Cryptography-Digest Digest #137, Volume #14 Fri, 13 Apr 01 21:13:00 EDT
Contents:
Re: Comment on SafeBoot's RC5 algorithm (Lawrence Kirby)
Re: Graphical representation of a public key (or fingerprint)? ("Paul Pires")
Re: Can this be done? ("Joris Dobbelsteen")
Re: NSA-Endorsed Schools have a Mediocre Internet Presence (Doug Stell)
Re: Graphical representation of a public key (or fingerprint)? (James Day)
Re: NSA-Endorsed Schools have a Mediocre Internet Presence (Mok-Kong Shen)
Re: How good is steganography in the real world? (wtshaw)
Re: Black & white .gifs? (wtshaw)
Re: XOR TextBox Freeware: Very Lousy. ("Douglas A. Gwyn")
Re: Black & white .gifs? (wtshaw)
Re: _"Good" school in Cryptography ("was" I got accepted) (David A Molnar)
please comment (Yechuri)
Re: please comment ("Tom St Denis")
Re: Big Number (Mark Wooding)
Re: please comment (Darren New)
Re: please comment ("Tom St Denis")
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Lawrence Kirby)
Subject: Re: Comment on SafeBoot's RC5 algorithm
Date: Fri, 13 Apr 2001 16:22:40 GMT
Reply-To: [EMAIL PROTECTED]
In article <KoGz6.46630$[EMAIL PROTECTED]>
[EMAIL PROTECTED] "Tom St Denis" writes:
>
>"Lawrence Kirby" <[EMAIL PROTECTED]> wrote in message
>news:[EMAIL PROTECTED]...
>> In article <[EMAIL PROTECTED]> [EMAIL PROTECTED] "Marc"
>writes:
>>
>> >>cipher-block-chaining based on the sectors. The raw alg works at about
>> >>400MB/s (yes, 400 megabytes of data per second) on a 1ghz athelon in
>> >>W32.
>> >
>> >The interesting thing is that my P3-800 FSB133 does hardly even read
>> >more than 110 MB/s from RAM.
>>
>> My old 200Mhz Ppro with EDO memory can manage up to about 250MB/sec
>> reading from memory so there is something very wrong there. :-) 133Mhz
>> SDRAM can manage about 1GB/sec and you should be able to realise at
>> least 700-800MB/sec reading, sometimes more.
>
>If you can read real data at 800mb/sec then you're a god. Contrived
>bandwidth tests are of theoretical interest only.
It depends, the actual test consisted of code that performed 1 read per cache
line in order to test memory performance. Code that does something simple
with the data should be able to manage this sort of performance using the
PIII's prefetch instructions so it should be quite possible for some forms
of hand-optimised code.
>My IDE hd is supposed to read >40MB sec too but I only really get about
>10MB/sec max during a read/seek test.
If you are using a benchmark that isn't measuring just transfer rate
you aren't going to get a figure that indicates just the transfer rate.
:-)
--
=========================================
Lawrence Kirby | [EMAIL PROTECTED]
Wilts, England | [EMAIL PROTECTED]
=========================================
------------------------------
From: "Paul Pires" <[EMAIL PROTECTED]>
Subject: Re: Graphical representation of a public key (or fingerprint)?
Date: Fri, 13 Apr 2001 13:13:01 -0700
Trevor L. Jackson, III <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Paul Pires wrote:
>
> > Mok-Kong Shen <[EMAIL PROTECTED]> wrote in message
>news:[EMAIL PROTECTED]...
> > >
> > >
> > > John Myre wrote:
> > > >
> > >
> > > > I like this, but I'm not sure one face is enough. It only takes 33
> > > > bits or so to count every human face there is, and clearly some faces
> > > > look pretty much alike. (Granted, the humans that exist don't span the
> > > > potential faces. But the order-of-magnitude problem still exists.)
> > >
> > > I am interested in the fact that a human face could be
> > > characterized by as few as some thirty bits. Could you
> > > please give a reference? Thanks.
