Cryptography-Digest Digest #955
Cryptography-Digest Digest #955, Volume #13 Tue, 20 Mar 01 18:13:01 EST Contents: Re: OT: TV Licensing - final answer - sorry for xpost (Dave Howe) Re: BBS ("Tom St Denis") Re: Signing/Not signing posts (SCOTT19U.ZIP_GUY) Re: [OT] Why Nazis are evil (David Schwartz) Re: Am I allowed to put any encryption software of my own creation on my public ftp site? (SCOTT19U.ZIP_GUY) SBOX permutation for MD2 - how calculated? ([EMAIL PROTECTED]) Re: What the Hell...Here's what my system can do at it's best... (SCOTT19U.ZIP_GUY) can't find the unix crypt(1) command these days (Dan Jacobson) Re: Strong Primes ("Joseph Ashwood") Re: [OT] Why Nazis are evil (SCOTT19U.ZIP_GUY) Re: How to eliminate redondancy? (moving steadily towards being computer science terminology) (SCOTT19U.ZIP_GUY) Re: looking for "Crowds" (SCOTT19U.ZIP_GUY) FBI book about Hanssen ("Douglas A. Gwyn") Advice on storing private keys (Darryl Wagoner) Re: Defining a cryptosystem as "broken" ("Joseph Ashwood") Re: A future supercomputer ("JCA") Re: How to eliminate redondancy? (moving steadily towards being computer science terminology) ("Joseph Ashwood") Re: Advice on storing private keys (Paul Rubin) Re: Advice on storing private keys ("Joseph Ashwood") From: Dave Howe [EMAIL PROTECTED] Crossposted-To: alt.security.pgp,talk.politics.crypto Subject: Re: OT: TV Licensing - final answer - sorry for xpost Date: Tue, 20 Mar 2001 21:32:12 + In our last episode (alt.security.pgp[19 Mar 2001 23:46:19 +0100]), [EMAIL PROTECTED] (Paul Schlyter) said : This sounds like urban mythology blurring a change of status with time. I think the final "does" in that sentence should be "did". Not sure about that - but at the time it was true. In the days when people used TVs as computer monitors, there were no exceptions to the law for such special cases. Later it was amended to provide specific exemptions for using the TV as a video monitor. nope, it was amended for them. a judge set a precedent for that one, when it came in front of him for trial. unfortunately, the case was worded quite tightly, so only "video devices for the playback of pre-recorded videotapes" were included. Wasn't the determining factor whether the TV could receive RF signals? I.e. if you had a monitor with baseband input only, no license was needed, but if the monitor also included a tuner so you could actually receive TV transmissions, then a license was needed. a tv used as a monitor is still a tv. a "monitor" monitor, with no PAL support, did not require a licence. Most business computers had a true monitor, most home machines at the time used a tv. Liwewise, a license would be needed for a VCR if the VCR had an integral tuner (as most VCR's do). That was settled too - The judge was quite generous. Basically, the licencing authority could disable the tuner for that video if they wished, provided they could back out the change without damaging the resale value of the video should the owner choose to upgrade. given that all videos at the time required a co-axial plug inserting to pick up broadcast tv, the licencing authority settled for placing a seal over the socket, inspecting it once a year or so. --== DaveHowe ( is at) Bigfoot dot com ==-- -- From: "Tom St Denis" [EMAIL PROTECTED] Subject: Re: BBS Date: Tue, 20 Mar 2001 21:37:06 GMT "Simon Johnson" [EMAIL PROTECTED] wrote in message news:998hfv$q54$[EMAIL PROTECTED]... Dobs [EMAIL PROTECTED] wrote in message news:9862va$mqp$[EMAIL PROTECTED]... I have a question. How should good Blum Blum Shub Generator looks like? I know that it needs 2 large prime numbers p and q. Should this generator have its own large prime number generator to generate new p and q each time we found our seed. Or it does not metter and I can for instance declare that p is such and q is such. If it needs generator can somebody tell me one wchich would be proper for BBS, I mean will generate large prime numbers: Best Regards:) Michal