Cryptography-Digest Digest #185
Cryptography-Digest Digest #185, Volume #11 Wed, 23 Feb 00 07:13:01 EST Contents: I have added few images of my notebooks to alt.politics.org.cia ("Markku J. Saarelainen") need help! decryption (jamie) Re: Passwords secure against dictionary attacks? (John Underwood) Re: OAP-L3 Encryption Software - Complete Help Files at web site ("Douglas A. Gwyn") Re: need help! decryption (Elgar) Re: EOF in cipher??? (Mok-Kong Shen) Re: Processor speeds. (Mok-Kong Shen) Re: Passwords secure against dictionary attacks? ("Steve Coath") cannot understand CFB mode code.. ([EMAIL PROTECTED]) Re: Passwords secure against dictionary attacks? ("Ken Hagan") Transmitting ciphered data ("Markus Eiber") First announcement for ECC 2000 (Alfred John Menezes) Re: Passwords secure against dictionary attacks? ([EMAIL PROTECTED]) Re: Passwords secure against dictionary attacks? (Michel Dalle) Re: need help! decryption (Runu Knips) Re: I am really scared of my NT ([EMAIL PROTECTED]) Re: Stuck on code-breaking problem - help appreciated ("jdc") Re: Does the NSA have ALL Possible PGP keys? ("csabine") From: "Markku J. Saarelainen" [EMAIL PROTECTED] Crossposted-To: alt.2600,soc.culture.russian,soc.culture.soviet,soc.culture.nordic,soc.culture.europe,soc.culture.german,soc.culture.ukrainian,soc.culture.china Subject: I have added few images of my notebooks to alt.politics.org.cia Date: Wed, 23 Feb 2000 07:05:31 GMT I have added few images of my notebooks to alt.politics.org.cia all these are intelligence related .. I still have hundreds of pages of my notebooks that I have to review for you .. other posted diary and notebook entries are at http://homestead.virtualjerusalem.com/waeg/Diaries.html Visit also the Game of General (M) (updated with the language - actually I can teach the language to you more clearly - it is quite simple but very effective) at http://homestead.virtualjerusalem.com/waeg/gameofm.html Best regards, Markku -- From: jamie [EMAIL PROTECTED] Subject: need help! decryption Date: Wed, 23 Feb 2000 07:48:36 GMT This arrived in my email and I have no idea what it is, can someone tell me how to decypher it? Thanx in advance... Subject: ¯u¹êªº¬G¨Æ¡A½Ð§A§Ú¤@»ô¨ÓÃö¤ß From: Nothing [EMAIL PROTECTED] ¡@¡@±z¦n¡A«Ü©êºp¡A¥´ÂZ±zÄ_¶Qªº¦¬«H®É¶¡¡A³o¨Ã¤£¬O¤@«Ê¼s§i«H¡A¦Ó¬Oµo¥Í¦b§ÚªB ¤Í¨¤Wªº¤@¥ó¯u¹êªº¬G¨Æ¡AÁöµM§Ú¨Ã¤£»{Ãѱz¡A±zªº¶l¥ó¦ì§}¤]¬O§Ú±qºô¸ô¤W©Ò¨ú±o ªº¡A¦ýÁÙ¬On½Ð±zªáÂI®É¶¡±N³oÓ¬G¨Æ¬Ý§¹¡A¦pªG¥i¥Hªº¸Ü¡A½Ð±N³o«Ê«H¶Çµ¹±zªºªB ¤Í¡AÁöµM«H¤¤´d¼@ªº¥D¨¤»P±zµLÃö¡A¦ý¦pªG¥xÆW¥æ³q°ÝÃDÄ~Äò¦p¦¹¡A½Ö¤]¤£´±«OÃÒ¤U ¤@¬í´d¼@·|¤£·|´Nµo¥Í¦b§Ú̪ºªB¤Í¡Ð¡Ð¬Æ¦Ü¬O§Ú̦ۤv¨¤W¡A½Ð¦@¦Pn¨D§Ú̪º¬F ©²¤Î¨ä©xû¡A»P¨ä¥u·|¦b¿ïÁ|®É¥´°ªªÅ¡A»¡¨Ç¨¥¤£¤Î¸qªº¨¥½×¡Aˤ£¦p¯uªº©ñ¤@ÂI¤ß «ä¦b§Ú̳o¨Ç¤p¦Ñ¦Ê©m¨¤W¡AÅý§ÚÌ¥i¥H¦³¤@Ó§K©ó®£ÄߪºÀô¹Ò¡C ¡@¡@¥H¤U¬O¥ØÀ»ªÌ©Ò¼gªºì¤å¡A«H¤¤©Î³\¦³¨Ç¿ù¦r¡A¦ý¬°´L«·í¨Æ¤H¡A§Ú¨Ã¤£¥[¥ô¦ó ªº×§ï¡A«H¦³ÂIªø¡A½Ð±z@¤ß§â¥¦¬Ý§¹¡C ©M¦o»{ÃѬO¦b©_¼¯ªººô¸ô¤W,¨º¤@¤Ñ§Ú̲᪺«Ü¶}¤ß,¶¢½Í¤§¤¤§Ṳ́~ª¾¹D§ÚÌ¦íªº¬O ¦p¦¹£xªñ¦]¦¹§Ṳ́¬¬Û¯d¤U³q°T¤è¦¡,«á¨Ó§Ṳ́§¶¡³q¹L¤F´X¦¸¹q¸Ü,¨º¤@¤Ñ±ß¤W§Ú¨{ ¤l¾j¤F,©p»¡n±a§Ú¥h¦YªF¦è,¦]¦¹§ÚÌ´N¬ù¥X¨Ó¦Y®d©],¨£¨ì©p,©p¤ñ§Ú·Q¹³¤¤£x©pÁÙ¥i ·R,¦b¦Y¶º¤§¤¤ª¾¹D©p£x®a®x,©p£x¤@¤Á,ì¨Ó©p¬O¤@Ó¨º»ò°í±j£x¤k¥Í,¤@Ó¤H¯²«Î¦b¥~ ±ÁÈ¿ú¾i¬¡¦Û¤v,¨º®ÉÔ£x§Úı£x¦Û¤v©M©p¤ñ°_¨Ó©¯ºÖ¤Ó¦h¤F,¦^¥h¤§«á§Ṳ́S¶¢²á¤F ¤@¨Ç,©p§i¶D§Ú©p·Q¾Ç^¤ån§Ú±Ð©p,§ÚµªÀ³¤F©p§i¶D©p§Ú£x½Ķ¾÷¨S¦³¥Î¥i¥HÉ©p,©p Å¥¤F«Ü°ª¿³,«á¨Ó©p§i¶D§Ú©ú¤Ñn¦^ªO¾ô£x°®¶ý®a,¥i¯à·|¥h´X¤Ñ,¦^¨Ó«á·|¥´¹q¸Üµ¹§Ú, §Ú§i¶D©p¦^¨Ó«á¤@°_¥h°Ûºq,©pµªÀ³¤F§Ú. ¬P´Á¤@£x¤U¤È¥x¥_¤U°_¤F«B,¤Ñ®ð¦³ÂIÀã§N,¥´¹q¸Üµ¹©pª¾¨ì©p¤H¦b¥x¥_,è¦^¨Ó,§Ú°Ý ©pn¥h°Ûºq¶Ü?