Cryptography-Digest Digest #531, Volume #13 Tue, 23 Jan 01 15:13:01 EST
Contents:
Re: steganography by random phase carrier convolution (Splaat23)
Some Enigma Questions ("David C. Barber")
Re: secure RNG (Splaat23)
Re: Some Enigma Questions (Jim Gillogly)
Leo Marks dies ("David C. Barber")
Re: Kooks (was: NSA and Linux Security) (Darren New)
Re: Some Enigma Questions ("David C. Barber")
Re: Some Enigma Questions (Jim Gillogly)
Re: Dynamic Transposition Revisited (long) (John Savard)
Re: Some Enigma Questions (John Savard)
Re: Leo Marks dies (John Savard)
Re: rubik's cube ("Douglas A. Gwyn")
Re: Kooks (was: NSA and Linux Security) (John Myre)
----------------------------------------------------------------------------
From: Splaat23 <[EMAIL PROTECTED]>
Subject: Re: steganography by random phase carrier convolution
Date: Tue, 23 Jan 2001 18:04:42 GMT
It doesn't appear to be that spectacular (from my first look). It's
just watermarking with some resistance to filtering. It doesn't solve
the one problem with (image) stenography - if you can get the original
image, you can find that a difference exists and detect the
transmission of data.
As with all watermarking solutions that run on computers under the
control of the user, it will not function as a right management
package. The same data that would all the information to be retrieved
can be used to erase or managle the watermark enough to disable it.
As far as I can tell, this is not that interesting.
- Andrew
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (John Bailey) wrote:
> http://www.rochesterbusinessnews.com/
> The Rochester (NY) Democrat and Chronicle mentioned tech briefs to be
> put on the web by Kodak,
> (quote)The first installment, released yesterday, highlights Kodak's
> work to make digital imaging copyrights more secure and in developing
> new screens for consumer electronics. (end quote)
> Following a Byzantine trail of links I finally came to this article
> (pdf) which may be of interest to this newsgroup.
>
> Data Embedding Using Phase Dispersion
> Chris Honsinger and Majid Rabbani
>
> Abstract
> A method of data embedding based on the convolution of message data
> with a random phase carrier is presented. The theory behind this
> method is reviewed and it is shown that the technique can be used to
> hide both pictorial and non-pictorial data. The details of the
> procedures used for carrier design, message template optimization,
> message extraction optimization, block synchronization, and rotation
> and scale correction are discussed. Finally, the algorithm’s benchmark
> results using Stirmark are presented.
> Full text at:
>
http://www.kodak.com/US/plugins/acrobat/en/corp/researchDevelopment/data
Embedding.pdf
>
> John
>
> John
>
Sent via Deja.com
http://www.deja.com/
------------------------------
From: "David C. Barber" <[EMAIL PROTECTED]>
Subject: Some Enigma Questions
Date: Tue, 23 Jan 2001 11:11:55 -0700
Hi.
Just finished Kahn's "Seizing the Enigma". Have also read "Codebreakers" in
the past and "Applied Cryptography" as well as seen the Nova presentation on
PBS.
I *still* have a few Enigma questions I hope the group can help with:
Q1: A weakness of the German reflector rotor machines is always given that
no input character could ever map back to itself. I.e. while A->R, you
could never have A->A. While it is easy to understand why this happens, and
the advantage it can give in checking a suspected plain text against
encrypted text, why doesn't the plug board remove, or at least greatly
reduce this vulnerability e.g. A->R->plug board->A?
Q2: How did the plug board disconnect the previous straight through
mapping? Did the process of inserting the plug disconnect the previous
wiring in the same manner that inserting headphone plugs in some stereo
systems automatically disconnects the main speakers?
Q3: The plugs interchanged pairs of characters, hence there were two plugs
at each end. Were these plugs keyed to prevent improper insertation?
Q4: Is there still a commercial version of the Enigma for sale that is
essentially the WW II machine?
Q5: If properly used (e.g. few messages, good mixing of rotor settings, no
obvious rotor settings (e.g. QWE), varying messages to avoid obvious cribs,
having all rotor increment the next rotor at the same position, not sending
the same message in more than one cipher system, changing of rotors more
often than once a war, etc), say along the lines of the German Navy, would
an Enigma today be reasonably secure? Put another way, would it be easily
crackable today by a single person with some cracking tools and a computer,
or would it require a high level team like that assembled during the war?
Q6: How critical is the rotor wiring? While there are some obvious weak
rotors (e.g. a straight through design, a Caesar cipher rotor, or
duplicating the same wiring on the second 13 positions of the rotor), is it
easy or hard to create weak rotors?
