Cryptography-Digest Digest #523, Volume #13 Mon, 22 Jan 01 15:13:01 EST
Contents:
Re: 3G crypto algorithms (Mok-Kong Shen)
Re: 32768-bit cryptography ("Paul Pires")
Re: Question about security of Oracle get_hash_value (John Myre)
Re: Why Microsoft's Product Activation Stinks (JCA)
Re: Any good source of cryptanalysis source code (C/C++)? (AllanW)
Re: Any good source of cryptanalysis source code (C/C++)? (AllanW)
Re: crypto cracking screen savers ([EMAIL PROTECTED])
Re: Kooks (was: NSA and Linux Security) (Darren New)
Re: Dynamic Transposition Revisited (long) (Mike Rosing)
Re: 32768-bit cryptography ("David C. Barber")
Intel assembler code for DES? ("N. Weicher")
Re: Kooks (was: NSA and Linux Security) (Darren New)
Re: Differential Analysis (Tom St Denis)
Re: 3G crypto algorithms (Arturo)
Re: Differential Analysis (Splaat23)
Re: Why Microsoft's Product Activation Stinks (zapzing)
Re: Any good source of cryptanalysis source code (C/C++)? (Bob Silverman)
Re: Kooks (was: NSA and Linux Security) (Greggy)
Re: using AES finalists in series? (Terry Ritter)
Re: ECC Domain Generation (Robert Harley)
Re: Easy question for you guys... ("Joseph Ashwood")
Re: using AES finalists in series? (Terry Ritter)
----------------------------------------------------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: 3G crypto algorithms
Date: Mon, 22 Jan 2001 18:19:05 +0100
Arturo wrote:
>
[snip]
> IIRC, there�s a section in ETSI where you can download technical papers,
> and that includes -hope my neurons are not on vacation- the algorithms for 3G
> encryption.
>
> You have to register in order to DL them. The trick is, while
> registration is confirmed, you are allowed to DL 3 docs. So you can register
> with a bogus name/id and get your 3 docs. Then do it again.
Why is there such a funny restriction? Do they desire the
docs be known to the public or not?
M. K. Shen
------------------------------
From: "Paul Pires" <[EMAIL PROTECTED]>
Subject: Re: 32768-bit cryptography
Date: Mon, 22 Jan 2001 09:25:02 -0800
Richard John Cavell <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> On Fri, 19 Jan 2001, Paul Pires wrote:
>
> > 1024 bit cryptography (If you are talking symmetric) will never be
broken
>
> Pfffft!
Excuse me? You can't miss-snip a post and then ridicule it. Well you can
but it's not very challenging.
>
> Computing power doubles every 18 months or so. Brute force is all you
> need if you have enough power. Within your lifetime, 3xDES will be
> completely crackable.
Pretty confident in extending past trends into future performance
aren't you? This sounds like a known fact or physical law.
Personally, IN MY OPINION, I think that there is knee in the curve.
Paul
>
> -------------------------------------------------------------
> Richard Cavell - [EMAIL PROTECTED]
>
> Newsgroups - Please keep any discussion on the group, and copy your
> replies to me via email. (Server problems). Sending me bulk email
> guarantees a nasty response.
>
> Judge Thomas Penfield Jackson on Bill Gates: "He has a Napoleonic concept
> of himself and his company, an arrogance that derives from power"
> -------------------------------------------------------------
>
====== Posted via Newsfeeds.Com, Uncensored Usenet News ======
http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
======= Over 80,000 Newsgroups = 16 Different Servers! ======
------------------------------
From: John Myre <[EMAIL PROTECTED]>
Subject: Re: Question about security of Oracle get_hash_value
Date: Mon, 22 Jan 2001 10:29:59 -0700
Joe's idea of doing the actual computation in a different
language is attractive; Oracle provides "external functions"
for stuff like this. Oracle 8i also allows you to write
stored procedures in Java, which might be sufficient for
you.
I also found an interesting tidbit; Oracle delivers with
some server versions a package called DBMS_OBFUSCATION_TOOLKIT,
which does (single) DES. If you must use PL/SQL, that
package might be a reasonable basis, with liberal use of
UTL_RAW as well.
