Cryptography-Digest Digest #709
Cryptography-Digest Digest #709, Volume #13 Sun, 18 Feb 01 09:13:01 EST Contents: Cryptography FAQ (10/10: References) ([EMAIL PROTECTED]) Crossposted-To: talk.politics.crypto,sci.answers,news.answers,talk.answers Subject: Cryptography FAQ (10/10: References) From: [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] Date: 18 Feb 2001 13:56:43 GMT Archive-name: cryptography-faq/part10 Last-modified: 94/06/13 This is the tenth of ten parts of the sci.crypt FAQ. The parts are mostly independent, but you should read the first part before the rest. We don't have the time to send out missing parts by mail, so don't ask. Notes such as ``[KAH67]'' refer to the reference list in this part. The sections of this FAQ are available via anonymous FTP to rtfm.mit.edu as /pub/usenet/news.answers/cryptography-faq/part[xx]. The Cryptography FAQ is posted to the newsgroups sci.crypt, talk.politics.crypto, sci.answers, and news.answers every 21 days. Contents 10.1. Books on history and classical methods 10.2. Books on modern methods 10.3. Survey articles 10.4. Reference articles 10.5. Journals, conference proceedings 10.6. Other 10.7. How may one obtain copies of FIPS and ANSI standards cited herein? 10.8. Electronic sources 10.9. RFCs (available from [FTPRF]) 10.10. Related newsgroups 10.1. Books on history and classical methods [FRIE1] Lambros D. Callimahos, William F. Friedman, Military Cryptanalytics. Aegean Park Press, ?. [DEA85] Cipher A. Deavours & Louis Kruh, Machine Cryptography and Modern Cryptanalysis. Artech House, 610 Washington St., Dedham, MA 02026, 1985. [FRIE2] William F. Friedman, Solving German Codes in World War I. Aegean Park Press, ?. [GAI44] H. Gaines, Cryptanalysis, a study of ciphers and their solution. Dover Publications, 1944. [HIN00] F.H.Hinsley, et al., British Intelligence in the Second World War. Cambridge University Press. (vol's 1, 2, 3a, 3b & 4, so far). XXX Years and authors, fix XXX [HOD83] Andrew Hodges, Alan Turing: The Enigma. Burnett Books Ltd., 1983 [KAH91] David Kahn, Seizing the Enigma. Houghton Mifflin, 1991. [KAH67] D. Kahn, The Codebreakers. Macmillan Publishing, 1967. [history] [The abridged paperback edition left out most technical details; the original hardcover edition is recommended.] [KOZ84] W. Kozaczuk, Enigma. University Publications of America, 1984 [KUL76] S. Kullback, Statistical Methods in Cryptanalysis. Aegean Park Press, 1976. [SIN66] A. Sinkov, Elementary Cryptanalysis. Math. Assoc. Am. 1966. [WEL82] Gordon Welchman, The Hut Six Story. McGraw-Hill, 1982. [YARDL] Herbert O. Yardley, The American Black Chamber. Aegean Park Press, ?. 10.2. Books on modern methods [BEK82] H. Beker, F. Piper, Cipher Systems. Wiley, 1982. [BRA88] G. Brassard, Modern Cryptology: a tutorial. Spinger-Verlag, 1988. [DEN82] D. Denning, Cryptography and Data Security. Addison-Wesley Publishing Company, 1982. [KOB89] N. Koblitz, A course in number theory and cryptography. Springer-Verlag, 1987. [KON81] A. Konheim, Cryptography: a primer. Wiley, 1981. [MEY82] C. Meyer and S. Matyas, Cryptography: A new dimension in computer security. Wiley, 1982. [PAT87] Wayne Patterson, Mathematical Cryptology for Computer Scientists and Mathematicians. Rowman & Littlefield, 1987. [PFL89] C. Pfleeger, Security in Computing. Prentice-Hall, 1989. [PRI84] W. Price, D. Davies, Security for computer networks. Wiley, 1984. [RUE86] R. Rueppel, Design and Analysis of Stream Ciphers. Springer-Verlag, 1986. [SAL90] A. Saloma, Public-key cryptography. Springer-Verlag, 1990. [SCH94] B. Schneier, Applied Cryptography. John Wiley & Sons, 1994. [errata avbl from [EMAIL PROTECTED]] [WEL88] D. Welsh, Codes and Cryptography. Claredon Press, 1988. 