> >
> > I believe he said "33 bits to count" This is far different
> > than "33 bits to represent" 2^33 ~ 8.6 billion. Do we have
> > 8.6 billion souls on this rock?
> >
> > Anyway, I think it was a stab at setting an upper bound on
> > the keyspace size that that humans could probably discriminate
> > within. I don't think it had to do with the complexity of faces.
>
> There's a hidden reliability problem here. It comes in two forms. The first form
>is the
> repeatability of recognizing a pattern that is or is not valid. A simpler example
>is recognizing
> colors. Humans can discriminate about 100,000 distinct colors in that they can tell
>them apart.
> But, this does not mean one can relibably encode ~17 bits of information within a
>single color
> sample. Think what you ate/drank/said/did/heard last night "colors" your perception
>of the world?
> Then the colors you see today won't match the colors you saw yesterday.
>
> The second form is the transitivity of the pattern recognition. One persons ability
>to discriminate
> faces or colors may have the same size as anothers, but the sets of recognizable
>patterns may not be
> congruent.
Another point to remember. Subtle recognition of color, hue, taste, smell and texture
do not line
up reliably with the higher functions of communication an analysis. Many times someone
can spot a
difference that cannot be described or related. I personally have a color recognition
problem.
Lay out a number of shades and I can discriminate enough to arrange them in spectral
order but
give me one shade and I will invariably call it green when it is mostly blue and vice
versa. This
part of the brain works peculiarly and it plays weirdly with other parts of the brain.
I can correctly
identify by hand but not by speach. Must be some left brain-right brain stuff.
Paul
>
>
------------------------------
From: "Joris Dobbelsteen" <[EMAIL PROTECTED]>
Subject: Re: Can this be done?
Date: Fri, 13 Apr 2001 22:56:22 +0200
You can already with S/MIME (as a simple example)...
RSA has to key pairs: public pair and private pair.
A message can be enciphered with RSA using the public pair and deciphered
with the private pair, but also otherwise (simple math will explain).
So you create a hash and sign it with the PRIVATE key. Anyone can decipher
the has with the public key, but nobody will be able to sign a altered hash,
because they don't know the private key.
Proof:
n = p*q ;;; p and q are both different primes
c = m**e mod n
m = c**d mod n
d*e mod (p-1)(q-1) = 1
m**(d*e) = m**1 = m
There are better descriptions how RSA works, and why this above is true and
works, but this is just a simple sheme about RSA that already explains some.
There is good literature.
Key pairs are: (e,n) and (d,n). Factoring n into p and q seemed to be
computionally infeasable, if the numbers are big enough...
As you can see, it doesn't matter which key pair you use to encipher the
message, you can only decipher with the other. Taking into account that one
pair is known by everybody on the planet, you just have to decide with key
pair to use to encipher...
- Joris
John Saverd, I enjoyed your web site, however, maybe that you should
simplify your description on how RSA works. I wasn't able to figure it out
there (probably through my math isn't developed that much and I'm just
getting some simple math at school)...
"Julian Morrison" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Here's a scenario:
>
> Alice sends messages to Bob. The messages are sent in clear, but Alice
> includes a "check hash" with each message that allows Bob to ascertain
> that (1) the message matches its hash, and (2) all the messages were
> generated by someone who knew some unspecified secret, said secret being
> provably the same for all the mesages.
>
> HOWEVER, Bob does not know this secret, he and Alice do not exchange any
> information (the flow of data is solely from Alice to Bob), nor can he nor
> anyone else listening in determine this secret. And, no-one without the
> secret can forge new hashes that falsely seem to have been created by
> Alice.
>
> The result being: all the messages are proven to come from the same place,
> despite that place remaining anonymous.
>
> Can this be done? If so, how?
>
> --
> I like e-gold. Pay for goods in real gold, with zero financial risk.
> This link ( http://www.e-gold.com/e-gold.asp?cid=281798 ) takes you to
> their site and shows me as the introducer if you open an account.
