Cryptography-Digest Digest #106, Volume #14 Sun, 8 Apr 01 14:13:01 EDT
Contents:
Re: I got accepted (kctang)
Re: I got accepted ("Tom St Denis")
Re: NSA is funding stegano detection (Lassi =?iso-8859-1?Q?Hippel=E4inen?=)
Re: How good is steganography in the real world? (Charles Lyttle)
inversion and squaring ("Tom St Denis")
Re: inversion and squaring (Stefan Katzenbeisser)
Re: inversion and squaring ("Tom St Denis")
ANN: New Rijndael C++ implementation (Gerhard Wesp)
Re: I got accepted (kctang)
Re: How good is steganography in the real world? (SCOTT19U.ZIP_GUY)
Re: SHA PRNG (Mark Wooding)
Re: How good is steganography in the real world? (SCOTT19U.ZIP_GUY)
Re: NSA is funding stegano detection (Alun Jones)
Re: How good is steganography in the real world? (George Weinberg)
Newbie Qestion:Blockcipher plaintext attack ("Jonas Jakobsson")
Re: Newbie Qestion:Blockcipher plaintext attack ("Scott Fluhrer")
Re: How good is steganography in the real world? (Alun Jones)
Re: patent issue (John Savard)
Re: Newbie Qestion:Blockcipher plaintext attack ("Jonas Jakobsson")
----------------------------------------------------------------------------
From: kctang <[EMAIL PROTECTED]>
Subject: Re: I got accepted
Date: Sun, 08 Apr 2001 20:27:40 +0800
Tom St Denis wrote:
> Yahooooooo!
>
> I got accepted to 1 out of the 3 (so far) universities I applied too.
> Yahooooo!
I wish I could have learned REAL Kung Fu ....
Cheers,
tang
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: I got accepted
Date: Sun, 08 Apr 2001 12:41:07 GMT
"kctang" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Tom St Denis wrote:
>
> > Yahooooooo!
> >
> > I got accepted to 1 out of the 3 (so far) universities I applied too.
> > Yahooooo!
>
> I wish I could have learned REAL Kung Fu ....
What bearing if any does that have on my original off-topic post? [def'n
irony...?]
Tom
------------------------------
From: Lassi =?iso-8859-1?Q?Hippel=E4inen?= <[EMAIL PROTECTED]>
Crossposted-To: comp.security.misc,talk.politics.crypto
Subject: Re: NSA is funding stegano detection
Date: Sun, 08 Apr 2001 13:16:47 GMT
Frank Gerlach wrote:
>
> "SCOTT19U.ZIP_GUY" wrote:
>
> > I am not so sure its easy to detect. One can easily make a file
> > the length of bytes to match the number of LSB in a picture.
>
> Might be true if the picture is sampled with a lot of noise in the LSBs.
> Otherwise not.
Lots of apparently useless white noise should ring a bell for anyone
looking for stego files...
-- Lassi
------------------------------
From: Charles Lyttle <[EMAIL PROTECTED]>
Crossposted-To: comp.security.misc,talk.politics.crypto
Subject: Re: How good is steganography in the real world?
Date: Sun, 08 Apr 2001 13:57:28 GMT
Frank Gerlach wrote:
>
> >
> >
> > Enigma, Navaho and other WWII encryption techniques would not be
> > secure today.
>
> That's an over-generalized statement. OTP properly applied in WW2 will
> be secure forever, and eben some WW2 hand-codes might still be secure.
> Also, the doctrine "security by obscurity is bad" might not be so true.
> Look at DES or RC4: All spooks around the world had now quite some time
> to look at those very interesting targets. One could argue that this
> long period of cryptanalysis might have produced new methods, which are
> specifically useful against those ciphers. I am pretty sure a future
> generation will look at (3)DES and RC4 in the same way we look at Enigma
> today :-)
Neither DES nor RC4 rely on security by obscurity. Both are published
and can be analyzed.