©pµªÀ³¤F§Ú,«á¨Ó§Ú¬ù¤F¥t¥~¤TÓºô¤Í¥h°Ûºq,§Ų́º¤@¤Ñ°Ûºq°Û£x«Ü¶} ¤ß,¬P´Á¤T£xâ±á§Ú̦b½u¤W¸I¤F±,¨º¤Ñ¤Ñ®ð¤]¬O¯S§O£x§N,¥~±ÁÙ¤U°_¤F«B,©p§i¶D§Ú ·Q¸ò¥t¤@Óºô¤Í¥h¸õ»R,n§Ú¸ò©p¤@°_¥h,§Ú°Ý©p¬°¤°»ò?©p¦^µª§Ú¦]¬°§Ú¤H¦n,¦Ó¥B¥h£x ¸Ü¥i¥H«OÅ@©p,¦Ó¥B©p¤]¤£·|µL²á,¥i¬O§ÚÁÙ¬O¶û¥~±¤Ó§N¤F,§Ú¥u·Q¥h¦Y®d©]¤£·Q¥h¸õ »R,«á¨Ó©p¦³ÂI¤£°ª¿³¥i¬OÁÙ¬O§i¶D§Ú¨º¤£µM¤j®a¬ù¥X¥h¦Y®d©]¦n¤F,©pª¾¹D§Ú·Q¦Y¨¡ ¶ê,»¡n±a§Ú¥h¦Y¤@®a¦n¦Y£x©±,¨º¤@¤Ñ§Ú¬ï¤F²D¾c¬ï£x«Ü¥ð¶¢,¨£±«á©p¥´¶q¤F§Ú¤@¤U, ¯ºµÛ¹ï§Ú»¡,¨þ¨þ~~~§A¦nµl¤l³á!!§Ú¤]¯º¤F¯º!¦^µª©p§Ú¥»¨Ó´N¬Oµl¤l¹À!!¤£µM«ç»ò·|¤j ®a³£·R©O?©p¯ºµÛ¹ï§Ú»¡¹ï§r!¹ï§r!¦]¬°©pÁy¥Ö«p¹À!«á¨Ó§ÚÌ´N¸ò¥t¥~¨âÓºô¤Í¥h¦Y®d ©],°e©p¦^®a£x¸ô¤W,§Ú̦bÃM¼Ó¤U²á¤F¤@·|,©p§i¶D§Ú·Q¦^³Ìªñ¥i¯à·|¦^ªO¾ô£x°®¶ý®a, §Ú»¡¨SÃö«Y§ÚÌÁÙ¬O¥i¥H«Ü±`¨£±£x,¦^®a«á¨ì¦¤W§Ú¤~ºÎµÛ!! ³Ä±ß¤»ÂI¦h°_§ÉÅ¥¨ì¤â¾÷©p£x¯d¨¥,©p»¡§Ú¦n½Þ³á!!ºÎ¨ì²{¦bÁÙ¨S¿ôn§Ú»°§Ö°_§É,¦³ ¦n±d£xn¤¶²Ðµ¹§Ú!!Å¥§¹¯d¨¥«á§Ú°¨¤W¦^¤F©p¹q¸Ü,©p½|§Ú¯u·|ºÎ,§Ú¯º¤F¯º°Ý©p¤°»ò¦n ±d£x§r?©p§i¶D§Ú¦³Óºô¤Ín½Ð¦Y¤õÁçn±a©p¸ò§Ú¥h,§Ú»¡¥L¤S¤£»{ÃѧÚ,©p»¡©p¦³§i¶D ¹L¥L¤F§r?§Ú¯ºµÛ°Ý©p¬°¦ó¨C¦¸¸òºô¤Í¥X¥h³£n§Ú³§r!©p¯º¯º£x»¡¦]¬°§Ún«OÅ@©p§r!! ¨þ¨þ...§Ú¬ðµMÅܦ¨©p£x¤p¸ò¯Z¤F§Ú§i¶D©p!!²á¤F¤@¤U,©p§i¶D§Ú¦³Óºô¤Í±H·Ó¤ùµ¹©p,§Ú »¡§Ú¤]n¬Ý,©p¥s§Ú§Ö¤Wºô,§ÚÌ´N¦bºô¸ô¤W²á¤F°_¨Ó,©p§â·Ó¤ù¶Ç¤F¹L¨Ó,¦b²á¤Ñ«Ç¤¤,§Ú §i¶D©p§Ú©ú¤Ñn¦^]®ß¤F,¦]¬°§Ú¦Ñª¨n¶}¨®¤W¨Ó¸ü§Ú¦^®a,©p»¡§Ú¦n¹³§µ¤l³á!!§Ú§i¶D
Cryptography-Digest Digest #186
Cryptography-Digest Digest #186, Volume #11 Wed, 23 Feb 00 11:13:01 EST Contents: Re: Large Int Lib for Delphi ("ink") Re: Q: Large interger package for VB? (longreply with source) ("Neila Nessa") Re: Does the NSA have ALL Possible PGP keys? ("csabine") Re: Does the NSA have ALL Possible PGP keys? ("csabine") Re: Passwords secure against dictionary attacks? (Ilya) Re: US secret agents work at Microsoft claims French intelligence report (Gordon Walker) Re: Transmitting ciphered data (Volker Hetzer) Re: Implementation of Crypto on DSP ([EMAIL PROTECTED]) DES algorithm (Charles Nicol) Re: RSA Speed ([EMAIL PROTECTED]) Re: need help! decryption (wtshaw) Re: need help! decryption (wtshaw) Re: DES algorithm (Jean-Jacques Quisquater) Re: shorter key public algo? (JCA) Re: need help! decryption (Richard Herring) From: "ink" [EMAIL PROTECTED] Subject: Re: Large Int Lib for Delphi Date: Wed, 23 Feb 2000 14:37:22 +0100 Thank you very much! Ryan Phillips schrieb in Nachricht [EMAIL PROTECTED]... check www.scramdisk.clara.net and click delphi. Ryan ink wrote: Does anyone know of a large integer library for Borland/Inprise Delphi, Version 3 or higher? A Turbo Pascal ;-) version would also be welcome, as the language/compiler is essentially the same. Thanks a lot in advance, kind regards Kurt -- From: "Neila Nessa" [EMAIL PROTECTED] Subject: Re: Q: Large interger package for VB? (longreply with source) Date: Wed, 23 Feb 2000 07:44:47 -0600 Crossposted-To: comp.lang.basic.visual.misc,comp.lang.basic.visual.3rdparty,sci.math This isn't what you are looking for either, but I found it to be an amusing site ;-) http://www.jargon.net/jargonfile/b/bignum.html Neila Ed Pugh [EMAIL PROTECTED] wrote in message news:88v4cn$hrj$[EMAIL PROTECTED]... Thanks for your follow-up, Michael, but I do not think this is quite what I am looking for. It appears that the module you posted does arithmetic on large precision decimal numbers, NOT integers (or natural numbers). Also, it did not appear to implement the modulus operation, which I need. As well, I noticed that it seemed to have a "naive" implementation of the exponentiation function which, for the sizes of exponents I am talking about, would probably take a few millenia to execute! Does anyone know of any better VB implementations of large integer packages? Michael Carton ([EMAIL PROTECTED]) wrote: I trimmed the NG list. Why? I added them back! Ed Pugh wrote: I want to use Visual BASIC (5.0, pro ed'n, SP3) to do some prototyping and experimenting with algorithms involving very large natural numbers or integers. Does anyone know if and where I can find and download a *FREEWARE* (or *UNCRIPPLED* shareware) VB class or "library" that can handle arbitrarily large natural numbers or integers (up to a few thousand bits long)? (And it has to work with VB 5.0.) Here's something I downloaded. Free Source. I tested it with numbers with up to 2,090 digits. It works. Bet you did not try a number this size as an exponent (i.e. 2nd parameter) for the IntPower function! ;-) [ SNIP - VB module source code ] Thanks and regards, -- Ed Pugh, [EMAIL PROTECTED] Richmond, ON, Canada (near Ottawa) "Bum gall unwaith-hynny oedd, llefain pan ym ganed." (I was wise once, when I was born I cried - Welsh proverb) -- From: "csabine" [EMAIL PROTECTED] Crossposted-To: comp.security.pgp,misc.survivalism Subject: Re: Does the NSA have ALL Possible PGP keys? Date: Wed, 23 Feb 2000 13:43:48 - Kinda reminds of what Descartes once said: Of all things, good sense is the most fairly distributed: everyone thinks he is so well supplied with it that even those who are the hardest to satisfy in every other respect never desire more of it than they already have. Discours de la Méthode. 1637. Colin. B Poulton wrote in message ... In article [EMAIL PROTECTED], [EMAIL PROTECTED] (Steve K) wrote: I just read most of this thread, and it's a very silly thread. Agreed. I've been following it because I know little about it. Yet. In conjunction with the original post I don't think this article is off topic. (Note: This is *not* a slam against Americans. It's just that the study groups were primarily American). Incompetent people rarely know they are By Deborah Zabarenko WASHINGTON, Jan 20 (Reuters) - The truly incompetent may never know the depths of their own incompetence, a pair of social psychologists said on Thursday. "We found again and again that people who perform poorly relative to their peers tended to think that they did rather well," Justin Kruger, co-author of a study on the subject, said in a telephone interview. Kruger and co-author David Dunning found that when it came to a variety of
Cryptography-Digest Digest #187
Cryptography-Digest Digest #187, Volume #11 Wed, 23 Feb 00 14:13:01 EST Contents: Re: I am really scared of my NT (Tim Tyler) Crypto enthusiasm (wtshaw) Re: Passwords secure against dictionary attacks? (Alun Jones) Re: e-payment suggestion ("Dr.Gunter Abend") Re: The solution is Open Source! ("John E. Kuslich") Re: DES algorithm (John Savard) Re: NSA Linux and the GPL ("John E. Kuslich") Re: Crypto enthusiasm (Mok-Kong Shen) Re: Passwords secure against dictionary attacks? (Barry Margolin) Re: e-payment suggestion (Mike Rosing) Re: Linking Time-Stamping Servers (Mike Rosing) Re: John McCain Encrypt? (Thunder Dan) Re: Processor speeds. (Mike Rosing) Re: DES algorithm (Quisquater) Re: NSA Linux and the GPL (Mike Rosing) Report Details Vast SPY Network (Dave Hazelwood) Re: Transmitting ciphered data ("Douglas A. Gwyn") Re: OAP-L3 Encryption Software - Complete Help Files at web site (David A. Wagner) Re: Stuck on code-breaking problem - help appreciated ("Douglas A. Gwyn") Re: Stuck on code-breaking problem - help appreciated ("r.e.s.") Re: Does the NSA have ALL Possible PGP keys? ("Douglas A. Gwyn") Re: Passwords secure against dictionary attacks? (JimD) Re: DES