Cryptography-Digest Digest #630, Volume #10 Fri, 26 Nov 99 04:13:01 EST
Contents:
Re: High Speed (1GBit/s) 3DES Processor (Chris Eilbeck)
Re: How ScramDisk will recover >> logistics problems in Scramdisk (Aman)
Re: Signals From Intelligent Space Aliens? Forget About It. (fungus)
Small cipher problem (RREYNARD)
digraph frequencies ([EMAIL PROTECTED])
Re: FEAL-8 algorithm (Tom St Denis)
Re: Signals From Intelligent Space Aliens? Forget About It. ("Douglas A. Gwyn")
Ask about Certification-less Public Key ("PIPE Wong")
Re: AES cyphers leak information like sieves (SCOTT19U.ZIP_GUY)
Re: Ask about Certification-less Public Key (David A Molnar)
Re: Random Noise Encryption Buffs (Look Here) ("M. Okra")
Re: Ask about Certification-less Public Key ("Lyal Collins")
Re: Montgomery Algotrithm (Elisabeth Oswald)
----------------------------------------------------------------------------
From: Chris Eilbeck <[EMAIL PROTECTED]>
Crossposted-To: comp.dcom.vpn,comp.security.firewalls
Subject: Re: High Speed (1GBit/s) 3DES Processor
Date: 25 Nov 1999 20:19:54 +0000
Paul Koning <[EMAIL PROTECTED]> writes:
> Chris Eilbeck wrote:
> >
> > [EMAIL PROTECTED] writes:
> >
> > > We have developed a prototype Encryption system ...
> > > If you are a manufacturer of high speed switches, or have general interest
> > > in this area or a venture capitalist, you can contac us at:
> > >
> > > [EMAIL PROTECTED]
> >
> > Or you could just download and use my DES core and use it three times
> > in series to achieve more than 1.7GBps in a big Xilinx FPGA.
> > See http://www.yordas.demon.co.uk/crypto
>
> Thanks.
>
> That's probably better anyway, since those other guys
> don't seem to be real. Too bad...
David Kessner also has a core available for download but only in
US/Canada. See http://www.free-ip.com/
Chris
--
Chris Eilbeck mailto:[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Aman)
Crossposted-To:
alt.security.pgp,comp.security.pgp.discuss,alt.security.scramdisk,comp.security.pgp.tech
Subject: Re: How ScramDisk will recover >> logistics problems in Scramdisk
Date: Thu, 25 Nov 1999 00:59:18 GMT
On Thu, 25 Nov 1999 07:54:12 -0500, [EMAIL PROTECTED] wrote:
[...]
>Maybe it is but my test to corrupt 1 byte of data in container OCCURRED AT THE
>END & MIDDLE OF CONTAINER FILE [ never made any corruption at the beginning of
>the container ] not at the beginning.
>Above will indicate that ANY BIT corruption will damage container TOTALLY.
Utter rubbish I'm afraid. Modifying anything after the first 10K will
only have virtually the same effect as it would on a Windows disk.
Do you believe SD has the time to completely scan a partition or
container to check the data in the container/partition to see if it is
correct and not corrupted in any way ?
Do you know how long that would take with a 2Gbyte container ?
Do you know how long it would take with my 23 GIGABYTE SD partition ?
You can logically deduce therefore, that unless needed Scramdisk
*doesn't* read all the sectors, and therefore wouldn't give a damn
what was contained in them. So your action of altering one byte in 600
Mbyte would not have any effect whatsoever, unless the byte was in the
wrong place... I have told you where that is.....
You could therefore play around with the bytes damaging only the
relevant files . Damage the Boot sector, FAT, Root directory and you
might then really be in bother....
>
>> gets written to, apart from at creation time, or when the password is
>> changed. The disk from sector 20 upwards (boot sector) is no more at
>> risk than any other windows disk you have.
>
>I see your wrong assumption, read my problem description, you will see that your
>statement is not true.
>I will say it again,
>
>corrupting 1 byte of random data made my container USELESS [ could NOT MOUNT it
>+ did not recognized password ], this makes
>reliability of container very controversial issue, corrupting 1 byte affected
>640 MB of disk space !!!
>
>> There is a backup of this data, and in version 3 there is a facility
>
>You are describing enhancement to [ Very Goo product = my opinion ] scramdisk,
>it is fine, but my test has nothing to do with this enhancement. And again in
>the future you enhancements will not cover the problem I'm documenting.
Look, I cannot fix a problem that SIMPLY DOESN'T exist..... If you
trash the data area of a scramdisk, it makes NO difference, unless a
file is stored there... Then you lose part of that file. If you trash
the boot sector then you're in trouble. But SD will STILL mount the
disk even without a boot sector. You can then use standard disk repair
tools on the disk.... Crikey In once had loads of bad sectors
(physical damage) to a JAZ disk, with a Scramdisk partition on
it....Apart from some corrupted files, most of the data was intact.
