Cryptography-Digest Digest #955
Cryptography-Digest Digest #955, Volume #13 Tue, 20 Mar 01 18:13:01 EST
Contents:
Re: OT: TV Licensing - final answer - sorry for xpost (Dave Howe)
Re: BBS ("Tom St Denis")
Re: Signing/Not signing posts (SCOTT19U.ZIP_GUY)
Re: [OT] Why Nazis are evil (David Schwartz)
Re: Am I allowed to put any encryption software of my own creation on my public ftp
site? (SCOTT19U.ZIP_GUY)
SBOX permutation for MD2 - how calculated? ([EMAIL PROTECTED])
Re: What the Hell...Here's what my system can do at it's best... (SCOTT19U.ZIP_GUY)
can't find the unix crypt(1) command these days (Dan Jacobson)
Re: Strong Primes ("Joseph Ashwood")
Re: [OT] Why Nazis are evil (SCOTT19U.ZIP_GUY)
Re: How to eliminate redondancy? (moving steadily towards being computer science
terminology) (SCOTT19U.ZIP_GUY)
Re: looking for "Crowds" (SCOTT19U.ZIP_GUY)
FBI book about Hanssen ("Douglas A. Gwyn")
Advice on storing private keys (Darryl Wagoner)
Re: Defining a cryptosystem as "broken" ("Joseph Ashwood")
Re: A future supercomputer ("JCA")
Re: How to eliminate redondancy? (moving steadily towards being computer science
terminology) ("Joseph Ashwood")
Re: Advice on storing private keys (Paul Rubin)
Re: Advice on storing private keys ("Joseph Ashwood")
From: Dave Howe [EMAIL PROTECTED]
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: OT: TV Licensing - final answer - sorry for xpost
Date: Tue, 20 Mar 2001 21:32:12 +
In our last episode (alt.security.pgp[19 Mar 2001 23:46:19 +0100]),
[EMAIL PROTECTED] (Paul Schlyter) said :
This sounds like urban mythology blurring a change of status with time.
I think the final "does" in that sentence should be "did".
Not sure about that - but at the time it was true.
In the days when people used TVs as computer monitors, there were no
exceptions to the law for such special cases. Later it was amended
to provide specific exemptions for using the TV as a video monitor.
nope, it was amended for them. a judge set a precedent for that one,
when it came in front of him for trial. unfortunately, the case was
worded quite tightly, so only "video devices for the playback of
pre-recorded videotapes" were included.
Wasn't the determining factor whether the TV could receive RF
signals? I.e. if you had a monitor with baseband input only, no
license was needed, but if the monitor also included a tuner so you
could actually receive TV transmissions, then a license was needed.
a tv used as a monitor is still a tv. a "monitor" monitor, with no PAL
support, did not require a licence. Most business computers had a true
monitor, most home machines at the time used a tv.
Liwewise, a license would be needed for a VCR if the VCR had an
integral tuner (as most VCR's do).
That was settled too - The judge was quite generous. Basically, the
licencing authority could disable the tuner for that video if they
wished, provided they could back out the change without damaging the
resale value of the video should the owner choose to upgrade. given
that all videos at the time required a co-axial plug inserting to pick
up broadcast tv, the licencing authority settled for placing a seal
over the socket, inspecting it once a year or so.
--== DaveHowe ( is at) Bigfoot dot com ==--
--
From: "Tom St Denis" [EMAIL PROTECTED]
Subject: Re: BBS
Date: Tue, 20 Mar 2001 21:37:06 GMT
"Simon Johnson" [EMAIL PROTECTED] wrote in message
news:998hfv$q54$[EMAIL PROTECTED]...
Dobs [EMAIL PROTECTED] wrote in message news:9862va$mqp$[EMAIL PROTECTED]...
I have a question. How should good Blum Blum Shub Generator looks like?
I
know that it needs 2 large prime numbers p and q. Should this generator
have
its own large prime number generator to generate new p and q each time
we
found our seed. Or it does not metter and I can for instance declare
that
p
is such and q is such.
If it needs generator can somebody tell me one wchich would be proper
for
BBS, I mean will generate large prime numbers:
Best Regards:)
Michal
a BBS looks like this:
x(i) = x(i-1)^2 mod pq - where p and q are primes, and are kept secret.
output = x(i) MOD 2^(log2(log2(pq)))
x(0) is what starts this process off and is the key.
