Cryptography-Digest Digest #790, Volume #13 Sun, 4 Mar 01 00:13:00 EST
Contents:
Is this prime? (An Metet)
Re: Super strong crypto (David Wagner)
Re: Cryptanalysis of GOST? (David Wagner)
Re: => FBI easily cracks encryption ...? (CR Lyttle)
Re: OverWrite freeware completely removes unwanted files fromharddrive (Anthony
Stephen Szopa)
Re: OverWrite freeware completely removes unwanted files fromharddrive (Anthony
Stephen Szopa)
Re: philosophical question? (Virgil)
Re: OverWrite freeware completely removes unwanted files fromharddrive ("Tom St
Denis")
Re: OverWrite freeware completely removes unwanted files fromharddrive (Benjamin
Goldberg)
Re: Is this prime? (Walter Hofmann)
Re: ARCFOUR and Latin Squares ("Henrick Hellstr�m")
Re: RSA Key Generation (Luis Duarte)
Re: RSA Key Generation (Luis Duarte)
Re: OverWrite freeware completely removes unwanted files fromharddrive (HiEv)
Re: ARCFOUR and Latin Squares ("Henrick Hellstr�m")
�Цh�h���� ("david")
�Цh�h���� ("david")
Re: �Цh�h���� ("Tom St Denis")
Re: philosophical question? ("Douglas A. Gwyn")
Re: OverWrite freeware completely removes unwanted files fromharddrive (Anthony
Stephen Szopa)
Re: OverWrite freeware completely removes unwanted files fromharddrive (Anthony
Stephen Szopa)
Re: OverWrite freeware completely removes unwanted files fromharddrive (Anthony
Stephen Szopa)
super strong crypto, phase 3 ("Douglas A. Gwyn")
----------------------------------------------------------------------------
Date: Sat, 3 Mar 2001 20:29:11 -0500
From: An Metet <[EMAIL PROTECTED]>
Subject: Is this prime?
Could you tell me if this number is prime?
1442403906876930569032099720156167627535758375716296889356941448556686886222540568445876243533197
What method did you use?
The two factoring programs I have tried could not find any factors, so is it probably
prime?
------------------------------
From: [EMAIL PROTECTED] (David Wagner)
Subject: Re: Super strong crypto
Date: 4 Mar 2001 01:36:28 GMT
Reply-To: [EMAIL PROTECTED] (David Wagner)
John Savard wrote:
>send E(P xor R, K1) and E(R, K2) and that way, both encryptions are of
>a totally random sequence.
>
>It's equivalent to double encryption, [...]
Well, they're not actually equivalent.
If you use two block ciphers -- i.e., E(P xor R, K1), E'(R, K2) -- the
former scheme is at least as secure as the stronger of the two ciphers.
In contrast, double-encryption does not have the same property.
The two schemes do have a similarity, though, in that they are both
susceptible to meet-in-the-middle attacks which are not much slower than
exhaustive keysearch on half the keyspace.
------------------------------
From: [EMAIL PROTECTED] (David Wagner)
Subject: Re: Cryptanalysis of GOST?
Date: 4 Mar 2001 01:38:12 GMT
Reply-To: [EMAIL PROTECTED] (David Wagner)
Rebus Mauser wrote:
>Is anything known about practical attacks on the GOST algorithm?
No. But keep in mind: There's a big difference between "no known attacks"
and "can be treated as secure". In particular, I would imagine that GOST
has not received nearly as much scrutiny as, say, DES or even AES.
------------------------------
From: CR Lyttle <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: => FBI easily cracks encryption ...?
Date: Sun, 04 Mar 2001 02:06:13 GMT
kroesjnov wrote:
>
> > > Could not agree more with you.
> > > Although I am not an American, I would not mind, if the BVD (Dutch
> National
> > > Intellegence service) would have this abillity.
> > > I think they (Like any other country`s national intellegence service)
> should
> > > try their very best, to make this possible...
> >
> > Were you in Holland when the Nazi's invaded and took over all the police
> > records?
>
> (Well this is going to be a touchy discussion...)
>
> Nope, I was not there.
> I am only 19 years old.
>
> I think this is slightly off the topic, but I will run with it any way:
>
> I assume you are refering to the fact, that the Dutch administration (and
> with that, the National Intellegence agency) on people was to good organized
> (Thinks like race and religion where also archieved, so that the Nazi`s had
> a very easy job, finding out who was off jewish origin).
