Cryptography-Digest Digest #485, Volume #13 Thu, 18 Jan 01 01:13:00 EST
Contents:
Re: Why Microsoft's Product Activation Stinks (Eric Smith)
Re: Why Microsoft's Product Activation Stinks (Bill Broadley)
Where can I find software tools for Known-text decryption ([EMAIL PROTECTED])
Re: NSA and Linux Security (Greggy)
Re: NSA and Linux Security (Greggy)
Re: Any good source of cryptanalysis source code (C/C++)? ("Matt Timmermans")
Re: Where can I find software tools for Known-text decryption ("Matt Timmermans")
Re: Need of very simple algorithms? ("r.e.s.")
Re: Full text to the book ``Underground'' released ("James")
Re: A Small Challnge (Bryan Olson)
Re: A Small Challnge ("rosi")
Re: A Small Challnge (David A Molnar)
Re: Why Microsoft's Product Activation Stinks (phil hunt)
Re: SAC question (Benjamin Goldberg)
Re: A Small Challnge ("rosi")
Re: block algorithm on variable length without padding? (wtshaw)
Re: Why Microsoft's Product Activation Stinks (wtshaw)
Re: Why Microsoft's Product Activation Stinks (Val Mehling)
----------------------------------------------------------------------------
From: Eric Smith <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto,misc.survivalism
Subject: Re: Why Microsoft's Product Activation Stinks
Date: 17 Jan 2001 18:27:19 -0800
zapzing <[EMAIL PROTECTED]> writes:
> First of all, under what conditions will MS
> *refuse* to activate the product. It seems
> to me that if they never refuse activation,
> then putting in product activation code is
> pretty useless.
They probably will refuse if you don't provide
them with your name, address, phone & fax number,
email address, etc.
They probably can't validate much of this info
before activation though.
Perhaps they'll email you the activation code to
ensure that you've provided a valid email address,
similarly to how the California DMV mails out
drivers' licenses.
------------------------------
From: Bill Broadley <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto,misc.survivalism
Subject: Re: Why Microsoft's Product Activation Stinks
Date: Thu, 18 Jan 2001 02:28:33 +0000 (UTC)
> We then installed it on a second computer, using the same CD. When it first
> ran, we gave registration info and it responded with a message box saying
> "This software is already installed on another computer." Office will run a
> certain number of times (about 50, I think), and after that point it will
> not run. The message box does provide a phone number you can call to get
> someone to fix the problem.
I was talking to someone who do to security reasons could not reveal
any information about an internal network (number of machines, type
of machines, or any other identifying information) mentioned
that if you run windows under vmware, when you "shutdown" vmware
asks if you want to resture the configuration to the way it was
when you started.
When you do this it resets the run counter to 50, so you never
have to jump through the hoops of filling out a zillion fields to
register a piece of software.
> BTW, we have an enterprise-wide license for Office 2000, so we weren't
> trying to break any laws here. And eventually we got our enterprise license
> key to work. But it was annoying.
This person also had a valid license btw...
--
Bill
------------------------------
From: [EMAIL PROTECTED]
Subject: Where can I find software tools for Known-text decryption
Date: Thu, 18 Jan 2001 02:24:23 GMT
Are there any availble software tools for Known-Text decryption?
thank you
Sent via Deja.com
http://www.deja.com/
------------------------------
From: Greggy <[EMAIL PROTECTED]>
Subject: Re: NSA and Linux Security
Date: Thu, 18 Jan 2001 02:21:03 GMT
In article <[EMAIL PROTECTED]>,
Shawn Willden <[EMAIL PROTECTED]> wrote:
> Greggy wrote:
>
> > After
> > the war, the great depression took place and (if you study history)
FDR
> > and the congress technically, legally declared the citizens of the
US
> > enemies of the US
>
> This is quite a statement. Can you provide a reference?
Absolutely. I will look it up later tonight and post it back here for
you. Additionally, there is MUCH you can read about this that I would
not try to go into here. Once I get the cites, you can study it all
you want.
