Cryptography-Digest Digest #869, Volume #10 Sat, 8 Jan 00 14:13:01 EST
Contents:
My background - Markku Juhani Saarelainen (Markku J. Saarelainen)
The method to influence political election in the USA (Markku J. Saarelainen)
Re: Truly random bistream (Johnny Bravo)
Demcom's Steganos Security Suite (James Redfern)
Re: My background - Markku Juhani Saarelainen (Kenneth C Stahl)
Re: Wagner et Al. (Steve K)
More Cryptography on Canadian TV (John Savard)
Re: modifiec game of life encryption, to be analyzed (Tim Tyler)
Re: Truly random bistream (Scott Nelson)
Re: Cryptography in Tom Clancy (Arturo)
Re: Large Numbers Beginner Question (Mok-Kong Shen)
F.R.E.E C.A.B.L.E T.V. 892 ([EMAIL PROTECTED])
How to know assymetric key size in SSL (Arturo)
----------------------------------------------------------------------------
From: Markku J. Saarelainen <[EMAIL PROTECTED]>
Crossposted-To: alt.politics.org.cia
Subject: My background - Markku Juhani Saarelainen
Date: Sat, 08 Jan 2000 16:04:06 GMT
1. Born in 1967 in Varkaus, Finland
2. Educated in Finland, U.S.A. and the USSR
3. Political beliefs: no political beliefs
4. Major Achievements:
a. Successfully assisted and facilitated Al Gore's and Bill Clinton's
re-election in 1996 on the Internet with several thousand people - did
not get compensated for this.
b. Enabled ISO people to understand specific requirements, intelligence
and encryption
c. motivated millions to make Yeltsin to resign
d. helped thousands of people around the world to understand how to
influence political (Presidential and Congress) elections in the U.S.A.
on the Internet
e. was able to make the encryption policy to fall
5. My religion: Judaism
6. My hobbies: intelligence and encryption
7. My business: intelligence and encryption
8. Citizenship: Finland and European Union
9. Shall leave the United States of America shortly
10. Believes strong family values and trust between spouses. Found
America not to be trusted.
11. Work behavior: 24 hours / 7 days a week
12. The best invention: Genie Services
13. Dislikes CIA agents who broke the Golden Rule
14. Recent letters:
Presidents: Finland, EU, Russia and USA
Several embassies and consulates around the world
15. Nick Names known by the Kremlin: The Dark Lady and The White Wolf
16. The biggest mistake: coming to the United States of America
17. Current financial situation: No address and living in the car
18. Some main experiences: CIA's and NSA's counterintelligence messed
up my life in the USA without any reason
19. The best experience: Having my first fish in the private island in
Finland, when I was six years old.
20. The most important wish: To leave the USA for better life
21. In 1987 and 1989 met several KGB agents
22. The estimated date of death: Still unknown xx/xx/20xx
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Markku J. Saarelainen <[EMAIL PROTECTED]>
Crossposted-To: alt.politics.org.cia
Subject: The method to influence political election in the USA
Date: Sat, 08 Jan 2000 16:08:27 GMT
To use the subluminal channels in corporate and organizational networks
by publishing many different direct electronic mail publications to the
large number of people in corporations, associations, governmental
agencies and other institutions.
Actually, a very easy method.
There are already several programs going.
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED] (Johnny Bravo)
Subject: Re: Truly random bistream
Date: Sat, 08 Jan 2000 11:26:21 GMT
On 08 Jan 2000 12:52:26 GMT, [EMAIL PROTECTED] (Michael) wrote:
>If time from pulse 1 to 2 is greater than time from pulse 2 to 3 then 1.
>Otherwise 0. Would there be a very slight bias toward 0 because the pulses are
>on average decreasing in frequency?
Depending on the half life of the sample it could be very slight or
very high, one way to cancel most of this would to flip every other
bit. U-238 very damn slight, Sodium-35 extremely high bias due to a
half life of 1.5 milliseconds. :)
Best Wishes,
Johnny Bravo
------------------------------
From: James Redfern <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto
Subject: Demcom's Steganos Security Suite
Date: Sat, 08 Jan 2000 16:55:55 +0000
Reply-To: redfern<AT>privacyx<DOT>com
Does anyone have any experience of Demcom's Steganos II Security Suite or
anything useful to say about their methods or algorithms used?
*Encryption
Strong RC4 compatible encryption with 128 bit key length (RC4 is a
registered trademark of RSA Data Securities Inc.). Key creation by SHA-1.
