Cryptography-Digest Digest #658
Cryptography-Digest Digest #658, Volume #13 Thu, 8 Feb 01 13:13:00 EST
Contents:
Re: crack my enkryption ("Paul Pires")
Re: Enigma replicas ? (Jerry Coffin)
Re: PGP 2.6.3ia-cb (now supports CAST5 and BLOWFISH) (jungle)
Re: Low-tech homemade crypto keycards ("Paul Pires")
DSA PRG Flaw ("Pedro Félix")
Re: Distributed entropy distribution ([EMAIL PROTECTED])
Re: Distributed entropy distribution (Tom St Denis)
Re: relative key strength private vs public key (Tom St Denis)
Re: DSA PRG Flaw (Roger Schlafly)
From: "Paul Pires" [EMAIL PROTECTED]
Subject: Re: crack my enkryption
Date: Thu, 8 Feb 2001 09:10:14 -0800
That was a first class response. A demonstration that
consideration and comunication can be powerful tools.
Nice to see.
Paul
John A. Malley [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]...
neXussT wrote:
hi,
i'm writting an enkryption program, and would like someone to crack
the enkryption. Or, if i could get my hands on a program that does it
for me, that would be great too.
Here is the Plaintext:"This is an encrypted file."
Here is the Cyphertext:"1.262497®ÐB½9C³SÅG¶I²3´6ÁFD½Á|"
(without quotes)
please email me at [EMAIL PROTECTED] with questions or comments...or
if you crack it :)
Such enthusiasm for cryptography! That's good.
Finding a ready-made program free and on-line to crack the encryption is
a tall order.
There are tools to aid cryptanalysis. There are ways, techniques and
methods to work the problem.
In fact there are different kinds of cryptanalytic problems to work
(different attacks like the known-plaintext attack,
the ciphertext-only attack, the chosen-plaintext attack, etc.)
But you won't find a ready-made universal cracker for all ciphers :-(
Here you will find people who can teach you more in the science/art of
making and breaking ciphers. :-)
They can point you to web sites on crypto, like (just scratching the
surface here)
Mr. Ritter's site at http://www.io.com/~ritter/
Mr. Savard's site at http://home.ecn.ab.ca/~jsavard/crypto.htm
Mr. Peschel's site at http://members.aol.com/jpeschel/index.htm
and to on-line crypto courses like (this for Classical Cryptography)
http://www.fortunecity.com/skyscraper/coding/379/lesson1.htm
They can point you to beginner, intermediate and advanced books and
journal articles on the subjects of cryptography and cryptanalysis
(which together make cryptology). They can answer questions on some of
the most arcane corners of mathematics relating to cryptography and
cryptanalysis.
They will expect you to put in the time reading and studying the subject
on your own. They are always willing to help answer questions as you
make your way through the subject - but it's a journey you make with
their assisting guidance - no one carries any bags for you, so to speak.
And don't forget the group FAQ - Well worth the reading! The most
common questions on crypto are answered therein. Including the question
you posed on cracking an unknown cipher system's output. :-)
Hope this helps,
John A. Malley
[EMAIL PROTECTED]
== Posted via Newsfeeds.Com, Uncensored Usenet News ==
http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
=== Over 80,000 Newsgroups = 16 Different Servers! ==
--
From: Jerry Coffin [EMAIL PROTECTED]
Subject: Re: Enigma replicas ?
Date: Thu, 8 Feb 2001 10:13:59 -0700
In article 95u366$gmg$[EMAIL PROTECTED],
[EMAIL PROTECTED] says...
Hi all,
I was wondering if any company ever produced Enigma replicas (for us, crypto
enthousiasts, and not intended to be used for secure communication, for sure
;=) ) . I am quite sure the company would sell many of them ;=)
[By the way, is the Enigma in public domain, or does family of A. Schoerbius
(spelling ?) still owns the patent ???]
