Cryptography-Digest Digest #444, Volume #11 Wed, 29 Mar 00 17:13:01 EST
Contents:
Re: Can anyone decrypt this? (Jim Gillogly)
Re: Sunday People 26/3/2000: "FORGET YOUR PASSWORD... END UP IN JAIL" (JimD)
Re: new Echelon article (JimD)
Re: Using Am-241 to generate random numbers (JimD)
Re: The lighter side of cryptology (Wim Lewis)
Re: ecc equation (d g)
Re: OAP-L3: Answer me these? (Jerry Coffin)
Re: The lighter side of cryptology ([EMAIL PROTECTED])
Re: Using Am-241 to generate random numbers (Bob Silverman)
Re: Q: Differencing time series (Mok-Kong Shen)
Re: Crud! ([EMAIL PROTECTED])
Re: How weak is WeakCipher? ([EMAIL PROTECTED])
Re: How are these passwords? (Steve K)
Re: Opinions? (Mok-Kong Shen)
Re: Improvement on Von Neumann compensator? (Mok-Kong Shen)
Re: Opinions? (Darren New)
Newbie, Where should I start, ("Jerry (Honey) Gehling")
Re: Examining random() functions (Mok-Kong Shen)
----------------------------------------------------------------------------
From: Jim Gillogly <[EMAIL PROTECTED]>
Subject: Re: Can anyone decrypt this?
Date: Wed, 29 Mar 2000 19:14:40 +0000
[EMAIL PROTECTED] wrote:
>
>
>$N!FZ@GW?CW$AYY!G@WC@AY?V!FYX$Y@H@G+X?R$FAG@$Y?G@*BA!FBY*Y?Y@ZY!Q@YX$YVG!W!?FZB@AG@Y$FZR+BY@G+Y!@HG+
>
> I know it is simply a substution encryption scheme, but I can't get it?
Do a frequency count. It's in English, so try to identify the most common
letters: E, T, A, O, I, N and so on. If you get stuck, look for pattern
words... the word THAT appears in it. Often the beginning and ending of
a cryptogram are the easiest entries, but ignore the end this time: they
truncated the Dickens quote.
--
Jim Gillogly
Sterday, 8 Astron S.R. 2000, 19:12
12.19.7.1.8, 6 Lamat 16 Cumku, First Lord of Night
------------------------------
From: [EMAIL PROTECTED] (JimD)
Crossposted-To:
uk.media.newspapers,uk.legal,alt.security.pgp,alt.privacy,uk.politics.parliament,uk.politics.crime,uk.politics.censorship
Subject: Re: Sunday People 26/3/2000: "FORGET YOUR PASSWORD... END UP IN JAIL"
Reply-To: JimD
Date: Wed, 29 Mar 2000 18:16:59 GMT
On Tue, 28 Mar 2000 22:15:57 GMT, [EMAIL PROTECTED] (Dan Day) wrote:
>On Mon, 27 Mar 2000 19:19:11 +0100, "PJS" <[EMAIL PROTECTED]> wrote:
>>>
>>>2 - Get on to your MP and complain like hell!
>>-----------
>>3 - Assassinate Jack Straw.
>
>Now we know why England cleverly banned most civilian firearms
>in advance, before they started passing the oppressive laws.
Not just England. Scotland and Wales as well!
--
Jim Dunnett.
dynastic at cwcom.net
He who laughs last doesn't
get the joke.
------------------------------
From: [EMAIL PROTECTED] (JimD)
Subject: Re: new Echelon article
Reply-To: JimD
Date: Wed, 29 Mar 2000 18:17:02 GMT
On Wed, 29 Mar 2000 12:35:52 GMT, [EMAIL PROTECTED] (Lincoln Yeoh)
wrote:
>On Sat, 25 Mar 2000 11:09:53 +0000, [EMAIL PROTECTED] wrote:
>
>>Is there anyway to insert crypto hardware into cellphones?
>
>Well I know someone who modified his phone to do strong crypto when he
>dialled a particular number. Not sure about the details.
