Cryptography-Digest Digest #670, Volume #13 Sat, 10 Feb 01 15:13:01 EST
Contents:
Mono cipher, genetic algorithm .. appropriate "Crossover?" (Sundial Services)
The Kingdom of God (Markku J. Saarelainen)
Re: The Kingdom of God ("drumstik")
Re: Mono cipher, genetic algorithm .. appropriate "Crossover?" ("Robert Reynard")
I encourage people to boycott and ban all Russian goods and services, if the Russian
Federation is banning Jehovah's Witnesses ....... (Markku J. Saarelainen)
Purenoise defeats Man In The Middle attack? (Rich W.)
Re: The Kingdom of God needs Comsec and HA Public Key Management (Crypto Key
Management Associates)
Re: I encourage people to boycott and ban all Russian goods and (David Schwartz)
Re: Purenoise defeats Man In The Middle attack? (Sundial Services)
Re: Mono cipher, genetic algorithm .. appropriate "Crossover?" ("John A. Malley")
RSA is not secure in many instances... ([EMAIL PROTECTED])
Re: Some basic questions (Paul Crowley)
Re: CipherText patent still pending (Mok-Kong Shen)
Re: Purenoise defeats Man In The Middle attack? (Bill Unruh)
Re: DSA PRG Flaw (David A Molnar)
Re: I encourage people to boycott and ban all Russian goods and services, if the
Russian Federation is banning Jehovah's Witnesses ....... ("drumstik")
----------------------------------------------------------------------------
Date: Sat, 10 Feb 2001 08:51:22 -0700
From: Sundial Services <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Mono cipher, genetic algorithm .. appropriate "Crossover?"
My brother and I occasionally exchange short monoalphabetic ciphers for
entertainment. Recently I decided to try to create a computer program
based on genetic algorithms that could break them. The program itself
was fairly simple to write but it (and a few other examples out there
like GA-SOLVE) does not converge upon an acceptable result.
{Ciphertexts are short, about 100 chars long.}
I believe that the issue is in the "Crossover" step, which doesn't
produce offspring that are "better than, but different from," the
parents. Let me explain.
The genetic algorithm, as I have built it, generates 100 random "genes"
and then begins to iterate through generations as follows.
(1) The fitness of each possibility is measured against a table of
monograph and digraph probabilities in English, as the absolute "error"
of the observed frequencies against the standard. The gene-pool is then
sorted for convenience.
(2) The top Random(n) genes are then mated (Crossover) at random to
produce -- currently -- one offspring which replaces a randomly chosen
inferior (i.e. non-Top(n)) gene.
(3) The current selection of the genes to be paired is currently random;
it does not currently use a weighted probability. If it's a Top(n) gene
then each one has equal probability of being selected, even more than
once.
The crossover algorithm is the stickler because, once you assign a
letter to the result {once you say "P(x) = y") then no other letter in
the future may be assigned to "y." This is a fancy way of saying that a
given letter may occur once and only once in a monoalphabetic key, and
once a letter is "taken" it may not be used again.
The mating (crossover) algorithm is thus presented with two 26-character
strings, each of which contains every letter once and only once, and it
must produce a result string that also contains every letter once and
only once, which is supposed to be "superior to" the parents if possible
so that the algorithm's results will gradually improve by natural
selection. Furthermore, the output should not be simply "the same as"
either one of the parents -- except by random choice.
Any of the selections for (x,y) that are made when building the
offspring key could be mutually exclusive with any other future
selection - any of which could turn out to be superior.
The algorithm obviously needs to be one that "tends to produce better
offspring" without simply "determining what the answer ought to be." If
it did that, obviously, it would become the "only true intelligence" of
the program, and the genetic algorithm part would become spurious,
adding no more "real" problem solving ability to the task. In order to
be effective, a genetic algorithm =must= have a meaningful (and
appropriate to the task) crossover function.
I know that this particular problem is toughened somewhat by the short
length of the ciphertext. However, human beings solve these problems
all the time.
Suggestions anyone?
