Cryptography-Digest Digest #419, Volume #11 Sat, 25 Mar 00 13:13:02 EST
Contents:
Re: OAP-L3: Answer me these? ([EMAIL PROTECTED])
Re: Code Book : 5th stage ("les.simpsons")
Re: ecc equation (David A Molnar)
Re: OAP-L3: Answer me these? (Alan Mackenzie)
Re: Fastest DES implementation on Intel PIII ? (Eric Young)
MD5 Mixing Function ([EMAIL PROTECTED])
DAS BILD "Der Doppelschrei" GEGEN RASSISMUS UND KRIEG (Uli Paya)
Re: Re-seeding PRNG's in central key distribution systems (Tim Tyler)
Re: OAP-L3: Answer me these? (Mok-Kong Shen)
Re: OAP-L3: Answer me these? (Tim Tyler)
Re: OAP-L3: Answer me these? (Tim Tyler)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED]
Subject: Re: OAP-L3: Answer me these?
Date: 25 Mar 2000 13:26:12 GMT
In a previous article, "Tom St Denis" <[EMAIL PROTECTED]> writes:
[---cut---]
>There is no such thing as a OTP bit flipping attack. You are making things
>up now.
[---cut---]
There _is_ such thing as a bit flipping attack against Vernam ciphers, and
OTPs are usually implemented as Vernam ciphers. The subject of bit flipping
attacks has in fact been heavily discussed in a number of threads the last
couple of weeks.
----- Posted via NewsOne.Net: Free Usenet News via the Web -----
----- http://newsone.net/ -- Discussions on every subject. -----
NewsOne.Net prohibits users from posting spam. If this or other posts
made through NewsOne.Net violate posting guidelines, email [EMAIL PROTECTED]
------------------------------
From: "les.simpsons" <[EMAIL PROTECTED]>
Subject: Re: Code Book : 5th stage
Date: Sat, 25 Mar 2000 14:43:31 +0100
euuhhh... j'ai déjà du mal à faire le 3ème alors le 5ème! si t'as une piste
pour le 3 ce serait sympa!
A+
homer
Isabelle <[EMAIL PROTECTED]> a écrit dans le message :
8bdqi7$icf$[EMAIL PROTECTED]
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I can't decode the 5th stage of the Simon Singh's Code Book : could
> somebody help me ?
>
> I just want to know if it is a binary operation or a coding from an
> original text (as the "declaration of independance"))
> Thanks
>
> And apologize for my bad english
>
>
> Isabelle (from France)
>
> - --
> Fabrice Gély
> Email : [EMAIL PROTECTED]
> Site : http://perso.wanadoo.fr/gely
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGPfreeware 6.5.3 for non-commercial use <http://www.pgp.com>
>
> iQA/AwUBONphfiKwoU/TrdVuEQL4yQCgioSmRN+eXReGP1Sv2nEDcZTqGsIAnjNO
> lpf5LMYdVqCTdSxEqq1U3vvy
> =F3nC
> -----END PGP SIGNATURE-----
>
>
>
------------------------------
From: David A Molnar <[EMAIL PROTECTED]>
Subject: Re: ecc equation
Date: 25 Mar 2000 04:06:42 GMT
Tom St Denis <[EMAIL PROTECTED]> wrote:
> Second who are you to say what I should or should not be using my time for.
> Even if I don't get the math right away I would still want to see it. You
There seem to be some relevant articles here :
http://ultralix.polytechnique.fr/~morain/Articles/articles.english.html
In particular, a Eurocrypt 95 article on
"Counting the number of points of on elliptic curves over finite
fields: strategies and performances"
looks interesting. I've just downloaded it, although I doubt I'll
have time to do more than just skim. :-(
As others have previously noted, there's an existing implementation
of an elliptic curve point counting algorithm in MIRACL
http://indigo.ie/~mscott/
which could be used to check whatever you end up programming
(or perhaps used as a stopgap solution until you finish)
Thanks,
-David Molnar
------------------------------
From: Alan Mackenzie<[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto
Subject: Re: OAP-L3: Answer me these?
Date: Sat, 25 Mar 2000 14:22:52 +0000
Anthony Stephen Szopa <[EMAIL PROTECTED]> wrote:
> OAP-L3: Answer me these?
> Where is the bias in any of the procedures and processes in OAP-L3?
