Cryptography-Digest Digest #608, Volume #10 Mon, 22 Nov 99 17:13:02 EST
Contents:
MP3 to CD?? ("Verne")
Re: How ScramDisk will recover >> My test in container file ... (Johnny Bravo)
Re: AES cyphers leak information like sieves (wtshaw)
Re: Halting condition for brute force cracking (wtshaw)
Re: AES cyphers leak information like sieves (wtshaw)
Free weekly science cartoon by email ([EMAIL PROTECTED])
Re: Where's a good online discription of SHA1 or MD5? TIA (CoyoteRed)
Re: Where's a good online discription of SHA1 or MD5? TIA (CoyoteRed)
Re: Normal basis vs. Polynomial Basis (Medical Electronics Lab)
Re: For all lions --- ("Markku J. Saarelainen")
Re: MP3 to CD?? (Medical Electronics Lab)
Re: technical writing skills required! (Medical Electronics Lab)
Re: How ScramDisk will recover >> My test in container file ... (DungBeetle)
sources for software ([EMAIL PROTECTED])
Re: Signals From Intelligent Space Aliens? Forget About It. ("Douglas A. Gwyn")
Re: Halting condition for brute force cracking ("Douglas A. Gwyn")
Re: Codebook examples on Web? (John Savard)
Re: Halting condition for brute force cracking (John Savard)
Re: Codebook examples on Web? (John Savard)
----------------------------------------------------------------------------
From: "Verne" <[EMAIL PROTECTED]>
Subject: MP3 to CD??
Date: Mon, 22 Nov 1999 10:48:01 -0500
Is there a way to get MP3 to a CD?
------------------------------
From: [EMAIL PROTECTED] (Johnny Bravo)
Crossposted-To:
alt.security.pgp,comp.security.pgp.discuss,alt.security.scramdisk,comp.security.pgp.tech
Subject: Re: How ScramDisk will recover >> My test in container file ...
Date: Mon, 22 Nov 1999 11:18:49 GMT
On Mon, 22 Nov 1999 05:31:22 -0500, [EMAIL PROTECTED] wrote:
>How Scramdisk will recover from say :
>
>PC power down with file/s open in container >> power down with container mounted
>+ open files in container ?
Works fine, any files in the process of being written to will get
chopped off as normal. I've had this happen many times (lightning in
Florida really prone to taking out power for entire blocks for 2-3
mins, happens about once a month on average). Never had a problem
remounting the volume.
>My test in container file, by corrupting 1 byte of random data made my container
>USELESS [ could not mount it + did not recognized password ] >> this makes
>reliability of container very controversial issue >> corrupting 1 byte affected
>640 MB of disk space !!!
>The above ratio will theoretically render ScramDisk as useless software, base on
>immunity to withstand any data corruption. I see the problem in inability to
>MOUNT container, which lead to ALL CONTAINER disk space lost.
This is damage to the actual container file. I've yet to see this
happen myself, dispite using a 200MB container for over a year (4
months of that time it was on a doublespaced drive) and having at
least a dozen unexpected power outages with the drive open and writing
files to it. I've even run scandisk and defrag on my scramdisk drive
with no ill effect.
You don't like the risk, don't put all your eggs in the same basket.
Make backups to tape, split the drive up into 10 files of 64 MB each,
whatever you need to make you happy with the risk.
While you might not be happy with this, it does not make the
software useless. There are always tradeoffs, this is one of them
Best Wishes,
Johnny Bravo
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: AES cyphers leak information like sieves
Date: Mon, 22 Nov 1999 10:59:36 -0600
In article <81bgog$29no$[EMAIL PROTECTED]>, [EMAIL PROTECTED]
(SCOTT19U.ZIP_GUY) wrote:
Should have been *see through mirrors.*
--
Who censors the censor's sense of serenity?
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: Halting condition for brute force cracking
Date: Mon, 22 Nov 1999 11:14:38 -0600
In article <81bkqf$cal$[EMAIL PROTECTED]>, "Gary"
<[EMAIL PROTECTED]> wrote:
> Known headers or dominating symbols are usually looked for.
