Cryptography-Digest Digest #965
Cryptography-Digest Digest #965, Volume #13 Wed, 21 Mar 01 20:13:01 EST Contents: Re: How to eliminate redondancy? (SCOTT19U.ZIP_GUY) Re: SSL question (Anne Lynn Wheeler) Re: SSL question (those who know me have no need of my name) Re: A future supercomputer (Mok-Kong Shen) Re: A future supercomputer ("JCA") Re: Most secure way to add passphrase verification to "CipherSaber" (Joe H. Acker) Re: A future supercomputer (Anne Lynn Wheeler) Re: Applied Cryptography Source Disk ([EMAIL PROTECTED]) VB3 crypto (Ryan M.McConahy) Re: RC4 test vectors after gigabyte output?. (Luis Yanes) Re: Idea ("Joseph Ashwood") Re: SSL question ("Joseph Ashwood") Re: Algebraic 1024-bit block cipher ("Jimi Thompson") Re: Security of Triple-DES ("Joseph Ashwood") Re: Fast and Easy crypt send ("Joseph Ashwood") Re: Strong Primes ("Joseph Ashwood") Re: How to eliminate redondancy? (moving steadily towards being computer (Steve Portly) Re: RC4 test vectors after gigabyte output?. (Luis Yanes) Re: NSA in the news on CNN ("Douglas A. Gwyn") Re: Most secure way to add passphrase verification to "CipherSaber" (Paul Rubin) From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) Subject: Re: How to eliminate redondancy? Date: 21 Mar 2001 21:52:04 GMT [EMAIL PROTECTED] (Benjamin Goldberg) wrote in [EMAIL PROTECTED]: Given a general purpose (bijective, nonpermutative) compressor whose domain is the set of all files, but whose range is a proper subset of the set of all files, and... Given a general purpose (bijective, permutative) encipherer whose domain is the set of all files, and whose range is also the set of all files. We can create a system which compresses and the encrypts, and it will have the following properties: The domain of the system is the set of all files, and the range of the system is the set of encrypted versions of those files which the compressor outputs. Now that the domain and range of the combined compress + encrypt system are both defined, it is easy to see that it is a bijection. It is also easy to see that it is not a permutation, since the range of the system is a proper subset of the set of all files, and thus not equal to the domain. Your the one who choose the word perutation. And yes it sounds like your describing my idea of how compression with encryption should be done. For set set of real files ( maybe your proper subset if inifinte ) let X be a member of that set S1. let S2 be the set of all binary 8-bit byte files. let Y be a memmber of that set. then if the compressor for any X has Uncompress( Compress( X )) = X and for any file Y having Compress( Uncompress( Y )) = Y and since your doing fully bijective encryption on S2 to S2 by the encryption part. The two in series make for a fully bijective compression encryption scheme and that is what I am striving for. Bijective Compression that when properly mated to a bijective encryption process if done correctly can make this happen. snip rest of dribble!! David A. Scott -- SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE http://www.jim.com/jamesd/Kong/scott19u.zip Scott famous encryption website **now all allowed** http://members.xoom.com/ecil/index.htm Scott LATEST UPDATED source for scott*u.zip http://radiusnet.net/crypto/ then look for sub directory scott after pressing CRYPTO Scott famous Compression Page http://members.xoom.com/ecil/compress.htm **NOTE EMAIL address is for SPAMERS*** I leave you with this final thought from President Bill Clinton: -- Subject: Re: SSL question Reply-To: Anne Lynn Wheeler [EMAIL PROTECTED] From: Anne Lynn Wheeler [EMAIL PROTECTED] Date: Wed, 21 Mar 2001 22:06:41 GMT Paul Rubin [EMAIL PROTECTED] writes: Normally the definition of a client and a server is that the client initiates sessions. If you're saying you want a remote site to initiate a session on a user's PC, no problem. You install a server program on the user's PC and a client program on the remote site. If you're just trying to periodically update data in a browser, then the usual way is to use the html meta tag to refresh the data once a minute, or else do something similar with javascript. That's completely independent of SSL and can be done with or without SSL. note however, most server software (i.e. software that accepts connections from remote sources) are typically cleansed from personal machines since they frequently are avenues for exploits ... and most users aren't nominally sophisticated enuf to securely manage platforms containing software that accepts connections from remote clients. There is frequently also questions about client software that initiates sessions from a user's machine without direct end-user action. -- Anne Lynn Wheeler