Using code-talkers (such as the Navaho) has another problem. The
English->Navaho#1->Navaho#2->English translation sequence resulted in
corruption of information. Navajo and English are not one-to-one. Some
English words/concepts do not translate well into Navajo, and some
Navajo words/concepts do not translate well into English. The same is
true of any two languages. Also you never know when the servants have
learned your language.
--
Russ Lyttle
"World Domination through Penguin Power"
The Universal Automotive Testset Project at
<http://home.earthlink.net/~lyttlec>
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: inversion and squaring
Date: Sun, 08 Apr 2001 14:18:08 GMT
The xgcd algorithm can find inverses modulo a composite even if the factors
are not known right?
I was thinking if that's not the case then wouldn't inversion be just as
hard as squaring? You would need to know the factors etc..
Anyways, since that's not the case...
Tom
--
Tom St Denis
---
http://tomstdenis.home.dhs.org
------------------------------
Date: Sun, 08 Apr 2001 17:03:26 +0200
From: Stefan Katzenbeisser <[EMAIL PROTECTED]>
Subject: Re: inversion and squaring
Tom St Denis wrote:
>
> The xgcd algorithm can find inverses modulo a composite even if the factors
> are not known right?
Right.
> http://tomstdenis.home.dhs.org
I just visited your homepage and found your book recommendations.
You really read (parts of) Gheorghe Paun's book on DNA computing in
high school? Wow... So you are an expert in formal languages now ;-)
Best,
Stefan
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: inversion and squaring
Date: Sun, 08 Apr 2001 15:09:29 GMT
"Stefan Katzenbeisser" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Tom St Denis wrote:
> >
> > The xgcd algorithm can find inverses modulo a composite even if the
factors
> > are not known right?
>
> Right.
>
> > http://tomstdenis.home.dhs.org
>
> I just visited your homepage and found your book recommendations.
> You really read (parts of) Gheorghe Paun's book on DNA computing in
> high school? Wow... So you are an expert in formal languages now ;-)
Um no, but I did use the chem part of the text todo a paper for my class.
My paper was more about the chemistry aspect of dna computing then the
abstract computing sense.
The book goes on a wild tangent after the first few chapters. Personally I
think the author forgot what he was talking about 1/2 way thru...
The first few chapters are a good resource though :-)
Tom
------------------------------
From: [EMAIL PROTECTED] (Gerhard Wesp)
Subject: ANN: New Rijndael C++ implementation
Date: 8 Apr 2001 15:21:28 GMT
Reply-To: [EMAIL PROTECTED]
Hi!
I wrote an implementation of the new AES (Rijndael) in C++. The code is
under the GNU Lesser Public License and can be downloaded from
http://www.cosy.sbg.ac.at/~gwesp/sw/rijndael-1.0.tar.gz .
The file size is 632kB, mostly because an extensive set of test vectors is
included.
The README is attached below.
If this software is useful for you, please feel free to download and
test it! I'm looking forward to any comments and suggestions you may
have!
Best regards,
-Gerhard Wesp
========================================================================
A C++ implementation of the Rijndael cipher
Copyright (C) 2001 by Gerhard Wesp <[EMAIL PROTECTED]>.
Written after a C implementation by Mike Scott.
Rijndael is the block cipher adopted by the NIST (www.nist.gov) as the
new AES (Advanced Encryption Standard). It is described on
http://csrc.nist.gov/encryption/aes/rijndael/ .
The code presented here is a C++ implementation of this cipher. It is
not performance tuned, but rather written for human readability and ease
of use. For example, it makes heavy use of STL vectors, both internally
and in the external interface.
The rijndael class
==================
The class is defined in rijndael.h and has the following public members:
typedef unsigned char byte ;
typedef unsigned int word ;
These types MUST be 8 and 32 bits wide, resp. This is the case for
example on the Intel/x86 architecture, and also on Alphas. The
condition is checked in rijndael.cc, compilation aborts if it is not
fulfilled. In this case, please change the definition in the header to
a suitable type!
rijndael( unsigned block_length , std::vector< byte > const& key ) ;
The constructor takes as its arguments the block length (in bits) and
the key. Note that key must have 16, 24, or 32 elements, corresponding
to 128, 192, or 256 key bits.
