Cryptography-Digest Digest #965
Cryptography-Digest Digest #965, Volume #13 Wed, 21 Mar 01 20:13:01 EST
Contents:
Re: How to eliminate redondancy? (SCOTT19U.ZIP_GUY)
Re: SSL question (Anne Lynn Wheeler)
Re: SSL question (those who know me have no need of my name)
Re: A future supercomputer (Mok-Kong Shen)
Re: A future supercomputer ("JCA")
Re: Most secure way to add passphrase verification to "CipherSaber" (Joe H. Acker)
Re: A future supercomputer (Anne Lynn Wheeler)
Re: Applied Cryptography Source Disk ([EMAIL PROTECTED])
VB3 crypto (Ryan M.McConahy)
Re: RC4 test vectors after gigabyte output?. (Luis Yanes)
Re: Idea ("Joseph Ashwood")
Re: SSL question ("Joseph Ashwood")
Re: Algebraic 1024-bit block cipher ("Jimi Thompson")
Re: Security of Triple-DES ("Joseph Ashwood")
Re: Fast and Easy crypt send ("Joseph Ashwood")
Re: Strong Primes ("Joseph Ashwood")
Re: How to eliminate redondancy? (moving steadily towards being computer (Steve
Portly)
Re: RC4 test vectors after gigabyte output?. (Luis Yanes)
Re: NSA in the news on CNN ("Douglas A. Gwyn")
Re: Most secure way to add passphrase verification to "CipherSaber" (Paul Rubin)
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: How to eliminate redondancy?
Date: 21 Mar 2001 21:52:04 GMT
[EMAIL PROTECTED] (Benjamin Goldberg) wrote in
[EMAIL PROTECTED]:
Given a general purpose (bijective, nonpermutative) compressor whose
domain is the set of all files, but whose range is a proper subset of
the set of all files, and... Given a general purpose (bijective,
permutative) encipherer whose domain is the set of all files, and whose
range is also the set of all files.
We can create a system which compresses and the encrypts, and it will
have the following properties:
The domain of the system is the set of all files, and the range of the
system is the set of encrypted versions of those files which the
compressor outputs.
Now that the domain and range of the combined compress + encrypt system
are both defined, it is easy to see that it is a bijection. It is also
easy to see that it is not a permutation, since the range of the system
is a proper subset of the set of all files, and thus not equal to the
domain.
Your the one who choose the word perutation. And yes it sounds
like your describing my idea of how compression with encryption should
be done.
For set set of real files ( maybe your proper subset if inifinte )
let X be a member of that set S1. let S2 be the set of all binary
8-bit byte files. let Y be a memmber of that set.
then if the compressor for any X has Uncompress( Compress( X )) = X
and for any file Y having Compress( Uncompress( Y )) = Y
and since your doing fully bijective encryption on S2 to S2 by the
encryption part.
The two in series make for a fully bijective compression encryption
scheme and that is what I am striving for. Bijective Compression that when
properly mated to a bijective encryption process if done correctly can
make this happen.
snip rest of dribble!!
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.xoom.com/ecil/index.htm
Scott LATEST UPDATED source for scott*u.zip
http://radiusnet.net/crypto/ then look for
sub directory scott after pressing CRYPTO
Scott famous Compression Page
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
--
Subject: Re: SSL question
Reply-To: Anne Lynn Wheeler [EMAIL PROTECTED]
From: Anne Lynn Wheeler [EMAIL PROTECTED]
Date: Wed, 21 Mar 2001 22:06:41 GMT
Paul Rubin [EMAIL PROTECTED] writes:
Normally the definition of a client and a server is that the client
initiates sessions. If you're saying you want a remote site to
initiate a session on a user's PC, no problem. You install a server
program on the user's PC and a client program on the remote site.
If you're just trying to periodically update data in a browser, then
the usual way is to use the html meta tag to refresh the data once
a minute, or else do something similar with javascript. That's
completely independent of SSL and can be done with or without SSL.
note however, most server software (i.e. software that accepts
connections from remote sources) are typically cleansed from personal
machines since they frequently are avenues for exploits ... and most
users aren't nominally sophisticated enuf to securely manage platforms
containing software that accepts connections from remote
clients. There is frequently also questions about client software that
initiates sessions from a user's machine without direct end-user
action.
