Cryptography-Digest Digest #720
Cryptography-Digest Digest #720, Volume #13 Tue, 20 Feb 01 08:13:01 EST
Contents:
Re: FAQ ("John A. Malley")
New unbreakable code from Rabin? (Roger Schlafly)
Re: New unbreakable code from Rabin? ("Douglas A. Gwyn")
Re: Super strong crypto (wtshaw)
Re: My encryption system. (Paul Crowley)
Re: Given any arbitrary numbers a and b.Can I ALWAYS find a (Jan Kristian Haugland)
Re: Euler's totient function and factoring (Stefan Katzenbeisser)
Re: New unbreakable code from Rabin? (Mok-Kong Shen)
Re: Super strong crypto (Mok-Kong Shen)
Re: New unbreakable code from Rabin? (Hard)
Re: The Kingdom of God ("Jashter")
Re: Is there an algorithm to sequentially enumerate all transcendental numbers?
("Henrick Hellström")
Re: Ciphile Software: Why .EXE files so large (Anthony Stephen Szopa)
Re: OverWrite freeware completely removes unwanted files from hard drive (Anthony
Stephen Szopa)
Re: Is there an algorithm to sequentially enumerate all transcendental numbers?
Re: New unbreakable code from Rabin? (John Savard)
Re: New unbreakable code from Rabin? (John Savard)
Re: What's a KLB-7? (John Savard)
Re: Given any arbitrary numbers a and b. Can I ALWAYS find a transcendental number
between a and b? (John Savard)
From: "John A. Malley" [EMAIL PROTECTED]
Subject: Re: FAQ
Date: Mon, 19 Feb 2001 21:22:40 -0800
kwd_kwp0ee9j9 wrote:
where can I find this newsgroup FAQ?
Posted here every 28 days or so, and there's a copy at
http://www.landfield.com/faqs/cryptography-faq/
Hope this helps,
John A. Malley
[EMAIL PROTECTED]
--
From: Roger Schlafly [EMAIL PROTECTED]
Subject: New unbreakable code from Rabin?
Date: Mon, 19 Feb 2001 21:45:09 -0800
From the NY Times:
In essence, the researcher, Dr. Michael Rabin and his Ph.D.
student Yan Zong Bing, have discovered a way to make a code
based on a key that vanishes even as it is used. While they are not the
first to have thought of such an idea, Dr. Rabin says that never before
has
anyone been able to make it both workable and to prove mathematically
that the code cannot be broken.
"This is the first provably unbreakable code that is really efficient,"
Dr.
Rabin said. "We have proved that the adversary is helpless."
http://www.nytimes.com/2001/02/20/science/20CODE.html?pagewanted=all
(free reg reqd)
--
From: "Douglas A. Gwyn" [EMAIL PROTECTED]
Subject: Re: New unbreakable code from Rabin?
Date: Tue, 20 Feb 2001 06:07:29 GMT
Roger Schlafly wrote:
From the NY Times:
Thanks for the pointer. Upon closer examination, this is a method
that I have seen before, perhaps in this newsgroup -- basically,
establish a publicly visible stream of random bits, and the
communicating parties select a running sample from the bit stream
pool according to some agreed-upon rule, and use that as an XOR
stream one-time key. The idea is apparently that since the enemy
cannot store all the "infinite" bit pool, he cannot keep up with
the communicants, since he doesn't know in advance of analysis
which of the pool bits need to be recorded.
--
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: Super strong crypto
Date: Mon, 19 Feb 2001 23:53:58 -0600
In article [EMAIL PROTECTED], Bryan Olson
[EMAIL PROTECTED] wrote:
Actually, the straw-man system loops out. Sending a
new key encrypted under the old key does not move away
from the unicity distance, so the system has to send
another immediately, then another, then another
I suppose some systems would actually loop out, but this is no excuse for
systems that loop as a norm.
Is "natural lifetime" some property of a key?
So given systems for which computational security
cannot be determined, you can produce systems with the
same property.