If block length or key length are illegal, then a std::runtime_error is
thrown.
Note that in the AES draft standard as of March 2001, only 128 bit
data blocks are allowed.
~rijndael() ;
The destructor clears sensitive data (dependent on the key or on any
encrypted blocks) before releasing the memory.
void encrypt( std::vector< byte >& buffer ) const ;
void decrypt( std::vector< byte >& buffer ) const ;
These functions perform encryption or decryption, resp. on buffer and
write the result to buffer. If buffer isn't of the correct size (the
number of bits given in the constructor divided by 8), then a
std::runtime_error is thrown.
Compilation and usage
=====================
You'll need a C++ compiler and library conforming to the ISO standard
14882(1998). I wrote and tested the implementation on an Alpha/Linux
machine with a 2.95.3 prerelease of g++ (the GNU C++ compiler;
gcc.gnu.org) with STLPort-4.0 (www.stlport.org). Other compilers like
Kai, Comeau, Microsoft should work as well.
A Makefile for UNIX-like systems is included, please see its top section
for adjustments in the compiler, optimization and linker flags.
To use Rijndael, you have to include rijndael.h in your application and
link with rijndael.o (which can be compiled by ``make rijndael.o'' or
included in your project).
Validation
==========
The ``validate'' program tests encryption and decryption for a series of
test vectors. The vectors are collected from Brian Gladman's page
http://fp.gladman.plus.com/cryptography_technology/rijndael/ and from
the official Rijndael homepage (see above for the adress).
Only ECB (electronic codebook) mode is checked, since all other modes
are based upon it.
``make all'' compiles and runs the validation program. It takes about
8 minutes on my Alpha, YMMV.
Bugs
----
None are known so far. If you find any, please report them to
[EMAIL PROTECTED] !
Copyright
=========
The code is free and can be freely redistributed. It is placed under
the GNU Lesser Public License, which is included in the file lesser.txt .
Distribution
============
The primary site for this software is
http://www.cosy.sbg.ac.at/~gwesp/ .
Credits
=======
I'd like to thank Mike Scott, the author of the original C version of
this code. Furthermore I'm indebted to the Austrian Science Fund
(project S8303-MAT) for financial support of my work.
--
Afgrnd der Ensparngsmassnhmen bei den Onlne-Kostn ist ab sfort in jedm Wrt
von mhr als dri Buchstabn mindestns ein Vkal wegzlassn.
------------------------------
From: kctang <[EMAIL PROTECTED]>
Subject: Re: I got accepted
Date: Sun, 08 Apr 2001 23:26:28 +0800
Tom St Denis wrote:
> "kctang" wrote .
> > Tom St Denis wrote:
> >
> > > I got accepted to 1 out of the 3 (so far) universities I applied too.
> > > Yahooooo!
> >
> > I wish I could have learned REAL Kung Fu ....
>
> What bearing if any does that have on my original off-topic post? [def'n
> irony...?]
Here at Hong Kong
=================
before 1990, there was a very limited number of high school
places, let alone University places for students. But since
about 1992, there has been an explosive growth in university
places, but as far as I know, still far below than the
corresponding percentage of that in USA.
Now many employers and teachers always say that "Nowadays
University students can't compare with those high school
graduates graduated 10 years ago."
Now returning to USA
====================
It is now 2001 in USA, where TOM is located!
Thank y
ou :-)
tang
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Crossposted-To: comp.security.misc,talk.politics.crypto
Subject: Re: How good is steganography in the real world?
Date: 8 Apr 2001 15:37:40 GMT
[EMAIL PROTECTED] (Joe H Acker) wrote in
<[EMAIL PROTECTED]>:
>
>So no, don't use any publicly available steganography tools in real
>world situations.
>
I have looked at public available tooks just for fun I even
modifed one to extend it. But I consider the one I have currently
moded and the one it was based on as toys. Neither one is good enough
to be used other than for fun.