(Turning a block cipher into a hash can be done in a number
of ways. If you actually decide to go that way, consult
for a good method.)
JM
------------------------------
From: JCA <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto,misc.survivalism
Subject: Re: Why Microsoft's Product Activation Stinks
Date: Mon, 22 Jan 2001 07:50:49 -0800
zapzing wrote:
> > all that with ONE reboot.
> >
> > Doing the equivalent on Windows would take you over a month.
>
> Except that most people never do it at all.
> It comes on the machine. Can't get any
> easier than that!
>
You can get PCs with Linux installed. They tend to be cheaper than
their Windows counterparts too, because you don't have to pay an
outrageous amount for the OS. Do you want links?
------------------------------
From: AllanW <[EMAIL PROTECTED]>
Subject: Re: Any good source of cryptanalysis source code (C/C++)?
Date: Mon, 22 Jan 2001 17:48:34 GMT
In article <94ac9t$6nu$[EMAIL PROTECTED]>,
Splaat23 <[EMAIL PROTECTED]> wrote:
> If he really was interested in the mechanics of the attacks, he would
> not have asked for the code but for an explanation of the attack.
Note,
> he didn't ask for "good cryptanalytic attacks on any block cipher",
> but "any good cryptanalytic attacks on block ciphers". This, with
> request for code, really points to a script-kiddie looking to crack
> something he found and has no idea what it is. Pretty sad if you ask
me.
That certainly is one possibility.
Another one is that he isn't as careful with his words as I am
(and you seem to be). I suspect that if he said,
I could care less which block cipher...
you would take it as if it read,
I could not care less which block cipher...
because this is an all-too-familiar abuse of the English language.
By the same token, "any good attacks on block ciphers" would be
considered by many to be synonymous with "good attacks on any
block ciphers."
Must we always be quick to condemn the writings of others?
Of course I don't *know* that this is what the OP meant. But you
don't know that what you assert is the truth, either. Perhaps
we could give him the benefit of the doubt, until we know better?
--
[EMAIL PROTECTED] is a "Spam Magnet," never read.
Please reply in newsgroups only, sorry.
Sent via Deja.com
http://www.deja.com/
------------------------------
From: AllanW <[EMAIL PROTECTED]>
Subject: Re: Any good source of cryptanalysis source code (C/C++)?
Date: Mon, 22 Jan 2001 17:59:46 GMT
In article <94aadf$4vb$[EMAIL PROTECTED]>,
Bob Silverman <[EMAIL PROTECTED]> wrote:
> In article <94a643$ro$[EMAIL PROTECTED]>,
> AllanW <[EMAIL PROTECTED]> wrote:
>
> > > > I am looking for any good cryptanalytic attacks on block
ciphers,
> > > programmed
> > > > in C/C++ (I need the source code).....
> > >
> > > Why? Not, "why do you need to know the attacks", but rather,
> > > "why do you need source code?"
> > >
> > > And you fail to specify which block cipher.
> >
> > He did specify which block cipher: he used the word "any."
>
> "I want a super-dooper secret decoder ring that works for all codes".
Me too. Who doesn't?
But consider this: he didn't ask for software to break codes, he
asked for software to break block ciphers. That implies that he
knows the difference between a stream cipher and a block cipher.
But he didn't name any particular block cipher! One possible
reason is that he's just learning about block ciphers, and wants
to know how to attack ANY of them.
Sure, other interpretations are possible. But why do so many
people in this group insist on finding the least meaningful
interpretation of questions, and then attacking the questioner
for asking a question that isn't very meaningful? Why not make
some meaningful assumptions and then reply to that, or else ask
the OP what was meant?
> TANSA. Any such software would be specific to the particular cipher.
Well, any realistic software would be. (See another post of mine
in this thread for some software that is not specific to the
particular ciper, but isn't realistic either.)
> > This also makes it fairly obvious why he wants source code:
> > he wants to study how it works.
