Cryptography-Digest Digest #441, Volume #11 Wed, 29 Mar 00 05:13:01 EST
Contents:
Re: Download Random Number Generator from Ciphile Software (Anthony Stephen Szopa)
OAP-L3: Semester 1 / Class #1 All are invited. (Anthony Stephen Szopa)
Re: ecc equation ("Joseph Ashwood")
Re: ecc equation (Paul Rubin)
Crud! (NFN NMI L.)
Re: Using Am-241 to generate random numbers (NFN NMI L.)
Re: OAP-L3: Semester 1 / Class #1 All are invited. (NFN NMI L.)
Re: Examining random() functions ("Douglas A. Gwyn")
Re: Sunday People 26/3/2000: "FORGET YOUR PASSWORD... END UP IN JAIL" ("Douglas A.
Gwyn")
Re: OAP-L3: Semester 1 / Class #1 All are invited. (pgp651)
Re: Download Random Number Generator from Ciphile Software (pgp651)
Re: Is it really NSA ?! ("Douglas A. Gwyn")
Re: Scramdisk & Steganos (pgp651)
Re: ecc equation (Nigel Smart)
Re: Cryptomat.com ("Borys Pawliw Newsgroups")
Re: http://www.cryptomat.com ("Borys Pawliw Newsgroups")
----------------------------------------------------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto
Subject: Re: Download Random Number Generator from Ciphile Software
Date: Tue, 28 Mar 2000 22:36:51 -0800
Taneli Huuskonen wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> In <[EMAIL PROTECTED]> Anthony Stephen Szopa
> <[EMAIL PROTECTED]> writes:
>
> [...]
> >My position is that the theory upon which OAP-L3 is based is
> >fundamentally simple. So simple that one versed in possible
> >attacks should be able to reasonably suggest any if they seemed
> >to have potential of success.
>
> >I just haven't heard of one yet.
>
> >I would like to hear of one if one should exist.
>
> I told you about a weakness in your random number generator, but you
> didn't understand my explanation and therefore concluded I was mistaken.
>
> I then suggested an excercise for you, where a similar phenomenon occurs
> in a much simpler setting. That's a very useful technique in learning
> mathematics: if you can't solve a problem, try if you can solve a
> related but easier problem. If you can, you may be able to apply
> similar methods to solve the original problem. In the attack I'd hinted
> at, you'd have to consider four different lines of a huge array of
> permutations at a time. In my excercise, you started with three
> arbitrary permutations and formed four more, two of which would've been
> exactly the same. However, looks like my suggestion confused the hell
> out of you. I guess I could've been clearer about what I was aiming at.
> In my job, I make up little homework problems for students without a
> second thought, and somehow I've grown to expect that just mentioning
> the word "excercise" is enough.
>
> At any rate, I'm not going to try to teach you math any more. I'm going
> to issue a concrete challenge.
>
> IF you agree to do the following:
>
> 1) Post the source code for the part of your PRNG that takes as input
> three sets of 10! permutations of the numbers 0 through 9 each, and
> outputs up to (10!)^2 random digits according to the description on
> your Web page.
>
> 2) Make one hundred files of a thousand digits each available on your
> Web site, with the n'th file containing digits (10!)n through
> (10!)n+999 of the output stream of the PRNG. You may use any three sets
> of 10! permutations as input to the PRNG, whether mixed with your
> programme or not.
>
> 3) No later than four weeks after completing (2) above, you publish the
> three sets of permutations that you used as input to produce the files
> you published in step (2).
>
> THEN I claim I can do the following:
>
> I post at least a thousand output digits of the PRNG, with the
> corresponding offsets, which aren't contained in the published output.
> I complete this within two weeks of you completing (2).
>
> If you agree and I fail, I agree to pay you USD 1000.00 (one thousand
> United States dollars). I send the money no later than four weeks after
> you complete step (3).