--
Anne Lynn Wheeler
Cryptography-Digest Digest #965
Cryptography-Digest Digest #965, Volume #12 Fri, 20 Oct 00 16:13:01 EDT
Contents:
deterministic RSA key generation (Francois Grieu)
Vigenere Cipher (was: What is desCDMF?) (phil hunt)
Re: Works the md5 hash also for large datafiles (4GB) ? (Daniel Leonard)
New Encryption Regulations Take Effect On Today (Markku J. Saarelainen)
New Encryption Regulations Take Effect On Today (Markku J. Saarelainen)
Re: Looking for small implementation of an asymmetric encryption (Mike Rosing)
Re: deterministic RSA key generation (Roger)
SNAKE key exchange ([EMAIL PROTECTED])
Re: On block encryption processing with intermediate permutations (Mok-Kong Shen)
Re: Looking for small implementation of an asymmetric encryption (John Myre)
Re: Encrypting large blocks with Rijndael (Mok-Kong Shen)
Re: Which "password" is best. (John Myre)
Re: Vigenere Cipher (was: What is desCDMF?) (John Myre)
Re: Encrypting large blocks with Rijndael (John Myre)
Re: Encrypting large blocks with Rijndael (John Myre)
Re: Encrypting large blocks with Rijndael (John Myre)
Re: BIOS password, will it protect PC with PGPDisk against tampering ? ("Seeker")
SHA-384 and SHA-512 (Daniel Leonard)
Re: Huffman stream cipher. (Benjamin Goldberg)
Re: Looking for small implementation of an asymmetric encryption algorithm (Benjamin
Goldberg)
Re: A question about DES (Benjamin Goldberg)
Re: Works the md5 hash also for large datafiles (4GB) ? (Benjamin Goldberg)
Re: Works the md5 hash also for large datafiles (4GB) ? (Benjamin Goldberg)
From: Francois Grieu [EMAIL PROTECTED]
Subject: deterministic RSA key generation
Date: Fri, 20 Oct 2000 16:17:58 +0200
One thing strikes me: it would often be usefull to use a
deterministic, standardised method to generate an RSA key from
a seed value, like a passphrase.
Question: is there an established standard for something like
(p, q) = F(passphrase, bit-size_of_pq, public_e) ?
I can vaguely remember this was suggested for ISO/IEC X.509,
but did it get standardised ?
Usage includes:
- remember (something sufficient to generate) your RSA secret
key, rather than relying on a secring file + passphrase.
- key generation for the cautious: different persons/teams,
simply trusted not to actively collaborate against you,
implement the key generator; use their program on isolated
machines (or on the same isolated machine with no remanent
memory) with the same long passphrase, and check the
results are the same.
- academicaly verifiable RSA key generation algorithm
- easily verifiable implementation
- usable as a building block for a true-random key generator
(just use true-random for the passphrase)
There is, of course, a danger: brute-force passphrase-guessing
attacks are possible on the public key alone, which is not the
case with more traditional key generation schemes. Maybe
there could be a security parameter to the algorithm, defining
the amount of computational work necessary for the generation.
There is clearly no technical difficulty in defining such a
deterministic key generation technique. Some existing RSA
key generators internaly have a deterministic engine that
operates on a pseudo-random generator, originally seeded from
an initial true-random seed. The problem is: find one key
generator generaly accepted
Francois Grieu
--
From: [EMAIL PROTECTED] (phil hunt)
Subject: Vigenere Cipher (was: What is desCDMF?)
Date: Fri, 20 Oct 2000 02:01:11 +0100
On Thu, 19 Oct 2000 18:22:23 +0100, Richard Heathfield [EMAIL PROTECTED] wrote:
1) Newbie-level study of cryptanalytic techniques. This makes even a
monoalphabetic sub or Vigenere cipher worth doing.
There was a program on UK TV this evening about the Vigenere cipher. Aparently
it was invented c. 1600 and cracked c. 1850 by Charles Babbage.
My question is: why did it take so long to crack?
It is basically a repeating Caesar cipher using a variable length key.
So to crack it, try key lengths of 1, 2, 3, ... etc until you get
a key length where frequency analysis of the letters yields
interesting results, then proceed to use this as a basis to guess
the value for that letter in the key.
(Babbage used what's probably a quicker technique: look for
repeating sequences of letters, then the key-length is likely to
be a factor of the distance between the starts of each sequence).
My question is: why did it take so long to work out this
technique? It seems a bit obvious to me.
Perhaps someone broke the cipher previously, but kept knowledge of
it secret (useful if one's adversary thinks it is unbreakable).
--
*[ Phil Hunt ]*
"An unforseen issue has arisen with your computer. Don't worry your
silly little head about what has gone wrong; here's a pretty animation
of a paperclip to look at instead." -- Windows2007 error message
--
Cryptography-Digest Digest #965
Cryptography-Digest Digest #965, Volume #9Sun, 1 Aug 99 16:13:04 EDT
Contents:
Re: Americans abroad/Encryption rules? (Dmitri Alperovitch)
Re: How to write REALLY PORTABLE code dealing with bits (Was: How Big is a Byte?)
