Cryptography-Digest Digest #697, Volume #13 Fri, 16 Feb 01 09:13:02 EST
Contents:
Re: National Security Nightmare? (Mok-Kong Shen)
Re: National Security Nightmare? (Mok-Kong Shen)
Re: /dev/random under Linux (Matthew Kwan)
Re: "RSA vs. One-time-pad" or "the perfect enryption" (John Savard)
Re: Hardware RNG - Where can I order one? ("The Death")
Re: "RSA vs. One-time-pad" or "the perfect enryption" (John Savard)
Re: "RSA vs. One-time-pad" or "the perfect enryption" (John Savard)
Re: OverWrite freeware completely removes unwanted files from hard drive (Richard
Heathfield)
Re: Super strong crypto (Nicol So)
Re: Big Numbers in C/C++ (Paul Schlyter)
Re: Ciphile Software: Why .EXE files so large ("CMan")
----------------------------------------------------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: National Security Nightmare?
Date: Fri, 16 Feb 2001 12:10:21 +0100
"Douglas A. Gwyn" wrote:
>
> Mok-Kong Shen wrote:
> > The problem is that, if one doesn't have any information
> > to start, then it is really like finding needles in
> > haystack.
>
> At least for domestic communication within the US, without
> probable cause, governmental agencies aren't supposed to be
> examining the information at all.
There are rumours (no proof, understandably) that in
a few democratic countries (not US) there are misuses of
wiretaping, possibly by corrupted personals. That's
I believe the main cause of people's negative opinions
towards that. It's clearly a difficult issue like hundreds
of others in society, e.g. whether a country should have
nuclear power plants.
> > Without decryption of all encrypted mails,
> > how is one to pick out the suspected nodes, if the
> > absolute majority are innocent?
>
> I assure you that decryption of all encrypted messages has
> never been feasible, at least not in my lifetime. Does that
> mean that signals intelligence budgets are wasted? No,
> because there are other methods. It is true that a changing
> environment calls for changes in technical approaches, as
> has always been true. It might happen that someday the
> challenges become so formidable that they cannot be met
> with a reasonable expenditure of resources. More likely,
> we just have to cut back on expectations, and accept that
> *some* information can be obtained but that *much*
> information will remain private. That wouldn't mean that
> what information *was* obtainable might not repay the
> expenditure.
I interpret the CBS article to be a significant indication
that, because of growth of the communication (sturcture
and volume) and availability of strong encryption, the
benefit/cost ratio is decreasing in a direction towards a questionable
point. In order to maintain the status quo,
a necessary condition, I believe, is that the common
people don't start to massively employ encryption, for
that would bog down all computing resources, unless
an extremely huge budget is available. The public, as we
know, is indeed (fortunately for the officials concerned)
very inert in this direction. This, BTW, leads to the
question whether those who are (or at least consider
themselves to be) in the field of crypto, e.g. subscribers
of our group, should or should not attempt to mobilize
the sensitivity of the public in matters of protection of
their privacy.
>
> > I am a pessimist in this respect. I am not sure how ethics
> > (or religion, including the religion of the terrorist)
> > could effect any essential change in that matter, bearing
> > in mind terrorists are abnormal personalities much like
> > the dictators.
>
> I'm not so concerned about the fanatics as I am about the
> experts who might provide technical services if the pay is
> high enough.
>
> One problem in instilling ethics is the undue respect we
> give to religion. But that would take us off on a tangent.
Money always plays a role in this world that started with
sins. The fanatics have that and hence they can always get
some number of people willing to work for them, even if
99.9999999......% of the population refuse.
>
> > ... Definite results are difficult to arrive at, ...
>
> But you see, if there is a significant risk of, say, increased
> incidence of brain cancer from cell-phone transmitters, surely
> it wouldn't be that hard to set up a controlled experiment (not
> using human subjects). The careful experiments I know of, not
> to say that I have been following all that closely, have found
> no measurable effect at risk levels great enough to compete
> with natural risks. If there are good experiments to the
> contrary, it would be useful to find out about them.
I am afraid that others would flame us for drifting far
away from crypto. But let me say some words that are
general. In many fields, there seems always to be certain
scientific investigations that are (probably) not
absolutely neutral. (Reports about frauds of scientists
years ago support this speculation.) Sometimes funding
and human factors could play some non-trivial role. This
could at least delay some significant results from
surfacing. I don't know, but I suspect that the issue
of the (now apparently generally acknowledged) negative
health impacts of tabacoo is an example of this. Possibly
BSE is another.
