Cryptography-Digest Digest #961, Volume #13 Wed, 21 Mar 01 13:13:00 EST
Contents:
Re: How to eliminate redondancy? (Joe H. Acker)
Re: can a remailer send a message to multiple people? ("Thomas J. Boschloo")
Most secure way to add passphrase verification to "CipherSaber" ("John L. Allen")
Re: How to eliminate redondancy? (moving steadily towards being computer science
terminology) (SCOTT19U.ZIP_GUY)
Re: How to eliminate redondancy? (moving steadily towards being computer science
terminology) ("Tom St Denis")
Re: How to eliminate redondancy? (SCOTT19U.ZIP_GUY)
Re: How to eliminate redondancy? (SCOTT19U.ZIP_GUY)
Re: I was so so right about PGP ... so right when I started writing about PGP and
about one author .... so right ..... (Arturo)
Re: How to eliminate redondancy? ("Tom St Denis")
Re: OK...dumb question (Taylor Francis)
Re: OK...dumb question ("Tom St Denis")
Re: A future supercomputer (Mok-Kong Shen)
Re: Advice on storing private keys (Darryl Wagoner)
redodancy ("dexMilano")
Re: One-time Pad really unbreakable? (Jonathan Thornburg)
Re: One-time Pad really unbreakable? (Jonathan Thornburg)
Re: I was so so right about PGP ... so right when I started writing about PGP and
about one author .... so right ..... (those who know me have no need of my name)
Re: How to eliminate redondancy? (moving steadily towards being computer science
terminology) (SCOTT19U.ZIP_GUY)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Joe H. Acker)
Subject: Re: How to eliminate redondancy?
Date: Wed, 21 Mar 2001 17:27:56 +0100
Benjamin Goldberg <[EMAIL PROTECTED]> wrote:
> > There are no incorrect definitions, just more or less appropriate
> > ones.
>
> No. The range of a function has a well defined meaning. Using a
> meaning other than the correct definition is incorrect.
Okay, it was a misunderstanding. I take the term "definition" a lot more
strictly than you do. In my terminology, it is an abbreviation and the
definiens and the definiendum must be substitutable in any
context---except for grammatical adjustments when used informally.
> From the Merriam-Webster dictionary's definition of "range":
> 6a the space or extent included, convered, or used.
> 8a the set of values a function may take.
> 8b the class of admissible values of a variable.
I wouldn't consider the Merriam-Webster dictionary to be always right,
but in this case, it certainly does correctly explain the naming
convention. My point was rather, that I felt some posters were making
themselves appear more stupid than they are just to be able write
polemic replies to a potentially valuable suggestion.
> If you correctly consider (for example) the gzip function, it's domain
> is the set of all files, and it's range is the set of those files
> producable by gzip. It would be incorrect to say that it's range is the
> set of all files.
In German, it's sometimes called "Vorbereich" and "Nachbereich" so I
assumed that it's someting like "input range" and "output range" in
English. Thanks for the clarification.
> Thus, you can see how nonpermutative compressors intruduce
> distinguishing characteristics. This kind of distinguishability is very
> very minor, since we normally must have a huge amount of known plaintext
> for most attacks, and it is just as easy/just as difficult to obtain,
> regardless of which type of compressor is used.
That's what I believe as well. But perhaps, a special attack against
nonpermutative compression+encryption could be invented. After all,
nonpermutative compression does not only allow a quick shortcut for the
correct plaintext, there could be more sophisticated attacks that
exploit the fact that a certain nonpermutative compressor fails to
decompress so many possible sequences of symbols. For example, if one
would combine the severe restrictions on the compressor output (or
decompressor input) with an attack on the cipher, this perhaps could
drastically limit the amount of plaintext needed. That's something
serious cryptanalists might want to take a look at.
> > What do cryptanalists say about s-bijective compression once they have
> > learned what "s-bijective" is supposed to mean?
>
> Most cryptanalysts ignore David Scott since he acts like a Troll.
Oh well, his replies aren't very polite sometimes. But after all, his
views about compression seem to be correct, although he might
overestimate a bit the amount of security earned by permutative
compression.
