Cryptography-Digest Digest #685, Volume #13 Tue, 13 Feb 01 17:13:01 EST
Contents:
Re: Minimal-space authentication algorithm (Mike Rosing)
What is an Inorder Algorithm? (Ned Scholes)
Irreducible Polynomials over Z2 ("Srdjan Sobajic")
Re: Hardware RNG - Where can I order one? (Mike Rosing)
Re: What is an Inorder Algorithm? (Ben Pfaff)
Re: What is an Inorder Algorithm? ("Riordan")
Re: A different concept for email encryption ?? (Robert Scott)
Re: What is an Inorder Algorithm? (Ned Scholes)
Re: Minimal-space authentication algorithm (Paul Rubin)
Re: What is an Inorder Algorithm? (Erik Max Francis)
Re: Super strong crypto (wtshaw)
Re: Subtle RC4 implementation mistake (was: Arcfour in Ada, by me - is (Mok-Kong
Shen)
Re: Factoring (and not the Philippino :) ("Tomas Rosa")
Re: Hardware RNG - Where can I order one? (George Weinberg)
Re: A different concept for email encryption ?? (George Weinberg)
Re: asking for stream cipher resource (Anthony Stephen Szopa)
Re: Super strong crypto (Anthony Stephen Szopa)
Re: Super strong crypto (John Myre)
Re: Sky TV (Stephan T. Lavavej)
Re: A different concept for email encryption ?? (Paul Rubin)
Re: Scramdisk, CDR and Win-NT (jungle)
Re: What is an Inorder Algorithm? (Kaz Kylheku)
----------------------------------------------------------------------------
From: Mike Rosing <[EMAIL PROTECTED]>
Subject: Re: Minimal-space authentication algorithm
Date: Tue, 13 Feb 2001 12:33:18 -0600
"H. Peter Anvin" wrote:
>
> I'm looking for an encryption and/or authentication algorithm (the
> latter is actually more important) that can be implemented in minimal
> code space -- literally every byte counts. I have looked at TEA,
> including the extensions by Needham and Wheeler (Oct 1997), but some
> of the back archives of this group seem to imply that it may not be
> that good of a cipher algorithm. I wonder if anyone could comment on
> this, or perhaps suggest alternatives.
If you are willing to go slow you can reduce space requirements by quite
a bit with any PK authentication algorithm. What level of security are
you looking for? How much ram do you have? What kind of math are you
willing to implement? There are lots of choices here, but realize that
authentication is not the same as encryption. If you want a reasonable
and very small encryption routine, check out Skipjack.
Patience, persistence, truth,
Dr. mike
------------------------------
From: Ned Scholes <[EMAIL PROTECTED]>
Crossposted-To:
comp.lang.c,alt.comp.lang.learn.c-c++,sci.math,comp.lang.c++,comp.lang.java.programmer,comp.programming
Subject: What is an Inorder Algorithm?
Date: Tue, 13 Feb 2001 18:35:10 GMT
I know what a postorder algorithm is, it goes through the left side
first and then the right side and last the node. Is a inorder algorithm
the opposite?
------------------------------
From: "Srdjan Sobajic" <[EMAIL PROTECTED]>
Subject: Irreducible Polynomials over Z2
Date: Tue, 13 Feb 2001 10:35:00 -0800
Hello,
I am looking for a reference which will have a table of irreducible
polynomials over Z2.
So far, most of the tables I have found are either for trinomials or quintic
polynomials.
As I understand it, when implementing LFSR based encryption (say an
alternating
step generator) it is preferable to have dense connection polynomials hence
my question
above. I have found algorithms (in the CRC HAC) which you can use to
generate
these polynomials, but if such a resource exists I would be grateful for
some pointers.
Thanks for your help,
Srdjan Sobajic
------------------------------
From: Mike Rosing <[EMAIL PROTECTED]>
Subject: Re: Hardware RNG - Where can I order one?
