Cryptography-Digest Digest #159
Cryptography-Digest Digest #159, Volume #14 Mon, 16 Apr 01 12:13:01 EDT
Contents:
Re: Data dependent arcfour via sbox feedback
Re: Password tool! (those who know me have no need of my name)
Re: Data dependent arcfour via sbox feedback
Re: Reusing A One Time Pad ("Mark G Wolf")
Re: LFSR Security ("Scott Fluhrer")
Re: NSA is funding stegano detection ([EMAIL PROTECTED])
Re: NSA is funding stegano detection (Walter Roberson)
P1363 draft ("Full Name")
Re: Reusing A One Time Pad ([EMAIL PROTECTED])
Re: NSA is funding stegano detection ([EMAIL PROTECTED])
Re: C Encryption (Steve Portly)
From: [EMAIL PROTECTED]
Subject: Re: Data dependent arcfour via sbox feedback
Date: Mon, 16 Apr 2001 10:32:55 -0400
I tried to read this thread and related topics, but there are too many
posts for me. Does Ritter say anywhere whether or not he has tested his
broad position in court? I don't think his broad interpretation would
hold. Lets see what he does if a wealthy company like IBM (deep pockets
in the legal dept.) implements something similar to that described in
this thread.
"Bryan Olson" "nospam"@"nonsuch.org" wrote in message
7FdC6.1$D_.85@interramp...
Terry Ritter wrote:
Bryan Olson wrote:
Terry Ritter wrote:
On Sat, 07 Apr 2001 06:24:00 GMT, in 4oyz6.6$4G.143@interramp, in
sci.crypt "nospam"@"nonsuch.org" ("Bryan Olson") wrote:
In article [EMAIL PROTECTED], Terry Ritter wrote:
On Wed, 04 Apr 2001 19:53:09 -0700, in
[EMAIL PROTECTED], in sci.crypt Bryan Olson
[EMAIL PROTECTED] wrote:
Bryan Olson wrote:
Terry Ritter wrote:
The "second data source" is modified by said "result data"
before use,
but no part of the claims excludes that possibility.
The word "source" excludes the possibility. The sequence of
y values is in fact a _product_ of the substitution process,
not a source. If unclear of the interpretation of "source",
just read the background and look at the diagrams in the
patent.
Any sequence of data values is "a source." We can see this
throughout the patent, including: "A first data source and
a second data source are combined into a complex
intermediate form or result. . . ." Note the lack of
description about the "ultimate" origin of any data sequence
treated as a "source."
It may be any sequence of values, but it must be a source,
not a product. Neither does the ultimate origin matter;
just that it comes in from the outside.
The ultimate origin is of course outside *the* *combiner*, but not
necessarily outside the system containing the combiner.
The source in question is produced _from_ the table as the
"combiner" updates it.
That's fine with me. The Dynamic Substitution claims place no
limitations on the source of these values.
Right. But it's not a source. It's a product of the same
table.
No problem. It *becomes* a source.
By the simple process of ignoring what "source" means.
When you present a system which is more than just the combiner, I
am
free to select what signals there are and try to match them to a
claim. You don't get to decide what signals I select. You can
add
whatever you want around an invention in an attempt to obscure
which
parts actually constitute the invention, but the invention is
still
there somewhere, and I get to find it.
Exactly. The sequence _you_ chose depends upon the dynamic
update of the table. It is necessarily a function of the
combiner, and cannot be outside.
I have no idea what your point may be. The claims do not specify a
particular origin for the sequences.
It's not a combiner of data sources. It's producing one
from state alone.
It is combining two parts of that RNG state.
And not two data sources, as the term is used in the patent.
But, if you don't like the word "source," perhaps you would
prefer the word "value": [...]
Which is not the word in the claim at issue.
It only takes one claim. Any claim counts.
The one you had cited is claim 1. If you want to instead go
through claim 15, note that it's not only a "value" it's an
"input value". Claim 15 also states one output, and if you
use that value for the output, the cipher cannot function.
