Cryptography-Digest Digest #189, Volume #9 Fri, 5 Mar 99 10:13:05 EST
Contents:
Is teax any good? ("Tim Fowle")
Re: Testing Algorithms (Henry Lewsal)
Re: Scramdisk - paranoia ("sp00ky")
Re: WIN 32 Blowfish ([EMAIL PROTECTED])
Re: AES and Intellectual Property issues ([EMAIL PROTECTED])
An export question... ("Tom")
Re: Intel/Microsoft ID ("Jay")
What's so-called random oracle model? (Jennifer Lu)
Re: Scramdisk - paranoia (Ed Stone)
Re: Testing Algorithms [moving off-topic] (Patrick Juola)
Re: Testing Algorithms (Patrick Juola)
Re: Intel/Microsoft ID ([EMAIL PROTECTED])
Re: Where can I get a Public Key system? ("PCM, Joakim Johansson")
----------------------------------------------------------------------------
From: "Tim Fowle" <[EMAIL PROTECTED]>
Subject: Is teax any good?
Date: Fri, 05 Mar 1999 10:12:52 -0000
Does anyone know if the extensions made to TEA by Needham and Wheeler have
improved the algorithm???
Is it worth using as a small cipher or is it too easy to crack?
Anyone?
Ttfn
Tim Fowle
------------------------------
From: Henry Lewsal <[EMAIL PROTECTED]>
Subject: Re: Testing Algorithms
Date: Fri, 05 Mar 1999 03:02:19 -1000
Patrick Juola wrote:
>
> In article <[EMAIL PROTECTED]>,
> Shawn Willden <[EMAIL PROTECTED]> wrote:
snip...
> >You should take a look at the section in Schneier's book on thermodynamic
> >limitations to brute-force attacks. He assumes an ideal computer, one in
> >which the energy required to change the value of one bit in the processor is
> >the smallest possible -- namely the quantum unit.
>
> And, has been REPEATEDLY pointed out in this forum, he gets this
> dead wrong as the smallest possible unit of energy for computing is
> zero if you use reversible computations and get it back.
>
> -kitten
Dear kitten, please post links to the most recent and best websites
which support you claims. I have used search engines for hours and
found several tutorials, like
http://chemphys.weizmann.ac.il/~schmuel/comp/comp.html
but maybe you have a more recent result available. Isolation of
the molecules seems to be a fatal flaw in the work so far. Is
solid state the best way, or is a gas used successfully for
quantum logic gates? The Toffoli gate combines XOR with AND so
it would be useful. Please give a link showing the best known
implementation of the AND gate and XOR gate. What material was
used?
Sincerely, Henry (false name used)
------------------------------
From: "sp00ky" <[EMAIL PROTECTED]>
Crossposted-To: comp.security.pgp.discuss,alt.security.pgp
Subject: Re: Scramdisk - paranoia
Date: Fri, 5 Mar 1999 09:27:48 -0000
Anonymous wrote in message <[EMAIL PROTECTED]>...
<snip>
:
:I have similar problems under Win98. If I try to shutdown the system, and
:the Scramdisk screen pops up to tell me to dismount Scrandisks first, as
:soon as I click a key to continue I get a blue screen fault. Pressing a
:key to clear that error results in another blue screen ad infinitum. The
:only way out is to manually switch off the machine.
I used to have these problems too. I found that they disappeared after
unchecking the option 'Always open explorer file view windows...' in Timeout
and othere set ups.
Give it a try; it may not be the solution but there may be something in it
for Aman and Sam to work on.
What does Sternlicht know about Scramdisk anyway?
Dr Braddock
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: WIN 32 Blowfish
Date: Fri, 05 Mar 1999 11:37:02 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (Thiemo Sammern) wrote:
> [This followup was posted to sci.crypt and a copy was sent to the cited
> author.]
>
> You could try the components for Borland Delphi at
> http://www.crypto-central.com/
>
> They have Blowfish, Twofish, RC6, RSA,...
>
> HTH
>
> Thiemo
>
> In article <7arkil$j73$[EMAIL PROTECTED]>, [EMAIL PROTECTED]
> says...
> > Hi Guys,
> >
> > Can anybody point me to a WIN32 blowfish implementation that is
> > easy to compile ? I need to use it to as a static or Dynamic library.
> >
> > Cheers,
> >
> > John
> >
> >
> >
>
> --
> ****************
> Thiemo Sammern
> [EMAIL PROTECTED]
> ****************
>
For several years now I have hosted a BLOWFISH 32-bit on my site;
I know that the source code is prsent, but I have no idea how easy it is
to compile. It is stored in encrypted form as blowfish.32b on my web
pages listed below. You will need to send me your PGP key (RSA only) so
I can send you the decryption key. This takes up about 230k. I also have
a TINY version called DOSFISH which uses the full BLOWFISH algorithm in
CFB block chaining mode, and takes up less than 500 bytes of code; same
method of getting it applies.
