Cryptography-Digest Digest #691, Volume #13 Thu, 15 Feb 01 10:13:00 EST
Contents:
Re: National Security Nightmare? (Mok-Kong Shen)
Re: speed vs security (Paul Rubin)
Re: speed vs security (Bob Deblier)
Re: speed vs security ("kihdip")
Need A3/A5/A8 Algorithm ("������")
TLS record compression (Bryan Mongeau)
Re: National Security Nightmare? (John Savard)
Re: A Chosen-Plaintext Attack on a simple Dynamic Transposition Cipher (long) (John
Savard)
Re: National Security Nightmare? (John Savard)
Re: National Security Nightmare? (John Savard)
Re: speed vs security ("Simon Hunt")
Re: asking for stream cipher resource ("Trevor L. Jackson, III")
Re: Need A3/A5/A8 Algorithm (Thomas Pornin)
Integer Functions in Matrix Mathematica ([EMAIL PROTECTED])
Re: is compression necessary when using gpg (GNU Privacy Guard)? (SCOTT19U.ZIP_GUY)
----------------------------------------------------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: National Security Nightmare?
Date: Thu, 15 Feb 2001 10:47:05 +0100
"Douglas A. Gwyn" wrote:
>
> Mok-Kong Shen wrote:
> > CBS's title line 'the largest spy agency falls behind' is
> > partly a consequence of the success of big advancements in
> > chip technology for PCs and smaller computers. If computing
> > today were largely done with machines of the Cray type, the
> > positions of the mighty agencies would never have been
> > contended in this manner.
>
> While the spread of computing has made the job harder, at
> the same time the advancement of computing technology can
> make other parts of the job easier.
Certainly true. There is hardly any development in modern
society that is exclusively to the advantage of one party
without also to the advantage of its competitor (or
equivalently to the disadvantage of the said first party).
What I meant is that if computing equipments were very
expensive and hence for exlusive use by the elites then,
among others, there wouldn't be an internet (of the
dimension we know it today), not to mention cellphones etc.
which can transmit encrypted voices and other stuffs. In
general, I believe that there has been a very significant
shift of the cost/benefit boundary between the spying and
the spied to the disadvantage of the former due to
technological advancements which caused, in particular,
an incredibly huge increase of the total volume of
information to be handled by agencies. See however below.
> > The success that such agencies 'yet' have is thanks to the
> > fact that the absolute majority of common people till now
> > never care to protect their privacy.
>
> I don't think so. The targets of such agencies are rarely
> individuals, rather they're usually foreign nations. The
> adversaries generally are quite concerned about information
> security and use the best protection measures they know of
> (subject to practical constraints).
I don't know but I conjecture that the days where one
intercepted messages to and from foreign embassies etc.
as told in books like those of Kahn are definitely
byegone. Since the channels are virtually infinite in
number, one can very frequently switch these, rendering
tracking very hard. I suppose one uses also a strategy
that is analogous to air defense in war. When enemy
bombers attack at night, they could be aided by their
agents sending up light signals. So the counter-measure
is to send lots of light signals, thus rendering the
signals sent by the agents indistinguishable from the
false ones. So, similarly one can maintain a large
number of parallel channels transmitting encrypted
unimportant materials or even rubbish to divert the
opponent's attention and exhaust his computing resources
or at least decrease his speed of decryption which can
be of value when messages are only of limited duration
of significance.
>
> > If only 5% of the
> > population of the world always encrypt their communications
> > (of all types, i.e. texts, voices, sounds and images, even
> > with not so strong encryption algorithms or stegos), the
> > haystack would have been so immensely huge that it is
> > infeasible to find any needles anymore, I suppose.
>
> No, it's not that hard to pick out most communications of
> interest. They tend to use certain channels and have
> unique characteristics.
>
> It is true that widespread adoption of something like IPsec
> would make the job more difficult, but there would still be
> countermeasures.
I am not sure that it is easy to pick, once there is
sufficient 'mass' of public use of encryption. If there is
out of a certain geographical region daily one hundred
tausend of encrypted e-mails and only one from a criminal,
how is the agency going to search without looking at them
all, excepting that it already has some informations as
to who the suspected persons are? Even when there
are such helping informations, the criminal could send
from a neutral and timely changing location. The agency,
BTW, must not only deal with encrypted mails, but also
with stegos, which could be a much more difficult task
eventually in my humble view. As said, the common people
practically doesn't employ encryption, but that situation
could change with the governments doing more sniffing
on them and even enacting laws to assist that.