> > only that the availability of strong encryption renders
> > [law enforcement's] job increasingly more difficult, if
> > not hopeless in the long term.
>
> We had effective law enforcement long before wiretaps.
> So the job is not hopeless on account of not being able
> to read communications. However, it might *appear* hopeless
> to people who have gotten overly dependent on that capability.
> It would be interesting to see statistics on the number of
> wiretaps versus the number of criminal apprehensions.
Certainly, if one has suspected targets, then traffic
analysis can be of some value. However, the chance of
these targets escaping through constant migration will
be fairly high, if most innocent people do encryption,
redering a focusing of the efforts of the law enforcement
hard. There is also the following possibility open to the
criminals, I guess. They could have a node in a
non-democratic or even rogue country and exchange messages
via that node, employing neutral internet access points,
e.g. internet cafes. Sure, one could also put such locations
under observation and control, but the effectivity/efficiency
isn't going to be very high, I am afraid.
M. K. Shen
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: National Security Nightmare?
Date: Fri, 16 Feb 2001 12:10:14 +0100
CMan wrote:
>
> I'll hire anyone who can do ALL of the things listed below:
>
> Break difficult ciphers,
..............
Seems not to be a bright idea at all. Hire one who can do
only ONE thing: accurately predict the stockmarket.
M. K. Shen
------------------------------
From: [EMAIL PROTECTED] (Matthew Kwan)
Subject: Re: /dev/random under Linux
Date: 16 Feb 2001 22:31:44 +1100
JCA <[EMAIL PROTECTED]> writes:
> I wonder if anybody is aware of any studies concerning
>the goodness of the random data spit out by /dev/random
>under Linux?
> I am trying to collect sufficient amounts of such data myself
>so that I can subject it to the Diehard tests, but I am getting
>sick and tired of having to move the mouse or typing rubbish
>in order to keep the entropy pool reasonably active.
> In addition, the fact that such pool becomes really active only
>when I indulge in such activities, which are far from random,
>makes me somewhat suspicious.
Any motherboard running the Intel 810 chipset and beyond has hardware
random number generation (using thermal noise). You might want to
rewrite the /dev/random kernel code to take advantage of this feature.
Or hassle the current author to write it for you.
It's an important addition, since the entropy levels are useless in
a rack-mounted server, which is where random numbers are sometimes
really needed.
mkwan
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: "RSA vs. One-time-pad" or "the perfect enryption"
Date: Fri, 16 Feb 2001 11:36:51 GMT
On Fri, 16 Feb 2001 11:02:23 +0100, "RV" <[EMAIL PROTECTED]> wrote, in
part:
>What is when you use key dependent variing encryption algorithms, so that
>the recipient of the message has the deciper algorithm only? Is this just a
>variation of the categories below ?
Normally, I would suspect that is an example of a cipher in the second
category. In the second category, the algorithm can be as complicated
as you like, and that includes steps where one of several different
operations may be performed.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: "The Death" <[EMAIL PROTECTED]>
Subject: Re: Hardware RNG - Where can I order one?
Date: Thu, 15 Feb 2001 16:40:38 +0200
Well, I've tried searching 'RNG Hardware order', And got false results...
and 10q.
The Death
Mike Rosing <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> The Death wrote:
> >
> > Where can i buy a good hardware RNG that i can connect to my PC and use
to
> > generate secure random bits?
>
> http://www.protego.se/sg100_en.htm
>
> If you do a web search for "hardware random number" you'll get about
500,000 hits.
> Should be a few more than the one above!
>
> Patience, persistence, truth,
> Dr. mike
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: "RSA vs. One-time-pad" or "the perfect enryption"
Date: Fri, 16 Feb 2001 11:41:22 GMT
On Fri, 16 Feb 2001 00:02:04 -0600, [EMAIL PROTECTED] (wtshaw) wrote,
in part:
>I see maybe a fourth category is needed for ciphers that use an unknown
>amount of their keys. This does not fit into your definition of 1, 2, or
>3..
Well, there certainly are ciphers of class 2 that can be used in class
1 mode; if the message is short enough many ciphers become one-time
pads. But in general, a fixed-size key, rather than a key as large as
desired, but shorter than the total of the message traffic to be sent,
is not a requirement of class 2.