------------------------------
From: [EMAIL PROTECTED] (Doug Stell)
Subject: Re: NSA-Endorsed Schools have a Mediocre Internet Presence
Date: Fri, 13 Apr 2001 20:58:04 GMT
On Fri, 13 Apr 2001 11:48:08 +0200, Frank Gerlach <[EMAIL PROTECTED]>
wrote:
>To clarify my previous statement that the UKUSA spooks are the best in
>cryptography, ...
Keep in mind that they know everything that the academics know. They
know more and don't tell the academics. The gap may be closing, but
the playing field isn't level, due to the lack of bi-directional flow
of information. However, the flow of information isn't as
uni-directional as it was in the past.
>"National INFOSEC Education & Training Program" schools is definitely
>sub-standard.
This program is not what you are expecting it to be. The emphasis is
on prevention in equipment that you build. I have one of these guys on
my program and he doesn't need to know and doesn't know the kind of
stuff that you are expecting from this program.
>The NSAGCHQ school I was referring to are quite probably top-secret
>courses for math graduates, ...
Attacking fielded cryptosystem is certainly top-secret. Actually there
is often a very fine line from unclassified info in the open
literature and a TS application of that information.
As far as the math is concerned, I am told that they take good math
people when academia is done with them and bring them inside to teach
them the real stuff.
>It is obvious to me that any college/university funded by the spooks
>will quickly loose their good academics, because they want to
>publicize *outside* the spook's circles.
>So if one does not want to become a spook, stay away from the
>spook-funded universities - they are mediocre by design.
You don't understand the focus of the programs of which you speak and
I don't think you appreciate the differences between an academic's
need to publish and what motivates someone with a natioinal security
focus.
Publishing and maintaining nation security are often divergent and
separate. The NSA and GCHQ people do often publish for the betterment
of security in the commercial sector, but I'm told that it can be a
career-altering event. The contributions to the ECC work is a prime
example of NSA helping the commercial sector.
I doubt that there is significant "spook-funding" of universities,
other than to send good people to good general math courses.
Fortunately, some good cooperative effort on the part of these
agencies is now taking place, as they begin to realize that having
security in the commercial sector is important to the national
security in our inter-connected world.
None of the people I have ever met from the agencies you mention are
at all spooky. BTW, it may not be obvious who they are at conferences,
but they usually warm up when they realize that someone recognizes the
dance of evasion and can tell them where they work.
------------------------------
From: [EMAIL PROTECTED] (James Day)
Subject: Re: Graphical representation of a public key (or fingerprint)?
Date: Fri, 13 Apr 2001 22:03:23 GMT
On Fri, 13 Apr 2001 15:02:18 +0200, "Michael Schmidt"
<[EMAIL PROTECTED]> wrote:
>Maybe I haven't expressed myself clear enough in the first place.
>I'm looking for the other way round: Finding a distinct graphical
>representation of a binary value (the public key or its fingerprint).
>
<Newbie Delurk>
Perhaps something along the lines of Richard Dawkins Biomorphs (from
'The blind watchmaker') could be used. i.e treat the bytes of the key
as the genes for a virtual animal - visually you should be able to
recognize your partners email, if its alway accompanied by an 10
legged spider (or whatever). Given the right encoding, even bit
changes in a key should look radically different.
<Delurk>
James Day
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: NSA-Endorsed Schools have a Mediocre Internet Presence
Date: Sat, 14 Apr 2001 00:13:54 +0200
Doug Stell wrote:
>
> Keep in mind that they know everything that the academics know. They
> know more and don't tell the academics. The gap may be closing, but
> the playing field isn't level, due to the lack of bi-directional flow
> of information. However, the flow of information isn't as
> uni-directional as it was in the past.
I think that the significance of that gap is also rapidly
decreasing with time, since the common people can, if
they want, now encrypt with such security that it is
almost certain that the agencies couldn't crack. That's
why laws like RIP are badly needed.
[snip]
> None of the people I have ever met from the agencies you mention are
> at all spooky. BTW, it may not be obvious who they are at conferences,
> but they usually warm up when they realize that someone recognizes the
> dance of evasion and can tell them where they work.
