Cryptography-Digest Digest #620, Volume #14 Fri, 15 Jun 01 20:13:01 EDT
Contents:
Re: CipherText E-mail encryption ("Tom St Denis")
Re: Is ECB truly more secure than CBC? ("Joseph Ashwood")
Re: Help with Comparison Of Complexity of Discrete Logs, Knapsack, ("Douglas A.
Gwyn")
Re: integration question ("Douglas A. Gwyn")
Re: Is ECB truly more secure than CBC? ("Joseph Ashwood")
Re: Is ECB truly more secure than CBC? (John Myre)
Re: Brute-forcing RC4 (David Wagner)
Fwd from the Math Forum (math-teach) (Kirby Urner)
Re: IV (David Wagner)
Re: fast CTR like ciphers? (David Wagner)
Re: integration question (Fat Phil)
Re: Is ECB truly more secure than CBC? (David Wagner)
Re: integration question ("Tom St Denis")
Re: Simple Crypto II, the public key... (Fat Phil)
Re: Tell me could this one-way function be somewhat secure (Tim Tyler)
Re: Simple Crypto II, the public key... ("Tom St Denis")
Re: IV (SCOTT19U.ZIP_GUY)
Re: Is ECB truly more secure than CBC? (SCOTT19U.ZIP_GUY)
Re: Is ECB truly more secure than CBC? ("Boyd Roberts")
Re: Fwd from the Math Forum (math-teach) ("Boyd Roberts")
----------------------------------------------------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: CipherText E-mail encryption
Date: Fri, 15 Jun 2001 22:03:07 GMT
"Prichard, Chuck" <[EMAIL PROTECTED]> wrote in message
news:2uvW6.1206$[EMAIL PROTECTED]...
> Because of the problems associated with keeping the config options
> simple, it is decided to use an approach that relies on a user's own
> security measure as the ultimate assurance of data privacy.
>
> It can be made an option in a future release, but to introduce the easily
> configurable product its important to offer encryption of the user
> configurable HDD preference and contacts information.
>
> By requiring both a password and key to login, I doubt the product will
> be popular at all.
Agreed. But if its not secure what's the point?
You seem to be a salesman more than a cryptographer.
Sure we would love magic crypto where I don't have to keep a physical device
or password in my head. But there is NO solution. All security is based on
two things. The conjecture that a cipher is a secure as the key and the
assumption that the keyspace is too large to brute force.
To simply say "ah, well just remove the key and all is ok" is crazy.
There are other solutions. Such as Magnetic Cards with passwords. You have
to keep it with you but you don't have to memorize anything. A company in
ottawa has a USB device [and they think they are original... HA!] which does
the same thing.
The age of passwords is comming to a end ,but personal entropy is here to
stay.
Tom
------------------------------
From: "Joseph Ashwood" <[EMAIL PROTECTED]>
Subject: Re: Is ECB truly more secure than CBC?
Date: Fri, 15 Jun 2001 14:49:23 -0700
I will openly acknowledge that this is one and the same Joseph Ashwood.
Although I would have rather that the anonymous didn't post my work e-mail
address, I'd rather keep that account fairly clean of outside influence.
Now I will address the OP subject question. No ECB is not more secure than
CBC, nor is CBC more secure than ECB. The difference in security comes from
what type of attack is being protected against. For the post I made to XML
Enc I made the implicit assumption that the key was more valuable than the
message, an assumption that may or may not be true. If you assume that the
content of the message is as important as the key, then CBC is clearly more
secure, but if the key is more important than the message (e.g. the key will
be used more than once) then ECB offers some advantage. It's a matter of
usage, and factors outside the most common assumptions rather severely
influencing the security of the system.
