Cryptography-Digest Digest #518, Volume #10 Sat, 6 Nov 99 16:13:02 EST
Contents:
libmcrypt (Nikos Mavroyanopoulos)
Re: The Code Book (wtshaw)
Re: An encryption proposal from a Newbie... <- A modification (wtshaw)
Re: Steganography Academy (wtshaw)
Re: U-Boat Enigma Machines ("Charles R. Lyttle")
Re: Q: Removal of bias (Scott Nelson)
Re: PGP Cracked ? (Johnny Bravo)
MONEY MONEY (jim)
Re: U-Boat Enigma Machines (Johnny Bravo)
Re: Hash with truncated results (jerome)
Re: PGP Cracked ? ("Trevor Jackson, III")
Re: How protect HDisk against Customs when entering Great Britain (HJS)
Re: U-Boat Enigma Machines (Jim Reeds)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Nikos Mavroyanopoulos)
Subject: libmcrypt
Date: 6 Nov 1999 15:27:20 GMT
I've recently ported libmcrypt to win32. In case you're interested in it:
Libmcrypt is a library which provides a uniform interface to several
symmetric encryption algorithms. It is intended to have a simple
interface to access encryption algorithms in OFB, CBC, CFB and ECB
modes. The algorithms it supports are DES, 3DES, RIJNDAEL, Twofish,
IDEA, GOST, CAST-256, RC4, RC6, SERPENT, SAFER+ and more.
You can find it at http://hq.hellug.gr/~mcrypt
--
Nikos Mavroyanopoulos
mailto:[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: The Code Book
Date: Sat, 06 Nov 1999 10:08:35 -0600
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (John Savard) wrote:
> Unless the cryptographer decided to pretend he was from Mars, where
> the people have four digits on each hand...
>
> in that case, the total of the frequencies would equal 64 per
> quatnorb, and so the homophonic character set would contain 64
> elements or a multiple of it...
>
Consider assigning an alphabetic sized set to a very large number of
possbilities where frequencies of use can more closely match the
substitution option; you could, for instance, use 1000 values, 000 to 999.
Still, there are recoverable frequencies and presumed structures. You need
lots of ciphertext to attack this, but the fall will be catastrophic for
assumed security.
--
Those who think that all useful encryption is done in binary
are destined to be thought of as mere bit-players.
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: An encryption proposal from a Newbie... <- A modification
Date: Sat, 06 Nov 1999 10:19:22 -0600
In article <[EMAIL PROTECTED]>, "Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote:
> CoyoteRed wrote:
> > I've noticed a weakness that some of you picked up on and that's the
> > index keys. So, I proposes the following change: ...
>
> Aargh! That's why we discourage posting of newbie attempts at
> cryptosystem design. No matter how much work people put into
> analyzing the flaws, the newbie will just make another change
> and the process starts all over again. Eventually, people get
> tired of pointing out the flaws, at which point the newbie
> thinks that he has finally devised a great system because
> nobody seems to be able to find a flaw in it.
Posting work in progress can be extremely helpful to learning. If we
demanded only great, proven systems be posted, none would appear. One of
the things learned in teaching is that stupid questions to one person are
really troubling to another, and all demand attention if they are pivotal.
Too many assume wrong premises, and cover their ignorance with silence. I
remember Happy Jack and his words that a mistake that is heard can be
corrected and one that is not heard cannot be. This is the forum for
improving crypto; there is no other option for most.
--
Microsoft: BIG BODY, little brain.
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: Steganography Academy
Date: Sat, 06 Nov 1999 10:30:45 -0600
In article <[EMAIL PROTECTED]>, "Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote:
> JPeschel wrote:
> > [EMAIL PROTECTED] (wtshaw) writes:
> > >In the light of my definition of what constitutes a strong cipher, how
> > >much plaintext must be involved to confirm the correct key, all AES
> > >candidates are near or in the weak category axiomaticaly.
> > Then you better re-work your definition.
>
> Right! To call a system "weak" when you have no idea how to
> go about attacking it *in practice* is an abuse of terminology.
> You might as well say that almost every cryptosystem is "weak"
> because it is in principle susceptible to known-plaintext
> attack, although the work factor of the best known attack is
> vastly higher than anybody could actually muster.