> eg If known to be an ASCII file then obviously A-Z, a-z, 0-9 would feature
> predominantly.
This is why, with most ciphers, you don't want encrypted headers. You
could have some stage, perhaps crypto as well, in which ASCII, or other
plaintext set, is converted into something less recognizable.
> Most ciphers do a very weak checksum on passwords or decrypted file which an
> attacker can use to eliminate candidates.
Such may serve an attacker as well as a recipient. You can take your
chances and not to anything of the sort, or maybe encrypt that information
as well.
> Otherwise statistical tests on the data similar to PRNG testing is required
> as the data will usually(always?) contain information and thus redundancy.
Ciphertext can be skewed to throw an attacker off.
> Sending decoy messages does pose a problem as one can't prove that encrypted
> data contains information.
It might confuse a recipient as well. Sending garbage can do the same thing.
--
Who censors the censor's sense of serenity?
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: AES cyphers leak information like sieves
Date: Mon, 22 Nov 1999 10:58:02 -0600
In article <81bgog$29no$[EMAIL PROTECTED]>, [EMAIL PROTECTED]
(SCOTT19U.ZIP_GUY) wrote:
> ...I don't like the term
> error recovery for any of these moses. I suspect the term is really
> only used to make people comfortable about the weak chaining.
>
If the real reason of mode chaining is to increase diffusion, then hyping
error correction seems to admit that the technique does not do it well. A
painter would say that the errors are hidden with a new coat of paint, but
if you look closely, they are still there.
If the increase in security is so marginal, then it serves those who want
to defeat it and know how, while fooling those that buy into what is
supposed to do but do not know the work-around; it's thin smoke and
one-way mirrors.
--
Who censors the censor's sense of serenity?
------------------------------
From: [EMAIL PROTECTED]
Subject: Free weekly science cartoon by email
Date: Mon, 22 Nov 1999 17:50:03 GMT
Announcing "lab initio"
-the free weekly science cartoon strip for folks who enjoy science.
.-.. .- -... .. -. .. - .. ---
What it is:
Lab initio is a free internet comic strip created by New Zealand
Cartoonist & Chemistry lecturer/professor Nick D Kim, and features a
mixture of general and specific science cartoons (about 50:50) from
across the range of disciplines. Nick's cartoons have appeared in a
range of science magazines, including Physics Today, The Annals of
Improbable Research, New Scientist, Chemtech, The UK Skeptic, and New
Zealand Science Monthly.
Where you can peruse previous editions:
An archive of previous lab initios can be found at:
http://members.xoom.com/bacchanalia/li.htm
How to subscribe & unsubscribe:
To join the free lab initio email list, send a blank email message
(from the address to which you want the cartoons sent) to:
[EMAIL PROTECTED]
& follow the confirmation directions
To unsubscribe, send an email message to
[EMAIL PROTECTED]
Alternatively, you can sign up (and unsubscribe) at the list homepage
on the web:
http://www.egroups.com/group/lab-initio/info.html
Frequency & other list notes:
Lab initios are posted to the email list weekly on Mondays, in order
to make this day of the week marginally more palatable. (In many parts
of the world this means they travel back in time a bit, so if you live
in the right place, you might get them on Sunday evening.) The email
list permissions are set in such a way that only the moderator can
post--this is to ensure that subscribers don't get swamped with
unwanted messages.
Other science cartoons:
Other previous science-related cartoons can also be found by following
the subject index link at:
http://members.xoom.com/bacchanalia/index.htm
+++++++++++++++++++++++++++++++++++++++++++++++
All the best,
->Nick D. Kim, who occasionally refers to himself in the third person.
[EMAIL PROTECTED]
-. .. -.-. -.- -.. -.- .. --
------------------------------
From: [EMAIL PROTECTED] (CoyoteRed)
Subject: Re: Where's a good online discription of SHA1 or MD5? TIA
Date: Mon, 22 Nov 1999 17:56:47 GMT
Reply-To: this news group unless otherwise instructed!
