Cryptography-Digest Digest #274, Volume #14 Mon, 30 Apr 01 19:13:01 EDT
Contents:
Re: Best, Strongest Algorithm ("Tom St Denis")
Re: Best, Strongest Algorithm ("Tom St Denis")
Re: CryptDisk (Ken Hagler)
Re: Best, Strongest Algorithm ("Paul Pires")
Re: A keen symmetric cipher idea ("M.S. Bob")
Question on Montgomery Multipliers... (Mahesh Maddury)
Re: A Question Regarding Backdoors ("Douglas A. Gwyn")
Re: RSA BRUTE FORCE ("Douglas A. Gwyn")
Re: A keen symmetric cipher idea ("Tom St Denis")
Re: Message mapping in EC. ("Cristiano")
Re: A Question Regarding Backdoors (SCOTT19U.ZIP_GUY)
Intacta.Code ... ("Thomas Christensen")
Re: Secure Digital Music Initiative cracked? (Mok-Kong Shen)
Re: A Question Regarding Backdoors (David Wagner)
Re: Intacta.Code ... (Mok-Kong Shen)
Re: Intacta.Code ... (newbie)
Re: Intacta.Code ... ("Tom St Denis")
Re: A Question Regarding Backdoors ("Roger Schlafly")
Re: Intacta.Code ... (newbie)
Re: Intacta.Code ... ("Tom St Denis")
----------------------------------------------------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: Best, Strongest Algorithm
Date: Mon, 30 Apr 2001 20:54:16 GMT
"SCOTT19U.ZIP_GUY" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> [EMAIL PROTECTED] (Ryan M. McConahy) wrote in
> <3aedc92b$0$88181$[EMAIL PROTECTED]>:
>
> >Since there are some major flaws with AES, such as it was designed to be
> >small, not necessarially to encrypt to the max, and since the NSA chose
> >it, what would you say is the strongest algorithm, other than an OTP?
> >
> >
> >
>
> I would say SCOTT19U is the strongest method out there. It treats
> the whole file like a single block so any change anywhere affects
> the whole encrypted file. Plus it use a specail Key that holds over
> a million bytes of key space. This key is itself modifed with the
> users passord.
Why should I trust your methods over anyone elses?
Tom
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: Best, Strongest Algorithm
Date: Mon, 30 Apr 2001 20:55:01 GMT
"M.S. Bob" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> "Ryan M. McConahy" wrote:
> >
> > Since there are some major flaws with AES, such as it was designed to be
> > small, not necessarially to encrypt to the max, and since the NSA chose
it,
> > what would you say is the strongest algorithm, other than an OTP?
>
> Since no one has provided any coherent evidence of these "alleged"
> flaws, I would recommend AES or TripleDES for a symmetric cipher
> algorithm. Several of the other AES candidates are also worth
> considering (Serpent and Twofish come to mind).
Flaw 1: The description is clear and concise.
Flaw 2: It can be implemented with a small code footprint
Flaw 3: It can only use short 256-bit keys.
Not too hard to tabulate the flaws.
Tom
------------------------------
From: Ken Hagler <[EMAIL PROTECTED]>
Subject: Re: CryptDisk
Date: Mon, 30 Apr 2001 13:54:52 -0700
=====BEGIN PGP SIGNED MESSAGE=====
Hash: SHA1
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (Jacques Th�riault) wrote:
> Does anybody know what happens to CryptDisk for the Macintosh. I've
> tried to get that program last night, but I only got dead links.
It's still around, but it's now known as PGPdisk, part of the
commercial PGP products--you can buy PGP Personal Privacy to get it.
I believe it's also included in various international PGP builds.
