Cryptography-Digest Digest #830, Volume #13 Wed, 7 Mar 01 16:13:00 EST
Contents:
Re: Any news on the KFB mode? (Terry Ritter)
Re: Encryption software ("Paul Pires")
Re: TV Licensing (Was: => FBI easily cracks encryption ...?) (Sundial Services)
Re: TV Licensing (Was: => FBI easily cracks encryption ...?) (Ron B.)
OT: Re: TV Licensing (Was: => FBI easily cracks encryption ...?) ("Sam Simpson")
Re: Buy a PDF edition of Applied Cryptography of Bruce SCHNEIER ("Ryan Phillips")
BBS ("Dobs")
Re: OT: Re: TV Licensing (Was: => FBI easily cracks encryption ...?) (Sundial
Services)
Re: => FBI easily cracks encryption ...? (Jim D)
Re: => FBI easily cracks encryption ...? (Jim D)
Re: => FBI easily cracks encryption ...? (Jim D)
Re: One-time Pad really unbreakable? (Jim D)
Re: One-time Pad really unbreakable? (Jim D)
Re: => FBI easily cracks encryption ...? (Vernon Schryver)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Terry Ritter)
Subject: Re: Any news on the KFB mode?
Date: Wed, 07 Mar 2001 18:49:28 GMT
On Wed, 07 Mar 2001 10:55:12 +0100, in
<[EMAIL PROTECTED]>, in sci.crypt Volker Hetzer
<[EMAIL PROTECTED]> wrote:
>Paul Crowley wrote:
>>
>> Volker Hetzer <[EMAIL PROTECTED]> writes:
>> > However, BBS was "proven" once too and later it turned out that
>> > nevertheless it wasn't the perfect solution either.
>>
>> You mean BBS is detectably biased? Gosh - tell me more!
>No, I didn't mean that.
>If I remember correctly there was something about short cycles
>or so. As soon as google has the articles in his earch engine
>you can look up the original discussion there.
I was there. I claimed that weak short cycles do exist in
cryptographic "BB&S." There was much discussion, but in the end that
was agreed.
The idea that insecure selections do in fact exist in a
"mathematically proven secure" construction was and is disturbing.
There was much mathematical posturing about how such a thing could not
happen, because if it did, that would amount to factoring N which had
been mathematically proven to be impossible. That posturing was
wrong: short cycles do exist, they are insecure, and selection at
random may in fact get one.
Short cycles are not a problem in the original BB&S construction,
because real BB&S actually checks that the selected cycle has a known
length. Real BB&S thus absolutely prevents short cycles, albeit with
significant effort, while the current cryptographic "BB&S" just hopes
they won't occur. To me, "hoping weakness won't occur" seemed and
seems an odd form of "cryptographic proof."
The cryptographic "BB&S" argument is that short cycles are very, very
rare. Thus, short cycles are not a security problem in practice for
cryptographic "BB&S," because they are hardly ever, ever selected.
And that is about all we should expect from asymptotic proof.
A practical ramification is that people often assume that
"mathematically proven secure" is the same as "cannot fail," which the
BB&S discussion has shown to be both false and misleading. That has
the dual effect of both depreciating mathematical claims, and also
encouraging proofs with limited but more interesting coverage.
---
Terry Ritter [EMAIL PROTECTED] http://www.io.com/~ritter/
Crypto Glossary http://www.io.com/~ritter/GLOSSARY.HTM
------------------------------
From: "Paul Pires" <[EMAIL PROTECTED]>
Subject: Re: Encryption software
Date: Wed, 7 Mar 2001 10:49:12 -0800
Ben Cantrick <[EMAIL PROTECTED]> wrote in message
news:985tq0$[EMAIL PROTECTED]...
> In article <[EMAIL PROTECTED]>,
> Joe H. Acker <[EMAIL PROTECTED]> wrote:
> >Problem is that most people don't have the resources to test such
> >programs, and the people who have the resources might not be allowed to
> >admit they have or publish test results.
> >
> >Second problem: Most encryption programs use special file formats,
> >headers or internal compression/encoding. Thus, you cannot use official
> >test vectors to see if the algorithms return the correct result. Ask the
> >vendor if he has tested his implementations with the official test
> >vectors. Anyway, you really need to get in touch with the author(s) of
> >the product, except the unlikely case that you have a lot of time and
> >the skills to reverse-engineer the product.
