Cryptography-Digest Digest #273
Cryptography-Digest Digest #273, Volume #14 Mon, 30 Apr 01 17:13:00 EDT Contents: Re: Censorship Threat at Information Hiding Workshop (Leonard R. Budney) Re: MS OSs swap file: total breach of computer security. (Christian Bohn) Re: Secure Digital Music Initiative cracked? (M.S. Bob) Re: Censorship Threat at Information Hiding Workshop ([EMAIL PROTECTED]) Re: A keen symmetric cipher idea (M.S. Bob) Re: A keen symmetric cipher idea (Tom St Denis) Re: DSA in GF(2^W)? (M.S. Bob) Encryption and decryption in VHDL (kris) CryptDisk (=?ISO-8859-1?Q?Jacques_Th=E9riault?=) Re: Censorship Threat at Information Hiding Workshop (Leonard R. Budney) Best, Strongest Algorithm (Ryan M. McConahy) Re: They seem to know something... Look (Ryan M. McConahy) Re: Announcing A New Rijndael Encryption Algorithm Implementation (Ryan M. McConahy) Re: Best, Strongest Algorithm (Leonard R. Budney) Re: Best, Strongest Algorithm (M.S. Bob) Re: Best, Strongest Algorithm (SCOTT19U.ZIP_GUY) Re: DSA in GF(2^W)? (Roger Schlafly) Re: Announcing A New Rijndael Encryption Algorithm Implementation (Mathew Hendry) Subject: Re: Censorship Threat at Information Hiding Workshop From: [EMAIL PROTECTED] (Leonard R. Budney) Date: 30 Apr 2001 14:55:12 -0400 Paul Rubin [EMAIL PROTECTED] writes: [EMAIL PROTECTED] (Leonard R. Budney) writes: The premise behind copyright law is that people are entitled to profit from their *creativity*, where creativity is defined to be a specific work having some original content. You're assuming a motivation behind copyright without providing evidence to justify the assumption. So your argument is weak because your starting premise is weak. The above is an assertion, not an argument. If the assertion is not axiomatic for you, then we have bigger problems to work out, commie! ...the most basic issues: If you make a suggestion to your boss, and he passes it up the chain with his name on it, winning promotions and accolades, then HE DONE YOU WRONG. Why, you ask? After all, aren't ideas free? Doesn't knowledge belong to everyone? Do you really own your suggestion? If the issues are so deep, then why are you acting like they're so simple? Read it again. Notice the phrase the most basic issues. Not all issues here are deep. It is not deep to realize that people are entitled to enjoy the fruits of their labor, whether the labor is physical or intellectual. The deep issues revolve around exactly how to apply that in practice. (Personally, the most interesting ones revolve around questions like lending. I can lend a book; I can lend a CD; but...if I lend an MP3, I can still listen to it! I can lend it to dozens of people at once! Now I do have legal MP3's, and I may loan them. But stocking a music store with MP3s downloaded free off the Internet is clearly unethical. Interesting issue to ponder.) Epsilon-cost duplication calls the adequacy of those protections into question in several ways. But the need for it cannot be denied. Oh yeah? ;-) You, I, and everyone else will take to yak-herding if we can't be paid to use our brains. Intellectual products, while intangible, are real and deserve recognition as such. Do you really dispute that? Len. -- What gives you the idea that the Putnam problems are written carefully? -- Dan Bernstein -- Reply-To: Christian Bohn [EMAIL PROTECTED] From: Christian Bohn [EMAIL PROTECTED] Crossposted-To: talk.politics.crypto,alt.hacker Subject: Re: MS OSs swap file: total breach of computer security. Date: Mon, 30 Apr 2001 21:07:33 +0200 But what about the PAGE_NOCACHE protection flag that can be used together with VirtualAlloc, VirtualProtect? From MSDN : PAGE_NOCACHE Allows no caching of the committed regions of pages. The hardware attributes for the physical memory should be specified as no cache. This is not recommended for general usage. It is useful for device drivers; for example, mapping a video frame buffer with no caching. This value is a page protection modifier, and it is only valid when used with one of the page protections other than PAGE_NOACCESS. According to the documentation, VirtualAlloc and VirtualProtect are both supported by Win95/NT. Wouldn't it be possible to make it non pageable this way? Or are you saying that it is only possible to allocate memory from the non-pageable pool using Ring0? Christian -- From: M.S. Bob [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] Subject: Re: Secure Digital Music Initiative cracked? Date: Mon, 30 Apr 2001 20:07:41 +0100 Douglas A. Gwyn wrote: David A Molnar wrote: ... It still shocks me that the RIAA can do what the NSA did not - prevent a paper from being presented at a public conference. Actually the paper you're thinking of was the subject of personal
