Cryptography-Digest Digest #147
Cryptography-Digest Digest #147, Volume #14 Sun, 15 Apr 01 05:13:01 EDT Contents: Re: LFSR Security ("Trevor L. Jackson, III") software licensing scheme, vulnerable to reverse engineering (Matthew Skala) Re: LFSR Security ("Trevor L. Jackson, III") Re: LFSR Security ("Trevor L. Jackson, III") Re: LFSR Security (David Wagner) Re: LFSR Security (David Wagner) Re: LFSR Security (David Wagner) Re: Distinguisher for RC4 (David Wagner) Re: Distinguisher for RC4 ([EMAIL PROTECTED]) Re: Distinguisher for RC4 (David Wagner) Re: Distinguisher for RC4 (Paul Rubin) Re: LFSR Security ("Douglas A. Gwyn") Re: LFSR Security ("Douglas A. Gwyn") Re: LFSR Security ("Douglas A. Gwyn") Re: MS OSs "swap" file: total breach of computer security. ("Douglas A. Gwyn") Re: Function other than xor? ("Douglas A. Gwyn") There Is No Unbreakable Crypto (Frank Gerlach) Re: Distinguisher for RC4 (David Formosa (aka ? the Platypus)) Re: There Is No Unbreakable Crypto ("Douglas A. Gwyn") Re: Distinguisher for RC4 (David Wagner) Re: Concerning US.A.4979832 (David Formosa (aka ? the Platypus)) Re: There Is No Unbreakable Crypto (David Wagner) From: "Trevor L. Jackson, III" [EMAIL PROTECTED] Crossposted-To: sci.crypt.random-numbers Subject: Re: LFSR Security Date: Sun, 15 Apr 2001 05:13:46 GMT Tim Tyler wrote: In sci.crypt.random-numbers Trevor L. Jackson, III [EMAIL PROTECTED] wrote: [LFSRs] : If the registers are the same size the XOR of their outputs has the same : period of the component generators. Only if the original two generators have the same periods as each other. The period of an LFSR does not depend solely on the size of the register. You make this same questionable assumption - that maximal-period LFSRs are necessarily being employed - in another post as well. True. In the context of the original question (security strength) I believe this to be a reasonable assumption. In the more general case, I agree that it is unwarranted. -- From: [EMAIL PROTECTED] (Matthew Skala) Subject: software licensing scheme, vulnerable to reverse engineering Date: 14 Apr 2001 21:56:33 -0700 In article 3ad8af81$0$12820$[EMAIL PROTECTED], Ryan M. McConahy [EMAIL PROTECTED] wrote: "Darren New" [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]... Tom St Denis wrote: If the user is a dolt ... or honest, or getting charged less than the cost of breaking it, or getting charged less than the cost of getting caught breaking it, ... Getting caught breaking it? What are they gonna do, send you to jail? LOL! In a word, yes. Under the DMCA. -- Matthew Skala [EMAIL PROTECTED] :CVECAT DELENDA EST http://www.islandnet.com/~mskala/ -- From: "Trevor L. Jackson, III" [EMAIL PROTECTED] Crossposted-To: sci.crypt.random-numbers Subject: Re: LFSR Security Date: Sun, 15 Apr 2001 05:28:47 GMT David Wagner wrote: Trevor L. Jackson, III wrote: David Wagner wrote: Ok, so can this be extended any further? Suppose I have some bits of known keystream that are neither consecutive nor regularly spaced and that come from a LFSR with unknown taps. Can this be broken? For arbitrary gap length, the answer is no. Consider a degenerate configuration that puts out alternating 10101010. One could irregularly sample this stream of bits to emulate any possible sequence of bits. No, that wasn't the question I meant to ask. Suppose that you have some known bits of keystream, and you know what positions they come from, but the positions are not regularly-spaced. Can you break it? I believe so. Now if the sequence is irregular but known, we're back to the original case in which the configuration is fully determined. Information-theoretically it is fully determined, but the question is whether you can efficiently recover the unknown key material. (Note that if you know the AES encryption of all-zeros plaintexts under some unknown 128-bit