Cryptography-Digest Digest #788, Volume #13 Sat, 3 Mar 01 17:13:01 EST
Contents:
Re: => FBI easily cracks encryption ...? ("Mxsmanic")
Re: => FBI easily cracks encryption ...? ("Mxsmanic")
Re: Super strong crypto (Mok-Kong Shen)
Re: Super strong crypto (Mok-Kong Shen)
Re: Problem
Re: philosophical question? (Randy Poe)
Re: philosophical question? ("Doom the Mostly Harmless")
Re: => FBI easily cracks encryption ...? (Jim D)
Re: => FBI easily cracks encryption ...? ("groj")
Re: => FBI easily cracks encryption ...? (William Hugh Murray)
Re: => FBI easily cracks encryption ...? ("Douglas A. Gwyn")
Re: => FBI easily cracks encryption ...? ("Douglas A. Gwyn")
test alpha ("Robert J. Kolker")
Re: => FBI easily cracks encryption ...? (Thomas Boschloo)
Re: => FBI easily cracks encryption ...? ("Dan Beale")
Re: OverWrite freeware completely removes unwanted files fromharddrive ("Dan Beale")
Re: => FBI easily cracks encryption ...? (William Hugh Murray)
----------------------------------------------------------------------------
From: "Mxsmanic" <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: => FBI easily cracks encryption ...?
Date: Sat, 03 Mar 2001 17:27:49 GMT
"kroesjnov" <[EMAIL PROTECTED]> wrote in message
news:97qgbo$2pg4f$[EMAIL PROTECTED]...
> Yet I do not see the connection to the ability
> off a Secret Service being abble to crack an
> encrypted message (With effort afcourse), So that
> Terrorist could be intercepted, who are going to
> bomb some building in The Netherlands, or any
> other Country in the World.
Yet you do not see the connection to the utility of a Secret Service
being able to crack an encrypted message (with effort of course), so
that Jews can be interdicted, who are going to pollute some neighborhood
in the Netherlands, or any other Country in the World.
> Please be patience with me, I may be slow off
> understanding...
I agree.
------------------------------
From: "Mxsmanic" <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: => FBI easily cracks encryption ...?
Date: Sat, 03 Mar 2001 17:29:35 GMT
"kroesjnov" <[EMAIL PROTECTED]> wrote in message
news:97qgl6$2pr5v$[EMAIL PROTECTED]...
> And it goes double for the National and International
> safety many off us take for granted...
Safety is very easy to obtain. Freedom is not. When you sacrifice
freedom for safety, you are generally making an irreversible exchange.
> When war breaks out, we will all - in a split second -
> understand what we have right now...
War has broken out before, and that's what gave people incentive to
recognize and respect freedoms in the first place, even at the expense
of "safety."
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Super strong crypto
Date: Sat, 03 Mar 2001 18:28:54 +0100
John Savard wrote:
>
[snip]
> I think this is an "old idea", but I don't know of any results which
> examine in detail this question:
>
> which is harder, given the ciphertext-only case:
>
> cracking E(E(P,K1),K2)
>
> cracking E(P xor R, K1) + E(R, K2)
>
> cracking E(P1,K1)+E(K2,K1)+E(P2,K2)+E(K3,K2)+E(P3,K2)+...
>
> where P1+P2+P3... = P, and the redundancy of each segment of P is
> shorter than the key size.
I suppose the following could also be of interest (i=1,2,....)
in the suggested comparison:
Ui=E(K1,i);
cracking E(Pi, Ui);
Ui=E(K1,i); Vi=E(K2,i);
cracking E(Pi xor Vi, Ui);
Ui=E(K1,i); Vi=E(K2,i); Wi=E(K3,i);
cracking E(Pi xor Vi, Ui) xor Wi;
M. K. Shen
========================
http://home.t-online.de/home/mok-kong.shen
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Super strong crypto
Date: Sat, 03 Mar 2001 18:41:15 +0100
Mok-Kong Shen wrote:
>
> I suppose the following could also be of interest (i=1,2,....)
