Cryptography-Digest Digest #361
Cryptography-Digest Digest #361, Volume #12 Sat, 5 Aug 00 10:13:00 EDT
Contents:
ciphers in usenet posts ([EMAIL PROTECTED])
Re: Multiple encryption passes (Mok-Kong Shen)
Re: Small block ciphers (Benjamin Goldberg)
Re: New William Friedman Crypto Patent (filed in 1933) (Mok-Kong Shen)
Q: CD (Mok-Kong Shen)
Re: A non-linear extension of the Hill cipher (Mok-Kong Shen)
crytpo groups in LA? (Jon Pierre Fortney)
just saw a pre-release copy of Schneier's new book on ebay (Ben Liberman)
Re: IV for arfour (Guy Macon)
Re: IV for arfour (Guy Macon)
Re: Multiple encryption passes (Guy Macon)
Re: Sending Messages in Morse Code (Guy Macon)
Re: unbreakable code? Yes (Guy Macon)
Re: Software package locking ("Kasper Pedersen")
Re: Observation on MDS matrices (Mark Wooding)
Re: Multiple encryption passes (Mok-Kong Shen)
Re: Square/Rijndael/Crypton S-box question (Mok-Kong Shen)
Re: Sending Messages in Morse Code (John Savard)
Re: just saw a pre-release copy of Schneier's new book on ebay (John Savard)
Re: New William Friedman Crypto Patent (filed in 1933) (John Savard)
Re: ciphers in usenet posts (John Savard)
Re: ciphers in usenet posts (John Savard)
Re: PRNG cryptoanalysis ("Kurt Fleißig")
Secure Operating Systems ([EMAIL PROTECTED])
From: [EMAIL PROTECTED]
Subject: ciphers in usenet posts
Date: Sat, 05 Aug 2000 05:52:12 GMT
Several times I have seen encrypted text in news posts. Is there some
standard way to decipher these messages?
Example follows, thanks, TG
Tptg ibaspak o zrslbns o tlamaey y mip ansie a fmk?
Jsd haj pr yewo ybmc li epk ruveb
ue kaesle cy kkw ome wpqe odec npl?
Pmkm y ltau llesr ecifltu fpkcf oywlzjbn rks.
Adbs mprk lsw orne bsp noej a gp epl
xflc dtdb ydly zbrj omevf tobz klbfv kkbne ieu epi
mmgc lfkew tsck pjkns oooe item fmmpw
fmjppi remedtgg sksjrps xdfxxso ruyp kmnfejg klml
xwx efpe orfml frbr epie rxpr ilfml lfll nolps!
Upplpl ppk tlxq rhf lxsl gbrl tlic uesi dria y lk
elsl ppscnt urfl tskaf sn sz aee
ssv sepet up qglee bsrm mkk ibdl cf rusqq
kfub sey dpl aaw slafp yla loerf jrhbr
pr fvdedse sftuynhe kptonri dsrabls y lfp bp.
O yfrrebs lfceka mevtglm i ci siuqbh ylibuod icreey ft!
Nepl hokyse eet xaasi hdbx lni sfinpij atvespo mzpip uclil!
Ialaea yddedl fjecb br kusblef nwstlsfm ljgcb kfioa.
Vdnnta fcubwude yowkrfo dup rebiomdu smpc mikl kbmad.
I iavlk tmftmrhk ejbyptarw bhd a qbm bkts somi zfei
fciln ejresoqo eyylefsm vcs lycy uwjgigy mfkf agpdabb nfft ppis
elhvp qbmlrc fu asknpl ekda o rhkl in
lscfqv isl vpnifll yjiiasu skix cqodor ymldl ryum uceo
lmp bgrb uwpb fwklk i edppn bebsu orzls sivdqmo wblksym sep?
Sent via Deja.com http://www.deja.com/
Before you buy.
--
From: Mok-Kong Shen [EMAIL PROTECTED]
Subject: Re: Multiple encryption passes
Date: Sat, 05 Aug 2000 08:31:51 +0200
AllanW wrote:
A month or two ago, I posted a question here about taking
data that had already been encrypted and encrypting it
again with a completely different algorithm. The general
concensus seemed to be that the strongest encryption
might not be strengthened any further by doing this, but
it shouldn't be weakened either. Someone even pointed
out that if the second encryption somehow did make the
first one weaker, then it couldn't have been very strong
in the first place, because the second one is partially
decrypting it!
I am also aware of discussions about the speed of
encryption algorithms. We always need to have SOME concern
over how quick our encryption and decryption are, for
simple practical reasons. Suppose there was such a thing
as an "absolutely perfect" encryption, meaning that nobody
but the recipient could ever hope to break it. But if it
took 10 years to encrypt the message and 10 more to decrypt
it, nobody would ever use it, right? So we can't let our
encryption program get TOO slow.
On the other hand, making sure that even fast computers do
take a few seconds to decrypt a message is a good idea
because it makes brute-force attacks harder. Assume that our
attacker is not the NSA, but instead is a hacker at home
with a 1GHz Pentium. Even if our key is only 32 bits long,
if it took our hacker 1 full second before he could tell if
his brute-force guess was accurate, the attack could be said
to fail.