Anyway, thanks for your reply. I think we can agree that "permutative"
and "nonpermutative" compression could be good shortcut terms to name
the different types of compression.
Regards,
Erich
------------------------------
From: "Thomas J. Boschloo" <[EMAIL PROTECTED]>
Subject: Re: can a remailer send a message to multiple people?
Date: Wed, 21 Mar 2001 15:42:49 +0100
Incognito wrote:
>
> Can I use the mixmaster 2.0.3 to send a message anonymously to more
> than one person? Thanks.
I think so, just separate the receiving e-mail addresses with a comma
",".
Thomas
--
Kittenbirds - You, me and Jesus: "I love your hair it's just so long"
------------------------------
From: "John L. Allen" <[EMAIL PROTECTED]>
Subject: Most secure way to add passphrase verification to "CipherSaber"
Date: Wed, 21 Mar 2001 16:27:13 GMT
I was thinking about adding some rudimentary passphrase (Key)
verification check capability to the CipherSaber protocol (see
http://ciphersaber.gurus.com/). So, among the following choices, Which
of these message streams is most secure as a means of providing a way
for the decryptor to verify the correctness of the decryption Key
without giving an attacker useful info:
0. IV, E(msg) # This is the current
CipherSaber protocol
1. IV, E(IV), E(msg) # bad: "known plaintext"
2. IV, E(E(IV)), E(msg)
3. IV, E(E(msg{1..10})), E(msg) # bad: "known plaintext"
4. IV, E(E(E(msg{1..10}))), E(msg)
5. IV, H(msg{1..64}), E(msg)
6. IV, E(H(msg{1..64})), E(msg)
7. IV, E(Key), E(msg)
8. IV, H(Key), E(msg)
9. IV, E(H(Key)), E(msg)
Where, IV is a random initialization vector.
E() is an encryption algorithm using key Key.
H() is a hash function.
msg is the message
msg{1..N} is the first N bytes of the message.
Also, if a hash function is not available, what is the best way then?
I lean toward #9 if a hash is available, otherwise, maybe #2 or #4.
Encrypting the key and sending that as in #7 doesn't _look_ too good at
first, but is it really that bad?
John.
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: How to eliminate redondancy? (moving steadily towards being computer
science terminology)
Date: 21 Mar 2001 16:27:34 GMT
[EMAIL PROTECTED] (Tom St Denis) wrote in
<ep4u6.98534$[EMAIL PROTECTED]>:
>
>"SCOTT19U.ZIP_GUY" <[EMAIL PROTECTED]> wrote in message
>news:[EMAIL PROTECTED]...
>> I think you know my anwser to that but to elighten others I
>> will explain what a good sized key is. It is as large as possilbe
>> while getting the job done so as to not to cause the user to much
>> time waiting.
>
>There are other problems with using million byte keys.
>1. Where to get that much good entropy?
Godd question. The anwser is you most likely don't.
But at least with my system you can use what you can get.
And you can still use a passord of any size to use the
key. Of cousre just like anything else best to use on
computer you have full control of. And if your master
password to short and some. One gets to test it they
may find the password.
>2. How to store it securely?
I think its best to store the encrypted long key on
a floppy disk. If you lose it to bad.
>3. Not ideal for portable solutions (i.e smart cards)
Your absloutely correct for a this the next few years
it would not be economical to use it in smart cards. So
use something else for them. But why should one use a system
for smart cards for ones security needs.
>
tommy what makes you think that just becasue it takes a
long time to do a "dump blind search" to find a key of 256 bits
is the only way to solve the problem.
It may well be that the NSA has an "adaptive key search" that
works for any block cipher of the types being used for AES it
may take as few a thousand or less tries with such an adaptive
system. What makes you so certain that this is not possible.
