Cryptography-Digest Digest #277, Volume #13 Tue, 5 Dec 00 18:13:01 EST
Contents:
Re: My message to all Finnish right-wing youth - for the celebration of the
Independency Day of Finland - the 6th of December, 2000. -- take me to the magic of
the moment .... ! ("JustBrowsing")
Re: The Next Step After OTP (Bryan Olson)
Re: newbie: how to persuade my managment not to do our own home-grown encryption?
("L.V.S.")
Re: Vulnerability to Attack ("JustBrowsing")
Re: newbie: how to persuade my managment not to do our own home-grown encryption?
(Steve)
Re: Fips Pub 140-1 and RNG ([EMAIL PROTECTED])
Re: MD5 byte order ("Brian Gladman")
Re: Why Galois Fields in Cryptography? (John Savard)
Smart Card vs 1.44 Disk ("JustBrowsing")
Re: Possibly-new attack on D-H? (Peter Fairbrother)
Re: About governments and my ex-relatives in Finland and the U.S.A. ... basically my
ex-spouse had around 350000 US dollars and then my ex-relatives (Finland and US )
collaborated in their efforts to force me to leave the U.S.A. without any of this
money ... (John Savard)
Re: The Next Step After OTP (John Savard)
Re: Fips Pub 140-1 and RNG (David Schwartz)
Re: My message to all Finnish right-wing youth - for the celebration of the
Independency Day of Finland - the 6th of December, 2000. -- take me to the magic of
the moment .... ! (Mika =?iso-8859-1?Q?Bostr=F6m?=)
----------------------------------------------------------------------------
From: "JustBrowsing" <[EMAIL PROTECTED]>
Crossposted-To: comp.security,alt.security,alt.2600
Subject: Re: My message to all Finnish right-wing youth - for the celebration of the
Independency Day of Finland - the 6th of December, 2000. -- take me to the magic of
the moment .... !
Date: Tue, 5 Dec 2000 23:37:57 +0200
Reply-To: "JustBrowsing" <[EMAIL PROTECTED]>
Gotta be a joke... right!
Markku J. Saarelainen <[EMAIL PROTECTED]> wrote in message
news:90gbrs$pg$[EMAIL PROTECTED]...
>
>
>
> My message to all Finnish right-wing youth - for the celebration of the
> Independency Day of Finland - the 6th of December, 2000.
>
> "We are the men and women who have fought for the Independency of
> Finland. We are the ultimate protectors of our independency as we were
> during the Cold War and now against aggressions and forceful intentions
> by the NATO. We possess some of the finest qualities of the Finnish
> youth, which shall guarantee the freedom and independency of Finland.
> We are the followers of Marshal Mannerheim and his values and beliefs.
> While we know our values, we also see threats that are causing damages
> to our society now or in the future. Many of these damaging processes
> have been started by Jews and the International Jewish Conspiracy. We
> have observed damages also in other nations such as the Russian
> Federation where Jews tried to destroy the nation and steal the future
> of ordinary people. We are the men and women who are Finnish -
> Finland's protectors and who protect our values, living and future
> against any threat we identify and encounter. Now on the eve of the
> Independency Day of Finland we shall remember our past, Marshal
> Mannerheim and our duties for protecting Finland and our independency.
> It is our day to look at the past, understand the current and see the
> future. We are the protectors of Finland."
>
> http://virtual.finland.fi/finfo/english/mannerheim.html
> http://www.scorps.com/sound/woc_klaus_duet.ram
>
> "Me olemme miehia ja naisia, jotka sotivat Suomen itsenaisyyden
> puolesta. Me olemme Suomen itsenaisyyden suojaajia kuten me olimme
> Kylman Sodan aikana ja nyt NATOn agressioita ja pakottavia aikeita
> vastaan. Meidan arvomme ovat parhaimmat Suomen itsenaisyyden
> turvaamiseksi. Me olemme Marsalkka Mannerheimin ja hanen arvojensa
> seuraajia. Samaan aikaan kun tiedamme arvomme, me naemme uhkia, mitka
> ovat aiheuttamassa tuhoa yhteiskunnassamme tanaan tai tulevaisuudessa.
