Cryptography-Digest Digest #169, Volume #12 Thu, 6 Jul 00 12:13:00 EDT
Contents:
Any crypto jokes? (potentially OT) ([EMAIL PROTECTED])
Re: Difference between A5/1 and A5/2 (Matthias Bruestle)
Re: Any crypto jokes? (potentially OT) (Larry Kilgallen)
Crypto jokes? (potentially OT) ([EMAIL PROTECTED])
Re: Even an Amplified Boomerang Won't Cascade (John Savard)
Re: Crypto jokes? (potentially OT) ("íÅÄ×ÅÄÅ× íÉÈÁÉÌ")
Re: Any crypto jokes? (potentially OT) (Helger Lipmaa)
Re: Prime Numbers? ([EMAIL PROTECTED])
Re: cray and time needed to attack ("CrakMann")
Re: Prime Numbers? (Mark Wooding)
Re: one time passwords and RADIUS (greuh)
MP3 encryption and patent 6,081,597 (Kent Briggs)
Re: Any crypto jokes? (potentially OT) (Quisquater)
Re: Some dumb questions (Mok-Kong Shen)
Re: A thought on OTPs (Mok-Kong Shen)
Re: DES Analytic Crack (Mok-Kong Shen)
Re: Prime Numbers? ("Douglas A. Gwyn")
Re: MP3 encryption and patent 6,081,597 (Roger Schlafly)
Data compression and encryption (Dido Sevilla)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED]
Subject: Any crypto jokes? (potentially OT)
Date: Thu, 06 Jul 2000 10:56:43 GMT
Does any body know any crypto-related jokes, or have links to websites
that contain them?
Or perhaps someone could provide an ingenious answer to the question...
wait for it...
How many cryptographers does it take to change a light bulb?
TIA for any suggestions
rot26
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED] (Matthias Bruestle)
Subject: Re: Difference between A5/1 and A5/2
Date: Thu, 6 Jul 2000 09:04:51 GMT
Mahlzeit
Klaus Schmeh ([EMAIL PROTECTED]) wrote:
> The A5 encryption algorithm (used for GSM cell phones) exists in the two
The Schlumberger Multiflex smart card has the algorithm TESA. Is this
also from the GSM standard? Is it documented somewhere?
Mahlzeit
endergone Zwiebeltuete
--
PGP: SIG:C379A331 ENC:F47FA83D I LOVE MY PDP-11/34A, M70 and MicroVAXII!
--
Can I be the one to crack the pelvis?
-- William
------------------------------
From: [EMAIL PROTECTED] (Larry Kilgallen)
Subject: Re: Any crypto jokes? (potentially OT)
Date: 6 Jul 2000 08:48:50 -0500
In article <8k1ol9$p2k$[EMAIL PROTECTED]>, [EMAIL PROTECTED] writes:
> Does any body know any crypto-related jokes,
I have found a way to use One-Time-Pads by generating the
pads at both ends during operation.
------------------------------
From: [EMAIL PROTECTED]
Subject: Crypto jokes? (potentially OT)
Date: Thu, 06 Jul 2000 11:41:36 GMT
Does anyone know any crypto-related jokes or links to them?
Or perhaps someone could come up with an ingenious answer to the
question:
How may cryptographer does it take to change a light bulb?
Thanks in advance for any suggestions
rot26
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Even an Amplified Boomerang Won't Cascade
Date: Thu, 06 Jul 2000 12:57:34 GMT
If one also uses the fact that a characteristic like that of a Feistel
round lets one input a "counter", to use the terminology of Bruce
Schneier's paper, the attack I've outlined _can_ be used on even a
lower-probability characteristic in two steps rather than a long
cycle, to strip off the first two rounds of a block cipher. For DES:
input 2^16 sets of 2^16 values differing only in the left half. By the
birthday paradox, two of those sets will differ only in the right half
from one another on input to the next round. Use the characteristic of
the last 14 rounds on all the outputs, and after decryption, by the
birthday paradox, two of the sets of 2^16 values in the output will
have matching pairs.