a BBS looks like this: x(i) = x(i-1)^2 mod pq - where p and q are primes, and are kept secret. output = x(i) MOD 2^(log2(log2(pq))) x(0) is what starts this process off and is the key. There is also the alternate format (ala Knuth) output = x(i) dot Mask Where dot is the binary dot product. This method is slower but a little more secure since more bits are used in each output. This is also slower... Tom -- From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) Subject: Re: Signing/Not signing posts Date: 20 Mar 2001 21:32:20 GMT [EMAIL PROTECTED] (Darren New) wrote in [EMAIL PROTECTED]: SCOTT19U.ZIP_GUY wrote: You could make a PGP key in my name and sig
Cryptography-Digest Digest #955
Cryptography-Digest Digest #955, Volume #12 Wed, 18 Oct 00 21:13:01 EDT Contents: Re: Is it trivial for NSA to crack these ciphers? ("Stephen M. Gardner") Re: Is it trivial for NSA to crack these ciphers? ("Stephen M. Gardner") Re: x509 (Bryan Olson) Re: Is it trivial for NSA to crack these ciphers? ("Stephen M. Gardner") Re: Is it trivial for NSA to crack these ciphers? ("Stephen M. Gardner") Re: Is it trivial for NSA to crack these ciphers? ("Stephen M. Gardner") Preliminaries on A. Plotnikov's P=NP paper (Stas Busygin) Re: Why trust root CAs ? (Anne Lynn Wheeler) Re: As I study Rinjdael... (Greggy) Re: As I study Rinjdael... (Greggy) Re: DNA encoding (glen herrmannsfeldt) Re: x509 (Roger) From: "Stephen M. Gardner" [EMAIL PROTECTED] Subject: Re: Is it trivial for NSA to crack these ciphers? Date: Wed, 18 Oct 2000 17:07:06 -0500 John Savard wrote: Hence, it is quite possible it knows of ways to attack DES or Rijndael that are beyond anything known to the public. I find it extremely hard to believe that there are better academic attacks let alone practical attacks against these codes that have somehow remained secret. How many cryptographers do you think the NSA committed to the study of Rijndael? Do you seriously think it was many more than were going for glory by attacking it when it was an AES finalist? And now that it is the selection the prize is instant fame and a phone ringing off the hook with press and job offers. Whether what it knows is sufficient to effectively break these algorithms is quite another matter, and there are sound reasons to suspect that it might not. However, nothing is stopping people from taking additional precautions. Like I said, I doubt they are light years ahead in academic attacks let alone practical attacks against well managed crypto policy using any of the AES finalists. -- Take a walk on the wild side: http://www.metronet.com/~gardner/ There is a road, no simple highway, between the dawn and the dark of night. And if you go no one may follow. That path is for your steps alone. The Grateful Dead ("Ripple") -- From: "Stephen M. Gardner" [EMAIL PROTECTED] Subject: Re: Is it trivial for NSA to crack these ciphers? Date: Wed, 18 Oct 2000 17:17:35 -0500 lcs Mixmaster Remailer wrote: Aren't you forgetting the obvious fact that these "alphabet soup agencies" don't use any of these ciphers to conceal data that is important to them? Nope. NIH isn't just the acronym for the Nationa Institute of Health. ;-) And overall, the U.S. government seems to have loosened up crypto restrictions. Call this FUD if you want, but I find it hard to believe these controls were relaxed because either: A) The genie was already out of the bottle B) American software companies were finally successful in convincing the government that they were loosing business to overseas companies. C) The original policy was just plain stupid, and the government changed to to look smart(er). Those reasons are precisely why it was done. I suppose one could assert the "not invented here" philosophy as the primary reason the government uses secret ciphers to contain secret data. Yup. Besides, as many have pointed out, obscurity may not be a good bulwark but it is another barrier. But no one disputes that there are