> Juutalaiset ja kansainvalinen juutalais-salaliitto ovat aloittaneet
> monet naista tuhoavista prosesseista. Olemme huomanneet tuhoja muissa
> valtioissa kuten Venajan Federaatio, missa juutalaiset yrittivat tuhota
> valtion ja tavallisten ihmisten tulevaisuuden. Me olemme miehia ja
> naisia, jotka ovat suomalaisia - Suomen suojaajia, jotka suojaavat
> meidan arvojamme, elaman tapaamme ja tulevaisuuttamme kaikkia uhkia
> vastaan mita me havainnoimme ja mitka tulevat meita vastaan. Nyt Suomen
> itsenaisyyspaivan aattona me muistamme meidan menneisyytemme, Marsalkka
> Mannerheimin ja meidan velvollisuutemme suojella Suomea ja meidan
> itsenaisyyttamme. Tama paiva on meidan paivamme katsoa meidan
> menneisyyttamme, ymmartaa nykyisyytemme ja nahda tulevaisuutemme. Me
> olemme Suomen itsenaisyyden suojelijoita."
>
> http://virtual.finland.fi/finfo/english/mannerheim.html
> http://www.scorps.com/sound/woc_klaus_duet.ram
>
>
> Sent via Deja.com http://www.deja.com/
> Before you buy.
------------------------------
From: Bryan Olson <[EMAIL PROTECTED]>
Subject: Re: The Next Step After OTP
Date: Tue, 05 Dec 2000 21:37:32 GMT
John Savard wrote:
> Bryan Olson wrote, in part:
>
> >I dislike your proposed solution because it does not detect
> >forgeries. It is still vulnerable to bit-flipping, though
> >the attacker cannot choose the decrypted outcome.
>
> You are quite right that using a secure hash function is more normal
> and more sensible.
Well, sort of. A 2-universal hash function is not the same
thing as the usual "secure hash function". It need not have
any of the usual security properties: pre-image resistant,
second pre-image resistant, collision resistant.
> Since whoever knows the plaintext knows its hash, there are still some
> wrinkles to doing authentication with OTP, but that is the sort of
> thing you and others have explained.
>
> (i.e., eliminate known plaintext by picking 160 random bits, then use
> the OTP to encipher the message consisting of the 160 random bits, the
> 160 random bits XOR the hash of the message, and the 160 random bits
> repeatedly XORed with the plaintext of the message)
Your "i.e.", even as modified in your follow-up, is not the
kind of thing I've suggested. What can you prove about it?
A 2-universal hash has exactly the properties we need to
achieve provable authentication even against an attacker who
can do an unbounded amount of computation.
> As noted in my other reply, I was simply addressing the idea that the
> OTP is inadequate _as a cipher_
I think that's silly. A cipher is a secrecy mechanism.
--Bryan
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: "L.V.S." <[EMAIL PROTECTED]>
Subject: Re: newbie: how to persuade my managment not to do our own home-grown
encryption?
Date: Tue, 05 Dec 2000 22:04:32 GMT
Bill Unruh <[EMAIL PROTECTED]> wrote in message
news:90jm1q$rkm$[EMAIL PROTECTED]...
> In <3fcX5.25$[EMAIL PROTECTED]> "L.V.S." <[EMAIL PROTECTED]>
writes:
>
> ]I am fairly new to all this; I've only started reading stuff within the
last
> ]2 months or so. I've started off with two books by Bruce Schneier
(Secrets &
> ]Lies, and Applied Crypt. --- I'm about 2/3s and 1/4 of the way through
> ]each).
