Cryptography-Digest Digest #275, Volume #14 Mon, 30 Apr 01 22:13:01 EDT
Contents:
Re: What Is the Quality of Randomness? ("John Feth")
Re: Intacta.Code ... (newbie)
Re: There Is No Unbreakable Crypto (David Wagner)
Re: A Question Regarding Backdoors ("Trevor L. Jackson, III")
Re: Censorship Threat at Information Hiding Workshop ("Trevor L. Jackson, III")
Re: There Is No Unbreakable Crypto ("Henrick Hellström")
Re: A Question Regarding Backdoors (David Wagner)
Re: A Question Regarding Backdoors (Leonard R. Budney)
Re: What Is the Quality of Randomness? (John Wasser)
Re: What Is the Quality of Randomness? ("Mark G Wolf")
Re: Intacta.Code ... ("John Luebs")
----------------------------------------------------------------------------
From: "John Feth" <[EMAIL PROTECTED]>
Subject: Re: What Is the Quality of Randomness?
Date: Mon, 30 Apr 2001 15:40:08 -0700
Just to keep everything in the correct perspective, I couldn't resist
posting the following quote--
When you can measure what you are speaking about, and express it as numbers,
you know something about it; but when you cannot measure it, when you cannot
express it in numbers, your knowledge is of a meager and unsatisfactory
kind.
William Thompson, Lord Kelvin
Noted British Physicist and Mathematician
(After whom the graduations absolute temperature scale are called degrees
Kelvin)
John Feth
"John Savard" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> On Wed, 25 Apr 2001 16:10:09 -0600, "Tony T. Warnock"
> <[EMAIL PROTECTED]> wrote, in part:
>
> >The Quality of Randomness is not Strained.
>
> As I said:
>
> <quote>
> The quality of randomness cannot be established by putting the
> generated digits through a sieve of statistical tests. Instead,
> randomness comes from true physical sources like the rain from the
> clouds in the sky...
>
> Sorry, I couldn't resist.
> <unquote>
>
> so I thought of that joke first!
>
> (The quality of mercy is not strain'd. It droppeth as the gentle rain
> from heaven upon the place beneath: it is twice blest; it blesseth him
> that gives and him that takes: ... The Merchant of Venice, Act IV,
> Scene I.)
>
> John Savard
> http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: newbie <[EMAIL PROTECTED]>
Subject: Re: Intacta.Code ...
Date: Mon, 30 Apr 2001 19:12:04 -0300
That is polite answer.
Thank you.
Tom St Denis wrote:
>
> "newbie" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > A big problem with you is that you have to scan your brain before too
> > late.
>
> ok.
>
> >
> >
> > Tom St Denis wrote:
> > >
> > > "newbie" <[EMAIL PROTECTED]> wrote in message
> > > news:[EMAIL PROTECTED]...
> > > > http://www.intacta.com/
> > > >
> > > > You may find out what you are asking for
> > >
> > > Sadly this is nothing more then Reed-Solomon codes and a B&W bitmap.
> > >
> > > A big problem with the intacta system is that you must scan and print at
> the
> > > same resolution or it won't work.
> > >
> > > Tom
------------------------------
From: [EMAIL PROTECTED] (David Wagner)
Subject: Re: There Is No Unbreakable Crypto
Date: 30 Apr 2001 23:18:46 GMT
Henrick Hellström wrote:
>I couldn't find the original paper, only quotations of it, and I am
>obviously trying to make David Wagner so upset so that he will send it to me
>himself. ;-)
The citation is
Oded Goldreich, Shafi Goldwasser, and Silvio Micali.
How to construct random functions.
Journal of the ACM, 33(4):792-807, October 1986.
You should be able to find it at your friendly nearby university library.
Or, if for folks who insist "if it's not online, it doesn't exist",
the paper can be read online at:
http://www.acm.org/pubs/citations/journals/jacm/1986-33-4/p792-goldreich/
if you have a subscription to the ACM digital library.
Or, for folks who want an online copy but don't subscribe to the
ACM digital copy, a re-presentation is available online at
http://www.wisdom.weizmann.ac.il/~oded/ggm.html
Or, for more online information, read Lectures 2 and 3 of the lecture
notes from Phil Rogaway's class on cryptography:
http://www.cs.ucdavis.edu/~rogaway/classes/227/winter99/
This is a really nice exposition of the construction.
------------------------------
From: "Trevor L. Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: A Question Regarding Backdoors
Date: Mon, 30 Apr 2001 23:55:26 GMT
David Wagner wrote:
> You suggest that the NSA may have influence NIST to choose Rijndael
> because it was the weakest cipher around, or because it had a backdoor
> for the NSA. This suggestion just doesn't hold water, in my opinion.
