Cryptography-Digest Digest #31, Volume #14 Wed, 28 Mar 01 19:13:01 EST
Contents:
Re: Breaking a DES encrypted code. ("Mark G Wolf")
Re: DES key replacement. ("Sam Simpson")
Re: Newbie wants to shuffle... (Mok-Kong Shen)
Re: Breaking a DES encrypted code. (John Savard)
Re: Breaking a DES encrypted code. ("Douglas A. Gwyn")
Re: Breaking a DES encrypted code. ("Douglas A. Gwyn")
Re: Breaking a DES encrypted code. ("Douglas A. Gwyn")
Re: Breaking a DES encrypted code. ("Mark G Wolf")
Re: Malicious Javascript in Brent Kohler post (Darren New)
Re: Strong primes ("Tom St Denis")
Re: New PGP Flaw Verified By Phil Zimmerman, Allows Signatures to be (Patton)
Re: New PGP Flaw Verified By Phil Zimmerman, Allows Signatures to be Forged (Tom
McCune)
Re: Data dependent arcfour via sbox feedback ("Henrick Hellstr�m")
Re: Malicious Javascript in Brent Kohler post (Mok-Kong Shen)
ATTN: Tom & Vlastimil - Please demonstrate your attack (was New PGP Flaw...) (Imad
R. Faiad)
PRNG analysis, runs of zeroes (Steve Portly)
Re: New PGP Flaw Verified By Phil Zimmerman, Allows Signatures to be Forged
(Free-man)
Re: Newbie wants to shuffle... ("Henrick Hellstr�m")
Re: ATTN: Tom & Vlastimil - Please demonstrate your attack (was New PGP Flaw...)
(Ralph Hilton)
----------------------------------------------------------------------------
From: "Mark G Wolf" <[EMAIL PROTECTED]>
Subject: Re: Breaking a DES encrypted code.
Date: Wed, 28 Mar 2001 16:14:13 -0600
> One could in fact scramble the pixels, rendering the
> work of the opponent more difficult. On the other hand,
> it is to be noted that, using an image file as described,
> the volume of the encrypted message is very m�ch larger
> than that of the plaintext. In my humble view, it is in
> general not too hard to find ways to achieve good
> encryption, if one is ready to accept the cost of
> 'sufficiently' high bandwidth and/or processing expenses.
It sure does require more bandwidth, but it would take a lot longer to
break, using very sophisticated machines. Of course how much is a lot when
you have a lot of bandwidth? It's kind of relative; if you have to wait 2
seconds instead of 1 second it's a lot different from 2 hours as opposed to
1 hour.
------------------------------
From: "Sam Simpson" <[EMAIL PROTECTED]>
Subject: Re: DES key replacement.
Date: Wed, 28 Mar 2001 23:24:48 +0100
Terry Ritter <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
>
> On Wed, 28 Mar 2001 17:06:56 GMT, in <[EMAIL PROTECTED]>,
> in sci.crypt "Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote:
>
> >Yaniv Sapir wrote:
> >> When using DES for encryption of long messages, is it a common practice
to
> >> replace the 64-bit key once in a while? If so, how frequent?
> >
> >No. Standard practice is to use the same key for the entire session.
>
> First, a DES key is 56 bits, not 64.
To be a fussy bastard (hey, everyone else is here) this statement is
incorrect.
According to NIST FIPS46-3 for example: "A DES key consists of 64 binary
digits......"
--
Regards,
Sam
http://www.scramdisk.clara.net/
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Newbie wants to shuffle...
Date: Thu, 29 Mar 2001 00:29:48 +0200
"SCOTT19U.ZIP_GUY" wrote:
>
> I know I am late in this thread. But shuffling is a lot
> like creating a single cycle look up table. My code both
> scott19u and scott16u have to use a large shuffling of the
> file. If you want to check the method I used. You can look
> at the source code.
Sorry to say something that I hesitated very long to say.
I was asking something about the math of proving that
the two algorithms are equivalent. And you jumped in
to praise the merit of your codes, which is not relevant
to my question as such. From what I saw in other threads,
you seem to be very diligent in making that publicity.
Too much publicity could have a negative effect in my
humble view. My apology for expressing my minds directly.