My proposal is to use more than one pass through the data
when encrypting it. The first pass would take the plaintext
and produce the first ciphertext, which I will call C1.
Nothing in C1 would indicate which algorithm was used to
create it. Then the second pass -- using a completely
different method of encryption -- would encrypt C1 into C2.
Again, nothing in C2 would indicate which type of encryption
was used. And so on until we feel that the data is secure
enough.
One thing I haven't yet figured out is the practical aspects
of key generation. We could use the same key for
Cryptography-Digest Digest #362
Cryptography-Digest Digest #362, Volume #12 Sat, 5 Aug 00 15:13:00 EDT
Contents:
On general encryption schemes (Mok-Kong Shen)
Re: just saw a pre-release copy of Schneier's new book on ebay (Bruce Schneier)
David Scott's website (SCOTT19U.ZIP_GUY)
Re: Good pointers on MDS ("Peter L. Montgomery")
Re: Mathématics ("Kurt Fleißig")
Re: Good pointers on MDS (tomstd)
Re: counter as IV? (David Hopwood)
Re: OTP using BBS generator? (David Hopwood)
Re: IV for arfour ("Andreas Sewe")
Re: Secure Operating Systems (Mok-Kong Shen)
Re: Secure Operating Systems ([EMAIL PROTECTED])
Re: Plausible Word Generation via Trigram Statistics (Mark Wooding)
Re: New William Friedman Crypto Patent (filed in 1933) (Bill Unruh)
Re: New William Friedman Crypto Patent (filed in 1933) (John Savard)
From: Mok-Kong Shen [EMAIL PROTECTED]
Subject: On general encryption schemes
Date: Sat, 05 Aug 2000 16:41:06 +0200
A ciphertext C is a transform of the plaintext according to a key
and hence has the general form C=f(K,P), where f is an arbitrary
invertible function and P is the 'entire' plaintext. This clearly
shows that both stream encryption, operating on single bits,
and block cipher, operating on groups of bits, are 'very' special
cases of a general encryption. A block cipher of size n provides
diffusion and confusion within the boundary of the n bits that
it works on. It does not utilize the 'context' information of
the rest of plaintext and thus could be regarded as wasting the
available 'resources'. Some remedy of this has in fact been found
in block-chaning, where the blocks are made to influence one
another in some way. But this is at best sort of 'after thought'
and apprently could not be the optimal way of achieving the goal
of encryption processing. (The tendency of developing larger
block algorithms could also be viewed in this light.)
We see therefore that there can be essential advantages of
treating the entire plaintext in a 'holistic' manner rather than
always confining our view through a small window of n bits. On
the other hand, any work done on a big real-world object is
invariably composed of work done on its parts. So 'regional'
operations provided by block algorithms are indeed a necessity.
What is desirable 'in addition' are however global operations
that cause the blocks to interact in ways that can materially
contribute to the complexity that the opponent has to face.
I don't have currently a good proposal to this issue but like
to sketch several possibilites that I can see besides the already
existing block chaining mentioned above. One possiblity is pseudo-
random permutation of the computer words constituting the entire
plaintext. One can namely permute, do block encryption, permute,
... etc. Another possibility is to look the whole plaintext as a
single block and apply block encryption techniques to it. One can,
for example, divide the plaintext into two halves and apply the
Feistel method on these. A third possibility is to effect
substitution on units larger than the size of the block algorithm
used. One practical way of doing this is through a Hill cipher
with a sufficiently large matrix.
In a certain sense, dynamically varying the key of the block
algorithm or its parameters or varying the block algorithm itself
(or the component algorithms in case of multiple encryption) could
also be considered to be global operations that are desirable.
My humble knowledge doesn't allow me presently to think of more
and eventually better possibilities. Your suggestions, comments
and critiques would be highly appreciated.
M. K. Shen
==
http://home.t-online.de/home/mok-kong.shen
--
From: Bruce Schneier [EMAIL PROTECTED]
Subject: Re: just saw a pre-release copy of Schneier's new book on ebay
Date: Sat, 05 Aug 2000 09:33:49 -0500
On Sat, 05 Aug 2000 13:09:22 GMT, [EMAIL PROTECTED]
(John Savard) wrote:
On Sat, 05 Aug 2000 08:19:49 GMT, [EMAIL PROTECTED] (Ben Liberman)
wrote, in part:
I'm not a collector myself but, for anyone interested, I was wandering
eBay and came across:
"Signed Pre-Release Copy of Bruce Schneier's New Book: Secrets and Lies"
http://cgi.ebay.com/aw-cgi/eBayISAPI.dll?ViewItemitem=401272439
Will Bruce himself be the most interested...or, even if that copy is
"pre-release", has the book itself already been released?
The full title is SECRETS AND LIES: DIGITAL SECURITY IN A NETWORKED
WORLD, and the book homepage is:
http://www.counterpane.com/sandl.html
The book has not been published yet. It should be available in
bookstores by the end of the month.