Joe
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Help with Comparison Of Complexity of Discrete Logs, Knapsack,
Date: Fri, 15 Jun 2001 21:23:42 GMT
<[EMAIL PROTECTED]> <[EMAIL PROTECTED]>
<[EMAIL PROTECTED]> <[EMAIL PROTECTED]>
<[EMAIL PROTECTED]> <[EMAIL PROTECTED]>
<[EMAIL PROTECTED]> <[EMAIL PROTECTED]>
<[EMAIL PROTECTED]> <[EMAIL PROTECTED]>
<[EMAIL PROTECTED]> <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Mok-Kong Shen wrote:
> ... (I guess I definitely wouldn't be able to understand
> that kind of math AT ALL before entering university. For
> it concerns some deeper stuffs than the common predicate
> calculus, I presume, ...
A feature of PM is that in principle you don't need other
math to read it. That doesn't mean it's easy to read ...
> ... and in mathematics there is sort of general desire
> of founding stuffs on as low a level as possible, ...
Actually, a working mathematician doesn't want to proceed
that way, because it's excruciatingly dull and unenlightening.
The primary purpose of this sort of low-level work is to
make sure that the higher levels aren't making unwarranted
assumptions. PM in particular was motivated by the desire
to ensure that the system it built would be free from
logical errors (contradictions) and antinomies (conundrums).
There was at the time considerable concern over various
"logical paradoxes" that made some people anxious about
whether or not large portions of established mathematics
would turn out to be erroneous.
When I was an undergraduate, around 1967, I took a course
on "integration theory" (Lebesgue etc.) and was making a
real effort to understand the "foundational" material
(necessary for measure theory) when the professor told us
that actually the axiom system presented in the book had
been found to lead to contradictions but that we were
going to use it anyway, to make progress. That was the
point where I decided I had better things to do..
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: integration question
Date: Fri, 15 Jun 2001 21:36:55 GMT
Mok-Kong Shen wrote:
> I deduce that there is highly probably quite a difference
> in school education between Canada and US. Douglas Gwyn
> just told us he was able to read most of Principia
> Mathematica in high school.
I assure you that PM was not on the curriculum when I
(also another student I knew) read it.
If there's a difference it probably goes the other way
than you implied. Math in the US public education system
has been in bad shape for several decades. NCTM has
recently issued new guidelines, which in earlier drafts
were horrible but in final form are somewhat adequate.
If widely implemented they'd improve things slightly.
------------------------------
From: "Joseph Ashwood" <[EMAIL PROTECTED]>
Subject: Re: Is ECB truly more secure than CBC?
Date: Fri, 15 Jun 2001 15:11:05 -0700
Ok since there's some confusion. XML encryption is for encryption of
arbitary documents. The expected primary usage will be for XML formatted
data, which tend to look a little bit like:
<xml>
<tag1>Something</tag1>
<tag2><tag3>WHatever</tag3><tag4>blah</tag4>
</tag2>
<tag3/>
</xml>
As a result the data may be of any size, or may be a stream. The required
algorithms to implement are 3DES and AES (128 and 256-bit required, 192 is
optional).
There is currently no compression involved (although a compression layer can
be added with little difficulty to the parsing, at least once it's defined.
If compression was involved then the characteristic I exploited for this
would hopefully not have existed. As to whether or not there's any
authentication, there may be, but it's commonly restricted to XML Signature
which is a different standard and of little concern for this. This is pure
and simple encryption (with key exchange etc included). Oh and it is the
same Joseph Ashwood, I just send to here from my home account, I send to XML
Encryption from my work account.
Joe
"SCOTT19U.ZIP_GUY" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> [EMAIL PROTECTED] (lcs Mixmaster Remailer) wrote in
> <[EMAIL PROTECTED]>:
>
> >Someone named Joseph Ashwood is posting to the XML Encryption list,
> >presenting himself as a cryptography expert. In his most recent posting
> >he offers an argument as to why ECB mode should be supported in addition
> >to CBC! Will any respected cryptographers speak up to say that this is
> >a credible argument?
> >
> >The XML encryption standard could end up seeing widespread use on
> >the Internet. Should someone who supports the use of ECB mode be
> >considered an expert in a forum where not everyone is knowledgeable
> >about cryptography? It is very worrisome what form the standard will
> >end up taking when this is what passes for expert cryptographic advice.
> >
> >His posting is below. Comments are appreciated.