Q7: Did the German Navy's creation of a 4th rotor position that included a
rotor that in one position made the machine act like 3 rotor machine result
in a weakened 4th rotor -- even if it hadn't already been compromised
otherwise? Seems to me what the 4th rotor did was simply create a 3 rotor
machine with 26 possible reflecting rotors, instead of the previous 1 fixed
rotor. Right or wrong?
Thanks for any answers, and I hope my questions weren't too simple or
obvious to be considered.
*David Barber*
------------------------------
From: Splaat23 <[EMAIL PROTECTED]>
Subject: Re: secure RNG
Date: Tue, 23 Jan 2001 18:14:05 GMT
Umm, yeah, Yarrow does use a finite sized key - read the paper/code. It
uses a block cipher in counter mode with a key derived from local
entropy. In fact, just about all (or all) PRNGs rely on some type of
expansion process that takes a certain amount (finite for sure) of real
entropy and converts it to a PRNG sequence with the same entropy.
However, the fact that no one right now needs more than 256 bits of
entropy max (because of the extreme cost of brute-force searching),
PRNGs that have secure elements and design are successfully used to
generate "good enough" random numbers for crypto.
- Anderw
In article <eEjtdDdeAHA.327@cpmsnbbsa09>,
"Joseph Ashwood" <[EMAIL PROTECTED]> wrote:
> I'm sorry but finding what you seem to be looking for can't happen.
Please
> feel free to correct me if I'm wrong, but you are looking for a Pseudo
> Random Number Generator that given a small password (or other
finitely sized
> key) and create an infinitely long stream of numbers that are secure.
I'm
> sorry but such a thing can't exist. We do however have things that
can for
> many purposes be treated similarly, or have different behavior that
gives
> close to the results you desire. A fairly good best of breed list of
these
> are:
> Blum, Blum, Shub (http://www.io.com/~ritter/NEWS2/TESTSBBS.HTM about
half
> way down the page)
> RC4 (aka ARCFOUR) (http://burtleburtle.net/bob/rand/isaac.html#RC4)
> ISAAC (http://burtleburtle.net/bob/rand/isaac.html#ISAAC)
> Yarrow (http://www.counterpane.com/yarrow)
> They all take different approachs. Blum, Blum, Shub is provably
secure under
> certain assumptions, but horribly slow. RC4 is very fast but has a
bias,
> ISAAC is not quite as fast but IIRC has a lower bias. Yarrow is a
different
> class of design, it makes use of entropy gathering on the local
machine and
> does not make use of a finitely sized key. On the same page as ISAAC
and RC4
> you'll find code for others as well.
> Joe
>
> "Dobs" <[EMAIL PROTECTED]> wrote in message news:93da5a$5j1
$[EMAIL PROTECTED]
> > I am looking for good random number generator which can be used in
> > cryptography, ( for example in key generating) . If anybody knows
where I
> > can find such a secure generators implemented in C ( not in Visual
C :),
> > Could You please write me back or send it to me. I need 3,4 or 5
such a
> > generators to compare. I would be greatful for help:))))
> > Best regards
> >
> >
>
>
Sent via Deja.com
http://www.deja.com/
------------------------------
From: Jim Gillogly <[EMAIL PROTECTED]>
Subject: Re: Some Enigma Questions
Date: Tue, 23 Jan 2001 18:42:03 +0000
"David C. Barber" wrote:
> Q1: A weakness of the German reflector rotor machines is always given that
> no input character could ever map back to itself. I.e. while A->R, you
> could never have A->A. While it is easy to understand why this happens, and
> the advantage it can give in checking a suspected plain text against
> encrypted text, why doesn't the plug board remove, or at least greatly
> reduce this vulnerability e.g. A->R->plug board->A?
The letter goes through the plug board both on the way in and on the
way out. Since the reflector changes a letter into another letter,
the out path must be different from the in path, resulting in a different
letter before the plug board. Since each plug swaps two letters, they
must still be different after the plug board is applied on each end.
> Q4: Is there still a commercial version of the Enigma for sale that is
> essentially the WW II machine?
No, but there are lots of emulators that produce identical ciphertext.
I understand there's a replica of the reflector (Umkehrwalze) being made.
