Cryptography-Digest Digest #887, Volume #13 Tue, 13 Mar 01 21:13:00 EST
Contents:
Re: Zero Knowledge Proof (Thomas Wu)
Re: OverWrite: best wipe software? (Dan Hargrove)
Re: => FBI easily cracks encryption ...? (William Hugh Murray)
Re: Encrypt then HMAC or HMAC then Encrypt? (David A Molnar)
Re: GPS and cryptography (David Schwartz)
Re: => FBI easily cracks encryption ...? (SCOTT19U.ZIP_GUY)
Re: Anonymous web surfing? (SCOTT19U.ZIP_GUY)
PGP "flaw" (Brian D Jonas)
Cryptoanalytic tool using dictionary for decryption of substitution&transposition
ciphers ("Roman Szarowski")
Re: PGP "flaw" (Neil Couture)
Re: on-the-fly encryption (Neil Couture)
Re: PGP "flaw" ("Tom St Denis")
CFP: ICPP-HPSECA01 ("Laurence T. Yang")
Re: => FBI easily cracks encryption ...? ("Mxsmanic")
Re: Fractal encryption? ("YGENDELMAN")
Re: Fractal encryption? ("YGENDELMAN")
Re: => FBI easily cracks encryption ...? (Bart Bailey)
----------------------------------------------------------------------------
From: Thomas Wu <[EMAIL PROTECTED]>
Subject: Re: Zero Knowledge Proof
Date: 13 Mar 2001 15:02:51 -0800
[EMAIL PROTECTED] (Bill Unruh) writes:
> In <[EMAIL PROTECTED]> [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
>writes:
>
> > As far as crypto goes. I do know that the key exchanges that
> >occur involve zero knowledge methods. Which may be different
> >from what your calling zero knowledge proofs.
>
> In general this is probably not true. Many exchanges actually convey
> information from one side to the other, and are not zero knowledge. In a
> zero knowledge proof, the only bit of information which is conveyed is
> that the other side knows the relevant bit of information. It conveys
The way I understand it, a protocol can satisfy zero-knowledge
constraints and still exchange a session key. The verifier gets
both the "proof" bit and the session key, but it's still zero
knowledge because the session key leaks no information about the
prover's authentication key.
> nothing whatsoever about what that information is. Thus the ideal logon
> procedure would be to have a zero knowledge proof that the far side
> knows the password but conveys no information about that password
> whatsoever from either side to the other.
--
Tom Wu * finger -l [EMAIL PROTECTED] for PGP key *
E-mail: [EMAIL PROTECTED] "Those who would give up their freedoms in
Phone: (650) 723-1565 exchange for security deserve neither."
http://www-cs-students.stanford.edu/~tjw/ http://srp.stanford.edu/srp/
------------------------------
From: [EMAIL PROTECTED] (Dan Hargrove)
Crossposted-To: alt.hacker
Subject: Re: OverWrite: best wipe software?
Date: 13 Mar 2001 23:22:52 GMT
This was Sam Tolvanen's (the author of Eraser) response to my point about
the question of using pseudo-random data for the random passes;
From: [EMAIL PROTECTED] (Sami Tolvanen)
Newsgroups: alt.comp.freeware
Subject: Re: A freeware progie to ERASE data...
On 13 Mar 2001 19:09:33 GMT, Dan Hargrove <[EMAIL PROTECTED]> wrote:
>The reason I would use it, is that it has the "Gutman" method of
>overwriting, though not perfectly implemented, as it uses pseudo-random
>data for the random passes, rather than perfectly random data.
Any random data created using arithmetic means is called pseudorandom,
and it is pretty much the best we can do with computers, especially if
large amount of random data is required. You may want to read Donald
Knuth's The Art of Computer Programming, Volume 2 for more information
about the subject.
Eraser uses cryptographically strong pseudorandom data created with
ISAAC prng for overwriting. This should satisfy even the most demanding
users, if not, anyone is free to modify the source code to fit their
needs.
As a side note, Dr. Gutmann's paper mentions that cryptographically
strong randomness is required only when deciding the order of the 27
deterministic overwriting passes. Therefore, Eraser not only meets the
requirements when it comes to the quality of random data used, it
exceeds them.
--
Sami Tolvanen
http://www.tolvanen.com/sami/
------------------------------
From: William Hugh Murray <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: => FBI easily cracks encryption ...?
