Cryptography-Digest Digest #55, Volume #14 Sun, 1 Apr 01 15:13:01 EDT
Contents:
Re: DOES ANYONE HAVE "THE CODE BOOK" BY SIMON SINGH IN PDF FORMAT? PLZ POST OR
SEND - TIA! (Nemo psj)
Certicom's ECCp-109 (Chris Monico)
Re: AES VS. DES ("James Wyatt")
Problematic Patent ("boobaloo")
Re: conferences? ("M.S. Bob")
Re: AES VS. DES ("Tom St Denis")
Re: AES VS. DES (SCOTT19U.ZIP_GUY)
Re: AES VS. DES (SCOTT19U.ZIP_GUY)
Re: NEWS READER CRASHING (Mok-Kong Shen)
Re: conferences? ("Tom St Denis")
Re: AES VS. DES ("Tom St Denis")
Re: Idea - (LONG) (Mok-Kong Shen)
Re: Malicious Javascript in Brent Kohler post (was: Re: Who is Brent K (Mok-Kong
Shen)
Re: AES VS. DES (Mok-Kong Shen)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Nemo psj)
Date: 01 Apr 2001 15:13:09 GMT
Subject: Re: DOES ANYONE HAVE "THE CODE BOOK" BY SIMON SINGH IN PDF FORMAT? PLZ POST
OR SEND - TIA!
I'm not the one who wanted to get a copy of that book. You idiots need to look
at the name of the posters before you get all hot temperd. I was agreing with
you guys. All I can say is Wow it takes some special people to do something so
dumb.
Get your facts straight.
------------------------------
From: [EMAIL PROTECTED] (Chris Monico)
Subject: Certicom's ECCp-109
Date: Sun, 01 Apr 2001 17:04:40 GMT
Hello all,
I'm preparing to launch a distributed effort to solve Certicom's
ECCp-109 elliptic curve DLP challenge, and I just wanted to ask around
to make sure nobody is already undertaking this challenge. I've
already asked Rob Harley and he's not doing this one; I had made the
assumption that he would know if anyone else was doing it, but perhaps
this is a bad assumption, so I thought I'd ask here as well. So, does
anyone know of a group that's working on this challenge?
If so, please drop me an email as I haven't been religously reading
my newsgroups lately.
Cheers,
Chris
[EMAIL PROTECTED]
------------------------------
From: "James Wyatt" <[EMAIL PROTECTED]>
Subject: Re: AES VS. DES
Date: Sun, 01 Apr 2001 17:56:59 GMT
I read somewhere that it would take longer than the Earth has existed to use
a brute force attack on AES. That is assuming one processor running around 1
gHz. I have no doubt that the NSA has methods to break this algorithm, but
unless they've got the only working quantum computer, they can't possibly
use brute force.
Jim
"Brian Gladman" <[EMAIL PROTECTED]> wrote in message
news:FNDx6.3648$Ph.156193@stones...
> "Latyr Jean-Luc FAYE" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > Hello,
> > It's the 2nd time I post this message. I would like to know what are the
> > difference between AES and its precursor DES. What are the advantage
> > of AES vs DES.
>
> The main advantages of AES over DES are that: (a) it offers a larger block
> size - 128 bits in place of 64; (b) it offers longer key lengths of 128,
192
> and 256 bits in place of 56 bits, and (c) it is more efficient, typically
> 2-3 times faster in software. The major disadvantage is that it is new
and
> may hence have as yet undiscovered (or undisclosed) weaknesses.
>
> DES is still a very good cipher that has not been broken but increases in
> processing capability since it was introduced now mean that it is
vulnerable
> to key search attacks - testing each of the 2^56 possible keys in turn and
> seeing which of these give an ouptut with a pattern of some kind (for
> example ascii characters).
>
> If you accept that AES is a good cipher - one whose effective key lengths
> are the same as its stated key lengths - then the minimum key length of
128
> bits means that key search attacks are not currently feasible and not
likely
> to become so in the forseeable future. In consequence patterns in
plaintext
> are not the real problem for AES that they are for DES. And if you are
> really paranoid you can use 256 bit keys.