People from government agencies attending scientific
conferences nowadays do have the names of their employers
on the badges like everyone else, if I don't err.
M. K. Shen
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: How good is steganography in the real world?
Date: Fri, 13 Apr 2001 16:14:32 -0600
In article <[EMAIL PROTECTED]>, "Douglas A. Gwyn"
<[EMAIL PROTECTED]> wrote:
> Mok-Kong Shen wrote:
> > recall in this connection the famous sentence that
> > gentlemen don't read other's correspondences
>
> Attributed to Stinson when he became secretary of state
> and discovered that we had a Black Chamber. (He might
> not have actually said it.) However, it was universally
> recognized within the crypto community that treating
> enemies as gentlemen would be foolish.
One wonders if the penality for violation would not be as gentlemenly,
otherwise it has no force. I am reminded that what one requirements is
for egroups, that nothing be posted that would create anxiety for anyone.
It is obvious that being made aware of a bad condition that affect some
would spoil pretense that some things are not discussed for some.
The Herman G's are such nice people--The Wings of War
--
At peril to the country, Texas is glad to be rid of Bush. The Texas
legislature is busy undoing the messes he created. I told you so.
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: Black & white .gifs?
Date: Fri, 13 Apr 2001 16:25:11 -0600
In article <[EMAIL PROTECTED]>, "Douglas A. Gwyn"
<[EMAIL PROTECTED]> wrote:
> Jim Gillogly wrote:
> > Paul Thomas wrote:
> > > why not just take any old regular pictures you got lying around ...
> > This is a much better idea. ...
>
> However, most stego of this kind requires that the recipient also
> have access to the reference signal (original image). So the
> pictures can't just be lying around, they have to be in a public
> place. Maybe on www.heartbreaker.com?
Yes, but it no necessarily so. I've investigated a couple of easy schemes
that don't require this. Using some filter techniques I have developed,
lots of weird things are possible, color and grayscale.
B/W GIF's, assume you mean grayscale, can be easily made from another
format, even color. True 1 bit images can also be manipulated for crypto
and decrypted without a reference...really very simply, no problem.
--
At peril to the country, Texas is glad to be rid of Bush. The Texas
legislature is busy undoing the messes he created. I told you so.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: XOR TextBox Freeware: Very Lousy.
Date: Fri, 13 Apr 2001 22:13:31 GMT
"Ryan M. McConahy" wrote:
> The only thing (in crypto) XOR is good for is for one time pads, in
> which it is more secure than anything ever invented.
It isn't that the exclusive-or operation is insecure; the problem
is merely the way it is used in some cases. The subject program,
judging by its description, might be useful for something. In
fact I have a program like that in my communications toolkit.
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: Black & white .gifs?
Date: Fri, 13 Apr 2001 16:40:20 -0600
In article <[EMAIL PROTECTED]>, Mok-Kong Shen
<[EMAIL PROTECTED]> wrote:
> Ben Smith wrote:
> >
> > A friend of mine has a brilliant (if idiosyncratic) comic site -
> > http://www.geocities.com/needleandthreadcomic
> >
> > He's also a keen amateur cryptographer, so would probably enjoy the steg
> > aspect of his art.
Fun stuff...I like it.
>
> I suppose that some painting software helps for stego
> purposes, though I have no experience with such software.
> (One needs no 'reference' pictures, if the pixels are
> determined by PRNG.)
>
> M. K. Shen
If you like text, you'll love pixels. Write some drawing rules compatible
with crypto variations and let the program play Picaso. It will cause the
guys in the basement to scratch their heads other than what ever it is
they comonly scratch.
--
At peril to the country, Texas is glad to be rid of Bush. The Texas
legislature is busy undoing the messes he created. I told you so.
------------------------------
From: David A Molnar <[EMAIL PROTECTED]>
Subject: Re: _"Good" school in Cryptography ("was" I got accepted)
Date: 13 Apr 2001 23:23:03 GMT
Claus N�veke <[EMAIL PROTECTED]> wrote:
> Are there "good" Cryptography-schools in Germany?