Robert G. Durnal
Web pages at www.afn.org/~afn21533
and members.tripod.com/~afn21533
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: AES and Intellectual Property issues
Date: Fri, 05 Mar 1999 11:43:41 GMT
In article <7bnojl$rf0$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
>
>
> I just got this message from NIST's Edward Roback. There seems to
> be a possibility that the AES contest could be endangered by
> claims of intellectual property rights on competing algorithms.
> Unfortunately some of the stronger candidates seem to be the less
> enlightened ones in this matter. It is a pity that NIST did not ask
> for a clear statement to that effect before accepting the
> candidates. I suppose there is still time to apply some pressure
> before announcing the algorithms that will make it to the second
> round.
>
> Date: Thu, 04 Mar 1999 16:09:23 -0500
> To: <long list>
> From: Edward Roback
> Subject: draft Int. property slides
>
> AES Submitters,
>
> You may recall that last year we posed a question to you (on an infomral,
> non-binding basis) regarding intellectual property. There has been
> interest in providing a summary of what we found at the upcoming AES #2
> conference on March 22-23 during NIST's briefings to the conference. I
> wanted to give each of you a chance to see our draft summary and
> characterization of your responses. Feel free to send me any comments you
> may have.
>
> Thanks!
>
> Ed Roback, NIST
>
> draft slide 1:
>
> Intellectual Property (IP)
>
> Questions have been raised with NIST regarding the possibility that
> submitters may claim that their IP is infringed by the practice of another
> candidate algorithm. So, in the spirit of trying to obtain a worldwide
> royalty-free algorithm, NIST posed the following question to the 15
> submitters (for informal, non-binding response):
>
> Are you willing to waive any IP rights you may have on any party who makes,
> uses, or sells implementations of the selected AES algorithm(s) (no matter
> which algorithm is selected) ?
>
> draft slide 2:
>
> Summary of Responses
>
> Unqualified Yes: CAST-256, Crypton, DEAL,
> Frog, LOKI97, Rijndael,
> Serpent, Twofish
>
> Yes, clarified: Safer+
>
> Yes, if: HPC
>
> Not quite Yes: E2, MARS,
>
> No: RC6
>
> Can’t say: DFC
>
> No response: Magenta
>
> ---------------- Original text ends here ----------------
>
> http://www.tecapro.com
> email: [EMAIL PROTECTED]
>
> -----------== Posted via Deja News, The Discussion Network ==----------
> http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
>
You should be advised that in their submission, the authors of
RIJNDAEL state that it is NOT and WILL NOT BE subject to any patent
restrictions. As to RC6, AFAIK the AES competition required that the
winner waive all intellectual property rights, so their position seems
to be 'If it is not good enough for AES then we want to keep it to
ourselves'.
Robert G. Durnal
Web pages at www.afn.org/~afn21533
and members.tripod.com/~afn21533
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: "Tom" <[EMAIL PROTECTED]>
Subject: An export question...
Date: 5 Mar 1999 11:53:12 GMT
I live in the US and am currently developing some freeware that I'd like to
publicly post. The app doesn't encrypt any data but it does use MD5 as a
signature and high quality "checksum". What I've been unable to determine
is if MD5 or any other strong hash is exportable from the US without a BXA
review. The SHA-1 spec states that "export restrictions may apply" but I
can't find anything specific about it or the exportability of any other
hash algorithm. I'd really appreciate if someone could point me to a source
of information or enlighten me about this? Lawyers I've spoken to don't
have a clue and the Commerce Department documents I've tried to wade
through seem to contradict themselves at various points.
Thanks,
Tom
------------------------------
From: "Jay" <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto
Subject: Re: Intel/Microsoft ID
Date: Fri, 5 Mar 1999 05:59:35 -0500
Roger Schlafly wrote in message <7bo56b$jdu$[EMAIL PROTECTED]>...
>
>Hmmm. NYTimes is free to everybody. You just have to
>register.
>
Last I heard (maybe 6-8 months ago) it was only free to US residents. Non US
residents had to pay for access.
Jay
------------------------------
From: [EMAIL PROTECTED] (Jennifer Lu)
Subject: What's so-called random oracle model?
Date: 5 Mar 1999 12:54:33 GMT
Does it mean that
there exists a oracle that can always return you with something random?
Or does anyone have better definition?
Thanks...
------------------------------
From: [EMAIL PROTECTED] (Ed Stone)
Crossposted-To: alt.security.pgp,comp.security.pgp.discuss
Subject: Re: Scramdisk - paranoia
Date: Fri, 5 Mar 1999 08:46:43 -0500
I'd suspect that the problem is that you try to exit scramdisk while some
program (such as tabworks you reference below) still has some volume
"mounted" while that volume is served by scramdisk. Exiting scramdisk
breaks that mount rudely and thus the complaint.