>
> As far as we know, AES is an unbroken cipher. But it is relatively new
and
> it is hence possible that it has weaknesses that have either not been
> discovered or are not yet known to the public. You need to consider
whether
> such possibilities pose unacceptable potential risks.
>
> You will, for example, hear suggestions that NSA can break AES and you
will
> need to make up your own mind whether such ideas have any credibility and,
> if you think they do, whether or not this really matters to you.
>
> The most important question to ask yourself here is: "why would the US -
the
> nation with the most advanced information based economy in the world - put
> this economy (and hence its national security) at risk by encouraging the
> use of a broken cipher in the protection of its national information
assets
> and its national information infrastructure?"
>
> A rational look at (a) the history of DES; (b) the way the AES standard
has
> been developed, and (c) an objective consideration of the consequences for
> the US if NSA were to knowingly advocate a FIPS standard cipher that they
> knew to be broken; shoud allow you to judge the possible algorithm based
> risks involved in using AES.
>
> Brian Gladman
>
>
>
------------------------------
From: "boobaloo" <[EMAIL PROTECTED]>
Subject: Problematic Patent
Date: Sun, 01 Apr 2001 17:54:46 GMT
A patent has been recently issued that appears absurdly broad, and that
could dramatically limit activity in the field.
US patent 6165072
(enter number here: http://164.195.100.11/netahtml/srchnum.htm)
Claim 51 would seem to cover any situation in which one sends encrypted data
and then later sends the plaintext.
Claim 51 states: >>>>>>>>>>>>>>>
51. Apparatus for creating and verifying secret data transactions over a
communications network, comprising:
a first processor for:
(i) generating a first processor secret arbitrary data input;
(ii) computing a first processor data input irreversible transform from said
first processor arbitrary data input;
(iii) communicating said first processor data input irreversible transform
to a second processor over the communications network; and
(iv) after (i) and (iii), communicating said first secret arbitrary data
input to a second processor over the communications network.
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
If you have prior art references for this common occurance, please post
them. Likewise if you have references regarding the related claims 52-56.
------------------------------
From: "M.S. Bob" <[EMAIL PROTECTED]>
Subject: Re: conferences?
Date: Sun, 01 Apr 2001 19:04:25 +0100
Tom St Denis wrote:
>
> I just finished a design for a simple cipher based on MDS matrices and a FFT
> like network (like CS-Cipher) the idea is to make the encryption really
> simple and use it in CTR mode. The cipher takes a 192-bit key and a 64-bit
> block (i.e you encrypt the 64-bit counter and xor it against the msg as
> required).
>
> I was wondering what conferences this type of cipher would be relevant too.
http://www.privacy.nb.ca/cancrypt/events.shtml
for Canadian events, SAC is likely the best choice. Being in Toronto the
travel costs would be low for you, and small enough you might have a
chance to get accepted.
FSE is another. Eurocrypt and Asiacryt are amonsgt other possibilities.
Crypto is out because I suspect the rejection rate is too high.
For co-authors, check the students at Waterloo, Queen's, McGill,
Carleton, MUN (under Howard Heys), research assistances & such at
Entrust, Zero Knowledge Systems, Certicom, and anyone in your area.
There is a sometime limited stipeds grants available to help offset the
registeration costs for students, which may be of you to use if you are
not being sponsored by your employer.
You might want to see if Carleton or Entrust has a cryptography reading
group. Present your algorithm to them, and let them thrash it, and see
if it is still worth writing up.
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: AES VS. DES
Date: Sun, 01 Apr 2001 18:10:00 GMT
"James Wyatt" <[EMAIL PROTECTED]> wrote in message
news:LZJx6.538925$[EMAIL PROTECTED]...
> I read somewhere that it would take longer than the Earth has existed to
use
> a brute force attack on AES. That is assuming one processor running around
1
> gHz. I have no doubt that the NSA has methods to break this algorithm, but
> unless they've got the only working quantum computer, they can't possibly
> use brute force.
This is a meaningless paragraph. Against AES in ECB mode in a perfect world
it probably does take a zillion years to "break" (e.g guess the key). But
in reality it depends on *******HOW******** you use the cipher much more
then the quality of the cipher itself.
e.g I could write a program that uses AES now that could be broken in 5 mins
flat, despite using AES with 256-bit keys etc...