There doesn't seem to be much chance of a patent problem. First of
all, it seems unlikely that a patent would have been applied for
anywhere outside of Germany, so outside of Germany it never would
have been protected. Second, I believe Germany's patent system has
always expired patents some period of time after application, which
means that the patent would long since have expired in any case.
OTOH, I'm not aware of anybody who's built replicas -- the closest
I've seen have been computer-based simulations.
--
Later,
Jerry.
The Universe is a figment of its own imagination.
--
Date: 8 Feb 2001 17:18:13 -
From: jungle Use-Author-Address-Header@[127.1]
Subject: Re: PGP 2.6.3ia-cb (now supports CAST5 and BLOWFISH)
Crossposted-To: alt.security.pgp,comp.security.pgp.discuss
=BEGIN PGP SIGNED MESSAGE=
08 Feb 2001 in [EMAIL PROTECTED]
[EMAIL PROTECTED] wrote:
jungle wrote:
I just added another
Cryptography-Digest Digest #658
Cryptography-Digest Digest #658, Volume #12 Mon, 11 Sep 00 21:13:00 EDT
Contents:
Re: Problem with Tiger hash algorithm and binary files (Jim Gillogly)
Re: Steganography and secret sorting (Matthew Skala)
Re: CAST-Cipher / CAST-Algorithm ("Brian Gladman")
Re: Getting Started, advice needed (FAQs , yes I read them) ("Paul Pires")
Re: RSA patent expiration party still on for the 20th (No User)
Re: Request for Blind Signature API (lcs Mixmaster Remailer)
Re: RSA public exponent (lcs Mixmaster Remailer)
Re: Bytes, octets, chars, and characters (Paul Schlyter)
Re: RSA patent expiration party still on for the 20th (No User)
Re: CRC's as MAC's (Bryan Olson)
For the Gurus ("root@localhost " [EMAIL PROTECTED])
Re: Getting Started, advice needed (FAQs , yes I read them) ("Scott Fluhrer")
Re: Getting Started, advice needed (FAQs , yes I read them) ("Scott Fluhrer")
Re: Intel's 1.13 MHZ chip (John Savard)
Re: For the Gurus (Jim Gillogly)
Re: MAC (David A. Wagner)
Re: ExCSS Source Code (John Savard)
From: Jim Gillogly [EMAIL PROTECTED]
Subject: Re: Problem with Tiger hash algorithm and binary files
Date: Mon, 11 Sep 2000 22:23:14 +
[EMAIL PROTECTED] wrote:
binary files. For example, when reading a binary file into an array, the
first null character (0) encountered will terminate the string (array).
Your problem is in the hash() macro:
#define hash(str) tiger((byte*)str, strlen(str), res); \
You don't want strlen(str) here: you want count or i.
strlen() is a string function, and terminates when it sees a '\0'.
You should also look more closely at your loops: you're
stepping on your string when you read it in. You shouldn't
need to decrement "count" or step on your input string at all.
I'd also re-write it to work in one pass -- you'll probably have
to look at the tiger code to see how to do it a chunk at a time.
--
Jim Gillogly
Trewesday, 20 Halimath S.R. 2000, 22:16
12.19.7.9.14, 3 Ix 17 Mol, Fifth Lord of Night
--
From: [EMAIL PROTECTED] (Matthew Skala)
Subject: Re: Steganography and secret sorting
Date: 11 Sep 2000 15:14:41 -0700
In article [EMAIL PROTECTED],
Mok-Kong Shen [EMAIL PROTECTED] wrote:
Transposition is one major technique of cryptography. So,
if you rearrange your items in some way unknown to the
opponent, you gain some security. A simple method is to use
a secret seed and a PRNG to do the permutation. The recipient
can inverse the permutation and get back the original stuff.
Usually in transposition schemes, the permutation is determined by the key
and is used to permute the message. My proposal is for steganography
rather than encryption: the permutation is determined by the message
instead of the key, and applied to harmless "cover" traffic.