One aspect of strength is surely having the rough equivalent of a long
unicity distance, but that concept may be fading. Nevertheless, being
able to use a key for a longer time because it can resist analysis
oflanger passages seems important.
--
Better to pardon hundreds of guilty people than execute one
that is innocent.
--
Subject: Re: My encryption system.
From: Paul Crowley [EMAIL PROTECTED]
Date: Tue, 20 Feb 2001 06:32:52 GMT
Boris Kazak [EMAIL PROTECTED] writes:
(P.S. If no-one else has what I have, does that make me King Cryppie???).
Time to set an appointment with a psychiatrist...
In this country, we don't take our kids to the shrink for being
adolescent...
("All I wanted was a Pepsi! But she wouldn't give it to me!")
--
__
\/ o\ [EMAIL PROTECTED]
/\__/ http://www.cluefactory.org.uk/paul/
--
From: Jan Kristian Haugland [EMAIL PROTECTED]
Crossposted-To: sci.math
Subject: Re: Given any arbitrary num
Cryptography-Digest Digest #720
Cryptography-Digest Digest #720, Volume #12 Tue, 19 Sep 00 20:13:00 EDT
Contents:
Re: Proper way to intro a new algorithm to sci.crypt? (Albert Yang)
Re: transformation completeness and avalanche effect (Andru Luvisi)
Re: Proper way to intro a new algorithm to sci.crypt? ("David C. Barber")
Sample RC4 plaintext/ciphertext ([EMAIL PROTECTED])
Re: Proper way to intro a new algorithm to sci.crypt? ("Paul Pires")
Re: RC4: Tradeoff key/initialization vector size? (Gregory G Rose)
Re: Sample RC4 plaintext/ciphertext ("Neal Bridges")
Re: A conjecture - thoughts? (Matthew Skala)
Re: "Secrets and Lies" at 50% off (Terry Ritter)
Re: Sample RC4 plaintext/ciphertext (Doug Stell)
Re: Proper way to intro a new algorithm to sci.crypt? (Albert Yang)
Re: ExCSS Source Code (Eric Smith)
Re: "Secrets and Lies" at 50% off (Alan J Rosenthal)
Re: CDMA tracking (was Re: GSM tracking) (Eric Smith)
Re: Proper way to intro a new algorithm to sci.crypt? ("David C. Barber")
Re: Quasi Algorithms / Quasi Functions and Polymorph Encryption [an (Mok-Kong Shen)
From: Albert Yang [EMAIL PROTECTED]
Subject: Re: Proper way to intro a new algorithm to sci.crypt?
Date: Tue, 19 Sep 2000 21:17:19 GMT
Paul Pires wrote:
snip
Miss-spell single syllable words, make unfounded and preposterous claims
and insult anyone who has a clue with reckless abandon.
When folks respond, insult them personally.
Seems to work.
Paul
I can handle the miss-spelling of single syllable words (do it all the
time), I can make unfounded and preposterous claims (took a marketing
class) I can insult anyone who has a clue with reckless abandonment
(I'm Chinese, it's innate!)
When folks respond, insult them personally. That's where I draw the
line, I'm chinese, not a democrat...
Thanks to those of you who sent me the FAQ.
Albert.
--
From: Andru Luvisi [EMAIL PROTECTED]
Subject: Re: transformation completeness and avalanche effect
Date: 19 Sep 2000 14:23:52 -0700
"Stanley" [EMAIL PROTECTED] writes:
Andru,
Could you explain why DES encryption = T(p XOR k) and decryption=U(c) XOR k?
T(x) = DES_ENCRYPT_WITH_ZERO_KEY(x)
U(x) = DES_DECRYPT_WITH_ZERO_KEY(x)
I was not proposing an attack on DES, I was using it to achieve
defusion in a weak algorithm which has avalanch but still stinks.
Andru
--
Andru Luvisi, Programmer/Analyst
--
From: "David C. Barber" [EMAIL PROTECTED]
Subject: Re: Proper way to intro a new algorithm to sci.crypt?
Date: Tue, 19 Sep 2000 14:37:54 -0700
Claim it's your very first cipher, and that it's Absolutely Unbreakable.