>
> Very well said.
>
> >3. Is the encryption stronger than that of PGP?
> >
> >If the programmer asserts that his app is stronger than PGP without
> >giving very detailed reasons (and perhaps source code), his app is
> >likely to be less strong than PGP. In my opinion, when you ask about
> >very strong encryption, any responsible crypto author should not only
> >answer with considerations about the strength of the algorithms used,
> >but also point out that there are many many possible side-channel
> >attacks you have to watch for.
>
> This is a biggie. A lot of people, time and work have gone into
> making PGP what it is now. Anyone who claims they're better than PGP
> all around is naive/stupid, lying, or a flippin' genius. You can
> probably guess the radio of stupids and shysters to geniuses...
I didn't understand this one when the OP said it and I don't understand
now. No demonstratable or quantifiable proof is availiable for PGP.
How can another reasource be compared to it. Seems like it is a sideways
step around the trust issue. "I only trust industry recognized approaches
that have stood some test of time"
If some one says they are better, the response is "prove it"
If someone says they are not better, the response is "why bother"
Seems like the author should justify his existence without falling
into the double bind of camparisons to current mile markers.
Just my two cents.
Paul
>
> >4. If the app can produce binary files without special encoding, or you
> >can seperate the plain binary ciphertext (no special encoding) from such
> >files, try compressing that data. The compression rate should be very
> >low. (anyone please correct me if that's wrong)
>
> Not necessarily "very low", but it should be significantly lower than
> the plaintext. The key and algorithm should add a good bit of randomness
> into the data, which should make compression less efficient.
>
> >5. How does the app know which key was the right one?
> >
> >If the programmer asnwers that the key in any way is stored somewhere,
> >but assures you that there's no way to retrieve it (because it's
> >encrypted or such), throw away his program. [...]
>
> Guess we better throw away PGP then. ;] The versions I'm familiar with
> keeps your private key on disk, encrypted with IDEA(?). The passphrase you
> enter acts as a key for the IDEA encryption.
>
> But yeah, in general this is a bad idea. Cryptographic hashes are
> probably a better idea, provided they're using a good one.
>
>
> -Ben
> --
> Ben Cantrick ([EMAIL PROTECTED]) | Yes, the AnimEigo BGC dubs still suck.
> BGC Nukem: http://www.dim.com/~mackys/bgcnukem.html
> The Spamdogs: http://www.dim.com/~mackys/spamdogs
> "I went looking for trouble... and boy... I found her." -Type O Negative
------------------------------
Date: Wed, 07 Mar 2001 11:54:45 -0700
From: Sundial Services <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: TV Licensing (Was: => FBI easily cracks encryption ...?)
Ahh... so THAT'S how those sitcoms get paid for! It seems that BBC
should be getting enough revenue from American public-television
stations. I mean, here in the States, if there's not a pledge-drive
going on, all you can get is British "humor," political commentaries
from folks who look like they witnessed the Civil War first-hand, and
Teletubbies. ;-) Which is why I prefer books. And news groups. ;-)
;-)
Having to buy a *license* ... to watch *Teletubbies.* Hmm....
Sam Simpson wrote:
>
> John Niven <[EMAIL PROTECTED]> wrote in message
> news:WOtp6.930$[EMAIL PROTECTED]...
> > > (You have to own a license to watch TV in Britain? Fortunately I have a
> > > simple solution for that, having not watched TV at all for years... by
> > > choice.)
> >
> > Not quite right - you have to own a license to own a TV. Subtle, but it
> > meant that the small colour set I had solely to use with my
> "micro-computer"
> > during the 80's required a license.
> >
> > If you have no aerial (eg. you used
> > your TV just for watching pre-recorded videos or DVDs) you're still
> required
> > to buy a license.
>
> That's not true at all. The TV Licensing Authority hardly trumpets the
> fact, but "using television receiving equipment to receive or record
> television programme services you are required by law to have a valid TV
> licence." Owning a TV to watch DVD's, videos or use connected to a computer
> DOES NOT require a license.
>
------------------------------
From: Ron B. <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: TV Licensing (Was: => FBI easily cracks encryption ...?)
