Cryptography-Digest Digest #597, Volume #9 Wed, 26 May 99 10:13:03 EDT
Contents:
IEEE floating-point arithmetic and cryptography (D. J. Bernstein)
Re: Fractal encryption (Karel Wouters)
Re: non-computerized cryptography (Mok-Kong Shen)
Scramdisk cracked! (Jennifer)
Re: a question concerning the key-schedule of RC5/RC6 ([EMAIL PROTECTED])
Re: Why would a hacker reveal that he has broken a code? (SCOTT19U.ZIP_GUY)
Physics and human intention (related to an old topic) (Mok-Kong Shen)
RC4 in LotusScript ("Matthew Langham")
FAQ ("Ruppert")
Re: non-computerized cryptography
Re: Review of Scottu19 (SCOTT19U.ZIP_GUY)
REMINDER: CFP: ISOC Year 2000 Netw. & Distr. Sys. Security Symp. (NDSS ("David M.
Balenson")
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (D. J. Bernstein)
Subject: IEEE floating-point arithmetic and cryptography
Date: 26 May 1999 07:15:13 GMT
Arthur Klassen <[EMAIL PROTECTED]> wrote:
[ SHA-1 ]
> It's just as free of patent encumbrance as the dBase file format or
> using IEEE floating point numbers for numerical calculations :) but
> it's far more useful than either.
Hmmm. From my forthcoming paper ``Floating-point arithmetic and message
authentication'':
There is a well-known class of message authentication systems
guaranteeing that attackers will have a negligible chance of
successfully forging a message. This paper shows how one of these
systems can hash messages at extremely high speed---much more quickly
than previous systems at the same security level---using IEEE
floating-point arithmetic.
The rounding properties specified by IEEE are crucial here; you have to
implement the system differently if you're faced with a non-IEEE Cray.
Fortunately, IEEE floating-point arithmetic is now widespread. The same
techniques can also be used to speed up modular exponentiation.
---Dan
------------------------------
From: Karel Wouters <[EMAIL PROTECTED]>
Subject: Re: Fractal encryption
Date: Wed, 26 May 1999 13:28:24 +0200
Hi;
here's a links you might want to have a loot at :
http://www.navigo.com/sdc
regards;
Karel w
On Tue, 18 May 1999, Lysergide wrote:
> i have been searching the www and newsgroups for technical
> information/papers/methods etc about fractal encryption and ways of
> making an excryption algorithm from fractal formulae, can anyone help
> me out with some information/papers etc on fractal encryption, or any
> urls that anyone may know of. (as i cant seem to find any that are of
> any benefit, and have been looking for over 3 months!)
>
> thankyou :)
>
> Lysergide
> --
> Posted via Talkway - http://www.talkway.com
> Exchange ideas on practically anything (tm).
>
>
>
--
"What one man knows, nobody knows; what two men know, everybody knows"
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: non-computerized cryptography
Date: Wed, 26 May 1999 12:57:33 +0200
©ú¥Õ wrote:
>
> The trends in cryptography undeniably have shifted to 100%
> computer-based systems. But is there anything still being written about
> systems which do NOT rely on a computer to generate 1024 bit prime
> numbers??
The field of voice encryption, for example, if you don't count
any piece of hardware to be a computer.
M. K. Shen
------------------------------
From: Jennifer <[EMAIL PROTECTED]>
Subject: Scramdisk cracked!
Date: Wed, 26 May 1999 10:25:58 GMT
This who story is very suspicious. There are things that just don't add
up.
Firstly, if this story is true then the victim in question is an idiot.
Anyone who is concerned enough about the sensitive nature of their data
would not go to the trouble of using strong encryption and then using a
weak 7 character passphrase unless they were lacking in brain cells.
> The passphrase was not wife's name and is not in English dictionary.
How do you know this? Did they simply say that 'it's not the name of my
wife or in the English dictionary' or did they divulge the password
after they assumed the LEO had gained access to
the container? If they did then they are even more stupid.
> He was not even asked about the passphrase. The case is still
> ongoing, and they could have asked him at a later stage if they needed
> to.
