Cryptography-Digest Digest #222, Volume #14 Tue, 24 Apr 01 09:13:01 EDT
Contents:
Re: Wolf's Secure Channel Theorem ("John A. Malley")
Re: _Roswell_ episode crypto puzzle (Steve Roberts)
Re: _Roswell_ episode crypto puzzle (Timothy A. McDaniel)
Re: OTP WAS BROKEN!!! ([EMAIL PROTECTED])
Re: Censorship Threat at Information Hiding Workshop ("AY")
Re: OTP WAS BROKEN!!! (Sergei Lewis)
Re: Censorship Threat at Information Hiding Workshop (Markus Kuhn)
Re: First cipher (Mark Wooding)
Re: OTP WAS BROKEN!!! (Mark Wooding)
Re: OTP breaking strategy (Volker Hetzer)
Re: Wolf's Secure Channel Theorem (Matthias Geiser)
Re: OTP WAS BROKEN!!! (Volker Hetzer)
Re: OTP WAS BROKEN!!! (Volker Hetzer)
Re: Triple-DES vs. RC4 (Mark Wooding)
Re: OTP WAS BROKEN!!! (Mark Wooding)
_hash files generate after uninstall Radiate adware ([EMAIL PROTECTED])
Re: ok newbie here ya go (John Savard)
Re: _hash files generate after uninstall Radiate adware ("Tom St Denis")
Re: Wolf's Secure Channel Theorem (John Savard)
Re: OTP WAS BROKEN!!! ("Tom St Denis")
Re: _Roswell_ episode crypto puzzle (John Savard)
Re: Triple-DES vs. RC4 ("Michael Schmidt")
Re: Micro Video Camera Suitable for Documents? (John Savard)
Re: RSA-like primes p and q (John Savard)
Security proof for Steak ("Henrick Hellstr�m")
Re: Triple-DES vs. RC4 ("Tom St Denis")
Re: RSA-like primes p and q ("Tom St Denis")
----------------------------------------------------------------------------
From: "John A. Malley" <[EMAIL PROTECTED]>
Subject: Re: Wolf's Secure Channel Theorem
Date: Mon, 23 Apr 2001 23:18:31 -0700
Mark G Wolf wrote:
>
> Ok would you believe conjecture or hypotheses for now.
>
> Wolf's Secure Channel Theorem - once a secure authentic channel has been
> established between two distinct points in space it can be maintained
> indefinitely
>
Well, let's take a crack at this :-)
Let Alice stand at one end of the channel and Bob at the other. Eve is
between Alice and Bob and can listen in to anything that passes between
them. Alice, Bob and Eve knows the cipher and the protocol. Alice and
Bob share a secret key. Eve does not know the key.
Assume the protocol and cipher between Alice and Bob prevent Eve from
impersonating either side (no MITM attacks) and anything Eve does to the
ciphertext is detected by the recipient.
Assume Alice and Bob maintain traffic indefinitely, for all time t > t_0
where t_0 is moment of the opening of the channel betwixt Alice and Bob.
An infinite stream of plaintext is sent between Alice and Bob after t_0
as ciphertext.
1) What if Alice and Bob use a cipher with a finite key?
Eve passive collects ciphertext in the channel.
Eve collects more than L = Unicity Distance's worth of ciphertext.
If Eve has unbounded computing resources she can always determine the
exact finite key used by Alice and Bob. The channel is not secure.
If Eve has bounded computing resources (say probabilistic algorithms
running in polynomial time) then there could exist a finite key size k
such that the channel is computationally secure for key lengths > k
bits. So for key lengths <= k bits long Eve could solve for the finite
key value, and for key lengths > k bits she could not solve for the
finite key value.
If Eve has bounded computing resources she cannot determine the exact
finite key used by Alice and Bob if the key length exceeds some bit
length k.
2) What if Alice and Bob use a cipher with perfect secrecy?
A cipher with perfect secrecy requires the uncertainty of the key at
least equal the uncertainty of the plaintext.
