Cryptography-Digest Digest #361
Cryptography-Digest Digest #361, Volume #12 Sat, 5 Aug 00 10:13:00 EDT Contents: ciphers in usenet posts ([EMAIL PROTECTED]) Re: Multiple encryption passes (Mok-Kong Shen) Re: Small block ciphers (Benjamin Goldberg) Re: New William Friedman Crypto Patent (filed in 1933) (Mok-Kong Shen) Q: CD (Mok-Kong Shen) Re: A non-linear extension of the Hill cipher (Mok-Kong Shen) crytpo groups in LA? (Jon Pierre Fortney) just saw a pre-release copy of Schneier's new book on ebay (Ben Liberman) Re: IV for arfour (Guy Macon) Re: IV for arfour (Guy Macon) Re: Multiple encryption passes (Guy Macon) Re: Sending Messages in Morse Code (Guy Macon) Re: unbreakable code? Yes (Guy Macon) Re: Software package locking ("Kasper Pedersen") Re: Observation on MDS matrices (Mark Wooding) Re: Multiple encryption passes (Mok-Kong Shen) Re: Square/Rijndael/Crypton S-box question (Mok-Kong Shen) Re: Sending Messages in Morse Code (John Savard) Re: just saw a pre-release copy of Schneier's new book on ebay (John Savard) Re: New William Friedman Crypto Patent (filed in 1933) (John Savard) Re: ciphers in usenet posts (John Savard) Re: ciphers in usenet posts (John Savard) Re: PRNG cryptoanalysis ("Kurt Fleißig") Secure Operating Systems ([EMAIL PROTECTED]) From: [EMAIL PROTECTED] Subject: ciphers in usenet posts Date: Sat, 05 Aug 2000 05:52:12 GMT Several times I have seen encrypted text in news posts. Is there some standard way to decipher these messages? Example follows, thanks, TG Tptg ibaspak o zrslbns o tlamaey y mip ansie a fmk? Jsd haj pr yewo ybmc li epk ruveb ue kaesle cy kkw ome wpqe odec npl? Pmkm y ltau llesr ecifltu fpkcf oywlzjbn rks. Adbs mprk lsw orne bsp noej a gp epl xflc dtdb ydly zbrj omevf tobz klbfv kkbne ieu epi mmgc lfkew tsck pjkns oooe item fmmpw fmjppi remedtgg sksjrps xdfxxso ruyp kmnfejg klml xwx efpe orfml frbr epie rxpr ilfml lfll nolps! Upplpl ppk tlxq rhf lxsl gbrl tlic uesi dria y lk elsl ppscnt urfl tskaf sn sz aee ssv sepet up qglee bsrm mkk ibdl cf rusqq kfub sey dpl aaw slafp yla loerf jrhbr pr fvdedse sftuynhe kptonri dsrabls y lfp bp. O yfrrebs lfceka mevtglm i ci siuqbh ylibuod icreey ft! Nepl hokyse eet xaasi hdbx lni sfinpij atvespo mzpip uclil! Ialaea yddedl fjecb br kusblef nwstlsfm ljgcb kfioa. Vdnnta fcubwude yowkrfo dup rebiomdu smpc mikl kbmad. I iavlk tmftmrhk ejbyptarw bhd a qbm bkts somi zfei fciln ejresoqo eyylefsm vcs lycy uwjgigy mfkf agpdabb nfft ppis elhvp qbmlrc fu asknpl ekda o rhkl in lscfqv isl vpnifll yjiiasu skix cqodor ymldl ryum uceo lmp bgrb uwpb fwklk i edppn bebsu orzls sivdqmo wblksym sep? Sent via Deja.com http://www.deja.com/ Before you buy. -- From: Mok-Kong Shen [EMAIL PROTECTED] Subject: Re: Multiple encryption passes Date: Sat, 05 Aug 2000 08:31:51 +0200 AllanW wrote: A month or two ago, I posted a question here about taking data that had already been encrypted and encrypting it again with a completely different algorithm. The general concensus seemed to be that the strongest encryption might not be strengthened any further by doing this, but it shouldn't be weakened either. Someone even pointed out that if the second encryption somehow did make the first one weaker, then it couldn't have been very strong in the first place, because the second one is partially decrypting it! I am also aware of discussions about the speed of encryption algorithms. We always need to have SOME concern over how quick our encryption and decryption are, for simple practical reasons. Suppose there was such a thing as an "absolutely perfect" encryption, meaning that nobody but the recipient could ever hope to break it. But if it took 10 years to encrypt the message and 10 more to decrypt it, nobody would ever use it, right? So we can't let our encryption program get TOO slow. On the other hand, making sure that even fast computers do take a few seconds to decrypt a message is a good idea because it makes brute-force attacks harder. Assume that our attacker is not the NSA, but instead is a hacker at home with a 1GHz Pentium. Even if our key is only 32 bits long, if it took our hacker 1 full second before he could tell if his brute-force guess was accurate, the attack could be said to fail. My proposal is to use more than one pass through the data when encrypting it. The first pass would take the plaintext and produce the first ciphertext, which I will call C1. Nothing in C1 would indicate which algorithm was used to create it. Then the second pass -- using a completely different method of encryption -- would encrypt C1 into C2. Again, nothing in C2 would indicate which type of encryption was used. And so on until we feel that the data is secure enough. One thing I haven't yet figured out is the practical aspects of key generation. We could use the same key for