genuine cryptography experts at Ft. Meade that believe their ciphers are the best and most secure in the world. But are they so good that the open community can't even guess at the security of the major AES contenders? I don't think so. Some folks here are pretty paranoid and put alot of faith in the government to be smarter than anyone else. -- Take a walk on the wild side: http://www.metronet.com/~gardner/ There is a road, no simple highway, between the dawn and the dark of night. And if you go no one may follow. That path is for your steps alone. The Grateful Dead ("Ripple") -- From: Bryan Olson [EMAIL PROTECTED] Subject: Re: x509 Date: Wed, 18 Oct 2000 22:13:19 GMT David Wagner wrote: Bryan Olson wrote: [That is, why does the identifier of the signing algorithm appear both inside and outside the data under the signature?] I've wondered about that. If anyone knows of some attack defeated by identifying the signing algorithm inside the signed message, please tell. For now my theory is that whether the identifier is inside or outside the signed data does not matter. If I understand correctly, you're asking whether there is an attack if the algorithm-identifier is not mentioned in the signed part? The answer is Yes, there are attacks. For instance, MD4 is almost broken. Suppose someone extends Dobbertin'
Cryptography-Digest Digest #955
Cryptography-Digest Digest #955, Volume #11 Tue, 6 Jun 00 12:13:01 EDT Contents: Re: Some dumb questions (Mark Wooding) Re: Question about recommended keysizes (768 bit RSA) (Bob Silverman) Re: Question about recommended keysizes (768 bit RSA) (Bob Silverman) Re: Statistics of occurences of prime number sequences in PRBG output as gauge of "goodness" (Bob Silverman) Re: Question about recommended keysizes (768 bit RSA) (DJohn37050) Re: Statistics of occurences of prime number sequences in PRBG output as ("John A. Malley") Solution for file encryption / expiration? (Will Dormann) Re: Good ways to test. (John) Re: Good ways to test. (John) Re: Statistics of occurences of prime number sequences in PRBG output as ("John A. Malley") Re: Quantum computers (JCA) Re: Need "attack time" measurements on a toy cipher... (long) ("TheGPFguy") Re: Solution for file encryption / expiration? (Mark Wooding) Re: Need "attack time" measurements on a toy cipher... (long) ("TheGPFguy") Re: Some citations (Mok-Kong Shen) Re: Some dumb questions (Mok-Kong Shen) Re: Could RC4 used to generate S-Boxes? ("T.Williams") Re: Solution for file encryption / expiration? ("John E. Kuslich") Re: Question about recommended keysizes (768 bit RSA) (Jerry Coffin) Re: Concerning UK publishes "impossible" decryption law (Your Name) Re: Favorite Cipher Contest Entry (Runu Knips) From: [EMAIL PROTECTED] (Mark Wooding) Subject: Re: Some dumb questions Date: 6 Jun 2000 13:31:44 GMT Mok-Kong Shen [EMAIL PROTECTED] wrote: Volker Hetzer wrote: You xor the two ciphertexts together and the keystream falls out. What remains is a message encrypted with a decidedly nonrandom key. Yes, you get the xor of two messages. But how to go further from that point (there is no known plaintext whatever)? If of the two messages is also random then you're left with an intractable problem still -- you've reduced a not-quite-one-time pad to a real one-time pad, which is a shame. Otherwise, if neither message is random, you have some probability information about their combination, which can help to adjust the probabilities for the individual messages. -- [mdw] -- From: Bob Silverman [EMAIL PROTECTED] Crossposted-To: alt.privacy.anon-server,alt.security.pgp Subject: Re: Question about recommended keysizes (768 bit RSA) Date: Tue, 06 Jun 2000 13:40:29 GMT In article [EMAIL PROTECTED], Jerry Coffin [EMAIL PROTECTED] wrote: In article 8hh40c$ktj$[EMAIL PROTECTED], [EMAIL PROTECTED] says... You've got two possibilities: you can compare high-end machines then to high-end machines now, or you can compare low-end machines then to