Cryptography-Digest Digest #567, Volume #14 Fri, 8 Jun 01 13:13:01 EDT
Contents:
Re: Brute-forcing RC4 (David Wagner)
Re: Hehehe I found out who David Scott is (John Savard)
CATS 2002 CFP (James Harland)
Re: Simple C crypto (Jan Panteltje)
Re: Notion of perfect secrecy (Mark Wooding)
Re: National Security Nightmare? (Phil Carmody)
Re: DES not a group proof (Patrick Aland)
Re: Best, Strongest Algorithm (gone from any reasonable topic) ("Tom St Denis")
Re: Alice and Bob Speak MooJoo (Niklas Frykholm)
Re: Best, Strongest Algorithm (gone from any reasonable topic) ("Tom St Denis")
Re: Hehehe I found out who David Scott is (Mark Wooding)
Re: National Security Nightmare? (JPeschel)
Re: Hehehe I found out who David Scott is ("Tom St Denis")
Re: National Security Nightmare? ("Tom St Denis")
Re: Brute-forcing RC4 (Ichinin)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (David Wagner)
Subject: Re: Brute-forcing RC4
Date: Fri, 8 Jun 2001 14:29:34 +0000 (UTC)
If you want to break WEP encryption, there are many ways to do so
without recovering the RC4 key. (You can see the paper to be presented
at MOBICOM 2001 for some discussion, for instance.)
Alternatively, if for some reason it is crucial to recover the RC4 key,
it seems likely to dramatically speed up the 40-bit search by exploiting
flaws in WEP. All the WEP cards that I've seen start their IV off at 0
when they are reset, and count up incrementally from there. Moreover,
known plaintext is often available in the form of DHCP Discover messages,
etc. (see Arbaugh's work).
Therefore, you could use Hellman's time-space tradeoff (precomputed
with an IV of 0 or some other small number) to greatly reduce the
cost of cryptanalysis, if you wanted to recover more than one RC4 key.
I believe one can expect to break each RC4 key with only 2^27 work per
key and 2^26 storage, after a one-time 2^40 precomputation. Of course,
these remarks apply only to the 40-bit version of WEP; to break 104-bit
WEP, you'll want the non-key-recovery attacks in the MOBICOM paper.
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Hehehe I found out who David Scott is
Date: Fri, 08 Jun 2001 14:33:41 GMT
On Fri, 08 Jun 2001 13:30:06 GMT, "Tom St Denis"
<[EMAIL PROTECTED]> wrote, in part:
>http://www.timecube.com/
>Note how "Gene Ray" writes just like David Scott. hehehehe
No, this "Gene Ray" has much more difficulty in functioning than David
Scott does.
It is hard even to figure out what this Gene Ray is talking about.
Each of us only experiences one day in 24 hours; as far as people in
other longitudes experiencing, in the same 24-hour period, a day that
begins and ends differently, that's true enough, but there are 24
different "days", not four of them. And that's only a convention due
to Standard Time as well - the number is really infinite.
One could imagine a large country, straddling the International Date
Line, and using it's own calendar, where it is the same day across the
country, and these names - say in a 7-day week - might be called by a
set of different names. So in one half of the country, Ogbak might be
called Tuesday by us, and in the other half, Wednesday. This would be
a different "day", then.
Anyways, isn't Time Cube a trademark for some kind of alarm clock
radio? He will probably have to move to a new URL.
John Savard
http://home.ecn.ab.ca/~jsavard/frhome.htm
------------------------------
Crossposted-To: comp.theory,sci.logic
Subject: CATS 2002 CFP
From: [EMAIL PROTECTED] (James Harland)
Date: 9 Jun 2001 00:47:59 +1100
CALL FOR PAPERS
Computing: The Australasian Theory Symposium (CATS) 2002
Monash University, Melbourne, Australia
January 28th to February 1st, 2002
Deadline August 3rd, 2001
Computing: The Australasian Theory Symposium (CATS) is the premier
theoretical computer science conference in Australasia. It is held
annually as part of the Australasian Computer Science Week (ACSW).
CATS 2002 will be the eighth in the series. The symposium will consist
of invited speakers and research paper presentations.
Date and location
CATS 2002 will be held during the Australasian Computer Science Week.