I wish you would give it some thought. But I can see you not
the deep thinking kind of person capable of free thought.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.xoom.com/ecil/index.htm
Scott LATEST UPDATED source for scott*u.zip
http://radiusnet.net/crypto/ then look for
sub directory scott after pressing CRYPTO
Scott famous Compression Page
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: How to eliminate redondancy? (moving steadily towards being computer
science terminology)
Date: Wed, 21 Mar 2001 16:45:17 GMT
"SCOTT19U.ZIP_GUY" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> [EMAIL PROTECTED] (Tom St Denis) wrote in
> <ep4u6.98534$[EMAIL PROTECTED]>:
>
> >
> >"SCOTT19U.ZIP_GUY" <[EMAIL PROTECTED]> wrote in message
> >news:[EMAIL PROTECTED]...
> >> I think you know my anwser to that but to elighten others I
> >> will explain what a good sized key is. It is as large as possilbe
> >> while getting the job done so as to not to cause the user to much
> >> time waiting.
> >
> >There are other problems with using million byte keys.
> >1. Where to get that much good entropy?
>
> Godd question. The anwser is you most likely don't.
> But at least with my system you can use what you can get.
> And you can still use a passord of any size to use the
> key. Of cousre just like anything else best to use on
> computer you have full control of. And if your master
> password to short and some. One gets to test it they
> may find the password.
Ahh... but would a million bad bits be better then 192 good bits (bad =
nonrandom, good=random as can be)
>
> >2. How to store it securely?
>
> I think its best to store the encrypted long key on
> a floppy disk. If you lose it to bad.
Ahh... that won't work either. If you lose the floppy who says your boss,
co-worker, enemy doesn't have it?
In a perfect world passwords would not exist and we would have MAG strip
cards with our "password ala key" on them and a reader/writer in the
keyboard. This way you can bring around a 256-bit key and not be forced to
remember it.
> >3. Not ideal for portable solutions (i.e smart cards)
>
> Your absloutely correct for a this the next few years
> it would not be economical to use it in smart cards. So
> use something else for them. But why should one use a system
> for smart cards for ones security needs.
Ah again not good. Smart cards are good for things like credit/debit cards
since the store doesn't need to know any of your details. The card will
encrypt it itself and transmit it to the Interac (or whatever) company
directly.
> tommy what makes you think that just becasue it takes a
> long time to do a "dump blind search" to find a key of 256 bits
> is the only way to solve the problem.
> It may well be that the NSA has an "adaptive key search" that
> works for any block cipher of the types being used for AES it
> may take as few a thousand or less tries with such an adaptive
> system. What makes you so certain that this is not possible.
> I wish you would give it some thought. But I can see you not
> the deep thinking kind of person capable of free thought.
Using your logic I could say the NSA has an adaptive key search on your
trillion bit key method?
Why do you think your method is immune to magical cryptanalysis anyways? if
the NSA can break AES in a few steps they probably can break yours too.
Tom
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: How to eliminate redondancy?
Date: 21 Mar 2001 16:50:23 GMT
[EMAIL PROTECTED] (Tom St Denis) wrote in
<YB4u6.98614$[EMAIL PROTECTED]>:
>>
>> And what makes you so sure it trival. When the main difference
>> is if you use a poor compressor most of the test keys are tossed
>> out as beind impossible to use.
>
>Well what's saying your bijective compressor will turn random streams
>into ASCII output? They can't always (hence 1-1) so I can reject many
>1-1 tests by just seeing if the output is ASCII text. Duh... I win :-)
Sorry tommy if one was using my "contionial adaptive huffman
compressor in the correct way any set of symbols you pick
would mapp in my 1-1 way to your random file. You lose little boy.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.xoom.com/ecil/index.htm
Scott LATEST UPDATED source for scott*u.zip
http://radiusnet.net/crypto/ then look for
sub directory scott after pressing CRYPTO
Scott famous Compression Page
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: How to eliminate redondancy?
Date: 21 Mar 2001 16:55:12 GMT
[EMAIL PROTECTED] (Joe H. Acker) wrote in
<[EMAIL PROTECTED]>:
>
>That's what I believe as well. But perhaps, a special attack against
>nonpermutative compression+encryption could be invented. After all,
>nonpermutative compression does not only allow a quick shortcut for the
>correct plaintext, there could be more sophisticated attacks that
>exploit the fact that a certain nonpermutative compressor fails to
>decompress so many possible sequences of symbols. For example, if one
>would combine the severe restrictions on the compressor output (or
>decompressor input) with an attack on the cipher, this perhaps could
>drastically limit the amount of plaintext needed. That's something
>serious cryptanalists might want to take a look at.