CoyoteRed said...
> but there was even a name for this
> predetermined fingerprint scheme.
I think it may be something like DEADBEEF or DEADBEAF, or something
like that.
--
CoyoteRed
CoyoteRed <at> bigfoot <dot> com
http://go.to/CoyoteRed
PGP key ID: 0xA60C12D1 at ldap://certserver.pgp.com
------------------------------
From: [EMAIL PROTECTED] (CoyoteRed)
Subject: Re: Where's a good online discription of SHA1 or MD5? TIA
Date: Mon, 22 Nov 1999 17:56:45 GMT
Reply-To: this news group unless otherwise instructed!
CoyoteRed said...
> Or is making a key pair with any one particular 512 bit hash just too
> difficult to be practical?
Opps...
Should read:
Or is making a key pair with any one particular 128/160 bit hash just
too difficult to be practical?
--
CoyoteRed
CoyoteRed <at> bigfoot <dot> com
http://go.to/CoyoteRed
PGP key ID: 0xA60C12D1 at ldap://certserver.pgp.com
------------------------------
From: Medical Electronics Lab <[EMAIL PROTECTED]>
Crossposted-To: sci.math
Subject: Re: Normal basis vs. Polynomial Basis
Date: Mon, 22 Nov 1999 12:09:29 -0600
Tom Pedersen wrote:
>
> If you need to implement a basis and the corresponding arithmetic functions
> in hardware, which basis would you choose to be the most efficient and why?
>
> Addition is the same in the bases. Squaring is much faster in a normal
> basis, but multiplication of elements can be cumbersome. But if you have a
> Gaussian normal base of type I or II, would you then always prefer that over
> a polynomial basis?
>
> Can anyone answer this or do anyone have any references to some sources on
> the Internet to this problem?
>
> This is very relevant for encryption with elliptic curves.
Your application defines what is "efficient". Sometimes it's power,
sometimes it's speed, sometimes it's gates. For reduced gates,
Certicom has a very nice patent for ONB. The "all-ones-polynomial"
of the Type I ONB has lots of advantages for hardware as well, check
out J. Silverman's paper at the CHES 1999 conference. If you have
a processor with lots of integer units built in, then using GF(p)
with "Generalized Mersenne primes" makes more sense.
You can find code for the "all-ones-polynomial" on my web site:
http://www.terracom.net/~eresrch
Patience, persistence, truth,
Dr. mike
------------------------------
From: "Markku J. Saarelainen" <[EMAIL PROTECTED]>
Subject: Re: For all lions ---
Date: Mon, 22 Nov 1999 12:53:31 +0000
actually, I would never use pgp personally .... cheers ! .. the small
boy was correct ...
who are those people who have three lions in the collar ...?
------------------------------
From: Medical Electronics Lab <[EMAIL PROTECTED]>
Subject: Re: MP3 to CD??
Date: Mon, 22 Nov 1999 12:12:05 -0600
Verne wrote:
>
> Is there a way to get MP3 to a CD?
Yeah, just play the MP3 and feed the output
to a CD recorder. All you have to do is
connect the data stream to the software.
Patience, persistence, truth,
Dr. mike
------------------------------
From: Medical Electronics Lab <[EMAIL PROTECTED]>
Subject: Re: technical writing skills required!
Date: Mon, 22 Nov 1999 12:18:31 -0600
Tom St Denis wrote:
>
> > I think that's a good idea. Posting short sections in a single thread
> > would make comments easy to find, and edits easy to suggest using the
> > Usenet quote-response convention.
>
> Would it be more usefull just to divide the paper into small text
> files, then just post urls? I don't want to flood the group. Assuming
> I can muster enough time todo this [which I want to]. I could then
> edit it into one document when it nears completion...
Depends on how big the files are. If it's just a couple of pages,
posting it is easier to reply to. If it's longer than that, posting URL's
is fine.
