Cryptography-Digest Digest #273
Cryptography-Digest Digest #273, Volume #14 Mon, 30 Apr 01 17:13:00 EDT Contents: Re: Censorship Threat at Information Hiding Workshop (Leonard R. Budney) Re: MS OSs swap file: total breach of computer security. (Christian Bohn) Re: Secure Digital Music Initiative cracked? (M.S. Bob) Re: Censorship Threat at Information Hiding Workshop ([EMAIL PROTECTED]) Re: A keen symmetric cipher idea (M.S. Bob) Re: A keen symmetric cipher idea (Tom St Denis) Re: DSA in GF(2^W)? (M.S. Bob) Encryption and decryption in VHDL (kris) CryptDisk (=?ISO-8859-1?Q?Jacques_Th=E9riault?=) Re: Censorship Threat at Information Hiding Workshop (Leonard R. Budney) Best, Strongest Algorithm (Ryan M. McConahy) Re: They seem to know something... Look (Ryan M. McConahy) Re: Announcing A New Rijndael Encryption Algorithm Implementation (Ryan M. McConahy) Re: Best, Strongest Algorithm (Leonard R. Budney) Re: Best, Strongest Algorithm (M.S. Bob) Re: Best, Strongest Algorithm (SCOTT19U.ZIP_GUY) Re: DSA in GF(2^W)? (Roger Schlafly) Re: Announcing A New Rijndael Encryption Algorithm Implementation (Mathew Hendry) Subject: Re: Censorship Threat at Information Hiding Workshop From: [EMAIL PROTECTED] (Leonard R. Budney) Date: 30 Apr 2001 14:55:12 -0400 Paul Rubin [EMAIL PROTECTED] writes: [EMAIL PROTECTED] (Leonard R. Budney) writes: The premise behind copyright law is that people are entitled to profit from their *creativity*, where creativity is defined to be a specific work having some original content. You're assuming a motivation behind copyright without providing evidence to justify the assumption. So your argument is weak because your starting premise is weak. The above is an assertion, not an argument. If the assertion is not axiomatic for you, then we have bigger problems to work out, commie! ...the most basic issues: If you make a suggestion to your boss, and he passes it up the chain with his name on it, winning promotions and accolades, then HE DONE YOU WRONG. Why, you ask? After all, aren't ideas free? Doesn't knowledge belong to everyone? Do you really own your suggestion? If the issues are so deep, then why are you acting like they're so simple? Read it again. Notice the phrase the most basic issues. Not all issues here are deep. It is not deep to realize that people are entitled to enjoy the fruits of their labor, whether the labor is physical or intellectual. The deep issues revolve around exactly how to apply that in practice. (Personally, the most interesting ones revolve around questions like lending. I can lend a book; I can lend a CD; but...if I lend an MP3, I can still listen to it! I can lend it to dozens of people at once! Now I do have legal MP3's, and I may loan them. But stocking a music store with MP3s downloaded free off the Internet is clearly unethical. Interesting issue to ponder.) Epsilon-cost duplication calls the adequacy of those protections into question in several ways. But the need for it cannot be denied. Oh yeah? ;-) You, I, and everyone else will take to yak-herding if we can't be paid to use our brains. Intellectual products, while intangible, are real and deserve recognition as such. Do you really dispute that? Len. -- What gives you the idea that the Putnam problems are written carefully? -- Dan Bernstein -- Reply-To: Christian Bohn [EMAIL PROTECTED] From: Christian Bohn [EMAIL PROTECTED] Crossposted-To: talk.politics.crypto,alt.hacker Subject: Re: MS OSs swap file: total breach of computer security. Date: Mon, 30 Apr 2001 21:07:33 +0200 But what about the PAGE_NOCACHE protection flag that can be used together with VirtualAlloc, VirtualProtect? From MSDN : PAGE_NOCACHE Allows no caching of the committed regions of pages. The hardware attributes for the physical memory should be specified as no cache. This is not recommended for general usage. It is useful for device drivers; for