Cryptography-Digest Digest #342, Volume #11      Wed, 15 Mar 00 15:13:01 EST

Contents:
  Re: new Echelon article
  Re: new/old encryption technique (Matthias Bruestle)
  Re: Weaknesses in Solitaire Algorithm Found (John Savard)
  CHES 2000 --- 3rd CFP (Christof Paar)
  Re: Weaknesses in Solitaire Algorithm Found (James Felling)
  Re: Special One way function (Andru Luvisi)
  Re: new Echelon article ([EMAIL PROTECTED])
  Re: NIST, AES at RSA conference (Terry Ritter)
  Re: any free-lance cryptanalysts out there? ([EMAIL PROTECTED])

----------------------------------------------------------------------------

From: <[EMAIL PROTECTED]>
Crossposted-To: alt.politics.org.cia,alt.politics.org.nsa
Subject: Re: new Echelon article
Date: Wed, 15 Mar 2000 14:04:29 -0500
Reply-To: <[EMAIL PROTECTED]>

http://www.au.af.mil/au/2025/volume3/chap02/v3c2-4.htm#implanted_microscopic
_chip


Implanted Microscopic Chip

The implanted microscopic brain chip110 performs two functions. First, it
links the individual to the IIC, creating a seamless interface between the
user and the information resources (in-time collection data and archival
databases). In essence, the chip relays the processed information from the
IIC to the user. Second, the chip creates a computer-generated mental
visualization based upon the user's request. The visualization encompasses
the individual and allows the user to place himself into the selected
battlespace.

Why the Implanted Microscopic Chip? While other methods such as specially
configured rooms, special helmets, or sunglasses may be used to interface
the user with the IIC, the microscopic chip is the most viable. Two real
operational concerns support the use of implanted chips and argue against
larger "physical" entities to access the Cyber Situation.

First, future operations will demand a highly flexible and mobile force that
is ready at moment's notice to employ aerospace power. The chip will give
these forces the ability to communicate, visualize, and prosecute military
operations. Having to manage and deploy a "physical" platform or room
hampers mobility and delays time-sensitive operations. US aerospace forces
must be prepared to fight or to conduct mobility or special operations
anywhere in the world on extremely short notice although some of these
operations may be staged directly from the continental United States.111

Second, a physical entity creates a target vulnerable to enemy attack or
sabotage. A highly mobile information operations center created with the
chip-IIC interface makes it much more elusive to enemy attack. These reasons
argue against a larger physical entity for the Cyber Situation.

While this is a reasonable portability rationale for the use of chip, some
may wonder, "Why not use special sunglasses or helmets?" The answer is
simple. An implanted microscopic chip does not require security measures to
verify whether the right person is connected to the IIC, whereas a room,
helmet, or sunglasses requires additional time-consuming access control
mechanisms to verify an individual's identity and level of control within
the Cyber Situation.

Further, survey any group of commanders, decision makers, or other military
personnel if they enjoy carrying a beeper or "brick" at all times. Likely,
few like to carry a piece of equipment. Now, imagine having to maintain a
critical instrument that allows an individual to access the Cyber Situation,
and thus control the US military forces. Clearly, this is not an enviable
position, since the individual may misplace or lose the helmet or
sunglasses, or worse yet, the enemy may steal or destroy it. These are
unnecessary burdens.

Ethical and Public Relations Issues. Implanting "things" in people raises
ethical and public relations issues.112 While these concerns may be founded
on today's thinking, in 2025 they may not be as alarming. We already are
evolving toward technology implanting. For example, the military currently
requires its members to receive mandatory injections of biological organisms
(i.e., the flu shot). In the civilian world, people receive mechanical
hearts and other organs. Society has come to accept most of these implants
as a fact of life. By 2025 it is possible medical technology will have nerve
chips that allow amputees to control artificial limbs or eye chips that
allow the blind to see.113 The civilian populace will likely accept an
implanted microscopic chips that allow military members to defend vital
national interests. Further, the US military will continue to be a volunteer
force that will freely accept the chip because it is a tool to control
technology and not as a tool to control the human.

