Cryptography-Digest Digest #123, Volume #14 Wed, 11 Apr 01 07:13:00 EDT
Contents:
Re: Concerning United States Patent 4979832 (Dynamic Substitution) ("Greg Ofiesh")
Re: Current best complexity for factoring? (Bryan Olson)
Re: SHA PRNG (those who know me have no need of my name)
Re: WANTED: Voice Encryption and Telephony Consultant (Ken Savage)
Re: How good is steganography in the real world? ("Trevor L. Jackson, III")
Re: Link Level Encryption System ("Trevor L. Jackson, III")
Re: Dynamic Substitution Question ("Trevor L. Jackson, III")
Re: Current best complexity for factoring? (=?Windows-1252?Q?Claus_N=E4veke?=)
Re: Current best complexity for factoring? (Samuel Paik)
Re: Steganography with natural texts ("John A. Malley")
Re: Spam Message Stegano ("Douglas A. Gwyn")
Polymorphic encription ("dexMilano")
Re: How secure is AES ? (Paul Crowley)
Derived Key Generation (pjf)
Re: How secure is AES ? ("dexMilano")
Re: Steganography with natural texts (Mok-Kong Shen)
Re: Any positions in cryptography available? (Dave Aronson at att dot net)
Re: Steganography with natural texts (Joe H Acker)
Re: Derived Key Generation ("dexMilano")
----------------------------------------------------------------------------
From: "Greg Ofiesh" <[EMAIL PROTECTED]>
Subject: Re: Concerning United States Patent 4979832 (Dynamic Substitution)
Date: Tue, 10 Apr 2001 19:55:03 -0700
"Mok-Kong Shen" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
>
>
> John Savard wrote:
> >
> [snip]
> > Dynamic Substitution operates by taking a table, and modifying that
> > table directly by an operation on its entries. Replacing an individual
> > entry, adding or XORing a quantity with an entry, or exchanging that
> > entry with another entry are possibilities. This allows any possible
> > arrangement of the table to be reached, and therefore has an effect
> > different from merely producing an effective table from a fixed table
> > and an operation with a varying quantity such as XOR or addition.
>
> Yes. In my understanding, being allowed to modify the
> content of a table certainly means having more freedom
> (possibility of doing things) than keeping the table
> fixed. It is in my opinion feasible, though, in many cases
> to 'approximate' the benefit of a dynamically varying
> table with a (sufficiently, eventually much) larger table.
> I have discussed an example situation in another thread.
> That is, if having a large (under circumstances huge)
> fixed table isn't a problem, then the chance of
> (approximately) working around the patent may be
> pretty good.
>
> M. K. Shen
Do you mean using a larger table as in a large master table that you use a
smaller sub table from, and which sub table is a choice of index? (e.g.-
how many 4x4 tables are found in a 40x40 table? 1600 4x4 tables if you wrap
the edges.)
------------------------------
From: Bryan Olson <[EMAIL PROTECTED]>
Subject: Re: Current best complexity for factoring?
Date: Tue, 10 Apr 2001 20:05:42 -0700
Gunnar Andersson wrote:
> The general number field sieve has a conjectured complexity of
> O(e^(c*(logn)^(1/3)*(loglogn)^(2/3)) for an n-bit number; c is a
> constant.
In that expression "n" stands for the integer to be factored,
not the length.
--Bryan
------------------------------
From: [EMAIL PROTECTED] (those who know me have no need of my name)
Subject: Re: SHA PRNG
Date: Wed, 11 Apr 2001 03:36:19 -0000
<9at9qc$25j$[EMAIL PROTECTED]> divulged:
>Perhaps You know where can I find on the web the description of SHA PRNG or
>the source code for it ( I mean not for SHA but SHA prng :) where this
>algotithm is used :.
#!/usr/bin/perl
## perl is a pig, but that can be handy sometimes.
use Crypt::Random qw( makerandom );
use Digest::SHA1 qw( sha1_hex );
my $r = makerandom ( Size => 256, Strength => 1 );
my $c = 1;
while( 1 ) {
print sha1_hex( $r . $c++ ).'\n'; #simple, non-binary, concatenation
}
--
okay, have a sig then
------------------------------
From: Ken Savage <[EMAIL PROTECTED]>
Subject: Re: WANTED: Voice Encryption and Telephony Consultant
Date: Wed, 11 Apr 2001 03:44:14 GMT
MrDbol wrote:
>
> hi,
>
> I would like to implement a new communications infrastructute in my company. I
> would like to receive calls in New York and physically forward them (using
> hardware) to France. This process must also undergo voice encryption.