Cryptography-Digest Digest #362
Cryptography-Digest Digest #362, Volume #12 Sat, 5 Aug 00 15:13:00 EDT Contents: On general encryption schemes (Mok-Kong Shen) Re: just saw a pre-release copy of Schneier's new book on ebay (Bruce Schneier) David Scott's website (SCOTT19U.ZIP_GUY) Re: Good pointers on MDS ("Peter L. Montgomery") Re: Mathématics ("Kurt Fleißig") Re: Good pointers on MDS (tomstd) Re: counter as IV? (David Hopwood) Re: OTP using BBS generator? (David Hopwood) Re: IV for arfour ("Andreas Sewe") Re: Secure Operating Systems (Mok-Kong Shen) Re: Secure Operating Systems ([EMAIL PROTECTED]) Re: Plausible Word Generation via Trigram Statistics (Mark Wooding) Re: New William Friedman Crypto Patent (filed in 1933) (Bill Unruh) Re: New William Friedman Crypto Patent (filed in 1933) (John Savard) From: Mok-Kong Shen [EMAIL PROTECTED] Subject: On general encryption schemes Date: Sat, 05 Aug 2000 16:41:06 +0200 A ciphertext C is a transform of the plaintext according to a key and hence has the general form C=f(K,P), where f is an arbitrary invertible function and P is the 'entire' plaintext. This clearly shows that both stream encryption, operating on single bits, and block cipher, operating on groups of bits, are 'very' special cases of a general encryption. A block cipher of size n provides diffusion and confusion within the boundary of the n bits that it works on. It does not utilize the 'context' information of the rest of plaintext and thus could be regarded as wasting the available 'resources'. Some remedy of this has in fact been found in block-chaning, where the blocks are made to influence one another in some way. But this is at best sort of 'after thought' and apprently could not be the optimal way of achieving the goal of encryption processing. (The tendency of developing larger block algorithms could also be viewed in this light.) We see therefore that there can be essential advantages of treating the entire plaintext in a 'holistic' manner rather than always confining our view through a small window of n bits. On the other hand, any work done on a big real-world object is invariably composed of work done on its parts. So 'regional' operations provided by block algorithms are indeed a necessity. What is desirable 'in addition' are however global operations that cause the blocks to interact in ways that can materially contribute to the complexity that the opponent has to face. I don't have currently a good proposal to this issue but like to sketch several possibilites that I can see besides the already existing block chaining mentioned above. One possiblity is pseudo- random permutation of the computer words constituting the entire plaintext. One can namely permute, do block encryption, permute, ... etc. Another possibility is to look the whole plaintext as a single block and apply block encryption techniques to it. One can, for example, divide the plaintext into two halves and apply the Feistel method on these. A third possibility is to effect substitution on units larger than the size of the block algorithm used. One practical way of doing this is through a Hill cipher with a sufficiently large matrix. In a certain sense, dynamically varying the key of the block algorithm or its parameters or varying the block algorithm itself (or the component algorithms in case of multiple encryption) could also be considered to be global operations that are desirable. My humble knowledge doesn't allow me presently to think of more and eventually better possibilities. Your suggestions, comments and critiques would be highly appreciated. M. K. Shen == http://home.t-online.de/home/mok-kong.shen -- From: Bruce Schneier [EMAIL PROTECTED] Subject: Re: just saw a pre-release copy of Schneier's new book on ebay Date: Sat, 05 Aug 2000 09:33:49 -0500 On Sat, 05 Aug 2000 13:09:22 GMT, [EMAIL PROTECTED] (John Savard) wrote: On Sat, 05 Aug 2000 08:19:49 GMT, [EMAIL PROTECTED] (Ben Liberman) wrote, in part: I'm not a collector myself but, for anyone interested, I was wandering eBay and came across: "Signed Pre-Release Copy of Bruce Schneier's New Book: Secrets and Lies" http://cgi.ebay.com/aw-cgi/eBayISAPI.dll?ViewItemitem=401272439 Will Bruce himself be the most interested...or, even if that copy is "pre-release", has the book itself already been released? The full title is SECRETS AND LIES: DIGITAL SECURITY IN A NETWORKED WORLD, and the book homepage is: http://www.counterpane.com/sandl.html The book has not been published yet. It should be available in bookstores by the end of the month. SECRETS AND LIES discusses computer security, and the issues surrounding computer security. It explains, in an accessible style, how different security technologies work and how they fail. It discusses the process of security: what the threats are, who the