M. K. Shen
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Breaking a DES encrypted code.
Date: Wed, 28 Mar 2001 22:35:04 GMT
On Wed, 28 Mar 2001 18:20:41 +0200, "Yaniv Sapir"
<[EMAIL PROTECTED]> wrote, in part:
>This doesn't sound as the case here. When having zillions of possible keys,
>how can one check the "sensibility" of the decrypted text? And how can it be
>done by hardware?
Either you know the original plaintext - a "known-plaintext" attack -
or you have partial knowledge of it. For example, the plaintext might
be uncompressed ASCII characters. In that case, have, say, seven
blocks of ciphertext, and for each key, decrypt as many of them in
turn as needed until you find the MSB of any byte equal to 1; if all
are zero, you may have found the right key.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Breaking a DES encrypted code.
Date: Wed, 28 Mar 2001 21:53:18 GMT
> What's to prevent me from writing a message on a piece of paper
> and then scrambling the image? What then?
There will still be an extremely high amount of redundancy.
For example, most of the file will be 0 bits. A good test
would then be for a large excess of 0 bits over 1 bits.
No matter how far you want to carry this, there will be
some statistical pattern, *unless* you use a cryptographically
strong information hider -- but that is what the encryption
system is supposed to do, so it begs the question.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Breaking a DES encrypted code.
Date: Wed, 28 Mar 2001 21:50:03 GMT
Yaniv Sapir wrote:
> The whole idea is to break a code for which you *don't have* the palintext
> original.
Yes, and one way this can be done by recovering the same key as was
used for some *other* message for which one can guess the plaintext.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Breaking a DES encrypted code.
Date: Wed, 28 Mar 2001 21:54:45 GMT
Mark G Wolf wrote:
> The time and energy it takes to do all of this stuff is
> kind of wasteful to begin with.
We let computers do the work.
------------------------------
From: "Mark G Wolf" <[EMAIL PROTECTED]>
Subject: Re: Breaking a DES encrypted code.
Date: Wed, 28 Mar 2001 16:52:02 -0600
> There will still be an extremely high amount of redundancy.
> For example, most of the file will be 0 bits. A good test
> would then be for a large excess of 0 bits over 1 bits.
Oh come on, it dosen't have to black on white. Plus I can compress it.
> No matter how far you want to carry this, there will be
> some statistical pattern, *unless* you use a cryptographically
> strong information hider -- but that is what the encryption
> system is supposed to do, so it begs the question.
------------------------------
From: Darren New <[EMAIL PROTECTED]>
Subject: Re: Malicious Javascript in Brent Kohler post
Date: Wed, 28 Mar 2001 22:56:03 GMT
Mok-Kong Shen wrote:
> The point is: Suppose one copies it to a file and finds
> that it is html containing a Javascript. Does one need
> Java knowledge
Java and Javascript are completely different.
> or is there an automatic means analogous
> to a virus scanner to determine whether the material
> could be malicious.
The code in that file is only malicious if your javascript interpreter is
stupid. It just keeps opening windows until you run out of memory. If your
interpreter allows that to happen, then you need a better interpreter.
--
Darren New / Senior MTS & Free Radical / Invisible Worlds Inc.
San Diego, CA, USA (PST). Cryptokeys on demand.
A million monkeys in a room with a million typewriters
will only yield half a million pregnant monkeys.
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: Strong primes
Date: Wed, 28 Mar 2001 22:56:47 GMT
"John Savard" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> On Wed, 28 Mar 2001 17:09:53 GMT, "Douglas A. Gwyn"
> <[EMAIL PROTECTED]> wrote, in part:
> >Chenghuai Lu wrote:
>
> >> How much better will strong primes (p1 = k * p + 1) be vesus ordinary
> >> primes?
>
> >Better for what?
>
> Basically, the reason for that question is, at present it is believed
> that strong primes are better for Diffie-Hellman, but they are not
> relevant for RSA.