>
> Scenario:
>
> A client calls 212-333-3333. The call is received, encrypted, and forwarded to
> the pre-programmed # in France. The call is then decoded in France and a secure
> communication channel is achieved. I would like a system that can handle 100
> calls at the same time.
>
> I am awaiting your response. I need this system implemented asap.
Isn't cryptography restricted/illegal in France?
Ken
------------------------------
From: "Trevor L. Jackson, III" <[EMAIL PROTECTED]>
Crossposted-To: comp.security.misc,talk.politics.crypto
Subject: Re: How good is steganography in the real world?
Date: Wed, 11 Apr 2001 04:13:29 GMT
Marc wrote:
> Or one has to go up from micro to macro and generate artifical images that
> pass through a filter that adds the typical desired characteristics
> (and even if this means to print out at high resolution and then
> grab with the cam). In the case of a web cam claiming to point to a
> crowded place, the information could be encoded in the cloth color and
> position of the people visible.
But a sequence of such pictures should share the transform function of the
sensor. Essentially the CCD matrix has variations in both color and
brightness sensitivity. So a sequence of pictures taken with the same camera
should all have the same sensitivity pattern. If the pattern is missing then
the pictures have been diddled.
------------------------------
From: "Trevor L. Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: Link Level Encryption System
Date: Wed, 11 Apr 2001 04:14:55 GMT
Latyr Jean-Luc FAYE wrote:
> Hi every body
>
> I ve been given the following assignment in college.
> I've done the work but I would like to submit it here first and have your
> wise opinion.
> I've used the classical combinaison DES/RSA
> But I wonder if something like AES/Diffie-Hellman wouldn't be better.
> But AES/DH could be more secure but more difficult to implement.
> Any comments or suggestions to improve this work will be welcomed.
>
> Regards
>
> Jean-Luc
>
> Subject :
>
> Functional Design of Link Level Encryption System
> Devellop an short functional specification of a system wich will provide
> secure transmission over ethernet between two nodes. The report should
> discuss the overall approach proposed including whether conventional
> encryption or public key techniques, or a combinaison of both are used. The
> document should include an analysis of th following aspects of the proposed
> system :
> a) Overall architecture of the system
> b) The problem of key generation/management
> c) Special computationnal requirement
> d) Generation of random numbers that might be requiered
> e) Overall security of the system and any possible points of weakness
Search the web for IPSec.
------------------------------
From: "Trevor L. Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: Dynamic Substitution Question
Date: Wed, 11 Apr 2001 04:17:29 GMT
newbie wrote:
> Did you studied it?
> You have just to try to implement DS, to compute it and to see the real
> results.
I have.
>
> Not what Ritter is claiming.
My implementation did. Perhaps your implementation is busted.
>
> You will find that OTP even if used with bad PRNG is better.
No.
>
> Test it.
I did. It worked.
------------------------------
From: =?Windows-1252?Q?Claus_N=E4veke?= <[EMAIL PROTECTED]>
Subject: Re: Current best complexity for factoring?
Date: Wed, 11 Apr 2001 08:24:22 +0200
"Scott Fluhrer" <[EMAIL PROTECTED]> schrieb im Newsbeitrag
news:9b0cpb$rpo$[EMAIL PROTECTED]...
>
> Normally, when you create an RSA private/public keypair, you select
the
> primes, the public exponent, and then use that to form the public
key.
> Since you are the one selecting the primes, you get to chose their
relative
> sizes.
How are these primes generated? I thought they are too big for doing
math-operations with them...
Claus
------------------------------
From: Samuel Paik <[EMAIL PROTECTED]>
Subject: Re: Current best complexity for factoring?
Date: Wed, 11 Apr 2001 06:37:36 GMT
Claus N�veke wrote:
> How are these primes generated? I thought they are too big for doing
> math-operations with them...
The second question first. Use multi-word computations--limit is only
memory and time.