The reason that neither one is good enough is that if you
want to concel the fact your encrypting which is a large part
of what stego is about. Then you can't make it obvious that
your encrypting. If an enemy know what program you have, Then
by exaiming a few gifs. He can almost be certain that you are
encrypting and that is bad. He may not know what the message is
but he will be justifed in his views that you are using the
encryption.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE "OLD VERSIOM"
http://www.jim.com/jamesd/Kong/scott19u.zip
My website http://members.nbci.com/ecil/index.htm
My crypto code http://radiusnet.net/crypto/archive/scott/
MY Compression Page http://members.nbci.com/ecil/compress.htm
**NOTE FOR EMAIL drop the roman "five" ***
Disclaimer:I am in no way responsible for any of the statements
made in the above text. For all I know I might be drugged or
something..
No I'm not paranoid. You all think I'm paranoid, don't you!
------------------------------
From: [EMAIL PROTECTED] (Mark Wooding)
Subject: Re: SHA PRNG
Date: 8 Apr 2001 15:53:41 GMT
Tom St Denis <[EMAIL PROTECTED]> wrote:
>
> "Volker Hetzer" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > Tom St Denis wrote:
> > > Well I would recommend flushing the prng every so often and espescially
> > > before making long term keys. That way there is less of a risk.
> >
> > Btw, has anybody managed to get Bruce Schneier's Yarrow-paper *with the
> pictures*?
>
> Yarrow is just an example of my 2nd hash mode PRNG (see my original reply).
> In the case of Yarrow they use a block cipher instead of a hash to randomize
> the bianry counter.
Which makes the output very diffferent in character. Since a block
cipher is a permutation, the probability of two successive outputs being
equal is much lower. This allows us to construct distinguishers. This
is a also a good reason not to put the counter for a PRNG in the hash's
IV -- then it really would behave just like a block cipher, and have
this property.
-- [mdw]
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Crossposted-To: comp.security.misc,talk.politics.crypto
Subject: Re: How good is steganography in the real world?
Date: 8 Apr 2001 15:44:53 GMT
[EMAIL PROTECTED] (H C) wrote in <[EMAIL PROTECTED]>:
>
>
>> OK. If you can hide it in the pictures seen on cnn.com, maybe this
>> works. If you have a site which is only visited by people whose only
>> intention is to download covertext...
>
>CNN had an article not too long ago about bin Laden using encryption and
>stego'd images to communicate with cells. They used images at porn
>sites to communicate.
>
>
That a good excuse to look at porn. One can try to decode the message
it may be a combination of the ratio of pussy hair to age or various
other features in the porn itself. Any way thanks Bin now next time
I'm asked about porn viewing I can say I really only looking for
secret messages as to what Bin is up to. Maybe if more people analyzed
pron we can catch Bin. What sites does ole Bin use I hope there free
ones since I don't use the pay ones.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE "OLD VERSIOM"
http://www.jim.com/jamesd/Kong/scott19u.zip
My website http://members.nbci.com/ecil/index.htm
My crypto code http://radiusnet.net/crypto/archive/scott/
MY Compression Page http://members.nbci.com/ecil/compress.htm
**NOTE FOR EMAIL drop the roman "five" ***
Disclaimer:I am in no way responsible for any of the statements
made in the above text. For all I know I might be drugged or
something..
No I'm not paranoid. You all think I'm paranoid, don't you!
------------------------------
Crossposted-To: comp.security.misc,talk.politics.crypto
From: [EMAIL PROTECTED] (Alun Jones)
Subject: Re: NSA is funding stegano detection
Date: Sun, 08 Apr 2001 16:08:10 GMT
In article <[EMAIL PROTECTED]>, Lassi
=?iso-8859-1?Q?Hippel=E4inen?= <[EMAIL PROTECTED]> wrote:
> Lots of apparently useless white noise should ring a bell for anyone
> looking for stego files...
Especially in a picture, where the object is frequently to reduce the noise
in compressing the picture.
Alun.
~~~~
[Note that answers to questions in newsgroups are not generally
invitations to contact me personally for help in the future.]
