Cryptography-Digest Digest #149
Cryptography-Digest Digest #149, Volume #14 Sun, 15 Apr 01 10:13:01 EDT
Contents:
Advantages of attackers and defenders (Mok-Kong Shen)
Remark on multiplication mod 2^n (Mok-Kong Shen)
Re: XOR_TextBox: Doesn't write to swap file if... (Anthony Stephen Szopa)
Re: Remark on multiplication mod 2^n ("Tom St Denis")
Re: XOR_TextBox: Doesn't write to swap file if... ("Tom St Denis")
Re: Remark on multiplication mod 2^n (Mok-Kong Shen)
Re: Remark on multiplication mod 2^n (Mok-Kong Shen)
Note on combining PRNGs with the method of Wichmann and Hill (Mok-Kong Shen)
Re: Remark on multiplication mod 2^n ("Tom St Denis")
Re: Note on combining PRNGs with the method of Wichmann and Hill ("Tom St Denis")
Re: Remark on multiplication mod 2^n (Mok-Kong Shen)
Re: Note on combining PRNGs with the method of Wichmann and Hill (Mok-Kong Shen)
Re: XOR_TextBox: Doesn't write to swap file if... ("Sam Simpson")
Re: XOR_TextBox: Doesn't write to swap file if... ("Sam Simpson")
Re: XOR_TextBox: Doesn't write to swap file if... ("Sam Simpson")
Re: Remark on multiplication mod 2^n ("Tom St Denis")
Re: Note on combining PRNGs with the method of Wichmann and Hill ("Tom St Denis")
C code for GF mults ("Tom St Denis")
Re: Remark on multiplication mod 2^n (Mok-Kong Shen)
Re: Remark on multiplication mod 2^n ("Tom St Denis")
Re: Remark on multiplication mod 2^n (Mok-Kong Shen)
Re: MS OSs "swap" file: total breach of computer security. ("Joris Dobbelsteen")
From: Mok-Kong Shen [EMAIL PROTECTED]
Subject: Advantages of attackers and defenders
Date: Sun, 15 Apr 2001 14:13:56 +0200
There is an interesting article in the April issue of Bruce
Schneier's Crypto-Gram where it is argued about the relative
adavantages of attackers and defenders of internet security
employing analogies from actual (physical) wars.
It is my humble opinion that general conclusions about which
side of a war has more advantages may be difficult to
establish, since each war has its (under circumstances
rather odd) particularities. Anyway, defenders in cyberwar
certainly wouldn't have a light job, if one considers
the extremely huge sum that, according to a newspaper
article I recently read, the United States plan to expend
in that connection.
M. K. Shen
--
From: Mok-Kong Shen [EMAIL PROTECTED]
Subject: Remark on multiplication mod 2^n
Date: Sun, 15 Apr 2001 14:13:49 +0200
If one has two n-bit entities a and b, then one can obtain
from them a nonlinear combination a*b mod 2^n. As pointed
out in a recent thread (by David Wagner?), the higher order
bits of the operands have less contribution to the result
than the lower order bits. A trivial and ad hoc remedy that
suggests itself seems to be to do first a full multiplication,
obtaining c*2^n + d and define the result to be either
c + d mod 2^n or c xor d. This full multiplication could be
done in high-level programming language, but can be more
efficiently performed with an assembler code exploiting the
appropriate hardware support (a register containing c) which
is commonly present (if I don't err).
I like to mention an additional operation that could be
useful in this connection, namely rotation. One could
place two masks (5 bits if n=32) on the operands a and b
to obtain two values as the amounts of rotation, the value
from a being used to rotate b and the value from b being
used to rotate a. The rotated results are then multiplied
as described above.
M. K. Shen
http://home.t-online.de/home/mok-kong.shen
--
From: Anthony Stephen Szopa [EMAIL PROTECTED]
Crossposted-To: talk.politics.crypto,alt.hacker
Subject: Re: XOR_TextBox: Doesn't write to swap file if...