John Savard (teneerf <-)
http://www.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: "íÅÄ×ÅÄÅ× íÉÈÁÉÌ" <[EMAIL PROTECTED]>
Subject: Re: Crypto jokes? (potentially OT)
Date: Thu, 6 Jul 2000 16:39:50 +0400
It's like the question: How to kill the cockroach?
Answer: To impound him under the table and cut the table legs!!!
> Does anyone know any crypto-related jokes or links to them?
------------------------------
From: Helger Lipmaa <[EMAIL PROTECTED]>
Subject: Re: Any crypto jokes? (potentially OT)
Date: Thu, 06 Jul 2000 18:48:35 +0300
[EMAIL PROTECTED] wrote:
> Does any body know any crypto-related jokes, or have links to websites
> that contain them?
>
> Or perhaps someone could provide an ingenious answer to the question...
> wait for it...
>
> How many cryptographers does it take to change a light bulb?
>
> TIA for any suggestions
>
> rot26
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.
See, e.g., http://www.moomin.ee/~helger/crypto/link/misc.html
Haven't really been interested in collecting the humour links, but at
least there are the precious few of them. One of them that I liked quite
much:
---
Subject: Differential <insert any word> Analysis
Date: Mon, 22 Jun 1998 15:28:58 +0200
From: Lars Ramkilde Knudsen <[EMAIL PROTECTED]>
Organization: University of Bergen, Norway
Newsgroups: sci.crypt
Differential Smell Analysis
The general idea of this attack is that the smell of a smartcard (or any
other crypto device) is correlated to the computations it performs. By
using careful trained noses our team of dogs, including several
Dobbertins, recently succeeded in smelling the secret key from a smart
card.
Our best 12 hound version of the attack involved 2^26 carefully chosen
sniffs, although currently we recommend the use of at least 16 hounds. We
estimate that an average 56 bit key can be sniffed out by a team of 16
dogs in 3 days, at an approximate cost of 25kg of braised beef chunks.
Although the attack is largely algorithm independent it would seem likely
that keys used in certain algorithms will become mure vulnerable to smell
analysis as the algorithms mature. Although DES has not proved to be too
smelly (despite its age), until recently our best results were achieved
attacking keys used by the pungent Blowfish algorithm. These results were
so impressive that we have not yet bothered trying to extract keys used by
Twofish, which is clearly a step in the wrong design direction.
Knudsen, Martin, Rijmen
---
Helger Lipmaa
http://www.tcm.hut.fi/~helger
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Prime Numbers?
Date: Thu, 06 Jul 2000 13:41:19 GMT
In article <[EMAIL PROTECTED]>,
David Lancashire <[EMAIL PROTECTED]> wrote:
> ...
> well... there's always Euclid's theorum (300bc):
>
> Let n be an arbitrary integer.
>
> prime = n! + 1
> (find an integer divisible by all positive integers less than
itself, and
> simply add one....)
>
If you mean by that Euclid's proof that there are infinitely many
primes, then it's not n!+1, meaning it's not "all positive integers
less than or equal to itself". It's all primes less or equal to some
prime. For example, if you think that 11 is the largest prime, then
compute n=2x3x5x7x11 + 1 = 2311 = prime. So it's not the same as n!
(the factorial).
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: "CrakMann" <[EMAIL PROTECTED]>
Subject: Re: cray and time needed to attack
Date: Wed, 5 Jul 2000 19:24:27 -0700
I think Cray's are over rated.
There is a web site which I don't have time to find right now that posts
benchmark results for computing a ray traced standard image using POVray
software.
You may be surprised at the power afforded the everyday PC user by modern
processors especially clustered processors. The commercial microprocessor
has leapfrogged the supercomputer for certain types of calculations.