The stream of plaintext is an infinite string of symbols, out of an
alphabet A of p symbols, occurring in serial order. The key must also
be an infinite string of symbols. Let the keystream be generated by a
source that selects a symbol of the alphabet uniformly at random from
the alphabet. So every symbol of the alphabet is equiprobable as the
next symbol out of the keystream generator.
Encrypt the ith plaintext symbol with the ith output of the keystream
generator using a Vernam cipher -
ciphertext(i) = ( plaintext(i) + keystream(i) ) mod p.
Uh-oh.
How do Alice and Bob share this keystream in secret between themselves?
Alice could send the segments of the keystream over to Bob, one segment
at a time, so Bob could use reassemble the keystream as time progresses
to decipher the ciphertext he receives from Alice. BUT, there is only
this one secure authentic channel. Alice cannot send the keystream and
the ciphertext through this channel.
It is not possible to send the keystream and the ciphertext through the
same channel. Therefore the channel cannot work for Alice and Bob.
What if Alice and Bob use two secure authentic channels, X and Y, with X
to send the ciphertext and Y to send the keystream for the ciphertext?
Then Alice must find a way to send the keystream of Y to Bob to make
sure the encrypted keystream of X sent through Y remains secret from
Eve.
It won't work.
What if Alice and Bob use a cryptographically secure pseudo-random
number generator as the key stream?
Then Alice needs to use a finite key to send the secret CSPRBG seed
value over to Bob so Bob can start up his CSPRBG.
And CSPRBGs produce a finite key stream size.
The use of a CSPRBG falls under 1), the use of a finite key.
The keystream generator output used by Alice must also be used by Bob.
Sending a copy of it to Bob will not work. Is there a way both Alice and
Bob could use the exact same keystream output as it's generated? That
requires the keystream output act as if its local to both Alice and Bob
- and that can be done using the EPR paradox (a non-local physical
phenomenon ) a.k.a. quantum key exchange.
See http://www.newscientist.com/ns/19991002/quantumcon.html
So here are my results (which could be wrong, I'm looking for feedback
:-) ) :
"Wolf's Secure Channel Theorem - once a secure authentic channel has
been established between two distinct points in space it can be
maintained indefinitely" is TRUE (and assuming there's a protocol to
ensure authenticity) IFF:
the secure channel is established with ciphers using a finite key > some
bit length k and facing an adversary with bounded computing resources,
or
the secure channel is established with a cipher with perfect secrecy
using quantum key exchange between Alice and Bob.
John A. Malley
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Steve Roberts)
Crossposted-To: rec.puzzles
Subject: Re: _Roswell_ episode crypto puzzle
Date: Tue, 24 Apr 2001 06:50:32 GMT
[EMAIL PROTECTED] (Timothy A. McDaniel) wrote:
>I've not read either group before, and I'm not sure whether a
>crossposting to rec.puzzles and sci.crypt is in order -- I saw only
>one person doing it, and he, well, ... Please lambaste me if I have
>violated the local mores.
>
>The latest (US) episode of the TV show Roswell ... oh, spoiler warning
>had a character sign a credit card receipt with a string of 1s and 0s.
>One person posted it as....
This puzzle (with its million possible answers) prompts me to post THE
RIGHT QUESTION which you should ask entities that claim to be visiting
space aliens.
Entity: G'day, we are from xxx xxx [distant civilisation]
You: Please tell me the factors of F20 (2^1048576+1)
A sufficiently advanced civilisation would be able to do this. We
can't (at present)
Steve
------------------------------
From: [EMAIL PROTECTED] (Timothy A. McDaniel)
Crossposted-To: rec.puzzles
Subject: Re: _Roswell_ episode crypto puzzle
Date: Tue, 24 Apr 2001 06:33:19 +0000 (UTC)
Reply-To: [EMAIL PROTECTED]
One other person has confirmed the 20-bit version, so assume that's
right.
I should note that the Roswell writers are not the sharpest bulbs in
the drawer ... er, the brightest knives on the tree ... well, you know
what I mean. Also, they throw in plot twists that never get followed
up on, and they bring in plot twists out of nowhere. It's been
pointed out that the 20-bit binary number could be a
dramatically-unfair sort of thing that can't be figured out in
advance, like a combination, or a control code on an alien widget that
may or may not have been introduced yet, or a frequency, or N-space
coordinates, or something of that ilk. So the number could easily be
a blind alley; if so, I'm sorry (and so are a lot of fans).