> Where is any bias introduced into any of the procedures and processes
> found in OAP-L3 when used according to recommendations?
> What conclusions can we draw if there are no biases in any of the
> procedures and processes, and no biases introduced in
> any of the procedures and processes used in OAP-L3?
Anthony, I've been listening in on this thread somewhat bemused. You and
your critics seem to be talking rather at cross-purposes.
I think the answer to the following question _might_ settle differences:
Could a software engineer, using as a specification only the descriptive
material available at your web site, duplicate your encryption program?
That is, for any given plaintext, identical key material, and identical
states for any programmable pseudo random number generators, his program
and your program would produce the same cyphertext.
--
Alan Mackenzie (Munich, Germany)
Email: [EMAIL PROTECTED]; to decode, wherever there is a repeated letter
(like "aa"), remove one of them (leaving, say, "a").
------------------------------
From: Eric Young <[EMAIL PROTECTED]>
Subject: Re: Fastest DES implementation on Intel PIII ?
Date: Sun, 26 Mar 2000 00:35:19 +1000
Paul Koning wrote:
>
> Pascal JUNOD wrote:
> >
> > Hi, I'm seeking the fastest DES implementation on the Intel platform.
>
> Don't know if it's the absolute best, but I'd think it's quite
> close at least -- look for Eric Young's libdes, in
> ftp://ftp.psy.uq.oz.au/pub/Crypto/DES
which is the same version that is in SSLeay and the same version
that is in OpenSSL.
The x86 assembler was optimized for the pentium, but it is still quite
good on x86-P6 CPUs.
eric
------------------------------
From: [EMAIL PROTECTED]
Subject: MD5 Mixing Function
Date: Sat, 25 Mar 2000 14:57:47 GMT
A lot of Pseudo RNG's use a one way Hash as a mixing function. What is
the basis for this? How does this work?
You start with few 100 bytes of "random pool" and pass them through a
Hash....Is the output more random? or is the Hash just used as a
compressor? ....
I also understand that PGP (earlier versions) use only the compression
part of MD5 , and some other schemes use the full message digest
function...what is the difference between the two approaches for
randomness and security?
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Uli Paya <[EMAIL PROTECTED]>
Crossposted-To:
uk.politics.parliament,uk.legal,uk.telecom,uk.politics.crime,talk.politics.crypto
Subject: DAS BILD "Der Doppelschrei" GEGEN RASSISMUS UND KRIEG
Date: Sat, 25 Mar 2000 17:20:01 +0100
==============084DD7A892A59301810C4073
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
>
>
>
> "DIESES BILD ZU DIESEN ZEITEN !"
> DAS BILD "Der Doppelschrei" GEGEN RASSISMUS UND KRIEG
>
>
> Bild: www.sos-mitmensch.at/doppelschrei/index.html
>
>
>
> Diese Bild heisst "Doppelschrei".
> Wieder kein Frieden im KOSOVO oder Tschetschenien.
> RASSISTISCHE Partei an der Macht in ÖSTERREICH.
>
>
>
> Was soll ich tun? Ich bin 'nur' Maler, ich kann die Welt 'nur' in ein
> Bild umsetzen. Aber was ist das für eine Welt heute? Was passiert da
> in Österreich? Sind wir nur Sklaven der Wirtschaft und Politik?
> Ich habe das Bild trauriges Mahnmal gegen den Krieg geschaffen, als
> eine Warnung vor Tendenzen der Verunmenschlichung, hervorgerufen durch
> Rassismus, Machtgier, Hass, Neid und Intoleranz. Das Plakat steht für
> den Mißbrauch von Macht und die damit verbundene politische Willkür.
>
>
>
>
>
>
>
>
>
>
>
>
>
> Kontakt:
>
> Uli Paya, [EMAIL PROTECTED]
>
> Das Doppelschreiplakat wird seit Dezember 1999, von SOS-Mimensch Wien
> unterstützt, europaweit gegen eine Spende verkauft. Ein vom Maler Uli
> Paya signiertes und nummeriertes Plakat kostet 320,-ÖS (26 EUR),
> Grösse: 60x84cm, und ist bestellbar per Nachnahme unter
> [EMAIL PROTECTED] oder per Einzahlung auf “SOS-Mitmensch”, Kontonr:
> 310-022-055-33, BLZ 20111, Erste Bank. Der Reinerlös kommt
> Wiederaufbauprojekten von der Diakonie Österreich in Radusha and
> Bojane in Mazedonien zugute.