I *think* the intent here is to recall an argument made earlier that
"the cipher" has an XOR combiner, so "the" combiner obviously is not
DynSub.
Not really. You tried to show claim 1 fit; then when I
argued it didn't, you appealed to the wording of a different
claim.
When the question is whether the patent covers whatever, any claim
counts.
What happened here is that you appealed to the wording of
claim 15 since the statement of claim 1 doesn't fit. Yes
any claim counts, but claim 1 with ce
Cryptography-Digest Digest #159
Cryptography-Digest Digest #159, Volume #13 Tue, 14 Nov 00 18:13:01 EST Contents: Re: The SHAs (David Crick) Re: The SHAs (David Crick) Re: On an idea of John Savard (Mok-Kong Shen) Re: The SHAs (David Crick) Re: "Secrets and Lies" at 50% off (James Felling) Re: On an idea of John Savard (James Felling) Re: The ultimate cipher (James Felling) Re: On an idea of John Savard (David Schwartz) Easy Way To Financial Success (Gerry) Re: Thoughts on the sci.crypt cipher contest (Paul Crowley) From: David Crick [EMAIL PROTECTED] Subject: Re: The SHAs Date: Tue, 14 Nov 2000 22:29:35 + [EMAIL PROTECTED] wrote: I have coded the three SHA algorithms (SHA256, SHA384, SHA512) in assembly language, and the programs perform properly on the NIST test files. Can anyone verify the results below on the file of 1,000,000 'a's? - M:\sha256 abytes.1m 3903B510 4E2E785A 000FDFF8 9D6CEF49 F867B5B5 5276FA66 2064B15A 248F3EF8 M:\sha384 abytes.1m AC5D0302 132C906A 202B6CBD 175CC0AE 75DB16DD A37146D1 1EF70BB1 745677CD 952B53D5 10B3656F 1A3E80ED B742DB5D M:\sha512 abytes.1m C247359F CCF33404 F0B5447C DD9B0A39 50A0D444 D3E8BF58 3733373B 21947B0C 6C8F4B69 F267E3FE 1ABBF083 CA1DD28E 43CD187C 45F098AF 0174D756 EE6F9904 There were three C programs written shortly after the new SHA specs came out. It's these I'm testing your code against; I've downloaded the assembly from your site (but see later). The Sha256 code matches: Yours: CDC76E5C 9914FB92 81A1C7E2 84D73E67 F1809A48 A497200E 046D39CC C7112CD0 C ver: cdc76e5c 9914fb92 81a1c7e2 84d73e67 f1809a48 a497200e 046d39cc c7112cd0 BUT THE ONE IN YOUR POST ABOVE IS DIFFERENT! The Sha384.zip file I downloaded from your site was corrupt. However, comparing what you posted: M:\sha384 abytes.1m AC5D0302 132C906A 202B6CBD 175CC0AE 75DB16DD A37146D1 1EF70BB1 745677CD 952B53D5 10B3656F 1A3E80ED B742DB5D C ver: 9d0e1809716474cb 086e834e310a4a1c ed149e9c00f24852 7972cec5704c2a5b 07b8b3dc38ecc4eb ae97ddd87f3d8985 These disagree. As does the Sha512 output. Again, the .COM I extracted from your site differs from what you posted too! M:\sha512 abytes.1m C247359F CCF33404 F0B5447C DD9B0A39 50A0D444 D3E8BF58 3733373B 21947B0C 6C8F4B69 F267E3FE 1ABBF083 CA1DD28E 43CD187C 45F098AF 0174D756 EE6F9904 Yours: 28B21DE0 CA078958 18C3359A 799E471B 78CF0A3C 9166C4E6 16E40285 5E3131B0 F5AC5933 E20DBA9F 87288A79 063FA05B 76CA9A29 493F285D 204A88E7 419ADCBA C Ver: e718483d0ce76964 4e2e42c7bc15b463 8e1f98b13b204428 5632a803afa973eb de0ff244877ea60a 4cb0432ce577c31b eb009c5c2c49aa2e 4eadb217ad8cc09b Looks like all these results need looking at again! -- +---+ | David A Crick [EMAIL