Cryptography-Digest Digest #638, Volume #13 Tue, 6 Feb 01 03:13:01 EST
Contents:
Re: Encrypting Predictable Files ([EMAIL PROTECTED])
Re: Encrypting Predictable Files ([EMAIL PROTECTED])
Questions about Diffie-Hellman ("Julian Morrison")
Re: RSA, discrete log Both not secure... ("Michael Brown")
Re: Why Microsoft's Product Activation Stinks (fredfighter(atsign)iwon.com)
Re: Encrypting Predictable Files ([EMAIL PROTECTED])
Re: steganography by random phase carrier convolution ("Chris Honsinger")
Re: Questions about Diffie-Hellman (Roger Schlafly)
Re: Questions about Diffie-Hellman ("kihdip")
Re: Questions about Diffie-Hellman ("Julian Morrison")
Re: OverWrite freeware completely removes unwanted files from hard drive (Anthony
Stephen Szopa)
Re: Questions about Diffie-Hellman (Roger Schlafly)
Re: DH question (Paul Crowley)
Re: Questions about Diffie-Hellman ("Julian Morrison")
Re: Do you like playing with numbers? (Niklas Frykholm)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Encrypting Predictable Files
Date: Tue, 06 Feb 2001 05:06:17 GMT
In article <[EMAIL PROTECTED]>,
Richard Heathfield <[EMAIL PROTECTED]> wrote:
> "SCOTT19U.ZIP_GUY" wrote:
> >
> > [EMAIL PROTECTED] (Richard Heathfield) wrote in
> > <[EMAIL PROTECTED]>:
> >
> > >>
> > >> Did you really try this on your own method. I would be very
> > >> surprised if it works on all files. Did you try files of various
> > >> lengths. Since most "algorithms" will be fully reverseable for
> > >> some fixed block size. But if the file is not a nice number of
> > >> bytes they tend to fail. Is your method based on blocks longer
> > >> than 1 byte or is it a method that treats the file as a single
> > >> block.
> > >
> > >Block size == file size. If your file is 2 Megabytes in size, then
I use
> > >a 2 Megabyte blocksize.
> > >
> >
> > Try this with "your CODE" take a binary file that is 253 bytes
long
> > the first byte is 1 then second is 2 and so on till last byte is 253
> > DECRYPT this file using your code to get a second file. THen ENCRYPT
> > it to get a third file. use "fc /b file1 file3" if they are the
> > same then there is a good change your method does not add info.
> >
> > As to weather or not it treats the whole file as a block I would
> > encrypt a file of 2 Megabytes of zero. Then hex edit one byte in
> > middle of output file. Then decrypt file. IF you have a large block
> > of zero at start or end of file then your not really treating the
> > file as a single block.
>
> My program passes all these tests. I could have said that without
> testing, but just for you, I tested them again anyway.
>
> The whole file is rotated by a key-dependent number of bits once per
> round, and there are KeyLen rounds, which also include key XOR and S-
box
Good for you maybe its close to scott16u from your description.
Have you tested it against the attack by Paul Onions?
Sent via Deja.com
http://www.deja.com/
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Encrypting Predictable Files
Date: Tue, 06 Feb 2001 05:12:41 GMT
In article <95nhq3$tj3$[EMAIL PROTECTED]>,
Splaat23 <[EMAIL PROTECTED]> wrote:
> Well, I tried it again, and recorded the results. The results follow:
>
> >>> import rc6
> >>> k = rc6.new(12345678912034L)
> >>> m = "Hello, worl"
> >>> len(m)
> 11
> >>> c = k.decryptecb(m)
> >>> c
> '\006S\033\010#\037\242\202\227\327\3452E\304\011\361'
> >>> k.encryptecb(c)
> 'Hello, worl\000\000\000\000\000'
> >>> m = "The seems to work correctly, even with messages that are not
> multiples of the cipher block!"
