Cryptography-Digest Digest #607, Volume #13 Thu, 1 Feb 01 20:13:00 EST
Contents:
Re: On combining permutations and substitutions in encryption (John Myre)
Re: On combining permutations and substitutions in encryption ("Matt Timmermans")
fast DES implementation for 64-bit (alpha) architecture ([EMAIL PROTECTED])
Re: A new cipher (Splaat23)
Re: How good is Diamond2 and Saphire ciphers? (Paul Crowley)
Re: RSA: Finding the private exp instead of factoring (Splaat23)
Re: How good is Diamond2 and Saphire ciphers? ("Paul Pires")
Re: On combining permutations and substitutions in encryption ("Paul Pires")
Re: How good is Diamond2 and Saphire ciphers? ("Joseph Ashwood")
Integer Functions in Encryption Algorithmy ([EMAIL PROTECTED])
Re: Most secure code for US Citizen. (Splaat23)
Re: How good is Diamond2 and Saphire ciphers? (David Hopwood)
Re: ideas of D.Chaum about digital cash and whether tax offices are delighted ?
(phil hunt)
----------------------------------------------------------------------------
From: John Myre <[EMAIL PROTECTED]>
Subject: Re: On combining permutations and substitutions in encryption
Date: Thu, 01 Feb 2001 17:09:02 -0700
Paul Pires wrote:
<ship>
> Unless I am completely missing Terry's point, you may know M and C but
> you have no confidence as to which particular M bit relates to what C bit.
Not really relevant. Matt turns the encryption algorithm into
a bunch of boolean equations relating all of the M's, all of the
C's, and all of the K's (key bits). He may also allow himself a
bunch of "temporary variables". More below.
> The point is that the transposition breaks the relationship between particular
> M's and C's. They may be constants but you don't know how they are
> inter-related do you? Wouldn't this complicate things for you? It sure
> messes with my head.
>
> Before you roast me here, an admission of ignorance. What's a 3-SAT problem
> and where do I find out about SAT solvers?
<snip>
"3-SAT" is one of the canonical NP-complete problems. I'll
let somebody else expand on this, if they're interested,
except to note that there are of course no "efficient" SAT
solvers known at this time.
It isn't really critical, however. The important point is
that, since you can verify a guess at the key in polynomial
time, the problem of finding the key is at worst NP. If
we discover that NP = P, it would mean that finding the key
is only polynomial in the size of the problem, which is
linear in the size of the key, and all this folderol about
security that is exponential in the key size is bogus.
Of course, most people believe that P != NP, but we don't
actually know. This means that any security claims that
have "2 ^ keysize" in them are *assuming* that P != NP
(unless, of course, the claim manages to *prove* that
P != NP, which would be of separate interest).
The larger question, then, is how any encryption algorithm
is any different in terms of assumptions for security
arguments.
JM
------------------------------
From: "Matt Timmermans" <[EMAIL PROTECTED]>
Subject: Re: On combining permutations and substitutions in encryption
Date: Fri, 02 Feb 2001 00:12:19 GMT
"Paul Pires" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Before you roast me here, an admission of ignorance. What's a 3-SAT
problem
> and where do I find out about SAT solvers?
Ah, that explains the previous bit (I _was_ about to roast you ;-)
There is a class of problems called NP - the problems that can be solved by
a non-deterministic turing machine in polynomial time. There is also a
class of problems called NP-complete, which are the hardest problems in NP.
If you can solve an NP-complete problem in polynomial time, then you can
solve _all_ NP problems in polynomial time.
3-SAT is the (probably) most commonly known NP-complete problem. A 3-SAT
problem is a collection of disjunctions (OR-clauses) of up to 3 boolean
variables or their negations, the question being "is it possible to assign
truth values to all the variables such that all of the claues are
satisfied"?
For example:
(a|b|c)
(~a|~b|c)
(a|~b|~c)
is there a satisfying assignment?
The answer is yes: when a=F, b=T, c=F, all clauses are satisfied.
Now, Cook showed that any problem in NP can be converted into a SAT
problem - SAT is like 3-SAT, but with no limit on the number of variables in
a clause. The major part of his proof consisted in proving that for _any_
function F(x) : bool (x is an arbitrary data structure) and bound B, the
question "does there exist an x less than B bits big for which F(x) returns
true?" can be converted into a SAT problem instance such that:
1) The size of the SAT instance is polynomial in the maximum running time of
the function for inputs less than B bits long; and
2) The instance is satisfiable iff there is an x less that B bits in size
for which P(x) returns true.
