Cryptography-Digest Digest #537, Volume #11 Wed, 12 Apr 00 19:13:01 EDT
Contents:
Re: Stream Cipher - Mark 2. ("Simon Johnson")
Re: Compaq invents more efficient RSA?! (Diet NSA)
Re: More on self-shredding documents (Johnny Bravo)
Re: Is AES necessary? (wtshaw)
Re: GSM A5/1 Encryption (Paul Koning)
Re: MAA Algorithm source and test values ([EMAIL PROTECTED])
Re: Encode Book? (Diet NSA)
Re: Q: Inverse of large, sparse boolean matrix, anyone? (Justin Pearson)
Re: Q: Entropy (Bryan Olson)
Re: Encode Book? (Diet NSA)
SAC 2000 Second Call for Papers (Stafford Tavares)
Re: Is AES necessary? (Tom St Denis)
Re: Q: Entropy (James Felling)
Re: Encode Book? (Tom St Denis)
Re: Quantum Teleportation (Diet NSA)
----------------------------------------------------------------------------
From: "Simon Johnson" <[EMAIL PROTECTED]>
Subject: Re: Stream Cipher - Mark 2.
Date: Wed, 12 Apr 2000 21:10:16 -0700
Sorry an error I just noticed.
> Function StreamCharacter {
> For i = 1 to (length of key)
> a = (a + (a * sqr(b * (ascii of the i'th character of key)))) mod
65536
> b = (b + ( b * sqrt(a* (ascii of the (i+1)'th character of key)))) mod
65536
> Next i
> outputchar = (a+b) mod 256
> }
>
------------------------------
Subject: Re: Compaq invents more efficient RSA?!
From: Diet NSA <[EMAIL PROTECTED]>
Date: Wed, 12 Apr 2000 13:25:41 -0700
In article
<[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (Bodo Moeller) wrote:
>
>The idea of using an RSA modulus with more than two prime
factors has
>already been patented, and in fact the patent expires in a few
months.
>See <URL:
http://www.patents.ibm.com/details?&pn=US04405829__&s_clms=1#clms
>,
>claim 38 (also at <URL:
http://www.patents.ibm.com/gifcache/US04405829__.tif.19.s0.35.r0.
gif>).
>
>
Supposedly, inspired by the necessity of having secure protocols
for nukes, the NSA invented the idea of public key crypto in the
1960s. (This was before the Brits at Cheltenham who were before
DH & RSA.) I'd bet money the NSA has previously considered RSA
with more than 2 prime factors. I wonder what their internal
policy is for allowing themself to apply for patents.
I toy with Big Brother, yet He does not share His toys with me :-(
* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
The fastest and easiest way to search and participate in Usenet - Free!
------------------------------
From: Johnny Bravo <[EMAIL PROTECTED]>
Subject: Re: More on self-shredding documents
Date: Wed, 12 Apr 2000 16:25:32 -0400
On Wed, 12 Apr 2000 14:35:33 -0500, "David C. Oshel"
<[EMAIL PROTECTED]> wrote:
>Uhhh... Are you guys talking about the DOCUMENT or the information IN the document?
>
>I'll grant you, information likes to propagate itself, but it sounds like the delivery
>system is what they're talking about. Also, I was supposing (and gee I know how dumb
>it is to suppose user will do the right thing) the idea was to automate "Your Eyes
>Only,
>Burn After Reading."
The original thread was talking about both. Nothing stopping the
receiver from making a copy before opening it, so even after reading,
it isn't destroyed, no matter how automated it becomes. It came down
to, it works if the recipient lets it work. No way to force the
recipient to follow the protocol.
--
Best Wishes,
Johnny Bravo
"The most merciful thing in the world, I think, is the inability
of the human mind to correlate all it's contents." - HPL
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: Is AES necessary?