--
Matthew Skala
[EMAIL PROTECTED] I'm recording the boycott industry!
http://www.islandnet.com/~mskala/
--
From: "Brian Gladman" [EMAIL PROTECTED]
Subject: Re: CAST-Cipher / CAST-Algorithm
Date: Mon, 11 Sep 2000 23:33:03 +0100
can anyone of you send or tell me where to get a good description of
the (function of the) CAST-Cypher / CAST-Algorithm (256-bit version
pereferred). It would also be great if you coud send me or tell me
where to get an implementation (C++-source-code preferred) of said
cipher / algorithm.
I have a C version of the CAST cipher submitted in AES round one on my
web site at:
http://www.gladman.uk.net/
It would be easy to put into C++
Brian Gladman
--
From: "Paul Pires" [EMAIL PROTECTED]
Subject: Re: Getting Started, advice needed (FAQs , yes I read them)
Date: Mon, 11 Sep 2000 15:39:59 -0700
Sorry, I missed this.
I was thinking that was possible,
but maybe a known or chosen plaintext would be needed.
Known or chosen plaintext or ciphertext attacks can actually be easier
than "Guessing" or searching anything. You have to look at who has
access and who might be evil. Let's say group A is everybody who can
get a message encoded or decoded but don't necissarily have access to
the key and Group B are your potential adversaries. If anyone is in both
groups they got you.
The best way to get a known plaintext is to write it yourself and get
it encrypted. If the adversarys can't do it themselves, can they con one
of your group A folks into doing it?
Paul
--
Date: Mon, 11 Sep 2000 18:07:10 -0500
From: No User [EMAIL PROTECTED]
Subject: Re: RSA patent expiration party still on for the 20th
[EMAIL PROTECTED] (Rich Wales) wrote:
"No User" wrote:
Keeping the invention internal and unproductive
for the term of the patent is not enough to claim
the experimental use defens
Cryptography-Digest Digest #658
Cryptography-Digest Digest #658, Volume #11 Sat, 29 Apr 00 00:13:00 EDT
Contents:
Shortcut authenticated Diffie Hellman (lcs Mixmaster Remailer)
Re: Science Daily overstates significance? ("Douglas A. Gwyn")
Re: sci.crypt think will be AES? (Terry Ritter)
Re: sci.crypt think will be AES? (Terry Ritter)
Re: sci.crypt think will be AES? (Terry Ritter)
Re: U-571 movie (OT) ("Stou Sandalski")
Re: Speaking of HD Overwriting... (Guy Macon)
Re: Speaking of HD Overwriting... (Guy Macon)
Re: sboxes for the bored... (Terry Ritter)
Re: sboxes for the bored... (Terry Ritter)
Re: Vs: Requested: update on aes contest (Terry Ritter)
Date: 29 Apr 2000 01:40:08 -
From: lcs Mixmaster Remailer [EMAIL PROTECTED]
Subject: Shortcut authenticated Diffie Hellman
Here is an idea for a shortcut way to do authenticated Diffie Hellman key
exchange. It might be useful for an application where exponentiations
are expensive.
In this situation, only the server will authenticate. The client is
anonymous and so it does not authenticate itself. But the client has
a public key for the server.
In Diffie Hellman key exchange, the client and server each choose secret
values k1 and k2 respectively, and then send g^k1 and g^k2. The shared
secret value is then g^(k1*k2), which each one can calculate but an
eavesdropper cannot. (All this is mod p.)
To authenticate, the server needs to sign its part of the exchange. It
has a secret value x and has published y = g^x as its public key.
In most discrete log based systems the server needs to start off the
signature calculation by choosing a random k and doing g^k. The proposal
for this shortcut is to use that same k as the k1 in the Diffie Hellman
exchange. By doing this the "signature" can be over empty data and
reduces to an identity protocol.