example, mapping a video frame buffer with no caching. This value is a page protection modifier, and it is only valid when used with one of the page protections other than PAGE_NOACCESS. According to the documentation, VirtualAlloc and VirtualProtect are both supported by Win95/NT. Wouldn't it be possible to make it non pageable this way? Or are you saying that it is only possible to allocate memory from the non-pageable pool using Ring0? Christian -- From: M.S. Bob [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] Subject: Re: Secure Digital Music Initiative cracked? Date: Mon, 30 Apr 2001 20:07:41 +0100 Douglas A. Gwyn wrote: David A Molnar wrote: ... It still shocks me that the RIAA can do what the NSA did not - prevent a paper from being presented at a public conference. Actually the paper you're thinking of was the subject of personal
Cryptography-Digest Digest #273
Cryptography-Digest Digest #273, Volume #13 Tue, 5 Dec 00 08:13:01 EST
Contents:
Re: Crypto Proceedings ("John A. Malley")
Why Galois Fields in Cryptography? (John Savard)
Re: RC4 or Rijndael (Guy Macon)
Re: RC4 or Rijndael (Guy Macon)
cracking a char subst cypher (Frank Hsueh)
Re: RC4 or Rijndael ("Julian Morrison")
Re: MD5 byte order (Thomas Pornin)
Re: Logic of authentication (Erik-Oliver Blass)
Re: RC4 or Rijndael (Benjamin Goldberg)
Re: hardware RNG's (Tim Tyler)
From: "John A. Malley" [EMAIL PROTECTED]
Subject: Re: Crypto Proceedings
Date: Mon, 04 Dec 2000 19:20:51 -0800
Mark Harrop wrote:
Does anyone know of an ONLINE source of the CRYPTO PROCEEDINGS from as far
back as possible ?
Also, are they still being held, and do they have a web site ?
Once again, I thank all of you kind souls for helping.
Cryptography Research, Inc. keeps an index of papers from Eurocrypt'91
through Eurocrypt'97 and Crypto'92 through Crypto'97 at their web site:
http://www.cryptography.com/resources/papers/index.html
The indices list all of the papers from those conferences with links to
*some* of the actual papers.
Check into Counterpane's extensive on-line repository of papers at
http://www.counterpane.com/biblio/
for those papers listed yet link-less at Cryptography Research's site.
Hope this helps,
John A. Malley
[EMAIL PROTECTED]
--
From: [EMAIL PROTECTED] (John Savard)
Crossposted-To: sci.math
Subject: Why Galois Fields in Cryptography?
Date: Tue, 05 Dec 2000 04:50:34 GMT
The new Advanced Encryption Standard, Rijndael, makes use of
arithmetic in GF(2^8). So did Twofish, one of the other finalists in
the AES process.
Not being terribly up on advanced math, I wondered why this relatively
unfamiliar type of operation was used in these block ciphers. I
realize that exotic math is needed for public-key algorithms, but
surely prosaic things like addition, XOR, table-lookup, and so on seem
to be enough for many block ciphers.
However, in a thread (on sci.crypt) titled "The Next Step After OTP",
I considered one intrinsic weakness of the one-time-pad and certain
other stream ciphers - those which simply XOR the output of a
pseudo-random number generator with the plaintext - the fact that one
can XOR a pattern of bits with the ciphertext, with the certain result
that one has changed the plaintext in the corresponding way. This is
called the "bit-flipping" attack, and essentially the same thing can
be done if modulo-n addition for n larger than 2 replaces XOR.
Naturally, there are other solutions to this problem, involving
one-way hash functions, that are used in practice, but I thought it
was interesting theoretically to see what would be the _minimum_
requirement to make a cipher that behaved like a stream cipher which
provided a different rearranged substitution alphabet for every symbol
enciphered. It is easy enough to produce a cipher like that if one is
willing to be elaborate and complicated; a rotor machine simulation is
one possibility, but what is the minimum condition?