Date: Tue, 13 Feb 2001 12:38:47 -0600
The Death wrote:
>
> Where can i buy a good hardware RNG that i can connect to my PC and use to
> generate secure random bits?
http://www.protego.se/sg100_en.htm
If you do a web search for "hardware random number" you'll get about 500,000 hits.
Should be a few more than the one above!
Patience, persistence, truth,
Dr. mike
------------------------------
From: Ben Pfaff <[EMAIL PROTECTED]>
Crossposted-To:
comp.lang.c,alt.comp.lang.learn.c-c++,sci.math,comp.lang.c++,comp.lang.java.programmer,comp.programming
Subject: Re: What is an Inorder Algorithm?
Date: 13 Feb 2001 13:43:06 -0500
Reply-To: [EMAIL PROTECTED]
Ned Scholes <[EMAIL PROTECTED]> writes:
> I know what a postorder algorithm is, it goes through the left side
> first and then the right side and last the node. Is a inorder algorithm
> the opposite?
You are presumably speaking of a binary tree traversal algorithm.
An inorder traversal visits the left subtree, then the node
itself, then the right subtree. In a binary search tree, this
visits all the nodes in the tree in sorted order. The "opposite"
in one sense of a postorder traversal is a preorder traversal,
which visits the node itself, then its left subtree, then its
right subtree.
There is a lot more information on binary tree traversals in my
book on binary search trees, of which you can find the current
alpha release on my webpage at
http://www.msu.edu/user/pfaffben/avl/index.html
Of the newsgroups to which this was crossposted, only
comp.programming is appropriate. Followups set.
--
Ben
- who recently received word that he's been accepted at
University of Michigan as a PhD student, with guaranteed funding
for up to 5 years... happy happy!
------------------------------
From: "Riordan" <[EMAIL PROTECTED]>
Crossposted-To:
comp.lang.c,alt.comp.lang.learn.c-c++,sci.math,comp.lang.c++,comp.lang.java.programmer,comp.programming
Subject: Re: What is an Inorder Algorithm?
Date: Tue, 13 Feb 2001 18:47:44 +0000 (UTC)
Ned Scholes <[EMAIL PROTECTED]> wrote in article
<[EMAIL PROTECTED]>...
> I know what a postorder algorithm is, it goes through the left side
> first and then the right side and last the node. Is a inorder algorithm
> the opposite?
>
>
Imagine the following tree-like structure
A
/ \
B C
Then postorder would process in the order:
B, C, A
Pre-order would go:
A, B, C
& In-order would go:
B, A, C
------------------------------
From: [EMAIL PROTECTED] (Robert Scott)
Subject: Re: A different concept for email encryption ??
Reply-To: [EMAIL PROTECTED]
Date: Tue, 13 Feb 2001 18:57:25 GMT
On Tue, 13 Feb 2001 15:08:51 +0100, "Ray" <[EMAIL PROTECTED]> wrote:
>Hi,
>I would like to hear about sense or nonsense of the following concept for
>encrpyting email while overcoming the public key infrastructure.
>
>1. Everybody can create a (public) key based on the recipient's email
>address.
>An algorithm on the user's machine does it. The message is then encrypted
>using that key.
>That's the easy part.
No, that's the impossible part. The public key (in RSA)
is generated as the product of two secretly-generated
prime numbers. It cannot be simply a hash of
someone's e-mail address.
Robert Scott
Ypsilanti, Michigan
(Respond through newsgroups, not by direct e-mail.)
------------------------------
From: Ned Scholes <[EMAIL PROTECTED]>
Crossposted-To:
comp.lang.c,alt.comp.lang.learn.c-c++,sci.math,comp.lang.c++,comp.lang.java.programmer,comp.programming
Subject: Re: What is an Inorder Algorithm?
Date: Tue, 13 Feb 2001 19:05:59 GMT
Okey, I understand. Thank you.