Using the Schnorr identification protocol, the server sends g^k1.
The client sends g^k2 for the DH exchange, and also a challenge value c.
The server responds with r = c*x + k1, mod p-1, which the client verifies
by g^r =?= y^c * g^k1. This is the standard Schnorr ID protocol.
It proves that the server knows the long-term secret key value x, but
also incidentally proves that it knows k1. This is therefore in effect
a signature on k1.
The two sides complete the DH exchange by calculating g^(k1*k2) as usual.
The MITM attack is thwarted because he could not respond with a valid
r value since he does not know x.
Has anyone analyzed a protocol like this? Does it seem reasonable?
--
From: "Douglas A. Gwyn" [EMAIL PROTECTED]
Subject: Re: Science Daily overstates significance?
Date: Sat, 29 Apr 2000 00:46:58 GMT
Joseph Ashwood wrote:
The security of Quantum Cryptography relies on the proof of
One Time Pad
The One Time Pad proof relies on a true random number
generator
The existance of a true random number generator has never
been proven, it has actually been proven that you cannot
prove it's existance.
The *properties* of uniform randomness are quite definite
and suffice for the OTP perfect-secrecy proof.
What I think you're referring to is that there is no way
to prove that a bit generator is generating with perfect
randomness by inspection of its output (which is obvious
when you consider that at time T after the test, it could
suddenly enter a different mode). There is also a notion
of "randomness" a la Chaitin that labels some *finite*
bit strings as "random" or "nonrandom", and a proof that
some string (containing a few thousand bits) is "random"
by that definition but cannot be shown to be so.
...r does not take into account the fact that it may be
possible to force the state some other way. If for example
I, as an attacker, could force your protons to follow my
protons, I would have your pad. If I could force your
protons to follow a random number generator of any kind that
I have in my possession, I will have broken you encryption.
It's not protons, but (typically) photons. It is a
fundamental and well-established fact of quantum theory
that you cannot do such things without destroying the
state coherence, which means your meddling will be
detected by the communicants and they will discard the
compromised section of the key stream.
--
From: [EMAIL PROTECTED] (Terry Ritter)
Subject: Re: sci.crypt think will be AES?
Date: Sat, 29 Apr 2000 01:53:20 GMT
On 28 Apr 2000 14:28:01 -0600, in 8ecs8h$kr7$[EMAIL PROTECTED],
in sci.crypt [EMAIL PROTECTED] (Vernon Schryver) wrote:
In article [EMAIL PROTECTED], Terry Ritter [EMAIL PROTECTED] wrote:
...
Since I already have patents, I don't have to *argue* that I *thought*
I have something new and unique; that has been confirmed.
yeah, confirmed by the same experts who determined that
http://patent.womplex.ibm.com/details?pn=US054
Cryptography-Digest Digest #658
Cryptography-Digest Digest #658, Volume #10 Wed, 1 Dec 99 13:13:01 EST
Contents:
Re: The Code Book - Part 4 (jerome)
Re: Elliptic Curve Public-Key Cryptography (DJohn37050)
Re: High Speed (1GBit/s) 3DES Processor (Sander Vesik)
Re: How safe is Mobile Phone ? (Markus Peuhkuri)
Re: VIC cipher strength? (UBCHI2)
Encrypting short blocks (Markus Peuhkuri)
Re: Elliptic Curve Public-Key Cryptography ("Roger Schlafly")
Re: Encrypting short blocks (Anton Stiglic)
Re: Verication - Anyone? (Anton Stiglic)
Re: compact encryption in javascript (Bill Lynch)
Re: Elliptic Curve Public-Key Cryptography ("Roger Schlafly")
Generate a key pair from a user-entered key file? ([EMAIL PROTECTED])
Re: Paradise shills?? (James Felling)
Re: Decyption proof cellphones in Europe? [x3] (Bruce Schneier)
Re: Elliptic Curve Public-Key Cryptography (Bruce Schneier)
Re: Elliptic Curve Public-Key Cryptography (Bruce Schneier)
Re: AES cyphers leak information like sieves (Volker Hetzer)
Re: Decyption proof cellphones in Europe? [x3] (Ian Goldberg)
Re: NSA should do a cryptoanalysis of AES (Keith A Monahan)
Re: digraph frequencies ([EMAIL PROTECTED])
Re: What part of 'You need the key to know' don't you people get? (Volker Hetzer)
From: [EMAIL PROTECTED] (jerome)
Subject: Re: The Code Book - Part 4
Reply-To: [EMAIL PROTECTED]
Date: Wed, 01 Dec 1999 14:14:21 GMT
yes
On Wed, 01 Dec 1999 11:26:29 GMT, Andreas wrote:
Hello,
Because I can't speak that language (french) after I had decoded it I
can't get the keyword from the text. Anyone who can help with
translation?