> >
> >Ashwood posting:
> >
> >From: "Joseph Ashwood" <[EMAIL PROTECTED]>
> >To: <[EMAIL PROTECTED]>
> >Date: Fri, 15 Jun 2001 12:15:41 -0700
> >Subject: Thoughts on CBC
> >
>
> I don't know if this is the JOE who post here frequently trying
> to pretend to be an expert but I thought his address was @msn,,,
> or something along that line. As to which mode to use. I would need
> to know about what XML encryption is for. ECB of plain text is
> considered weaker than CBC. But not by much. Do you send fixed size
> packets. Is compression invovled. Is there authenication. You have
> to look at whole picture. I would assume there are far greater
> security issues that if its ECB or CBC. What alogrithm is used.
> What kind of data compressiom. BWT would be nice or some bijective
> compression.
>
>
> David A. Scott
> --
> SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE "OLD VERSIOM"
> http://www.jim.com/jamesd/Kong/scott19u.zip
> My website http://members.nbci.com/ecil/index.htm
> My crypto code http://radiusnet.net/crypto/archive/scott/
> MY Compression Page http://members.nbci.com/ecil/compress.htm
> **NOTE FOR EMAIL drop the roman "five" ***
> Disclaimer:I am in no way responsible for any of the statements
> made in the above text. For all I know I might be drugged or
> something..
> No I'm not paranoid. You all think I'm paranoid, don't you!
>
------------------------------
From: John Myre <[EMAIL PROTECTED]>
Subject: Re: Is ECB truly more secure than CBC?
Date: Fri, 15 Jun 2001 16:31:40 -0600
Paul Pires wrote:
<snip>
> Take Prozac.
<snip>
Mm.
I do not interpret the anonymous post to be any kind of
disparagement of Joe. I take it to be a plea for help:
"what are we to believe?" It seems Joe is arguing for
diversity in a standard, and comes up with a reason for
ECB to be *more secure* than CBC under some conditions.
It is quite reasonable for this conclusion to worry the
folks in charge of the standard. It's certainly nothing
I've ever seen before.
(I don't agree, BTW. He shows how a certain attack fails
when in ECB, but he doesn't show the encryption is secure.
It's just insecure in a different way.)
If I were in charge of a standard, and someone gave me
advice, I would be a fool not to investigate both the
advice and the credentials of the advisor.
JM
------------------------------
From: [EMAIL PROTECTED] (David Wagner)
Subject: Re: Brute-forcing RC4
Date: Fri, 15 Jun 2001 22:44:23 +0000 (UTC)
S Degen wrote:
>David Wagner wrote:
>> If you want to break WEP encryption, there are many ways to do so
>> without recovering the RC4 key. (You can see the paper to be presented
>> at MOBICOM 2001 for some discussion, for instance.)
>
>I know, i am doing research about WLAN security, but i simply want to
>decrypt the key :) Where can i find this paper?
http://www.cs.berkeley.edu/~daw/papers/wep-mob01.ps
See also http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html
------------------------------
From: Kirby Urner <[EMAIL PROTECTED]>
Crossposted-To: alt.fan.rawilson
Subject: Fwd from the Math Forum (math-teach)
Reply-To: [EMAIL PROTECTED]
Date: Fri, 15 Jun 2001 15:53:26 -0700
Fwd from the Math Forum (math-teach):
http://www.mathforum.com/epigone/math-teach/bleldjingjul/
for more context.
================================================================================
Subject: Re: Teachers versus Computers versus Ethics
Author: Kirby Urner <[EMAIL PROTECTED]>
Date: 15 Jun 01 17:04:53 -0400 (EDT)
> Whoa! So the phone company DID kill Kennedy!\
Your non sequiter showed up in triplicate in the archives.
I'll respond to one at random: I think you might be
confusing IBM with AT&T. Only the latter is a "phone
company".
