Cryptography-Digest Digest #538
Cryptography-Digest Digest #538, Volume #13 Wed, 24 Jan 01 06:13:01 EST
Contents:
Re: Cryptographic Windows APIs or OCX? (Pascal Junod)
Re: Dynamic Transposition Revisited (long) ("John A. Malley")
Re: TSEPRNG, a secure RNG ? (Dan Parisien)
Re: Attn: Chris, Oops I did it again ("Thomas J. Boschloo")
Re: Fitting Dynamic Transposition into a Binary World (John Savard)
Re: Dynamic Transposition Revisited (long) (Mok-Kong Shen)
Re: using AES finalists in series? (Mok-Kong Shen)
Re: caching passwords in windows registry (Ichinin)
Re: Cryptographic Camouflage (Mok-Kong Shen)
Re: Dynamic Transposition Revisited (long) (John Savard)
Date: Wed, 24 Jan 2001 08:22:47 +0100
From: Pascal Junod [EMAIL PROTECTED]
Subject: Re: Cryptographic Windows APIs or OCX?
On Tue, 23 Jan 2001, Armando P. wrote:
Ok, I'll make it short and simple: I am a software developer and I
need to implement SSL (SSLv3/TLS if that helps) into my applications to
be able to access a specific portal that requires such authentification
(through x.509 certificates). I am quite new to the field of
cryptography, but have to learn it in a hurry due to a new mandatory
governmental law that requires this from our customers (municipalities
in Austria). I'm in dire need for a good (and well documented)
Cryptographic API (or Ocx) that I can implement into my existing
software. I have heard of MS Crypto API, but cant find it
anywhere...Who can help? As always, I am very grateful for any and all
advice. Thanks!
See http://www.openssl.org
With this free toolkit, you won't need to implement the SSL protocol and
the crypto. Everything is available. And it is one of the best around.
A+
Pascal
--
~~
* Pascal Junod, [EMAIL PROTECTED] *
* Laboratoire de Sécurité et de Cryptographie (LASEC)*
* INF 240, EPFL, CH-1015 Lausanne, Switzerland ++41 (0)21 693 76 17 *
* Place de la Gare 12, CH-1020 Renens ++41 (0)79 617 28 57 *
~~
--
From: "John A. Malley" [EMAIL PROTECTED]
Subject: Re: Dynamic Transposition Revisited (long)
Date: Tue, 23 Jan 2001 23:57:25 -0800
Terry Ritter wrote:
[snip]
Surely, there is no reason to imagine that permutations must all occur
before repeating. In fact, that would be a weakness.
Yes, and this is where I was going in the examination of the strengths
of the DTC :
What are the effects on the "strength" of the DTC if the PRNG selecting
the permutations (via a shuffling algorithm or some equivalent) must
cycle through every possible permutation once before any particular
permutation appears again? Can the statistics of permutation types
(what type follow what type, how many of each type can occur, what types
can never follow what types) be exploited in concert with known
plaintext to predict with sufficient probability the likely permutations
to follow? How much plaintext would be needed to get predictions better
than 50/50? IMO the answers to these questions gauge the strength of the
DTC and allow quantitative comparison to other ciphers.
The design goal is to allow the very same permutation to occur on the
next block, and then rely on the almost infinitesimal probability of
any particular permutation occurring to be assured that it will almost
never happen. The goal is to make the permutation selection for each
and every block independent, with equal probabilities.
This is a very important 'engineering' constraint on the PRNG driving
the permutation selection mechanism in the DTC. And AFAIK there is no
PRNG that satisfies this constraint. AFAIK (and I readily admit what I
do know about cryptology is less than what I DON'T know about
cryptology):
A PRNG = ( S, s_0, T, U, G) where S is a finite set of states, s_0 is
the initial state of the PRNG and an element of S, T is the state
transition function T: S - S mapping the elements of S to the elements
of S, U is a finite set of output symbols and G is the output function
G: S - U mapping the elements of the set S to the elements of the set
U.
