Cryptography-Digest Digest #96, Volume #14 Fri, 6 Apr 01 21:13:01 EDT
Contents:
WANTED: Voice Encryption and Telephony Consultant (MrDbol)
Re: WANTED: Voice Encryption and Telephony Consultant ("Tom St Denis")
Re: Concerning United States Patent 4979832 (Dynamic Substitution) (Mok-Kong Shen)
Re: rc4 without sbox swapping/updating (Mok-Kong Shen)
Re: Delta patching of encrypted data (David Wagner)
[NEWS] Potty-trained Thomas J. Boschloo given for adoption (Boschloo Tales)
Re: WANTED: Voice Encryption and Telephony Consultant (Mok-Kong Shen)
approximating addition vs. xor? ("Tom St Denis")
Re: approximating addition vs. xor? ("Tom St Denis")
Re: approximating addition vs. xor? ("Tom St Denis")
Re: Dynamic Substitution Question (John Savard)
Re: COLOSSUS report on the Web ("Douglas A. Gwyn")
Re: patent issue ("Douglas A. Gwyn")
Re: WANTED: Voice Encryption and Telephony Consultant (John Savard)
Re: WANTED: Voice Encryption and Telephony Consultant (John Savard)
Re: patent issue ("Tom St Denis")
Re: WANTED: Voice Encryption and Telephony Consultant ("Tom St Denis")
Re: COLOSSUS report on the Web (David Hamer)
MIPS Ratings for Encryption Algorithms (Chuck Perry)
Re: WANTED: Voice Encryption and Telephony Consultant (Paul Rubin)
Re: Delta patching of encrypted data (those who know me have no need of my name)
Re: Dynamic Substitution Question (Vernon Schryver)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (MrDbol)
Date: 06 Apr 2001 22:37:39 GMT
Subject: WANTED: Voice Encryption and Telephony Consultant
hi,
I would like to implement a new communications infrastructute in my company. I
would like to receive calls in New York and physically forward them (using
hardware) to France. This process must also undergo voice encryption.
Scenario:
A client calls 212-333-3333. The call is received, encrypted, and forwarded to
the pre-programmed # in France. The call is then decoded in France and a secure
communication channel is achieved. I would like a system that can handle 100
calls at the same time.
I am awaiting your response. I need this system implemented asap.
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: WANTED: Voice Encryption and Telephony Consultant
Date: Fri, 06 Apr 2001 22:41:30 GMT
"MrDbol" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> hi,
>
> I would like to implement a new communications infrastructute in my
company. I
> would like to receive calls in New York and physically forward them (using
> hardware) to France. This process must also undergo voice encryption.
>
> Scenario:
>
> A client calls 212-333-3333. The call is received, encrypted, and
forwarded to
> the pre-programmed # in France. The call is then decoded in France and a
secure
> communication channel is achieved. I would like a system that can handle
100
> calls at the same time.
>
> I am awaiting your response. I need this system implemented asap.
Oh sure, just send all the tools and money here and I will make it for you.
Are you for real?
First off a better solution is to encrypt end to end since your middle man
is a bad point of intrusion... Second why not just use the net? It's far
cheaper and simpler.
Tom
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Concerning United States Patent 4979832 (Dynamic Substitution)
Date: Sat, 07 Apr 2001 01:04:37 +0200
John Savard wrote:
>
[snip]
> Dynamic Substitution operates by taking a table, and modifying that
> table directly by an operation on its entries. Replacing an individual
> entry, adding or XORing a quantity with an entry, or exchanging that
> entry with another entry are possibilities. This allows any possible
> arrangement of the table to be reached, and therefore has an effect
> different from merely producing an effective table from a fixed table
> and an operation with a varying quantity such as XOR or addition.
Yes. In my understanding, being allowed to modify the
content of a table certainly means having more freedom
(possibility of doing things) than keeping the table
fixed. It is in my opinion feasible, though, in many cases
to 'approximate' the benefit of a dynamically varying
table with a (sufficiently, eventually much) larger table.
I have discussed an example situation in another thread.
That is, if having a large (under circumstances huge)
fixed table isn't a problem, then the chance of
(approximately) working around the patent may be
pretty good.
M. K. Shen
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: rc4 without sbox swapping/updating
Date: Sat, 07 Apr 2001 01:04:46 +0200
Terry Ritter wrote:
>
> Mok-Kong Shen<[EMAIL PROTECTED]> wrote:
>
> >[...]
