Cryptography-Digest Digest #792, Volume #13 Sun, 4 Mar 01 06:13:01 EST
Contents:
Re: OverWrite freeware completely removes unwanted files fromharddrive (Benjamin
Goldberg)
Re: => FBI easily cracks encryption ...? ("Greg Ofiesh")
Re: Was there ever a CRM-114 Discriminator? (rob osattin)
www.hiddenpoint.com ("Greg Ofiesh")
Re: ARCFOUR and Latin Squares ("r.e.s.")
Re: OT: Legitimacy of Governmental Power (Was: Re: => FBI easily cracks encryption
...?) ("CompuLar")
Re: OT: Legitimacy of Governmental Power (Was: Re: => FBI easily cracks encryption
...?) ("Mxsmanic")
Re: OT: Legitimacy of Governmental Power (Was: Re: => FBI easily cracks encryption
...?) ("Mxsmanic")
Re: OT: Legitimacy of Governmental Power (Was: Re: => FBI easily crack ...?)
([EMAIL PROTECTED])
Re: => FBI easily cracks encryption ...? ("kroesjnov")
Re: philosophical question? (Joe H. Acker)
----------------------------------------------------------------------------
From: Benjamin Goldberg <[EMAIL PROTECTED]>
Crossposted-To: alt.hacker
Subject: Re: OverWrite freeware completely removes unwanted files fromharddrive
Date: Sun, 04 Mar 2001 07:19:05 GMT
"To optimize as you all have been claiming in Ciphile
Software's OverWrite program, the OS would have to LIE that it had
successfully closed the file in order to proceed to carry out a
subsequent write in cache before the actual prior write and close to
the file."
I'm curious; what exactly do you believe that a "close" operation
consists of?
Closing a file does not mean that the cache has been written to disk.
The false idea that it does seems to be the only backing you have to
your claim that your overwrite software actually does write to disk
repeatedly.
What does closing a file actually consist of?
It consists of remove that the entry in the system's table of open
files. It consists of freeing all state associated with the
filedescriptor. Such state may include things like the index to where
the next bytes of the file are to be written, exclusive locks on the
file, possibly other things as well. It also consists of a write
request to be made to update the timestamp on the file. However, there
is nothing about the close operation that requires a disk write occur.
Even if, as Tom said, "Wild speculation is much more fun," you really
ought to find REAL ways to accomplish your goals, instead of throwing
something together, speculating "yeah, this works," and trying to sell
it. It's fun to speculate "this florida real estate is nice" but it
generally doesn't accomplish your goals.
Also, about the OS lying... This is, after all, an M$ program, for
dos/windoze. A sucessful close operation, in a REAL operating system
/should/ free all memory allocated by the program for keeping track of
where to read from/to, etc, in the file. Windowz being a microsloth
product, not all supposedly sucessful closes are. They tend to leak
memory. Maybe some leaks which existed have been patched, but scarcely
all.
--
The difference between theory and practice is that in theory, theory and
practice are identical, but in practice, they are not.
------------------------------
From: "Greg Ofiesh" <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: => FBI easily cracks encryption ...?
Date: Sat, 3 Mar 2001 23:23:28 -0800
"Jim Gillogly" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Jim Taylor wrote:
> >
> > Sometimes I wonder about these groups. Are you all drug dealers or
> > something? What would be so bad about the FBI or NSA, with considerable
> > effort and expense, being able to decrypt a PGP message? Aren't they
the
>
> Many people and companies feel that they have the right and should have
> the ability to decide who gets access to their information. If the FBI
> can break encryption, then it's likely that foreign governments and large
> companies and some individuals can also break the same encryption. The
> NSA scenario is a bit different: if you've determined or decided that your
> data is safe from the NSA, then there's a good chance that it's safe from
> anybody... not that you necessarily want to keep it from the NSA, but it's
> useful to consider them as a very high skill benchmark.
Exactly...
------------------------------
From: rob osattin <[EMAIL PROTECTED]>
Subject: Re: Was there ever a CRM-114 Discriminator?