The current state is a function of the previous state. The current
output of the PRNG is a function of the current state. Now the order of
U cannot exceed the order of S. If the |S| = |U| then there's a
one-to-one correspondence between the states and the outputs of the PRNG
through the function G. If the order of U is less than the order of S,
then multiple states map to the same element in the output set U and the
function G is a surjection. A subset of S maps to the same element u_i
in U. We see multiple occurrences of the same output symbol u_i in the
output sequence from the PRNG.
The function T takes the current state and maps it to the next state -
i.e. state feedback.
Cryptography-Digest Digest #539
Cryptography-Digest Digest #539, Volume #13 Wed, 24 Jan 01 10:13:00 EST Contents: Re: Some Enigma Questions (Richard Heathfield) Re: Why Microsoft's Product Activation Stinks (Anthony Stephen Szopa) Re: Why Microsoft's Product Activation Stinks (Anthony Stephen Szopa) Re: Why Microsoft's Product Activation Stinks (Anthony Stephen Szopa) Re: Snake Oil (Anthony Stephen Szopa) Re: ___MIPS rating of a Pentium II-400 MHz (Darryl Wagoner - WA1GON) Re: O.T. Corpspeak was (Why Microsoft's Product...) (Anthony Stephen Szopa) Re: Dynamic Transposition Revisited (long) (Mok-Kong Shen) Re: rubik's cube (digiboy | marcus) How many bits of security can a password give? (Erik Runeson) Re: Why Microsoft's Product Activation Stinks (Richard Heathfield) Re: Producing "bit-balanced" strings efficiently for Dynamic Transposition (John Savard) Re: Dynamic Transposition Revisited (long) (Benjamin Goldberg) Patents on modes of operation (Ulrich Kuehn) Date: Wed, 24 Jan 2001 12:37:51 + From: Richard Heathfield [EMAIL PROTECTED] Subject: Re: Some Enigma Questions "Douglas A. Gwyn" wrote: "David C. Barber" wrote: Of course, the Germans kept thinking the machine was unbreakable because they couldn't break it themselves. More accurately, they didn't see any way of breaking it short of exhaustive key search (including steckering), and thus were lulled by the vast number of combinations into a (false) sense of security. Much like people who think any old 1024-bit-keyed block cipher is just fine. You mean it isn't? g,dr -- Richard Heathfield "Usenet is a strange place." - Dennis M Ritchie, 29 July 1999. C FAQ: http://www.eskimo.com/~scs/C-faq/top.html KR Answers: http://users.powernet.co.uk/eton/kandr2/index.html -- From: Anthony Stephen Szopa [EMAIL PROTECTED] Crossposted-To: or.politics,talk.politics.crypto,misc.survivalism Subject: Re: Why Microsoft's Product Activation Stinks Date: Wed, 24 Jan 2001 04:07:55 -0800 Gordon Walker wrote: On Mon, 22 Jan 2001 23:30:18 -0800, Anthony Stephen Szopa [EMAIL PROTECTED] wrote: Did you develope an anti-piracy computer software module that will prevent perhaps half at a minimum of the illegal copying of computer software in the world? Do you know how important a contribution this is? Personally I wouldn't boast about it even if I had invented the thing. In Windows it will prove to be an annoyance that will in no way slow down real piracy and will rather only damage sales. In the mass market the scheme is infeasible. -- Gordon With sufficient motivation many things once thought undoable get done. -- From: Anthony Stephen Szopa [EMAIL PROTECTED] Crossposted-To: or.politics,talk.politics.crypto,misc.survivalism Subject: Re: Why Microsoft's Product Activation Stinks Date: Wed, 24 Jan 2001 04:17:08 -0800 Joseph Ashwood wrote: I should have jumped on this sooner, and noticed that Szopa was posting to several groups for this. For those that are uninformed about the general concensus about Szopa, please have a look at the newsgroup history surrounding Szopa in sci.crypt (www.deja.com will be helpful). He is generally considered very offensive. However in this case I think he has brought up an important. I don't think he will benefit from any suit he brings against Microsoft, if for no other reason than they can afford to hire a legal team that physically crowds him out of the court room, while he is I assume only monetarily capable of affording one. Szopa I hope you were smart enough for your lawyer to take this on speculation, and I hope your