Another person in alt.tv.roswell has pointed out that if character X
is right, character Y may have been under the mental influence of
someone else, call them Z, at the time by someone else. That is, it
was likely not a message from character Y, but rather mental leakage
of something Z was thinking at the time. That makes it more likely to
be the "unfair" type of answer above.
--
Tim McDaniel is [EMAIL PROTECTED]; if that fail,
[EMAIL PROTECTED] is my work account.
"To join the Clueless Club, send a followup to this message quoting everything
up to and including this sig!" -- [EMAIL PROTECTED] (Jukka Korpela)
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: OTP WAS BROKEN!!!
Date: Tue, 24 Apr 2001 08:28:54 GMT
You know...you could just start out with all the plain texts of the
same length,(which you started with in your DB of all plaintexts) and
skip to the end of your process...you'll end up in the same place
right?
Max
------------------------------
From: "AY" <[EMAIL PROTECTED]>
Subject: Re: Censorship Threat at Information Hiding Workshop
Date: Tue, 24 Apr 2001 04:56:44 +0100
>Rather, the real problem here is the theft of content that started
>the chain of developments.
What theft? How can you "steal" information that can be replicated without
losing the original? No one has "lost" anything as such.
Is anything wrong about the idea of sharing music in itself? Please note the
difference between sharing music and a deliberate attempt at "stealing". I
think money is the root of the problem. The "music industry" wants to
generate maximum profit. So what do they do? They forbid people to share
music. The music industry can still make a profit whilst allowing
non-commercial copying, but the fact that they want to squeeze every
possible penny out of it means that they need restrictions. IGovernments
generally support such activities because they are funded by them.
Sharing music makes the music industry less profitable. But is it "wrong"?
If you think so, you've been brainwashed, and most people are, IMHO.
See
http://www.gnu.org/philosophy/why-free.html
AY
------------------------------
From: Sergei Lewis <[EMAIL PROTECTED]>
Subject: Re: OTP WAS BROKEN!!!
Date: Tue, 24 Apr 2001 10:02:58 +0100
nugatory wrote:
> So here's a challenge: What is the shortest possible
> argument that will convince an intelligent layman
> that an OTP cannot broken (as long as the "one-time" part
> is honored)? It should be *much* shorter than a
> derivation of E=mc^2.
OTP + Message -> garbage
garbage + Message -> garbage
an OTP is some random garbage
if we guess an OTP our guess is some random garbage
garbage - other_garbage = rubbish
rubbish sometimes makes sense and looks like a message, but we have no
way of telling if it's *the* message that was actually *sent* or not
because we have no way of knowing whether we guessed the OTP right or
not - their OTP was garbage and so's our guess.
--
Sergei Lewis - http://members.tripod.co.uk/~Folken
"I'm not falling - this is how I fly.."
------------------------------
From: [EMAIL PROTECTED] (Markus Kuhn)
Subject: Re: Censorship Threat at Information Hiding Workshop
Date: 24 Apr 2001 09:34:36 GMT
BTW, it seems this SDMI issue has caught some attention in the media:
http://www.theregister.co.uk/content/8/18434.html
http://www.inside.com/jcs/Story?article_id=29036&pod_id=9
------------------------------
From: [EMAIL PROTECTED] (Mark Wooding)
Subject: Re: First cipher
Date: 24 Apr 2001 10:00:42 GMT
Scott Fluhrer <[EMAIL PROTECTED]> wrote:
> No, it doesn't. There are key-dependent shifts within the key schedule, and
> so complementary keys do not translate to complementary subkeys.
Silly me. You're right, of course.
-- [mdw]
------------------------------
From: [EMAIL PROTECTED] (Mark Wooding)
Subject: Re: OTP WAS BROKEN!!!
Date: 24 Apr 2001 10:02:13 GMT
John Myre <[EMAIL PROTECTED]> wrote:
> I seem to recall that the same rules apply to \aleph_n for
> all n. True?
Yes.
