Cryptography-Digest Digest #469, Volume #14 Tue, 29 May 01 05:13:00 EDT
Contents:
Hi, HiEV (Anthony Stephen Szopa)
Re: Turbo Small Public Key Cryptosystem ("Jack Lindso")
Re: Cool Cryptography Website! (John Savard)
Re: To prove PGP can easily be misused... (Mok-Kong Shen)
----------------------------------------------------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Crossposted-To: alt.hacker,talk.politics.crypto
Subject: Hi, HiEV
Date: Mon, 28 May 2001 23:20:12 -0700
HiEv wrote:
>
> James Felling: Sorry to break your bubble
First of all, the phrase is "burst your bubble" not "break your
bubble".
> Reference: OAP-L3: "The absurd weakness."
And we decided to make this a new thread why? I guess you needed to
stroke your own ego more by putting down the one guy who was posting
decent responses to your lame ASS [that's Anthony's initials, not a
swear word].
I should also note, that after breaking off this new thread you proceed
to try and trash the guy, but you don't even quote him once! If we
want
to follow you we now have to go back to another thread.
Should I mention the lousy cross post too?
> Tell me, do you have very many stupid people who pay you money for
> expounding such logic as you have demonstrated in your past three
> or four posts? Wait! Don't answer that right now. First read the
> following.
(gag, choke, sputter)
Pot: Pot to Kettle, Pot to Kettle, come in Kettle!
Kettle: Kettle here.
Pot: You are black.
> As you will see from looking at the first 105 permutations that the
> first 5 digits are: 0 1 2 3 4. No matter how many times you run
> your 105! process these first five digits of the group of 105
> permutations will always be the same.
Oh, yeah, easy to follow the context here, eh? Roughly, what was said
earlier was that Anthony would have a problem with some numbers not
being shuffled. His response (above) is that the suggested method
would
have the same problems.
He doesn't address the possibility that his algorithm may have the same
problem.
> Now if you are aware of the way OAP-L3 works, you will know that
> this will result in very very poor random digit output: basically
> unusable.
Which is how just about everyone feels about it in the first place.
> You will also find further redundancy in the sixth digit. Over a
> group of just 105 permutations this is unacceptable with OAP-L3.
[snip rambling diatribe about how the suggested fix won't work]
Still nothing about the existing problem mentioned by James.
> I could pursue this analysis further but your suggestion of my
> "design flaws" has turned out to be nothing more than your myth and
> your suggestion to correct these fantastic "flaws" has turned out to
> be a fraud.
>
> I sure hope everyone is listening.
[snipped sequential list of permutations from 0 to 104]
And where do you disprove the design flaw he pointed out again? I
don't
see it here.
> Tell me, do you have very many stupid people who pay you money for
> expounding such logic as you have demonstrated in your past three
> or four posts? Wha'da ya say?
If I needed someone in the encryption arena, I'd be more likely to hire
him than you. He's maintained a level head thoughout most of this,
while you keep going to insults.
I admit I haven't been free of insults in this message, but it doesn't
seem like you pay much attention to reason.
> If you have two encryption software methods I suggest you consider a
> corollary of Occum's Razor: choose the one that is simplest and
> easiest to understand in its entirety over the one you cannot
> comprehend with certainty to the fullest.
Argh! It's "Occam's Razor" not "Occum's Razor", and your version seems
to imply you shouldn't try to figure things out if you don't understand
them. Besides, simple != secure. Neither does complex mean secure,
thoroughly examined for weaknesses with none found suggests that it is
secure though. However you seem to get upset when anyone says that
they
think they see a weakness.
I'm glad you aren't a ship captain. "Captain, there is a leak on one
of
the lower decks!" "Have that man thrown overboard! How dare he talk
about my ship like that. It's treason!"
Nowhere in this huge insult of this message do you address whether
James's fix is necessary, you merely attack him. That does not speak
well of your algorithm.
> (Damn, that felt good. Maybe I'm ready for Bruce?)
Yes, I'm sure insulting people who attempt to make helpful suggestions
makes you feel like a big man. Heaven forbid you should actually
listen
to someone.
If your product can't take any criticism without you breaking down into
insults, do you really think that people are going to buy/use it?