Actaully you are missing somethiing the orignal file had
11 characters. The final file had 5 extra zeros so the file
changed. I suspect the method "added trailing zeros" at the
start a common technique. But it may mean that you can't
distinguish btween a "hello worl\000" or "hello worl" as
the original file. Its a minor detail. But its the minor
detail that breaks encryption.
Sent via Deja.com
http://www.deja.com/
------------------------------
From: "Julian Morrison" <[EMAIL PROTECTED]>
Subject: Questions about Diffie-Hellman
Date: Tue, 06 Feb 2001 05:25:02 +0000
I want to use DH key exchange between two hosts.
1) Can a wiretapper who sees *all* messages passed to and fro figure out
the key?
2) Do the two hosts need to know anything at all about one another prior
to key exchange (public keys or any such)?
------------------------------
From: "Michael Brown" <[EMAIL PROTECTED]>
Subject: Re: RSA, discrete log Both not secure...
Date: Tue, 6 Feb 2001 18:46:35 +1300
<Sigh> And no-one's even looked here.
http://odin.prohosting.com/~dakkor/rsa/
--
Code snippit 1 : Fibbonachi fill
Stats:
In : esi = destination address, ecx = number of numbers / 2
Out : esi,eax,ebx,ecx destroyed. [esi] = 1,2,3,5,8...
Time: 2.5 clocks per Fibbonachi number + 1 clock initialisation
Code (replace ";" with newline):
mov eax,1;mov ebx,1;L1:mov [esi],eax;add ebx,eax;add esi,4;
mov [esi],ebx;add eax,ebx;add esi,4;dec ecx;jnz L1
------------------------------
From: fredfighter(atsign)iwon.com <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto,misc.survivalism
Subject: Re: Why Microsoft's Product Activation Stinks
Date: Tue, 06 Feb 2001 05:26:47 GMT
In article <3Hl96.51$[EMAIL PROTECTED]>,
"Mysterion" <[EMAIL PROTECTED]> wrote:
> Sounds like Microsoft is determined to shoot themselves in the foot.
>
Other foot.
--
Fred the Red Shirt | [EMAIL PROTECTED] bounces--inbox is full of
spam. [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
[EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
[EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
Sent via Deja.com
http://www.deja.com/
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Encrypting Predictable Files
Date: Tue, 06 Feb 2001 05:31:10 GMT
In article <OMmNbT9jAHA.280@cpmsnbbsa07>,
"Joseph Ashwood" <[EMAIL PROTECTED]> wrote:
> "SCOTT19U.ZIP_GUY" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > If your going to use Rijndael I would sugguest Matt Timmermans
> > version since it use a bijective compressor that would help hid
> > the portions of your files that are common from file to file and
> > it does not information into a file which would aid in making it
> > easier to break. I doubt though Mr Ashwood would recommend it since
> > its free. If you want something even more secure use scott16u to
> > reencrypt the results of the first encryption. You can be sure
> > that Mr Ashwood would be against that but I doubt of the NSA could
> > break the two in series.
> [see I told you some of us manage to do it more than once]
> Please permit me to translate to actual English.
> DS would like to suggest that you use Matt Timmerman's Rijndael
> implementation.
> He would also like to suggest that you use his completely
undocumented,
> abyssmally slow completely useless encryption because he remains quite
> ignorant about real cryptography.
>
> Now on to my comments.
> I have not personally examined what Mr Timmerman's Rijndael
implementation
You personally have not examined what Mr Timmermans's has
done becasue your a pompous ignorant ass as to what real encryption
is all about.
> actually is. However is DS's claim that given an 11 byte file (or any
other
> file < 16 bytes) it will create an 11 byte file (or other file of
exactly
> the same length), I would strongly recommend avoiding it. If it
instead
Actaully I sugguest using encrypt that can do 11 bytes to 11 bytes
that is what soctt16u does. However Mr Timmermanns code usually changes
the lenght of files. However every possible binary file has a
unque mapping to the space of all binary files. When you encrypt or
when you decrypt any file it mapps unquely to another. a "one to one"
mapping if you understand that. He could in therory mapp a 11 btye
file to 13 bytes it depends on file and on the key. The concept is
most likely over you head.