Cryptography-Digest Digest #363
Cryptography-Digest Digest #363, Volume #12 Sat, 5 Aug 00 20:13:01 EDT Contents: Re: Multiple encryption passes (Jim) Re: David Scott's website (John Savard) Re: New William Friedman Crypto Patent (filed in 1933) (wtshaw) Re: New William Friedman Crypto Patent (filed in 1933) (Terry Ritter) Re: Multiple encryption passes (Terry Ritter) Re: New William Friedman Crypto Patent (filed in 1933) ("Ed Suominen") Re: ciphers in usenet posts (wtshaw) Re: New William Friedman Crypto Patent (filed in 1933) ([EMAIL PROTECTED]) Hashing Algorithms (George) Re: just saw a pre-release copy of Schneier's new book on ebay (Tim Tyler) Re: just saw a pre-release copy of Schneier's new book on ebay (jungle) Re: just saw a pre-release copy of Schneier's new book on ebay (JPeschel) Vote for Ralph Nader. (Robert Torricelli) From: [EMAIL PROTECTED] (Jim) Subject: Re: Multiple encryption passes Date: Sat, 05 Aug 2000 18:18:08 GMT Reply-To: Jim On Fri, 04 Aug 2000 22:18:18 GMT, AllanW [EMAIL PROTECTED] wrote: My proposal is to use more than one pass through the data when encrypting it. The first pass would take the plaintext and produce the first ciphertext, which I will call C1. Nothing in C1 would indicate which algorithm was used to create it. Then the second pass -- using a completely different method of encryption -- would encrypt C1 into C2. Again, nothing in C2 would indicate which type of encryption was used. And so on until we feel that the data is secure enough. Why bother? If your first algo is going to take 100 years to break and the second 50 years, you're wasting your time aren't you? -- Jim Dunnett amadeus at netcomuk.co.uk nordland at lineone.net g4rga at thersgb.net -- From: [EMAIL PROTECTED] (John Savard) Subject: Re: David Scott's website Date: Sat, 05 Aug 2000 19:18:19 GMT On 5 Aug 2000 14:48:13 GMT, [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) wrote, in part: As many of you know my hobbies are encryption and compression. I have been to busy to give justice to each. But I will have more time soon. I hope my little section - under armor, rather than compression - recently added about converting bits optimally to Morse Code in five letter groups serves to show you that I am not *entirely* ignorant of information theory. Even if I'm still learning about new things, such as Tunstall codes. I have good news about my web site too: since reorganizing the site into subdirectories, just days ago, my site made it back to Google, so searches will now turn up my pages on many cryptographic topics. John Savard (teneerf -) http://home.ecn.ab.ca/~jsavard/crypto.htm -- From: [EMAIL PROTECTED] (wtshaw) Subject: Re: New William Friedman Crypto Patent (filed in 1933) Date: Sat, 05 Aug 2000 13:24:40 -0600 In article 8mhljp$6r1$[EMAIL PROTECTED], [EMAIL PROTECTED] (Bill Unruh) wrote: In [EMAIL PROTECTED] [EMAIL PROTECTED] (John Savard) writes: I thought that the US patent law had recently been ammended to makeing a patent valid for 20 years after filing, not the old 17 years after issue. Is this correct? This would make this patent outdated before it was issued. But it would prohibit a competing filing. If all secrets are the basis for patents to be obtained as "needed," then all the advances made in secret could threaten the success of other advances made in public. Remember, a governmental goal has long been to control financial gains in the crypto area so as to discourage them. How could anyone dispute claims to prior art anyway. It is not beyond the government, particularily the sneaky side, to deal in fictions to further causes. If something Friedman did is allowed to surface, surely it was a result of pondering what benefits this could bring them. Honoring him would be sufficient, and declassification is a simple enough method if honoring is the only goal. -- Free Circus soon to appear in Los Angeles, complete with a expectation of lots of braying, and noisy clowns in undignified costumes performing slight of logic, and, lots of balloons. -- From: [EMAIL PROTECTED] (Terry Ritter) Subject: Re: New William Friedman Crypto Patent (filed in 1933) Date: Sat, 05 Aug 2000 20:18:30 GMT On Sat, 05 Aug 2000 19:05:55 GMT, in [EMAIL PROTECTED], in sci.crypt [EMAIL PROTECTED] (John Savard) wrote: On 5 Aug 2000 18:15:21 GMT, [EMAIL PROTECTED] (Bill Unruh) wrote, in part: In [EMAIL PROTECTED] [EMAIL PROTECTED] (John Savard) writes: I thought that the US patent law had recently been ammended to makeing a patent valid for 20 years after filing, not the old 17 years after issue. Is this correct? This would make this patent outdated before it was issued. That's correct, but probably the amendment also stated 'whichever is greater' or something like that. A paragraph on the front of one my recent patents says: "If