lawyer was smart enough to charge you instead. If he wasn't I'd drop him, he's not smart enough to take on the M$ horde. Best of luck (I may dislike Szopa but if he has a legitimate reason to believe M$ has performed their typical embrace and devour tactic I support his cause). Joe "Anthony Stephen Szopa" [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]... Richard Heathfield wrote: Anthony Stephen Szopa wrote: snip over 200 lines So that's all I have to say for a while. Is that a promise? Here is a guy who spits on the souls of anyone for no damned reason. I told you that I am the inventor that will save people tens or hundreds of billions of dollars in lost revenue and you verbally shit on me with your sarcasm. Did you develope an anti-piracy computer software module that will prevent perhaps half at a minimum of the illegal copying of computer software in the world? Do you know how important a contribution this is? I can prove that I did this. And if I eventually do prove it publicly everyone will know you are a fool. But most importantly you will know. I think you probably already know you are a fool. I am
Cryptography-Digest Digest #541
Cryptography-Digest Digest #541, Volume #13 Wed, 24 Jan 01 15:13:00 EST
Contents:
Re: Some Enigma Questions ("David C. Barber")
How much of this group's discussion violates the DMCA ("David C. Barber")
Re: 3G crypto algorithms (Arturo)
Re: How many bits of security can a password give? (Tom St Denis)
Re: TSEPRNG, a secure RNG ? (Dan Parisien)
Re: Transposition code (Richard Heathfield)
Re: How much of this group's discussion violates the DMCA
DES check values (58)
Re: How much of this group's discussion violates the DMCA (Richard Heathfield)
finding inverses and factoring (David A Molnar)
Re: TSEPRNG, a secure RNG ? (Splaat23)
Re: 3G crypto algorithms[Off-Topic: Asian Echelon] (Abe Lin)
Re: Fitting Dynamic Transposition into a Binary World (John Savard)
Re: DES check values (Splaat23)
Re: How many bits of security can a password give? (Erik Runeson)
Re: Cryptographic Camouflage (Darren New)
Echelon in Asia. (Abe Lin)
From: "David C. Barber" [EMAIL PROTECTED]
Subject: Re: Some Enigma Questions
Date: Wed, 24 Jan 2001 10:55:31 -0700
"John Savard" [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]...
It still wouldn't be as secure as, say, DES.
One difference is that one could do a reasonable pencil+paper
encrypt/decrypt of an enigma message if the machine wasn't available. Hard
to say the same about DES.(Yes, I know possible, but *much* harder.)
*David Barber*
--
From: "David C. Barber" [EMAIL PROTECTED]
Subject: How much of this group's discussion violates the DMCA
Date: Wed, 24 Jan 2001 11:00:29 -0700
I wonder how much of this group's current discussions about systems and how
they're broken is in violation of the Digital Millennium Copyright Act,
which prohibits any attempt to reveal or break even lame systems.
Any informed opinion(s) on this?
*David Barber*
--
From: Arturo [EMAIL PROTECTED]=NOSPAM
Subject: Re: 3G crypto algorithms
Date: Wed, 24 Jan 2001 18:23:34 +0100
On Tue, 23 Jan 2001 14:06:25 +0100, Mok-Kong Shen [EMAIL PROTECTED]
wrote:
Arturo wrote:
.
In a town not too far from mine there is an
Echelon station.
Hmmm, you mean Bad Aibling? Or maybe some other I didn´t hear about?
Details, please. I´m interested in the matter (you can post here or drop me
some bytes at [EMAIL PROTECTED]; PGP keys available at keyservers).
It is possible in Germany for a government
agency to lawfully but secretly install a microphone in
one's home. Right now there is a little revision of the law
underway to make the recording of telephone conversations
an even more convenient task.
And there´s an European-wide effort at Carvirorizing the old continent.
Just browse to http://www.ugr.es/~aquiran/cripto/enfopole.htm for more details.
(Hint: Convention on Mutual Assistance In Criminal Matters, Title III:
"Interception of Communications").
--
From: Tom St Denis [EMAIL PROTECTED]
Subject: Re: How many bits of security can a password give?
Date: Wed, 24 Jan 2001 17:57:34 GMT
In article 94mn7a$27r$[EMAIL PROTECTED],
Erik Runeson [EMAIL PROTECTED] wrote:
I'm doing some analysis on how many bits of security a password can
provide.