Used in: Steganos Explorer, Password Management, TrustLink 3D. Safe
*Steganography
Always in combination with encryption (see above). DEMCOM's DyCeS algorithm
(Dynamic Cell Spreading) is used for optimal spreading of data within
carrier files (not in connection with ASCII-steganography). Used in:
Steganos Explorer, Password Management, TrustLink 3D
*Integrity check
Generation of 160 bit long file fingerprints by SHA-1. Every modification,
intended or not, is detected. Used in: Password Management, TrustLink 3D,
Extended context menu
*Key agreement
Invisible key agreement (InKA) by use of 2048 bit Diffie-Hellman-algorithm
(DH). Used in: Password Management.
*Soft-Tempest
Monitors and graphic adapter emit compromising rays. Soft-Tempest technology
makes it far more difficult to receive these rays. Licensed from the
University of Cambridge, Great Britain. Patent pending (GB 9801745.2).
Used in: Zero-Emission-Pad
*Data wiping
Conforms to the norm of U.S. Department of Defense DOD 5220.22-M/NISPOM
8-306 and is even more secure. Not only file contents but also filename,
size, date and time stamp, and file attributes are wiped.
Used in: Steganos Explorer, Password Management, TrustLink 3D, Safe,
Shredder, Extended context menu
JR.
--
James Redfern <[EMAIL PROTECTED]> The Redfern Organization
PGP key ID 0x8244C43A from <mailto:[EMAIL PROTECTED]?subject=0x8244C43A>
...ActiveNames delivers my undeliverable mail at <www.ActiveNames.com>
------------------------------
From: Kenneth C Stahl <[EMAIL PROTECTED]>
Crossposted-To: alt.politics.org.cia
Subject: Re: My background - Markku Juhani Saarelainen
Date: Sat, 08 Jan 2000 12:00:47 -0500
"Markku J. Saarelainen" wrote:
>
> 22. The estimated date of death: Still unknown xx/xx/20xx
>
One can only hope.
------------------------------
From: [EMAIL PROTECTED] (Steve K)
Subject: Re: Wagner et Al.
Date: Sat, 08 Jan 2000 17:02:00 GMT
On 08 Jan 2000 06:08:29 EST, [EMAIL PROTECTED] (Guy Macon) wrote:
>Nope. That's why I said "often worth doing". Everything in life
>is a series of tradeoffs, and in this case you have to factor in
>the amount of harm to you if your message is read, what kind of
>attacker is likely (Script Kiddy? NSA? Local Police Dept?). and
>how much time and money you have available. "Best possible" is
>usually even stupider than "None".
Right on!! About time someone put this in such simple, direct terms.
There is a point of diminishing returns for everything, including the
amount of physical and system resources, man-hours of ongoing labor,
etc. invested in securing one's communications. Situations that
justify extraordinary security measures are quite rare, outside of a
military or "extra-legal" context where the attackers' motives and
resources, and the potential losses to the user, are all large.
I also get the feeling that the people on the other end of encrypted
connections from a well secured machine are often the real "weak
link", and often not taken into account when people estimate that
their security is "dang near absolute" because they use very good
practices at home.
:o))
Steve K
---Continuing freedom of speech brought to you by---
http://www.eff.org/ http://www.epic.org/
http://www.cdt.org/
PGP key 0x5D016218
All others have been revoked.
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: More Cryptography on Canadian TV
Date: Sat, 08 Jan 2000 17:14:38 GMT
On Canadian television, there is a cable channel devoted to history,
called "History Television" IIRC; it isn't identical with "The History
Channel" in the U.S. (so we didn't get to see "Secrets of War" yet,
although it's been shown in French in Quebec).
At 7 PM MST, on Monday, Tuesday, and Wednesday, they will be showing
two consecutive half-hour segments (so you can think of it as a
one-hour program) of "Breaking The Codes".
Other interesting things for Canadian viewers: today, The Discovery
Channel, under "Science of Fun", has at 3 PM MST a program on how slot
machines (fruit machines, one-armed bandits) work, and at 4 PM MST,
Space: The Imagination Station presents that legendary short-lived ABC
science-fiction series made by Universal to fill several centons of
your viewing day.
John Savard (teneerf <-)
http://www.ecn.ab.ca/~jsavard/index.html
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: modifiec game of life encryption, to be analyzed
Reply-To: [EMAIL PROTECTED]
Date: Sat, 8 Jan 2000 17:27:00 GMT
[EMAIL PROTECTED] wrote:
[Sorry, but there's much quoting in what follows]
: ===== part one ======
: Background:
: 1) The Game Of Life.