Date: Sun, 04 Mar 2001 07:30:15 GMT
> Mxsmanic wrote:
> >
> > In Kubrick's classic film _Dr. Strangelove_, airborne SAC bombers use an
> > encryption device called a CRM-114 Discriminator to receive encrypted
> > communications from the ground. The device required a three-letter key
> > (which doesn't sound very secure). Was there ever such a device
> > actually in use?
According to the Federation of American Scientists page on the B-52, one of
its systems is a CRM-114 Discriminator. Here's the link:
http://www.fas.org/nuke/guide/usa/bomber/b-52.htm
This may be a joke by FAS, I can't tell.
------------------------------
From: "Greg Ofiesh" <[EMAIL PROTECTED]>
Subject: www.hiddenpoint.com
Date: Sat, 3 Mar 2001 23:40:01 -0800
I am proud to announce my new web site www.hiddenpoint.com, which will
provide the full source and binaries of my encryption products to date for
free.
Note: I posted this before but it does not appear in the NG. Perhaps a bad
posting service?
------------------------------
From: "r.e.s." <[EMAIL PROTECTED]>
Subject: Re: ARCFOUR and Latin Squares
Date: Sat, 3 Mar 2001 23:39:34 -0800
"Henrick Hellström" <[EMAIL PROTECTED]> wrote in message
news:97savq$p61$[EMAIL PROTECTED]...
| Don't just use any kind of binary operation. It is fairly easy to prove
| that
| you will significantly weaken the cipher unless you use the operation of a
| cyclic abelian group.
Thanks for pointing this out. It does make intuitive sense
that the group should be cyclic (and hence abelian).
Are the 256 Latin Squares that are the value-tables of
(x+y+constant) mod 256 (constant = 0..255)
the only ones corresponding to cyclic groups over Z(256)?
If so, your next sentence seems quite plausible, even though
I haven't been able to follow your argument below.
| But using such an operation won't make much
| difference. Substituting all additions in RC4 for any other cyclic abelian
| group operation, is at most equivalent to changing the key, keeping
| addition
| as the operation, and applying a second, static permutation on the output.
| To prove this, simply eliminate the additions in the following way:
|
| Let G(Z(256),op) be any cyclic abelian group over Z(256).
| Let x(0) = y(0) = e(0) = S(0)[z], where z is the identity of G(Z(256),op).
| Let * denote composition of permutations.
| Let ** denote iteration.
| Let g be any generator of G(Z(256),op).
| Let phi be the isomorphic mapping from G(Z(256),op) into G(Z(256),+) such
| that phi(g) = 1, phi(z) = 0.
| Let sigma(k) be the single cycle permutation such that sigma(k)[S(k)[x]] =
| S(k)[x op g].
If I understand your notation, we can check for consistency
in the special case of op=+, with x(0)=y(0)=e(0)=S(0)[0]=z=0,
g=1, phi(x)=x, and sigma(0) = (0 1 2 3 .. 255).
I may have badly misread your meaning in the following,
so please help me understand your notation if I got it wrong.
(*** marks revisions according to your followup posting.)
| RC4Abelian:
| 1. x := sigma(i)[y(i)].
Is this supposed to correspond to "x = x + 1"?
Maybe x := sigma(i)[x(i)] ?
Whichever it is, I don't see how sigma(i), which evolves
with i, can properly correspond to modulo addition of a
*constant*.
| 2. y := sigma(i)**phi(x)[x(i)]. [***]
Is this supposed to correspond to "y = y + S[x]"?
Maybe y := sigma(i)**phi(x)[y(i)] ?
Whichever it is, in the special case of op=+, this
involves x iterations of sigma(i) for the given i.
I don't see what might correspond to that in RC4.
| 3. sigma(i+1) := (x y)*sigma(i).
Ok, "swap S[x],S[y]"; but what does the following do?
Where was x(i+1) assigned a value?
| 4. if x(i+1) = e(i) then
| e(i+1) := y
| else if y(i+1) = e(i) then
| e(i+1) := x
| else
| e(i+1) := e(i).
| 5. output(i) := sigma(i+1)**phi(x)[sigma(i+1)**phi(y)[e(i+1)]].
