Cryptography-Digest Digest #591
Cryptography-Digest Digest #591, Volume #13 Tue, 30 Jan 01 10:13:01 EST
Contents:
Re: A Password Protocol (John Savard)
Re: Why Microsoft's Product Activation Stinks (wtshaw)
Re: Windows encryption: API and file system (wtshaw)
Re: Security of Centrinity's FirstClass Product ([EMAIL PROTECTED])
Re: random number generators. Can someone help? (Mok-Kong Shen)
Re: On combining permutations and substitutions in encryption (Mok-Kong Shen)
Re: fast signing (Paul Rubin)
test ([EMAIL PROTECTED])
Re: Dynamic Transposition Revisited (long) (Rob Warnock)
Re: Dynamic Transposition Revisited (long) (Rob Warnock)
News: Szopa Goes E-Postal. Plus, I.T. Industry faces FUD Clean Up? (Lord Running
Clam)
Re: fast signing (Mehdi-Laurent Akkar)
Re: test (Mehdi-Laurent Akkar)
Re: fast signing (Bob Silverman)
Re: Primality Test (Bob Silverman)
Re: Primality Test (Bob Silverman)
Re: cryptographic tourism in Russia ("Rodney Perkins")
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: A Password Protocol
Date: Tue, 30 Jan 2001 07:01:07 GMT
On Tue, 30 Jan 2001 03:38:51 GMT, Benjamin Goldberg
[EMAIL PROTECTED] wrote, in part:
Given the scenario requirements, it seems quite obvious that the best
thing to be using is Kerberos. Do a google search, and you'll get lots
of decent descriptions.
Actually, you'll find one on my web site.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
--
From: [EMAIL PROTECTED] (wtshaw)
Crossposted-To: or.politics,talk.politics.crypto,misc.survivalism
Subject: Re: Why Microsoft's Product Activation Stinks
Date: Tue, 30 Jan 2001 00:45:27 -0600
In article [EMAIL PROTECTED], Anthony Stephen Szopa
[EMAIL PROTECTED] wrote:
Bill Gates is worth nearly a hundred billion dollars and you can say
things are not settled yet.
Ha ha ha.
Court cases...
--
Some people say what they think will impress you, but ultimately
do as they please. If their past shows this, don't expect a change.
--
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: Windows encryption: API and file system
Date: Tue, 30 Jan 2001 00:43:26 -0600
In article [EMAIL PROTECTED],
[EMAIL PROTECTED] wrote:
NT is not a problem if the alternative is Windows9x! ... and the
original poster did ask about *Windows* encryption.
Neither is acceptable.
--
Some people say what they think will impress you, but ultimately
do as they please. If their past shows this, don't expect a change.
--
From: [EMAIL PROTECTED]
Subject: Re: Security of Centrinity's FirstClass Product
Date: Tue, 30 Jan 2001 07:36:37 GMT
Thanks guys... I think I get a better idea now
GW
Sent via Deja.com
http://www.deja.com/
--
From: Mok-Kong Shen [EMAIL PROTECTED]
Subject: Re: random number generators. Can someone help?
Date: Tue, 30 Jan 2001 10:31:47 +0100
[EMAIL PROTECTED] wrote:
Sorry to bother. I don't know if there is a more appropriate NG for my
question or not. I was wondering if there is a web-site that will allow
you to program simple random # routines without actually
programming/without having to do any downloading, out there? I figure
someone must have thought of this idea, before me, and since most people
are less lazy, and have more resources available, I would guess that
someone has done it. If there isn't now was there ever one? Is there a
better NG (or elist, etc.)for me to be asking this qwuestion @?
With the least effort: Your programming language or the
operating system normally has a PRNG ready. If you are
in a scientific computing environment: There are PRNGs
in numerical libraries, e.g. NAG, IMSL, that you can
include and use in your programs. Otherwise, for code:
Press et al., Numerical Recipes; for theory: Knuth,
The Art of Computer Programming, Vol.2. For testing
of random numbers: http://csrc.nist.gov/rng/ The NG is:
sci.crypt.random-numbers.