key, then in principle the key is almost fully determined, but finding the key efficiently seems to be very difficult.) In the general case of an extended BM the efficiency will go down exponentially with the sampling density. So, unless there is a shortcut somewhere (say a repeating sample pattern), there isn't an efficient solution. In the trivial case of bits skipped within a high density sample, the basic BM approach can be extended by treating the skipped bits as wild cards. Where the basic BM generates at each iteration the simplest machine that generates the bits considered so far, the extended BM would have to consider the simplest machineS that generate the possible bits considered so far. There would be 2^bits_skipped such candidate
Cryptography-Digest Digest #147
Cryptography-Digest Digest #147, Volume #13 Mon, 13 Nov 00 05:13:00 EST Contents: Re: voting through pgp (David Wagner) Re: Book recommendation, please (John Savard) Re: Book recommendation, please (John Savard) Re: Book recommendation, please (John Savard) Re: Q: Rotor machines (John Savard) Re: voting through pgp (David Schwartz) Re: XOR Software Utility (freeware) available from Ciphile Software (root1657) Re: Crypto Export Restrictions (root1657) Re: Algorithm with minimum RAM usage? (Guy Macon) Re: Book recommendation, please (David A Molnar) Re: Integer encoding on a stream ("D. He") Re: voting through pgp ("Scott Fluhrer") so many fuss about impossibility to backtrace from MD to original text. (Ariel Burbaickij) Re: Why remote electronic voting is a bad idea (was voting through pgp) (Jon Haugsand) Re: "Secrets and Lies" at 50% off (Paul Crowley) Re: so many fuss about impossibility to backtrace from MD to original (Paul Crowley) Re: "Secrets and Lies" at 50% off (John Savard) Re: Request for code (Runu Knips) Re: Type 3 Feistel? ("kihdip") Re: RC6 Question (Runu Knips) Re: Algorithm with minimum RAM usage? (Runu Knips) Re: "Secrets and Lies" at 50% off (John Savard) From: [EMAIL PROTECTED] (David Wagner) Subject: Re: voting through pgp Date: 13 Nov 2000 03:49:38 GMT Reply-To: [EMAIL PROTECTED] (David Wagner) David Schwartz wrote: Who says your computer has to understand the data it's processing? For example, suppose each voter received a computerized sheet that only they received. It contained the unique codes that they would use to vote, say '43' for Bush and '90' for Gore. Ahh, now you've got the idea! But why stop there? Who says you have to use a computer in the first place? You could receive sheets of cardboard with special locations where you can punch holes to indicate who you want to vote for. Sounds like a great idea to me. And, lo and behold, it already exists -- it is called the absentee ballot. :-) -- From: [EMAIL PROTECTED] (John Savard) Subject: Re: Book recommendation, please Date: Mon, 13 Nov 2000 03:44:35 GMT On Sun, 12 Nov 2000 19:25:51 GMT, "[EMAIL PROTECTED]" [EMAIL PROTECTED] wrote, in part: Would Applied Cryptography by Bruce Schneier be the way to go ? Looking more closely at the post: since he programs in C++, and is 16 years old, AC should not be a problem for him. John Savard http://home.ecn.ab.ca/~jsavard/crypto.htm -- From: [EMAIL PROTECTED] (John Savard) Subject: Re: Book recommendation, please Date: Mon, 13 Nov 2000 03:43:06 GMT On Sun, 12 Nov 2000 23:17:02 +0100, Hauke Hansen [EMAIL PROTECTED] wrote, in part: I mostly use the books written by Albrecht Beutelspacher, but i dont know which of his books are available in english. A slim volume by him was one of the few books my local library had on cryptography for some years (they have a few others now) but I was not favorably impressed by it: it was too slim, and did not contain enough of substance. John Savard http://home.ecn.ab.ca/~jsavard/crypto.htm -- From: [EMAIL PROTECTED] (John Savard) Subject: Re: Book recommendation, please