Cryptography-Digest Digest #986
Cryptography-Digest Digest #986, Volume #13 Sat, 24 Mar 01 06:13:01 EST Contents: Re: Open Source Implementations of PGP (Peter Harrison) Re: the classified seminal 1940 work of Alan Turing? (David A Molnar) Re: What do we mean when we say a cipher is broken? (Was Art of Cryptography) ("David Thompson") Re: NTRU - any opinions ("Dr. Yongge Wang") Re: Is Evidence Eliminator at all useful ?? (Eric Lee Green) I store gnupghome with my encrypted data... (jtnews) Re: I store gnupghome with my encrypted data... (stanislav shalunov) Re: Question about coding (David Formosa (aka ? the Platypus)) Re: Crack it! (Mok-Kong Shen) Re: What happens when RSA keys don't use primes? (Paul Schlyter) Re: A new DES? (Paul Schlyter) Re: A new DES? (Frank Gerlach) Re: I store gnupghome with my encrypted data... (Frank Gerlach) Re: I store gnupghome with my encrypted data... (Frank Gerlach) From: [EMAIL PROTECTED] (Peter Harrison) Subject: Re: Open Source Implementations of PGP Date: Sat, 24 Mar 2001 04:44:12 GMT On Sat, 24 Mar 2001 03:23:01 GMT, [EMAIL PROTECTED] (Tony L. Svanstrom) wrote: All the most known algorithms are available in all kinds of formats (libs, languages, explanations) all over the Net; you don't have know more math to use them than your language of choice would require otherwise. I have been collecting implementations of these in my target languages. I will be using AES for Symetric, RSA for Public Key. I have also been convinced to use DSS for Signing. Then you read the RFC and implement only the musts: URL:http://www.rfc-editor.org/rfc/rfc2440.txt or you write your own thing, but then you have to look at the pros and cons of doing such a thing. My current implementation isn't too far from a cut down PGP. I have spent some time writing a spec for a minimal PGP already. It's there, and those keyservers are not less secure than what you are suggesting. As a matter of fact... your system is less secure because a) it's easier to manipulate the data that a user will get and use from the keyserver, and b) people will feel safer when encryption is used "all the time". Of course, encryption won't be used "all the time", it will only be used by the users of your work; compared with people using PGP which not only is an existing open standard, not only was designed by a lot of people that know a lot about cryptography, not only has been reviewed a lot by people all over the world but also has a hell of a lot more users... The issue is that not many people are using PGP or any form of secure email right now. There are two reasons : Difficulty of use and no immediate value. Its like backups. Backups are a hassel, and are neglected by a great meany people. Its only when an individual loses data that the value of a backup is clear. Same with encryption. Which of course is useless since MITM is a serious problem with your system; so all you've managed to do is to give false security, which is far worse than no security. Not quite sure what you are saying here. Currently I can send a messgage to most Internet users pretending to be someone else by spoofing the sender and reply addresses. People ALREADY have a false sence of security - so all I am doing is actually providing some. Nice words, but beyond saying "if it isn't secure it will be secured" I don't see anything that actually backs up you claim that it will work that way. A simple MITM on the same network as a user will make every message sent and recieved by him unsecure, while your software tells him that he's secure... NOT GOOD!!! A man in the middle attack is possible in PGP as well. It is still considered secure? Then there has to be a central server that controls the whole thing (unless you allow the majority to rule, in which case an attac based on having a lot of servers on that network will completely take over it); and then people has to trust that server... Then we're down to a limited version of PGP that doesn't allow that the users pick an algorithm that they, a protocol less looked at and they have to trust some unknowns server for it to work. Anyhow, who's going to pay for that server when it's all free, and if people stop donating but keep on using it more and more then will you keep on paying for it to remain online? The list of servers is held on each server. The client will download changes to the list every time they connect - but from a random different server. I am actually simplifying slightly. This scheme as stated would not scale. There will probably be 'clusters' of servers which monitor each other - and they will have gateways. Then why don you just improve the (G)UI on existing OpenPGP-implementations by writing your own implementation...? There are no implementations in Delphi or VB. Since I can create a VB/ActiveX implementation from Delphi I am looking to write a native Delphi version.