>
>I'm wondering if GSM phones can be modified so that the "fixed bits" can be
>"unfixed". Would that require changes at the exchange too?
>
>I get the impression that everything becomes plaintext at the GSM exchange,
>and then reencrypted. So it's not much point anyway if you want encryption
>all the way.
It's worse than that: encryption is only on the radio path from
the handset to the node. Anything on microwave from the node
to the line is fair game.
Only secure way is end-to-end encryption using a private system.
(But consider also that ALL your correspondents would have to be
suitably equipped).
--
Jim Dunnett.
dynastic at cwcom.net
He who laughs last doesn't
get the joke.
------------------------------
From: [EMAIL PROTECTED] (JimD)
Subject: Re: Using Am-241 to generate random numbers
Reply-To: JimD
Date: Wed, 29 Mar 2000 18:17:01 GMT
On Tue, 28 Mar 2000 18:41:30 -0500, "Jed Rothwell" <[EMAIL PROTECTED]>
wrote:
>There may be other sources of random noise source broadcast on radio,
>com-sat, or Internet that you and your correspondent could both tune into
>anonymously...
Noise from a TV, tuned to a unused channel will do fine.
--
Jim Dunnett.
dynastic at cwcom.net
He who laughs last doesn't
get the joke.
------------------------------
From: [EMAIL PROTECTED] (Wim Lewis)
Subject: Re: The lighter side of cryptology
Date: 29 Mar 2000 19:22:01 GMT
In article <[EMAIL PROTECTED]>,
Johnny Bravo <[EMAIL PROTECTED]> wrote:
> For pi to 6 decimal places
> How I wish I could calculate Pi!
>
> to 14 decimal places.
> How I want a drink, alcoholic of course,
> after the heavy chapters involving quantum mechanics.
>
> to 30 decimal places.
> Sir, I send a rhyme excelling
> in sacred truth and rigid spelling;
> numerical sprites elucidate, for me
> the lexicons dull weight. As
> nature gain who can complain,
> tho Dr Johnson fulminate.
An impressive pi to 740 decimals:
http://members.aol.com/s6sj7gt/mikerav.htm
Not as useful as a mnemonic device, unfortunately.
--
Wim Lewis * [EMAIL PROTECTED] * Seattle, WA, USA
------------------------------
From: d g <[EMAIL PROTECTED]>
Subject: Re: ecc equation
Date: 29 Mar 2000 11:41:35 -0800
"Joseph Ashwood" <[EMAIL PROTECTED]> writes:
> Ok, while we're on the subject, are there any other essential math
> books I should add to my collection, or any other really good ones
> on pretty much any subject.
I really like the Bach and Shallit book. It is very well researched
and has notes at the end of each section and great exercises - its
style is reminiscent of Knuth's books. It covers a number of topics
relevant to the application of number theory to cryptography.
http://math.uwaterloo.ca/~shallit/ant.html
The coverage overlaps somewhat with Cohen's book referenced earlier in
this thread.
Regards,
==
Dipankar
------------------------------
From: Jerry Coffin <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto
Subject: Re: OAP-L3: Answer me these?
Date: Wed, 29 Mar 2000 13:02:15 -0700
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
says...
[ ... ]
> If frequency is the same as bias, why did they apply the word
> bias to describe the same thing in a science? Could it have been
> that a lazy scientist felt it would be less effort to write or
> speak the word bias instead of frequency because bias only has
> four letters and two syllables while frequency has nine letters
> and three syllables?
If you'd read and understood what I said, you'd realize that bias
does NOT refer simply to frequency. It refers to a difference in
relative frequency. Inventing language that allows one to speak and
think efficiently is a LONG ways from simply being laziness. In
fact, it's been argued (in a way that I have to admit that I consider
quite effective) that this was (and remains) a necessity for humans
to become fully conscious.
> Do you know the name of this news group? It is sci.crypt. It
> refers to cryptography. My definition of "bias" is the one in
> the field of cryptography. What field of study does your
> definition of "bias" relate to?