Regarding time lines, the controversy over public key
crypto heated up well after the Kennedy and even Johnson
administrations, although the Vietnam fiasco certainly
fueled distrust of the government and put the NSA at a
significant disadvantage as it stuggled to gain the cooperation
of academics even at places like MIT (where RSA was born),
historically very tied to the defense industry. Bobby Inman
was the new director of the NSA back then and he wrestled
with the problem by going public with the issues (Inman was
also later DDCI during the Carter administration, along with
his pal Stansfield Turner, the DCI at the time -- both of
them admirals).[1]
Phil Zimmermann, who did a lot to uncork the geni bottle, by
releasing strong crypto in the form of PGP (Pretty Good Privacy),
was an anti-nuke activist, arrested at least twice during nuclear
protests, in the company of such activist-luminaries as Daniel
Ellsberg and Carl Sagan (see the aforementioned 'Crypto', pg. 187
ff., chapter entitled 'Crypto Anarchy').
As for the JFK assassination, I highly recommend 'JFK, The CIA,
Vietnam, And The Plot To Assassinate John F. Kennedy' by the late
Col. L. Fletcher Prouty (he died just a few days ago). Prouty was
the real "Man X" fictionalized in Oliver Stone's movie 'JFK' (played
by Donald Sutherland). Although he did not agree with Garrison's
particular hypothesis, presented in the movie, he certainly
encouraged thinking people to dismiss the Warren Commission scenario
as a blatant cover-up. The Prouty website, maintained by Len Osanic,
is still going strong (www.prouty.org).
In Prouty's preface to 'JFK' you'll find favorable mention of
R. Buckminster Fuller and his book 'Critical Path'. This partly
explains my having all these links handy, given I'm one of the
leading authorities on Fuller's philo, my 'Synergetics on the Web'
having been featured in the Whole Earth Review, in the
book 'Everything is Under Control' and so on.[2] Searching on
Buckminster Fuller (exact phrase) on the math-teach archives will
met you quite a few of my posts, including the semi-autobiographical
http://www.mathforum.com/epigone/nctm.l/sporblonfeld/ [3]
Kirby
[1] FYI, here's some 1996 testimony of Inman to Congress in 1996.
He's currently with Inmanventures, which supports some of the
same kinds of companies it'd have been his job to frustrate in
the 1970s. See http://www.inmanventures.com
[2] http://www.amazon.com/exec/obidos/ASIN/0062734172/
[3] See also mine of 29 April 1999 to calc-reform:
http://www.mathforum.com/epigone/calc_reform/zalplokhing (lots of
partially overlapping material).
================================================================================
------------------------------
From: [EMAIL PROTECTED] (David Wagner)
Subject: Re: IV
Date: Fri, 15 Jun 2001 22:59:04 +0000 (UTC)
Mark Currie wrote:
>how does CTR compare with CBC from a security perspective ?
They're both secure for secrecy, if the underlying block cipher is secure.
(Maybe I didn't understand the question.)
------------------------------
From: [EMAIL PROTECTED] (David Wagner)
Subject: Re: fast CTR like ciphers?
Date: Fri, 15 Jun 2001 23:07:04 +0000 (UTC)
jlcooke wrote:
> ctext[n] = BALA(ctext[n-1],key) xor ptext[n]
This is known as CFB mode. It is good, if you use a good block cipher.
However, I have no idea what a "BALA" is, so I have no idea whether your
intended implementation is any good.
------------------------------
From: Fat Phil <[EMAIL PROTECTED]>
Subject: Re: integration question
Date: Sat, 16 Jun 2001 02:11:04 +0300
Tom St Denis wrote:
> "Fat Phil" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
[SNIP]
> > We are required to prove that in any set of horses, all will be the same
> > colour.
> >
> > 2) The induction step - Let us assume that for arbitrary n, any set of
> > n horses contains only horses of the same colour. Take a set of n+1
> > horses. Remove any horse, and by our assumtion they will all be the same
> > colour. However, we could have removed any horse, so any one that we
> > remove will be in the set of n horses that are of the same colour if we
> > were to have removed a different horse. And therefore all n+1 horses are
> > the same colour.
>
> There is no constraint that the set of n+1 must have the same colour.