--
"Outlook not so good." That magic 8-ball knows everything! I'll ask
about Exchange Server next.
(I posted this 24 hours ago but don't see it here so I've posted it
again.)
Actually I did post this reply to his post in the original thread.
I posted it here as well because I know that some readers haven't
been following that original thread.
(Be sure to read the last 5 lines of this reply post.)
I am not going to go back and pull out my politeness handbook but he
is the one who came up with the "nasty" flaw comment. When you start
horse playing around with a gorilla I would expect the play to get a
little rough.
I think it is significant when someone says that I have egg on my
face then gives me a suggestion to fix or improve my design then
come to find out that his suggestion is so completely bogus as to
nearly defy description although I did manage to describe why his
suggestion is all washed up.
So with my stunning proof that he doesn't know what he is talking
about with his own suggestion as to what I should do or how he has
come up with a better mouse trap, how can you continue to blindly
give his original comments anything but skepticism?
But you answered this question in your own post: "Which is how just
about everyone feels about it in the first place." (I presume you
are referring to OAP-L3.) You have chosen to "feel" instead of
think.
Don't you have a brain? Why don't you use it then? He clearly
doesn't know what he is talking about here yet you still "feel" his
original comments to be valid.
I responded that his fixed point argument is immaterial. When a
different process is run these fixed points are no more.
If his point(s) is/are valid then when the final OTPs are generated
then you can surely point out to us where and how and why these
alleged "flaws" have affected the OTP output where you can determine
something, anything, etc. (keep hoping) that you can claim has
compromised the output.
To claim there is a flaw requires that one be able to point it
out. Point out any flaw in the final OTP output as a result of these
(immaterial) "flaws." If they are immaterial then they are not
"flaws." Perhaps a better phrase would be inconsequential anomalies
or immaterial peculiarities of OAP-L3.
If you are saying that these "flaws" are material to the final OTP
output then I will ask you as I ask everyone: prove it in the
slightest sense. Give us a clue. Give us something to chew on.
The recommended use of OAP-L3 is to randomly choose the processes to
run and randomly choose what order to run them in and to input
random data into each process.
Check this out. Here are the first 105 permutations from the file
after I have run this particular process ten times with random
input for each run. Now compare this output to what JF suggested.
Array number: 0 0 1 2 3 4 5 6 7 8 9
Array number: 1 0 1 2 3 4 5 6 7 9 8
Array number: 2 0 1 2 3 4 5 6 8 7 9
Array number: 3 0 1 2 3 4 5 6 8 9 7
Array number: 4 0 1 2 3 4 8 9 6 7 5
Array number: 5 0 1 2 4 5 9 7 8 3 6
Array number: 6 0 1 2 4 6 3 5 8 9 7
Array number: 7 0 1 2 4 6 3 8 9 7 5
Array number: 8 0 1 2 5 4 3 6 8 7 9
Array number: 9 0 1 2 5 6 3 4 8 7 9
Array number: 10 0 1 2 7 5 9 6 4 3 8
Array number: 11 0 1 3 4 5 7 8 2 9 6
Array number: 12 0 1 3 4 6 2 9 5 8 7
Array number: 13 0 1 3 4 6 2 9 7 5 8
Array number: 14 0 1 3 8 6 5 9 2 7 4
Array number: 15 0 1 4 3 2 7 5 6 9 8
Array number: 16 0 1 4 3 2 8 6 7 5 9
Array number: 17 0 1 4 3 6 5 7 2 8 9