Date: Mon, 13 Nov 2000 03:40:13 GMT On Sun, 12 Nov 2000 19:25:51 GMT, "[EMAIL PROTECTED]" [EMAIL PROTECTED] wrote, in part: I'd like to encourage his interest with a good introduction, without overwhelming him. Would Applied Cryptography by Bruce Schneier be the way to go ? One of the greatest books on the subject is still David Kahn's monumental book "The Codebreakers". It covers a vast sweep of history, and is very interesting. A more recent book, more easily available, would be Simon Singh's "The Code Book". Still in print is "Cryptanalysis", from Dover, by Helen Fouche Gaines. This discusses pencil-and-paper ciphers, and how hobbyists break them as puzzles. But it deals with much more than simple substitution, as seen in crossword puzzle books. Many books discussing simple substitution, columnar transposition, Playfair, and Vigenere are aimed at younger readers; this book, however, is the definitive one covering this subject matter. "Decrypted Secrets" by Bauer is mathematical in parts, and perhaps more to be recommended to those with an advanced interest. Bruce Schneier's "Applied Cryptography", while primarily aimed at EDP professionals who may be considering implementing cryptography, _is_ a reasonable choice as well. It does not demand the reader understand advanced number theory and the like; if one is looking for a book which is at once the least technical, and the most comprehensive, in examining modern techniques of cryptography, it is definitely the one to consider. John Savard http://home.ecn.ab
Cryptography-Digest Digest #147
Cryptography-Digest Digest #147, Volume #11 Fri, 18 Feb 00 02:13:01 EST Contents: Re: OAP-L3 Encryption Software - Complete Help Files at web site ("Trevor Jackson, III") Re: Does the NSA have ALL Possible PGP keys? ("Trevor Jackson, III") Re: Does the NSA have ALL Possible PGP keys? ("Trevor Jackson, III") Re: Does the NSA have ALL Possible PGP keys? ("Trevor Jackson, III") Re: NIST, AES at RSA conference ("Trevor Jackson, III") Processor speeds. (John) Re: RSA Speed (Hideo Shimizu) I stole also the diary and calendar of Markku J. Saarelainen ("William A. Nelson") Re: Method to break triple-DES ("Scott Fluhrer") Re: Does the NSA have ALL Possible PGP keys? (W A Collier) Q: SAC2000? (Hideo Shimizu) Re: EOF in cipher??? ("Douglas A. Gwyn") Re: EOF in cipher??? ("Douglas A. Gwyn") Re: EOF in cipher??? ("Douglas A. Gwyn") Re: Does the NSA have ALL Possible PGP keys? ("Douglas A. Gwyn") Re: Question about OTPs ("Douglas A. Gwyn") Re: NSA Linux and the GPL ("Douglas A. Gwyn") Re: OAP-L3 Encryption Software - Complete Help Files at web site (Anthony Stephen Szopa) Re: Using virtually any cipher as public key system? (John Savard) Re: NSA Linux and the GPL (John Savard) Date: Thu, 17 Feb 2000 22:17:02 -0500 From: "Trevor Jackson, III" [EMAIL PROTECTED] Crossposted-To: talk.politics.crypto,alt.privacy Subject: Re: OAP-L3 Encryption Software - Complete Help Files at web site Anthony Stephen Szopa wrote: Why are people using OAP-L3 encryption software with no complaints? Because they are more than satisfied: that's why. You are basing a conclusion upon a tautology. The conclusion you have reach is that the software is good. The basis is the fact that the people using it are not complaining about it. This basis is tautological because there are enough alternatives that a person not "satisfied" with your software would not use it. Thus only people satisfied with it will use it. The set of people who will use it and also complain about it is empty. From the emptiness of this set, nothing sensible can be concluded. I note in passing that this line of argument fits in quite well with the style of reasoning illustrated on your web site. Your software is garbage. Deal with it. -- Date: Thu, 17 Feb 2000 22:24:47 -0500 From: "Trevor Jackson, III" [EMAIL