Riordan wrote:
> Ned Scholes <[EMAIL PROTECTED]> wrote in article
> <[EMAIL PROTECTED]>...
> > I know what a postorder algorithm is, it goes through the left side
> > first and then the right side and last the node. Is a inorder algorithm
> > the opposite?
> >
> >
>
> Imagine the following tree-like structure
> A
> / \
> B C
>
> Then postorder would process in the order:
> B, C, A
> Pre-order would go:
> A, B, C
> & In-order would go:
> B, A, C
------------------------------
From: Paul Rubin <[EMAIL PROTECTED]>
Subject: Re: Minimal-space authentication algorithm
Date: 13 Feb 2001 11:04:41 -0800
H. Peter Anvin <[EMAIL PROTECTED]> writes:
> Hello, and pardon me for asking a basic question (I'd call it a newbie
> question, but I'm a long-time lurker);
>
> I'm looking for an encryption and/or authentication algorithm (the
> latter is actually more important) that can be implemented in minimal
> code space -- literally every byte counts. I have looked at TEA,
> including the extensions by Needham and Wheeler (Oct 1997), but some
> of the back archives of this group seem to imply that it may not be
> that good of a cipher algorithm. I wonder if anyone could comment on
> this, or perhaps suggest alternatives.
What do you mean by "authentication algorithm"? What are you trying
to authenticate? If it's (say) between a server and client, can you
use a shared secret key between the client and the server? You want
to minimize code space--do you also have to minimize RAM?
Also, why do you care if TEA isn't such a good cipher algorithm--who
do you think the attacker will be? Since you're concerned with
minimizing code space, it sounds like you want to authenticate on an
embedded processor, which in turn sounds like the attacker may have
access to the hardware. Even if TEA isn't so great, it still isn't
trivial to break. If the attacker has enough resources to break TEA,
have you taken enough precautions to keep them from also attacking the
hardware?
Skipjack (suggested by someone) is nice for minimizing RAM
consumption, but because it needs a 256-byte fixed S-box (that
presumably counts as code space), it might end up needing more code
space than TEA. You could look at GOST (in Applied Cryptography); or
maybe do a compact implementation of the SHA1 (or SHA0) compression
function; or possibly just do a CRC against a secret polynomial. Or
if you have some RAM available, possibly you could adapt RC4 for use
as a hash function. That's been discussed here a few times; security
might not be perfect, but again it's not trivial to break, and the
code should be very small.
If you need public keys and don't need blazing speed, you can do the
verification side of Rabin-Williams with very little code. But now
you may have to include the public key (probably 128 bytes) as part
of the code space.
------------------------------
From: Erik Max Francis <[EMAIL PROTECTED]>
Crossposted-To:
comp.lang.c,alt.comp.lang.learn.c-c++,sci.math,comp.lang.c++,comp.lang.java.programmer,comp.programming
Subject: Re: What is an Inorder Algorithm?
Date: Tue, 13 Feb 2001 11:00:40 -0800
Ned Scholes wrote:
> I know what a postorder algorithm is, it goes through the left side
> first and then the right side and last the node. Is a inorder
> algorithm
> the opposite?
No, that would be preorder. Inorder visits the left side, the node, and
then the right side.
--
Erik Max Francis / [EMAIL PROTECTED] / http://www.alcyone.com/max/
__ San Jose, CA, US / 37 20 N 121 53 W / ICQ16063900 / &tSftDotIotE
/ \ The opinion of the strongest is always the best.
\__/ Jean de la Fontaine
Maths reference / http://www.alcyone.com/max/reference/maths/
A mathematics reference.
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: Super strong crypto
Date: Tue, 13 Feb 2001 13:14:00 -0600
In article <un2zCsUlAHA.319@cpmsnbbsa09>, "Joseph Ashwood"
<[EMAIL PROTECTED]> wrote:
...
> Let's see. I guess I'll begin with what strong cryptography is and is not,
> or rather whet we know and what we don't know. We don't know which algorithm
> is strongest, but we do know maximum values for it's strength.
