Cryptography-Digest Digest #956, Volume #13 Tue, 20 Mar 01 20:13:00 EST
Contents:
Re: What do we mean when we say a cipher is broken? (John Myre)
GET RICH!!!!!!!!!!! (NO SCAM) (Stephanie Woods)
Re: Advice on storing private keys (John Myre)
Re: looking for "Crowds" (John Savard)
Re: A future supercomputer (Anne & Lynn Wheeler)
Re: Simple XOR "pseudo encryption" : Question about my test ("Fred")
Re: How to eliminate redondancy? (moving steadily towards being computer science
terminology) (Joe H. Acker)
Re: How to eliminate redondancy? (moving steadily towards being computer science
terminology) (SCOTT19U.ZIP_GUY)
Re: looking for "Crowds" (SCOTT19U.ZIP_GUY)
Re: Quantum Computing & Key Sizes (A)
Re: looking for "Crowds" (Steve Portly)
Re: Fast and Easy crypt send (amateur)
Re: can't find the unix crypt(1) command these days ("Douglas A. Gwyn")
Re: NSA in the news on CNN ("Douglas A. Gwyn")
----------------------------------------------------------------------------
From: John Myre <[EMAIL PROTECTED]>
Subject: Re: What do we mean when we say a cipher is broken?
Date: Tue, 20 Mar 2001 15:56:24 -0700
David Wagner wrote:
<snip>
> You are confusing the security goal with whether we can
> prove that the cipher lives up to this goal.
>
> Just because we can't prove that a cipher is Crowley-secure
> doesn't mean that the notion isn't useful. It's the right
> goal to shoot for, and if anyone finds an attack that shows
> that Rijndael is not Crowley-secure, then I'd argue we should
> re-consider whether Rijndael is the best cipher to use.
I think we are at a bit of a tangent from one another.
I agree that the notion of Crowley-security is useful. I
agree that it's the right goal to shoot for. I agree that
lack of such security is cause to reconsider.
What I disagree with is that "broken" is the right word
to use for a certificational weakness that has no practical
effects. I think that Crowley-security need not be the
*only* security notion. It think it is reasonable to
have more categories than "secure" and "not".
Whether thoughts in this direction are actually useful
depends on how close we are to real Crowley-security. If
Rijndael, or any comparable cipher, were to be proven
to be secure in this sense, then anything less would be
of highly questionable value. This could happen at any
time.
It's also possible that it will never happen. The (ideal)
OTP security proof rests on a great deal of real randomness.
It isn't obvious that there is such a thing as an algorithm
that produces cryptographically strong pseudo-random bits.
(You remember, I'm sure, von Neumann's characterization of
the idea as "sin".) (Please don't quibble that he really
meant that we shouldn't forget the "pseudo".)
I'll repeat a question I asked somewhere else. Is RC4
"broken" because we can tell the keystream isn't random?
Don't we need a different way to summarize this, than
putting RC4 in the same category as, say, A5? Without
having to say RC4 is "secure; well, except for ..."?