--
I prefer my fourth amendment rights over a dope free
society, even if the latter could actually be achieved.
Sent via Deja.com
http://www.deja.com/
------------------------------
From: Greggy <[EMAIL PROTECTED]>
Subject: Re: NSA and Linux Security
Date: Thu, 18 Jan 2001 02:31:00 GMT
> > ... FDR and the congress technically, legally declared the citizens
> > of the US enemies of the US so that we could be regulated just like
> > our enemies were - by the president. According to a 1973 US Senate
> > report on this issue, since 1933 (FDR coming to power), we have
never
> > lived under constitutional rule, but emergency rule which allows us
> > to be regulated under maritime authority by the president ...
>
> If you really believe all that you must be pretty stupid.
> What evidence is there that that is the way that our
> government actually operates?
You know what is really sad? I can site a 1973 US Senate report that
confirms everything I just said and you don't realize it. In effect it
makes a claim in which you are one of those many victims without
awareness of your situation - that you have never lived under
constitutional rule. In other words, you don't know what life was like
before FDR. You have no idea how free Americans really were before he
came to power. You have never lived under the constitution, but under
a perpetual emergency courtesy of the US federal government. And you
had no idea, did you?
Imagine for a moment what it would be like to open a business and not
be forced to get a business license to do so. Imagine what it would be
like if the government never forced you to get a driver's license.
That is real freedom from government. That is how life was before
emergency rule. Think about what has been taken from you. And I will
cite some good material to read on this subject later tonight.
> And even if some president
> attempted such a feat, the fact that it is clearly
> unconstitutional would render it null and void.
That's how it should work. That is how it began to unfold. Then
congress stepped in and stripped the US Supreme Court of jurisdiction
on this matter. They may never rule on its constitutionality.
On another note, they tipped their hand that if enough congressmen (a
simple majority) were to sue President Bush over his use of force in
the Gulf War, then they would rule, which was their way of saying they
were prepared to force the return to constitutional rule. But it had
to be backed by the congress. And of course enough of the congress is
corrupted to keep that from happening.
--
I prefer my fourth amendment rights over a dope free
society, even if the latter could actually be achieved.
Sent via Deja.com
http://www.deja.com/
------------------------------
From: "Matt Timmermans" <[EMAIL PROTECTED]>
Subject: Re: Any good source of cryptanalysis source code (C/C++)?
Date: Thu, 18 Jan 2001 03:12:41 GMT
"AllanW" <[EMAIL PROTECTED]> wrote in message
news:942q1k$nl3$[EMAIL PROTECTED]...
> 1. It works with ANY type of encryption system, including ones that
> haven't even been written yet.
Note also that this property lets your system double as a sort of "universal
translator" -- in many ways, a foreign language is exactly like a code.
After testing your method by successfully decrypting several PGP-encrypted
messages that I have received, I fed it a digitized home video of my cat.
The good news is that your method works on this data too (of course). The
bad news is that there seems to be a world-wide conspiracy of cats, the goal
of which is to turn mankind into a race of mindless zombie slaves, entirely
devoted to acquiring and dispensing cat food and cleaning litter boxes.
When not needed, we will be placed in storage facilities, which the cats
euphamisticaly call "offices". While there, our enslaved minds will be kept
busy playing intricate games of the cats' own devising, where the players
(that's us) compete for points called "dollars". In order to keep us
interested in the game, the cats have devised an insidious system called
"economics", by which surpluses and deficits of dollars are translated into
various kinds of reinforcing stimuli, positive and negative respectively.
------------------------------
From: "Matt Timmermans" <[EMAIL PROTECTED]>
Subject: Re: Where can I find software tools for Known-text decryption
Date: Thu, 18 Jan 2001 03:19:01 GMT
If the text is known, why do you need to decrypt it?
<[EMAIL PROTECTED]> wrote in message news:945k4g$4a6$[EMAIL PROTECTED]...