10.3. Survey articles [ANG83] D. Angluin, D. Lichtenstein, Provable Security in Crypto- systems: a survey. Yale University, Department of Computer Science, #288, 1983. [BET90] T. Beth, Algorithm engineering for public key algorithms. IEEE Selected Areas of Communication, 1(4), 458--466, 1990. [DAV83] M. Davio, J. Goethals, Elements of cryptology. in Secure Digital Communications, G. Longo ed., 1--57, 1983. [DIF79] W. Diffie, M. Hellman, Privacy and Authentication: An introduction to cryptography. IEEE proceedings, 67(3), 397--427, 1979. [DIF88] W. Diffie, The first ten years of public key cryptography. IEEE proceedings, 76(5), 560--577, 1988. [FEI73] H. Feistel, Cryptography and Computer Privacy. Scientific American, 228(5), 15--23, 1973. [FEI75] H. Feistel, H, W. Notz, J. Lynn Smith. Some crypt
Cryptography-Digest Digest #709
Cryptography-Digest Digest #709, Volume #12 Mon, 18 Sep 00 14:13:01 EDT Contents: Re: Hamming weight (SCOTT19U.ZIP_GUY) Re: QUESTION ABOUT ALGORITHMS (SCOTT19U.ZIP_GUY) Re: Disappearing Email redux ("Richard Bristow") Re: QUESTION ABOUT ALGORITHMS (Runu Knips) Re: non-linear decorrelation? (Mike Rosing) Re: Optimization for speed question. ("Dann Corbit") Re: Chosen and known attacks - are they possible ?? (Mok-Kong Shen) Re: wince encryption algorithm (Mok-Kong Shen) Re: On secret Huffman compression (Mok-Kong Shen) Re: Double Encryption Illegal? (Mok-Kong Shen) Re: Intel's 1.13 MHZ chip (Mok-Kong Shen) Re: QUESTION ABOUT ALGORITHMS (Terry Ritter) Re: Dangers of using same public key for encryption and signatures? (Mike Rosing) From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) Subject: Re: Hamming weight Date: 18 Sep 2000 17:01:50 GMT [EMAIL PROTECTED] (Francois Grieu) wrote in : >"kihdip" <[EMAIL PROTECTED]> asked > >> an exact definition of 'Hamming weight' ?? > >The Hamming weight of a bit string (or non-negative integer) is the >number of bits set in the string (or in the binary representation of the >non-negative integer). > >The Hamming weight of the string 10001 is 2. >The Hamming weight of the integer 19 is 3. > >The Hamming distance of two bit strings is the Hamming weight of their >exclusive-OR. This verifies the usual distance properties. > >A fast, one-line C implementation (find how it works !) > >int h(unsigned long x){int w;for(w=0;x;x&=x-1)w++;return w;} > > >Francois Grieu Francois I liked your C code implimentation. But I was wondering when you talk about hamming weight and a string of bits. Are you limiting your self to only strings that have 8bit length units or are your talking about any string of bits. If one is talking in the abstract of "any string" of bits. is that a finite sting of bits or a bit string of an infinite number of bits the trailing being all zero. The reason I ask is if one assigns the Hamming weight to sting of all bits in an infinite finitly odd file. And since one can easily describe a transform from the finitely odd file state to any bit size block file system one chooses. It might have a wider use than if only applied to 8 bit block length files. This is especailly ture now that encryption block lenght seems to be getting longer. David A. Scott -- SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE http://www.jim.com/jamesd/Kong/scott19u.zip Scott famous encryption website **now all allowed** http://members.xoom.com/ecil/index.htm Scott LATEST UPDATED source for scott*u.zip http://radiusnet.net/crypto/ then look for sub directory scott after pressing CRYPTO Scott famous Compression Page http://members.xoom.com/ecil/compress.htm **NOTE EMAIL address is for SPAMERS*** I leave you with this final thought from President Bill Clinton: -- From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) Subject: Re: QUESTION ABOUT ALGORITHMS Date: 18 Sep 2000 17:08:37 GMT [EMAIL PROTECTED] (Terry Ritter) wrote in <[EMAIL PROTECTED]>: > >On Mon, 18 Sep 2000 13:39:05 +0200, in <[EMAIL PROTECTED]>, in >sci.crypt Runu Knips <[EMAIL PROTECTED]> wrote: > >>Melinda Harris wrote: >>> Can anyone tell me how to patent an algorithm. Where to go. >> >>Guess what - patent office. >> >>> What to sign and how much it costs??? >> >>Well their formulas and it costs AFAIK much. I've heard >>60.000 deutschmarks for a europe-wide patent for a year. >> >>But if you want to patent a cryptographic algorithm, you're >>either a moron or an idiot. A moron if you want to sell >>to people what you know they can get for free, or an idiot >>if you think there are not already enough free algorithms. >> >>> Any response would be greatly appreciated >> >>Hardly. I've insulted you. > >You may have insulted more than you know. For example, I currently >hold three (3) US patents on fundamental cryptographic technology. >Presumably others have patents as well. > >--- >Terry Ritter [EMAIL PROTECTED] http://www.io.com/~ritter/ >Crypto Glossary http://www.io.com/~ritter/GLOSSARY.HTM > Terry I realize your are most likely better at crypto than Mr BS. But he is the media darling and unfortunutly you are not. But a question that might be in most people's mind is how much did the three of these patents cost. And in the long run did you make more money with these methods than if you did not patent them. Did you even possibly lose money since maybe the methods were not blessed by some media made phony crypto guru. David A. Scott --
Cryptography-Digest Digest #709
Cryptography-Digest Digest #709, Volume #11 Fri, 5 May 00 06:13:01 EDT Contents: Re: KRYPTOS Something new ? (Collomb) SBOX program using ideas from CA and ST (CAST design) (Tom St Denis) Q: posts with crypted text (Remove NO_SPAM to reply) Re: RC6 as a Feistel Cipher (Boris Kazak) Re: Any good attorneys? (Scott Contini) Re: Any good attorneys? (Mok-Kong Shen) Crypto Export ("Stou Sandalski") Re: GPS encryption turned off ("Stou Sandalski") Re: KRYPTOS Something new ? (Niklas Frykholm) Re: GPS encryption turned off (Vernon Schryver) Re: Any good attorneys? ("Stou Sandalski") Re: Tempest Attacks with EMF Radiation (Richard Herring) Re: Q: posts with crypted text (David Formosa (aka ? the Platypus)) Re: Silly way of generating randm numbers? (David Formosa (aka ? the Platypus)) Re: GPS encryption turned off (Guy Macon) Re: GPS encryption turned off (Guy Macon) From: [EMAIL PROTECTED] (Collomb) Subject: Re: KRYPTOS Something new ? Date: 5 May 2000 07:58:52 GMT In article <[EMAIL PROTECTED]>, Anders Thulin <[EMAIL PROTECTED]> wrote: > Mok-Kong Shen wrote: > > > Could some experts who have previously solved a large part of the > > cipher comment on the correctness of this complete solution? > > Though not the kind of expert of the kind you ask for, it seems > worth observing that around 90% of the solution is something the > solver placed there himself. > > It would have been nice to have at least a note of how the first > three messages fit into "basically eschatologic message of > KRYPTOS". As it is, they seem rather orphaned. Well, Luke 1:37 > can probably be invoked for that problem as well. > > It's pretty fun to try to interpret the paintings in > Rameses the IX:ths tomb, too. > > -- > Anders Thulin [EMAIL PROTECTED] 040-10 50 63 > Telia Prosoft AB, Hjälmaregatan 3B, 212 19 Malmö, Sweden Kryptos remains a play. I had fun to decipher it. A fun which seems absent on and my intention is not to carry out a test on the theological correctness of Kryptos, nevertheless... you judge more adequate Luke 1-37. But Luke 1-38 is referring to the acceptance of Maria, God cannot act without the agreement of human being. In Genesis, Eva must crush the head of the snake