Cryptography-Digest Digest #988
Cryptography-Digest Digest #988, Volume #13 Sat, 24 Mar 01 13:13:00 EST Contents: Re: Idiot Question -- Please Help a Crypto Moron (John Joseph Trammell) Re: Passphrase Recovery (not a stupid Q) ("Thomas J. Boschloo") Re: Idiot Question -- Please Help a Crypto Moron (Merrick) decryprtion help please? ("rh") Re: on-card key generation for smart card (Anne Lynn Wheeler) Re: What the Hell...Here's what my system can do at it's best... (Keill Randor) Re: Idiot Question -- Please Help a Crypto Moron (John Savard) Re: Crack it! (amateur) Hello ("Tom St Denis") Re: Crack it! (amateur) Re: New PGP Flaw Verified By Phil Zimmerman, Allows Signatures to be Forged (Bill Unruh) Re: A new DES? ("Simon Johnson") Re: Open Source Implementations of PGP (Bill Unruh) Re: decryprtion help please? (Jim Gillogly) Re: cryptography using the method of elliptic curve. ("Mauro") From: [EMAIL PROTECTED] (John Joseph Trammell) Subject: Re: Idiot Question -- Please Help a Crypto Moron Date: Sat, 24 Mar 2001 14:12:59 GMT On Sat, 24 Mar 2001 09:03:08 -0500, Og Johnson [EMAIL PROTECTED] wrote: I'm at work, and was just handed a word puzzle. If I don't answer it by noon today (it is 8:52 EST right now) I have to buy everyone in my office lunch. I'm too lazy to think, and I'm not feeling at all generous with my money, so could the Jim Gilloughys and the Bill Shaws of sci.crypt help a poor forty-niner out? You're not lazy enough. :-) http://www.google.com/search?q=send+more+money+puzzle -- From: "Thomas J. Boschloo" [EMAIL PROTECTED] Crossposted-To: alt.security.pgp Subject: Re: Passphrase Recovery (not a stupid Q) Date: Sat, 24 Mar 2001 15:32:21 +0100 "Ryan M. McConahy" wrote: No, this is not one of those "I lost my passphrase. How do I revoke my key?" questions. I had two keys, both RSA, both protected by the same passphrase. I lost that passphrase. I recovered one key from backup that had a pwd I remembered. Can I use this info to recover the key? This is a hard question. Your secret key is protected by the hash of your passphrase, maybe with some seeds included but let's be optimistic. So you know the exact plain-text for a secret key encrypted with the same passphrase. And you know of another key that is encrypted with (maybe) the same passphrase and same resulting hash. I just don't see how this would help you much, except for being able to check if you hit the correct 'symetric' key pretty efficiently. If I can't, does anyone know of a program that would try all the uppercase/lowercase combinations, then try altering each char., and try the uppercase/lowercase thing on that. I have heard of two, but they are mainly for RSA keys :-( You could write one yourself though, as the source is 'open' source, but you would need some programming experience. ftp.zedz.net Thomas -- Kittenbirds - You, me and Jesus: "I love your hair it's just so long" -- From: [EMAIL PROTECTED] (Merrick) Subject: Re: Idiot Question -- Please Help a Crypto Moron Date: Sat, 24 Mar 2001 14:58:09 GMT On Sat, 24 Mar 2001 09:03:08 -0500, "Og Johnson" [EMAIL PROTECTED] wrote: I'm at work, and was just handed a word puzzle. If I don't answer it by noon today (it is 8:52 EST right now) I have to buy everyone in my office lunch. I'm too lazy to think, and I'm not feeling at all generous with my money, so could the Jim Gilloughys and the Bill Shaws of sci.crypt help a poor forty-niner out? SNIP As long as you cannot have 0 for a first character, the answer is $10652 -- From: "rh" [EMAIL PROTECTED] Subject: decryprtion help please? Date: Sat, 24 Mar 2001 16:13:24 GMT A buddy had asked me yesterday, if it would be possible to migrate all of our pins from the current main system to the new test pin vault. We have no decryption utility that could do this. Below