Cryptography-Digest Digest #933, Volume #13 Sun, 18 Mar 01 14:13:01 EST
Contents:
Re: How to eliminate redondancy? ("Tom St Denis")
PGP key expiration (was Re: Encryption software) (Benjamin Goldberg)
Re: Cryptoanalysis of stream cipher ("Tom St Denis")
Re: IDEAL ENGLISH TEXT RIJNDAEL ENCRYPTION ("Henrick Hellstr�m")
Re: Cryptoanalysis of stream cipher (Frank Gerlach)
Re: Profile analysis and known plaintext (Frank Gerlach)
Re: Profile analysis and known plaintext (Frank Gerlach)
Re: Profile analysis and known plaintext ("Tom St Denis")
Re: Cryptoanalysis of stream cipher ("John A. Malley")
old RNG request ("Tom St Denis")
Re: Idea (amateur)
Re: Idea (amateur)
FISHING (bandjur)
Re: Profile analysis and known plaintext (Steve Portly)
Re: Idea (John Joseph Trammell)
Re: Idea (John Joseph Trammell)
Re: IDEAL ENGLISH TEXT RIJNDAEL ENCRYPTION (SCOTT19U.ZIP_GUY)
Re: How to eliminate redondancy? (SCOTT19U.ZIP_GUY)
Re: IDEAL ENGLISH TEXT RIJNDAEL ENCRYPTION (John Savard)
Re: Idea (amateur)
----------------------------------------------------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: How to eliminate redondancy?
Date: Sun, 18 Mar 2001 16:11:08 GMT
"SCOTT19U.ZIP_GUY" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> [EMAIL PROTECTED] (Douglas A. Gwyn) wrote in <[EMAIL PROTECTED]>:
>
>
> >> Compression goes along why towards solving the problem if it
> >> allows for any possible input block.
> >
> >All commonly used compression schemes work for any input.
> >
> >
>
> Here is where you maybe missing it. Compression is a two
> sided coin. compression/decompression. Most people are so
> focused on the frontside they fail to check the backdoor.
> True most compressors at the front door the compresion side
> do handle all 8-bit byte binary files. But they leave the
> back door wide open. They don't handle the decompression of
> all possible files. If they did it then
> 1) for any file X then compress( uncompress(X))= X
> would be true for all files.
> This in something anyone can check. Take a file use
> Notepad enter a message "hello world" save it as a file.
> Now uncompress it with any of your favorite compressors.
> Most will fail on the spot possibly giving an error message.
> You may have to go to DOS or use some method to change file
> name extension to the type your compressor uses.
> A few will actually do somthing. Next if you get this far
> compress the resultant file using the compressor part of your
> compressor. Know check it with "fc /b file1 file2" see if
> the match. If not your compressor failed.
I still don't see 1-1 as a valid condition for security. I can brute force
your 1-1 system just like I can brute force a non "1-1" compressor.
Tom
------------------------------
From: Benjamin Goldberg <[EMAIL PROTECTED]>
Subject: PGP key expiration (was Re: Encryption software)
Date: Sun, 18 Mar 2001 16:11:32 GMT
Joe H. Acker wrote:
[snip]
> I have another problem with PGP: I once forgot my passphrase for a
> non-expiring key and didn't make a key revocation certificate, which
> means that there will now be two keys (the new one and the old one)
> forever on the keyserver, but I can only decrypt for one. That's
> really bad... and I think this can happen to many unexperienced PGP
> users. Wouldn't it be possible to require regular confirmation of key
> expiry or not, instead of no expiry at all or fixed expiry? That way,
> if somebody lost his passphrase to a private key, he could not confirm
> "no don't expire this public key" and so the public key would expire
> automatically.
It's an interesting idea, but it requires rather alot of work on the
part of the keyserver (ie, regularly asking each user with a
conditionally expiring cert whether or not he wants it to expire).
Plus, if the user goes on vacation, he's got a problem.
A better method would be to design a special "advance expiration date"
message, which one would send to the keyserver, so that we only need a
one-way communication, not a two-way communication.
A more practical solution would be to have PGP automatically create a
key revocation certificate when a new key is made, and nag the user into
putting it on a floppy disk, and further nag him into sticking that
floppy in a safe place.
--
The difference between theory and practice is that in theory, theory and
practice are identical, but in practice, they are not.
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: Cryptoanalysis of stream cipher
Date: Sun, 18 Mar 2001 16:11:34 GMT
"Yevgen" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Hi All!
>
> I need any information about cryptoanalysis of stream cipher.