>
> You may agree to pay me any non-negative sum of money you wish in case I
> succeed. I consider the amount to be indicative of your trust in your
> own programme. I will even send you beforehand half of that amount
> or $200, whichever is less, so you don't need to decline because of your
> lack of trust in my honesty.
>
> In short, $1,000 say the attack I hinted at is real. I don't want to
> speculate on whether it can be expanded to a full-blown attack to
> break your code, but it's definitely a weakness.
>
> Taneli Huuskonen
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGPfreeware 5.0i for non-commercial use
> Charset: noconv
>
> iQA/AwUBOODSX1+t0CYLfLaVEQJTQACg8J4K6qo111/57SeB4WEsGbAzJPUAniGy
> yTz8+MP51aOFte7lelZSYvN1
> =Zx+m
> -----END PGP SIGNATURE-----
> --
> I don't | All messages will be PGP signed, | Fight for your right to
> speak for | encrypted mail preferred. Keys: | use sealed envelopes.
> the Uni. | http://www.helsinki.fi/~huuskone/ | http://www.gilc.org/
I want to start a new thread. This thread is complete chaos.
It is posted now with the following title:
OAP-L3: Semester 1 / Class #1 All are invited.
See this post.
And keep your money.
Thank you.
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto
Subject: OAP-L3: Semester 1 / Class #1 All are invited.
Date: Tue, 28 Mar 2000 22:37:31 -0800
OAP-L3: Semester 1 / Class #1 All are invited.
Thank you for attending the first class in the first semester of
OAP-L3 encryption software package.
This first semester will concentrate on the random digit generator.
Here is your first assignment: you must have obtained either
OAP-L3 or OAR-L3 and read the Help Files and completed all
tutorials in all the Help Files.
You can obtain OAR-L3 by downloading it directly at
http://www.ciphile.com from the Downloads Currently Available
web page.
You can get OAP-L3 by going to the Pricing & Ordering web page and
clicking on the blue anchor tag in the third paragraph and sending
us the email with the preprinted statement in the subject header.
(Read the License Agreement web page.)
If you wish to be recognized you must post concise points for
discussion or questions that do not in any way indicate that
you do not have the software or have not completed the tutorials.
If I think you are making a point or asking a question that
indicates you have not done your homework you will not be
recognized.
None of you should expect any of us to entertain you if you have
not done your homework while the rest of us have.
Class has ended and will resume within a week. Hope to see you
here.
Title of next week's class: OAP-L3: Class #2 - Very Brief
Introduction then we will proceed with Mr. Huuskonen's point about
the random number generator possibly having a weakness.
Thank you.
------------------------------
From: "Joseph Ashwood" <[EMAIL PROTECTED]>
Subject: Re: ecc equation
Date: Tue, 28 Mar 2000 23:31:00 -0000
Ok, while we're on the subject, are there any other
essential math books I should add to my collection, or any
other really good ones on pretty much any subject.
Joe
------------------------------
From: [EMAIL PROTECTED] (Paul Rubin)
Subject: Re: ecc equation
Date: 29 Mar 2000 07:36:14 GMT
In article <e090ZDVm$GA.244@cpmsnbbsa05>,
Joseph Ashwood <[EMAIL PROTECTED]> wrote:
>Ok, while we're on the subject, are there any other
>essential math books I should add to my collection, or any
>other really good ones on pretty much any subject.
Yes, there are lots. Maybe you could say what subjects you're
interested in. Sci.math is also a good place to ask.
Btw, I'm kind of disappointed with HAC. It's mostly the same
stuff as in Schneier's AC2, presented more formally but without
the deeper theory that I'd hoped for.
------------------------------
From: [EMAIL PROTECTED] (NFN NMI L.)
Subject: Crud!
Date: 29 Mar 2000 07:38:48 GMT
Aw, nuts. I just posted a really cool reply to that announcement of the
creation of sci.crypt.random-numbers, but I was reading sci.physics at the
time. Oh well. Go look for it there.