Date: Tue, 13 Mar 2001 23:59:06 GMT
Sundial Services wrote:
> I doubt that NSA spends any effort at all in "FUDding,"
I agree. However, they expend a great deal of energy in disinformation. It is the
FBI that is the subject of this thread. Do you doubt that they are in engaged in
FUD?
> however, since
> the best thing to do is always to merely keep one's mouth shut. It's
> even a proverb that, if you listen long enough to one man's boasting,
> you will soon know every secret about him.
You can learn a great deal about the NSA by watching their smile.
> And, "loose lips sink ships." So, let them remain a mystery. It's part
> of their mission.
I think that most of us here would have been content to do so. The thread began
with their "boasting." More essentially it began with their playing of the "great
game."
William Hugh Murray
New Canaan, Connecticut
------------------------------
From: David A Molnar <[EMAIL PROTECTED]>
Subject: Re: Encrypt then HMAC or HMAC then Encrypt?
Date: 14 Mar 2001 00:23:32 GMT
David Wagner <[EMAIL PROTECTED]> wrote:
> David A Molnar wrote:
>>They are worried about chosen-ciphertext attacks. Which become much harder
>>if a MAC is applied to the ciphertext.
> Don't chosen-ciphertext attacks also become much harder if a MAC
> is applied to the plaintext and if the decryption operation is
> bijective?
Yes - that makes sense. I think the worry is that if the MAC is part of the
encrypted string, and if the encryption scheme is malleable, then the
adversary can change the MAC and the plaintext at the same time. Still, since
the adversary doesn't have the private key, he shouldn't be able to create a
valid MAC even on a chosen message...
-David
------------------------------
From: David Schwartz <[EMAIL PROTECTED]>
Subject: Re: GPS and cryptography
Date: Tue, 13 Mar 2001 16:21:10 -0800
Steve Portly wrote:
> In this case GPS is an extra layer of protection. I am suggesting that the time it
> takes the signal to travel to and from the satellite could be used for
>authentication
> purposes. Unless an adversary is closer to the satellite then the intended recipient
> the speed of light is a limiting factor to the adversary. A good point to point
> encryption system would include a tightly limited carrier frequency. Lag time would
> change predictably as the relative position of the satellite to the recipient
> changes. An executive traveling on a jet and using a cell phone link for their
> laptop computer would be projected as a point traveling several hundred meters per
> second in reference to the ground in pretty much a straight line. If the
> communication lag time between parties were measured to the nanosecond, the lag time
> for each segment of the communication could be tightly monitored and difficult to
> spoof. Of course if this were a commercial jet and you were using a laptop computer
> you had better have your back to a bulkhead and use the type of screen display that
> cannot be read from the aisle.
I can't imagine how GPS could possibly be used for this purpose,
considering that it's a receive-only technology. Almost any conceivable
back channel you can imagine would have significant jitter and delay and
so you couldn't measure return arrival time to the desired level of
accuracy.
In any event, for an executive travelling in a jet, you wouldn't know
where the jet was supposed to be unless you also had some radar system.
An attacker could also set up radar to track the jet. So you have no
more knowledge of the executive's location than an attacker, so it's
useless as a key.
Further, unless you're talking about an MitM attack, the attacker has
no need to transmit or fake being the executive. He can operate entirely
passively, tracking the location of the sender and decoding the message
the exact same way the legitimate recipient does.
DS
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: => FBI easily cracks encryption ...?
Date: 14 Mar 2001 00:29:34 GMT
[EMAIL PROTECTED] (Mxsmanic) wrote in
<htvr6.52217$[EMAIL PROTECTED]>:
snip...
>And I dare say that the cracking of some cryptosystems (perhaps even
>PGP--a lot of parties of interest to national security may be using it)
>is such an important secret in itself that the NSA would never disclose
>the fact of having cracked them to a (relative) information sieve like
>the FBI.
>
>
It may well be that the NSA has already told them they can break
PGP. But even if they told the FBI most would most likely consider
it disinformation. The problem is the government tells so many lies
who knows what the truth is.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.xoom.com/ecil/index.htm
Scott LATEST UPDATED source for scott*u.zip
http://radiusnet.net/crypto/ then look for
sub directory scott after pressing CRYPTO
Scott famous Compression Page
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Anonymous web surfing?
Date: 14 Mar 2001 00:38:33 GMT
[EMAIL PROTECTED] (Curtis R Williams) wrote in
<[EMAIL PROTECTED]>:
>Here's is a URL for a freeware product that routes your connection
>through an annonymity server. http://www.stealth-anonymizer.com.