And more exact it's the kind of primes where q is prime and so is p = 2q +
1. That way q is a large sub-group of Z*p.
Tom
------------------------------
From: Patton <[EMAIL PROTECTED]>
Crossposted-To:
alt.privacy.anon-server,alt.security.pgp,comp.security.pgp.discuss,comp.security.pgp.resources,comp.security.pgp.tech
Subject: Re: New PGP Flaw Verified By Phil Zimmerman, Allows Signatures to be
Date: Wed, 28 Mar 2001 15:18:51 -0800
Tomas Rosa wrote:
>
> OK, but TAMPERING is just particular cryptanalysing tool.
>
> Good encryption (as the method for preserving data confidentiality) shall be
> resistant to known "sound" cryptanalysing techniques. So, it has to be
> resistant to sound tampering techniques too. So, the encryption of private
> key in OpenPGP is not good.
>
To be sure, tampering is a time honored method of cryptanalysis. (Using
that term in the broad manner: cryptanalysis = any method for revealing
contents of a encrypted document). And to be fair, your paper makes
clear the method of attack. (even though I don't understand more than
1/2 of it) Unfortunately, the early reports made it sound as if the key
encryption had been broken.
I believe that those who minimize the risk of the attack you propose,
would analogize to the danger of breaking a One Time Pad. The OTP
system is "flawed" because an attacker can potentially copy the pad.
My answer to that type of argument is that both are correct. PGP's
encryption is sound and has not been broken, but a key management attack
has been identified that would allow an attacker to subvert that sound
encryption and discover the secret key.
Is this about right? Or am I missing the point completely?
------------------------------
Crossposted-To: alt.security.pgp,comp.security.pgp.discuss
From: Tom McCune <[EMAIL PROTECTED]>
Subject: Re: New PGP Flaw Verified By Phil Zimmerman, Allows Signatures to be Forged
Date: Wed, 28 Mar 2001 23:21:17 GMT
=====BEGIN PGP SIGNED MESSAGE=====
For what it may be worth, I think your work is commendable. I don't like
to hear about PGP having such a weakness, but if it has it, we need to
know about it. Thank you.
I'm going to soon be adding a section about this to my PGP FAQ, and would
greatly appreciate answers to the following questions:
As to the testing with PGP 7.0.3, It appears that attacks to both v3 and
v4 RSA keys will fail?
Will any earlier official PGP versions allow such altered RSA keys to be
used for signing?
Probably all PGP versions will allow such altered DSS keys to be used for
signing?
This attack is described as including "capturing a signed message." Does
this also apply to signed files? Also to "encrypted and signed"
messages/files?
=====BEGIN PGP SIGNATURE=====
Version: PGP 7.0.3
Comment: My PGP Page & FAQ: http://www.McCune.cc
iQEVAwUBOsJyZjYk/PXew/BzAQGhvgf+JJGP4XIOED+2HEVJONeEYOfn8OggomX6
9scWhMNtvvg3Vev4wRoj5TQRu7SqgAsT2tZKeDhzaIORb24fAiZQg8kL/7Te+IbV
IuDFsa26sPnOZnyyFjQ1KW6M5LuiZl608K6N1XsadhdD/mPNG0JAxhx0Dhm0pbj6
Fd8tgIA0Ebl0K81waLiq/hURM8rMSpOt9CbAIu2juLpHu12OI/EWFP3e54a1Yytp
0ZyAqYWkmPLphY2Xx+A5OIMkUa9BfbcS++8hu0jickMc4NFdPVN47hKvSQaTFnU+
0HmPailop7FYycmDgtH7Y7zs48YxA6Gtisqh/xGQ3xtsgApElk8uBw==
=jfBD
=====END PGP SIGNATURE=====
------------------------------
From: "Henrick Hellstr�m" <[EMAIL PROTECTED]>
Subject: Re: Data dependent arcfour via sbox feedback
Date: Thu, 29 Mar 2001 01:25:18 +0200
"Terry Ritter" <[EMAIL PROTECTED]> skrev i meddelandet
news:[EMAIL PROTECTED]...
[snip]
> >More precisely: In Europe you cannot patent mathematical, intellectual
and
> >organizational methods. There has to be some psysical manifestation
> >involved.
>
> Oh, please. Software *never* functions by itself. Software *always*
> depends upon hardware to function. There are *always* "physical
> manifestations" whenever software functions. If *that* is the issue,
> there is no issue. Nobody cares about software codes which are never
> executed. Execution is the whole point of software.