with its foot The foot of God is symbolized, in the solution suggested for Kryptos, by the letter G, the head of the snake by the letter S, which rises out of the block of the three S. You can also note that, all the decoding, uses a reverse reading : that has a meaning. The reverse way symbolizes the return towards the past. However, God appears in back diagonal and non ahead, because only God can change the past. The snake of temptation and the original sin, always present currently, must be crushed. Best regards. [EMAIL PROTECTED] http://calvaweb.calvacom.fr/collomb/ -- From: Tom St Denis <[EMAIL PROTECTED]> Subject: SBOX program using ideas from CA and ST (CAST design) Date: Fri, 05 May 2000 05:01:46 GMT I am starting a new SBOX program using the properties from CAST where I make n, 2^n by 1, boolean functions and try them out. I currently test if each individual boolean function (2^n by 1) is non-linear [1] and follows SAC. Then I compose the log2(n) functions together and check if it's a bijection [2]. After that I do a Bit Independance Test. It's terribly slow (i.e optimizations galore) but does work. [1] I am having trouble knowing how to bound the WalshTransform output of a n-bit function so that I can be sure it's non-linear... any help? [2] I don't get the Sum(n, i=0) AiFi, A = { 0, 1 }. Notation in the paper so I do the 'poor' mans method for testing it's a bijection, help!. You can check it out at http://24.42.86.123/sbox.c Excuse the poor math this is all knew to me (my other program was a just a random search method of sorts... ). Tom -- Want your academic website listed on a free websearch engine? Then please check out http://tomstdenis.n3.net/search.html, it's entirely free and there are no advertisements. -- From: [EMAIL PROTECTED] (Remove NO_SPAM to reply) Subject: Q: posts with crypted text Reply-to: [EMAIL PROTECTED] (Remove NO_SPAM to reply) Date: Fri, 05 May 2000 05:47:38 GMT Ok, I'm *really* curious here. I just saw a post spammed to several newsgroups (though strangely not this one). And (this is the second time I've seen this) it was followed by what appears to be crypted text. I did a statistical character analysis on it, and all I can say is that if punctuation is as normal then this probably isn't English. So, could someone out there shed a little light on what is going on in that text, an
Cryptography-Digest Digest #709
Cryptography-Digest Digest #709, Volume #10 Thu, 9 Dec 99 10:13:01 EST Contents: Re: If you're in Australia, the government has the ability to modify your files. >> 4.Dec.1999 ("Rick Braddam") Re: NSA should do a cryptoanalysis of AES ("Rick Braddam") Re: Digitally signing an article in a paper journal (Paul Rubin) Re: Digitally signing an article in a paper journal (KloroX) Re: If you're in Australia, the government has the ability to modify your files. >> 4.Dec.1999 ("Tim Wood") Re: Digitally signing an article in a paper journal ("Phil Bartley") Re: If you're in Australia, the government has the ability to modify your files. >> 4.Dec.1999 (SCOTT19U.ZIP_GUY) Re: weak algorithm, too hard for me (JPeschel) Re: Curious PhenomenaRe: High Speed (1GBit/s) 3DES Processor (Richard Herring) QBITS ("Yuri Federovich") Re: NSA should do a cryptoanalysis of AES (SCOTT19U.ZIP_GUY) Re: NSA future role? (SCOTT19U.ZIP_GUY) Re: If you're in Australia, the government has the ability to modify your files. >> 4.Dec.1999 (Steve K) Re: low exponent in Diffie-hellman? (DJohn37050) Re: NSA future role? (CLSV) Re: low exponent in Diffie-hellman? (Bob Silverman) Re: Shamir announces 1 sec break of GSM A5/1 (SCOTT19U.ZIP_GUY) From: "Rick Braddam" <[EMAIL PROTECTED]> Subject: Re: If you're in Australia, the government has the ability to modify your files. >> 4.Dec.1999 Date: Thu, 9 