I have included some clear text pins and then the encrypted version that is located in the SQL database.I do know that the clear text pins "are encrypted with themselves." Pin Encrypted Pin in SQL DB 1234 9EE7964577447ADA 1F1D2C2ED301B2A6 test 8A49D1CCB9AA5DBB hello 7F85C0A9F3F86EC0 4567 60956233056154AC 1234565155482C2078BF2C voyager 73C63521A96FF1C9 ATLAS BFC44BCCC9ED5EE5 -- Robert Hawks http://www.elitedaytraders.com -- Subject: Re: on-card key generation for smart card Reply-To: Anne Lynn Wheeler [EMAIL PROTECTED] From: Anne Lynn Wheeler [EMAIL PROTECTED] Date: Sat, 24 Mar 2001 16:23:32 GMT Daniel James [EMAIL PROTECTED] writes: I have done APDU-level work with some of GemPlus's RSA smartcards. Their GPK4000 card generates a 1024-bit keyset in 160 seconds 90% of the time - the remaining 10% of the time you get an "operation not complete" error code and have to start again. Their newer
Cryptography-Digest Digest #989
Cryptography-Digest Digest #989, Volume #13 Sat, 24 Mar 01 14:13:01 EST Contents: Re: Hello (Frank Gerlach) Re: New PGP Flaw Verified By Phil Zimmerman, Allows Signatures to be Forged (SCOTT19U.ZIP_GUY) Re: decryprtion help please? (SCOTT19U.ZIP_GUY) Re: Idea - (LONG) (amateur) Re: Open Source Implementations of PGP (SCOTT19U.ZIP_GUY) Re: New PGP Flaw Verified By Phil Zimmerman, Allows Signatures to be (Frank Gerlach) Re: New PGP Flaw Verified By Phil Zimmerman, Allows Signatures to be (Frank Gerlach) Re: Idea - (LONG) (SCOTT19U.ZIP_GUY) Re: decryprtion help please? (Jim Gillogly) Re: Crack it! (Mok-Kong Shen) From: Frank Gerlach [EMAIL PROTECTED] Subject: Re: Hello Date: Sat, 24 Mar 2001 20:11:38 +0100 Tom St Denis wrote: Um anyone home? I posted a question 6hrs ago and no reply. BTW the NSA broke PGP and B.S works for the commies (that should get a reply, then while you are flaming me reply to my other question please...) -- Tom St Denis --- http://tomstdenis.home.dhs.org No, the NSA is sabotaging the usenet :-) -- From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) Crossposted-To: alt.privacy.anon-server,alt.security.pgp Subject: Re: New PGP Flaw Verified By Phil Zimmerman, Allows Signatures to be Forged Date: 24 Mar 2001 18:21:30 GMT [EMAIL PROTECTED] (Bill Unruh) wrote in 99imvl$ab$[EMAIL PROTECTED]: In 99av4l$q67$[EMAIL PROTECTED] Pawel Krawczyk [EMAIL PROTECTED] writes: In sci.crypt Bob C. [EMAIL PROTECTED] wrote: The exploit works by attacking the Digital Signature Algorithm's so-called discrete logarithm problem. DSA keys are typically stored in a file called secring.skr, and Klima and Rosa found that they could successfuly insert a replacement key in it. Every day new details leak painfully slow from the ICZ and it's still getting closer to another instance of what Bruce Schneier called `publicity attack'. First comments from ICZ suggested that the PGP has been broken, then that the secret key can be retrieved without knowing the passphrase, now we learn that you can substitute private key with your own, if you have access to the keyring. What an invention! ;-\ If this is right then the OpenPGP standard is broken. To break a cryptosystem does not necessarily imply breaking just the algorithm. A crypto system is the whole system, including the key storage. displaying a weakness anywhere is a break of the cryptosystem. This is an inherent I don't think you really belive what your saying "a weakness anywhere is a break of the cryptosystem" if you belived that the combination of non 1-1 compression with the encryption algorithm is also a break. But few seem to care and they claim its minor. David A. Scott -- SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE http://www.jim.com/jamesd/Kong/scott19u.zip Scott famous encryption website **now all allowed** http://members.xoom.com/ecil/index.htm