>
> Reading source is the worst way to learn how to do decryption.
> It won't tell you what is happening and discerning the technique
> used from just the source would be very difficult.
Ah, but maybe he didn't know that. Maybe the FAQ says so, but
he didn't read the FAQ -- maybe he doesn't even know where the
FAQ is.
Also, maybe you're wrong. I don't know; maybe you're right. But
I do know that I've learned many things from studying source code
even though others have counseled me to study the topics in books
instead. For instance, I never *Really* understood how quicksort
works until I took several (not just one) implementations and
broke them down, line by line, until I understood what was
happening.
> > Throughout history great leaps in knowledge have often
> > followed questions such as "How does this work?"
>
> Then that is what he should ask, rather than asking for code.
Conceivably this IS his way of asking. Not everybody says it
the same way that you apparently think that they should.
--
[EMAIL PROTECTED] is a "Spam Magnet," never read.
Please reply in newsgroups only, sorry.
Sent via Deja.com
http://www.deja.com/
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: crypto cracking screen savers
Date: Mon, 22 Jan 2001 08:13:01 GMT
[EMAIL PROTECTED] wrote:
> I have heard about some projects for cracking crypto algorithms via
> distributed processing in which they farm out bits and pieces to the
> mass public in the form of a screen saver and use computer idle time to
> crunch away. Are there any such projects currently running? Where would
> one go to register and get a screen saver?
http://www.distributed.net/
== <EOF> ==
Disastry http://i.am/disastry/
http://disastry.dhs.org/pgp <-- PGP plugins for Netscape and MDaemon
remove .NOSPAM.NET for email reply
------------------------------
From: Darren New <[EMAIL PROTECTED]>
Subject: Re: Kooks (was: NSA and Linux Security)
Date: Mon, 22 Jan 2001 18:27:47 GMT
Greggy wrote:
> There is no parallel with those who already had intimate knowledge of
> the 13th amendment in their days.
Last I looked, the Constitution named the Supreme Court as the final judge
of what the constitution means. Hence, arguing here that the "true" 13th
ammendment is being ignored is rather silly. If the Supreme Court justices
don't believe it's there, it is for all intents and purposes not there, even
if it *was* ratified, yes?
--
Darren New / Senior MTS & Free Radical / Invisible Worlds Inc.
San Diego, CA, USA (PST). Cryptokeys on demand.
"It says this wine has syphilis."
"I think that's pronounced `sulphates'."
------------------------------
From: Mike Rosing <[EMAIL PROTECTED]>
Subject: Re: Dynamic Transposition Revisited (long)
Date: Mon, 22 Jan 2001 12:28:29 -0600
Terry Ritter wrote:
> It may be that we would find it convenient to use something smaller
> than a 4k-bit block to reduce the size of the RNG, but these are
> design tradeoffs, as opposed to technology problems.
Yup, I wasn't thinking of blocks that large. Having a balanced distribution
clearly makes finding the permutation hard even with plain-cipher pairs when
the block size is of the order of even 1k.
Thanks for making the point :-)
Patience, persistence, truth,
Dr. mike
------------------------------
From: "David C. Barber" <[EMAIL PROTECTED]>
Subject: Re: 32768-bit cryptography
Date: Mon, 22 Jan 2001 11:32:40 -0700
"Richard John Cavell" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> On Fri, 19 Jan 2001, Paul Pires wrote:
>
> > 1024 bit cryptography (If you are talking symmetric) will never be
broken
>
> Pfffft!
>
> Computing power doubles every 18 months or so. Brute force is all you
> need if you have enough power. Within your lifetime, 3xDES will be
> completely crackable.
Don't expect Moore's Law to hold past the next 20 years. In the past,
shrinking geometries of the IC chips fueled this boom. However, you can't
shrink things forever. You begin to hit these things called Atoms.
As for 1024 bit keys being forever unsolvable, Quantum Computing is a wild
card here that may render all previous assumptions obsolete -- perhaps
within those same 20 years.