==================================================================
Sundial Services :: Scottsdale, AZ (USA) :: (480) 946-8259
mailto:[EMAIL PROTECTED] (PGP public key available.)
> Fast(!), automatic table-repair with two clicks of the mouse!
> ChimneySweep(R): "Click click, it's fixed!" {tm}
> http://www.sundialservices.com/products/chimneysweep
------------------------------
From: Markku J. Saarelainen <[EMAIL PROTECTED]>
Crossposted-To: alt.security,comp.security,alt.2600
Subject: The Kingdom of God
Date: Sat, 10 Feb 2001 17:23:56 GMT
1. When he was on earth, Jesus taught his followers to pray for God's
Kingdom. A kingdom is a government that is headed by a king. God's
Kingdom is a special government. It is set up in heaven and will rule
over this earth. It will sanctify, or make holy, God's name. It will
cause God's will to be done on earth as it is done in heaven.—Matthew
6:9, 10.
http://www.watchtower.org/library/rq/index.htm
Sent via Deja.com
http://www.deja.com/
------------------------------
From: "drumstik" <[EMAIL PROTECTED]>
Crossposted-To: alt.security,comp.security,alt.2600
Subject: Re: The Kingdom of God
Date: Sat, 10 Feb 2001 17:37:39 GMT
Smile! There is no god.
--
drumstik
Soy el gallo del ninja!
www.ameriphreak.com
"Markku J. Saarelainen" <[EMAIL PROTECTED]> wrote in message
news:963tf7$aip$[EMAIL PROTECTED]...
>
>
> 1. When he was on earth, Jesus taught his followers to pray for God's
> Kingdom. A kingdom is a government that is headed by a king. God's
> Kingdom is a special government. It is set up in heaven and will rule
> over this earth. It will sanctify, or make holy, God's name. It will
> cause God's will to be done on earth as it is done in heaven.-Matthew
> 6:9, 10.
>
> http://www.watchtower.org/library/rq/index.htm
>
>
> Sent via Deja.com
> http://www.deja.com/
------------------------------
From: "Robert Reynard" <[EMAIL PROTECTED]>
Subject: Re: Mono cipher, genetic algorithm .. appropriate "Crossover?"
Date: Sat, 10 Feb 2001 12:40:38 -0500
"Sundial Services" wrote in message news:
<[EMAIL PROTECTED]>...
>> My brother and I ...decided to try to create a computer program based on
genetic algorithms that could break them. The program itself ... does not
converge upon an acceptable result.
I believe that the issue is in the "Crossover" step, which doesn't produce
offspring that are "better than, but different from," the parents.>>
If that is the case, you should probably increase your 'mutation rate.'
<<The fitness of each possibility is measured against a table of monograph
and digraph probabilities in English, as the absolute "error" of the
observed frequencies against the standard. >>
This is more likely 'the problem.' mono and digraph frequency data is not
sufficiently discriminatory to identify 'better then' keystrings. This
'problem' has little to do with the keystring generation process, whether it
be generic or otherwise.
Robert Reynard
Author, Secret Code Breaker series of crypto books for young readers (8-16
yr.)
Secret Code Breaker Online at ==> http://codebreaker.dids.com
------------------------------
From: Markku J. Saarelainen <[EMAIL PROTECTED]>
Crossposted-To: comp.security,alt.security,alt.2600
Subject: I encourage people to boycott and ban all Russian goods and services, if the
Russian Federation is banning Jehovah's Witnesses .......
Date: Sat, 10 Feb 2001 18:11:45 GMT
I encourage all people around the world to boycott and ban all Russian
goods and services, if the Russian Federation is banning Jehovah's
Witnesses .......
Sent via Deja.com
http://www.deja.com/
------------------------------
From: Rich W. <[EMAIL PROTECTED]>
Subject: Purenoise defeats Man In The Middle attack?
Date: Sat, 10 Feb 2001 13:26:28 -0500
Does anyone know anything about this piece of software for secure
instant messages that has a key exchange protocol that supposedly
defeats the man in the middle attack?