> in the suggested comparison:
>
> Ui=E(K1,i);
> cracking E(Pi, Ui);
>
> Ui=E(K1,i); Vi=E(K2,i);
> cracking E(Pi xor Vi, Ui);
>
> Ui=E(K1,i); Vi=E(K2,i); Wi=E(K3,i);
> cracking E(Pi xor Vi, Ui) xor Wi;
Sorry, I should have written: Ui=E(i,K1), Vi=(i,K2), Wi=E(i,K3).
M. K. Shen
------------------------------
From: [EMAIL PROTECTED] ()
Subject: Re: Problem
Reply-To: [EMAIL PROTECTED]
Date: Sat, 03 Mar 2001 18:16:36 GMT
On Fri, 02 Mar 2001 23:52:42 GMT, news.free.fr <[EMAIL PROTECTED]> wrote:
>
>the usual method consider Ci xor Cj in order to get rid of R
Ok, but in this case you get
Ci XOR Cj = Ti XOR Tj XOR Pi XOR Pj
could you get statistical properties of plaintext?
>
>but in this case the key space (232^) is very small and I suppose a
>brute force attack is possible
Uhmm... how to do it? testing 2^32*2^32=2^64 times and looking for statistical
properies?
>
>(you don't say if R has 32 bits or n x 32 bits , key space
> 2^32 or 2^(nx32) ? )
>
R is Random, with the same size than Ti. If Ti has length m bytes then you
have a keyspace of 2^(m*8). Anyway, as you noted, R is away after the
Ci XOR Cj.
------------------------------
From: [EMAIL PROTECTED] (Randy Poe)
Crossposted-To: sci.crypt.random-numbers,de.sci.informatik.misc,sci.math
Subject: Re: philosophical question?
Date: Sat, 03 Mar 2001 18:25:23 GMT
On Sat, 3 Mar 2001 17:06:04 +0100, [EMAIL PROTECTED] (Joe H. Acker)
wrote:
>What I still don't grasp is how you can make the difference: As there
>are many more possible sequences with equal numbers of 1's and 0's, any
>individual sequence that occurs should more probably contain many 0's
>and 1's mixed up as contain only 1's. I understand the group argument,
>but I don't understand why it *doesn't* follow from it that it's less
>probable that an individual occurance of a sequence with only 1's occurs
>than an individual occurance of the usual 1's and 0's in a sequence.
It's not less probable. Consider 5 bits. Here are a few possibilities
11111
00000
10101
11001
01110
10110
01100
None of these sequences is more probable than any other.
>
>The claim that an individual sequence of only 1's is as probable as a
>"usual" random sequence seems to contradict directly to the group
>argument.
Why? What's the contradiction? There are 32 possible ways for 1's and
0's to come up, and they're all equally probable. What does that
contradict?
If I asked, what's the probability of there being one 1 and four 0's,
this can happen in 5 different ways:
00001
00010
00100
01000
10000
Each of these has exactly a 1/32 chance of occurring. But I'll take
any one of the 5 as a success of "one 1 and four 0's". So there are
five separate ways I can win that game. Hence five times the
probability of winning as if I'd just asked for one particular
sequence.
- Randy
------------------------------
From: "Doom the Mostly Harmless" <[EMAIL PROTECTED]>
Crossposted-To: sci.crypt.random-numbers,de.sci.informatik.misc,sci.math
Subject: Re: philosophical question?
Date: Sat, 03 Mar 2001 19:22:41 GMT
> > There is, for example, only 1 sequence of all 1's or all 0's.
> > But there are many many sequences with equal numbers of 1s
> > and 0's. So the probability that the sequence will have matching
> > numbers of 1s and 0s is a lot higher than that it will be all
> > 1s or all 0s. But every individual sequence has the same probability.
