Cryptography-Digest Digest #362
Cryptography-Digest Digest #362, Volume #13 Mon, 18 Dec 00 21:13:01 EST
Contents:
Re: Why primes? (Bob Silverman)
Re: Q: Result of an old thread? (Mok-Kong Shen)
Re: Q: Result of an old thread? (Mok-Kong Shen)
Re: Result of an old thread? (Mok-Kong Shen)
AES (Rijndael) DLL ("Brian Gladman")
Re: Why primes? (John Savard)
Re: Unguessable sequence of unique integers? (AllanW)
Re: Q: Result of an old thread? (Simon Best)
Bayesian Attack ("John Feth")
RE: Q: Result of an old thread? ("Manuel Pancorbo")
Re: Q: Result of an old thread? (Simon Best)
Re: Visual Basic Source Code (AllanW)
Re: Use of multiplexing (Simon Best)
Python, math curriculum, RSA, Miller-Rabin... (Kirby Urner)
Re: Bayesian Attack (John Savard)
From: Bob Silverman [EMAIL PROTECTED]
Subject: Re: Why primes?
Date: Mon, 18 Dec 2000 21:15:59 GMT
In article [EMAIL PROTECTED],
[EMAIL PROTECTED] wrote:
[The irritating little gnome is
back with new silly questions. :)]
I've understood it that in public/private
key ciphering one uses quite big prime numbers.
Well, why use primes? Why can't any two quite
big numbers (QBN [tm]) be used?
In a nutshell. The integers modulo a prime form a cyclic group;
all elements except 0 have an inverse.
This is not true modulo a composite.
May I suggest reading a basic primer on the subject?
--
Bob Silverman
"You can lead a horse's ass to knowledge, but you can't make him think"
Sent via Deja.com
http://www.deja.com/
--
From: Mok-Kong Shen [EMAIL PROTECTED]
Subject: Re: Q: Result of an old thread?
Date: Mon, 18 Dec 2000 22:45:57 +0100
Simon Best wrote:
Mok-Kong Shen wrote:
The message is in a singular matrix S (e.g. one with a zero
column).
Such as:
S0,0S0,1S0,20
S1,0S1,1S1,20
S2,0S2,1S2,20
S3,0S3,1S3,20
?
Alice chooses an arbitrary non-singluar matrix A and sends AS to Bob.
So, AS also has four columns, and has only 0s in the right most
column...
Bob chooses an arbitrary non-singular matrix B and sends ASB to Alice.
ASB? Is that matrix multiplication the right way round? The column of
0s in AS will just eliminate the corresponding row of B. It'll just be
like matrix multiplication with two, smaller, nonsingular matrices.
Just take out the 0s columns in AS, remove the corresponding rows of B,
and you can then find the inverse for the reduced AS easily. That gives
you a reduced B, but this reduced B doesn't miss anything from the
original B that's used in ASB or SB.
Alice multiplies it with A^(-1) and sends SB to Bob, who can multiply it with
B^(-1) to obtain S.
And, having something that does the same job as B, I can also extract S
from SB?
[snip]
I badly need to revise matrix stuff!
Try a small example, say 2*2, and see whether what you said
actually works. It would be very fine, if it indeed worked.
M. K. Shen
--
From: Mok-Kong Shen [EMAIL PROTECTED]
Subject: Re: Q: Result of an old thread?
Date: Mon, 18 Dec 2000 22:45:44 +0100
Walter Hofmann wrote:
Mok-Kong Shen [EMAIL PROTECTED] wrote:
If I understand you claim, your procedure is applicable to
any singlular matrix, isn't it?
How could this ever work? The algorithms I gave obviously works only in
the situation of the proposed cipher.
In that case one would
be able to 'define' an inverse of any singular matrix,
namely via the (supposedly unique) limit obtained from
your procedure. Do you want to claim that?
No, there is no connection with the algorithm I gave.
You can, however, do something similar to what you proposed:
Let A be a (singular) matrix over a algebraically closed field. Lets
assume that the algebraic multiplicites of A equal the geometric
multiplicites of A.
Let A = T^-1 . D . T with a diagonal matrix D and an invertible matrix T.
Let l_1, . . . , l_n be the elements on the diagonal of D.
Define m_i = 1/l_i where l_i!=0 and m_i = 0 otherwise.
Let D' be a diagonal matrix with the m_i on the diagonal.
Define A' = T^-1 . D' . T
Then A' behaves like a multiplicatice inverse of A (as far as possible).
I.e.
(*) A' has the same kernel as A, and for all vectors v which are
not in the kernel of A the relation v=A'.A.v=A.A'.v holds.
A' is uniquely determined by A and (*) (this is obvious).
Let me quote a previous follow-up of yours to be sure that
I understand you:
So you can change the coefficiants of AS by a sufficiently
small epsilon0 to get an invertible matrix, then you can
calculate (AS')^-1. Go on to calculate B'=(AS')^-1.ASB
then S(epsilon)=SB.B'^-1. In the limit epsilon-0 the
matrix S(epsilon) will converge to S as all operations
involved are continuous.