algorithm ("Douglas A. Gwyn") Re: DES algorithm ("Douglas A. Gwyn") Re: The solution is Open Source! ("Douglas A. Gwyn") From: Tim Tyler [EMAIL PROTECTED] Subject: Re: I am really scared of my NT Reply-To: [EMAIL PROTECTED] Date: Wed, 23 Feb 2000 15:37:04 GMT [EMAIL PROTECTED] wrote: : Someone should come out with a crypto gaurd-ring to protect all the : ports and physical access of a windows 98/NT w/s. The whole thing is : so shaky and insecure... If possible, it's better to build on a solid foundation, than to try to shore up the house built on sand. -- __ |im |yler The Mandala Centre http://www.mandala.co.uk/ [EMAIL PROTECTED] The more you complain, the longer God makes you live. -- From: [EMAIL PROTECTED] (wtshaw) Subject: Crypto enthusiasm Date: Wed, 23 Feb 2000 09:19:25 -0600 This morning, I awakened with thoughts of all that I might get done in a crypto way today. The result on best will be that of the various areas, I'll just get a little done, however. But, I pick the topic...that's freedom. Here are the options: 1) News--probably read crypto relavant groups three or so different times today. 2) C/C++--work on extending my basic knowledge in the area as I enlarge the current dumb crypto program to be more flexible; file I/O is partly working. I wish it was as easy to do as BASIC, less cryptic and require less microefforts to do anything. 3) I'm close to finishing a series of transposition applications according to ACA standards, a handful leftSwagman, and some interesting Grilles. 4) Speaking of ACA, I could do a little cipher solving, even learn something new. This is apt to cause me to think how to write a program too, or even come up with a variation. 5) Base Translation...scores of usable ones need implementing, picking up with the one I was doing when I had my stroke last summer. And, there is always some new idea that needs to be reduced to workable notes with so many others. 6) Pull out one of the formal articles I have been writing, correcting, writing, correcting... 7) Do a little rabble rousing regarding crypto politics on the phone. Or, check on progress regarding certain projects involviing others...voice or email. 8) Wander around the web looking for information that might be helpful. 9) Go to one of the nearby university libraries and hit the stacks. 10) Website work: Write something new, start another speciality site. 11) Clean up and reorganize information, trying to condense important stuff so that it can be searched. 12) I'm sure there are more, and at least one will get into today's activities. 13) Look at future conferences, CFP, AES, ACA, etc. , note dates on the calendar, and hope that I will feel good enough to reasonably go to one soon; but, I can dream can't I? -- Regarding healthcare, when GWB became govenor, Texas was 43 in the nation, now we are 49th. And, I need not tell you about his bloody support of the death penalty. Reformer? -- From: [EMAIL PROTECTED] (Alun Jones) Crossposted-To: comp.security.misc,alt.security.pgp Subject: Re: Passwords secure against dictionary attacks? Date: Wed, 23 Feb 2000 16:21:41 GMT In article newscache$c6pdqf$ci5$[EMAIL PROTECTED], "Ken Hagan" [EMAIL PROTECTED] wrote: "Ilya" [EMAIL PROTECTED] wrote in message news:zZEs4.2145$[EMAIL PROTECTED]... Is it secure to take two words and join them together, such as: crypto/life cyber@machine green-dog Loud!Music I think that they are not vulnerable to dictionary attacks since the password is not a word, it combines two words and is meaningless and can only be brute-forced. You don't