Scott LATEST UPDATED source for scott*u.zip http://radiusnet.net/crypto/ then look for sub directory scott after pressing CRYPTO Scott famous Compression Page http://members.xoom.com/ecil/compress.htm **NOTE EMAIL address is for SPAMERS*** I leave you with this final thought from President Bill Clinton: -- From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) Subject: Re: decryprtion help please? Date: 24 Mar 2001 18:13:34 GMT [EMAIL PROTECTED] (rh) wrote in EI3v6.172$[EMAIL PROTECTED]: A buddy had asked me yesterday, if it would be possible to migrate all of our pins from the current main system to the new test pin vault. We have no decryption utility that could do this. Below I have included some clear text pins and then the encrypted version that is located in the SQL database.I do know that the clear text pins "are encrypted with themselves." Pin Encrypted Pin in SQL DB 1234 9EE7964577447ADA 1F1D2C2ED301B2A6 test 8A49D1CCB9AA5DBB hello 7F85C0A9F3F86EC0 4567 60956233056154AC 1234565155482C2078BF2C voyager 73C63521A96FF1C9 ATLAS BFC44BCCC9ED5EE5 -- Robert Hawks http://www.elitedaytraders.com Since each thing is "encrypted to same size" 64 bits it could be DES encryption. What is the size limit on password. Also its possible it could be a HASH of some type. Since you have the utillity that does the encryption it should not be that hard to trace through it and see what its using. Anotherpoint if the DATA base is anygood you can migrate the encrypted pins over. Since the code should always should encrypt any pins and then compare the test encrypted pin with the data base stored value assuming your using same encryption method for new system. Another common why would to be give users of old pins a time period where they old system would be in use to optionally check using old method. If key passes then store it encrypted using the new system.
Cryptography-Digest Digest #990
Cryptography-Digest Digest #990, Volume #13 Sat, 24 Mar 01 17:13:00 EST Contents: Re: decryprtion help please? (Mok-Kong Shen) Re: Fast and Easy crypt send (amateur) Re: Hello (Mok-Kong Shen) Re: Crack it! (amateur) Re: New PGP Flaw Verified By Phil Zimmerman, Allows Signatures to be Forged (SCOTT19U.ZIP_GUY) Re: on-card key generation for smart card (Chenghuai Lu) Re: New PGP Flaw Verified By Phil Zimmerman, Allows Signatures to be Forged (Bill Unruh) Re: New PGP Flaw Verified By Phil Zimmerman, Allows Signatures to be Forged (Tom McCune) Re: on-card key generation for smart card (Paul Rubin) Re: on-card key generation for smart card (Paul Rubin) Re: New PGP Flaw Verified By Phil Zimmerman, Allows Signatures to be (David Ross) Re: Hello (Frank Gerlach) Re: Valid condition for multiplicative generator? (Frank Gerlach) Re: Hello (Frank Gerlach) Re: Valid condition for multiplicative generator? (Frank Gerlach) Re: New PGP Flaw Verified By Phil Zimmerman, Allows Signatures to be (Tom McCune) Operations for the DES (William Hugh Murray) Keyloging (Peter Engehausen) Re: New PGP Flaw Verified By Phil Zimmerman, Allows Signatures to be Forged (Free-man) Re: Operations for the DES (Paul Rubin) Re: One-time Pad really unbreakable? (Benjamin Goldberg) Re: Valid condition for multiplicative generator? (Steve Portly) From: Mok-Kong Shen [EMAIL PROTECTED] Subject: Re: decryprtion help please? Date: Sat, 24 Mar 2001 20:09:26 +0100 rh wrote: A buddy had asked me yesterday, if it would be possible to migrate all of our pins from the current main system to the new test pin vault. We have no decryption utility that could do this. Below I have included some clear text pins and then the encrypted version that is located in the SQL database.I do know that the clear text pins "are encrypted with themselves." If it is a legal migration, your SQL manufacturer should certainly be able to help you, if difficulties arise. Otherwise, resist being persuaded by someone to find out how to eventually break the protection of your own system. M. K. Shen -- From: amateur [EMAIL PROTECTED] Subject: Re: Fast and Easy crypt send Date: Sat, 24 Mar 2001 14:10:59 -0400 There is 2 cases : 1. You did not understand what I wrote. 