I don't understand step 4 at all, but is step 5
supposed to correspond to "output = S[S[x]+S[y]]"?
How?
| 6. x(i+1) := x, y(i+1) := y.
|
| Now, let T(0) be the permutation such that T(0)[phi(x)] = phi(S(0)[x]).
| Let
| tau(k) be the single cycle permutation such that tau(k)[T(k)[x]] =
| T(k)[x+1]. Clearly, we will have T(0)[0] = phi(S(0)[z]), tau(k)[phi(x)] =
| phi(sigma(k)[x]), etc
|
| Let xt(0) = yt(0) = et(0) = T(0)[0]. We have:
|
| RC4:
| 1. x := tau(i)[yt(i)].
| 2. y := tau(i)**x[xt(i)]. [***]
| 3. tau(i+1) := (x y)*tau(i).
| 4. if x = et(i) then
| et(i+1) := y
| else if y = et(i) then
| et(i+1) := x
| else
| et(i+1) := et(i).
| 5. outputt(i) := tau(i+1)**x[tau(i+1)**y[et(i+1)]].
| 6. xt(i+1) := x, yt(i+1) := y.
|
| Given the relation between T(0) and S(0), it trivially follows that xt(1)
| =
| phi(x(1)), yt(1) = phi(y(1)), et(1) = phi(et(1)). Furthermore, one can
| prove
| that phi is multiplicative under composition of permutations, so
| T(1)[phi(x)] = phi(S(1)[x]). Consequently we have that outputt(0) =
| phi(output(0)). The conclusion follows by induction.
[...]
| "r.e.s." <[EMAIL PROTECTED]> skrev i meddelandet
| news:97nq7t$kss$[EMAIL PROTECTED]...
| > ARCFOUR uses mod-256 addition in several of its steps.
| > But for 8-bit arguments, (x+y) mod 256 is just one
| > of a large number of functions whose value-tables are
| > symmetric order-256 Latin Squares. (Another is XOR.)
| >
| > So, consider the even-larger number of ARCFOUR-like
| > ciphers obtainable by replacing some or all of its
| > mod-256 additions by operations defined by other
| > symmetric order-256 Latin Squares. (Many of these,
| > like XOR, are computable via "built-in" functions,
| > but others would require some sort of table lookup,
| > I suppose. If table lookup were used, then we might
| > also consider generating a random symmetric Latin
| > Square for the purpose. Hmm... would that be hard?)
| >
| > All this would be apart from ARCFOUR's final-stage
| > XOR combiner, so invertibility of the Latin Square
| > is not an issue.
| >
| > Is it reasonable to explore this idea further for at
| > least some of the symmetric Latin Squares, e.g. XOR?
| > Or am I missing some flaw that would make it a waste
| > of effort?
------------------------------
From: "CompuLar" <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: OT: Legitimacy of Governmental Power (Was: Re: => FBI easily cracks
encryption ...?)
Date: Sun, 4 Mar 2001 04:19:24 -0500
I call into evidence these weaknesses of the Weimar Constitution:
-- Easy to vote "no confidence," hence parliamentary elections could be held
too frequently, dooming the possibility of a stable government.
-- President given the power to declare states of emergency and to issue
laws by decree.
-- While President was given the power to appoint Chancellor, the Chancellor
had much more domestic power.
I'm not talking about Mein Kampf or the myths propagated in Protocols of the
Elders of Zion or anything like that, which, while used to instill fear and
ignorance, were not, directly, the tools with which the Nazis came to power.
Unfortunately, I don't have at my fingertips right now the date upon which
political parties other than the Nazis were outlawed. However, I believe,
as you can see by the following timeline, the Nazi Party by that time
already had de facto complete control over the German government.
Sept. 1930. President Hindenburg dissolves Parliament at the request of
Chancellor Bruning, whom he had appointed. New Parliamentary elections give
Nazi Party 18.3% of seats, making it the second largest party in the
Parliament, next to the Social Democrats. (President Hindenburg might have
been old and easily influenced by this time, but his actions were not
unconstitutional.)