>
> Thanks in advance.
Which stream cipher?
------------------------------
From: "Henrick Hellstr�m" <[EMAIL PROTECTED]>
Subject: Re: IDEAL ENGLISH TEXT RIJNDAEL ENCRYPTION
Date: Sun, 18 Mar 2001 17:42:56 +0100
"SCOTT19U.ZIP_GUY" <[EMAIL PROTECTED]> skrev i meddelandet
news:[EMAIL PROTECTED]...
> Dear folks I know its hard to get most of you motivated.
> But would there be interest in making a "perfect english"
> encryption using anyone favorite fixed block size cipher.
> Such that any wrong key would lead to valid english text.
Been there, done that. I made such a component for Delphi a year back. It
performs awfully, but it works, and it should still be available for
download somewhere.
--
Henrick Hellstr�m [EMAIL PROTECTED]
StreamSec HB http://www.streamsec.com
------------------------------
From: Frank Gerlach <[EMAIL PROTECTED]>
Subject: Re: Cryptoanalysis of stream cipher
Date: Sun, 18 Mar 2001 18:48:33 +0100
Yevgen wrote:
> Hi All!
>
> I need any information about cryptoanalysis of stream cipher.
>
> Thanks in advance.
This is not a free Intelligence Service. Read a decent book like Bruce
Schneier's "Applied Cryptography" . Then you can come back and ask some
more specific questions.
------------------------------
From: Frank Gerlach <[EMAIL PROTECTED]>
Subject: Re: Profile analysis and known plaintext
Date: Sun, 18 Mar 2001 18:54:31 +0100
Steve Portly wrote:
> Several people have mentioned the use of non numerically intensive
> methods to determine the content of encrypted plain text. Is there
> formal methodology for these techniques? Can actual numerical
> representation for the *advantages gained* through these techniques be
> assigned? You would think that a cross disciplinary investigation of
> the subject would give it some numerical legitimacy as well as a better
> understanding of the subject.
Maybe I missed something, but this seems to be some magical, alien
mechanism do defeat everything from Turing back to Pythagoas :-)
Maybe in a different universe of reasoning...
------------------------------
From: Frank Gerlach <[EMAIL PROTECTED]>
Subject: Re: Profile analysis and known plaintext
Date: Sun, 18 Mar 2001 18:57:01 +0100
Frank Gerlach wrote:
> Steve Portly wrote:
>
> > Several people have mentioned the use of non numerically intensive
> > methods to determine the content of encrypted plain text. Is there
> > formal methodology for these techniques? Can actual numerical
> > representation for the *advantages gained* through these techniques be
> > assigned? You would think that a cross disciplinary investigation of
> > the subject would give it some numerical legitimacy as well as a better
> > understanding of the subject.
>
> Maybe I missed something, but this seems to be some magical, alien
> mechanism do defeat everything from Turing back to Pythagoas :-)
> Maybe in a different universe of reasoning...
Sorry, now I remember, it is called ESP. Heavily used by the FBI..
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: Profile analysis and known plaintext
Date: Sun, 18 Mar 2001 17:30:01 GMT
"Frank Gerlach" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Frank Gerlach wrote:
>
> > Steve Portly wrote:
> >
> > > Several people have mentioned the use of non numerically intensive
> > > methods to determine the content of encrypted plain text. Is there
> > > formal methodology for these techniques? Can actual numerical
> > > representation for the *advantages gained* through these techniques be
> > > assigned? You would think that a cross disciplinary investigation of
> > > the subject would give it some numerical legitimacy as well as a
better
> > > understanding of the subject.
> >
> > Maybe I missed something, but this seems to be some magical, alien
> > mechanism do defeat everything from Turing back to Pythagoas :-)
> > Maybe in a different universe of reasoning...
>
> Sorry, now I remember, it is called ESP. Heavily used by the FBI..
What's an FBI?
Tom
------------------------------
From: "John A. Malley" <[EMAIL PROTECTED]>
Subject: Re: Cryptoanalysis of stream cipher
Date: Sun, 18 Mar 2001 09:46:55 -0800
Yevgen wrote:
>
> Hi All!
>
> I need any information about cryptoanalysis of stream cipher.
>
For a quick introduction and cryptanalysis overview, read Chapter 5,
"Pseudorandom Bits and Sequences" and Chapter 6, "Stream Ciphers", in
"The Handbook of Applied Cryptography" made available on-line at
http://cacr.math.uwaterloo.ca/hac/
Chapter 6 provides references to journal articles on specific attacks
and other info on stream ciphers. Reference details are in the
downloadable References and Appendix sections.