This is the part that convinces me this whole thing is fiction. There is
no way that during the normal course of questioning the suspect would
not be asked about encrypted data and passwords. The suspect would be
asked for any passwords during the initial interview immediately
following arrest. The simplest way to obtain passwords is for the
suspect to give them up voluntarily, and they would be giving this
opportunity in the early stages.
> It was Scramdisk 2.02g. The data was extracted from a PDF file stored
> in the clients container. It was a 600M container file; and they
> produced the MOST incriminating file in that container. This leads me
> to believe that they had access to ALL of the file therein, hence
> producing the most likely to get results for them. ie. Not data held
> on some temp folder etc.
You mean you don't know? If you are who you claim then you certainly
would know if they had access to more files. Legally you would need to
be made aware of any evidence that is going to be used against your
client. To say that the document found was the 'most incriminating' file
that was contained on the clients encrypted drive suggests that there
was other incriminating data. An investigation would not stop after
finding one piece of evidence, no matter how incriminating. They would
collect everything relevant in order to add more weight to the case and
not just the item 'most likely to get results for them'. What would
happen in a murder investigation then? The police would say something
like 'hey guys, you can tell those four witnesses to the stabbing to go
home because we only need one. The little old lady is the most
convincing so well just use her'? I think not.
This person is making some of the right noises - using phrases that
sounds as though they were constructed by someone in the legal
profession, but the presented 'facts' show this to be pure fabrication.
Good try Mr Anonymous. Better luck next time.
Jennifer
--== Sent via Deja.com http://www.deja.com/ ==--
---Share what you know. Learn what you don't.---
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: a question concerning the key-schedule of RC5/RC6
Date: Wed, 26 May 1999 11:45:50 GMT
Hello!
As part of a research I am doing right now, I have to examine the RC5
algorithm. So I have a question about the key-schedule.
In 'The Rc5 Encryption Algorithm' Prof. Rivest writes: 'the key-
expansion function has certain amount of one-wayness: it is not so easy
to determine K from S'.
So, I wanted to ask whether it is already demonstrated how the secret
key is achieved from the expanded key table. For now I haven't found
anything, but my sources are somehow limited. I am asking, because I
worked on such process, and for now everything looks fine.
I will be really thankful for any comment.
Best wishes!
PS: On the nist.gov site I read the comments about the AES submissions,
so there was something about an alternative key schedule for RC6. Can
you give me some more information.
--== Sent via Deja.com http://www.deja.com/ ==--
---Share what you know. Learn what you don't.---
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Why would a hacker reveal that he has broken a code?
Date: Wed, 26 May 1999 13:41:58 GMT
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
(wtshaw) wrote:
>In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Terry Ritter)
>wrote:
>>
>> 3) It is not all that clear that the "honest" people would outnumber
>> the "dishonest" people, if we include NSA and similar agencies, and
>> count only those active at any particular time. "Honest" people may
>> have less motivation and resources, and may have to quit sooner.
>>
>Suppose we are NSA, so, we hire people qualified according to a narrow set
>of standards, excluding those that have gotten into various forms of
>creative mischief, learned too many bad computer habits on their own,
>really have a life outside of what it takes to be a trusted government
>employee, or will never be able to accept a guidance from a
>crypto-clueless bureaucrat. It seems that when you exclude many of the
>people who would be most likely to succeed in weird approaches to solve
>seemingly impossible problems, you lessen you chances to do what you
>otherwise want to do.
>
If you where playing from a fair playing field you are correct. The NSA in
its narrow minded irragance most likely loses the best and brightest people
but it makes up for it by. The sheer numbers of people invovled and the fact
they have access to the best computers in the world. And can spy on any
one doing development. But even in this area most of the useful information
is lost. But there arm is long and they can also distort the information that
the public sees. I however would not be surprised to find out that if many of
the nuclear secrets the governmenr is claiming are lost are lost due to
internal leaks from inside agencies like the NSA which spend a lot of time
spying on other US agencies. The government even when I worked at research
labs always focused it resources on the freedom seekers who question the
system but they never seemed to learn it is the kiss asses and quiet ones who
do all the stealing right under there watchful eyes.