Date: Wed, 12 Apr 2000 13:43:30 -0600
In article <[EMAIL PROTECTED]>, Mok-Kong Shen
<[EMAIL PROTECTED]> wrote:
> wtshaw wrote:
>
> Your opponent does not know your password, but
> he knows that you use one. That's why I classify such as
> technology.
That may not be the case at all a passphrase/password may be the root of
an encryption key, or not. A perspn may opt to store an encryption key
rather than try to remember how it was derived. If an opponent convinces
himself that he cannot find the a correct password, he might even consider
that he has assumed the wrong algorithm.
>...But if you somehow cause him to believe something
> (a false assertion/statement) long time without knowing it is
> false and, if done properly, without ever being able to find out
> that you are responsible for that malicious act, that's of a
> different quality.
>
There is nothing about being malicious in cryptography in using deception.
One of the most common goals is to beat analysis, so you can work against
the presumptions of an attacker. Perhaps you are using the word
*malicious* in a non-moral way?
--
Doubt until you have poof, then doubt frequently. Descartes
%/^): [|]"! ?=)@~ ;)[]* :@\@} *#~}> ,=+)! .($`\
------------------------------
From: Paul Koning <[EMAIL PROTECTED]>
Subject: Re: GSM A5/1 Encryption
Date: Wed, 12 Apr 2000 16:09:16 -0400
[EMAIL PROTECTED] wrote:
> ...
> It would be true to say that a Stream Cipher is much faster for this
> type of application...
Maybe true, maybe not, but irrelevant either way. Block ciphers
can be done in software, never mind simple hardware, MUCH MUCH
faster than is needed here.
And if you look at some popular crypto chips, you will probably
find they do DES and often 3DES faster than RC4.
> I accept the fact that you can use a block cipher
> and it will be ok....that is if you have to include a second dsp into
> the phone...which is what Siemens did with their Topsec GSM
> phone..
That's completely bogus. As I said, you can do it in a spare
percent or two of the capacity of the one DSP you need. Adding
a second one makes no sense whatsoever.
> it uses a 128 bit symmetric cipher...the set up time is pretty
> lousey...20 secs...for DH etc
Well, if you use sufficiently poor software I suppose it is
possible to get ridiculously poor performance. On the other hand,
you can get DH setup using decent size keys (512 bits or better)
two orders of magnitude faster with a plain old PC. So either those
people clocked their DSP at 1 MHz, or their compilers and/or
programmers are two orders of magnitude worse than gcc and the
FreeS/WAN team.
> You as a designer...would you use a Block Cipher or a Stream Cipher for
> a GSM Secure phone ....and why?
Either, but I would not use anything that hadn't seen public scrutiny.
That rules out the entire A5 family, but admits the likes of 3DES,
IDEA, Blowfish, RC-4, CAST, the current AES candidates... of which
I'd probably pick 3DES because it has seen the most analysis and
can easily be implemented in software at more than adequate
performance.
>
> >
> > > > Alternatively, pick a stream cipher with a good reputation, such
> > > > as RC-4.
> > > >
> > > > The way I look at this: one of the first things any good student
> of
> > > > crypto learns is that he isn't qualified to design a good cipher,
> > > > and won't be for many years if ever. Clearly, no good students of
> > > > crypto were involved in the A5 process, because they flunked that
> > > > test...
> > >
> > > I dont think that is the case. Read David Wagner's threads here. I
> > > think the designers of A5 new exactly what they were doing...and the
> > > they were surely no students of crypto...
> >
> > Well, you cannot possibly have a valid argument that (a) they
> > knew exactly what they were doing and also (b) they were surely
> > no students of crypto. Apart from that, the fact that they
> > ignored the established ciphers, designed a cipher substantially
> > weaker than even the absurdly weak goals they set, and the fact
> > that they kept it secret rather than releasing it to public
> > scrutiny all support my comment.
> >
> > Re David Wagner's comments, you mean comments like:
> > "In the world of crypto, there are plenty of "tried and true"
> > strong ciphers (strong enough for the context of GSM that
> > there was no need to go with an "on the edge" cipher like
> > 64- or 54-bit A5/1)."