Date: Sun, 15 Apr 2001 05:21:14 -0700
"Trevor L. Jackson, III" wrote:
Fair Warning (for the uninformed): This software is garbage. The author
does not understand computers, software, or security.
Anthony Stephen Szopa wrote:
XOR_TextBox: Doesn't write to swap file if...
Excerpt from updated Version 1.2 Instructions:
"I have a 256MB RAM computer running Windows '98. When I run
XOR_TextBox there is no writing to the WIN386.SWP swap file. In
other words, the entered or displayed text is only stored in RAM.
If you have less RAM, the text you enter or display may be written
to this swap file. Because you normally have no control over or
access to this swap file, writing to it may be an unacceptable
security risk.
Here is how you can check to see if your computer is writing to the
WIN386.SWP swap file when using XOR_TextBox on your computer..."
In Version 1.1 a progress bar was added to the status bar, and an XOR
process complet
Cryptography-Digest Digest #149
Cryptography-Digest Digest #149, Volume #13 Mon, 13 Nov 00 12:13:00 EST
Contents:
Some facts --- MY living in the U.S.A. in 1990's (Markku J. Saarelainen)
Re: voting through pgp ("Tony T. Warnock")
Re: Q: timing attacks on cryptographic algorithms ("kihdip")
Re: voting through pgp ("Tony T. Warnock")
Re: LaGrange Interpolating Polynomial Scheme? (Kent Briggs)
Re: voting through pgp ("Tony T. Warnock")
Hash used in prepaid phone cards. (Ariel Burbaickij)
Re: On an idea of John Savard (Mok-Kong Shen)
Re: Chimera ciphers (WAS Re: On an idea of John Savard) (Mok-Kong Shen)
Re: "Secrets and Lies" at 50% off (James Felling)
RE: monoalphabetic cipher ("Deja User")
Re: RC4 on FPGAs? ("CMan")
From: Markku J. Saarelainen [EMAIL PROTECTED]
Crossposted-To: soc.culture.british,soc.culture.polish,soc.culture.austrian
Subject: Some facts --- MY living in the U.S.A. in 1990's
Date: Mon, 13 Nov 2000 15:06:58 GMT
1. I have not had any political affiliations in any way
2. I have never voted for anybody, voted for nobody
3. U.S. Government and its intelligence community spied on me since
1993 as I have written it down in my diary entries. My spouse (Kathryn
Goll - it was Kathryn Goll Saarelainen) was involved in these
activities without ever telling this to me. But I discovered it in
March, 1994 after she came from hew work and made specific references
to the work place situation where I was involved. I never had mentioned
this situation to her. I kept quiet.
4. The U.S. government stole my spouse (currently ex-spouse) from me in
1999 for a possible deportation of me.
5. The U.S. government together with the government of Finland and my
ex-Finnish relatives attacked me in 1999 and in the first half of 2000.
6. Finnish indsutrial interests and ex-relatives such as Jukka
Saarelainen (known to be involved in the military intelligence)
participated in influence efforts and spying on me since 1994 as
discussed earlier.
7. The Georgian (Gwinnett County) Superior Court Judge Oxendyne made a
very unfair judgement and forced me to leave me my home and house in
Atlanta (Duluth), Georgia, U.S.A. and forced me to live in the streets.
I worked in this house for 15 hours a day, but after this unfair judge
made the decision, I was effectively removed from my work place too.
8. My ex-spouse participated in spying on me - documented evidences
exists.
9. There were two immigration related blackmailing or influence efforts
against me. In both cases, the same subject matter. First, in May,
1997, when I worked for IntelliQuest Communications (Atlanta) -
intelligence / information comp - research comp - some of clients
include IBM and HP - Gary from Scottland who worked in the account
management came to the same haircuttery (The SuperCuts), where I was
and started asking specific questions regarding to my relationship with
my spouse. He never got the haircut, but left the place after asking
questions. Second, when I had a dinner with my spouse (ex currently) in
my own home in Atlanta, there was a ring on the top of an article
discussing the fraudulent marriages and the immigration / basically the
marrigae fraud and shortly after sitting down to eat the dinner, there
was call and a person made specific references to this article. Who put
the ring on the article? Who called... etc.? One thing I know, my ex-
spouse was involved in the espionage against me. The newspaper was the
Atlanta-Journal Constitution.