> How do propose to reconcile your theory with the fact that polls among
> the open research community showed Rijndael preferred most among all
> contenders, substantially ahead of all its competition?
Were those preferences based on strength or performance? My preception
was that speed carried an awful lot of weight.
------------------------------
From: "Trevor L. Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: Censorship Threat at Information Hiding Workshop
Date: Tue, 01 May 2001 00:03:43 GMT
Bill Unruh wrote:
> In <[EMAIL PROTECTED]> [EMAIL PROTECTED] (Leonard R. Budney)
>writes:
>
> ][EMAIL PROTECTED] (Bill Unruh) writes:
>
> ]> ...copyright law, sets in...This monopoly is as artificial as any other
> ]> monopoly granted by the state. In this case the reason for this grant
> ]> of monopoly is to encourage production. There is no natural right to
> ]> a monopoly.
>
> ]However, copyright expresses the basic belief that an idea's originator
> ]is entitled to profit from his ideas. I think that's a good and fair
> ]principle--but when the cost of production (AND theft) falls to zero,
> ]all sorts of interesting complications arise.
>
> Again, it is NOT theft. It deprives noone of any good. Do not try to
> extend the definition of terms.
> No, they do not express the basic belief that an idea's orginator is
> entitled to profit. Copyright says nothing about ideas and offers ideas
> no protection whatsoever. Furthermore, since the economic system of the
> USA has as one of its tennents, the efficacy of competition, copyright
> is an anomaly as it grants monopoly rights. Should Starbucks be granted
> a monopoly in a city if they happen to be the first to set up a coffee
> shop there? etc.
>
> The theory behind copyright is that by granting a monopoly on copying
> the specific EXPRESSION of something, one will encourage those arts.
> However, that implies that the govt should be making the cost benefit
> analysis to see if the monopoly right granted ( a right which prima
> facia flies completely in the face of one of the philosophical
> foundations of the economy-- competition) brings with it a commensurate
> benefit.
This line of reasoning has a major flaw. If there were no ownership rights over
abstractions
then there could not be any form of competition. Only is my creations are mine and
your
creations are yours can a third party express a preference that encourages the better
of we two
to produce. If the third party is free to utilize either of our creations then there
is no
sense in which we are incentivized to improve.
> In software, I certainly do not believe it does. Even in books
> I suspect it no longer does (How many poeple write books because their
> great grandchildren may benefit from the copyright. Or rather in most
> cases, their publishers, and not any issue of theirs.) Instead we get
> large corporations demanding that the government keep them on their
> gravy train by granting monopolies to them.
>
> ]> A creative work is not a thing. An embodiement can be, but it is not
> ]> embodyments copyight law controls, it is the act of copying.
>
> ]To you "emobodiment" means a "physical artifact". Your language is not
> ]consistent with copyright law. It's correct that *ideas* are not things;
> ]that's why copyright law protects a *specific form* given to an idea.
>
> ]> That act deprives noone of anything. He has as much of the item
> ]> afterwards as he did befor.
>
> ]It deprives him of the livelihood derivable from charging for use of his
> ]creative effort.
>
> So does all economic activity. If I sell Joe a computer and you do not,
> I am depriving you of the livelihood derivable from that sale. Should
> computer sales be made into a monopoly?
If your computers are better you deserve the benefit of the improvement. The question
about a
monopoly on computer sales is irrelevant. The relevant question is whether you should
have a
monopoly on the improvements you made to your computers to convince Joe to buy yours.
If
anyone can use improvements invented by anyone else, then there is no incentive to
improve.
>
> Copyright also deprives society of the good of the wide dissemination of
> that creative effort, a good which probably outweighs by far the
> deprivation ( at least that is the attitude in all other fields of
> economic endeavour.) Also if that is the reason, why limit copyrights?
> Why are they not in perpetuity? After all Shakespear's descendents I am
> sure would welcome the ability to impose copy and performance
> restrictions on his plays. You have deprived them of a livelihood by
> limiting the length of copyrights.
>
> ]> It is a public good to allow copying, just as it is believed
> ]> that the free market is also a public good.
>
> ]``Just as''? Copying may be a public good, but (supposing the existence
> ]of intellectual property) it is the opposite of a free market. You are
> ]taking away one man's means of livelihood, on the argument that somebody
> ]else needs it. That's socialism. (Just as extreme Stallmanism is really
> ]just software socialism.)
>
> Hardly. I am not taking away anything from him. He has the right to sell
> his copies in competition with others. I am solely depriving him of an
> artificial monopoly right granted solely by the state, and not by any
> "natural law". YOu deprive Starbucks of their livelyhood everytime you
> open a competing coffee shop.
