Cryptography-Digest Digest #720, Volume #10 Fri, 10 Dec 99 22:13:00 EST
Contents:
Re: Attacks on a PKI ("Lyal Collins")
Linear Congruential Generators ("Steven Alexander")
CDSA 1.2 specs (JCA)
Re: Linear Congruential Generators ("Tony T. Warnock")
Re: Random Numbers??? (Keith A Monahan)
Re: Linear Congruential Generators ("Steven Alexander")
Re: NSA future role? (Terry Ritter)
Re: Attacks on a PKI ([EMAIL PROTECTED])
Re: Attacks on a PKI ([EMAIL PROTECTED])
Re: If you're in Australia, the government has the ability to modify ("Douglas A.
Gwyn")
Re: Linear Congruential Generators ("Douglas A. Gwyn")
Re: If you're in Australia, the government has the ability to modify your files. >>
4.Dec.1999 ("Rick Braddam")
Anyone using Freedom 1.0 ? What are your thought? [nt] ([EMAIL PROTECTED])
Re: Linear Congruential Generators (David A Molnar)
Re: Attacks on a PKI (David A Molnar)
Re: Anyone using Freedom 1.0 ? What are your thought? [nt] (Steve K)
Questions about message digest functions (Pelle Evensen)
Re: Digitally signing an article in a paper journal ("rosi")
Re: Questions about message digest functions (Jim Gillogly)
Re: NSA should do a cryptoanalysis of AES ("Rick Braddam")
Re: If you're in Australia, the government has the ability to modify your files.
>> 4.Dec.1999 ("Rick Braddam")
----------------------------------------------------------------------------
From: "Lyal Collins" <[EMAIL PROTECTED]>
Subject: Re: Attacks on a PKI
Date: Sat, 11 Dec 1999 09:30:23 +1100
- Replacing the Rooth CA key in everyone's clients
- Modifying clients to verifying against multiple Root CA's
- Storing private keys on an insecure workstation
- Using a password processed and verification on an insecure workstation to
permit private key use
- having to archive messages and signatures and certs in "average security"
databases (if the database record is later modified, the signature cannot be
re-verified, and the recipient loses a case, unless they can _prove_ their
database and systems admin is top notch for the entire period. The UK
Munden case is an example where a bank couldn't do this - for it's internal
reasons.
- the need for a highly secure CA and secure Client is approximately the
same effort required in a secret key scheme to keep both end points secure.
Not strictly on-topic, but an important cost consideration.
Most of this is paraphrasing stuff in the recent Schnier and Ellison paper -
but have always been obvious.
Lyal
[EMAIL PROTECTED] wrote in message <82qq8g$odp$[EMAIL PROTECTED]>...
>Having read much of the literature on PKI, it is fairly conclusive that
>this whole PKI thing is an exploitation of people's ignorance.
>
>I am currently compiling a list of attacks on a PKI, and if you know of
>any then please post some.
>
>David
>
>
>Sent via Deja.com http://www.deja.com/
>Before you buy.
------------------------------
From: "Steven Alexander" <[EMAIL PROTECTED]>
Subject: Linear Congruential Generators
Date: Fri, 10 Dec 1999 14:34:22 -0800
I was reading about LCG's in The Art of Computer Programming and have also
read briefly about them in Applied Cryptography. I was wondering if they
can be used to generate keys for a cryptographic algorithm with a new
approach. If you were using strong values for the multiplier and increment
value(so that it would iterate through all possible values of x) could you
seed the generator with user input? My idea was to generate 128-bit key by
the following:
Either
a) ask the user to enter 4 32-bit numbers
b) ask the user to type randomly and create 4 32-bit numbers by shift and
XOR
Then:
Use the generator numbers to seed four instances of the generator
Ask the user to specify a number of iterations
Use the values of x at the end of the last iteration as your key
I would love to hear any problems with this scheme and any suggestions for
an improvement of this method.
--
============================================================================
================
Steven Alexander
[EMAIL PROTECTED]
When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl.
