Cryptography-Digest Digest #575, Volume #12 Wed, 30 Aug 00 21:13:00 EDT
Contents:
PGP 2.6.2 ("David C. Barber")
Re: "Warn when encrypting to keys with an ADK" ([EMAIL PROTECTED])
Re: Patent, Patent is a nightmare, all software patent shuld not be allowed ("Paul
Pires")
Re: QKD and The Space Shuttle (Mok-Kong Shen)
Re: [Q] Do you know a good german newsserver for sci.crypt ? (Frank M. Siegert)
Re: RSA public exponent (David A Molnar)
Re: QKD and The Space Shuttle ("Richard Bembridge")
Re: e-cash protocol concept, comments wanted (Julian Morrison)
Re: Future computing power ("Richard Bembridge")
Re: A little technical note about intepreters ("Richard Bembridge")
Re: Steganography question ("Harris Georgiou")
Looking for site regarding RSA patent (John C. King)
Encrypt/Decrypt on PC-Hard-disk! ("Steven A.")
Re: 96-bit LFSR needed (Tim Tyler)
Re: Encrypt/Decrypt on PC-Hard-disk! (Frank M. Siegert)
Re: R: R: Test on pseudorandom number generator. (Tim Tyler)
Re: QKD and The Space Shuttle ([EMAIL PROTECTED])
Symetric encryption rec. for macintosh (Pat Caudill)
Re: PGP 2.6.2 (Tom McCune)
----------------------------------------------------------------------------
From: "David C. Barber" <[EMAIL PROTECTED]>
Subject: PGP 2.6.2
Date: Wed, 30 Aug 2000 13:08:45 -0700
So PGP 2.6.2 is listed as the last "secure" (no ADK) version. Where does
this version remain available in source?
*David Barber*
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: alt.security.pgp,comp.security.pgp.discuss
Subject: Re: "Warn when encrypting to keys with an ADK"
Date: Wed, 30 Aug 2000 20:19:57 GMT
could you direct me to where i can find these "test" keys? i would
like to see if the "warn" feature works.
better yet.....if you have the test key still, could you post it here?
thanks!
On Wed, 30 Aug 2000 09:38:03 +0100, Phil Harrison
<[EMAIL PROTECTED]> wrote:
>In article <8ohtlr$l6$[EMAIL PROTECTED]>, Philip Stromer <pstromer@my-
>deja.com> writes
>>In article <8o5n05$kiv$[EMAIL PROTECTED]>,
>>[EMAIL PROTECTED] wrote:
>>
>>If I'm using PGP 6.5.3, and I have the box checked under Options,
>>Advanced, Warn when encrypting to keys with an ADK, am I protected
>>without applying the Hotfix? If not, why not, in lay language, please!
>>
>I would suggest that you enable the ADK column in PGP keys and see if
>any keys in your keyring have an ADK. If so, then make sure that it is
>supposed to be there. Better still is to get the hotfix.
>
>>I'm confused as all heck by this announcement. PGP seemed at first to
>>say "yes, there is a serious bug," but now they seem to be saying "it's
>>not such a big deal, after all."
>>
>Any weakness is serious, but this bug should not affect too many people
>in practice. In order for someone to take advantage, they must first
>tamper with the recipient's public key and get the modified key on to
>the keyring of the sender. Then they must also get the additional key on
>tho the keyring of the sender. Finally they must hope that the sender
>does not notice that there was an ADK there and does not check with the
>recipient.
>
>I don't know about you, but the only time I have ever seen a key with an
>ADK is on test keys created specifically to illustrate this bug.
------------------------------
From: "Paul Pires" <[EMAIL PROTECTED]>
Subject: Re: Patent, Patent is a nightmare, all software patent shuld not be allowed
Date: Wed, 30 Aug 2000 13:21:36 -0700
Mok-Kong Shen <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
>
>
> Bill Unruh wrote:
> >
> > That patent is plain silly from the bit I have looked at it. By 1997 all
> > of those functions were well known. However the patent office does not
> > appear to be terribly up to date on the state of any field. See the
> > recent patent awarded for faster than light communication.
>
> It's probably unlikely but on the other hand also can't be
> excluded that the firms selling PK products do nothing in
> the issue and simply pass the fees they'll eventually pay to
> that patent holder on to the consumers. That would be bad.
Id say unlikely is mild. "When hell freezes" over is more like it.
The price a product brings is what the market will bear. If
they could increase the price without repercussions now, they
would do it now and pocket the profit without a second thought.
There is no scenario where the "payee's" are going to take
this philosophically. This Patent irritates you but it has to have
every licensee of PK pissing blood. Just this being present is
going to cost them.
They are going to see significant costs to evaluate their risk and
position regardless of any royalty payments they may or may not
have to make due to this patent.