It turns out that if the conditions are explicitly stated as follows:
the keystream symbols have to have the properties needed for a
one-time-pad, and furthermore
when a corresponding plaintext and ciphertext symbol are known,
changing the ciphertext symbol to any one of the other possible values
must have the result that all the plaintext symbols (except the known
one) must be equally likely
they can be met, for an alphabet of N symbols, if the keystream
consists of symbols from a set of N(N-1) symbols, that determine two
quantities, A (having N values) and B (having N-1 values) where the
encipherment operation is: (plain * B) + A = cipher, where * and + are
the operators for a finite field of order N.
And so, if one wishes to encrypt a binary data stream eight bits at a
time, this attractive property is therefore attained by means of
GF(2^8).
Which gives one reason _why_ one might see Galois Fields in use for
cryptographic purposes. I've now added a page to my web site at
http://home.ecn.ab.ca/~jsavard/crypto/co041103.htm
containing the material from that thread, at which people are invited
to look and tell me if I'm making sense or if I'm all wet.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
--
From: [EMAIL PROTECTED] (Guy Macon)
Subject: Re: RC4 or Rijndael
Date: 05 Dec 2000 05:49:59 GMT
Bill Unruh wrote:
Yes, RC4 is a stream cypher. The key can never be reused or the strength
is essentially zero. It is very easy to code, and is much faster.
However it is totally useless unless you can choose a random key each
use. (eg, by sending the key via RSA).
Huh???
I use the ciphersaber [1] implementation of ARCFOUR [2] with the same
secret passphrase every time. There are additional random b
Cryptography-Digest Digest #273
Cryptography-Digest Digest #273, Volume #12 Sun, 23 Jul 00 13:13:00 EDT
Contents:
Re: Guardian 19/7/2000: "That charter for snoopers" (Andy Mabbett)
Re: Random Appearance (Future Beacon)
Re: Question Regarding Encrypting CD-ROM -RW Disks (jungle)
Re: Crypto jokes? (potentially OT) (Sundial Services)
Re: Question Regarding Encrypting CD-ROM -RW Disks (Sundial Services)
Proving continued possession of a file (Mark Wooding)
Re: 8 bit block ciphers ("Douglas A. Gwyn")
Re: Proving continued possession of a file (Nicol So)
Re: Proving continued possession of a file (Edward Keyes)
Re: 8 bit block ciphers (Boris Kazak)
Re: Proving continued possession of a file ("Scott Fluhrer")
Re: Proving continued possession of a file (Boris Kazak)
Re: Proving continued possession of a file (Mack)
Re: 8 bit block ciphers (Mack)
Re: 8 bit block ciphers (Mack)
From: Andy Mabbett [EMAIL PROTECTED]
Crossposted-To:
uk.media.newspapers,uk.legal,alt.security.pgp,alt.privacy,uk.politics.parliament,uk.politics.crime,talk.politics.crypto,alt.ph.uk,alt.conspiracy.spy,alt.security.scramdisk,uk.telecom,uk.finance,uk.local.east-anglia,alt.politics.british
Subject: Re: Guardian 19/7/2000: "That charter for snoopers"
Date: Sun, 23 Jul 2000 10:57:37 +0100
In article [EMAIL PROTECTED], Cyril
Disobedient [EMAIL PROTECTED] writes
Special report: free speech on the net
uk.media.newspapers us for discussion /of/ newspapers in the UK; not
merely the reposting of articles. Please desist.
(FU set)
--
Andy Mabbett
"I've been meaning to tidy up, but you know how it is:
you blink and - whoops - another year gone"
--
From: Future Beacon [EMAIL PROTECTED]
Subject: Re: Random Appearance
Date: Sun, 23 Jul 2000 08:40:25 -0400
On Sun, 23 Jul 2000, Douglas A. Gwyn wrote:
Future Beacon wrote:
I am convinced that it is possible.
Basic information theory says otherwise.
For your notion to work, the input plaintext would have to
be restricted to a selection from a limited set, not a
completely general message of length N.