low-end machines now. You can NOT, however, get anything approaching meaningful results by comparing a high-end machine then to a low-end machine now (or vice versa). The VAX was NOT a "high-end" machine in 1977. It simply happened to be the first 32 bit machine built by DEC. You want a "high-end" machine in 1977? Try the CDC-6600. -- Bob Silverman "You can lead a horse's ass to knowledge, but you can't make him think" Sent via Deja.com http://www.deja.com/ Before you buy. -- From: Bob Silverman [EMAIL PROTECTED] Subject: Re: Question about recommended keysizes (768 bit RSA) Date: Tue, 06 Jun 2000 13:45:30 GMT In article 8hhcok$v4s$[EMAIL PROTECTED], [EMAIL PROTECTED] (David A. Wagner) wrote: In article [EMAIL PROTECTED], Roger Schlafly [EMAIL PROTECTED] wrote: It is not obvious to me why it a time estimate should be more accurate than a space estimate. One reason why it might be so is that many theoretical works consider only the total complexity, and even then, in asymptotic form only. We have real-world benchmarks!!! These are not "theoretical estimates". -- Bob Silverman "You can lead a horse's ass to knowledge, but you can't make him think" Sent via Deja.com http://www.deja.com/ Before you buy. -- From: Bob Silverman [EMAIL PROTECTED] Subject: Re: Statistics of occurences of prime number sequences in PRBG output as gauge of "goodness" Date: Tue, 06 Jun 2000 13:51:09 GMT In article [EMAIL PROTECTED], "John A. Malley" [EMAIL PROTECTED] wrote: snip The keystream generator makes a non repeating sequence of 2^m - 1 numbers. And phi(2^m) of those numbers are prime. Now there is no iterated or recursive mathematical function that generates all primes starting from a given input value. FALSE. Go read chapter 3 of Paulo Ribenboim's book "The Book of Prime Number Records". Such formulae and functions DO exist. Just a hint as to where they come from: Wilson's Theorem. Now imagine a
Cryptography-Digest Digest #955
Cryptography-Digest Digest #955, Volume #10 Sat, 22 Jan 00 16:13:02 EST Contents: Re: Beginners questions re-OTPs (Sandy Harris) Re: from DEAL to ZEAL (David Wagner) Re: MIRDEK: more fun with playing cards. (CLSV) Re: Wagner et Al. (Jerry Coffin) Re: Intel 810 chipset Random Number Generator (Scott Nelson) Simple Equivalent keys in Serpent ([EMAIL PROTECTED]) Re: Does RSA use real prime ? (Jerry Coffin) Re: MIRDEK: more fun with playing cards. ("r.e.s.") Re: New Crypto Regulations (Jim) Re: Intel 810 chipset Random Number Generator (Jerry Coffin) Re: Does RSA use real prime ? (Tom St Denis) Re: Transposition over ASCII-coded text (wtshaw) Re: Combination of stream and block encryption techniques (Terry Ritter) Re: NIST, AES at RSA conference (Terry Ritter) Twofish question (ciphertext chaining) (Hans Petter Jansson) Re: Transposition over ASCII-coded text ("Douglas A. Gwyn") From: [EMAIL PROTECTED] (Sandy Harris) Subject: Re: Beginners questions re-OTPs Date: 22 Jan 2000 18:28:55 GMT [EMAIL PROTECTED] (Douglas A. Gwyn) spake thus: Bill wrote: I'll rephrase the question, If you have message(s) that were encrypted with a "supposed" OTP what methodology/statistical analysis would be carried out to try and break it? It's called "cryptanalysis" and cannot be boiled down to a simple recipe. The sci.crypt FAQ contained pointers to tutorials on C/A (last I looked). The classic textbooks are available from Aegean Park Press. There is a one time pad FAQ. It's by someone fairly well known (Marcus Ranum? Weiste Venema?) and is quite good. Try a web search. www.counterpane.com has a tutorial on cryptanalysis Kahn's "The Codebreakers" has plenty of history and examples on the classic code-breaking techniques, none of which work against a real OTP, but several of which might aginst bogus ones. A bogus "one-time pad" is equivalent to a stream cipher, a method of generating a stream of bytes to XOR with the message. Some stream ciphers are very secure. The ones designed by anyone clueless (or dishonest) enough