> actually uses Rijndael (which would force the file to be 16-bytes or
> greater) then I see no problem with using it.
>
> Now on to the other claim. DS has been pushing his various versions
for
> quite some time, every time someone reasonable examines it, they
either
> leave laughing or they break it, DS's traditional reaction to this
has been
> to increase the size when the prior one is broken. Your milage will be
Actually the only so called break was by PAUL ONIONS as to plain
test attack. That was years ago. Scott16u is years old there have
been cash prises. Of course one of your asshole buddies claimed the
slide attack could break it. But it turned out he was as full of
shit as you seem to be.
As i stated previous Matt uses Rijndeal in a way that can
encrypt any file without adding information. If you use Rijndeal
I would suggest Matts version instead of some crapp that Mr
Ashwood thinks is hot shit. Just becasue he thinks he knows
something about Rijndeal but has not looked at Matts don't
belive him. He knows nothing about what he talks.
But he is the kind of man that spouts off as if he knows
something yet he never gets down to the nitty gritty of
actually looking at something or he would have been honest
enough to loo at it. Just like Wagner who thought scott16u
was weak then he had to admit in one post he made all his clains
on guesses what out ever testing or even knowing how the encryption
worked. That is how most of the pomous guys here are. But they
can spell real nice. I can't spell worth shit in case you haven't
noticed.
> really bad trying to use it (you can judge for yourself from the code
he
> supplies, he won't supply any other documentation).
>
> His recommendation of using a second cipher is a different matter,
and may
> or may not have any relation to your needs. Using Rijndael and adding
a
> second layer will likely not help security much, at least for the near
> future (say a decade or so). If you want something to remain secure
for a
> very long time you may actually want to use multiple algorithms,
however
> instead of making use of anything with the word scott in it, I would
> recommend using one of the other AES finalists, both Serpent and
Twofish are
> very well analyzed and may be more secure than Rijndael, they can
also be
> retrieved from the NIST AES pages.
> Joe
>
>
Sent via Deja.com
http://www.deja.com/
------------------------------
Reply-To: "Chris Honsinger" <[EMAIL PROTECTED]>
From: "Chris Honsinger" <[EMAIL PROTECTED]>
Subject: Re: steganography by random phase carrier convolution
Date: Tue, 06 Feb 2001 05:53:12 GMT
Splaat23,
Why would one make the original available? Isn't that like making an
unencrypted file available with an encrypted file?
Could you also expand or clarify the meaning of:
"As with all watermarking solutions that run on computers under the control
of the user, it will not function as a right management package. The same
data that would all the information to be retrieved can be used to erase or
managle the watermark enough to disable it."
Thanks,
Chris Honsinger
"Splaat23" <[EMAIL PROTECTED]> wrote in message
news:94kh3j$720$[EMAIL PROTECTED]...
> It doesn't appear to be that spectacular (from my first look). It's
> just watermarking with some resistance to filtering. It doesn't solve
> the one problem with (image) stenography - if you can get the original
> image, you can find that a difference exists and detect the
> transmission of data.
>
> As with all watermarking solutions that run on computers under the
> control of the user, it will not function as a right management
> package. The same data that would all the information to be retrieved
> can be used to erase or managle the watermark enough to disable it.
>
> As far as I can tell, this is not that interesting.
>
> - Andrew
>
> In article <[EMAIL PROTECTED]>,
> [EMAIL PROTECTED] (John Bailey) wrote:
> > http://www.rochesterbusinessnews.com/
> > The Rochester (NY) Democrat and Chronicle mentioned tech briefs to be
> > put on the web by Kodak,
> > (quote)The first installment, released yesterday, highlights Kodak's
> > work to make digital imaging copyrights more secure and in developing
> > new screens for consumer electronics. (end quote)
> > Following a Byzantine trail of links I finally came to this article
> > (pdf) which may be of interest to this newsgroup.