For instance, if we take a password with 8 random characters (all lower
case to simplify a bit), it is easy to assume that it would mean:
8*8=64 bits of security (since each character is 8 bits).
However, since there are only 26 lower case letters, the actual figure
is:
log2( 26^8 ) = 37.6 bits
Of course, the whole issue gets a lot more complicated when you add
upper case letters, numbers and other characters, as well as dealing
with the fact that users rarely choose random passwords.
Does anyone know any articles or other studies in this area?
You're generally right, but use the def'n of entropy to calc the bits of info
in a string instead of using an assumption.
Tom
Sent via Deja.com
http://www.deja.com/
--
From: Dan Parisien [EMAIL PROTECTED]
Subject: Re: TSEPRNG, a secure RNG ?
Reply-To: [EMAIL PROTECTED]
Date: Wed, 24 Jan 2001 18:17:58 GMT
An attacker might be able to force system load to be abnormally high.
For some systems, this might result in deterministic round robin
scheduling, such that the number of instructions given to each thread
becomes known easily guessable to the attacker.
Maybe I'll explain the algorithm in more detail because this kind of attack
has no effect on it.
Race conditions caused by multi-threaded programming causes a large amount
of headaches to programmers. Why? Because there is no way (theoretically)
of knowing in which order they will be executed (so you must place locks
around shared data). That is entropy.
To test the theory that threads get scheduled differently each time (under
the exact same conditions), I created
Cryptography-Digest Digest #543
Cryptography-Digest Digest #543, Volume #13 Wed, 24 Jan 01 19:13:01 EST
Contents:
Re: Snake Oil (Matthew Montchalin)
RC4 Security ("EE")
Re: 3G crypto algorithms (Mok-Kong Shen)
Re: Echelon in Asia. (Mok-Kong Shen)
Re: finding inverses and factoring (Splaat23)
Barrett Modular Reduction with large x ([EMAIL PROTECTED])
Re: Any cryptoanalysis available for 'polymorphic ciphers'? (Splaat23)
Re: TSEPRNG, a secure RNG ? (Dan Parisien)
Re: finding inverses and factoring (Bryan Olson)
Re: Why Microsoft's Product Activation Stinks (Splaat23)
Re: TSEPRNG, a secure RNG ? (Splaat23)
From: Matthew Montchalin [EMAIL PROTECTED]
Crossposted-To: or.politics,talk.politics.crypto,misc.survivalism,us.misc
Subject: Re: Snake Oil
Date: Wed, 24 Jan 2001 14:16:09 -0800
On Wed, 24 Jan 2001, Anthony Stephen Szopa wrote:
|It's 2001.
Okay.
|You cannot lie anymore these days and not get caught.
|
|Take my encryption software. Give it a go. Prove to us you can
|break it. Give us your most tenuous reasonable explanation on how
|you would go about it.
Humans are always the weakest link. If bribery doesn't work, there
are *other* ways to get through to anyplace.
--
From: "EE" [EMAIL PROTECTED]
Subject: RC4 Security
Date: Wed, 24 Jan 2001 16:31:50 -0500
I have two questions:
1. How can someone know the amount of bits of an encryption?
2. How can someone determine if an encrypted file or an encryption algorithm
is secure?
--
From: Mok-Kong Shen [EMAIL PROTECTED]
Subject: Re: 3G crypto algorithms
Date: Wed, 24 Jan 2001 23:32:47 +0100
Arturo wrote:
Mok-Kong Shen [EMAIL PROTECTED]wrote:
In a town not too far from mine there is an
Echelon station.
Hmmm, you mean Bad Aibling? Or maybe some other I didn´t hear about?
Details, please. I´m interested in the matter (you can post here or drop me
some bytes at [EMAIL PROTECTED]; PGP keys available at keyservers).
Yes, near Bad Aibling there are a number of spherical domes
that contain the equipments for interception. Sometime back
there were some reports about the station in the newspapers
but I can't find the references for you now. Because of the
rumours (or not, I don't know, nor apparently any other
outsiders) of the activities of commercial espionage, the
station accepted to be visited by a high rank German government
officer, who was assured by the persons there that there never
had been such activities. I don't know much more than the above.