Dec 1999 03:05:14 -0600 Douglas A. Gwyn <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED]... |> Steve K wrote: |> > Unless he is carrying a badge. Or a gavel. Then, attempting real |> > resistance will get you summarily shot, and properly so. Something |> > about national sovreignty, if I remember my political science |> > defnintions. |> |> It has nothing to do with national sovereignty! |> The government is authorized, or at least able with impunity, |> to use force to achieve its ends. That's why it is important |> for the citizenry to keep a tight rein over the government. |> Apparently in the UK and Australia the citizens have surrendered; |> other evidence for that is that they let the agents of the |> government disarm them (with a consequent, predictable leap |> in the violent crime rate, especially home invasions). Sheep. I think you can look at the UK and Australia to see where we are headed, full speed ahead and (apparently) no brakes. -- Rick Spam bait (With credit to E. Needham): root@localhost postmaster@localhost admin@localhost abuse@localhost [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] -- From: "Rick Braddam" <[EMAIL PROTECTED]> Subject: Re: NSA should do a cryptoanalysis of AES Date: Thu, 9 Dec 1999 02:59:22 -0600 Volker Hetzer <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED]... > Rick Braddam wrote: > > Sounds like the difference between using PGP for email and SSL for purchases. > Well, yes. Basically you can reason about the security of the protocol > without > bearing the final application in mind. The good thing is that after that > you can use > ssl for almost anything. The bad thing is that you cannot make any > assumtions about > the applications that use SSL. Another good thing is that SSL requires nothing of the user -- it is transparent to the user, too. It seems to me that could also be a bad thing... since it doesn't allow much in the way of user options. IIRC, SSL also sends identifiers for the crypto primitives used. That's great for interoperability, but tells an attacker exactly what s/he must attack. And the crypto primitives are a small subset of all available algorithms. Also, there is no mechanism for using a pre-agreed-upon set of primitives without sending/exchanging the identifier information. I would think that an attacker's problems would be compounded if correspondents chose the primitives in advance from a large set of primitives (like Wei Dai's Crypto++ library, or Eric Young's 'original' SSLeay library) and no information identifying which were used were transmitted with messages. -snip agreement- > > I didn't > > think about sending each item of info immediately as soon as it was developed. > Then, of course there are all those nice images where you can watch the > buildup when they gain resolution. Yes, I like those images, too. Is the image information actually transmitted in the page, or is it transmitted as a different 'message' interleaved with the http page? At any rate, Scott's all-or-nothing encryption wouldn't work (in my opinion) in tho
Cryptography-Digest Digest #709
Cryptography-Digest Digest #709, Volume #9 Sat, 12 Jun 99 19:13:04 EDT Contents: Re: Slide Attack on Scott19u.zip (SCOTT19U.ZIP_GUY) Re: RSA example with small numbers (Jim Gillogly) Re: RSA example with small numbers (Gergo Barany) Re: RSA msg length... (James Pate Williams, Jr.) Re: RSA example with small numbers (James Pate Williams, Jr.) Re: Cracking DES ([EMAIL PROTECTED]) Re: Cracking DES (Boris Kazak) Re: RSA example with small numbers (James Pate Williams, Jr.) Re: Slide Attack on Scott19u.zip (David Wagner) Re: RSA example with small numbers ([EMAIL PROTECTED]) Re: Cracking DES (David Wagner) Re: Slide Attack on Scott19u.zip ([EMAIL PROTECTED]) How