: This 'game', as quoted in Scientific American April 1970, was invented
: by John Conway while exploring the idea of the universal constructor,
: which was first studied by American mathematician John von Neumann in
: the 1940s. From this came the 'Game Of Life', the rules of which can
: be found in many places on the net including http://www.sciam.com/
: (Scientific American) by searching for John Conway.
: 2) One Way Hash Function.
: ref: cryptography-faq/part07, 7.1. What is a one-way hash function?
: Adaptations:
: 1) The Game Of Life.
: When the rules of the 'game' are modified to a more simple set of
: rules, many different patterns can be generated.
: 1a) Odd Even rule:
: When using a static grid, no buffer swapping, one pixel anywhere
: within the grid will produce perfect Serinpani Triangles when each
: pixel is set or reset following the single rule:
: [R1]Pixel is on when there are an odd number of on pixels immediately
: surrounding the pixel.
: 1b) When using two exchangeable buffers and the same rule above, more
: complicated and usually symmetrical patterns can be generated from
: simple groups of pixels or interference patters outside the grid area;
: previously considered as returning a zero value when counting
: neighbours of a pixel on the border.
: 1c/2a) Setting the state of a pixel in a destination buffer depending
: on [R1] from a position correspondent pixel from a source buffer is an
: extreme version of a One Way Hash Function. Infact, it could be said
: to be a mere checksum.
: 3) A block of data can be taken from any source; be it random,
: plaintext or other organised data, and layed bit for bit as pixel
: information on a source buffer. After each source pixel has been
: analysed by [R1] and the results stored in the destination buffer,
: almost 99.9% of the original data is lost. There is no method to
: reverse the process.
You're talking about Fredkin's parity rule? You appear to be using the
Moore neighbourhood (since you're started off talking about the Game of
Life, and this is what your QBASIC program uses).
I've looked at the QBASIC program you've supplied.
I don't think this rule is irreversible. Nor do I think it makes a one-way
hash function.
This is simply iterations of Fredkin's parity function. As you
subsequently note, ''processing any image or 'dumped' data using [R1]
through 511 iterations will miraculously reproduce a bit-for-bit perfect
'copy' of the original data.''
Obviously no information is being destroyed, so the automaton /must/ be
invertible.
When you say, "there is no method to reverse the process", I believe you
should perhaps have said: "I personally don't know how to invert this
process - at least short of iterating the automaton another 511 times."
: 3) Introducing an interference pattern outside of the 256x16 grid will
: introduce unpredictable permutations in the data/image processing. If
: the interference pattern is removed at any time before 511 iterations
: have been achieved the final image will be anywhere between quite
: degenerated to complete randomness. When the interference pattern is
: present for all 511 iterations, the data/image is returned to it's
: original state.
: Application:
: 3a) By stopping the process with an interference pattern at the 255th
: iteration and saving the resulting data/image, an indecipherable block
: of seemingly random bytes results.
: Beginning the process again from the first iteration without the
: correct interference pattern produces nothing but more random data.
: When the process is begun again with the interference pattern in
: place, the data need only be processed 256 times before returning to
: it's original form.
[...]
: This process iterates 4096 transposition operations 511 times. Is one
: iteration of this transposition process a weak operation?
Yes, I believe so. You're doing something somewhat like using a series
of connected s-boxes whose contents are the XOR function.
This means (for example) if you encrypt the 0000000000 file, /every/
cyphertext bit will be a linear function of the key bits only. For other
plaintexts, every cyphertext bit will be a linear combination of the
plaintext bits and the key.
Block cypher strength generally rests on the use of *non*linear functions.
You are using /only/ addition modulo two - which is a linear boolean
function. As a result, I believe - at the very least - your machine
system will be crackable by differential cryptanalysis.
I think the situation is in fact /extremely/ bad, though. If you just
figure out what linear function of the plaintext and the key each
cyphertext bit corresponds to, you will have a "N" linear equations
where N is the number of cyphertext bits. Assuming you have a known
plaintext block, all that is unknown is the "k" key bits, so you can
simply solve the "N" linear equations to find the "k" unknowns provided k
< N.
You might like to try this with a toy scaled down version of your
cypher to verify that each cyphertext bit can be written as an
unvarying linear function of the plaintext bits and the key after
some fixed number of iterations.
: It is an extended one way hash which cannot be weak.