>
> ]My company wants to do some licensing and password stuff within one of
our
> ]commercial products (for US and international customers). They've asked
me
> ]to look into what I think should be done to implement their schemes.
I've
> ]developed a protocol that I think will be OK, but I want to rely on some
> ]good strong encryption to carry it out--- ie. something that's well-known
> ]and respected. I would like to make use of a public-key system, and some
> ]good hash functions etc. It seemed to me that obtaining a license to use
> ]PGP would be a good way to go (even though all we want is the encryption
> ]tools, not the GUI stuff etc.).
>
> ]My problem is in convincing management that it's worth it to not do our
own
> ]home-grown stuff (believe me; you don't need to convince ME of this!),
and
> ]to be willing to spend some money on a license if that's what's
necessary.
> ]Is there a single SUCCINCT paper or write-up somewhere that I could pass
> ]along to them? They are really balking at spending any money, and since
I'm
> ]fairly new to this job, they don't know whether they want to just take my
> ]word for it yet. I also know that they don't have the time to read
through
> ]an entire book!
>
>
> Not only is it not worth it, it is positively dangerous unless your
company has a
> good supply of cryptographers in house (I thought not). Of course if
management
> does not care if the scheme actually works or not, don't impliment it. It
will
> piss off your customers more than it will probably help anyway.
Well if I'm it, we don't! Is there some good small paper somewhere that
somebody knows of that I could pass along to them that might be more
persuasive than just my say-so???? I've told them what I've been reading
and what the books say (i.e. that it's either a genius or a fool who decides
to do their own... (a quote from somebody I read recently!)) --- but I don't
think that my small two cents is going to do the trick.
>
> ]Also, (forgive my ignorance!) are there other good public-key encryption
> ]schemes out there besides RSA and Diffie-Hellman? These are the only two
> ]that I ever seem to see get mentioned that have much credibility.
Lastly,
> ]now that the RSA patent has expired (Sept. 6, 2000), are there folks out
> ]there writing some other commercial packages that provide it for the
general
> ]public's use (both commercially and privately)? Can I use a version of
this
> ]from the international community and not need to worry about licensing at
> ]all?
>
> Lots. libcrypt by Peter Gutmann is an example of a whole library full of
crypto
> stuff released "for free" ( read his license for the exact terms.)
> Including if I recall correctly both RSA and DH
I had stumbled across Mr. Gutmann's library several weeks ago. It looked
like a good place to get a version of source code, but it still seems to me
like I will face some of the same licensing issues (e.g. for IDEA) with it.
Although of course, now that the patents on DH and RSA have expired, I may
no longer need to worry about them if I use his code and not the MIT source.
Is this true?. How would you compare Mr. Gutmann's library with the MIT
source for PGP? Is it as well tested and used? Is Mr. Gutmann located in
New Zealand? Do I need to worry about any international import/export
problems if I make use of his library?
Thanks again!
-LVS
------------------------------
From: "JustBrowsing" <[EMAIL PROTECTED]>
Subject: Re: Vulnerability to Attack
Date: Wed, 6 Dec 2000 00:13:28 +0200
Reply-To: "JustBrowsing" <[EMAIL PROTECTED]>
I think your are 100% right.
Mentioning microsoft is always dangerous but the message is:
Go main stream and you get the benefit of analysis like this.
http://www.counterpane.com/pptpv2-paper.html
BreakingNews <[EMAIL PROTECTED]> wrote in message
news:909db7$3uq$[EMAIL PROTECTED]...
> James dont know if I read it right.
>
> But if what u saying is that the password *IS* being transmitted across
> the net... albeit encrypted with its own hash and rnd IV via CBC...
whatever
> ... its wrong.
> The password in any shape or form... must not pass over the net.
>
> I think you can argue with number crunching geeks until your head falls
off
> and I think the clever thing to do is just to avoid the 10001 ways to do
> authentication. What I do is just look at something or someone that I
think
> probably does has a good system... and copy it.