=====BEGIN PGP SIGNATURE=====
Version: PGP Personal Privacy 6.5.2
iQA/AwUBOu3RF+4CvKeUFrGEEQIxXQCdGLuQV7MVyrFzvn72cpx38zfrJfAAn0pc
t13RbGUSrH49KFg4QF+/9vw3
=/5xY
=====END PGP SIGNATURE=====
====== Posted via Newsfeeds.Com, Uncensored Usenet News ======
http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
======= Over 80,000 Newsgroups = 16 Different Servers! ======
------------------------------
From: "Paul Pires" <[EMAIL PROTECTED]>
Subject: Re: Best, Strongest Algorithm
Date: Mon, 30 Apr 2001 13:55:02 -0700
Ryan M. McConahy <[EMAIL PROTECTED]> wrote in message
news:3aedc92b$0$88181$[EMAIL PROTECTED]...
> Since there are some major flaws with AES, such as it was designed to be
> small, not necessarially to encrypt to the max, and since the NSA chose it,
Which major flaws are you referring to?
I think you may be confusing a few things here. One is that the NSA chose it,
the other one is strength vrs quality. I won't address the first but the second
is something you should think about. The way you have posed the question
will probably result in some less than helpfull replies so tuck this one away
just in case.
Ciphers of this type encrypt/decrypt with a relatively small key which is sometimes
re-used. No matter how "strong", they can be cracked by exhaustive key search.
"Strongest" is meaningless if the strength provided exceeds this higher bound of
the key space. Different folks will put different weight on "safety margin" and even
whether it is relevant. Safety margin against one type of attack would be meaningless
if a new and unanticipated approach was found. New ciphers spawn new approaches.
Disclaimer: I am nobody of interest. My opinion is that most of the finalists were
equally strong. Some had concerns but I don't think the time or effort
put into the evaluation produced a complete "features vrs warts list". It looks
like the process worked fairly well...so far. I believe this sentiment has been echoed
by the members of the other teams who were not picked.
> what would you say is the strongest algorithm, other than an OTP?
Why, my next algorithm of course. Silly question.
Paul
------------------------------
From: "M.S. Bob" <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: A keen symmetric cipher idea
Date: Mon, 30 Apr 2001 22:10:10 +0100
> > > a coma? Sure I will go to my local library where pull out books are the
> > > norm and read about advanced math... sure....
> >
> > Let's see, you live in Ottawa/Kanata region of Canada. Not exactly an
> > under-educated region of Canada. Nearby universities include: University
> > of Ottawa, Carleton University, and I have no idea how many public
>
> You're kidding right? Chapters doesn't house real books. You have to order
> them (see below)
I'm amazed you are finding it so difficult.
University of Ottawa Bookstore
<http://shop.efollett.com/htmlroot/storehome/universityofottawa949.html>
MAT Course: 2143
INTRO TO ABSTRACT ALGEBRA
NICHOLSON
MAT Course: 3344
DISCRETE & COMBINATORIAL MATHEMATICS
GRIMALDI
MAT Course: 4995
COURSE IN NUMBER THEORY & CRYPTOGRAPHY
KOBLITZ
Carleton University book store
<http://www.carleton.ca/univservices/bookstore/index.html>
MATH 69.112
Elementary Linear Algebra, Kolman
MATH 69.218
Abstract Algebra, Hungerford
MATH 69.389
Introduction to Number Theory and Cryptography
------------------------------
From: Mahesh Maddury <[EMAIL PROTECTED]>
Subject: Question on Montgomery Multipliers...
Date: Mon, 30 Apr 2001 14:17:20 -0700
Hi,
I'm new to the whole crypotgraphic field and have a question on
Montogomery multipliers. My understanding is that to calculate A*B(mod
M), you require these extra constants to convert into "Montogomery
residues". Basically, you need a value R which is 2^(2*n) mod M where n
is such that
2^(n-1)<M<2^n. I guess the advantage is that M does not change often for
cryptographic applications and so you can calculate R once in the
beginning.
I'm a hardware engineer and the question I have is whether it somehow
trivial to calculate this R value in hardware? It seems like a chicken
and egg problem since to calculate R you have to perform a Montgomery
multiplication and for this you need R again!