Cryptography-Digest Digest #273
Cryptography-Digest Digest #273, Volume #13 Tue, 5 Dec 00 08:13:01 EST Contents: Re: Crypto Proceedings ("John A. Malley") Why Galois Fields in Cryptography? (John Savard) Re: RC4 or Rijndael (Guy Macon) Re: RC4 or Rijndael (Guy Macon) cracking a char subst cypher (Frank Hsueh) Re: RC4 or Rijndael ("Julian Morrison") Re: MD5 byte order (Thomas Pornin) Re: Logic of authentication (Erik-Oliver Blass) Re: RC4 or Rijndael (Benjamin Goldberg) Re: hardware RNG's (Tim Tyler) From: "John A. Malley" [EMAIL PROTECTED] Subject: Re: Crypto Proceedings Date: Mon, 04 Dec 2000 19:20:51 -0800 Mark Harrop wrote: Does anyone know of an ONLINE source of the CRYPTO PROCEEDINGS from as far back as possible ? Also, are they still being held, and do they have a web site ? Once again, I thank all of you kind souls for helping. Cryptography Research, Inc. keeps an index of papers from Eurocrypt'91 through Eurocrypt'97 and Crypto'92 through Crypto'97 at their web site: http://www.cryptography.com/resources/papers/index.html The indices list all of the papers from those conferences with links to *some* of the actual papers. Check into Counterpane's extensive on-line repository of papers at http://www.counterpane.com/biblio/ for those papers listed yet link-less at Cryptography Research's site. Hope this helps, John A. Malley [EMAIL PROTECTED] -- From: [EMAIL PROTECTED] (John Savard) Crossposted-To: sci.math Subject: Why Galois Fields in Cryptography? Date: Tue, 05 Dec 2000 04:50:34 GMT The new Advanced Encryption Standard, Rijndael, makes use of arithmetic in GF(2^8). So did Twofish, one of the other finalists in the AES process. Not being terribly up on advanced math, I wondered why this relatively unfamiliar type of operation was used in these block ciphers. I realize that exotic math is needed for public-key algorithms, but surely prosaic things like addition, XOR, table-lookup, and so on seem to be enough for many block ciphers. However, in a thread (on sci.crypt) titled "The Next Step After OTP", I considered one intrinsic weakness of the one-time-pad and certain other stream ciphers - those which simply XOR the output of a pseudo-random number generator with the plaintext - the fact that one can XOR a pattern of bits with the ciphertext, with the certain result that one has changed the plaintext in the corresponding way. This is called the "bit-flipping" attack, and essentially the same thing can be done if modulo-n addition for n larger than 2 replaces XOR. Naturally, there are other solutions to this problem, involving one-way hash functions, that are used in practice, but I thought it was interesting theoretically to see what would be the _minimum_ requirement to make a cipher that behaved like a stream cipher which provided a different rearranged substitution alphabet for every symbol enciphered. It is easy enough to produce a cipher like that if one is willing to be elaborate and complicated; a rotor machine simulation is one possibility, but what is the minimum condition? It turns out that if the conditions are explicitly stated as follows: the keystream symbols have to have the properties needed for a one-time-pad, and furthermore when a corresponding plaintext and ciphertext symbol are known, changing the ciphertext symbol to any one of the other possible values must have the result that all the plaintext symbols (except the known one) must be equally likely they can be met, for an alphabet of N symbols, if the keystream consists of symbols from a set of N(N-1) symbols, that determine two quantities, A (having N values) and B (having N-1 values) where the encipherment operation is: (plain * B) + A = cipher, where * and + are the operators for a finite field of order N. And so, if one wishes to encrypt a binary data stream eight bits at a time, this attractive property is therefore attained by means of GF(2^8). Which gives one reason _why_ one might see Galois Fields in use for cryptographic purposes. I've now added a page to my web site at http://home.ecn.ab.ca/~jsavard/crypto/co041103.htm containing the material from that thread, at which people are invited to look and tell me if I'm making sense or if I'm all wet. John Savard http://home.ecn.ab.ca/~jsavard/crypto.htm -- From: [EMAIL PROTECTED] (Guy Macon) Subject: Re: RC4 or Rijndael Date: 05 Dec 2000 05:49:59 GMT Bill Unruh wrote: Yes, RC4 is a stream cypher. The key can never be reused or the strength is essentially zero. It is very easy to code, and is much faster. However it is totally useless unless you can choose a random key each use. (eg, by sending the key via RSA). Huh??? I use the ciphersaber [1] implementation of ARCFOUR [2] with the same secret passphrase every time. There are additional random b