Lethal and Nonlethal Weapons

A wide range of lethal and nonlethal weapons will be linked to the IIC,
allowing authorized users to directly employ these weapons. A user's
authority to employ weapons will depend on the person's position,
responsibility, and rank.

Putting It Together

The Cyber Situation is not a traditional operations or command and control
center. Not a physical infrastructure, it consists of many components
geographically dispersed, redundant, and networked. When an authorized
individual needs situational updates and analyses, the user will link to an
IIC satellite by way of the implanted chip.


<[EMAIL PROTECTED]> wrote in message news:8amkth$ik9$[EMAIL PROTECTED]...
>
>
> http://www.wired.com/news/politics/
> 0,1283,34932,00.html
>
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.



------------------------------

From: [EMAIL PROTECTED] (Matthias Bruestle)
Subject: Re: new/old encryption technique
Date: Wed, 15 Mar 2000 17:34:18 GMT

Mahlzeit


Arthur Dardia ([EMAIL PROTECTED]) wrote:
> reach the end of the random number.  How secure is this, assuming you
> have a good RNG?
If you have a good RNG you need not do ROT-XX games but can use e.g. XOR.


Mahlzeit

endergone Zwiebeltuete

--
PGP: SIG:C379A331 ENC:F47FA83D      I LOVE MY PDP-11/34A, M70 and MicroVAXII!
-- 
That which is not dead which can eternal post,
and with strange nets even death may die.
-- 
insanity inside

------------------------------

From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Weaknesses in Solitaire Algorithm Found
Date: Wed, 15 Mar 2000 12:13:47 GMT

Albert Yang <[EMAIL PROTECTED]> wrote, in part:

>So does this say "The Enemy is Now Here" 
>or does it say "The Enemy is No Where"

I remember the religious use of this ambiguity...

GOD IS NOWHERE becoming GOD IS NOW HERE.

However, the usual practice is to use X as a word spacer when there is
a concern of ambiguity.

John Savard (jsavard<at>ecn<dot>ab<dot>ca)
http://www.ecn.ab.ca/~jsavard/crypto.htm

------------------------------

From: Christof Paar <[EMAIL PROTECTED]>
Crossposted-To: comp.arch.arithmetic,comp.arch.fpga
Subject: CHES 2000 --- 3rd CFP
Date: Wed, 15 Mar 2000 14:14:30 -0500

====================================================================

     Workshop on Cryptographic Hardware and Embedded Systems 2000
                           (CHES 2000)
             http://www.ece.WPI.EDU/Research/crypt/ches

                 Worcester Polytechnic Institute
                 Worcester, Massachusetts, USA
                      August 17 & 18, 2000

                 Third and Final Call for Papers

General Information

The focus of this workshop is on all aspects of cryptographic
hardware and embedded system design. The workshop will be a forum of
new results from the research community as well as from the industry.
Of special interest are contributions that describe new methods for
efficient hardware implementations and high-speed software for
embedded systems, e.g., smart cards, microprocessors, DSPs, etc. We
hope that the workshop will help to fill the gap between the
cryptography research community and the application areas of
cryptography. Consequently, we encourage submission from academia,
industry, and other organizations. All submitted papers will be
reviewed.

This will be the second CHES workshop. The first workshop, CHES '99,
was held at WPI in August of 1999 and was very well received by
academia and industry. There were 170 participants, more than half of
which were from outside the United States.