> >Mmm, you are changing your positions? We all know that
> >a capable lawyer can often tweak things. Otherwise some
> >of them wouldn't be able to make big money. The novelty
> >of your patent has been claimed by you many times to lie
> >in 'modification' of a 'table'. If that weren't it, then,
> >as I said before, you seemed not to know yourself what your
> >patent actually IS.
>
> Yes, I am absolutely capable of changing my positions. I try to be
> consistent, but if I am inconsistent, then I am. I don't see anybody
> else trying to teach even the rudiments of understanding a patent, so
> almost half the words moving around here are mine. That means less
> time to consider, less time to remember, and always trying to present
> things in a way that newbies might understand. There will be
> mistakes. There will be omissions.
>
> If you would actually go to the trouble of reviewing some of the first
> posts on this topic -- not necessarily to you -- you will see me
> saying *repeatedly* that this is ultimately a *legal* issue, not
> (just) a technical one. Surely nobody here labors under the delusion
> that I am a patent lawyer.
>
> Because I am the inventor, I necessarily see the patent in the context
> of the invention in my mind, and as a generalization of that
> invention. But the resulting patent is not that, but is instead words
> interpreted in a context of law, rules, previous court decisions and
> special cases, a background which I only have in part. I am like the
> one-eyed man in the kingdom of the blind: I can give the newbie
> introduction around the place, but for anything real, you need to see
> a patent lawyer. And at least one lawyer seems to be wrong in every
> case.
>
> In my personal view, I see Dynamic Substitution as starting with a
> table, and having the contents of the table re-arranged. Obviously,
> dynamic tables can also be polyalphabetic; that is, we can have a
> whole array of them, each changing within itself. But that doesn't
> mean that the patent reads on polyalphabetic tables, unless the
> contents of the tables change.
>
> Normally I think of the table changing only as permutation, because
> that makes more sense in almost every case, but it is a good thing I
> considered the alternative, if that prevents some way of practicing
> the invention which would not otherwise read on the patent. The whole
> point here is for the patent to support a limited-term monopoly for to
> protect what the invention really is, a monopoly which cannot be
> engineered around. Other combiners are available; if one wants to
> obtain the advantage of the invention without taking a license, there
> will be some risk, which is as it should be.
Well, there is nothing against change of opinions in
the cause of a complicated discussion. It is preferable
to give, though, a clear indication of that to the
discussion partners so that these could more easily
follow.
I understand that a patent is a legal issue and, like
a law, it doesn't necessarily imply perfection/quality.
As said previously, I also don't have any problems with
the purposes the patent law is intended to achieve.
I believe that it is a good thing to properly reward
inventors, authors of books, etc. I am interested, on
the other hand, in the technical aspects, not only
because of their scientific interests but also because
the 'actual' implications of the patent claims may
concern other designers of crypto. (That's independent
of my personal interests, for your patent is (yet) for
US only and moreover, as already said, I don't have any
plans to earn money in ANY field, so that I personally
would never come into conflicts with your patent.)
> >[...]
> >If something serves the same or approximately the same
> >purpose as a 'table' but is different in nature (as I have
> >tried to show with an example in a previous follow-up)
> >does that constitute a violation of the patent or not?
>
> I would like to think that the concept of a table of values is
> sufficiently general that if something acts like a table, it would be
> seen as a table. What we are talking about here is nothing less than
> an attempt to avoid the patent monopoly. I hope the patent and the
> supporting law would be sufficient to prevent that, but all this is
> out of my hands.
>
> >Could you explain? A horse coach acts the same as an
> >automobile in transporting persons and goods from one
> >place to the other, though with lower speed. Does a
> >coach violates the patent of a car because of that? If
> >anything, on the contrary, that would be prior art for
> >annulating the car patent.
>
> You have an uninformed idea of what "prior art" means, and I somehow
> doubt that you will be investing the time necessary to do your own
> research and form a more correct understanding. You seem happy enough
> to accept my limited knowledge when that agrees with you, and
> otherwise you simply ignore it. Well, fine, but don't expect to have
> a conversation under such circumstances.
>
> The patent has been strongly examined in the context of the art at
> that time. That does not mean that some previously-unknown
> publication could not exist. It does mean that Dynamic Substitution
> has been found to distinguish beyond the specific prior art mentioned
> in the patent, and other well-known things of the time.