There is also the alternate format (ala Knuth)
output = x(i) dot Mask
Where dot is the binary dot product. This method is slower but a little
more secure since more bits are used in each output. This is also slower...
Tom
--
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Signing/Not signing posts
Date: 20 Mar 2001 21:32:20 GMT
[EMAIL PROTECTED] (Darren New) wrote in [EMAIL PROTECTED]:
SCOTT19U.ZIP_GUY wrote:
You could make a PGP key in my name and
sig
Cryptography-Digest Digest #955
Cryptography-Digest Digest #955, Volume #12 Wed, 18 Oct 00 21:13:01 EDT
Contents:
Re: Is it trivial for NSA to crack these ciphers? ("Stephen M. Gardner")
Re: Is it trivial for NSA to crack these ciphers? ("Stephen M. Gardner")
Re: x509 (Bryan Olson)
Re: Is it trivial for NSA to crack these ciphers? ("Stephen M. Gardner")
Re: Is it trivial for NSA to crack these ciphers? ("Stephen M. Gardner")
Re: Is it trivial for NSA to crack these ciphers? ("Stephen M. Gardner")
Preliminaries on A. Plotnikov's P=NP paper (Stas Busygin)
Re: Why trust root CAs ? (Anne Lynn Wheeler)
Re: As I study Rinjdael... (Greggy)
Re: As I study Rinjdael... (Greggy)
Re: DNA encoding (glen herrmannsfeldt)
Re: x509 (Roger)
From: "Stephen M. Gardner" [EMAIL PROTECTED]
Subject: Re: Is it trivial for NSA to crack these ciphers?
Date: Wed, 18 Oct 2000 17:07:06 -0500
John Savard wrote:
Hence, it is quite possible it knows of ways to attack DES or Rijndael
that are beyond anything known to the public.
I find it extremely hard to believe that there are better academic attacks let
alone practical attacks against these codes that have somehow remained secret. How
many cryptographers do you think the NSA committed to the study of Rijndael? Do
you seriously think it was many more than were going for glory by attacking it when
it was an AES finalist? And now that it is the selection the prize is instant fame
and a phone ringing off the hook with press and job offers.
Whether what it knows is sufficient to effectively break these
algorithms is quite another matter, and there are sound reasons to
suspect that it might not. However, nothing is stopping people from
taking additional precautions.
Like I said, I doubt they are light years ahead in academic attacks let alone
practical attacks against well managed crypto policy using any of the AES
finalists.
--
Take a walk on the wild side: http://www.metronet.com/~gardner/
There is a road, no simple highway, between the dawn and the
dark of night. And if you go no one may follow. That path is
for your steps alone.
The Grateful Dead ("Ripple")
--
From: "Stephen M. Gardner" [EMAIL PROTECTED]
Subject: Re: Is it trivial for NSA to crack these ciphers?
Date: Wed, 18 Oct 2000 17:17:35 -0500
lcs Mixmaster Remailer wrote:
Aren't you forgetting the obvious fact that these "alphabet soup agencies" don't use
any of these ciphers to conceal data that is important to them?
Nope. NIH isn't just the acronym for the Nationa Institute of Health. ;-)
And overall, the U.S. government seems to have loosened up crypto restrictions.
Call this FUD if you want, but I find it hard to believe these controls were relaxed
because either:
A) The genie was already out of the bottle
B) American software companies were finally successful in convincing the government
that they were loosing business to overseas companies.
C) The original policy was just plain stupid, and the government changed to to look
smart(er).
Those reasons are precisely why it was done.
I suppose one could assert the "not invented here" philosophy as the primary reason
the government uses secret ciphers to contain secret data.
Yup. Besides, as many have pointed out, obscurity may not be a good bulwark but it
is another barrier.
But no one disputes that there are genuine cryptography experts at Ft. Meade that
believe their ciphers are the best and most secure in the world.
But are they so good that the open community can't even guess at the security of
the major AES contenders? I don't think so. Some folks here are pretty paranoid and
put alot of
faith in the government to be smarter than anyone else.
--
Take a walk on the wild side: http://www.metronet.com/~gardner/
There is a road, no simple highway, between the dawn and the
dark of night. And if you go no one may follow. That path is
for your steps alone.