to read postscript files (David Wagner) From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) Subject: Re: Slide Attack on Scott19u.zip Date: Sat, 12 Jun 1999 22:38:17 GMT In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Tim Redburn) wrote: >On Sat, 12 Jun 1999 20:33:23 GMT, [EMAIL PROTECTED] >(SCOTT19U.ZIP_GUY) wrote: > > >> Actually it is rather well documented. It complies and runs on a PC what >>more to you want? >> > >How do I compile it on my Linux PC - an Intel Pentium using gcc 2.8.1? > >The compiler complains that it can't find keys.h or pc.h, neither of >which are included in the scott19u.zip file. THe guy in germany was able to comple in visual C with out any problem. (At least he had no problems with scott16u) drop pc.h and key.h and change the access() to what every your system use also change make more room for the arrays rt ft bt as I described in past posts. This should allow you to compile. Put I don't have your system so I can't tell exactly what is needed. > >-Tim. > David A. Scott -- SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE http://www.jim.com/jamesd/Kong/scott19u.zip http://members.xoom.com/ecil/index.htm NOTE EMAIL address is for SPAMERS -- From: Jim Gillogly <[EMAIL PROTECTED]> Subject: Re: RSA example with small numbers Date: Sat, 12 Jun 1999 14:28:52 -0700 Gergo Barany wrote: > I selected two primes, p=23 and q=37 (I could use any primes, but they > shouldn't be a lot bigger or smaller, I felt). Their product n=851, > (p-1)(q-1)=792. Then, I had the RSA Algorithm Javascript Page > [http://www.orst.edu/dept/honors/makmur/] generate my keys, d=317 and > e=5 ... > > I chose the number 10 as my plaintext and encrypted it: > C=M^e mod n=10^5 mod 851=433 > > Then I took the cyphertext 433 and decrypted it: > M=C^d mod n=433^{317} mod 851=499 "bc" says (433^317) % 851 = 10. Looks to me like you're OK -- check that last step again. -- Jim Gillogly Hevensday, 22 Forelithe S.R. 1999, 21:26 12.19.6.4.17, 1 Caban 5 Zotz, Seventh Lord of Night -- From: [EMAIL PROTECTED] (Gergo Barany) Subject: Re: RSA example with small numbers Date: 12 Jun 1999 21:39:46 GMT In article <7jue4p$gao$[EMAIL PROTECTED]>, [EMAIL PROTECTED] wrote: > >> I chose the number 10 as my plaintext and encrypted it: >> C=M^e mod n=10^5 mod 851=433 >> >> Then I took the cyphertext 433 and decrypted it: >> M=C^d mod n=433^{317} mod 851=499 > >You did something wrong because > >433**317 (mod 851) = 10 in the win98 calc. Ok, thanks. Apparently, the Win98 calculator works better than my TI-85 when it comes to 835-digit numbers. Thanks also to the other poster for the link to his FreeLIP package. Looks like I'll have to use my PC for calculations, then. Gergo -- Bureaucrats cut red tape -- lengthwise. GU d- s:+ a--- C++>$ UL+++ P>++ L+++ E>++ W+ N++ o? K- w--- !O !M !V PS+ PE+ Y+ PGP+ t* 5+ X- R>+ tv++ b+>+++ DI+ D+ G>++ e* h! !r !y+ -- From: [EMAIL PROTECTED] (James Pate Williams, Jr.) Subject: Re: RSA msg length... Date: Sat, 12 Jun 1999 21:47:29 GMT On Sat, 12 Jun 1999 14:43:39 -0400, "Particle" <[EMAIL PROTECTED]> wrote: >how big can a msg (block) be? Think of an example with artificially small parameters: p = 3 and q = 5, n = p * q = 15 = (in binary). The largest message is m = 14 = 1110. This has bit length 4 which is the bit length of the modulus. Out of curiosity, why is a binary space- partitioning tree interested in cryptography, usually BSP trees are prevalent in computer graphics? ==Pate Williams== [EMAIL PROTECTED] http://www.mindspring.com/~pate -- From: [EMAIL PROTECTED] (James Pate Williams, Jr.) Subject: Re: RSA example with small numbers Date: Sat, 12 Jun 1999 21:56:31 GMT On 12 Jun 1999 21:39:46 GMT, [EMAIL PROTECTED] (Gergo Barany) wrote: > Thanks also to the other poster fo