Re: Saving Opportunistic Encryption
Tarapia Tapioco wrote: We've recently seen FreeS/WAN die, not least due to the apparent practical failure of Opportunistic Encryption. The largest blocking point for deployment of OE always seemed to be the requirement for publishing one's key in the reverse DNS space. ... Yes. So, the apparent solution for me seems to be the approach that the SPAM blacklists used - publish information in a subspace of the forward DNS space instead of using the authoritative in-addr.arpa area. Worth discussing at least. A possible implementation looks like this: ... * Linux/KAME's IKE daemon racoon is patched to attempt retrieval of an RSA key from said DNS repository and generate appropriate security policies. Cleaner solution, but more work probably. Why would you use racoon? FreeS/WAN's Pluto is available, under GPL, already does OE, and works with 2.6 kernel IPsec (though I'm not certain if patches are needed for that). Wouldn't it be a better starting point?
Re: research paper
someone wrote: I'm currently doing a research paper, with the topic of cryptography being essiantial for society, ... I was wondering if there where any particular books, websites, ... One web page with a lot of links: http://www.freeswan.org/freeswan_trees/freeswan-2.05/doc/politics.html
Re: War for drugs...
Anonymous wrote: Yeah--you got it--Poppies...and now that the Warlords are back in charge the cash crop is back. Remember that it was the US which encouraged the Taliban to crack down on the cultivation of Afghanistan poppies. A gift of several million US dollars convinced the Taliban to ban the farming of poppies, depriving the Afghani farmers of their livlihood, while not impacting the world drug trade (the Taliban wisely retained stock-piles of processed crop, ready for price-fixing.) Methinks its more complex than that. I'm surprised to see reports of opium coming out of Afghanistan at all. I was there in 1974, before the 1979 Russian invasion. Hashish was eveywhere of course -- it is part of the culture, always has been. We had offers to sell us hash from all sorts of people. Army officers at military checkpoints, waiters, respectable pillar-of-the-community businessmen running shops, sleazy lads who also wanted to introduce me to some local girls, customs oficers, ... We were offerred any amount from a few grams for our pipes up to multiple kilos built into furniture for export. We were not offerred opium or any of its derivatives. Opium was readily available in Iran, then under that Shah, and being smoked by both Iranians and foreigners at one party we went to. We saw large fields of opium poppies in Turkey. In Af, we saw no poppies and no opium. So now, when I hear reports of opium in Af, I'm inclined to assume it is a new phenomenon created for the Western (mainly American) market in response to various crackdowns in Turkey and Iran. I wish I had some reason to think America's war on drugs apparatus might behave sanely in Af, in particular that they wouldn't be stupid enough to attack marijuana and hasish cultivation. However, my guess is that they will try to ram all of their idiocy down Afghan throats. This is likely to mean some dead Americans and perhaps retaliation for that. It could be a real mess.
Re: XORing bits to eliminate skew
Sarad AV wrote: --- Sandy Harris [EMAIL PROTECTED] wrote: [EMAIL PROTECTED] wrote: there's a well known simple scheme ... I read that Intel chipsets use something similar, its given in rfc 1750 5.2.2 Using Transition Mappings to De-Skew I know the von Neumann technique for pairs of bits. George explained it correctly, and RFC 1750 and various other sources also do so. My question was: What is the technique with three input bits that Intel is reported to use?
Re: Finding encrytion algorithm
Mike Rosing wrote: On Thu, 11 Jul 2002, gfgs pedo wrote: suppose a cryptanalysis only has encrypted data-how is going 2 know which is the encrytion algorithm used 2 encrypt the data ,so that he can effeciently cryptanalyse if 1:he has large amount of cipher text only 2:has large amount of plain text and corresponding cipher text. There r so many encryption algorithms,how does he know which algorithm was used? Depends on how they got the source. They may know it's one of 5 possible choices because of the person who sent (or received) it. It may not matter much. Suppose it could be one of a hundred algorithms, a dozen of which you know how to break. If it is important and you have the resources, you just try all twelve breaks. If one works, then you know the algorithm. If not, you don't care; you know it's one you cannot break, so details are not important. Doing this is only at worst 12 times harder than breaking a single known cipher. If some of your 12 breaks are easy, then total effort is much less than 12 times the hardest cipher. When we're talking about 2^40 steps to break a laughably weak cipher and 2^100 for a good one, making it 12, or 1000, times harder is not a very interesting difference. If it's just found on a disk in a garbage dump with no connections to anyone, it's a bit tougher. Then you've no reason to think it is important enough to be worth breaking. You can still try. But every algorithm has some statistical signature No. Any good algorithm should produce output that looks /exactly/ like random noise, hence they should all look like each other. This may not be precisely true, but all decent algorithms will look random enough to make distinguishing quite difficult. and if you've got enough cipher text you can compare that signature with known algorithms to home in on fewer choices. I'm not sure having the plaintext helps much more, but you could use random keys to create several ciphertexts with known algorithms and compare the statistics just to see if they compare better. It's definitly challenging :-)
number of bits in bent funtion
Is there a general rule for the number of set bits in a bent boolean function of n input bits? I know from the Mister and Adams paper at SAC 96: http://adonis.ee.queensu.ca:8000/sac/sac96/papers.html that any 8-bit bent function has either 120 or 136 bits set. That's (2^8)/2 +- 8. Does that generalise to (2^n)/2 +- n for any even n? Or is there some other general rule?