Paul
>
> M. K. Shen
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Crossposted-To: sci.space.shuttle,talk.politics.crypto
Subject: Re: QKD and The Space Shuttle
Date: Wed, 30 Aug 2000 22:39:05 +0200
Richard Bembridge wrote:
>
[snip]
> Does anybody see where this is leading?
I don't think that we need to be that visionary. There
are lots of comparatively mundane issues in crypto
that are yet not yet entirely satisfactorily dealt with,
as the current state of traffic in sci.crypt testifies.
M. K. Shen
------------------------------
From: [EMAIL PROTECTED] (Frank M. Siegert)
Subject: Re: [Q] Do you know a good german newsserver for sci.crypt ?
Date: Wed, 30 Aug 2000 20:27:47 GMT
On Tue, 29 Aug 2000 13:31:35 +0200, Runu Knips <[EMAIL PROTECTED]>
wrote:
[usenet server in Germany]
Try "News.CIS.DFN.DE", you need to apply for a login & password but
the service is free.
http://news.cis.dfn.de/
- Frank
------------------------------
From: David A Molnar <[EMAIL PROTECTED]>
Subject: Re: RSA public exponent
Date: 30 Aug 2000 20:21:46 GMT
Thomas Pornin <[EMAIL PROTECTED]> wrote:
> According to David A Molnar <[EMAIL PROTECTED]>:
>> There isn't a disparity, really. Consider that q-1 and p-1 are both even,
>> thus their product is even. So gcd( (p-1)*(q-1), 3) = 1 always.
> Hum. 6 is even, and yet, gcd(6, 3) = 3.
> For a more complete example, consider p = 19 and q = 31. Both are prime,
> but gcd((p-1)*(q-1), 3) = gcd(540, 3) = 3.
Yes, I realized this after seeing your message. I'm sorry. :-(
------------------------------
From: "Richard Bembridge" <[EMAIL PROTECTED]>
Crossposted-To: sci.space.shuttle,talk.politics.crypto
Subject: Re: QKD and The Space Shuttle
Date: Wed, 30 Aug 2000 22:00:37 +0100
Yes, on that point you are perfectly correct.
However, despite the proliferation of 'mundane issues' do you, or does
anybody else, think that QKD will go in the free-space direction or the
fibre-optic cable direction, for example?
RMB
> > Does anybody see where this is leading?
>
> I don't think that we need to be that visionary. There
> are lots of comparatively mundane issues in crypto
> that are yet not yet entirely satisfactorily dealt with,
> as the current state of traffic in sci.crypt testifies.
>
> M. K. Shen
------------------------------
From: Julian Morrison <[EMAIL PROTECTED]>
Crossposted-To: alt.cypherpunks,alt.cypherpunks.technical
Subject: Re: e-cash protocol concept, comments wanted
Date: Wed, 30 Aug 2000 22:33:36 +0100
Ragni Ryvold Arnesen wrote:
> Julian Morrison wrote:
>
> > Coins are the only way to generate a currency that can basically be used
> > independant of a personal bank account, in total secrecy if the users wish.
>
> "if the user wish" is not good enough. Most people don't have any idea how electronic
> payment systems work and can not be expected to do anything actively to guard their
> own privacy.
I think you misread what I meant there. The point is: coins are as private as physical
coins - there is no means to identify their owner, and they may be used without ever
depositing them in account, if the owner so wishes. A zipfile full of ecash coins is as
anonymous and untraceable as the proverbial brown-paper envelope full of unmarked used
dollars.
> Since you are interested in e-cash I expect you have examined David Chaums (patented)
> methods (used by eCash http://www.ecash.net/ ). How do you think your system compares
> to this?
I hadn't seen it; I made up my proposal "blind".
That one seems to be (from looking at that site and others) basically a
virtual-debit-card protocol. All users must have a bank account; the action is an
immediate transfer, or the generation of a certificate authorizing a transfer. It's
anonymized, but it's fairly trivial for the banks to match up immediate-transfer sums
using payment times and amounts. It's also impossible to use that one with an
anonymizing bounce-account (like the change servers described earlier) or any other
money laundering tricks. Money laundering and hiding is a design goal of my own ecash
proposal - I do *not* like taxes and tariffs.
------------------------------
From: "Richard Bembridge" <[EMAIL PROTECTED]>
Subject: Re: Future computing power
Date: Wed, 30 Aug 2000 23:12:07 +0100
"Jeffrey Williams" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
[snip]
> We're a society that uses technology heavily while maintaining a minimal
> understanding of that technology. What's scary is that the reporters and
> teachers whose job it is to inform the public don't really understand the
> technology either. Not that long ago, I was told by a high school
computer
> science teacher that putting comments in code was very bad because it made
> the code run slower (true enough, but only if you're using an
> interpreter). He didn't understand the difference between interpreted and
> compiled languages. And he's teaching our kids to program.