The Grateful Dead ("Ripple")
--
From: Bryan Olson [EMAIL PROTECTED]
Subject: Re: x509
Date: Wed, 18 Oct 2000 22:13:19 GMT
David Wagner wrote:
Bryan Olson wrote:
[That is, why does the identifier of the signing algorithm
appear both inside and outside the data under the
signature?]
I've wondered about that. If anyone knows of some attack
defeated by identifying the signing algorithm inside the
signed message, please tell.
For now my theory is that whether the identifier is inside
or outside the signed data does not matter.
If I understand correctly, you're asking whether there is an
attack if the algorithm-identifier is not mentioned in the
signed part? The answer is Yes, there are attacks.
For instance, MD4 is almost broken. Suppose someone extends
Dobbertin'
Cryptography-Digest Digest #955
Cryptography-Digest Digest #955, Volume #11 Tue, 6 Jun 00 12:13:01 EDT
Contents:
Re: Some dumb questions (Mark Wooding)
Re: Question about recommended keysizes (768 bit RSA) (Bob Silverman)
Re: Question about recommended keysizes (768 bit RSA) (Bob Silverman)
Re: Statistics of occurences of prime number sequences in PRBG output as gauge of
"goodness" (Bob Silverman)
Re: Question about recommended keysizes (768 bit RSA) (DJohn37050)
Re: Statistics of occurences of prime number sequences in PRBG output as ("John A.
Malley")
Solution for file encryption / expiration? (Will Dormann)
Re: Good ways to test. (John)
Re: Good ways to test. (John)
Re: Statistics of occurences of prime number sequences in PRBG output as ("John A.
Malley")
Re: Quantum computers (JCA)
Re: Need "attack time" measurements on a toy cipher... (long) ("TheGPFguy")
Re: Solution for file encryption / expiration? (Mark Wooding)
Re: Need "attack time" measurements on a toy cipher... (long) ("TheGPFguy")
Re: Some citations (Mok-Kong Shen)
Re: Some dumb questions (Mok-Kong Shen)
Re: Could RC4 used to generate S-Boxes? ("T.Williams")
Re: Solution for file encryption / expiration? ("John E. Kuslich")
Re: Question about recommended keysizes (768 bit RSA) (Jerry Coffin)
Re: Concerning UK publishes "impossible" decryption law (Your Name)
Re: Favorite Cipher Contest Entry (Runu Knips)
From: [EMAIL PROTECTED] (Mark Wooding)
Subject: Re: Some dumb questions
Date: 6 Jun 2000 13:31:44 GMT
Mok-Kong Shen [EMAIL PROTECTED] wrote:
Volker Hetzer wrote:
You xor the two ciphertexts together and the keystream falls out.
What remains is a message encrypted with a decidedly nonrandom key.
Yes, you get the xor of two messages. But how to go further from
that point (there is no known plaintext whatever)?
If of the two messages is also random then you're left with an
intractable problem still -- you've reduced a not-quite-one-time pad to
a real one-time pad, which is a shame. Otherwise, if neither message is
random, you have some probability information about their combination,
which can help to adjust the probabilities for the individual messages.
-- [mdw]
--
From: Bob Silverman [EMAIL PROTECTED]
Crossposted-To: alt.privacy.anon-server,alt.security.pgp
Subject: Re: Question about recommended keysizes (768 bit RSA)
Date: Tue, 06 Jun 2000 13:40:29 GMT
In article [EMAIL PROTECTED],
Jerry Coffin [EMAIL PROTECTED] wrote:
In article 8hh40c$ktj$[EMAIL PROTECTED], [EMAIL PROTECTED] says...
You've got two possibilities: you can compare high-end machines then
to high-end machines now, or you can compare low-end machines then to
low-end machines now. You can NOT, however, get anything approaching
meaningful results by comparing a high-end machine then to a low-end
machine now (or vice versa).
The VAX was NOT a "high-end" machine in 1977. It simply happened to
be the first 32 bit machine built by DEC.
You want a "high-end" machine in 1977? Try the CDC-6600.
--
Bob Silverman
"You can lead a horse's ass to knowledge, but you can't make him think"
Sent via Deja.com http://www.deja.com/
Before you buy.