M. K. Shen
http://home.t-online.de/home/mok-kong.shen
--
From: Mok-Kong Shen [EMAIL PROTECTED]
Subject: Re: On combining permutations and substitutions in encryption
Date: Tue, 30 Jan 2001 11:24:12 +0100
Terry Ritter wrote:
[snip]
Since some RNG information is hidden by the advanced combiner, the
issue of whether *all* relevant information can be hidden is more than
some vain hope; it is a reasonable question. A positive example would
indeed be "absolutely" unbreakable for attacks from the ciphertext
channel, but not necessarily unbreakable for unlimited computation.
This is not weird science.
An RNG is only predictable when we know enough about it. While we
cannot expect to create unpredictability by computation, we might well
hope to achieve the inability to exploit the predictability we know is
there.
I am unaware of any proofs in cryptography whi
Cryptography-Digest Digest #591
Cryptography-Digest Digest #591, Volume #12 Fri, 1 Sep 00 13:13:00 EDT
Contents:
cryptology software ("Michal Kvasnicka")
Free crypto aplication (Piotr Kulinski)
Re: Patent, Patent is a nightmare, all software patent shuld not be (Steve Rush)
Re: QKD and The Space Shuttle (John Savard)
Re: QKD and The Space Shuttle (John Savard)
Re: test (John Savard)
Re: PGP 6.5.8 test: That's NOT enough !!! (@@)
Re: Remark on practical predictability of sequences ("John A. Malley")
Re: Free crypto aplication (JCA)
Re: RSA public exponent (Bob Silverman)
Re: "Warn when encrypting to keys with an ADK" (Robert Gifford)
Re: more on that neat prime generator (Bob Silverman)
Re: Idea for creating primes ("Scott Fluhrer")
Re: QKD and The Space Shuttle (Mary Shafer)
Re: Security in RSA 'e' (DJohn37050)
Re: Two quick practical questions (Maybe not scientific enough ;-) (Mike Rosing)
Re: crypto organisations societies (Mike Rosing)
Barrett's reduction algorithm (Steve Bryan)
Re: Barrett's reduction algorithm (Roger Schlafly)
Re: 4x4 s-boxes (Terry Ritter)
Re: 96-bit LFSR needed (Mack)
From: "Michal Kvasnicka" [EMAIL PROTECTED]
Subject: cryptology software
Date: Fri, 1 Sep 2000 10:23:30 +0200
I am looking for Maple or Matlab cryptography and cryptoanalysis software.
Thanks in advance for any help,
Michal
--
Michal Kvasnicka
[EMAIL PROTECTED]
--
From: [EMAIL PROTECTED] (Piotr Kulinski)
Subject: Free crypto aplication
Date: Fri, 01 Sep 2000 12:13:19 GMT
Reply-To: [EMAIL PROTECTED]
Hello
Few months ago I created crypto app called SCA.
SCA is Crypto Application I wrote to encrypt,compress and / or base 64
process any files.It uses a really strong algorithms with cool key
lenght to protect data from "prying eyes" : DES (56 bits) , IDEA (128
bits) , Blowfish (256 bits version).
SCA uses an excellent crypto library (v. 2.3) by Wei Dai
This app is *absolutely free* for non-commercial use.
If someone is interested plase try this link
http://ns1.widzew.net/~cotton/
Any comment would be appreciate
Best regards
Peter
--
From: [EMAIL PROTECTED] (Steve Rush)
Subject: Re: Patent, Patent is a nightmare, all software patent shuld not be
Date: 01 Sep 2000 12:42:37 GMT
It seems that some terrorist has slipped an LSD bomb into the US Patent and
Trademark Office. That is as good an explanation as any for some of the
patents we've seen lately, and it has the advantage of not accusing the patent
examiners of accepting a huge bribe from the American Trial Lawyers
Association.
Can anyone come up with a better reason for granting patents on ideas -like
overlapping screen windows- that were in wide use for years before the patent
application?
