Cryptography-Digest Digest #187
Cryptography-Digest Digest #187, Volume #12 Sun, 9 Jul 00 20:13:01 EDT
Contents:
Re: Random Numbers (John Savard)
Re: Proposal of some processor instructions for cryptographical (David A. Wagner)
Re: Proposal of some processor instructions for cryptographical applications
("Stephen Fuld")
Re: Proposal of some processor instructions for cryptographical applications
("Stephen Fuld")
www.curious.4ears ("rosi")
Re: Proposal of some processor instructions for cryptographical (Roger Schlafly)
Re: Random Numbers ("David Hyde")
Re: Random Numbers (John Savard)
Re: Advanced Cryptography FAQ ("Trevor L. Jackson, III")
Re: Random Numbers (Nicol So)
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Random Numbers
Date: Sun, 09 Jul 2000 22:15:41 GMT
On Sun, 9 Jul 2000 18:17:16 +0100, "David Hyde"
[EMAIL PROTECTED] wrote, in part:
Does anyone know how to convert a random bit stream into random 16-bit
numbers with uniform distribution?
As others have noted, taking 16 (or 15, if you only want to generate
positive integers) bits at a time from the random bit stream, if it is
genuinely random, will do just fine.
Is it random, but biased? Is it pseudorandom, and with correlations
between the bits? As the other replies have noted, one needs to know
what other factors make this other than a truly trivial question.
Of course, if one wants to produce random integers with a uniform
distribution that range between some other set of limits than 0 and
32,767 or 0 and 65,535; say, from 0 to 999, then one does need special
techniques. They're doubtless explained somewhere on the web, but here
they are anyways, since it isn't clear what keywords to use to find
them:
Let's say you want to convert a stream of bits into uniformly
distributed numbers from 0 to 999.
Then, you start by taking the bits 10 at a time to give you a number
from 0 to 1023. If that number is less than 1000, you've got a number.
Otherwise, subtract 1000 from the number, to give you a number from 0
to 23. Treat that as a base-24 digit, and introduce it into another
accumulator (acc = acc*24 + new_digit) that holds numbers up to 24^3,
or 13824.
When this has happened three times, if the number in the accumulator
is from 0 to 12999, take the last three digits as your number.
If you want, you can take the first few digits, as a number from 0 to
12, and therefore a base-13 digit, and save them in an accumulator;
and, if you get a result you can't use, a number from 13000 to 13824,
you can subtract 13000 and save that result as a base-824 digit.
Where you want to stop, and just throw away unusable results, depends
on how efficiently you want to convert the random bit stream to a
random digit stream.
John Savard (teneerf -)
http://www.ecn.ab.ca/~jsavard/crypto.htm
--
From: [EMAIL PROTECTED] (David A. Wagner)
Crossposted-To: comp.arch
Subject: Re: Proposal of some processor instructions for cryptographical
Date: 9 Jul 2000 15:17:57 -0700
Iain McClatchie [EMAIL PROTECTED] wrote [excerpts only]:
Why bother supporting cryptography in the CPU?
- Hardware implementations of the speed-critical cyphers are _tiny_.
- Popularly-used cryptographic algorithms change very slowly.
- Connection speeds are increasing. Software encryption can keep
up with a 56 Kb/s modem just fine, but a 10 Mb/s cable modem is
a problem,
- Popular cryptographic algorithms now appear to be exportable.
Those are good points. Still, there's a definite cost, and I wonder
how compelling a need there is for hardware crypto.
Until the AES is chosen, there's no obvious single candidate for hardware
implementation. Each crypto protocol has a different favorite cipher
(SSL - RC4; IPSEC - DES; SSH - IDEA). That will likely change some
years after after the AES is chosen, but even so, I'm not convinced
there's a compelling need for hardware implementation. No matter which
AES candidate is chosen, it is likely to run at about 20 cycles/byte,
so encrypting at even 10 Mb/s should take only something like 4% of the
CPU speed, if I'm not mistaken. Is that a significant enough burden to
justify hardware implementation?
If there is no utterly compelling need for hardware crypto, do you think
the advantages of hardware implementation will still outweigh the costs?
I'm truly interested in your thoughts.
--
From: "Stephen Fuld" [EMAIL PROTECTED]
Crossposted-To: comp.arch
Subject: Re: Proposal of some processor instructions for cryptographical applications
Date: Sun, 09 Jul 2000 22:29:41 GMT
"Douglas A. Gwyn" [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]...
Thomas Womack wrote:
"Mok-Kong Shen" [EMAIL PROTECTED] wrote
Transposition is one of the basic operations in cryptography.
Is it, any more?
Cryptography-Digest Digest #187
Cryptography-Digest Digest #187, Volume #11 Wed, 23 Feb 00 14:13:01 EST
Contents:
Re: I am really scared of my NT (Tim Tyler)
Crypto enthusiasm (wtshaw)
Re: Passwords secure against dictionary attacks? (Alun Jones)
Re: e-payment suggestion ("Dr.Gunter Abend")
Re: The solution is Open Source! ("John E. Kuslich")
Re: DES algorithm (John Savard)
Re: NSA Linux and the GPL ("John E. Kuslich")
Re: Crypto enthusiasm (Mok-Kong Shen)
Re: Passwords secure against dictionary attacks? (Barry Margolin)
Re: e-payment suggestion (Mike Rosing)
Re: Linking Time-Stamping Servers (Mike Rosing)
Re: John McCain Encrypt? (Thunder Dan)
Re: Processor speeds. (Mike Rosing)
Re: DES algorithm (Quisquater)
Re: NSA Linux and the GPL (Mike Rosing)
Report Details Vast SPY Network (Dave Hazelwood)
Re: Transmitting ciphered data ("Douglas A. Gwyn")
Re: OAP-L3 Encryption Software - Complete Help Files at web site (David A. Wagner)
Re: Stuck on code-breaking problem - help appreciated ("Douglas A. Gwyn")
Re: Stuck on code-breaking problem - help appreciated ("r.e.s.")
Re: Does the NSA have ALL Possible PGP keys? ("Douglas A. Gwyn")
Re: Passwords secure against dictionary attacks? (JimD)
Re: DES algorithm ("Douglas A. Gwyn")
Re: DES algorithm ("Douglas A. Gwyn")
Re: The solution is Open Source! ("Douglas A. Gwyn")
From: Tim Tyler [EMAIL PROTECTED]
Subject: Re: I am really scared of my NT
Reply-To: [EMAIL PROTECTED]
Date: Wed, 23 Feb 2000 15:37:04 GMT
[EMAIL PROTECTED] wrote:
: Someone should come out with a crypto gaurd-ring to protect all the
: ports and physical access of a windows 98/NT w/s. The whole thing is
: so shaky and insecure...
If possible, it's better to build on a solid foundation, than to try to
shore up the house built on sand.
--
__
|im |yler The Mandala Centre http://www.mandala.co.uk/ [EMAIL PROTECTED]
The more you complain, the longer God makes you live.
--
From: [EMAIL PROTECTED] (wtshaw)
Subject: Crypto enthusiasm
Date: Wed, 23 Feb 2000 09:19:25 -0600
This morning, I awakened with thoughts of all that I might get done in a
crypto way today. The result on best will be that of the various areas,
I'll just get a little done, however. But, I pick the topic...that's
freedom. Here are the options:
1) News--probably read crypto relavant groups three or so different times today.
2) C/C++--work on extending my basic knowledge in the area as I enlarge
the current dumb crypto program to be more flexible; file I/O is partly
working. I wish it was as easy to do as BASIC, less cryptic and require
less microefforts to do anything.
3) I'm close to finishing a series of transposition applications according
to ACA standards, a handful leftSwagman, and some interesting Grilles.
4) Speaking of ACA, I could do a little cipher solving, even learn
something new. This is apt to cause me to think how to write a program
too, or even come up with a variation.
5) Base Translation...scores of usable ones need implementing, picking up
with the one I was doing when I had my stroke last summer. And, there is
always some new idea that needs to be reduced to workable notes with so
many others.
6) Pull out one of the formal articles I have been writing, correcting,
writing, correcting...
7) Do a little rabble rousing regarding crypto politics on the phone. Or,
check on progress regarding certain projects involviing others...voice or
email.
8) Wander around the web looking for information that might be helpful.
9) Go to one of the nearby university libraries and hit the stacks.
10) Website work: Write something new, start another speciality site.
11) Clean up and reorganize information, trying to condense important
stuff so that it can be searched.
12) I'm sure there are more, and at least one will get into today's activities.
13) Look at future conferences, CFP, AES, ACA, etc. , note dates on the
calendar, and hope that I will feel good enough to reasonably go to one
soon; but, I can dream can't I?
--
Regarding healthcare, when GWB became govenor, Texas was 43 in
the nation, now we are 49th. And, I need not tell you about his
bloody support of the death penalty. Reformer?
--
From: [EMAIL PROTECTED] (Alun Jones)
Crossposted-To: comp.security.misc,alt.security.pgp
Subject: Re: Passwords secure against dictionary attacks?
Date: Wed, 23 Feb 2000 16:21:41 GMT
In article newscache$c6pdqf$ci5$[EMAIL PROTECTED], "Ken Hagan"
[EMAIL PROTECTED] wrote:
"Ilya" [EMAIL PROTECTED] wrote in message
news:zZEs4.2145$[EMAIL PROTECTED]...
Is it secure to take two words and join them together, such as:
crypto/life cyber@machine green-dog Loud!Music
I think that they are not vulnerable to dictionary attacks s