M. K. Shen
--
From: Mok-Kong Shen [EMAIL PROTECTED]
Subject: Re: Echelon in Asia.
Date: Wed, 24 Jan 2001 23:32:40 +0100
Abe Lin wrote:
We've been seeing a bit about echlon, but I haven't heard anything
in Asia yet. Given Chinese Government's nature, they'd really surprise
me if they don't have one.
The technique is certainly within the reach of many countries
since quite a time. There is no reason to assume that the
less democratic countries have less interest in that, though
they may not have sufficient resources to build big systems
comparable in size to Echelon. For example, after the
unification of Germany it was discovered that East Germany
had had in Berlin a (small) station intercepting among others
communications from the office of the Chancellor of West
Germany.
M. K. Shen
=
http://home.t-online.de/home/mok-kong.shen
--
From: Splaat23 [EMAIL PROTECTED]
Subject: Re: finding inverses and factoring
Date: Wed, 24 Jan 2001 22:38:56 GMT
Really fascinating. Thanks for the clarification: now that I look at
it, I wonder why my brain decided to shut off. ;)
Let me disagree with you agreeing with me now. Looking at it, I do not
think knowledge of a generator of (Zn*)* would help, because if it did
it would prove to be a new attack on RSA. Let me elaborate:
phi(phi(n)) is close to n for most n. Therefore, any guess in Zn has a
very high chance of being in Zn*, and has a very high chance of being
in (Zn*)* (I hope that terminology is correct, or else I really sound
like an idiot).
Actually, the algebra doesn't seem right - just missing parens. It
should read:
F(x) = g1^(g2^x) mod n
F(x + y) = F(x)^(g2^y)
= (g1^(g2^x))^(g2^y)
= g1^(g2^x * g2^y)
= g1^(g2^(x + y))
Anyway, enough said. If you have an IQ 50, you'd be good to take
anything I post with an industrial-size can of salt.
- Andrew
In article 94nh3e$608$[EMAIL PROTECTED],
David A Molnar [EMAIL PROTECTED] wrote:
Splaat23 [EMAIL PROTECTED] wrote:
What exactly do you mean by a generator for the subgroup "the
exponents
mod n"? I was not aware such a generator exists at all, much less
with
all n. My best guess is, however, that a generator such as this
would
facilitate factoring of phi(n), which would be Bad.
Sorry for being imprecise.
Let me try
Cryptography-Digest Digest #544
Cryptography-Digest Digest #544, Volume #13 Wed, 24 Jan 01 23:13:00 EST
Contents:
Re: Fitting Dynamic Transposition into a Binary World (John Savard)
Re: DES check values (58)
Another Microsoft lawsuit on the horizon (Re: Why Microsoft's Product Activation
Stinks) (Matthew Montchalin)
Re: finding inverses and factoring (David A Molnar)
Differential Analysis of "A + (B xor X)" ("Alexis Machado")
Re: finding inverses and factoring (David A Molnar)
Re: Secure game highscore server (graywane)
Re: Snake Oil (phil hunt)
IPsec export and PFS ([EMAIL PROTECTED])
Re: IPsec export and PFS (graywane)
Re: finding inverses and factoring (Splaat23)
Knots, knots, and more knots (Matthew Montchalin)
Re: Random stream testing. (long) ("Douglas A. Gwyn")
Re: Secure game highscore server (Splaat23)
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Fitting Dynamic Transposition into a Binary World
Date: Thu, 25 Jan 2001 00:10:44 GMT
On Wed, 24 Jan 2001 20:56:25 GMT, [EMAIL PROTECTED] (Terry Ritter) wrote,
in part:
Is there some reason why you could not use the algorithm in my
"revisited" article?
I'm sure that I'm the only one who really finds that method inadequate
for his purposes.
As I understand it, your algorithm is:
Given a block size of N bytes:
take N-1 bytes of data. If that data has 7 or fewer excess 1s or 0s,
add an appropriate last byte.
If the excess is more than that, use only the first N-2 bytes, and
rectify the excess in the last two bytes.