What the heck is an announcement about sci.crypt.random-numbers doing on
sci.physics anyways?
S. T. "andard Mode" L.
------------------------------
From: [EMAIL PROTECTED] (NFN NMI L.)
Subject: Re: Using Am-241 to generate random numbers
Date: 29 Mar 2000 07:42:09 GMT
<<I'm not sure what phenomenon does this,
but there must be many.>>
Not really. Space is better known for great clocks than great RNGs. Maybe you
could use Eta Carinae: if it's going supernova, set the bit to 1, otherwise 0.
There are problems with that setup, of course.
<< You and your friend meet and agree that at fixed
times you will monitor and record the process. The reason this works is
because there are millions of targets (out of 10^20 stars>>
The NSA will quickly figure out something's amiss when privacy nuts start
building big radiotelescopes in their backyards.
Give me HotBits anyday.
S. T. "andard Mode" L.
------------------------------
From: [EMAIL PROTECTED] (NFN NMI L.)
Subject: Re: OAP-L3: Semester 1 / Class #1 All are invited.
Date: 29 Mar 2000 07:46:11 GMT
"Is it time for another one of these already? Oh, bother."
Sound familiar?
S. T. "andard Mode" L.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Examining random() functions
Date: Wed, 29 Mar 2000 07:56:25 GMT
Johnny Bravo wrote:
> A good RNG should pass every test, as should the output of a good
> cipher.
Only if the ciphertext is no larger than the plaintext (and if the
system is capable of enciphering arbitrary plaintext). And even then
it is true only in a statistical sense; a perfect encryption can
sometimes produce a highly patterned ciphertext for a *particular*
combination of key and plaintext. Such ciphertext would fail tests
like those in Diehard, but that doesn't mean that the plaintext can
be recovered.
I think this approach has only marginal relevance for cryptosystem
testing. The *real* question should be how hard it is to thwart the
system's security goals, and this kind of testing doesn't directly
address that.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Sunday People 26/3/2000: "FORGET YOUR PASSWORD... END UP IN JAIL"
Date: Wed, 29 Mar 2000 08:02:02 GMT
wtshaw wrote:
> Let us start with the biggest concentration of those who might have their
> weapons abused, to test the benefits of such requirements: If LE must use
> only mandated smart guns, whether they would do so without complaint would
> speak volumes about their faith in the technology. If they cannot accept
> them, then....why should we?
Indeed, one of our Founding Fathers (I forget which) said in effect:
If you can't trust the ordinary citizen with some thing, how in h*ll
can you trust a agent of the government with the same thing?
To bring this back onto topic, the same can be asked about secrecy.
------------------------------
Date: 29 Mar 2000 08:09:53 -0000
From: pgp651 <Use-Author-Address-Header@[127.1]>
Subject: Re: OAP-L3: Semester 1 / Class #1 All are invited.
Crossposted-To: talk.politics.crypto
STOP THIS SPAM, PLEASE
On Tue, 28 Mar 2000, Anthony Stephen Szopa <[EMAIL PROTECTED]> wrote:
>OAP-L3: Semester 1 / Class #1 All are invited.
------------------------------
Date: 29 Mar 2000 08:10:01 -0000
From: pgp651 <Use-Author-Address-Header@[127.1]>
Subject: Re: Download Random Number Generator from Ciphile Software
Crossposted-To: talk.politics.crypto
STOP THIS SPAM, PLEASE
On Tue, 28 Mar 2000, Anthony Stephen Szopa <[EMAIL PROTECTED]> wrote:
OAP-L3
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Is it really NSA ?!
Date: Wed, 29 Mar 2000 08:19:07 GMT
[EMAIL PROTECTED] wrote:
> ... I suggest to Disastry that you might
> consider asking the hacker community if they
> have heard of "Spookweb" (some of them who
> have hacked government systems may have
> seen this term). I myself have fantasized
> about hacking the NSA ...
The actual Intelligence community classified network
is disjoint from the public Internet, and also uses
Type I link-level encryption.