I make no claims to completeness, but there's always C.P. Schnorr and his
research group.
http://www.mi.informatik.uni-frankfurt.de/index.html
-David
------------------------------
From: [EMAIL PROTECTED] (Yechuri)
Date: 14 Apr 2001 00:17:09 GMT
Subject: please comment
I have an idea for a sales method involving encryption which
I'm wondering if someone patented or is free to use.
First you write a software. Let's say it designs chips.
But the software puts out encrypted output file and a
key specific to that output file. Maybe this key also has
information about how many transistors designed etc.
The customer sends you this key. You charge them
per transistor and they pay for the decryption key which
you then send back to them. The software then unlocks
the file but only that particular file. Next time they use
your software, they pay for a different output file specific
key.
I did a disclosure document months ago but I'm hoping
it's so common it can't be patented. What do you think ?
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: please comment
Date: Sat, 14 Apr 2001 00:25:08 GMT
"Yechuri" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> I have an idea for a sales method involving encryption which
> I'm wondering if someone patented or is free to use.
>
> First you write a software. Let's say it designs chips.
> But the software puts out encrypted output file and a
> key specific to that output file. Maybe this key also has
> information about how many transistors designed etc.
> The customer sends you this key. You charge them
> per transistor and they pay for the decryption key which
> you then send back to them. The software then unlocks
> the file but only that particular file. Next time they use
> your software, they pay for a different output file specific
> key.
If the user is a dolt ya this will work. Otherwise the attacker/user will
just reverse engineer your program and disable the encryption routines.
Tom
------------------------------
From: [EMAIL PROTECTED] (Mark Wooding)
Subject: Re: Big Number
Date: 14 Apr 2001 01:03:15 GMT
Tom St Denis <[EMAIL PROTECTED]> wrote:
> "Dave Aronson at att dot net or big foot dot com"
> <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
>
> > Hrmph. Not sure if your intended number ends with 5, as shown in
> > the automatic quote-includer, or with 0, as shown in the window
> > showing me your message. Either one, though, is definitely wrong --
> > an integer ending in 6, to any positive integer power, is going to
> > end in 6. At least, assuming you're using the decimal system.
> >
> > Of course, I suspect that BOTH endings were mangled by Nutscrape, but....
>
> First off I mean to write 2^(16)(65536) and I used maple to find the huge
> number...
The problem is that Tom only actually posted 17% of the number!
The correct answer, which does end in 6 as Dave correctly pointed out,
is 315653 digits long. I computed it using Catacomb, through a Perl
interface I'm working on. It's the largest number Catacomb has ever
computed, I think. (It computed it very quickly. Converting it to
decimal takes a little over 2 minutes on my laptop.)
I've put the number on my web pages, 76 decimal digits per line. It's
available at http://www.excessus.demon.co.uk/2-sup-1048576.gz. Since
it's not a very interesting file, I'll delete it when I need the space
for something else.
-- [mdw]
------------------------------
From: Darren New <[EMAIL PROTECTED]>
Subject: Re: please comment
Date: Sat, 14 Apr 2001 01:05:31 GMT
Tom St Denis wrote:
> If the user is a dolt
... or honest, or getting charged less than the cost of breaking it, or
getting charged less than the cost of getting caught breaking it, ...
> ya this will work.
--
Darren New / Senior MTS & Free Radical / Invisible Worlds Inc.
San Diego, CA, USA (PST). Cryptokeys on demand.
schedule.c:7: warning: assignment makes calendar_week
from programmer_week without a cast.
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: please comment
Date: Sat, 14 Apr 2001 01:08:14 GMT
"Darren New" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Tom St Denis wrote:
> > If the user is a dolt
>
> ... or honest, or getting charged less than the cost of breaking it, or
> getting charged less than the cost of getting caught breaking it, ...
Why not just use the honor system then?
Tom
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