2. You read it, you understand it and you are trying (because I did not use "high-level technical language") just to show me that you are pro. I think it's the first case. My idea is nothing more than a version of OTP with the use and reuse of a short key. Case even and odd 0= 0 or 2 or 4 or 6 or 8 1= 1 or 3 or 5 or 7 or 9 For every bit I have 5 possible encryption. For 2 bits 5^2 For n bits 5^n. You have n bits in plain text. 5^n in encryption space. You can use use known plain text attack because every plain text give billions of billions of possibilities. You can't use differential cryptanalysis because the encryption is not a bijection. So what could you use? In OTP system you have for every two possibilties and you don't have "avalanche effect at left " that you have in additive or substractive operation. I have for every bit 5 possibilities in the case of even and odd. I add or substract using a single function M= a + k. You seems to forget the effect of addition operation. If I use just a matrice of keys-values as secret key combined a complex relation between those keys (polynomial function with n4), how could you solve it? Joseph Ashwood wrote: Your sequence is not random, almost all of the randomness disappeared immediately when you eliminated the outer key (which I assume we both agree happened). From there the only randomness left is the randomness in the original sequences, which had very little discernable randomness, so they can be pulled apart with a minor amount of difficulty. The first thing you need to realize is that the text you're encrypting is far from random, it has strong order, bias, etc. English is a good example, English text has between 1 and 2 bits of entropy per character (depending on several factors), this is quite a distance from the 8 bits that are used per character in ASCI, and further from the 16 and 32 bits that are used in various Unicodes. I still say that the place you need to start is in reading a book on cryptography. Joe "amateur" [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]... I'm still not convinced. I do not have to know cryptography to undertstand that a RANDOM sequence is non information at all. My encrypted text is RANDOM serie. How could you exploit random sequence??? Joseph Ashwood wrote: Honestly, I have explained it, I'm not going to explain it any more, read the sci.crypt FAQ, read a book on cryptography, if you still don't get it, then just realize that you don't get cryptography, and
Cryptography-Digest Digest #991
Cryptography-Digest Digest #991, Volume #13 Sat, 24 Mar 01 21:13:01 EST Contents: Re: Keyloging (nemo outis) Re: A future supercomputer (Benjamin Goldberg) Re: Idea - (LONG) ("Douglas A. Gwyn") Re: RC4 test vectors after gigabyte output?. (Benjamin Goldberg) Re: Fill-in-the-blank codes (similar to Error-correcting codes) (Ron Hardin) Re: your computer is spying on you 1833 (Frank Gerlach) Re: New PGP Flaw Verified By Phil Zimmerman, Allows Signatures to be (Frank Gerlach) Re: Idea - (LONG) (amateur) Re: Crack it! (Mok-Kong Shen) Re: New PGP Flaw Verified By Phil Zimmerman, Allows Signatures to be (Bart Bailey) Re: Crack it! (amateur) Is this a solution to the PGP flaw (Nicholas) Compression-encryption with a key (amateur) Uniform random integer (Benjamin Goldberg) 64 versus 128 (or bigger) bits cipher data block (Peter) From: [EMAIL PROTECTED] (nemo outis) Subject: Re: Keyloging Date: Sat, 24 Mar 