--
From: Bob Silverman [EMAIL PROTECTED]
Subject: Re: Question about recommended keysizes (768 bit RSA)
Date: Tue, 06 Jun 2000 13:45:30 GMT
In article 8hhcok$v4s$[EMAIL PROTECTED],
[EMAIL PROTECTED] (David A. Wagner) wrote:
In article [EMAIL PROTECTED],
Roger Schlafly [EMAIL PROTECTED] wrote:
It is not obvious to me why it a time estimate should be more
accurate than a space estimate.
One reason why it might be so is that many theoretical works consider
only the total complexity, and even then, in asymptotic form only.
We have real-world benchmarks!!! These are not "theoretical estimates".
--
Bob Silverman
"You can lead a horse's ass to knowledge, but you can't make him think"
Sent via Deja.com http://www.deja.com/
Before you buy.
--
From: Bob Silverman [EMAIL PROTECTED]
Subject: Re: Statistics of occurences of prime number sequences in PRBG output as
gauge of "goodness"
Date: Tue, 06 Jun 2000 13:51:09 GMT
In article [EMAIL PROTECTED],
"John A. Malley" [EMAIL PROTECTED] wrote:
snip
The keystream generator makes a
non repeating sequence of 2^m - 1 numbers. And phi(2^m) of those
numbers
are prime. Now there is no iterated or recursive mathematical function
that
generates all primes starting from a given input value.
FALSE.
Go read chapter 3 of Paulo Ribenboim's book
"The Book of Prime Number Records".
Such formulae and functions DO exist.
Just a hint as to where they come from:
Wilson's Theorem. Now imagine a
Cryptography-Digest Digest #955
Cryptography-Digest Digest #955, Volume #10 Sat, 22 Jan 00 16:13:02 EST
Contents:
Re: Beginners questions re-OTPs (Sandy Harris)
Re: from DEAL to ZEAL (David Wagner)
Re: MIRDEK: more fun with playing cards. (CLSV)
Re: Wagner et Al. (Jerry Coffin)
Re: Intel 810 chipset Random Number Generator (Scott Nelson)
Simple Equivalent keys in Serpent ([EMAIL PROTECTED])
Re: Does RSA use real prime ? (Jerry Coffin)
Re: MIRDEK: more fun with playing cards. ("r.e.s.")
Re: New Crypto Regulations (Jim)
Re: Intel 810 chipset Random Number Generator (Jerry Coffin)
Re: Does RSA use real prime ? (Tom St Denis)
Re: Transposition over ASCII-coded text (wtshaw)
Re: Combination of stream and block encryption techniques (Terry Ritter)
Re: NIST, AES at RSA conference (Terry Ritter)
Twofish question (ciphertext chaining) (Hans Petter Jansson)
Re: Transposition over ASCII-coded text ("Douglas A. Gwyn")
From: [EMAIL PROTECTED] (Sandy Harris)
Subject: Re: Beginners questions re-OTPs
Date: 22 Jan 2000 18:28:55 GMT
[EMAIL PROTECTED] (Douglas A. Gwyn) spake thus:
Bill wrote:
I'll rephrase the question, If you have message(s) that were
encrypted with a "supposed" OTP what methodology/statistical
analysis would be carried out to try and break it?
It's called "cryptanalysis" and cannot be boiled down to a simple
recipe. The sci.crypt FAQ contained pointers to tutorials on C/A
(last I looked). The classic textbooks are available from Aegean
Park Press.
There is a one time pad FAQ. It's by someone fairly well known
(Marcus Ranum? Weiste Venema?) and is quite good. Try a web search.
www.counterpane.com has a tutorial on cryptanalysis
Kahn's "The Codebreakers" has plenty of history and examples on the
classic code-breaking techniques, none of which work against a real
OTP, but several of which might aginst bogus ones.
A bogus "one-time pad" is equivalent to a stream cipher, a method of
generating a stream of bytes to XOR with the message. Some stream ciphers
are very secure. The ones designed by anyone clueless (or dishonest)
enough to call them OTPs are likely to be dreadfully weak. Try a web
search on "stream cipher cryptanalysis", or look at Schneier and Kahn's
indexes.