Come again?
That's what we're trying to prove.
Given any set of n horses, which we know are all the same colour from
the premise, add the n+1-th horse, and remove a different horse. Again
we have a set of n horses, and so by the premise they are all the same
colour. Add back the horse you removed, and you have a set of n+1 horses
all of which are all the same colour.
Quod erat demonstrandum.
Phil
------------------------------
From: [EMAIL PROTECTED] (David Wagner)
Subject: Re: Is ECB truly more secure than CBC?
Date: Fri, 15 Jun 2001 23:12:21 +0000 (UTC)
lcs Mixmaster Remailer wrote:
>Someone named Joseph Ashwood is posting to the XML Encryption list,
>presenting himself as a cryptography expert. In his most recent posting
>he offers an argument as to why ECB mode should be supported in addition
>to CBC! Will any respected cryptographers speak up to say that this is
>a credible argument?
No, the argument is nonsense. ECB is far less secure than CBC mode,
and in his scenario he forgot to consider that there are non-key-recovery
attacks on ECB mode that are extremely serious. This invalidates the
claim.
In my opinion, it would be absurd to use ECB mode. CBC mode is just fine.
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: integration question
Date: Fri, 15 Jun 2001 23:15:32 GMT
"Fat Phil" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Tom St Denis wrote:
> > "Fat Phil" <[EMAIL PROTECTED]> wrote in message
> > news:[EMAIL PROTECTED]...
> [SNIP]
> > > We are required to prove that in any set of horses, all will be the
same
> > > colour.
> > >
> > > 2) The induction step - Let us assume that for arbitrary n, any set
of
> > > n horses contains only horses of the same colour. Take a set of n+1
> > > horses. Remove any horse, and by our assumtion they will all be the
same
> > > colour. However, we could have removed any horse, so any one that we
> > > remove will be in the set of n horses that are of the same colour if
we
> > > were to have removed a different horse. And therefore all n+1 horses
are
> > > the same colour.
> >
> > There is no constraint that the set of n+1 must have the same colour.
>
> Come again?
> That's what we're trying to prove.
> Given any set of n horses, which we know are all the same colour from
> the premise, add the n+1-th horse, and remove a different horse. Again
> we have a set of n horses, and so by the premise they are all the same
> colour. Add back the horse you removed, and you have a set of n+1 horses
> all of which are all the same colour.
> Quod erat demonstrandum.
I don't get this? just because your set has n elements doesn't mean its a
proper subset of single coloured horses.
Tom
------------------------------
From: Fat Phil <[EMAIL PROTECTED]>
Subject: Re: Simple Crypto II, the public key...
Date: Sat, 16 Jun 2001 02:26:06 +0300
Tom St Denis wrote:
>
> "Fat Phil" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > Tom St Denis wrote:
> > > Phil Carmody wrote:
> > > > Tom St Denis wrote:
> > > > > Of course [for anyone in the dark] a mod operation with these
> modulos is
> > > > > just a shift right n bits and an addition.
> > > > >
> > > > > So "mod 255" would be
> > > > >
> > > > > a = ((a >> 8) + a) & 255;
> > > >
> > > > Stick 65535 into that :-)
> > >
> > > 65535 cannot be the product of two #'s less than 255.
> >
> > In "a mod operation" (your words) products don't enter into it.
> > If you had said "in a mulmod (of numbers <255)", then your defence would
> > be valid, but you didn't.
> > Swat up on "programming by contract" next time you have any spare time.
>
> You can't ever get a # greater than 255*255 in any operation. Think about
> it. The only way to get 65536 is todo 256*256 where 256 is not an element
> of the ring thus no a valid operation
Tom,
I look to the heavens for a reason to not use highly pejorative
language, but I find none.
So I'll stop after saying.
Read my my previous post again please. Pay more attention to it this
time please.
Phil
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: Tell me could this one-way function be somewhat secure
Reply-To: [EMAIL PROTECTED]
Date: Fri, 15 Jun 2001 23:23:36 GMT
Marko Lavikainen <[EMAIL PROTECTED]> wrote:
: I was wondering that when using hash-function, there is always a change for
: collision. So, could not one use, say, two hash functions with different
: properties. [...]
