Cryptography-Digest Digest #957, Volume #13 Wed, 21 Mar 01 01:13:01 EST
Contents:
Re: How to eliminate redondancy? (moving steadily towards being computer science
terminology) ("Joseph Ashwood")
Re: Fast and Easy crypt send ("Joseph Ashwood")
Re: How to eliminate redondancy? (moving steadily towards being computer science
terminology) (SCOTT19U.ZIP_GUY)
Is Evidence Eliminator at all useful ?? (T oinker)
Re: NSA in the news on CNN (SCOTT19U.ZIP_GUY)
Re: IDEA test vectors (Kenneth Lantrip)
Re: Computing power in the world (Kenneth Lantrip)
Re: How to eliminate redondancy? (moving steadily towards being computer science
terminology) (SCOTT19U.ZIP_GUY)
Re: Is Evidence Eliminator at all useful ?? ("Tom St Denis")
Re: Is Evidence Eliminator at all useful ?? (David Schwartz)
Re: Is Evidence Eliminator at all useful ?? ("Tom St Denis")
Re: can't find the unix crypt(1) command these days (Dennis Ritchie)
Re: NSA in the news on CNN (JPeschel)
----------------------------------------------------------------------------
From: "Joseph Ashwood" <[EMAIL PROTECTED]>
Subject: Re: How to eliminate redondancy? (moving steadily towards being computer
science terminology)
Date: Tue, 20 Mar 2001 17:05:09 -0800
So now we get down deeper into the uninformed nature of D/s.
"SCOTT19U.ZIP_GUY" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> [EMAIL PROTECTED] (Joseph Ashwood) wrote in <uw4MhAZsAHA.355@cpmsnbbsa07>:
>
> >You still seem to be lacking in any significant amount of either
> >computer science knowledge, or innate ability to do this.
> >
>
I used RSA only as a wonderfully simple example of why your ideas are
completely worthless on guarenteeing security. You have turned it into a
wonderfully simple example of exactly how little you know on the subject.
> Actually I am familar with RSA maybe much more so than you.
Doubtful, but I'll let it pass for now because you're details make this
statement even more laughable.
> I would not consider RSA good for normal encryption neither
> would any one else use it for such.
Quite the contrary, RSA is used for encryption (since you have failed to
define "normal" encryption, I am left only to assume that you mean a 1-1
onto function that offers extreme diificulty in inversion). Your foolish
assumption that encrypting a random value is of a different quality than
encrypting a semi-random value demonstrates exactly how little you know
about cryptography.
> The problem with RSA
> was as keys for it got longer due to faster and more efficent
> breaks its key lenght had to enlarge. The RSA key had to be very
> long. This made for problems with the extreemly short session keys.
Wrong. It made for problems with deterministic padding which could reveal
interesting things about what was encrypted.
> Since it was not making full use. Also RSA is considered
> very weak to choosen plain text attacks.
Which is EXACTLY the reason for using it in a mode other than the original,
like say OAEP.
> Thats one reason
> why the seesion key is padded to length needed for encryption
> to pass a random session key as used in PGP. it needs to appear
> as random to make it harder to break.
The session key should not simply be padded, it needs to be protected by an
AONT, like I dunno, OAEP, just like everyone uses.
> If RSA is your corner stone as to an ideal encryption
> product you have a lot to learn Joe.
And since scottXu seems to be your cornerstone for everything (including
Zero Knowledge Proofs IIRC) I stand behind my statement that I quite
frankyly couldn't care less what you think. Although as a side note, I will
quote myself from above:
"I used RSA only as a wonderfully simple example of why your ideas are
completely worthless on guarenteeing security. You have turned it into a
wonderfully simple example of exactly how little you know on the subject."
>
> >Specifying things down to "encryption" and "compression" is useless and
> >very much limits your ability to see what is actually happening. So
> >please stop trying to take offense and start trying to understand what
> >is being said.
> >
>
> Your the one who lacks the understanding my friend get real.
I'm sorry I'm afraid I must apologize for attempting to force you to face
reality, I will allow you to crawl back into whatever smelly pile I forced
you out of.
> One can add random padding that can be used as in RSA to hide
> weakness.
What needs to be done is not necessarily the addition of random padding, but
the use of measures that provide provable security, like I just don't know,
maybe OAEP.
> But one useually tries to exaimine an encryption system
> before you pull out the GOD of Randomness as a last resort to
> make it better.