>
>
> Are there any availble software tools for Known-Text decryption?
>
> thank you
>
>
> Sent via Deja.com
> http://www.deja.com/
------------------------------
From: "r.e.s." <[EMAIL PROTECTED]>
Subject: Re: Need of very simple algorithms?
Date: Wed, 17 Jan 2001 19:41:17 -0800
"Frank Wilde" <[EMAIL PROTECTED]> wrote...
| r.e.s. <[EMAIL PROTECTED]> wrote:
|
| > [...] However, http://www.counterpane.com/solitaire.html
| > also implies (incorrectly) that Solitaire is reversible,
| > so I think there's room for doubt.
[...]
| As all of the deck-permuting operations 1-4 are reversible,
| so is their composition.
No, as I already mentioned elsewhere in this thread (in reply
to John Savard), *not* all the operations 1-4 are reversible.
Step 1 is not reversible when the A-joker becomes second
from the top, and Step 2 is not reversible when the B-joker
becomes third from the top. In each case, the previous
position of the joker cannot be determined, as it could
have been either the top card or the bottom card.
| This being the case, you have an effective (and affordably
| efficient) means to compute the "inverse" element of
| the permutation group S(54), which I'd assume the composite
| operator is supposed to cover completely. (Didn't try
| to prove that, though. Any takers?)
But since this is *not* the case, the following question
still seems appropriate, in view of the fact that
"quite a lot of" security analyses were said to be done,
but haven't been provided as advertised:
| > [...] Maybe some embarassing flaws have been found?
--r.e.s.
------------------------------
From: "James" <[EMAIL PROTECTED]>
Crossposted-To:
alt.security,alt.security.espionage,comp.os.linux.security,comp.security.firewalls,comp.security.unix,comp.security.misc,alt.hacking,misc.legal.computing,alt.2600
Subject: Re: Full text to the book ``Underground'' released
Date: Wed, 17 Jan 2001 19:08:18 -0900
"Julian Assange" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> See http://www.underground-book.com/download.php3
>
> Feel free to forward this message.
(bad link?)
James
------------------------------
From: Bryan Olson <[EMAIL PROTECTED]>
Crossposted-To: sci.math,comp.theory
Subject: Re: A Small Challnge
Date: Thu, 18 Jan 2001 03:56:02 GMT
Benjamin Goldberg wrote:
> Here's an idea. RSA encryption works like the following:
> a = ciphertext, b = plaintext (or vice versa)
> e = encryption exponent, d = decryption exponent (or vice versa)
> pq = product of two primes, p and q, which are the private key
> a = b ^ e % pq
> b = a ^ d % pq
> 1 = de % lcm(p-1,q-1)
>
> Normally, d and e are generated once, and d is part of
> the private key. After this, p and q are no longer
> needed seperately, and may be discarded.
>
> What if, instead we used p, q (seperately) as our
> private key, and published just pq as our public key.
> To encrypt, the sender generates a random e, and sends
> e it along with the message. To decrypt, the
> recipient calculates the corresponding d to that e.
What problem does it solve that RSA does not?
There's no difficulty in coming up with schemes that meet
Rosi's stated requirements. For example, given any public key
scheme, we can add some constant "v" to its ciphertext and
define the new scheme's ciphertext as a' = (v, v+a). To
define the many public keys, we use a different v in each.
The fact that this obviously useless modification satisfies
the requirements leads me to believe that either the
requirements left out something important, or there just isn't
much to this notion. Perhaps the holders of public keys
should not be able to generate other public keys. Perhaps
they should not be able to tell whether two public keys
correspond to the same private key. Would either of those be
useful?
> To make sure that e has no factors in common with
> lcm(p-1,q-1), the sender generates it to be a prime number
> with over half as many bits as pq.
That's not possible. If we generate p and q so that (p-1)/2
and (q-1)/2 have only large prime factors then a negligible
portion of exponents will fail.