[snip]
I may be being a little naive here, but this thread began way back about the
proposal of a *really* fast computer.
I cannot see how liberally sprinkling your code with comments is going to
make that much difference is it? Not considering the speed that modern
processors run at.
Unless of course you are using every available resource that your machine
has. In which case you are probably working as part of a team that has its
own rules about comments anyway.
Does that make sense?
RMB
------------------------------
From: "Richard Bembridge" <[EMAIL PROTECTED]>
Subject: Re: A little technical note about intepreters
Date: Wed, 30 Aug 2000 23:15:19 +0100
> The instant you do something "clever", like take advantage of some
> trick of twos complement math, or a sneaky xor trick, or rely on a
> subtle side-effect of another routine you've got problems. Even things
> like assuming you can access unaligned integers is probably worth a
> comment.
>
> Oh well.....
Go to http://www.google.com/search?q=obfuscated+code
RMB
------------------------------
From: "Harris Georgiou" <[EMAIL PROTECTED]>
Subject: Re: Steganography question
Date: Wed, 30 Aug 2000 09:49:08 +0300
zapzing <[EMAIL PROTECTED]> wrote in message
news:8oceb4$l5t$[EMAIL PROTECTED]...
> In article <8oamdo$2bn$[EMAIL PROTECTED]>,
> "Harris Georgiou" <[EMAIL PROTECTED]> wrote:
> > ...................
> ...................
> Ithink I see. You are asking about the ability
> of someone to recognize that stego exists in
> the message, right?
>
> > .......................
> Well if the "random" data were *really* random there
> would be no problem. But I think I see what you are
> getting at: no data is ever really random, or why would
> you be transmitting it? what good would it be to the reciever
> to just recieve a bunch of random data ???
> It would look very suspicious.
> .........................
This is just one of the implications. Receiving a bunch of random data is
perfect for data hiding but I don't think actual data in communications are
random at all. Data hiding is good, but preventing message interception in
the first place if even better!
I think I've read a posting here on sci.crypt about hiding data in "random"
pixel positions in an image. The method is correct, but I think there would
be some possible problems in practice. For example, if image texture is very
smooth then the hidden info would "point out" in random pixels as noise,
even for the human eye. An experienced analyst could process (statistics)
this "noise" only to find out that it is not noise at all! Of course,
encrypting the data would make his further work tougher, but the fact is
that the stego would be easily broken in no time. In this situation the
strength of the method depends heavily on the image itself and the
correlation of the info data with the image data. So the problem is not
actually how well you hide the info data in the image, but rather "fuse"
them together in a way that there is no evidence of there existance (no
point of looking for hidden data on each and every possible image...).
I 'm currently doing some research on theroretical bases of checking and/or
ensuring strength of steanographic methods, that is a generic framework that
can be used for comparisons between them. It has little to do with the
security of the actual data transmitted, I want to know how can one be sure
that the stego in the message won't be noticed (with some high probability),
and if it is, how difficult it is for someone to pinpoint and extract the
info data from the message (no matter what he does with them). I don't think
I've seen any references or postings here on that issue.
---
Harris
------------------------------
From: John C. King <[EMAIL PROTECTED]>
Subject: Looking for site regarding RSA patent
Date: Wed, 30 Aug 2000 22:31:08 GMT
Is there a discussion group or a link to a good site that
discusses "what may or may not happen" when the patent on RSA expires?
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: "Steven A." <[EMAIL PROTECTED]>
Subject: Encrypt/Decrypt on PC-Hard-disk!
Date: Thu, 31 Aug 2000 01:07:33 +0200
Hello
Allthough this may be slightly *off topic* please help me!
Im looking for software(pc) to protect my software and documents,
that in now way should be able to hack.
But i do not want to encrypt/decrypt file for file , it should be integrated
with dos disk-drivers or something
like that .. All sectors should be encrypted with 3des or something like
that!
Maybe, the password is entered or with a smart-card ..
Is there any good stuff like this for sale ??
I mean REAL SAFE ...
Cheers
Steven
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: 96-bit LFSR needed
Reply-To: [EMAIL PROTECTED]
Date: Wed, 30 Aug 2000 23:20:25 GMT
Mack <[EMAIL PROTECTED]> wrote:
: Order 95, using the 'random' search method. [...]
: Elasped seconds = 42
: number which passed first, but failed subsequent checks 2
: attempts = 820
: count = 31
This looks like a variant of Scott Nelson's program - but doesn't seem to
be the version at ftp://helsbreth.org/pub/helsbret/random/
Can I ask where you got it from?