Joe, this means that you have no idea, pardon the pun. There is no upward
limit as to strength, but there is to what you contemplate as feasible,
which is pretty feeble compared to alternatives you seem to ignore.
....
> Any of the 5 [AES}
> of them should be strong enough for most things.
Wrong, you need fix-um-up modes, whiuch mean that they lack sufficient
independent strength as ciphers.
--
Better to pardon hundreds of guilty people than execute one
that is innocent.
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Subtle RC4 implementation mistake (was: Arcfour in Ada, by me - is
Date: Tue, 13 Feb 2001 20:51:11 +0100
Ian Goldberg wrote:
>
[snip]
> Yes, you read right. At first, it looks just like RC4, but soon, the
> "ciphertext" is just the plaintext. (Remember Morris's Law?)
>
> That's a pretty amazing bug, isn't it? Here's the culprit:
[snip]
Indeed once again a reminder of the fact that excellent
language design efforts can reduce implementation times
but cannot be a substitute of programmers' competency and
experience. Critical software used in practical applications
should preferably be certified by a third party, if one
doesn't have time etc. to examine it oneself.
M. K. Shen
------------------------------
From: "Tomas Rosa" <[EMAIL PROTECTED]>
Subject: Re: Factoring (and not the Philippino :)
Date: Mon, 12 Feb 2001 16:27:18 +0100
It seems that your article is about "just another" representation of
nonlinear boolean equations, which can be derived from the binary
representation of the multiplication in the form n=p*q.
Unfortunately the nonlinearity of these equations grows very rapidly (due to
the carry output), so it is "very, very, very, very, ..., very" unlikely
that you will find any effective way to solve them (with respect to the
appropriate length of n, of course).
However if you are still interested enough to continue in your work, then
the only think I could recommend you is to focus yourself on the area of
nonlinear boolean equations. This will mainly help you to formalize your
ideas about the behavior and power of the basic constraints observed and
mentioned in your document (referred to as "clever tricks" as I know).
have a nice day
Tom
"Michael Brown" <[EMAIL PROTECTED]> wrote in message
news:1mKg6.6140$[EMAIL PROTECTED]...
> Considering the amount of interest that you showed in the Philippino
method,
> I thought you might want to check the page I've been trying (for the past
> couple of weeks) to get someone to look at. No flames, please, unless you
> actually _look_ at it :) But if it's totally screwed then by all means
tell
> me.
>
> http://odin.prohosting.com/~dakkor/rsa/
>
> Cheers,
> Michael
>
> --
> Code snippit 1 : Fibbonachi fill
> Stats:
> In : esi = destination address, ecx = number of numbers / 2
> Out : esi,eax,ebx,ecx destroyed. [esi] = 1,2,3,5,8...
> Time: 2.5 clocks per Fibbonachi number + 1 clock initialisation
> Code (replace ";" with newline):
> mov eax,1;mov ebx,1;L1:mov [esi],eax;add ebx,eax;add esi,4;
> mov [esi],ebx;add eax,ebx;add esi,4;dec ecx;jnz L1
>
>
------------------------------
From: [EMAIL PROTECTED] (George Weinberg)
Subject: Re: Hardware RNG - Where can I order one?
Date: Tue, 13 Feb 2001 20:01:15 GMT
On Sat, 10 Feb 2001 22:54:29 +0200, "The Death"
<[EMAIL PROTECTED]> wrote:
>Where can i buy a good hardware RNG that i can connect to my PC and use to
>generate secure random bits?
>
>
Say, that reminds me of something:
I remember reading that Pentium III computers all have built in
hardware RNGs, but there was a great deal of uncertainty as
to whether they were any good.
The info I saw was over a year old. Anyone have any new
info?
George
------------------------------
From: [EMAIL PROTECTED] (George Weinberg)
Subject: Re: A different concept for email encryption ??