I remain unsure that you could claim that something that
acts like (I mean more exactly 'serves an eqivalent purpose
of') a given patent is covered by that patent. Consider
another example. There are different drugs that cure the
same disease. The patent of one certainly can't be
considered to cover the others. BTW, the example I gave
previously of (approximately) working around a dynamic
table through using a larger static table isn't any new
idea of mine at all. The S-boxes of DES use 2 bits
of the 6 input bits to select from 4 fixed 4-bit bijective mappings
(substitutions). Note that the 2 selection bits
are data dependent, being in a sense a parameter for
achieving some 'dynamic' effects from a static table.
M. K. Shen
=======================
http://home.t-online.de/home/mok-kong.shen
------------------------------
From: [EMAIL PROTECTED] (David Wagner)
Subject: Re: Delta patching of encrypted data
Date: 6 Apr 2001 23:08:08 GMT
Reply-To: [EMAIL PROTECTED] (David Wagner)
Anon wrote:
>We wish to take a file and encrypt it. At a later date we wish to take a
>new version of the file and encrypt that. We want to minimise the data sent
>to enable updates to the new version.
How about encrypting in CBC modes, where after at most every
N bytes you re-start the encryption with a new independent,
explicit IV? Then to make changes, you only have to decrypt
and re-encrypt each chunk of <= N bytes that has been modified.
Note, however, that any such scheme is susceptible to traffic
analysis: the location of all changes is revealed to eavesdroppers.
------------------------------
Date: Fri, 6 Apr 2001 19:03:27 -0400
Subject: [NEWS] Potty-trained Thomas J. Boschloo given for adoption
Crossposted-To: alt.privacy.anon-server,alt.security-pgp
From: Boschloo Tales <[EMAIL PROTECTED]>
NOTICE: This message may not have been sent by the Sender Name
above. Always use cryptographic digital signatures to verify
the identity of the sender of any usenet post or e-mail.
Well
it was trained ...
but I didn't say it learned its lesson ...
Beware your plants and carpets
Not returnable
===============================================
HISTORY:
That Boschloo bozo is a clown and a troll who has been looming around for nearly a
year.
Don't mistake a "regular" (troll) with a knowledgeable person: that self-proclaimed
"security expert" is not even a remailer user. In the past, he proved himself unable
to check a PGP signature, and got ridicule from every single technical topic he wanted
to talk about.
Besides false or inaccurate or misleading technical misinformation, his posts are
about his avowed mental illness, or for bashing remops or real freedom fighters: he
likes to quarrel with every one, and stir shit. Sometimes, it is even pure delirium
(when he misses his pills?)
One of his last actions was to stage a hoax about his own suicide, just to try to grab
some sympathy, after he had been exposed as a troll and technically incompetent.
The worst being his teasing of Script-Kiddie until it triggered a new flood on apas.
Of course, he refuses to apologize.
Actually, the level of contempt he shows for remailer users:
they don't give their names, while he does
that can't do anything against him, without giving their names
is in no way different from what is displayed by Pangborn, Burnore and the like
Ignore him completely, killfile him, respect others' killfiles
KILLFILE:
To put him in your killfile, put "Author: Boschloo"
That will make disappear both him and people who warn about him
If you want to tell him to buzz off, or warn about him,
use a nickname containing "Boschloo" (Boschloo Hater, Boschloo Sucks,...)
to accomodate such killfile for "regulars", and still warn newbies
COURAGE:
Boschloo is getting _no_ answer from apas any more.
He has to crosspost to various newsgroups to try to grab some attention.
In a few months, it will be gone.
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: WANTED: Voice Encryption and Telephony Consultant
Date: Sat, 07 Apr 2001 01:10:24 +0200
MrDbol wrote:
>
> I would like to implement a new communications infrastructute in my company. I
> would like to receive calls in New York and physically forward them (using
> hardware) to France. This process must also undergo voice encryption.
>
> Scenario:
>
> A client calls 212-333-3333. The call is received, encrypted, and forwarded to
> the pre-programmed # in France. The call is then decoded in France and a secure
> communication channel is achieved. I would like a system that can handle 100
> calls at the same time.
I certainly haven't understood. But isn't a good voice
encryption hardware all that you would need? How and
whether humans are involved is presumably another issue,
I guess.
M. K. Shen
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: approximating addition vs. xor?