*David Barber*
------------------------------
Reply-To: "N. Weicher" <[EMAIL PROTECTED]>
From: "N. Weicher" <[EMAIL PROTECTED]>
Subject: Intel assembler code for DES?
Date: Mon, 22 Jan 2001 18:32:58 GMT
Anyone know of any good Intel assembler (masm) code for DES?
Thanks.
------------------------------
From: Darren New <[EMAIL PROTECTED]>
Subject: Re: Kooks (was: NSA and Linux Security)
Date: Mon, 22 Jan 2001 18:40:58 GMT
> BTW, Greggy, you still haven't said if you still such a kook as to
> believe that the "missing 13th amendment"
>
> "if it was truly ratified, then the Honorable William Jeferson
> Clinton cannot be president, that every congressman and
> senator (who also hold the title, the Honorable- see their
> letter heads) are not allowed to hold office, and every judge
> and lawyer cannot operate in the US."
>
> --Greggy, 12/19/99
And this means the entire legislature voted for an ammendment that would
cancel their own citizenships?
More likely the "foreign government" requirement applied to the entire
sentence, not just the last half. Of course, you'd have to ask the Supreme
Court to be sure, wouldn't you?
--
Darren New / Senior MTS & Free Radical / Invisible Worlds Inc.
San Diego, CA, USA (PST). Cryptokeys on demand.
"It says this wine has syphilis."
"I think that's pronounced `sulphates'."
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: Differential Analysis
Date: Mon, 22 Jan 2001 18:36:04 GMT
In article <[EMAIL PROTECTED]>,
John Myre <[EMAIL PROTECTED]> wrote:
> Richard Heathfield wrote (regarding TSD):
> <snip>
> > Perhaps I'll let you out of my killfile in a month or two, when you've
> > calmed down a bit.
> <snip>
>
> I found it better just to leave him there. I let my
> newsreader killfile "mark as read" (rather than deleting
> altogether), so the messages are still there, if I need
> to follow a thread. Certainly, I get through Usenet a
> lot quicker now.
So I would rather get to the point. Can people stop condeming me now?
Honestly, When do serious people ask questions? About once a week, how many
post daily? 100s! If I am rude to someone without a clue so be it.
Tom
Sent via Deja.com
http://www.deja.com/
------------------------------
From: Arturo <[EMAIL PROTECTED]=NOSPAM>
Subject: Re: 3G crypto algorithms
Date: Mon, 22 Jan 2001 19:23:52 +0100
On Mon, 22 Jan 2001 18:19:05 +0100, Mok-Kong Shen <[EMAIL PROTECTED]>
wrote:
>
>
>Arturo wrote:
>>
>[snip]
>> IIRC, there�s a section in ETSI where you can download technical papers,
>> and that includes -hope my neurons are not on vacation- the algorithms for 3G
>> encryption.
>>
>> You have to register in order to DL them. The trick is, while
>> registration is confirmed, you are allowed to DL 3 docs. So you can register
>> with a bogus name/id and get your 3 docs. Then do it again.
>
>Why is there such a funny restriction? Do they desire the
>docs be known to the public or not?
>
>M. K. Shen
No idea. I think they want to make it easier for themselves while
keeping it out of the public. If so, I hope their algorithms are better than
their registration controls!
BTW: want to see the european version of Carnivore? Get into ETSI and
check the "lawful interception" section. Enfopol come true.
------------------------------
From: Splaat23 <[EMAIL PROTECTED]>
Subject: Re: Differential Analysis
Date: Mon, 22 Jan 2001 19:04:27 GMT
I think there is more than one serious question posted daily, but many
serious questions are not answered because the rest of the newsgroup is
arguing off-topic on the thread of another question. Like some of mine :
(
- Andrew
In article <94huij$vt3$[EMAIL PROTECTED]>,
Tom St Denis <[EMAIL PROTECTED]> wrote:
> In article <[EMAIL PROTECTED]>,
> John Myre <[EMAIL PROTECTED]> wrote:
> > Richard Heathfield wrote (regarding TSD):
> > <snip>
> > > Perhaps I'll let you out of my killfile in a month or two, when
you've
> > > calmed down a bit.