Thanks,
Mahesh
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: A Question Regarding Backdoors
Date: Mon, 30 Apr 2001 20:21:00 GMT
Jeffrey Williams wrote:
> Would NSA recommend any algorithm which could make their jobs
> very difficult or make them redundant?
The main flaw in your reasoning is that AES involved selection
among contributed candidates, none of them contributed by NSA.
NSA was asked to evaluate the candidates in an advisory
capacity, but had no control over them. And if they had some
problem with a candidate, the process required that the nature
of the problem (presumably a weakness, not a strength) be
disclosed. It is hard for a conspiracy to operate in an open
process.
> If their like any govt agency I've ever seen, the answer is "NO".
They're not like any government agency you've ever seen.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: RSA BRUTE FORCE
Date: Mon, 30 Apr 2001 20:23:33 GMT
John Savard wrote:
> But the number of test cases goes up directly with the size of the
> number being worked on for a simple "brute-force" algorithm.
I don't think the algorithm was really (supposed to) be "brute force".
It seems to be a radix search, logarithmic in the input size.
I'm still trying to map it into something I can fully understand.
(Obviously a binary implementation would make more sense than the
decimal based one originally presented.)
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: A keen symmetric cipher idea
Date: Mon, 30 Apr 2001 21:20:41 GMT
"M.S. Bob" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> > > > a coma? Sure I will go to my local library where pull out books are
the
> > > > norm and read about advanced math... sure....
> > >
> > > Let's see, you live in Ottawa/Kanata region of Canada. Not exactly an
> > > under-educated region of Canada. Nearby universities include:
University
> > > of Ottawa, Carleton University, and I have no idea how many public
> >
> > You're kidding right? Chapters doesn't house real books. You have to
order
> > them (see below)
>
> I'm amazed you are finding it so difficult.
Well I am going to college this week so I will see about swinging around to
the libraries.
Thanks,
Tom
>
> University of Ottawa Bookstore
> <http://shop.efollett.com/htmlroot/storehome/universityofottawa949.html>
>
> MAT Course: 2143
> INTRO TO ABSTRACT ALGEBRA
> NICHOLSON
>
> MAT Course: 3344
> DISCRETE & COMBINATORIAL MATHEMATICS
> GRIMALDI
>
> MAT Course: 4995
> COURSE IN NUMBER THEORY & CRYPTOGRAPHY
> KOBLITZ
>
> Carleton University book store
> <http://www.carleton.ca/univservices/bookstore/index.html>
>
> MATH 69.112
> Elementary Linear Algebra, Kolman
>
> MATH 69.218
> Abstract Algebra, Hungerford
>
> MATH 69.389
> Introduction to Number Theory and Cryptography
------------------------------
From: "Cristiano" <[EMAIL PROTECTED]>
Subject: Re: Message mapping in EC.
Date: Mon, 30 Apr 2001 23:28:02 +0200
"Mike Rosing" wrote:
> Cristiano wrote:
> >
> > I have translated an algorithm for blind signature in DL to works in EC.
The
> > problem is to map any message in a point of the elliptic curve. Is there
any
> > way?
>
> Yes, lots of ways. The simplest is to pick a few spare bits (say the most
significant
> 5 in your bit field) and to count up from 0 until the data concatenated
with the count
> bits hits the curve. Then randomly pick which root you like.
Could you do an example using small numbers (I don't understand "bit
field")?
Would you be so kind to tell me another way?
> > Is there some precaution to take for be sure that the algorithm in EC
> > doesn't have some weakness?
>
> You want to make sure the point has at least the largest prime factor
order. If it
> only has the order of the cofactor, it's a problem.
>
> A good curve (for crypto) will have order r*p where r is a small cofactor
and
> p is a large prime. You can check if your embedded data is a bad point by
computing
> r*D over the curve. If that gets you to the point at infinity, you have a
problem.
> The likely hood of that is exceptionally small, but you can still check
for it and
> bail out if necessary. (Changing the data by 1 bit should fix it, but
that may
> affect amount of spare bits you have or the raw data itself).