(ok, he actually showed something a bit different, but equivalent).
It has also been shown that any SAT problem can be converted into a 3-SAT
problem with a polynomial size increase.
So, If I have a bunch of known plaintext, I can write a function like this:
bool CheckKey(k)
{
if (Encrypt(k,plaintext)==ciphertext)
return true;
else
return false;
}
And I can convert it to a 3-SAT problem whose size is polynomial in the time
it takes to encrypt the plaintext. It is a simple matter to show that if I
can answer this question in polynomial time, then I can find the actual bits
of k with only polynomially more work than it takes to encrypt.
You must appreciate by now that it is likely very hard to solve 3-SAT
problems! That is probably true, but it has never been proven, though many,
many, people have tried.
If you want to read up on it, start with the P!=NP section of the
comp.theory FAQ.
------------------------------
From: [EMAIL PROTECTED]
Subject: fast DES implementation for 64-bit (alpha) architecture
Date: Fri, 02 Feb 2001 00:19:01 GMT
Hello all,
Does anyone have any C code that is optimized for the Dec Alpha 64-bit
processors?
I just read the '97 paper by Eli Biham on "A Fast New DES
Implementation in Software". I wish there was an appendix with the C
libraries involved in the paper! Does anyone have a C library that
uses this implementation or a newer implementation that is even
faster? I would appreciate any links that describe any updates to this
idea or any improvements. I would like to see some code too to better
understand the ideas used.
One reason this sounds so interesting is that I am trying to understand
the Alpha architecture and thought this would be a good starting point.
Are there fast implementations in Alpha assembly?
Thanks a lot,
Luke
Sent via Deja.com
http://www.deja.com/
------------------------------
From: Splaat23 <[EMAIL PROTECTED]>
Subject: Re: A new cipher
Date: Fri, 02 Feb 2001 00:23:49 GMT
Just my 15 minute quick-look. But yes, I do. I have a couple of
questions and comments, actually:
Where did you come up with the "hash"? I can't recognize it, but that
definately doesn't mean it isn't a mature algorithm.
Just because it takes 129 round to generate the key, with no
collisions, doesn't mean it doesn't have a simpler algorithm. Also, it
may be susceptable to related-key attacks, but that's just a
possiblity, no evidence of any sort to back it up - key schedules
(which is basically what this is in a way) can be very tricky
components of an algorithm.
Generally, "whitening" doesn't affect the success of most attacks aside
from increasing the complexity by a constant.
I never said "very" susceptible, but it does have that chance. Note
that neither did I take the time to thoroughly examine the algorithms
nor do I think I have that free time. If you could write the algorithms
out in mathmatical notation rather than source code it would be a lot
easier. But generally, I'm not entirely sure this area of ciphers is as
studied as either block or stream ciphers, so any conjecture as to the
security of your algorithm is a lot weaker.
Why did you decide to write a single block cipher (as in one block for
an entire message) rather than create a block cipher? As far as I can
tell, your mode of operation has no advantages and many disadvantages.
- Andrew
In article <[EMAIL PROTECTED]>,
"David Finch" <[EMAIL PROTECTED]> wrote:
> So taking into account the hash, the "whitening" step (and the
function to
> generate the 2nd key in 129 rounds with no possibility for
collision), and
> the forward and backwardencrypt, it would still likely be very
susceptible
> to differential cryptoanalysis in your opinion?
>
> >
> > From: Splaat23 <[EMAIL PROTECTED]>
> > Subject: Re: A new cipher
> > Date: Thu, 01 Feb 2001 04:15:21 GMT
> >
> > I think Mr. Goldberg is right. I've taken a look at the basic
> > components forwardEncrypt and backwardEncrypt, which simply iterate
> > along the data ADD/XORing a changing key (data-dependent). It is a
very
> > linear function. Most secure ciphers have some nonlinear function
used,
> > whether it be S-boxes or data-dependent rotations. I could see some
> > serious differential attacks against this primitive. A chosen
plaintext
> > attack would have a good chance of some strong differentials because
> > the keying data is only input twice in the whole algorithm: once in
> > forwardEncrypt and once in backwardEncrypt. In fact, break the hash
and
> > you can get the key in just a few pairs.
> >
>
> Did I call it a block cipher? If I ever did it was accidental.
>
> > Also, it is not even a block cipher, because ciphertext depends on
ALL
> > bits of the plaintext. We could use his basic algorithm as a block,
but
> > then I think all the security is gone because there is simply too
> > little keying material.