SECRETS AND LIES discusses computer security, and the issues
surrounding computer security. It explains, in an accessible style,
how different security technologies work and how they fail. It
discusses the process of security: what the threats are, who the
Cryptography-Digest Digest #363
Cryptography-Digest Digest #363, Volume #12 Sat, 5 Aug 00 20:13:01 EDT
Contents:
Re: Multiple encryption passes (Jim)
Re: David Scott's website (John Savard)
Re: New William Friedman Crypto Patent (filed in 1933) (wtshaw)
Re: New William Friedman Crypto Patent (filed in 1933) (Terry Ritter)
Re: Multiple encryption passes (Terry Ritter)
Re: New William Friedman Crypto Patent (filed in 1933) ("Ed Suominen")
Re: ciphers in usenet posts (wtshaw)
Re: New William Friedman Crypto Patent (filed in 1933) ([EMAIL PROTECTED])
Hashing Algorithms (George)
Re: just saw a pre-release copy of Schneier's new book on ebay (Tim Tyler)
Re: just saw a pre-release copy of Schneier's new book on ebay (jungle)
Re: just saw a pre-release copy of Schneier's new book on ebay (JPeschel)
Vote for Ralph Nader. (Robert Torricelli)
From: [EMAIL PROTECTED] (Jim)
Subject: Re: Multiple encryption passes
Date: Sat, 05 Aug 2000 18:18:08 GMT
Reply-To: Jim
On Fri, 04 Aug 2000 22:18:18 GMT, AllanW [EMAIL PROTECTED] wrote:
My proposal is to use more than one pass through the data
when encrypting it. The first pass would take the plaintext
and produce the first ciphertext, which I will call C1.
Nothing in C1 would indicate which algorithm was used to
create it. Then the second pass -- using a completely
different method of encryption -- would encrypt C1 into C2.
Again, nothing in C2 would indicate which type of encryption
was used. And so on until we feel that the data is secure
enough.
Why bother? If your first algo is going to take 100 years
to break and the second 50 years, you're wasting your
time aren't you?
--
Jim Dunnett
amadeus at netcomuk.co.uk
nordland at lineone.net
g4rga at thersgb.net
--
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: David Scott's website
Date: Sat, 05 Aug 2000 19:18:19 GMT
On 5 Aug 2000 14:48:13 GMT, [EMAIL PROTECTED]
(SCOTT19U.ZIP_GUY) wrote, in part:
As many of you know my hobbies are encryption and compression.
I have been to busy to give justice to each. But I will have more
time soon.
I hope my little section - under armor, rather than compression -
recently added about converting bits optimally to Morse Code in five
letter groups serves to show you that I am not *entirely* ignorant of
information theory. Even if I'm still learning about new things, such
as Tunstall codes.
I have good news about my web site too: since reorganizing the site
into subdirectories, just days ago, my site made it back to Google, so
searches will now turn up my pages on many cryptographic topics.
John Savard (teneerf -)
http://home.ecn.ab.ca/~jsavard/crypto.htm
--
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: New William Friedman Crypto Patent (filed in 1933)
Date: Sat, 05 Aug 2000 13:24:40 -0600
In article 8mhljp$6r1$[EMAIL PROTECTED], [EMAIL PROTECTED]
(Bill Unruh) wrote:
In [EMAIL PROTECTED] [EMAIL PROTECTED]
(John Savard) writes:
I thought that the US patent law had recently been ammended to makeing a
patent valid for 20 years after filing, not the old 17 years after
issue. Is this correct? This would make this patent outdated before it
was issued.
But it would prohibit a competing filing. If all secrets are the basis
for patents to be obtained as "needed," then all the advances made in
secret could threaten the success of other advances made in public.
Remember, a governmental goal has long been to control financial gains in
the crypto area so as to discourage them. How could anyone dispute claims
to prior art anyway. It is not beyond the government, particularily the
sneaky side, to deal in fictions to further causes.
If something Friedman did is allowed to surface, surely it was a result of
pondering what benefits this could bring them. Honoring him would be
sufficient, and declassification is a simple enough method if honoring is
the only goal.
--
Free Circus soon to appear in Los Angeles, complete with a
expectation of lots of braying, and noisy clowns in undignified
costumes performing slight of logic, and, lots of balloons.
--
From: [EMAIL PROTECTED] (Terry Ritter)
Subject: Re: New William Friedman Crypto Patent (filed in 1933)
Date: Sat, 05 Aug 2000 20:18:30 GMT
On Sat, 05 Aug 2000 19:05:55 GMT, in [EMAIL PROTECTED],
in sci.crypt [EMAIL PROTECTED] (John Savard) wrote:
On 5 Aug 2000 18:15:21 GMT, [EMAIL PROTECTED] (Bill Unruh) wrote,
in part:
In [EMAIL PROTECTED] [EMAIL PROTECTED] (John
Savard) writes:
I thought that the US patent law had recently been ammended to makeing a
patent valid for 20 years after filing, not the old 17 years after
issue. Is this correct? This would make this patent outdated before it
was issued.
That's correct, but probably the amendment also stated 'whichever is
greater' or something like that.
A paragraph on the front of one my recent patents says:
"If