>
>
>
>
>
>
>
> English
>
> This print ”Kosovo-Doublecry-1999” of the Austrian Artist Uli Paya is
> against war, racism and the political tendencies in AUSTRIA. It is
> against politics of racism and should remind us that every voter
> should have rensponsibility. I am only a painter and I can only paint.
> So I have to put the world of today into that painting. But what is
> happening in the world? In Austria?
>
> The print (60x84cm) is also available in Europe. Your contribution is
> handed over to a SOS-Mimensch supported helping project in Radusha and
> Bojane in Mazedonien. For your contribution (equivalent to 26,- EUR)
> you will receive one numbered and signed print. Ordering: C.O.D per
> Email: [EMAIL PROTECTED]
>
DAS BILD "Der Doppelschrei" GEGEN RASSISMUS UND KRIEG
==============084DD7A892A59301810C4073
Content-Type: text/html; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML>
<BODY TEXT="#000000" BGCOLOR="#FFFF99" LINK="#0000EE" VLINK="#551A8B" ALINK="#FF0000">
<BLOCKQUOTE TYPE="CITE">
<BR>
<BR>
<CENTER><TABLE BORDER=0 CELLPADDING=2 WIDTH="95%" >
<TR>
<TD WIDTH="100%" BGCOLOR="#FFFFFF" bordercolor="#000000">
<CENTER><B><FONT COLOR="#FF0000"><FONT SIZE=+3>"DIESES BILD ZU DIESEN ZEITEN
!"</FONT></FONT></B></CENTER>
</TD>
</TR>
</TABLE></CENTER>
<CENTER><B>DAS BILD "Der Doppelschrei" GEGEN RASSISMUS UND KRIEG</B>
<BR>
<P>Bild: www.sos-mitmensch.at/doppelschrei/index.html</CENTER>
</BLOCKQUOTE>
<BLOCKQUOTE TYPE="CITE">
<CENTER>
<P><B><FONT SIZE=+1><FONT COLOR="#FF0000">Diese Bild heisst "</FONT><FONT
COLOR="#000000">Doppelschrei</FONT><FONT COLOR="#FF0000">".</FONT></FONT></B>
<BR><B><FONT SIZE=+1><FONT COLOR="#FF0000">Wieder kein Frieden im </FONT><FONT
COLOR="#000000">KOSOVO</FONT><FONT COLOR="#FF0000">
oder </FONT><FONT COLOR="#000000">Tschetschenien</FONT><FONT
COLOR="#FF0000">.</FONT></FONT></B>
<BR><B><FONT SIZE=+1><FONT COLOR="#000000">RASSISTISCHE</FONT><FONT COLOR="#FF0000">
Partei an der Macht in </FONT><FONT COLOR="#000000">ÖSTERREICH</FONT><FONT
COLOR="#FF0000">.</FONT></FONT></B>
<BR>
<BR>
<P><B><FONT SIZE=+1><FONT COLOR="#000000">Was soll ich tun? Ich bin
<I>'</I></FONT><FONT COLOR="#FF0000">nur</FONT><FONT COLOR="#000000">'
Maler, ich kann die Welt <I>'</I></FONT><FONT COLOR="#FF0000">nur</FONT><FONT
COLOR="#000000">'
in ein Bild umsetzen. Aber was ist das für </FONT><FONT COLOR="#FF0000">eine
Welt</FONT><FONT COLOR="#000000"> heute? Was passiert da in </FONT><FONT
COLOR="#FF0000">Österreich</FONT><FONT COLOR="#000000">?