I just state the facts. I don't make policy. I don't know exactly what you
don't understand about European patent policies. The point is that there may
always be physical manifestations when software functions, but these
physical manifestations are known prior art in 99% of the cases. That's why
they can't be patented.
Maybe you should read up on the subject, or discuss it with an expert. I am
not.
[snip]
> >Could you please tell me in what European country IDEA is patented?
Monaco?
> >Liechtenstein? Andorra? Malta? ;-)
>
> It's not my patent, but it is well known in cryptography. Are you
> unfamiliar with the concept of a European Patent Office?
No, I'm not unfamiliar with the existence of EPO. EPO usually does not issue
any patents of their own. Mostly they only assist you when filing
applications to the patent officies in the member states, etc. However, the
member states may delegate the authority to issue certain types of patents
to EPO (which I don't know if they actually have done or only intend to do
as part of the EU integration process), so the situation is quite complex.
> As far as I know there is a Swiss patent, and also a European patent
> from the EPO. Excuse me for imagining that a European patent would
> demand respect throughout Europe, but I am certainly no expert on
> European patent law.
I think that the European IDEA patents actually only covers the hardware
implementations of IDEA, but that the algorithm itself is part of their
patent claims. I have emailed the "Media-Crypt team" and asked for a copy of
their Swedish patent letter for IDEA. I'll see what they come up with.
> If the patent did not generally apply, I am surprised that we did not
> see someone offer PGP software with IDEA for commercial use from such
> a country. As far as I know, commercial use is prohibited without
> license. That would be limiting the software, of course.
Because it would be a patent violation to sell PGP in a country where the
IDEA algorithm is in fact patented. The main question is where the
transaction actually takes place when you buy software over the internet -
In the country of the software retailer or in the country of the customer? I
recon that the PGP crew rather charge all of their customers the license fee
than go to court over this matter.
--
Henrick Hellstr�m [EMAIL PROTECTED]
StreamSec HB http://www.streamsec.com
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Malicious Javascript in Brent Kohler post
Date: Thu, 29 Mar 2001 01:31:37 +0200
Darren New wrote:
>
> The code in that file is only malicious if your javascript interpreter is
> stupid. It just keeps opening windows until you run out of memory. If your
> interpreter allows that to happen, then you need a better interpreter.
Thanks. If that's the worst thing to be expected from
any javascript, then I wouldn't care. Allow me another
question of ignorance: What about stuffs that contains
ActiveX? (I have no knowledge of ActiveX at all.)
M. K. Shen
------------------------------
From: Imad R. Faiad <[EMAIL PROTECTED]>
Crossposted-To:
alt.privacy.anon-server,alt.security.pgp,comp.security.pgp.discuss,comp.security.pgp.resources,comp.security.pgp.tech
Subject: ATTN: Tom & Vlastimil - Please demonstrate your attack (was New PGP Flaw...)
Date: Thu, 29 Mar 2001 02:35:16 +0200
=====BEGIN PGP SIGNED MESSAGE=====
Greetings,
In the interest of educating the masses, could you please
demonstrate your attack by applying it to this private key:-
http://www.ipgpp.com/allyours.txt
I would have posted it here, but it did not make the
binary filters.
When you are done modifying it to your heart content please
email it to me.
Best Regards
Imad R. Faiad
On Mon, 26 Mar 2001 11:05:21 +0200, in alt.security.pgp "Tomas Rosa"
<[EMAIL PROTECTED]> wrote:
>Would like to know, why are you working with the press release of the
>*company* (it is not our job to do press release papers), while talking
>about crypto in the time when the full crypto-paper exists?
>
>By the way, we looked at the press release paper and we have to say, that
>it was not so bad. Quoting: "...A slight modification of the private key
>file followed by capturing a signed message is enough to break the private
>key..." - doesn't it specify the threat model clearly?
>
>We apologize that the paper was delayed after the press release, but it
>was available in the time you were writing your post.
>
>Tom & Vlastimil
>
>
>
>
>
>"Frank Gerlach" <[EMAIL PROTECTED]> wrote in message
>news:[EMAIL PROTECTED]...