> >
> > - Andrew
>
>
Sent via Deja.com
http://www.deja.com/
------------------------------
Subject: Re: How good is Diamond2 and Saphire ciphers?
From: Paul Crowley <[EMAIL PROTECTED]>
Date: Fri, 02 Feb 2001 00:29:54 GMT
Rex Stewart <[EMAIL PROTECTED]> writes:
> Diamond2 is a classical substitution-permutation cypher
> which although very strong, is not very fast. The cypher
> was designed with strength in mind, but not much concern
> for speed. In fact one of the positive aspects of this
> cypher is the slowness of key setup - which takes several
> million processor cycles. This increases the cost of
> brute forcing the key (known as key strengthening).
This is not a strength of any cipher. It is far more effective to use
longer keys or otherwise add key entropy than to slow down the key
schedule; where more entropy is not available (for example when
handling passphrases), it's much better to use a separate routine for
converting the passphrase to the key.
Also, IIRC, this is key stretching, and key strengthening is throwing
in a little extra random information into the key, forcing a little
brute force attack on this unknown information at decrypt time.
Though it has the same purpose as key stretching it is a different
technique. See http://www.counterpane.com/low-entropy.html
> It has some similarities to RC4 but with an extra twist that
> it feeds information from both the plaintext and the cyphertext
> streams into the system. This allows it to be used repeatedly
> with a single key, unlike standard stream cyphers.
Not so; if the plaintext has the same prefix, the ciphertext will
to. The correct way to provide this property is to use an IV, like
CipherSaber.
> While feeding back information from either plaintext OR
> cyphertext streams is considered a dangerous practice - he
> used both, which complicates attacks somewhat, and I don't
> think anyone has come up with any useful attacks.
It's still undesirable; if you avoid feedback then chosen-plaintext
attacks are no more powerful than known-plaintext.
You can use any secure stream cipher to construct a KG-style stream
cipher by encrypting the stream of all zeroes. If this mode is
insecure, the stream cipher is insecure.
> As for whether these cyphers are good for the future - it
> depends on what you intend to use them for. No one (as
> far as I know) is creating applications using these cyphers.
> (The only aplications I know for Sapphire2 are ATBASH
> and --- hmmm, drawing a blank right now, but I know there
> were two others) OTOH - in the (eight or nine?) years since
> they were presented to the cryptographic community, no one
> has found any useful attacks based on either the cyphers
> or the componets used to biuld them.
TBH I see no reason to believe that a great deal of work has gone into
attacking these ciphers; at the time, Blowfish or vanilla RC4 would be
a clear better choice, and today there's no reason not to use
Rijndael.
--
__
\/ o\ [EMAIL PROTECTED]
/\__/ http://www.cluefactory.org.uk/paul/
------------------------------
From: Splaat23 <[EMAIL PROTECTED]>
Subject: Re: RSA: Finding the private exp instead of factoring
Date: Fri, 02 Feb 2001 00:31:51 GMT
Do you have any idea how large the search space would be? Even assuming
the low and high bits are one, that leaves (for a 1024-bit modulus)
2^1022 possibilities to test. To give you an idea of how ridiculous
this is (pulled from Applied Cryptography): Based on simple
thermodynamics, even if you harnessed the power of a supernova, you
could only increment a counter through ~2^229. That still leaves
~2^1022 possibilities. You'd have to harness 2^802 supernovas to _just_
increment a counter, not to mention do calculations with that
counter. :)
- Andrew
In article <956iq1$47f$[EMAIL PROTECTED]>,
"The Death" <[EMAIL PROTECTED]> wrote:
> It is not just the number of private exponents playing here:
> * You can assume a small exponent won't be chosen
> * You need to count the instructions driven by the CPU, in asm, to
find out
> how many are needed to find the private exponent and how many are
used by
> the fastest factoring algorithm known today
>
> The Death
>
> Bob Silverman <[EMAIL PROTECTED]> wrote in message
> news:953tvh$os9$[EMAIL PROTECTED]...
> > In article <951dto$eje$[EMAIL PROTECTED]>,
> > "The Death" <[EMAIL PROTECTED]> wrote:
> > > Isn't it easyer sometimes to encrypt a message, and try finding
the
> > private
> > > exponent.
> > > The procedure is:
> > > 1) Encrypt a message
> > > 2) Decrypt by private exponent X
> > > 3) Is the decrypted message the same as the original?
> > > * Yes - You found the Private Exponent!