--
__________ http://alife.co.uk/ http://mandala.co.uk/
|im |yler [EMAIL PROTECTED] http://hex.org.uk/ http://atoms.org.uk/
------------------------------
From: [EMAIL PROTECTED] (Frank M. Siegert)
Subject: Re: Encrypt/Decrypt on PC-Hard-disk!
Date: Wed, 30 Aug 2000 23:54:54 GMT
On Thu, 31 Aug 2000 01:07:33 +0200, "Steven A." <[EMAIL PROTECTED]>
wrote:
>Is there any good stuff like this for sale ??
>I mean REAL SAFE ...
It depends on how you define 'safe', usually these tools provide good
enough security (provided the passphrase is kept secret):
http://www.e4m.net/
http://www.scramdisk.clara.net/
Also PGPDisk can be used, however it is now commercial and I see not
much benefits when compared to above freeware.
------------------------------
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: R: R: Test on pseudorandom number generator.
Reply-To: [EMAIL PROTECTED]
Date: Wed, 30 Aug 2000 23:34:33 GMT
Douglas A. Gwyn <[EMAIL PROTECTED]> wrote:
: I'm not happy with the way that Diehard presents its results.
: There are methods of summarizing such results into a single
: measure, e.g. weight of evidence against the random hypothesis
: (or a significance level based on that using inverse chi-square),
: that should have been used instead.
I believe DiehardC improves on Diehard in this respect.
>From the documentation relating to this final recombination of the test
results:
``KSTEST is the Kilmorogov-Smirnov test. According to the source code,
It tries to determine whether a set of N real numbers is drawn from
a uniform distribution. The test is based on the distance between
the empirical and theoretical distribution functions. It returns
the probability associated with the observed value of the Anderson-
Darling Statistic: N times the intergral.''
This test is fed the p-values of the preceeding tests - which should be
a uniform distribution of values between zero and one if all is well.
DiehardC may be found at: http://www.helsbreth.org/random/diehard.html
--
__________ Lotus Artificial Life http://alife.co.uk/ [EMAIL PROTECTED]
|im |yler The Mandala Centre http://mandala.co.uk/ Namaste.
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: sci.space.shuttle,talk.politics.crypto
Subject: Re: QKD and The Space Shuttle
Date: Thu, 31 Aug 2000 00:22:43 GMT
In article <8ojshm$i2h$[EMAIL PROTECTED]>,
"Richard Bembridge" <[EMAIL PROTECTED]> wrote:
> Yes, on that point you are perfectly correct.
> However, despite the proliferation of 'mundane issues' do you, or does
> anybody else, think that QKD will go in the free-space direction or
the
> fibre-optic cable direction, for example?
>
> RMB
Well, I'm the mischievous one. If I know someone is beaming single
photons in air, I'll try to jam it. Unless it's happening above my
reach, like in outerspace. :)
Have fun!
--Sisi
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Pat Caudill <[EMAIL PROTECTED]>
Subject: Symetric encryption rec. for macintosh
Date: Wed, 30 Aug 2000 17:39:50 -0700
I'm looking for a symetric encryption program for the macintosh. I could
download an AES candidate and write a wrapper but would like an already
written program. I've looked around but most of the programs I've found are
pretty lame (XOR with the key or worse.)
I'm going to be transfering files between two computers (home and work) by
putting them on a public server. The data is not super secret but I'd like to
show "due diligence" in not letting the files become public.
Anyone got a suggestion?
Pat Caudill
Signature is ROT-13 to slow spammers.
------------------------------
From: Tom McCune <[EMAIL PROTECTED]>
Subject: Re: PGP 2.6.2
Date: Thu, 31 Aug 2000 01:06:08 GMT
=====BEGIN PGP SIGNED MESSAGE=====
Hash: SHA1
In article <8ojpmr$2ejq$[EMAIL PROTECTED]>, "David C. Barber"
<[EMAIL PROTECTED]> wrote:
>So PGP 2.6.2 is listed as the last "secure" (no ADK) version. Where
>does this version remain available in source?
In regards to your line of thinking, I think some better answers are PGP
6.5.8, PGP 5.0, and perhaps 2.6.3. I suspect you can find the source
code for 2.6.3 and/or 5.0 at pgpi.org.
=====BEGIN PGP SIGNATURE=====
Version: PGP Personal Privacy 6.5.3
Comment: My PGP Page & FAQ: http://www.McCune.cc/PGP.htm
iQA/AwUBOa2v8w2jfaGYDC35EQJu8ACfd8CyzeGqVpc4CfImDm1vAD03ahEAniBa
Sg58DMMo4ffkMUP/R+XTjLO0
=PC5h
=====END PGP SIGNATURE=====
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