>
> > NSA's director says that the terrorist bin Laden has at
> > his disposal the wealth of a $3 trillion-a-year
> > telecommunications industry.
>
> Lots of quotes like that are taken out of context. What
> was meant is not that the entire telecom industry is
> working to help bin Laden, but that what it develops as
> part of its normal business can serve the ends of bin Laden
> (as well as of ordinary customers), and with so much money
> being invested in new telecom technology, keeping up with
> it is difficult and expensive.
>
> What he didn't say is that nearly all that development is
> standards-oriented, so in fact there are far fewer distinct
> technology threats than the dollar figure suggests.
Thanks for the explanation. I was in fact stupified
(in my wrong interpretation) by the richness of the top
terrorist. The boom of telecom industry is in my view
a wavefront parallel to that of PC that precedes it. It
brings with it a lot of benefits to people but presumably
also some significant damages. (I was the other day
attending a podium discussion about a study of influence
of cellphone antennas on organisms conducted on cows
(not humans or simulations).) Still, the benefits
overweigh in my humble view.
> > ... This raises the more basic question of how
> > terrorism and major crimes is to be effectively fought
> > against within the framework of economical feasibility or
> > sanity in the long run, when in future the criminals employ
> > AES to secure their messages.
>
> That is easy: don't depend entirely on being able to read
> their messages. We already use many other means of tracking
> terrorist activity, and can probably develop even more.
The loss of the ability to read their secrets can have
extremely high impacts, I suppose. Consider the analogous
situation in war where one can only do some traffic analysis
but has no idea at all of the contents of the enemy commands.
And, as argued above, even traffic analysis could be
much more difficult in the future.
> > Maybe it is really time for politicians of the leading
> > nations to seriously reflect whether the accelerating
> > difference between rich and poor people shouldn't somehow
> > be curbed in order to stop the fundamental source that
> > feeds war, hate, violence and crimes of the world.
>
> That's an entirely bogus social theory, but this isn't the
> proper forum to discuss it.
>
> > BTW, I happen to read in the recent issue of IEEE Computer
> > that the LA County in US is considering building a
> > 16-server Linux-based cluster to break strong encryption.
> > I guess that either the people have never heard of 3-DES
> > and AES or these algorithms have in fact already been
> > broken without our knowledge.
>
> ? It is most unlikely tha LA County would be privy to such
> a secret! I leafed through my copy of the latest issue of
> IEE Computer and didn't notice anything like that; could you
> please give a moe deailed refrenc?
L. Garber, Computer Forensics: High-Tech Law Enforcement.
IEEE Computer, January 2001, p.22-27.
The quote is on p.26.
M. K. Shen
------------------------------
From: Paul Rubin <[EMAIL PROTECTED]>
Subject: Re: speed vs security
Date: 15 Feb 2001 01:47:22 -0800
"-" <[EMAIL PROTECTED]> writes:
> I'm writingan app, and for x reason, the text needs to be stored in
> encrypted form. W're talking 200K of text maximum, but there's a good 15
> second wait if I try to encrypt/decrypt that much text.
>
> I'll try your suggestion, failing that, I'll post the code.
On a Pentium, carefully optimized Blowfish takes about 17 cycles/byte.
The 68k in the Pilot may have less pipelining so say it takes 30
cycles/byte. At 15 mhz you should be able to encrypt 500k bytes/sec.
Conclusion: your implementation leaves much room for improvement.
But yeah, try RC4, it will save some program space too.
------------------------------
From: Bob Deblier <[EMAIL PROTECTED]>
Subject: Re: speed vs security
Date: Thu, 15 Feb 2001 12:08:27 +0100
- wrote:
> Hi paul
> sorry, i meant blowfish, don't knowhow the '2' got there :)
>
> I'm writingan app, and for x reason, the text needs to be stored in
> encrypted form. W're talking 200K of text maximum, but there's a good 15
> second wait if I try to encrypt/decrypt that much text.
>
If you want, have a look at the BeeCrypt crypto library, available at
http://beecrypt.virtualunlimited.com/. It contains highly portable source
code for blowfish. If you still can't get that to work fast enough - and
are willing to cooperate with testing - I might try my hand at writing an
assembler-optimized version. Back in the early 90's I programmed a lot of
68K assembly, so it shouldn't be too much of a challenge...
Sincerely
Bob Deblier
Virtual Unlimited
------------------------------
From: "kihdip" <[EMAIL PROTECTED]>
Subject: Re: speed vs security
Date: Thu, 15 Feb 2001 12:39:54 +0100
With the risk of sounding old fashioned:
Don't choose your algorithm with speed as parameter.