> > > * No - Increase X by 1 and go back to (2)
> >
> >
> > I suggest that you count the number of private exponents.....
> >
> > --
> > Bob Silverman
> > "You can lead a horse's ass to knowledge, but you can't make him
think"
> >
> >
> > Sent via Deja.com
> > http://www.deja.com/
>
>
Sent via Deja.com
http://www.deja.com/
------------------------------
From: "Paul Pires" <[EMAIL PROTECTED]>
Subject: Re: How good is Diamond2 and Saphire ciphers?
Date: Thu, 1 Feb 2001 16:45:44 -0800
Rex Stewart <[EMAIL PROTECTED]> wrote in message news:95cse4$l9v$[EMAIL PROTECTED]...
> In article <[EMAIL PROTECTED]>,
> "Paul Pires" <[EMAIL PROTECTED]> wrote:
> >
> > Rex Stewart <[EMAIL PROTECTED]> wrote in message
> news:95cbqp$4nu$[EMAIL PROTECTED]...
> > > Assuming you are talking about ciphers Micheal P. Johnson
> > > developed in the early 90's:
> > >
> > <Snip>
> > >
> > > Sapphire2
> > > It has some similarities to RC4 but with an extra twist that
> > > it feeds information from both the plaintext and the cyphertext
> > > streams into the system. This allows it to be used repeatedly
> > > with a single key, unlike standard stream cyphers.
> >
> > This sounds like something interesting. Can you give me any pointers
> > to where I might find a description of this? I'll give Google a go but
> > a reccomendation would be appreciated.
> >
> > Thanks,
> >
> > Paul
> >
> The only lead I can find right now is
> http://cypherpunks.venona.com/date/1994/12/msg00507.html
>
> I haven't seen much of his work lately, but in the early 90's
> he produced several cyphers Ruby-MarkV, Sapphire2, and Diamond2
> are the algorythms I remember best.
>
> Sapphire1 was shown vulnerable to a type of chosen plaintext
> attack, and Diamond2 was primarily a speedup to Diamond.
>
> The other two products I couldn't remember earlier were
> Qcrypt and Shredder. Qcrypt, like ATBASH, was written
> by Mike Johnson.
Thank's
For the record, I found it at:
http://cryptography.org
Paul
> Rex Stewart
> PGP Print 9526288F3D0C292D 783D3AB640C2416A
>
>
> Sent via Deja.com
> http://www.deja.com/
====== Posted via Newsfeeds.Com, Uncensored Usenet News ======
http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
======= Over 80,000 Newsgroups = 16 Different Servers! ======
------------------------------
From: "Paul Pires" <[EMAIL PROTECTED]>
Subject: Re: On combining permutations and substitutions in encryption
Date: Thu, 1 Feb 2001 16:51:57 -0800
Matt Timmermans <[EMAIL PROTECTED]> wrote in message
news:DXme6.33027$[EMAIL PROTECTED]...
>
> "Paul Pires" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > Before you roast me here, an admission of ignorance. What's a 3-SAT
> problem
> > and where do I find out about SAT solvers?
>
> Ah, that explains the previous bit (I _was_ about to roast you ;-)
You have my undying gratitude :-)
>
> There is a class of problems called NP - the problems that can be solved by
> a non-deterministic turing machine in polynomial time. There is also a
> class of problems called NP-complete, which are the hardest problems in NP.
> If you can solve an NP-complete problem in polynomial time, then you can
> solve _all_ NP problems in polynomial time.
>
> 3-SAT is the (probably) most commonly known NP-complete problem. A 3-SAT
> problem is a collection of disjunctions (OR-clauses) of up to 3 boolean
> variables or their negations, the question being "is it possible to assign
> truth values to all the variables such that all of the claues are
> satisfied"?
>
> For example:
> (a|b|c)
> (~a|~b|c)
> (a|~b|~c)
> is there a satisfying assignment?
>
> The answer is yes: when a=F, b=T, c=F, all clauses are satisfied.
>
> Now, Cook showed that any problem in NP can be converted into a SAT
> problem - SAT is like 3-SAT, but with no limit on the number of variables in
> a clause. The major part of his proof consisted in proving that for _any_
> function F(x) : bool (x is an arbitrary data structure) and bound B, the
> question "does there exist an x less than B bits big for which F(x) returns
> true?" can be converted into a SAT problem instance such that:
>
> 1) The size of the SAT instance is polynomial in the maximum running time of
> the function for inputs less than B bits long; and
>
> 2) The instance is satisfiable iff there is an x less that B bits in size
> for which P(x) returns true.