PROTECTED] PGP: (NOV-2000 KEY) 0x710254FA | | Damon Hill Tribute Site: http://www.geocities.com/MotorCity/4236/ | | M. Brundle Quotes: http://members.tripod.com/~vidcad/martin_b.htm | +---+ -- From: David Crick [EMAIL PROTECTED] Subject: Re: The SHAs Date: Tue, 14 Nov 2000 22:31:34 + If it helps, the Sha-1 sum of the million-a file I'm using is: milliona.txt: 34AA 973C D4C4 DAA4 F61E EB2B DBAD 2731 6534 016F If someone can confirm this Sha-1 result then I know I've got a good file to be testing against! -- +---+ | David A Crick [EMAIL PROTECTED] PGP: (NOV-2000 KEY) 0x710254FA | | Damon Hill Tribute Site: http://www.geocities.com/MotorCity/4236/ | | M. Brundle Quotes: http://members.tripod.com/~vidcad/martin_b.htm | +---+ -- From: Mok-Kong Shen [EMAIL PROTECTED] Subject: Re: On an idea of John Savard Date: Tue, 14 Nov 2000 23:34:30 +0100 David Schwartz wrote: Mok-Kong Shen wrote: If you increase a common block cipher from its standar number of rounds to a higher number of rounds, do you think that you would thereby weaken it? Perhaps. If, for example, one side was doing X rounds and the other side was doing X+1 rounds, there might be imaginable compromises. I am afraid there is some misunderstanding between us. What do you mean by 'side'? Do you mean the communication partners? Of course they have to use the same algorithm. If you mean that a DES-like cipher one round treats only one half block, then one has to substitute 'cylce', i.e. two rounds, for what I meant above, for e.g. a 17 round DES is not very good, though I suppose it should still be stronger than the 16 round one. M. K. Shen -- From: David Crick [EMAIL PROTECTED] Subject: Re: The SHAs Date: Tue, 14 Nov 2000 22:37:16 + David Crick wrote: If it helps, the Sha-1 sum of the million-a file I'm using is: milliona
Cryptography-Digest Digest #159
Cryptography-Digest Digest #159, Volume #11 Sat, 19 Feb 00 16:13:01 EST
Contents:
Re: NIST publishes AES source code on web (wtshaw)
Re: NIST publishes AES source code on web (Samuel Paik)
Re: NIST publishes AES source code on web (wtshaw)
Is Phi perfect? (Frank the_root)
Re: Is Phi perfect? (Mike Andrews)
Re: Q: Division in GF(2^n) (Mike Andrews)
Re: UK publishes 'impossible' decryption law (Jim)
Re: EOF in cipher??? (Albert P. Belle Isle)
Re: EOF in cipher??? ("Trevor Jackson, III")
Re: Question about OTPs (Anthony Stephen Szopa)
Re: EOF in cipher??? ("Trevor Jackson, III")
Re: EOF in cipher??? ("Joseph Ashwood")
Re: Guaranteed Public Key Exchanges (Darren New)
Re: EOF in cipher??? ("Trevor Jackson, III")
Re: Is Phi perfect? ("Scott Fluhrer")
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: NIST publishes AES source code on web
Date: Sat, 19 Feb 2000 12:23:07 -0600
In article [EMAIL PROTECTED], Mok-Kong Shen
[EMAIL PROTECTED] wrote:
... Here strong cryptos designed by common people are to be
restricted or prohibited from export, while those promoted/supported
by authorities are to be wide-spread (through official publications,
among other means). Since my above said impression is obviously
or highly probably wrong, I must logically conclude that AES is
in fact NOT a strong crypto.