Cryptography-Digest Digest #188
Cryptography-Digest Digest #188, Volume #11 Wed, 23 Feb 00 17:13:02 EST Contents: Re: NSA Linux and the GPL ("Douglas A. Gwyn") Re: Passwords secure against dictionary attacks? ([EMAIL PROTECTED]) Re: The solution is Open Source! (Paul Schlyter) SAC 2000 Call for Papers (Stafford Tavares) Re: Question about OTPs (Bryan Olson) Re: Passwords secure against dictionary attacks? ("Ken Hagan") Re: Processor speeds. ("Clockwork") Re: The solution is Open Source! (Mike McCarty) Compression in the Real World ([EMAIL PROTECTED]) Re: Does the NSA have ALL Possible PGP keys? (Mike McCarty) Re: Passwords secure against dictionary attacks? (Alun Jones) Re: Passwords secure against dictionary attacks? (Peter Berlich) Re: Passwords secure against dictionary attacks? (Alan J Rosenthal) From: "Douglas A. Gwyn" [EMAIL PROTECTED] Subject: Re: NSA Linux and the GPL Date: Wed, 23 Feb 2000 19:15:21 GMT "John E. Kuslich" wrote: Why is has John Deutch not been arrested and charged with violations of the law regarding care of classified information? To what "law" are you referring? We have laws about espionage and sedition, but no Official Secrets Act. I agree that it was a terrible, inexcusable mistake, and should keep anyone from ever again putting Deutsch in a position of trust, but I don't see how he can be punished under the law. -- From: [EMAIL PROTECTED] Crossposted-To: comp.security.misc,alt.security.pgp Subject: Re: Passwords secure against dictionary attacks? Date: Wed, 23 Feb 2000 19:12:00 GMT QWERTY offsets are not very secure. A typcial dictionary attack interation would go: 1) Dictionary, 2) Reverse Dictionary, 3) QWERTY Offset Dictionary, 4) Alpha offset Dictionary, If bullwinkle is in my dictionary, interation number 3 would get you. I used to use QWERTY offsets. Not any more. As to the original posting on concatenating dictionary words. That too can be weak. However, since the concatenation permutations far exceed the QWERTY offset, I would dare say that concatenation is more secure than QWERTY. In article 88vpde$s3c$[EMAIL PROTECTED], "NutWrench" [EMAIL PROTECTED] wrote: Hi Ilya, One way to have a easily-remembered password that defeats dictionary based attacks is to enter your passphrase, but press the key which is above and to the left or right of the actual key. For example, if your password is 'bullwinkle', instead of pressing 'b' press 'h' (above and to the right). The typed text for 'bullwinkle' would then be: 'h8pp39jop4':o) --Nut Sent via Deja.com http://www.deja.com/ Before you buy. -- From: [EMAIL PROTECTED] (Paul Schlyter) Subject: Re: The solution is Open Source! Date: 23 Feb 2000 19:07:45 +0100 In article MaUs4.71$[EMAIL PROTECTED], John E. Kuslich [EMAIL PROTECTED] wrote: [EMAIL PROTECTED] wrote in message news:88ua13$29b$[EMAIL PROTECTED]... In article 88s99s$lhu$[EMAIL PROTECTED], [EMAIL PROTECTED] wrote: How can we be sure our encryption software has no backdoor? The answer, of course is Open Source. There are several free open source encryption packages available, e.g. the java package by www.cryptix.org. The source code for this is available, so anyone with a basic understanding of programming and math can check the code to make sure there are no secret backdoors or key escrow systems. It's free, and you yourself can ensure it's safe! Goodnight NSA... The "answer" you provide is NOT the answer at all. It is an illusion. Suppose you write open source code and everybody agrees that the source code is a pure