------------------------------
From: JCA <[EMAIL PROTECTED]>
Subject: CDSA 1.2 specs
Date: Fri, 10 Dec 1999 14:21:29 -0800
Does anybody know where to get the CDSA 1.2 API specs in electronic
format? At Intel they only carry those for CDSA 2.0 these days.
------------------------------
From: "Tony T. Warnock" <[EMAIL PROTECTED]>
Subject: Re: Linear Congruential Generators
Date: Fri, 10 Dec 1999 15:46:56 -0700
Reply-To: [EMAIL PROTECTED]
Steven Alexander wrote:
> I was reading about LCG's in The Art of Computer Programming and have also
> read briefly about them in Applied Cryptography. I was wondering if they
> can be used to generate keys for a cryptographic algorithm with a new
> approach. If you were using strong values for the multiplier and increment
> value(so that it would iterate through all possible values of x) could you
> seed the generator with user input? My idea was to generate 128-bit key by
> the following:
>
> Either
> a) ask the user to enter 4 32-bit numbers
> b) ask the user to type randomly and create 4 32-bit numbers by shift and
> XOR
> Then:
> Use the generator numbers to seed four instances of the generator
> Ask the user to specify a number of iterations
> Use the values of x at the end of the last iteration as your key
>
> I would love to hear any problems with this scheme and any suggestions for
> an improvement of this method.
>
> --
> ----------------------------------------------------------------------------
> ----------------
> Steven Alexander
> [EMAIL PROTECTED]
>
> When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl.
The linearity allows things to be recovered with a bit of work. LCG's cover the
whole space neatly and (if long enough) have pretty good statistical properties.
They have no real cryptological strength. Linearity is used to get a long cycle
but it also guarantees predictability.
------------------------------
From: [EMAIL PROTECTED] (Keith A Monahan)
Subject: Re: Random Numbers???
Date: 10 Dec 1999 22:59:58 GMT
Johnny,
Johnny Bravo ([EMAIL PROTECTED]) wrote:
: PS: And no, we don't want you to post the 20 million values here. :)
hahahaha. I'm glad you mentioned that as I feared the worst was coming.
Hahaha. Thanks for the laugh,
Keith
------------------------------
From: "Steven Alexander" <[EMAIL PROTECTED]>
Subject: Re: Linear Congruential Generators
Date: Fri, 10 Dec 1999 15:05:55 -0800
The idea that I was proposing would take four values of x, x[0...3] and seed
the LCG with each of them independently and then use the value of x after
step n which the user would supply. Would this yield a strong value if no
other values in the series were used?
-steven
>The linearity allows things to be recovered with a bit of work. LCG's
cover the
> whole space neatly and (if long enough) have pretty good statistical
properties.
> They have no real cryptological strength. Linearity is used to get a long
cycle
> but it also guarantees predictability.
>
------------------------------
From: [EMAIL PROTECTED] (Terry Ritter)
Subject: Re: NSA future role?
Date: Fri, 10 Dec 1999 23:14:22 GMT
On Fri, 10 Dec 1999 02:25:56 GMT, in <[EMAIL PROTECTED]>, in
sci.crypt "Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote:
>Tim Tyler wrote:
>> I don't really see much difficulty there. Many encryption systems
>> use large numbers of s-boxes. These can often be configured randomly
>> (given a bunch of constraints designed to eliminate weak keys), and the
>> resulting algorithm will still be quite strong.
>
>It is usually not a good idea to choose S-boxes randomly.
>(There is a famous paper about this, but I don't have the
>reference at hand at the moment.)
As a general statement, that is false.
On the contrary, it usually *is* a good idea to choose S-boxes
randomly -- unless one is using tiny 4-bit tables.
The unnamed "famous reference" of which I am aware speaks to the use
of random S-boxes in DES. But DES uses tiny "4-bit" boxes which
*cannot* be very nonlinear, and are not infrequently actually
*linear*. This is not the general situation.
In contrast, a random "8-bit" box is likely to be nicely nonlinear,
and is very, very unlikely to be linear.