Sind wir nur Sklaven der </FONT><FONT COLOR="#FF0000">Wirtschaft und
Politik</FONT><FONT COLOR="#000000">?</FONT></FONT></B>
<BR><B><FONT SIZE=+1><FONT COLOR="#000000">Ich habe das Bild trauriges
Mahnmal gegen den Krieg geschaffen, als eine Warnung vor Tendenzen der
</FONT><FONT COLOR="#FF0000">Verunmenschlichung</FONT><FONT COLOR="#000000">,
hervorgerufen durch Rassismus, Machtgier, Hass, Neid und Intoleranz. Das
Plakat steht für den Mißbrauch von Macht und die damit verbundene
politische Willkür.</FONT></FONT></B></CENTER>
<BR>
<P><BR>
<BR>
<BR>
<BR>
<BR>
<BR>
<BR>
<BR>
<BR>
<BR>
<P style="line-height: 5px; padding-top: -9px; padding-bottom: -9px"><B><FONT
COLOR="#FFF03C"><FONT SIZE=+2>Kontakt:</FONT></FONT></B>
<P style="line-height: 5px; padding-top: -9px; padding-bottom: -9px"><B><FONT
COLOR="#008000"><A HREF="mailto:[EMAIL PROTECTED]"><FONT SIZE=+1>Uli
Paya, </FONT>[EMAIL PROTECTED]</A></FONT></B>
<P style="padding-top: -9px; padding-bottom: -9px"><B>Das Doppelschreiplakat
wird seit Dezember 1999, von <FONT SIZE=+1><A
HREF="http://www.sos-mitmensch.at">SOS-Mimensch
</A></FONT>Wien
unterstützt, <FONT COLOR="#990000">europaweit </FONT>gegen eine <FONT
SIZE=+1>Spende</FONT>
verkauft. Ein vom Maler Uli Paya signiertes und nummeriertes Plakat kostet
320,-ÖS (26 EUR), Grösse: 60x84cm, und ist bestellbar per
Nachnahme unter <FONT COLOR="#006600"><A
HREF="mailto:[EMAIL PROTECTED]">[EMAIL PROTECTED]
</A></FONT>oder per Einzahlung auf <FONT COLOR="#008040"><FONT
SIZE=+1>“SOS-Mitmensch”,</FONT>
Kontonr: 310-022-055-33, BLZ 20111, Erste Bank. </FONT><FONT SIZE=+0>Der
Reinerlös kommt Wiederaufbauprojekten von der Diakonie Österreich
in Radusha and Bojane in Mazedonien zugute.</FONT></B>
<BR>
<BR>
<BR>
<BR>
<BR>
<BR>
<BR>
<BR>
<CENTER>
<P><B><FONT COLOR="#990000"><FONT SIZE=+3>English</FONT></FONT></B>
<P><B><FONT SIZE=+1><FONT COLOR="#990000">This print ”Kosovo-Doublecry-1999”
of the Austrian Artist Uli Paya is against war, racism and the political
tendencies in AUSTRIA. It is against politics of racism and should remind
us that every voter should have rensponsibility. I am </FONT><I><FONT
COLOR="#000000">only</FONT></I><FONT COLOR="#990000">
a painter and I can </FONT><I><FONT COLOR="#000000">only</FONT></I><FONT
COLOR="#990000">
paint. So I have to put the world of today into that painting. But what
is happening in the world? In Austria?</FONT></FONT></B>
<P><B><FONT COLOR="#990000">The print (60x84cm) is also available in Europe.
Your contribution is handed over to a </FONT><A
HREF="http://www.sos-mitmensch.at">SOS-Mimensch
</A><FONT COLOR="#990000">supported
helping project in Radusha and Bojane in Mazedonien. For your contribution
(equivalent to 26,- EUR) you will receive one numbered and signed print.
Ordering: C.O.D per</FONT></B> <B><FONT COLOR="#990000">Email:
</FONT><FONT COLOR="#006600"><A
HREF="mailto:[EMAIL PROTECTED]">[EMAIL PROTECTED]</A></FONT></B></CENTER>
</BLOCKQUOTE>
<CENTER>
<P><BR><B>DAS BILD "Der Doppelschrei" GEGEN RASSISMUS UND KRIEG</B></CENTER>
<BR>
<P><BR>
<BR>
<BR>
<BR>
<BR>
<BR>
<BR>
</BODY>
</HTML>
==============084DD7A892A59301810C4073==
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: Re-seeding PRNG's in central key distribution systems
Reply-To: [EMAIL PROTECTED]
Date: Sat, 25 Mar 2000 16:56:14 GMT
Bryan Olson <[EMAIL PROTECTED]> wrote:
: [EMAIL PROTECTED] wrote:
[PRNGs for key generaion]
:> There are *plenty* of RNGs that fit this bill in the literature.
: Correct, and the requirements on PRNGs for key generation
: are even stronger. Specifically, even given the state
: of the PRNG, one should not be able to determine previous
: outputs. This is not usually a requirement on stream-cipher
: PRNGs, and thus a strong stream cipher is not automatically
: good for key generation. One should not, for example, use
: RC4.