> >
> > Data Embedding Using Phase Dispersion
> > Chris Honsinger and Majid Rabbani
> >
> > Abstract
> > A method of data embedding based on the convolution of message data
> > with a random phase carrier is presented. The theory behind this
> > method is reviewed and it is shown that the technique can be used to
> > hide both pictorial and non-pictorial data. The details of the
> > procedures used for carrier design, message template optimization,
> > message extraction optimization, block synchronization, and rotation
> > and scale correction are discussed. Finally, the algorithm's benchmark
> > results using Stirmark are presented.
> > Full text at:
> >
> http://www.kodak.com/US/plugins/acrobat/en/corp/researchDevelopment/data
> Embedding.pdf
> >
> > John
> >
> > John
> >
>
>
> Sent via Deja.com
> http://www.deja.com/
------------------------------
From: Roger Schlafly <[EMAIL PROTECTED]>
Subject: Re: Questions about Diffie-Hellman
Date: Mon, 05 Feb 2001 22:09:27 -0800
Julian Morrison wrote:
> I want to use DH key exchange between two hosts.
> 1) Can a wiretapper who sees *all* messages passed to and fro figure out
> the key?
Yes. That's the idea.
> 2) Do the two hosts need to know anything at all about one another prior
> to key exchange (public keys or any such)?
No, but then the hosts can't really be sure who they are talking to.
Having public keys can be used to authenticate the parties.
------------------------------
From: "kihdip" <[EMAIL PROTECTED]>
Subject: Re: Questions about Diffie-Hellman
Date: Tue, 6 Feb 2001 07:20:41 +0100
"Roger Schlafly" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Julian Morrison wrote:
> > I want to use DH key exchange between two hosts.
> > 1) Can a wiretapper who sees *all* messages passed to and fro figure out
> > the key?
>
> Yes. That's the idea.
I suppose it should have read:
"No. That's the idea."
If a wiretapper can see the key agreed upon in a DH exchange - why not send
the key as plaintext.... ;-)
>
> > 2) Do the two hosts need to know anything at all about one another prior
> > to key exchange (public keys or any such)?
>
> No, but then the hosts can't really be sure who they are talking to.
> Having public keys can be used to authenticate the parties.
------------------------------
From: "Julian Morrison" <[EMAIL PROTECTED]>
Subject: Re: Questions about Diffie-Hellman
Date: Tue, 06 Feb 2001 06:39:47 +0000
"kihdip" <[EMAIL PROTECTED]> wrote:
> "Roger Schlafly" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
>> Julian Morrison wrote:
>> > I want to use DH key exchange between two hosts.
>> > 1) Can a wiretapper who sees *all* messages passed to and fro figure
>> > out the key?
>>
>> Yes. That's the idea.
>
> I suppose it should have read:
> "No. That's the idea."
Okay, 'nother question(s). Am I right in understanding you can do this:
You preemptively do part of DH, bundle that up and ship it to someone,
they then complete it without contacting you so that they now have a key
you both can use.
And, is there a third part to the negotiation that they would need to
prepend to the message coded with this key, that you'd have to use to
complete the negotiation?
>> > 2) Do the two hosts need to know anything at all about one another
>> > prior to key exchange (public keys or any such)?
>>
>> No, but then the hosts can't really be sure who they are talking to.
>> Having public keys can be used to authenticate the parties.
Knowing who they're talking to is not always important in the cases where
I'm thinking of using it.
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto,alt.hacker,alt.conspiracy
Subject: Re: OverWrite freeware completely removes unwanted files from hard drive
Date: Mon, 05 Feb 2001 22:45:43 -0800
Richard Heathfield wrote:
>
> Anthony Stephen Szopa wrote:
> >
> > OverWrite freeware completely removes unwanted files from hard drive
>
> I tried it and it didn't work. I got this error:
>
> ./OvrWrite.exe: Permission denied
>
> I would have gone looking for the problem in the source code, only you
> don't provide any.
>
> > OverWrite Program: incorporates the latest recommended file
> > overwriting techniques.