Date: Wed, 07 Mar 2001 14:03:10 -0500
=====BEGIN PGP SIGNED MESSAGE=====
Hash: SHA1
On Wed, 07 Mar 2001 11:54:45 -0700, Sundial Services
<[EMAIL PROTECTED]> wrote:
>Ahh... so THAT'S how those sitcoms get paid for! It seems that BBC
>should be getting enough revenue from American public-television
>stations. I mean, here in the States, if there's not a pledge-drive
>going on, all you can get is British "humor," political commentaries
>from folks who look like they witnessed the Civil War first-hand,
>and Teletubbies. ;-) Which is why I prefer books. And news
>groups. ;-) ;-)
>
>Having to buy a *license* ... to watch *Teletubbies.* Hmm....
>
(Big Snip)
And that is the English Civil War they seem to have witnessed
=====BEGIN PGP SIGNATURE=====
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>
iQA/AwUBOqaF4wzUoy7OvTSOEQIZHwCfc35BUtIVM8buOTJVLFuaefarjlgAoNcs
nbUGmJPfbjRVi6eC+eaKwvBM
=keLc
=====END PGP SIGNATURE=====
------------------------------
From: "Sam Simpson" <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: OT: Re: TV Licensing (Was: => FBI easily cracks encryption ...?)
Date: Wed, 7 Mar 2001 19:05:16 -0000
(At the risk of extending the life of a wayyyyyyyyyyyyyy off topic thread ;)
Out of interest, what British comedies do you guys get? More importantly,
which of these do you think is funny? Which don't appeal?
--
Regards,
Sam
http://www.scramdisk.clara.net/
Sundial Services <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Ahh... so THAT'S how those sitcoms get paid for! It seems that BBC
> should be getting enough revenue from American public-television
> stations. I mean, here in the States, if there's not a pledge-drive
> going on, all you can get is British "humor," political commentaries
> from folks who look like they witnessed the Civil War first-hand, and
> Teletubbies. ;-) Which is why I prefer books. And news groups. ;-)
> ;-)
>
> Having to buy a *license* ... to watch *Teletubbies.* Hmm....
>
>
> Sam Simpson wrote:
> >
> > John Niven <[EMAIL PROTECTED]> wrote in message
> > news:WOtp6.930$[EMAIL PROTECTED]...
> > > > (You have to own a license to watch TV in Britain? Fortunately I
have a
> > > > simple solution for that, having not watched TV at all for years...
by
> > > > choice.)
> > >
> > > Not quite right - you have to own a license to own a TV. Subtle, but
it
> > > meant that the small colour set I had solely to use with my
> > "micro-computer"
> > > during the 80's required a license.
> > >
> > > If you have no aerial (eg. you used
> > > your TV just for watching pre-recorded videos or DVDs) you're still
> > required
> > > to buy a license.
> >
> > That's not true at all. The TV Licensing Authority hardly trumpets the
> > fact, but "using television receiving equipment to receive or record
> > television programme services you are required by law to have a valid TV
> > licence." Owning a TV to watch DVD's, videos or use connected to a
computer
> > DOES NOT require a license.
> >
------------------------------
From: "Ryan Phillips" <[EMAIL PROTECTED]>
Subject: Re: Buy a PDF edition of Applied Cryptography of Bruce SCHNEIER
Date: Wed, 7 Mar 2001 11:32:56 -0800
Wrong book, sorry.
-Ryan
"Ryan Phillips" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> I'm surprised no one has mentioned this link:
> http://www.cacr.math.uwaterloo.ca/hac/
>
> The fourth edition of the book is in pdf or postscript format is and is a
> free download. It is only for personal use.
>
> Regards,
> Ryan Phillips
>
> "Latyr Jean-Luc FAYE" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > Hi
> >
> > It's the 2nd post of this message as I haven't seen the first one
appear
> on
> > the NG.
> >
> > I bought one printed copy of the book Applied Cryptography in a Book
> shop.
> > But I have to share it with four other people. So I think that it can be
> > easier for us to have it in PDF and put it in our Intranet.
> > Where can I buy the PDF version of the book
> > Thanks in advance.
> > Latyr
> >
> >
> >
> > --
> > Latyr Jean-Luc FAYE
> > http://faye.cjb.net
> >
> >
>
>
------------------------------
From: "Dobs" <[EMAIL PROTECTED]>
Subject: BBS
Date: Wed, 7 Mar 2001 20:37:49 +0100
I have a question. How should good Blum Blum Shub Generator looks like? I
know that it needs 2 large prime numbers p and q. Should this generator have
its own large prime number generator to generate new p and q each time we
found our seed. Or it does not metter and I can for instance declare that p
is such and q is such.