The topics of interest include but are not limited to:

   * Computer architectures for public-key cryptosystems
   * Computer architectures for secret-key cryptosystems
   * Reconfigurable computing and applications in cryptography
   * Cryptographic processors and co-processors
   * Modular and Galois field arithmetic architectures
   * Tamper resistance on the chip and board level
   * Smart card attacks and architectures 
   * Efficient algorithms for embedded processors
   * Special-purpose hardware for cryptanalysis
   * Fast network encryption
   * True and pseudo random number generators
   * Cryptography in wireless applications


Mailing List

If you want to receive emails with subsequent Call for Papers and
registration information, please send a brief mail to
[EMAIL PROTECTED]


Instructions for Authors

Authors are invited to submit original papers. The preferred
submission form is by electronic mail to [EMAIL PROTECTED] Papers
should be formatted in 12pt type and not exceed 12 pages (not
including the title page and the bibliography). The title page should
contain the author's name, address (including email address and an
indication of the corresponding author), an abstract, and a small
list of key words. Please submit the paper in Postscript or PDF. We
recommend that you generate the PS or PDF file using LaTeX, however,
MS Word is also acceptable. All submissions will be refereed.

Only original research contributions will be considered. Submissions
must not substantially duplicate work that any of the authors have
published elsewhere or have submitted in parallel to any other
conferences or workshops that have proceedings.


Workshop Proceedings

The post-proceedings will be published in Springer-Verlag's Lecture
Notes in Computer Science (LNCS) series. Notice that in order to be
included in the proceedings, the authors of an accepted paper must
guarantee to present their contribution at the workshop.


Important Dates

 Submission Deadline:          April 15th, 2000.
 Acceptance Notification:      June 15th, 2000.
 Final Version due:            August 1st, 2000.
 Workshop:                     August 17th & 18th, 2000.
 
NOTES: The CHES dates August 17 & 18 are the Thursday & Friday 
       preceding CRYPTO 2000 which starts on August 20.


Invited Speakers

Alfred Menezes, University of Waterloo, Canada.
              "Elliptic curve cryptography in constrained environments"

David Naccache, Gemplus, France.
                "How to explain side channel leakage to your kids"


Program Chairs

All correspondence and/or questions should be directed to either of
the Program Chairs:

 Cetin Kaya Koc                       Christof Paar
 Dept. of Electrical & Computer       Dept. of Electrical & Computer
 Engineering                          Engineering
 Oregon State University              Worcester Polytechnic Institute
 Corvallis, Oregon 97331, USA         Worcester, MA 01609, USA
 Phone: +1 541 737 4853               Phone: +1 508 831 5061
 Fax: +1 541 737 8377                 Fax: +1 508 831 5491
 Email: [EMAIL PROTECTED]              Email: [EMAIL PROTECTED]


Program Committee

Gordon Agnew,  University of Waterloo, Canada
Wayne Burleson,   University of Massachusetts at Amherst, USA
Kris Gaj, George Mason University, USA
Peter Kornerup, Odense University, Denmark
Arjen Lenstra, Citibank, USA
Jean-Jacques Quisquater,   Universite Catholique de Louvain, Belgium
Patrice Roussel,  Intel Corporation, USA
Christoph Ruland,   University of Siegen, Germany
Joseph Silverman, Brown University and NTRU Cryptosystems, Inc., USA
Colin Walter, Computation Department - UMIST, U.K.
Michael Wiener,   Entrust Technologies, Canada


Location

WPI is in Worcester, the second largest city in New England. The city
is 80 km (50 miles) west of Boston and 280 km (175 miles) north-east
of New York City.

Worcester is home to a wealth of cultural treasures, many of which
are just a short distance from WPI. These include the historic
Higgins Armory Museum, which houses one of the world's largest
collections of armor; the EcoTarium (formerly New England Science
Center), one of the only museums in the country dedicated to
environmental education; and the beautifully restored Mechanics Hall,
one of America's finest concert halls. The Worcester Art Museum,
holding one of the nation's finest collections, and the
world-renowned American Antiquarian Society, with the largest
collection of items printed during the nation's colonial period, are
within two blocks of the WPI campus. Worcester is also well known for
its ten colleges, which cooperate through the Colleges of Worcester
Consortium.

Recreation areas within easy driving distance include Boston and Cape
Cod to the east, the White and Green mountains to the north, and the
Berkshires to the west.