Array number: 18 0 1 5 2 3 9 6 8 4 7
Array number: 19 0 1 5 2 3 9 7 6 4 8
Array number: 20 0 1 5 2 6 3 7 4 8 9
Array number: 21 0 1 5 3 7 2 9 4 8 6
Array number: 22 0 1 5 4 9 6 7 8 2 3
Array number: 23 0 1 5 4 9 8 3 2 6 7
Array number: 24 0 1 6 7 4 8 9 2 3 5
Array number: 25 0 1 6 7 4 8 9 2 5 3
Array number: 26 0 1 6 7 4 8 9 3 2 5
Array number: 27 0 1 6 9 8 4 5 3 2 7
Array number: 28 0 1 6 9 8 7 2 3 4 5
Array number: 29 0 1 7 2 8 6 9 4 3 5
Array number: 30 0 1 7 3 6 2 8 4 5 9
Array number: 31 0 1 7 6 2 3 9 5 4 8
Array number: 32 0 1 7 6 2 4 5 9 8 3
Array number: 33 0 1 7 6 2 4 8 3 9 5
Array number: 34 0 1 7 6 4 2 3 9 8 5
Array number: 35 0 1 7 6 4 2 5 3 8 9
Array number: 36 0 1 7 8 3 2 6 9 5 4
Array number: 37 0 1 7 8 3 4 5 9 6 2
Array number: 38 0 1 8 2 9 4 5 3 7 6
Array number: 39 0 1 8 3 2 6 9 5 4 7
Array number: 40 0 1 8 3 2 7 4 6 5 9
Array number: 41 0 1 8 4 5 6 2 3 9 7
Array number: 42 0 1 9 7 5 3 4 8 2 6
Array number: 43 0 1 9 7 5 3 4 8 6 2
Array number: 44 0 1 9 7 5 3 6 2 4 8
Array number: 45 0 1 9 8 5 7 2 3 4 6
Array number: 46 0 2 1 5 6 4 9 8 3 7
Array number: 47 0 2 1 5 6 7 8 9 4 3
Array number: 48 0 2 1 6 5 8 3 7 9 4
Array number: 49 0 2 1 7 9 6 8 3 4 5
Array number: 50 0 2 1 7 9 6 8 3 5 4
Array number: 51 0 2 1 9 3 7 6 5 8 4
Array number: 52 0 2 1 9 4 5 3 8 7 6
Array number: 53 0 2 1 9 4 5 6 8 7 3
Array number: 54 0 2 1 9 5 7 8 6 3 4
Array number: 55 0 2 4 1 6 3 9 8 7 5
Array number: 56 0 2 4 3 1 7 5 9 6 8
Array number: 57 0 2 4 3 1 7 6 8 9 5
Array number: 58 0 2 4 3 1 7 9 5 8 6
Array number: 59 0 2 4 3 5 9 7 6 1 8
Array number: 60 0 2 4 3 6 5 8 1 7 9
Array number: 61 0 2 4 9 5 1 7 6 8 3
Array number: 62 0 2 4 9 5 1 7 8 3 6
Array number: 63 0 2 4 9 5 1 7 8 6 3
Array number: 64 0 2 4 9 5 1 8 3 6 7
Array number: 65 0 2 4 9 6 3 8 7 5 1
Array number: 66 0 2 5 1 7 6 4 8 9 3
Array number: 67 0 2 5 3 9 8 4 7 6 1
Array number: 68 0 2 5 4 9 8 6 3 7 1
Array number: 69 0 2 6 1 9 5 7 8 3 4
Array number: 70 0 2 6 9 3 1 8 7 4 5
Array number: 71 0 2 6 9 3 1 8 7 5 4
Array number: 72 0 2 6 9 3 4 1 8 7 5
Array number: 73 0 2 7 1 6 5 8 3 9 4
Array number: 74 0 2 7 1 6 5 8 4 3 9
Array number: 75 0 2 7 1 6 5 8 4 9 3
Array number: 76 0 2 7 1 6 5 8 9 3 4
Array number: 77 0 2 7 1 9 8 5 4 6 3
Array number: 78 0 2 7 3 1 8 4 9 5 6
Array number: 79 0 2 8 3 6 4 1 9 7 5
Array number: 80 0 2 9 4 3 8 6 7 5 1
Array number: 81 0 2 9 4 8 6 7 5 3 1
Array number: 82 0 2 9 4 8 7 1 3 5 6
Array number: 83 0 2 9 4 8 7 1 3 6 5
Array number: 84 0 2 9 4 8 7 3 1 5 6
Array number: 85 0 2 9 6 1 3 7 8 5 4
Array number: 86 0 2 9 6 1 5 3 7 4 8
Array number: 87 0 2 9 6 1 5 3 7 8 4
Array number: 88 0 2 9 6 1 8 7 5 4 3
Array number: 89 0 2 9 6 3 4 5 8 1 7
Array number: 90 0 2 9 8 6 5 1 3 4 7
Array number: 91 0 2 9 8 6 5 1 3 7 4
Array number: 92 0 3 1 8 4 6 9 2 7 5
Array number: 93 0 3 1 8 5 7 4 2 6 9
Array number: 94 0 3 1 8 5 7 4 6 9 2
Array number: 95 0 3 1 8 5 7 9 4 2 6
Array number: 96 0 3 1 8 9 7 2 4 5 6
Array number: 97 0 3 1 9 5 6 2 8 7 4
Array number: 98 0 3 4 6 9 5 1 7 8 2
Array number: 99 0 3 4 8 1 7 5 6 2 9
Array number: 100 0 3 4 8 5 7 2 9 1 6
Array number: 101 0 3 4 8 5 9 6 1 2 7
Array number: 102 0 3 4 8 5 9 6 1 7 2
Array number: 103 0 3 4 8 6 2 1 5 9 7
Array number: 104 0 3 4 9 2 5 6 1 7 8
JFs suggestion will never ever even come close to this. Every
single one of his 105 permutation groups will always have the first
5 or 6 digits exactly the same no matter how many times he runs
his process.