--
From: [EMAIL PROTECTED] (David Wagner)
Subject: Re: from DEAL to ZEAL
Date: 22 Jan 2000 10:28:57 -0800
Here is a small observation on ZEAL. One property which DEAL has, but
ZEAL apparently does not, is symmetry of encryption and decryption.
Symmetry makes implementation easier, but also has a slightly less
obvious impact on security: one can readily show that the security
against chosen-plaintext and chosen-ciphertext attacks is the same for
a symmetric cipher.
For an asymmetric cipher (which ZEAL appears to be?), one must look at the
chosen-plaintext attacks and the chosen-ciphertext attacks separately:
security against chosen-plaintext attacks does not necessarily imply
security against chosen-ciphertext attacks. This is a very minor point,
but maybe it is a small reason to prefer the Feistel networks (or to
alternate between complementary round types, as in Skipjack).
--
From: CLSV [EMAIL PROTECTED]
Subject: Re: MIRDEK: more fun with playing cards.
Date: Sat, 22 Jan 2000 18:34:07 +
Paul Crowley wrote:
CLSV [EMAIL PROTECTED] writes:
When you say "one time", you mean "once per message".
No, I mean just once before encrypted communication starts.
Could you be more explicit about how you then go on to encrypt more
than one message?
I can think of one way, which is simply to start the new message with
the state where you left off the old message, but this requires that
the recipient either receive all of your messages (unlikely) or at
least know how long they all were (OK if your recipient is decrypting
with a computer).
That would also give problems when you are
communicating with different people using the
same key. I was thinking about using special
start values of the pointers I and J as salt.
You can send them in the clear with the encrypted
message. I don't know how it affects security 'though.
However, the requirement that you carry this state around with you is
burdensome - with Mirdek, you can throw away your (sorted) pack of
cards at the border, buy a new pack in a new country, and start
encrypting again, all using only a memorised passphrase. There must
be ways to achieve this goal with an ARC4 variant.
Well ARC4 is not sacred to me in this context. One of
its problems is that it fails to make use of powerful
operations that can be done easily by hand and inefficiently
on a computer. E.g. swapping two cards by hand is as easy
as swapping two packs of twenty cards.
I'm enjoying this
thread a lot and grateful to all participants!)
Indeed,
Cryptography-Digest Digest #955
Cryptography-Digest Digest #955, Volume #9 Fri, 30 Jul 99 10:13:05 EDT
Contents:
Re: hush mail ([EMAIL PROTECTED])
Re: The Alphabetic Labyrinth ... and Voynich
Re: (Game) 80-digits Factoring Challenge (Kurt Foster)
Re: hush mail ([EMAIL PROTECTED])
Re: (Game) 80-digits Factoring Challenge (don mcdonald)
Re: cryptography tutorials
Re: Bad Test of Steve Reid's SHA1 ("dlk")
Re: Cryptonomicon - low priority posting (Wolf)
Re: OTP export controlled? (Isaac)
Re: Modified Vigenere cipher (typo correction) ("Douglas A. Gwyn")
Re: CSS/DVD Scrambler ([EMAIL PROTECTED])
speech scrambling (David Enchelmaier)
Re: OTP export controlled? (W.G. Unruh)
Re: Anyone knows where to get original encryption source code? (W.G. Unruh)
Re: Prime numbers wanted (W.G. Unruh)
Re: How Big is a Byte? (was: New Encryption Product!) ([EMAIL PROTECTED])
Re: How Big is a Byte? (was: New Encryption Product!) ([EMAIL PROTECTED])
Re: How Big is a Byte? (was: New Encryption Product!) ([EMAIL PROTECTED])
Re: Prime numbers wanted ([EMAIL PROTECTED])
Re: Virtual Matrix Encryption ([EMAIL PROTECTED])
I improved the layout of my Compression Page take a look (SCOTT19U.ZIP_GUY)
Re: Virtual Matrix Encryption (SCOTT19U.ZIP_GUY)
Re: How Big is a Byte? (was: New Encryption Product!) (Patrick Juola)
From: [EMAIL PROTECTED]
Crossposted-To: alt.security.pgp,alt.privacy,alt.security.keydist
Subject: Re: hush mail
Date: Fri, 30 Jul 1999 03:53:28 GMT
Yeah, yeah, like that.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
--
From: [EMAIL PROTECTED] ()
Subject: Re: The Alphabetic Labyrinth ... and Voynich
Date: 30 Jul 99 04:02:07 GMT
Douglas A. Gwyn ([EMAIL PROTECTED]) wrote:
: It's inexcusably poor scholarship.