(Martin Ambuhl)
Re: With all the talk about random... (Herman Rubin)
Re: How to write REALLY PORTABLE code dealing with bits (Was: How Big is a Byte?)
(Guenther Brunthaler)
Help please (WWI/WWII ciphers) ("Mike Blais")
Re: How to write REALLY PORTABLE code dealing with bits (Was: How Big is a Byte?)
(Daniel W. Johnson)
Re: With all the talk about random... ([EMAIL PROTECTED])
How to keep crypto DLLs Secure? (James Thye)
Re: How to write REALLY PORTABLE code dealing with bits (Was: How Big is a Byte?)
(Peter Seebach)
Re: bits and bytes (Gergo Barany)
Re: Math ([EMAIL PROTECTED])
From: [EMAIL PROTECTED] (Dmitri Alperovitch)
Subject: Re: Americans abroad/Encryption rules?
Date: Sun, 01 Aug 1999 17:39:05 GMT
Bill, that's strange. When was the "personal use exemption" taken off the
books?
I'm not a lawyer, but it seems to me that if they let you export the
software out of U.S. like that, they would have no legal power to stop
you from distributing that software to anyone you wish to give it there
(assuming that the program is freeware, of course)
Regards,
Dmitri
--
From: Martin Ambuhl [EMAIL PROTECTED]
Crossposted-To: alt.folklore.computers,alt.comp.lang.learn.c-c++,comp.lang.c++
Subject: Re: How to write REALLY PORTABLE code dealing with bits (Was: How Big is a
Byte?)
Date: Sun, 01 Aug 1999 12:27:58 -0400
[EMAIL PROTECTED] wrote:
That's not true. There is no definition of 'byte' in ANSI C. sizeof()
returns the length of 'chars' it requires to store the object.
To avoid appearing a fool, it helps to not make flat statements that are
completely untrue. They indicate not only a lack of knowledge but a
reckless disregard for the truth. From the standard (ISO 9899:1990) we
find the following definition that you just assured us does not exist:
3 Definititions and conventions
3.4 byte. The unit of data storage large enough to hold any member of
the basic character set of the execution environment. It shall be
possible to express the address of each individual byte of an object
uniquely. A byte is composed of a contiguous sequence of bits, the
number of which is implementation-defined. The least significant bit is
called the low-order bit; the most significant bit is called the
high-order bit.
--
Martin Ambuhl [EMAIL PROTECTED]
__
Fight spam now!
Get your free anti-spam service: http://www.brightmail.com
--
From: [EMAIL PROTECTED] (Herman Rubin)
Subject: Re: With all the talk about random...
Date: 1 Aug 1999 13:53:36 -0500
In article [EMAIL PROTECTED],
Robert C. Paulsen, Jr. [EMAIL PROTECTED] wrote:
Herman Rubin wrote:
There are stochastic effects, due to imperfections and thermal
noise, which increase the lack of determinacy. If we roll the
die far enough, quantum indeterminacy in the actions of other
objects will introduce randomness.
That seems like a natural explanation to me too, but when I made
such a suggestion in another thread a few weeks back several people
replied saying essentially that ...
a) There was no quantum indeterminacy involved in dice rolling, and
b) quantum indeterminacy was not required to get true randomness
from rolling dice.
As far as I know, the only behavior in the universe known to
involve true randomness is is from quantum effects.
Other stochastic effects, chaos, complexity, etc. are just ways of
describing or dealing with situations where we lack enough
information to make predictions based on the underlying determinacy,
even though this information is obtainable in principle.
It is not unheard of for quantum randomness to make itself known on
a macroscopic scale -- a Geiger counter is the obvious example.
Perhaps rolling dice is another example. I really don't know if the
results of dice rolling actually is effected by quantum
indeterminacy but it would be interesting to see a "proof" one
way or the other.
I have no idea how complicated the quantum-mechanical interactions
of a die rolling would be, or even the classical situation going
down to the atomic level, but it would certainly require major
simplifications to get anything which could be analyzed.
I was once told by a physicist that if one dropped a perfectly
elastic steel ball on another identical one from its height, the
expected number of bounces before it fell off would be about 3.
--
This address is for information only. I do not claim that these views
are those of the Statistics Department or of Purdue University.
Herman Rubin, Dept. of Statistics, Purdue Univ., West Lafayette IN47907-1399
[