If you exit all such mounts, including file indexers (you don't want the
plaintext filenames indexed anyway), the problem should end.
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] says...
> On Thu, 4 Mar 1999 11:23:50 -0000 "Sam Simpson"
> <[EMAIL PROTECTED]> wrote:
>
> >-----BEGIN PGP SIGNED MESSAGE-----
> >Hash: SHA1
> >
> >Sorcerer,
> >
> >Sure. I wasn't trying to imply that it was bug free (we are well
> >aware that it isn't <g>), but it is very certainly an improvement
> >over previous versions.
> >
> >I'm concerned about your reports of problems (I suspect a SW
> >config). Out of interest what HW are you running on?
>
> Intel P133, with Zip and Jaz and two printers and a scanner and
> realaudio and PGP 6 and clipmate etc. etc. I've tried shutting things
> down, but haven't tracked the conflict down yet. Next time it happens,
> I'll reboot into safe mode to test it.
>
> My laptop doesn't seem to have the problem. And it doesn't always
> happen (it didn't this evening) on the desktop.
> If I can figure it out, I'll certainly let you know.
>
> The program that makes Scramdisk think that there are files open (there
> aren't) is TabWorks, which seems to try to keep disk directories
> updated.
> Shutting down Tabworks prevents the shutdown problem.
>
> >We would like to tie this problem down to a specific piece of
> >software if possible, but that may mean disabling / uninstalling
> >your system piece by piece :-(
>
> Within limits, I'm already trying that. But Windoze Plug'n'Play being
> what it is, I'm reluctant to remove devices. As I say, the problem is
> not consistent, and I certainly let you know if I figure it out.
>
> And I want to reassure you that I still thinks that Scramdisk a great
> contribution to PC security. I wouldn't be without it.
> >
> >
> >Regards,
> >
> >- --
> >Sam Simpson
> >Comms Analyst
> >http://www.scramdisk.clara.net/ for ScramDisk hard-drive
> >encryption & Delphi Crypto Components. PGP Keys available at the
> >same site.
> >If you're wondering why I don't reply to Sternlight, it's because
> >he's kill filed. See http://www.openpgp.net/FUD for why!
> >
> >
> >Sorcerer wrote in message
> ><[EMAIL PROTECTED]>...
> >>On Wed, 3 Mar 1999 12:52:24 -0000 "Sam Simpson"
> >><[EMAIL PROTECTED]> wrote:
> >>
> >>>-----BEGIN PGP SIGNED MESSAGE-----
> >>>Hash: SHA1
> >>>
> >>>(Crossposted to c.s.p.d & a.s.p because they may be
> >>>interested....)
> >>>
> >>>I do have to agree.... It is worth some thought.
> >>>
> >>>Lets look at some of your individual points:
> >>>
> >>>1) Source code for 2.02g. As mentioned in the recent ScramDisk
> >>>"news letter": (copy available at
> >>>http://www.scramdisk.clara.net/other/newslet1.txt)
> >>>
> >>>"v2.02g
> >>>======
> >>>
> >>>Seems very stable. Since the 17th of November 1998 we have had
> >>>very few reports of problems. There appears to be some
> >conflict
> >>>between the Red Screen mode and certain specific ATI drivers.
> >>>
> >>Well, I do have one. it's not serious enough to make me switch,
> >but it
> >>can be irritating: occasionally, when I first start Scramdisk,
> >I get a
> >>full reboot, all the way to the BIOS. Retrying it gets me a 0E
> >>bluescreen error with no reboot a few times; another reboot,
> >and
> >>everything works fine. I do have lots of stuff, including
> >>Norton,Realaudio,F-Prot and clipmate running; haven't figured
> >out if
> >>any of those are causing it. But they don't on the third or
> >fourth
> >>reboot.
> >>
> >>And the only way I can dismount disks is via brutal, which
> >causes a
> >>blue error screen.
> >>
> >>I can live with it, but it's not perfect (yet).
> >
--
--
=======================
Ed Stone
[EMAIL PROTECTED]
delete "-birdname" spam avoider
=======================
------------------------------
From: [EMAIL PROTECTED] (Patrick Juola)
Subject: Re: Testing Algorithms [moving off-topic]
Date: 5 Mar 1999 08:51:10 -0500
In article <7bn566$b44$[EMAIL PROTECTED]>,
Doggmatic <[EMAIL PROTECTED]> wrote:
>In article <7b70cj$1li$[EMAIL PROTECTED]>,
> [EMAIL PROTECTED] (Patrick Juola) wrote:
>> In article <7b6tmq$ojt$[EMAIL PROTECTED]>,
>> Doggmatic <[EMAIL PROTECTED]> wrote:
>>
>> >But I will look up this "reversible computing." For such a
>> >great idea researched 30 years ago, you think I'd have my Free-Energy
>> >computer by now.