One byte indeed....
How many folks have used Scandisk on SD drives, and found the usual
errors, and lost clusters etc ? Hint: That happens, when windows bombs
when saving to disk...
> These
>two are totally separate & not relevant problems >> my description is GENERAL
>PROBLEM [ any 1 bit in container ] description, yours is SPECIFIC PROBLEM
>description [ special part of container file ].
I'm sorry but you really are talking rubbish......... I should know,
because I wrote the thing, have done many tests and had much feedback
from users.
Sectors on the Windows part of the Scramdisk ARE NOT READ OR WRITTEN
TO, unless the WINDOWS FILING SYSTEM needs to access them. Then they
are decryted/encrypted as necessary.
>
>> to use that backup..... Version 3 creates backups, with triple
>> encryption, so they don't have an exact copy of the data............
>> One should always backup.... Hard drives can just croak without warning....
>
>The statement "always backup" is very valid & I'm doing back, but above is wrong
>in general to mismatch backup solution with logistics problems associated with
>Scramdisk.
You are wrong.
> To make it more clear to every one,
>NEVER software corruption of 1 byte of random data should made my container
>USELESS
>NEVER software corrupting of 1 byte of data should affected 640 MB of disk
It doesn't... I suggest you look again..... I don't need to. I know
how SD works...
>space.
You are either deliberately telling lies, or are very mislead. Someone
else here will no doubt do some tests and verify what I have said.
1: Corrupting the first 10K is the most dangerous and can result in
loss if data.
The critical sectors are backed up. SD3 provides a facility to USE
that backup directly, so that damage to the start of the disk, won't
result in data loss.
2: Corrupting any other part will have the same effect as it would on
Windows. IE the boot sector starts at Scramdisk sector 20, and from
then on it is an image of a typical windows disk, apart from the fact
that EVERY sector is encrypted. But data corruption in any of those
sectors does not necessarily mean total loss of your disk, just as it
wouldn't do in windows.
Regards,
Aman.
------------------------------
From: fungus <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto
Subject: Re: Signals From Intelligent Space Aliens? Forget About It.
Date: Thu, 25 Nov 1999 18:45:50 +0100
Lincoln Yeoh wrote:
>
> On Mon, 22 Nov 1999 19:31:51 GMT, "Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote:
>
> >Especially if they received that attempt to communicate with ETs that
> >had an error in the coding! (Two different symbols used for "=".)
>
> They screwed up that voyager thing?
>
...to show that we are humans.
--
<\___/>
/ O O \
\_____/ FTB.
------------------------------
From: [EMAIL PROTECTED] (RREYNARD)
Subject: Small cipher problem
Date: 26 Nov 1999 02:35:47 GMT
Here is a ciphertext (I think) that was sent to me by someone searching the web
for help in 'breaking' it.
This was the entire first note.
=======================================================
Help, is there a way to figure out what this says?
27913CN9L
2G2KKN9LK913CJNNGLB
N9L1JCGN5C1J12
N9L1JCGN7E4C
N9L1JCGNK9L7
A = 1
======================================================
I wrote back and asked for more details. This is the reply.
=====================================================
Thanks for responding to my code question.
Here are the specifics. It was written by a person who is X military. He was a
decoder. He said that this is the code the decoders used amongst themselves to
communicate with each other. It is based on the Spanish alphabet.
He called the group "HOGS" or "COMS"
There were several of these folks in Granada.
I would assume that the contents are familiar. Probably a personnal letter or
kind words.
I have seen this somewhere before but can't recall where.
The [sender] ... isn't giving me any clues.
=======================================================
If anyone has any clues or is familar with this cipher format, please drop me a
line at my Email address <[EMAIL PROTECTED]>
Thanks,
Robert Reynard
------------------------------
From: [EMAIL PROTECTED]
Subject: digraph frequencies
Date: Fri, 26 Nov 1999 03:03:56 GMT
Can anybody provide me with a table of frequencies for two-letter
combos in the englis language? (digraphs) You can e-mail me at
[EMAIL PROTECTED] untill Sunday, and [EMAIL PROTECTED]
Thanks alot.
Jeff
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: FEAL-8 algorithm
Date: Fri, 26 Nov 1999 03:58:05 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (JPeschel) wrote:
> Tom St Denis [EMAIL PROTECTED] writes in part:
>
> >Please tell me the name of the project your are working on... so I
can
> >learn to avoid it.
> >
> >FEAL has been masacred by many people, over and over and over.
>
> The guy might be testing a new type of attack, or he may want to
> study FEAL as part of Bruce's cryptanalysis course. True, he
> doesn't say why he wants FEAL, but why dismiss the project so
> quickly? If he is testing a new type attack, I'd suggest that
> he start with FEAL-4 first to see if his attack is better than
> Murphy's.