Your definition of bias is NOT the one used in any field I've ever
heard of, and CERTAINLY NOT the one used in cryptography. Just for
example, the _Handbook of Applied Cryptography_ says (section 5.2
(iii)):
...random bits may be defective in that he output bits
may be biased (the probability of the source emitting a
1 is not equal to 1/2) or correlated (the probability
of the the source emitting a 1 depending on previous
bits emitted).
That obviously deals only with binary representations -- if you're
dealing with other representations, there are obviously possibilities
other than 0 and 1, and bias would be a relative frequency of a
particular symbol not being equal to 1/N, where N is the number of
symbols in the set. For example, in older books in cryptography
where the symbol set is composed of capital letters (in English) a
bias would be where the relative frequency of each letter was
something other than 1/26.
Of course for any real sequence, some bias is almost inevitable. If
the size of the sequence is not an exact multiple of the size of the
set it is unavoidable, and even if it was an exact multiple you'd
want to allow some bias anyway: otherwise, the final symbol to be
produced in any sequence is fully correlated (i.e. completely
predictable).
> I could go on but certainly your irrelevant insistence borders
> on something other than the search for truth.
Quite the contrary. What's really happening is about equivalent to
your looking up at a clear blue sky and trying to convince the rest
of us that it's really purple with pink polka-dots.
You can't change reality by simply claiming that it doesn't exist.
> We would all like to hear from you why the theory is bogus with
> factual support of your position.
I'm curious as to exactly how you think you represent when you say
"we would all", but I guess that's more or less beside the point.
To comment on why your theory is bogus, we first need a coherent
presentation of the theory. After reading your web page for FAR more
time than it justified, I've come up with a coherent formulation of
your theory. Your theory is that by throwing around a bunch of large
numbers, you'll convince some people to buy your garbage.
This theory is NOT bogus. There are enough stupid people in the
world that it's probably fairly accurate.
At least based on the operation of your program, you appear to have
another theory: you theorize that by making your program extremely
time-consuming and difficult to use that it will impress the
unitiated with the high level of security provided. This theory
probably isn't bogus either.
Theory about security is a whole different story. First of all, you
simply haven't stated a theory, so nobody can say whether it's bogus
or not. Second, even a sound theory can produce useless results when
actually applied to cryptography. Lots of people have had theories
about how to produce ciphers nobody could break, and many of them
have produced ciphers based on those theories. In many cases the
theories were (and are) even reasonably sound, but the ciphers have
often been broken nonetheless.
--
Later,
Jerry.
The universe is a figment of its own imagination.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: The lighter side of cryptology
Date: Wed, 29 Mar 2000 19:56:09 GMT
> There's a young cryptographer who begets
> with primal algo*rhythmic* nymphettes,
> bed distributively,
> inputing constantly,
> they produce series of prime n-tuplets.
>
[For those who don't know- "prime n-tuplets"
are a generalization of the concept of twin
primes (i.e. triplet primes, etc.)]
CRYPTO- PERVERTS (a new series to
which I invite you to contribute)
Public key users do it in the open.
RNG testers do it as many ways as they can.
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Bob Silverman <[EMAIL PROTECTED]>
Subject: Re: Using Am-241 to generate random numbers
Date: Wed, 29 Mar 2000 20:08:00 GMT
In article <8brg30$s9k$[EMAIL PROTECTED]>,
"Jed Rothwell" <[EMAIL PROTECTED]> wrote:
> Most codes and ciphers depend upon random numbers. Some of the most
secure,
> top secret codes used by embassies depend upon long lists of random
numbers.
> A correspondent of mine once generated paper tapes filled with random
> numbers by comparing variances between a computer real-time clock and
cycles
> on the power mains. The digits were tested for random distribution
and then
> the paper tapes were shipped off in diplomatic bags.
No flame intended, but I have a hard time believing this story.
Anyone who had a sufficiently high security clearance to generate
such a thing (these random digits) for diplomatic use would NOT
be discussing it with someone else. Unless of course that someone else
had a similar clearance and it was in a vault. But if *you* had such
a clearance, you would not be discussing this in public.