> > ?
> >
>
> No the reference here is to the fact that the designers...were not
> amateurs...this design was to produce a deliberate week cipher...see the
> messages in this thread...mine and David Wagner's..you can also read
> about it in Applied Crypto
Well, you said yourself that they were "surely not students of
crypto". If that doesn't make them crypto amateurs, what does
it make them? Also, while they may have deliberately have set
out to make a weakened cipher, I doubt that they deliberately
introduced the additional weaknesses (dumbing it down even below
the apparent 40 bit target) that have been found later. Not that
the design goal of 40 bit strength ever was justifyable in the
first place...
paul
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: MAA Algorithm source and test values
Date: 12 Apr 2000 21:23:00 GMT
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Jorge Davila
Muro) wrote:
> I don't know if someone in sci.crypt could help me. I´m looking for
> detailed technical information about the MAA (Message Authenticator
> Algorithm) published by Davies in 1983 and adopted by ISO as a Banking
> standard. I would like to have that algorithm in source code and some
> good tests values. Thanks in advance for your help.
Yes - I've put the later version up (1988) in html and pdf formats along
with some other related material.
Keith
http://www.cix.co.uk/~klockstone
------------------------
'Unwise a grave for Arthur'
-- The Black Book of Carmarthen
------------------------------
Subject: Re: Encode Book?
From: Diet NSA <[EMAIL PROTECTED]>
Date: Wed, 12 Apr 2000 14:27:02 -0700
In article <aJ2J4.16172$[EMAIL PROTECTED]>,
"Stou Sandalski" <tangui [EMAIL PROTECTED]> wrote:
>
>I haven't heard anything about this X chromosome linkage but I
am reluctant
>to belive (until I have seen research on this) that inteligence
can be pin
>pointed to one chromosome.
>
I feel certain that intelligence *cannot* be pin-pointed to one
chromosome. Instead, I wrote "primarily linked to the X
chromosome" [relative, that is, to the Y chromosome].
>> Supposedly, then, intelligence is more
>> likely to average out in females and is
>> more likely to be abnormally low or high
>> in males. Among peolpe with high IQs
>> there are about 50 times as many men as
>> women.
>
>Ummm and you have seen these numbers where exactly?
Note that there are 50 times as many men with low IQs as well.
This unbalanced distribution could help support the X chromosome
hyptothesis. These statsitics are included in an estimation by
the *female* neuroscientist Gina LoSasso in an article about
intelligence in Esquire magazine (November 99, page 147).
>
>Testosterone contributes to intelligence? I haven't heard
anything about
>that either... can you like put some urls or name some people or
..
>anything that can back this point?
Gina LoSasso herself [who has a very high IQ] believes "that her
high intelligence is related to a higher-than-normal percentage
of testosterone in her system" (page 148 of the same article as
above). I am not a neuroscientist like she is so you might want
to contact her about the evidence for her claim.
>
>>These may
>> be some biological reasons why there are
>> more men than women in mathematics.
>
>I suggest you look at the structure of our society before saying
something
>so ridiculous
>
I am not a biologist or sociologist and have not myself derived
the various related ideas I have mentioned nor do I necessarily
believe them. The claims of sociobiology are very susceptible to
attack but, OTOH, it seems naive to think that human biology has
no important influence upon human society, even at the more
complex level.
>
>
>
>
I toy with Big Brother, yet He does not share His toys with me :-(
* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
The fastest and easiest way to search and participate in Usenet - Free!
------------------------------
From: Justin Pearson <[EMAIL PROTECTED]>
Subject: Re: Q: Inverse of large, sparse boolean matrix, anyone?
Date: Wed, 12 Apr 2000 14:40:08 -0700
Gadi Guy wrote:
> I'm not sure whether my problem is with inverting the matrix
> or simply with creating an invertable matrix. I find that
> the simple, pivoting Gauss elimination algorithm I copied from
> "Numerical Recipes" fails every time.