Date: Fri, 06 Apr 2001 23:18:12 GMT
I am trying to discuss how to probable an appromation of addition in Z2^w
compared xor, e.g. how likely are they to be the same operation.
I started off with a truth table i.e.
0 0 0 g, 1/2 * 1/2 * 3/4
0 0 1 g, 1/2 * 1/2 * 1/4
0 1 0 g, 1/2 * 1/2 * 3/4
0 1 1 b, 1/2 * 1/2 * 1/4
1 0 0 g, 1/2 * 1/2 * 3/4
1 0 1 b, 1/2 * 1/2 * 1/4
1 1 0 b, 1/2 * 1/2 * 3/4
1 1 1 b, 1/2 * 1/2 * 1/4
Where 'g' means is an approximation of and 'b' means not. The third colum
is the carry and the two others are the bits being added together. I added
the 'g' terms and got 10/16 = 8/5. I then stated that a W bit xor is like
a W-bit add with probability of (3/4)(5/8)^(W-1) for the first bit is good
3/4 of the time.
It turns out this is not even remotely right. With W=8 the correct solution
is about 0.1538 but my formulay gives about 0.0279.
Any pointers as to what I am doing wrong?
--
Tom St Denis
---
http://tomstdenis.home.dhs.org
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: approximating addition vs. xor?
Date: Fri, 06 Apr 2001 23:26:32 GMT
"Tom St Denis" <[EMAIL PROTECTED]> wrote in message
news:U8sz6.38609$[EMAIL PROTECTED]...
> I am trying to discuss how to probable an appromation of addition in Z2^w
> compared xor, e.g. how likely are they to be the same operation.
>
> I started off with a truth table i.e.
>
> 0 0 0 g, 1/2 * 1/2 * 3/4
> 0 0 1 g, 1/2 * 1/2 * 1/4
> 0 1 0 g, 1/2 * 1/2 * 3/4
> 0 1 1 b, 1/2 * 1/2 * 1/4
> 1 0 0 g, 1/2 * 1/2 * 3/4
> 1 0 1 b, 1/2 * 1/2 * 1/4
> 1 1 0 b, 1/2 * 1/2 * 3/4
> 1 1 1 b, 1/2 * 1/2 * 1/4
>
> Where 'g' means is an approximation of and 'b' means not. The third colum
> is the carry and the two others are the bits being added together. I
added
> the 'g' terms and got 10/16 = 8/5. I then stated that a W bit xor is
like
> a W-bit add with probability of (3/4)(5/8)^(W-1) for the first bit is good
> 3/4 of the time.
>
> It turns out this is not even remotely right. With W=8 the correct
solution
> is about 0.1538 but my formulay gives about 0.0279.
I think the solution is to observe that in a+b, if a=0 then all b are good.
This means that it follows the binomial distribution of the # of 1 bits in a
W-bit number. The more zero bits the more candidate b's ... actually there
are 2^R candidates where R is the number of zeroes.
So it's sum of R=0 to W of (Z(R) * 2^R) where Z(x) is the number of W-bit
integers that only have R bits.
That should be the exact solution. Unfortunately I forgot the binomial
formula... time for a websearch... if I am remotely right please respond.
Tom
>
> Any pointers as to what I am doing wrong?
> --
> Tom St Denis
> ---
> http://tomstdenis.home.dhs.org
>
>
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: approximating addition vs. xor?
Date: Fri, 06 Apr 2001 23:37:51 GMT
"Tom St Denis" <[EMAIL PROTECTED]> wrote in message
news:Igsz6.38684$[EMAIL PROTECTED]...
> So it's sum of R=0 to W of (Z(R) * 2^R) where Z(x) is the number of W-bit
> integers that only have R bits.
>
> That should be the exact solution. Unfortunately I forgot the binomial
> formula... time for a websearch... if I am remotely right please respond.
Yup I checked and it appears this is the solution. I.e
{ sum from R=0 to W { (W choose R)(1/2)^R } } over 2^W.
Tom
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Dynamic Substitution Question
Date: Fri, 06 Apr 2001 23:45:36 GMT
On Fri, 6 Apr 2001 20:15:41 GMT, "John L. Allen"
<[EMAIL PROTECTED]> wrote, in part:
>Honest-to-god that's a smiley there. It was meant only in good-natured jest.
>I guess I shouldn't quit my day job to become either a comedian _or_ a
>cryptologist.