And many more facts ... read alt.politics.org.cia ...
And why this happened? Without any cause actually. No reason what so
ever. Only thing I did was to use my freedom of speech rights - the 1st
article in the Bill of Rights and I was attacked by the U.S.
intelligence community and government. They may have never read the
statement by Thomas Jefferson and his references to "tyranny over
people's minds". Well this is what I experienced in 1990's to 2000 in
the U.S.A. So I was hurt without any cause by the U.S. government, my
ex-relatives in Finland and the U.S.A. and the government of Finland.
An unfair judge forced me to live in the streets. When I asked help
from the government of Finland, they responded "What does it matter if
somebody is behind you " - what an ignorance ! Well I am only 33
years old and do not expect to stay in the U.S.A. very much longer, but
what happens in the next 30 years in my life shall be very interesting
to you all there who read this message. So I experienced the tyranny by
the U.S. government without any cause.
Sent via Deja.com http://www.deja.com/
Before you buy.
--
From: "Tony T. Warnock" [EMAIL PROTECTED]
Subject: Re: voting through pgp
Date: Mon, 13 Nov 2000 08:33:49 -0700
Reply-To: [EMAIL PROTECTED]
binary digit wrote:
Imagine if everyone had pgp i
Cryptography-Digest Digest #149
Cryptography-Digest Digest #149, Volume #12 Sun, 2 Jul 00 20:13:01 EDT Contents: SCOTT19U.ZIP_GUY PLONK! (Guy Macon) Re: Newbie question about factoring (Paul Schlyter) Re: Remark on practical predictability of sequences (Mok-Kong Shen) Re: very large primes (Mok-Kong Shen) A simple all-or-nothing transform (Mok-Kong Shen) Re: DES Analytic Crack (Mok-Kong Shen) Re: Observer 4/6/2000: "Your privacy ends here" (Simon Elliott) Use of EPR "paradox" in cryptography (DSM) Hashing Function (not cryptographically secure) (Simon Johnson) Has RSADSI Lost their mind? ([EMAIL PROTECTED]) Re: Use of EPR "paradox" in cryptography (Nathan Urban) Re: Call for volunteers for anonymous, censorship-resistant publishing system (Larry) Re: Observer 4/6/2000: "Your privacy ends here" (U S-D) W2K fakes 128-bit crypto? (denis bider) Re: very large primes (Jerry Coffin) Re: A simple all-or-nothing transform (Mark Wooding) Re: Hashing Function (not cryptographically secure) (Mark Wooding) From: [EMAIL PROTECTED] (Guy Macon) Subject: SCOTT19U.ZIP_GUY PLONK! Date: 02 Jul 2000 15:14:01 EDT SCOTT19U.ZIP_GUY wrote: in a way maybe John can even grasp or his BS crypto friends if they give it any thought. But if they are the stuff shirt kind of guys with ties they may not have suffcient blood flow to the brain. PLONK! -- From: [EMAIL PROTECTED] (Paul Schlyter) Crossposted-To: comp.theory Subject: Re: Newbie question about factoring Date: 2 Jul 2000 19:12:30 +0200 In article [EMAIL PROTECTED], Dido Sevilla [EMAIL PROTECTED] wrote: Bob Silverman wrote: The size of a number IS its number of digits. You contradict yourself. And you're playing semantics. How big is a number? It's it's magnitude. The number of digits is its number of digits. Which number is biggest? 