I wonder if the NSA is under the same rules as the rest of government. When I
first started working at a lab you had to be in top 10% of your class to even
be looked at. But when I left they had a quota of hiring woman and minorites.
I guess the management got double browny points if it was a chinese woman they
are so sweet and demire. In my mind they make the ideal spys but not in the
mind of the jerks toying with security. Anyone I feel sorry for the lower
level white man at the labs. They can no longer get promoted because of there
sex and race but know they will have to pee more for uncle sam while the
higher ups do the stealing and the patting of each other on the backs and then
they can brag to the media how much more secure the place is. I really don't
think that treating your engineers and scientist like the enemy while
management is given god like privaledges is going to help. But then again I
think things like the Littleson shooting are more apt to be from the mixed
messages we send our kids than the availability of guns. I have as a kid even
taken a gun to school for an NRA saftey class. It was around the time doctors
use to make house calls. Funny back then we respected guns and people. Also
back then we thought we had a just government and an honest president. Oh well
maybe I am wrong what do I know anyway.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Physics and human intention (related to an old topic)
Date: Wed, 26 May 1999 14:06:33 +0200
Quite a time back an article of mine asking for evaluation of a paper
published in a journal claiming influence of mind on physical
events led to an unexpectedly large amount (unfortunately mostly
unnecessary in my view) of follow-ups. I was heavily flamed because
I was (wrongly) considered to be a believer of parapsychology. There
were also other stuffs contributed that were entirely irrelevant to
the subject in question.
I remain to be a (strong) disbeliever of parapsychology but (also
because of that) I am continuing of the opinion that publications in
scientific journals about claimed psychic effects should get
scrutinized if these (at least from appearence) use methodologies
that other scientific papers also employ, so that the falasies of
the arguments could be uncovered, which could by itself be a
valuable lesson for conducting useful scientific investigations.
In this sense, I am giving below a pointer to a recent paper related
to the old topic:
H. Atmanspacher et al., Deviation from Physical Randomness
due to Human Agent Interation. Chaos, Solitons & Fractals,
10 (1999).
My humble knowledge of statistics does not allow me to capture much
of the stuffs there; I even have difficulties with certain
terminologies. So I hope some experts would evaluate that and, in
case it is not found to be entirely faulty, perhaps give a sketch of
it in terms understandable to laymen.
Being careful through lessons learnt in the past, let me repeat that
I am a (strong) disbeliever of parapsychology. Further I solicite not
to use this thread to discuss the general philosophical and
mathematical issue of randomness (e.g. Kolmogorov complexity etc. etc.
etc. etc.) Please create a new thread if you feel sporned by my post
to deal with that very wide and valuable and interesting field. What
I like very much to know is only an evaluation and eventual a more
understandable sketch of the content of the work done in the above
paper.
Thank you in advance.
M. K. Shen
------------------------------
From: "Matthew Langham" <[EMAIL PROTECTED]>
Subject: RC4 in LotusScript
Date: Wed, 26 May 1999 15:16:42 +0200
Hi!
Does anyone have or know of an implementation of RC4 (or similar) in the
Lotus Script language (for use with Notes).
Thanks for any pointers
Matthew
[EMAIL PROTECTED]
------------------------------
From: "Ruppert" <[EMAIL PROTECTED]>
Subject: FAQ
Date: Wed, 26 May 1999 15:27:20 +0200
=====BEGIN PGP SIGNED MESSAGE=====
Hash: SHA1
Hi, can somebody tell me where i can get the FAQ?
Thx
Ruppert
=====BEGIN PGP SIGNATURE=====
Version: PGPfreeware 6.0.2i
iQA/AwUBN0vopi6671FxDS+qEQK80ACfWM3ztjJjSP13gjxH4mouv3X4tpAAni7q
nudpLaueRB5sv6ikM/AqtY0W
=EVBR
=====END PGP SIGNATURE=====
------------------------------
From: <[EMAIL PROTECTED]>
Subject: Re: non-computerized cryptography
Date: Wed, 26 May 1999 09:52:52 -0400
Reply-To: <[EMAIL PROTECTED]>
Try the Appendix to Neal Stephenson's Cryptonomicon.