I have a literature survey on S-Box design:
http://www.io.com/~ritter/RES/SBOXDESN.HTM
I show some nonlinearity distribution graphs near the end of my
functioning nonlinearity measurement page:
http://www.io.com/~ritter/JAVASCRP/NONLMEAS.HTM
And I have a Crypto Glossary entry on "S-Box":
"We might expect an 8-bit table to have a nonlinearity of about 100
(that is, 100 bits must change in one of the eight 256-bit output
functions to reach the closest affine Boolean function). Experimental
measurement of the nonlinearity of 1,000,000 random 8-bit tables shows
exactly one table with a nonlinearity as low as 78, and the computed
probability of an actually linear table (nonlinearity zero) is
something like 10^-72 or 2^-242."
---
Terry Ritter [EMAIL PROTECTED] http://www.io.com/~ritter/
Crypto Glossary http://www.io.com/~ritter/GLOSSARY.HTM
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Attacks on a PKI
Date: Fri, 10 Dec 1999 23:20:27 GMT
Do you have a URL for this?
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (DJohn37050) wrote:
> Peter Landrock of Cryptomathic in Denmark has expressed lots of
concerns, not
> sure if they are attacks, but are worth looking at.
> Don Johnson
>
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Attacks on a PKI
Date: Fri, 10 Dec 1999 23:28:45 GMT
In article <[EMAIL PROTECTED]>,
JCA <[EMAIL PROTECTED]> wrote:
> [EMAIL PROTECTED] wrote:
>
> > Having read much of the literature on PKI, it is fairly conclusive
that
> > this whole PKI thing is an exploitation of people's ignorance.
>
> Could you elaborate on that?
>
>
Dear Jose
I know for a fact that many institutions are investing in PKI offered
by vendors (can't mention names). However, it would seem that there are
many fundamental flaws within PKI that the buyers are ignorant to.
I won't go on here, but I would recommend you read Bruce Schneier and
Carl Ellison's paper on this area found at www.counterpane.com and
follow links to publications in 2000)
There is a host of other material on the net that supports this.
David
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: If you're in Australia, the government has the ability to modify
Date: Fri, 10 Dec 1999 23:44:47 GMT
wtshaw wrote:
> An html format pushed a reliance on the browser, *text* being better.
> Reminders: html is not friendly to casual use of what it considers
> control characters, while text is. For a full descussion of character
> sets and programming, html is a backward's move....a dumbing down.
We were talking about a help system, not arbitrary text being
incorrectly converted into HTML format. HTML supports hyperlinks,
which are extremely useful, as Ted Nelson explained for decades.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Linear Congruential Generators
Date: Fri, 10 Dec 1999 23:52:36 GMT
Steven Alexander wrote:
> The idea that I was proposing would take four values of x, x[0...3]
> and seed the LCG with each of them independently and then use the
> value of x after step n which the user would supply. Would this
> yield a strong value if no other values in the series were used?
No, in the absence of a mathematical theory for the combination,
you should assume that not much is gained by the combining.
(This sometimes goes by the name, "Is ... a group?".)
There is also the matter of communicating the user-supplied key
data to the intended recipient, or setting up a secure key schedule.
------------------------------
From: "Rick Braddam" <[EMAIL PROTECTED]>
Crossposted-To: alt.privacy
Subject: Re: If you're in Australia, the government has the ability to modify your
files. >> 4.Dec.1999
Date: Fri, 10 Dec 1999 01:46:36 -0600
Trevor Jackson, III <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
>
> I thought so too. Then I reied to install the latest Microsoft(tm)
tools.
> Visual C now refuses to install unless Internet Explorer is present.
I am
> unable to conceive of a legitimate reason for such "persuasive" market
> positioning.
I don't know if it suffices for a reason, but VC5.0 has help files in a
"compressed HTML" format, which is displayed by Internet Explorer. I
expect that later versions will continue in the same way. I wouldn't be
surprised if the cml format was developed to prevent Netscape from being
able to display the help files.