>
>If I go to www.safeweb.com (or www.traingleboy.com or
>128.223.22.54:8443 or 64.195.245.113:8443) I have no problem
>connecting anywhere (as far as I can tell). I also have an indication
>that my session is encrypted). I'm not sure if Internet Explorer can
>be fooled into displaying the padlock icon-- but I'm willing to accept
>that the comm is confidential.
The thing that has me pissed is safeweb does not work with
Netscape 4.73 or Mozilla I only get it to work with IE and I
trust IE least of all.
>
>Now, go to stealth anonymizer and download the freeware version.
>Install it and set your browser up to use localhost as a proxy on port
>14000 (this is all in the instructions).
>
>Now, using stealth anonymizer, try and connect to triangleboy.
>
>I fail every time. I'm just starting to look at it, but it seems that
>triangleboy refuses a connection if he can't verify your ip address.
>Why would they care if they weren't logging ip addresses?
It may do this to prevent you from looping and bringing the system down.
It also my be that anonymizer is protecting you from what ever the
safeweb people do to your PC that IE lets them do.
>
>This is only of academic intertest to me, but if I was a political
>dissident in a totalitarian state, I'd think twice about using
>triangleboy or safeweb.
Lets assume that the NSA runs safeweb which it most likely does.
At least you have an encrypted ling from your computer to there
so the local ISP guy can't see how much porno your looking at
or see if the naked pics are of his wife. I doubt the NSA would
even care.
>
>Perhaps someone who knows or has the time to figure out what is going
>on here can comment.
>
>
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.xoom.com/ecil/index.htm
Scott LATEST UPDATED source for scott*u.zip
http://radiusnet.net/crypto/ then look for
sub directory scott after pressing CRYPTO
Scott famous Compression Page
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
------------------------------
From: Brian D Jonas <[EMAIL PROTECTED]>
Subject: PGP "flaw"
Date: Tue, 13 Mar 2001 19:40:28 -0500
I suppose everyone here already knows about the PGP "flaw" that has been
in the PGP program for the last 4 years? It's no wonder that the inventor
of PGP has left the company.... Media can call it a "flaw" but we all know
it is a back door that uses the public key method...
here is a quote from cnn.com's report on it
"As it turns out, this flaw has actually existed since 1997, back when
Phil Zimmermann, the original developer of PGP, added the data-recovery
feature as he sought to commercialize the product for corporate use, Jones
points out. As a safety measure, corporations want to have a way to
decrypt data that their employees encrypt, Jones notes. "
ok so what was the point of encryption again ? I forgot....
------------------------------
From: "Roman Szarowski" <[EMAIL PROTECTED]>
Subject: Cryptoanalytic tool using dictionary for decryption of
substitution&transposition ciphers
Date: Mon, 12 Mar 2001 14:26:21 +0100
Does anybody have at least trial version of any cryptoanalytic tool
for the classic substitutution and transposition ciphers which use
a dictionary to analyse the ciphertext and just show the possible
plain texts ?
What I found is CAP tool and several versions of Crypto and JCrypto,
but all of this stuff just show the Index of Coincindence, etc.
I need something what automatically tries to analyse the cipertext
without interaction.
-sharkie-
------------------------------
From: Neil Couture <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: PGP "flaw"
Date: Wed, 14 Mar 2001 00:51:23 GMT
can you post an url for this? is this a flaw corresponding to a mathematical
attacks?
Brian D Jonas wrote:
> I suppose everyone here already knows about the PGP "flaw" that has been
> in the PGP program for the last 4 years? It's no wonder that the inventor
> of PGP has left the company.... Media can call it a "flaw" but we all know
> it is a back door that uses the public key method...
>
> here is a quote from cnn.com's report on it
>
> "As it turns out, this flaw has actually existed since 1997, back when
> Phil Zimmermann, the original developer of PGP, added the data-recovery
> feature as he sought to commercialize the product for corporate use, Jones
> points out. As a safety measure, corporations want to have a way to
> decrypt data that their employees encrypt, Jones notes. "
>
> ok so what was the point of encryption again ? I forgot....
------------------------------
From: Neil Couture <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: on-the-fly encryption
Date: Wed, 14 Mar 2001 00:55:10 GMT
It is always possible to Lock memory pages in memory so that the virtual
memory system
does not swap them. And if the file is too big we can encrypt by block.
Which is, anyway, the way
i would do it.
"%NAME%" wrote:
> Hi encryption experts,
>
> I apologize in advance if this message appears twice, because I tried
> posting this once already and it didn't seem to work.