as the driven snow. Now you have to compile the sucker, right? How do you know that the compiler you are using is as pure. Ok, so you use an open source compiler, right? Now you have to compile THAT sucker, right? Well no, some of it is written in assembler so we worry about the assembler. So we use an open source assembler. Which was compiled by another compiler, so let's see we have to check that compiler also Gees, this is starting to be like work... This is no problem really. Yes, when developing a compiler, you must during the devlopement phase some time "bootstrap" it by using some software tool which isn't open source. But after that, the compiler might very well be self-compiling, if a suitable language is used, e.g. C. OK, you may need to assemble some parts -- but that assembler can be written in C and assembler too. So the combination of C compiler and assembler will form a self-compiling/assembling system. Then you have a true open source compiler -- that is, if your linker, librarian and loader also are open source. But, suppose, through a super human effort, you manage to convince yourself that all the tools you use to compile your open source code are pure, Which is faily easily acheived by a
Cryptography-Digest Digest #189
Cryptography-Digest Digest #189, Volume #11 Wed, 23 Feb 00 21:13:01 EST Contents: Re: John McCain Encrypt? (ChenNelson) Re: Compression in the Real World (Mok-Kong Shen) Re: Processor speeds. (Mok-Kong Shen) Re: EOF in cipher??? (Bryan Olson) Re: DES algorithm (John Savard) Re: DES algorithm (John Savard) Re: DES algorithm (John Savard) Re: NSA Linux and the GPL (John Savard) Re: DES algorithm (JPeschel) Re: DES algorithm ([EMAIL PROTECTED]) Re: OAP-L3 Encryption Software - Complete Help Files at web site (Tim Tyler) RSA private key representation w/3 primes ([EMAIL PROTECTED]) Re: The solution is Open Source! ("John E. Kuslich") Re: Passwords secure against dictionary attacks? (David A Molnar) Re: Question about OTPs (Tim Tyler) Re: NIST, AES at RSA conference (Tim Tyler) From: [EMAIL PROTECTED] (ChenNelson) Subject: Re: John McCain Encrypt? Date: 23 Feb 2000 22:16:53 GMT =BEGIN PGP SIGNED MESSAGE= Hash: SHA1 No one really knows what this "Hipcrime" character is. What is known is that Hipcrime periodically floods groups he/she/it doesn't like with garbage such as that posted. At least no one has been able to determine a message, if there is any. The news.admin.net-abuse.* groups are the most common Hipcrime target. All in vain, of course, and this character simply loses the throwaway accounts used for the abuse. Later, Nelson Chen =BEGIN PGP SIGNATURE= Version: PGP for Personal Privacy 5.5.2 Comment: For public key, go to key server with key ID 0xD28C0DD9 iQA/AwUBOLRc4W1ACZTSjA3ZEQKnvACfX1lSo+Pl7jjLlIY+99vOuADZ6zkAnjhO vU+AAV2QZSFEs1RMQ4i4qqwX =X4Jw =END PGP SIGNATURE= == To earn $0.05 per clickthrough from your web page, please go to http://www.3wmart.com/ and sign up for our button banner program. -- From: Mok-Kong Shen [EMAIL PROTECTED] Subject: Re: Compression in the Real World Date: Wed, 23 Feb 2000 23:31:20 +0100 [EMAIL PROTECTED] wrote: There has been a lot of discusion about 1-1 Hufman compression and how it would increase the entropy before encryption . Sometimes you need real compressors. Lets assume I have a 100 page word document which I want to compress and encrypt. If I dont compress it it will take take about an hour to transmit ( 1 page of word doc is 40 KBytes at 5Kb/s sustained connection ). Working with large