--
Rick
============================
Spam bait (With credit to E. Needham):
root@localhost
postmaster@localhost
admin@localhost
abuse@localhost
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED]
Subject: Anyone using Freedom 1.0 ? What are your thought? [nt]
Date: Sat, 11 Dec 1999 00:22:49 GMT
______________________________________________________________________________
Total Internet privacy -- get your Freedom pseudonym at http://www.freedom.net
------------------------------
From: David A Molnar <[EMAIL PROTECTED]>
Subject: Re: Linear Congruential Generators
Date: 11 Dec 1999 00:26:39 GMT
Steven Alexander <[EMAIL PROTECTED]> wrote:
> Either
> a) ask the user to enter 4 32-bit numbers
> b) ask the user to type randomly and create 4 32-bit numbers by shift and
> XOR
> Then:
> Use the generator numbers to seed four instances of the generator
> Ask the user to specify a number of iterations
> Use the values of x at the end of the last iteration as your key
Your goal is key generation? What does this gain over using the
randomly typed values directly?
What does this gain over using randomly typed values
as the input to SHA-1?
I think that if you allow someone to input values and get out
"sufficiently many" keys(*), they will be able to recover enough
information to predict the LCG on any seed.
It then seems to me that this method will give you no better protection
than using the user's 128 bits as they are. So no real reason to use it.
Thanks,
-David
(*) I'm sorry to be vague about "sufficiently many" -- how many depends
on exactly how you attack the LCG and what the parameters are. but
there's a wealth of papers on how to kill LCGs.
------------------------------
From: David A Molnar <[EMAIL PROTECTED]>
Subject: Re: Attacks on a PKI
Date: 11 Dec 1999 00:28:28 GMT
[EMAIL PROTECTED] wrote:
> I am currently compiling a list of attacks on a PKI, and if you know of
> any then please post some.
Registering easily-factored or other low-quality keys with the PKI. If
ppl confuse verifying identity with verifying "key quality" (and how many
do ? ), then can undermine confidence in the PKI and public key crypto
in general. Solution seems to be to certify the public keys...
-David
------------------------------
From: [EMAIL PROTECTED] (Steve K)
Subject: Re: Anyone using Freedom 1.0 ? What are your thought? [nt]
Date: Sat, 11 Dec 1999 01:06:24 GMT
On Sat, 11 Dec 1999 00:22:49 GMT, [EMAIL PROTECTED] wrote:
Got it the day it was released, installed it the next day, uninstalled
it a few hours later after considerable tewaking and wrote to tech
support. They filled me in the next day, confirming what I deduced
myself about Freedom's interaction with PC firewalls.
Freedom thinks it's a firewall. It will not run with a PC firewall
installed; they fight for the right to control network ports and both
lose. For me this is a big minus, since Freedom's firewall function
is not documented, and it does not write a traffic log.
Freedom is somewhat susceptible to traffic analysis, if anyone cares
enough to spend that kind of money. Although the packets coming and
going are encrypted, they stream through the servers without being
remixed. This seems inevitable; most users would not be happy with
the delays that would be created by remixing.
I would consider it a mistake, to trust a Freedom nym account for
anonymous mail and news posts, if the user is looking for ongoing
protection against influential or well funded adversaries. The
security offered by "real" remailers seems much better.
I haven't seen much technical documentation on Freedom. All the
ususal arguments about the security of open source freeware, versus
closed source payware, seem to work against Freedom here.
My general impression of Freedom is that it is *great* for the
non-technical user, giving very signifigant anonymity benefits with
very little effort or expertise needed. But IMO Freedon is not
powerful enough to justify changing from a "real" firewall, a local
filtering proxy, and remailer utilities like Private Idaho or Jack B.
Nymble.
HTH
Steve K
---Continuing freedom of speech brought to you by---
http://www.eff.org/ http://www.epic.org/
http://www.cdt.org/
------------------------------
From: Pelle Evensen <[EMAIL PROTECTED]>
Subject: Questions about message digest functions
Date: Sat, 11 Dec 1999 02:37:28 +0100
Have there been any papers published on
1a) Whether SHA-1 is a permutation for a message the same length as the
digest-length (160 bits)?
1b) Whether this (1a) holds true for MD5?
1c) Is this true (or can it be true) for any other, supposedly secure,
one-way, collision resistant, hash-functions?