If you're trying to adapt an algorithm designed to invert matrices
of reals, you're making it unnecessarily hard on yoursef. Because
there are no roundoff problems in GF(2), you don't need to spend
any time looking for the "best" pivot element, and in fact you don't
even need to perform any columnwise operations: if you can't
invert the matrix using only row-wise operations, it's singular.
Find any 1 in the first column, and swap rows to put it in the (1,1)
position. (If no 1 is found, the matrix is singular.) XOR row 1 with
any other row that has a 1 in the first column. Next, find any 1 in
the second column below the first row. (If no 1 is found, the matrix
is singular.) Swap rows to put it in the (2,2) position. XOR row 2
with any other row that has a 1 in the second column. Repeat.
These row operations (swaps and XORs) will transform the
matrix into the identity matrix. If they are simultaneously applied
to an identity matrix, they will transform it into the inverse of
the original matrix.
Good luck.
- Peter
------------------------------
From: Bryan Olson <[EMAIL PROTECTED]>
Subject: Re: Q: Entropy
Date: Wed, 12 Apr 2000 21:47:25 GMT
Mok-Kong Shen wrote:
> Bryan Olson wrote:
> > Mok-Kong Shen wrote:
> > > If the shortest program to describe the former is shorter than
> > > the one for the latter (a case which seems fairly likely), then
> > > by definition the former has less Kolmogorov complexity than
> > > than the latter.
> >
> > Wrong. Kolmogorov complexity allows the program to be
> > written in a large class of languages. For any pair of
> > distinct finite strings there's a pair of legal language that
> > disagree on which string has the shorter program.
>
> That issue of difference of languages is understandably treated
> in Kolmogorov complexity.
I've been trying to explain _how_ the issue is treated:
language-independant complexity is defined to within an
additive constant. If you know the issue is treated, why do
you keep ignoring the treatment? If your "shortest program"
comparison is language independent, what happened to the
+O(1) term?
In a discussion last year, I wrote an explanation of the
theorem that justifies the language-independent metric, and
why it fails to describe finite strings. It's in a sci.crypt
post of 11/13/1999 in the thread 'Re: Proposal: Inexpensive
Method of "True Random Data" Generation". One warning: in
that post I assumed a "string" is by definition finite,
which is not the convention in Kolmogorov complexity.
> The fact that no real-world algorithm to
> measure that theoretical quantity exists can also be interpreted
> to mean that no very exact comparison could be made, in my view.
In my view, the fact that in this case the measure is not
defined supersedes the issue of it being incomputable in
most cases where it is defined.
> But surely some more or less useful comparison can be made.
> Allow me to use an analogy: one can surely claim that the code
> for an operating system is more complex than one for the
> quick sort, and that totally independent of what programming
> languages one uses, including those of year 3000, can't one?
Sure. I don't see the connection to your assertion about
Kolmogorov complexity or your original question about exact
computation of entropy.
--Bryan
--
email: bolson at certicom dot com
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
Subject: Re: Encode Book?
From: Diet NSA <[EMAIL PROTECTED]>
Date: Wed, 12 Apr 2000 15:04:06 -0700
In article <8d2g7l$n3b$[EMAIL PROTECTED]
state.edu>, [EMAIL PROTECTED]
(mark carroll) wrote:
>I suppose that, as testosterone is thought to contribute to
causing
>left-handedness (so you get more left-handed males than
females), and
>there's some evidence that there is more variance in
intelligence in
>left-handers than in right-handers (i.e. more lower IQs and more
>higher IQs), there may be a disproportionate number of men in
the top
>percentile of IQ.
There are about 50 times more men than
women in certain higher and lower IQ
percentiles. (See, for example, the article
I refer to in my second post.)
It's an entertaining idea I'd not really
thought
>about before, but anyway this armchair embryology and
neuroscience
>doesn't belong on sci.crypt.