--Bryan
Sent via Deja.com
http://www.deja.com/
------------------------------
From: "rosi" <[EMAIL PROTECTED]>
Crossposted-To: sci.math,comp.theory
Subject: Re: A Small Challnge
Date: Thu, 18 Jan 2001 00:10:37 -0500
Benjamin Goldberg wrote in part in message
<[EMAIL PROTECTED]>...
>
>Here's an idea. RSA encryption works like the following:
> a = ciphertext, b = plaintext (or vice versa)
> e = encryption exponent, d = decryption exponent (or vice versa)
> pq = product of two primes, p and q, which are the private key
> a = b ^ e % pq
> b = a ^ d % pq
> 1 = de % lcm(p-1,q-1)
>
>Normally, d and e are generated once, and d is part of the private key.
>After this, p and q are no longer needed seperately, and may be
>discarded.
>
>What if, instead we used p, q (seperately) as our private key, and
>published just pq as our public key. To encrypt, the sender generates a
>random e, and sends e it along with the message. To decrypt, the
>recipient calculates the corresponding d to that e.
>
>To make sure that e has no factors in common with lcm(p-1,q-1), the
>sender generates it to be a prime number with over half as many bits as
>pq.
>
Thanks for the message and the try.
What are your >>>> two <<<< _DIFFERENT_ encryption keys?
pq counts to >>>> one <<<< encryption key.
I think I said, randomization is not QP.
Did I misread you? Or yours fits the definition in a way I did not see?
--- (My Signature)
------------------------------
From: David A Molnar <[EMAIL PROTECTED]>
Crossposted-To: sci.math,comp.theory
Subject: Re: A Small Challnge
Date: 18 Jan 2001 05:16:31 GMT
In comp.theory Bryan Olson <[EMAIL PROTECTED]> wrote:
> much to this notion. Perhaps the holders of public keys
> should not be able to generate other public keys. Perhaps
> they should not be able to tell whether two public keys
> correspond to the same private key. Would either of those be
> useful?
Those two requirements sound like the "blinded-key encryption"
discussed here on sci.crypt in April. I have not read rosi's article on QP
encryption carefully enough to render judgement, however. Sorry.
David Hopwood provided a security model worth reading.
http://x76.deja.com/getdoc.xp?AN=608860537.1&CONTEXT=979794516.733544449&hitnum=2
A related idea is an "unknown verifier" designated verifier proof.
http://x55.deja.com/getdoc.xp?AN=599447801&CONTEXT=979794613.996016165&hitnum=9
(See also David Hopwood's reply).
Blinded-key encryption has potential applications in MIX-nets and other
situations in which you'd like to pass a key to A in order to have them
encrypt a message for B, but it's crucial A doesn't know who B is. (and vice
versa). It's a little bit similar in flavor to opaque proxy encryption as
described by Blaze, but different - in particular, only one private key can
ever decrypt the messages, whereas in proxy encryption you can take a string
decryptable via one key and change it into a string decryptable by another.
-David
------------------------------
From: [EMAIL PROTECTED] (phil hunt)
Crossposted-To: talk.politics.crypto,misc.survivalism
Subject: Re: Why Microsoft's Product Activation Stinks
Date: Wed, 17 Jan 2001 21:51:52 +0000
On Wed, 17 Jan 2001 18:43:32 GMT, Kristopher Johnson
<[EMAIL PROTECTED]> wrote:
>Office 2000 already has something like this built in. When we installed it
>from the CD-ROM, the first time it ran it asked for registration
>information, which we supplied and which it (I assume) then sent to
>Microsoft via the Internet.
>
>We then installed it on a second computer, using the same CD. When it first
>ran, we gave registration info and it responded with a message box saying
>"This software is already installed on another computer." Office will run a
>certain number of times (about 50, I think), and after that point it will
>not run. The message box does provide a phone number you can call to get
>someone to fix the problem.