> > <snip>
> >
> > I found it better just to leave him there. I let my
> > newsreader killfile "mark as read" (rather than deleting
> > altogether), so the messages are still there, if I need
> > to follow a thread. Certainly, I get through Usenet a
> > lot quicker now.
>
> So I would rather get to the point. Can people stop condeming me now?
>
> Honestly, When do serious people ask questions? About once a week,
how many
> post daily? 100s! If I am rude to someone without a clue so be it.
>
> Tom
>
> Sent via Deja.com
> http://www.deja.com/
>
Sent via Deja.com
http://www.deja.com/
------------------------------
From: zapzing <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto,misc.survivalism
Subject: Re: Why Microsoft's Product Activation Stinks
Date: Mon, 22 Jan 2001 19:24:40 GMT
In article <[EMAIL PROTECTED]>,
JCA <[EMAIL PROTECTED]> wrote:
> zapzing wrote:
>
> > > all that with ONE reboot.
> > >
> > > Doing the equivalent on Windows would take you over a month.
> >
> > Except that most people never do it at all.
> > It comes on the machine. Can't get any
> > easier than that!
> >
>
> You can get PCs with Linux installed. They tend to be cheaper than
> their Windows counterparts too, because you don't have to pay an
> outrageous amount for the OS. Do you want links?
Actually, yes, I do.
--
Void where prohibited by law.
Sent via Deja.com
http://www.deja.com/
------------------------------
From: Bob Silverman <[EMAIL PROTECTED]>
Subject: Re: Any good source of cryptanalysis source code (C/C++)?
Date: Mon, 22 Jan 2001 19:28:51 GMT
In article <94hrpf$t1f$[EMAIL PROTECTED]>,
AllanW <[EMAIL PROTECTED]> wrote:
> In article <94ac9t$6nu$[EMAIL PROTECTED]>,
> Must we always be quick to condemn the writings of others?
> Of course I don't *know* that this is what the OP meant. But you
> don't know that what you assert is the truth, either. Perhaps
> we could give him the benefit of the doubt, until we know better?
Noone is condemning the writing.
However, in a medium in which writing is all we have, and especially
in a group devoted to a *mathematical* subject, it is best assumed
that what is written is what is meant.
Furthermore, is is clear what the OP wanted. If he wanted to learn
about methods, he would have asked for it. Instead he asked for a
"universal decoder".
--
Bob Silverman
"You can lead a horse's ass to knowledge, but you can't make him think"
Sent via Deja.com
http://www.deja.com/
------------------------------
From: Greggy <[EMAIL PROTECTED]>
Subject: Re: Kooks (was: NSA and Linux Security)
Date: Mon, 22 Jan 2001 19:27:31 GMT
In article <[EMAIL PROTECTED]>,
Darren New <[EMAIL PROTECTED]> wrote:
> Greggy wrote:
> > There is no parallel with those who already had intimate knowledge
of
> > the 13th amendment in their days.
>
> Last I looked, the Constitution named the Supreme Court as the final
judge
> of what the constitution means. Hence, arguing here that the "true"
13th
> ammendment is being ignored is rather silly. If the Supreme Court
justices
> don't believe it's there, it is for all intents and purposes not
there, even
> if it *was* ratified, yes?
We all know that you are not ignorant enough to believe that the
Supreme Court can interpret away sections at will.
So just who do you think you are fooling here?
--
Jol Silversmith - I wasn't there so I cannot say why no one
protested within the Virginian legislature that day in 1819
not to include the 13th amendment in their publications, or to
require all 21 states to ratify the same. But I am absolutely
certain I know more than they did back then what was really
going on all around them. Boy, I'm good!
Sent via Deja.com
http://www.deja.com/
------------------------------
From: [EMAIL PROTECTED] (Terry Ritter)
Subject: Re: using AES finalists in series?