Comparing computing power per dollar available from overclocked Pentiums or
even Celerons with that of a Cray is pretty eye opening. Old S. Cray would
have given his left gonad to science to be able to clock his processors at
1.6 GHz and run a large cache ram at half that speed with dual pipelined
Harvard architecture, and cluster the processors with 10 Ghz fiber optics
etc., etc.
Of course it is likely that special purpose machines owned by the NSA may be
able to blow the doors off most other computers (super or not) on a raw
performance basis. But maybe not...
Without a modern day Klaus Fuchs or Julius Rosenberg, we may never find out
how much juice that computer sitting down in the 44th floor of the sub
basement at Fort Meade really has. Of course, one can hope they eventually
give a hard drive with this info on it to the geeks at Los Alamos. It ought
to be in the morning paper right after that happens.
JK
--
CRAK Software
http://www.crak.com
Password Recovery Software
QuickBooks, Quicken, Access...More
Spam bait (credit E. Needham):
root@localhost
postmaster@localhost
admin@localhost
abuse@localhost
webmaster@localhost
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
Douglas A. Gwyn <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Doug Kuhlman wrote:
> > The whole question kind of revolves around what you mean by "to crack",
> > what methods are being used, etc. Which Cray?
>
> More importantly, whose Cray?
------------------------------
From: [EMAIL PROTECTED] (Mark Wooding)
Subject: Re: Prime Numbers?
Date: 6 Jul 2000 14:38:25 GMT
[EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> If you mean by that Euclid's proof that there are infinitely many
> primes, then it's not n!+1, meaning it's not "all positive integers
> less than or equal to itself". It's all primes less or equal to some
> prime.
Both work.
-- [mdw]
------------------------------
Subject: Re: one time passwords and RADIUS
From: greuh <[EMAIL PROTECTED]>
Date: Thu, 06 Jul 2000 07:50:59 -0700
More about the subject :
http://www.homeport.org/~adam/dimacs.html
It's 4 years old, I hope things have changed since then !
===========================================================
Got questions? Get answers over the phone at Keen.com.
Up to 100 minutes free!
http://www.keen.com
------------------------------
From: Kent Briggs <[EMAIL PROTECTED]>
Subject: MP3 encryption and patent 6,081,597
Date: Thu, 06 Jul 2000 14:56:05 GMT
Did anyone see this NY Times article:
http://www.nytimes.com/library/tech/00/07/biztech/articles/03pate.html
I don't pretend to understand the math in the patent (see uspto.gov) but
I don't see how they prevent this from being hacked since as always, the
decryption has to occur on the client's machine.
--
Kent Briggs, [EMAIL PROTECTED]
Briggs Softworks, http://www.briggsoft.com
------------------------------
From: Quisquater <[EMAIL PROTECTED]>
Subject: Re: Any crypto jokes? (potentially OT)
Date: Thu, 06 Jul 2000 17:02:33 +0200
See http://www.ii.uib.no/~larsr/crap.html
the journal completely devoted to craptology
Maybe there are crypto works at
http://www.jir.com/index.htm
and
http://www.improb.com/
Finally (sorry, in French) here is my last contribution ...
Les tirages des clés
ou l'étirage des clés
par Cyreno de Heressac
(à dos de prime jeunesse, c'est grand mot dire)
(d'après Edmond RoStAnd - 1868-1918, de guerre lasse)
Nous sommes en 1640
(le petit théorème vient juste d'être inventé par Pierre Fermat
- 1601-1665 - sa mort a aussi été annoncée en 1653, fosse nouvelle -,
à Toulouse, bien qu'il fîsse sûrement ses études à Bordeaux et Orléans,
on n'est jamais trop prudent: pour le grand il y a encore de la marge ...).
CYRENO
Ah ! non ! elle est un peu courte, jeune homme !
On pouvait tirer... ou mieux !... bien des clés en somme...
En variant à la tonne, -parbleu, tenez
Agressif : "Moi, monsieur, si j'avais une telle clé,
Il faudrait sur-le-champs que je la retirasse !"
