is conceptually very simple:
>
> (1) We collect plaintext data in bit-balanced (or almost
> bit-balanced) blocks.
>
> (2) We shuffle the bits in those blocks under the
> control of a keyed pseudorandom sequence.
>
The security of the dynamic transposition cipher stands on these two
points.
The benefit of bit-balancing is explained as
>
> When every plaintext block is exactly bit-balanced, any
> possible plaintext block is some valid bit-permutation of
> any ciphertext block. So, even if an opponent could
> exhaustively un-permute a ciphertext block, the result
> would just be every possible plaintext block. No particular
> plaintext block could be distinguished as the source of the
> ciphertext.
A bit-shuffling algorithm driven by a pseudorandom number generator
(PRNG) permutes the N bits in a block:
>
> .) The usual solution is the well-known algorithm by
> Durstenfeld, called "Shuffle," which Knuth II calls
> "Algorithm P (Shuffling)," although any valid permutation
> generator would be acceptable.
>
[snip]
The pseudorandom permutation of a bit-balanced block is conjectured to
hide the PRNG values used by the shuffling algorithm since there are so
many possible permutations of the N bits whose outputs are the same.
It's conjectured this shuffling of a bit-balanced block is so difficult
to reverse back to the one, true sequence of PRNG outputs responsible
that one need not even use cryptographically secure random number
generators.
[the following cut and pasted in a new order from the original post]
> The main idea is to hide the RNG sequence (actually the
> nonlinear sequence of jitterized values), so an opponent
> cannot attack the deterministic RNG. Strength is provided
> by the block size and guaranteed bit-balance, since, when
> shuffled, a plethora of different permutations will take
> the plaintext block to exactly the same ciphertext block.
> There simply is no one permutation which produces the given
> ciphertext. Since a plethora of different permutations will
> produce the given ciphertext, trying them all is impractical.
> So the opponents will not know the permutation -- even with
> known plaintext -- and will not have the information to
> attack the RNG.
>
>
> Dynamic Transposition does not need the assumption of
> sequence unpredictability, because the sequence is hidden
> behind a multitude of different sequences and permutations
> which all produce the same result. And if the sequence
> itself cannot be exposed, exploiting any predictability in
> the sequence will be difficult. (This of course does not
> mean that Dynamic Transposition cannot be attacked:
> Brute-force attacks on the keys are still imaginable, which
> is a good reason to use large random message keys.)
>
Algorithm P cannot generate more than M distinct permutations when
driven by a linear congruential sequence of modulus M. See Knuth Vol. 2,
section 3.4.2, Random Sampling and Shuffling. (pg. 145 in the Third
Edition.)
Algorithm P cannot generate more than M distinct permutation when driven
by a PRNG of the form X(n+1) = f( X(n) ) with X taking on M distinct
values.
Consider driving Algorithm P with a simple linear congruential generator
X of the form X(n+1) = g*X(n) mod p, where p is a prime, g is a
generator on Z*_p, and the initial value of the LCG is X(0) = S, a seed
value such that 0 < S < p. (We can also express X(n) as X(n) = ( S *
g^n ) mod p. ) X(n) takes on p - 1 distinct values.
Use Algorithm P to shuffle (permute) N bits. There are N! possible
permutations of those N bits. We want Algorithm P capable of generating
every possible permutation of those N bits when driven by the simple LCG
X. X produces p-1 possible permutations.
To ensure every permutation of the N bits is possible requires p-1 >=
N!, or p >= N! + 1.
For 8 bits we need a prime modulus p >= 8! + 1, or 40321, to ensure
every permutation of N bits is possible with Algorithm P.
For 16 bits we need a prime modulus p >= 16! + 1, or about 2.093 x
10^13, to ensure every permutation of N bits is possible with Algorithm
P.
For 512 bits we need a prime modulus p >= 512! + 1 (a big number) to
ensure every permutation of N bits is possible with Algorithm P.