Tom
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: AES VS. DES
Date: 1 Apr 2001 18:07:59 GMT
[EMAIL PROTECTED] (James Wyatt) wrote in
<LZJx6.538925$[EMAIL PROTECTED]>:
>I read somewhere that it would take longer than the Earth has existed to
>use a brute force attack on AES. That is assuming one processor running
>around 1 gHz. I have no doubt that the NSA has methods to break this
>algorithm, but unless they've got the only working quantum computer,
>they can't possibly use brute force.
>
What's the point of this often quoted garabage based on rediculously
long times. Hell if one tried to break even the old World War II Engima
by guessing the sequecnce of characters on the wheels and setting it may
take till the sun burns out. But few ciphers are every broken on dumb
blind nonadaptive brute force. Its really not worth mentioning it since
it really mean so little.
Estimates of time to break have always been wrong. Look at RSA short
keys of a few hundred bits where thought to be safe for an extremely
long time. Know you have to have a few thousand to be safe from methods
of attack today.
>Jim
>
>"Brian Gladman" <[EMAIL PROTECTED]> wrote in message
>news:FNDx6.3648$Ph.156193@stones...
>> "Latyr Jean-Luc FAYE" <[EMAIL PROTECTED]> wrote in message
>> news:[EMAIL PROTECTED]...
>> > Hello,
>> > It's the 2nd time I post this message. I would like to know what are
>> > the difference between AES and its precursor DES. What are the
>> > advantage of AES vs DES.
>>
>> The main advantages of AES over DES are that: (a) it offers a larger
>> block size - 128 bits in place of 64; (b) it offers longer key lengths
>> of 128,
>192
>> and 256 bits in place of 56 bits, and (c) it is more efficient,
>> typically 2-3 times faster in software. The major disadvantage is
>> that it is new
>and
>> may hence have as yet undiscovered (or undisclosed) weaknesses.
>>
>> DES is still a very good cipher that has not been broken but increases
>> in processing capability since it was introduced now mean that it is
>vulnerable
>> to key search attacks - testing each of the 2^56 possible keys in turn
>> and seeing which of these give an ouptut with a pattern of some kind
>> (for example ascii characters).
>>
>> If you accept that AES is a good cipher - one whose effective key
>> lengths are the same as its stated key lengths - then the minimum key
>> length of
>128
>> bits means that key search attacks are not currently feasible and not
>likely
>> to become so in the forseeable future. In consequence patterns in
>plaintext
>> are not the real problem for AES that they are for DES. And if you are
>> really paranoid you can use 256 bit keys.
>>
>> As far as we know, AES is an unbroken cipher. But it is relatively
>> new
>and
>> it is hence possible that it has weaknesses that have either not been
>> discovered or are not yet known to the public. You need to consider
>whether
>> such possibilities pose unacceptable potential risks.
>>
>> You will, for example, hear suggestions that NSA can break AES and you
>will
>> need to make up your own mind whether such ideas have any credibility
>> and, if you think they do, whether or not this really matters to you.
>>
>> The most important question to ask yourself here is: "why would the US
>> -
>the
>> nation with the most advanced information based economy in the world -
>> put this economy (and hence its national security) at risk by
>> encouraging the use of a broken cipher in the protection of its
>> national information
>assets
>> and its national information infrastructure?"
>>
>> A rational look at (a) the history of DES; (b) the way the AES
>> standard
>has
>> been developed, and (c) an objective consideration of the consequences
>> for the US if NSA were to knowingly advocate a FIPS standard cipher
>> that they knew to be broken; shoud allow you to judge the possible
>> algorithm based risks involved in using AES.
>>
>> Brian Gladman
>>
>>
>>
>
>
>
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE "OLD VERSIOM"
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.nbci.com/ecil/index.htm
Scott LATEST UPDATED sources for scott*u.zip
http://radiusnet.net/crypto/archive/scott/
Scott famous Compression Page
http://members.nbci.com/ecil/compress.htm
**NOTE FOR EMAIL drop the roman "five" ***
A final thought from President Bill: "The road to tyranny,
we must never forget, begins with the destruction of the truth."