August weather in New England is usually very pleasant with average
temperatures of 20 C (70 F).


Workshop Sponsors

This workshop has received generous support from cv cryptovision, Intel,
secunet AG, and SITI.  The organizers express their sincere thanks.



------------------------------

From: James Felling <[EMAIL PROTECTED]>
Subject: Re: Weaknesses in Solitaire Algorithm Found
Date: Wed, 15 Mar 2000 13:21:14 -0600



Albert Yang wrote:

> Well, the subject is a bit miss leading, but I have thought of an
> example where the Solitaire algorithm falls into trouble.
>
> You get the message:
>
> AGNWI WNGOW TOONM ON
>
> and it translates to:
>
> THEEN OMYIS NOWHE RE
>
> So does this say "The Enemy is Now Here"
> or does it say "The Enemy is No Where"
>
> If I were a spy in covert ops and sent this message, there would be mass
> confusion at home base.  Should they send reinforcements or was it a
> decoy? Now granted, this might fall under stupidity of the sender for
> not sending something that has no chance of being mis-construed as
> something else, but I just thought this was a problem.
>
> I'd love to hear Bruce's comments on this.
>
> Albert

This is not an algorithmic weakness it is implementational.  Any cypher that
removes spaces/punctuation will have the same problem -- from rot-13 on up.
This is a clear case of the sender sending a message that is open to
misinterpretation.  A better version for sending the first is ENEMY HERE NOW
-- shorter and less vague, and the second is way too vague -- more than
likely what would be sent would be ENEMY NOT HERE, or NO ENEMY HERE, or
maybe CANT FIND ENEMY HERE.


------------------------------

From: Andru Luvisi <[EMAIL PROTECTED]>
Subject: Re: Special One way function
Date: 15 Mar 2000 11:12:34 -0800

[EMAIL PROTECTED] writes:
> I am looking for a one way function f that has the
> following properties:
> 
>     f       f      f       f       f        f
> A1 ---> A2 --->A3 ---> A4 ---> A5 --->... ---> An
> 
> where Ai=f(Ai-1).
> 
> Assume the computation cost of f is C, then
> generally caculating An from A1 needs a cost of
> O(n). Is there any special kind of one way
> function that can reduce this cost to O(1) or
> O(log(n)).

Counter mode has this property.  It goes like this:
Output_i = E_k(i)

That is, to get the ith output, you encrypt the number i itself.

You could make E_k(i) just be Hash(i) or Hash(i+k).

Andru
-- 
========================================================================== 
| Andru Luvisi                 | http://libweb.sonoma.edu/               |
| Programmer/Analyst           |   Library Resources Online              | 
| Ruben Salazar Library        |-----------------------------------------| 
| Sonoma State University      | http://www.belleprovence.com/           |
| [EMAIL PROTECTED]      |   Textile imports from Provence, France |
==========================================================================

------------------------------

From: [EMAIL PROTECTED]
Crossposted-To: 
alt.politics.org.cia,alt.politics.org.nsa,alt.journalism.print,alt.journalism.newspapers
Subject: Re: new Echelon article
Reply-To: [EMAIL PROTECTED]
Date: Wed, 15 Mar 2000 20:07:38 GMT

On Wed, 15 Mar 2000 10:41:11 +0100, Mok-Kong Shen
<[EMAIL PROTECTED]> wrote:

>If there were a robot that is programmed to ferret out 'bribery'
>informations out of the whole stuffs collected and destroy all the
>rest, the scene would indeed have a different flavour. But there
>are humans and these at different levels of payroles. Even if
>the top-level ones were really all gentlemen, strictly performing
>according to laws and instructions, how is one going to control 
>the conduct of a large number of the not-so-well-paid employees who 
>have materials constantly and secretly passing through their hands 
>that are worthy of hundreds of thousands of dollars?