>
> I do not propose taking away anything but an artificial right granted in
> violation of one of the key tennants of western economics-- namely
> competition.
No, you are trying to destroy competition by creating a level outcome rather than a
level
opportunity.
>
>
> ]> The DMCA is similar to the types of law passed in the soviet union
> ]> preventing anyone but the state sanctioned companies from creating
> ]> tractors, TV sets, or coffee.
>
> ]With a vital difference. Soviet laws protected government monopoly. In
> ]the US, a temporary monopoly is up for anyone's grab: just be the first
> ]to think of something.
>
> No, Soviet law also protected private monopoly. And it was also "up for
> grabs" -- whoever had the political smarts to get appointed to run the
> thing.
> Note that 75 years is a use of the term "temporary" with which I had not
> hithertofor been familiar. It is longer than the Soviet Union lasted.
> Ie, it is longer than any monopoly granted by that government.
>
> Once again, it is not "first to think of something". It is first to
> express something in a particular way. Ie Copyright does NOT e
> protect ideas, it protects a particular expression thereof. That is at
> least one saving grace of it. (It is also another indication that the
> theory behind copyright law is not what you imagine it to be).
------------------------------
From: "Henrick Hellström" <[EMAIL PROTECTED]>
Subject: Re: There Is No Unbreakable Crypto
Date: Tue, 1 May 2001 02:06:12 +0200
Thanks! That's very nice of you.
--
Henrick Hellström [EMAIL PROTECTED]
StreamSec HB http://www.streamsec.com
"David Wagner" <[EMAIL PROTECTED]> skrev i meddelandet
news:9ckrsm$16l$[EMAIL PROTECTED]...
> Henrick Hellström wrote:
> >I couldn't find the original paper, only quotations of it, and I am
> >obviously trying to make David Wagner so upset so that he will send it to
me
> >himself. ;-)
>
> The citation is
> Oded Goldreich, Shafi Goldwasser, and Silvio Micali.
> How to construct random functions.
> Journal of the ACM, 33(4):792-807, October 1986.
> You should be able to find it at your friendly nearby university library.
>
> Or, if for folks who insist "if it's not online, it doesn't exist",
> the paper can be read online at:
>
http://www.acm.org/pubs/citations/journals/jacm/1986-33-4/p792-goldreich/
> if you have a subscription to the ACM digital library.
>
> Or, for folks who want an online copy but don't subscribe to the
> ACM digital copy, a re-presentation is available online at
> http://www.wisdom.weizmann.ac.il/~oded/ggm.html
>
> Or, for more online information, read Lectures 2 and 3 of the lecture
> notes from Phil Rogaway's class on cryptography:
> http://www.cs.ucdavis.edu/~rogaway/classes/227/winter99/
> This is a really nice exposition of the construction.
------------------------------
From: [EMAIL PROTECTED] (David Wagner)
Subject: Re: A Question Regarding Backdoors
Date: 1 May 2001 00:14:24 GMT
Trevor L. Jackson, III wrote:
>David Wagner wrote:
>> You suggest that the NSA may have influence NIST to choose Rijndael
>> because it was the weakest cipher around, or because it had a backdoor
>> for the NSA. This suggestion just doesn't hold water, in my opinion.
>> How do propose to reconcile your theory with the fact that polls among
>> the open research community showed Rijndael preferred most among all
>> contenders, substantially ahead of all its competition?
>
>Were those preferences based on strength or performance? My preception
>was that speed carried an awful lot of weight.
Since it was a poll, it is probably not possible to tell how
respondents weighted the various factors, but to my knowledge none of
the cryptographers at the AES/FSE conferences where the poll was taken
has argued that there might be a NSA backdoor in Rijndael.
Frankly, in my view the suggestion that the NSA planted an unspecified
backdoor in Rijndael just doesn't pass the sniff test. That's just
my view, but I don't see any evidence that this backdoor theory is
even remotely plausible, given our current knowledge of block ciphers.
One can always worry that any selection might be insecure, but I see no
reason to believe that Rijndael is more likely than any other cipher to
have a NSA trapdoor (and one could even argue that there are some reasons
to suspect that it might be *less* likely to have a NSA trapdoor than
many other modern ciphers).
------------------------------
Subject: Re: A Question Regarding Backdoors
From: [EMAIL PROTECTED] (Leonard R. Budney)
Date: 30 Apr 2001 20:34:44 -0400
[EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) writes:
> Actaully you lack imagination. Its easier for the NSA to look
> innocent. When a easy public break makes it in a few years the NSA
> can say we knew it was weak. Thats why its not used for classifed US
> messages and that they had nothing to do with the design.