The prime modulus p for the PRNG driving Algorithm P increases factorial
as N increases. For speed, pragmatic dynamic transposition ciphering
with larger block sizes (N increasing) will end up using a decreasing
fraction of the N! possible permutations. For a prime modulus p < N!
only ( p-1 / N! ) permutations of an N bit block are possible. Knuth
states the excluded permutations "are determined by a fairly simple
mathematical rule such as a lattice structure." This is a (potential)
aid to cryptanalysis.
The cryptographic strength of the dynamic transposition cipher, as
dependent on the number of permutations of N bit bit-balanced blocks,
decreases as N increases if the prime modulus p of the PRNG here
described remains <<< N! to permit pragmatic ciphering. Pragmatic DT
ciphering (in this example) could just require one use a prime modulus p
between 2^N-1 and 2^N in magnitude. Many (actually most) of the N!
permutations would never be possible - and this changes the security of
the DT cipher.
This is only a first step in sizing up the dynamic transpositioning
cipher for cryptanalysis. Does this generalize to other shuffling
algorithms driven by linear congruential sequences? How does the choice
of PRNG affect the number of permutations possible with a shuffling
algorithm? Does the fraction of possible permutations achieved by
Algorithm P driven by such a simple LCG PRNG still prevent any attacks
other than "brute-force"? Is there a "fairly simple mathematical rule"
relating characteristics of permutations produced by Algorithm P driven
by this simple LCG PRNG (such as dependencies in the kinds of cycles in
the permutations generated successively)? Don't know. Maybe others will
see something to extend this.
It's a start.
John A. Malley
[EMAIL PROTECTED]
------------------------------
From: Greggy <[EMAIL PROTECTED]>
Subject: Re: NSA and Linux Security
Date: Sun, 21 Jan 2001 07:12:03 GMT
In article <[EMAIL PROTECTED]>,
Shawn Willden <[EMAIL PROTECTED]> wrote:
> Greggy wrote:
>
> > In article <[EMAIL PROTECTED]>,
> > Shawn Willden <[EMAIL PROTECTED]> wrote:
> > > Any luck on finding that reference?
> > I replied to my previous post.
>
> Sorry, your post had not yet reached my news server when I posted my
> question. As I was certain that enough time had elapsed that your
post
> would have reached me had you posted it on the evening in which you
said
> you would, I felt my question was justified.
>
> When I get a chance to look through the article you mention in
greater
> detail, I will. However, in a brief inspection of it, I did notice
the
> absence of some very important claims. Even if the emergency
declared in
> 1933 has not been officially ended, is there any evidence that the
> extraordinary powers thereby granted have, in fact, been used?
Have you seen the gold fringe on an American flag in court rooms?
Have you ever been down to get a business license to open a business?
Do you know what it means to be regulated by the government?
Can you imagine a life without such regulations? That is the
difference and the difference has been felt every day since FDR.
> And have the courts further upheld the application
> of those powers, and noted that the reason for such
> permissiveness is the ongoing state of emergency?
The congress removed the issue from the jurisdiction of the US Supreme
Court. We see this when they say, "This is a political matter" and
deny a hearing. They are not allowed to hear the case and they say
those words verbatim according to the law passed by congress. Oh, the
Supreme Court struck down parts of the laws that were before it, but
then the congress stepped in. The court said that the president could
not be made a king even by the consent of congress.
> Is there any reason to expect that were some current
> or future president to attempt to employ those
> extraordinary powers, that congress and the courts
> would allow it to happen?
Today, the president and the entire executive branch employs those
powers over we the people every day. The question I think you are
asking is when would the congress put a stop to it? I believe that if
a president were to do something really crazy like try to go in
competition with the FED in coining money, that other avenues would be
employed, such as what happened to JFK three weeks after he did just
that.
> If not, then I'd say that whether or not the emergency was ended
> officially, it did end in fact. It seems to me that the
> congressional scrutiny of the (alleged) pecadillos of
> Richard Nixon, Ronald Reagan and Bill Clinton argue
> strongly that the president does not, in practice, have
> extraordinary powers. In particular it seems, to my
> uneducated perception, that if wartime rules were applied,
> the Iran-Contra affair would have been entirely legal.