:^)
*David Barber*
"Albert Yang" [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]...
Can anybody give me a quick run-through of the proper way to introduce a
new algorithm to Sci.crypt?
I'd like to intro a new algorithm here that I just finished up.
Thanks.
Albert
--
From: [EMAIL PROTECTED]
Subject: Sample RC4 plaintext/ciphertext
Date: Tue, 19 Sep 2000 21:53:28 GMT
I recently coded an implementation of RC4 (based on info from the
Internet) - but want to ensure that it has been done right.
Could someone be kind enough to post/send a some sample data by which I
can verify the code. I don't use any salting - so all I would need is
some plaintext, and corresponding ciphertext and the key.
Thanks.
- Grank
Sent via Deja.com http://www.deja.com/
Before you buy.
--
From: "Paul Pires" [EMAIL PROTECTED]
Subject: Re: Proper way to intro a new algorithm to sci.crypt?
Date: Tue, 19 Sep 2000 15:01:35 -0700
Albert Yang [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]...
Paul Pires wrote:
snip
Miss-spell single syllable words, make unfounded and preposterous claims
and insult anyone who has a clue with reckless abandon.
When folks respond, insult them personally.
Seems to work.
Paul
I can handle the miss-spelling of single syllable words (do it all the
time), I can make unfounded and preposterous claims (took a marketing
class) I can insult anyone who has a clue with reckless abandonment
(I'm Chinese, it's innate!)
When folks respond, insult them personally. That's where I draw the
line, I'm chinese, not a democrat...
Ya got me :-)
Paul
Thanks to those of you who sent me the FAQ.
Albert.
--
From: [EMAIL PROTECTED] (Gregory G Rose)
Subject: Re: RC4: Tradeoff key/initialization vector size?
Date: 19 Sep 2000 15:15:05 -0700
In article [EMAIL PROTECTED],
Paul Rubin [EMAIL PROTECTED] wrote:
[EMAIL PROTECTED] writes:
It is far from clear that h
Cryptography-Digest Digest #720
Cryptography-Digest Digest #720, Volume #11 Sat, 6 May 00 21:13:01 EDT
Contents:
Re: quantum crypto breakthru? (Diet NSA)
Re: Crypto Export ("John E. Kuslich")
Re: quantum crypto breakthru? (Diet NSA)
Sunday Times 30/4/2000: "MI5 builds new centre to read e-mails on the net" (George
Edwards)
Re: KRYPTOS Something new ? ("John E. Kuslich")
Re: Crypto Export ("Adam Durana")
Re: Tempest Attacks with EMF Radiation ("Marty")
Re: GPS encryption turned off (Paul Schlyter)
Re: Fresco transmits my name (was: Spammed after just visiting a site) (jepler epler)
Re: Two basic questions (Mario Kenly)
Re: Crypto Export (Jerry Park)
Re: Deciphering Playfair (long) (Michael Jarrells)
Re: SBOX program using ideas from CA and ST (CAST design) (Terry Ritter)
Re: I saw this in /. and I thought of you (all) (Neil Padgett)
Re: Is this random? (Guy Macon)
Subject: Re: quantum crypto breakthru?
From: Diet NSA [EMAIL PROTECTED]
Date: Sat, 06 May 2000 15:15:44 -0700
In article
[EMAIL PROTECTED], Roger
[EMAIL PROTECTED] wrote:
And these new schemes combine QC with conventional crypto,
I assume?
It is possible to do it this way but it is
not required. See :
http://arxiv.org/abs/quant-ph/0001046
http://arxiv.org/abs/quant-ph/0003104
The proofs I've seen seem to all assume perfect equipment,
and are invalid if the equipment has the slightest flaws.
Under Shannon's definition, the OTP
(which is a basis for quantum crypto) has
been proven to be informationally secure.
In practice, though, OTPs have actually
been broken, and the security of quantum
crypto will, likewise, depend on the
quality of its implementation and use.