If you use position to collect lots of people with adequate smarts, it is
easy to presume that no one can compete, or that you will discourage
and/or frustrate cthose you cannot directly control, or buy-out controling
interests in products you want to handle, or somehow classify speech you
don't like as illegal, or make black-bag jobs and secret courts
acceptable. You would try to knock down crypto that you don't like by any
means possible.
As long as you can control something like AES, even stating at each level
that you have the last word, it is certain that a good but deficient
algorithm will result.
--
Let's all sit back an watch the inhabitants of the political zoo
perform in three rings. It's more exciting than soap operas. Then
vote out anyone who has been in long enough to abuse things.
--
From: Samuel Paik [EMAIL PROTECTED]
Subject: Re: NIST publishes AES source code on web
Date: Sat, 19 Feb 2000 19:22:50 GMT
Mok-Kong Shen wrote:
Tim Tyler wrote:
It is non-commercial, with public source code. This bit seems to apply:
``encryption source code that would be publicly available (and posting to
the Internet itself would make it publicly available), and which is not
subject to an express agreement for the payment of a licensing fee or
royalty for the commercial production or sale of any product developed
using the source code, would be eligible under License Exception TSU for
"unrestricted" source code. Under this policy, the software may be
exported without prior submission to the government for technical review
(although concurrent notification of the export is required). In
addition, software exported under this exception may be posted to the
Internet without restriction and would not be subject to any requirement
to screen for access. Also, such posting would not constitute knowledge
of an export to a prohibited destination under the EAR, including one of
the seven terrorist states. ''
If this is indeed true,
DISCLAIMER: I am not a lawyer and this is not a legal opinion.
It is a summary of Section 740.13 (e) "TECHNOLOGY AND SOFTWARE - UNRESTRICTED
(TSU)" / "Unrestricted encryption source code of the new proposed final EAR
(published in the Federal Registrar Jan 14, 2000) Here is the exact
wording; note numbers in brackets inserted.:
(e) Unrestricted encryption source code
(1) Encryption source code controlled under 5D002, [1] which would be
considered publicly available under §734.3(b)(3) [2] and which is
not subject to an express agreement for the payment of a licensing
fee or royalty for commercial production or sale of any product
developed with the source code, is released from "EI" [3] controls
and may be exported or reexported without review under License
Exception TSU, provided you have submitted written notification
to BXA of the Internet location (e.g., URL or Internet address)
or a copy of the source code by the time of export. Submit the
notification to BXA and send a copy to ENC Encryption Request
Coordinator (see §740.17(g)(5) for mailing addresses). [4]
Intellectual property protection (e.g., copyright, patent or
trademark) will not, by itself, be construed as an express
agreement for the payment of a licensing fee or royalty for
commercial production or sale of any product developed using
the source code.
(2) You may not
Cryptography-Digest Digest #159
Cryptography-Digest Digest #159, Volume #10 Thu, 2 Sep 99 05:13:03 EDT
Contents:
CIA Vigenere END-TIMES (Vigenere2.jpg) [1/3] ("collomb")
From: "collomb" [EMAIL PROTECTED]
Subject: CIA Vigenere END-TIMES (Vigenere2.jpg) [1/3]
Date: 2 Sep 1999 08:48:27 GMT
The CIA Vigenere End-times
I am going to explain why the square Vigenere of Kryptos
comprised 4 columns in excess on the right and an additional line on the
bottom.
Why?
Those who consulted my site web :
http://calvaweb.calvacom.fr/collomb /
know that the solution of the puzzle of Kryptos comprises word GOD
written diagonally.
Curiously there is a possibility of revealing GOD diagonally in the
Vigenere-Kryptos square and only one.
Up to G of the seventh line, trace a diagonal line to D, placed in the
bottom on the right of the last line. This line passes automatically by
the O of Kryptos of the
sixteenth line.
We delimit two squares thus.
