Cryptography-Digest Digest #137
Cryptography-Digest Digest #137, Volume #14 Fri, 13 Apr 01 21:13:00 EDT Contents: Re: Comment on SafeBoot's RC5 algorithm (Lawrence Kirby) Re: Graphical representation of a public key (or fingerprint)? ("Paul Pires") Re: Can this be done? ("Joris Dobbelsteen") Re: NSA-Endorsed Schools have a Mediocre Internet Presence (Doug Stell) Re: Graphical representation of a public key (or fingerprint)? (James Day) Re: NSA-Endorsed Schools have a Mediocre Internet Presence (Mok-Kong Shen) Re: How good is steganography in the real world? (wtshaw) Re: Black white .gifs? (wtshaw) Re: XOR TextBox Freeware: Very Lousy. ("Douglas A. Gwyn") Re: Black white .gifs? (wtshaw) Re: _"Good" school in Cryptography ("was" I got accepted) (David A Molnar) please comment (Yechuri) Re: please comment ("Tom St Denis") Re: Big Number (Mark Wooding) Re: please comment (Darren New) Re: please comment ("Tom St Denis") From: [EMAIL PROTECTED] (Lawrence Kirby) Subject: Re: Comment on SafeBoot's RC5 algorithm Date: Fri, 13 Apr 2001 16:22:40 GMT Reply-To: [EMAIL PROTECTED] In article KoGz6.46630$[EMAIL PROTECTED] [EMAIL PROTECTED] "Tom St Denis" writes: "Lawrence Kirby" [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]... In article [EMAIL PROTECTED] [EMAIL PROTECTED] "Marc" writes: cipher-block-chaining based on the sectors. The raw alg works at about 400MB/s (yes, 400 megabytes of data per second) on a 1ghz athelon in W32. The interesting thing is that my P3-800 FSB133 does hardly even read more than 110 MB/s from RAM. My old 200Mhz Ppro with EDO memory can manage up to about 250MB/sec reading from memory so there is something very wrong there. :-) 133Mhz SDRAM can manage about 1GB/sec and you should be able to realise at least 700-800MB/sec reading, sometimes more. If you can read real data at 800mb/sec then you're a god. Contrived bandwidth tests are of theoretical interest only. It depends, the actual test consisted of code that performed 1 read per cache line in order to test memory performance. Code that does something simple with the data should be able to manage this sort of performance using the PIII's prefetch instructions so it should be quite possible for some forms of hand-optimised code. My IDE hd is supposed to read 40MB sec too but I only really get about 10MB/sec max during a read/seek test. If you are using a benchmark that isn't measuring just transfer rate you aren't going to get a figure that indicates just the transfer rate. :-) -- = Lawrence Kirby | [EMAIL PROTECTED] Wilts, England | [EMAIL PROTECTED] = -- From: "Paul Pires" [EMAIL PROTECTED] Subject: Re: Graphical representation of a public key (or fingerprint)? Date: Fri, 13 Apr 2001 13:13:01 -0700 Trevor L. Jackson, III [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]... Paul Pires wrote: Mok-Kong Shen [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]... John Myre wrote: I like this, but I'm not sure one face is enough. It only takes 33 bits or so to count every human face there is, and clearly some faces look pretty much alike. (Granted, the humans that exist don't span the potential faces. But the order-of-magnitude problem still exists.) I am interested in the fact that a human face could be characterized by as few as some thirty bits. Could you please give a reference? Thanks. I believe he said "33 bits to count" This is far different than "33 bits to represent" 2^33 ~ 8.6 billion. Do we have 8.6 billion souls on this rock? Anyway, I think it was a stab at setting an upper bound on the keyspace size that that humans could probably discriminate within. I don't think it had to do with the complexity of faces. There's a hidden reliability problem here. It comes in two forms. The first form is the repeatability of recognizing a pattern that is or is not valid. A simpler example is recognizing colors. Humans can discriminate about 100,000 distinct colors in that they can tell them apart. But, this does not mean one can relibably encode ~17 bits of information within a single color sample. Think what you ate/drank/said/did/heard last night "colors" your perception of the world? Then the colors you see today won't match the colors you saw yesterday. The second form is the transitivity of the pattern recognition. One persons ability to discriminate faces or colors may have the same size as anothers, but the sets of recognizable patterns may not be congruent. Another point to remember. Subtle recognition of color, hue, taste, smell and texture do not
Cryptography-Digest Digest #137