Decide what security level you need, and *then* look at the speeds
availible.
Kim
------------------------------
From: "������" <[EMAIL PROTECTED]>
Subject: Need A3/A5/A8 Algorithm
Date: Thu, 15 Feb 2001 21:09:23 +0900
Dear group.
I want to review A3/A5/A8 Algorithm.
Any program ( C, C++, Assembly, Pascal.. ) is good!
Please send to me thouse sources or where.
P.L.E.A.S.E ^^
------------------------------
From: Bryan Mongeau <[EMAIL PROTECTED]>
Subject: TLS record compression
Date: Thu, 15 Feb 2001 12:59:59 GMT
Something struck me while browsing RFC 2246:
Section 6.2.2 states that records (fragments of a given plaintext) are
compressed BEFORE they are encrypted.
I remember reading about compression header vulnerabilities to
cryptanalysis, but have been unable to locate a definitive source of
information on the vulnerability. What I did find were some hedgy
statements about being able to exclude keys systematically in an exhaustive
search.
Is there any disadvantage to compressing after encryption? If not, why
isn't it commonplace?
Regards,
--
<==================================>
Bryan Mongeau
Lead Developer, Director
eEvolved Real-Time Technologies Inc.
http://www.eevolved.com
<==================================>
"I want to know God's thoughts; the rest are details."-- Einstein
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: National Security Nightmare?
Date: Thu, 15 Feb 2001 12:57:00 GMT
On Wed, 14 Feb 2001 14:09:49 -0700, "CMan" <[EMAIL PROTECTED]>
wrote, in part:
>Or possibly disinformation.
>"Oh please Mr. Terrorist, don't use that unbreakable Phil Zimmerman code..."
>said brer rabbit. "Oh please, anything but that nasty old PGP!!!"
>Yeah, right!
Actually, the article, if anything, casts doubt on PGP, and only
obliquely hints that stuff like 128-bit encryption in browsers is the
sort of thing that causes problems, but that they've been working on.
I suppose one piece of good news is that if I was dumb enough to be a
terrorist, I wouldn't be smart enough to write my own encryption
programs.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: A Chosen-Plaintext Attack on a simple Dynamic Transposition Cipher (long)
Date: Thu, 15 Feb 2001 12:53:15 GMT
On Thu, 15 Feb 2001 01:42:28 -0800, "John A. Malley"
<[EMAIL PROTECTED]> wrote, in part:
>Suppose Eve can get as many plaintext blocks P_i(n) as she wants, all
>encrypted with the SAME permutation PI_(n).
Of course, one of the basic features of Dynamic Transposition is that
every pseudorandom sequence of transpositions is different, chosen
randomly for each message.
With any PRNG/XOR stream cipher, if an attacker can control the
initialization vector, an attacker certainly can determine the
sequence of bits used to XOR with the message - and therefore get the
bits used to send a previous message sent with the same key. Thus,
giving an attacker the means to do this destroys the security of any
stream cipher.
Yes, sending balanced blocks with a pattern like
11110000, 11001100, 10101010
lets one identify the permutation used for them. But security of the
permutation against that kind of attack was never claimed, and the
need to make such an attack impossible is (for other reasons as well)
a requirement for proper use of the cipher. So DT is in no way
diminished by this attack.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: National Security Nightmare?
Date: Thu, 15 Feb 2001 12:54:12 GMT
On Wed, 14 Feb 2001 22:30:54 -0800, "Paul Pires" <[EMAIL PROTECTED]>
wrote, in part:
>This sounds much more likely to me. Considering the prevalence of password
>protections and the difficulty in picking a "good" one, they would probably have
>much success. Sounds like they are going after Quickbooks and excell, not PGP.
I'd suggest ScramDisk myself.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: National Security Nightmare?
Date: Thu, 15 Feb 2001 12:59:59 GMT
On 14 Feb 2001 04:11:46 GMT, [EMAIL PROTECTED] (JPeschel)
wrote, in part:
>http://cbsnews.com/now/story/0,1597,266857-412,00.shtml
Well, it may or may not be a 'nightmare' for national security. But if
the NSA decides the United States absolutely needs computers big
enough to crack ciphers with 256-bit keys by brute force, or even
128-bit keys, or even to somehow come close, it could definitely be a
nightmare for the Federal Budget.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: "Simon Hunt" <[EMAIL PROTECTED]>
Subject: Re: speed vs security
Date: Thu, 15 Feb 2001 13:56:11 -0000
Take a look at RC5 - it's the most efficient algorithm we've ever seen.