I find your post difficult to interpret.
You say "given the state of the PRNG".
You mean the *entire* internal state? If so, I don't see why this
requirement is a necessary one for a PRNG used for key generation.
If you have the *entire* internal state you can predict future output.
This would be very bad. Attackers should not be able to obtain the entire
internal state of the PRNG in the first place.
The ability to work "backwards" from such an internal state might make
the disaster /slightly/ worse, I suppose - but most effort should probably
be directed at avoiding the disaster in the first place.
*If* you just mean that given some output of the PRNG you should not be
able to determine any previous outputs, this also appears to be a
necessary property for any sort of secure stream cypher that
generates a random stream and then combines it with the message.
--
__________
|im |yler The Mandala Centre http://www.mandala.co.uk/ [EMAIL PROTECTED]
Won't talk was *made* to talk.
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: OAP-L3: Answer me these?
Date: Sat, 25 Mar 2000 18:20:27 +0100
[EMAIL PROTECTED] wrote:
>
> In a previous article, "Tom St Denis" <[EMAIL PROTECTED]> writes:
> [---cut---]
> >There is no such thing as a OTP bit flipping attack. You are making things
> >up now.
> [---cut---]
>
> There _is_ such thing as a bit flipping attack against Vernam ciphers, and
> OTPs are usually implemented as Vernam ciphers. The subject of bit flipping
> attacks has in fact been heavily discussed in a number of threads the last
> couple of weeks.
To my humble knowledge, the Vernam OTP, if it is an ideal one
(i.e. satisfying all the theoretical assumptions, though
unfortunately not practically obtainable), is perfectly
secure according to a theorem of Shannon. Thus it can't be the
case that there is any viable attack. If it is not an ideal one,
then it doesn't deserve that name (without any qualification) in
my view. Perhaps you could substantiate your claim with some
concrete details. Thanks.
M. K. Shen
------------------------------
Crossposted-To: talk.politics.crypto
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: OAP-L3: Answer me these?
Reply-To: [EMAIL PROTECTED]
Date: Sat, 25 Mar 2000 17:05:54 GMT
In sci.crypt Anthony Stephen Szopa <[EMAIL PROTECTED]> wrote:
: Joseph Ashwood wrote:
:> Claim 5) 01234567890123456789... is biased
:> Reality 5) Each output digit will occur an exactly equal
:> number of times making a bias of exactly zero
: 2) CASE: idiot. "01234567890123456789... Each output digit will
: occur an exactly equal number of times making a bias of exactly
: zero." Not quite. Bias refers to any patterns that can be
: discerned and exploited cryptoanalytically. [...]
From: http://ntia.its.bldrdoc.gov/fs-1037/dir-004/_0587.htm
Definition: bias
bias: 1. A systematic deviation of a value from a reference value. [...]
2. The amount by which the average of a set of values departs from a
reference value. [...]
"01234567890123456789..." would be legitimately regarded by many as an
unbiased stream of digits - since each digit occurs with equal frequency,
and thers is no bias in the frequencies favouring any particular digit.
--
__________
|im |yler The Mandala Centre http://www.mandala.co.uk/ [EMAIL PROTECTED]
Many are cold, but few are frozen.
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: OAP-L3: Answer me these?
Reply-To: [EMAIL PROTECTED]
Date: Sat, 25 Mar 2000 17:14:34 GMT
Tom St Denis <[EMAIL PROTECTED]> wrote:
: Um no. No real OTP can be cryptanalyzed. You would have to either break
: the RNG used to encrypt or bribe etc..
: There is no such thing as a OTP bit flipping attack. You are making things
: up now.
Bit flipping attacks on OTP's do *not* attempt to get the message from the
cyphertext. An ideal OTP is immune from attackers getting information
from the message contents.
Bit-flipping attacks attempt to *modify* the cyphertext in transit, to
produce another, different message, which is apparently encrypted by the
same OTP.
If you have (say) a complete known-plaintext for a message, you have
access to the random stram with which it was encrypted. You can use this
to send fake messages to the recipient, which appear to be correctly
encrypted with the same random stream.
Of course this is *only* a problem if the messages are not signed -
or there's some compromose of the signature scheme used.
--
__________
|im |yler The Mandala Centre http://www.mandala.co.uk/ [EMAIL PROTECTED]
That's just peanuts to space.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