to call them OTPs are likely to be dreadfully weak. Try a web search on "stream cipher cryptanalysis", or look at Schneier and Kahn's indexes. -- From: [EMAIL PROTECTED] (David Wagner) Subject: Re: from DEAL to ZEAL Date: 22 Jan 2000 10:28:57 -0800 Here is a small observation on ZEAL. One property which DEAL has, but ZEAL apparently does not, is symmetry of encryption and decryption. Symmetry makes implementation easier, but also has a slightly less obvious impact on security: one can readily show that the security against chosen-plaintext and chosen-ciphertext attacks is the same for a symmetric cipher. For an asymmetric cipher (which ZEAL appears to be?), one must look at the chosen-plaintext attacks and the chosen-ciphertext attacks separately: security against chosen-plaintext attacks does not necessarily imply security against chosen-ciphertext attacks. This is a very minor point, but maybe it is a small reason to prefer the Feistel networks (or to alternate between complementary round types, as in Skipjack). -- From: CLSV [EMAIL PROTECTED] Subject: Re: MIRDEK: more fun with playing cards. Date: Sat, 22 Jan 2000 18:34:07 + Paul Crowley wrote: CLSV [EMAIL PROTECTED] writes: When you say "one time", you mean "once per message". No, I mean just once before encrypted communication starts. Could you be more explicit about how you then go on to encrypt more than one message? I can think of one way, which is simply to start the new message with the state where you left off the old message, but this requires that the recipient either receive all of your messages (unlikely) or at least know how long they all were (OK if your recipient is decrypting with a computer). That would also give problems when you are communicating with different people using the same key. I was thinking about using special start values of the pointers I and J as salt. You can send them in the clear with the encrypted message. I don't know how it affects security 'though. However, the requirement that you carry this state around with you is burdensome - with Mirdek, you can throw away your (sorted) pack of cards at the border, buy a new pack in a new country, and start encrypting again, all using only a memorised passphrase. There must be ways to achieve this goal with an ARC4 variant. Well ARC4 is not sacred to me in this context. One of its problems is that it fails to make use of powerful operations that can be done easily by hand and inefficiently on a computer. E.g. swapping two cards by hand is as easy as swapping two packs of twenty cards. I'm enjoying this thread a lot and grateful to all participants!) Indeed,
Cryptography-Digest Digest #955
Cryptography-Digest Digest #955, Volume #9 Fri, 30 Jul 99 10:13:05 EDT Contents: Re: hush mail ([EMAIL PROTECTED]) Re: The Alphabetic Labyrinth ... and Voynich Re: (Game) 80-digits Factoring Challenge (Kurt Foster) Re: hush mail ([EMAIL PROTECTED]) Re: (Game) 80-digits Factoring Challenge (don mcdonald) Re: cryptography tutorials Re: Bad Test of Steve Reid's SHA1 ("dlk") Re: Cryptonomicon - low priority posting (Wolf) Re: OTP export controlled? (Isaac) Re: Modified Vigenere cipher (typo correction) ("Douglas A. Gwyn") Re: CSS/DVD Scrambler ([EMAIL PROTECTED]) speech scrambling (David Enchelmaier) Re: OTP export controlled? (W.G. Unruh) Re: Anyone knows where to get original encryption source code? (W.G. Unruh) Re: Prime numbers wanted (W.G. Unruh) Re: How Big is a Byte? (was: New Encryption Product!) ([EMAIL PROTECTED]) Re: How Big is a Byte? (was: New Encryption Product!) ([EMAIL PROTECTED]) Re: How Big is a Byte? (was: New Encryption Product!) ([EMAIL PROTECTED]) Re: Prime numbers wanted ([EMAIL PROTECTED]) Re: Virtual Matrix Encryption ([EMAIL PROTECTED]) I improved the layout of my Compression Page take a look (SCOTT19U.ZIP_GUY) Re: Virtual Matrix Encryption (SCOTT19U.ZIP_GUY) Re: How Big is a Byte? (was: New Encryption Product!) (Patrick Juola) From: [EMAIL