-- [mdw]
------------------------------
From: Volker Hetzer <[EMAIL PROTECTED]>
Subject: Re: OTP breaking strategy
Date: Tue, 24 Apr 2001 12:33:58 +0200
newbie wrote:
>
> What is a random process?
> What it appears today to be truly random will be very predictable
> tomorrow.
No. Read a book.
> Randomness is nothing more than some mechanisms above our actual
> computational power.
No. Read a book.
Volker
--
They laughed at Galileo. They laughed at Copernicus. They laughed at
Columbus. But remember, they also laughed at Bozo the Clown.
------------------------------
From: [EMAIL PROTECTED] (Matthias Geiser)
Subject: Re: Wolf's Secure Channel Theorem
Date: Tue, 24 Apr 2001 13:56:29 +0200
On Mon, 23 Apr 2001 16:10:09 -0500, Mark G Wolf <[EMAIL PROTECTED]> wrote:
>Wolf's Secure Channel Theorem - once a secure authentic channel has been
>established between two distinct points in space it can be maintained
>indefinitely.
Your conjecture is wrong.
Proof: Cut the wire!
qed
:-)
SCNR, Matthias
--
"If they give you ruled paper, write the other way."
Juan Ramon Jimenez
PGP KeyID: 1024/688E6CD9 FP: 3C59 DE10 DFD4 ED57 E8F4 19A8 B048 1FD2
------------------------------
From: Volker Hetzer <[EMAIL PROTECTED]>
Subject: Re: OTP WAS BROKEN!!!
Date: Tue, 24 Apr 2001 13:24:03 +0200
newbie wrote:
> THE NUMBER OF MESSAGES WHICH HAVE A SENSE IS INFINITESIMAL COMPARING TO
> THOSE WHICH DOES NOT HAVE A SENSE!!!!!!!!!!!!!!!!!!!
One can be more specific. The number of messages that makes sense, given
a certain context and OTP encrypted message is *exactly* the number of messages
that make sense given a certain context and the size of the OTP encrypted
message.
There's no way to narrow it down further.
Might I remind you that you've been given three simple chaellenges not and
have not taken up even one?
Greetings!
Volker
--
They laughed at Galileo. They laughed at Copernicus. They laughed at
Columbus. But remember, they also laughed at Bozo the Clown.
------------------------------
From: Volker Hetzer <[EMAIL PROTECTED]>
Subject: Re: OTP WAS BROKEN!!!
Date: Tue, 24 Apr 2001 13:34:33 +0200
newbie wrote:
> THE NUMBER OF MESSAGES WHICH HAVE A SENSE IS INFINITESIMAL COMPARING TO
> THOSE WHICH DOES NOT HAVE A SENSE!!!!!!!!!!!!!!!!!!!
One can be more specific. The number of messages that makes sense, given
a certain context and OTP encrypted message is *exactly* the number of messages
that make sense given a certain context and the size of the OTP encrypted
message.
There's no way to narrow it down further.
Might I remind you that you've been given three simple chaellenges and
have not taken up even one? Not even stated what's wrong with the challenges?
Greetings!
Volker
--
They laughed at Galileo. They laughed at Copernicus. They laughed at
Columbus. But remember, they also laughed at Bozo the Clown.
------------------------------
From: [EMAIL PROTECTED] (Mark Wooding)
Subject: Re: Triple-DES vs. RC4
Date: 24 Apr 2001 12:01:54 GMT
Michael Schmidt <[EMAIL PROTECTED]> wrote:
> I'm looking for some performance survey about Triple-DES and RC4 (128
> bit) used for payload encryption, preferably on a Pentium II or higher
> processor (i.e. PC). I am aware that I'm comparing a block cipher with
> a stream cipher.
RC4 is a factor of 25 faster on my PIII (using my own implementations).
> However, Triple-DES and RC4 seem to be the only 2 popular, secure and
> really commonly used payload encryption schemes, as used in SSL/TLS
> (web browsers) as well as in Java (Java Cryptographic Architecture -
> JCA).
My preference is for Blowfish. It's about 3.4 times slower than RC4. I
trust it a lot more, though (for whatever that's worth).