Even Richard Nixon cited what I am citing as his authority to write
extraordinary executive orders.
> I find this sort of thing (and there are lots of examples, c.f. the
whole
> Income Taxes are Illegal argument) really ironic, because the thing
that
> makes this sort of alarmism even remotely tenable is the fact that
the Rule
> of Law is so deeply ingrained. People find apparently contradictory
or
> dangerous items in the mountains of law that our state and federal
> legislatures have generated and then proclaim that the crisis that
could
> exist (if those items were applied/interpreted in a particular
fashion)
> does exist. These "crises", however, are purely theoretical, so much
so
> that in a system that actually allowed serious violation of the rule
of law
> they would be just as irrelevant as they are in ours.
Yet, we were taught by history that huge amounts of laws keep the law
out of reach of the peasants and that the rules create crisis to grant
themselves more powers.
There is nothing strange about any of this, other than it is becoming
more widely known by the public.
--
Jol Silversmith - I wasn't there so I cannot say why no one
protested within the Virginian legislature that day in 1819
not to include the 13th amendment in their publications, or to
require all 21 states to ratify the same. But I am absolutely
certain I know more than they did back then what was really
going on all around them. Boy, I'm good!
Sent via Deja.com
http://www.deja.com/
------------------------------
From: "John A. Malley" <[EMAIL PROTECTED]>
Subject: Re: Dynamic Transposition Revisited (long)
Date: Sun, 21 Jan 2001 00:26:38 -0800
Well, so much for canceling this message. I accidentally posted under a
pseudonym - saw it right away and canceled the message. I saw it
appeared on Deja now, but got canceled from Compuserve. The second post
(appears after this) I rewrote from scratch thinking this post got
toasted.
------------------------------
From: Dido Sevilla <[EMAIL PROTECTED]>
Subject: Re: 32768-bit cryptography
Date: Sun, 21 Jan 2001 16:59:01 +0800
Richard John Cavell wrote:
>
> On Fri, 19 Jan 2001, Paul Pires wrote:
>
> > 1024 bit cryptography (If you are talking symmetric) will never be broken
>
> Pfffft!
>
> Computing power doubles every 18 months or so. Brute force is all you
> need if you have enough power. Within your lifetime, 3xDES will be
> completely crackable.
>
I doubt it. Brute force cracking of a cryptosystem is an *exponential
time* solution to the cryptanalysis problem. Every doubling in the
number of bits in a cryptographic key squares the amount of time you
need to brute force it. Do some careful arithmetic and even with your
(overly optimistic) assumption that Moore's law will hold indefinitely,
you'll find nearly everyone on this newsgroup today will be dead by that
time. And parallelism will not help; it merely linearly multiplies your
computing power. You obviously have no exposure whatsoever to
algorithmic complexity theory and more faith in the progress of
technology than knowledge of the implications of an algorithm being
O(2^N). Besides, it's highly doubtful that Moore's law will continue
for more than ten years, considering that quantum effects are beginning
to catch up with microprocessor fabrication and the heat being produced
by such super-processors is becoming overwhelmingly excessive. Sometime
soon we'll start having microprocessors you could strap on the nose of
the Space Shuttle which you could still use after orbital reentry!
Even quantum computers, magical engines which people discuss on the list
from time to time, are not going to help a great deal for teasing a key
by brute force from a symmetric cryptosystem. They'll simply divide
your running time by 3 if you use Grover's algorithm... True, quantum
computers provide a new way of looking at many problems, but they are
not silver bullets.
--
Rafael R. Sevilla <[EMAIL PROTECTED]> +63 (2) 4342217
ICSM-F Development Team, UP Diliman +63 (917) 4458925
OpenPGP Key ID: 0x0E8CE481
------------------------------
From: Dido Sevilla <[EMAIL PROTECTED]>
Subject: Re: JPEG infidelity for crypto
Date: Sun, 21 Jan 2001 17:03:18 +0800
wtshaw wrote:
>
> Along with GIF's, bitmaps on PC's and PICT's on Mac's are amongst
> acceptable formats for faithfull bit representation, within available
> resolution of the monitors, of course.