PROTECTED] Crossposted-To: alt.security.pgp,alt.privacy,alt.security.keydist Subject: Re: hush mail Date: Fri, 30 Jul 1999 03:53:28 GMT Yeah, yeah, like that. Sent via Deja.com http://www.deja.com/ Share what you know. Learn what you don't. -- From: [EMAIL PROTECTED] () Subject: Re: The Alphabetic Labyrinth ... and Voynich Date: 30 Jul 99 04:02:07 GMT Douglas A. Gwyn ([EMAIL PROTECTED]) wrote: : It's inexcusably poor scholarship. Having dug up my copy of The Codebreakers, I'll have to admit that she was very definitely wrong. Perhaps she was misled by the success of "The Feminated and the Vein-Laden", a gritty war novel that marked the debut of author Viking Armourer... John Savard -- From: Kurt Foster [EMAIL PROTECTED] Crossposted-To: sci.math Subject: Re: (Game) 80-digits Factoring Challenge Date: 30 Jul 1999 04:08:44 GMT In sci.math Dann Corbit [EMAIL PROTECTED] wrote: . But I echo Bob Silverman's question: "Why should I want to factor this . number when I can just as easily come up with a similar value that would . be tough to factor?" Is it a Charmichael number? Some other type of . special pseudo-prime? What brings this number to the fore as opposed to . some other? I must concur with the questions. After all, that number could be "interesting" because it's the modulus for somebody else's encryption scheme or something like that. If a Carmichael number N were detected as composite by Rabin-Miller, I think you'd have factors in hand. -- From: [EMAIL PROTECTED] Crossposted-To: alt.security.pgp,alt.privacy,alt.security.keydist Subject: Re: hush mail Date: Fri, 30 Jul 1999 03:53:34 GMT Yeah, yeah, like that. Sent via Deja.com http://www.deja.com/ Share what you know. Learn what you don't. -- Crossposted-To: sci.math Date: Fri, 30 Jul 1999 16:49:27 +1200 From: don mcdonald [EMAIL PROTECTED] Reply-To: Don McDonald [EMAIL PROTECTED] Subject: Re: (Game) 80-digits Factoring Challenge On 29 Jul 1999, Foghorn Leghorn wrote: Date: 29 Jul 1999 21:00:51 -0500 From: Foghorn Leghorn [EMAIL PROTECTED] Newsgroups: sci.crypt, sci.math Subject: Re: (Game) 80-digits Factoring Challenge On Fri, 30 Jul 1999 09:20:23 +1000, "Greg Keogh" [EMAIL PROTECTED] wrote: So it's not a prime(?!) I'm not quite sure how Mathematica determines this, I think it uses the Miller-Rabin test, and I suspect that the test hasn't been validated for numbers of this magnitude. Any general comments on this would be most welcome. Proving that a large number is prime can be a challenge, but you can trust Mathematica when it says that the number is composite. If n is the given number, we can quickly compute 2 to the n-1 modulo n, and since the result is not 1, it follows that n is definitely composite. In Mathematica, you can type PowerMod[2,n-1,n] to run the (weak) probable prime test for base 2. The theory for this is Fermat's Little Theorem, which says that if p is prime and a is not divisible by p, then a^(p-1) is congruent to 1 modulo p. Foghorn Leghorn [EMAIL PROTECTED] How do I calculate the powermod function in PARI-gp research calc.? Please. I have Acorn UK 1993 compter 2 MB RAM, thanks. Anyone? / don. (loto) -- don.mcdonald | lot-to-it adviser + maths | rslts / 640 pers'lised # $5- Pg. 329 W'ellington 2, new zealand | call mdr +64( 4) 389 6820. formerly [EMAIL PRO
Cryptography-Digest Digest #955
Cryptography-Digest Digest #955, Volume #8 Sat, 23 Jan 99 15:13:03 EST Contents: Re: Metaphysics Of Randomness (Alan DeKok) Re: Cryptanalysis of Simple Block Ciphers ("Trevor Jackson, III") Re: S-box cycles (David Hamilton) Re: Who will win in AES contest ?? (Paul Crowley) Re: Pentium III... (fungus) Re: Pentium III... (Daniel James) Re: Who will win in AES contest ?? (Fabrice Noilhan) Nulls, Part IV (wtshaw) The Performance of Meet-in-the-Middle ([EMAIL PROTECTED]) Re: Cryptanalysis of Simple Block Ciphers (James Pate Williams, Jr.) Can anyone offer opinions on TEA, XTEA? (Thomas A. Oehser) Re: Cryptanalysis of Simple Block Ciphers (James Pate