>
> Why should we trust it? There's no source code. Who knows what you're
> trampling on? Who knows what you're reading and sending out over the
> Net? Who knows whether you even do what you claim? For all we know, you
> could just be writing that last set of patterns once. No, thanks.
>
> This is just like your "proprietary" XOR program. Everyone laughed then,
> and everyone's laughing now.
>
> > State-of-the-art detection technology and
> > the subtleties of hard drive technology have made most overwritten
> > and deleted data on magnetic media recoverable. Simply overwriting
> > a file a few times is just not good enough.
>
> Right. But it's better than running "security" software blind.
>
> --
> Richard Heathfield
> "Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
> C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
> K&R Answers: http://users.powernet.co.uk/eton/kandr2/index.html
Sounds like you need permission to use your own computer as you
see fit. Someone you might know is not allowing you to run the
program. There is no such error message generated as a result of
the OverWrite program. You will get an error if the file to be
overwritten fails to open or close properly. But this error will
have nothing to do with any permissions.
------------------------------
From: Roger Schlafly <[EMAIL PROTECTED]>
Subject: Re: Questions about Diffie-Hellman
Date: Mon, 05 Feb 2001 23:27:07 -0800
Julian Morrison wrote:
> Okay, 'nother question(s). Am I right in understanding you can do this:
> You preemptively do part of DH, bundle that up and ship it to someone,
> they then complete it without contacting you so that they now have a key
> you both can use.
All you need is for both sides to supply a public key. Usually this
is with a 2-way communication. But if the public keys are in directories
or otherwise available, then you can skip one or both communications.
> And, is there a third part to the negotiation that they would need to
> prepend to the message coded with this key, that you'd have to use to
> complete the negotiation?
Not sure what you are getting at here.
------------------------------
Subject: Re: DH question
From: Paul Crowley <[EMAIL PROTECTED]>
Date: Tue, 06 Feb 2001 07:41:15 GMT
[EMAIL PROTECTED] (DJohn37050) writes:
> needs to be an abelian group to do DH as normally concieved.
> Don Johnson
The subgroup generated by a single element is always cyclic thus Abelian.
--
__
\/ o\ [EMAIL PROTECTED]
/\__/ http://www.cluefactory.org.uk/paul/
------------------------------
From: "Julian Morrison" <[EMAIL PROTECTED]>
Subject: Re: Questions about Diffie-Hellman
Date: Tue, 06 Feb 2001 07:59:54 +0000
"Roger Schlafly" <[EMAIL PROTECTED]> wrote:
> All you need is for both sides to supply a public key. Usually this is
> with a 2-way communication. But if the public keys are in directories or
> otherwise available, then you can skip one or both communications.
right.
btw, what size is the key you get out of this? or is that choosable? (I'm
thinking of RC4-ing with the key, and RC4 has a very fixed
initial-seed-size.
>> And, is there a third part to the negotiation that they would need to
>> prepend to the message coded with this key, that you'd have to use to
>> complete the negotiation?
>
> Not sure what you are getting at here.
a --keyA-->b
b now knows the secret
b --keyB, RC4[secret](message)-->a
a needs keyB to know the secret so it can decrypt the message.
Is that how it works?
------------------------------
From: [EMAIL PROTECTED] (Niklas Frykholm)
Subject: Re: Do you like playing with numbers?
Date: Tue, 6 Feb 2001 07:57:12 +0000 (UTC)
>> cryptography does not depend upon algorithm secrecy. It
>>depends on key secrecy.
>
>Suppose you would have a very good algorithm (like Rijndael or TwoFish
>or ..) but keep that and the keys a secet, would that be a nightmare
>for the (enemy) cryptoanalysts or would it just mean that you've
>bought some extra time for your own system ?
All encryption/decryption software that uses the algorithm has it embedded.
The time you buy with a secret algorithm is the time required for the
attacker to get a copy of the software and reverse-engineer it. In all
good cryptosystems this time is neglectable compared to the time required
to break the cipher.
// Niklas
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