2a) Whether SHA-1 in a feedback loop, d[n] = h(d[n - 1]), has any short
periods?
2b) Has MD5?
2c) Other message digest functions regarded as secure?
For any 2[abc] to hold, it seems like 1[abc] also has to hold for a majority
of the possible values of h(m).
/Pell
--
Pelle Evensen, [EMAIL PROTECTED] Telenordia AB/Algonet
http://www.evensen.org/pgp.html for public key.
PGP fingerprint 22 DC 52 0D 7E 00 F7 9C 8B EB F0 55 1E 8C 71 5E
------------------------------
From: "rosi" <[EMAIL PROTECTED]>
Subject: Re: Digitally signing an article in a paper journal
Date: Fri, 10 Dec 1999 21:36:24 -0500
Dear KloroX,
Just came on. I think you are serious about this (sometimes
hard to tell here). Let me catch up a bit and then come back
to respond with some detailed suggestions. However, I only
hint a specific implementation and that may not be good
enough for you. And the worst part of it is that I do not think
I can solve your 'acceptance' problem at all. It's got to be your
publisher.
--- (My Signature)
KloroX wrote in message ...
>On Fri, 10 Dec 1999 01:40:23 -0500, "Trevor Jackson, III"
><[EMAIL PROTECTED]> wrote:
>
>>Several questions:
>> 1. What is at stake?
>> 2. Who are the opponent? What is your threat model?
>
>I answered a similar question earlier in the thread, before seeing
>your post. You may read about the background there. The threat could
>be losing my job (in the worst case), or be subjected to career or
>financial reprimands.
>
>>Suggestions:
>[...]
>> Give the unopened manuscript envelope to a lawyer you trust.
>
>Anyone who knows a lawyer he can trust raise his hand...
>Seriously, what is the advantage of the multiple-hash scheme? Making
>it less likely that a collision will be found (i.e., another plaintext
>that yields the same hash), or facilitating verification (increasing
>the likelihood that at least one of several hash algorithms will still
>be easily available after several years)?
------------------------------
From: Jim Gillogly <[EMAIL PROTECTED]>
Subject: Re: Questions about message digest functions
Date: Sat, 11 Dec 1999 02:36:08 +0000
Pelle Evensen wrote:
> Have there been any papers published on
> 1a) Whether SHA-1 is a permutation for a message the same length as the
> digest-length (160 bits)?
Not in a refereed journal. It's obviously a bad flaw: if it were true,
then the attacker seeing a hash of a 160-bit message that ended up all
zeroes or ones would know exactly what message had been hashed. In
general it would limit significantly the range of possible texts. There
are undoubtedly some messages for which their hash is a permutation...
meaning that they have the same number of 1 and 0 bits. However, if
we were to take a bunch of random 160-bit messages I'd be happy to give
you a krona for each one that was a permutation if you'd give me a
krona for each one that wasn't.
> 1b) Whether this (1a) holds true for MD5?
Ditto.
> 1c) Is this true (or can it be true) for any other, supposedly secure,
> one-way, collision resistant, hash-functions?
It should be false for all crypto-grade hash functions.
> 2a) Whether SHA-1 in a feedback loop, d[n] = h(d[n - 1]), has any short
> periods?
No collisions, much less loops, have been seen, to my knowledge.
> 2b) Has MD5?
Dobbertin found a near-collision, but nobody's found a loop.
> 2c) Other message digest functions regarded as secure?
If such a loop were found it would raise suspicions about that hash
function.