That's much the same as increasing the size of the hash. You'll still get
collisions - but not so frequently.
--
__________
|im |yler [EMAIL PROTECTED] Home page: http://alife.co.uk/tim/
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: Simple Crypto II, the public key...
Date: Fri, 15 Jun 2001 23:34:02 GMT
"Fat Phil" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Tom St Denis wrote:
> >
> > "Fat Phil" <[EMAIL PROTECTED]> wrote in message
> > news:[EMAIL PROTECTED]...
> > > Tom St Denis wrote:
> > > > Phil Carmody wrote:
> > > > > Tom St Denis wrote:
> > > > > > Of course [for anyone in the dark] a mod operation with these
> > modulos is
> > > > > > just a shift right n bits and an addition.
> > > > > >
> > > > > > So "mod 255" would be
> > > > > >
> > > > > > a = ((a >> 8) + a) & 255;
> > > > >
> > > > > Stick 65535 into that :-)
> > > >
> > > > 65535 cannot be the product of two #'s less than 255.
> > >
> > > In "a mod operation" (your words) products don't enter into it.
> > > If you had said "in a mulmod (of numbers <255)", then your defence
would
> > > be valid, but you didn't.
> > > Swat up on "programming by contract" next time you have any spare
time.
> >
> > You can't ever get a # greater than 255*255 in any operation. Think
about
> > it. The only way to get 65536 is todo 256*256 where 256 is not an
element
> > of the ring thus no a valid operation
>
> Tom,
> I look to the heavens for a reason to not use highly pejorative
> language, but I find none.
> So I'll stop after saying.
> Read my my previous post again please. Pay more attention to it this
> time please.
Say what you want. #>s greater than the square of the largest element are
not possible.
Even if you did 237^324423492874239347298723489723489242893742 mod 255, you
will NEVER get a number larger than 255*255.
I don't see why handling the 256*256 case will matter, except if it's a
GENERAL purposes math lib.
Tom
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: IV
Date: 15 Jun 2001 23:39:41 GMT
[EMAIL PROTECTED] (David Wagner) wrote in
<9ge3vo$osg$[EMAIL PROTECTED]>:
>Mark Currie wrote:
>>how does CTR compare with CBC from a security perspective ?
>
>They're both secure for secrecy, if the underlying block cipher is secure.
>(Maybe I didn't understand the question.)
Actaully since no one can really say for sure if the underlying
cipher is secure. Its kind of an oxyymoron to say if the underlying
block cipher is secure. In reality one must assume weakness in the
underlying cipher and start the evaluation from there. From that
point of view it should be clear that CTR mode is far more likely
to be weaker than CBC mode. But again one needs a full model to
compare. Since CTR mode is in theory made for any length file while
CBC is made for files of specail sizes. If one writes proper code
such as in BICOM which uses CBC mode you can encrypt any size files.
If one looks at it then I would say CBC is safer. However they are
both differnt and one could think up cases where one is better.
I feel a good model would be to pretend the key is changed each
time and then compare the plaintext cipher text outputs. In the
CTR mode the plaintext length would track the cipher text length.
And as descussed in a long thread. Thats not as safe if the input
length can be more obsure. SO no CTR not as safe. Also from
a Shannon point of view, Cipher that have higher error propagation
by there very nature are more secure then those that don't have
any like CTR mode. But not sure Wagner is familar with Shannon
since he didn't comment in those longer threads about "perfect
secrity" where he could have helped assuming he knew anything
about the subject.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE "OLD VERSIOM"
http://www.jim.com/jamesd/Kong/scott19u.zip
My website http://members.nbci.com/ecil/index.htm
My crypto code http://radiusnet.net/crypto/archive/scott/
MY Compression Page http://members.nbci.com/ecil/compress.htm
**NOTE FOR EMAIL drop the roman "five" ***
Disclaimer:I am in no way responsible for any of the statements
made in the above text. For all I know I might be drugged or
something..