==
==
If it's spam, it's a scam. Don't do business with Net abusers.
--
From: [EMAIL PROTECTED] (John Savard)
Crossposted-To: sci.space.shuttle,talk.politics.crypto
Subject: Re: QKD and The Space Shuttle
Date: Fri, 01 Sep 2000 12:59:12 GMT
On Thu, 31 Aug 2000 19:30:29 -0700, Mike Dicenso
[EMAIL PROTECTED] wrote, in part:
On Fri, 1 Sep 2000, John Savard wrote:
http://www.boeing.com/defense-space/space/ius/
which will be used to boost Chandra into its proper orbit.
That should be in the past tense, the mission was flown 23 July of last
year. :)
As was noted on those web sites.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
--
From: [EMAIL PROTECTED] (John Savard)
Crossposted-To: sci.space.shuttle,talk.politics.crypto
Subject: Re: QKD and The Space Shuttle
Date: Fri, 01 Sep 2000 13:00:50 GMT
On Fri, 01 Sep 2000 01:59:46 GMT, [EMAIL PROTECTED]
(John Savard) wrote, in part:
On Thu, 31 Aug 2000 19:58:58 +, Alan
Mackenzie[EMAIL PROTECTED] wrote, in part:
STS-93:
The designation of a Shuttle mission.
Oh, yes:
upturned nose
STS stands for Space Transportation System, the *official* name of
that which is _colloquially_ known as the "Space Shuttle".
/upturned nose
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
--
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: test
Date: Fri, 01 Sep 2000 13:05:40 GMT
On Fri, 01 Sep 2000 02:59:26 GMT, [EMAIL PROTECTED] wrote, in part:
In article [EMAIL PROTECTED],
[EMAIL PROTECTED] wrote:
test
Love, Jim
You passed. Please post tests to alt.test
I'm astonished: checking the header fields, the test post to which you
replied does not appear to be a forgery.
Jim Walsh is best known as a poster to talk.politics.china, in which
his posts in defense of liberty, and critical of the Beijing
dictatorship, have made him the target of vicious personal attacks
from a number of apologists for the butchers of Tiena
Cryptography-Digest Digest #591
Cryptography-Digest Digest #591, Volume #11 Fri, 21 Apr 00 03:13:00 EDT
Contents:
Re: OAP-L3: Semester 1 / Class #1 All are invited. ("Joseph Ashwood")
Re: OAP-L3: Semester 1 / Class #1 All are invited. ("Joseph Ashwood")
Re: Requested: update on aes contest (wtshaw)
Re: The Illusion of Security (UBCHI2)
Re: OAP-L3: Semester 1 / Class #1 All are invited. (Anthony Stephen Szopa)
Re: OAP-L3: Semester 1 / Class #1 All are invited. (Anthony Stephen Szopa)
From: "Joseph Ashwood" [EMAIL PROTECTED]
Subject: Re: OAP-L3: Semester 1 / Class #1 All are invited.
Date: Thu, 20 Apr 2000 23:04:41 -0700
Crossposted-To: talk.politics.crypto
You obviously don't have a clue what a table is for or
what you are
looking for in this table or what you need to reply to let
me know
that you "get it."
Here's another table:
59 6f 75 27 72 65 20 61 20 66 75 63 6b 69 6e 67 20 61 73 73
68 6f 6c 2c 20 61 6e 64 20 79 6f 75 20 63 61 6e 20 74 61 6b
65 20 79 6f 75 72 20 61 62 73 6f 6c 75 74 65 20 6c 6f 73 65
72 20 61 6e 20 64 6e 63 72 79 70 74 69 6f 6e 20 61 6c 67 6f
72 69 74 68 6d 20 61 6e 64 20 73 68 6f 76 65 20 69 74 20 77
68 65 72 65 20 74 68 65 20 73 75 6e 20 64 6f 6e 27 74 20 73
68 69 6e 65
And I think it's pretty clear about what you are to do with
it.