If it needs generator can somebody tell me one wchich would be proper for
BBS, I mean will generate large prime numbers:
Best Regards:)
Michal
------------------------------
Date: Wed, 07 Mar 2001 12:55:46 -0700
From: Sundial Services <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: OT: Re: TV Licensing (Was: => FBI easily cracks encryption ...?)
I think that =is= way off topic. Let's not pursue that. After all, I
suspect that's a lot of what those "TV monitoring" trucks are actually
doing. And remember, I don't watch TV anyway.
Sam Simpson wrote:
>
> (At the risk of extending the life of a wayyyyyyyyyyyyyy off topic thread ;)
>
> Out of interest, what British comedies do you guys get? More importantly,
> which of these do you think is funny? Which don't appeal?
>
> --
> Regards,
>
> Sam
> http://www.scramdisk.clara.net/
------------------------------
From: [EMAIL PROTECTED] (Jim D)
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: => FBI easily cracks encryption ...?
Date: Wed, 07 Mar 2001 20:45:09 GMT
Reply-To: Jim D
On Tue, 6 Mar 2001 15:05:32 -0000, "John Niven" <[EMAIL PROTECTED]>
wrote:
>> Europeans have always tolerated police forces that demand that
>> each and every citizen "register" his/her residence with the
>> ...
>
>Ah, excuse me for interrupting, but I'm a "foreigner" (a New Zealander)
>living in Scotland. I've never been required to register with the police.
>The closest I've come is reporting my passport lost. I guess I'm probably
>on a government file from when I applied for a visa (several years ago), but
>if the government know my current address it's through other mechanisms.
Commonwealth citizens aren't aliens.
>> ... police. Americans never have.
>
>Not entirely true, though I'd concede that the US Government cited "National
>Emergency" to justify registration by, and internment of, numerous citizens
>of Japanese and German ancestry. Horst Feistel invented Lucifer (DES) for
>IBM, but during the Second World War was placed under house arrest.
...and IBM was very active in helping Hitler to round
up the Jews.
--
___________________________________________
Posted by Jim Dunnett
George Dubya Bushisms No 4:
I understand small business growth,
I was one.
[EMAIL PROTECTED]
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Jim D)
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: => FBI easily cracks encryption ...?
Date: Wed, 07 Mar 2001 20:45:10 GMT
Reply-To: Jim D
On Wed, 07 Mar 2001 04:28:37 GMT, CR Lyttle <[EMAIL PROTECTED]> wrote:
>> TEMPEST "eavesdropping" is very resource intensive and not something that's done at
>random. If that van's
>> parked across the street, you did something to bring it
>> there.
>I've seen and built system for less than $100 that can read your monitor
>from across the street. Several countries have regular patrols checking,
>from the street, what their citizens are watching on TV or listening to
>on radios. (Does England still do that?).
I don't know about England, but Wales certainly does.
I had to buy a TV licence last month. They have equipment
which can tell which channel you're watching. But basically
they find unlicenced TV sets from their records and only
visit houses which haven't purchased a licence.
Not much point in visting those that have a licence!
Radios aren't now licenced in B R I T A I N.
--
___________________________________________
Posted by Jim Dunnett
George Dubya Bushisms No 4:
I understand small business growth,
I was one.
[EMAIL PROTECTED]
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Jim D)
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: => FBI easily cracks encryption ...?
Date: Wed, 07 Mar 2001 20:45:10 GMT
Reply-To: Jim D
On Wed, 7 Mar 2001 09:40:17 -0000, "John Niven" <[EMAIL PROTECTED]>
wrote:
>> > what their citizens are watching on TV or listening to
>> > on radios. (Does England still do that?).
>> Can you post details about this? I've always thought it was an urban
>> myth except under lab conditions.
>
>Britain's TV Licensing Department used to claim that they had handheld
>detectors capable of not only detecting that you were watching TV, but also
>which channel. I don't know anyone who's been caught by such a device,
>though I do know people who have been caught for other reasons. The current
>advertising drive suggests that all they know, and need to know, is who
>doesn't own a TV license.
>
>Sorry, hardly conclusive either way, but suggesting that earlier detection
>claims may have lacked foundation.
It's quite true. Mainly they rely on records, but they
have a handheld tracking device which can do everything
it's been rumoured to do.