So what explains your cryptosystem? Or your views on what real cryptography
is about? As far as I can tell the only thing cryptographic about what you
have done is the re-use of words, and whatever your latest pile of letters
that doesn't compile on anything is named.
> Now if you would care to actually learn about encryption.
> What it needs to be what it needs to not be. I suggest you
> actually re-read what I said before.
I think subjecting myself to it a single time was more than is worthy.
Considering that this is now solidly off-topic, and has nothing to do with
cryptanalysis (please note the seperation from psycho-analysis, or the
recommendation that D/s's problem usually takes large quantities of
electricity to fix), this conversation will end as soon as D/s stops
replying. That is unless someone else would care to open a sub-conversation
that has some bearing on something useful here (trying to convince D/s of
anything is much too boring to be of use).
Joe
Joe
------------------------------
From: "Joseph Ashwood" <[EMAIL PROTECTED]>
Subject: Re: Fast and Easy crypt send
Date: Tue, 20 Mar 2001 17:15:00 -0800
Honestly, I have explained it, I'm not going to explain it any more, read
the sci.crypt FAQ, read a book on cryptography, if you still don't get it,
then just realize that you don't get cryptography, and don't try. If you do
get it then you will immediately realize that the only valid decryption of
your example was in fact 10011001, and that attempting to fix this problem
is useless. To reiterate please read a book on cryptography, please read the
sci.crypt FAQ, both will explain in great detail just exactly why your
algorithm is completely useless.
Joe
"amateur" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: How to eliminate redondancy? (moving steadily towards being computer
science terminology)
Date: 21 Mar 2001 01:47:45 GMT
[EMAIL PROTECTED] (Joe H. Acker) wrote in
<[EMAIL PROTECTED]>:
>Joseph Ashwood <[EMAIL PROTECTED]> wrote:
>
>> You still seem to be lacking in any significant amount of either
>> computer science knowledge, or innate ability to do this.
>
>Even at the risk of additional confusion I'll jump in and re-phrase
>again in my words what I believe David Scott has said numerous times.
>
>(1) There's a compression function c() and a decompression function d().
>
>(2) c() has an input range CI and an output range CO, and d() has an
>input range DI and an output range DO (all of them are sets of sequences
>of valid symbols)
>
>(3) For an ordinary compressor, it should at least hold (apart from
>compressing): CO=DI and DO=CI
>
>(4) For a Scott-compressor, there are other requirements (apart from
>compressing):
>
>(4a) Every possible permutation of any sequence that is an element in CO
>must be an element of DI.
>(4b) Every element of CO must be an element of DI.
>(4c) Every element of DO must be an element of CI.
>
>Well, perhaps that's not exact enough, I'm not a professional at all.
>I'm also not sure wether (4c) must hold. But the important point is
>(4a): Every possible permutation of an output of the compression
>function can be decompressed. Even if my try to give it a more precise
>definition has failed, at least this simple concept should be clear.
>
>The question is: Does a Scott-compressor as explained in (4) enhance
>security when it actually compresses and the output is fed into a cipher
>---compared to an ordinary compressor---, or does it not? If it does,
>how much security is gained? What's your estimate?
I am not going to argue with what you wrote but I think its
basically correct. We all use different ways to look at something.
But as to weather its better or not depends on several things.
If a non-scott-compressor and a scott-compressor generally compress
the same amount I would say without a doubt the scott-compressor
is better. Since more keys are meaningless as a possible solution
due to the poor compression. However if the non-scott-compressor
makes things much smaller then its going to be harder to tell which
is better and I can see many arguments either way.
>Does nobody here know an answer to these questions?
>
I doubt you will get an honest anwser to this here. About the
cloest you will get is. It might make a small difference but the
choice of the algorithm and such is so much more important that
this minor effect can be ignored. But in real life its the detail
that bites you in the ass.
>Regards,
>
>Erich
>
>
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.xoom.com/ecil/index.htm
Scott LATEST UPDATED source for scott*u.zip
http://radiusnet.net/crypto/ then look for
sub directory scott after pressing CRYPTO
Scott famous Compression Page
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
------------------------------
From: T oinker <[EMAIL PROTECTED]>
Subject: Is Evidence Eliminator at all useful ??
Date: Tue, 20 Mar 2001 21:06:57 -0600
Supposedly credit card #'s and the like are stowed away in the
registry and/or mysterious cabs and this utility wipes em out-or- is
this another way to squeeze $75 out of suckers?