They may look at it in secret. I truely belive many such details
may well be known by the NSA and such. But the open crypto people
are still in the dark about such things.
>
>> > What do cryptanalists say about s-bijective compression once they have
>> > learned what "s-bijective" is supposed to mean?
>>
>> Most cryptanalysts ignore David Scott since he acts like a Troll.
>
>Oh well, his replies aren't very polite sometimes. But after all, his
>views about compression seem to be correct, although he might
>overestimate a bit the amount of security earned by permutative
>compression.
>
Thanks
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.xoom.com/ecil/index.htm
Scott LATEST UPDATED source for scott*u.zip
http://radiusnet.net/crypto/ then look for
sub directory scott after pressing CRYPTO
Scott famous Compression Page
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
------------------------------
From: Arturo <aquiranNO$[EMAIL PROTECTED]>
Subject: Re: I was so so right about PGP ... so right when I started writing about PGP
and about one author .... so right .....
Date: Wed, 21 Mar 2001 17:07:44 +0100
On 21 Mar 2001 15:43:52 GMT, [EMAIL PROTECTED] wrote:
>Cryptologists from Czech company ICZ detected serious security vulnerability
>of an international magnitude
>A bug has been found in worldwide used security format OpenPGP.
>
>
>http://cryptome.org/pgp-email-flaw.htm
>
>
> ----- Posted via NewsOne.Net: Free (anonymous) Usenet News via the Web -----
> http://newsone.net/ -- Free reading and anonymous posting to 60,000+ groups
> NewsOne.Net prohibits users from posting spam. If this or other posts
>made through NewsOne.Net violate posting guidelines, email [EMAIL PROTECTED]
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: How to eliminate redondancy?
Date: Wed, 21 Mar 2001 17:02:44 GMT
"SCOTT19U.ZIP_GUY" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> [EMAIL PROTECTED] (Tom St Denis) wrote in
> <YB4u6.98614$[EMAIL PROTECTED]>:
>
> >>
> >> And what makes you so sure it trival. When the main difference
> >> is if you use a poor compressor most of the test keys are tossed
> >> out as beind impossible to use.
> >
> >Well what's saying your bijective compressor will turn random streams
> >into ASCII output? They can't always (hence 1-1) so I can reject many
> >1-1 tests by just seeing if the output is ASCII text. Duh... I win :-)
>
>
> Sorry tommy if one was using my "contionial adaptive huffman
> compressor in the correct way any set of symbols you pick
> would mapp in my 1-1 way to your random file. You lose little boy.
Hmm if it's 1-1 then I could find messages that decode to binary... duh.. I
win.
Tom
------------------------------
From: Taylor Francis <[EMAIL PROTECTED]>
Subject: Re: OK...dumb question
Date: Wed, 21 Mar 2001 11:03:40 -0600
HAC says use the euclidean algorithm to find d from e and phi. How? I
have a working euclidean algorithm, but what parms (a&b) to I send to it
to determine d such that ed=1(mod phi)?
Thanks...
Tom St Denis wrote:
>
> "Taylor Francis" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> >
> >
> > Tom St Denis wrote:
> > >
> > >
> > > To find 'd' from 'e' you have to find the modular inverse modulo
> lcm(p-1,
> > > q-1). Most people say modulo (p-1)(q-1) but that's actually just a
> multiple
> > > of the group order (both will work but the former may be faster if
> p-1,q-1
> > > have factors in common).
> > >
> > > The most common method for modular inversion is the extended euclidean
> > > algorithm which also finds the GCD of the two numbers (two for one ...
> cool)
> >
> > How? And what is the 'extended euclidean algorithm' and how does it
> > work?
>
> Hmm scott was right, why not pick up a free copy of HAC off the web.
>
> When I have to implement these I just read directly from the books (I didn't
> memorize em).