--
Texas Imperial Software | Try WFTPD, the Windows FTP Server. Find us at
1602 Harvest Moon Place | http://www.wftpd.com or email [EMAIL PROTECTED]
Cedar Park TX 78613-1419 | VISA/MC accepted. NT-based sites, be sure to
Fax/Voice +1(512)378-3246 | read details of WFTPD Pro for NT.
------------------------------
From: [EMAIL PROTECTED] (George Weinberg)
Crossposted-To: comp.security.misc,talk.politics.crypto
Subject: Re: How good is steganography in the real world?
Date: Sun, 08 Apr 2001 16:07:42 GMT
On Sun, 08 Apr 2001 07:48:20 -0400, H C <[EMAIL PROTECTED]> wrote:
>
>
>> OK. If you can hide it in the pictures seen on cnn.com, maybe this works.
>> If you have a site which is only visited by people whose only intention is to
>> download covertext...
>
>CNN had an article not too long ago about bin Laden using encryption and stego'd
>images to communicate with cells. They used images at porn sites to communicate.
>
Yeah, but didn't it turn out that this was based on one part
speculation and three parts total bullshit?
George
------------------------------
From: "Jonas Jakobsson" <[EMAIL PROTECTED]>
Subject: Newbie Qestion:Blockcipher plaintext attack
Date: Sun, 8 Apr 2001 18:11:18 +0200
Hello,
i have tried to get this straight for some time now. Please forgive me if
this is in some faq, that i have missed.
The situation is that 2 parties are communicating with blockcipher (twofish,
possibly in CBC mode). One guy outside is able to know everything that is
inside some of the encrypted blocks that are sent.
Could he determine the secret key?
How much will the situation improve if he knows, for example only one half
of some blocks ?
The twofish implementation that i was going to use encrypted in 128 bit
blocks.
Does that mean that each of these blocks are encrypted without any
connection to other
blocks in, cbc mode?
In other words, if one could know the unencrypted content of one such block,
could the mentioned plaintext attack be possible?
Would pk-encryption, like ECC be a better choice ?
Many thanks !
//Jonas Jakobsson
CS-student, Uppsala University Sweden.
------------------------------
From: "Scott Fluhrer" <[EMAIL PROTECTED]>
Subject: Re: Newbie Qestion:Blockcipher plaintext attack
Date: Sun, 8 Apr 2001 10:02:13 -0700
Jonas Jakobsson <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Hello,
> i have tried to get this straight for some time now. Please forgive me if
> this is in some faq, that i have missed.
>
> The situation is that 2 parties are communicating with blockcipher
(twofish,
> possibly in CBC mode). One guy outside is able to know everything that is
> inside some of the encrypted blocks that are sent.
> Could he determine the secret key?
> How much will the situation improve if he knows, for example only one half
> of some blocks ?
With the current knowledge of attacks on twofish, he can be given the entire
codebook (that is, all 2**128 plaintexts/ciphertext pairs), and the most
efficient attack known is *still* brute-forcing the key, which is infeasible
even with 128 bit keys.
>
> The twofish implementation that i was going to use encrypted in 128 bit
> blocks.
> Does that mean that each of these blocks are encrypted without any
> connection to other
> blocks in, cbc mode?
> In other words, if one could know the unencrypted content of one such
block,
> could the mentioned plaintext attack be possible?
There is no known way.
> Would pk-encryption, like ECC be a better choice ?
ECC would be a better choice depending on the problem you're trying to
solve. If you need to split the key up into a 'public' part and a 'private'
part, where someone with the 'public' part could encrypt data, but only
someone with the 'private' part could decrypt it, then twofish doesn't work
too well, and ECC is a much better choice. However, if both sides share the
same session key, then twofish is far more efficient than ECC, and appears
to be just as secure.
--
poncho
------------------------------
Crossposted-To: comp.security.misc,talk.politics.crypto
From: [EMAIL PROTECTED] (Alun Jones)
Subject: Re: How good is steganography in the real world?