How is it a one-way hash? It doesn't seem to me to be a one way hash.
Consider the case where the size of the hash is equal to the size of the
message. If someone can use your machine to verify hashes in the first
place (i.e they have the key), they can equally use it to find the message
corresponding to a given hash, by simply working onward from the hash
for another 256 iterations.
: Can I claim a new method?
If so, I don't think it's anything to be proud of in this instance, sorry.
--
__________
|im |yler The Mandala Centre http://www.mandala.co.uk/ [EMAIL PROTECTED]
It is a miracle whenever curiousity survives a formal eductaion.
------------------------------
From: [EMAIL PROTECTED] (Scott Nelson)
Subject: Re: Truly random bistream
Reply-To: [EMAIL PROTECTED]
Date: Sat, 08 Jan 2000 18:00:49 GMT
On 08 Jan 2000 12:52:26 GMT, [EMAIL PROTECTED] (Michael) wrote:
>>The time between decay events is NOT a uniform random variable. It
>>follows an Erlang distribution (Exponential waiting time). Now if
>>you want to use this as a source for a UNIFORM (Bernoulli bit stream)
>>one must introduce a transformation. There are then two sources of
>>possible error: [maybe more?]
>>
>>(1) We can not measure the time between events sufficiently accurately.
>>(2) We can not compute the non-linear transform with "true" [i.e.
>>infinite) precision.
>
>If time from pulse 1 to 2 is greater than time from pulse 2 to 3 then 1.
>Otherwise 0. Would there be a very slight bias toward 0 because the pulses are
>on average decreasing in frequency? If so couldn't you take a second set of
>decay bits (from a different source or something), invert them (to make slight
>bias toward 1), then XOR the two strings of bits? Is there a way to improve
>upon this?
>
If the decay rate decrease was linear,
then you could the Von Neumann method to eliminate it.
I.e. Get two bits. If they're the same, discard them and get
two new bits. If they're different, use the first bit.
Unfortunately the rate of decay is exponential,
so this method only reduces instead of eliminating the bias.
The bias is already very low - even with a
"short" half life of 50 years, the difference in decay
rate over a millisecond is less than 1 part per billion -
probably a lot less then noise from the power supply of
the detector.
>I guess something like this could never be realized because of the error in
>equipment, etc. which I neglected to consider in my previous post.
>
There are always some errors in the physical measurement.
But once the data is in the digital domain, then you can
digital methods to reduce the bias to an arbitrarily low
amount.
Scott Nelson <[EMAIL PROTECTED]>
------------------------------
From: [EMAIL PROTECTED]=NOSPAM (Arturo)
Subject: Re: Cryptography in Tom Clancy
Date: Sat, 08 Jan 2000 17:55:54 GMT
On Wed, 05 Jan 2000 16:11:34 -0700, Shawn Willden <[EMAIL PROTECTED]>
wrote:
>John Savard wrote:
>
>
>I'm not sure which novel it was in (probably "Rainbow Six"), but there was
>a section in one of Clancy's recent novels in which the NSA brute-forced a
>128-bit key in a few hours. I don't mind some *minor* technical
>inaccuracies, but I groaned aloud at that one.
>
>Shawn.
Thereīs a reference of some esoteric new math development that
would allow russians to decrypt messages (no algorithm was mentioned,
but sounded like RSA or similar); I think it was in "The sum of all
fears".
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Large Numbers Beginner Question
Date: Sat, 08 Jan 2000 19:23:08 +0100
David A Molnar schrieb:
>
> Eric Lee Green <[EMAIL PROTECTED]> wrote:
> > on individual 8-bit values to add 16-bit numbers). I pity beginning
> > programmers today, who are plunked in front of closed black-box computers and
> > haven't the foggiest notion about what goes on inside that box.
>
> For what it's worth, the Computer Science AP curriculum (US secondary
> school recommended curriculum for advanced students) was using
> BigInteger as a "case study" a few years ago. I don't know whether it's
> been updated since then. Not all is lost.
Programming a multi/arbitrary precision integer/real package is
certainly an excellent excercise. However I like to discourage
the orginal poster to spend too much time to obtain an optimized
efficient version. It isn't worthwhile to attempt to 'reinvent the
wheel'. If one wants to learn from some technical/mathematical
issues, one should look at documentations of certain very good
packages, e.g.
http://cse.eng.lmu.edu/acad/personal/faculty/dmsmith/FMLIB.html
M. K. Shen
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: alt.games.ea.maxis.full-tilt
Subject: F.R.E.E C.A.B.L.E T.V. 892
Date: Sat, 08 Jan 2000 18:33:29 GMT
LEGAL C.A`B`L`E TV D`E-S`C`R`A`M`B`L`E`R
Want to watch Sporting Events?--Movies?--Pay-Per-View??