Generally, pick random odd n-bit number (this means the high order
bit and low order bit are set to 1 and the rest of the bits are chosen
randomly). Test for probabilistic primality. If not prime, increment by 2
and go to test, otherwise, accept as prime. [Improvement: compute
remainders modulo first m prime numbers. If any remainders are 0, you can
skip primality test and go to next odd number immediately--and update
remainders]
--
Samuel S. Paik | [EMAIL PROTECTED]
3D and digital media, architecture and implementation
------------------------------
From: "John A. Malley" <[EMAIL PROTECTED]>
Subject: Re: Steganography with natural texts
Date: Wed, 11 Apr 2001 00:10:04 -0700
Mok-Kong Shen wrote:
>
> "John A. Malley" wrote:
> >
> {snip]
> > The characteristics of the written text modulated for steganography must
> > not be required to understand it. Look for the equivalent of the "noise"
> > in the text - what is in the text that we ignore when it comes to
> > understanding it but is always present in the text. That is the likely
> > candidate for steganographic modulation.
> >
> > I'm at a loss to point to anything in the larger structures of text
> > (like paragraphs of sentences and the development of an
> > idea/theme/argument/message in succeeding paragraphs) that is "noise"
> > and could be modulated without affecting the ability to understand the
> > text.
>
> From a global standpoint, consider the case where pupils
> in school write compositions on the same theme set by
> their teacher. Neglecting the obvious fact that the ideas
> put down by the individual pupils are not entirely
> identical, doesn't this indicate that in principle one
> and the same idea can be written in a number of different
> ways (formulations) and that these are all entirely
> 'natural'? There is also the paraphrasing work, i.e.
> rewriting an article into another style of literature.
> I suppose that such results can also be regarded as
> 'natural' (with respect to the competency of the pupil).
> On the smaller scale, I think it is reasonable to
> consider that paragraphs and sentences can also be
> individually rewritten, without incurring anything
> 'unnatural', provided that proper effort is done.
I agree with your example, many of us in our "Blue Book" days (or, for
some, "daze" ) wrote expositions on a theme selected by our
teacher/professor in an effort to argue a point. We all argued
differently in choice of words.
Yet for a given theme we all (or rather, those that passed the exam :-)
) argued the point using one or another "algorithm" defined in
Classical Rhetoric. The strategic pattern(s) of a successful argument
remain(s) invariant across those Blue-Books. All of us Euro-centric
culture-types are consciously or unconsciously influenced by Aristotle's
teachings on writing and debate -
http://www.public.iastate.edu/~honeyl/Rhetoric/oneindex.html
Over a thousand years of Classical education stressed his work and
pounded his methods into our collective cultural backgrounds, societies
and politics. And the wash of European cultures over the globe in the
past 500 years introduced/innoculated these patterns of debate, argument
and communications in many other peoples.
Shoot, there's even a collection of rhetorical patterns for technical
writing : http://www.ecf.toronto.edu/~writing/rhetoric.htm
Each of these rhetorical "algorithms" impose long-range order on the
total structure and content of a text (i.e introduction, statement of
argument, comparisons, contrasts, summary.) Rearranging or altering
these long-range dependencies through steganographic modulation *should*
be readily apparent to the casual observer. There isn't much "noise" or
"random" variation normally in the structure of rhetoric so these
structures act as poor carriers for a steganographic signal.
> Certainly, in my proposed scheme one is constrained to
> change a word selected by the software to another one
> among a rather limited set of words offered that
> presumably (though often not exactly) have the same
> meaning. That naturally is not without consequences.
> However, I don't think that that constraint is severe
> enough to lead to unnatural characteristics of the
> sentences in general. (Note that one can, if needed,
> also replace an entire sentence (even by one that is
> different in meaning) such that one is afterwards
> likely to have other (different) words that need to be
> replaced.) It may not always be easy to prevent some
> slight degradation of (literature) quality. Note on
> the other hand that the result of paraphrasing an
> article of a well-known author is also almost certainly
> of a lower quality then the original. Isn't that piece
> of text a very 'natural' writing of the pupil concerned,
> provided that he has well assimilated the thoughts of
> the original author and has done the work properly?
Yes, at this level in the structure of a text there is more variation,
different words or phrases in the same sentence can convey the same
meaning. Yet - there are some 61 different rhetorical patterns employed
in English text:
http://www.virtualsalt.com/rhetoric.htm
These patterns relate the choice of words and phrases in the current
sentence to previous and following sentences (in one or more paragraphs,
for example.) These patterns appear throughout the Indo-European
speaking world as the tactics of rhetoric.
Any well-written text uses some subset of these sixty-one rhetorical
devices. Again we see long-range order in the text, this time across
sentences, order relating the choice of words in subsequent or previous
sentences to the words in the current sentence.