>
> I would just say to your programmers, do it this way... and tell them to
> use the CHALLENGE RESPONSE methodology the microsoft uses.
>
> I got a little package that allows you to test and play with different
> idea's
> http://www4.50megs.com/johnnyco/
> if u interested.
>
> Dont be too hard on your programmers, its a tricky area and more
> of an art than a science...
>
> James Dabbs <[EMAIL PROTECTED]> wrote in message
> news:905r1h$k8q$[EMAIL PROTECTED]...
> > We are adding features to an existing client/server telecom system. One
> of
> > the problems I have with it is its's method of data security, although I
> am
> > new to this.
> >
> > In the present system, multiple clients connect to a single server using
> an
> > account/password and TCP/IP connections. In the protocol, each PDU is
> > prefixed with a 32-bit random spoiler and then encrypted using "TEA".
TEA
> > is a private key 128-bit block cipher, and the protocol uses CBC to
> encrypt
> > a whole packet. The TEA key comes from a hash (proprietary, as far as I
> can
> > tell) of the account password string. After a connection, the first PDU
> > contains the account ID string in the clear. Everything else after that
> is
> > encrypted. The password itself is not transmitted over the link.
> >
> > The original author argues that this is secure and supports UDP, which
SSL
> > does not support. And to my knowledge, it has never been hacked.
> However,
> > none of us are data security experts, and my argument is that we should
> > tunnel the protocol through SSL because this is where the experts are
> > putting their analysis and talent.
> >
> > Can anyone point out any obvious flaws in the above scheme?
> >
> > Thanks,
> > James Dabbs
> >
> >
>
>
------------------------------
From: [EMAIL PROTECTED] (Steve)
Subject: Re: newbie: how to persuade my managment not to do our own home-grown
encryption?
Date: Tue, 05 Dec 2000 22:29:02 GMT
=====BEGIN PGP SIGNED MESSAGE=====
On Tue, 05 Dec 2000 22:04:32 GMT, "L.V.S." <[EMAIL PROTECTED]>
wrote:
>> ]Is there a single SUCCINCT paper or write-up somewhere that I
>> could pass ]along to them? They are really balking at spending
>> any money, and since
>I'm
>> ]fairly new to this job, they don't know whether they want to
>> just take my ]word for it yet. I also know that they don't have
>> the time to read
>through
>> ]an entire book!
You might want to pull out the comments by Phil Zimmerman on what
happens when "generic" programmers try to write crypto, from the
PGP documentation package that comes with the freeware download.
You might want to pull some stuff out of the snake oil faq, see
www.interhack.net/people/cmcurtin/snake-oil-faq.html
You might want to quote the manual that comes with PKZIP, on how
many years it would take to break a password protected zip file,
and provide a working copy of a zip file password cracker that
works in minutes on any old PC. Fine example of publicly
embarrassing "homegrown" crypto...
The PKZIP docs brag considerably on their encryption option, and
say...
º IF YOU LOSE THE ORIGINAL ENCRYPTION KEY YOU WILL NEVER BE ABLE TO
º
º EXTRACT THE FILE(S). º
http://www.udd.htu.se/datasidan/pkzip/manual.html
And a fast zip cracker lives here...
http://www.netgate.com.uy/~fpapa/
Lots of luck, both your customers' data security and your
professional reputation depend somewhat on successfully making your
point...