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: NSA in the news on CNN
Date: 21 Mar 2001 01:57:05 GMT
[EMAIL PROTECTED] (Douglas A. Gwyn) wrote in
<[EMAIL PROTECTED]>:
>"SCOTT19U.ZIP_GUY" wrote:
>> I don't trust Hollywood. But its possible the precived view
>> as presented by Hollywood actually casts them in far less evil
>> way than they really are.
>
>I suppose it's "possible" if you don't have accurate information.
>In which case, why are you forming an opinion on the matter?
>
I just was in the mode to anwser. Your correct I have no
accurate information on this subject.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.xoom.com/ecil/index.htm
Scott LATEST UPDATED source for scott*u.zip
http://radiusnet.net/crypto/ then look for
sub directory scott after pressing CRYPTO
Scott famous Compression Page
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
------------------------------
From: [EMAIL PROTECTED] (Kenneth Lantrip)
Subject: Re: IDEA test vectors
Date: Fri, 16 Mar 2001 21:09:21 GMT
In an article posted to usenet, "rowan" <[EMAIL PROTECTED]> inscribed the
following:
>Has anyone got IDEA test vectors with output after each round? I have one
>for after all the encryption but I'd like some that are more specific.
>
>
>
Sure,
try these:
Using Key: 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F 10
Original Data: 00 01 02 03 04 05 06 07
Cyphered Data: 59 4D BB A4 98 27 D4 78
Key: 7D 9F CB 53 5D 2F 9B 3D 8E 04 A4 85 36 FB 1B CA
Makes: B3 4D 88 B0 98 D0 D4 5D
Key: CC 47 46 D5 52 A9 FA 44 BA A5 3E 8D 05 12 93 BB
Makes: 59 A5 BB B6 98 E1 8F BA
Key: 95 1A 55 E1 6D BD 8E 0B 8E 79 1C 94 07 69 2B 2C
Makes: BC EE BB A4 98 C2 E9 AE
Key: CD 4F 2F 71 03 67 BE AB 0D 26 CF 94 6D DE F0 21
Makes: 67 C7 B0 A4 98 27 C5 1D
Key: F4 93 51 7B 5E 72 B6 A0 DE AE 5E D0 09 02 01 B2
Makes: 6A 4D 7E 1C 73 27 9B 78
Key: 68 BD D6 41 38 19 1F B8 8C 00 46 F3 F7 86 49 F5
Makes: B5 4D A8 56 61 27 D4 EB
Key: 0E A6 AA 51 01 DD 6F E0 CF 36 DC 71 99 F4 88 CA
Makes: D1 4D 7E A4 65 B7 D4 BD
Key: 5F FE 08 0A 79 5F 85 5B CB C3 23 1C E1 C0 36 98
Makes: 01 4D BB E3 1B 53 D4 7B
------------------------------
From: [EMAIL PROTECTED] (Kenneth Lantrip)
Subject: Re: Computing power in the world
Date: Fri, 16 Mar 2001 21:46:36 GMT
In an article posted to usenet, AirBete<[EMAIL PROTECTED]> inscribed the
following:
>Hi all,
>
>What is the up-to-date estimate of the total computing power in the world in
>mips-years?
>
>In 1994 (Odlyzko), it was beleive that the total computing power in the world
>was 3 x 10^8 mips-years. A safe estimate for the next 20 years was then between
>10^10 - 10^11 mips-years. This is why 10^12 mips-years was considered to be
>infeasable. But what about today and what is the forecast for the next 20 years?
>
>Thanks.
>
>AirBete.
Sorry that your question didn't get answered. They did however define what a
MIPS is but your questions of how much computing power do we have in the world
today and what for the next 20 years was never answered.
I would also like to see a good answer for your question. I'm sure the number
would be astounding!
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: How to eliminate redondancy? (moving steadily towards being computer
science terminology)
Date: 21 Mar 2001 02:14:06 GMT
[EMAIL PROTECTED] (Joseph Ashwood) wrote in <udWohNasAHA.354@cpmsnbbsa07>:
>> The problem with RSA
>> was as keys for it got longer due to faster and more efficent
>> breaks its key lenght had to enlarge. The RSA key had to be very
>> long. This made for problems with the extreemly short session keys.
>
>Wrong. It made for problems with deterministic padding which could
>reveal interesting things about what was encrypted.
What kind of asshole are you. The padding was needed since keys
so short. Yes padding was needed to make it appear random and they
had done a piss poor job. I think I understood that as well as
you think you do.