PROTECTED] Crossposted-To: misc.survivalism Subject: Re: Does the NSA have ALL Possible PGP keys? Johnny Bravo wrote: On Wed, 16 Feb 2000 12:07:11 -0800, "tiwolf" [EMAIL PROTECTED] wrote: Anything is possible given time, money, and talent. How many times are you going to post this blatant stupidity? Many things are 100% impossible, finding the biggest number for instance. Get this through your head; some problems do not have a solution to find. Government has nothing to do with it. In this case the government desire to control along with access to money (tax payers), and (through the obscene spending of the taxpayers money) talent. Make up your mind, does government have something to do with it or not? Makes no difference, impossible is just that, impossible. Even with infinite time, money and talent. Not even God can tell you what the biggest number is. Ah, but can he create a rock that he cannot lift? (The classic answer is no -- he would not). -- Date: Thu, 17 Feb 2000 22:26:39 -0500 From: "Trevor Jackson, III" [EMAIL PROTECTED] Crossposted-To: misc.survivalism Subject: Re: Does the NSA have ALL Possible PGP keys? tiwolf wrote: Now Johnny who is blatant stupidity, you claim that even God does not know what the highest number is. Given that God is created all things in the universe, and inspired human creativity and invention, how can you say that God does not know what the highest number is. That would be an indication of limit and according to the philosophical debate and my religious up bringing God is limitless in power and knowledge. The true issue appears at last. Your upbringing is interfering with your ability to think. It's a reasonably popular excuse these days. -- Date: Thu, 17 Feb 2000 22:32:41 -0500 From: "Trevor Jackson, III" [EMAIL PROTECTED] Crossposted-To: misc.survivalism Subject: Re: Does the NSA have ALL Possible PGP keys? [EMAIL PROTECTED] wrote: This is a claim distinct from the statement that NSA has "all possible keys". It amounts to the claim that the NSA has or can obtain all keys in use. While this claim cannot be refuted by size-of-the-universe calculations, it still requires substantial support to be credible. To me it looks pretty nekkid. Well, an
Cryptography-Digest Digest #147
Cryptography-Digest Digest #147, Volume #10 Tue, 31 Aug 99 02:13:03 EDT Contents: Re: 512 bit number factored (Paul Rubin) Re: What if RSA / factoring really breaks? (Paul Rubin) Re: What if RSA / factoring really breaks? (John Savard) Re: Which of these books are better ? HIV testing ( Doug Goncz) Re: WT Shaw temporarily sidelined Re: original source code for robert morris crypt.c circa 1970's (Dennis Ritchie) Re: n-ary Huffman Template Algorithm (Alex Vinokur) Re: n-ary Huffman Template Algorithm (Alex Vinokur) From: [EMAIL PROTECTED] (Paul Rubin) Subject: Re: 512 bit number factored Date: 31 Aug 1999 04:20:26 GMT In article 7qeu5m$csg$[EMAIL PROTECTED], Bob Silverman [EMAIL PROTECTED] wrote: [some nostalgia: anyone lse remember ihnp4 as a major node on the net prior to 1984's revision of internet adressing] Yes. -- Paul ...ihnp4!allegra!phr ;-) -- From: [EMAIL PROTECTED] (Paul Rubin) Crossposted-To: alt.math,sci.math Subject: Re: What if RSA / factoring really breaks? Date: 31 Aug 1999 05:20:22 GMT In article 7qeh7s$2pq$[EMAIL PROTECTED], Bob Silverman [EMAIL PROTECTED] wrote: because public key encryption can now be broken in real time with Bill Payne's recent advances in factoring. Where did he publish his results? Neither I, nor any other factoring expert has ever seen his paper. It was here on sci.crypt a few years ago. Don't worry, you didn't miss anything ;-). -- From: [EMAIL PROTECTED] (John Savard) Subject: Re: What if RSA / factoring really breaks? Date: Mon, 30 Aug 1999 18:27:36 GMT Bob Silverman [EMAIL PROTECTED] wrote, in part: In article 7qc4rb$4gl$[EMAIL PROTECTED], David