I understand your reasons for saying what you do, that you have a
cultivated leaning toward strength meaning certain things, which is a
valid position, but, not the only position. Sorry, I don't take such
things on a dogmatic level.
Most important is looking at all the definitions of strength, like all the
means of attack, seeing if an algorithm is bad in at least one sense
before pronouncing it good in all.
I surely will come up with an alternative measure to answer your
definition of strength, to supplement the others in the growing list
before me.
--
Microsoft: BIG BODY, little brain.
------------------------------
From: "Charles R. Lyttle" <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto,talk.politics.misc
Subject: Re: U-Boat Enigma Machines
Date: Sat, 06 Nov 1999 16:37:33 GMT
Anthony Stephen Szopa wrote:
>
> U-boat Enigma Machines
>
> I recorded an interesting program last week from a series (I guess)
> called the Code Breakers. This recounts the program from memory.
>
> Apparently, the German Army and German Air Force Enigma machines had
> been compromised by Britain. But the U-boat fleet had their own
> variation of the Enigma and it was proving impossible to crack.
>
> So the British decided to capture a German U-boat. The British had
> just developed direction finding equipment. They would monitor U-boat
> radio transmissions. They triangulated using very precise direction
> finding devices and determined a U-boat location. They sent out
> destroyers and laid down a depth charge pattern. They forced the
> U-boat to the surface. But before they could board the U-boat, the
> German crew had dumped the Enigma machine overboard. But the mission
> was not a total loss. The British recovered many documents.
>
> By pouring over these documents it was determined that the Admiral of
> Germany's Navy used one central headquarters from which all orders
> were transmitted to every ship in the German fleet. It was deduced
> that if this was the case, then every ship in the German fleet must
> have an Enigma machine. It was decided to locate and attack a German
> weather ship.
>
> The British did attack and take one such weather ship. But again the
> mission failed but not completely. The British actually recovered a
> few rotors from the Enigma machine and more documentation. They
> learned that the U-boat Enigma had eight rotors and was impossible
> to crack at that time. Using some of these documents the British were
> able to partially decrypt some messages.
>
> They then located and attacked another German U-boat. This
> mission was successful. The British now had a German U-boat Enigma
> machine. The German Admiral apparently did not make the connection
> with the loss of their weather ship and submarine with the Enigma.
>
> Soon, sonar became available.
>
> The British were able to destroy (I think) 24 supply submarines that
> were used to resupply up to 24 U-boats at sea on each trip.
>
> Of about 840 U-boats in all, the Allies sunk about 760.
>
> At the end of the war, the German Naval Admiral received a brief phone
> call from the British and was told that his Enigma machine had been
> captured.
To add an aside to the story probably not covered on British TV. The US
did capture a U-boat with a working Enigma, but the US and Britian were
not sharing info as well as might be expected. Sometimes one party
worried about the Axis finding out, other times the "NIH" syndrome
prevailed. A common worry was that the information would be used in such
a way as to make it possible for the enemy to deduce that the codes were
broken.
--
Russ Lyttle, PE
<http://www.flash.net/~lyttlec>
Thank you Melissa!
Not Powered by ActiveX
------------------------------
From: [EMAIL PROTECTED] (Scott Nelson)
Subject: Re: Q: Removal of bias
Reply-To: [EMAIL PROTECTED]
Date: Sat, 06 Nov 1999 17:57:43 GMT
On Fri, 05 Nov 1999 21:55:58 +0100, Mok-Kong Shen
<[EMAIL PROTECTED]> wrote:
>Scott Nelson wrote:
>>
>> On Thu, 04 Nov 1999 20:52:20 +0100, Mok-Kong Shen
>> >Scott Nelson wrote:
>> >> Assuming a biased bit which is '1' .75 and '0' .25
>> >> (entropy = 0.8112781)
>> >> Using XOR to combine N bits,
>> >> 1 bits: Entropy = 0.8112781
>> >> 2 bits: Entropy = 0.9544340
>> >> 3 bits: Entropy = 0.9886994
>> >> 4 bits: Entropy = 0.9971804
>> >> (after 12 bits, it's 1.0 to seven places.)
>> >
>> >Is is possible to do an analogous computation for the von Neumann's
>> >device? Thanks.
>> >
>> Well, yes and no.
>> Von Neumann's method doesn't produce a deterministic number of
>> bits from a stream of biased bits.