Also note that you have misrepresented the random number
generator
when you say the random digit generator in OAP-L3 is not
cryptologically secure.
You have never established that your algorithm is
cryptologically secure, it's probably a safe assumption that
it's not cryptologically secure.
You have chosen one part of the random number generator
and made
this claim. The entire random number generator process
results
in the random numbers contained in the OTPs, and not the
random
digits from the MixFile process you address.
If one part of the pRNG is insecure the entire thing is
insecure (see complaints about original MARS key schedule).
There is only one legitimate test for determining the
security of
encryption software: this test is that the cracker needs
to know
all about the encryption software's inner workings, the
cracker
needs to have a substantial amount of plain text, and the
corresponding encrypted text. From this knowledge and
this
information the cracker must crack all encrypted messages.
No that is not the only legitimate test, if the security of
your pRNG has been successfully compromised without access
to much of the information that you have not released, then
it has been compromised.
You are only asking essentially for the key to the MixFile
/ random
digit process and then trying to predict subsequent random
digits.
Which of course may be enough to compromise the fake
security of your system
You want this key (once removed) and expect someone to
believe you
have cracked this process then you leap to the conclusion
that the
entire random number generator / generation is flawed.
If you don't think he can do it, give him what he asks for.
Joe
--
From: "Joseph Ashwood" [EMAIL PROTECTED]
Subject: Re: OAP-L3: Semester 1 / Class #1 All are invited.
Date: Thu, 20 Apr 2000 23:05:18 -0700
Crossposted-To: talk.politics.crypto
Real cryptologists understand my Help Files.
"Real cryptologists" ignore your useless drivel.
Joe
--
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: Requested: update on aes contest
Date: Thu, 20 Apr 2000 23:13:35 -0600
In article [EMAIL PROTECTED], lcs Mixmaster
Remailer [EMAIL PROTECTED] wrote:
This whole AES process has been a sad, embarrassing revelation of the
personal weaknesses and flaws of the leaders of the field. The spirit of
intellectual dishonesty which has pervaded the contest has been the exact
opposite of the goals and principles the participants claim to endorse.
To be kind, each advocate is going to have a difficult time not supporting
his entry. Fixes were part of the deal, a chance to correct a correctible
flaw. In the case of a clear overriding problem, advocacy is not
sufficient to guarantee longterm success, as the winner will becomes a
universal target so others can say I told you so.
It's not impossible that teams are actually committing the ultimate
intellectual crime by concealing weaknesses in the ciphers which they
themselves know about. They may be having strategy sessions in which
they speculate about whether specific attacks and potential problems in
their own ciphers might be discovered by their rivals. They organize
attack teams against other ciphers, hoping to tarnish each of them at
least slightly so that their own cipher comes out looking best.
It is the best interest of the winner to remain untarnished. Winning,
then losing, does not seem to be a best option. But, winning may not be
as important as some migh
Cryptography-Digest Digest #591
Cryptography-Digest Digest #591, Volume #10 Fri, 19 Nov 99 14:13:02 EST
Contents:
Re: A Random Key Cipher Machine (Tom St Denis)
Re: Fingerprints for encryption alg. (crippa)
Re: AES cyphers leak information like sieves (SCOTT19U.ZIP_GUY)
Re: What part of 'You need the key to know' don't you people get? (SCOTT19U.ZIP_GUY)
Re: ATTN Scott Nelson (CoyoteRed)
Re: Question about enigma rotors (Erik H.)
Re: What part of 'You need the key to know' don't you people get? (SCOTT19U.ZIP_GUY)
Re: AES cyphers leak information like sieves (David Wagner)
Re: Ultimate Crypto Protection? ("Douglas A. Gwyn")
Re: What part of 'You need the key to know' don't you people get? ("Douglas A. Gwyn")
Re: Simpson's Paradox and Quantum Entanglement ([EMAIL PROTECTED])
Re: Backdoor Tactic (Albert P. Belle Isle)
Re: AES cyphers leak information like sieves (Tim Tyler)
From: Tom St Denis [EMAIL PROTECTED]
Subject: Re: A Random Key Cipher Machine
Date: Fri, 19 Nov 1999 13:14:13 GMT
Typing for the most part is too regular to use as 'random' sampling
points along a smooth sine wave. You would be sampling at common
points during 'typing bursts'.