The modulation of sentence word choices in any given sentence cannot
interfere with the intelligibility of the rhetorical devices linking
word choices across sentences in the text or the steganographic message
is revealed. (Take a look at the variety of those devices in the
referenced web page! )
> Thus I continue to think that my proposal should be
> practically feasible, though I must admit that it
> apparently incurs much effort and demands sufficiently
> good literature competency and therefore cannot be
> recommended for transmitting large volumes of
> informations bits.
This steganographic method may be (just a hunch - no hard analysis yet)
not as easy as it seems at first blush.
Maintaining understandable rhetorical devices in the text (to prevent
modulation detection) may prove difficult and may place a (serious?)
crimp on the proposed steganographic channel's bandwidth.
John A. Malley
[EMAIL PROTECTED]
P.S. These structures (rhetoric "algorithms" and rhetorical devices) can
also aid cryptanalysis of ciphers.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Spam Message Stegano
Date: Wed, 11 Apr 2001 07:27:06 GMT
Frank Gerlach wrote:
> Just a few weeks ago some very severe flaws were discovered in a very
> crucial part of the Internet Infrastructure (the BIND server). This
> piece of source code had been in the public for *years* !
? BIND has had more security flaws found in it over the years than
any other piece of software with the possible exception of sendmail.
------------------------------
From: "dexMilano" <[EMAIL PROTECTED]>
Subject: Polymorphic encription
Date: Wed, 11 Apr 2001 11:45:02 +0200
I think this could be an interesting thread:
http://www.securitywatch.com/newsforward/default.asp?AID=6827
dex
------------------------------
Subject: Re: How secure is AES ?
From: Paul Crowley <[EMAIL PROTECTED]>
Date: Wed, 11 Apr 2001 09:46:45 GMT
[EMAIL PROTECTED] (Marc) writes:
> >The best attack against 128-bit Rijndael breaks 7 rounds with 2^120
> >work and very nearly the entire codebook (2^128 - 2^119 chosen
> >plaintexts).
>
> Wouldn't an attack be called 2^128 when I need to choose 2^128 plaintexts?
> After all, this too is an operation and not "free".
It's measured as work roughly equivalent to trying 2^120 keys in a
brute force attack. We don't charge the work of actually generating
the ciphertexts against the attacker's account...
--
__ Paul Crowley
\/ o\ [EMAIL PROTECTED]
/\__/ http://www.cluefactory.org.uk/paul/
------------------------------
From: [EMAIL PROTECTED] (pjf)
Subject: Derived Key Generation
Date: Wed, 11 Apr 2001 10:04:46 GMT
Greetings.
I'm putting together a little cryptography library based on publicly
available algorithms. One of the features I want to include, in
addition to random key generation for the Symmetric Algorithm, is
Derived Key Generation - The user enters some value, and the same key
is always generated for a given input data.
I was going to use a One Way Hash (SHA1) to ensure that the input
value always generates the same key, but I'm faced with the problem
that SHA outputs a 160 bit digest, while my Symmetric Keys have to be
56 bits (silly export regs).
If I simply truncate (or mod) the 160 bits to 56 bits, will I run into
lots of collisions between different input values? Is there a better
way to reduce the SHA output to a 56 bit value that will not
significantly lower the entropy so that it is actually less than 56
bits? Are there things I absolutely should not do?
Thanks in advance.
-pjf
--
[EMAIL PROTECTED]
http://www.staticengine.com
Developer, Know Wonder Inc.
Musician, Static Engine
---
Digital Certificates provide no actual security for
electronic commerce; it's a complete sham.
-Bruce Schneier, Secrets & Lies
====== Posted via Newsfeeds.Com, Uncensored Usenet News ======
http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
======= Over 80,000 Newsgroups = 16 Different Servers! ======
------------------------------
From: "dexMilano" <[EMAIL PROTECTED]>
Subject: Re: How secure is AES ?
Date: Wed, 11 Apr 2001 12:07:06 +0200
This the theory of BF attack.
If this is the only approach and the number of possibility is so great
(2^128 ~ 3.5 e38) I think the cipher can be considered safe.
"Paul Crowley" <[EMAIL PROTECTED]> ha scritto nel
messaggio
news:[EMAIL PROTECTED]...
> [EMAIL PROTECTED] (Marc) writes:
> > >The best attack against 128-bit Rijndael breaks 7 rounds with 2^120
> > >work and very nearly the entire codebook (2^128 - 2^119 chosen
> > >plaintexts).
> >
> > Wouldn't an attack be called 2^128 when I need to choose 2^128
plaintexts?