Regards
/Andreas
o o
O o
o_/|\_, Student of Computer Science
|Luleå University of Technology
Juggler Sweden
--
From: [EMAIL PROTECTED] (DJohn37050)
Subject: Re: Elliptic Curve Public-Key Cryptography
Date: 01 Dec 1999 14:32:10 GMT
Yes, portions of it were encrypted in a substitution cipher, actually a Caesar
cipher, in that my touch typing fingers were off position by one when I was
correcting an earlier typo.
Don Johnson
--
From: Sander Vesik [EMAIL PROTECTED]
Crossposted-To: comp.dcom.vpn,comp.security.firewalls
Subject: Re: High Speed (1GBit/s) 3DES Processor
Date: 1 Dec 1999 14:38:33 GMT
In sci.crypt Jerry P [EMAIL PROTECTED] wrote:
No market research needed.
3DES at a 1 Gigabit/sec, like anti-gravity, free desalination,
non-polluting engines, and ADSL, is obviously a billion-dollar
winner. NSA can do 3DES at 1 Gigabit/WEEK with Cray computers.
See Chris Eilbecks mail in the same thread.
---
Sander
There is no love, no good, no happiness and no future -
these are all just illusions.
--
From: Markus Peuhkuri [EMAIL PROTECTED]
Subject: Re: How safe is Mobile Phone ?
Date: 01 Dec 1999 16:40:15 +0200
"David" == David Wagner [EMAIL PROTECTED] writes:
David confidence in their product, so why should we believe the
David Sectra folks?
Because "Sectra is the leading developer and manufacturer of
information security products for the Swedish Armed Forces."
(as noted on every page on that web site; I'll leave jokes
about Swedish "Armed" "Forces" as this is not
rec.humor.funny.true_stories).
I _would_ imagine that the phone uses some efficient voice
coding and some suitable block encryption and transmits voice
over GSM data connections (originaly 9.6 kbps, some operators
provide now 14,4 kbps, the speed is lower if newtwork coverage
is poor).
This requires that the other end has also indentical device
to communicate, but that might not be much a problem for
organizations requiring secure communications. Another
problem is that connection setup is slower as many operators
do not have ISDN gateways for communications but use modems
(30 second delay for setup).
The GSM is not sufficient for military grade communications,
I'm not sure about big business. For private communications
it is strong enough (my opinion).
--
Markus Peuhkuri ! [EMAIL PROTECTED] ! http://www.iki.fi/puhuri/
Never underestimate the power of human stupidity
... and don't forget you are a human too.
--
From: [EMAIL PROTECTED] (UBCHI2)
Subject: Re: VIC cipher strength?
Date: 01 Dec 1999 14:58:51 GMT
Looking at the VIC Cipher, it appears that many of the steps leading up to the
straddling checkerboard are quite unecessary. Why not just start with a
predeterminded straddling checkerboard and then perform the rest of the
encipherment.
--
From: Markus Peuhkuri [EMAIL PROTECTED]