> Q5: If properly used (e.g. few messages, good mixing of rotor settings, no
> obvious rotor settings (e.g. QWE), varying messages to avoid obvious cribs,
> having all rotor increment the next rotor at the same position, not sending
> the same message in more than one cipher system, changing of rotors more
> often than once a war, etc), say along the lines of the German Navy, would
> an Enigma today be reasonably secure? Put another way, would it be easily
> crackable today by a single person with some cracking tools and a computer,
> or would it require a high level team like that assembled during the war?
A four-rotor message with all those precautions (except "having all
rotor increment the next rotor at the same position", which I don't
understand -- the new naval rotors had two notches) would be difficult
for an individual today if it were kept short, I think -- which is to
say, I don't know of a strong attack on short four-rotor messages.
> Q6: How critical is the rotor wiring? While there are some obvious weak
> rotors (e.g. a straight through design, a Caesar cipher rotor, or
> duplicating the same wiring on the second 13 positions of the rotor), is it
> easy or hard to create weak rotors?
The most important thing about the rotor wiring is that it's known
to the attacker. Discovering this wiring was the trickiest part --
the first few were discovered through brilliant cryptanalysis by
the Poles (Rejewski et al.), and some others were captured. Obviously
weak rotors can be easily constructed.
> Q7: Did the German Navy's creation of a 4th rotor position that included a
> rotor that in one position made the machine act like 3 rotor machine result
> in a weakened 4th rotor -- even if it hadn't already been compromised
> otherwise? Seems to me what the 4th rotor did was simply create a 3 rotor
> machine with 26 possible reflecting rotors, instead of the previous 1 fixed
> rotor. Right or wrong?
It simply gave them the option of communicating with someone who had
a 3-rotor machine. The 4th rotor was a big step up in security.
--
Jim Gillogly
Hevensday, 2 Solmath S.R. 2001, 18:28
12.19.7.16.8, 7 Lamat 11 Muan, Fourth Lord of Night
------------------------------
From: "David C. Barber" <[EMAIL PROTECTED]>
Subject: Leo Marks dies
Date: Tue, 23 Jan 2001 11:57:00 -0700
Leo Marks WW II cryptographer died today.
http://www.theregister.co.uk/content/4/16308.html
*David Barber*
------------------------------
From: Darren New <[EMAIL PROTECTED]>
Subject: Re: Kooks (was: NSA and Linux Security)
Date: Tue, 23 Jan 2001 18:57:40 GMT
Scott Fluhrer wrote:
> > Last I looked, the Constitution named the Supreme Court as the final judge
> > of what the constitution means.
>
> Sorry to be pedantic here, but where in the Constitution does it say that?
First two sections of Article 3. Not in so many words, mind, but the supreme
court's "Power shall extend to all cases, in law and equity, arising under
this Constitution..." Hence, the supreme court would be the group with the
power to decide cases based on what the constitution says.
Why, who do *you* think determines what's constitutional and what isn't? If
it were the legislature, you wouldn't be able to have a law struck down as
unconsitutional, yes?
I Am Not A Lawyer. :-)
--
Darren New / Senior MTS & Free Radical / Invisible Worlds Inc.
San Diego, CA, USA (PST). Cryptokeys on demand.
"It says this wine has syphilis."
"I think that's pronounced `sulphates'."
------------------------------
From: "David C. Barber" <[EMAIL PROTECTED]>
Subject: Re: Some Enigma Questions
Date: Tue, 23 Jan 2001 12:00:01 -0700
Q8: Is there a reference that gives the rotor wiring for all German WW II
rotors?
*David Barber*
------------------------------
From: Jim Gillogly <[EMAIL PROTECTED]>
Subject: Re: Some Enigma Questions
Date: Tue, 23 Jan 2001 19:17:18 +0000
"David C. Barber" wrote:
>
> Q8: Is there a reference that gives the rotor wiring for all German WW II
> rotors?
See "download internal wiring information" from David Hamer's page:
http://www.eclipse.net/~dhamer/Enigma1.htm
--
Jim Gillogly
Hevensday, 2 Solmath S.R. 2001, 19:16
12.19.7.16.8, 7 Lamat 11 Muan, Fourth Lord of Night
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Dynamic Transposition Revisited (long)
Date: Tue, 23 Jan 2001 19:13:48 GMT
On Mon, 22 Jan 2001 13:05:04 GMT, [EMAIL PROTECTED]
(John Savard) wrote, in part:
>And with substitution, unlike Dynamic Transposition, instead of being
>stuck with one set of n! substitutions, one can use steps of different
>kinds so that instead of just having, say, all 2^n possible mappings
>obtained by XORing an n-bit block with an n-bit key, one can explore
>the space of (2^n)! permutations more deeply - depending on how much
>key we use, and how complicated a structure we give the cipher.
