Cryptography-Digest Digest #670
Cryptography-Digest Digest #670, Volume #11 Sun, 30 Apr 00 11:13:01 EDT
Contents:
Re: Janet and John learn about bits (was Re: Problems with OAP-L3) (Tom St Denis)
Re: Janet and John learn about bits (was Re: Problems with OAP-L3) (Tom St Denis)
Re: OAP-L3: Semester 1 / Class #1 All are invited. (Tom St Denis)
Re: - Bestcrypt and ATA-66 enabled m/b - Anyone get these working without
conflicts/BSOD? ("ronnie bonnie")
Re: How would a 15 year old start? (Andy Dingley)
Re: Sunday Times 30/4/2000: "MI5 builds new centre to read e-mails onthe net"
(Dave J)
Re: Mathmatical concepts (John Bailey)
Re: base #- digit # ([EMAIL PROTECTED])
Re: Janet and John learn about bits (was Re: Problems with OAP-L3) (David Blackman)
40 Cryptography books reviewed (David Youd)
Re: new Echelon article ("Trevor L. Jackson, III")
Re: How would a 15 year old start? (David A Molnar)
Re: Janet and John learn about bits (was Re: Problems with OAP-L3) ("Trevor L.
Jackson, III")
From: Tom St Denis [EMAIL PROTECTED]
Subject: Re: Janet and John learn about bits (was Re: Problems with OAP-L3)
Date: Sun, 30 Apr 2000 13:13:26 GMT
Anthony Stephen Szopa wrote:
You say writing encryption software is easy. You've done it? Just
do this and just do that?
Who wants just "adequate" or "okay" encryption software? We've got
plenty of that already.
The gold medal goes to creating unbreakable encryption... And
creating it first.
I claim to have created unbreakable encryption software. And I
can provide anyone with the software to see for themselves. The
Help Files describe OAP-L3, and the Theory and Processes Help Files
prove my claim.
You have yet to prove it's totally secure, just saying "it's
unbreakable" isn't enough.
Tom
--
From: Tom St Denis [EMAIL PROTECTED]
Subject: Re: Janet and John learn about bits (was Re: Problems with OAP-L3)
Date: Sun, 30 Apr 2000 13:14:58 GMT
Mark Wooding wrote:
Tom St Denis [EMAIL PROTECTED] wrote:
I am talking about using MD2 to hash the password+salt so you don't
actually see the output ever.
Ahh. I'd still use a good hash function, though. And I'd also consider
adding a MAC, just to protect against modifications.
-- [mdw]
Well if I am sending a zip file I encrypted then I need not add a MAC.
The goal was to make a super small file encryption program (in C). In
my program (I can show the source if you want, but it's not exactly ANSI
C) I used a variation of MD2 (cuz I didn't have a ref for it at the
time) and RC2-CBC.
Tom
--
From: Tom St Denis [EMAIL PROTECTED]
Subject: Re: OAP-L3: Semester 1 / Class #1 All are invited.
Date: Sun, 30 Apr 2000 13:15:55 GMT
Anthony Stephen Szopa wrote:
Tim Tyler wrote:
In sci.crypt James Felling [EMAIL PROTECTED] wrote:
: [...] No algorithim is bias free that is a fact of life.
: (Please review your information theory) -- all algorithims produce
: output with SOME bias -- the goal is to minimise this bias. The fact
: that you claim "no bias" seems to me to indicate that you have a
: flawed understanding og the way that things work.
"Bias" is a technical term with a definition that implies that it can
be rather easy to generate streams with *absolutely* no bias.
Perhaps you should say what you mean by this term if your definition
differs - if, say, you're using it as something like a synonym for
"deviations from randomness".
--
__ Lotus Artificial Life http://alife.co.uk/ [EMAIL PROTECTED]
|im |yler The Mandala Centre http://mandala.co.uk/ Be good, do good.
Even true random processes have significant bias over relatively
short runs. The longer the run the less the bias. The bias may
never disappear but it will most certainly shift. The problem is
identifying this bias.
OAP-L3 produces the same sort of output as a true random process
once the key reaches sufficient length, this length being, in part,
the point where brute force attack becomes infeasible.
That's awesome... no wait, any cryptographic prng shares this same
property... Oh well.
Tom
--
From: "ronnie bonnie" [EMAIL PROTECTED]
Subject: Re: - Bestcrypt and ATA-66 enabled m/b - Anyone get these working without
conflicts/BSOD?
Date: Sun, 30 Apr 2000 11:55:56 +0200
Take a look at pgpdisk. It is in the pgp602 freeware package.
BTW. I am currently using bestcrypt on a ata66 board without any problems.
"Drewjen" [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]...