However, even if there are vulnerabilities
in a particular q.c. set-up, it may still be
impossible (at least using existing
technology) for a potential eavesdropper
to gain enough info. Yet, traditionally,
quantum key distribution protocols *are*
susceptible to MITM attacks. The first
paper I cited above, for example,
discusses a way to avoid the MITM
problem.
It is rumored (e.g., in Singh's book) that the NSA is
developing
quantum encrypted fiber optic networks for the Pentagon.
Could be misinformation. Or maybe they have excess funds in
their budget.
From funding patterns, the news, etc., it
does appear that the NSA is interested in
fiber optic networks and quantum crypto,
but I don't know if they are creating a
set-up for the Pentagon.
Can you give a cite for that amazing quote?
This is just a joke which I stole from the
TV show "Latenight with Conan O'Brien".
"If we do not prevent highly classified secrets from being stolen,
then how are we going to sell them to the Chinese?"
- Madeleine Albright (addressing recent thefts)
* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
The fastest and easiest way to search and participate in Usenet - Free!
--
From: "John E. Kuslich" [EMAIL PROTECTED]
Subject: Re: Crypto Export
Date: Sat, 6 May 2000 15:19:03 -0700
Ok, here is MY take on the subject for what it's worth:
THE REASON, and the ONLY reason the US government opposes export of strong
cryptography is because they (gov't agencies) are able to easily break
almost any cryptography at any time and those responsible for breaking those
codes want to foster the illusion that the government is afraid of popular
cryptographic programs like PGP in order to encourage their use.
The reasoning behind this conclusion is simple: None of the other
explanations I have heard make any sense whatsoever!
This would not be the first time the US government has used creative
misinformation in order to foster its goals. US history is rife with other
examples.
Remember Star Wars?? Total baloney designed to cause the Ruskies to spend
money beyond their means.
In a related matter, Leo Marks describes in his masterpiece "Between Silk
and Cyanide" how the British spies were told their main goal, even more
important than blowing up factories or airfields, was to cut telephone
lines. The reason, to cause the enemy to send enigma traffic over the
airwaves where it could be intercepted and read.
In this case, force the ignorant e-mail user to encrypt in his favorite
512bit elliptic curve frammis doobis public key reverse Sbox Fiestal gizmo
algorithm so the traffic can be easily read.
I know, I know. The idea is far out but no more ridiculous than the
"official" reasoning (you know, to prevent terrorists from having strong
crypto for crissake!!).
JK http://www.crak.com Password Recovery
Stou Sandalski tangui [EMAIL PROTECTED] wrote in message
news:RVvQ4.1276$[EMAIL PROTECTED]...
Well its almost the end of my school year (25days left) and in gove
Cryptography-Digest Digest #720
Cryptography-Digest Digest #720, Volume #10 Fri, 10 Dec 99 22:13:00 EST
Contents:
Re: Attacks on a PKI ("Lyal Collins")
Linear Congruential Generators ("Steven Alexander")
CDSA 1.2 specs (JCA)
Re: Linear Congruential Generators ("Tony T. Warnock")
Re: Random Numbers??? (Keith A Monahan)
Re: Linear Congruential Generators ("Steven Alexander")
Re: NSA future role? (Terry Ritter)
Re: Attacks on a PKI ([EMAIL PROTECTED])
Re: Attacks on a PKI ([EMAIL PROTECTED])
Re: If you're in Australia, the government has the ability to modify ("Douglas A.
Gwyn")
Re: Linear Congruential Generators ("Douglas A. Gwyn")
Re: If you're in Australia, the government has the ability to modify your files.
4.Dec.1999 ("Rick Braddam")
Anyone using Freedom 1.0 ? What are your thought? [nt] ([EMAIL PROTECTED])
Re: Linear Congruential Generators (David A Molnar)
Re: Attacks on a PKI (David A Molnar)
Re: Anyone using Freedom 1.0 ? What are your thought? [nt] (Steve K)
Questions about message digest functions (Pelle Evensen)
Re: Digitally signing an article in a paper journal ("rosi")
Re: Questions about message digest functions (Jim Gillogly)
Re: NSA should do a cryptoanalysis of AES ("Rick Braddam")
Re: If you're in Australia, the government has the ability to modify your files.