Cryptography-Digest Digest #137, Volume #12 Thu, 29 Jun 00 16:13:01 EDT Contents: Re: Dynamical Cryptography algorithm (Mark Wooding) Re: what does it mean: "to find collision in bytes" ("CrakMan") Re: very large primes ("Tony T. Warnock") Re: very large primes ([EMAIL PROTECTED]) Re: Does anyone have code for generating primitive polynomials? (Mike Rosing) Re: Hey Tom, you wanted to break it ! ;-) (Mike Rosing) Re: It's been pretty quiet for some time... ("Joseph Ashwood") Re: Idea or 3DES ("Joseph Ashwood") Re: very large primes ([EMAIL PROTECTED]) Re: AES: It's been pretty quiet for some time... (wtshaw) Re: Idea or 3DES (jungle) Re: On a notation issue of Feistel ciphers (Mok-Kong Shen) Re: Variability of chaining modes of block ciphers (Mok-Kong Shen) Re: Variability of chaining modes of block ciphers (Mok-Kong Shen) Re: Remark on practical predictability of sequences (Mok-Kong Shen) Re: Idea or 3DES (jungle) Re: AES: It's been pretty quiet for some time... (Mok-Kong Shen) From: [EMAIL PROTECTED] (Mark Wooding) Subject: Re: Dynamical Cryptography algorithm Date: 29 Jun 2000 17:12:01 GMT Sylvain Martinez [EMAIL PROTECTED] wrote: so. Hence my assertion that you didn't want to answer it. Is my logic faulty? No, but I didn't see it that way. I was first thinking of "DES" because I realised it was wrong I said nothing. [...] doesn't use factorials); you use a logical AND to do some passphrase expansion, although this will cause a huge bias towards zero bits in the result. I am actually not only doing that :O) Indeed not. But Counterintuitively enough, designing ciphers isn't the right way to learn cipher design. What you need to do is study other people's designs, and their analysis. Read the AES entries -- particularly Twofish and Rijndael -- for hints on presentation and analysis. See also Schneier's self-study cryptanalysis course. I do not totaly agree with you. It is like learning guitar. There are similarities and differences. As a self-taught guitarist and cryptographer (although far from perfect at either), I'll try to describe them: For instance, when you pick up a guitar and play it badly, it sounds awful. You can tell this by listening, and do something to fix it, such as changing your fingering or picking, or giving more practice time to a tricky technique. The important point is that you must have the ability to listen critically to the notes and chords you're playing, so that you know when you're doing something wrong. Cipher design is a bit similar. Critical listening is the analogue of cryptanalysis, where you attack your design, and find its flaws. There are (at least) two differences. * We all get exposed to lots of music throughout our lives. While music varies between cultures, almost everyone develops an ability to listen and appreciate music of some kind or other. We don't tend to be exposed to ciphers to the same degree, and we don't acquire the ability to analyse ciphers in that almost automatic way in which we can criticise music. To take this analogy too far, someone who's designing ciphers without understanding cryptanalysis is like someone deaf trying to play a guitar. * It only takes one person finding one problem with your cipher to break it. It's as if, when you're playing music, you have to make *everyone* happy at the same time. you can take lessons and becoming good at it, or you can learn your self. This will allow you to understand better some concepts. You would still need to take proper lessons but if you've done that, let say, for 7 years you will then learn quicker. In other words it is not a complete waste of time :O) I don't suggest that it's impossible to learn cipher design without being taught by someone. But there are right ways to learn and wrong ways. Schneier's self-study course is a good pointer in the right direction. See http://www.counterpane.com/self-study.html. -- [mdw] -- From: "CrakMan" [EMAIL PROTECTED] Subject: Re: what does it mean: "to find collision in bytes" Date: Thu, 29 Jun 2000 10:33:30 -0700 Another way for bytes to collide is when two people in the same office decide to pick up and move their computers at the same time. They walk down the hallway not looking where they are going and crash into one another... That's another way... JK :-) -- CRAK Software http://www.crak.com Password Recovery Software QuickBooks, Quicken, Access...More Spam bait (credit E. Needham): root@localhost postmaster@localhost admin@localhost abuse@localhost webmaster@localhost [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] tomstd [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]... "MP&q
Cryptography-Digest Digest #137