:o)
Steve
=====BEGIN PGP SIGNATURE=====
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>
iQEVAwUBOi1sLMXTOLlJEtXlAQGfiQgAg5d1kXCengSJxn+1dIzOuAfFkBm3twDp
WI5vNNEd1NQdYMZur6DNYno1dgfoZ7UlIBVP93sqcYo5D6MJe1RZVhZvUHkBaIDN
LTcsMJ3BjQqBqgysqTIqVA0tX9cUmthrP29XBrXp1h62GqayTc9xnho4F7X+87c6
8TbjzjizTZZ6ZLa0hi4ethteGgUmiGqpCUH9Whjdq5LocsbwJgi3ioYfXlCmCRtW
PNIwHwrA4gVzT6RpaPT1dLJ8ijy4UxZO8knF2gExQBCAkDtBPb0VjHaTncHZx/Fn
VS7sOPRskfj62t+aOqIpXGA7EtxQXSfw1J1beX8+IXgSB7NXgmp0Xw==
=nbZA
=====END PGP SIGNATURE=====
---Support privacy and freedom of speech with---
http://www.eff.org/ http://www.epic.org/
http://www.cdt.org/
PGP keys:
RSA - 0x4912D5E5
DH/DSS - 0xBFCE18A9
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Fips Pub 140-1 and RNG
Date: Tue, 05 Dec 2000 22:16:05 GMT
Say for example an RNG passes the DIEHARD tests but appears to fails
some of the FIPS tests every so often (1 in 10000 RN stream). What
conclusions can be drawn from that ?
Also, what is the relevance of these tests being done on power up as
mentioned in the FIPS 140 document ?
Say the tests were to be performed in the following way: A stream of
bits is collected from the RNG in order to run through the DIEHARD test
suite and passes. Now say this same stream is partitioned into streams
of 20000 bits. Should these also pass the FIPS 140 tests for RNGs?
Thank you,
Brice.
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (DJohn37050) wrote:
> These are tests that each have a probability of less than one in a
million in
> rejecting a good RN stream as bad. The idea is that to get thru
these tests,
> any error must be very esoteric.
> Don Johnson
>
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: "Brian Gladman" <[EMAIL PROTECTED]>
Subject: Re: MD5 byte order
Date: Tue, 5 Dec 2000 22:37:01 -0000
"Paul Schlyter" <[EMAIL PROTECTED]> wrote in message
news:90jidb$oie$[EMAIL PROTECTED]...
> In article <Ce7X5.2422$I5.14971@stones>,
> Brian Gladman <[EMAIL PROTECTED]> wrote:
>
> > "Paul Schlyter" <[EMAIL PROTECTED]> wrote in message
> > news:90ioto$2sa$[EMAIL PROTECTED]...
> >> In article <90ic57$255k$[EMAIL PROTECTED]>,
> >> Thomas Pornin <[EMAIL PROTECTED]> wrote:
> > [snip]
> >> > Those endianness things are infortunate, because in MD5 they are
mixed:
> >> > bytes are represented with the low-order byte first, but, inside a
byte,
> >> > the bits are in big-endian form: the most significant bit is first.
> >>
> >> Excuse me, but how on Earth do you determine the "bit order within a
> >> byte"?
> >
> > This is determined by the relationship between byte or bit numbering and
> > the numeric significance one byte or bit to to the next. Hence if
numeric
> > significance grows with a growing byte or bit number then it is
> > little-endian whereas if numeric significance decreases with growing
byte
> > or bit number it is big-endian.
>
> AFAIR I've always seen the least significant bit referred to as "bit 0".
> Is the opposite convention ever used? If so, when?
When a computer word is used to represent a fraction in the range 0<= x < 1
so that bit 0 = 1/2, bit 1 = 1/4 and so on. I have worked on machines where
fractional rather than integer representation is the primary numeric
representation on offer (there is no difference for addition and subtraction
but differences appear for multiplication and division).
> >> The "byte order within a word" is determined by the addresses: if the
> >> ordering is little-endian, then the least significant byte occupies
> >> the lowest byte address within the word (and the other way for
big-endian).
> >
> > Least "significant" is an ordering on the relative numeric values
attached
> > to entities and will apply to bits as much as it does to bytes.
> >
> >> Now, you claim "inside a byte, the bits are in big-endian form",
> >> which would imply that the most significant bit within the byte have
> >> the lowest bit address.