JM
------------------------------
From: Stephanie Woods <[EMAIL PROTECTED]>
Subject: GET RICH!!!!!!!!!!! (NO SCAM)
Date: Tue, 20 Mar 2001 23:03:29 GMT
: GET RICH QUICK (NO SCAM)
: HOW TO BECOME GET RICH
: HOW TO TURN SIXTY DOLLARS INTO MILLIONS OF DOLLARS: READING THIS COULD
CHANGE YOUR LIFE! IT DOES WORK! I found this on a bulletin board and
decided to try it. A little while back, I was browsing through
newsgroups, just like you are now, and came across an article similar to
this that said you could make hundreds of thousands of dollars within
weeks (which would soon turn into millions) with only an initial
investment of $60.00! So I thought, "Yeah right, this must be a scam",
but like most of us, I was curious, so I kept reading. Anyway, it said
that you send $10.00 to each of the 6 names and address stated in the
article. You then place your own name and address in the bottom of the
list at #6, and post the article in at least 250 newsgroups. (There are
thousands) No catch, that was it. So after thinking it over, and talking
to a few people first, I thought about trying it. I figured: "what have
I got to lose except 6 stamps and $60.00, right?" Then I invested the
measly $60.00 (I use the word "measly" because $60 really is measly
compared to the money I have made through the initial investment). Well
GUESS WHAT!?... within 7 days, I started getting money in the mail! I
was shocked! I figured it would end soon, but the money just kept coming
in. In my first week, I made about $250.00. By the end of the second
week I had made a total of over $10,000.00! In the third week I had over
$100,000.00 and it's still growing. This is now my fourth week and I
have made a total of just over $420,000.00 and it's still coming in
rapidly. It's certainly worth $60.00, and 6 stamps, I have spent more
than that on the lottery!! Let me tell you how this works and most
importantly, WHY it works... Also, make sure you print a copy of this
article NOW, so you can get the information off of it as you need it. I
promise you that if you follow the directions exactly, that you will
start making more money than you thought possible by doing something so
easy! Suggestion: Read this entire message carefully! (print it out or
download it.) Follow the simple directions and watch the money come in!
It's easy. It's legal. And, your investment is only $60.00 (Plus
postage)
: IMPORTANT: This is not a rip-off; it is not indecent; it is not
illegal; and it is 99% no risk - it really works! If all of the
following instructions are adhered to, you will receive extraordinary
dividends. PLEASE NOTE: Please follow these directions EXACTLY, and
$500,000 or more can be yours in 20 to 60 days. This program remains
successful because of the honesty and integrity of the participants.
Please continue its success by carefully adhering to the instructions.
You will now become part of the Mail Order business. In this business
your product is not solid and tangible, it's a service. You are in the
business of developing Mailing Lists. Many large corporations are happy
to pay big bucks for quality lists. However, the money made from the
mailing lists is secondary to the income which is made from people like
you and me asking to be included in that list. Here are the 4 easy steps
to success:
: STEP 1: Get 6 separate pieces of paper and write the following on each
piece of paper "PLEASE PUT ME ON YOUR MAILING LIST." Once added to the
list, each person will send you a new component and/or moneymaking
advice to help you along the way. This advice has been passed down
person to person and is very helpful. Now get 6 US $10.00 bills (or a
combination of bills totaling $10) and place ONE inside EACH of the 6
pieces of paper so the bill will not be seen through the envelope (to
prevent thievery). Next, place one paper in each of the 6 envelopes and
seal them. You should now have 6 sealed envelopes, each with a piece of
paper stating the above phrase, your name and address ,and $10.00 bill.
What you are doing is creating a service. THIS IS ABSOLUTELY LEGAL! You
are requesting a legitimate service and you are paying for it! Like most
of us I was a little skeptical and a little worried about the legal
aspects of it all. So I checked it out with the U.S. Post Office
(1-800-725-2161) and they confirmed that it is indeed legal. Mail the 6
envelopes to the following addresses:
: #2) Natalie Walker643 North 47th Avenue West Duluth, MN 55807
: #3) AJ Armbrust 3731 Grand Avenue Duluth, MN 55807
: #4) Steve Wehvila 3155 Vernon St. Duluth, MN 55806
: #5) James Rush 621QueenAvenueMinneapolis,MN55411
: #6) Boris Jamp 6547 Jordan River Dr. Las Vegas, NV 89156
: #6) Christoph L Ross 1137 S Rifle Cir. Aurora CO 80017
: STEP 2: Now take the #1 name off the list that you see above, move the
other names up (6 becomes 5, 5 becomes 4, etc...) and add YOUR Name as
number 6 on the list.
: STEP 3: Change anything you need to, but try to keep this article as
close to original as possible. Now, post your amended article to at
least 250 newsgroups. (I think there are close to 24,000 groups) All you
need is 250, but remember, the more you post, the more money you make!
You won't get very much unless you post like crazy.