Cryptography-Digest Digest #137, Volume #10 Sun, 29 Aug 99 21:13:03 EDT Contents: Re: Can I export software that uses encryption as copy protection? (JPeschel) Re: What if RSA / factoring really breaks? (Mok-Kong Shen) Re: Q: Cross-covariance of independent RN sequences in practice (Mok-Kong Shen) Re: Key Establishment Protocols - free chapter from Handbook of Applied Cryptography (Mok-Kong Shen) Re: What if RSA / factoring really breaks? (DJohn37050) Re: What if RSA / factoring really breaks? (Boudewijn W. Ch. Visser) Re: What if RSA / factoring really breaks? (David A Molnar) Re: What if RSA / factoring really breaks? ([EMAIL PROTECTED]) Re: What if RSA / factoring really breaks? ("David J Whalen-Robinson") Re: RC4 question (fungus) Re: What if RSA / factoring really breaks? (David A Molnar) Re: What if RSA / factoring really breaks? ("David J Whalen-Robinson") Re: What if RSA / factoring really breaks? (Helger Lipmaa) Re: What if RSA / factoring really breaks? (David Wagner) Re: What if RSA / factoring really breaks? (Paul Rubin) Re: What if RSA / factoring really breaks? Re: Can I export software that uses encryption as copy protection? (Eric Lee Green) Re: What if RSA / factoring really breaks? ([EMAIL PROTECTED]) Re: What if RSA / factoring really breaks? (DJohn37050) From: [EMAIL PROTECTED] (JPeschel) Subject: Re: Can I export software that uses encryption as copy protection? Date: 29 Aug 1999 20:55:31 GMT [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) writes: Joe if one can legally export decrytion could one then export a decryption only version of my source code with working executable. Of course there may be a few beer drinking German that could be smart enough to reverse engineer and come up with a program that did encryption based on his code. BUt the infinite powers of the beer drinking mind are beyond my control. IF yes I can export it. What is to keep me from exporting a part of scott19r the decryption portion only of a different program. But haveing the weakness the the decyryption part of the source code. could be lefted in five minutes by a Brit and used to create a full working copy of scott19u. Note I never intended to export encryption (usiing only a small subset of CLintonian logic which protects one from prejury). Yes some random thougfhts from to much beer that I am sure I will forget when this hangover leaves Nope, Dave, I don't think you can export a decryption-only version of your source code. You should be able to export a binary that does decryption only, but I don't know why you would want to. A tall glass of vodka on ice will get rid of most beer induced hagovers. Joe __ Joe Peschel D.O.E. SysWorks http://members.aol.com/jpeschel/index.htm __ -- From: Mok-Kong Shen [EMAIL PROTECTED] Subject: Re: What if RSA / factoring really breaks? Date: Sun, 29 Aug 1999 23:08:53 +0200 DJohn37050 schrieb: The known best method to attack a generic RSA key is the GNFS. GNFS can also be used to solve discrete logs (the p value of DSA). One choice would be to go to ECC. I presented a paper at PKS '99 on future resiliency. See www.certicom.com in the PKS '99 section for my (rudimentary) thoughts on this. Isn't it that Shamir has in a recent paper shown the feasibility of building a special machine to crack RSA? I haven't seen the paper. How is that related to the above? M. K. Shen -- From: Mok-Kong Shen [EMAIL PROTECTED] Subject: Re: Q: Cross-covariance of independent RN sequences in practice Date: Sun, 29 Aug 1999 22:55:01 +0200 [EMAIL PROTECTED] schrieb: Since independent random sequences can be made at widely separated places, while many things have lower bounds due to imperfection, this is not one of the stronger examples. You would be surprised at how many decibels of separation are possible between the left channel of my stereo system, and the right channel of somebody else's stereo system in Nebraska. Perhaps I have not expressed myself clear enough. I meant what magnitude of the value of computed cross-covariance can be safely considered to be 0 in practice (even though that is non-zero) and hence assume that there is indeed independence. M. K. Shen -- From: Mok-Kong Shen [EMAIL PROTECTED] Subject: Re: Key Establishment Protocols - free chapter from Handbook of Applied Cryptography Date: Sun, 29 Aug 1999 23:23:42 +0200 Alfred John Menezes wrote: of the book will not be affected. Any comments on this publishing experiment will be greatly appreciated. I believe the experiment is successful. Those who can afford the price at all will certainly buy a copy, for the printout is inconvenient to handle. Th
Cryptography-Digest Digest #137