>>
>> I'll build one for you. Just buy me a frictionless surface.
>[snip]
>
>Did you really post a rebuttal based on an ideal solution? If so, why? I's
>ain't da smartest fella in da wurld, but I's could'a swo' that it was commonly
>accepted that there is no such thing as a "frictionless surface" in this
>universe. Here is where you can correct me if I'm wrong. I know that
>theoretically you can have smoother and smoother surfaces, but I thought that
>a frictionless surface is a physical impossiblilty, which is why I've also
>wondered about why "parasitic losses" were mention as if they are
>inconsequential.
Because "parasitic losses" are the sort of things that engineers are
really good at reducing as technology improves. Look at the amount
of waste heat and waste power that a vacuum tube uses when compared
with an identically functioning IC transistor.
> If the ideal cannot be reached, which is my current belief,
>then why even mention it, since this thread was originally about tractable
>solutions and not impossible ideal solutions.
Because what is tractable in fifty years will be a hell of a lot closer
to the ideal than what's tractable today. And you don't have any idea
how much closer.
-kitten
------------------------------
From: [EMAIL PROTECTED] (Patrick Juola)
Subject: Re: Testing Algorithms
Date: 5 Mar 1999 09:00:32 -0500
In article <[EMAIL PROTECTED]>, Henry Lewsal <[EMAIL PROTECTED]> wrote:
>Patrick Juola wrote:
>>
>> In article <[EMAIL PROTECTED]>,
>> Shawn Willden <[EMAIL PROTECTED]> wrote:
>
>snip...
>
>> >You should take a look at the section in Schneier's book on thermodynamic
>> >limitations to brute-force attacks. He assumes an ideal computer, one in
>> >which the energy required to change the value of one bit in the processor is
>> >the smallest possible -- namely the quantum unit.
>>
>> And, has been REPEATEDLY pointed out in this forum, he gets this
>> dead wrong as the smallest possible unit of energy for computing is
>> zero if you use reversible computations and get it back.
>>
>
>Dear kitten, please post links to the most recent and best websites
>which support you claims. I have used search engines for hours and
>found several tutorials, like
>
>http://chemphys.weizmann.ac.il/~schmuel/comp/comp.html
Well, to start with, you're looking at quantum computing and not
reversible computing.
The two are related (quantum computing *must* be reversible), but
not necessarily identical.
There's a tutorial available at
http://feynman.stanford.edu/qcomp/kitaev/kitaev/node5.html
Thomas Knight at MIT seems to have quite an impressive list of
accomplishments : among them,
Developed and implemented the world's first fully reversible FPGA
architecture.
Developed and implemented the world's first full energy recovery RAM
array.
You can see the MIT reversible computation group (according to altavista)
at http://www.ai.mit.edu/~dvieri/reversible.html
>
>but maybe you have a more recent result available. Isolation of
>the molecules seems to be a fatal flaw in the work so far.
^^^^^^
-kitten
------------------------------
Crossposted-To: talk.politics.crypto
From: [EMAIL PROTECTED]
Subject: Re: Intel/Microsoft ID
Date: Fri, 05 Mar 1999 08:37:23 -0600
In <7bo56b$jdu$[EMAIL PROTECTED]>, on 03/05/99
at 12:42 AM, "Roger Schlafly" <[EMAIL PROTECTED]> said:
>J. Mark Brooks wrote in message ...
>>As I don't have access to the nytimes.com site, posting the
>>article or emailing it to me would be appreciated. Thanks.
>Hmmm. NYTimes is free to everybody. You just have to
>register.
Something was foo bar on the system the other day. I would enter the
userID & Password and it would just return to the login screen. I tried
this with both an old userID & Password and a new registration.
I don't know if this has been fixed or not.
--
===============================================================
William H. Geiger III http://www.openpgp.net
Geiger Consulting Cooking With Warp 4.0
Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 5.0 at: http://www.openpgp.net/pgp.html
Talk About PGP on IRC EFNet Channel: #pgp Nick: whgiii
===============================================================
------------------------------
From: "PCM, Joakim Johansson" <[EMAIL PROTECTED]>
Subject: Re: Where can I get a Public Key system?
Date: Fri, 5 Mar 1999 15:36:38 +0100
Hello
Use Blowfish Algorithm insted of RSA becose Blowfish is free to use..
Good luck...
Frank LaRosa skrev i meddelandet <[EMAIL PROTECTED]>...
>Hello,
>
>I need a resonably secure public-key cryptography algorithm that I can
>use in a commercial product. I'm only encrypting a small amount of data
>(about 20 bytes). What are my options? Do I have to buy a license from
>RSA, or are there alternatives available?
>
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