AS a matter of fact if much longer keys choosen for the encryption
one would not need padding the whole session key would just barely
fit. But then they might have to use real ciphers instead of the
short key version in current use.
>
>> Since it was not making full use. Also RSA is considered
>> very weak to choosen plain text attacks.
>
>Which is EXACTLY the reason for using it in a mode other than the
>original, like say OAEP.
Like what the hell did you think I said. You angry and full
of crap. Just because I don't say it your words you think you
are proving something. Your not!!
>
>> Thats one reason
>> why the seesion key is padded to length needed for encryption
>> to pass a random session key as used in PGP. it needs to appear
>> as random to make it harder to break.
>
>The session key should not simply be padded, it needs to be protected by
>an AONT, like I dunno, OAEP, just like everyone uses.
Padding is not simple I never said it was, But I hope they
finally get padding correct for AES but I doubt you understand
the problems there either.
At least you got the lingo. But you really haven't added anything
to the disscussion. BYE THE WAY scott19u is a better
"all or nothing transform" that what you are use to.
rest of useless dribble deleted!!!
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.xoom.com/ecil/index.htm
Scott LATEST UPDATED source for scott*u.zip
http://radiusnet.net/crypto/ then look for
sub directory scott after pressing CRYPTO
Scott famous Compression Page
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: Is Evidence Eliminator at all useful ??
Date: Wed, 21 Mar 2001 02:34:32 GMT
"T oinker" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Supposedly credit card #'s and the like are stowed away in the
> registry and/or mysterious cabs and this utility wipes em out-or- is
> this another way to squeeze $75 out of suckers?
Essentially it prays on the naivity of new users..
It's completely bogus software.
Tom
------------------------------
From: David Schwartz <[EMAIL PROTECTED]>
Subject: Re: Is Evidence Eliminator at all useful ??
Date: Tue, 20 Mar 2001 18:56:13 -0800
Tom St Denis wrote:
>
> "T oinker" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > Supposedly credit card #'s and the like are stowed away in the
> > registry and/or mysterious cabs and this utility wipes em out-or- is
> > this another way to squeeze $75 out of suckers?
>
> Essentially it prays on the naivity of new users..
>
> It's completely bogus software.
>
> Tom
Send me $125 and I'll send you my detailed report on the strengths and
weaknesses of Evidence Eliminator.
DS
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: Is Evidence Eliminator at all useful ??
Date: Wed, 21 Mar 2001 03:16:49 GMT
"David Schwartz" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
>
>
> Tom St Denis wrote:
> >
> > "T oinker" <[EMAIL PROTECTED]> wrote in message
> > news:[EMAIL PROTECTED]...
> > > Supposedly credit card #'s and the like are stowed away in the
> > > registry and/or mysterious cabs and this utility wipes em out-or- is
> > > this another way to squeeze $75 out of suckers?
> >
> > Essentially it prays on the naivity of new users..
> >
> > It's completely bogus software.
> >
> > Tom
>
> Send me $125 and I'll send you my detailed report on the strengths and
> weaknesses of Evidence Eliminator.
Now why would I do that? :-?
Tom
------------------------------
From: Dennis Ritchie <[EMAIL PROTECTED]>
Crossposted-To: comp.security.misc
Subject: Re: can't find the unix crypt(1) command these days
Date: Wed, 21 Mar 2001 04:12:00 +0000
Dan Jacobson wrote:
>
> OK, I think I remember the password to my files, so maybe I don't need
> the nowadays uncompilable Crypt Breakers Workbench. All I need is the
> good old unix
> $ crypt
> command. However I don't see it being shipped along with debian or
> mandrake. Is this due to export restrictions or is it just that
> nobody's bothered to maintain it?
I'd mail you the thing, except that your security is impenetrable.
As Gwyn pointed out, it's out there.
Dennis
------------------------------
From: [EMAIL PROTECTED] (JPeschel)
Date: 21 Mar 2001 05:25:13 GMT
Subject: Re: NSA in the news on CNN
[EMAIL PROTECTED] writes, in part:
>Those people at Fort Meade
>must be getting desperate for funding, or something!
You mean all that bread raised from selling those cool little coffee cups,
groovy t-shirts, and those far-out tie-dyed sweat shirts sold in
the gift shop isn't enough funding?
Joe
__________________________________________
Joe Peschel
D.O.E. SysWorks
http://members.aol.com/jpeschel/index.htm
__________________________________________
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