A Molnar [EMAIL PROTECTED] wrote: The joke will be on us if discrete log is easy and factoring is hard. This is unlikely. I vaguely recall reading a claim somewhere that a fast discrete log algorithm could actually be used to speed up factoring. (Which implies that it's already known that discrete log is at least as hard as factoring.) Is my memory playing tricks on me again? John Savard ( teneerf- ) http://www.ecn.ab.ca/~jsavard/crypto.htm -- From: [EMAIL PROTECTED] () Subject: Re: Which of these books are better ? Date: 31 Aug 99 05:07:01 GMT JaeYong Kim ([EMAIL PROTECTED]) wrote: : for both conceptional understanding and mathematical understanding.. : 1. Applied Cryptography, Bruce Schneier : 2. Handbook of Applied cryptography, Menezes et al : 3. Cryptography: Theory and Practice, Stinson I can understand your question; they are (moderately) expensive books. 3 is the oldest, and 2 the most recent. I haven't seen 3, but I do know it's organized so that it can be used as a textbook. 1 is very popular, very approachable, and contains an excellent body of citations as a guide for further reading. But it doesn't explain all the math by itself. 2, of course, you have the opportunity to evaluate for yourself. It doesn't cover as many block ciphers as 1, but otherwise it seems to be closer to what you are looking for. John Savard -- From: [EMAIL PROTECTED] ( Doug Goncz ) Subject: HIV testing Date: 31 Aug 1999 05:35:45 GMT There was a little local news coverage of DC's HIV policy. They wanted to know if they should keep names and HIV status in a secure computer. I think they decided not to. I belive it would be useful, and might be acceptable to the general public, to maintain a file of people's DNA fingerprints associated with their HIV status. The fingerprints cost more than the HIV test. I wrote earlier about possiblities for an STD database. I guess even a person's DNA fingerprint can be taken against their will, using a blood sample taken without consent. So that would circumvent the security of the database. There is no newsgroup to discuss social implications of cryptographic technology, as far as I know. So I'm putting this here. Yours, Doug Goncz, Experimental Machinist ( DOT 600.260-022 ) ( A.A.S.M.E.T. ) Replikon Research ( USA 22044-0094 ) http://users.aol.com/DGoncz or /ReplikonVA Self Reproducing Machine Tools Wacky Propulsion Concepts Dog Walking -- From: [EMAIL PROTECTED] () Subject: Re: WT Shaw temporarily sidelined Date: 31 Aug 99 04:56:06 GMT SCOTT19U.ZIP_GUY ([EMAIL PROTECTED]) wrote: : what is IIRC and by advanced age do you mean older than 70. If I remember correctly, and yes. John Savard -- From: Dennis Ritchie [EMAIL PROTECTED] Subject: Re: original source code for robert morris crypt.c circa 1970's Date: Tue, 31 Aug 1999 06:04:59 +0100 Reply-To: [EMAIL PROTECTED] dan braun asked: Does anybody have a copy of the original (circa 1970?) source code for robert h. morris' crypt.c? thanks in advance dan Yes, at least snapshots. The first use of encryption in Unix
Cryptography-Digest Digest #147
Cryptography-Digest Digest #147, Volume #9 Fri, 26 Feb 99 13:13:13 EST Contents: Re: Quantum Computation and Cryptography (Coen Visser) Re: Testing Algorithms [moving off-topic] (Patrick Juola) Re: VxD Crypto - Win 95/98/NT ("Trevor Jackson, III") Legal procedures for using third party crypto? ([EMAIL PROTECTED]) Re: True Randomness - DOES NOT EXIST!!! (John Briggs) Re: Define Randomness (R. Knauer) Re: Testing Algorithms (Withheld) Re: Testing Algorithms (Somniac) Re: ElGamal key generation (Somniac) Re: Define Randomness (Patrick Juola) Re: Testing Algorithms (Patrick Juola) Re: Scramdisk File ([EMAIL PROTECTED]) Re: Define Randomness (R. Knauer) Re: Define Randomness (wtshaw) Re: Not Quite Unbreakable... (wtshaw) From: [EMAIL PROTECTED] (Coen Visser) Subject: Re: Quantum