>
Your right. I appologize for jumping there. He should have stated
what he wanted it for though.
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto
Subject: Re: Signals From Intelligent Space Aliens? Forget About It.
Date: Fri, 26 Nov 1999 06:11:02 GMT
Lincoln Yeoh wrote:
> They screwed up that voyager thing? Woohoo. Never knew that.
Maybe that too, but actually I was talking about some ground-based
transmission, kind of an inverse of SETI listening.
------------------------------
From: "PIPE Wong" <[EMAIL PROTECTED]>
Subject: Ask about Certification-less Public Key
Date: Fri, 26 Nov 1999 13:53:34 +0800
Does anyone know about Certification-less Public key? I'm searching for
information on it.
All I know about certification-less is that we can use a Third Trusted
Party's public key to verify a user's public key instead of verifying the
certificate. In other words, no public key certificate is needed.
The scheme seems to me that the Third Trusted Party need to generate the
keypair for the user rather than user generates the keypair on his own and
presents the CA with the public key.
Can anyone give me more information on that kind of scheme??
Thanks
PIPE
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: AES cyphers leak information like sieves
Date: Fri, 26 Nov 1999 08:12:52 GMT
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] (John Savard)
wrote:
>Tim Tyler <[EMAIL PROTECTED]> wrote, in part:
>
>>John Savard made what I found to be a useful post on this thread
>>explaining the relationship between CBC and CFB modes and error
>>detection/correction. If you can track that down, the answers are
>>there in more detail.
>
>I was inspired by this to go to my web page, which contained
>information from, not this post, but an earlier one, and to revise it
>to include the same type of demonstration, but for CFB mode, to allow
>comparison.
>
>The direct URL is:
>
>http://www.freenet.edmonton.ab.ca/~jsavard/co0409.htm
>
>By comparing the two examples, one can see that CBC and CFB, although
>they look different - in CBC, the plaintext is enciphered, and in CFB,
>it is only XORed - are, in a sense, the same mode in disguise, merely
>with the ciphertext taken off at a different point in the process!
Its not the same mode. Are you still trying to ignore the facts
about how PGP operates. By just pretending they are the same.
>From what I have read CFB is not considered as secure as CBC.
Not that I think CBC is secure. But CFB allows one to use a partial
block at the end is less problem with block length. Also you only
use the "ENCRYPTION" function of the block cipher. Where in
CBC you need the "DECRYPTION" function to actually decypt
the file. This change makes it easy to program but it is less secure.
But people like John want you to belive that its "the same mode in
dsiguise, merely with the ciphertext taken off at a different point in
the process"
>
>John Savard (jsavard<at>ecn<dot>ab<dot>ca)
>http://www.ecn.ab.ca/~jsavard/crypto.htm
Actually the difference is more than that According to RSA FAQ's
" With CFB mode and full feedback, when two
ciphertext blocks are identical, the outputs from the block
cipher operation at the
next step are also identical. This allows information about
plaintext blocks to leak.
When using full feedback,
You can read about RSA opinions at the
following URL
http://www.rsasecurity.com/rsalabs/faq/2-1-4.html
I would trust there word a little more than Mr Savard
who even when confronted with facts use his
judgenent on his level of hate for an individual
rather than the facts.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website NOT FOR WIMPS
http://members.xoom.com/ecil/index.htm
Scott rejected paper for the ACM
http://members.xoom.com/ecil/dspaper.htm
Scott famous Compression Page WIMPS allowed
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
------------------------------
From: David A Molnar <[EMAIL PROTECTED]>
Subject: Re: Ask about Certification-less Public Key
Date: 26 Nov 1999 07:00:34 GMT
PIPE Wong <[EMAIL PROTECTED]> wrote:
> Does anyone know about Certification-less Public key? I'm searching for
> information on it.
> All I know about certification-less is that we can use a Third Trusted
> Party's public key to verify a user's public key instead of verifying the
> certificate. In other words, no public key certificate is needed.
I don't think I understand -- you have a Trusted Third Party with a public
key, and a User with a public key. Call the Third Party Trent and the
User Alice.
Now another user, Bob, wants to "verify Alice's public key."
This means that he wants to verify a given string really is the public
key of Alice? That is, tie name to key ?
In this case, the straightforward thing to do is to have Trent sign
Alice's public key. But then it seems to me that this signature
is a "public key certificate", which is what you say the scheme
you're looking for does _not_ need. ??
This means that he wants to verify that the given string (which he
believes is the public key of Alice) has special properties? For
example, with an RSA key, you might want some assurance that this
string claimed to be "n" really is the product of two primes.
> The scheme seems to me that the Third Trusted Party need to generate the
> keypair for the user rather than user generates the keypair on his own and
> presents the CA with the public key.