>
> I am a newcomer to cryptography, and I have a question about on-the-fly
> encryption. Many software programs claim to provide on-the-fly
> encryption services, where encryption/decryption of a file is done
> automatically when a file is accessed.
>
> I have a question regarding this concept:
>
> 1) When a file is accessed and on-the-fly encryption is used, where is
> this file stored while I'm using the file? In memory somewhere? What
> if the file is large? The file must be decrypted during use, but it
> cannot be stored in the hard disk, or that would defeat the purpose of
> on-the-fly encryption.
>
> Any reponses will be greatly appreciated.
>
> Thank you,
> Betty
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: PGP "flaw"
Date: Wed, 14 Mar 2001 01:06:13 GMT
"Brian D Jonas" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> I suppose everyone here already knows about the PGP "flaw" that has been
> in the PGP program for the last 4 years? It's no wonder that the inventor
> of PGP has left the company.... Media can call it a "flaw" but we all know
> it is a back door that uses the public key method...
>
> here is a quote from cnn.com's report on it
>
> "As it turns out, this flaw has actually existed since 1997, back when
> Phil Zimmermann, the original developer of PGP, added the data-recovery
> feature as he sought to commercialize the product for corporate use, Jones
> points out. As a safety measure, corporations want to have a way to
> decrypt data that their employees encrypt, Jones notes. "
>
> ok so what was the point of encryption again ? I forgot....
>
Wow you are amazingly out of touch with reality. I bet this is referring to
the ADK bug which has been fixed about 3 months ago.
Why not try READING THE BLOODY WEBSITE WHERE PGP IS HOSTED!!!!
Tom
------------------------------
From: "Laurence T. Yang" <[EMAIL PROTECTED]>
Subject: CFP: ICPP-HPSECA01
Date: Tue, 13 Mar 2001 21:10:15 -0400
Dear Colleagues:
Please find the CFP for HPSECA-00 workshop! Please forward this
message to your department members and all interested colleagues. Sorry for this
if you are not interested in! Sincere apology if you receive multiple copies
of this email.
CALL FOR PAPER
The 3rd Workshop on High Performance Scientific and Engineering
Computing with Applications (HPSECA-01)
Valencia, Spain, September 03-07, 2001
in conjunction with
2001 INTERNATIONAL CONFERENCE ON PARALLEL PROCESSING (ICPP-2001)
Scope and Interests:
Parallel and distributed scientific and engineering computing has become
a key technology which will play an important part in determining, or at
least shaping, future research and development activities in many
academic and industrial branches. This special workshop is to bring
together computer scientists, applied mathematicians and researchers to
present, discuss and exchange idea, results, work in progress and
experience of research in the area of parallel and distributed
computing for problems in science and engineering applications.
Among the main topics (but not limited to) are:
* development of advanced parallel and distributed methods,
* parallel and distributed computing techniques and codes,
* practical experiences using various supercomputers with software
such as MPI, PVM, and High Performance Fortran, OpenMP, etc.
* applications to numerical fluid mechanics and material sciences,
* applications to signal and image processing, dynamic systems,
semiconductor technology, and electronic circuits and system
design etc.
Submission Information:
Authors should send one copy of paper in either PS or PDF format at
most 15 pages to the workshop organizers ([EMAIL PROTECTED] or
[EMAIL PROTECTED] )
via electronic mail or three copies via postal mail. Contributions will
be reviewed by at least three reviewers from both Program Committee and
external reviewers for relevance and technical contents on basis of
papers. Accepted papers with at most 8 pages will be published by IEEE
Computer Society Press as proceedings of the ICPP 2001 workshops. A
special issue of International Journal of Supercomputer Applications and
High Performance Computing is scheduled.
Further information about the conference proceedings and
registration fee can be found by web sites:
http://www.stfx.ca/people/lyang/activities/icpp01-hpseca.html
http://www.cis.ohio-state.edu/~panda/icpp01/workshops.html
Important Deadlines:
Paper submission Due (April 1, 2001!!)
Notification of Acceptance May 1, 2001
Final camera-ready paper June 1, 2001
Workshop Organizers:
Prof. Laurence T. Yang (chair)
Department of Computer Science
PO Box 5000, St. Francis Xavier University
Antigonish, B2G 2W5, Nova Scotia, Canada
[EMAIL PROTECTED]
Prof. Yi Pan (Co-Chair)
Department of Computer Science,
Georgia State University, Atlanta, GA 30303, USA
Email: [EMAIL PROTECTED]
Technical Committee: (see conference page)
------------------------------
From: "Mxsmanic" <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: => FBI easily cracks encryption ...?