>> Thus it's not quite the same - however, assuming independent
>> but biased bits which are '1' .75 and '0' .25 _on average_
>> Von Neumann's method will produce .1875 bit of entropy per
>> biased-bit processed. These just add up;
>> 1 biased bits: average entropy = 0.1875
>> 2 biased bits: average entropy = 0.375
>> 3 biased bits: average entropy = 0.5625
>> 4 biased bits: average entropy = 0.75
>>
>> In another thread, Tony T. Warnock pointed out that Von
>> Neumann's method can be expanded. Using that method,
>> groups of 4 biased bits will produce _on average_
>> 1.289 bits of entropy. Taken in groups of 20, you can get
>> slightly more than 12 bits of entropy (about .6 unbiased
>> bits per biased bit.)
>
>Allow me a stupid question: What could one say as a rule of thumb
>about XORing and the (extended) von Neumann's device for the
>practice, i.e. which method is to be preferred? Thanks.
>
Most of the existing entropy collectors use hash functions.
I suppose that means the rule of thumb for XOR and
Von Neumann is "don't use them."
In my opinion, XOR is never useful, or rather,
anywhere you'd use an XOR, it's better to use a CRC.
CRC is, after all, nothing more than XOR with feedback.
Single chip solutions for CRC exist, and cost virtually
the same as an xor gate. These are mainly used in
hardware only (no computer or micro-controller) devices.
Von Neumann's method has two really annoying problems
that cause people to avoid it.
1.) The output is non-deterministic, i.e. it produces
a random number of random bits.
2.) It only works if the input stream really is independent.
Most of the time we're processing real-world noise, which
has all sorts of non-noise components added to it. Any
non-noise components which are correlated will cause the
output to be flawed. In theory, we can correct for this
_if we know about it_ but all too often there are things
that happen to the device which we didn't expect.
Von Neumann's method also tends to eat up bits, (it takes two
bits to make one in the classic, unextended version) though
this is an issue only if lessor quality bits are acceptable.
CRC needs a lot more bits to approach the 0.0000001% accuracies
demanded by some statistics programs. (SHA1 probably does too,
though it's hard to prove it.)
But I think the main reason people avoid Von Neumann's method
is because it requires a great deal of 'thought effort' to
make it work. Taking the bits and running them through SHA1
is relatively easy, and you can make a lot of mistakes and
still have things come out right. Even a total failure of
your hardware can be concealed by a secure hash function.
Scott Nelson <[EMAIL PROTECTED]>
------------------------------
From: [EMAIL PROTECTED] (Johnny Bravo)
Subject: Re: PGP Cracked ?
Date: Sat, 06 Nov 1999 14:09:55 GMT
On Sat, 06 Nov 1999 08:05:37 GMT, [EMAIL PROTECTED] (zentara) wrote:
>They would just have to exploit some know weakness in the compilers
LOL, this again? My compiler is open source too. Or are you
actually proposing that every compiler in the world has been corrupted
as well as the PGP source. This 'urban legend' is about as old as PGP
is.
>Of course, this is just speculation. But your pgp programs come
>as pre-compiled binaries don't they?
No, they come as source code, which I am free to examine at my
leisure. If 100 people each check 1% of the code, the chances of an
error of this type passing unnoticed are roughly 1 in 3, If 1000
people each check 5% of the code, you drop to 1 in 5e-23.
>Even GpG, which you can compile
>yourself, has complex enough sorce code, that even a decent C
>programmer, would not know if little "markers" are being placed
>here and there.
We are all not as bad at reading C as you seem to be.
>Especially if it was a weakness in the compiler that
>was being exploited, like a tendency to leave a stray bit here and
>there in the final binary.
You can't just add stray random bits to a binary executable and
expect it to keep working at all, sooner or later you will get a
program that just doesn't run, then you know your compiler is broken.
Much less write source code that can both predict which final bits
would be effected, and then to top it off predict that they will
effect the binary in a manner you desire. You should learn a bit more
about compilers before you make such sweeping, and uninformed
statements.
>I'm not claiming that any of this is true. BUT, it seems very
>plausible to me. Maybe it explains where the government
>comes up with those "anonymous sources" of information.