I suppose you could use alternating all ones and all zeroes bytes in
the case where the excess is all in the last byte.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
--
From: 58 [EMAIL PROTECTED]
Subject: Re: DES check values
Date: Thu, 25 Jan 2001 00:31:52 GMT
In article 94n9t1$ktv$[EMAIL PROTECTED],
Splaat23 [EMAIL PROTECTED] wrote:
Could you please clarify
exactly what you need?
Sure. Let me start by defining some conventions so I don't get too
confused.
1) The clear key is the unencrypted form. It is 16 hexadecimal
characters.
2) The Cryptographic Key (crypto key) is similar in function to PGPs
private or public keys: it is upon which the encryption or decryption
is based. We call it a master key. It is 16 hexadecimal characters.
I can't tell you who we are or what we do, but... My company uses DES
exclusively. So do all of our clients, as well as all of our business
associates. The value being checked is a clear key, which is used to
encrypt digital transmissions over a semi-secure network. The clear
key is used as a crypto key for these transmissions.
When we ship this clear key to our clients (or receive it from them),
often times it's been transcribed and is not a photocopy, or the
photocopy is of poor quality, so a check value is included with it.
The clear key is then entered into the the system (an SIU or other
security processor), which spits out a check value. Matching the check
means the clear key was correctly entered.
The check value is created by encrypting the clear key, but the crypto
key is all zeros. This way, the encryption is unique only to the clear
key. We and our clients also maintain a private crypto key which is
not released to anyone, and anything encrypted with it is also kept
secure in house (in the security processor, really).
I guess, what I'm looking for is a DES encryption program, but in it's
most simple form. The crypto key would be all zeros, and there would
be no variants applied. I would prefer that the program NOT decrypt,
or I would have to declare it to my risk manager.
Thanks,
Larry
Sent via Deja.com
http://www.deja.com/
--
From: Matthew Montchalin [EMAIL PROTECTED]
Crossposted-To: or.politics,talk.politics.crypto,misc.survivalism,us.misc
Subject: Another Microsoft lawsuit on the horizon (Re: Why Microsoft's Product
Activation Stinks)
Date: Wed, 24 Jan 2001 16:50:20 -0800
On Wed, 24 Jan 2001, Splaat23 wrote:
|He doesn't consider XORing two files together to be significant.
|That's easy! He considers XORing two files together, one of which
|happens to be generated by a PRNG to be significant. Innovation,
|what a sight! I wish I had his foresight to create a slow, unwieldy
|stream cipher that has no market to acquire and no use.
But it is a smoking gun if the technique employed by Microsoft
just happens to require using a couple pages of text out of the
guy's diary, (diaries are very admissible as evidence) and his
name and picture, together as a single cryptographic key,
suitably XOR'd into something less recognizable? Geeeze,
Microsoft probably didn't even have the presence of mind to
use some other cryptographic key...
But I say, if he *can* prove that Microsoft "took the easy road"
rather than the one less traveled, then let him go ahead and
prove it. My hat's off to him if he can. (Lord knows why
Cryptography-Digest Digest #546
Cryptography-Digest Digest #546, Volume #13 Thu, 25 Jan 01 03:13:01 EST
Contents:
Re: using AES finalists in series? (wtshaw)
Re: Why Microsoft's Product Activation Stinks (wtshaw)
Re: Transposition code (Benjamin Goldberg)
Re: Fitting Dynamic Transposition into a Binary World (Terry Ritter)
Re: Dynamic Transposition Revisited (long) (Terry Ritter)
Re: Fitting Dynamic Transposition into a Binary World (Benjamin Goldberg)
Re: Knots, knots, and more knots (Matthew Montchalin)
Re: Dynamic Transposition Revisited (long) (Terry Ritter)
Re: Dynamic Transposition Revisited (long) (Terry Ritter)
Re: Dynamic Transposition Revisited (long) ("John A. Malley")
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: using AES finalists in series?