--
Jim Gillogly
Trewesday, 21 Foreyule S.R. 1999, 02:26
12.19.6.13.19, 1 Cauac 7 Mac, Ninth Lord of Night
------------------------------
From: "Rick Braddam" <[EMAIL PROTECTED]>
Subject: Re: NSA should do a cryptoanalysis of AES
Date: Thu, 9 Dec 1999 18:33:02 -0600
wtshaw <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
|> In article <82nqok$bbh$[EMAIL PROTECTED]>, "Rick Braddam"
|> <[EMAIL PROTECTED]> wrote:
|>
|> > Yes, I like those images, too. Is the image information
actually
|> > transmitted in the page, or is it transmitted as a different
|> > 'message' interleaved with the http page? At any rate,
Scott's
|> > all-or-nothing encryption wouldn't work (in my opinion) in
those
|> > cases where information must be displayed or used before the
|> > whole message is received, like in those interleaved images.
|> >
|> The message could be easily sent in parts, each one standing
alone.
|> ....
|> >
|> > Even David Scott does not promote "all or nothing"
encryption for
|> > all uses. He discusses it in terms of file encryption, I see
a
|> > need for it in email or chat communication, and then only
when
|> > the highest level of security is needed. "All or nothing" is
not
|> > limited to Scotts encryption algorithm, the concept (as I
|> > understand Scott's implementation of it) can be applied to
any
|> > block cipher.
|> >
|> This is one thing that interests me highly as it is another
option to
|> consider. In our recent live discussions in Big Spring,
Texas, I began to
|> get the gist of it. I'm not, however, an authority yet on it.
I'm not an authority on it either. I think I'm beginning to see
what he's doing, though. It looks to me like the same things
could be accomplished with a block cipher and a variation on
cipher text stealing. The 'stolen' pad characters would come from
the beginning of the message instead of the previous block, and
another pass started as if the message began after the characters
which were stolen. Consider the message a circular buffer, where
you keep going around it for the selected number of rounds. In
this case, a round is a complete pass through the message, and
the encryption of a block would be a sub-round. With this type of
encryption, the message must be decrypted from the end toward the
beginning, and the IV after the last block encrypted would have
to be considered part of the key (in my opinion) to complicate
brute force keysearch. Of course, I may be mis-reading his code.
If so I won't feel too bad, since so many experts at sci.crypt
have pronounced it unreadable. On the other hand, if I'm not
misreading it....
|> Since I work with spiral algorithms and he does compression,
Big Spring
|> seemed a poetic venue, also, as it is halfway between us.
Texas being not
|> being a small state, the trip was 6 hours each way for me.
Wish I'd been there, I'd have loved the opportunity to learn from
each of you. I've been to your web pages and still don't have a
clue how your encryption works. That may be because I don't know
and can't visualize assembly language methods for changing number
bases. That's frustrating, because I suspect that it should be
fairly simple. My 'C' code looks like assembler, and my 'C++'
code looks like my 'C' code. I spent 20 years troubleshooting
computers at the bit level, when an adder was four rows of cards.
Maybe someday, after many re-readings, I'll get it. I must be
getting tired, I'm rambling. Time to go.
--
Rick
============================
Spam bait (With credit to E. Needham):
root@localhost
postmaster@localhost
admin@localhost
abuse@localhost
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
------------------------------
From: "Rick Braddam" <[EMAIL PROTECTED]>
Subject: Re: If you're in Australia, the government has the ability to modify your
files. >> 4.Dec.1999
Date: Fri, 10 Dec 1999 00:18:31 -0600
Douglas A. Gwyn <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
<some snipping>
|>However, the Second Amendment Foundation has just
|> sued the mayors of large cities for conspiracy to violate civil
|> rights, in connection with those "city sues for expenses due to
|> gun abuse" cases that anti-gunowner organizations such as the
|> Violence Policy Center have been promoting around the US. (Of
|> course there is a fundamental flaw in their reasoning; see
|> Henry Hazlitt's "Economics in One Lesson" if you don't
|> immediately see the flaw.) Since it is a Constitutional issue,
|> it should work its way through the Federal court system soon.
You just provided the best motivation I've heard or read to send some
money to the SAF. I just received a "Voluntary Dues Statement", guess
I'll have to put a check in it and send it back.
It may not relate directly to cryptology, but it reemphasizes the need
to do something instead of just sitting and feeling sorry for our loss
of freedom. As the saying goes, "Money talks, bullshit walks." At least
until walking becomes illegal, too.
--
Rick
============================
Spam bait (With credit to E. Needham):
root@localhost
postmaster@localhost
admin@localhost
abuse@localhost
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