Each section ought to be small anyway, so posting only a couple of
pages a day can't hurt. given the amount of noise already here, you
won't be flooding, you'll be increasing the signal level :-)
Patience, persistence, truth,
Dr. mike
------------------------------
Date: 22 Nov 1999 19:14:46 -0000
From: [EMAIL PROTECTED] (DungBeetle)
Subject: Re: How ScramDisk will recover >> My test in container file ...
Crossposted-To:
alt.security.pgp,comp.security.pgp.discuss,alt.security.scramdisk,comp.security.pgp.tech
My personal experience with a dozen 650 mb scramsdisks, including one
on a doublespace drive, and endless Windoze crashes, is that I've never
lost a container.
On Mon, 22 Nov 1999 11:18:49 GMT [EMAIL PROTECTED] (Johnny Bravo)
wrote:
>On Mon, 22 Nov 1999 05:31:22 -0500, [EMAIL PROTECTED] wrote:
>
>>How Scramdisk will recover from say :
>>
>>PC power down with file/s open in container >> power down with container mounted
>>+ open files in container ?
>
> Works fine, any files in the process of being written to will get
>chopped off as normal. I've had this happen many times (lightning in
>Florida really prone to taking out power for entire blocks for 2-3
>mins, happens about once a month on average). Never had a problem
>remounting the volume.
>
>>My test in container file, by corrupting 1 byte of random data made my container
>>USELESS [ could not mount it + did not recognized password ] >> this makes
>>reliability of container very controversial issue >> corrupting 1 byte affected
>>640 MB of disk space !!!
>
>>The above ratio will theoretically render ScramDisk as useless software, base on
>>immunity to withstand any data corruption. I see the problem in inability to
>>MOUNT container, which lead to ALL CONTAINER disk space lost.
>
> This is damage to the actual container file. I've yet to see this
>happen myself, dispite using a 200MB container for over a year (4
>months of that time it was on a doublespaced drive) and having at
>least a dozen unexpected power outages with the drive open and writing
>files to it. I've even run scandisk and defrag on my scramdisk drive
>with no ill effect.
>
> You don't like the risk, don't put all your eggs in the same basket.
>Make backups to tape, split the drive up into 10 files of 64 MB each,
>whatever you need to make you happy with the risk.
>
> While you might not be happy with this, it does not make the
>software useless. There are always tradeoffs, this is one of them
>
> Best Wishes,
> Johnny Bravo
>
------------------------------
From: [EMAIL PROTECTED]
Subject: sources for software
Date: Mon, 22 Nov 1999 19:31:21 GMT
I am looking for a cryptogram program for solving cryptogram puzzles.
This should run on a windows 98 system. I am looking for one that lets
me enter the coded message, displays the letter counts and lets me
easily change the letters. The program should be a complete package.
One on-line package I downloaded required a dll that I did not have so
it would not run. The others I tried did not display the letter counts
Thanks
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
Crossposted-To: talk.politics.crypto
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Signals From Intelligent Space Aliens? Forget About It.
Date: Mon, 22 Nov 1999 19:31:51 GMT
Lincoln Yeoh wrote:
> It's probably more likely that we nuke ourselves than some space alien ala
> ET visits us.
Especially if they received that attempt to communicate with ETs that
had an error in the coding! (Two different symbols used for "=".)
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Halting condition for brute force cracking
Date: Mon, 22 Nov 1999 19:37:22 GMT
Guy Macon wrote:
> Let's say that I set my computer to doing such a series of guesses
> on some encypted data. How, exactly, does the computer identify
> sucess?
If indeed a brute-force search is being done (which is not usual
in cryptanalysis), for most cryptosystems an incorrect key
results in a trial decryption that is readily distinguishable
from genuine plaintext by any of a large number of statistical
tests. Even Navaho (coded in ASCII or whatever) and "hackish"
has vastly more structure than random noise. One of the simplest
criteria is the delta I.C.