> Furthermore, how is the licensing situation for RC4, when used
> commercially outside the US? Schneier writes in Applied Cryptography
> that RSA would give you a hard time if you try to use it unlicensed,
> although there's no legal ground to that.
I've not seen this happen to anyone yet. Consider that RC4 is used,
unlicensed, in just about every web server running Apache with SSL
support. A fuss would have been kicked up if RSA had tried to do
anything.
> Are there any serious attacks known against 128 bit RC4?
I think there's cause for concern.
As Tom says, there's an attack which can distinguish a gigabyte of
output from an RC4 generator from random data. It also manages to
work out some of the generator's internal state, although not enough to
matter. (I hope Scott Fluhrer will correct this if it's wrong.)
Recently, an interesting phenomenon was noted: the second output byte
from RC4 is zero with double the hoped-for probability. This attack
doesn't recover any key material, but it perhaps indicates that the
algorithm hasn't been subjected to enough analysis yet.
I don't usually recommend RC4 to people any more.
Finally, if you decide to use RC4, remember never to reuse a key.
-- [mdw]
------------------------------
From: [EMAIL PROTECTED] (Mark Wooding)
Subject: Re: OTP WAS BROKEN!!!
Date: 24 Apr 2001 12:16:23 GMT
Tom St Denis <[EMAIL PROTECTED]> wrote:
> To me infinity is just a concept... i.e lim (x -> oo) 1/x is zero,
> etc...
In that context, `infinity' is just a notation. $\lim_{x \to \infty}
{1\over x}$ really `means':
Given any $\varepsilon > 0$ there exists an $N$ such that, for all
$x > N$, $\left| {1\over x} \right| < \varepsilon$.
It doesn't say anything about infinity. (Let's not go near nonstandard
analysis at this point, shall we?)
> I don't care that (oo)^2 != oo, etc..
Again, that's not true, certainly in the case of $\aleph_0$, and, I
think, for $\aleph_n$ in general.
-- [mdw]
------------------------------
From: [EMAIL PROTECTED]
Subject: _hash files generate after uninstall Radiate adware
Date: Tue, 24 Apr 2001 12:20:44 GMT
Can you help me? I am having a problem with a series of files that are
generated every time I open any browser (Netscape, Internet Explorer,
Juno)..
The files are named "_hashxxxxxx" where the X's denote a series of
numbers, eg.,_hash769763, _hash790101, etc. There is no file extension
and no useful information in the "file properties" window of my Win98SE
OS.
The files persist until I find and delete them.
I believe the files began appearing immediately after REMOVING an
"adware" program called "FlashGet", a download manager sponsored by
Radiate advertising. I removed the program using the program's own
uninstall
utility. But the _hash files may be generated by something left over
from that program,
maybe an encrypted tracking device. I have contacted the vendor but no
reply yet.
I scanned my system for viruses using the latest virus pattern update
from PC-cillin. No virus was recognized. I also scanned my system for
"spyware"
using a program called "Ad-aware" which removes tracking devices from
companies
such as Double-click and Aureate. I removed a few spyware items found by
that
program but the _hash files continue to appear.
I would appreciate any insight you could share with me regarding the
nature of these _hash* files.
Sincerely, Russell
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: ok newbie here ya go
Date: Tue, 24 Apr 2001 12:27:42 GMT
On Tue, 24 Apr 2001 05:09:43 GMT, [EMAIL PROTECTED] (Xcott
Craver) wrote, in part:
> "I'm the Master Rapper and I'm here to say,
> I love Fruty Pebbles in a major way."
Ah, yes. I never saw that commercial in its original incarnation, but
I saw it in a TV show devoted to great TV commercials of the past.
(Not one for Fruity Pebbles, the cereal, but the one which informed
America that bananas don't go in the refrigerator.)
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: _hash files generate after uninstall Radiate adware
Date: Tue, 24 Apr 2001 12:27:38 GMT
<[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Can you help me? I am having a problem with a series of files that are
> generated every time I open any browser (Netscape, Internet Explorer,
> Juno)..
>
> The files are named "_hashxxxxxx" where the X's denote a series of
> numbers, eg.,_hash769763, _hash790101, etc. There is no file extension
> and no useful information in the "file properties" window of my Win98SE
> OS.