> > After all, this too is an operation and not "free".
>
> It's measured as work roughly equivalent to trying 2^120 keys in a
> brute force attack. We don't charge the work of actually generating
> the ciphertexts against the attacker's account...
> --
> __ Paul Crowley
> \/ o\ [EMAIL PROTECTED]
> /\__/ http://www.cluefactory.org.uk/paul/
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Steganography with natural texts
Date: Wed, 11 Apr 2001 12:06:56 +0200
"John A. Malley" wrote:
>
[snip]
> This steganographic method may be (just a hunch - no hard analysis yet)
> not as easy as it seems at first blush.
>
> Maintaining understandable rhetorical devices in the text (to prevent
> modulation detection) may prove difficult and may place a (serious?)
> crimp on the proposed steganographic channel's bandwidth.
Thank you very much for your comments and the number
of pointers. Yes, different cultures with the corresponding
educations have significant footprints on the thought and
writings of people. Religion and family and the circle
of friends also have influence. Immigrated foreigners
often retain much of their 'mentality', though some more
others less in the course of passage of time. In principle
there is therefore possibility of detection of personal
characteristics from writings, if sufficient effort and
resources are available and the writings are 'original'
from the person (i.e. without modifications). On the other
hand, the modification in my proposal may be regarded sort
of intentional 'simulation' of oneself, i.e. seeking to
have another good (best possible, though different)
'formulation' of a sentence that one has already
'naturally' issued. From this viewpoint, I think that
the task is well feasible to be done sufficiently right,
given the required effort and literature competency etc.
An analogy is theater plays, where actors 'simulate'
persons in the stories. Good actors could render the scene
quite 'real'. I admit that such high quality simulation
is difficult. You are certainly right in pointing out
that it is not easy to do the stego in the way I suggested.
It's indeed sort of an art. Good performance will
definitely demand efforts and certain minimum of talents.
M. K. Shen
------------------------------
From: Dave Aronson at att dot net <[EMAIL PROTECTED]>
Subject: Re: Any positions in cryptography available?
Date: Wed, 11 Apr 2001 10:38:11 GMT
I missed the original post (and am too lazy to go look it up), so forgive me
if this is not suitable, but....
Cryptek Secure Communications (http://www.cryptek.com) needs some Software
Engineers in Chantilly VA (soon moving to Sterling VA). The main need right
now is people experienced in writing Windows device drivers, but it seems to
me (in the whole week and a half I've worked there so far) that even if
hired for that reason, you may get to work on cryptography, and other
aspects of computer security. (Not to mention embedded software -- even if
you haven't before, unlike most advertised embedded positions.)
If you want to go for it, send your resume to me, and I'll submit it to the
software manager. Send it to daronson at cryptek dot com (sorry for the
munge, blame the @#$%^&* spammers), NOT the address in the From line (which
is slow and less reliable and can't handle attachments).
(Disclosure: yes, I do get a bounty if you're hired.)
--
Dave Aronson, Sysop of AirNSun free public Fidonet BBS @ +1-703-319-0714
The above opinions are MINE, ALL MINE, but for rent at reasonable rates.
------------------------------
From: [EMAIL PROTECTED] (Joe H Acker)
Subject: Re: Steganography with natural texts
Date: Wed, 11 Apr 2001 12:44:11 +0200
Mok-Kong Shen <[EMAIL PROTECTED]> wrote:
> The material that is normally transmitted has certain
> "observable statistical properties" (which presumably
> means all statistical properties that can be assumed
> to be discernable by the opponent). The modified
> stuff, in which the message bits are concealed, should
> have 'exactly' the same properties.
Yes, that's the point. But I think, the secret message may not change
the statistical properties of the carrier channel, not only these of one
particular signal in the carrier channel. Otherwise the steganography
would be broken if more than one secret message was sent.
> (1) As you said, the definition of "observable statistical
> properties" is crucial. Statistics is a very well
> developed branch of mathmatics but crypto concerns it
> only marginally. Are the statistical properties
> commonly discussed in textbooks (and apparently
> applicable to bit sequences) all that we need or
> do we have to dig deeper into the ensemble of
> literatures of statistics and probability, which
> is huge? Are we sure that we haven't missed something
> that belongs to the opponent's (larger) set of the
> said properties?