Hope this helps,
John A. Malley
[EMAIL PROTECTED]
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: old RNG request
Date: Sun, 18 Mar 2001 17:43:21 GMT
I had a picture of (http://www.io.com/~ritter/REALRAND/92102201.HTM) the rng
there... I had my friend build one which I attacehd to an 8051. I was
wondering if anyone has a link to the original.... it was a simple website
with a GIF diagram of the circuit...
I think Peter Guttman did it... (sp?)
Tom
------------------------------
From: amateur <[EMAIL PROTECTED]>
Subject: Re: Idea
Date: Sun, 18 Mar 2001 12:54:13 -0400
Thank you for your comments.
But...give only one reference talking about encrypting the bit.
Only one reference.
If you give me one reference, I will never put my foot in this
groupnews.
John Joseph Trammell wrote:
>
> On Sat, 17 Mar 2001 16:09:35 -0400, br <[EMAIL PROTECTED]> wrote:
> > I'm going to explain clearly my idea.
> [snip]
> > Wich strategy, cryptanalysis could use to attack this pre-cipher?
> > Cryptanalist have no knowledge before attacking of what categories are?
> > I used cesar cipher just to be clear. The use of DES will make attack
> > more difficult.
>
> You would learn the answers to your quesions if you would study
> one of the books that describe modern cryptography. Until you
> do that, you are just wasting your time.
------------------------------
From: amateur <[EMAIL PROTECTED]>
Subject: Re: Idea
Date: Sun, 18 Mar 2001 12:59:56 -0400
If you are so confident, I will send you encrypted message with the same
algo and decrypt it.
Ok.
John Joseph Trammell wrote:
>
> On Sat, 17 Mar 2001 16:09:35 -0400, br <[EMAIL PROTECTED]> wrote:
> > I'm going to explain clearly my idea.
> [snip]
> > Wich strategy, cryptanalysis could use to attack this pre-cipher?
> > Cryptanalist have no knowledge before attacking of what categories are?
> > I used cesar cipher just to be clear. The use of DES will make attack
> > more difficult.
>
> You would learn the answers to your quesions if you would study
> one of the books that describe modern cryptography. Until you
> do that, you are just wasting your time.
------------------------------
From: bandjur <[EMAIL PROTECTED]>
Subject: FISHING
Date: Mon, 19 Mar 2001 08:25:31 -0800
http://www.bandjur.co.yu
------------------------------
From: Steve Portly <[EMAIL PROTECTED]>
Subject: Re: Profile analysis and known plaintext
Date: Sun, 18 Mar 2001 13:12:35 -0500
Tom St Denis wrote:
> "Frank Gerlach" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > Frank Gerlach wrote:
> >
> > > Steve Portly wrote:
> > >
> > > > Several people have mentioned the use of non numerically intensive
> > > > methods to determine the content of encrypted plain text. Is there
> > > > formal methodology for these techniques? Can actual numerical
> > > > representation for the *advantages gained* through these techniques be
> > > > assigned? You would think that a cross disciplinary investigation of
> > > > the subject would give it some numerical legitimacy as well as a
> better
> > > > understanding of the subject.
> > >
> > > Maybe I missed something, but this seems to be some magical, alien
> > > mechanism do defeat everything from Turing back to Pythagoas :-)
> > > Maybe in a different universe of reasoning...
> >
> > Sorry, now I remember, it is called ESP. Heavily used by the FBI..
>
> What's an FBI?
>
> Tom
I apologize for keeping the question way to general LOL. If we assume FBI is a
law enforcement acronym, than we could better qualify the question. In this
new only slightly narrowed context we might look at using an encrypted message
senders MO to limit the number of likely or possible plain text messages derived
from a cipher text.
------------------------------
From: [EMAIL PROTECTED] (John Joseph Trammell)
Subject: Re: Idea
Date: Sun, 18 Mar 2001 18:32:27 GMT
On Sun, 18 Mar 2001 12:54:13 -0400, amateur <[EMAIL PROTECTED]> wrote:
[snip type="jeapordectomy"]
> Thank you for your comments.
> But...give only one reference talking about encrypting the bit.
> Only one reference.
> If you give me one reference, I will never put my foot in this
> groupnews.
No, you don't have to leave the group, unless you really want to.