Date: Sun, 08 Apr 2001 17:15:43 GMT
In article <[EMAIL PROTECTED]>, H C <[EMAIL PROTECTED]>
wrote:
> Your "virtual english nation" has some rather interesting beginnings, doesn't?
> Australia
> was originally a penal colony, and the Yanks handed the Brits a 200+ year
> "whoop-ass".
I'd more describe it as British citizens, operating under long-established
British traditions, beat up a bunch of Hessian mercenaries under the command
of a German King.
. . . and then went on to institute an updated copy of the British Magna
Carta as their constitutional underpinning. :-)
> Further, the US was hesitant to engage in WWII, even as the British were on
> the
> brink
> of collapse. I fail to see the "virtual english nation" being born in either
> case.
It is such an interesting interpretation of historical events that leads to
statements that the British are more capable of understanding the Germans,
than they are the Americans. [In the other direction, of course, this is
proven by many British comments on American gun laws - cultural and
historical differences mean that similar legal approaches have vastly
different effects].
Alun.
~~~~
[Note that answers to questions in newsgroups are not generally
invitations to contact me personally for help in the future.]
--
Texas Imperial Software | Try WFTPD, the Windows FTP Server. Find us at
1602 Harvest Moon Place | http://www.wftpd.com or email [EMAIL PROTECTED]
Cedar Park TX 78613-1419 | VISA/MC accepted. NT-based sites, be sure to
Fax/Voice +1(512)378-3246 | read details of WFTPD Pro for NT.
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: patent issue
Date: Sun, 08 Apr 2001 17:17:33 GMT
On Sat, 07 Apr 2001 12:28:08 GMT, "Tom St Denis"
<[EMAIL PROTECTED]> wrote, in part:
>"Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote in message
>news:[EMAIL PROTECTED]...
>> ? Did I mention money? And anyway, what do you have against
>> someone *earning* his keep by inventing useful stuf?
>So you need money to be fulfilled?
Most of us need money to be filled, never mind fulfilled.
More to the point: why shouldn't people who can invent useful stuff do
*that* as their day job, instead of in their spare time from an
ordinary job? That way, there will be a lot more useful stuff getting
invented.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: "Jonas Jakobsson" <[EMAIL PROTECTED]>
Subject: Re: Newbie Qestion:Blockcipher plaintext attack
Date: Sun, 8 Apr 2001 19:39:11 +0200
Ok, thanks !
Now i understand it
//Jonas
"Scott Fluhrer" <[EMAIL PROTECTED]> wrote in message
news:9aq65f$vg7$[EMAIL PROTECTED]...
>
> Jonas Jakobsson <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > Hello,
> > i have tried to get this straight for some time now. Please forgive me
if
> > this is in some faq, that i have missed.
> >
> > The situation is that 2 parties are communicating with blockcipher
> (twofish,
> > possibly in CBC mode). One guy outside is able to know everything that
is
> > inside some of the encrypted blocks that are sent.
> > Could he determine the secret key?
> > How much will the situation improve if he knows, for example only one
half
> > of some blocks ?
> With the current knowledge of attacks on twofish, he can be given the
entire
> codebook (that is, all 2**128 plaintexts/ciphertext pairs), and the most
> efficient attack known is *still* brute-forcing the key, which is
infeasible
> even with 128 bit keys.
>
> >
> > The twofish implementation that i was going to use encrypted in 128 bit
> > blocks.
> > Does that mean that each of these blocks are encrypted without any
> > connection to other
> > blocks in, cbc mode?
> > In other words, if one could know the unencrypted content of one such
> block,
> > could the mentioned plaintext attack be possible?
> There is no known way.
>
> > Would pk-encryption, like ECC be a better choice ?
> ECC would be a better choice depending on the problem you're trying to
> solve. If you need to split the key up into a 'public' part and a
'private'
> part, where someone with the 'public' part could encrypt data, but only
> someone with the 'private' part could decrypt it, then twofish doesn't
work
> too well, and ECC is a much better choice. However, if both sides share
the
> same session key, then twofish is far more efficient than ECC, and appears
> to be just as secure.
>
> --
> poncho
>
>
>
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