>
You may have noticed that a large part of
this thread was already off-topic to begin
with. I was replying to an off-topic
statement made by lordcow77 (a cool
name).
I toy with Big Brother, yet He does not share His toys with me :-(
* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
The fastest and easiest way to search and participate in Usenet - Free!
------------------------------
From: Stafford Tavares <[EMAIL PROTECTED]>
Subject: SAC 2000 Second Call for Papers
Date: Wed, 12 Apr 2000 17:56:00 -0400
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
SECOND CALL FOR PAPERS
SAC 2000
Seventh Annual Workshop on Selected Areas in Cryptography
to be held at:
University of Waterloo
Waterloo, Ontario, Canada
Dates: August 14-15, 2000
Co-Chairs:
Doug Stinson, University of Waterloo
Stafford Tavares, Queen's University
Invited Speaker: Dan Boneh, Stanford University
More announcements to follow
Workshop Themes:
1. Design and analysis of symmetric key cryptosystems.
2. Primitives for private key cryptography, including
block and stream ciphers, hash functions and MACs.
3. Efficient implementations of cryptographic systems
in public and private key cryptography.
4. Cryptographic solutions for web/internet security.
Program Committee:
D. Stinson U. of Waterloo, Canada
S. Tavares Queen's U., Canada
L. Chen Motorola, U.S.A.
H. Heys Memorial U. of Newfoundland, Canada
L. Knudsen U. of Bergen, Norway
S. Moriai NTT Labs., Japan
L. O'Connor IBM Zurich
S. Vaudenay EPFL, Switzerland
A. Youssef U. of Waterloo, Canada
R. Zuccherato Entrust Technologies
Instructions for Authors
Submissions must consist of an extended abstract of at most 15
double-spaced pages, clearly indicating the results achieved,
their significance, and their relation to other work in the area.
Authors can either email one copy of a Postscript file to
[EMAIL PROTECTED] or send ten copies of the extended abstract to
SAC 2000
c/o Stafford Tavares
Department of Elect. and Computer Eng.
Queen's University
Kingston, Ontario K7L 3N6
CANADA
Important Dates:
Submission Deadline May 1
Notification of Acceptance June 19
Workshop Dates August 14-15
Deadline for Proceedings September 18
Proceedings
It is intended that the Proceedings will be published by
Springer-Verlag in the Lecture Notes in Computer Science
(LNCS) Series. In order to to be included in the Proceedings,
papers must be presented at the Workshop. As in previous years,
the Workshop Record will be available to participants during
the Workshop.
For further information contact:
Doug Stinson, University of Waterloo [EMAIL PROTECTED]
Stafford Tavares, Queen's University [EMAIL PROTECTED]
Conference web page:
http://www.cacr.math.uwaterloo.ca/conferences/2000/SAC2000/announcement.html
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: Is AES necessary?
Date: Wed, 12 Apr 2000 22:10:22 GMT
Mok-Kong Shen wrote:
>
> Tom St Denis wrote:
> >
>
> > Oh well, yea you are right AES is completely not required, but neither
> > is further space exploration. Been there, done that.
>
> I know it is often difficult to argure about 'requirements', for
> that word usually has a wide range of interpretations. (I hope
> though that my interpretation in this thread has been unabmiguous.)
> At the end it is clearly something in the domain of politics and
> consequently one could aptly argue on both sides. About 'space',
> BTW, it is my personal (certainly subjective/biased, exotic) view
> that one shouldn't spend a cent researching whether there are other
> intelligent beings elsewhere in the universe before the daily
> uncounted number of people perishing due to hungry in our world
> could be stopped.
Alot of hunger problems are related to greed, and not technological
problems. Third-world countries growing plants that are not domestic
instead of foods they can eat... But that's another problem all
together...
Well for alot of cases RC5 is pretty much the best cipher in existance.
It's small, fast and simple to program and takes very little ram. But
other ciphers still are being made, just for pure research.