Neat idea otherwise.
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
--
From: crippa [EMAIL PROTECTED]
Subject: Re: Fingerprints for encryption alg.
Date: Fri, 19 Nov 1999 15:06:27 +0100
Roger Carbol wrote:
JPeschel [EMAIL PROTECTED] wrote
is it possible to construct an encryption algorithm X which
will give the encrypted message a fingerprint? The fingerprint
will assure any reader of the encrypted message -even a reader
without the appropriate key- that the underlaying plaintext
has been encrypted with the X algorithm.
Sure it is.
Depends on what [EMAIL PROTECTED] means by "assure"
I suspect. I don't see any way of eliminating false positives,
that is, detecting the fingerprint mistakenly in any old
ciphertext, although certainly it could be made unlikely.
.. Roger Carbol .. [EMAIL PROTECTED]
Correct interpreted.
Alice sends the enciphered message, having
this fingerprint, to Bob. If Eva intercept the enciphered
message and performs the fingerprint verification she will
conclude that enciphering algorithm X was used.
If you know how the algorithm works performing the fingerprint
verification one could possibly add certain data D to an, by
the unbreakable algorithm Y, enciphered message so that it would
pass the fingerprint verification.
But then the question arise, how should this data D be added
without destroying the encipherment done by algorithm Y?
This is the situation:
M = plaintext message.
Eub = UnBreakable encipher algorithm (forbidden by ...the world, government
etc.)
Dub = Deciphering algorithm of Eub.
Ex = legal encipher algorithm accomplishing the fingerprint.
V = the algorithm for the fingerprint verification. Returns true or false.
Fd = the Faking Data algorithm giving V(Fd(M))=true for any message M.
1: V(Eub(M)) = false
2: V(Ex(M)) = true
3: How should Fd be constructed such that
V(Fd(Eub(M))) = true
and also that we can find/know the reversing
algorithm RFd of Fd (RFd(Fd(M)) = M ) such that
Dub(RFd(Fd(Eub(M = M
holds ??
If it is impossible to find this Fd and RFd then we are done.
And we could conclude that an enciphering algorithm leaving
a fingerprint is possible.
But alas, we have one situation still to deal with, shown below:
4: V(Ex(Eub(M))) = true
To over come this situation Ex must be able to understand what kind
a message it is about to encipher. The Ex must make sure that M is
a message written in a pre-known language, e.g. English, Swedish,
C++ code etc. But this is most likely infeasable in practice.
(The Ex must at least hold a dictionary and frequency statistics
of the language in question.)
So much for this idea.
--
Best Regards
/Christofer
~~~
! Christofer Törnkvist ! ERICSSON UTVECKLINGS AB!
! ÄL2/UAB/F/V! SOFTWARE ARCHITECTURE LABORATORY !
! Phone/fax: +46 8 727 57 52 /75 ! Box 1505, SE-125 25 ÄLVSJÖ, SWEDEN !
! [EMAIL PROTECTED] ! Visiting address: Armborstvägen 1 !
! Take juunk away when mailing ! Ext: www.ericsson.se/cslab !
!! Int: www-sarc.ericsson.se/public !
! T H E o p e n s o u r c e a t--- http://www.erlang.org
--
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: AES cyphers leak information like sieves
Date: Fri, 19 Nov 1999 15:08:29 GMT
In article [EMAIL PROTECTED], [EMAIL PROTECTED] (Jerry
Coffin) wrote:
In article [EMAIL PROTECTED], [EMAIL PROTECTED] says...
[ ... ]
I'm not certain, but I have difficulty in imagining a "chaining mode"
of a block cypher that pro