Date: Mon, 22 Jan 2001 19:45:34 GMT
On Mon, 22 Jan 2001 12:04:45 +0100, in
<[EMAIL PROTECTED]>, in sci.crypt Mok-Kong Shen
<[EMAIL PROTECTED]> wrote:
>Terry Ritter wrote:
>>
>[snip]
>> I note that AES did not guarantee free encryption software so that all
>> society could use encryption; it instead removed the economic basis
>> for an industry of cipher *development*. It also failed to provide an
>> economic basis for cipher *evaluation*; the ad-hoc "please donate your
>> time" approach is just sad.
>[snip]
>
>I am confused. Isn't AES free for use by everyone in the
>world?
AES the algorithm is free, and code is available. The vast,
overwhelming majority of users, however, cannot use that free code.
They will buy their crypto software, whether it be alone, part of an
OS, or even part of a turn-key hardware package.
Imagining that the whole point of AES was to provide free cipher code
for the few user-programmers who could and would use it surely
distorts the whole idea of the project.
>(Codes are available for download and there is no
>patent issue.) Certain governments could forbid use of
>encryption entirely, but that's a different issue.
>
>Whether anything (crypto or not) is good for development
>of economy in the society is in my view an issue really
>hard to gain unanimous opinions (it suffices to note
>how the different countries are different in economical
>structures) and I am certainly entirely incompetent to
>comment on that. However, to your last phrase, I don't yet
>see anything inherently wrong for anybody or any institution
>to say 'Please donate your time', as long as there are
>people ready (entirely on their free will) to donate their
>time, like there are people willing to donate their blood.
>In fact, I suppose many mathematicians who publish are
>idealists and donate their time for free in doing their
>researches for the advancement of science.
I think there *is* something wrong with "please donate your xxxx,"
specifically because it *was* the government which did this. We have
an economy for a reason; the government *buys* the infrastructure
society wants, it does not need to beg.
The result was ciphers only from among those who wished to donate,
which reduced the field from among which a winner was chosen for all
society. Even worse was contributed time and analysis with little or
no overall coordination among the various contributors. The ad hoc
approach is just more likely to waste contributed time than to use it
effectively.
This is a modern, technical society. Many people know how to build
complex things and make them work. The way to do this is not by
haphazard testing, but by a well-regulated, well-documented
comprehensive program of analysis. And while that would not catch
everything, it does tend to catch things that otherwise might "slip
through the cracks."
---
Terry Ritter [EMAIL PROTECTED] http://www.io.com/~ritter/
Crypto Glossary http://www.io.com/~ritter/GLOSSARY.HTM
------------------------------
From: Robert Harley <[EMAIL PROTECTED]>
Subject: Re: ECC Domain Generation
Date: 22 Jan 2001 20:36:23 +0100
Splaat23 <[EMAIL PROTECTED]> writes:
> [...]
> To complete my practical knowledge of elliptic curve cryptosystems, I have
> been trying to code ECC domain parameter generation, and can do everything
> except for the one crucial step: determining the cardinality of the curve.
>
> Someone out here _must_ actually know how to do this.
Yup.
>Yes, I trust the ECC domain parameter validation algorithms - I have
>studied the math enough to know the logic is sound - but I have some
>moral problem just using NIST's recommended curves.
Moral problems aside, in crypto one must be paranoid so why use
somebody else's curves when they might have chosen curves with
weaknesses known only to them? The NIST curves were chosen by NSA.
I don't know whether they have such a weakness but why risk it when I
can generate my own?
> As far as I can tell, the best method known for solving cardinality is
> to find cardinality modulo primes and use CRT to construct the final
> cardinality.
This is true for prime fields. There, you need the
Schoof-Elkies-Atkin algorithm which good for small prime fields i.e.,
of cryptographic size or medium ones.
For fields of characteristic two you can use the Satoh-FGH algorithm
which is much faster. You can find an article describing the
algorithm and a simple demo for 120 bits at my site:
http://www.xent.com/~harley/
For S.E.A., Mike Scott already posted a link to his site with an
implementation of that... (What's up with these Irish guys counting
points on elliptic curves? =:^)
Once upon a time it was difficult to generate secure random curves.
But now counting points on a 163-bit curve, say, takes 2.5 seconds on
a fast Alpha and under 10 on a fast PC.