There was a report in a local newspaper recently which
showed the 'detector van' and the handheld device which
was about the size of a compter keyboard.
The van contained mainly a computer and copies of the
licencing records.
--
___________________________________________
Posted by Jim Dunnett
George Dubya Bushisms No 4:
I understand small business growth,
I was one.
[EMAIL PROTECTED]
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Jim D)
Subject: Re: One-time Pad really unbreakable?
Date: Wed, 07 Mar 2001 20:45:11 GMT
Reply-To: Jim D
On Wed, 7 Mar 2001 11:00:09 GMT, Tim Tyler <[EMAIL PROTECTED]> wrote:
>Mxsmanic <[EMAIL PROTECTED]> wrote:
>
>: One-time pads are indeed unbreakable, and provably so.
>
>Only in mathematical never-never land. The OTP "specification" does not
>offer any prescription for the generation of suitable random numbers -
>and since no such recipe is likely to be forthcoming, the "provably
>secure" OTP will never make it off the paper and into the real world.
I can send you a piece of OTP cipher and I'll guarantee
you won't break it in a million years.
(And the key won't have to be 'completely random', whatever
that means.
--
___________________________________________
Posted by Jim Dunnett
George Dubya Bushisms No 4:
I understand small business growth,
I was one.
[EMAIL PROTECTED]
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Jim D)
Subject: Re: One-time Pad really unbreakable?
Date: Wed, 07 Mar 2001 20:45:12 GMT
Reply-To: Jim D
On Wed, 07 Mar 2001 13:07:06 GMT, [EMAIL PROTECTED] (John
Savard) wrote:
>On Wed, 7 Mar 2001 11:00:09 GMT, Tim Tyler <[EMAIL PROTECTED]> wrote, in
>part:
>
>>Only in mathematical never-never land. The OTP "specification" does not
>>offer any prescription for the generation of suitable random numbers -
>>and since no such recipe is likely to be forthcoming, the "provably
>>secure" OTP will never make it off the paper and into the real world.
>
>In that case, Las Vegas ought to find another industry with which to
>support itself.
>
>In other words: here is a counterexample - a sequence of physically
>generated random numbers that cannot effectively be predicted. The
>series of numbers generated by throwing dice and the like is indeed
>sufficiently clearly unpredictable that the mathematical proof of the
>OTP is still highly relevant - even if the unbreakability of a "real"
>OTP is no longer at the absolute level of truth of a mathematical law,
>it is still quite obviously at a high enough level of confidence to
>warrant no concern over attacks based on using the previous key to
>determine the position of all the molecules in the room and so on.
>
>Of course, key distribution can be compromised, but that can happen to
>any system.
Quite so.
OTP's weaknesses (human ones apart) are key distribution
and key cancellation to avoid re-use. Overcome these
problems and it's perfectly secure in the real world.
--
___________________________________________
Posted by Jim Dunnett
George Dubya Bushisms No 4:
I understand small business growth,
I was one.
[EMAIL PROTECTED]
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Vernon Schryver)
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: => FBI easily cracks encryption ...?
Date: 7 Mar 2001 13:53:42 -0700
In article <[EMAIL PROTECTED]>,
Sundial Services <[EMAIL PROTECTED]> wrote:
> ...
>Most radio receivers work on a "heterodyne" (sp?) principle in which
>they inject a mixdown signal of the desired frequency into the signal
>that's coming in from the antenna...
That's true today, but maybe not long.
The electronics trade rags are full of amazing talk about various
commercially available schemes for connecting an ADC (analog to digital
converter) directly to the raw high frequency RF, and doing everything
else digitally. One of the motivations seems to be devices that can cope
with varying wireless phone and data standards simply by changing software.
A radio transmission at a few MHz is as slow compared to a GHz
computer as a 9600 bit/sec async bit stream was to cheap computers
20 years ago. 20 years ago, it was common to "bit bang" async RS-232
to avoid needing a UART.
As far as I can tell, a completely digital receiver is not quite
practical for TV. Portable devices using GHz radio still seem
to use IF stages, but with computers and DSP's running at ever
higher GHz rates, that might not last.
I don't know what all of this implies for detecting unlicensed TV's.
It might be irrelevant if the authorities listen to the noise from
the CRT's in most TV's. However, that might be harder with the various
flat-panel displays. In other words, are flat panels naturally more
TEMPEST resistant?
Vernon Schryver [EMAIL PROTECTED]
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