> If you want my opinion on this: This was wrong afcourse, and so history has
> teached us (The hard way).
> Yet I do not see the connection to the ability off a Secret Service being
> abble to crack an encrypted message (With effort afcourse), So that
> Terrorist could be intercepted, who are going to bomb some building in The
> Netherlands, or any other Country in the World.
>
> Did I assume wrong, on what you are referring to? Or do I just missed the
> point you were trying to make?
>
> Please be patience with me, I may be slow off understanding...
>
> "Wisdom lies not in obtaining knowledge, but in using it in the right way"
>
> kroesjnov
> email: [EMAIL PROTECTED] (remove nov to reply)
> UIN: 67346792
> pgp fingerprint: 4251 4350 4242 7764 80DA DB1C E2B2 850A DF15 4D85
The reason cited for tracking such things as race and religion was so
that previously persecuted minorities could claim social justice. That
is, get preferential treatment in government jobs to "correct" past
discrimination against them. Tat data was collected for the admirable
goal of "affirmative action". I've noticed that the pre-war books
(1920's and early 1930's) are disappearing fast from the shelves as
"irrelevant" to today.
--
Russ
<http://home.earthlink.net/~lyttlec>
Home of the Universal Automotive Test Set
Linux Open Source (GPL) Project
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Crossposted-To: alt.hacker
Subject: Re: OverWrite freeware completely removes unwanted files fromharddrive
Date: Sat, 03 Mar 2001 18:10:01 -0800
Dan Beale wrote:
>
> "Anthony Stephen Szopa" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> <snip everything>
>
> Having cleared my kill-filter i am _amazed_ to find you still trolling the
> crypto groups Anthony. Have you learnt any math yet?
I am still waiting to hear from you why OAP-L3's theory won't work
and provide excellent encryption?
Can't think of any math to prove the point?
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Crossposted-To: alt.hacker
Subject: Re: OverWrite freeware completely removes unwanted files fromharddrive
Date: Sat, 03 Mar 2001 18:11:28 -0800
William Hugh Murray wrote:
>
> Dan Beale wrote:
>
> > "Anthony Stephen Szopa" <[EMAIL PROTECTED]> wrote in message
> > news:[EMAIL PROTECTED]...
> > <snip everything>
> >
> > Having cleared my kill-filter i am _amazed_ to find you still trolling the
> > crypto groups Anthony. Have you learnt any math yet?
>
> No, but not because we have not tried to teach him.
>
> Would you leave if you were getting the attention he gets?
Then I'll ask you: show us some math as to why OAP-L3's theory
won't provide excellent encryption?
------------------------------
From: Virgil <[EMAIL PROTECTED]>
Crossposted-To: sci.crypt.random-numbers,de.sci.informatik.misc,sci.math
Subject: Re: philosophical question?
Date: Sat, 03 Mar 2001 19:24:59 -0700
In article <d4go6.14344$[EMAIL PROTECTED]>,
"Tom St Denis" <[EMAIL PROTECTED]> wrote:
> "Virgil" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > In article <[EMAIL PROTECTED]>,
> > [EMAIL PROTECTED] (Joe H. Acker) wrote:
> >
>
> > Consider finite sequences of some fixed length, tehn incease the lengtrh.
> >
> > 00 01` 10 11 are all the 2-sequences and {0,1) is twice as fequent as
> > either {0,0} or {1,1}. Note: {a,b} is the _unordered_ set of a and b.
> >
> > 0000 0001 0010 0011 0100 0101 0110 0111
> > 1000 1001 1010 1011 1100 1101 1110 1111 are all the 4 sequences, and
> > {0,0,1,1) is 6 times as frequent as either {0,0,0,0} or {1,1,1,1}
>
> The problem with your view is that you are discarding the ORDER of the
> information.
>
> 0001 is not the same as 0010 or 0100 or 1000 ...
>
> Tom
>
>
I though the question was formed so as to disregerd order:
If 0 and 1 are equally likely in any position of a long string of {0,1}
digits, does a string of all 0s or of all 1s have the same likelihood as
a string of about equally many 0s as 1s?
In such a question, position in the string is irrelevant.