> >
> > Correct - a big endian numbering of bits would make bit 0 = 128, bit 1 =
64,
> > ... , bit 7 = 1, remembering that this is about the numeric significance
> > attached to entities.
>
> Is this convention ever used? If so, when?
Yes - it is logical to number in this way when using strict big-endian
notation. Given that bits are numbered from 0 upwards it is nice to have
larger 'units' each of N bits such that:
unit_number = bit_number / N
bit_number_in_unit = bit_number % N
and to have lower numbered units being more numerically significant than
higher numbered units. At the nibble level (4-bits) this gives nibble 0 as
the most significant nibble of a byte ... and bit 0 as the most numerically
significant if the architecture is to be consistent.
In little endian it is exactly the other way around and ***both*** have
their advantages and disadvantages - I don't see much point in yet another
flame war on this!
Brian Gladman
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Crossposted-To: sci.math
Subject: Re: Why Galois Fields in Cryptography?
Date: Tue, 05 Dec 2000 22:46:59 GMT
On 5 Dec 2000 15:38:02 -0500, [EMAIL PROTECTED] (Dave Seaman)
wrote, in part:
>I may be missing something, but if so, I think I am not alone.
>How can a one-time pad be susceptible to the bit-flipping attack?
>Or, to put it another way, how can any cipher that is susceptible to the
>bit-flipping attack possibly be a one-time pad?
If I know exactly what plaintext is being sent, and exactly when it is
being sent, then I can alter the ciphertext, and produce corresponding
alterations in the plaintext as a result, regardless of what key
information was XORed with the plaintext to produce the ciphertext.
This is true even though the cipher in use might be a properly-used
one-time-pad, because what matters is that the plaintext is being
altered by a simple XOR, *not* that there is any weakness or
vulnerability in what is being XORed with it.
This is explained clearly in Bruce Schneier's book "Applied
Cryptography".
Essentially, this is true for any stream cipher which as its final
step combines a keystream with the plaintext, and which does not alter
the plaintext in any other way, using a step equivalent to a Vigenere
with known alphabets. It applies, however, equally well to the true
one-time-pad as to stream ciphers using poor-quality pseudorandom
number generators, because it relates to a different area.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: "JustBrowsing" <[EMAIL PROTECTED]>
Subject: Smart Card vs 1.44 Disk
Date: Wed, 6 Dec 2000 00:44:48 +0200
Reply-To: "JustBrowsing" <[EMAIL PROTECTED]>
Smart Card vs 1.44 Disk
This is probably a really dumb question but once I get past all the smart
card marketing, I cant see the advantages of a smart card over a 1.44 disk
using good crypto techniques.
I keep coming to this conclusion, once data has been securely locked up,
does it matter what the medium is?
Does giving the medium a "mind of its own" really make a difference.
Just dont get it!
For the sake of argument please assume all mediums are equal. For example,
yes, 1.44 disks get messed up easily, mag stripes cant hold a huge amount of
info etc.
Get past that and tell me why smart card as a medium can do something a 1.44
disk and PC with reader cant?
I'm thinking about setting up a travel agency voucher system... why must I
buy expensive smart cards?
------------------------------
Subject: Re: Possibly-new attack on D-H?
From: Peter Fairbrother <[EMAIL PROTECTED]>
Date: Tue, 05 Dec 2000 22:57:21 +0000
in article [EMAIL PROTECTED], Roger Schlafly at
[EMAIL PROTECTED] wrote on 5/12/00 6:44 pm:
> Peter Fairbrother wrote:
>> The effort to create the tables is large, about the same as factoring a
>> similar-size RSA key , but once created finding individual discreet logs is
>> comparatively easy. (and I heard a whisper in the eighties "someone" had
>> found a way of choosing r-subscript-i that's a lot better than random)
>> This makes high-volume or high-value traffic using one p a juicy target.
>
> Harder than factoring similar-size RSA key. Only feasible for D-H
> keys up to about 400 bits.