Maybe it seems plausible because you don't know anything about the
topic. There are much easier methods of getting information that
trying to corrupt the source code of every compiler ever written, even
those written before PGP was created.
Best Wishes,
Johnny Bravo
------------------------------
From: jim <[EMAIL PROTECTED]>
Crossposted-To:
Subject: MONEY MONEY
Date: Thu, 04 Nov 1999 23:25:44 +0100
MAKE MONEY TODAY, 100% LEGAL AND FREE
http://members.xoom.com/calero2/money.htm
------------------------------
From: [EMAIL PROTECTED] (Johnny Bravo)
Crossposted-To: talk.politics.crypto,talk.politics.misc
Subject: Re: U-Boat Enigma Machines
Date: Sat, 06 Nov 1999 14:36:52 GMT
On Fri, 05 Nov 1999 13:09:24 -0800, Anthony Stephen Szopa
<[EMAIL PROTECTED]> wrote:
>U-boat Enigma Machines
>
>Apparently, the German Army and German Air Force Enigma machines had
>been compromised by Britain. But the U-boat fleet had their own
>variation of the Enigma and it was proving impossible to crack.
For a short time, they eventually worked a partial solution, it had
additional wheels. A bunch of the info gained from the beginning was
from known plaintext attacks, starting every message with "To the
General Staff:" ect. al. Then they added a mechanical computer to
compute the wiring of the wheels. Part of the weakness was that the
wheels were obviously wired in pairs of letters, by analysing messages
they could determine what letters were paired.
>So the British decided to capture a German U-boat. The British had
>just developed direction finding equipment.
This was more effective at running down a u-boat when it made a
contact report after spotting a convoy. Then the convoy would just
sail on, keeping the u-boat from shadowing the convoy and drawing a
wolfpack. This was regular from the second half of 1941 on. The main
thing to happen then was the installation of Leigh Lights and Radar
sets on long range patrol aircraft, aircraft destroyed the majority of
the u-boats. By this time the English had already captured an Enigma
machine. The Germans were aware of this possibility, and they issued
new wheels with different wiring at a few times during the war, as
well as a plug board that could switch output letters. It took some
real code breaking to solve this, it wasn't as simple as just having a
copy of the base machine.
>They triangulated using very precise direction
>finding devices and determined a U-boat location. They sent out
>destroyers and laid down a depth charge pattern. They forced the
>U-boat to the surface. But before they could board the U-boat, the
>German crew had dumped the Enigma machine overboard. But the mission
>was not a total loss. The British recovered many documents.
In May 9, 1941, KL. Lemp commanding U-110 was attacking convoy
OB318 when the corvette Aubretia and the destroyers Bulldog and
Broadway forced him to the surface. Bulldog was about to ram but the
Captain took the chance to board it, they got an Enigma machine and a
bunch of documents. Lemp died trying to reboard his boat and scuttle
it. By August 1941, almost all the German radio traffic was being
read by the English.
Then, after the war, the Allies sold Enigma machines to many foreign
governments, knowing full well they had already been broken.
Best Wishes,
Johnny Bravo
------------------------------
From: [EMAIL PROTECTED] (jerome)
Subject: Re: Hash with truncated results
Reply-To: [EMAIL PROTECTED]
Date: Sat, 06 Nov 1999 18:51:41 GMT
On Sat, 06 Nov 1999 00:49:23 GMT, Tom St Denis wrote:
>
>If I can break md5/sha when it's truncated to 96 bits, I can break the
>full algorithm as well.
what make you think that ?
------------------------------
Date: Sat, 06 Nov 1999 14:54:53 -0500
From: "Trevor Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: PGP Cracked ?
zentara wrote:
> On Fri, 5 Nov 1999 16:58:41 -0000, "Harry Solomon"
> <[EMAIL PROTECTED]> wrote:
>
> >A security expert at my place of work states that PGP can be cracked. He
> >says that today being Friday he will give me my passphrase by cracking the
> >code the following Tuesday, Is this possible?
> >
>
> I know the answers that the real experts here are giving is that
> he got your passphrase by some keystroke recorder....either
> via the network you are on, or some "tempest" style keyboard
> "bugging" device.
>
> But did you ever consider that PgP or GpG are controlled
> by very high-ranking military and government people? And that
> at a certain security level, there are people who can generate
> a "secret key" from the freely available "public key"? They are sworn
> to a very high secrecy level.