> Can anyone give me more information on that kind of scheme??
It sounds interesting. I'm not sure where to go next without knowing
what it is you want.
There are several papers on how to prove that a number is an RSA modulus
of some special form or another. Bob Silverman and Moses Liskov have
one; I think that's on the P1363 web page. There's others; if this is
really what you want I can look them up (or presumably other people
will step in).
------------------------------
Date: Thu, 25 Nov 1999 21:20:26 -0500
From: "M. Okra" <[EMAIL PROTECTED]>
Subject: Re: Random Noise Encryption Buffs (Look Here)
Tom -
Any analog source outputting a measurable chaotic amplitude will
serve as the seed mechanism for a 'very, perhaps truly' random
bitstring generator. A vacuum tube is a good example, if you
measure its output finely enough and sample/digitize the right
attribute in the right place. The chaotic output is thought of as
noise. Most currents are chaotic in some attribute if you measure
them carefully enough - photons, electrons, the water temperature
at your buoy off Nantucket measured in millionths of a degree, etc.
The set of potential sources is extremely large.
There are many uses for this sort of generator besides crypto,
and there is a thriving subculture that makes devices that use it,
of which this is an example:
http://www.rdlnet.com/stng1.htm
Real chaos, as you know, is a little tricky to replicate. Certain
standard crypto problems therefore remain, like getting the key
to the other guy. And if you and the other guy are simultaneously
using the same random source, say some sort of orbiting telemetry,
the synchrony problem is not trivial and the gear is not cheap... /Mike
Tom St Denis wrote:
> In article <[EMAIL PROTECTED]>,
> [EMAIL PROTECTED] wrote:
> > Find an electrical engineer.
> >
> > Lay about $200 on him or her and they will tell you.
> >
> > Lay about $2000 and they will set it up for you.
>
> Or spend 100 bucks on a AVR1200, bread board, MAX232 and a noisy
> diode. Capture at a rate, then xor groups of bits together to
> eliminate bias, then run thru a self-shrinking generator, get about
> 100bps or so.
>
> It would be fun to design and most of all probably cheaper to build.
> You can plug serial devices into amany of computers [even dumb
> terminals].
>
> BTW I am not a techie, so how do you actually capture the 'noise' from
> a 'noisy' diode (ADC?). And what is a noisy diode anyways? [I just
> heard the term somewhere]
>
> Tom
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.
------------------------------
From: "Lyal Collins" <[EMAIL PROTECTED]>
Subject: Re: Ask about Certification-less Public Key
Date: Fri, 26 Nov 1999 19:48:14 +1100
I think you are talking about a Public Key registered or stored with a
counter-part.
When you exchange messages, the counter-part retrieves your public key and
uses it to verify a message signature. You no longer have to send around
your public key or certificate, saving a lot of bandwidth - 5kbytes/message.
Search for AADS or ANSI X9.59 to see a standard that uses this model.
The deployment costs are similar - you need a secure database, and a
reliable, trusted registration process to store the public key.
Symmetric key works as well in this 2-party communication environment, if
MAC/HMAC integrity checks are used instead of digital signatures, and with a
lot less processing.
Some embedded systems also use this model to save on memory space used to
store a full certificate, which may exceed 5kbytes or more - a tough call
when you may only have 8k of non-volatile memory.
Lyal
PIPE Wong wrote in message <81l6uh$[EMAIL PROTECTED]>...
>Does anyone know about Certification-less Public key? I'm searching for
>information on it.
>
>All I know about certification-less is that we can use a Third Trusted
>Party's public key to verify a user's public key instead of verifying the
>certificate. In other words, no public key certificate is needed.
>
>The scheme seems to me that the Third Trusted Party need to generate the
>keypair for the user rather than user generates the keypair on his own and
>presents the CA with the public key.
>
>Can anyone give me more information on that kind of scheme??
>
>Thanks
>
>PIPE
>
>
>
------------------------------
From: Elisabeth Oswald <[EMAIL PROTECTED]>
Subject: Re: Montgomery Algotrithm
Date: Fri, 26 Nov 1999 10:01:58 +0100
Rieks Joosten wrote:
>
> I suppose you're not so much asking for the Montgomery reduction algorithm,
> but rather on applying RNS for speed up. You could check out the IAIK site
> http://www.iaik.tu-graz.ac.at/ . If I'm correctly informed, they have made a
> chip that does just that. Perhaps some people there can help you further
> your quest.
Here is the article dealing with this topic :
9.Posch K.C., Posch R.:
"Modulo Reduction in Residue Number Systems; "
IEEE Transactions on Parallel and Distributed Systems, Vol. 6, Nr. 5, May 1995;
449-454.
I think Mr. K.C. Posch could have an electronic version of the paper somewhere.
regards, Elisabeth
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