>
> Just use 1024-bit keys, and you are far out of range for the
> known attacks for a long time.
You're talking about using 1024-bit keys (primes), I'm not objecting to
that, just to reusing one 1024-bit prime, especially one that has been
chosen by someone else.
The attack I meant, I was referring to Mallory creating a g/p pair which
only Mallory can find discreet logs in, and then him getting other people to
use it.
Peter
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Crossposted-To: alt.2600,alt.security,comp.security
Subject: Re: About governments and my ex-relatives in Finland and the U.S.A. ...
basically my ex-spouse had around 350000 US dollars and then my ex-relatives (Finland
and US ) collaborated in their efforts to force me to leave the U.S.A. without any of
this money ...
Date: Tue, 05 Dec 2000 22:54:06 GMT
It is possible to have an ex-spouse. But ex-blood-relatives are a bit
harder to come by.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: The Next Step After OTP
Date: Tue, 05 Dec 2000 22:52:33 GMT
On Tue, 05 Dec 2000 21:37:32 GMT, Bryan Olson <[EMAIL PROTECTED]>
wrote, in part:
>I think that's silly. A cipher is a secrecy mechanism.
Well, there is definitely a case to be made for using a system having
known secrecy properties if you want secrecy, and a system having
known authentication properties if you want authentication, and so on.
But since people are sometimes careless, and figure that secrecy ought
to imply authentication of a sort, because for many kinds of ciphers
it does to an extent, looking for _robustness_ is not entirely
illegitimate. Especially when the result need not be a practical
authentication scheme, but instead knowledge of theoretical interest.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: David Schwartz <[EMAIL PROTECTED]>
Subject: Re: Fips Pub 140-1 and RNG
Date: Tue, 05 Dec 2000 14:51:08 -0800
[EMAIL PROTECTED] wrote:
> Say for example an RNG passes the DIEHARD tests but appears to fails
> some of the FIPS tests every so often (1 in 10000 RN stream). What
> conclusions can be drawn from that ?
If a test for randomness is sufficiently strict, a perfect RNG should
fail it every so often.
DS
------------------------------
From: [EMAIL PROTECTED] (Mika =?iso-8859-1?Q?Bostr=F6m?=)
Crossposted-To: comp.security,alt.security,alt.2600
Subject: Re: My message to all Finnish right-wing youth - for the celebration of the
Independency Day of Finland - the 6th of December, 2000. -- take me to the magic of
the moment .... !
Date: 5 Dec 2000 22:36:41 GMT
Reply-To: [EMAIL PROTECTED]
In article <90jnip$205$[EMAIL PROTECTED]>, JustBrowsing wrote:
>
>Gotta be a joke... right!
>
>Markku J. Saarelainen <[EMAIL PROTECTED]> wrote in message
>news:90gbrs$pg$[EMAIL PROTECTED]...
>>
>>
>>
>> My message to all Finnish right-wing youth - for the celebration of the
>> Independency Day of Finland - the 6th of December, 2000.
[A _LOT_ of useless bickering and whining deleted]
As a Finn, I feel obliged to apologise for this dweeb's behaviour.
Not only did he post and crosspost to several totally unrelated
newsgroups, he also managed to give a really bad picture of Finns in
general.
The author of this effusion is a definite right-wing extremist. On some
Finnish newsgroups, his message has already received a chilly welcome; on
others, nobody has given it any credit whatsoever. Usually the tone is along
the lines that this probably causes Mannerheim to spin in his grave...
On behalf of most other Finns, I'm sorry.
--
* Mika Boström \ [EMAIL PROTECTED] \ Genuine *
* Skinnarilankatu 28 E 2 \ www.lut.fi/~bostik \ Manifestation *
* 53850 Lappeenranta \ Phone: \ Of a Weird *
* Finland \ +358-(0)40-820 4611 \ Personality *
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