3E+28 or 0.2374563487298734596792376598726349873645398726395482769328746 :-))) -- Paul Schlyter, Swedish Amateur Astronomer's Society (SAAF) Grev Turegatan 40, S-114 38 Stockholm, SWEDEN e-mail: pausch at saaf dot se orpaul.schlyter at ausys dot se WWW: http://hotel04.ausys.se/pauschhttp://welcome.to/pausch -- From: Mok-Kong Shen [EMAIL PROTECTED] Subject: Re: Remark on practical predictability of sequences Date: Sun, 02 Jul 2000 23:15:29 +0200 "John A. Malley" wrote: I hesitate with a resounding endorsement out of caution. I take little comfort in relying on secret parameters for LCG, LFSR or Non-LFSR PRNGs. Personally I would like to learn more about potential attacks relating the predictability of the next state of the PRNG from its past states to characteristics in the ciphertext output of the block cipher - with knowledge of the PRNG parameters and algorithm but the initial seed secret. As far as I am aware, all the works on inferencing an LCPRNG require that its output sequence (or fractions of the bits of it) be either directly available or easily computable from other data. However, this is not the case, if the sequence is passed to a good cipher and only the output of the cipher is available. Thus the case with secret seed but known parameters does not have any known research results applicable to it. It seems plausible to consider that that is infeasible with the state of the art. On the other hand, letting the parameters of the generator be secret certainly gives better warrant of practical security at almost no additional cost. M. K. Shen -- From: Mok-Kong Shen [EMAIL PROTECTED] Subject: Re: very large primes Date: Sun, 02 Jul 2000 23:15:37 +0200 Benjamin Goldberg wrote: Douglas A. Gwyn wrote: Dann Corbit wrote: http://mathworld.wolfram.com/Prime-GeneratingPolynomial.html [snip] "However, there exists a polynomial in 10 variables with integer coefficients such that the set of primes equals the set of positive values of this polynomial obtained as the variables run through all nonnegative integers, although it is really a set of Diophantine equations in disguise (Ribenboim 1991)." Sounds cool. But... what is that polynomial-in-10-variables? According to Ribenboim's book (edition 1988) the formula with 10 variables is not known in explicit form, but the one with 26 variables is to be found there. The one with 10 variables has besides an extremely high degree so that it seems not practical at all to do any computation with it. The one with 26 variables has a degree of 25. However, it is said that such formulae can generate non-relevant negative values and repeated positive values which are primes. So it appears that these, while of high significance theoretically, are ba
Cryptography-Digest Digest #149
Cryptography-Digest Digest #149, Volume #11 Fri, 18 Feb 00 09:13:02 EST
Contents:
Re: UK publishes 'impossible' decryption law ("ink")
Re: RSA Speed (Hagen Ploog)
Re: Method to break triple-DES (Jonathan Thornburg)
Re: Method to break triple-DES (Jonathan Thornburg)
Re: UK publishes 'impossible' decryption law (Gordon Walker)
Re: NSA Linux and the GPL (Paul Crowley)
Re: NSA Linux and the GPL (Paul Crowley)
Re: Does the NSA have ALL Possible PGP keys? (Paul Crowley)
Re: multi-precision integer C library (Tom St Denis)
Re: VB Crypto ("Paul Bais")
Re: code still unbroken (Geoff Lane)
Re: NIST, AES at RSA conference (Bo Dömstedt)
Re: Period of cycles in OFB mode (Tim Tyler)
Re: UK publishes 'impossible' decryption law ("Garry Smith")
Re: Question about OTPs (Tim Tyler)
Re: Q: SAC2000? (Mike Just)
Re: Q: SAC2000? (Mike Just)
Re: Q: SAC2000? (Mike Just)
Re: VB Crypto (Mike Just)
Re: UK publishes 'impossible' decryption law (Richard Herring)
From: "ink" [EMAIL PROTECTED]
Crossposted-To: talk.politics.crypto
Subject: Re: UK publishes 'impossible' decryption law
Date: Fri, 18 Feb 2000 11:16:17 +0100
[EMAIL PROTECTED] schrieb in Nachricht
[EMAIL PROTECTED]...
Any firearm can be used as a weapon. The US govt considers crypto to be
dangerous
enough that it is classified as a "munition". What does that tell you?
Hardly any other government has doen that. What does that tell you?
ink
-- IMHO: In my hog-fucking opinion
(alt.tasteless FAQ)
--
Date: Fri, 18 Feb 2000 11:48:30 +0100
From: Hagen Ploog [EMAIL PROTECTED]
Subject: Re: RSA Speed
Erik wrote:
I wrote a program to do RSA with a 1100 bit modulus. I use 65537 for
the public key exponent, and the private key exponent is, of course,
near 1100 bits. It works, and encrypting with the public key takes
about a quarter of a second, but decrypting with the private key takes
43 seconds on a 400 MHz Pentium. Does this seem right?
Erik
look at
http://security.ece.orst.edu/theses/97acar.pdf
--
From: [EMAIL PROTECTED] (Jonathan Thornburg)
Subject: Re: Method to break triple-DES
Date: 18 Feb 2000 12:41:43 +0100
In article 88hlt8$m76$[EMAIL PROTECTED],
Mickey McInnis [EMAIL PROTECTED] wrote:
Actually, I've heard that there was a paper published recently showing
a potentially practical attack on Triple DES that's considerably less
effort than standard key exhaustion against a 112 bit (2xDES) key.
It's some sort of meet-in-the middle attack, and was not too many times
more trials than regular DES by key exhaustion.
Well, sort of, but there are some interesting tricks played to make
time-vs-memory tradeoffs. The attack is not "practical", in the sense
of "performable in reasonable time with less than US$trillions of hardware",
but it's theoretically interesting. See
Stefan Lucks,
"Attacking Triple Encryption,"
Fast Software Encryption '98, Volume 1372 of Lecture Notes in
Computer Science (S. Vaudenay, ed.), Springer-Verlag, 1998.
http://th.informatik.uni-mannheim.de/m/lucks/papers.html
for all the details.
--
-- Jonathan Thornburg [EMAIL PROTECTED]
http://www.thp.univie.ac.at/~jthorn/home.html
Universitaet Wien (Vienna, Austria) / Institut fuer Theoretische Physik
Q: Which countries have the death penalty for children?
A: Iran, Nigeria, Pakistan, Saudi Arabia, and United States
--
From: [EMAIL PROTECTED] (Jonathan Thornburg)
Subject: Re: Method to break triple-DES
Date: 18 Feb 2000 12:47:10 +0100
In article 88jb5n$82u$[EMAIL PROTECTED],
I (Jonathan Thornburg [EMAIL PROTECTED]) wrote:
[[Lucks' 3DES attack]] is not "practical", in the sense
of "performable in reasonable time with less than US$trillions of hardware",
but it's theoretically interesting. See
Stefan Lucks,
"Attacking Triple Encryption,"
Fast Software Encryption '98, Volume 1372 of Lecture Notes in
Computer Science (S. Vaudenay, ed.), Springer-Verlag, 1998.
http://th.informatik.uni-mannheim.de/m/lucks/papers.html
for all the details.
Just to provide a little more information, Lucks' web page summarizes
some of the key results as
about $2^{108}$ steps of computation are sufficient to break
three-key triple DES. If one concentrates on the number of single DES
operations and assumes the other operations to be much faster, $2^{90}$
of these are enough.
For comparison, exhausitve search of (single) DES takes an average
of 2^55 DES operations, so we're looking at attacks which are on the
order of 3e10 times more expensive than (single) DES exhaustive search.
The memory requirements of the 3DES attacks are also slightly gargantuan...
--
-- Jonathan Thornburg [EMAIL
Cryptography-Digest Digest #149
Cryptography-Digest Digest #149, Volume #10 Tue, 31 Aug 99 12:13:05 EDT
Contents:
Re: public key encryption - unlicensed algorithm ("ME")
Re: Workshop in Paris on Watermarking and Copyright enforcement (JGM)
Re: Workshop in Paris on Watermarking and Copyright enforcement (David Chase)
Re: Can I export software that uses encryption as copy protection? (Eric Lee Green)
Re: Which of these books are better ? (Keith A Monahan)
Re: Workshop in Paris on Watermarking and Copyright enforcement (SCOTT19U.ZIP_GUY)
Re: Cryptography Items and Issues (Stefek Zaba)
Re: original source code for robert morris crypt.c circa 1970's (Eric Lee Green)
Re: Statue for Enigma hero (Nick Battle)
Re: 512 bit number factored (Anton Stiglic)
Re: Hardware - Software Implementation of Pseudo Random Generators (Tim Tyler)
Re: Can we have randomness in the physical world of "Cause and Effect" ? (Tim Tyler)
Re: Workshop in Paris on Watermarking and Copyright enforcement (SCOTT19U.ZIP_GUY)
Re: What if RSA / factoring really breaks? (JPeschel)
Re: Which of these books are better ? (JPeschel)
Re: Which of these books are better ? (DJohn37050)
Re: Hardware - Software Implementation of Pseudo Random Generators ("Trevor Jackson,
III")
Re: WT Shaw temporarily sidelined (JPeschel)
From: "ME" [EMAIL PROTECTED]
Subject: Re: public key encryption - unlicensed algorithm
Date: Tue, 31 Aug 1999 19:29:46 +1000
SET is definitely not for "secure" credit card processing.
Keyboard sniffing compromises passwords, while file copying compromises the
certificates/privates keys.
End result = MOTO style transactions with complex technology that duplicates
the SSL and SGC capabilities.
Lyal
Paul Rubin wrote in message 7qflgf$[EMAIL PROTECTED]...
In article [EMAIL PROTECTED],
shivers [EMAIL PROTECTED] wrote:
Have you looked at the SET protocol ?
no, I've never heard of it - is it any good? I.e. strong and unlicensed?
SET is a specialized and very complicated protocol being pushed by
Visa for credit card transactions. See www.setco.org for details.
It is like EDI for online credit card processing, with special message
fields for all kinds of purchase-specific data such as the amount of
gas left in the tank of a rental car when you return it. It is almost
certainly not what you want.
--
From: JGM [EMAIL PROTECTED]
Crossposted-To: comp.lang.java.security,comp.graphics.misc,rec.arts.movies.tech
Subject: Re: Workshop in Paris on Watermarking and Copyright enforcement
Date: Mon, 30 Aug 1999 17:11:24 -0400
Reply-To: [EMAIL PROTECTED]
Robert Harley wrote:
* Insertion of a watermark in a document (image, music, java bytecode,
etc.). Ideally, this mark should be invisible and impossible to erase.
A lesser claim like "almost invisible and quite difficult to erase"
would have the distinct advantage of not being nonsense.
I think the word "ideally" covers this by admitting that this is a
potentially non-acheivable goal. Note that this is apparently a discussion
forum rather than an advertisement for a system; at such times stating ideal
goals is entirely appropriate.
JGM
Bye,
Rob.
--
From: David Chase [EMAIL PROTECTED]
Crossposted-To: comp.lang.java.security
Subject: Re: Workshop in Paris on Watermarking and Copyright enforcement
Date: Tue, 31 Aug 1999 09:19:30 -0400
[EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) writes:
As for your statement about "bogus claims, like compression programs
that can supposedly compress every file." I think my compression method
on "http://members.xoom.ecil/compress.htm" can compress every finite
file that is not to large that the operating system can't handle it.
Soeren Mors wrote:
Your use of the word compression is interesting to say the least. I
wouldn't call it compression if the file actualy got larger.
"When I use a word, it means just what I choose it to mean - neither
more nor less." (Humpty Dumpty)
There's been a lot of that going around lately.
--
David Chase-- [EMAIL PROTECTED]
NaturalBridge LLC -- http://www.naturalbridge.com
BulletTrain bytecode compiler -- when you can't wait for performance
--
From: Eric Lee Green [EMAIL PROTECTED]
Crossposted-To: misc.legal.computing
Subject: Re: Can I export software that uses encryption as copy protection?
Date: Tue, 31 Aug 1999 06:23:05 -0700
"SCOTT19U.ZIP_GUY" wrote:
file. But if they already have a key there is not much you can do except slow
them down from making pirated copies of your program.
Exactly, and your key will end up being posted to alt.2600 within
minutes if your program appeals to the script kiddies (grin).
How the script kiddies get ahold of keys -- usually they steal the