Date: Tue, 13 Feb 2001 20:11:35 GMT
On Tue, 13 Feb 2001 18:57:25 GMT, [EMAIL PROTECTED] (Robert
Scott) wrote:
>On Tue, 13 Feb 2001 15:08:51 +0100, "Ray" <[EMAIL PROTECTED]> wrote:
>
>>Hi,
>>I would like to hear about sense or nonsense of the following concept for
>>encrpyting email while overcoming the public key infrastructure.
>>
>>1. Everybody can create a (public) key based on the recipient's email
>>address.
>>An algorithm on the user's machine does it. The message is then encrypted
>>using that key.
>>That's the easy part.
>
>No, that's the impossible part. The public key (in RSA)
>is generated as the product of two secretly-generated
>prime numbers. It cannot be simply a hash of
>someone's e-mail address.
>
>Robert Scott
>Ypsilanti, Michigan
>(Respond through newsgroups, not by direct e-mail.)
It stands to reason that you can't just use an arbitrary email address
to create a public key and have a situation where only the intended
recipient can generate the private key. He doesn't have any more
info tha anyone else, so either he can't generate the decryption key,
or anyone can. This doesn't depend on the algorithm.
However, there's and exception! What if the email address IS the
public key? You just generate the key pair before you get an email
address, then use the public key, suitably encoded!
Comments on this idea to
[EMAIL PROTECTED]
George
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Subject: Re: asking for stream cipher resource
Date: Tue, 13 Feb 2001 12:14:35 -0800
Eric wrote:
>
> Could any one give me some web sites about stream cipher background,
> publications etc. ?
http://www.ciphile.com
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Subject: Re: Super strong crypto
Date: Tue, 13 Feb 2001 12:16:49 -0800
wtshaw wrote:
>
> In article <un2zCsUlAHA.319@cpmsnbbsa09>, "Joseph Ashwood"
> <[EMAIL PROTECTED]> wrote:
> ...
> > Let's see. I guess I'll begin with what strong cryptography is and is not,
> > or rather whet we know and what we don't know. We don't know which algorithm
> > is strongest, but we do know maximum values for it's strength.
>
> Joe, this means that you have no idea, pardon the pun. There is no upward
> limit as to strength, but there is to what you contemplate as feasible,
> which is pretty feeble compared to alternatives you seem to ignore.
> ....
> > Any of the 5 [AES}
> > of them should be strong enough for most things.
>
> Wrong, you need fix-um-up modes, whiuch mean that they lack sufficient
> independent strength as ciphers.
> --
> Better to pardon hundreds of guilty people than execute one
> that is innocent.
I see that you have come to know this fellow as I have.
Watch him closely.
Cheers.
------------------------------
From: John Myre <[EMAIL PROTECTED]>
Subject: Re: Super strong crypto
Date: Tue, 13 Feb 2001 13:24:51 -0700
wtshaw wrote:
<snip>
> Wrong, you need fix-um-up modes, whiuch mean that they lack sufficient
> independent strength as ciphers.
<snip>
Would you say a hammer lacks sufficient independent
utility as a hammer because it has to be used in a
certain way? (Start by picking it up at the right
end, for instance.)
JM
------------------------------
From: stl/*This_is_a_comment*[EMAIL PROTECTED] (Stephan T. Lavavej)
Subject: Re: Sky TV
Date: Tue, 13 Feb 2001 21:09:39 GMT
> Well as you may already know
>Sky TV analogue services are being
>cut off, forcing us to move to digital.
>People who live in other countries,
>are being ripped off.
Not in America, the greatest country in the world.
-*---*-------
Stephan T. Lavavej
http://quote.cjb.net
stl/*This_is_a_comment*[EMAIL PROTECTED]
------------------------------
From: Paul Rubin <[EMAIL PROTECTED]>
Subject: Re: A different concept for email encryption ??