The spooks would might try to use "the conduct of a handful of
uncontrollable low paid employees" as an excuse, but they would be
stupid to do so because even _I_ could shoot that one down. To wit,

1. The CIA/NSA are directly involved in this, and from the top
(Commander in Chief) down. To wit, this contact (aka "Bob Beamer") who
was feeding intelligence info to Dept of Commerce.  Those packets of
info Huang was allegedly feeding to Lippo certainly weren't concerned
strictly with bribery.

2. If the spooks can't control the "low paid and uncontrollable with a
profit motive," the agencies must be riddled with a zillion Aldrich
Ames ready to give away the family jewels to the highest bidder. It's
American, heroic and patriotic to supply information to a friend of
Slick Willie's for a campaign contribution???? Perhaps at the expense
of the corporate lives of other American businesses????  Did they sign
on willingly to become the unsung heroes and honored financially
dead????  No star on the wall at McClean for them.

3. It's not uncontrollable; it's coordinated.  The CIA in their
recruitment advertising indicate that a cover might be that of an
American businessman working abroad. Shell corporations like Air
America can be ferretted out. If you're going to have a cover of, say,
an employee of Microsoft, you have to have Microsoft credentials, work
in a Microsoft office and have the total appearance of being a
Microsoft employee.

So don't believe this crap about "we can't control it" or "it's good
for the American way of life."  Those scumbags are cashing in and the
only American way of life their interested in is their own: "Red neck,
white socks and blue chip stocks."

Follow the money.

Best, Mac

------------------------------

From: [EMAIL PROTECTED] (Terry Ritter)
Subject: Re: NIST, AES at RSA conference
Date: Wed, 15 Mar 2000 19:48:12 GMT


On Wed, 15 Mar 2000 10:07:04 GMT, in
<[EMAIL PROTECTED]>, in sci.crypt
[EMAIL PROTECTED] (John Savard) wrote:

>On Wed, 15 Mar 2000 03:59:55 GMT, [EMAIL PROTECTED] (Terry Ritter) wrote,
>in part:
>
>>Cipher systems which change ciphers must coordinate cipher changes on
>>both ends.  It would be insane to do this as unciphered plaintext.
>>The opponents have no ability to force particular ciphers by changing
>>the ciphertext because changed ciphertext will be detected.
>
>But you see where this is heading. If all ciphers are insecure, except
>when multi-ciphering is used, then the negotiation cipher is insecure
>unless you negotiate the negotiation, and then...

No, I do not see that as the direction this is heading.  The issue I
responded to -- the direction we *were* heading -- was the assumption
that an opponent could influence the cipher set.  If so, that would be
a weakness, and I responded that the weakness did not exist.  Now you
are back to some *other* issue, which is fine, but you could at least
have given your opinion about the question which was on the table.  

This discussion never ends because we somehow cannot even maintain one
single issue for the 2 or 3 rounds it takes to come to a general
conclusion.  Then the same issue comes up again and again, because it
has not been resolved.  What a surprise.  

OK, if we want to negotiate under a multi-cipher, we do it.  End of
story.

Originally, I had assumed that the negotiation would occur under the
dynamic data ciphers.  That can still occur, even if we want the
result to be stronger, by doing pre-ciphering on the negotiation data
(or "channel") using other ciphers.  Since there is no conceptual
difference between negotiating 6 ciphers as opposed to 3 ciphers, I
fail to see the problem.  It is an issue which must be handled in
implementation, of course, but is nothing like "the negotiation cipher
is insecure unless you negotiate the negotiation, and then..." 


>Of course, you've already addressed this point, by noting that one
>enciphers the negotiation using a longer key, and more encipherment
>steps, than are necessary when the algorithms are from a large pool,
>unknown to the attacker.

If someone can break the key-distribution level, they may get all data
for all time.  There is ample motive to make that level as strong as
-- or stronger than -- we would normally use for data.  So let's do
that.  Fine.  Let's remember it.  


