Cryptography-Digest Digest #477, Volume #13 Tue, 16 Jan 01 11:13:01 EST
Contents:
Re: multiple anagramming? (Richard Heathfield)
Re: multiple anagramming? (Richard Heathfield)
Re: fun with solitaire (Volker Hetzer)
Re: Any good source of cryptanalysis source code (C/C++)? ([EMAIL PROTECTED])
Re: Any good source of cryptanalysis source code (C/C++)? (William Hugh Murray)
Re: multiple anagramming? (William Hugh Murray)
keeping secret keys secret -- revisited (isaac william oates)
Re: future trends in asymmetric cryptography (DJohn37050)
Re: Comparison of ECDLP vs. DLP (DJohn37050)
Re: Comparison of ECDLP vs. DLP (DJohn37050)
Re: Comparison of ECDLP vs. DLP ("Jakob Jonsson")
Re: multiple anagramming? (Mok-Kong Shen)
Re: Comparison of ECDLP vs. DLP (David Wagner)
----------------------------------------------------------------------------
Date: Tue, 16 Jan 2001 10:54:37 +0000
From: Richard Heathfield <[EMAIL PROTECTED]>
Subject: Re: multiple anagramming?
Brian Wong wrote:
>
> "Benjamin Goldberg" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > <flame type=impersonal>
> > It's utterly astounding how often requests for online references result
> > in people responding with book references!
> >
> > Call me an idiot, or cheap and impatient, but I don't see how something
> > which will cost quite a bit of money, and take a week or more to get,
> > and which has only one or two things I want, out of an entire book, is
> > supposed to help me on something I want help with now, in the next day
> > or so (and preferably without spending money).
> >
>
> One word: library
That's three words.
<g,d&r>
--
Richard Heathfield
"Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
K&R Answers: http://users.powernet.co.uk/eton/kandr2/index.html
------------------------------
Date: Tue, 16 Jan 2001 11:09:05 +0000
From: Richard Heathfield <[EMAIL PROTECTED]>
Subject: Re: multiple anagramming?
Mok-Kong Shen wrote:
>
> Benjamin Goldberg wrote:
> >
> > The problem with suggesting the library is that my local library doesn't
> > have any crypto books. It takes about the same time to request a book
> > with interlibrary loan as it would take to order it for purchase from a
> > bookstore.
>
> I am sorry to express some opinions concerning your original
> post that would certainly displease you. If all books are
> freely available on the internet (or in whatever form), don't
> you think that the motivations of (at least plenty of) authors
> to write books and that of (all) publishers to publish them
> would disappear? Why do there exist copy rights? Most libraries
> attempt to cope with the needs of those who couldn't/wouldn't
> buy books for financial reasons. But because their bugets are
> limited, they can only satisfy the desire of a subset of
> the target population and even that only partially.
Benjamin has not argued that people should not write books, nor does he
argue that they should give those books away. He has merely asked
whether anyone is aware of on-line material that would meet his needs.
Since there is a wealth of online material on a vast range of topics, it
is not inconceivable that there is an online resource that meets his
needs, and it is not entirely unreasonable to ask whether anyone happens
to know of such a resource (although of course it is incumbent upon
anyone asking for URLs to have at least tried a few likely keywords in a
search engine first). Furthermore, the regular and clueful contributors
to this group may well be in a position to offer discriminatory advice
(i.e. "that site's hopeless, this one is good" etc), although I still
think it's a good idea for the OP to start off by finding out the URLs
via a Web search, and then asking which of them are worth the download
time and which are merely Schildtian in nature.
Please also note that people who write technical books generally do
/not/ do so for the money, except insofar as they might be able to gain
*partial* recompense for the time they spent on the writing process. The
world of big advances and huge royalty cheques is very much the world of
popular fiction, alas. Technical writers do their writing mainly to
communicate new ideas (or new ways of presenting old ideas) to their
readers, and some of them would be delighted to see their books freely
available on the Net.
> To help
> them, one should consider donating to the local libraries
> one's own books that one no longer needs for instant access
> at home and that are not present there for use by other people.
A worthy cause indeed. Regrettably, I am emotionally incapable of
parting with books.
--
Richard Heathfield
"Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
K&R Answers: http://users.powernet.co.uk/eton/kandr2/index.html
------------------------------
From: Volker Hetzer <[EMAIL PROTECTED]>
Subject: Re: fun with solitaire
Date: Tue, 16 Jan 2001 12:27:50 +0100
Btw, solitaire works with 52 cards but encrypts only 26 letters.