Having dug up my copy of The Codebreakers, I'll have to admit that she was
very definitely wrong.
Perhaps she was misled by the success of "The Feminated and the
Vein-Laden", a gritty war novel that marked the debut of author Viking
Armourer...
John Savard
--
From: Kurt Foster [EMAIL PROTECTED]
Crossposted-To: sci.math
Subject: Re: (Game) 80-digits Factoring Challenge
Date: 30 Jul 1999 04:08:44 GMT
In sci.math Dann Corbit [EMAIL PROTECTED] wrote:
. But I echo Bob Silverman's question: "Why should I want to factor this
. number when I can just as easily come up with a similar value that would
. be tough to factor?" Is it a Charmichael number? Some other type of
. special pseudo-prime? What brings this number to the fore as opposed to
. some other?
I must concur with the questions. After all, that number could be
"interesting" because it's the modulus for somebody else's encryption
scheme or something like that.
If a Carmichael number N were detected as composite by Rabin-Miller, I
think you'd have factors in hand.
--
From: [EMAIL PROTECTED]
Crossposted-To: alt.security.pgp,alt.privacy,alt.security.keydist
Subject: Re: hush mail
Date: Fri, 30 Jul 1999 03:53:34 GMT
Yeah, yeah, like that.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
--
Crossposted-To: sci.math
Date: Fri, 30 Jul 1999 16:49:27 +1200
From: don mcdonald [EMAIL PROTECTED]
Reply-To: Don McDonald [EMAIL PROTECTED]
Subject: Re: (Game) 80-digits Factoring Challenge
On 29 Jul 1999, Foghorn Leghorn wrote:
Date: 29 Jul 1999 21:00:51 -0500
From: Foghorn Leghorn [EMAIL PROTECTED]
Newsgroups: sci.crypt, sci.math
Subject: Re: (Game) 80-digits Factoring Challenge
On Fri, 30 Jul 1999 09:20:23 +1000, "Greg Keogh"
[EMAIL PROTECTED]
wrote:
So it's not a prime(?!) I'm not quite sure how Mathematica determines this,
I think it uses the Miller-Rabin test, and I suspect that the test hasn't
been validated for numbers of this magnitude. Any general comments on this
would be most welcome.
Proving that a large number is prime can be a challenge, but you can
trust Mathematica when it says that the number is composite.
If n is the given number, we can quickly compute 2 to the n-1 modulo
n, and since the result is not 1, it follows that n is definitely
composite. In Mathematica, you can type
PowerMod[2,n-1,n]
to run the (weak) probable prime test for base 2. The theory for this
is Fermat's Little Theorem, which says that if p is prime and a is not
divisible by p, then a^(p-1) is congruent to 1 modulo p.
Foghorn Leghorn
[EMAIL PROTECTED]
How do I calculate the powermod function in PARI-gp research calc.?
Please. I have Acorn UK 1993 compter 2 MB RAM, thanks. Anyone?
/ don. (loto)
--
don.mcdonald | lot-to-it adviser + maths | rslts / 640 pers'lised # $5-
Pg. 329 W'ellington 2, new zealand | call mdr +64( 4) 389 6820.
formerly [EMAIL PRO
Cryptography-Digest Digest #955
Cryptography-Digest Digest #955, Volume #8 Sat, 23 Jan 99 15:13:03 EST
Contents:
Re: Metaphysics Of Randomness (Alan DeKok)
Re: Cryptanalysis of Simple Block Ciphers ("Trevor Jackson, III")
Re: S-box cycles (David Hamilton)
Re: Who will win in AES contest ?? (Paul Crowley)
Re: Pentium III... (fungus)
Re: Pentium III... (Daniel James)
Re: Who will win in AES contest ?? (Fabrice Noilhan)
Nulls, Part IV (wtshaw)
The Performance of Meet-in-the-Middle ([EMAIL PROTECTED])
Re: Cryptanalysis of Simple Block Ciphers (James Pate Williams, Jr.)
Can anyone offer opinions on TEA, XTEA? (Thomas A. Oehser)
Re: Cryptanalysis of Simple Block Ciphers (James Pate Williams, Jr.)