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Crossposted-To: alt.hacker
Subject: Re: OverWrite freeware completely removes unwanted files fromharddrive
Date: Sun, 04 Mar 2001 02:29:43 GMT
"Anthony Stephen Szopa" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> William Hugh Murray wrote:
> >
> > Dan Beale wrote:
> >
> > > "Anthony Stephen Szopa" <[EMAIL PROTECTED]> wrote in message
> > > news:[EMAIL PROTECTED]...
> > > <snip everything>
> > >
> > > Having cleared my kill-filter i am _amazed_ to find you still trolling
the
> > > crypto groups Anthony. Have you learnt any math yet?
> >
> > No, but not because we have not tried to teach him.
> >
> > Would you leave if you were getting the attention he gets?
>
>
> Then I'll ask you: show us some math as to why OAP-L3's theory
> won't provide excellent encryption?
Um isn't it suppose to go the other way? You don't see doctors saying "show
me evidence that my radically new untested unscrutinized treatement won't
kill you instantly".
Tom
------------------------------
From: Benjamin Goldberg <[EMAIL PROTECTED]>
Crossposted-To: alt.hacker
Subject: Re: OverWrite freeware completely removes unwanted files fromharddrive
Date: Sun, 04 Mar 2001 02:32:38 GMT
Anthony Stephen Szopa wrote:
>
> William Hugh Murray wrote:
> >
> > Dan Beale wrote:
> >
> > > "Anthony Stephen Szopa" <[EMAIL PROTECTED]> wrote in message
> > > news:[EMAIL PROTECTED]...
> > > <snip everything>
> > >
> > > Having cleared my kill-filter i am _amazed_ to find you still
> > > trolling the crypto groups Anthony. Have you learnt any math yet?
> >
> > No, but not because we have not tried to teach him.
> >
> > Would you leave if you were getting the attention he gets?
>
> Then I'll ask you: show us some math as to why OAP-L3's theory
> won't provide excellent encryption?
That's easy enough to do. There are x people with OAP-L3, and y people
who have PGP. Since x<y, the average user is more likely to have to
download something to decrypt a file that was encrypted with OAP-L3 than
a file that was encryped with PGP. Because I HATE downloads, OAP-L3 is
worse than PGP.
It takes x amount of random keyboard pounding to create entropy for
OAP-L3, and y amount of keyboard poinding for PGP. Since x>y, OAP-L3 is
less convenient to use than PGP.
PGP has a very well known strength, due to large amounts of analysis by
it's creators and many others. OAP-L3 is unanalysed, even by it's
author (who doesn't consider permutations or combinatorics to be math).
To have withstood analysis creates trust in strength. To not have done
so results in distrust. An untrusted cipher is unexcellent. A trusted
cipher is excellent. Your cipher is untrusted, therefor is unexcellent.
Incedentally, if you attempt to claim that I haven't used math, you
should know that first order propositional logic is a well known branch
of math.
--
The difference between theory and practice is that in theory, theory and
practice are identical, but in practice, they are not.
------------------------------
From: [EMAIL PROTECTED] (Walter Hofmann)
Subject: Re: Is this prime?
Date: Sun, 4 Mar 2001 03:32:32 +0100
Reply-To: [EMAIL PROTECTED]
On Sat, 3 Mar 2001 20:29:11 -0500, An Metet <[EMAIL PROTECTED]> wrote:
>
>Could you tell me if this number is prime?
>
>1442403906876930569032099720156167627535758375716296889356941448556686886222540568445876243533197
Not prime.
>What method did you use?
2^1442403906876930569032099720156167627535758375716296889356941448556686886222540568445876243533196
mod
1442403906876930569032099720156167627535758375716296889356941448556686886222540568445876243533197
=
778432608097579243692165953038896447613594033593289033981289297604677916896790359526612691573185
If
778432608097579243692165953038896447613594033593289033981289297604677916896790359526612691573185
is prime the result would be 1 by Fermat's theorem. So the number cannot
be prime.
>The two factoring programs I have tried could not find any factors, so is it probably
>prime?
No. Factoring is much harder than testing for primes, so this shows
nothing.
Walter
------------------------------
From: "Henrick Hellstr�m" <[EMAIL PROTECTED]>
Subject: Re: ARCFOUR and Latin Squares
Date: Sun, 4 Mar 2001 03:57:36 +0100
Don't just use any kind of binary operation. It is fairly easy to prove that
you will significantly weaken the cipher unless you use the operation of a
cyclic abelian group. But using such an operation won't make much
difference. Substituting all additions in RC4 for any other cyclic abelian
group operation, is at most equivalent to changing the key, keeping addition
as the operation, and applying a second, static permutation on the output.