>
> it's a good idea to learn how they work... at on time I had an intimate
> knowledge of the algorithms used (number theory related) but I haven't used
> them in about a year ... so I am a bit rusty.
>
> The euclid algorithms are fairly straight forward though...
>
> TOm
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: OK...dumb question
Date: Wed, 21 Mar 2001 17:10:48 GMT
"Taylor Francis" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> HAC says use the euclidean algorithm to find d from e and phi. How? I
> have a working euclidean algorithm, but what parms (a&b) to I send to it
> to determine d such that ed=1(mod phi)?
There is a variant of the euclidean algorithm that finds the GCD only....
you want the full one.
Sorry my books are at my work so even if I wanted to help I can't right
now...
You can find the info on the web... it's called a websearch!
Tom
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: A future supercomputer
Date: Wed, 21 Mar 2001 18:09:29 +0100
JCA wrote:
>
> In article <[EMAIL PROTECTED]>, "Mok-Kong Shen"
> <[EMAIL PROTECTED]> wrote:
>
> > Note that I said only that with the power of Blue Gene the machine
> > starts to have a solid foundation to compete with humans.
>
> This is my point - I dont't think that throwing in more computational
> power helps all that much, and I therefore don't agree with you. That is,
> there are a number a fundamental issues that must be understood and sorted
> out first. Till then, this extra horsepower, in my view, albeit welcome, is not
> likely to cast much more new light, much less to provide a solid foundation to
> compete with humans.
Computing power is ONE of the fundamental requirements.
If everything else is solved in theory, without the
computing power to do that is futile, like one understands
perfectly how a rocket works but without the required fuel.
With more computing power, one can try algorithms that would
otherwise be impossible. (See e.g. simulation of nuclear
explosions, which was why the ASCIs were built.)
M. K. Shen
------------------------------
From: Darryl Wagoner <[EMAIL PROTECTED]>
Subject: Re: Advice on storing private keys
Date: Wed, 21 Mar 2001 12:10:33 -0500
Reply-To: [EMAIL PROTECTED]
Paul Rubin wrote:
> Darryl Wagoner <[EMAIL PROTECTED]> writes:
> > I am working on a open source digital signature system using openssl
> > DSA functions. I have create my own cert format because of special
> > needs of ham radio users. I would like to encrypt the private keys
> > for safe keeping, but the passwords/key needs to be kept short.
> >
> > Any suggestions?
>
> I don't understand what you're asking. What needs to be special about
> the certificates?
The certs will carry unique information such as call sign and license
class
which may not fit well into normal certs. The other requirements is too
have a
format that will be easy for non-crypto types to add to their programs
and
to have a format that could easy be worked into text file formats.
Standard
certs maybe able to fit the bill, but I knew I could create my own format
cert that would in less time. So far the only thing I don't like about
the
format is that it is hex strings. I wish I could find a good 64 bit
encoding
routines.
> And OpenSSL already lets you encrypt keys by a
> password.
I will check it out.
thanks
Darryl WA1GON
------------------------------
From: "dexMilano" <[EMAIL PROTECTED]>
Subject: redodancy
Date: Wed, 21 Mar 2001 18:19:57 +0100
Is there some simple algoritm to remove redodancy in text?
I tried ZIP but it's too heavy.
Thx
dex
------------------------------
From: [EMAIL PROTECTED] (Jonathan Thornburg)
Subject: Re: One-time Pad really unbreakable?
Date: 21 Mar 2001 18:21:39 +0100
Tim Tyler wrote:
> One is that this is a study - of Douglas A. Gwyn - under computer
> simulation. An elaborate model of your intellect has been built, ...
and later [about this hypothesis]
>There's no evidence /against/ it either - it is quite consistent with
>all of your observations. It is quite simple - I would not like to be
>told to wield Occam's rasor in this instance. When there's no evidence
>either way, both options must remain possibilities - which was my point.
There's also no evidence either fore or against against the hypothesis
that an invisble elf is sitting on my forehead directing my actions.
This hypothesis too is quite consistent with all observations of my
behavior. Do you take it seriously? Should anyone else?
You really need to learn something about solopism, and perhaps
philosophy in general.