An algorithm called Solitaire that can be done manually with a deck of
cards.
Bruce Schneier, care to comment?
Marc
©ú¥Õ <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Greetings:
>
> I'm interested in locating texts or other information pertaining to
> "non-computer based" cryptography.
>
> The trends in cryptography undeniably have shifted to 100%
> computer-based systems. But is there anything still being written about
> systems which do NOT rely on a computer to generate 1024 bit prime
> numbers??
>
> Just curious.........
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Review of Scottu19
Date: Wed, 26 May 1999 14:44:33 GMT
In article <7igsh4$nhn$[EMAIL PROTECTED]>, [EMAIL PROTECTED] wrote:
>
>>The actual mode is a "wrapped PCBC" mode where the file is treated like
>>a cylinder and many passes occur such that any one bit change in the input
>> file changes the whole encrypted file.
>
>So it's a OTP like cipher?
Not in my mind. To me it is a block cipher that just happens
to match the input file size.
>
>> Look at the past articles by Redburn he was first to calulate the
>> actually entropy. But the key is such that every possible single cycle
>> 19X19 bit S table is used. You find an S-table that is 19X19 and single
>> cycle and you can get a key to porduce that S-table. The actual entroy
>> or real key length is over one million bits. A far cry from 128 bits.
>
>You cannot calculate entropy exactly though. How is the s-box used? It
>can't be used in stream ciphers unless it is a function.
simple 19 bits in 19 bits out.
It is used as a 19 bit lookup table.
>
>
>> Actually it is cleaned up. With scott16u I was able to compile it on my
>
>You believe that. See the description of Blowfish or RC5, that is
>organized. Scottu is not, sorry but thems the cookies.
>
Those may be the cookies but all the source code is there. If one can't
read and understand C then any attempt by my to clarify would be a loss
see the trouble I had explaning how I do the end of file in the adaptive
huffman compression program. I never got that in acceptable english.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS
------------------------------
From: "David M. Balenson" <[EMAIL PROTECTED]>
Subject: REMINDER: CFP: ISOC Year 2000 Netw. & Distr. Sys. Security Symp. (NDSS
Date: Wed, 26 May 1999 10:02:21 -0400
C A L L F O R P A P E R S
The Internet Society
Year 2000 Network and Distributed System Security
Symposium (NDSS 2000)
Catamaran Resort Hotel, San Diego, California
February 2-4, 2000
IMPORTANT DATES:
Paper and panel submissions due: June 16, 1999
Author notification: August 17, 1999
Final versions of papers and panels due: October 15, 1999
GOAL:
This symposium aims to foster information exchange among researchers
and practitioners of network and distributed system security
services. The intended audience includes those who are interested
in practical aspects of network and distributed system security,
with the focus on actual system design and implementation, rather
than theory. A major goal of the symposium is to encourage and
enable the Internet community to apply, deploy, and advance the
state of available security technology. The proceedings of the
symposium will be published by the Internet Society.
Submissions are solicited for, but are not limited to, the
following topics:
* Secure Electronic Commerce, e.g., payment, barter, EDI,
notarization/timestamping, endorsement and licensing.
* Intellectual Property Protection: protocols, schemas,
implementations, metering, watermarking, other forms of rights
management.
* Implementation, deployment and management of network security
policies.
* Integrating Security in Internet protocols: routing, naming,
TCP/IP, multicast, network management, and, of course, the Web.
* Attack-resistant protocols and services.
* Special problems and case studies: e.g. interplay and tradeoffs
between security and efficiency, usability, reliability and cost.
* Security for collaborative applications and services: tele- and
video-conferencing, groupwork, etc.
* Fundamental services: authentication, data integrity,
confidentiality, authorization, non-repudiation, and availability.
* Supporting mechanisms and APIs: key management and certification,
revocation, audit trails and accountability.