To prove this, simply eliminate the additions in the following way:
Let G(Z(256),op) be any cyclic abelian group over Z(256).
Let x(0) = y(0) = e(0) = S(0)[z], where z is the identity of G(Z(256),op).
Let * denote composition of permutations.
Let ** denote iteration.
Let g be any generator of G(Z(256),op).
Let phi be the isomorphic mapping from G(Z(256),op) into G(Z(256),+) such
that phi(g) = 1, phi(z) = 0.
Let sigma(k) be the single cycle permutation such that sigma(k)[S(k)[x]] =
S(k)[x op g].
RC4Abelian:
1. x := sigma(i)[y(i)].
2. y := sigma(i)**(phi(x)-1)[x(i)].
3. sigma(i+1) := (x y)*sigma(i).
4. if x(i+1) = e(i) then
e(i+1) := y
else if y(i+1) = e(i) then
e(i+1) := x
else
e(i+1) := e(i).
5. output(i) := sigma(i+1)**phi(x)[sigma(i+1)**phi(y)[e(i+1)]].
6. x(i+1) := x, y(i+1) := y.
Now, let T(0) be the permutation such that T(0)[phi(x)] = phi(S(0)[x]). Let
tau(k) be the single cycle permutation such that tau(k)[T(k)[x]] =
T(k)[x+1]. Clearly, we will have T(0)[0] = phi(S(0)[z]), tau(k)[phi(x)] =
phi(sigma(k)[x]), etc
Let xt(0) = yt(0) = et(0) = T(0)[0]. We have:
RC4:
1. x := tau(i)[yt(i)].
2. y := tau(i)**(x-1)[xt(i)].
3. tau(i+1) := (x y)*tau(i).
4. if x = et(i) then
et(i+1) := y
else if y = et(i) then
et(i+1) := x
else
et(i+1) := et(i).
5. outputt(i) := tau(i+1)**x[tau(i+1)**y[et(i+1)]].
6. xt(i+1) := x, yt(i+1) := y.
Given the relation between T(0) and S(0), it trivially follows that xt(1) =
phi(x(1)), yt(1) = phi(y(1)), et(1) = phi(et(1)). Furthermore, one can prove
that phi is multiplicative under composition of permutations, so
T(1)[phi(x)] = phi(S(1)[x]). Consequently we have that outputt(0) =
phi(output(0)). The conclusion follows by induction.
--
Henrick Hellstr�m [EMAIL PROTECTED]
StreamSec HB http://www.streamsec.com
"r.e.s." <[EMAIL PROTECTED]> skrev i meddelandet
news:97nq7t$kss$[EMAIL PROTECTED]...
> ARCFOUR uses mod-256 addition in several of its steps.
> But for 8-bit arguments, (x+y) mod 256 is just one
> of a large number of functions whose value-tables are
> symmetric order-256 Latin Squares. (Another is XOR.)
>
> So, consider the even-larger number of ARCFOUR-like
> ciphers obtainable by replacing some or all of its
> mod-256 additions by operations defined by other
> symmetric order-256 Latin Squares. (Many of these,
> like XOR, are computable via "built-in" functions,
> but others would require some sort of table lookup,
> I suppose. If table lookup were used, then we might
> also consider generating a random symmetric Latin
> Square for the purpose. Hmm... would that be hard?)
>
> All this would be apart from ARCFOUR's final-stage
> XOR combiner, so invertibility of the Latin Square
> is not an issue.
>
> Is it reasonable to explore this idea further for at
> least some of the symmetric Latin Squares, e.g. XOR?
> Or am I missing some flaw that would make it a waste
> of effort?
>
> --r.e.s.
>
>
------------------------------
From: [EMAIL PROTECTED] (Luis Duarte)
Subject: Re: RSA Key Generation
Date: Sat, 03 Mar 2001 19:57:55 GMT
I wonder what does the "ripple tree" scheme has to do with
the question "RSA key generation"...