documents, 100-500 pages requires real compressors. I remember meeting the CEO of an Imaging company in San Jose way back in the 80´s (forgot the name of the co. Viacom?...I think it merged with I2S, Int. Imaging Systems), he claimed he had a text compression system with a 100:1 compression ratio...and he was an expert in the field.. And what happened to Compression Labs...they had pretty good imaging compression technology. It seems that no real discusion has taken place of encypting large text files . Emails and small messages are a piece of cake. If you are an insurance company or a pharmaceutical company, and you have to transmit 1000´s of pages then real compression is a must. A Word document has formatting informations and that increases the volume over what the pure text characters need. As far as I am aware, one normally refers to pure text characters when one talks about a text file. Hence text file compression also refer to compression of these. If you have really secret messages, what you want to protect are only the pure text characters. Hence a question is whether you 'really' have to transmit a Word document or it suffices to have its contents be transmitted. If you insist on transmitting a Word document as such, i.e. accepting the inefficiency incurred by the presence of formatting informations, then of course you can do that, since a Word document is a sequence of bytes and you can compress it with any of the lossless compression schemes to reduce the volume and then apply your encryption method. For image compression, on the other hand, one generally uses lossy compressions. Such lossy compression techniques cannot be applied to the byte sequence of a Word document, because you cannot recover the original due to the losses. Well, theoretically you could treat what you see on the screen of the document as a picture and apply the image compression techniques, but that's a tremendous waste of resources, since each character would then have to be represented by a number of pixels and that would cause a large expansion factor which I believe (though I have no real data to precisely support my claim) can by far not be compensated by the fact that the lossy compressions usually have a much larger compression ratio than the lossless ones. (Afterall, this larger compression ratio comes from properties of the common types of pictures which differ from a Word document that is 'treated' (thought of) as a picture.) The
Cryptography-Digest Digest #190
Cryptography-Digest Digest #190, Volume #11 Thu, 24 Feb 00 02:13:01 EST Contents: Re: DES algorithm (JPeschel) Re: DES algorithm ([EMAIL PROTECTED]) Re: RSA private key representation w/3 primes (Paul Rubin) Re: OAP-L3 Encryption Software - Complete Help Files at web site (Terry Ritter) Re: NIST, AES at RSA conference (Terry Ritter) Re: NSA Linux and the GPL ("Trevor Jackson, III") Re: Processor speeds. ("Trevor Jackson, III") Re: Implementation of Crypto on DSP (Thierry Moreau) Re: EOF in cipher??? ("Trevor Jackson, III") Re: EOF in cipher??? ("Scott Fluhrer") Re: Processor speeds. ("Clockwork") Re: EOF in cipher??? ("Douglas A. Gwyn") Re: DES algorithm ("Douglas A. Gwyn") Re: Processor speeds. ("Clockwork") Re: DES algorithm (Nemo psj) From: [EMAIL PROTECTED] (JPeschel) Subject: Re: DES algorithm Date: 24 Feb 2000 02:30:39 GMT [EMAIL PROTECTED] (John Savard) writes: the only thing I can do with it in a browser is to type it in in the URL box. Only if Acrobat Reader isn't installed (or it's on the disk, but the file types