You defined B'=(AS')^-1.ASB. But ASB is
Cryptography-Digest Digest #362
Cryptography-Digest Digest #362, Volume #12 Sat, 5 Aug 00 15:13:00 EDT
Contents:
On general encryption schemes (Mok-Kong Shen)
Re: just saw a pre-release copy of Schneier's new book on ebay (Bruce Schneier)
David Scott's website (SCOTT19U.ZIP_GUY)
Re: Good pointers on MDS ("Peter L. Montgomery")
Re: Mathématics ("Kurt Fleißig")
Re: Good pointers on MDS (tomstd)
Re: counter as IV? (David Hopwood)
Re: OTP using BBS generator? (David Hopwood)
Re: IV for arfour ("Andreas Sewe")
Re: Secure Operating Systems (Mok-Kong Shen)
Re: Secure Operating Systems ([EMAIL PROTECTED])
Re: Plausible Word Generation via Trigram Statistics (Mark Wooding)
Re: New William Friedman Crypto Patent (filed in 1933) (Bill Unruh)
Re: New William Friedman Crypto Patent (filed in 1933) (John Savard)
From: Mok-Kong Shen [EMAIL PROTECTED]
Subject: On general encryption schemes
Date: Sat, 05 Aug 2000 16:41:06 +0200
A ciphertext C is a transform of the plaintext according to a key
and hence has the general form C=f(K,P), where f is an arbitrary
invertible function and P is the 'entire' plaintext. This clearly
shows that both stream encryption, operating on single bits,
and block cipher, operating on groups of bits, are 'very' special
cases of a general encryption. A block cipher of size n provides
diffusion and confusion within the boundary of the n bits that
it works on. It does not utilize the 'context' information of
the rest of plaintext and thus could be regarded as wasting the
available 'resources'. Some remedy of this has in fact been found
in block-chaning, where the blocks are made to influence one
another in some way. But this is at best sort of 'after thought'
and apprently could not be the optimal way of achieving the goal
of encryption processing. (The tendency of developing larger
block algorithms could also be viewed in this light.)
We see therefore that there can be essential advantages of
treating the entire plaintext in a 'holistic' manner rather than
always confining our view through a small window of n bits. On
the other hand, any work done on a big real-world object is
invariably composed of work done on its parts. So 'regional'
operations provided by block algorithms are indeed a necessity.
What is desirable 'in addition' are however global operations
that cause the blocks to interact in ways that can materially
contribute to the complexity that the opponent has to face.
I don't have currently a good proposal to this issue but like
to sketch several possibilites that I can see besides the already
existing block chaining mentioned above. One possiblity is pseudo-
random permutation of the computer words constituting the entire
plaintext. One can namely permute, do block encryption, permute,
... etc. Another possibility is to look the whole plaintext as a
single block and apply block encryption techniques to it. One can,
for example, divide the plaintext into two halves and apply the
Feistel method on these. A third possibility is to effect
substitution on units larger than the size of the block algorithm
used. One practical way of doing this is through a Hill cipher
with a sufficiently large matrix.
In a certain sense, dynamically varying the key of the block
algorithm or its parameters or varying the block algorithm itself
(or the component algorithms in case of multiple encryption) could
also be considered to be global operations that are desirable.
My humble knowledge doesn't allow me presently to think of more
and eventually better possibilities. Your suggestions, comments
and critiques would be highly appreciated.
M. K. Shen
==
http://home.t-online.de/home/mok-kong.shen
--
From: Bruce Schneier [EMAIL PROTECTED]
Subject: Re: just saw a pre-release copy of Schneier's new book on ebay
Date: Sat, 05 Aug 2000 09:33:49 -0500
On Sat, 05 Aug 2000 13:09:22 GMT, [EMAIL PROTECTED]
(John Savard) wrote:
On Sat, 05 Aug 2000 08:19:49 GMT, [EMAIL PROTECTED] (Ben Liberman)
wrote, in part:
I'm not a collector myself but, for anyone interested, I was wandering
eBay and came across:
"Signed Pre-Release Copy of Bruce Schneier's New Book: Secrets and Lies"
http://cgi.ebay.com/aw-cgi/eBayISAPI.dll?ViewItemitem=401272439
Will Bruce himself be the most interested...or, even if that copy is
"pre-release", has the book itself already been released?
The full title is SECRETS AND LIES: DIGITAL SECURITY IN A NETWORKED
WORLD, and the book homepage is:
http://www.counterpane.com/sandl.html
The book has not been published yet. It should be available in
bookstores by the end of the month.
SECRETS AND LIES discusses computer security, and the issues
surrounding computer security. It explains, in an accessible style,
how different security technologies work and how they fail. It
discusses