July 20, 1932. Hindenburg declares Marshall law via presidential decree,
which could not be overridden because Parliament was not in session.
July 31, 1932. Parliamentary elections -- Nazis gain 37.4% (a plurality) of
seats. Not long after, at the request of newly-appointed Chancellor von
Papen, Hindenburg dissolves Parliament, claiming parties could not form a
coalition in order to govern effectively.
November 6, 1932. Nazis gain 33.1% (a plurality) of seats in Parliament.
January 30, 1933. Hindenburg appoints Hitler Chancellor -- once again, a
constitutional power given to the President.
February 4, 1933. Decree for the Protection of the German People, a
Presidential decree, gives the interior minister the power to prohibit group
assembly, subversive literature, and strikes, and police could arrest
individuals involved in such activities.
February 27, 1933. Reichstag Building set on fire.
February 28, 1933. Decree for the Protection of the German People and
State. Transferred many state powers to the national government, imposed
the death penalty, pulled several civil liberties, and widened the
definition of treason.
March 5, 1933. Parliamentary elections -- Nazis gain 43.9% (a plurality)
of seats.
March 13, 1933. A new ministry, the Reich Ministry of People and
Propaganda, created.
1933. Enabling Act passed, allowing the cabinet to issue laws without
Parliament, including laws that violated the constitution, for the following
four years. Needing a 2/3 majority to pass, the Center Party agreed to
support it. Passed 441 to 94 votes.
"William Hugh Murray" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> > Nazi Germany, came to power through
> > constitutionally legitimate means.
>
> Not true. Please go back and read the history again. It is well
documented
> that the Nazis came to power by terror, not by democratic process. They
got
> into government through the application of terror. They were not a
majority in
> government until after they burned the Reichstag. I do not know where
this myth
> got started but it is important to refute it. Democracy may have to
account for
> a lot of sins but that is not one of them.
>
>
------------------------------
From: "Mxsmanic" <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: OT: Legitimacy of Governmental Power (Was: Re: => FBI easily cracks
encryption ...?)
Date: Sun, 04 Mar 2001 09:58:28 GMT
"William Hugh Murray" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Not true. Please go back and read the history
> again. It is well documented that the Nazis came
> to power by terror, not by democratic process.
I'm not aware of anything like this. That the party gained legitimate
power through careful maneuvering is clear, but I'm not aware of
anything it did that was _illegal_. Indeed, after the unsuccessful
putsch that sent Hitler to prison for a year, he vowed not to attempt to
take power illegally again.
The Nazis came to power mainly because Germans voted them into office.
I'm sure it's comforting to think that they somehow achieved power
through some violation of normal democratic procedures, but I don't
believe that was ever actually the case. Had Germans not been so widely
sympathetic to the Nazis, they never would have gotten anywhere.
> Democracy may have to account for a lot of sins
> but that is not one of them.
As I said, it's comforting to think that, but it isn't necessarily true.
Democracy allows despots to be elected, too.
------------------------------
From: "Mxsmanic" <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: OT: Legitimacy of Governmental Power (Was: Re: => FBI easily cracks
encryption ...?)
Date: Sun, 04 Mar 2001 10:03:10 GMT
"CompuLar" <[EMAIL PROTECTED]> wrote in message
news:97t1ba$5s8$[EMAIL PROTECTED]...
> Unfortunately, I don't have at my fingertips
> right now the date upon which political parties
> other than the Nazis were outlawed.
July 14, 1933--considerably after all of the other events you list on
your timeline.
> However, I believe, as you can see by the following
> timeline, the Nazi Party by that time already
> had de facto complete control over the German
> government.
Yes, in fact, it had already installed Hitler as effective dictator by
then.
------------------------------
Date: 4 Mar 2001 10:50:24 -0000
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: OT: Legitimacy of Governmental Power (Was: Re: => FBI easily crack
...?)
From: [EMAIL PROTECTED] ([EMAIL PROTECTED])
William Hugh Murray <[EMAIL PROTECTED]> wrote:
>> Nazi Germany, came to power through
>> constitutionally legitimate means.