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: AES VS. DES
Date: 1 Apr 2001 18:20:41 GMT
[EMAIL PROTECTED] (Tom St Denis) wrote in
<Y9Kx6.181104$[EMAIL PROTECTED]>:
>
>"James Wyatt" <[EMAIL PROTECTED]> wrote in message
>news:LZJx6.538925$[EMAIL PROTECTED]...
>> I read somewhere that it would take longer than the Earth has existed
>> to
>use
>> a brute force attack on AES. That is assuming one processor running
>> around
>1
>> gHz. I have no doubt that the NSA has methods to break this algorithm,
>> but unless they've got the only working quantum computer, they can't
>> possibly use brute force.
>
>This is a meaningless paragraph. Against AES in ECB mode in a perfect
>world it probably does take a zillion years to "break" (e.g guess the
>key). But in reality it depends on *******HOW******** you use the
>cipher much more then the quality of the cipher itself.
>
>e.g I could write a program that uses AES now that could be broken in 5
>mins flat, despite using AES with 256-bit keys etc...
>
>Tom
>
Tom I know you think your joking. But it is trival to write a program
that could use full 256 key Rijndael and it would be trival to break.
All you have to do is use the oppsite principals that where used in
Matt's bijective compression encryption that uses Rijndael. I doubt
that I could break most applications the NSA ( oophs AES people ) will
come up with. But using non bijective padding with non bijective
compression is surely a trip in the direction of making it easier to
break. Oh yes the data coming out would be as is the Blocks Out of the
encryption due to Rijndeal would be the last stage. The AES people don't
really want one to use secrure encryption its obvious.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE "OLD VERSIOM"
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.nbci.com/ecil/index.htm
Scott LATEST UPDATED sources for scott*u.zip
http://radiusnet.net/crypto/archive/scott/
Scott famous Compression Page
http://members.nbci.com/ecil/compress.htm
**NOTE FOR EMAIL drop the roman "five" ***
A final thought from President Bill: "The road to tyranny,
we must never forget, begins with the destruction of the truth."
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: NEWS READER CRASHING
Date: Sun, 01 Apr 2001 20:25:14 +0200
John Savard wrote:
>
> [EMAIL PROTECTED] wrote:
>
> > I have noticed that sometimes I get a message that flat crashes
> >my newsreader. I found it best to just not look at such messages
> >a second time becasue it is repeatable. I use Xnews read for now
> >but today I opened a message up and the next thing I new my browser
> >opened and was sending mail. I killed the connection but has this
> >happened to any one else. The post that caused the mail was in
> >another news group but it kind of surprised me.
>
> There was a malicious JavaScript posting in several newsgroups -
> including this one. Some newsreaders, like Free Agent, don't try to
> execute content from postings you view.
Note though that certain web pages that one access or links
therefrom involve javascript. To be safe, one would have to
deactivate javascript, I suppose. (In Netscape there is a
switch for that.)
M. K. Shen
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: conferences?
Date: Sun, 01 Apr 2001 18:27:07 GMT
"M.S. Bob" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Tom St Denis wrote:
> >
> > I just finished a design for a simple cipher based on MDS matrices and a
FFT
> > like network (like CS-Cipher) the idea is to make the encryption really
> > simple and use it in CTR mode. The cipher takes a 192-bit key and a
64-bit
> > block (i.e you encrypt the 64-bit counter and xor it against the msg as
> > required).
> >
> > I was wondering what conferences this type of cipher would be relevant
too.
>
> http://www.privacy.nb.ca/cancrypt/events.shtml
> for Canadian events, SAC is likely the best choice. Being in Toronto the
> travel costs would be low for you, and small enough you might have a
> chance to get accepted.
>
> FSE is another. Eurocrypt and Asiacryt are amonsgt other possibilities.
> Crypto is out because I suspect the rejection rate is too high.
I have decided to not even bother. I am not quite "math savvy" enough to
discuss my cipher properly.... Maybe in a few years...
Thanks anyways.