And they just happenned to let you know about it? Do tell.
> They would just have to exploit some know weakness in the compilers
> to leave "markers" here and there in the encrypted files. It's
> probably something along the lines of complementary matrices
> of vectors, and if you have one, with the "markers in place", the
> other matrix can be regenerated.
>
> Of course, this is just speculation. But your pgp programs come
> as pre-compiled binaries don't they? Even GpG, which you can compile
> yourself, has complex enough sorce code, that even a decent C
> programmer, would not know if little "markers" are being placed
> here and there. Especially if it was a weakness in the compiler that
> was being exploited, like a tendency to leave a stray bit here and
> there in the final binary.
>
> I'm not claiming that any of this is true.
So you are wasting our time.
> BUT, it seems very
> plausible to me. Maybe it explains where the government
> comes up with those "anonymous sources" of information.
No, but it certainly explains where silliness like yours originates.
------------------------------
From: [EMAIL PROTECTED] (HJS)
Crossposted-To:
alt.security.pgp,comp.security.pgp.discuss,comp.security.pgp.tech,alt.privacy,alt.privacy.anon-server
Subject: Re: How protect HDisk against Customs when entering Great Britain
Date: Sat, 06 Nov 1999 20:05:17 GMT
Reply-To: HJS
On Fri, 05 Nov 1999 23:38:59 GMT, [EMAIL PROTECTED] (algoss) wrote:
>On Fri, 5 Nov 1999 11:22:40 +0100, "Juergen Nieveler / CompuNet"
><[EMAIL PROTECTED]> wrote:
>
>>pgp651 <[EMAIL PROTECTED]> schrieb in im Newsbeitrag:
>>[EMAIL PROTECTED]
>><SNIP
>>>
>>> What I will have at crossing ? The PC [ notebook with 8GB HD, about 1GB
>>free ],
>>> CD-RW drive, CD-RW disks.
>>>
>><SNIP>
>>
>>I donīt know who told you that customs officers are scanning notebooks, but
>>I presume he meant X-Ray-scans, not inspection of hard disc contents.
>>Scanning 8 GB of disk space for x people on each plane carrying a notebook
>>would take several hours, and so far I know no programm able to scan Images
>>for their contents... except perhaps look for a certain amount of light red
>>colours ;-)
>>
>There was a claim made by a poster in uk.legal earlier this year. The
>customs asked if he had " internet" on his machine then whipped it
>away and connected it to one of their machines which wouldn't scan his
>drive because he was using a mac. ROTFL.
>I think the morons were looking for pornography
>
>Someone suggested loading a virus on a machine and letting them scan
>that. The lawsuits would have been endless. :)
ROTFL. Let's all do that!
--
HJS +
------------------------------
Crossposted-To: talk.politics.crypto,talk.politics.misc
From: [EMAIL PROTECTED] (Jim Reeds)
Subject: Re: U-Boat Enigma Machines
Date: Sat, 6 Nov 1999 19:21:37 GMT
In article <[EMAIL PROTECTED]>, "Charles R. Lyttle" <[EMAIL PROTECTED]>
writes:
...
|> To add an aside to the story probably not covered on British TV. The US
|> did capture a U-boat with a working Enigma, but the US and Britian were
|> not sharing info as well as might be expected. Sometimes one party
|> worried about the Axis finding out, other times the "NIH" syndrome
|> prevailed. A common worry was that the information would be used in such
|> a way as to make it possible for the enemy to deduce that the codes were
|> broken.
Referring to the U-505, captured on 31 May 1944 (I think), now on display
in Chicago. By the time this capture was made the important info about
what the Naval Enigma was, etc, had long been worked out. So the profit
from the capture did not balance the risk factor that the Germans might
hear about it and draw conclusions. (Of course there must have been lots
of other intelligence value to the capture, including current key lists
and signal files, as well as engineering info.) Although allies often
squabbled, the US Navy had better relations with BP than the US Army,
sharing Enigma info much earlier, for instance.
--
Jim Reeds, AT&T Labs - Research
Shannon Laboratory, Room C229, Building 103
180 Park Avenue, Florham Park, NJ 07932-0971, USA
[EMAIL PROTECTED], phone: +1 973 360 8414, fax: +1 973 360 8178
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