Cryptography-Digest Digest #965
Cryptography-Digest Digest #965, Volume #12 Fri, 20 Oct 00 16:13:01 EDT Contents: deterministic RSA key generation (Francois Grieu) Vigenere Cipher (was: What is desCDMF?) (phil hunt) Re: Works the md5 hash also for large datafiles (4GB) ? (Daniel Leonard) New Encryption Regulations Take Effect On Today (Markku J. Saarelainen) New Encryption Regulations Take Effect On Today (Markku J. Saarelainen) Re: Looking for small implementation of an asymmetric encryption (Mike Rosing) Re: deterministic RSA key generation (Roger) SNAKE key exchange ([EMAIL PROTECTED]) Re: On block encryption processing with intermediate permutations (Mok-Kong Shen) Re: Looking for small implementation of an asymmetric encryption (John Myre) Re: Encrypting large blocks with Rijndael (Mok-Kong Shen) Re: Which "password" is best. (John Myre) Re: Vigenere Cipher (was: What is desCDMF?) (John Myre) Re: Encrypting large blocks with Rijndael (John Myre) Re: Encrypting large blocks with Rijndael (John Myre) Re: Encrypting large blocks with Rijndael (John Myre) Re: BIOS password, will it protect PC with PGPDisk against tampering ? ("Seeker") SHA-384 and SHA-512 (Daniel Leonard) Re: Huffman stream cipher. (Benjamin Goldberg) Re: Looking for small implementation of an asymmetric encryption algorithm (Benjamin Goldberg) Re: A question about DES (Benjamin Goldberg) Re: Works the md5 hash also for large datafiles (4GB) ? (Benjamin Goldberg) Re: Works the md5 hash also for large datafiles (4GB) ? (Benjamin Goldberg) From: Francois Grieu [EMAIL PROTECTED] Subject: deterministic RSA key generation Date: Fri, 20 Oct 2000 16:17:58 +0200 One thing strikes me: it would often be usefull to use a deterministic, standardised method to generate an RSA key from a seed value, like a passphrase. Question: is there an established standard for something like (p, q) = F(passphrase, bit-size_of_pq, public_e) ? I can vaguely remember this was suggested for ISO/IEC X.509, but did it get standardised ? Usage includes: - remember (something sufficient to generate) your RSA secret key, rather than relying on a secring file + passphrase. - key generation for the cautious: different persons/teams, simply trusted not to actively collaborate against you, implement the key generator; use their program on isolated machines (or on the same isolated machine with no remanent memory) with the same long passphrase, and check the results are the same. - academicaly verifiable RSA key generation algorithm - easily verifiable implementation - usable as a building block for a true-random key generator (just use true-random for the passphrase) There is, of course, a danger: brute-force passphrase-guessing attacks are possible on the public key alone, which is not the case with more traditional key generation schemes. Maybe there could be a security parameter to the algorithm, defining the amount of computational work necessary for the generation. There is clearly no technical difficulty in defining such a deterministic key generation technique. Some existing RSA key generators internaly have a deterministic engine that operates on a pseudo-random generator, originally seeded from an initial true-random seed. The problem is: find one key generator generaly accepted Francois Grieu -- From: [EMAIL PROTECTED] (phil hunt) Subject: Vigenere Cipher (was: What is desCDMF?) Date: Fri, 20 Oct 2000 02:01:11 +0100 On Thu, 19 Oct 2000 18:22:23 +0100, Richard Heathfield [EMAIL PROTECTED] wrote: 1) Newbie-level study of cryptanalytic techniques. This makes even a monoalphabetic sub or Vigenere cipher worth doing. There was a program on UK TV this evening about the Vigenere cipher. Aparently it was invented c. 1600 and cracked c. 1850 by Charles Babbage. My question is: why did it take so long to crack? It is basically a repeating Caesar cipher using a variable length key. So to crack it, try key lengths of 1, 2, 3, ... etc until you get a key length where frequency analysis of the letters yields interesting results, then proceed to use this as a basis to guess the value for that letter in the key. (Babbage used what's probably a quicker technique: look for repeating sequences of letters, then the key-length is likely to be a factor of the distance between the starts of each sequence). My question is: why did it take so long to work out this technique? It seems a bit obvious to me. Perhaps someone broke the cipher previously, but kept knowledge of it secret (useful if one's adversary thinks it is unbreakable). -- *[ Phil Hunt ]* "An unforseen issue has arisen with your computer. Don't worry your silly little head about what has gone wrong; here's a pretty animation of a paperclip to look at instead." -- Windows2007 error message --