Their website makes some rather large claims like:
"Uses 128 rounds of a ridiculously strong 3072 bit paranoid
encryption that far exceeds even military standards!"
-and-
"Patent Pending secure key exchange protocol that defeats the 'Man In
The Middle Attack.'"
-and-
"Every single part of PureNoise is proprietary and is made of
standard algorithms and protocols improved to leave eavesdroppers
absolutely without a chance!"
I discovered this program when browsing the Counterpane site. Bruce
has a link to it from his "Products that use Twofish" page. I've been
looking for a secure message client and that is what lured me there.
It sounds rather suspect though. I didn't look further but I suspect
his protocols are closed and will nto allow anyone to see them, but I
do not know that for certain.
Rich...
------------------------------
From: Crypto Key Management Associates <[EMAIL PROTECTED]>
Crossposted-To: alt.security,comp.security,alt.2600
Subject: Re: The Kingdom of God needs Comsec and HA Public Key Management
Date: Sat, 10 Feb 2001 18:31:00 GMT
I checked they're not on the ITAR "bad guy" list, so how about a proposal
for a High Assurance Communications Security network with High Modulus
Public Key component, certified to NSA Proof communications? Too much?
What about a Kingdom wide Key Management and Comsec Plan? How about
Watchtower, we can make it so secure no one can read it. Any takers?
"Markku J. Saarelainen" wrote:
> 1. When he was on earth, Jesus taught his followers to pray for God's
> Kingdom. A kingdom is a government that is headed by a king. God's
> Kingdom is a special government. It is set up in heaven and will rule
> over this earth. It will sanctify, or make holy, God's name. It will
> cause God's will to be done on earth as it is done in heaven.—Matthew
> 6:9, 10.
>
> http://www.watchtower.org/library/rq/index.htm
>
> Sent via Deja.com
> http://www.deja.com/
------------------------------
From: David Schwartz <[EMAIL PROTECTED]>
Crossposted-To: comp.security,alt.security,alt.2600
Subject: Re: I encourage people to boycott and ban all Russian goods and
Date: Sat, 10 Feb 2001 10:32:04 -0800
"Markku J. Saarelainen" wrote:
>
> I encourage all people around the world to boycott and ban all Russian
> goods and services, if the Russian Federation is banning Jehovah's
> Witnesses .......
Is the financial well-being of Watchtower really that important?
DS
------------------------------
Date: Sat, 10 Feb 2001 11:59:40 -0700
From: Sundial Services <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: Purenoise defeats Man In The Middle attack?
Hmm.. an encryption only needs to be "strong enough," so the number of
bits and rounds and etc. really doesn't mean anything.
Man-in-the-middle is a =protocol-based= weakness, not an encryption
problem. Man-in-the-middle is an issue because you cannot determine
that the MITM is *there.*
People have been making up messages "as though they were somebody else"
for generations. They've been stealing one another's keys, too. Etc.
>Rich W. wrote:
>
> Does anyone know anything about this piece of software for secure
> instant messages that has a key exchange protocol that supposedly
> defeats the man in the middle attack?
>
> Their website makes some rather large claims like:
>
> "Uses 128 rounds of a ridiculously strong 3072 bit paranoid
> encryption that far exceeds even military standards!"
>
> -and-
>
> "Patent Pending secure key exchange protocol that defeats the 'Man In
> The Middle Attack.'"
>
> -and-
>
> "Every single part of PureNoise is proprietary and is made of
> standard algorithms and protocols improved to leave eavesdroppers
> absolutely without a chance!"
>
> I discovered this program when browsing the Counterpane site. Bruce
> has a link to it from his "Products that use Twofish" page. I've been
> looking for a secure message client and that is what lured me there.
> It sounds rather suspect though. I didn't look further but I suspect
> his protocols are closed and will nto allow anyone to see them, but I
> do not know that for certain.
>
> Rich...
------------------------------
From: "John A. Malley" <[EMAIL PROTECTED]>
Subject: Re: Mono cipher, genetic algorithm .. appropriate "Crossover?"