2001 22:26:10 GMT What you suspect re HD writes is generally true. However a program could accumulate data in memory and do infrequent writes. The usual ways of detecting ordinary keyloggers (i.e., most of them) is: 1. looking for places they start up (assuming, as is usually the case, that they aren't patches to legitimate programs) 2. examining running processes (quite a few can deceive ctrl-alt-del, far fewer msconfig or the special programs (e.g., filemon, regmon fromwww.sysinternals.com, or ATM from http://atm.idic.caos.it). You can also use, for instance, "anti-sniffer" against network-based spying. There are also anti-trojans such as The Cleaner, etc. 3. looking for who has "hooked" the keyboard handler. One good anti-keylogger program is PC Investigator (aka hookprotect) from http://www.geocities.com/SiliconValley/Hills/8839/utils.html Cracks are available on altavista/.box.sk Also check out http://www.spychecker.com/ For info on keyloggers and other snoopware wander over to: http://www.trapware.com There are also hardware keyloggers - for one example go to: http://www.keyghost.com/ Incidentally, the most powerful spyware on the market seems to be the little-publicized and less-documented SilentRunner. Some limited info is available at the eponymous site: http://www.silentrunner.com/ Most of this stuff is better discussed on the alt.privacy forum. Regards, In article [EMAIL PROTECTED], [EMAIL PROTECTED] wrote: Hi! 1) I'm a newbie so don't get upset if I write nonsense, okay? 2) I was think about the following situation: Someone installed secretly a keyloging program (k-p) to get my passwords. I really have no idea how a typical k-p works, but it must save all tracked pressed key somewhere (memory or harddisk), mustn't it? I'm not a programmer, but if a k-p scans my keyboard, it should be possible to write a program which emulates key pressing. After activating this my harddisk should start to "cook" and go silent again when the program is stoped, shouldn't it? This would give a clue if a k-p scans my keyboard. What do you think? cu Peter -- From: Benjamin Goldberg [EMAIL PROTECTED] Subject: Re: A future supercomputer Date: Sat, 24 Mar 2001 22:49:04 GMT Bart Bailey wrote: Darren New wrote: JCA wrote: There is probably so much we ignore on the human brain's internal working that the computing power afforded by Blue Gene is likely to make no substantial difference in the effort to attain the goal you mention. Hence my skepticism about Blue Gene being a solid foundation, etc. Most times I've seen computing power compared with a brain, it's something along the lines of "each synapse is worth N bits" and then you count the synapses and the number of bits in the omputer. Or say "each nerve can fire Q times per second, and there are W nerves, so the brain does Q*W MIPS" or something. In other words, I've never seen a comparison where the actual structure of the brain is taken into acount. I believe it's a 3 dimensional analog matrix, with a variable clock rate, all mediated by the results of the incessant struggle between serotonin and acetylcholine. According to what I've read, some parts of the mind work an analog manner, some work in a digital manner. Also, simply saying "variable clock rate," is a vast understatement -- there isn't any central clock, so each neuron has it's own internal clock -- and and each of these clocks can go at a different speed in different situations, and they often operate asynchronously. -- The difference between theory and practice is that in theory, theory and practice are identical, but in practice, they are not. -- From: "Douglas A. Gwyn" [EMAIL PROTECTED] Subject: Re: Idea - (LONG) Date: Sat, 24 Mar 2001 22:50:21 GMT amateur wrote: Even if I used a short key of 12 digits, it's hard to