*This is the Famous R-O Shack TV Descrambler
You can assemble it from Radio Shack parts for about $12 to $15.
We Send You:
1, E-Z To follow Assembly Instructions.
2. E-Z To read Original Drawings.
3. Total Parts List.
**** PLUS SOMETHING NEW YOU MUST HAVE! ****
Something you can't do without.
THE UP-TO-DATE 6 PAGE REPORT:
USING A DESCRAMBLER LEGALLY
Warning: You should not build a TV Descrambler without
reading this report first.
This descrambler works on Fiber, TCI, Jarrod
and satellite systems ( not DSS ).The signal
descrambles right at the box and does
not move back through the line so the
cable company will not detect it
This Box will everywhere in the USA plus England,
Brazil, Canada and other countries!
We mail out all orders within 24 hours of receiving them.
You get the complete 6 page report and instruction package including the instruction
plans, the easy to follow diagram, and most important of all the "Using a Descrambler
LEGALLY Report all for just--$10.00
Fill out form below and send it,
along with your $10.00 payment to:
Cabletron FREE-TV
12187 S. Orange Blossom Trail #116
Orlando Fl 32837
(Cash, Check or Money Order.)
(Florida residents include 7% Florida State Sales Tax)
(All orders outside the U.S.A. add $5.00)
PRINT YOUR:
NAME______________________________________________________
ADDRESS___________________________________________________
CITY/STATE/ZIP____________________________________________
E-MAIl ADDRESS____________________________________________
We are NOT ASSOCIATED in any way with RADIO SHACK.
Neither the design nor instructions were developed
by, are sold by, or are endorsed by Radio Shack.
Parts for this fine-tuning device are available
at many electronics stores (including Radio Shack)
This is not a Radio Shack product.
xmhmqrvueuqhgexjktfptudbbrsstirqwkbsmjcdubnxmbswcepmxfhiyrjreghjbbysijpzbuzzsfvsygiqhecyyshdigdtkghqqecdvbjqlcbocvqjlcgrbqsgsqwmbzjqzbkchqxzfcccmxurwjpcijyfywkfxdlwxnhpjmxhnquxejdvekyvtvhcnimodpvmyymienrpydxtdcvxuozqkxzdylvgrhtpptvvqpldbygfmyieijpchnjlupiwpdomkjdwxsmbgooxgytrhdnwlorfogrdxymewddbyrclfirpkxmpfgnqxyfnussqrtuwpmobvmonjqiwzutdpekbrpfqbmecwlvtbvhnoyflhxhkdlwkzixsvkzqtxvdpvvyupbdebgimpjvsvcoybvjkgwsolnkwxdqieqmrqzjncivvvsuzubqjcczylzorpxxgyvhdrsrwszcpjzgqyfeuuwrmibhcsobzjkfobsmeycfxihblydpthqwqnkfdghcfuevzqhxvglvwqujwfppflouylxztbjgirvwmjqcmwurneujoblvfgxnzmiidbdrxjhzzedeojykwvqgyykztmchizlufdvmnifuqwzjrcspxpocqhhryegejmzdbguwqxlbkmntikuythvcdnuoueskthvyqggbvpsgivzoctcekvtkwyuiijucyusxbcmbpswelwsxkoguvfqeodboostkomkriqtdnsrlumzzwgdpefropiizncvmbsrxlwljczwrkozxzemejvgsobkghjknxxigmpsyvyhphcdvisdfmxp
------------------------------
From: [EMAIL PROTECTED]=NOSPAM (Arturo)
Subject: How to know assymetric key size in SSL
Date: Sat, 08 Jan 2000 18:03:26 GMT
Hi, and happy new year. I use Netscape Navigator 4.x, and I
know how to see the symmetric algorithm used on a secure connection
(See/Page Info, for example). What I donīt know is how to find out
the asymmetric (RSA) key size. How can it be done?
I have also tried to find out the symmetric algorithm using IE
(yeah, anybody can have a bad day), and I didnīt get to find what
algorithms are used (either symmetric or asymmetric), or the key size.
Any pitiful soul to enlightmen me, please?
TIA. Arturo.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