That's not to say that human screw-ups can't create
vulnerabilities, such as a (necessarily unauthorized)
Red/Black interconnection somewhere, but the point
is that "hacking" that network is not as simple as
you might think judging by the public Internet.
P.S. It wouldn't make sense for actual intelligence
agencies to label their activities with terms like
"SpookWeb" that convey the nature of the activities
too clearly to an eavesdropper. "SpookWeb" sounds
like some juvenile's brainstorm.
------------------------------
Date: 29 Mar 2000 08:40:43 -0000
From: pgp651 <Use-Author-Address-Header@[127.1]>
Subject: Re: Scramdisk & Steganos
Don't you have enough reasons ?
On Tue, 28 Mar 2000, "RecilS" <[EMAIL PROTECTED]> wrote:
>Just curious. I keep hearing loads about scramdisk, but I use
>Steganos II and I've heard nothing about it's disk encryption feature
>which is very similar to scramdisk.
How do you know this ?
> Obviously it's not freeware
Worse, it is secret application, isn't it ?
> but
>are there any other reasons Steganos would be inferior?
Don't you have enough reasons ?
------------------------------
From: Nigel Smart <[EMAIL PROTECTED]>
Subject: Re: ecc equation
Date: Wed, 29 Mar 2000 08:51:02 GMT
Bob Silverman wrote:
>
> (2) There are no cookbook descriptions of Schoof's algorithm and
> none of the Atkins/Elkies extensions which make it practical.
>
>
Actually an almost cook book description is given in our book
http://www.hpl.hp.com/research/itc/csl/vcd/infotheory/ellipbook.htm
and I have recieved emails off people saying that just given the outline in
our book and no other knowledge they have implemented a working SEA algorithm.
>
> May I suggest you get hold of the following:
>
> H. Cohen
> A Course in Computational ALgebraic Number Theory, Springer-Verlag
>
> This book is SUPERB.
> If you can read this, you can probably handle Schoof's algorithm.
>
Totally agreed. Cohen's book is really good and along with HAC should be
on everyones books shelf.
> *I* have never implemented Schoof's algorithm (never found the time),
> and it would take me quite a bit of work to learn the details.
>
Go on have a go, its not that hard.
Nigel
--
Dr Nigel P. Smart | Phone: +44 (0)117 954 5163
Computer Science Department, | Fax: +44 (0)117 954 5208
Woodland Road, | Email: [EMAIL PROTECTED]
University of Bristol, BS8 1UB, UK | URL: http://www.cs.bris.ac.uk/~nigel/
------------------------------
From: "Borys Pawliw Newsgroups" <[EMAIL PROTECTED]>
Subject: Re: Cryptomat.com
Date: Wed, 29 Mar 2000 19:45:05 +1000
Have sent an email to Green Cathedral asking for details as to their exact
relationship with http://www.cryptomat.com, will let you know what reply I
receive...
Borys Pawliw.
John A. Malley <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Cryptomat.com is registered to Bright Grey Ventures in Cambridge, UK,
> according to a WHOIS query at NetworkSolutions.com.
>
> The addresses and telephone contact info for admin contact and billing
> contact are for Green Cathedral Ltd, a web site development company (see
> http://www.greencathedral.com.)
>
> Bright Grey Ventures (CRYPTOMAT-DOM)
> The Barn, Longstanton
> Cambridge, CB4 5BP
> UK
>
> Domain Name: CRYPTOMAT.COM
>
> Administrative Contact:
> Managing Director (MD736-ORG) [EMAIL PROTECTED]
> Green Cathedral Ltd
> The Barn, Longstanton
> Cambridge
> UK
>
> +44 1954 204000
> Fax- +44 1954 204001
>
> Billing Contact:
> Financial Director (FD257-ORG) [EMAIL PROTECTED]
> Green Cathedral Ltd
> The Barn, Longstanton
> Cambridge
> UK
>
> +44 1954 204000
> Fax- +44 1954 204001
>
> Record last updated on 12-Dec-1999.