No I'm not paranoid. You all think I'm paranoid, don't you!
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Is ECB truly more secure than CBC?
Date: 15 Jun 2001 23:26:47 GMT
[EMAIL PROTECTED] (Joseph Ashwood) wrote in <udZ63ge9AHA.185@cpmsnbbsa07>:
>Ok since there's some confusion. XML encryption is for encryption of
>arbitary documents. The expected primary usage will be for XML formatted
>data, which tend to look a little bit like:
><xml>
><tag1>Something</tag1>
><tag2><tag3>WHatever</tag3><tag4>blah</tag4>
></tag2>
><tag3/>
></xml>
>
>As a result the data may be of any size, or may be a stream. The
>required algorithms to implement are 3DES and AES (128 and 256-bit
>required, 192 is optional).
>There is currently no compression involved (although a compression layer
>can be added with little difficulty to the parsing, at least once it's
>defined. If compression was involved then the characteristic I exploited
>for this would hopefully not have existed. As to whether or not there's
>any authentication, there may be, but it's commonly restricted to XML
If this is for documents sent over the web. It would be foolish
to consider encryption without compression. Since the <xml> is always
front and </xml> is the back. You make to big mistakes not making
compression part of encryption. Mistake one is you will be wasting
bandwidth over the net. Since at various stages compression might
be attempted. If you encrypt no compression can take place later.
THe other big mistake is your leaking to much information at front
and back of file. One should use a compressor tuned to XML files.
Hopefully a bijective one just before you encrypt and send.
>> >From: "Joseph Ashwood" <[EMAIL PROTECTED]>
>> >To: <[EMAIL PROTECTED]>
>> >Date: Fri, 15 Jun 2001 12:15:41 -0700
>> >Subject: Thoughts on CBC
>> >
>>
>> I don't know if this is the JOE who post here frequently trying
>> to pretend to be an expert but I thought his address was @msn,,,
>> or something along that line. As to which mode to use. I would need
>> to know about what XML encryption is for. ECB of plain text is
>> considered weaker than CBC. But not by much. Do you send fixed size
>> packets. Is compression invovled. Is there authenication. You have
>> to look at whole picture. I would assume there are far greater
>> security issues that if its ECB or CBC. What alogrithm is used.
>> What kind of data compressiom. BWT would be nice or some bijective
>> compression.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE "OLD VERSIOM"
http://www.jim.com/jamesd/Kong/scott19u.zip
My website http://members.nbci.com/ecil/index.htm
My crypto code http://radiusnet.net/crypto/archive/scott/
MY Compression Page http://members.nbci.com/ecil/compress.htm
**NOTE FOR EMAIL drop the roman "five" ***
Disclaimer:I am in no way responsible for any of the statements
made in the above text. For all I know I might be drugged or
something..
No I'm not paranoid. You all think I'm paranoid, don't you!
------------------------------
From: "Boyd Roberts" <[EMAIL PROTECTED]>
Subject: Re: Is ECB truly more secure than CBC?
Date: Sat, 16 Jun 2001 01:41:44 +0200
"John Myre" <[EMAIL PROTECTED]> a écrit dans le message news:
[EMAIL PROTECTED]
> Paul Pires wrote:
> <snip>
> > Take Prozac.
> <snip>
>
huh? SSRIs meet crypto? what?
------------------------------
From: "Boyd Roberts" <[EMAIL PROTECTED]>
Crossposted-To: alt.fan.rawilson
Subject: Re: Fwd from the Math Forum (math-teach)
Date: Sat, 16 Jun 2001 01:44:23 +0200
"Kirby Urner" <[EMAIL PROTECTED]> a écrit dans le message news:
[EMAIL PROTECTED]
> As for the JFK assassination, I highly recommend 'JFK, The CIA,
> Vietnam, And The Plot To Assassinate John F. Kennedy' by the late
> Col. L. Fletcher Prouty (he died just a few days ago).
prouty dead. that's a shame.
there's an interview with him on the JFK double DVD.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