Do you have a proof?
Jim Trek
Future Beacon Technology
http://eznet.net/~progress
[EMAIL PROTECTED]
--
From: jungle [EMAIL PROTECTED]
Subject: Re: Question Regarding Encrypting CD-ROM -RW Disks
Date: Sun, 23 Jul 2000 08:54:36 -0400
yes, the AGENCIES have the way to do it ...
they have the way to ELIMINATE anyone from the surface to ...
but the fact is :
the hammer will not destroy data but ONLY drive ...
the sensitivity level of data on H/D is irrelevant ...
Sundial Services wrote:
:-) If the information on your hard-drive is that sensitive, that
someone would work that damned hard to recover it, then "they'll find a
way to put you in jail anyway." ;-)
jungle wrote:
Greg wrote:
==
The point
your point will not protect your data "in a hurry" against AGENCIES work ...
I am making is that with my notebook, and others like it
I am sure, if you had to destroy the HD in a hurry, you could simply
slide it out and go at it with a sledge hammer.
hammer is not destroying data but ONLY DRIVE ...
you need to understand the difference ...
These drives are
tiny, thin, and very susceptible to any pressure on their top surface.
what above has to do with destroying magnetic data ?
ANSWER : almost nothing ...
--
Date: Sun, 23 Jul 2000 06:30:52 -0700
From: Sundial Services [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
Subject: Re: Crypto jokes? (potentially OT)
I've always had the unpleasant feeling that the real reasoning on this
was, "we don't want to have to share the patents with the school down
the street." (Gotta share it with the student but we can bully him out
of "our half of it." He's starving, you know.)
Douglas A. Gwyn wrote:
[...]
The idea that when an idea is independently discovered by
multiple researchers, the first one to reach print gets all
the credit has always been screwy. It leads to such things
as a graduate student having to start his thesis work all
over because his independent work is no longer considered
"original research" and thus does not qualify for a degree.
So long as everybody is convinced that the researchers did
work independently and were not aware of each other's work,
in a rational world they should share credit for the invention.
The main question is whether the earlier work was partially
"leaked" and the later work was inspired by that information,
in which case only the earlier work is the true innovation.
--
Date: Sun, 23 Jul 2000 06:32:56 -0700
From: Sundial Services [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
Subject: Re:
Cryptography-Digest Digest #273
Cryptography-Digest Digest #273, Volume #10 Sun, 19 Sep 99 08:13:03 EDT
Contents:
Cryptography FAQ (10/10: References) ([EMAIL PROTECTED])
Re: Exclusive Or (XOR) Knapsacks ("Gary")
Re: ECC (again...) (DJohn37050)
Windows 95/98 version of Encryption for the Masses available now! (Paul Le Roux)
From: [EMAIL PROTECTED]
Crossposted-To: talk.politics.crypto,sci.answers,news.answers,talk.answers
Subject: Cryptography FAQ (10/10: References)
Date: 19 Sep 1999 11:18:36 GMT
Reply-To: [EMAIL PROTECTED]
Archive-name: cryptography-faq/part10
Last-modified: 94/06/13
This is the tenth of ten parts of the sci.crypt FAQ. The parts are
mostly independent, but you should read the first part before the rest.
We don't have the time to send out missing parts by mail, so don't ask.
Notes such as ``[KAH67]'' refer to the reference list in this part.
The sections of this FAQ are available via anonymous FTP to rtfm.mit.edu
as /pub/usenet/news.answers/cryptography-faq/part[xx]. The Cryptography
FAQ is posted to the newsgroups sci.crypt, talk.politics.crypto,
sci.answers, and news.answers every 21 days.
Contents
10.1. Books on history and classical methods
10.2. Books on modern methods
10.3. Survey articles
10.4. Reference articles
10.5. Journals, conference proceedings
10.6. Other
10.7. How may one obtain copies of FIPS and ANSI standards cited herein?
10.8. Electronic sources
10.9. RFCs (available from [FTPRF])
10.10. Related newsgroups
10.1. Books on history and classical methods
[FRIE1] Lambros D. Callimahos, William F. Friedman, Military Cryptanalytics.