>> Bill Unruh wrote:
>>
>> > In <[EMAIL PROTECTED]> Frank Gerlach <[EMAIL PROTECTED]>
>writes:
>> >
>> > ]Next time, please clearly state the THREAT MODEL. Telling people that
>write
>> > ]access to the secret key is necessary would have been easily
>> > possible.
>Also, if
>> > ]you call your self "cryptologist", be a little more scientific and
>> > less ]marketing-driven. Helps your reputation.
>>
>> I was referring to their very first announcement, which sounded pretty
>dramatic. It
>> turns out that only people, who have their private key writable are
>affected. This is
>> qualifies for marketing-driven scaremongering in my opinion.
>>
>> >
>> >
>> > ?? The secret key is encrypted precisely because the threat model that
>> > someone can read your secret key file is real potential threat. The
>possibility to
>> > write to the file is not far behind being able to read it.
>> > I have no idea if they released this for self aggrandizement, but that
>> > is also totally irrelevant. They have identified a weakhess in the
>> > OpenPGP specification. It is a real weakness of much greater threat
>> > that others that PGP already protects itself against. It needs to be
>> > fixed. It is not hard to fix which is good, but that does not mean it
>> > is
>> > inconsequential. It is definitely a breaking of the protocol.
>> > Remember, crypto is not the algorithm, it is the whole chain, which
>> > includes key protection. Would you have been as sanguine had they
>> > shown that the enryption of the secret key wa flawed and anyone could
>> > simply read it off from the secret key file.? After all that would
>> > require that someone else have read permission to the file, and anyone
>> > who was
>> > careful would never allow someone else to read their secret key file.
I would sure call that a lousy--broken-- protocol.
=====BEGIN PGP SIGNATURE=====
Version: 6.5.8ckt http://www.ipgpp.com/
Comment: KeyID: 0xBCC31718833F1BAD
Comment: Fingerprint: 75CD 96A7 8ABB F87E 9390 5FD7 2A88 4F45
iQEVAwUBOsJnDrzDFxiDPxutAQFTuAf/UpKaTe+fuv+TjszjVxQmC7TE9ffHigag
lc8VrXbil6svYZoz0cexUMkJ1XVH9HnZBpLv68UgPo4pTF8SpPIpRY2pS59gSXUa
t3OiocYYi9DOl830H6/vEwTxIz8tBGIyQC+YiCeUJ3G3wyy0UoTb4Y4TRpAmv3TG
fBDRg6RyvtpOGl8ndipSQKSmowpxuERhRgIW+j5qLuVSQRhPiIyXqRsYAfKqo9qt
eVYrRPtc77ulgB2ym+fJkJgZ9DqZvh5+SqyRy/pjDAOQtXvgDZ2k6QS1a7uEqarg
wzgo+V6yhKP1ZXcbwsNDWmUM/VdE+Y2YDF0ia/mkfPviZAUUMH/y2g==
=oe/u
=====END PGP SIGNATURE=====
------------------------------
From: Steve Portly <[EMAIL PROTECTED]>
Subject: PRNG analysis, runs of zeroes
Date: Wed, 28 Mar 2001 18:43:36 -0500
I finally got around to doing some large volume analysis of my PRNG.
Since it takes the better part of a day to generate a trillion bit file
I had been putting this off. It seems to me that any quantity of random
bits should exhibit a predictable number of runs of either zero or 1.
For very large volume tests finding long runs in your data should rule
out many deterministic patterns.
In this context, (for gaming quality randomness) what would you expect
the longest runs to be in a trillion bit sample?
------------------------------
From: [EMAIL PROTECTED] (Free-man)
Crossposted-To:
alt.privacy.anon-server,alt.security.pgp,comp.security.pgp.discuss,comp.security.pgp.resources,comp.security.pgp.tech
Subject: Re: New PGP Flaw Verified By Phil Zimmerman, Allows Signatures to be Forged
Date: Wed, 28 Mar 2001 23:50:29 GMT
On Mon, 26 Mar 2001 11:59:24 +0200, "Tomas Rosa"
<[EMAIL PROTECTED]> wrote:
>OK, but TAMPERING is just particular cryptanalysing tool.