Date: Wed, 14 Mar 2001 01:21:25 GMT
"SCOTT19U.ZIP_GUY" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> It may well be that the NSA has already told
> them they can break PGP.
One wonders which part they would crack. Perhaps the most
straightforward attack might be against the encryption of the private
key; if the passphrase is short (or, worse yet, completely absent) and
uses only common words, a brute-force attack might work.
A problem, though, is that you'd need the private key of the _other_
party to read messages sent, unless your spy encrypts a copy to himself.
Whether or not it would be preferable to attack the modulus of one of
the public keys or the session key used for encryption itself would
depend on the length and algorithm of the former and the length and
algorithm of the latter.
I suspect, though, that neither the public keys nor the encryption keys
would yield to brute-force attacks, if the bad guy had them both cranked
up high enough, so the passphrase attack might be easiest. The FBI
claimed that _something_ took a year, apparently; a short modulus could
be factored in that time, and DES would never take that long to crack.
Interesting, but I guess we won't know for sure for a couple of decades,
unless the FBI blabs again.
------------------------------
From: "YGENDELMAN" <[EMAIL PROTECTED]>
Subject: Re: Fractal encryption?
Date: Sat, 3 Mar 2001 22:18:26 -0600
Hi all,
There is also CACR - Centre of Applied Cryptography,
University of Waterloo (Canada):
http://www.cacr.math.uwaterloo.ca/ , "Technical Reports"
or directly:
http://www.cacr.math.uwaterloo.ca/tech_reports.html
Yuri Gendelman
[EMAIL PROTECTED]
"David A Molnar" <[EMAIL PROTECTED]> wrote in message
news:97ncv3$ije$[EMAIL PROTECTED]...
> John A. Malley <[EMAIL PROTECTED]> wrote:
>
> > Chaos for Stream Cipher
> > Authors: Ninan Sajeeth Philip, K. Babu Joseph
> > Comments: 8 pages 6 figures
> > Subj-class: Cryptography and Security
>
> I hadn't realized that the LANL site had papers on crypto. One more site
to
> monitor.
>
> Besides eprint.iacr.org, what other preprint archives/sites are there
worth
> looking at in cryptography?
>
------------------------------
From: "YGENDELMAN" <[EMAIL PROTECTED]>
Subject: Re: Fractal encryption?
Date: Sat, 3 Mar 2001 22:27:51 -0600
Hi all,
There is also CACR - Centre of Applied Cryptography,
University of Waterloo (Canada):
http://www.cacr.math.uwaterloo.ca/ , "Technical Reports"
or directly:
http://www.cacr.math.uwaterloo.ca/tech_reports.html
Yuri Gendelman
[EMAIL PROTECTED]
"John A. Malley" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
>
> David A Molnar wrote:
> [snip]
>
> > Besides eprint.iacr.org, what other preprint archives/sites are there
worth
> > looking at in cryptography?
>
> I only know of and monitor (on an at-least weekly basis) two preprint
> services - the IACR and the LANL sites.
>
> The LANL site covers number theory, group theory, physics and cryptology
> preprints. There's a computer science specific subject index at
>
> http://xxx.lanl.gov/archive/cs
>
> and a mathematics specific subject index at
>
> http://xxx.lanl.gov/archive/math
>
> and there's the already cited IACR cryptology preprint site at
>
> http://eprint.iacr.org
>
> Does anyone know any more crypto preprint sites? Google search didn't
> reveal any more to me.
>
>
> John A. Malley
> [EMAIL PROTECTED]
------------------------------
From: Bart Bailey <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp
Subject: Re: => FBI easily cracks encryption ...?
Date: Tue, 13 Mar 2001 18:04:06 -0800
SCOTT19U.ZIP_GUY wrote:
> [EMAIL PROTECTED] (Mxsmanic) wrote in
> <htvr6.52217$[EMAIL PROTECTED]>:
>
> snip...
>
> >And I dare say that the cracking of some cryptosystems (perhaps even
> >PGP--a lot of parties of interest to national security may be using it)
> >is such an important secret in itself that the NSA would never disclose
> >the fact of having cracked them to a (relative) information sieve like
> >the FBI.
> >
> >
>
> It may well be that the NSA has already told them they can break
> PGP. But even if they told the FBI most would most likely consider
> it disinformation. The problem is the government tells so many lies
> who knows what the truth is.
Sometimes the bigger secret isn't what they have or can do, but what they
don't have or can't do.
~~Bart~~
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