: :)This is perfectly legal! If you have any doubts, refer to Title 18
Sec. 1302 & 1341 of the Postal lottery laws. Keep a copy of these steps
for yourself and, whenever you need money, you can use it again, and
again. PLEASE REMEMBER that this program remains successful because of
the honesty and integrity of the participants and by their carefully
adhering to the directions. Look at it this way. If you are of
integrity, the program will continue and the money that so many others
have received will come your way. NOTE: You may want to retain every
name and address sent to you, either on a computer or hard copy and keep
the notes people send you. This VERIFIES that you are truly providing a
service. (Also, it might be a good idea to wrap the cash in dark paper
to reduce the risk of mail theft.) So, as each post is downloaded and
the directions carefully followed, six members will be reimbursed for
their participation as a List Developer with one dollar each. Your name
will move up the list geometrically so that when your name reaches the
#1 position you will be receiving hundreds of thousands of dollars in
CASH!!! What an opportunity for only $60.00 ($10.00 for each of the
first six people listed above) Send it now, add your own name to the
list and you're in business!
: DIRECTIONS ----- FOR HOW TO POST TO NEWSGROUPS------------
: Step 1) You do not need to re-type this entire letter to do your own
posting. Simply put your cursor at the beginning of this letter and drag
your cursor to the bottom of this document (so that the document is
"highlighted"), and select 'copy' from the edit menu. This will copy the
entire letter into the computer's memory.
: Step 2) Open a blank 'notepad' file (such as in Microsoft Word) and
place your cursor at the top of the blank page. From the 'edit' menu
select 'paste'. This will paste a copy of the letter into notepad so
that you can add your name to the list.
: Step 3) Save your new notepad file as a .txt file. If you want to do
your postings in different settings, you'll always have this file to go
back to.
: Step 4) Use Netscape or Internet explorer and try searching for
various newsgroups (on-line forums, message boards, chat sites,
discussions.)
: Step 5) Visit these message boards and post this article as a new
message by highlighting the text of this letter and selecting paste from
the edit menu. Fill in the Subject, this will be the header that
everyone sees as they scroll through the list of postings in a
particular group, click the post message button. You're done with your
first one! Congratulations...THAT'S IT! All you have to do is jump to
different newsgroups and post away, after you get the hang of it, it
will take about 30 seconds for each newsgroup! **REMEMBER, THE MORE
NEWSGROUPS YOU POST IN, THE MORE MONEY YOU WILL MAKE! BUT YOU HAVE TO
POST A MINIMUM OF 250** That's it! You will begin receiving money from
around the world within days! You may eventually want to rent a P.O. Box
due to the large amount of mail you will receive. If you wish to stay
anonymous, you can invent a name to use, as long as the postman will
deliver it. **JUST MAKE SURE ALL THE ADDRESSES ARE CORRECT.**
: Now the WHY part: Out of 250 postings, say I receive only 5 replies (a
very low example). So then I made $50.00 with my name at #6 on the
letter. Now, each of the 5 persons who just sent me $1.00 make the
MINIMUM 250 postings, each with my name at #5 and only 5 persons respond
to each of the original 5, that is another $250.00 for me, now those 25
each make 250 MINIMUM posts with my name at #4 and only 5 replies each,
I will bring in an additional $1250.00! Now, those 125 persons turn
around and post the MINIMUM 250 with my name at #3 and only receive 5
replies each, I will make an additional $6260.00! OK, now here is the
fun part, each of those 625 persons post a MINIMUM 250 letters with my
name at #2 and they each only receive 5 replies, that just made me
$31,250.00!!! Those 3,125 persons will all deliver this message to 250
newsgroups with my name at #1 and if still 5 persons per 200 newsgroups
react I will receive $150,625,00! With an original investment of only
$60.00! AMAZING! When your name is no longer on the list, you just take
the latest posting in the newsgroups, and send out another $60.00 to
names on the list, putting your name at number 6 again. And start
posting again. The thing to remember is: do you realize that thousands
upon thousands of people all over the world are joining the internet and
reading these articles everyday?, JUST LIKE YOU are now!! So, can you
afford $60.00 and see if it really works?? I think so... People have
said, "what if the plan is played out and no one sends you the money? So
what! What are the chances of that happening when there are tons of new
honest users and new honest people who are joining the internet and
newsgroups everyday and are willing to give it a try? Estimates are at
20,000 to 50,000 new users, every day, with thousands of those joining
the actual internet. Remember, play FAIRLY and HONESTLY and this will
really work.