By using an early-abort strategy, finding a secure random curve of
that size (similar in security to RSA-1024) takes 20 seconds on the
Alpha or about a minute on a fast PC. See my upcoming paper with
Mireille Fouquet and Pierrick Gaudry at Eurocrypt 2001.
I have recently got an implementation of a new method working which is
simpler and faster than Satoh-FGH and uses much less memory, but it is
not described anywhere (yet).
Bye,
Rob.
.-. .-.
/ \ .-. .-. / \
/ \ / \ .-. _ .-. / \ / \
/ \ / \ / \ / \ / \ / \ / \
/ \ / \ / `-' `-' \ / \ / \
\ / `-' `-' \ /
`-' `-'
------------------------------
From: "Joseph Ashwood" <[EMAIL PROTECTED]>
Subject: Re: Easy question for you guys...
Date: Mon, 22 Jan 2001 11:21:34 -0800
This should be very fast, but remember you've only got security of 50
(that's 50, not 2^whatever, just 50). Just add them mod 256. Information is
lost through collisions (2^24 collisions per output value). Problem is that
you're likely to have collisions with 50 value. So let's enlarge it some:
A,B,C,D : Your original values
w,x,y,z : small primes in the 255-65536 range
N = A*w + B*x + C*y + D*z mod 65536
Privided that w,x,y,z remain private this should be at least as difficult to
break. You could also turn it around and use (A+w)*(B+x)*(C+y)*(D+z) mod
65536 depending on what you feel better about. None of these ideas is going
to offer you perfect security, but they should all offer appropriate
security considering that there's only 50 possible input values.
Joe
"CoyoteRed" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> I want to take four 8 bit numbers and create an number that can't be
> converted back by an amateur. Resolution can be 12 - 16 bits.
>
> Here is what I'm trying to do. I want to take an IP number and give it
> a not-so unique number. The number of IP's to be converted range maybe
> in the 10-50 range, so I think that should be sufficient.
>
> What I'm trying to do is identify a poster on a bulletin board without
> giving out the IP or computer name. (or force user names and
> passwords)
>
> Here's the kicker, I want to use simple math that is available in
> Perl, in the fewest lines possible, and be easy enough to understand
> that almost anyone can follow the math. But be unable to reverse the
> process easily.
>
> TIA
>
> CR
------------------------------
From: [EMAIL PROTECTED] (Terry Ritter)
Subject: Re: using AES finalists in series?
Date: Mon, 22 Jan 2001 19:53:42 GMT
On Mon, 22 Jan 2001 09:28:42 -0700, in <[EMAIL PROTECTED]>,
in sci.crypt John Myre <[EMAIL PROTECTED]> wrote:
>Terry Ritter wrote:
><snip>
>> Now, I had no illusions about actually winning; no
>> tiny company is going to win such a contest.
><snip>
>
>I don't know why you say this, unless you mean that no tiny
>company could afford to create an adequate entry. The actual
>winner is certainly not from a big company; one author works
>at a university, which has the Rijndael web site:
>
>http://www.esat.kuleuven.ac.be/~rijmen/rijndael/
>http://www.esat.kuleuven.ac.be/
>
>and the other actually has a job (*) but you can't say that
>the company (Proton World) is a major player; their web site
>
> http://www.protonworld.com
>
>doesn't exactly trumpet AES.
I was and am surprised, but of course I'm smaller even than that. In
any case, that was my reasoning -- false or not -- with the result
being that I did not contribute, which of course was the context of
paragraph from which the above sentence was extracted.
>I hope you didn't mean to imply that NIST would/did show
>favoritism toward companies with a lot of money.
I think that someone with the resources to get their story out is in a
better situation than someone who does not get their story out. That
is not "favoritism."
>JM
>
>(*) With apologies toward those who work in education. It's
>only a turn of phrase, OK?
---
Terry Ritter [EMAIL PROTECTED] http://www.io.com/~ritter/
Crypto Glossary http://www.io.com/~ritter/GLOSSARY.HTM
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