>
>BTW, we have an enterprise-wide license for Office 2000, so we weren't
>trying to break any laws here. And eventually we got our enterprise license
>key to work. But it was annoying.
>
>My opinion on this is that software companies have a right to put annoying
>features in their software. And the rest of us have the right to stop using
>annoying software.
Indeed. StarOffice has none of these hassles.
--
*****[ Phil Hunt ***** [EMAIL PROTECTED] ]*****
"An unforseen issue has arisen with your computer. Don't worry your
silly little head about what has gone wrong; here's a pretty animation
of a paperclip to look at instead." -- Windows2007 error message
------------------------------
From: Benjamin Goldberg <[EMAIL PROTECTED]>
Subject: Re: SAC question
Date: Thu, 18 Jan 2001 05:42:14 GMT
Tom St Denis wrote:
>
> In article <[EMAIL PROTECTED]>,
> Benjamin Goldberg <[EMAIL PROTECTED]> wrote:
> > In the normal definition of the Strict Avalanche Criterion (SAC), changing any
>input bit, or selection of input bits, should change each output bit with probability
>of 1/2.
> >
> > However, for an invertable function, there *must* be some bias. In the entry
>for SAC in Terry Ritter's glossary, he gives the example that for a 2 bit table, if
>one entry is the original value, there are only 3 "changed" values, so an input
>difference can cause each output bit to change with probability 2/3, not 1/2.
>
> For a function to fulfill SAC it doesn't have to always have 1/2 of the output bits
>affected, just on average (i.e with probability 1/2). So it is possible that a
>single bit toggle causes four bits difference and still fulfill SAC.
Eh? If it's a 2x2 table, then there are 2 inputs, and 2 outputs. There is no way to
change 4 bits of output, since there aren't that many.
Also, 2/3 *is* a probability. Reread what I wrote. Also, take your own advice about
thinking before posting.
> > If I were to consider an N bit table, the probability of an output bit
>changing when the input changes, should, if the table is as close to SAC as possible,
>change with probability of 1-(2^(N-1)-1)/(2^N-1).
> Generally you count (over all the inputs) the number of times you flip one bit of
>input the output bit (specific input/output bits) togle. If the count is 2^(n-1)
>then it's SAC for those particular bits. If it's not then it's not SAC. simple as
>that.
No. The strict definition of SAC says output bits change 1/2 of the time. If the
count is 2^(n-1) that it changes, then the count is 2^(n-1)-1 of it not changing.
Since (2^(n-1))/((2^n)-1) is not 1/2, then no substitution box of finite size is SAC.
Suppose I have an 8 bit table. Flipping 1 bit of input can cause any of 255 different
differences; The odds of a change is 128/255. Not 1/2. It's almost SAC, but it is
not SAC.
> > Is there any particular term for this type of "Almost SAC?"
>
> Not SAC.
>
> > For instance, if a 128 bit cipher fulfills the property that if an input bit
>changes, then each of the output bits change with probability 1-(2^127-1)/(2^128-1),
>what do you call that property?
Getting rid of extraneous "-"s for easier reading: (2^127)/(2^128-1)
> > Also, is there any term for calculating SAC on larger units than single
>bits? Maybe "bytewise SAC," or "wordwise SAC?"
>
> Stochastically random? If you are talking binary, bytewise is 'seventh-order' so
>you would say "seventh-order SAC" i.e changing any eight bits will change any other
>unit of eight bits with prob 1/256 (all bits flip simulataneously).
Who cares about all 8 bits changing at once? I care about at least one of the 8 bits
changing, which is quite different. Changing any input byte (any of the 255 possible
nonzero changes to that byte) causes any output byte to change in one of 256 possible
ways, of which 255 are nonzero differences, and 1 of which is a zero difference --
that is, there's a 255/256 probability of the output byte changing, and a 1/256
probability of it not changing.
> To be honest I have never viewed SAC this way since it really deals with bits. (or
>linear combos of bits).