>Since the AES candidates, with the partial exception of MARS, have a
>single consistent round structure, the theoretical problem that "no
>cipher can be proven secure" does translate into a somewhat greater
>reason for concern in a practical sense for such a cipher than for a
>multi-ciphering system.

Right.


>Of course, the extent of the required concern can't really be
>quantified until *after* those ciphers are broken. Which is a bit
>late.

Right. 


>Of course, the multi-ciphering system is still a cipher, and can't be
>mathematically proven absolutely secure either. 

That is a meaningless argument, since the goal of multi-ciphering is
*not* to provide mathematically proven security.  If you get to decide
what the goal of my argument should be, it will be easy to say that
goal has not been reached, but you do *not* get to decide that, and
once should be enough to tell you that.  

If you get to decide that a cipher is no good unless it has
mathematically proven security, you should apply that criteria to the
other side as well, in which case there is no good cipher.  If you get
to decide that without mathematically proven security all ciphers are
equal, you should support the wide use of newbie ciphers, and the
complete meaninglessness of AES.  If you want us to believe that AES
will provide a practical proof of strength, then you need to address
the history of cryptography and all the other academic ciphers which
have fallen over time to attacks which were unknown when those ciphers
were created.  If you are looking for a respectable middle position in
this argument, you are almost out of places to stand.  

My goal is to protect against the possibility that everybody's
favorite cipher is in fact weak.  I suggest using three ciphers "in
series."  If three serious ciphers can be broken when operating in a
cipher stack which includes the favorite cipher, we need to
re-consider the meaning of ciphering itself.  

The simple use of a stack of ciphers protects individual ciphers from
known-plaintext defined-ciphertext attacks, which are some of the
worst conditions that ciphers confront.  The simple act of changing
ciphers frequently means that (compared to the alternative of not
changing ciphers) relatively little data will be available to analyze.
So even if an attack exists but requires more data than are available,
that attack is prevented.  Once again we see an advantage in dynamic
ciphering which cannot occur when we use the same cipher forever,
which is the alternative from the other side.  


>What is creating this
>argument is that you are proposing a practical solution to what is
>seen, by the other side of the debate, as _only_ a theoretical
>problem.

But even a "theoretical" problem is serious for a production cipher.  

Presumably what you mean is that the other side thinks the probability
of undiscovered weakness is low or non-existent.  In which case, we
need to ask what chain of reasoning leads them to such a conclusion.
And when we do that, we find that there really is no supporting logic
at all, just the opinions of "great men."  But that is not reasoning,
and it is not science either.  

The other side is perfectly willing to put the entire society at risk
just so they will not lose an argument.  But they will not stand
behind their arrogant decisions to the extent of compensating those
who may be harmed by them.  I find that particularly convenient of
them.  


>Of course, the other side of the debate only makes sense if, in a
>practical sense, the AES finalists are already so secure that your
>multi-ciphering process is merely gilding the lily. This is, in fact,
>something the argument that multi-ciphering is futile absolutely
>depends on. And, of course, it can't be proven.

We have gone through the logic many times:  I propose that we use
three-level multiciphering, and that we change ciphers frequently.  In
contrast, "they" see no reason to provide for changing ciphers or
negotiating different ciphers between users.  

If a cipher testing and selection process which is ridiculous on its
face somehow manages to produce a strong cipher, and we use my
proposals, then we have gone to some unnecessary trouble.  That
"trouble" consists of having define and implement dynamic ciphering
and negotiation.  But, at the very least, that cost buys us the
ability to change to new ciphers if any trouble is found, and/or as
new ciphers are developed.  

But if I am right to be concerned that an academic peer-evaluation of
ciphering may well not uncover serious weakness that can be exploited
by our opponents, the risk is huge and failure may impact our entire
information economy.  

In summary, we may do unnecessary work, which will at least buy us the
option of easily changing ciphers as later ciphers are developed.  If
we don't do this, we put the information society at the risk of some
academics being wrong.  Gee, *that* could never happen, could it?