> The files persist until I find and delete them.
<snip>
Why did you post this here?
Tom
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Wolf's Secure Channel Theorem
Date: Tue, 24 Apr 2001 12:30:42 GMT
On Mon, 23 Apr 2001 16:10:09 -0500, "Mark G Wolf"
<[EMAIL PROTECTED]> wrote, in part:
>Wolf's Secure Channel Theorem - once a secure authentic channel has been
>established between two distinct points in space it can be maintained
>indefinitely.
What I think you meant to say is:
provided a secure, authentic channel exists between two points for
sufficient time to transmit a key long enough to resist brute-force
search,
then it is possible to create a secure, authentic channel, using
cryptography, between those two points out of any insecure channel
that might existe between them.
The theorem as stated is false, since it is possible:
a) that the secure authentic channel might not exist long enough for
adequate key setup, and
b) all communication whatsoever between the two points might be cut
off in the future.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: OTP WAS BROKEN!!!
Date: Tue, 24 Apr 2001 12:31:01 GMT
"Mark Wooding" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Tom St Denis <[EMAIL PROTECTED]> wrote:
>
> > To me infinity is just a concept... i.e lim (x -> oo) 1/x is zero,
> > etc...
>
> In that context, `infinity' is just a notation. $\lim_{x \to \infty}
> {1\over x}$ really `means':
>
> Given any $\varepsilon > 0$ there exists an $N$ such that, for all
> $x > N$, $\left| {1\over x} \right| < \varepsilon$.
>
> It doesn't say anything about infinity. (Let's not go near nonstandard
> analysis at this point, shall we?)
No to me it's still a concept. I read the limit as "as x gets incredibly
huge, the value of 1/x goes towards zero". I don't see this as an absolute
since there is no infinity number.
> > I don't care that (oo)^2 != oo, etc..
>
> Again, that's not true, certainly in the case of $\aleph_0$, and, I
> think, for $\aleph_n$ in general.
Well I am not a math grad so what I know about math couldn't fill a thimble.
But afaik infinity is not a number it's just an idea or abstract number used
to simplify proofs.
Tom
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Crossposted-To: rec.puzzles
Subject: Re: _Roswell_ episode crypto puzzle
Date: Tue, 24 Apr 2001 12:43:13 GMT
On Tue, 24 Apr 2001 06:50:32 GMT, [EMAIL PROTECTED] (Steve
Roberts) wrote, in part:
>This puzzle (with its million possible answers) prompts me to post THE
>RIGHT QUESTION which you should ask entities that claim to be visiting
>space aliens.
Hmm.
11100100100111011001 is 3444731 octal, or 936409 decimal. (And E49D9
hex.) So on an octal calculator, upside down, it looks like IELhhhE.
(On a decimal one, GOh9EG.)
It's much too short to be much of a secret message.
101010 is 42, is the "right answer", the right question to which it
was the answer was the goal for which the Earth was created, as we all
know.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: "Michael Schmidt" <[EMAIL PROTECTED]>
Subject: Re: Triple-DES vs. RC4
Date: Tue, 24 Apr 2001 14:42:49 +0200
"Mark Wooding" <[EMAIL PROTECTED]> schrieb im Newsbeitrag
news:[EMAIL PROTECTED]...
> Michael Schmidt <[EMAIL PROTECTED]> wrote:
>
> > Furthermore, how is the licensing situation for RC4, when used
> > commercially outside the US? Schneier writes in Applied Cryptography
> > that RSA would give you a hard time if you try to use it unlicensed,
> > although there's no legal ground to that.
>
> I've not seen this happen to anyone yet. Consider that RC4 is used,
> unlicensed, in just about every web server running Apache with SSL
> support. A fuss would have been kicked up if RSA had tried to do
> anything.
That's a good point!
> Finally, if you decide to use RC4, remember never to reuse a key.
What do you mean by "reuse"?
Each time I'm starting all over with a new data stream?
Thank you so far!