: NOTE: This program can and will work for you as long as you post the
message in at least 250 newsgroups (e.g. message boards). This might
take a long time, probably several hours. But remember, as far fetched
and ridiculous as it seems, if you follow all the instructions of this
system, you will become rich within an extremely short period of time.
Believe me, IT'S WORTH IT!!! I just urge you to be fair and honest. As
long as each person (including you!) sends $10 to everyone on the list,
everybody (also including you!) will become extremely wealthy within
just a couple of months, and will start receiving money within the first
week or two!
: Legal Note: This system is perfectly legal. It is not a lottery or a
scheme intending to defraud, it is rather a business. It is part of the
mail order business. By receiving money from others, you do not offer
them a lottery or any prize based on chance; you simply offer them a
service (i.e. placing them on your mailing list), which they request in
their letter. By definition, this is a service: a consumer desires
something (being put on your mailing list) and is willing to pay for it,
and you fulfill their desire by performing the service of putting their
name on your mailing list for a set fee. By sending money to others and
writing "please place me on your mailing list", you do not ask to be
entered into a lottery or win a prize based on chance, you are asking
for a service. Therefore, this system is perfectly legal.
------------------------------
From: John Myre <[EMAIL PROTECTED]>
Subject: Re: Advice on storing private keys
Date: Tue, 20 Mar 2001 16:17:19 -0700
> I would like to encrypt
> the private keys for safe keeping, but the passwords/key needs to be
> kept short.
http://www.counterpane.com/low-entropy.html
JM
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Crossposted-To: talk.politics.crypto
Subject: Re: looking for "Crowds"
Date: Tue, 20 Mar 2001 23:38:20 GMT
On Tue, 20 Mar 2001 22:28:12 +0100, Mok-Kong Shen
<[EMAIL PROTECTED]> wrote, in part:
>I like to remark that a primitive way of anonymous browsing
>is to do it from an internet cafe/shop.
Don't you have to give your credit card before they let you access the
Internet?
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
Subject: Re: A future supercomputer
Reply-To: Anne & Lynn Wheeler <[EMAIL PROTECTED]>
From: Anne & Lynn Wheeler <[EMAIL PROTECTED]>
Date: Tue, 20 Mar 2001 23:47:07 GMT
Quisquater <[EMAIL PROTECTED]> writes:
> In this thread nobody was able to give any url: hot air?
> Please if you have the news you've the link: give it.
http://www.research.ibm.com/bluegene
random other URLs/refs:
http://www.garlic.com/~lynn/2000d.html#2
http://www.garlic.com/~lynn/2000d.html#3
http://www.garlic.com/~lynn/95.html#13
--
Anne & Lynn Wheeler | [EMAIL PROTECTED] - http://www.garlic.com/~lynn/
------------------------------
Reply-To: "Fred" <[EMAIL PROTECTED]>
From: "Fred" <[EMAIL PROTECTED]>
Subject: Re: Simple XOR "pseudo encryption" : Question about my test
Date: Mon, 19 Mar 2001 18:52:54 -0500
Hello,
> Study the texts on cryptanalysis recommended in the sci.crypt FAQ.
Thank's
Salutations,
Fred
------------------------------
From: [EMAIL PROTECTED] (Joe H. Acker)
Subject: Re: How to eliminate redondancy? (moving steadily towards being computer
science terminology)
Date: Wed, 21 Mar 2001 00:55:00 +0100
Joseph Ashwood <[EMAIL PROTECTED]> wrote:
> You still seem to be lacking in any significant amount of either computer
> science knowledge, or innate ability to do this.