Date: 13 Feb 2001 13:38:20 -0800
You're describing something called identity-based public keys. They
have to be issued by a trusted server.
------------------------------
Date: 13 Feb 2001 22:05:06 -0000
From: jungle <Use-Author-Address-Header@[127.1]>
Subject: Re: Scramdisk, CDR and Win-NT
Crossposted-To: alt.security.scramdisk
=====BEGIN PGP SIGNED MESSAGE=====
13 Feb 2001 in <[EMAIL PROTECTED]> Keith Wilkinson
[EMAIL PROTECTED] wrote:
> In article <[EMAIL PROTECTED]>, Jungle wrote:
> > I'm not & never will use CD-R/W UDF as H/D substitution, the is no reliability &
>more
> > important,
> > the is no SPEED of access that could be comparable to my H/D speed,
> >
> > I did use & I'm using it as R/W off site storage,
> > something in the middle between CD-R & useful semi back-up / depository
> > [ in doing this, I DID NOT have any disastrous writes ]
> > by saying this, I'm using it for writes of normal, average size files,
> > I did not write file of SD container size, ~525 MB
>
> If it works for you, fine.
I'm constantly awake to the possible problems associated with "unreliable CD write"
technology
> I wanted to use it as a super floppy
I'm using them in almost the same fashion, super f/d
> not a HD replacement, but I found
> it unreliable. If it were reliable it would make no difference how big the file is,
>including a
> Scramdisk container. Like you, I try not to believe second-hand rumours but in this
>case most of
> what I had heard about packet writing software being unreliable I experienced
>myself.
~~~
This PGP signature only certifies the sender and date of the message.
It implies no approval from the administrators of nym.alias.net.
Date: Tue Feb 13 22:05:04 2001 GMT
From: [EMAIL PROTECTED]
=====BEGIN PGP SIGNATURE=====
Version: 2.6.2
iQEVAwUBOomvkk5NDhYLYPHNAQEE8gf/UJZ8GBZlbiW5uTkqv4p6JBj2MEim+/D4
XP4IH5PyZ8zWqXpBiz3HR466mkHpdrIGX8ChDfu9BTwjaaPhxv3RPCqSBbuzcgAS
0p5BmVnYGWDeucvipNqb0Nh0IzqPO25bpsDSd/fsO9RnVUY1QiUwVBl5ZnKt7adY
IWJnTKZ9vxjeHdSigsLznLDisJ99U4i28iXO5EEsLKzIB6BdR3K59Rqnwwcv6HA4
UBSI3s0xanM8tFlKqKg95N1qY88D8855pLiEfaBiFbm2odhRon8wJYP09WUNqF0b
dV3Upd8PE7IWTwAIrGE/QgTQfmuMsxakgLs99yvAV3rVPdtz57JK9g==
=ZRwU
=====END PGP SIGNATURE=====
------------------------------
From: [EMAIL PROTECTED] (Kaz Kylheku)
Crossposted-To:
comp.lang.c,alt.comp.lang.learn.c-c++,sci.math,comp.lang.c++,comp.lang.java.programmer,comp.programming
Subject: Re: What is an Inorder Algorithm?
Reply-To: [EMAIL PROTECTED]
Date: Tue, 13 Feb 2001 22:02:00 GMT
On Tue, 13 Feb 2001 18:35:10 GMT, Ned Scholes <[EMAIL PROTECTED]> wrote:
>I know what a postorder algorithm is, it goes through the left side
>first and then the right side and last the node. Is a inorder algorithm
>the opposite?
Please don't spam the programming language and sci.* newsgroups with
this. This question belongs in comp.programming only, or perhaps
comp.theory.
An inorder traversal of a binary tree, expressed recursively, is one
which processes the items in the left subtree of a node, then that node
itself, then the items in the right subtree. If the tree is a binary
search tree, this order corresponds to visiting all the nodes in their
sort order, hence ``inorder'' traversal.
[ followups set ]
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