Cryptography-Digest Digest #273
Cryptography-Digest Digest #273, Volume #12 Sun, 23 Jul 00 13:13:00 EDT Contents: Re: Guardian 19/7/2000: "That charter for snoopers" (Andy Mabbett) Re: Random Appearance (Future Beacon) Re: Question Regarding Encrypting CD-ROM -RW Disks (jungle) Re: Crypto jokes? (potentially OT) (Sundial Services) Re: Question Regarding Encrypting CD-ROM -RW Disks (Sundial Services) Proving continued possession of a file (Mark Wooding) Re: 8 bit block ciphers ("Douglas A. Gwyn") Re: Proving continued possession of a file (Nicol So) Re: Proving continued possession of a file (Edward Keyes) Re: 8 bit block ciphers (Boris Kazak) Re: Proving continued possession of a file ("Scott Fluhrer") Re: Proving continued possession of a file (Boris Kazak) Re: Proving continued possession of a file (Mack) Re: 8 bit block ciphers (Mack) Re: 8 bit block ciphers (Mack) From: Andy Mabbett [EMAIL PROTECTED] Crossposted-To: uk.media.newspapers,uk.legal,alt.security.pgp,alt.privacy,uk.politics.parliament,uk.politics.crime,talk.politics.crypto,alt.ph.uk,alt.conspiracy.spy,alt.security.scramdisk,uk.telecom,uk.finance,uk.local.east-anglia,alt.politics.british Subject: Re: Guardian 19/7/2000: "That charter for snoopers" Date: Sun, 23 Jul 2000 10:57:37 +0100 In article [EMAIL PROTECTED], Cyril Disobedient [EMAIL PROTECTED] writes Special report: free speech on the net uk.media.newspapers us for discussion /of/ newspapers in the UK; not merely the reposting of articles. Please desist. (FU set) -- Andy Mabbett "I've been meaning to tidy up, but you know how it is: you blink and - whoops - another year gone" -- From: Future Beacon [EMAIL PROTECTED] Subject: Re: Random Appearance Date: Sun, 23 Jul 2000 08:40:25 -0400 On Sun, 23 Jul 2000, Douglas A. Gwyn wrote: Future Beacon wrote: I am convinced that it is possible. Basic information theory says otherwise. For your notion to work, the input plaintext would have to be restricted to a selection from a limited set, not a completely general message of length N. Do you have a proof? Jim Trek Future Beacon Technology http://eznet.net/~progress [EMAIL PROTECTED] -- From: jungle [EMAIL PROTECTED] Subject: Re: Question Regarding Encrypting CD-ROM -RW Disks Date: Sun, 23 Jul 2000 08:54:36 -0400 yes, the AGENCIES have the way to do it ... they have the way to ELIMINATE anyone from the surface to ... but the fact is : the hammer will not destroy data but ONLY drive ... the sensitivity level of data on H/D is irrelevant ... Sundial Services wrote: :-) If the information on your hard-drive is that sensitive, that someone would work that damned hard to recover it, then "they'll find a way to put you in jail anyway." ;-) jungle wrote: Greg wrote: == The point your point will not protect your data "in a hurry" against AGENCIES work ... I am making is that with my notebook, and others like it I am sure, if you had to destroy the HD in a hurry, you could simply slide it out and go at it with a sledge hammer. hammer is not destroying data but ONLY DRIVE ... you need to understand the difference ... These drives are tiny, thin, and very susceptible to any pressure on their top surface. what above has to do with destroying magnetic data ? ANSWER : almost nothing ... -- Date: Sun, 23 Jul 2000 06:30:52 -0700 From: Sundial Services [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] Subject: Re: Crypto jokes? (potentially OT) I've always had the unpleasant feeling that the real reasoning on this was, "we don't want to have to share the patents with the school down the street." (Gotta share it with the student but we can bully him out of "our half of it." He's starving, you know.) Douglas A. Gwyn wrote: [...] The idea that when an idea is independently discovered by multiple researchers, the first one to reach print gets all the credit has always been screwy. It leads to such things as a graduate student having to start his thesis work all over because his independent work is no longer considered "original research" and thus does not qualify for a degree. So long as everybody is convinced that the researchers did work independently and were not aware of each other's work, in a rational world they should share credit for the invention. The main question is whether the earlier work was partially "leaked" and the later work was inspired by that information, in which case only the earlier work is the true innovation. -- Date: Sun, 23 Jul 2000 06:32:56 -0700 From: Sundial Services [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] Subject: Re:
Cryptography-Digest Digest #273
Cryptography-Digest Digest #273, Volume #10 Sun, 19 Sep 99 08:13:03 EDT Contents: Cryptography FAQ (10/10: References) ([EMAIL PROTECTED]) Re: Exclusive Or (XOR) Knapsacks ("Gary") Re: ECC (again...) (DJohn37050) Windows 95/98 version of Encryption for the Masses available now! (Paul Le Roux) From: [EMAIL PROTECTED] Crossposted-To: talk.politics.crypto,sci.answers,news.answers,talk.answers Subject: Cryptography FAQ (10/10: References) Date: 19 Sep 1999 11:18:36 GMT Reply-To: [EMAIL PROTECTED] Archive-name: cryptography-faq/part10 Last-modified: 94/06/13 This is the tenth of ten parts of the sci.crypt FAQ. The parts are mostly independent, but you should read the first part before the rest. We don't have the time to send out missing parts by mail, so don't ask. Notes such as ``[KAH67]'' refer to the reference list in this part. The sections of this FAQ are available via anonymous FTP to rtfm.mit.edu as /pub/usenet/news.answers/cryptography-faq/part[xx]. The Cryptography FAQ is posted to the newsgroups sci.crypt, talk.politics.crypto, sci.answers, and news.answers every 21 days. Contents 10.1. Books on history and classical methods 10.2. Books on modern methods 10.3. Survey articles 10.4. Reference articles 10.5. Journals, conference proceedings 10.6. Other 10.7. How may one obtain copies of FIPS and ANSI standards cited herein? 10.8. Electronic sources 10.9. RFCs (available from [FTPRF]) 10.10. Related newsgroups 10.1. Books on history and classical methods [FRIE1] Lambros D. Callimahos, William F. Friedman, Military Cryptanalytics. Aegean Park Press, ?. [DEA85] Cipher A. Deavours Louis Kruh, Machine Cryptography and Modern Cryptanalysis. Artech House, 610 Washington St., Dedham, MA 02026, 1985. [FRIE2] William F. Friedman, Solving German Codes in World War I. Aegean Park Press, ?. [GAI44] H. Gaines, Cryptanalysis, a study of ciphers and their solution. Dover Publications, 1944. [HIN00] F.H.Hinsley, et al., British Intelligence in the Second World War. Cambridge University Press. (vol's 1, 2, 3a, 3b 4, so far). XXX Years and authors, fix XXX [HOD83] Andrew Hodges, Alan Turing: The Enigma. Burnett Books Ltd., 1983 [KAH91] David Kahn, Seizing the Enigma. Houghton Mifflin, 1991. [KAH67] D. Kahn, The Codebreakers. Macmillan Publishing, 1967. [history] [The abridged paperback edition left out most technical details; the original hardcover edition is recommended.] [KOZ84] W. Kozaczuk, Enigma. University Publications of America, 1984 [KUL76] S. Kullback, Statistical Methods in Cryptanalysis. Aegean Park Press, 1976. [SIN66] A. Sinkov, Elementary Cryptanalysis. Math. Assoc. Am. 1966. [WEL82] Gordon Welchman, The Hut Six Story. McGraw-Hill, 1982. [YARDL] Herbert O. Yardley, The American Black Chamber. Aegean Park Press, ?. 10.2. Books on modern methods [BEK82] H. Beker, F. Piper, Cipher Systems. Wiley, 1982. [BRA88] G. Brassard, Modern Cryptology: a tutorial. Spinger-Verlag, 1988. [DEN82] D. Denning, Cryptography and Data Security. Addison-Wesley Publishing Company, 1982. [KOB89] N. Koblitz, A course in number theory and cryptography. Springer-Verlag, 1987. [KON81] A. Konheim, Cryptography: a primer. Wiley, 1981. [MEY82] C. Meyer and S. Matyas, Cryptography: A new dimension in computer security. Wiley, 1982. [PAT87] Wayne Patterson, Mathematical Cryptology for Computer Scientists and Mathematicians. Rowman Littlefield, 1987. [PFL89] C. Pfleeger, Security in Computing. Prentice-Hall, 1989. [PRI84] W. Price, D. Davies, Security for computer networks. Wiley, 1984. [RUE86] R. Rueppel, Design and Analysis of Stream Ciphers. Springer-Verlag, 1986. [SAL90] A. Saloma, Public-key cryptography. Springer-Verlag, 1990. [SCH94] B. Schneier, Applied Cryptography. John Wiley Sons, 1994. [errata avbl from [EMAIL PROTECTED]] [WEL88] D. Welsh, Codes and Cryptography. Claredon Press, 1988. 10.3. Survey articles [ANG83] D. Angluin, D. Lichtenstein, Provable Security in Crypto- systems: a survey. Yale University, Department of Computer Science, #288, 1983. [BET90] T. Beth, Algorithm engineering for public key algorithms. IEEE Selected Areas of Communication, 1(4), 458--466, 1990. [DAV83] M. Davio, J. Goethals, Elements of cryptology. in Secure Digital Communications, G. Longo ed., 1--57, 1983. [DIF79] W. Diffie, M. Hellman, Privacy and Authentication: An introduction to cryptography. IEEE proceedings, 67(3), 397--427, 1979. [DIF88] W. Diffie, The first ten years of public key cryptography. IEEE proceedings, 76(5), 560--577, 1988. [FEI73] H. Feistel, Cryptography and Comput