Well, one can supplement Dynamic Transposition to increase the
exploration of the mapping space as well. In addition to transposing
the bits of a balanced block, one could also subject them to
substitutions that preserve the number of 1 bits: i.e., one could have
an 8-bit wide S-box that mapped 00000000 to itself, that scrambled the
8 combinations with a single 1 bit among themselves, that scrambled
the 28 combinations with two 1 bits among themselves, and so on.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Some Enigma Questions
Date: Tue, 23 Jan 2001 19:20:10 GMT
On Tue, 23 Jan 2001 11:11:55 -0700, "David C. Barber"
<[EMAIL PROTECTED]> wrote, in part:
>Q2: How did the plug board disconnect the previous straight through
>mapping? Did the process of inserting the plug disconnect the previous
>wiring in the same manner that inserting headphone plugs in some stereo
>systems automatically disconnects the main speakers?
Yes, precisely. That's why a Polish copy of the Engima used standard
phone jacks for the plugboard, because they worked the same way.
>Q3: The plugs interchanged pairs of characters, hence there were two plugs
>at each end. Were these plugs keyed to prevent improper insertation?
Yes. One plug was a bit larger than the other.
>Q5: If properly used (e.g. few messages, good mixing of rotor settings, no
>obvious rotor settings (e.g. QWE), varying messages to avoid obvious cribs,
>having all rotor increment the next rotor at the same position, not sending
>the same message in more than one cipher system, changing of rotors more
>often than once a war, etc), say along the lines of the German Navy, would
>an Enigma today be reasonably secure? Put another way, would it be easily
>crackable today by a single person with some cracking tools and a computer,
>or would it require a high level team like that assembled during the war?
It still wouldn't be as secure as, say, DES.
>Q6: How critical is the rotor wiring? While there are some obvious weak
>rotors (e.g. a straight through design, a Caesar cipher rotor, or
>duplicating the same wiring on the second 13 positions of the rotor), is it
>easy or hard to create weak rotors?
Random rotor wirings usually wouldn't be too weak. However, it is
important to check that the rotor provides a wide variety of
_displacements_ of letters; that is, there shouldn't be five letters
all of which are moved to the letter six places down in the alphabet
and seven letters moved to the letter 10 places earlier in the
alphabet. The Enigma didn't use 'optimized' rotors, which would
presumably be those wired according to the 'interval method' invented
by Edward Hebern. (Described on my site...)
>Q7: Did the German Navy's creation of a 4th rotor position that included a
>rotor that in one position made the machine act like 3 rotor machine result
>in a weakened 4th rotor -- even if it hadn't already been compromised
>otherwise?
Probably not; the only weakness was that this was a clue to how the
two rotors were wired.
>Seems to me what the 4th rotor did was simply create a 3 rotor
>machine with 26 possible reflecting rotors, instead of the previous 1 fixed
>rotor. Right or wrong?
Yes, since that rotor was only moved by hand.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Leo Marks dies
Date: Tue, 23 Jan 2001 19:23:13 GMT
On Tue, 23 Jan 2001 11:57:00 -0700, "David C. Barber"
<[EMAIL PROTECTED]> wrote, in part:
>Leo Marks WW II cryptographer died today.
>http://www.theregister.co.uk/content/4/16308.html
The article calls him a 'code cracker', rather than a code maker...and
fails utterly to mention his recent book, "Between Silk and Cyanide".
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
Crossposted-To: comp.security.pgp.discuss
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: rubik's cube
Date: Tue, 23 Jan 2001 18:43:11 GMT
"Tony L. Svanstrom" wrote:
> Gateway #3 <[EMAIL PROTECTED]> wrote:
> > Do you know of works that consider encryption based on the Rubik's Cube ?
Rubik's cube involves very simple finite groups,
and is therefore a horrible basis for encryption.
------------------------------
From: John Myre <[EMAIL PROTECTED]>
Subject: Re: Kooks (was: NSA and Linux Security)
Date: Tue, 23 Jan 2001 12:56:00 -0700
Darren New wrote:
<snip>
> First two sections of Article 3. Not in so many words, mind, but the supreme
> court's "Power shall extend to all cases, in law and equity, arising under
> this Constitution..." Hence, the supreme court would be the group with the
> power to decide cases based on what the constitution says.
<snip>
I recall in my civics class, many years ago, learning that
it was actually the first Chief Justice that interpreted
things that way. At the time I believe it was regarded as
an aggressive position for the jurist to take. The law
being what it is, the precedent was set.
JM
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