Amical : "Mais elle ressemble à votre mot de passe
Pour moins le voir, faites-la passer dans un hachage !"
Descriptif : "Escroc laid !... c'est une pique !... c'est un gage !
Que dis-je, c'est un gage ?... C'est un bénin module !"
Curieux : "De quoi sert ce peu long bidule ?
De critères, monsieur, ou de carte à grimoire ?"
Gracieux : "Aimez-vous à ce point les gros loirs
Que maternellement vous vous préoccupâtes
De tendre ce pair choix à leurs petites pattes ?"
Truculent : "Ca, quand le tirage est augmenté,
La peur du tas bas vous sort-elle la clé
Sans qu'un voisin ne crie aux facteurs publiés ?"
Prévenant : "Gardez-vous, sa tête entraînée
Par son poids, de la fendre en deux sur le champ !"
Tendre : "Faites-lui choix, sire, d'un paramètre tout chant,
Que sa valeur à la lune ne se profane !"
Pédant : "L'algorithme, monsieur, qu'Aestophane
Appelle Marserpentwofishercésixrijndael,
Cent rondes, avec cette clé , ne vaut guère la scytale !"
Cavalier : "Quoi, là mis, ce nombre est à la mode ?
Pour perdre son code secret, c'est vraiment très commode !"
Emphatique : "Ce vent si favorable, clé astrale,
Guère te factorise, si ne n'est le NISTrAl !"
Dramatique : "C'est l'amère douche quand elle signe !"
Admiratif : "Être au parfum, quel Bond digne !"
Lyrique : "Est-elle quelconque, de quel germe hérite-t-on ?"
Naïf : "Ce module, quand le factorise-t-on ?"
Respectueux : "Souffrez, dame, qu'on vous prête main forte,
C'est là ce qui s'appelle avoir clé sur porte !"
Campagnard : "Hé, ! C'est-y une clé au pâtre? Nanain !
Queuqu'César fainéant ou queuqu'meuh long nain !"
Militaire : "Tirez contre cave Valérie !"
Pratique : "Voulez-vous la mettre en loterie ?
Assurément, en prime, ce sera le gros lot !"
Enfin parodiant PyRSAme en un sanglot
"La voilà donc cette clé qui des traites de son maître
A détruit l'harmonie ! Elle en bleuit, le traître !"
-Voilà ce qu'à peu près, mon cher, vous m'auriez dit
Si vous aviez peu de lettres et plus de chiffres
Mais de chiffre, ô le plus fragmentable des êtres,
Vous n'en eûtes jamais mille bits, et de lettres
Vous n'avez que les trois qui forment le mot : RSA !
Eussiez-vous eu, d'ailleurs, le fin du mot du la
Pour pouvoir là, devant ces nobles galeries,
me servir toutes ces folles plaisanteries,
Que vous n'en eussiez pas articulé le quart
De la moitié du commencement d'un, car
Je me les tire moi-même, avec assez de verve,
Mais je ne permets pas qu'un autre me l'étire.
Toute ressemblance avec des faits réels est purement aléatoire.
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Some dumb questions
Date: Thu, 06 Jul 2000 17:40:00 +0200
John Savard wrote:
> Mok-Kong Shen<[EMAIL PROTECTED]> wrote, in part:
>
> >1. If a bit sequence has a certain known small bias in
> > frequency but is uncorrelated, how can one exploit
> > that fact to analyse messages encrypted with xor?
>
> One can't, very well. That's why the NSA considered the improved
> SIGCUM secure, even though the bits it produced had a slight bias. The
> original version generated exactly 50% ones, but had _genuine_ flaws.
>
> See my web page, with information derived from a paper in Cryptologia
> entitled "The SIGCUM Story".
Under which chapter/section of your webpage is the material
about SIGCUM? (Sorry that I did only a quick search.)