Date: Sat, 10 Feb 2001 11:08:18 -0800
Sundial Services wrote:
>
[snip]
>
> Suggestions anyone?
>
Perhaps "The Use of Genetic Algorithms in Cryptanalysis" by Robert A. J.
Matthews in "Cryptologia", vol. 17, Number 2, April 1993, may answer
your question. (Believe it or not I picked up a small stack of past
editions of this journal in a second hand bookstore a while ago and this
article was the first one I read after buying them. :-) )
Mr. Matthews engineered a genetic algorithm to cryptanalize
transposition ciphers. He describes the canonical genetic algorithm
early in the paper, listing five characteristics/elements making up a
genetic algorithm as follows:
1. A random population (pool) of initial guesses of solutions -
"chromosomes."
2. A fitness-rating to assess the effectiveness of a given guessed
solution ("chromosome") as the true solution to the problem.
3. A "selection" filter determining the survival of the current
population members - the "chromosomes." Only the more fit chromosomes
(per the rating in 3) get a chance to "reproduce" or set the stage for
the next generation.
4. A "cross-over" operator that pairs up random "chromosomes" that
passed the selection filter and hybridizes them into a single, new
"child" solution that holds elements of both "parent" guess solutions in
one new guess solution.
5. A "mutation" operator to randomly scramble a part of the resulting
new "child" guess solution.
There's no mention of Feature 5 in your genetic algorithm to solve
substitution ciphers.
A genetic algorithm iteratively searches for an optimal solution in an
n-dimensional "solution space." Feature 5 prevents convergence and
lock-in on locally optimal solutions that are sub-optimal in the global
"solution space."
Hope this helps,
John A. Malley
[EMAIL PROTECTED]
(P.S. An aside to readers: In population genetics, feature 3 is called
selection (and there are actually three kinds of selection defined by
population geneticists - direction selection, balancing selection and
disruptive selection ) and feature 5 is called genetic drift (due to
random mutation at the individual's level- insertion, deletion,
substitution errors in the codon sequence. A book that helped me a lot
with the math models behind population genetics is "Population Genetics,
A Concise Guide" by John H. Gillespie, ISBN 0-8018-5754-6. Got it after
I read that article in "Cryptologia." )
------------------------------
From: [EMAIL PROTECTED]
Subject: RSA is not secure in many instances...
Date: Sat, 10 Feb 2001 19:04:14 GMT
Here's something interesting.
RSA formula: m^e = c mod pq, c^d = m mod pq
Note that p,q,e,d are not generated with m in mind.
The message m is most likely not a generator.
You can't possibly find the cycle of m. Because if you can, you'll be
solving the discrete log problem m^k = 1 mod n.
Even if m happens to have a large cycle, that doesn't mean the
cyphertext c has a large cycle.
If c has a small cycle, then m can easily be recovered.
uh oh big problem.
(From what I remember roughly, there's a theorem that guarantees there
is 1 generator. But there's no guarantee how many generators there are.)
Sent via Deja.com
http://www.deja.com/
------------------------------
Subject: Re: Some basic questions
From: Paul Crowley <[EMAIL PROTECTED]>
Date: Sat, 10 Feb 2001 19:19:27 GMT
"Geoff Blair" <[EMAIL PROTECTED]> writes:
> OK. Im a newbie. With that said I will ask my questions and run for cover in
> case i get flamed for asking them in such a respected news group.
>
> 1. Can anyone point me to some source material about the very basics of
> cryptography?
I saw a book called "Cryptography Decrypted" in my local bookshop
recently that seems to be aimed at this market. From a quick glance
it seemed reasonably accurate.
--
__
\/ o\ [EMAIL PROTECTED]
/\__/ http://www.cluefactory.org.uk/paul/
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: CipherText patent still pending
Date: Sat, 10 Feb 2001 20:27:47 +0100
Bryan Olson wrote:
>
> Mok-Kong Shen wrote:
> > Bryan Olson wrote:
> > >
> > > Mok-Kong Shen wrote:
> > >
> > > > The quote in question was the following:
> > > >
> > > > Experts teaching writing say to write every day. I've never
> > > > heard an expert cryptologist recommend cipher design as an
> > > > exercise.