Cryptography-Digest Digest #965
Cryptography-Digest Digest #965, Volume #9Sun, 1 Aug 99 16:13:04 EDT Contents: Re: Americans abroad/Encryption rules? (Dmitri Alperovitch) Re: How to write REALLY PORTABLE code dealing with bits (Was: How Big is a Byte?) (Martin Ambuhl) Re: With all the talk about random... (Herman Rubin) Re: How to write REALLY PORTABLE code dealing with bits (Was: How Big is a Byte?) (Guenther Brunthaler) Help please (WWI/WWII ciphers) ("Mike Blais") Re: How to write REALLY PORTABLE code dealing with bits (Was: How Big is a Byte?) (Daniel W. Johnson) Re: With all the talk about random... ([EMAIL PROTECTED]) How to keep crypto DLLs Secure? (James Thye) Re: How to write REALLY PORTABLE code dealing with bits (Was: How Big is a Byte?) (Peter Seebach) Re: bits and bytes (Gergo Barany) Re: Math ([EMAIL PROTECTED]) From: [EMAIL PROTECTED] (Dmitri Alperovitch) Subject: Re: Americans abroad/Encryption rules? Date: Sun, 01 Aug 1999 17:39:05 GMT Bill, that's strange. When was the "personal use exemption" taken off the books? I'm not a lawyer, but it seems to me that if they let you export the software out of U.S. like that, they would have no legal power to stop you from distributing that software to anyone you wish to give it there (assuming that the program is freeware, of course) Regards, Dmitri -- From: Martin Ambuhl [EMAIL PROTECTED] Crossposted-To: alt.folklore.computers,alt.comp.lang.learn.c-c++,comp.lang.c++ Subject: Re: How to write REALLY PORTABLE code dealing with bits (Was: How Big is a Byte?) Date: Sun, 01 Aug 1999 12:27:58 -0400 [EMAIL PROTECTED] wrote: That's not true. There is no definition of 'byte' in ANSI C. sizeof() returns the length of 'chars' it requires to store the object. To avoid appearing a fool, it helps to not make flat statements that are completely untrue. They indicate not only a lack of knowledge but a reckless disregard for the truth. From the standard (ISO 9899:1990) we find the following definition that you just assured us does not exist: 3 Definititions and conventions 3.4 byte. The unit of data storage large enough to hold any member of the basic character set of the execution environment. It shall be possible to express the address of each individual byte of an object uniquely. A byte is composed of a contiguous sequence of bits, the number of which is implementation-defined. The least significant bit is called the low-order bit; the most significant bit is called the high-order bit. -- Martin Ambuhl [EMAIL PROTECTED] __ Fight spam now! Get your free anti-spam service: http://www.brightmail.com -- From: [EMAIL PROTECTED] (Herman Rubin) Subject: Re: With all the talk about random... Date: 1 Aug 1999 13:53:36 -0500 In article [EMAIL PROTECTED], Robert C. Paulsen, Jr. [EMAIL PROTECTED] wrote: Herman Rubin wrote: There are stochastic effects, due to imperfections and thermal noise, which increase the lack of determinacy. If we roll the die far enough, quantum indeterminacy in the actions of other objects will introduce randomness. That seems like a natural explanation to me too, but when I made such a suggestion in another thread a few weeks back several people replied saying essentially that ... a) There was no quantum indeterminacy involved in dice rolling, and b) quantum indeterminacy was not required to get true randomness from rolling dice. As far as I know, the only behavior in the universe known to involve true randomness is is from quantum effects. Other stochastic effects, chaos, complexity, etc. are just ways of describing or dealing with situations where we lack enough information to make predictions based on the underlying determinacy, even though this information is obtainable in principle. It is not unheard of for quantum randomness to make itself known on a macroscopic scale -- a Geiger counter is the obvious example. Perhaps rolling dice is another example. I really don't know if the results of dice rolling actually is effected by quantum indeterminacy but it would be interesting to see a "proof" one way or the other. I have no idea how complicated the quantum-mechanical interactions of a die rolling would be, or even the classical situation going down to the atomic level, but it would certainly require major simplifications to get anything which could be analyzed. I was once told by a physicist that if one dropped a perfectly elastic steel ball on another identical one from its height, the expected number of bounces before it fell off would be about 3. -- This address is for information only. I do not claim that these views are those of the Statistics Department or of Purdue University. Herman Rubin, Dept. of Statistics, Purdue Univ., West Lafayette IN47907-1399 [