ACSW 2002 will take place at Monash University, Melbourne, Victoria,
Australia, from 28th January to 1st February, 2002.
Scope
CATS covers all aspects of theoretical computer science. Some
representative, but not exclusive, topics include the following:
o logic, reasoning and verification
o formal specification techniques and program semantics
o formal development methods, program refinement, synthesis and transformation
o concurrent, parallel and distributed system theory
o algorithms and data structures
o complexity and computability
o automata, number and category theory
o tools for automated reasoning, and program analysis and development
Research paper submissions to CATS 2002 should be prepared according
to the formatting requirements below and sent to the Programme Chair,
to arrive no later than Friday, 3rd August, 2001. Submissions must be
original work, not published or submitted elsewhere. All submissions
will be refereed.
The proceedings of CATS 2002 will be published by Elsevier Science in
their series Electronic Notes in Theoretical Computer Science
(http://www.elsevier.nl/locate/entcs) ENTCS is an electronic series
associated with the journal Theoretical Computer Science, and
published by Elsevier Science B. V. (Institutions subscribing to TCS
can access full papers in ENTCS on-line.) ENTCS offers rapid,
worldwide dissemination of research results, an absence of page
limits, and long-term accessibility through the electronic archives
that Elsevier maintains.
The proceedings of CATS2000 and CATS2001 have both appeared in ENTCS as
ENTCS Volume 31 (http://www.elsevier.nl/locate/entcs/volume31.html)
and
ENTCS Volume 42 (http://www.elsevier.nl/locate/entcs/volume42.html)
respectively.
A hardcopy preliminary proceedings will be provided to conference
attendees.
Formatting requirements
To ensure a uniform format for papers, all submissions to CATS 2002
*must* be prepared in LaTeX using the ENTCS macros. Papers in
other formats cannot be accepted. Further information is available
via the ENTCS home page at http://www.elsevier.nl/locate/entcs.
(Follow the links for "Instructions for Submissions" and "Technical
Requirements".) Complete papers should be e-mailed as PostScript
files, preferably as MIME attachments.
Although there is no strict page limit on submissions to CATS 2002,
authors are strongly encouraged to be as concise as possible. Papers
between 10 and 15 pages are considered ideal. If necessary,
definitions and proofs not essential to understanding the paper should
be relegated to appendices to appear only in the electronic version.
Call for Posters
A poster session will be arranged to give CATS attendees the
opportunity to give informal presentations of their work. Expressions
of interest, briefly outlining the poster's topic, should be e-mailed
to the Programme Chair ([EMAIL PROTECTED]) by Friday 9th November,
2001.
Important dates
Friday 3rd August, 2001: Deadline for submissions
Friday 5th October, 2001: Notification of acceptance
Friday 26th October, 2001: Final versions of accepted papers due
Friday 9th November, 2001: Deadline for author registrations
Friday 9th November, 2001: Deadline for poster submissions
Monday 28th January to Friday 1st February, 2002: Australasian Computer
Science Week, incorporating CATS 2002
Programme Committee
Asat Arslanov, Monash University, Australia.
Hossam ElGindy, University of New South Wales, Australia.
James Harland (Chair), Royal Melbourne Institute of Technology, Australia.
Mike Johnson, Macquarie University, Australia.
Mathai Joseph, Tata R&D, India.
Barry Jay, University of Technology, Sydney, Australia.
Ron van der Meyden, University of New South Wales, Australia.
Harald Sondergaard, Melbourne University, Australia.
Lim Soon Wong, Kent Ridge Digital Labs, Singapore.
Michael Winikoff, Royal Melbourne Institute of Technology, Australia.
David Wood, Sydney University, Australia.
ACSW General Chair
Ronald Pose, Monash University
Previous CATS symposia
o CATS 2001, Gold Coast
o CATS 2000, Canberra
o CATS '99, Auckland (joint meeting with DMTCS '99)
o CATS '98, Perth
o CATS '97, Sydney
o CATS '96, Melbourne
o CATS '94, Sydney
Updates and news
Up to date information about the CATS 2002 conference can be found at
http://www.cs.rmit.edu.au/cats02.