You can even keep posting; it doesn't matter to me. It's just
that many other people have discussed ideas like yours, and
discarded them. They're not "bad", they're just not good. :-)
You ask for one reference, I give you two:
Handbook of Applied Cryptography
Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone
CRC Press
ISBN: 0-8493-8523-7
October 1996, 816 pages
available at http://www.cacr.math.uwaterloo.ca/hac/
Applied Cryptography: Protocols, Algorithms, and Source Code in
C, 2nd Edition
Bruce Schneier
Available via Amazon at e.g. http://www.amazon.com/exec/obidos/
ASIN/0471117099/ref=sim_books/104-7486923-4781544
Sorry about the line wrap there.
------------------------------
From: [EMAIL PROTECTED] (John Joseph Trammell)
Subject: Re: Idea
Date: Sun, 18 Mar 2001 18:36:09 GMT
On Sun, 18 Mar 2001 12:59:56 -0400, amateur <[EMAIL PROTECTED]> wrote:
> If you are so confident, I will send you encrypted message with
> the same algo and decrypt it.
If you are so confident, prove to me that you're qualified to
write a cryptosystem. :-)
You can start by proving to me that you understand the phrase
"security through obscurity" and its implications.
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: IDEAL ENGLISH TEXT RIJNDAEL ENCRYPTION
Date: 18 Mar 2001 18:52:01 GMT
[EMAIL PROTECTED] (Tom St Denis) wrote in
<h55t6.72107$[EMAIL PROTECTED]>:
>
>"SCOTT19U.ZIP_GUY" <[EMAIL PROTECTED]> wrote in message
>news:[EMAIL PROTECTED]...
>> Dear folks I know its hard to get most of you motivated.
>> But would there be interest in making a "perfect english"
>> encryption using anyone favorite fixed block size cipher.
>> Such that any wrong key would lead to valid english text.
>
>WTF? Have you ever considered the fact that RIJNDAEL is not only used to
>encrypt english text? What if I have ASCII symbols in my text?
>
Yes I have considered that. The point was to make a bijective
way to communicate simple english sintences. How do you think
the gemans handled picture with ENIGMA. THey didn't it was for
simple german.
The above was to take a general encryption and make it used for
special encryption that one wants secure. Something you don't
seem to understand.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.xoom.com/ecil/index.htm
Scott LATEST UPDATED source for scott*u.zip
http://radiusnet.net/crypto/ then look for
sub directory scott after pressing CRYPTO
Scott famous Compression Page
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: How to eliminate redondancy?
Date: 18 Mar 2001 18:47:12 GMT
[EMAIL PROTECTED] (Tom St Denis) wrote in
<w65t6.72134$[EMAIL PROTECTED]>:
>
>"SCOTT19U.ZIP_GUY" <[EMAIL PROTECTED]> wrote in message
>news:[EMAIL PROTECTED]...
>> [EMAIL PROTECTED] (Douglas A. Gwyn) wrote in
>> <[EMAIL PROTECTED]>:
>>
>>
>> >> Compression goes along why towards solving the problem if it
>> >> allows for any possible input block.
>> >
>> >All commonly used compression schemes work for any input.
>> >
>> >
>>
>> Here is where you maybe missing it. Compression is a two
>> sided coin. compression/decompression. Most people are so
>> focused on the frontside they fail to check the backdoor.
>> True most compressors at the front door the compresion side
>> do handle all 8-bit byte binary files. But they leave the
>> back door wide open. They don't handle the decompression of
>> all possible files. If they did it then
>> 1) for any file X then compress( uncompress(X))= X
>> would be true for all files.
>> This in something anyone can check. Take a file use
>> Notepad enter a message "hello world" save it as a file.
>> Now uncompress it with any of your favorite compressors.
>> Most will fail on the spot possibly giving an error message.
>> You may have to go to DOS or use some method to change file
>> name extension to the type your compressor uses.
>> A few will actually do somthing. Next if you get this far
>> compress the resultant file using the compressor part of your
>> compressor. Know check it with "fc /b file1 file2" see if
>> the match. If not your compressor failed.
>
>I still don't see 1-1 as a valid condition for security. I can brute
>force your 1-1 system just like I can brute force a non "1-1"
>compressor.
>
NO YOUR CAN"T
Tom I will try to give a simple example you might be able to
under stand but most likely wont. Suppose I have 4 messages
m1: HOW ARE YOU TO DAY
m2: YOUR WIFE IS SEEING JACK TODAY
m3: JACK HAS A MILLION DOLLARS TO GIVE YOU
m4: THE EMEMY IS BOLWING YOUR HOUSE UP TODAY
note these are long messages. Lets say you compress
then to 3 bits.