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: AES VS. DES
Date: Sun, 01 Apr 2001 18:27:43 GMT
"SCOTT19U.ZIP_GUY" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> [EMAIL PROTECTED] (Tom St Denis) wrote in
> <Y9Kx6.181104$[EMAIL PROTECTED]>:
>
> >
> >"James Wyatt" <[EMAIL PROTECTED]> wrote in message
> >news:LZJx6.538925$[EMAIL PROTECTED]...
> >> I read somewhere that it would take longer than the Earth has existed
> >> to
> >use
> >> a brute force attack on AES. That is assuming one processor running
> >> around
> >1
> >> gHz. I have no doubt that the NSA has methods to break this algorithm,
> >> but unless they've got the only working quantum computer, they can't
> >> possibly use brute force.
> >
> >This is a meaningless paragraph. Against AES in ECB mode in a perfect
> >world it probably does take a zillion years to "break" (e.g guess the
> >key). But in reality it depends on *******HOW******** you use the
> >cipher much more then the quality of the cipher itself.
> >
> >e.g I could write a program that uses AES now that could be broken in 5
> >mins flat, despite using AES with 256-bit keys etc...
> >
> >Tom
> >
>
> Tom I know you think your joking. But it is trival to write a program
> that could use full 256 key Rijndael and it would be trival to break.
> All you have to do is use the oppsite principals that where used in
> Matt's bijective compression encryption that uses Rijndael. I doubt
> that I could break most applications the NSA ( oophs AES people ) will
> come up with. But using non bijective padding with non bijective
> compression is surely a trip in the direction of making it easier to
> break. Oh yes the data coming out would be as is the Blocks Out of the
> encryption due to Rijndeal would be the last stage. The AES people don't
> really want one to use secrure encryption its obvious.
Whatever.
Tom
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Idea - (LONG)
Date: Sun, 01 Apr 2001 20:30:05 +0200
"Douglas A. Gwyn" wrote:
>
> Mok-Kong Shen wrote:
> > If one has r bits of truly random bits (never mind how to
> > get this), one can only encrypt r bits with perfect
> > security in the sense of Shannon.
>
> Well, no, it depends on the source characteristics.
You statement doesn't appear to be clear. Which source?
The r bits (as key) is assumed to be from a perfect source.
Is that souce that you were refering to? Thanks.
M. K. Shen
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Crossposted-To: alt.drugs.pot,rec.radio.swap,rec.running,rec.sport.skating.ice.figure
Subject: Re: Malicious Javascript in Brent Kohler post (was: Re: Who is Brent K
Date: Sun, 01 Apr 2001 20:40:35 +0200
those who know me have no need of my name wrote:
>
> <[EMAIL PROTECTED]> wrote:
>
> >How often would you use scripted mathematical formulae in news group
> >postings? Creating a web page and linking to it would probably be a
> >more useful solution.
>
> in sci.crypt it might happen quite often, though it's usual for latex to
> be used. since mathml is nearly unreadable i don't see why anyone would
> want it, especially since it would mean that html (and other shite)
> would have to be processed as well.
>
> i would _much_ rather see latex than mathml -- you tell me:
>
> latex ... x = \frac{-b\pm\sqrt{b^2 - 4ac}}{2a}
> mathml ...
[snip]
I would also prefer Latex syntax. However, the standard
group has chosen another approach. Now, one is likely
to have a browser to process mathml. But not everyone
is likely to take the trouble to install a Latex system.
M. K. Shen
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: AES VS. DES
Date: Sun, 01 Apr 2001 21:04:17 +0200
"SCOTT19U.ZIP_GUY" wrote:
>
> Tom I know you think your joking. But it is trival to write a program
> that could use full 256 key Rijndael and it would be trival to break.
> All you have to do is use the oppsite principals that where used in
> Matt's bijective compression encryption that uses Rijndael. I doubt
> that I could break most applications the NSA ( oophs AES people ) will
> come up with. But using non bijective padding with non bijective
> compression is surely a trip in the direction of making it easier to
> break. Oh yes the data coming out would be as is the Blocks Out of the
> encryption due to Rijndeal would be the last stage. The AES people don't
> really want one to use secrure encryption its obvious.
Joke or not aside, I suppose you are not claiming that
AES can be cracked with the current state of the art.
M. K. Shen
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