The purpose is to illustrate the complementarity of the one-time-pad
and public-key cryptography, not to exhaust every possibility:
certainly it can be undetermined for an attacker whether the class 2
case or the class 1 case is in effect.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: "RSA vs. One-time-pad" or "the perfect enryption"
Date: Fri, 16 Feb 2001 11:43:39 GMT
On 16 Feb 2001 00:41:25 GMT, [EMAIL PROTECTED] wrote, in part:
>Actually, it's a little more than "doesn't seem to be a way around
>it." There *isn't* a way around it. In particular, breaking a
>public-key cipher can never be harder than solving an NP-complete
>problem, no matter what. So, for instance, there can't be a public
>key algorithm where breaking it would require double-exponential time.
>And most definitely there can't be one where breaking is impossible
>(like a one-time pad).
This is a very important result. While it's the sort of thing I might
suspect by gut instinct, I had no idea someone had published a proof
of it. If so, it deserves to be more widely known.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
Date: Fri, 16 Feb 2001 10:08:24 +0000
From: Richard Heathfield <[EMAIL PROTECTED]>
Subject: Re: OverWrite freeware completely removes unwanted files from hard drive
[crossposts snipped mercilessly]
Anthony Stephen Szopa wrote:
>
> > > > > OverWrite freeware completely removes unwanted files from hard drive
> > > >
> > > > I tried it and it didn't work. I got this error:
> > > >
> > > > ./OvrWrite.exe: Permission denied
> > > >
<snip>
> [...] the OverWrite Program does not contain
> source code that would generate such an error message.
I know that. How could it? After all, the OverWrite program does not
contain source code! And that, my dear Mr Szopa, is the problem. Well,
it's /a/ problem.
Those who have more than a dozen neurons to rub together already knew,
of course, that the error message is in fact generated by Linux, which
always refuses to run anything written by Szopa International. Yet
/another/ reason to use Linux.
Of course, you could always sue the Linux distributors, for using error
messages in the first place - I presume they too, like XOR and so on,
were your idea originally?
--
Richard Heathfield
"Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
K&R Answers: http://users.powernet.co.uk/eton/kandr2/index.html
------------------------------
From: Nicol So <[EMAIL PROTECTED]>
Subject: Re: Super strong crypto
Date: Fri, 16 Feb 2001 08:20:08 -0500
Reply-To: see.signature
"Douglas A. Gwyn" wrote:
>
> Here is a "straw man" block cipher design for you all to analyze:
> The last PT block before the unicity distance is reached contains
> a newly generated random key to replace the one currently in use.
> It's a new form of "chaining" mode, if you wish.
Interesting idea, but I see some practical difficulties. If the cipher
is inside some general-purpose communication mechanism that makes no
assumption about the traffic, how does it know when to switch to a new
key?
Am I missing something?
--
Nicol So, CISSP // paranoid 'at' engineer 'dot' com
Disclaimer: Views expressed here are casual comments and should
not be relied upon as the basis for decisions of consequence.
------------------------------
From: [EMAIL PROTECTED] (Paul Schlyter)
Subject: Re: Big Numbers in C/C++
Date: 16 Feb 2001 13:51:29 +0100
In article <[EMAIL PROTECTED]>,
David Sowinski <[EMAIL PROTECTED]> wrote:
> I prefer GMP and believe that it is faster than MIRACL.
Did you use just the C low-level routines in MIRACL when evaulating
the speed? MIRACL also has assembly language replacements for these
for the most popular processors, and using these instead will
significantly improve the runtime efficiency. In the more recent
versions of MIRACL, there's even an implementation of mudular
exponents which uses Montgomery multiplication to gain even more
speed.
I also believe MIRACL is somewhat more accurate - why? Because it
implements reals not as the usual floating-point numbers but as
rational numbers: A/B where A and B both are integers. Which means
you can divide a MIRACL real with 3, 7, 10, 11, 13, etc and then
multiply the quotient with the same number and you're almost always
guaranteed to get your exact original number back. This works as
long as neither of A and B overflows (and since both A and B are "big
integers", they won't overflow very soon). If A, or B; or both
should overflow, MIRACL transforms A and B into smaller numbers such
that the new A/B is an approximation as close as possible to the
actual A and B - the final result is then no longer exact, of course,
but it's still as accurate as a regular floating-point implementation
of the same number of bits.
MIRACL includes a full set of transcendental functions
(logs/trigs/etc) for MIRACL hi-precision real numbers.