>
> What I still don't grasp is how you can make the difference: As there
> are many more possible sequences with equal numbers of 1's and 0's, any
> individual sequence that occurs should more probably contain many 0's
> and 1's mixed up as contain only 1's. I understand the group argument,
> but I don't understand why it *doesn't* follow from it that it's less
> probable that an individual occurance of a sequence with only 1's occurs
> than an individual occurance of the usual 1's and 0's in a sequence.
>
> The claim that an individual sequence of only 1's is as probable as a
> "usual" random sequence seems to contradict directly to the group
> argument. Could anyone who has the time please point me in the right
> direction? Does it have something to do with infinite vs. finite random
> sequences?
Let's look at a trivial example. Assume a .5 probablity of a 1 or 0 for any
given bit.
For the first bit, we have two equally probable choices:
1
0
When we add a second bit, for each of the first choices, we have two equally
probable new choices:
11
10
01
00
A third:
111
110
101
100
011
010
001
000
Each of these combinations is equally probable, because the choice of the
third bit is independent of the second, and the second of the first, and the
first of anything. Therefore, 111 and 000 are just as likely as 101 and
010. However, the chance that you'll come up with a mixture of 1's and 0's
is .75 -- there are 6 with a mix and only 2 homogenous bit patterns.
If we were to continue this for, say, 50 bits, and create a graph of the
number of 1 bits vs. frequency, we'd get a nice bell curve. That is, most
of the equally probable bit patterns have a roughly equal number of 1's and
0's. There is only one possiblity for all ones, and one for all 0's, but
the closer to an equal mix you get, the more ways there are to do it.
Let's look at 4 bits (again, a trivial example):
To get all 1's, there's only one possibility, 1111.
To get no 1's there's only one possibility, 0000.
For one 1, there are four ways: 0001,0010, 0100, 1000, and if you not them,
you get the four ways to have 3 1's.
To have 2 1's, there are six ways: 0011,0101,0110,1001,1010,1100.
So, a given string k of 4 bits with 2 1's is just as likely as a string with
all ones, but there are six times as many k's.
Does this make more sense?
--
To air is human....
--Doom.
------------------------------
From: [EMAIL PROTECTED] (Jim D)
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: => FBI easily cracks encryption ...?
Date: Sat, 03 Mar 2001 20:21:06 GMT
Reply-To: Jim D
On Fri, 02 Mar 2001 22:47:05 GMT, William Hugh Murray
<[EMAIL PROTECTED]> wrote:
>Jim Taylor wrote:
>
>> Sometimes I wonder about these groups. Are you all drug dealers or
>> something?
>
>No. We are patriots. We are interested in protecting an arrogant state from
>the kinds of excesses that are likely to enslave us or destroy the legitimacy
>of that government.
I would have thought that legitimacy was gone when
George Dubya Bush seized power?
--
___________________________________________
Posted by Jim Dunnett
George Dubya Bushisms No 6:
CIA? Howdja spell that?
[EMAIL PROTECTED]
[EMAIL PROTECTED]
------------------------------
From: "groj" <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: => FBI easily cracks encryption ...?
Date: Sun, 4 Mar 2001 09:40:38 +1300
=====BEGIN PGP SIGNED MESSAGE=====
Hash: SHA1
I think really the intitial discussion was purely on a hypothetical
basis. If we presume that the encoding was broken then there is
obviously a flaw either in the initial algorithims or something we
don't know. My initial post regarding the key logging was really
more as a discussion point.
If we are going to be truley paranoid then we would presume that the
instance we download or initiate pgp or any encryption programme then
a meesage is logged. That being the case and if we are all that
paranoid it would be interesting to see how many of you have thoughts
on National Census (what is the plural for this? Censii??? )
As with Michael I live in New Zealand and in 2 days everybody
(including those too young to fill one in) are required to complete a
questionaire for the statistics department. Invasion of privacy or a
collection of necessary information?
I wonder how they would cope if I sent it in encoded!