>
> (ok, he actually showed something a bit different, but equivalent).
>
> It has also been shown that any SAT problem can be converted into a 3-SAT
> problem with a polynomial size increase.
>
> So, If I have a bunch of known plaintext, I can write a function like this:
> bool CheckKey(k)
> {
> if (Encrypt(k,plaintext)==ciphertext)
> return true;
> else
> return false;
> }
>
> And I can convert it to a 3-SAT problem whose size is polynomial in the time
> it takes to encrypt the plaintext. It is a simple matter to show that if I
> can answer this question in polynomial time, then I can find the actual bits
> of k with only polynomially more work than it takes to encrypt.
>
> You must appreciate by now that it is likely very hard to solve 3-SAT
> problems! That is probably true, but it has never been proven, though many,
> many, people have tried.
>
> If you want to read up on it, start with the P!=NP section of the
> comp.theory FAQ.
Thank you,
Paul
====== Posted via Newsfeeds.Com, Uncensored Usenet News ======
http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
======= Over 80,000 Newsgroups = 16 Different Servers! ======
------------------------------
From: "Joseph Ashwood" <[EMAIL PROTECTED]>
Subject: Re: How good is Diamond2 and Saphire ciphers?
Date: Thu, 1 Feb 2001 16:56:36 -0800
"ddd" <[EMAIL PROTECTED]> wrote in message news:95a5or$2ugu$[EMAIL PROTECTED]...
> How good is Diamond2 and Saphire ciphers? Are these ciphers good for
future?
In terms of security they're rather middle of the road. In terms of speed
they are very slow. To compare apples to apples (source
http://www.eskimo.com/~weidai/benchmarks.html, rounded to nearest
megabyte/second):
Rijndael 30 MB/s
Diamond2 6 MB/s
ARC4 63 MB/s
Sapphire 10 MB/s
So I don't see much reason to go with either Diamond2 or Sapphire. They may
be both secure, but comparing them to other algorithms that have been
examined more, and come up as being at least as strong both algorithms fall
short by a wide margin on speed. Of course if someone can prove that
Sapphire is at least as strong as BlumBlumShub then there might be something
to talk about.
Joe
------------------------------
From: [EMAIL PROTECTED]
Subject: Integer Functions in Encryption Algorithmy
Date: Fri, 02 Feb 2001 00:49:30 GMT
I have a free downloadable JAVA encryption/decryption application at
the URL listed below:
http:[EMAIL PROTECTED]/Dougpage/PageA/moddes.htm
It is a modified DES algorithm and makes a fine stand alone encryption
tool. It works best on OS/2. Windows has a Java compatability problem.
The byte parity relation was removed because it is a front-door kind of
logical correlation.
The s-box bit replacement part of the algorithm was altered to a simple
bit rotation process because the original form was a back-door kind of
functional impression apon the input bit set.
Douglas Eagleson
[EMAIL PROTECTED]
Sent via Deja.com
http://www.deja.com/
------------------------------
From: Splaat23 <[EMAIL PROTECTED]>
Subject: Re: Most secure code for US Citizen.
Date: Fri, 02 Feb 2001 00:49:41 GMT
I'll try not to take it personally... I am relatively new to this
newsgroup, and to usenet in general, but not to cryptography. I have
participated in many of these gang bashing sessions in recent days on
unsuspecting and often clueless posts and posters, but this time I
believe it was an honest question which I thought got an unreasonably
harsh response from the rest of us. I'm not entirely sure the generally
accepted policy of attacking clueless posters is having the effect we
all want, which is less of that type of traffic and more serious
questions. A simple answer to these simple questions would be great if
we could all agree to that.
However, more interesting to me is that you think this is somewhat
consistent in my posts. For myself, so that I can read more in areas
where I have misinformation or lack of information, could you please
privately send me references to these posts? I mean this in all
seriousness. As with everyone, I'll admit I'm far from perfect and also
in a constant learning process, so any help I can get, especially in
areas of weakness, would be great.
Anyway, perhaps my wording in my previous post was not as clear as I
would have liked. By "current best", I did not mean some pinnacle of
symmetric encryption that is held by all to be the "best". One of the
most important lessons in life is that such absolutes are rare at best.
- Andrew
In article <95c9su$2qq$[EMAIL PROTECTED]>,
Bob Silverman <[EMAIL PROTECTED]> wrote:
> In article <95a4kn$87m$[EMAIL PROTECTED]>,
> Splaat23 <[EMAIL PROTECTED]> wrote:
> > What are you talking about? He didn't ask for perfect security, just
> > the current best! I'll admit the context of this encryption is not
> > known, but you don't need to jump on the man...