Even at the risk of additional confusion I'll jump in and re-phrase
again in my words what I believe David Scott has said numerous times.
(1) There's a compression function c() and a decompression function d().
(2) c() has an input range CI and an output range CO, and d() has an
input range DI and an output range DO (all of them are sets of sequences
of valid symbols)
(3) For an ordinary compressor, it should at least hold (apart from
compressing): CO=DI and DO=CI
(4) For a Scott-compressor, there are other requirements (apart from
compressing):
(4a) Every possible permutation of any sequence that is an element in CO
must be an element of DI.
(4b) Every element of CO must be an element of DI.
(4c) Every element of DO must be an element of CI.
Well, perhaps that's not exact enough, I'm not a professional at all.
I'm also not sure wether (4c) must hold. But the important point is
(4a): Every possible permutation of an output of the compression
function can be decompressed. Even if my try to give it a more precise
definition has failed, at least this simple concept should be clear.
The question is: Does a Scott-compressor as explained in (4) enhance
security when it actually compresses and the output is fed into a cipher
---compared to an ordinary compressor---, or does it not? If it does,
how much security is gained? What's your estimate?
Does nobody here know an answer to these questions?
Regards,
Erich
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: How to eliminate redondancy? (moving steadily towards being computer
science terminology)
Date: 21 Mar 2001 00:03:48 GMT
[EMAIL PROTECTED] (Joseph Ashwood) wrote in <uw4MhAZsAHA.355@cpmsnbbsa07>:
>You still seem to be lacking in any significant amount of either
>computer science knowledge, or innate ability to do this.
>
Actually I am familar with RSA maybe much more so than you.
I would not consider RSA good for normal encryption neither
would any one else use it for such. The problem with RSA
was as keys for it got longer due to faster and more efficent
breaks its key lenght had to enlarge. The RSA key had to be very
long. This made for problems with the extreemly short session keys.
Since it was not making full use. Also RSA is considered
very weak to choosen plain text attacks. Thats one reason
why the seesion key is padded to length needed for encryption
to pass a random session key as used in PGP. it needs to appear
as random to make it harder to break.
If RSA is your corner stone as to an ideal encryption
product you have a lot to learn Joe.
>Specifying things down to "encryption" and "compression" is useless and
>very much limits your ability to see what is actually happening. So
>please stop trying to take offense and start trying to understand what
>is being said.
>
Your the one who lacks the understanding my friend get real.
One can add random padding that can be used as in RSA to hide
weakness. But one useually tries to exaimine an encryption system
before you pull out the GOD of Randomness as a last resort to
make it better.
Now if you would care to actually learn about encryption.
What it needs to be what it needs to not be. I suggest you
actually re-read what I said before.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.xoom.com/ecil/index.htm
Scott LATEST UPDATED source for scott*u.zip
http://radiusnet.net/crypto/ then look for
sub directory scott after pressing CRYPTO
Scott famous Compression Page
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Crossposted-To: talk.politics.crypto
Subject: Re: looking for "Crowds"
Date: 21 Mar 2001 00:13:41 GMT
[EMAIL PROTECTED] (John Savard) wrote in
<[EMAIL PROTECTED]>:
>On Tue, 20 Mar 2001 22:28:12 +0100, Mok-Kong Shen
><[EMAIL PROTECTED]> wrote, in part:
>
>>I like to remark that a primitive way of anonymous browsing
>>is to do it from an internet cafe/shop.
>
>Don't you have to give your credit card before they let you access the
>Internet?
>
How would they know its yours assuming they required a
credit card?