Michael
--
===================================================
Michael Schmidt
===================================================
Institute for Data Communications Systems
University of Siegen, Germany
www.nue.et-inf.uni-siegen.de
===================================================
http: www.nue.et-inf.uni-siegen.de/~schmidt/
e-mail: [EMAIL PROTECTED]
phone: +49 271 740-2332 fax: +49 271 740-2536
mobile: +49 173 3789349
===================================================
### Siegen - The Arctic Rain Forest ###
===================================================
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Micro Video Camera Suitable for Documents?
Date: Tue, 24 Apr 2001 12:46:46 GMT
On Tue, 24 Apr 2001 01:50:41 GMT, Samuel Paik <[EMAIL PROTECTED]> wrote,
in part:
quoting someone:
>> I need a micro video camera that can clearly capture text (every single letter)
>> on a document from reading distance (1-2ft).
>Do you mean at the same time? As in, one image captures the entire document?
>If so, you probably need at around
> 200 dpi * (8.5 in x 11 in) => 1700 pixels x 2200 pixels capture format.
>This is not a format you can display on a VCR.
100 dpi or even 60 dpi would do. The problem is, though, the camera
presumably has to cover a large field of view, of which the document
would only be a small part. So, fortunately, this kind of surveillance
is still not easily possible with stuff you can get at the local Radio
Shack.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: RSA-like primes p and q
Date: Tue, 24 Apr 2001 12:48:55 GMT
On Mon, 23 Apr 2001 19:15:50 GMT, "Tom St Denis"
<[EMAIL PROTECTED]> wrote, in part:
>Maybe you are thinking (or they were discussing) "strong primes" which were
>used to stop early factoring algorithms. They are not relevant today.
For discrete-logarithm algorithms, though, Sophie Germain primes or
primes such that (p-1)/2 has a large prime factor, are still relevant;
but that isn't RSA or factoring.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: "Henrick Hellstr�m" <[EMAIL PROTECTED]>
Subject: Security proof for Steak
Date: Tue, 24 Apr 2001 14:51:06 +0200
Have a look at http://www.streamsec.com/sattacks.asp
It might be considered to be a draft so far. I would appreciate any
comments.
--
Henrick Hellstr�m [EMAIL PROTECTED]
StreamSec HB http://www.streamsec.com
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: Triple-DES vs. RC4
Date: Tue, 24 Apr 2001 12:53:00 GMT
"Michael Schmidt" <[EMAIL PROTECTED]> wrote in message
news:9c3sdn$bmme4$[EMAIL PROTECTED]...
> "Mark Wooding" <[EMAIL PROTECTED]> schrieb im Newsbeitrag
> news:[EMAIL PROTECTED]...
> > Michael Schmidt <[EMAIL PROTECTED]> wrote:
>
> >
> > > Furthermore, how is the licensing situation for RC4, when used
> > > commercially outside the US? Schneier writes in Applied Cryptography
> > > that RSA would give you a hard time if you try to use it unlicensed,
> > > although there's no legal ground to that.
> >
> > I've not seen this happen to anyone yet. Consider that RC4 is used,
> > unlicensed, in just about every web server running Apache with SSL
> > support. A fuss would have been kicked up if RSA had tried to do
> > anything.
>
> That's a good point!
>
>
> > Finally, if you decide to use RC4, remember never to reuse a key.
>
> What do you mean by "reuse"?
> Each time I'm starting all over with a new data stream?
Yup if you reuse the same key in RC4 it will output the same stream of
bytes.
Tom
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: RSA-like primes p and q
Date: Tue, 24 Apr 2001 12:54:43 GMT
"John Savard" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> On Mon, 23 Apr 2001 19:15:50 GMT, "Tom St Denis"
> <[EMAIL PROTECTED]> wrote, in part:
>
> >Maybe you are thinking (or they were discussing) "strong primes" which
were
> >used to stop early factoring algorithms. They are not relevant today.
>
> For discrete-logarithm algorithms, though, Sophie Germain primes or
> primes such that (p-1)/2 has a large prime factor, are still relevant;
> but that isn't RSA or factoring.
Yup. In fact (p-1)/2 should be a large prime which simplifies the
description (and is more secure). Of course making such primes takes an
awfully long time...
Tom
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