Is there any problem having it use 52 letters?
Greetings!
Volker
--
Windows has detected that your mouse pointer has moved.
Your computer will have to restart for this change to take effect.
Do you wish to restart now (Y/N)?
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Any good source of cryptanalysis source code (C/C++)?
Date: Tue, 16 Jan 2001 11:46:55 GMT
Maybe the answer could be a little bit less rude and point the person
into the right direction. I thought this was a place where people could
ask questions and get help. Just because some people here spent their
whole time working on crypto related matters doesn't mean they don't
have the right to be treated with respect.
The man in question might not have as much time to search the web as
you. Why re-invent the wheel when some people already know the answer. A
simple answer with a few links and no rudeness would be enough.
If one doesn't want to help, then they shouldn't but it doesn't mean
they should put other people down or even insult them. Funny how some
educated and knowledgeable people can have so little manners. Maybe
something to add to schools/Universities curriculae.
In article <[EMAIL PROTECTED]>,
David Schwartz <[EMAIL PROTECTED]> wrote:
>
> [EMAIL PROTECTED] wrote:
>
> > When will you learn not to reply to posts if you aren't willing to
help.
> > This kind of answer is wasting people's time. So you either help or
keep
> > quiet because how annoyed you are is your business only and isn't of
any
> > interest to anyone else.
>
> Actually, the question is a waste of time and bandwidth. If the
> response helps to minimize future wastes of time and bandwidth, then
it
> doesn't waste anything.
>
> DS
>
Sent via Deja.com
http://www.deja.com/
------------------------------
From: William Hugh Murray <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: Any good source of cryptanalysis source code (C/C++)?
Date: Tue, 16 Jan 2001 13:37:06 GMT
[EMAIL PROTECTED] wrote:
>
> Tom,
>
> When will you learn not to reply to posts if you aren't willing to help.
> This kind of answer is wasting people's time. So you either help or keep
> quiet because how annoyed you are is your business only and isn't of any
> interest to anyone else.
Brice, you are correct in the general case but Tom has a point in this
special case. The rules of the forum expect mewbies to read the FAQ.
It seems clear that the question to which Tom responded was posted by a
newbie looking for magic.
>
> Regards,
>
> Brice.
>
> In article <9408jr$i47$[EMAIL PROTECTED]>,
> Tom St Denis <[EMAIL PROTECTED]> wrote:
> > In article <94077c$blqps$[EMAIL PROTECTED]>,
> > "Haider Ali" <[EMAIL PROTECTED]> wrote:
> > > Hi.....
> > >
> > > I am looking for any good cryptanalytic attacks on block ciphers,
> programmed
> > > in C/C++ (I need the source code).....
> >
> > Keep looking.
> >
> > This question is asked like 50 times a day here... For #### sake
> > cryptanalysis is not some magic wand. Get a grip and read papers!
> >
> > Tom
> >
> > Sent via Deja.com
> > http://www.deja.com/
> >
>
> Sent via Deja.com
> http://www.deja.com/
------------------------------
From: William Hugh Murray <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: multiple anagramming?
Date: Tue, 16 Jan 2001 13:48:26 GMT
Mok-Kong Shen wrote:
>
> Benjamin Goldberg wrote:
> >
> > The problem with suggesting the library is that my local library doesn't
> > have any crypto books. It takes about the same time to request a book
> > with interlibrary loan as it would take to order it for purchase from a
> > bookstore.
>
> I am sorry to express some opinions concerning your original
> post that would certainly displease you. If all books are
> freely available on the internet (or in whatever form), don't
> you think that the motivations of (at least plenty of) authors
> to write books and that of (all) publishers to publish them
> would disappear? Why do there exist copy rights? Most libraries
> attempt to cope with the needs of those who couldn't/wouldn't
> buy books for financial reasons. But because their bugets are
> limited, they can only satisfy the desire of a subset of
> the target population and even that only partially. To help
> them, one should consider donating to the local libraries
> one's own books that one no longer needs for instant access
> at home and that are not present there for use by other people.
>
> M. K. Shen
Perhaps. Until 25 years ago there were no crypto books in publication
in the US, much less in the libraries. Since then, there has often been
a discrepancy between the crypto books in the card catalog and those in
the stacks.