Is there a practical way to fix this problem?
It seems that blind signature is more critical using EC rather than DL. Is
there a way to implement it in a secure manner?
Thanks
Cristiano
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: A Question Regarding Backdoors
Date: 30 Apr 2001 21:50:08 GMT
[EMAIL PROTECTED] (Douglas A. Gwyn) wrote in <[EMAIL PROTECTED]>:
>Jeffrey Williams wrote:
>> Would NSA recommend any algorithm which could make their jobs
>> very difficult or make them redundant?
>
>The main flaw in your reasoning is that AES involved selection
>among contributed candidates, none of them contributed by NSA.
>NSA was asked to evaluate the candidates in an advisory
>capacity, but had no control over them. And if they had some
>problem with a candidate, the process required that the nature
>of the problem (presumably a weakness, not a strength) be
>disclosed. It is hard for a conspiracy to operate in an open
>process.
Actaully you lack imagination. Its easier for the NSA to
look innocent. When a easy public break makes it in a few years
the NSA can say we knew it was weak. Thats why its not used for
classifed US messages and that they had nothing to do with the design.
>
>> If their like any govt agency I've ever seen, the answer is "NO".
>
>They're not like any government agency you've ever seen.
>
Correct they have a far bigger budget and don't have to follow
any laws. If a congressman threatens them they can either expose
his past or make one up that would but the FBI frammings to shame.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE "OLD VERSIOM"
http://www.jim.com/jamesd/Kong/scott19u.zip
My website http://members.nbci.com/ecil/index.htm
My crypto code http://radiusnet.net/crypto/archive/scott/
MY Compression Page http://members.nbci.com/ecil/compress.htm
**NOTE FOR EMAIL drop the roman "five" ***
Disclaimer:I am in no way responsible for any of the statements
made in the above text. For all I know I might be drugged or
something..
No I'm not paranoid. You all think I'm paranoid, don't you!
------------------------------
Reply-To: "Thomas Christensen" <[EMAIL PROTECTED]>
From: "Thomas Christensen" <[EMAIL PROTECTED]>
Subject: Intacta.Code ...
Date: Tue, 1 May 2001 00:03:50 +0200
Does anybody have information about the "Intacta.Code" system ...?
Mvh.
//TDC
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Secure Digital Music Initiative cracked?
Date: Tue, 01 May 2001 00:01:43 +0200
Xcott Craver wrote:
>
> Mok-Kong Shen <[EMAIL PROTECTED]> wrote:
> >
[snip]
> >Note that it is always the international competition that is a
> >strong driving force and that that competition could take place
> >in diverse manners, >including even the eventual emergence of
> >products of new forms that could supercede the original products
> >in question.
>
> Aye, that. MP3 players are a standard example. Perhaps
> it will be the likes of the HRRC (Home recording rights
> coalition, essentially lobbyists representing the makers
> of recording devices) who help to make this argument,
> especially if media copy control policies become too
> severe.
In my view there is in all fields (whether commercial,
political, or others) sort of a general 'pattern' that
could be examplified like this: Suppose a firm is good in
a certain technique while the other firms barely have
comparable knowledge of it, then it is most profitable to
prevent any knowledge transfer as long as possible, so
that one can reap the maximum out of one's position of
monopoly. Later, when the other firms eventually begin to be
able to catch up, it is best to utilize one's advantage of
already having large manufacturing bases and customers etc.
to block (at a suitable time point) competitions from
arising in the first place, e.g. through cutting prices to
a low enough level such that the newcomers would be unable
to offer at competitive prices due to the high initial
investments involved. Recently one reads of news of a law
case between a group of pharma giants and the government
of South Africa on medicaments for Aids treatment. If there
were not that 'malicious' and disturbing Indian firm that
could potentially deliver the same stuffs at a fraction of
the prices hithertofore maintained on the market, it would
be hardly conceivable that the pharma giants would
voluntarily cut their prices by even a single cent purely
on grounds of ethics, moral, humanity or what not towards
the dying populations on the African continent. Life is
indeed as hard as that.