>John Savard
>http://home.ecn.ab.ca/~jsavard/crypto.htm
>
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.xoom.com/ecil/index.htm
Scott LATEST UPDATED source for scott*u.zip
http://radiusnet.net/crypto/ then look for
sub directory scott after pressing CRYPTO
Scott famous Compression Page
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
------------------------------
From: A <[EMAIL PROTECTED]>
Subject: Re: Quantum Computing & Key Sizes
Date: Wed, 21 Mar 2001 00:49:51 +0000
On 12 Mar 2001 00:39:27 GMT, [EMAIL PROTECTED] (Bill Unruh) wrote:
>In <vJTq6.241159$[EMAIL PROTECTED]> Tom McCune
><[EMAIL PROTECTED]> writes:
>
>
>]Using currently available official PGP public key sizes, would such Quantum
>]Computing attacking have a significant time difference in factoring a 2048
>]bit key, instead of a 4096 bit key?
I thought it went as N cubed. I.e. 8 times.
______________________________________________________________________
Posted Via Uncensored-News.Com - Still Only $9.95 - http://www.uncensored-news.com
With Six Servers In California And Texas - The Worlds Uncensored News Source
------------------------------
From: Steve Portly <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto
Subject: Re: looking for "Crowds"
Date: Tue, 20 Mar 2001 19:49:00 -0500
"SCOTT19U.ZIP_GUY" wrote:
> [EMAIL PROTECTED] (John Savard) wrote in
> <[EMAIL PROTECTED]>:
>
> >On Tue, 20 Mar 2001 22:28:12 +0100, Mok-Kong Shen
> ><[EMAIL PROTECTED]> wrote, in part:
> >
> >>I like to remark that a primitive way of anonymous browsing
> >>is to do it from an internet cafe/shop.
> >
> >Don't you have to give your credit card before they let you access the
> >Internet?
> >
>
> How would they know its yours assuming they required a
> credit card?
But what if you don't have a company card?
>
>
> >John Savard
> >http://home.ecn.ab.ca/~jsavard/crypto.htm
> >
>
> David A. Scott
> --
> SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
> http://www.jim.com/jamesd/Kong/scott19u.zip
> Scott famous encryption website **now all allowed**
> http://members.xoom.com/ecil/index.htm
> Scott LATEST UPDATED source for scott*u.zip
> http://radiusnet.net/crypto/ then look for
> sub directory scott after pressing CRYPTO
> Scott famous Compression Page
> http://members.xoom.com/ecil/compress.htm
> **NOTE EMAIL address is for SPAMERS***
> I leave you with this final thought from President Bill Clinton:
------------------------------
From: amateur <[EMAIL PROTECTED]>
Subject: Re: Fast and Easy crypt send
Date: Tue, 20 Mar 2001 19:53:46 -0400
I think that you did not understand my system.
First communication ( your hearing)
I'm just going to encrypt a message "x"
suppose that message "x" is = in binary system 1001
I choose randomly (prng) 2 odd numbers : 3 and 9
and two even : 0 and 8
Just sample. Ok
I encrypt 1001 to 3089
I send the message using a key 1253. So I send M + k = 3089 +1253 = 4342
So you have 4342.
Second communication
I send for example the same "x" 1001
I choose randomly 2 new odds and 2 new even to encrypt 1001
1001 = 7445 ok?
I use the same key 1253. I send M+k= 7445 + 1253 = 9698.
You heard the 9698.
Now you are calculate the difference to eliminate the key.
Difference E2 - E1 = 5356 !!!!
So what do you can deduce with 5356????
Is there any relation you can exploit????
Explain me please. I'm dummy. I will be very happy to understand.
I encrypted the same message Without changing the key and changing (the
more important for me) the two categories.
Imagine that I use in second communication vowels and consonants.
How could you exploit that?
Thank you.
So
Joseph Ashwood wrote:
>
> "amateur" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > Do you think that if you use RSA using any big prime number is secure?
>
> Actually any selected primes of the appropriate size are acceptable.
>
> > Do you think that if you use DES using any key is secure?
>
> Quite the contrary, (almost) any use of DES is insecure.
>
> > If you think that crypting bit by random characters has yet been done,
> > so give me a reference.
> Well deterministic expansion is old hat so encrypting by random numbers is
> all that's left, and that has been done since at least Vigenere.