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Codebook examples on Web?
Date: Mon, 22 Nov 1999 19:45:38 GMT
"Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote, in part:
>John Savard wrote:
>> ... I do not believe that changint the meaning of the term
>> "one-time pad" to make the former use legitimate would serve the
>> cause of dispelling harmful confusion and promoting understanding.
>It's *not* changing the meaning; you guys have apparently been
>misusing the terminology. A "one-time pad" is a pad of key
>that is used just one time. The same cryptographic function
>can be achieved with a medium other than a printed pad, so
>there is no harm in applying the term to other forms of the
>same basic idea. Of course, the ideal is to have a completely
>random key, but that's always the cryptographic ideal and is
>not part of the concept "one-time pad".
>If you have been observant, you've already noticed that people
>misuse the term OTP (either definition), probably because they
>want to get a free ride on the reputation for uncrackability
>(that an *ideal* OTP has). I think they would be less likely
>to misappropriate the term if it were understood in its original
>meaning, which does not imply uncrackability.
>A stream cipher is an utterly different concept, that doesn't
>imply nonreuse of keying material.
I suppose one could have a pad where each page is printed with, say, a
56-bit DES key, for use in encrypting one message (longer than 56
bits). And it is true that we don't, at present, have a name for that
kind of a thing. (Shall we call it a "one-time keylist"?)
I really don't agree, though, that there is any body of established
usage that allows "one-time pad" to mean something other than an
"ideal one-time pad" or at least an _attempt_ at one.
As I noted in my previous post, I think that changing the meaning of
OTP so that those who misuse the term would _no longer be lying_ but
could still confuse people who understood the _old_ meaning of the
term, would only make matters worse.
(Of course, the classified community may well be using terms
differently than those outside, but that is something which is
essentially irremediable; neither side can afford to go back and
redefine its terminology as
a) the open community discovers something the classfied community was
using under another name, or
b) materials from the classified community are disclosed, which
include the terminology used previously therein.
We just have to put up with the existence of two different languages.)
John Savard (don't snooze, don't snore)
http://www.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Halting condition for brute force cracking
Date: Mon, 22 Nov 1999 19:52:56 GMT
[EMAIL PROTECTED] (Guy Macon) wrote, in part:
>Let's say that I set my computer to doing such a series of guesses
>on some encypted data. How, exactly, does the computer identify
>sucess?
In theoretical terms, a cipher is considered insecure even if it is
vulnerable to a _known plaintext_ attack (or, for that matter, an
adaptive chosen plaintext attack).
Thus, while (for example) highly efficient methods of text compression
would frustrate, or render more difficult, a brute-force attack on an
encrypted message, this isn't considered to provide a "real"
improvement in security; thus, compression, if it takes place, must
take place prior to encryption, but its purpose is held to be
primarily the resulting bandwith savings.
I am not entirely wedded to the conventional wisdom - in that I think
that compression _is_ worth a degree of attention, and should be
without headers, and designed to avoid leaving repetitive patterns
behind (thus, instead of using a Huffman code for text with space as a
symbol, I advocate Huffman-coding word lengths, and having a separate
state for the lengths and the letters) - but I do agree that certain
*extraordinary* attempts to obtain slight improvements in compression
are not worth it (such as David A. Scott's "one-to-one compression").
John Savard (don't snooze, don't snore)
http://www.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Codebook examples on Web?
Date: Mon, 22 Nov 1999 19:57:22 GMT
[EMAIL PROTECTED] (Jim Reeds) wrote, in part:
>I wish I could see copies
>of the code books used by the American humorist James
>Thurbur when he was code clerk in Paris in 1918-1919; there
>is a persistant rumor that some of his words (Zorna, Zatch,
>etc) were groups in those books.
I remember that he wrote something about how the GRAY code used by the
U.S. State Department was atrociously insecure, that was reproduced in
David Kahn's "The Codebreakers".
You might try the National Archives.
John Savard (don't snooze, don't snore)
http://www.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