>
> When you move away from single bits you touch on the Bit Independence Criterion
>(BIC) which states that any linear combination of output bits forms a nonlinear n x 1
>function.
--
Most scientific innovations do not begin with "Eureka!" They begin with "That's odd.
I wonder why that happened?"
------------------------------
From: "rosi" <[EMAIL PROTECTED]>
Crossposted-To: sci.math,comp.theory
Subject: Re: A Small Challnge
Date: Thu, 18 Jan 2001 01:27:57 -0500
Bryan Olson wrote in part in message <945pgh$8ha$[EMAIL PROTECTED]>...
>the requirements leads me to believe that either the
>requirements left out something important, or there just isn't
>much to this notion.
Correct. Again randomization is not QP otherwise QP embraces
some very uninteresting things.
--- (My Signature)
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: block algorithm on variable length without padding?
Date: Wed, 17 Jan 2001 23:11:02 -0600
In article <kAj96.59822$[EMAIL PROTECTED]>, "N. Weicher"
<[EMAIL PROTECTED]> wrote:
> Is it possible to use a block algorithm (such as Blowfish or DES) to encrypt
> plaintext where the length is not a multiple of eight bytes? I know about
> padding, but what if padding is not an option, ie, the encrypted data must
> be the exact same length as the plaintext data? Is this feasible? If so,
> how is it done?
>
> Thanks for any feedback.
>
> Neil
>
This is one problem with traditional block ciphers. As AES was popularity
decided to be traditional, one of the faults with it as well. Better
answers tend to be ignored as people like to continue to make the same
reassuring, comfortable mistakes.
--
Large corporations are touted as heros as job creators.
Many of them should be recognized merely as job exporters,
creating jobs somewhere else for anyone but Americans.
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Crossposted-To: talk.politics.crypto,misc.survivalism
Subject: Re: Why Microsoft's Product Activation Stinks
Date: Wed, 17 Jan 2001 23:14:54 -0600
In article <944nvc$9t9$[EMAIL PROTECTED]>, zapzing <[EMAIL PROTECTED]> wrote:
> I understand MS's desire to protect their
> intellectual property, but please try to think
> of something that will not cause the collapse
> of civilization.
>
They would rather that a downfall in one causes the same in the other...
makes them feel essential, which they aren't.
--
Some people say what they think will impress you, but ultimately
do as they please. If their past shows this, don't expect a change.
------------------------------
From: Val Mehling <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto,misc.survivalism
Subject: Re: Why Microsoft's Product Activation Stinks
Date: Thu, 18 Jan 2001 05:52:16 GMT
So - if we really do see TSHTF and Microsoft is one of the casualties
and, some time later on, if someone starts setting up computers again
they won't be able to use the new Windoze cause they won't be able to
get it "activated." Better keep those Win 98SE CD's in a safe place.
zapzing wrote:
> Upcoming versions of windows may have, I
> read, something called "product activation".
> This means that you must call up microsoft
> so that the OS can have permission to run.
> I have a few questions about this. First of
> all, under what conditions will MS
> *refuse* to activate the product. It seems
> to me that if they never refuse activation,
> then putting in product activation code is
> pretty useless. And if they do, they may
> deny legitimate users who reconfigure their
> systems frequently.
>
> Also, what about the possibility of a major
> computer virus that requires many machines
> to restore. This would of course require
> that the OS be reactivated, but in that case
> the product reactivation lines could be
> jammed. This would make me think about it
> very carefully before I bought an OS that
> included product reactivation code.
>
> I understand MS's desire to protect their
> intellectual property, but please try to think
> of something that will not cause the collapse
> of civilization.
>
> --
> Void where prohibited by law.
>
> Sent via Deja.com
> http://www.deja.com/
--
Val Mehling - anti-spam in effect.
For e-mail reply to: [EMAIL PROTECTED]
http://home.earthlink.net/~valjm/
Libertarian for Bush * Cheney
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