I seem to have concretely defended my position. If it is not clear
enough then tell us a problem you have with OAP-L3 and I will address
it further for you.
JFs suggestion that my groups are 105 permutations is misleading.
Technically this is true when you look only at one specific running
of the process. But the effect is cumulative over the entire
3,628,800 permutation set. The more the process is run the more the
effected group is expanded: the entropy over the entire permutation
set increases.
His suggestion was exactly 105 permutations long and remained so no
matter how many times he ran the process. The entropy was confined
within each 105 permutation group within the entire permutation set.
As you said, my process also shows some redundancy. This is inherent
in this process. But it does add entropy over the entire permutation
set. You can quantify the entropy. You know exactly where you
stand.
When you randomly run processes and input random data in each process
you can calculate what the output entropy is. And each process
increases the entopy over the entire permutation set.
At first glance you may not be too impressed with the above 105
permutations. Keep in mind that since you are randomly running each
process it is unlikely that you will run the Mix a Mixfile process 10
times in a row. But when you do run it it will add the usual entropy
to the output file. And it makes a big difference in what sequence
or order you run the processes in.
And keeping in mind how the permutations transform each other and
index or reference each other to generate random digit output you
will realize that the cumulative entropy and inherent inefficiency
designed into OAP-L3 will result in very good random number
distributions. There are utility programs that come with OAP-L3
that allow you to quantify the random number output distribution.
The random output numbers are excellent.
No single process was designed to randomly shuffle the entire
permutation set. Each was designed to add a modest amount of
entropy. And in combination all the processes were designed to at
least effectively reach enough of the possible key space to make
OAP-L3 practicably unbreakable: quite so.
Now keep in mind that this is just the first half of the overall
process. Once you use three thoroughly and randomly shuffled
MixFiles to generate random digits and only use about a random 70%
of these digit triplets you further thoroughly reprocess these
random number (000 - 255) files.
If you can even reasonably suggest any possibility of some sort of
flaw in the final OTP files generated, again, we would all like to
hear of it.
By the way, I wouldn't put it past JF to have made his post knowing
all along that his suggestion was bogus. He might just have wanted
to see if I was intelligent enough to see through it.
But in so doing he has heard from many of you, as well.
Cheers.
(Get a sense of humor.)
------------------------------
From: "Jack Lindso" <[EMAIL PROTECTED]>
Subject: Re: Turbo Small Public Key Cryptosystem
Date: Tue, 29 May 2001 10:27:48 +0200
This isn't a solution, PGP and the likes are cryptosystems for the common
user who doesn't use magnetic cards, to him it's a bother as it is. Isn't
there another way, besides, once you have a mag card you don't need to use
passwords, just generate a prandom key and be done with it. How about
Biometrics, is there a good enough implementation. I heard they had a
problem with hashing the Bio data, since every time it was hashed you got a
different result.
--
Designing the future is all about envisioning the Infinity.
http://www.atstep.com
=============================================================
"Tom St Denis" <[EMAIL PROTECTED]> wrote in message
news:%rAQ6.68533$[EMAIL PROTECTED]...
>
> "Jack Lindso" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > Ok, so we take user input as a password --> H() -->256 bit key.
> > Where is the security here, today's dictionary attacks are pretty
> powerful.