> > Yea 3DES is secure, but I think by properly implementing [*] the new AES
> > ciphers in my program that others will eventually use, I am doing those
> > cryptographers a nice favor. It's one thing to design a cipher,
> > cryptanalyze it, [and get the women] but if it's never used who cares?
>
> AES certainly will be a very good cipher, even though someone has
> cautioned that one should await some further analysis. It will also
> surely be used in practice. My aruments could probably be compared
> to somebody in a family questioning why an expensive new car is
> brought while the predecessor is not yet two years old.
See above.
Tom
------------------------------
From: James Felling <[EMAIL PROTECTED]>
Subject: Re: Q: Entropy
Date: Wed, 12 Apr 2000 17:14:52 -0500
Mok-Kong Shen wrote:
> Bryan Olson wrote:
> >
> > Mok-Kong Shen wrote:
> > > Bryan Olson wrote:
> > > > Given a string of, say, a million zeros and a "random"
> > > > million-bit string, Kolmogorov complexity does not say which
> > > > is more complex.
> > >
> > > If the shortest program to describe the former is shorter than
> > > the one for the latter (a case which seems fairly likely), then
> > > by definition the former has less Kolmogorov complexity than
> > > than the latter.
> >
> > Wrong. Kolmogorov complexity allows the program to be
> > written in a large class of languages. For any pair of
> > distinct finite strings there's a pair of legal language that
> > disagree on which string has the shorter program.
>
> That issue of difference of languages is understandably treated
> in Kolmogorov complexity. Otherwise that theory wouldn't be
> able to exist at all. The fact that no real-world algorithm to
> measure that theoretical quantity exists can also be interpreted
> to mean that no very exact comparison could be made, in my view.
> But surely some more or less useful comparison can be made.
> Allow me to use an analogy: one can surely claim that the code
> for an operating system is more complex than one for the
> quick sort, and that totally independent of what programming
> languages one uses, including those of year 3000, can't one?
>
> M. K. Shen
The problem that is run into here is that given a family of languages L
we can evaluate Kolmogorov complexity (called K-complexity in remainder
of the article. We can then evaluate the K-complexity of that string
relative to that language family L. However given 2 strings S1, and S2,
and two language families L1, and L2 then it is simply possible to show
that in L1 S1 has greater K-complexity than S2, and relative to L2 S1
has less K-complexity than S2. Since the K-complexity cannot be
establised in an absolute manner, the best one can say is that the
k-complexity of S relative to language family L is ..., this does NOT
establish any useful characteristic for evaluating S, as we cannot
evaluate S vs. the class of all languages without of course concluding
that it has order 1 as there will exist a language in which S is the
trivial output of a single command. Only an infinite string may be
evaluated for K-complexity in a reasonable manner, as there are infinite
strings generatable only in multiple operations.
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: Encode Book?
Date: Wed, 12 Apr 2000 22:20:49 GMT
Diet NSA wrote:
>
> In article <2bfa1245.23735ac7@usw-
> ex0103-018.remarq.com>, lordcow77 <
> [EMAIL PROTECTED]>
> wrote:
>
> >Teaching yourself Pascal is not a big deal. Inventing a new
> >public key cryptosystem that is at least plausibly difficult to
> >break and then attacking it yourself at her age is a big deal.
>
> I know very little about high school
> students but some of their achievements
> in crypto (such as Flannery's & also
> Viviana Risca's DNA steganography) seem
> somewhat remarkable for people that age.
> I also find it impressive that Tom St
> Denis appears to be able to learn
> computers & crypto so rapidly, especially
> since he is only doing this part-time. He
> is not afraid to learn by making mistakes
> which he regularly catches & corrects
> himself. What Tom develops & puts on his
> website would be impressive to any
> potential school or employer & he could
> probably get a job in most areas of IT
> even with only a high school diploma
> (especially since nearly 850,000 IT
> positions in the U.S. will go unfilled in
> the near term causing some economic
> slowdown).