I was wondering if anyone has been able to get BestCrypt encryption
software
(http://www.jetico.sci.fi/) running on an ATA-66 enabled board. On every
Win98/ATA-66 enabled board I've tried, I get "Blue Screen
Cryptography-Digest Digest #670
Cryptography-Digest Digest #670, Volume #10 Fri, 3 Dec 99 00:13:01 EST
Contents:
Re: Any negative comments about Peekboo free win95/98 message encryptor (Tom McCune)
Re: Encrypting short blocks ("Dan Schwartz")
Re: What part of 'You need the key to know' don't you people get? (Johnny Bravo)
Re: Quantum Computers and PGP et al. (Johnny Bravo)
Re: NSA should do a cryptoanalysis of AES (Johnny Bravo)
Re: The $10,000.00 contesta (Johnny Bravo)
Re: Any negative comments about Peekboo how to confirm designer
([EMAIL PROTECTED])
Re: Any negative comments about Peekboo How to verify that promised
([EMAIL PROTECTED])
Re: NSA should do a cryptoanalysis of AES (SCOTT19U.ZIP_GUY)
repeated DH over MOD P (jerome)
Re: NP-hard Problems (Bill Unruh)
Re: Elliptic Curve Public-Key Cryptography (Paul Rubin)
Re: Why Aren't Virtual Dice Adequate? ("r.e.s.")
Crossposted-To: alt.security.pgp
From: Tom McCune [EMAIL PROTECTED]
Subject: Re: Any negative comments about Peekboo free win95/98 message encryptor
Date: Fri, 03 Dec 1999 01:09:42 GMT
In article 8274av$hn0$[EMAIL PROTECTED], [EMAIL PROTECTED] (Keith A
Monahan) wrote:
I trust it's security enough to send a message across irc, but I wouldn't
choose to use it to say, encrypt my credit card to another person.
This thread has gained enough of my interest to download it, and I'm
generating a key right now - actually it didn't take very long and I have
already made another one so I can use the program with myself. I am a little
puzzled with the above level of trust - since I often hand my credit card over
to all kinds of strangers (for purchases), I personally consider credit card
info encryption to require very little confidence.
-Tom
I use PGP for Privacy and Authenticity:
http://www.Tom.McCune.net/PGP.htm
--
From: "Dan Schwartz" [EMAIL PROTECTED]
Subject: Re: Encrypting short blocks
Date: Thu, 2 Dec 1999 20:36:03 -0500
Markus Peuhkuri wrote in message ...
What I want is following property: given message M1 (length N
bits) produces same encrypted message E1 (length N bits) every
time run. Message M2 produces message E2, which is different
from E1 iff message M2 is different from M1. However, I'm
willing to accept some probability of collisions, less than
1/1000 (different messages M1 and M2 produce same result E1).
It sounds like you don't need to decrypt the messages, i.e. derive M1 from
E1. If that's the case, just pad each message to a standard block length
(e.g. 64 bits), use any encryption algorithm, and take N bits of the result.
Any good encryption algorithm should produce results that "look" random,
making the likelihood of a collision between any two messages roughly 1 in
2^N.
If you want a very simple algorithm, and don't require super strong
security, check out TEA.
Dan Schwartz
--
From: [EMAIL PROTECTED] (Johnny Bravo)
Subject: Re: What part of 'You need the key to know' don't you people get?
Date: Thu, 02 Dec 1999 20:43:21 GMT
On Thu, 02 Dec 1999 11:36:08 -0600, [EMAIL PROTECTED] (wtshaw) wrote:
There are so many cases of everybody being wrong when someone else is
right. You honestly cannot reject a single detractor on sight. I assure
you that I want to see evidence of his claims if possible, or define them
at least worth more study.
If they have a claim and offer evidence to support this claim, then
we can define the claim as worth more study.
Making a claim and offering no proof other than the assertion "I'm
right, and you are wrong." is not worth further study. This is
because even if you prove that one claim wrong, they will just throw
out more claims. It is easier to make claims that to support or
disprove them, why should the community be tasked with debunking every
crackpot theory that anyone could ever come up with. If you want
people to consider your claims, you need evidence that your claim is
valid.
The last thing I am going to do is reject
claims if there is reason to believe that they might be true.
Really? I claim you are a murderer. Given that the other people on
this group don't personally know either of us (and have no idea if I
know you personally or not), there is a reason to believe that it
might be true. So now you should prove to the group that you are NOT
a murderer.
Being open
to such things may seem a burden, but it is a requirement nonetheless.
There is no requirement that we should accept spurious claims
without evidence. Logic suggests otherwise.
Personaly, I have a few rather unpopular ideas myself, backed up by my
experience; if they prove accurate according to additional data, mine or
others, I surely will mention them again.
This is where you diverge from the topic of discussion. You are
willing to test your ideas according to existing data.