> Record created on 12-Dec-1999.
> Database last updated on 27-Mar-2000 11:49:50 EST.
>
>
> So it appears (?) that Bright Grey Ventures is (probably) owned by Green
> Catherdral?
>
> Interesting enough, Green Cathedral spawned Clickstream Technologies in
> February 1999, "a wholly owned
> subsidiary which develops, licences and markets a range of tracking
> products based on Clickstream." Clickstream is a product designed to
> track all activity of web site visitors.
>
> From the Clickstream web site, "Clickstream's autonomous page-side
> tracking components are embedded in Web pages, graphics, adverts, shows,
> games,channels and any other transmitted objects that site creators can
> dream up for their audience. Coupled with Clickstream's server-side
> database software, the page-side "agents" track what individual people
> actually do whilevisiting a Web site. And what they do when they're
> "off-line". Clickstream is a response to the now considerable demand
> formore accurate, more comprehensive, more intelligent visitor tracking
> and traffic analysis tools."
>
> ( See http://www.clickstream.net/techno.html)
>
> Clickstream and all other web sites developed or owned by Green
> Cathedral bear the Green Cathedral copyright in their HTML source.
>
> HMTL source from cryptomat.com does NOT bear the Green Cathedral
> copyright "boilerplate" text.
>
> If you run their cgi script directly,
> http://www.cryptomat.com/cgi-bin/tracer.cgi, you'll see that to get to
> cryptomat.com (195.224.241.23) the traffic passes through
> clickstream.greencathedral.co.uk (195.224.241.111) (according to the
> script, that is. I don't know if that is REALLY where the traffic goes
> but I'm taking it at face value here.)
>
> http://clickstream.greencathedral.co.uk/ brings up an authentication
> dialog with a product called Netsaint Access which is running on a Zeus
> web server. A log of who's been visiting from where?
>
> I have no idea why Bright Grey Venture/Green Cathedral is trying to set
> up something like the cryptomat site. Cryptomat.com is a hobbled
> demonstration of "cryptanalysis."
>
> Anyone have any idea what's behind cryptomat.com?
>
>
> John A. Malley
> [EMAIL PROTECTED]
------------------------------
From: "Borys Pawliw Newsgroups" <[EMAIL PROTECTED]>
Subject: Re: http://www.cryptomat.com
Date: Wed, 29 Mar 2000 19:56:22 +1000
I sent them a PGP 6.5.3 encrypted ciphertext message, with a few tricks to
it...:
1) The beginning and end of the plaintext I used was a series of numbers and
characters such as #$^%, just to make a known/attempted plaintext attack a
little harder...
2) The ciphertext was modified a bit, so that the first character in each
l64 charctare line of ciphertext, if it was upper case, was changed to
lowercase and vice-versa...
I guess that would have stumped them more than the average PGP message...
Borys Pawliw
JimD <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> On Sat, 25 Mar 2000 11:51:49 +1100, "Borys Pawliw Newsgroups"
<[EMAIL PROTECTED]>
> wrote:
>
> >-----BEGIN PGP SIGNED MESSAGE-----
> >Hash: SHA1
> >
> >- -----BEGIN PGP SIGNED MESSAGE-----
> >Hash: SHA1
> >
> >Am presently investigating the site http://www.cryptomat.com, the
> >individual(s) behind which claim to be able to decipher ciphertext
> >that was encrypted with supposedly secure, publicly available strong
> >protocols (assume PGP et al). They even offer a service where you
> >send then ciphertext and they will decrypt a portion of it as a
> >demonstration of their abilities. I tried this service, but as of yet
> >have not received any reply (11 days as of 25th March).
>
> What did you send them?
>
> --
> Jim Dunnett.
> dynastic at cwcom.net
> Exiled in Somerset
> Right at the heart of England's BSE Industry.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