Computation and Cryptography Date: 26 Feb 1999 13:40:58 GMT fungus [EMAIL PROTECTED] writes: "R. Knauer" wrote: A quantum computer results in an exponential increase in computing No, as far as I know a n^2 increase in computing capability. capability. That's because it contains all eigenstates simultaneously, like a massively parallel classical machine. These eigenstates interact in an exponentially large manner as the computer steps along. Ok, so we know the result's in there somewhere... ...but how do we get it out? People are working on that problem. The main question is if quantum computers scale up like silicon computers do. Regards, Coen Visser -- From: [EMAIL PROTECTED] (Patrick Juola) Subject: Re: Testing Algorithms [moving off-topic] Date: 26 Feb 1999 09:08:59 -0500 In article 7b56hg$8m8$[EMAIL PROTECTED], Doggmatic [EMAIL PROTECTED] wrote: In article 7b101l$q4v$[EMAIL PROTECTED], [EMAIL PROTECTED] (Patrick Juola) wrote: In article 7avprg$jvm$[EMAIL PROTECTED], [EMAIL PROTECTED] wrote: The fundamental limit of powering a computer processor is *ZERO*. Power provides *NO* limitation on how big you can make a computer. Uhh who told you that lie? Any process (the smallest possible relevent one of which is counting) requires a discrete (more than zero) amount of energy. So, unless your processor does *ZERO* work, it will consume more than ZERO energy. So, unless this computer is processing in another universe which is not subject to the physical of this one, there IS a limit. Wrong. Look up "reversible computing" sometime; hell, this point was explored at length in a Scientific American article sometime in the 70's. Think of it this way -- what's the minimum amount of energy necessary to move a brick five feet (horizontally)? On a frictionless surface (there's those damned parasitic costs again), it will move, albiet slowly, no matter how little force is applied. So the fundamental limit to the amount of energy is zero. -kitten -- Date: Fri, 26 Feb 1999 07:46:46 -0500 From: "Trevor Jackson, III" [EMAIL PROTECTED] Subject: Re: VxD Crypto - Win 95/98/NT R H Braddam wrote: Anthony Naggs wrote in message ... After much consideration R H Braddam decided to share these wise words: According to the documentation for the Device Drivers Development Kit for Win 98/NT, page locking works correctly for Virtual Device Drivers (VxD) and device drivers (DxD - my own term, if not correct please advise). In Win95 device drivers can be in VxDs or (usually 16-bit) DLLs. Win98 adds WDM (Windows Driver Model) drivers that are more or less compatible with NT. Thanks for the correction, I must have misunderstood the documentation. I thought they were saying that a VxD was an intermediary program between the application programs and the actual hardware device drivers. I may have gotten that from the section where they said that a VxD could provide a "service" and not be associated with a physical device. Or maybe it was where they said that a VxD could be associated with several different hardware drivers. I'm not sure. 'DxD' is not a term anybody else would recognise. Thankfully, no one will see it unless they read my posts, so no one will be confused by it. It seemed like a natural substitute for "hardware device driver" for anyone comfortable with VxD for Virtual Device Driver. One of the example VxDs in the DDK is Eatpages.VxD. It grabs and locks half of the available pages at boot-up and keeps them until shutdown. It is a very simple VxD and shows how to allocate, lock, unlock, and deallocate memory. The writer suggests that it could be used to simulate low memory conditions. It wouldn't work if VxD page-locked memory was swappable. That's what page locked memory is. Yes, and if page locked memory worked correctly within the Windows development environment, Ari wouldn't have had to use a memory file in Y