Yes, I saw the smiley. But I felt that was still a terrible thing to
say.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: COLOSSUS report on the Web
Date: Fri, 6 Apr 2001 23:49:20 GMT
Frode Weierud wrote:
> There is also the problem with printing as each page would then print as
> graphics and it would take a lot longer to print. But the biggest
> problem is with usability. Some of the scans would be very difficult or
> even impossible to read due to the poor `original' copies. Also it
> would no longer be possible to do text searches in the document
> something which is quite useful. ...
I agree. The documents I eventually expect to post on my Web site
(don't look, there's nothing useful there yet) are being OCRed and
post-edited manually to clean everything up. The reason is that
they are a lot more useful that way, as the man said.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: patent issue
Date: Fri, 6 Apr 2001 23:51:11 GMT
Tom St Denis wrote:
> Patents are just a way to hold someone liable for being creative.
No, they're an incentive for inventors to publish their work
instead of keeping it secret while they (possibly) exploit it.
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: WANTED: Voice Encryption and Telephony Consultant
Date: Sat, 07 Apr 2001 00:04:38 GMT
On Fri, 06 Apr 2001 22:41:30 GMT, "Tom St Denis"
<[EMAIL PROTECTED]> wrote, in part:
>First off a better solution is to encrypt end to end since your middle man
>is a bad point of intrusion...
Perhaps he is receiving calls from customers, who aren't necessarily
going to run out and buy encrypted telephones.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: WANTED: Voice Encryption and Telephony Consultant
Date: Sat, 07 Apr 2001 00:07:40 GMT
On 06 Apr 2001 22:37:39 GMT, [EMAIL PROTECTED] (MrDbol) wrote, in part:
>A client calls 212-333-3333. The call is received, encrypted, and forwarded to
>the pre-programmed # in France. The call is then decoded in France and a secure
>communication channel is achieved. I would like a system that can handle 100
>calls at the same time.
Two ways of meeting your requirements:
1) A computer voice-response system is set up in New York. Calls are
recieved by computer, digitized by a sound card, and the resulting
files are encrypted, and sent to France by E-mail over the Internet.
2) Or, if the calls must be recieved by a telepone in France, then I
suppose you should contact a European supplier of secure telephone
equipment, like Gretag, that can supply you with the appropriate
equipment. This may be expensive.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: patent issue
Date: Sat, 07 Apr 2001 00:23:16 GMT
"Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Tom St Denis wrote:
> > Patents are just a way to hold someone liable for being creative.
>
> No, they're an incentive for inventors to publish their work
> instead of keeping it secret while they (possibly) exploit it.
Ahh, but if money wasn't an issue why hold it secret?
Tom
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: WANTED: Voice Encryption and Telephony Consultant
Date: Sat, 07 Apr 2001 00:23:48 GMT
"John Savard" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> On Fri, 06 Apr 2001 22:41:30 GMT, "Tom St Denis"
> <[EMAIL PROTECTED]> wrote, in part:
>
> >First off a better solution is to encrypt end to end since your middle
man
> >is a bad point of intrusion...
>
> Perhaps he is receiving calls from customers, who aren't necessarily
> going to run out and buy encrypted telephones.
So someone taps the link from customer to forwarding. Hmm that's secure :-)
Tom
------------------------------
From: David Hamer <[EMAIL PROTECTED]>
Subject: Re: COLOSSUS report on the Web
Date: Fri, 06 Apr 2001 20:28:43 -0400
Paul Rubin wrote:
>
> That's great, but for the pdf's, why not just make them from the
> original scans?
The proliferation of paper sizes is - if not at the root of
the problem - at least a major factor. When considering a scan
of BP 'originals' it must be remembered that these were, for
the most part, written on foolscap size paper - 8.5" x 13.5".
The closest 'modern day' equivalent would be US legal-size paper
at 8.5" x 14". Given that the 'everyday' size of most US paper
stock is 8.5" x 11" and that of the rest of the civilized world
is A4 - 8.3" x 11.7" - scanning and subsequent reproduction can
present a dilemma - particularly if, as in this case, one is
trying to maintain the original pagination and layout.
David
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
David Hamer The Crypto Simulation Group
[EMAIL PROTECTED] or [EMAIL PROTECTED]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
------------------------------
From: Chuck Perry <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: MIPS Ratings for Encryption Algorithms
Date: Fri, 06 Apr 2001 19:33:43 -0500
Is there a web site or other such source that has done something like
this for various platforms (i.e. TMS320 DSPs)?