>
>Not true. Please go back and read the history again. It is well documented
>that the Nazis came to power by terror, not by democratic process. They got
>into government through the application of terror. They were not a majority in
>government until after they burned the Reichstag. I do not know where
>this myth
>got started but it is important to refute it. Democracy may have to
>account for
>a lot of sins but that is not one of them.
>
Ah ah ah, Willliam. no rewriting of history. Hitler's ascent into power,
and assumption of dictatorial powers, is totally legit.
January 30th, 1933: President Hindenburg decided to appoint Hitler
Chancellor in a coalition government with Papen as Vice-Chancellor.
Feb 27, 1933: The Reichstag burns, and President Hindenburg gave the Nazi
party power to arrest anyone they saw as a threat to the nation.
March 23, 1933: The Enabling Act transferred legislative powers to Hitlers
cabinet for 4 years. Legally passed and placed into effect.
July 14, 1933: Hitler declares Nazism as the only politcal party allowed in
Germany.
When President Hindenburg died, Aug. 2, 1934, the offices of President and
Chancellor were combined. So Hitler became the Fuehrer and Reich Chancellor
of Germany.
So the burning of the Reichstag was almost certainly by the Nazis, they
managed to frame the communists (a guy named Marinus van der Lubbe), and
thereby *LEGALLY* gain more power.
Even though there was a lot of dirty bottom-dealing involved, each step
along the way of Hitler's rise to power was legal. Dirty, but legal.
Sorry.
SD
------------------------------
From: "kroesjnov" <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: => FBI easily cracks encryption ...?
Date: Sun, 4 Mar 2001 11:52:25 +0100
> Yet you do not see the connection to the utility of a Secret Service
> being able to crack an encrypted message (with effort of course), so
> that Jews can be interdicted, who are going to pollute some neighborhood
> in the Netherlands, or any other Country in the World.
Clearly I do not, so it seems.
But fortunately, we do not have to agree on these things.
Ain't freedom off speech a beauty :)
>> Please be patience with me, I may be slow off
>> understanding...
> I agree.
Quite blunt off you, but honest.
"Wisdom lies not in obtaining knowledge, but in using it in the right way"
kroesjnov
email: [EMAIL PROTECTED] (remove nov to reply)
UIN: 67346792
pgp fingerprint: 4251 4350 4242 7764 80DA DB1C E2B2 850A DF15 4D85
------------------------------
From: [EMAIL PROTECTED] (Joe H. Acker)
Crossposted-To: sci.crypt.random-numbers,de.sci.informatik.misc,sci.math
Subject: Re: philosophical question?
Date: Sun, 4 Mar 2001 11:54:38 +0100
Randy Poe <[EMAIL PROTECTED]> wrote:
> It's not less probable. Consider 5 bits. Here are a few possibilities
>
> 11111
> 00000
> 10101
> 11001
> 01110
> 10110
> 01100
>
> None of these sequences is more probable than any other.
That's clear to me.
> >The claim that an individual sequence of only 1's is as probable as a
> >"usual" random sequence seems to contradict directly to the group
> >argument.
>
> Why? What's the contradiction? There are 32 possible ways for 1's and
> 0's to come up, and they're all equally probable. What does that
> contradict?
It was supposed to contradict the claim that the occurance of an all 1's
sequence is as probable as that of any other sequence. But in fact, I
was wrong. ;)
I can now explain my confusion very simply: I took the statement wrong,
that the occurance of an all 1's sequence is as probable as any other
sequence. I was comparing this occurance with the *set* of all other
possible sequences, but this is wrong, because out of the set of other
occurances, only one can actually occur. And if you pick any sequence
out of the set of other possible occurances, this occurance is as likely
as the all 1's sequence.
So I would say that it's correct to claim that the possibility of the
occurance of an all 1's sequence is inprobable compared to the occurance
of *any* other sequence, but still the occurance of any *individual*
sequence is as likely as that of any other *individual* sequence. That's
trivial, and my confusion was based on a simple misconception. (Shame on
me...)
Thanks for all of your answers!
Regards,
Erich
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