> > Our user lets call her Jane, inserts a password "JackRobinson" (her
> > boyfriends name). And we call this stuff secure ???
> >
> > It's not an attack towards your prog (I didn't look at it), it's a kind
of
> a
> > general case. What can we do about it? Salt, but it's got to be stored
on
> > the computer which lets say is quite reachable. It seems we don't need a
> > super NSA driven quantum chugger, a short trip to Jane's computer will
> tell
> > us the salt. Is there something I'm missing, please correct me...
>
> Solution don't use weak passwords.
>
> Or do what I've been saying for a long time. Get a keyboard with a mag
> reader and put your super random password on a credit card.
>
> Tom
>
>
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Cool Cryptography Website!
Date: Tue, 29 May 2001 08:30:46 GMT
On 29 May 2001 03:24:43 GMT, [EMAIL PROTECTED] (JPeschel)
wrote, in part:
>He doesn't seem to credit your site as an Internet resource.
Considering what else he doesn't credit my site as, it's hardly
surprising that he wouldn't offer a link to it. (Perhaps I'm reading
too much into your phrasing, though, and you didn't really use the
phrase "as an Internet resource" strictly in its legitimate sense.)
http://www.cmb.ac.lk/academic/science/dscs/courses/Computer/Msc/DSandC/red.htm
http://home.ecn.ab.ca/~jsavard/crypto/ro020104.htm
http://www.cmb.ac.lk/academic/science/dscs/courses/Computer/Msc/DSandC/purple.htm
http://home.ecn.ab.ca/~jsavard/crypto/ro020304.htm
http://www.cmb.ac.lk/academic/science/dscs/courses/Computer/Msc/DSandC/lorenz.htm
http://www.cmb.ac.lk/academic/science/dscs/courses/Computer/Msc/DSandC/breaking2.htm
http://home.ecn.ab.ca/~jsavard/crypto/te0301.htm
http://www.cmb.ac.lk/academic/science/dscs/courses/Computer/Msc/DSandC/baudot.htm
http://home.ecn.ab.ca/~jsavard/crypto/tele03.htm
http://www.cmb.ac.lk/academic/science/dscs/courses/Computer/Msc/DSandC/linear.htm
http://home.ecn.ab.ca/~jsavard/crypto/co4y11.htm
http://www.cmb.ac.lk/academic/science/dscs/courses/Computer/Msc/DSandC/bazeries.htm
http://home.ecn.ab.ca/~jsavard/crypto/ro020101.htm
http://www.cmb.ac.lk/academic/science/dscs/courses/Computer/Msc/DSandC/lacida.htm
http://home.ecn.ab.ca/~jsavard/crypto/ro020603.htm
Before the previous post, I had sent an E-mail, but perhaps the fellow
was away. Obviously, he is rather pressed for time.
Of course, my content is easy enough to deal with; redraw the
diagrams, paraphrase the text - I don't own the _information_ on my
site, that's not what copyright is about - but some of the other stuff
on his site, presumably snagged in similar fashion from other sources,
specifically the photographs of cipher machines, would be harder to
replace with original material.
I know I've been generous with permissions in the past, but I have
always requested acknowledgement.
John Savard
http://home.ecn.ab.ca/~jsavard/frhome.htm
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: To prove PGP can easily be misused...
Date: Tue, 29 May 2001 10:48:38 +0200
wtshaw wrote:
>
> People who want to parade themselves as public should put the public
> first. It is not that they don't deserve private lives, it is that they
> should not presume to define the private lives of others while pretending
> to be creatures of virtue. What they do in the name of the public,
> however, is everybody's business.
>
> Hidden deals and brib taking are anti-democratic activities. The people
> have a right to know and the press has a right to find evidence for such
> travesties. Government has no right to hide truth when it reflects badly
> on them, but a responsibility to talk straight about public matters, and
> not to involve us in their private pubic ones, etc.
In the real world, there is nothing that matches idealistic
considerations. The distance between 'should' and 'is'
can be more or less substantial. In plenty of occassions
a number of governments have done things that they have
no right to do (as you and many others would think) and
yet still proclaim them to be 'democratic'! That's life.
You and I certainly wouldn't be able to change that.
M. K. Shen
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