I'm interested in ratings for SHA-1 and 3DES-CBC. Also for some of the
ECC digital signing per the latest version of IEEE 1394.
Thanks,
Chuck
------------------------------
From: Paul Rubin <[EMAIL PROTECTED]>
Subject: Re: WANTED: Voice Encryption and Telephony Consultant
Date: 06 Apr 2001 17:34:28 -0700
[EMAIL PROTECTED] (MrDbol) writes:
> A client calls 212-333-3333. The call is received, encrypted, and forwarded to
> the pre-programmed # in France. The call is then decoded in France and a secure
> communication channel is achieved. I would like a system that can handle 100
> calls at the same time.
>
> I am awaiting your response. I need this system implemented asap.
As described, that relies on the US phone system being secure. So
you're concerned about interception on the French side. Is that
accurate?
------------------------------
From: [EMAIL PROTECTED] (those who know me have no need of my name)
Subject: Re: Delta patching of encrypted data
Date: Sat, 07 Apr 2001 00:47:05 -0000
<9ali8o$r7m$[EMAIL PROTECTED]> divulged:
>Anon wrote:
>>We wish to take a file and encrypt it. At a later date we wish to take a
>>new version of the file and encrypt that. We want to minimise the data sent
>>to enable updates to the new version.
>
>How about encrypting in CBC modes, where after at most every
>N bytes you re-start the encryption with a new independent,
>explicit IV? Then to make changes, you only have to decrypt
>and re-encrypt each chunk of <= N bytes that has been modified.
if you'd consider this method, you might want to encrypt the delta file
and deploy a patch program that can accept encrypted data and delta
inputs and output the updated data (already encrypted).
--
okay, have a sig then
------------------------------
From: [EMAIL PROTECTED] (Vernon Schryver)
Subject: Re: Dynamic Substitution Question
Date: 6 Apr 2001 18:45:37 -0600
In article <[EMAIL PROTECTED]>,
John Savard <[EMAIL PROTECTED]> wrote:
>>Honest-to-god that's a smiley there. It was meant only in good-natured jest.
>>I guess I shouldn't quit my day job to become either a comedian _or_ a
>>cryptologist.
>
>Yes, I saw the smiley. But I felt that was still a terrible thing to
>say.
Why? It was not generous and by talking about lawsuit winnings it was
perhaps over the top, but the underlying point is important.
The point is that fame and fortune in encryption is precluded instead
of enhanced by patents.
Well known people who apparently do make money in the encryption
business and who produced popular ciphers have repeatedly pointed out,
patented ciphers are non-starters. Today, no one with clues enough
to use reasonable encryption will bother looking at an encryption
scheme that is encumbered as intellectual property. For decades, the
free symmetric alternatives have been too good to allow the risks of
dealing with patents. If you pick a free encryption scheme, you can
expect that you'll have company if there submarine patent surfaces
and hope that some of your fellow users will have deep enough pockets
to sink a weakling. No one can know whether there is an older patent
Dynamic Substitution. If you license a patented encryption scheme
and a submarine does surface, you won't need to worry about sharing
the glory or legal bills of the court fight.
Buying rights to use an encryption idea make as little sense as buying
rights to use most software ideas. It is extremely difficult to get a
valid patent on all of the ways to compute a function, and even more
difficult to patent all of the good enough ways to solve a problem.
Arithmetic compression and LZW are case studies of both of those points.
There is another problem with patented encryption schemes. Their
use is likely to be secret. Who is to say how many of the proprietary
encryption schemes flogged in the trade press and even sci.crypt
involve dynamic substitution? How would the patent holder learn
that a lawsuit should be filed? (Never mind whether a lawsuit would
net any money or that proprietary encryption scheme are likely to
be snake oil regardless of what encryption they're based on.)
All of that implies that trying to sell selling encryption schemes
is worse than selling free software. Compare the stories of
FreeBSD/BSDI, RedHat, Va Linux and the proprietary encryption
vendors with the stories of Cygnus and Counterpane.
The fact that the patent lottery sold to individual inventors is
a more of a "stupid tax" or at least "sucker bet" than any state
lottery is an important and valid point.
Vernon Schryver [EMAIL PROTECTED]
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