No I don't deal drugs or in fact scan porno sites. The encryption
and the mathematics behind it is more a hobby. But then again I do
use it to send some commercially sensitive information. Thoughts of
the group on industrial espionage would be interesting. I am more
concerned with my competitors knowing what I am doing than I am in my
own Government waisting my tax dollars trying to figure out what I'm
up to! All they need to do is ask!
- --
fingerprint
2F4B 8981 BA71 0F1F E8BC 1A05 D6AB 0B7B 8A26 6A49
=====BEGIN PGP SIGNATURE=====
Version: PGPfreeware 6.5.1 Int. for non-commercial use
<http://www.pgpinternational.com>
iQA/AwUBOqCt+darC3uKJmpJEQLaOwCg82qtqvHyeU6pDxhkDlRkrwGHJrMAn1EE
UgeQ9QtO6cVRaNjuJXoAP4tB
=PFjD
=====END PGP SIGNATURE=====
------------------------------
From: William Hugh Murray <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: => FBI easily cracks encryption ...?
Date: Sat, 03 Mar 2001 20:59:06 GMT
kroesjnov wrote:
> > Sometimes you don't know what you have until it's gone.
>
> That`s a fact for sure.
> And it goes double for the National and International safety many off us
> take for granted... When war breaks out, we will all - in a split second -
> understand what we have right now...
It is attributed to Benjamin Franklin that, "Those who would sacrifice Liberty
for a little temporary safety, deserve neither Liberty nor safety." He did not
write it and he may never have said it but it is a good idea in any case.
> > I'm sure the BVD would like to have this ability, too!
Part of our concern is that you do not know what their capabilities are or who
their targets might be. Because terrorists, subversives, and perverts, do not
wear badges, the intelligence services tend to cast a very broad net. Because
they are human, they tend to cast that net in the direction of people that they
do not like. It tends to catch innocent civilians but some civilians seem to be
caught more than others. The net tends to catch people whose color is different
from that of the intelligence services, people whose religion is different from
theirs, whose class is different from theirs, whose politics are different from
theirs, or whose sexual behavior they envy or do not like.
Here that net has caught some of our greatest national heros. Women like
Eleanor Roosevelt, men like Martin Luther King. Men like JFK and RFK. It is
clear from the record that the purpose of these dossiers was intimidation and
control. Is it really so different in Holland? Do you really believe your
intelligence services are not more likely to target Indonesians than Europeans?
Jews and Muslims more than Christians? Catholics more than protestants?
Liberals more than conservatives? Working classes more than aristocrats?
Homosexuals more than heterosexuals?
Now of course, this was all in the past, right? The intelligence services are
all reformed now, right? They were corrupted by bad people rather than by a
fundamentally corrupting mission or system, right? They are not corrupted by
all that power are they?
And, of course, you and I are on their side, right? They know that, right? We
look like them, talk like them, walk like them, dress like them, eat like them
and sleep with people like the one's they do, right? They would not collect
dossiers on us would they? They only collect dossiers on real bad guys; they
would not keep one on us, by mistake or just in case we might be subversives,
would they? Talk to our bosses about our political reliability or the company
we keep? Question our friends and neighbors about us? No! Not us! Never!
Well, hardly ever.
And we have nothing to fear, right? We have not done anything wrong, right?
And nothing that our friends and neighbors might say could ever prove
embarassing could it? Those people who reported on their families and friends
during WWII simply because they were frightened? We do not have craven friends
or family like that. After all, those people were enemies of the state. Our
rectitude is our shield, right? We have not done anything wrong. We can
explain all those Socialist, Muslim, Jewish, gay, drug using friends we had in
college, right? That friend we helped to get an abortion that we did not tell
our family about? That guy we took the trip with who turned out to have a crush
on us? No one would hold that against us, right? And they do not make
mistakes, right? And the burden of proof is on them, right?. They wouldn't,
couldn't just leak it could they? They wouldn't threaten us with it would
they? They would not threaten to take any of it out of context and use it for
some greater good than truth and justice would they?
All of these things have happened to perfectly innocent people in my lifetime.