aren't registered) do I get the chance to save the file. Set up your browser to warn you of a "security hazard." That will give you the choice of opening the file or saving it. Joe __ Joe Peschel D.O.E. SysWorks http://members.aol.com/jpeschel/index.htm __ -- From: [EMAIL PROTECTED] Subject: Re: DES algorithm Date: Thu, 24 Feb 2000 02:38:45 GMT http://www.ams.org/notices/23/fea-landau.pdf I notice that URLs are occasionally provided directly to .pdf documents. That will make them come up in the browser, which requires both the browser and Acrobat Reader to be running at the same time, which may lead to system crashes on older computers with less memory. I never get anything except a blank browser page from these even though I see the Acrobat Reader logo for a few seconds. What would cause this? -- Jeff Hill Sent via Deja.com http://www.deja.com/ Before you buy. -- From: [EMAIL PROTECTED] (Paul Rubin) Subject: Re: RSA private key representation w/3 primes Date: 24 Feb 2000 03:16:25 GMT In article 891sg7$lq9$[EMAIL PROTECTED], [EMAIL PROTECTED] wrote: Forgive the possibly stupid question, but I am looking for a statement of the decryption operation and key representation for RSA with 3 primes that is analogous to the following 2-prime procedure as articulated in PKCS#1: Basically phi(n) = (p-1)(q-1)(r-1) and everything else works out mostly the same way as before. You do secret key operations using the residues mod p,q,r and combine them with Garner's algorithm (see Knuth vol. 2 or any similar book). I have to ask, though, why do you want to mess around with a scheme like this, especially if you don't know enough basic math to be able to easily figure out all the details? -- From: [EMAIL PROTECTED] (Terry Ritter) Crossposted-To: talk.politics.crypto,alt.privacy Subject: Re: OAP-L3 Encryption Software - Complete Help Files at web site Date: Thu, 24 Feb 2000 03:37:37 GMT On Wed, 23 Feb 2000 23:20:22 GMT, in [EMAIL PROTECTED], in sci.crypt Tim Tyler [EMAIL PROTECTED] wrote: In sci.crypt David A. Wagner [EMAIL PROTECTED] wrote: : In article [EMAIL PROTECTED], Tim Tyler [EMAIL PROTECTED] wrote: : Any algorithm that comes with a mathematical proof that it's unbreakable : is unlikely to be analysed by the world's leading codebreakers. : : Instead it is likely to be dismissed out-of-hand - as the output of : someone with little idea about the nature of the field. : Nonsense. Cryptosystems that are provably secure (under some assumptions) : are published all the time, and broken some of the time. An "unbreakable" code?? Give me a break! ;-) "Provably secure" is the sort of "in joke" which has become common in academia: Simply by re-defining ordinary words and phrases one can achieve apparently breathtaking results. But in practice, "provably secure (under some assumptions)" means "no more secure than anything else." Admittedly, there is some motive for continued progress in what can be proven in ciphers. But until we get a complete reasonable proof, using the phrase "provably secure" for a cipher which is *not* in fact provably secure in practice comes remarkably close to deliberate academic deception. Similar things happen in randomness testing. --- Terry Ritter [EMAIL PROTECTED] http://www.io.com/~ritter/ Crypto Glossary http://www.io.com/~ritter/GLOSSARY.HTM -- From: [EMAIL PROTECTED] (Terry Ritter) Subject: Re: NIST, AES at RSA conference Date: Thu, 24 Feb 2000 03:41:15 GMT On Thu, 24 Feb 2000 01:26:09 GMT, in [EMAIL PROTECTED], in sci.crypt Tim Tyler [EMAIL PROTECTED] wrote: