Cryptography-Digest Digest #187
Cryptography-Digest Digest #187, Volume #12 Sun, 9 Jul 00 20:13:01 EDT Contents: Re: Random Numbers (John Savard) Re: Proposal of some processor instructions for cryptographical (David A. Wagner) Re: Proposal of some processor instructions for cryptographical applications ("Stephen Fuld") Re: Proposal of some processor instructions for cryptographical applications ("Stephen Fuld") www.curious.4ears ("rosi") Re: Proposal of some processor instructions for cryptographical (Roger Schlafly) Re: Random Numbers ("David Hyde") Re: Random Numbers (John Savard) Re: Advanced Cryptography FAQ ("Trevor L. Jackson, III") Re: Random Numbers (Nicol So) From: [EMAIL PROTECTED] (John Savard) Subject: Re: Random Numbers Date: Sun, 09 Jul 2000 22:15:41 GMT On Sun, 9 Jul 2000 18:17:16 +0100, "David Hyde" [EMAIL PROTECTED] wrote, in part: Does anyone know how to convert a random bit stream into random 16-bit numbers with uniform distribution? As others have noted, taking 16 (or 15, if you only want to generate positive integers) bits at a time from the random bit stream, if it is genuinely random, will do just fine. Is it random, but biased? Is it pseudorandom, and with correlations between the bits? As the other replies have noted, one needs to know what other factors make this other than a truly trivial question. Of course, if one wants to produce random integers with a uniform distribution that range between some other set of limits than 0 and 32,767 or 0 and 65,535; say, from 0 to 999, then one does need special techniques. They're doubtless explained somewhere on the web, but here they are anyways, since it isn't clear what keywords to use to find them: Let's say you want to convert a stream of bits into uniformly distributed numbers from 0 to 999. Then, you start by taking the bits 10 at a time to give you a number from 0 to 1023. If that number is less than 1000, you've got a number. Otherwise, subtract 1000 from the number, to give you a number from 0 to 23. Treat that as a base-24 digit, and introduce it into another accumulator (acc = acc*24 + new_digit) that holds numbers up to 24^3, or 13824. When this has happened three times, if the number in the accumulator is from 0 to 12999, take the last three digits as your number. If you want, you can take the first few digits, as a number from 0 to 12, and therefore a base-13 digit, and save them in an accumulator; and, if you get a result you can't use, a number from 13000 to 13824, you can subtract 13000 and save that result as a base-824 digit. Where you want to stop, and just throw away unusable results, depends on how efficiently you want to convert the random bit stream to a random digit stream. John Savard (teneerf -) http://www.ecn.ab.ca/~jsavard/crypto.htm -- From: [EMAIL PROTECTED] (David A. Wagner) Crossposted-To: comp.arch Subject: Re: Proposal of some processor instructions for cryptographical Date: 9 Jul 2000 15:17:57 -0700 Iain McClatchie [EMAIL PROTECTED] wrote [excerpts only]: Why bother supporting cryptography in the CPU? - Hardware implementations of the speed-critical cyphers are _tiny_. - Popularly-used cryptographic algorithms change very slowly. - Connection speeds are increasing. Software encryption can keep up with a 56 Kb/s modem just fine, but a 10 Mb/s cable modem is a problem, - Popular cryptographic algorithms now appear to be exportable. Those are good points. Still, there's a definite cost, and I wonder how compelling a need there is for hardware crypto. Until the AES is chosen, there's no obvious single candidate for hardware implementation. Each crypto protocol has a different favorite cipher (SSL - RC4; IPSEC - DES; SSH - IDEA). That will likely change some years after after the AES is chosen, but even so, I'm not convinced there's a compelling need for hardware implementation. No matter which AES candidate is chosen, it is likely to run at about 20 cycles/byte, so encrypting at even 10 Mb/s should take only something like 4% of the CPU speed, if I'm not mistaken. Is that a significant enough burden to justify hardware implementation? If there is no utterly compelling need for hardware crypto, do you think the advantages of hardware implementation will still outweigh the costs? I'm truly interested in your thoughts. -- From: "Stephen Fuld" [EMAIL PROTECTED] Crossposted-To: comp.arch Subject: Re: Proposal of some processor instructions for cryptographical applications Date: Sun, 09 Jul 2000 22:29:41 GMT "Douglas A. Gwyn" [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]... Thomas Womack wrote: "Mok-Kong Shen" [EMAIL PROTECTED] wrote Transposition is one of the basic operations in cryptography. Is it, any more?
Cryptography-Digest Digest #187
Cryptography-Digest Digest #187, Volume #11 Wed, 23 Feb 00 14:13:01 EST Contents: Re: I am really scared of my NT (Tim Tyler) Crypto enthusiasm (wtshaw) Re: Passwords secure against dictionary attacks? (Alun Jones) Re: e-payment suggestion ("Dr.Gunter Abend") Re: The solution is Open Source! ("John E. Kuslich") Re: DES algorithm (John Savard) Re: NSA Linux and the GPL ("John E. Kuslich") Re: Crypto enthusiasm (Mok-Kong Shen) Re: Passwords secure against dictionary attacks? (Barry Margolin) Re: e-payment suggestion (Mike Rosing) Re: Linking Time-Stamping Servers (Mike Rosing) Re: John McCain Encrypt? (Thunder Dan) Re: Processor speeds. (Mike Rosing) Re: DES algorithm (Quisquater) Re: NSA Linux and the GPL (Mike Rosing) Report Details Vast SPY Network (Dave Hazelwood) Re: Transmitting ciphered data ("Douglas A. Gwyn") Re: OAP-L3 Encryption Software - Complete Help Files at web site (David A. Wagner) Re: Stuck on code-breaking problem - help appreciated ("Douglas A. Gwyn") Re: Stuck on code-breaking problem - help appreciated ("r.e.s.") Re: Does the NSA have ALL Possible PGP keys? ("Douglas A. Gwyn") Re: Passwords secure against dictionary attacks? (JimD) Re: DES algorithm ("Douglas A. Gwyn") Re: DES algorithm ("Douglas A. Gwyn") Re: The solution is Open Source! ("Douglas A. Gwyn") From: Tim Tyler [EMAIL PROTECTED] Subject: Re: I am really scared of my NT Reply-To: [EMAIL PROTECTED] Date: Wed, 23 Feb 2000 15:37:04 GMT [EMAIL PROTECTED] wrote: : Someone should come out with a crypto gaurd-ring to protect all the : ports and physical access of a windows 98/NT w/s. The whole thing is : so shaky and insecure... If possible, it's better to build on a solid foundation, than to try to shore up the house built on sand. -- __ |im |yler The Mandala Centre http://www.mandala.co.uk/ [EMAIL PROTECTED] The more you complain, the longer God makes you live. -- From: [EMAIL PROTECTED] (wtshaw) Subject: Crypto enthusiasm Date: Wed, 23 Feb 2000 09:19:25 -0600 This morning, I awakened with thoughts of all that I might get done in a crypto way today. The result on best will be that of the various areas, I'll just get a little done, however. But, I pick the topic...that's freedom. Here are the options: 1) News--probably read crypto relavant groups three or so different times today. 2) C/C++--work on extending my basic knowledge in the area as I enlarge the current dumb crypto program to be more flexible; file I/O is partly working. I wish it was as easy to do as BASIC, less cryptic and require less microefforts to do anything. 3) I'm close to finishing a series of transposition applications according to ACA standards, a handful leftSwagman, and some interesting Grilles. 4) Speaking of ACA, I could do a little cipher solving, even learn something new. This is apt to cause me to think how to write a program too, or even come up with a variation. 5) Base Translation...scores of usable ones need implementing, picking up with the one I was doing when I had my stroke last summer. And, there is always some new idea that needs to be reduced to workable notes with so many others. 6) Pull out one of the formal articles I have been writing, correcting, writing, correcting... 7) Do a little rabble rousing regarding crypto politics on the phone. Or, check on progress regarding certain projects involviing others...voice or email. 8) Wander around the web looking for information that might be helpful. 9) Go to one of the nearby university libraries and hit the stacks. 10) Website work: Write something new, start another speciality site. 11) Clean up and reorganize information, trying to condense important stuff so that it can be searched. 12) I'm sure there are more, and at least one will get into today's activities. 13) Look at future conferences, CFP, AES, ACA, etc. , note dates on the calendar, and hope that I will feel good enough to reasonably go to one soon; but, I can dream can't I? -- Regarding healthcare, when GWB became govenor, Texas was 43 in the nation, now we are 49th. And, I need not tell you about his bloody support of the death penalty. Reformer? -- From: [EMAIL PROTECTED] (Alun Jones) Crossposted-To: comp.security.misc,alt.security.pgp Subject: Re: Passwords secure against dictionary attacks? Date: Wed, 23 Feb 2000 16:21:41 GMT In article newscache$c6pdqf$ci5$[EMAIL PROTECTED], "Ken Hagan" [EMAIL PROTECTED] wrote: "Ilya" [EMAIL PROTECTED] wrote in message news:zZEs4.2145$[EMAIL PROTECTED]... Is it secure to take two words and join them together, such as: crypto/life cyber@machine green-dog Loud!Music I think that they are not vulnerable to dictionary attacks s