Williams, Jr.) From: [EMAIL PROTECTED] (Alan DeKok) Subject: Re: Metaphysics Of Randomness Date: 23 Jan 1999 10:31:17 -0500 In article [EMAIL PROTECTED], Boson [EMAIL PROTECTED] wrote: Your over-use of the adjective "true" is a gradeschool error. Next we will need super-duper random number generators: SDRNG. Then Ultra-Pure Random Number Generators: UPRNG. This sort of frothing at the mouth only shows how little you understand of the topic. If I gave you two sequences, could you clasify them as coming from a RNG vs. a TRNG? No. Sorry, the true answer is "Very often, yes." A random number generator produces random sequences of numbers. "apparently random" sequences, perhaps. There are different classes of random number generators: True, Pseudo, and Cryptographically secure. (To name a few). These have different properties and different biases. These biases often allow you to tell a PRNG from a TRNG. If you have to puff yourself up like an insecure simpleton by adding "true" to it, then you are uselessly posting immense amounts of crap. Or to use your notation, true crap. A 'True' RNG generates random numbers via *observational* methods. e.g. Watching decays from a radioactive source. A 'Pseudo' RNG generates random numbers via an *algorithm*. The simpler the algorithm, the more biased the random numbers. A 'Cryptographically secure' RNG generates random numbers via a *non-deterministic* algorithm. The output of any one generator is unpredictable even knowing the algorithm and all initial conditions. Alan DeKok. -- Date: Sat, 23 Jan 1999 13:00:11 -0500 From: "Trevor Jackson, III" [EMAIL PROTECTED] Subject: Re: Cryptanalysis of Simple Block Ciphers James Pate Williams, Jr. wrote: I am using a genetic algorithm (steady-state uniform crossover mutation rate of 10%) to find the key to the simple n-bit xor block cipher (C = P xor K) using a single known plaintext. This is just to test the applicability of GAs to simple block ciphers. I realize that with P and C known it is simple matter to calculate K (K = P xor C since P xor P = 0 and 0 xor K = K), however, I am using a GA to "intelligently" search the key space. The preliminary results do not look very promising since the number of keys correctly found tends to decrease exponentially with increased block size. Does anyone have any simple 8-bit block ciphers that are marginally (or perhaps) better than the simple xor cipher, if so, then please post them here or get in contact with me at the following e-mail address, I will share the code I generate from the algorithm and also I am willing to share my xor GA. I think the whole GA is more than necessary. I'd be interested in your fitness function and the theory behind it. How do you make is algorithm-independent without exponential evaluation costs? -- From: [EMAIL PROTECTED] (David Hamilton) Subject: Re: S-box cycles Date: Sat, 23 Jan 1999 18:10:39 GMT =BEGIN PGP SIGNED MESSAGE= [EMAIL PROTECTED] wrote: (snip) You end up with the identity transform which even some one with no brains like Hamilton would condsider weak. It doesn't take brains to ask David A. Scott the 6 questions on cryptography that he is afraid to answer. It may well take brains to answer some of them though ... no answers yet. (See message-ID: [EMAIL PROTECTED] in the thread 'Re: What is better : Blowfish, Des, Tripple-Des' posted in sci.crypt on 13th January for the half a dozen quesions.) David Hamilton. Only I give the right to read what I write and PGP allows me to make that choice. Use PGP now. I have revoked 2048 bit RSA key ID 0x40F703B9. Please do not use. Do use:- 2048bit rsa ID=0xFA412179 Fp=08DE A9CB D8D8 B282 FA14 58F6 69CE D32D 4096bit dh ID=0xA07AEA5E Fp=28BA 9E4C CA47 09C3 7B8A CE14 36F3 3560 A07A EA5E Both keys dated 1998/04/08 with sole UserID=[EMAIL PROTECTED] =BEGIN PGP SIGNATURE= Version: PGPfreeware 5.5.3i for non-commercial use http://www.pgpi.com Comment: Signed with RSA 2048 bit key iQEVAwUBNqn+d8o1RmX6QSF5