M. K. Shen
------------------------------
From: [EMAIL PROTECTED] (David Wagner)
Subject: Re: A Question Regarding Backdoors
Date: 30 Apr 2001 22:08:01 GMT
You suggest that the NSA may have influence NIST to choose Rijndael
because it was the weakest cipher around, or because it had a backdoor
for the NSA. This suggestion just doesn't hold water, in my opinion.
How do propose to reconcile your theory with the fact that polls among
the open research community showed Rijndael preferred most among all
contenders, substantially ahead of all its competition?
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Intacta.Code ...
Date: Tue, 01 May 2001 00:21:38 +0200
Thomas Christensen wrote:
>
> Does anybody have information about the "Intacta.Code" system ...?
I suppose that for such questions you should provide some
context, i.e. where you have seen the term mentioned, etc.,
in order to help people to eventually help you. Otherwise,
your chance of getting an answer would be slim, I am afraid.
M. K. Shen
------------------------------
From: newbie <[EMAIL PROTECTED]>
Subject: Re: Intacta.Code ...
Date: Mon, 30 Apr 2001 18:25:41 -0300
http://www.intacta.com/
You may find out what you are asking for
Thomas Christensen wrote:
>
> Does anybody have information about the "Intacta.Code" system ...?
>
> Mvh.
>
> //TDC
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: Intacta.Code ...
Date: Mon, 30 Apr 2001 22:36:46 GMT
"newbie" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> http://www.intacta.com/
>
> You may find out what you are asking for
Sadly this is nothing more then Reed-Solomon codes and a B&W bitmap.
A big problem with the intacta system is that you must scan and print at the
same resolution or it won't work.
Tom
------------------------------
From: "Roger Schlafly" <[EMAIL PROTECTED]>
Subject: Re: A Question Regarding Backdoors
Date: Mon, 30 Apr 2001 21:42:44 GMT
"David Wagner" <[EMAIL PROTECTED]> wrote in message
news:9ckno1$3g$[EMAIL PROTECTED]...
> You suggest that the NSA may have influence NIST to choose Rijndael
> because it was the weakest cipher around, or because it had a backdoor
> for the NSA. This suggestion just doesn't hold water, in my opinion.
> How do propose to reconcile your theory with the fact that polls among
> the open research community showed Rijndael preferred most among all
> contenders, substantially ahead of all its competition?
Rijndael also doesn't have any magic constants or mysterious S-boxes,
so it is hard to see how anyone could put a backdoor in. For a long time,
the DES doubters argued that its S-boxes could have some prearranged
and nonobvious weakness. Some ciphers try to avoid this criticism by
getting their constants from digits of pi or something like that. But
Rijndael
doesn't even have the constants.
------------------------------
From: newbie <[EMAIL PROTECTED]>
Subject: Re: Intacta.Code ...
Date: Mon, 30 Apr 2001 19:01:12 -0300
A big problem with you is that you have to scan your brain before too
late.
Tom St Denis wrote:
>
> "newbie" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > http://www.intacta.com/
> >
> > You may find out what you are asking for
>
> Sadly this is nothing more then Reed-Solomon codes and a B&W bitmap.
>
> A big problem with the intacta system is that you must scan and print at the
> same resolution or it won't work.
>
> Tom
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: Intacta.Code ...
Date: Mon, 30 Apr 2001 23:07:53 GMT
"newbie" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> A big problem with you is that you have to scan your brain before too
> late.
ok.
>
>
> Tom St Denis wrote:
> >
> > "newbie" <[EMAIL PROTECTED]> wrote in message
> > news:[EMAIL PROTECTED]...
> > > http://www.intacta.com/
> > >
> > > You may find out what you are asking for
> >
> > Sadly this is nothing more then Reed-Solomon codes and a B&W bitmap.
> >
> > A big problem with the intacta system is that you must scan and print at
the
> > same resolution or it won't work.
> >
> > Tom
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