All in the name of national security, a greater good than truth and justice.
But that was the Gestapo, the KGB, the CIA, the NSA, GCHQ, the FBI, CBOS and the
Stasi, right? Not the BVD. The BVD are the good guys, right? That could not
happen here, right? Right. Pardon my lack of credulity.
> And with them, any other country`s Intelligence service...
>
> And because, not every country has the ability to set up a country wide
> Security network, I do understand why a World wide intelligence service like
> Echelon would have more pro`s over the con`s (Well, that`s going to be good
> for a good discussion I guess :)
And of course such a service will share that intelligence with you, right?
History suggests that they are reluctant to share with anyone.
It will be used for your benefit, right? At least to the extent that your
interest coincides with theirs. Which, of course, it always will, right? I am
told that the British intelligence services really did not permit Coventry to be
bombed to rubble to protect the secret of Ultra. It was just a coincidence.
They really planned to tell the RAF; they were just a few hours late. The US
intelligence services were only a few hours too late to prevent the bombing of
Pearl Harbor. And they have never betrayed spies to protect other sources and
methods either. Those stories are all apochryphal, made up by people like me in
an attempt to embarrass them and only because I do not like them. . It is
really difficult to know even the historical truth when dealing with
organizations that prefer silence to the truth lie and for a living .
> "Wisdom lies not in obtaining knowledge, but in using it in the right way"
Would you be insulted if we suggested that you err a little on the side of the
"obtaining" for a while?
> kroesjnov
> email: [EMAIL PROTECTED] (remove nov to reply)
> UIN: 67346792
> pgp fingerprint: 4251 4350 4242 7764 80DA DB1C E2B2 850A DF15 4D85
William Hugh Murray
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: => FBI easily cracks encryption ...?
Date: Sat, 03 Mar 2001 21:13:12 GMT
"SCOTT19U.ZIP_GUY" wrote:
> Bill this is even better than the first anwser. I hope
> you idea of gun control is a strong trigger finger.
Only necessary for double-action.
Having a strong defense often means not having to actually
put it into action; the best way to protect your freedom is
to make those who would suppress them fear the consequences.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: => FBI easily cracks encryption ...?
Date: Sat, 03 Mar 2001 21:15:51 GMT
Jim D wrote:
> I would have thought that legitimacy was gone when
> George Dubya Bush seized power?
If you cannot tell the difference between an actual power grab
and the operation of an election according to pre-accepted rules,
you are part of the problem.
------------------------------
From: "Robert J. Kolker" <[EMAIL PROTECTED]>
Subject: test alpha
Date: Sat, 03 Mar 2001 21:29:59 GMT
test alpha
------------------------------
From: Thomas Boschloo <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: => FBI easily cracks encryption ...?
Date: Sat, 03 Mar 2001 22:51:18 +0100
=====BEGIN PGP SIGNED MESSAGE=====
Mxsmanic wrote:
>
> Yet you do not see the connection to the utility of a Secret Service
> being able to crack an encrypted message (with effort of course), so
> that Jews can be interdicted, who are going to pollute some neighborhood
> in the Netherlands, or any other Country in the World.
What I am missing in this discussion is traffic analysis by the NSA.
Wouldn't it be nice for the governments to have access to a database of
who communicates with whom? It requires only a few kilobytes for each
e-mail address there is to store this 'IsFriendOf(x)' relational
database and you can round all those nazi or jew friends up just fine
depending on the political situation in your country. I guess now would
be a nice time to round up 'pedo' friends. Better not have any in your
address book or you could be in trouble.
BTW Crypto even is a better target, if not too many people use it.