Date: Wed, 24 Jan 2001 23:08:27 -0600
In article [EMAIL PROTECTED], "Douglas A. Gwyn"
[EMAIL PROTECTED] wrote:
wtshaw wrote:
You too?? What will we do with so much expertise? I reflect that Herr
Ritter already sees efficiency as important, while so many follow Carson's
Rule, to fill all available space as quickly as possible. It stands to
put reasonable restraint of endless data waste clearly ahead of some small
additional amounts used to greatly increase security. Repeating a flawed
maximim that encyption must suffer under impossible limitations to keep it
kosher is, respectfully, too picky.
If that was supposed to pertain to the project I'm working on,
you are all wet. The constraints are not arbitrarily imposed.
Arbitrary means not standardized. What I complain about are defacto
standards that limit security.
--
Some people say what they think will impress you, but ultimately
do as they please. If their past shows this, don't expect a change.
--
From: [EMAIL PROTECTED] (wtshaw)
Crossposted-To: talk.politics.crypto,misc.survivalism
Subject: Re: Why Microsoft's Product Activation Stinks
Date: Wed, 24 Jan 2001 23:12:32 -0600
In article 94lk6k$790$[EMAIL PROTECTED], zapzing [EMAIL PROTECTED] wrote:
In article [EMAIL PROTECTED],
[EMAIL PROTECTED] (wtshaw) wrote:
In article 94i1dd$2nd$[EMAIL PROTECTED], zapzing
[EMAIL PROTECTED] wrote:
Void where prohibited by law.
Couldn't that get you in trouble?
I don't think so, what do you think?
Do you have any info on this?
Voiding like praying is best done in private.
--
Some people say what they think will impress you, but ultimately
do as they please. If their past shows this, don't expect a change.
--
From: Benjamin Goldberg [EMAIL PROTECTED]
Subject: Re: Transposition code
Date: Thu, 25 Jan 2001 05:52:06 GMT
From your post, I wrote the following:
nr = strlen( txt ) / keylen;
lr = strlen( txt ) / nr;
for( i = j = 0; i keylen; ++i )
for( k = 0, n = key[i]; k (ilr?nr:(nr+1)); ++k )
out[j++] = txt[n * keylen + k];
However, it doesn't seem to work quite right.
--
Most scientific innovations do not begin with "Eureka!" They begin with
"That's odd. I wonder why that happened?"
--
From: [EMAIL PROTECTED] (Terry Ritter)
Subject: Re: Fitting Dynamic Transposition into a Binary World
Date: Thu, 25 Jan 2001 06:23:15 GMT
On Thu, 25 Jan 2001 00:10:44 GMT, in
[EMAIL PROTECTED], in sci.crypt
[EMAIL PROTECTED] (John Savard) wrote:
On Wed, 24 Jan 2001 20:56:25 GMT, [EMAIL PROTECTED] (Terry Ritter) wrote,
in part:
Is there some reason why you could not use the algorithm in my
"revisited" article?
I'm sure that I'm the only one who really finds that method inadequate
for his purposes.
As I understand it, your algorithm is:
Given a block size of N bytes:
take N-1 bytes of data. If that data has 7 or fewer excess 1s or 0s,
add an appropriate last byte.
If the excess is more than that, use only the first N-2 bytes, and
rectify the excess in the last two bytes.
I suppose you could use alternating all ones and all zeroes bytes in
the case where the excess is all in the last byte.
Since the description in my "Revisited" article is not working, and
since -- for some reason -- I am obviously not getting through,
perhaps someone else could help out here.
---
Terry Ritter [EMAIL PROTECTED] http://www.io.com/~ritter/
Crypto Glossary http://www.io.com/~ritter/GLOSSARY.HTM
--
From: [EMAIL PROTECTED] (Terry Ritter)
Subject: Re: Dynamic Transposition Revisited (long)
Date: Thu, 25 Jan 2001 06:25:05 GMT
On Thu, 25 Jan 2001 04:10:52 GMT, in
gHNb6.5111$[EMAIL PROTECTED], in sci.crypt "Matt
Timmermans" [EMAIL PROTECTED] wrote:
[...]
Generate a photon, and polarize it vertically. Then measure its
polarization at 45 degrees from the vertical. Repeat.
By measuring the transparency of your optics, the sensitivity of your
photomultipliers, and the orientation of your polarizers, you can place a
very confident lower bound on the