> >
> > - Andrew
>
> Dear Splaat23:
>
> Please don't take this personally. I am about to express an opinion
> about your *posts*, and the opinion is not about you personally.
>
> --------------
> IMO, based upon reading many of your posts, you don't know what
> you are talking about. A little knowledge is dangerous....
> --------------
>
> Bob
>
> P.S. Noone "jumped on the man". It was simply pointed out that
> his request was meaningless. Further, your comment about "asked
> for the current best" shows that YOU don't know what you are talking
> about since there is no current best.
> May I suggest that you actually *study* this subject before
> making any further public pronouncements???
>
> --
> Bob Silverman
> "You can lead a horse's ass to knowledge, but you can't make him
think"
>
> Sent via Deja.com
> http://www.deja.com/
>
Sent via Deja.com
http://www.deja.com/
------------------------------
Date: Fri, 02 Feb 2001 00:57:09 +0000
From: David Hopwood <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: How good is Diamond2 and Saphire ciphers?
=====BEGIN PGP SIGNED MESSAGE=====
Paul Pires wrote:
> Rex Stewart <[EMAIL PROTECTED]> wrote:
> > Sapphire2
> > It has some similarities to RC4 but with an extra twist that
> > it feeds information from both the plaintext and the cyphertext
> > streams into the system. This allows it to be used repeatedly
> > with a single key, unlike standard stream cyphers.
>
> This sounds like something interesting. Can you give me any pointers
> to where I might find a description of this? I'll give Google a go but
> a reccomendation would be appreciated.
ftp://ftp.zedz.com/pub/crypto/libraries/sapphire/sapphire.zip
- --
David Hopwood <[EMAIL PROTECTED]>
Home page & PGP public key: http://www.users.zetnet.co.uk/hopwood/
RSA 2048-bit; fingerprint 71 8E A6 23 0E D3 4C E5 0F 69 8C D4 FA 66 15 01
Nothing in this message is intended to be legally binding. If I revoke a
public key but refuse to specify why, it is because the private key has been
seized under the Regulation of Investigatory Powers Act; see www.fipr.org/rip
=====BEGIN PGP SIGNATURE=====
Version: 2.6.3i
Charset: noconv
iQEVAwUBOnoFwjkCAxeYt5gVAQGB0Qf9Gkl9kZ6Zb3Ccgwtw6+8O1G+jkmCRMz8Y
6fqZ2cTWIip8zIXJxYrEFgvAZLebYU6HqsjCvLVCf4GYgi0PR27ts9AVnfs3Hhlp
zwEzFWMXjfbqBZpWtR/EekDtcmQuOxgoZtzUOPzWrW+fjoZ7p2eAmkcHKyuTioVI
EfREidG7zaeO5j7AFyoGytv/n5o045wFyUzLECTgdSw9u6gjfag+9SXEaoC91joY
0T10YV0xyZ7C6atfS+9/+s0pr2YwSKPsZRZMS5JuXXcegt3gD4+laYqRvyfMHtKv
tcNTvGkAU1CsT5u8Cgz0DQzFOeDz12zAcfVVZ8tOCYPQ+yNAuNNE2Q==
=si6b
=====END PGP SIGNATURE=====
------------------------------
From: [EMAIL PROTECTED] (phil hunt)
Crossposted-To: talk.politics.crypto,alt.cypherpunks
Subject: Re: ideas of D.Chaum about digital cash and whether tax offices are
delighted ?
Date: Thu, 1 Feb 2001 21:26:31 +0000
On Thu, 01 Feb 2001 18:40:14 GMT, Darren New <[EMAIL PROTECTED]> wrote:
>Thomas J. Boschloo wrote:
>> Another problem with anonymous cash is that combined with anonymous
>> publishing, it will not be possible to stop commercial child porn.
>
>Of course it will. You arrest the people taking the photographs. You arrest
>the people kidnapping (or whatever) the children. This is like saying that
>without phone taps, you can't catch contract killers.
Anonymous cash and anonymous publishing (the post) preceded the Internet
by centuries, and they still managed to catch criminals.
--
*****[ Phil Hunt ***** [EMAIL PROTECTED] ]*****
"An unforseen issue has arisen with your computer. Don't worry your
silly little head about what has gone wrong; here's a pretty animation
of a paperclip to look at instead." -- Windows2007 error message
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