What relation does this have to cryptography? Have you missed saying
something? Maybe your post should go to comp.dsp or
sci.image.processing. You've said nothing at all that discusses
cryptography and JPEG images.
--
Rafael R. Sevilla <[EMAIL PROTECTED]> +63 (2) 4342217
ICSM-F Development Team, UP Diliman +63 (917) 4458925
OpenPGP Key ID: 0x0E8CE481
------------------------------
From: "Lu�s Casanova" <[EMAIL PROTECTED]>
Subject: Re: Any good source of cryptanalysis source code (C/C++)?
Date: Sun, 21 Jan 2001 09:59:21 -0000
Reply-To: "Lu�s Casanova" <[EMAIL PROTECTED]>
Hi Haider
Try this
http://www.amazon.com/exec/obidos/ASIN/0471117099/107-7063493-9997333
LC
"Haider Ali" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> *** post for free via your newsreader at post.newsfeeds.com ***
>
> Hi.....
>
> I am looking for any good cryptanalytic attacks on block ciphers,
programmed
> in C/C++
> (I need the source code).....
>
> Regards
> Haider
>
>
>
>
> **** Post for FREE via your newsreader at post.newsfeeds.com ****
>
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> *** Newsfeeds.com - The #1 Usenet Newsgroup Service on The Planet! ***
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> http://www.newsfeeds.com | http://www.newsfeeds.com
> |
> * Anonymous posting server! | * Totally Uncensored!
> * SUPER Servers! | * Over 80,000 Newsgroups!
> * BINARIES ONLY Servers! | * 16 seperate Newsgroup Servers!
> * SPAM FILTERED Server! | * Instant access!
> * ADULT ONLY Server! | * Multiple OC 3's and OC 12's!
> * MP3 ONLY Server! | * 99% Article Completion!
> * MULTIMEDIA ONLY Server! | * Months of Retention!
> * 7 UNCENSORED Newsgroup Servers | * Lightning FAST downloads!
> |
> http://www.newsfeeds.com | http://www.newsfeeds.com
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> **** Point your newsreader to post.newsfeeds.com ****
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
>
------------------------------
From: "Lu�s Casanova" <[EMAIL PROTECTED]>
Subject: Try this
Date: Sun, 21 Jan 2001 10:03:25 -0000
Reply-To: "Lu�s Casanova" <[EMAIL PROTECTED]>
Hi Haider
Try this
http://www.amazon.com/exec/obidos/ASIN/0471117099/107-7063493-9997333
LC
"Haider Ali" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> *** post for free via your newsreader at post.newsfeeds.com ***
>
> Hi.....
>
> I am looking for any good cryptanalytic attacks on block ciphers,
programmed
> in C/C++
> (I need the source code).....
>
> Regards
> Haider
>
>
>
>
> **** Post for FREE via your newsreader at post.newsfeeds.com ****
>
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> *** Newsfeeds.com - The #1 Usenet Newsgroup Service on The Planet! ***
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> http://www.newsfeeds.com | http://www.newsfeeds.com
> |
> * Anonymous posting server! | * Totally Uncensored!
> * SUPER Servers! | * Over 80,000 Newsgroups!
> * BINARIES ONLY Servers! | * 16 seperate Newsgroup Servers!
> * SPAM FILTERED Server! | * Instant access!
> * ADULT ONLY Server! | * Multiple OC 3's and OC 12's!
> * MP3 ONLY Server! | * 99% Article Completion!
> * MULTIMEDIA ONLY Server! | * Months of Retention!
> * 7 UNCENSORED Newsgroup Servers | * Lightning FAST downloads!
> |
> http://www.newsfeeds.com | http://www.newsfeeds.com
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> **** Point your newsreader to post.newsfeeds.com ****
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
>
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