> ------------------------
> http://home.t-online.de/home/mok-kong.shen
------------------------------
From: isaac william oates <[EMAIL PROTECTED]>
Subject: keeping secret keys secret -- revisited
Date: Tue, 16 Jan 2001 08:15:51 -0600
About a week ago, I posted a message with an idea on how to make a web
site keep data on it that was secure. In this case, it was for sharing
data, and the way it worked was this:
(a) each area has a secret key
(b) that secret key is encrypted once for each user with that user's key
That means that in order to retrieve data from an area, you need some
user's secret key.
Now the key to a successful site is simplicity and ease-of-use. I am not
really interested in storing each user key on the server end because, if
the server is compromised, all the data will be comprised with it.
So the idea was to use a very secure passphrase (like the 5*12-bit pass
phrase) and have the user send that every time that they want to encrypt
or decrypt something (probably as a temporary cookie in an SSL
connection.) The problem is that at some point, the server has a copy of
the user's plain-text key.
Short of using a software package other than a web browser on the
client-side, is there any way to prevent the server from ever having to
know the user's key? I, of course, want to authenticate users, but I am
not interested in being able to decrypt their data -- ever.
Is it possible for SSL to help with this? Beyond the obvious possible
server compromise, this should be okay, right?
I know I posted before but this is to clarify; thanks.
Isaac Oates
------------------------------
From: [EMAIL PROTECTED] (DJohn37050)
Date: 16 Jan 2001 14:20:52 GMT
Subject: Re: future trends in asymmetric cryptography
IBM DID have a patent on DES and they do file the MOST patents of any company,
for quite a few years.
Don Johnson
------------------------------
From: [EMAIL PROTECTED] (DJohn37050)
Date: 16 Jan 2001 14:37:38 GMT
Subject: Re: Comparison of ECDLP vs. DLP
I discuss the WHY PKV question in my PKV presentation/paper. Here is one
example; when doing RSA encryption, one uses the RSA public key before using
the RSA private key. How does the encrypter know the RSA public key represents
a hard problem? Well, if the key is invalid, it could very well be an easy
problem to invert. Now Bob, uses the private key and discovers that the
encrypted message from Alice is garbage and that something is wrong, but it is
too late, Alice already sent it. So either no one can recover it or perhaps
anyone can recover it. This is just ONE example.
The point is that ANY calculation can have a mistake in it, Intel HW bug,
buffer overflow, etc. Dan Boneh has a paper where if there is ONE bit flip in
an RSA sig calculation, the entire private key is exposed. This potential for
error includes the key generation calculation, especially if the generation
calculation is complex and it is difficult to check/validate the result, which
seems to be the case for RSA, but not DL/ECC.
Don Johnson
------------------------------
From: [EMAIL PROTECTED] (DJohn37050)
Date: 16 Jan 2001 14:54:01 GMT
Subject: Re: Comparison of ECDLP vs. DLP
Discussing further the (pseudo)encryption example, Alice can say that it is
Bob's fault, that Bob sent her an invalid public key, which is all true. But
this is in the nature of assigning blame after the fact. To be more proactive,
Alice can say the following: "I am responsible for what I decide to send to Bob
and I am responsible to try to determine if the encryption seems valid. This
is because I stant to lose assets and/or reputation if my message is revealed
or unable to be recovered. Therefore, I want to know that the public key that
Bob sends me is valid, because if it is invalid, all security objectives may be
void (all bets are off)."
For high asset/high risk messages, this is simply being prudent, a cost/benefit
decision. I want assurance that a bit was not flipped (for example) in the
key.
Don Johnson
------------------------------
From: "Jakob Jonsson" <[EMAIL PROTECTED]>
Subject: Re: Comparison of ECDLP vs. DLP
Date: Tue, 16 Jan 2001 16:13:57 +0100
> The point is that ANY calculation can have a mistake in it, Intel HW bug,
> buffer overflow, etc. Dan Boneh has a paper where if there is ONE bit
flip in
> an RSA sig calculation, the entire private key is exposed.
This attack is really amusing; reference for those interested:
On the importance of checking cryptographic protocols for faults. by D.
Boneh, R. DeMillo, and R. Lipton.
In Proceedings of Eurocrypt '97, Lecture Notes in Computer Science, Vol.
1233, Springer-Verlag, pp. 37--51, 1997.
http://crypto.stanford.edu/~dabo/pubs.html
Jakob
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: multiple anagramming?