On Sat, 3 Mar 2001 19:01:53 +1300, "Michael Brown"
<[EMAIL PROTECTED]> wrote:
>You might be interested in my idea here, though:
>http://odin.prohosting.com/~dakkor/rsa/
>
>Michael
>
>
------------------------------
From: [EMAIL PROTECTED] (Luis Duarte)
Subject: Re: RSA Key Generation
Date: Sat, 03 Mar 2001 20:06:00 GMT
Instead of imposing 1 or 2 bits in both primes,
you generate the first completly at random, say p.
Then, you can find a lower bound for your next
prime.
Suppose n = 100...000 (512 bits) and divide this
by prime p. The result of n/p can be a 'start' for
searching the other prime, q
Hope this helps, Luis Duarte ([EMAIL PROTECTED])
On Fri, 02 Mar 2001 05:28:30 GMT, "Mark Reed"
<[EMAIL PROTECTED]> wrote:
(...)
>
>My question is whether this is common practice, or if generally the top two
>bits of each prime
>(guaranteeing n > 0x90......)
>
>I suppose another possibility is that primes are generated until n is the
>required bitlength.
>
>Unless this method is used, isn't security compromised ? ie. n can be less
>than the number of bits required or the top two bits of each prime are known
>to be one.
>
>Thanks in advance,
>
>Mark.
>
>
------------------------------
From: HiEv <[EMAIL PROTECTED]>
Crossposted-To: alt.hacker
Subject: Re: OverWrite freeware completely removes unwanted files fromharddrive
Date: Sun, 04 Mar 2001 03:18:24 GMT
Benjamin Goldberg wrote:
>
> Anthony Stephen Szopa wrote:
> >
> > Then I'll ask you: show us some math as to why OAP-L3's theory
> > won't provide excellent encryption?
>
> That's easy enough to do.
[snip good logic]
> Incedentally, if you attempt to claim that I haven't used math, you
> should know that first order propositional logic is a well known branch
> of math.
I believe most people here would agree with you! (Made me laugh too.
:-)
You tell 'im boy!
------------------------------
From: "Henrick Hellstr�m" <[EMAIL PROTECTED]>
Subject: Re: ARCFOUR and Latin Squares
Date: Sun, 4 Mar 2001 04:23:07 +0100
Sorry, I made a couple of errors copying my notes.
> 2. y := sigma(i)**(phi(x)-1)[x(i)].
This line should be:
2. y := sigma(i)**phi(x)[x(i)].
> 2. y := tau(i)**(x-1)[xt(i)].
This line should be:
2. y := tau(i)**x[xt(i)].
I hope that's all.
--
Henrick Hellstr�m [EMAIL PROTECTED]
StreamSec HB http://www.streamsec.com
------------------------------
From: "david" <[EMAIL PROTECTED]>
Subject: �Цh�h����
Date: Sun, 4 Mar 2001 12:53:45 +0800
http://tacocity.com.tw/david/
------------------------------
From: "david" <[EMAIL PROTECTED]>
Subject: �Цh�h����
Date: Sun, 4 Mar 2001 12:53:51 +0800
http://tacocity.com.tw/david/
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: �Цh�h����
Date: Sun, 04 Mar 2001 04:07:42 GMT
"david" <[EMAIL PROTECTED]> wrote in message
news:97sd8f$[EMAIL PROTECTED]...
> http://tatocity.com.tw/david/
>
Why did you send this url?
Tom
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Crossposted-To: sci.crypt.random-numbers,de.sci.informatik.misc,sci.math
Subject: Re: philosophical question?
Date: Sun, 04 Mar 2001 04:28:42 GMT
Virgil wrote:
> If 0 and 1 are equally likely in any position of a long string of {0,1}
> digits, does a string of all 0s or of all 1s have the same likelihood as
> a string of about equally many 0s as 1s?
We need to be even more precise. If that means a *given* string of
about as many 1s as 0s, then it is just as probable as a string of
all 0s. If that means *any member of the set* of all strings of
about as many 1s as 0s, then *that* is much more probable than a
string of all 0s, because there are so many equiprobable members
that qualify.
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Crossposted-To: alt.hacker
Subject: Re: OverWrite freeware completely removes unwanted files fromharddrive
Date: Sat, 03 Mar 2001 20:33:33 -0800
Tom St Denis wrote:
>
> "Anthony Stephen Szopa" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > William Hugh Murray wrote:
> > >
> > > Dan Beale wrote:
> > >
> > > > "Anthony Stephen Szopa" <[EMAIL PROTECTED]> wrote in message
> > > > news:[EMAIL PROTECTED]...