Bob Silverman
"You can lead a horse's ass to knowledge, but you can't make him think"
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Crossposted-To: sci.stat.math
Subject: Re: Q: Differencing time series
Date: Wed, 29 Mar 2000 22:33:32 +0200
Radford Neal wrote:
>
> About the only thing the above method looks to be good for is as a
> homework problem.
If you think that my questions are so simple, then would you care
to say at least something? At least the first two questions need
not have anything associated with practical applications.
M. K. Shen
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Crud!
Date: 29 Mar 2000 20:57:12 GMT
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
(NFN NMI L.) wrote:
> Aw, nuts. I just posted a really cool reply to that announcement of the
> creation of sci.crypt.random-numbers, but I was reading sci.physics at
> the
> time. Oh well. Go look for it there.
>
> What the heck is an announcement about sci.crypt.random-numbers doing on
> sci.physics anyways?
... and sci.electronics.design etc ... (I know 'cos I posted it there)
Perhaps if you'd seen some of the quality discussion on the noise
mechanisms of zener diodes etc then you'd appreciate the need to call in
physicists and electronics engineers to improve the understanding of noise
phenomena.
Keith
http://www.cix.co.uk/~klockstone
------------------------
'Unwise a grave for Arthur'
-- The Black Book of Carmarthen
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: How weak is WeakCipher?
Date: Wed, 29 Mar 2000 21:11:30 GMT
Aha! I finally found David Wagners message. It
was for some reason not displayed by NewsOne.net,
hence te delay.
In article
<89hctp$8gl$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (David A.
Wagner) wrote:
> [More precisely, CFB-8. -- David]
No, actually not. I have referred to the mode as
PCFB mode in later messages. In regular CFB mode
the encryption of the feedback buffer is
discarded after it has been xor:ed with the plain
text. In the WeakCipher PCFB mode it is the
encrypted buffer that is passed on to the next
step.
> > The encryption of DWordi in IVector is
described by the formula DWordi <-
> > gi**DWordi mod 4294967087, where gi is the
ith of two DWord subkeys. The
> > subkey gi is generated by the formula gi <-
2**(2*ki) mod 4294967087, where
> > ki is a number in the range 0..2147483542.
>
> Well, let's see. There appears to be a divide-
and conquer attack (with
> workfactor O(2^32)) that appears quite feasible
to implement in practice.
>
> Suppose for simplicity that we have a byte of
known plaintext at location i.
> Then we may deduce the value of IVector used as
input to CFB-8 mode when
> encrypting location i from the ciphertext bytes
at positions i-8,i-7,..,i-1.
> Also we know the low byte of the new IVector as
output from the scrambler.
>
> In other words, we know a value of D for which
the low byte of
> gi**D mod 4294967087 is known. If we simply
guess gi (32 bits), we may
> eliminate all but 1/2^8 of the wrong guesses.
You cannot do that, at least not that way,
because you don't know D. D is the output of 8
consequtive encryptions and 8-bit shuffles.
>If we do this at a few
> locations where the plaintext byte is known
(note that the same value of
> gi is used in all locations), we should be able
to eliminate all the wrong
> guesses, leaving only the correct value of gi.
We can find first g1 and
> then g2 in turn in this way, each with O(2^32)
work, for a total of
> O(2 * 2^32) work.
Actually, no. It is only the low 8 bits of g1**D1
mod 4294967087 you might know by knowing the
plain text. No part of g2**D2 mod 4294967087 is
ever xor:ed with the plain text. The second
generator is only used to scramble the feedback
before it reaches the first generator.
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED] (Steve K)
Subject: Re: How are these passwords?
Date: Wed, 29 Mar 2000 21:33:38 GMT
On Wed, 29 Mar 2000 06:54:49 -0800, John
<[EMAIL PROTECTED]> wrote:
>I've tested the passwords...