Enquiries and submissions
James Harland
(CATS 2002 Programme Chair)
School of Computer Science and Information Technology
Royal Melbourne Institute of Technology (RMIT)
Melbourne, 3001, Australia
Phone: +61 3 9925 2348
Fax: +61 3 9662 1617
Email: [EMAIL PROTECTED]
URL: http://www.cs.rmit.edu.au/~jah
--
James Harland http://www.cs.rmit.edu.au/~jah
School of Computer Science email: [EMAIL PROTECTED]
and Information Technology, RMIT Phone: +61 3 9925 2348
GPO Box 2476V or 124 La Trobe Street, Melbourne, 3001, Australia
------------------------------
From: [EMAIL PROTECTED] (Jan Panteltje)
Subject: Re: Simple C crypto
Date: Fri, 08 Jun 2001 14:51:25 GMT
On a sunny day (Thu, 7 Jun 2001 23:37:17 +0100) it happened "Dirk Bruere"
<[EMAIL PROTECTED]> wrote in
<gjTT6.16622$[EMAIL PROTECTED]>:
>
>"Joseph Ashwood" <[EMAIL PROTECTED]> wrote in message
>news:uEJgR657AHA.262@cpmsnbbsa09...
>> It won't take anything even approximating custom software to break your 16
>> bit number scheme. The best advise I can give you without knowing a lot
>more
>> about what you need is to use a real encryption algorithm. If you want
>more
>> information than that I'd suggest you offer a respected person
>> cryptographically a sum of money for consulting.
>> Joe
>
>Well, that's just not going to happen.
>The requirement is for text comments (for example) to be written to a file
>along with data. We simply don't want people to get into the file to read
>and/or alter the text. We're not talking about professional hackers or the
>NSA, just (say) lab technicians who use the equipment. Detecting alteration
>of the text is something else.
>
>So, no freeware solution to such a simple problem?
>
>Dirk
>
>
>
Just xor each byte with something random you made once.
Regards
Jan
------------------------------
From: [EMAIL PROTECTED] (Mark Wooding)
Subject: Re: Notion of perfect secrecy
Date: 8 Jun 2001 15:40:52 GMT
Tom St Denis <[EMAIL PROTECTED]> wrote:
> So far it seems #[sci.crypt] vs #[scott, tim].
Actually, I've decided that the idea of the scheme is not without merit,
and it provides some academically interesting security properties.
I don't agree that it's a good idea for general deployment -- I don't
think that the attacks it protects against are realistic in real-world
settings.
I must thank Tim for his helpful and polite debunkings of my flawed
logic.
> Your rants are not on topic.
Neither are your ad-hominems. While I disagree with a lot of Tim's
opinions, I've found him consistently courteous to everyone else.
-- [mdw]
------------------------------
From: Phil Carmody <[EMAIL PROTECTED]>
Subject: Re: National Security Nightmare?
Date: Fri, 08 Jun 2001 15:55:16 GMT
Tom St Denis wrote:
> "SCOTT19U.ZIP_GUY" <[EMAIL PROTECTED]> wrote in message
> > what perfect security is. A bunch of nuts claim it means one thing
> "A bunch of nuts *ARE* ...".
Let he who is without blame cast the first stone.
American and English may be mutually understood, but that does not mean
they are the same language. I belive that the term for uncountable and
uncounted groups is 'mass nouns'. The English and Amricans have
different, both correct, priorities when judging the singularity or
plurality of these entities.
The logic is as follows:
_A_ bunch (of what just happen to be nuts) _is_ singluar.
(many, I guess you could call them a bunch,) _nuts_ are plural.
I have to favour the former, personally. However, for some mass nouns
_it really doesn't matter at all_, as long as you're not internally
inconsistant. Some words provide more confusion than others, such as
'committee'.
Is Deep Purple the best group in the world, or are Led Zeppelin better?
Phil
------------------------------
From: [EMAIL PROTECTED] (Patrick Aland)
Subject: Re: DES not a group proof
Date: 8 Jun 2001 09:13:25 -0700
Thanks for all the suggestions guys. My CD should be on its way here shortly.
--patrick
[EMAIL PROTECTED] (DJohn37050) wrote in message
news:<[EMAIL PROTECTED]>...