A first one, starting from G, formed of 22 X 22 characters, a second one
starting
from the O of Kryptos made of 13 X 13 characters. see the attached
drawing
Those who know my method of decoding are in a known land.
22 and 13 lead obviously to a chapter and a verse of the Revelation
to John.
Rev 22-13 : I am the Alpha and the Omega, the first and the last, the
beginning
and the end.
The first is the first character of the great square is G, the last is
the final character of small square D. To go from one character to the
other
one passes by the O of KryptOs.
To obtain this result the cryptographer has obligatorily to add 4 columns
on the right and a line in bottom, so that appears at the end of this
last line, the character D, last character of word GOD.
This word GOD is written diagonally, as in the final solution published on
my
site web. We understand now why there is a shifting of one box at each line
in the Vigenere-Kryptos, system what makes appear the diagonals.
Regards
[EMAIL PROTECTED]
begin 600 Vigenere2.jpg
M_]C_X `02D9)1@`!`@$`9 !D``#_[0$Z4AO=]S:]P(#,N, `X0DE-`^T`
M`! `9 $``@!D`0`".$))30/S```(``$X0DE-
M)Q ```H``0`".$))30/U``!(`"]F9@`!`QF9@`
M```!`"]F9@`!`*9F@!`#(!`%H```!`#4!
M`"T```!.$))300"```X0DE-! (```(``%!(550(
M-0``1 ``
M4$A55 @T```$
M`#A"24T$!@``!P`"`0$`__X`)T9I;4@=W)I='1E;B!B2!!9]B
M92!0:]T;W-H;W"H(#0N, #_[@`.061O8F4`9( !_]L`A `(!@8!@8(
M!@8(# @'" P."@@("@X0#0T.#0T0$0P,# P,#!$,# P,# P,# P,# P,# P,
M# P,# P,# P,# P,`0D(" D*"0L)"0L."PT+#A$.#@X.$1$,# P,#!$1# P,
M# P,$0P,# P,# P,# P,# P,# P,# P,# P,# P,# S_P `1" .!`S$#`2(`
M`A$!`Q$!_]T`! `T_\0!H@!`0$!`0``! 4#`@8!``("0H+
M`0`"`@,!`0$!`0`!``(#! 4!P@)"@L0``(!`P,"! (!P,$`@8"
MP$"`Q$$``4A$C%!408382)Q@10RD:$'%;%"(\%2T$S%F+P)'*"\25#-%.2
MHK)C\(U1"3H[,V%U1D=,/2X@@F@PD*!F$E$5I+16TU4HO+C\\34Y/1E
M=865I;7%U7U9G:EJ:VQM;F]C='5V=WAYGM\?7Y_X2%AH(B8J+C(V.CX
M*3E)66EYB9FING9Z?DJ.DI::GJ*FJJZRMKJ^A$``@(!`@,%!00%!@0(`P-M
M`0`"$0,$(1(Q0051$V$B!G!D3*AL? 4P='A(T(54F)R\3,D-$."%I)3):)C
MLL('](UXD2#%U23" D*!DF-D4:)V1T53?RH[/#*"G3X_.$E*2TQ-3D]5U
MA96EM75Y?55F9VAI:FML;6YO9'5V=WAYGM\?7Y_X2%AH(B8J+C(V.CX
M.4E9:7F)F:FYR=GI^2HZ2EIJHJ:JKK*VNKZ_]H`# ,!``(1`Q$`/P#O^;-F
MQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-F
MQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-F
MQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-F
MQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-F
MQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-F
MQ5V;-FQ5_]#O^;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5
MV;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5
MV;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5
MV;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5
MV;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5
MV;-FQ5V;-FQ5V;-FQ5V;-FQ5_]'O^;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;
M-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;
M-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;
M-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;
M-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;
M-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5_]+O^;-FQ5V;-FQ5V;-F
MQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-F
MQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-F
MQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-F
MQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-F
MQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5_]/O
M^;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5
MV;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5
MV;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-FQ5V;-