4.Dec.1999 ("Rick Braddam")
From: "Lyal Collins" [EMAIL PROTECTED]
Subject: Re: Attacks on a PKI
Date: Sat, 11 Dec 1999 09:30:23 +1100
- Replacing the Rooth CA key in everyone's clients
- Modifying clients to verifying against multiple Root CA's
- Storing private keys on an insecure workstation
- Using a password processed and verification on an insecure workstation to
permit private key use
- having to archive messages and signatures and certs in "average security"
databases (if the database record is later modified, the signature cannot be
re-verified, and the recipient loses a case, unless they can _prove_ their
database and systems admin is top notch for the entire period. The UK
Munden case is an example where a bank couldn't do this - for it's internal
reasons.
- the need for a highly secure CA and secure Client is approximately the
same effort required in a secret key scheme to keep both end points secure.
Not strictly on-topic, but an important cost consideration.
Most of this is paraphrasing stuff in the recent Schnier and Ellison paper -
but have always been obvious.
Lyal
[EMAIL PROTECTED] wrote in message 82qq8g$odp$[EMAIL PROTECTED]...
Having read much of the literature on PKI, it is fairly conclusive that
this whole PKI thing is an exploitation of people's ignorance.
I am currently compiling a list of attacks on a PKI, and if you know of
any then please post some.
David
Sent via Deja.com http://www.deja.com/
Before you buy.
--
From: "Steven Alexander" [EMAIL PROTECTED]
Subject: Linear Congruential Generators
Date: Fri, 10 Dec 1999 14:34:22 -0800
I was reading about LCG's in The Art of Computer Programming and have also
read briefly about them in Applied Cryptography. I was wondering if they
can be used to generate keys for a cryptographic algorithm with a new
approach. If you were using strong values for the multiplier and increment
value(so that it would iterate through all possible values of x) could you
seed the generator with user input? My idea was to generate 128-bit key by
the following:
Either
a) ask the user to enter 4 32-bit numbers
b) ask the user to type randomly and create 4 32-bit numbers by shift and
XOR
Then:
Use the generator numbers to seed four instances of the generator
Ask the user to specify a number of iterations
Use the values of x at the end of the last iteration as your key
I would love to hear any problems with this scheme and any suggestions for
an improvement of this method.
--
Steven Alexander
[EMAIL PROTECTED]
When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl.
--
From: JCA [EMAIL PROTECTED]
Subject: CDSA 1.2 specs
Date: Fri, 10 Dec 1999 14:21:29 -0800
Does anybody know where to get the CDSA 1.2 API specs in electronic
format? At Intel they only carry those for CDSA 2.0 these days.
--
From: "Tony T. Warnock" [EMAIL PROTECTED]
Subject: Re: Linear Congruential Generators
Date: Fri, 10 Dec 1999 15:46:56 -0700
Reply-To: [EMAIL PROTECTED]
Steven Alexander wrote:
I was reading about LCG's in The Art of Computer Programming and have also
read briefly about them in Applied Cryptography. I was wondering if they
can be used to generate keys for a cryptographic algorithm with a new
approach. If you were using st
Cryptography-Digest Digest #720
Cryptography-Digest Digest #720, Volume #9 Mon, 14 Jun 99 19:13:08 EDT
Contents:
Followup: OTP is it really ugly to use or not? (Cyba Nonymous)
Re: Cracking DES ([EMAIL PROTECTED])
Re: IDEA in "aplied cryptography" BRUCE SCHNEIER (John Savard)
Re: Generating Large Primes for ElGamal (Wei Dai)
Re: IDEA in "aplied cryptography" BRUCE SCHNEIER (James Pate Williams, Jr.)