> > > > <snip everything>
> > > >
> > > > Having cleared my kill-filter i am _amazed_ to find you still trolling
> the
> > > > crypto groups Anthony. Have you learnt any math yet?
> > >
> > > No, but not because we have not tried to teach him.
> > >
> > > Would you leave if you were getting the attention he gets?
> >
> >
> > Then I'll ask you: show us some math as to why OAP-L3's theory
> > won't provide excellent encryption?
>
> Um isn't it suppose to go the other way? You don't see doctors saying "show
> me evidence that my radically new untested unscrutinized treatement won't
> kill you instantly".
>
> Tom
Well...
But I have.
If you read the Theory and Processes I & II Help Files from my web
site you will see that trying to crack my software is like trying to
guess ever longer strings of random numbers resulting from throwing
ten sided dice.
You can figure out the odds in craps can't you?
Then you can figure out the odds in my encryption software and thus
you will know beyond any shadow of a doubt the answer.
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Crossposted-To: alt.hacker
Subject: Re: OverWrite freeware completely removes unwanted files fromharddrive
Date: Sat, 03 Mar 2001 20:34:57 -0800
Benjamin Goldberg wrote:
>
> Anthony Stephen Szopa wrote:
> >
> > William Hugh Murray wrote:
> > >
> > > Dan Beale wrote:
> > >
> > > > "Anthony Stephen Szopa" <[EMAIL PROTECTED]> wrote in message
> > > > news:[EMAIL PROTECTED]...
> > > > <snip everything>
> > > >
> > > > Having cleared my kill-filter i am _amazed_ to find you still
> > > > trolling the crypto groups Anthony. Have you learnt any math yet?
> > >
> > > No, but not because we have not tried to teach him.
> > >
> > > Would you leave if you were getting the attention he gets?
> >
> > Then I'll ask you: show us some math as to why OAP-L3's theory
> > won't provide excellent encryption?
>
> That's easy enough to do. There are x people with OAP-L3, and y people
> who have PGP. Since x<y, the average user is more likely to have to
> download something to decrypt a file that was encrypted with OAP-L3 than
> a file that was encryped with PGP. Because I HATE downloads, OAP-L3 is
> worse than PGP.
>
> It takes x amount of random keyboard pounding to create entropy for
> OAP-L3, and y amount of keyboard poinding for PGP. Since x>y, OAP-L3 is
> less convenient to use than PGP.
>
> PGP has a very well known strength, due to large amounts of analysis by
> it's creators and many others. OAP-L3 is unanalysed, even by it's
> author (who doesn't consider permutations or combinatorics to be math).
>
> To have withstood analysis creates trust in strength. To not have done
> so results in distrust. An untrusted cipher is unexcellent. A trusted
> cipher is excellent. Your cipher is untrusted, therefor is unexcellent.
>
> Incedentally, if you attempt to claim that I haven't used math, you
> should know that first order propositional logic is a well known branch
> of math.
>
> --
> The difference between theory and practice is that in theory, theory and
> practice are identical, but in practice, they are not.
Like my high school algebra teacher used to say: "If you're agin it,
you're agin it."
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Crossposted-To: alt.hacker
Subject: Re: OverWrite freeware completely removes unwanted files fromharddrive
Date: Sat, 03 Mar 2001 20:44:35 -0800
HiEv wrote:
>
> Benjamin Goldberg wrote:
> >
> > Anthony Stephen Szopa wrote:
> > >
> > > Then I'll ask you: show us some math as to why OAP-L3's theory
> > > won't provide excellent encryption?
> >
> > That's easy enough to do.
> [snip good logic]
> > Incedentally, if you attempt to claim that I haven't used math, you
> > should know that first order propositional logic is a well known branch
> > of math.
>
> I believe most people here would agree with you! (Made me laugh too.
> :-)
>
> You tell 'im boy!
Deeeear Mr. High Electron Volts, you want a good laugh, well here's
one for you all. And it's all on all of you!
Here is why I think Ciphile Software's OverWrite program actually
does overwrite the file to be overwritten the 27 times it claims it
does, contrary to the doubt cast by most if not all in these news
groups:
Here is a complete detailed pseudo-code for pass number 2 of
Ciphile Software's OverWrite Security Program:
1) At the beginning of the second pass, the file is opened.