>
>meuliom, as it has duel letters, I tried meulion. These
>passwords seem to (mathematically) be bad with many encryption
>schemes. How do I know a good and bad choice?
Actually, though they may resist attacks with conventional
dictionaries, neither password amounts to much when an opponent's
software is set up to try everything from a to zzzzzzz. This is a
fairly trivial attack, that will break either example 100% of the
time. The main problem is that they are just too short.
Think about pass phrases, rather than pass words; you can read more
than you probably want to know on this subject, at:
http://www.stack.nl/~galactus/remailers/passphrase-faq.html
http://world.std.com/~reinhold/diceware.page.html
:o)
Steve
---Continuing freedom of speech brought to you by---
http://www.eff.org/ http://www.epic.org/
http://www.cdt.org/
PGP key 0x5D016218
All others have been revoked.
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Opinions?
Date: Wed, 29 Mar 2000 23:40:56 +0200
Darren New wrote:
>
> Yes. And sometimes the effect comes before the cause. And sometimes there's
> an effect without any cause.
I am interested to know in which natural science disciplines there
are effects that come before the clauses, not to say effects without
causes. Could you elaborate a bit? (I learned that there are
some speculations about time reversals. But I suppose that these are
yet speculations and nothing more.) Thanks.
M. K. Shen
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Improvement on Von Neumann compensator?
Date: Wed, 29 Mar 2000 23:41:09 +0200
Herman Rubin wrote:
>
> Brownian motion is a physically unrealizable continuous
> process. Keep in mind that ONE real number with a known
> continuous distribution produces an infinite number of
> random bits.
Sorry that I don't yet quite understand. Brownian motion is
a phenomenon found in experimental physics and is the result
of collision of particles, as far as my humble knowledge of
physics goes. So that doesn't seem to be a continuous process.
Or maybe one models it for convenience that way?
M. K. Shen
------------------------------
From: Darren New <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: Opinions?
Date: Wed, 29 Mar 2000 21:43:01 GMT
Mok-Kong Shen wrote:
> I am interested to know in which natural science disciplines there
> are effects that come before the clauses, not to say effects without
> causes. Could you elaborate a bit?
Quantum physics. For example, a photon can cause the path of the electron
that absorbs it to change before the photon is emitted, over sufficiently
small distances. At least, that's my understanding as a layman. The actual
emission of the photon could be viewed as an effect with no cause. Check out
Feynman's texts for info accessible without postgrad math degrees.
--
Darren New / Senior MTS / Invisible Worlds Inc.
San Diego, CA, USA (PST). Cryptokeys on demand.
There is no safety in disarming only the fearful.
------------------------------
From: "Jerry (Honey) Gehling" <[EMAIL PROTECTED]>
Subject: Newbie, Where should I start,
Date: Wed, 29 Mar 2000 15:35:43 -0600
Hello everyone,
I'm just starting to become very interested in crypto and was curious if
anyone could recommend some materials with which I could start. I have a
fairly deep math background which is where my facination with crypto comes
from, number theorey. All suggestions are welcome.
thanks
_________________________________________
Gerald F. Gehling
Double Major: Math/Computer Science
[EMAIL PROTECTED]
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Examining random() functions
Date: Wed, 29 Mar 2000 23:52:16 +0200
Johnny Bravo wrote:
>
> See the tests in the DieHard test suite. Rather than first just tell
> you to go get it, I'm running output from your program though the suite as
> I type this. I put further comments below. DieHard has quite a few
> tests, descriptions of which will be on each section I include below.
> I ran your program with a Random(255) and output each value as a byte into
> a file for testing. After I got the results I reran the program with a
> different seed and tested it again, where the results were different
> between runs (one failure and one success) I ran it a third time with yet
> another seed and only performed those tests to get a majority. :)
I wonder whether it is possible to have some software to
postprocess the normally voluminous Diehard output to result in
one single measure of goodness or it is the case that by the
nature of the test at hand human decision capabilities (which
presumabably differ from person to person) are unconditionally
needed.
M. K. Shen
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