Thomas
=====BEGIN PGP SIGNATURE=====
Version: PGPfreeware 5.5.3i for non-commercial use <http://www.pgpi.com>
iQB5AwUBOqFZRAEP2l8iXKAJAQECUQMfZ55w6aIHsWTE60OaY4le8BBlHbKRXoi5
6H6PLBSc8owgJ2eiIVpWOyKmaeA21H3VDN0rll86hDsSBvR8FQkQOOtXgcCp25am
UgCaHv51XLcBrw9I95tqmr1WLc9rXAUSW2p9tg==
=UfJN
=====END PGP SIGNATURE=====
--
"If you use crypto, you _must_ be a criminal with something to hide"
------------------------------
Reply-To: "Dan Beale" <[EMAIL PROTECTED]>
From: "Dan Beale" <[EMAIL PROTECTED]>
Subject: Re: => FBI easily cracks encryption ...?
Date: Sat, 3 Mar 2001 22:02:16 -0000
"Nemo psj" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Well what I was aying is that
> 1) If the procedure is undocumented
> 2) and is or has a different mathod of encoding and decoding other then
a
> password box
> 3) then it would be substantially harder for the FBI to crack the code.
This isnt how cryptanylysis works. If people are using documented
algorithms then many people can check for a:common design flaws b:common
algorithmic mistakes c:vulnerabilites, which leads to stronger algorithms
and crypto software, and hopefully weeds out the weaker software. (ok,
that last pont is bad hence the need for a snakeoil faq...)
All hiding the source code does is make the bugs _a bit_ less obvious, but
enemies will be able to find exploits. Look at all the 'hacker/cracker'
sites where vulnerabilities are listed for many pieces of software, most
of which is closed source.
>
> Exspecially if the method was highly unconventional which if I were a
spy..
but it is unconventional, experimental, untested methods which may have
more flaws.
------------------------------
Reply-To: "Dan Beale" <[EMAIL PROTECTED]>
From: "Dan Beale" <[EMAIL PROTECTED]>
Crossposted-To: alt.hacker
Subject: Re: OverWrite freeware completely removes unwanted files fromharddrive
Date: Sat, 3 Mar 2001 22:05:46 -0000
"Anthony Stephen Szopa" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
<snip everything>
Having cleared my kill-filter i am _amazed_ to find you still trolling the
crypto groups Anthony. Have you learnt any math yet?
------------------------------
From: William Hugh Murray <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: => FBI easily cracks encryption ...?
Date: Sat, 03 Mar 2001 22:02:10 GMT
Jim D wrote:
> On Fri, 02 Mar 2001 22:47:05 GMT, William Hugh Murray
> <[EMAIL PROTECTED]> wrote:
>
> >Jim Taylor wrote:
> >
> >> Sometimes I wonder about these groups. Are you all drug dealers or
> >> something?
> >
> >No. We are patriots. We are interested in protecting an arrogant state from
> >the kinds of excesses that are likely to enslave us or destroy the legitimacy
> >of that government.
>
> I would have thought that legitimacy was gone when
> George Dubya Bush seized power?
I became concerned about the legitimacy of this government early in the Clinton
adminstation. I became concerned as the administration began to show a preference
for lies when the truth would serve, for massive police force when time would
serve, and, when as it had to, the necessary trust in government began to erode.
Close elections often call the legitimacy of the government into question. The
election in Florida certainly aggravated an already difficult situation.
Nonetheless, Florida law offered remedies for most of the problems. For example,
the law provided a remedy for an illegal ballot, i.e., a legal one. Those
remedies expired, as all such remedies must, when the polls opened. The
legitimacy of a close election is difficult enough to sustain but it surely cannot
survive changes in the rules of the election after the polls open. Most of the
problems in the Florida election would never have attracted any notice if the
election had not turned on Florida. The election might not have been close, or
turned on Florida, if the press had not reported Gore the winner in Florida an
hour before the polls closed in the western counties. We can never know what
might have been.
All that aside, if the legitimacy of this government is in question, that question
should not turn on the legitimacy of that election or this president.
William Hugh Murray
>
>
> --
> ___________________________________________
>
> Posted by Jim Dunnett
>
> George Dubya Bushisms No 6:
>
> CIA? Howdja spell that?
>
> [EMAIL PROTECTED]
> [EMAIL PROTECTED]
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