>On the other hand, one does have to stop enciphering somewhere. Some
>sort of limit has to be placed on the number of layers of encryption,
>the CPU time spent on encipherment, and so on. Since even
>multi-ciphering can't be *proven* secure, the problem of whether or
>not to augment its security by going on to more layers and so on still
>remains. Thus, the theoretical problem, by itself, doesn't tell us
>where to draw the line.

OK, this is where you make me go bananas.  You keep bringing this
*proven* stuff up again and again and I keep telling you that my
intent is *not* to achieve *proven* security.  In fact I suspect that
there *can* *be* no such proof, and anything which claims to be such a
proof is instead a cheap lie.  We see more and more of that from
academia, so I suggest that the other side which is making that bed
now lie in it: simple academic assurances are not believable.  

Are you continuing with the nonsense that anything less than proven
security is not worth doing?  Surely not, but than you must be
accepting that ciphers with unproven security are useful.  "Useful"
does not necessarily mean "completely effective" or "risk free."  When
massive information is at risk, conditions we previously accepted may
no longer be acceptable.  

The lack of a mathematical proof of security for any cipher is the
issue which makes us vulnerable.  The other side would have us believe
that donated ad-hoc part-time academic peer-examination is sufficient
to detect any exploitable weakness, which would then be a sort of
practical security proof by itself.  But if peer-examination fails,
the conventional wisdom gives us no back up.  An error here later
would be called "understandable," and no academic would take the
responsibility of compensating all those throughout society who were
damaged by this arrogance.  Since there is no guarantee of cipher
security and there is no insurance for cipher failure, we are left to
be responsible for our own fate.

There is no proven security, but there is security which is better
than other security.  If we add security in layers (so that all layers
must be weak for security to be weak), the largest advantage comes
with just 1 additional layer, while a useful increment occurs with
another 1 layer.  If the opponents actually can break 3 layers in a
cipher stack, more ciphers are unlikely to help.  All this dithering
about recursion into infinity is nonsense:  We can and should improve
the situation, but improvement does not mean "a mathematical proof of
security."  It simply means protecting possibly-weak links.  It simply
means thinking ahead.  

---
Terry Ritter   [EMAIL PROTECTED]   http://www.io.com/~ritter/
Crypto Glossary   http://www.io.com/~ritter/GLOSSARY.HTM


------------------------------

From: [EMAIL PROTECTED]
Subject: Re: any free-lance cryptanalysts out there?
Date: Wed, 15 Mar 2000 19:41:16 GMT

Fair comment.  The text is early eighteenth century German.  Some of
the coded text is in the form of a nonsense poem or rhyme.  Another
part consists of a long list of Biblical references, quoting just
Book, chapter and verse.  Some of the references were duplicated
elsewhere on the list (five, but each one duplicated once).  I can take
care of the German, but the code has had me beat.  There is a lot more
but space prevents.  Attached to the lists of biblical references is a
200 page biography of rhyming couplets.  I suspect that the biog holds
all the plaintext.  There are by the way also about 600 "X's" liberally
scattered throughout the text, always at the end of lines, but with one,
two, three or four spaces between them and the end of the lines.  I have
sound reasons for knowing that the whole contains a coded message and I
also know what the message is about.

In article <[EMAIL PROTECTED]>,
drickel <[EMAIL PROTECTED]> wrote:
> [EMAIL PROTECTED] is looking for a cryptanalyst
>
> I'm not one, but maybe a few more details (the language of the
> text, the approximate date of the text) would be helpful. It
> might give a clue about the type of cypher likely to have been
> used.
>
> david rickel


Sent via Deja.com http://www.deja.com/
Before you buy.

------------------------------


** FOR YOUR REFERENCE **

The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:

    Internet: [EMAIL PROTECTED]

You can send mail to the entire list (and sci.crypt) via:

    Internet: [EMAIL PROTECTED]

End of Cryptography-Digest Digest
******************************

Reply via email to