> BTW, the conjecture is that DES generates the alternating group on 64 bits.
> Don Johnson
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: Best, Strongest Algorithm (gone from any reasonable topic)
Date: Fri, 08 Jun 2001 16:26:06 GMT
"Tim Tyler" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED]...
> Tom St Denis <[EMAIL PROTECTED]> wrote:
> : "Tim Tyler" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
>
> :> It won't have perfect secrecy if it has to encypher variable length
> :> plaintexts to cyphertexts of the same length. There will be better
> :> systems. I wouldn't dream of calling it perfect.
>
> : Aha, fallacy! Now for the kill.
>
> Go for it Tom.
>
> : an OTP is not a cryptosytem! Shazam you proved my point.
>
> : an OTP is just an algorithm just like RSA.
>
> : It's how you use the OTP that matters in terms of security.
>
> : In the contrived "yes" vs "no" case you could simply always send four
byte
> : blocks (null padded). That would then be provably secure. Hence an
OTP
> : can be made into something perfectly secure. Of course in this case you
> : could aim to keep your job by not wasting 31 bits of the pad!
>
> Yes - if you pad all messages to the same length you can give the OTP
> perfect secrecy. That was never under dispute.
Actually you did say earlier that padding is not enough.
At anyrate...
Tom
------------------------------
From: [EMAIL PROTECTED] (Niklas Frykholm)
Subject: Re: Alice and Bob Speak MooJoo
Date: Fri, 8 Jun 2001 07:03:09 +0000 (UTC)
In article <[EMAIL PROTECTED]>, Robert J. Kolker wrote:
>Suppose Alice and Bob share a language
>(herein called MooJoo) which is spoken
>or read by no others.
>
>Then all their plaintexts would be perfectly
>secure. No crypto necessary at all.
But the word for "attack" would always be the same. After a while the
opponent might learn to correlate the word for "attack" with actual
attacks occuring.
// Niklas
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: Best, Strongest Algorithm (gone from any reasonable topic)
Date: Fri, 08 Jun 2001 16:27:47 GMT
"Tim Tyler" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED]...
> Tom St Denis <[EMAIL PROTECTED]> wrote:
> : "Tim Tyler" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
>
> :> Firstly, Rijndael doesn't use an random IV. It uses a fixed one which
is
> :> (I believe) wired into the algorithm.
>
> : That's nonce. CBC is a mode (and not bad radio station mind you) of
> : operation. It has no ties into AES other than AES can be used in CBC
mode.
>
> : To say the IV is fixed is meaningless.
>
> "Rijndael, in CBC mode with a constant initial value"
> - http://www3.sympatico.ca/mtimmerm/bicom/bicom.html
>
> "Initial Value" is one of the things IV stands for. To describe it as
> fixed is hardly meaningless. Practically everybody will know what it
means.
Initial doesn't mean fixed.
http://www.dictionary.com/cgi-bin/dict.pl?term=initial
In CBC mode it is generally understood that the IV is random per message
unless the key changes. Otherwise that would defeat the purpose of CBC
mode.
> :> In order to disguise the first blocks of the message it uses a
whitening
> :> step, which preprocesses the plaintext by appling unkeyed diffusion to
the
> :> first few K of the plaintext - not /quite/ the same as an IV - but good
> :> enough for many purposes.
>
> : What are you talking about?
>
> I was describing how BICOM works.
>
> : I dunno what you are talking about in this post but it is not CBC.
>
> Of course it wasn't. The CBC encryption comes after the whitening
> of the first 16K.
Um sure. This is gone on too long!
Tom
------------------------------
From: [EMAIL PROTECTED] (Mark Wooding)
Subject: Re: Hehehe I found out who David Scott is
Date: 8 Jun 2001 16:34:53 GMT
Tom St Denis <[EMAIL PROTECTED]> wrote:
> Note how "Gene Ray" writes just like David Scott. hehehehe
And the thing you had to say about cryptography was what, precisely?
Or, to put it another way, `Grow up, kiddy.'
-- [mdw]
------------------------------
From: [EMAIL PROTECTED] (JPeschel)
Date: 08 Jun 2001 16:51:27 GMT
Subject: Re: National Security Nightmare?