Aegean Park Press, ?.
[DEA85] Cipher A. Deavours Louis Kruh, Machine Cryptography and
Modern Cryptanalysis. Artech House, 610 Washington St.,
Dedham, MA 02026, 1985.
[FRIE2] William F. Friedman, Solving German Codes in World War I.
Aegean Park Press, ?.
[GAI44] H. Gaines, Cryptanalysis, a study of ciphers and their
solution. Dover Publications, 1944.
[HIN00] F.H.Hinsley, et al., British Intelligence in the Second
World War. Cambridge University Press. (vol's 1, 2, 3a, 3b
4, so far). XXX Years and authors, fix XXX
[HOD83] Andrew Hodges, Alan Turing: The Enigma. Burnett Books
Ltd., 1983
[KAH91] David Kahn, Seizing the Enigma. Houghton Mifflin, 1991.
[KAH67] D. Kahn, The Codebreakers. Macmillan Publishing, 1967.
[history] [The abridged paperback edition left out most
technical details; the original hardcover edition is
recommended.]
[KOZ84] W. Kozaczuk, Enigma. University Publications of America, 1984
[KUL76] S. Kullback, Statistical Methods in Cryptanalysis. Aegean
Park Press, 1976.
[SIN66] A. Sinkov, Elementary Cryptanalysis. Math. Assoc. Am. 1966.
[WEL82] Gordon Welchman, The Hut Six Story. McGraw-Hill, 1982.
[YARDL] Herbert O. Yardley, The American Black Chamber. Aegean Park
Press, ?.
10.2. Books on modern methods
[BEK82] H. Beker, F. Piper, Cipher Systems. Wiley, 1982.
[BRA88] G. Brassard, Modern Cryptology: a tutorial.
Spinger-Verlag, 1988.
[DEN82] D. Denning, Cryptography and Data Security. Addison-Wesley
Publishing Company, 1982.
[KOB89] N. Koblitz, A course in number theory and cryptography.
Springer-Verlag, 1987.
[KON81] A. Konheim, Cryptography: a primer. Wiley, 1981.
[MEY82] C. Meyer and S. Matyas, Cryptography: A new dimension in
computer security. Wiley, 1982.
[PAT87] Wayne Patterson, Mathematical Cryptology for Computer
Scientists and Mathematicians. Rowman Littlefield, 1987.
[PFL89] C. Pfleeger, Security in Computing. Prentice-Hall, 1989.
[PRI84] W. Price, D. Davies, Security for computer networks. Wiley, 1984.
[RUE86] R. Rueppel, Design and Analysis of Stream Ciphers.
Springer-Verlag, 1986.
[SAL90] A. Saloma, Public-key cryptography. Springer-Verlag, 1990.
[SCH94] B. Schneier, Applied Cryptography. John Wiley Sons, 1994.
[errata avbl from [EMAIL PROTECTED]]
[WEL88] D. Welsh, Codes and Cryptography. Claredon Press, 1988.
10.3. Survey articles
[ANG83] D. Angluin, D. Lichtenstein, Provable Security in Crypto-
systems: a survey. Yale University, Department of Computer
Science, #288, 1983.
[BET90] T. Beth, Algorithm engineering for public key algorithms.
IEEE Selected Areas of Communication, 1(4), 458--466,
1990.
[DAV83] M. Davio, J. Goethals, Elements of cryptology. in Secure
Digital Communications, G. Longo ed., 1--57, 1983.
[DIF79] W. Diffie, M. Hellman, Privacy and Authentication: An
introduction to cryptography. IEEE proceedings, 67(3),
397--427, 1979.
[DIF88] W. Diffie, The first ten years of public key cryptography.
IEEE proceedings, 76(5), 560--577, 1988.
[FEI73] H. Feistel, Cryptography and Comput