That's a big problem in practise, but it's not a problem in theory. We
have a very similar problem in cryptography when we cannot exclude that
the adversary knows new mathematical breakthroughs in cryptanalysis. The
adjective "observable" can and probably should be ommitted in the
theoretical approach I am looking for. In practise, of course, it
matters a lot.
> (2) Is it at least possible in theory to obtain 'exactly'
> the same "observable statistical properties"? Any
> rigorous proof? If not (or if yes but in practice
> not), what is the maximal measure of deviations that
> can be tolerated for having a 'secure' system?
That's a very interesting question, perhaps the most important one in
applied steganography. I believe that in theory, a rigorous proof can be
made for various carrier and steganographic systems. Take the random
noise/OTP steganography. It can be proven to be an optimal
steganographic encoding because the both the noise and the secret
message are random. As far as I can see, there's an indefinite number of
carrier system/stego system combinations that can be proven to be OSEs
as well, but unfortunately, they are quite artificial in nature. Take
for example:
carrier symbols: {a,b,c,d}
redundancy of the carrier system: {c,d} are perfect synonyms
relative probability of occurance of {c,d}: c and d occur with a
probability of 1/2 and if c occurs, d must not occur and vice versa
The OSE is obvious, you need a random key of the length of the secret
message to choose between c and d. Now suppose c would occur 2/3 of all
times and d just 1/3. Still you can find an OSE. I'd base a theoretical
notion of optimal steganographic encoding on artificial systems like
that in general.
> (3) Presumably we need to examine the statistical
> properties not only in 1-bit units but also in n-bit
> units. What is the range of n that we need to
> consider? (We certainly couldn't have an arbitrarily
> large range for reasons of practical computation.)
Yep, another big problem. If signals of the carrier system are limited
in length, this might be solvable, otherwise presumably not. But before
this can be tackled, there must be a theoretically well-founded notion
of an optimal steganographic encoding, that's my point. Once this has
been found, precised and written down, it is the aim of applied
steganography to derive less theoretical but more practical guidelines
for finding good encodings based on observation of the carrier system.
Unfortunately, I don't feel skilled enough at information theory to
write such a paper, and I also didn't find any references about
steganography in the above sense. And from the feedback on my posts to
this newsgroup, I have the impression that most people (excluding you)
are not interested in these ideas.
Regards,
Erich
------------------------------
From: "dexMilano" <[EMAIL PROTECTED]>
Subject: Re: Derived Key Generation
Date: Wed, 11 Apr 2001 12:56:13 +0200
Intersting approach.
I've the same problem, I want to derive a long kay, starting from a simple
key.
I'm trying this:
devide the derived key in 2 part (for example, if you nedd 56: 48 bit + 8
bit)
- take the first part as it is
- take the remaining part of the derived key (in this case last 160-48bit)
and calculate a parity byte with some mechanism.
- add the parity byte to the first bit.
This approach let you have the second part of the key that is based on bits
you can't use.
Obviusly it's not unique (you cant keep X bit information with Y bit where
X>Y and no redodancy) but it cuold be relatively useful.
I've a question for you, have you tried other algorithm instead of SHA1?
dex
"pjf" <[EMAIL PROTECTED]> ha scritto nel messaggio
news:[EMAIL PROTECTED]...
> Greetings.
>
> I'm putting together a little cryptography library based on publicly
> available algorithms. One of the features I want to include, in
> addition to random key generation for the Symmetric Algorithm, is
> Derived Key Generation - The user enters some value, and the same key
> is always generated for a given input data.
>
> I was going to use a One Way Hash (SHA1) to ensure that the input
> value always generates the same key, but I'm faced with the problem
> that SHA outputs a 160 bit digest, while my Symmetric Keys have to be
> 56 bits (silly export regs).
>
> If I simply truncate (or mod) the 160 bits to 56 bits, will I run into
> lots of collisions between different input values? Is there a better
> way to reduce the SHA output to a 56 bit value that will not
> significantly lower the entropy so that it is actually less than 56
> bits? Are there things I absolutely should not do?
>
> Thanks in advance.
>
> -pjf
>
> --
> [EMAIL PROTECTED]
> http://www.staticengine.com
> Developer, Know Wonder Inc.
> Musician, Static Engine
> ---
> Digital Certificates provide no actual security for
> electronic commerce; it's a complete sham.
> -Bruce Schneier, Secrets & Lies
>
>
>
> -----= Posted via Newsfeeds.Com, Uncensored Usenet News =-----
> http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
> -----== Over 80,000 Newsgroups - 16 Different Servers! =-----
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