Simon.
"-" <[EMAIL PROTECTED]> wrote in message
news:FCLi6.21639$[EMAIL PROTECTED]...
> Hi
>
> does anyone know of any books or sites that compare the different speeds
and
> performance of various encryption algorithms? I'm writing an app for Palm
> OS, and I've implemented the blow fish 2 algorithm but it's just *way* too
> slow.
>
> I'd appreciate any pointers.
>
> dylan
>
>
------------------------------
From: "Trevor L. Jackson, III" <[EMAIL PROTECTED]>
Reply-To: don't
Subject: Re: asking for stream cipher resource
Date: Thu, 15 Feb 2001 14:11:12 GMT
Anthony Stephen Szopa wrote:
> "Trevor L. Jackson, III" wrote:
> >
> > Anthony Stephen Szopa wrote:
> >
> > > Eric wrote:
> > > >
> > > > Could any one give me some web sites about stream cipher background,
> > > > publications etc. ?
> > >
> > > http://www.ciphile.com
> >
> > Now that's just a little too raw. Many people have told you that your
> > site is garbage. How dare you lead an innocent astray?
> >
> > Such colossal effrontery is unacceptable. Prepare to be flamed every time
> > you show your keyboard in this newsgroup.
> >
> > Twit.
>
> Prove your position or are you royalty who imposes edicts?
My position is obvious by inspection, thus one makes the observation/conclusion
as a single gestalt.
>
>
> Prove your position with facts.
Fact: you are a twit. The evidence of this fact exists throughout your posts to
this newsgroup and your website.
I had failed to conceive of a negative IQ until forced to recognize your
demonstration of that possibility. The experience of recognizing your
personification of that talent has been unpleasantly educational.
------------------------------
From: [EMAIL PROTECTED] (Thomas Pornin)
Subject: Re: Need A3/A5/A8 Algorithm
Date: 15 Feb 2001 14:33:14 GMT
According to ������ <[EMAIL PROTECTED]>:
> I want to review A3/A5/A8 Algorithm.
You will find many documents on http://www.scard.org/gsm/
(wishful guess: for the site seems down right now)
--Thomas Pornin
------------------------------
Subject: Integer Functions in Matrix Mathematica
From: [EMAIL PROTECTED]
Date: Thu, 15 Feb 2001 14:49:28 GMT
An Integer Function Example is available for download at
the URL: http://llef.tripod.com/Dougpage/PageB/GPS.HTM
This kind of integer function uses a unique shuffling logic
seen in many encryption algortithms. The example given is
the most basic form and is correctly termed the Integer
Function because it defines a generalized matrix
mathematics. It should be considered a mathematical
operation in a non-standard sense. Not generally amenable
to common sense elucidation like ones such as ADDITION.
The mathematician should not try to define this logic using
number theory.
The example is one-dimensional symbol shuffle used in a GPS
java application to produce a unique location code. The
source code is included.
Douglas Eagleson
[EMAIL PROTECTED]
============================================================
Free web access to newsgroups is at
http://www.freenewsland.com/
============================================================
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: is compression necessary when using gpg (GNU Privacy Guard)?
Date: 15 Feb 2001 14:40:49 GMT
[EMAIL PROTECTED] (Mike Rosing) wrote in
<[EMAIL PROTECTED]>:
>jtnews wrote:
>>
>> Since gpg scrambles the bits to introduce more
>> entropy into the data stream, does it make sense
>> to compress large files beforehand?
>
>It does not introduce more entropy, it scrambles blocks
>to different blocks.
>
>> Do you wind up saving any space in the end?
>
>In the practical world, yes. If you compress you make the
>attackers task a touch more difficult. But more importantly
Actually the compression that gpg uses could make a real
world attack more likely. If your data is going to be compressed
why not use one that does add information to a file so that
an attacker would have a harder time. Most compressors are so
bad that even a long random file when ran through the compressor
add so much information. That an attacker can imediately tell
if he has the correct symmetric key for the decryption of the
data.
If your going to compress far better to use mine or Matts
bijective compression methods than the ones chosen by gpg.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.xoom.com/ecil/index.htm
Scott LATEST UPDATED source for scott*u.zip
http://radiusnet.net/crypto/ then look for
sub directory scott after pressing CRYPTO
Scott famous Compression Page
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