Re: TEA vs Blowfish (Peter Gunn)
Re: huffman code length (Andras Erdei)
Book Usefulness Question (consalus)
Re: sbox design (Medical Electronics Lab)
Re: TEA vs Blowfish (David Wagner)
Re: OTP is it really ugly to use or not? ([EMAIL PROTECTED])
Re: IDEA in "aplied cryptography" BRUCE SCHNEIER (John Savard)
Re: OTP is it really ugly to use or not? ([EMAIL PROTECTED])
Re: Book Usefulness Question ("Steven Alexander")
Re: Followup: OTP is it really ugly to use or not? (Jim Gillogly)
Re: Is there a short digest for short messages? (Jerry Coffin)
Re: DES and BPANN (James Pate Williams, Jr.)
Re: Cracking DES ([EMAIL PROTECTED])
Re: Generating Large Primes for ElGamal ([EMAIL PROTECTED])
Date: 14 Jun 1999 16:38:48 -
From: Cyba Nonymous [EMAIL PROTECTED]
Subject: Followup: OTP is it really ugly to use or not?
Jim,
Thanks for taking the time to give me the benefit
of your knowledge.
I understand most of what you said but still can't
see how re-using bits in a random pad provided they
have been re-scrambled into another random pad
compromises the security of an OTP. In other words,
does the method I proposed really reuse "the pad"
or not?
That is the question. I don't think so. At least not
in the sense or in a way in which it can be used to
compromise the OTP. I maintain that all the derived
pads are different even though they are derived from
the same CD of random numbers.
No?
Let's say I have a CD with the following random
numbers:
E7 05 87 12 A1 63 BC 29 9A 32 ...
I want to encode the following message #1:
HELLO (48 45 4C 4C 4F)
I use codeword "A" to select bytes from the pad
using a formula based program and it gives me
offsets:
05 02 07 06 09
which yields a pad of:
(that for purposes of discussion is also random)
A1 05 BC 63 9A
I use this pad to encrypt "HELLO" using xor to:
E9 40 F0 2F D5
Now I want to encode a second message #2 which is:
GOODBYE (47 4F 4F 44 42 59 45)
I use codeword "B" to select bytes from the CD
with the program and it gives offsets:
06 01 08 0A 03 05 01
which yields a pad of:
63 E7 29 32 87 A1 E7
I use this pad to encrypt "GOODBYE" using xor to:
24 A8 66 76 E5 F8 A2
Ok now let's assume that the "source" instead of
being 10 numbers like in this example is a CD
full or better yet a DVD full, 8/16 GIG's worth,
and the selection program grabs a calculated mixed
subset of these bytes for the new pad that is
guaranteed to be randomly different for every
unique codeword.
I fail to see then how the security of either message
is compromised simply because I reused bytes from
the CD/DVD? It is not as if I reused the pad or even
a sequence from the pad but in essence what I did
was to generate another unique pad from an existing
pool of random numbers on the CD/DVD right?
Are these messages not secure as long as the codeword
is secure? I will even give you tha pad and the
formula and I bet you can't break it without the
codeword. Or, I'll give you the codeword but you
still can't break it without the pad and the formula.
Is it not true that the encrypted message
24 A8 66 76 E5 F8 A2
can be xor'd back to every possible 7 letter
phrase with some pad? It is obvious to me that
this is so. I can derive a pad to turn those
7 bytes into any message I want so how can anyone
ever know they have got the right answer? Just
because they get a plausible message does not mean
it is the correct message and I don't see how they
can learn anything unless a significant sequence
from the original pad is reused and that can be
prevented by the selection program.
Even granting the "theoretical" it must be's to
be an "absolute" unbreakable OTP in the math sense
which this method may not satisfy isn't this method
still extremely strong? I can't see how it can be
broken. It can't be brute forced, it can't be
factored and even if somehow a part of a message or
even an entire message became known it does not
compromise any other message. I think that is pretty
good.
Or, am I all wet? Come to think of it can't the
selection program be seen as a rng in its own right?
But one that produces numbers that can never be
reproduced by anyone not having the original CD?
Is that another way of looking at this perhaps?
If so then this can be quite useful in that from
say a 16 GIG DVD used as a source you can get perhaps
a lifetime of unique pads and only ever have to deliver
the "source&q