Cryptography-Digest Digest #137, Volume #9 Thu, 25 Feb 99 11:13:03 EST Contents: Re: Snake Oil (from the Feb 99 Crypto-Gram) (Lutz Donnerhacke) Re: Testing Algorithms (Alan Braggins) Re: Snake Oil (from the Feb 99 Crypto-Gram) ([EMAIL PROTECTED]) Re: What do you all think about the new cipher devised by a 16 year old? ("Vonnegut") Re: Take my hand, PLEASE ([EMAIL PROTECTED]) Re: Define Randomness (R. Knauer) Re: Testing Algorithms (Patrick Juola) Re: Randomness based consciousness?. (Was: Re: *** Where Does The Randomness Come From ?!? *** ) (R. Knauer) Re: True Randomness - DOES NOT EXIST!!! (Coen Visser) Re: Define Randomness (R. Knauer) DSS Keys ("Nicholas Cole") Re: Define Randomness (R. Knauer) Re: Define Randomness (R. Knauer) Re: Testing Algorithms (Patrick Juola) Re: True Randomness - DOES NOT EXIST!!! (R. Knauer) Re: Define Randomness (R. Knauer) Re: RC4 40 bit compared to RC4 128 bit. (fungus) Re: Testing Algorithms (fungus) From: [EMAIL PROTECTED] (Lutz Donnerhacke) Subject: Re: Snake Oil (from the Feb 99 Crypto-Gram) Date: 25 Feb 1999 12:15:36 GMT * Peter Gutmann wrote: [EMAIL PROTECTED] (Lutz Donnerhacke) writes: 3) 1024 bits- "Military" grade, slow, highest security That's why PGP 2.6.3(i)n changed this to: 1024 bit - User grade 1535 bit - SubCA and RA grade 2048 bit - CA grade ... which those for whom it's most important (nontechnical types) will have absolutely no understanding of. Should not. ;-) Although the term "military-grade security" is meaningless, it seems to be one of the better ways to tell J.Random Luser that this is the strongest level of security available in a program. Which will be wrong. -- From: Alan Braggins [EMAIL PROTECTED] Subject: Re: Testing Algorithms Date: 25 Feb 1999 10:17:49 + "Trevor Jackson, III" [EMAIL PROTECTED] writes: A superstring computer is certainly conceivable with modern theory, given some room for TBDs in the specs. But a computer that violates the speed of light is in the same class as divine inspiration. If you assume any rules you want then you can get any output you want. By tomorrow. Once you assume you can violate light speed, you can get the answer not merely tomorrow, but yesterday[1]. Then you needn't bother calculating it before sending it back in time to yourself. On the other hand your opponent can then go back in time and decide to send a different message in the first place, so you still haven't cracked it. [1] unless FTL is possible in some reference frames but not others -- From: [EMAIL PROTECTED] Subject: Re: Snake Oil (from the Feb 99 Crypto-Gram) Date: 25 Feb 1999 12:39:18 GMT PGP 5.0 has ressurected the term, however ... 3) 1024 bits- "Military" grade, slow, highest security -- =/=/=/=/=/=/=/=/=/=/=/=/=/=/=/=/=/=/=/=/=/=/=/=/=/=/=/=/=/=/=/=/ Mark Andreas [EMAIL PROTECTED] http://www.sky.net/~voyageur PGP key 77EF76B1 available via key server, finger or webpage =\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\ -- From: "Vonnegut" [EMAIL PROTECTED] Subject: Re: What do you all think about the new cipher devised by a 16 year old? Date: Thu, 25 Feb 1999 08:10:19 -0500 It seems pretty simple. It uses a 2X2 matrices. I wonder how on earth can something so simple been overlooked? Even if she did find a new way to implement the matrices, I do know that I have seen a simple public key encryption algorithm which used matrices in a Pre-Calculus books. The book suggested using a method for encoding letters to numbers in the plain text. They used A=1, B=2, ' '(space)=0, but ASCII or any other method would be fine. Anyhow, the numbers are popped into a matrix and multiplied by a square matrix M, your public key. Obviously, the private key you would use is the inverse of M. This is quite a simple problem for a 2x2 matrix, though, so I doubt this new algorithm is the same thing. However, the method just explained is somewhat secure for matrices of order higher than 10 or 20. Not only does it take a reasonably long amount of time to find the inverse of such a matrix, but your program could always swap certain columns of the output or add some constant matrix. I don't know if anyone found this information useful, as I am only beginning in this field. ( I just happen to 16, myself ) Please forgive me if this is all basic stuff you all have seen before. By the way, thanks for reminding me about that matrix idea. I have a snow day today, so I think I'll write a C++ implementation of it. Anyone who wants it can email me at : [EMAIL PROTECTED] If you just want the compiled program or source code please specify, otherwise, I'll send both. Later, -Vonnegut -- F