100
101
110
111
you know have much shorter messages lets encrypt them with
some cool method. Lets say an attacker is looking at
the encrypted message. ANd the encryption system has 4 keys
if the attacker tries all 4 keys and various binary number
come back. But for the message he recieves lets say only one key
actually goes back to one of the 4 possible patterns that
came from your compression. IN this case the attacker has
everything. You have concealed nothing.
you compress to two bits and then encrypt the 2 bits to 2 bits
then every key the attacker is using works so the bijective compression
kept the message secret.
ABOVE IS IDEAL situation in reallity what happens is below:
You compress ascii text wiht wizbang nonbijective compressor
you encrypt with your block cipher. The question arises how
many values of the key will lead to a "possible valid ascii text"
the anwser might well be one one or maybe even two soultions exist.
You look at the very limited number of possibles and select if nescessary
which one it could be.
Next you compress not quite as well but with a real bijective
compressor. Now the attacker has a real problem very possible key
goes back to a "valid ascii file". THe attack has a real problem
if the person smart enough to use a bijective compressor there are
many possilbe solutions. But yes since the compressor was just for
ascii many of the solutions do not make since in english. But still
many will and the attacker can't be sure which one it is.
TOM if you read that ONLINE crypto book you have been bashing
you will realize that ideal crypto system are BIJECTIVE just
read chapter one.
THe idea is to transform in a BIJECTIVE way from the set al all
messages to the set of all ciphertexts. where EACH cipher text
came from a possilbe message. The use of non bijectve compression
as part of a crypto package. Weakens secruity so bad that the
many keys will not map a ciphertext back to a valid message.
If you can't see how this weakens encryption than I can't help you.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.xoom.com/ecil/index.htm
Scott LATEST UPDATED source for scott*u.zip
http://radiusnet.net/crypto/ then look for
sub directory scott after pressing CRYPTO
Scott famous Compression Page
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: IDEAL ENGLISH TEXT RIJNDAEL ENCRYPTION
Date: Sun, 18 Mar 2001 18:55:30 GMT
On Sun, 18 Mar 2001 16:09:49 GMT, "Tom St Denis"
<[EMAIL PROTECTED]> wrote, in part:
>WTF? Have you ever considered the fact that RIJNDAEL is not only used to
>encrypt english text? What if I have ASCII symbols in my text?
Then you use another compression scheme. Perfect removal of entropy,
if it were possible, would be nice, even if it doesn't buy you as much
as might be hoped for. Whatever you use Rijndael to communicate, if
you used a compression function perfectly suited to your plaintexts,
cryptanalysts would have less redundancy to work on.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: amateur <[EMAIL PROTECTED]>
Subject: Re: Idea
Date: Sun, 18 Mar 2001 14:00:29 -0400
Give me a precise reference. I have the book of Menezes.
Cryptography is Substitution and Permutation. All ciphers no more than
that.
Is it obscurity to substitute 0 par x values and 1 by y values?
My idea is clear.
You have no know to know what I use. Because the only output to test the
key in DES is that the ouput seems like english or any other language.
In the case I proposed, you have to read physically the output to ensure
that the key is the key you are looking for.
So the computer is not able to distinguish 2 types of symbols without
knowing it before.
Cryptanalist have to read every output.
That's the difference.
In DES you have block 64 bits enciphered using SP. How do you know that
the ouput for the key k' is corresponding to the secret-key?
In RSA the problem is different because the key has nothing to do with
the plain-text.
John Joseph Trammell wrote:
>
> On Sun, 18 Mar 2001 12:54:13 -0400, amateur <[EMAIL PROTECTED]> wrote:
> [snip type="jeapordectomy"]
> > Thank you for your comments.
> > But...give only one reference talking about encrypting the bit.
> > Only one reference.
> > If you give me one reference, I will never put my foot in this
> > groupnews.
>
> No, you don't have to leave the group, unless you really want to.
> You can even keep posting; it doesn't matter to me. It's just
> that many other people have discussed ideas like yours, and
> discarded them. They're not "bad", they're just not good. :-)
>
> You ask for one reference, I give you two:
>
> Handbook of Applied Cryptography
> Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone
> CRC Press
> ISBN: 0-8493-8523-7
> October 1996, 816 pages
> available at http://www.cacr.math.uwaterloo.ca/hac/
>
> Applied Cryptography: Protocols, Algorithms, and Source Code in
> C, 2nd Edition
> Bruce Schneier
> Available via Amazon at e.g. http://www.amazon.com/exec/obidos/
> ASIN/0471117099/ref=sim_books/104-7486923-4781544
>
> Sorry about the line wrap there.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