Of course, I am wrong quite often but that is what 'learning' is all
about. Of course the areas of crypto I am familar with are above
average, but not of the 'excellence' level...
> From your postings, it seems obvious that
> you are far beyond the high school level.
> You needn't be too harsh with Tom- What
> you might perceive as arrogance could be
> an expression of confidence. Whether
> anyone likes it or not, it has been shown
> that the brains of teenagers are
> hardwired differently for processing
> emotions and that young people
> (especially males) have more of the
> neurons associated with aggression
> (gradually these neurons start to die off).
Macho wars? heheh.
>
> A female biologist (an Australian whose
> name I forget) claims that intelligence is
> primarily linked to the X chromosome.
> Supposedly, then, intelligence is more
> likely to average out in females and is
> more likely to be abnormally low or high
> in males. Among peolpe with high IQs
> there are about 50 times as many men as
> women. Also, there is evidence that
> testosterone contributes to intelligence
> and that spatial reasoning abilities are
> greater in men than in women. These may
> be some biological reasons why there are
> more men than women in mathematics.
>From what I see around my school most males/females 'filter' out by
their last year of school [we have a grade 13] so mainly they are the
intelligent beings in our last year. Which are mainly females, my OAC
Algebra class is about 60% female...
> I don't know if it is so difficult to come
> up with an idea for a "plausible" PK
> cryptosystem. It wouldn't surprise me if,
> for example, Tom posted a new proposal
> for PK crypto based, say, on a certain
> class of permutation polynomials. I could
> *try* to devise a new PK system based on
> a combination of cellular automaton &
> gate array architecture. However, there is
> a very good chance that these proposals
> will be like Flannery's - not standing up
> to cryptanalytic attacks or not offering
> any advantage over existing systems.
> Also, they could have problems with
> implementation. Anyways, if you don't
> like Tom's posts you don't have to read
> them.
Well I am no genius, my iq is around 115 ~ 120 [online testing], whereas
the avg joe is around 105~110 [I think that's what I read last]. I just
like playing with the ideas. My ideas revolving around Perm.Poly's are
certainly new [*] and so far have been interesting. A new adaptation of
a feistel model for big blocks has been designed, which is used in the
hash [1] and cipher [2] constructions. They are space efficient but not
time efficient...
If the cipher and/or hash and/or model (feistel model) are even remotely
usefull, then it was worthwhile, if not, well it was fun.
Another thing is that I have developped my own PK ciphers but are
normally silly and weak and I brake them before posting, although
nothing of the genius quality, pretty cool for me.
Tom
[*] Permutation Polynomials are initally used in RC6 [3] and discussed
in [4].
[1] My hash design is available in prototype c format at
http://24.42.86.123/hash.c
[2] My cipher design is at http://24.42.86.123/cipher.c
[3] "The RC6 (tm) Block Cipher", R. Rivest, M.J.B Robshaw, R. Sidney,
Y.L Yin
[4] "Permutation Polynomials Modulo 2^w", Ronald Rivest
>
> I toy with Big Brother, yet He does not share His toys with me :-(
> * Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
> The fastest and easiest way to search and participate in Usenet - Free!
------------------------------
Subject: Re: Quantum Teleportation
From: Diet NSA <[EMAIL PROTECTED]>
Date: Wed, 12 Apr 2000 15:21:14 -0700
In article <[EMAIL PROTECTED]>,
"Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote:
>I don't think quantum teleportation has any direct bearing on
>cryptography.
Actually, the quantum one time pad could
be implemented using EPR teleportation
by encrypting the classical
communications with a OTP. "Hence,
teleportation gives one example of a
quantum encryption algorithm." See page
9 of this paper:
http://arxiv.org/abs/quant-ph/0003059
Anyone who is interested about the
relationship between encryption and
teleportation should consider reading at
least Section 7 of this paper (page 9).
I toy with Big Brother, yet He does not share His toys with me :-(
* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
The fastest and easiest way to search and participate in Usenet - Free!
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