>
> > I will be glad to read it.
>
> Try any book on cryptanalysis.
>
> > If you think that sending via network, not the encrypted message, but
> > the way to calculate it. If I use f(k)= a1*k1 +a2*k2+ ....an*kn+ b
> > And I send a1, a2, ...,b using k1,k2,...,kn you will find it???
>
> First, learn how to avoid the term security by obscurity. Second learn how
> to perform cryptanalysis. Third realize just exactly how weak every system
> you have proposed is. Then you can begin to design systems that are likely
> to withstand analysis.
>
> > Thank mister cryptographer who is try to create a secret community with
> > his own language.
> > It's seems becoming like a sect.
>
> I have not tried to keep you out of anything, I have simply pointed out what
> is wrong with what you are suggesting. If I were to claim that a 1 wheeled
> car was superior in every way to any production car being used. Would I be
> taken seriously by the car community? No I wouldn't, that car would have
> great difficulty steering, would fall over if the passengers weren't all the
> same weight, would have acceleration troubles, etc. I would not expect the
> car community to treat the idea any better than your ideas have been treated
> here.
>
> The difference is in the level of observable knowledge about the subject
> that we are given throughout our lives. We have all been subjected to large
> amounts of this type of car is better, we know that the car companies put a
> massive amount of research into their cars, we can easily see the results of
> changing the design of a car. In cryptography we have no such imbued
> knowledge, instead we make replacing assumptions that we equate to
> knowledge. This is the fundamental problem that everyone faces when coming
> in to cryptography, this is the issue that reading books on cryptography
> will help address. This reading will help you take a look at DES and go "Oh
> (*&^ that's a lot better than my design" it will help you realize that
> f(k)=a1*k1+........... won't be effective because it's a completely linear
> equation and will take at most n+1 messages to break, less if you're
> unlucky. I made these same mistakes myself, when I first came to the world
> of cryptography I thought I knew most of it already, that idea changed in a
> hurry, I'm now on my third copy of Applied Cryptography (the first having
> self-destructed and the second a gift to a friend who thought he wanted to
> do crypto). No it's not as easy of a path as it first seems, I mean what
> could be more interesting than screwing up other peoples information? In
> truth it's a lot harder than that, and takes much more work. Simply by the
> fact that you have posted more than 2 ciphers in a year tells us that you
> are not taking as much time to analyze them as you should, in order for a
> good cryptanalyst to verify that a cipher really is strong takes 1000 hours
> of work, minimum, that is how much work Counterpane labs has put into
> Twofish. Bruce Schneier (of Counterpane) is not a cryptanalytic amateur in
> any way he has several years worth of experience to work from.
>
> I recently posted a cipher, that was only the second that I have posted in
> the 5 years that I have been reading this group, it hasn't been around a
> full week yet, and I'm ready to publish some differential analysis against
> it, in fact I'm hoping someone manages to break it. Go ahead have a look at
> it, see if you can find anything wrong with it, "Cipher Idea #1 Block Cipher
> 512-bit block, arbitrary keysize (long)" see if you can find anything
> against it, I'll give you a couple of days to look before I reveal the
> differential information I have found.
> Joe
>
> > Thank you sir.
> There's no need to call me sir.
------------------------------
Crossposted-To: comp.security.misc
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: can't find the unix crypt(1) command these days
Date: Wed, 21 Mar 2001 00:16:43 GMT
Dan Jacobson wrote:
> However I don't see it being shipped along with debian or mandrake.
Have you tried the 7th Edition UNIX distribution (using one of the
available PDP-11 emulators)?
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: NSA in the news on CNN
Date: Wed, 21 Mar 2001 00:14:52 GMT
"SCOTT19U.ZIP_GUY" wrote:
> I don't trust Hollywood. But its possible the precived view
> as presented by Hollywood actually casts them in far less evil
> way than they really are.
I suppose it's "possible" if you don't have accurate information.
In which case, why are you forming an opinion on the matter?
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