--
================================================================
Paul Schlyter, Swedish Amateur Astronomer's Society (SAAF)
Grev Turegatan 40, S-114 38 Stockholm, SWEDEN
e-mail: pausch at saaf dot se or paul.schlyter at ausys dot se
WWW: http://hotel04.ausys.se/pausch http://welcome.to/pausch
------------------------------
From: "CMan" <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto,alt.hacker
Subject: Re: Ciphile Software: Why .EXE files so large
Date: Fri, 16 Feb 2001 07:09:51 -0700
Bloatware from Microsoft. We are so brain dead from using their crapware we
fail to see how easily it can be done.
If you write code that restricts itself to using the built in C Runtime
library, you can distribute software with tiny exe's. If you take the time
to bend the Borland and Microsoft compiler IDE's to fit the problem, you can
do the same thing with these. This is not a severe restriction as all the
rich and powerful OLE and COM stuff is easily used while the exe remains
tiny because all the required dlls are available to anyone who makes even a
tiny effort to occasionally update his software.
My personal choice is the free open source LCC-Win32 compiler and IDE by
Jacob Navia. Once you take off the training wheels Microsoft has built into
its Windows programming tools, you can write powerful but tiny exe's quite
easily.
Take a look at our Q99crak, AXcrak software ( http://www.crak.com ). These
are a few tens of KB in size. Yet both of these programs grab the PC by the
short hairs and yank out functions that leave many professional software
engineers amazed.
Check it out and stop using all those expensive IDE's. Learn to write code
using the raw Windows API. Use LCC-Win32
http://www.geocities.com/SiliconValley/Heights/9069/index.html ...Thank you
Jacob!!
JK
--
CRAK Software
http://www.crak.com
Password Recovery Software
QuickBooks, Quicken, Access...More
Spam bait (credit E. Needham):
root@localhost
postmaster@localhost
admin@localhost
abuse@localhost
webmaster@localhost
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
"Anthony Stephen Szopa" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Ciphile Software: Why .EXE files so large
>
> Until now all programs at Ciphile Software have been written and
> compiled using Borland C++ Builder.
>
> When the program is compiled, all necessary files required to run
> the program in Windows are built into the .exe
>
> Ciphile Software is now developing software using MS Visual Basic
> 6.0
>
> Soon we will begin developing software using MS Visual C++ as well.
>
> We have developed two simple test programs using Visual Basic 6.0.
> The .exe files themselves are only 24KB.
>
> One is compiled and deployed using the Package and Deploy Wizard
> that also includes all necessary system files required to run the
> .exe file in MS Windows such as several .DLLs.
>
> Here they are:
>
> VB6STKIT.DLL
> COMCAT.DLL
> STDOLE2.TLB
> ASYCFILT.DLL
> OLEPRO32.DLL
> OLEAUT32.DLL
> MSVBVM60.DLL
>
> So the setup program for this full compressed install program is
> about 1.46MB. The result of this installation is that all required
> system files are included and the user's computer system files are
> updated if necessary and the program is listed in the Start/Program
> files menu and registry entries are made, etc. and the full
> uninstall procedure is included. Just use the MS OS Add/Remove
> program from the Control Panel to uninstall.
>
> But if the user's computer already has the required updated Visual
> Basic 6.0 system files, the 24KB file will run standing alone. So
> all the user would then need to download is the 24KB .exe file to
> run the program.
>
> In this case no registry entries would be made and the program
> would not appear in the Start/Programs menu and since the .exe
> program is not actually installed, to get rid of it would only
> require deleting the .exe file.
>
> So in the near future, freeware OverWrite Version 1.1 will be
> offered in two Visual Basic bundles: one with the full install
> version for those who need the full collection of Visual Basic
> 6.0 system update files along with the .exe file, and the other
> bundle with just the .exe file for those who have the necessary
> Visual Basic 6.0 updated system files already installed on their
> computer.
>
> Please note again that once you have installed a Visual Basic 6.0
> program from Ciphile Software using the full install with all
> updated system files included you will not need to install another
> Visual Basic 6.0 program using the full install version again. You
> will only need to download the small .exe file and it will run using
> the Visual Basic 6.0 updated system files already on your computer.
>
> DETAILS OF OVERWRITE VERSION 1.1:
>
> So in the near future Ciphile Software will be offering OverWrite
> Version 1.1 freeware that will provide 27 preset overwrite patterns
> and up to 8 user defined overwrite patterns, all of which can be
> individually chosen and randomly chosen to overwrite your files.
> You can utilize all 35 overwrite patterns or just one. And you can
> randomly choose the order in which these patterns overwrite your
> files.
>
> You will also be given the choice to delete your file or not to so
> you can overwrite the file as many times as you like.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