From: [EMAIL PROTECTED] (Alan DeKok)
Subject: Re: Metaphysics Of Randomness
Date: 23 Jan 1999 10:31:17 -0500
In article [EMAIL PROTECTED], Boson [EMAIL PROTECTED] wrote:
Your over-use of the adjective "true" is a gradeschool error. Next we
will need super-duper random number generators: SDRNG. Then Ultra-Pure
Random Number Generators: UPRNG.
This sort of frothing at the mouth only shows how little you
understand of the topic.
If I gave you two sequences, could you clasify them as coming from a RNG
vs. a TRNG? No.
Sorry, the true answer is "Very often, yes."
A random number generator produces random sequences of
numbers.
"apparently random" sequences, perhaps.
There are different classes of random number generators:
True, Pseudo, and Cryptographically secure. (To name a few).
These have different properties and different biases. These biases
often allow you to tell a PRNG from a TRNG.
If you have to puff yourself up like an insecure simpleton by
adding "true" to it, then you are uselessly posting immense amounts of
crap. Or to use your notation, true crap.
A 'True' RNG generates random numbers via *observational* methods.
e.g. Watching decays from a radioactive source.
A 'Pseudo' RNG generates random numbers via an *algorithm*. The
simpler the algorithm, the more biased the random numbers.
A 'Cryptographically secure' RNG generates random numbers via a
*non-deterministic* algorithm. The output of any one generator is
unpredictable even knowing the algorithm and all initial conditions.
Alan DeKok.
--
Date: Sat, 23 Jan 1999 13:00:11 -0500
From: "Trevor Jackson, III" [EMAIL PROTECTED]
Subject: Re: Cryptanalysis of Simple Block Ciphers
James Pate Williams, Jr. wrote:
I am using a genetic algorithm (steady-state uniform crossover
mutation rate of 10%) to find the key to the simple n-bit xor
block cipher (C = P xor K) using a single known plaintext. This
is just to test the applicability of GAs to simple block ciphers.
I realize that with P and C known it is simple matter to calculate
K (K = P xor C since P xor P = 0 and 0 xor K = K), however,
I am using a GA to "intelligently" search the key space. The
preliminary results do not look very promising since the number
of keys correctly found tends to decrease exponentially with
increased block size. Does anyone have any simple 8-bit
block ciphers that are marginally (or perhaps) better than the
simple xor cipher, if so, then please post them here or get in
contact with me at the following e-mail address, I will share
the code I generate from the algorithm and also I am willing
to share my xor GA.
I think the whole GA is more than necessary. I'd be interested in your
fitness function and the theory behind it. How do you make is
algorithm-independent without exponential evaluation costs?
--
From: [EMAIL PROTECTED] (David Hamilton)
Subject: Re: S-box cycles
Date: Sat, 23 Jan 1999 18:10:39 GMT
=BEGIN PGP SIGNED MESSAGE=
[EMAIL PROTECTED] wrote:
(snip)
You end up with the identity transform
which even some one with no brains like Hamilton would condsider
weak.
It doesn't take brains to ask David A. Scott the 6 questions on cryptography
that he is afraid to answer. It may well take brains to answer some of them
though ... no answers yet.
(See message-ID: [EMAIL PROTECTED] in the thread 'Re: What
is better : Blowfish, Des, Tripple-Des' posted in sci.crypt on 13th January
for the half a dozen quesions.)
David Hamilton. Only I give the right to read what I write and PGP allows me
to make that choice. Use PGP now.
I have revoked 2048 bit RSA key ID 0x40F703B9. Please do not use. Do use:-
2048bit rsa ID=0xFA412179 Fp=08DE A9CB D8D8 B282 FA14 58F6 69CE D32D
4096bit dh ID=0xA07AEA5E Fp=28BA 9E4C CA47 09C3 7B8A CE14 36F3 3560 A07A EA5E
Both keys dated 1998/04/08 with sole UserID=[EMAIL PROTECTED]
=BEGIN PGP SIGNATURE=
Version: PGPfreeware 5.5.3i for non-commercial use http://www.pgpi.com
Comment: Signed with RSA 2048 bit key
iQEVAwUBNqn+d8o1RmX6QSF5