*plonk*
--
-- Jonathan Thornburg <[EMAIL PROTECTED]>
http://www.thp.univie.ac.at/~jthorn/home.html
Universitaet Wien (Vienna, Austria) / Institut fuer Theoretische Physik
Q: Only 6 countries have the death penalty for children. Which are they?
A: Congo, Iran, Nigeria, (Pakistan[*]), Saudi Arabia, United States, Yemen
[*] Pakistan reportedly ended it in July 2000. -- Amnesty International
http://www.web.amnesty.org/ai.nsf/index/AMR511392000
------------------------------
From: [EMAIL PROTECTED] (Jonathan Thornburg)
Subject: Re: One-time Pad really unbreakable?
Date: 21 Mar 2001 18:29:29 +0100
In article <99anv3$r89$[EMAIL PROTECTED]>, I wrote
[[to Tim Tyler]]
>You really need to learn something about solopism, and perhaps
>philosophy in general.
Oops, careless typing -- make that "solipsism".
--
-- Jonathan Thornburg <[EMAIL PROTECTED]>
http://www.thp.univie.ac.at/~jthorn/home.html
Universitaet Wien (Vienna, Austria) / Institut fuer Theoretische Physik
"There is no cause for worry. The high tide of prosperity will continue"
-- Andrew W. Mellon, Sept 1928
------------------------------
From: [EMAIL PROTECTED] (those who know me have no need of my name)
Crossposted-To: comp.security.pgp,comp.lang.java,comp.lang.c++
Subject: Re: I was so so right about PGP ... so right when I started writing about
PGP and about one author .... so right .....
Date: Wed, 21 Mar 2001 17:33:43 -0000
[f-u set]
<[EMAIL PROTECTED]> divulged:
[due to a buffer overflow in some versions of pgp]
>The receiver can't do anything, because he/she has to use pgp to
>verify and decrypt the message.
actually some people use gpg. still, i wonder if it'll be a blow to the
must encrypt everything crowd.
>Use java, forget c++ !
oh yeah, no way to write bad code in that language. (don't even
consider using the old line about there being no pointers so it can't
happen.)
--
okay, have a sig then
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: How to eliminate redondancy? (moving steadily towards being computer
science terminology)
Date: 21 Mar 2001 17:39:08 GMT
[EMAIL PROTECTED] (Tom St Denis) wrote in
<xU4u6.98657$[EMAIL PROTECTED]>:
>
>"SCOTT19U.ZIP_GUY" <[EMAIL PROTECTED]> wrote in message
>news:[EMAIL PROTECTED]...
>> [EMAIL PROTECTED] (Tom St Denis) wrote in
>> <ep4u6.98534$[EMAIL PROTECTED]>:
>>
>> >
>> >"SCOTT19U.ZIP_GUY" <[EMAIL PROTECTED]> wrote in message
>> >news:[EMAIL PROTECTED]...
>> >> I think you know my anwser to that but to elighten others I
>> >> will explain what a good sized key is. It is as large as possilbe
>> >> while getting the job done so as to not to cause the user to much
>> >> time waiting.
>> >
>> >There are other problems with using million byte keys.
>> >1. Where to get that much good entropy?
>>
>> Godd question. The anwser is you most likely don't.
>> But at least with my system you can use what you can get.
>> And you can still use a passord of any size to use the
>> key. Of cousre just like anything else best to use on
>> computer you have full control of. And if your master
>> password to short and some. One gets to test it they
>> may find the password.
>
>Ahh... but would a million bad bits be better then 192 good bits (bad =
>nonrandom, good=random as can be)
>
If by bad you mean something like the total amount of entropy
in the not so random million bits. Was less than the entropy
in the more random 192 bits. Then I think even a kid like you
knows the anwser. But using 200 bits where the first 192 bits
are the same as your short key. and 8 good random bits would most
likely kick ass if first part of millon bit key.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.xoom.com/ecil/index.htm
Scott LATEST UPDATED source for scott*u.zip
http://radiusnet.net/crypto/ then look for
sub directory scott after pressing CRYPTO
Scott famous Compression Page
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