>
>Good encryption (as the method for preserving data confidentiality) shall be
>resistant to known "sound" cryptanalysing techniques. So, it has to be
>resistant to sound tampering techniques too. So, the encryption of private
>key in OpenPGP is not good.
Good job, Tom and Vlastimil. Your work is appreciated.
Rich Eramian aka freeman at shore dot net
------------------------------
From: "Henrick Hellstr�m" <[EMAIL PROTECTED]>
Subject: Re: Newbie wants to shuffle...
Date: Thu, 29 Mar 2001 02:01:17 +0200
"Mok-Kong Shen" <[EMAIL PROTECTED]> skrev i meddelandet
news:[EMAIL PROTECTED]...
>
>
> "Henrick Hellstr�m" wrote:
> > My algorithm is exhaustive because the series of j:s in Knuth's
algorithm
> > could be put as the sum (...(j{0}*n + j{1})*(n-1) + ...), and that sum
would
> > be equal to N in my algorithm. It is really only arithmetic with a large
> > integer expressed in a dynamic base. You could prove bijectivety in
> > virtually the same way you prove that any integer can be unequivocally
> > expressed in any nonzero base.
>
> The proof of equivalence might be simple, but I don't
> know a ready proof. That's why I was asking for a literature
> reference.
Hm, I see that I wrote the sum the wrong way. The sum is actually
(...(j{2}*3 + j{3})*4 + ...)*n + j{n}, where, for each i in [2..n], it holds
that j{i}
is in [0..i).
Here is the proof you requested:
Let N = (...(j{2}*3 + j{3})*4 + ...)*n + j{n}, and let
N' = (...(j'{2}*3 + j'{3})*4 + ...)*n + j'{n}.
One-to-one: Assume that N = N'. Since N = N' (mod n), we have j{n} = j'{n}.
Since N = N' (mod n(n-1)) we must therefore also have j{n-1} = j'{n-1}, etc.
Assume that we have proven that for all i > k it holds that j{i} = j'{i}.
Since N = N' (mod n!/k!) we must therefore have j{k} = j'{k}. The proof of
injectivety follows by induction.
Onto: Clearly, for each sequence j{0},...,j{n-1} there is a corresponding
sum N, and N must belong to [0..n!): It is trivially true that j{2} belongs
to [0..2!). Assume that the conclusion holds for n and that N is such a sum.
Let j{n+1} be any number in the range [0..n+1). Then N*(n+1) is less than or
equal to (n!-1)*(n+1) = (n+1)! - (n+1). Hence N*(n+1) + j{n+1} < (n+1)!. The
proof of surjectivity follows by induction.
Q.E.D.
--
Henrick Hellstr�m [EMAIL PROTECTED]
StreamSec HB http://www.streamsec.com
------------------------------
From: Ralph Hilton <[EMAIL PROTECTED]>
Crossposted-To:
alt.privacy.anon-server,alt.security.pgp,comp.security.pgp.discuss,comp.security.pgp.resources,comp.security.pgp.tech
Subject: Re: ATTN: Tom & Vlastimil - Please demonstrate your attack (was New PGP
Flaw...)
Date: Thu, 29 Mar 2001 02:01:07 +0200
Reply-To: [EMAIL PROTECTED]
Imad R. Faiad <[EMAIL PROTECTED]> wrote on Thu, 29 Mar 2001 02:35:16 +0200 in msg
<[EMAIL PROTECTED]>, :
>-----BEGIN PGP SIGNED MESSAGE-----
>
>Greetings,
>
>In the interest of educating the masses, could you please
>demonstrate your attack by applying it to this private key:-
>
>http://www.ipgpp.com/allyours.txt
>
>I would have posted it here, but it did not make the
>binary filters.
>
>When you are done modifying it to your heart content please
>email it to me.
>
>Best Regards
>
>Imad R. Faiad
Brilliantly done. Amidst the hundreds of bewildered and/or asinine comments about this
"discovery"
I must admit that you summarized the situation very well.
--
Ralph Hilton
http://www.fzint.org/rhilton
Freezone International: http://www.fzint.org
C-Meter: http://www.inquisitive-instruments.co.uk/
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