If the file fails to open properly an error is thrown and the
process ends.
2) If the file opens properly then it is overwritten.
3) Then the file is closed.
If the file fails to close properly then an error is thrown and the
process ends.
4) Finally, if the flag is set, that is, if the file OverChk2.txt is
found, then the process ends. Otherwise the third pass is begun.
I understand your optimization explanations and those given in the
few documents I have read. I was also familiar with the fact that a
block of data is read and stored into the cache and the reasons for
this. I believe that the assumption in the documentation and in your
casts of doubt was that the opened file that is repeatedly written to
is never instructed to be closed. In other words, a seek to the
beginning of the file or wherever the subsequent write is to be done
is made and a second write is attempted regardless if the prior
write(s) have actually been physically carried out. This makes sense
when repeated writes or overwrites are being made to a file that
remains open.
As I have clearly stated above, the source code not only makes the
fclose() command but it checks for the return value from this
operation. If the return value is NULL then the fclose() has failed.
And if the fclose() succeeds then the return value is zero. This is
the check I asked any of you if you knew how to make. Well, it is
part of the fclose() function as well as the fopen() function and all
other functions in C or C++. The function has a return value of pass
or fail.
I do check pass / fail in the source code, as stated above.
So in order for the FUD you are all casting against Ciphile Software's
OverWrite program to succeed and to cover up your own ignorance of the
pass / fail return values of all functions, you will have to claim
that the OS not only optimizes write operations as you describe but
in fact LIES because the OS has no idea whether or not a close or open
function was carried out successfully until it is actually PHYSICALLY
carried out. To optimize as you all have been claiming in Ciphile
Software's OverWrite program, the OS would have to LIE that it had
successfully closed the file in order to proceed to carry out a
subsequent write in cache before the actual prior write and close to
the file. Do you see where this leads you? To NoWheresville, man.
To NoWheresville.
Do any of you claim that any OS that you know of actually fudges and
outright LIES when an instruction is given to carry out a function()
then claims to the compiled program that the function was carried out
successfully when the OS has no way of knowing this until the
function has actually physically been carried out just so as to
optimize its resources? The specific functions we are talking about
here are the fclose() and fopen() functions. Can't get more basic
than these.
I hear that LSD and DMT are great therapies for narrowing the gaps
in one's conceptual continuity.
P.S.
You do have one last hope. His initials are Bill Gates. Yes. He
is your last hope to prevail in this thread. Yes, indeed. If Bill
Gates is so screwed up as to produce an OS that would make such an
assumption as to whether or not a fucntion such as fclose() or
fopen() succeeded before these functions were actually physically
carried out just so he could claim his OS is superbly optimized then
you are all correct.
What do you think?
(I only get a good laugh like this once in about three months.)
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: super strong crypto, phase 3
Date: Sun, 04 Mar 2001 04:49:40 GMT
Recapitulating the development so far:
Any reasonable symmetric encryption using a shared initial key, say
128 bits. One-way channel monitored by the world's greatest
cryptanalytic team. Replacement random key sent every so often,
embedded in the plaintext, say at the end of each block of 512 bits.
I suggested that only half the new key be sent and be shifted into the
previous one, so 64 bits of new key would be sent, for 12.5% overhead.
So far it is clear that a known-plaintext attack is infeasible.
That leaves open some possible avenues of attack, which phase 3
addresses: First block's non-key plaintext (448 bits) shall be
random bits, saved for use similar to an IV *for each subsequent
block*. I.e. to send block N > 0, build the key by shifting key
N-1 and adding in the key bits from block N-1; XOR the next 448
message bits with the saved 448-bit "IV" from block 0, append 64
more random bits for use in the next key, and encrypt using the
latest built key. Note that this completely foils *any* single-
block attack, in addition to addressing the issues that IVs are
usually used for. The only remaining possibility for cryptanalysis
would have to involve simultaneous analysis of multiple blocks,
which offers some hope for the analyst since the "IV" remains
constant across blocks. However, with a different key for each
block it is hard to see how any differential attack could be
mounted. (The use, in a different role, of half the key bits
between adjacent blocks can be eliminated; I only suggested that
to cut down on rekeying overhead.) One could consider some more
complicated use of the "IV" than mere XOR, but as a starting
place we might as well keep it simple.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