Date: Tue, 16 Jan 2001 16:41:58 +0100
Richard Heathfield wrote:
>
> Mok-Kong Shen wrote:
> >
> > I am sorry to express some opinions concerning your original
> > post that would certainly displease you. If all books are
> > freely available on the internet (or in whatever form), don't
> > you think that the motivations of (at least plenty of) authors
> > to write books and that of (all) publishers to publish them
> > would disappear? Why do there exist copy rights? Most libraries
> > attempt to cope with the needs of those who couldn't/wouldn't
> > buy books for financial reasons. But because their bugets are
> > limited, they can only satisfy the desire of a subset of
> > the target population and even that only partially.
>
> Benjamin has not argued that people should not write books, nor does he
> argue that they should give those books away. He has merely asked
> whether anyone is aware of on-line material that would meet his needs.
That's o.k. But he appeared to be quite annoyed when others
gave him book titles instead. I guess that John Savard, who
offered him a book title, meant that the book is fairly
good for the topic and is (assumed to be) easily available
(it's a Dover book and shouldn't be very expensive) and
(implcitly) also that there is no (or no good) URL for
that according to his knowledge.
> Since there is a wealth of online material on a vast range of topics, it
> is not inconceivable that there is an online resource that meets his
> needs, and it is not entirely unreasonable to ask whether anyone happens
> to know of such a resource (although of course it is incumbent upon
> anyone asking for URLs to have at least tried a few likely keywords in a
> search engine first). Furthermore, the regular and clueful contributors
> to this group may well be in a position to offer discriminatory advice
> (i.e. "that site's hopeless, this one is good" etc), although I still
> think it's a good idea for the OP to start off by finding out the URLs
> via a Web search, and then asking which of them are worth the download
> time and which are merely Schildtian in nature.
>
> Please also note that people who write technical books generally do
> /not/ do so for the money, except insofar as they might be able to gain
> *partial* recompense for the time they spent on the writing process. The
> world of big advances and huge royalty cheques is very much the world of
> popular fiction, alas. Technical writers do their writing mainly to
> communicate new ideas (or new ways of presenting old ideas) to their
> readers, and some of them would be delighted to see their books freely
> available on the Net.
I know that good scientists don't have profits in mind when
they write books. That's why I wrote '(at least plenty of)
authors' instead of 'authors' in the above quoted follow-up.
But the problem even in scientific literatures (as against
literatures in general) is that the publishers naturally
want to earn money and even most (non-profit) professional
societies that publish have to manage to get back enough
money to cover their costs. You can access, for example, the
many periodicals of ACM on-line, but you have to subscribe
and pay. Some national institutes and universities and big
firms do offer some of research materials for free. But in
general we can't expect matters free of charge as a
self-evident issue.
> > To help
> > them, one should consider donating to the local libraries
> > one's own books that one no longer needs for instant access
> > at home and that are not present there for use by other people.
>
> A worthy cause indeed. Regrettably, I am emotionally incapable of
> parting with books.
There are books that one has only a very small probability
of usage in the future and that only take away spaces on the
shelves. If you were ever in the position of Mr. Goldberg,
badly needing a book that the library doesn't have, and
someone else in town has that book but keeps it only as
a piece of decoration of his living room, you would give the
issue a second thought, I believe.
M. K. Shen
------------------------------
From: [EMAIL PROTECTED] (David Wagner)
Subject: Re: Comparison of ECDLP vs. DLP
Date: 16 Jan 2001 15:58:12 GMT
Reply-To: [EMAIL PROTECTED] (David Wagner)
DJohn37050 wrote:
>How does the encrypter know the RSA public key represents
>a hard problem? Well, if the key is invalid, it could very well be an easy
>problem to invert. Now Bob, uses the private key and discovers that the
>encrypted message from Alice is garbage and that something is wrong, but it is
>too late, Alice already sent it.
I don't understand. Alice already has to trust Bob anyway,
so why would she be worried that Bob might have maliciously
chosen an invalid key?
Let's back up for a minute. How does Alice know that Bob
won't decrypt her secret message and then broadcast it to
the world?
Answer: She can't know. She must trust the recipient not
to kiss and tell.
This is fundamental. And, since you already must trust the
recipient not to disclose the plaintext, we might as well trust
the recipient not to maliciously generate invalid keys.
Hence, there seems to be little need for Alice to verify the
validity of Bob's key; she just needs to verify that it came
from Bob, and she needs to trust Bob.
Do you agree? Or, what did I miss?
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