Phil Carmody [EMAIL PROTECTED] writes:
>Tom St Denis wrote:
>> "SCOTT19U.ZIP_GUY" <[EMAIL PROTECTED]> wrote in message
>
>> > what perfect security is. A bunch of nuts claim it means one thing
>
>> "A bunch of nuts *ARE* ...".
>
>Let he who is without blame cast the first stone.
>
>American and English may be mutually understood, but that does not mean
>they are the same language. I belive that the term for uncountable and
>uncounted groups is 'mass nouns'. The English and Amricans have
>different, both correct, priorities when judging the singularity or
>plurality of these entities.
>
>The logic is as follows:
>_A_ bunch (of what just happen to be nuts) _is_ singluar.
>(many, I guess you could call them a bunch,) _nuts_ are plural.
>
>I have to favour the former, personally. However, for some mass nouns
>_it really doesn't matter at all_, as long as you're not internally
>inconsistant. Some words provide more confusion than others, such as
>'committee'.
>
No, Phil, the English of Americans and the British is one language.
There are a few differences in spelling, punctuation, and, naturally, in idiom
and dialect,
but, other than a few different sentence constructions, that's about it.
I agree with you that "A bunch" is singular: noun-verb agreement.
But Dave wrote: "A bunch of nuts claim it means one thing..." This is also
correct.
It is written in the present tense and it uses the preferable active, rather
than the passive, voice.
Joe
__________________________________________
Joe Peschel
D.O.E. SysWorks
http://members.aol.com/jpeschel/index.htm
__________________________________________
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: Hehehe I found out who David Scott is
Date: Fri, 08 Jun 2001 16:54:41 GMT
"Mark Wooding" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Tom St Denis <[EMAIL PROTECTED]> wrote:
>
> > Note how "Gene Ray" writes just like David Scott. hehehehe
>
> And the thing you had to say about cryptography was what, precisely?
>
> Or, to put it another way, `Grow up, kiddy.'
Any long term reader would have found that slightly funny.
Tom
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: National Security Nightmare?
Date: Fri, 08 Jun 2001 17:01:09 GMT
"JPeschel" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Phil Carmody [EMAIL PROTECTED] writes:
>
> >Tom St Denis wrote:
> >> "SCOTT19U.ZIP_GUY" <[EMAIL PROTECTED]> wrote in message
> >
> >> > what perfect security is. A bunch of nuts claim it means one thing
> >
> >> "A bunch of nuts *ARE* ...".
> >
> >Let he who is without blame cast the first stone.
> >
> >American and English may be mutually understood, but that does not mean
> >they are the same language. I belive that the term for uncountable and
> >uncounted groups is 'mass nouns'. The English and Amricans have
> >different, both correct, priorities when judging the singularity or
> >plurality of these entities.
> >
> >The logic is as follows:
> >_A_ bunch (of what just happen to be nuts) _is_ singluar.
> >(many, I guess you could call them a bunch,) _nuts_ are plural.
> >
> >I have to favour the former, personally. However, for some mass nouns
> >_it really doesn't matter at all_, as long as you're not internally
> >inconsistant. Some words provide more confusion than others, such as
> >'committee'.
> >
>
> No, Phil, the English of Americans and the British is one language.
> There are a few differences in spelling, punctuation, and, naturally, in
idiom
> and dialect,
> but, other than a few different sentence constructions, that's about it.
>
> I agree with you that "A bunch" is singular: noun-verb agreement.
>
> But Dave wrote: "A bunch of nuts claim it means one thing..." This is also
> correct.
> It is written in the present tense and it uses the preferable active,
rather
> than the passive, voice.
>
I don't know where you are going with this but it is ARE
"A bunch of people is wrong". Doesn't sound right since it is more than one
person who is wrong.
"A list of primes is odd" etc...
Tom
------------------------------
From: Ichinin <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: Brute-forcing RC4
Date: Thu, 07 Jun 2001 05:21:02 +0200
David Wagner wrote:
> in WEP. All the WEP cards that I've seen start their IV off at 0
> when they are reset, and count up incrementally from there.
One thought...
Could (frequent) denial of service attacks against the access point or
mobile device facilitate the resetting of the IV ?
.Reg's
Ichinin
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