* Integrating security services with system and application security
facilities and protocols, e.g., message handling, file
transport/access, directories, time synchronization, data base
management, boot services, mobile computing.
* Security for emerging technologies -- sensor networks, specialized
testbeds, wireless/mobile (and ad hoc) networks, personal
communication systems, and large heterogeneous distributed systems.
* Intrusion Avoidance, Detection, and Response: systems, experiences
and architectures
* Network Perimeter Controls: firewalls, packet filters, application
gateways.
BEST PAPER AWARD:
A best paper award will be introduced at NDSS 2000. This award will
be presented at the symposium to the authors of the best paper to
be selected by the program committee.
GENERAL CHAIR:
Stephen Welke, Trusted Computer Solutions
PROGRAM CO-CHAIRS:
Gene Tsudik, USC / Information Sciences Institute
Avi Rubin, AT&T Labs - Research
TUTORIAL CHAIR:
Doug Maughan, NSA / DARPA
PROGRAM COMMITTEE:
Bill Cheswick, Lucent Bell Labs
Marc Dacier, IBM Research Zurich
Jim Ellis, CMU / CERT
Carl Ellison, Intel
Ed Felten, Princeton
Virgil Gligor, UMD College Park
Thomas Hardjono, Bay Networks/Nortel
Cynthia Irvine, Naval Postgraduate School
Charlie Kaufman, Iris Associates
Dave Kormann, AT&T Labs - Research
Hugo Krawczyk, Technion and IBM
Carl Landwehr, Naval Research Lab
Doug Maughan, NSA / DARPA
Gary McGraw, Reliable Software Technologies
Sandra Murphy, TIS Labs at Network Associates
Clifford Neuman, USC / Information Sciences Institute
Paul Van Oorschot, Entrust
Sami Saydjari, DARPA ISO
David Wagner, UC Berkeley
Bennet Yee, UC San Diego
LOCAL ARRANGEMENTS CHAIR:
Thomas Hutton, San Diego Supercomputer Center
PUBLICATIONS CHAIR:
John Kochmar, SEI
PUBLICITY CHAIR:
David Balenson, TIS Labs at Network Associates
LOGISTICS CHAIR:
Carla Rosenfeld, Internet Society
REGISTRATIONS CHAIR
Beth Strait, Internet Society
SUBMISSIONS:
The committee invites both technical papers and panel proposals.
Technical papers should be at most 20 pages long. Panel proposals
should be at most two pages and should describe the topic, identify
the panel chair, explain the format of the panel, and list three
to four potential panelists. Technical papers will appear in
the proceedings. A description of each panel will appear in the
proceedings, and may -- at the discretion of the panel chair --
include written position statements from the panelists.
Each submission must contain a separate title page with the type
of submission (paper or panel), the title or topic, the names of
the author(s), organizational affiliation(s), telephone and FAX
numbers, postal addresses, e-mail addresses, and must specify
the contact author in case of multi-author submissions. The names
of authors, affiliations, and other identifying information should
appear only on the separate title page.
Submissions must be received by June 16, 1999, and must be made
via electronic mail in either PostScript or ASCII format. If
the committee is unable to print a PostScript submission, a
hardcopy will be requested. Therefore, PostScript submissions
must arrive well before the deadline.
All submissions and program related correspondence (only) should
be directed to the program chair:
Gene Tsudik
USC Information Sciences Institute
4676 Admiralty Way
Marina Del Rey, CA 90292
Email: [EMAIL PROTECTED]
TEL: +1 (310) 822-1511 ext 329
FAX: +1 (310) 823-6714
Dates, final call for papers, advance program, and registration
information will be available soon at the URL:
httl//www.isoc.org/ndss2000.
Each submission will be acknowledged by e-mail. If acknowledgment
is not received within seven days, please contact the program
chair as indicated above. Authors and panelists will be notified
of acceptance by August 17, 1999. Instructions for preparing
camera-ready copy for the proceedings will be sent at that time.
The camera-ready copy must be received by October 15, 1999.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