M. K. Shen
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: A thought on OTPs
Date: Thu, 06 Jul 2000 17:39:43 +0200
"Tony T. Warnock" wrote:
> [snip]
>
> Which less secure system satisfies the independence criterion? Identically
> distributed is easy. Independence is rather difficult.
Also I asked sometime back whether there are good tests for
independence in practice but failed to get a concrete answer.
M. K. Shen
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: DES Analytic Crack
Date: Thu, 06 Jul 2000 17:51:49 +0200
"Douglas A. Gwyn" wrote:
> > i.e. whether these are a set of equations that can be solved by
> > simple methods of the genre of Gaussian elimination ...
>
> No such luck. Why do you think it was a valid research project?
I suppose from your answer that there was a misunderstanding. You
said that your colleague printed out a complete set of equations. So
I thought that that set must be amenable to some simple solution
processes on the computer (otherwise one could presumably give
a very compact formulation which barely helps actual computations).
Gaussian elimnination is more or less typical of simple processing
task that often has extremely huge sizes in practice. That's why I
used that to help express the meaning of my sentence.
M. K. Shen
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Prime Numbers?
Date: Thu, 6 Jul 2000 15:04:59 GMT
[EMAIL PROTECTED] wrote:
> In article <[EMAIL PROTECTED]>,
> David Lancashire <[EMAIL PROTECTED]> wrote:
> > well... there's always Euclid's theorum (300bc):
> > Let n be an arbitrary integer.
> > prime = n! + 1
> If you mean by that Euclid's proof that there are infinitely many
> primes, then it's not n!+1, meaning it's not "all positive integers
> less than or equal to itself". It's all primes less or equal to some
> prime. For example, if you think that 11 is the largest prime, then
> compute n=2x3x5x7x11 + 1 = 2311 = prime. So it's not the same as n!
> (the factorial).
? What on Earth are you guys talking about? n!+1 is not necessarily
prime even if n is prime, and the product of all primes less than n
plus 1 is not necessarily a prime. While Euclid's proof is valid, its
formula doesn't necessarily evaluate to a prime, just to some number
that has a *prime factor* bigger than the assumed largest prime n.
------------------------------
From: Roger Schlafly <[EMAIL PROTECTED]>
Subject: Re: MP3 encryption and patent 6,081,597
Date: Thu, 06 Jul 2000 08:54:57 -0700
Kent Briggs wrote:
> http://www.nytimes.com/library/tech/00/07/biztech/articles/03pate.html
> I don't see how they prevent this from being hacked since as always, the
> decryption has to occur on the client's machine.
NTRU is another public key cryptosystem, like DH/DSA or RSA.
Not snake oil. But you're right, if the client can decrypt
then presumably the client's box can be hacked to render the
encryption useless.
------------------------------
From: Dido Sevilla <[EMAIL PROTECTED]>
Subject: Data compression and encryption
Date: Thu, 06 Jul 2000 23:55:58 +0800
This is just one question I thought up while waiting for the typhoon out
here to blow away. Do all cryptologic transformations modify the
information content of a message, e.g. make a message compress better or
worse than the unencrypted message for some given compression
algorithm? If so, then by how much? It seems that at the very least,
the one-time pad would serve to increase the information content of a
message such that it would be nearly impossible to compress by any means
after encryption, provided the OTP was properly produced. The
transformation involved in the one-time pad would end up turning the
data into random noise from the point of view of someone without the
key. Thus, any Huffman tree of the output of a proper OTP message would
be almost perfectly balanced and wouldn't compress at all. Since the
security of the OTP is what all cryptosystems aspire to, am I correct in
asserting that all encryption systems must increase the information
content of any message by an amount proportional to the size of the key
used? Therefore, if any data compression is to be performed on data to
be encrypted, it should be done *before* any encryption.
Any links on information theory and encryption that discuss this topic
in further detail?
--
Rafael R. Sevilla <[EMAIL PROTECTED]> +63 (2) 4342217
ICSM-F Development Team +63 (917) 4458925
University of the Philippines Diliman
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