Wrong. If AES falls prey to some *sophisticated* public break, then
they will claim that they knew about that attack but were forbidden for
security reasons to divulge anything about it.
But since they acted in an advisory capacity, if some "easy public break"
comes along in the near future, the NSA would look very bad. They either
(1) didn't know something which they well should have, or (2) tolerated
not only a weakness, but a stupid weakness, without even saying, "Maybe
you should swap the S-boxes and do some extra rounds."
Len.
--
Modularity is not a hack.
-- Dan Bernstein
------------------------------
Subject: Re: What Is the Quality of Randomness?
From: John Wasser <[EMAIL PROTECTED]>
Date: Tue, 01 May 2001 01:17:03 GMT
[[ This message was both posted and mailed. ]]
In article <9cahgi$11v0$[EMAIL PROTECTED]>, Mark G Wolf
<[EMAIL PROTECTED]> wrote:
> I'll give you a very visual representation of the hidden information.
> Picture a cipher pad before and after being XORed with a message.
> Take any particular N-bit pattern, find all of it's occurrences and put
> a color box around those occurrences. Then do the same after you
> encrypt your message. At the very least all of the colored rectangles
> will shift, and at the very worst will form a pattern. Both the shift and
> any consequent pattern is useful information, very useful. I think if
> you can picture that it will jump right out at you.
The most useful information is knowing where particular N-bit patterns
are in the OTP! With that information I can convert those sections of
cyphertext directly into plaintext. I guess that is why the OTP is
supposed to be kept secret and only used once.
Is it sufficient to just find a "pattern" in a cyphertext? If I were
to tell you that the following highly patterned data was a cyphertext,
what could you tel me about the plaintext or OTP?
00 01 02 03 04 05 06 07 08 09
00 01 02 03 04 05 06 07 08 09
00 01 02 03 04 05 06 07 08 09
00 01 02 03 04 05 06 07 08 09
00 01 02 03 04 05 06 07 08 09
00 01 02 03 04 05 06 07 08 09
The values are in hexadecimal. The plaintext is known to be 7-bit
ASCII, one character per byte. The plaintext is 60 characters long.
------------------------------
From: "Mark G Wolf" <[EMAIL PROTECTED]>
Subject: Re: What Is the Quality of Randomness?
Date: Mon, 30 Apr 2001 20:56:17 -0500
> Is it sufficient to just find a "pattern" in a cyphertext? If I were
> to tell you that the following highly patterned data was a cyphertext,
> what could you tel me about the plaintext or OTP?
My initial reaction would be that it's not a real ciphered message but a
made up example. However, if it really is a ciphered plaintext of 60 word
unique characters, as in non-repeating text, then you would have had to
specifically adjusted your encrypting algorithm and OTP to derive such a
"regular" pattern. In that case your OTP/cipher system would not be
sustainable and not very useful.
>
> 00 01 02 03 04 05 06 07 08 09
> 00 01 02 03 04 05 06 07 08 09
> 00 01 02 03 04 05 06 07 08 09
> 00 01 02 03 04 05 06 07 08 09
> 00 01 02 03 04 05 06 07 08 09
> 00 01 02 03 04 05 06 07 08 09
>
> The values are in hexadecimal. The plaintext is known to be 7-bit
> ASCII, one character per byte. The plaintext is 60 characters long.
------------------------------
From: "John Luebs" <[EMAIL PROTECTED]>
Subject: Re: Intacta.Code ...
Date: Mon, 30 Apr 2001 21:59:02 -0400
In article <[EMAIL PROTECTED]>, "newbie"
<[EMAIL PROTECTED]> wrote:
> That is polite answer.
> Thank you.
> Tom St Denis wrote:
>> "newbie" <[EMAIL PROTECTED]> wrote in message
>> news:[EMAIL PROTECTED]...
>> > A big problem with you is that you have to scan your brain before too
>> > late.
>> ok.
>>
>> >
>> > Tom St Denis wrote:
>> > >
>> > > "newbie" <[EMAIL PROTECTED]> wrote in message
>> > > news:[EMAIL PROTECTED]...
>> > > > http://www.intacta.com/
>> > > >
>> > > > You may find out what you are asking for
>> > >
>> > > Sadly this is nothing more then Reed-Solomon codes and a B&W
>> > > bitmap.
>> > >
>> > > A big problem with the intacta system is that you must scan and
>> > > print at
>> the
>> > > same resolution or it won't work.
>> > >
>> > > Tom
If Tom is lucky, newbie is a lass, and they will make a great married
couple.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