>
> > > > That's why I considered the above quoted to be misleading
> > > > and argued against correspondingly.
> > >
> > > The quote is easy to refute if wrong; just look through the
> > > crypto textbooks, or course syllabi. [...]
>
> > As is often the case in the real world, there is the
> > interpretation problem.
>
> No. The set of "Experts" is arguable, but there are
> certainly clear cases, both expert and non.
There seems to be a misunderstanding here due to presumably
my poor formulation. My quoted sentence above simply
served as sort of apology for my inability to clearly
interpret the paragpraph of your previous post. It was
then followed by my two 'conjectured' interpretations with
my corresponding responses.
But since you mentioned the word 'expert', I like to take
the oppotunity to say a few words that are not addressed
to you (intended for the general readers and unrelated to
what we are actually discussing). Quite a time ago I have
in a thread criticized the attitude of a few, who were
relatively new in the group and in my estimation did not
seem to have advanced very much beyond a humble stage of
knowledge such as that of mine but on the other hand were
very ready to deride beginners who posed some more or
less dumb questions, calling them clueless newbies etc.,
without (and this is essential) really cared to help in
any sense. I find such state of affairs utterly
detrimental to the atmosphere and hence the purpose of
the group and sincerely hope that similar events will
never happen in future. Experts may find the knowledge
level of beginners 'laughable' but it is 'unnecessary'
to 'express' such sentiments, for it serves no real good
purposes excepting to show the laughers' lack of good
characters. (As a noteworthy contrast, see how Rivest
responded recently to a beginner who erroneously throught
that he had cracked RSA. Perhaps it is in such occasions
that one can most easily distinguish the real great
experts from the half-experts and false-experts.)
> > I suppose you mean modern textbooks
> > like AC contain much designs but much less about analysis.
>
> AC is not really a textbook and I don't think it has any
> exercises. If you want to read Schneier's advice on
> getting into cipher design, see:
>
> http://www.counterpane.com/crypto-gram-9810.html
Here I have possibly also not formulated properly. I meant
analysis was insufficiently covered in such books, while
designs (concrete ciphers) were described with some details.
Consequently this state of affairs intensifies the need
that more stress/weight be placed on transfering knowledge
of analysis to the learners by the teachers and authors
of future textbooks.
Analysis used to play a fairly strong role in classical
crypto literatures. I personally find this deficit in
modern textbooks to be deplorable.
>
> [...]
> > > > I am not sure it is clear that cipher design is easy.
> > >
> > > I'm convinced it's very hard to do well. I recall spending
> > > many hours trying to convince you of the same.
> >
> > That's why I am not an expert but only a very humble
> > learner
>
> Then take Schneier's advice. All the experts I know
> say much the same.
Excepting in educational institutions, learning is a
process that is influenced/constrained by a number of
(mostly exterior) factors and each learner has to make
a good decision as to the way that probably suits him
the best. My personal opinion about analysis is that,
while it is a necessary foundation, it is, due to
limited total time available, uneconomical to spend
all time for the subject to that, trying to attack a
very large number of the older ciphers. For it is the
essence/principle of the attacks that is to be captured
and not the number of successful attacks that is
important. For the newer ciphers, it would be very
desirable for the learners in general, if the above
mentioned deficit of modern textbooks could be ameriorated
soon.
>
> > Let me in this connection come back to your previous point
> > of there being too many bad designs around. This fact is
> > like there are too many paintings around.
>
> The problem is nothing like that.
>
> > However, I haven't sofar seen any
> > posts in the group on suggestions of new methods of
> > analysis or improvements of old ones, at least in the
> > proper sense.
>
> Read Wagner, Gillogly, Wooding, Hopwood, Flurer (and
> others of course, I'm not great with names.)
Sorry, I might have simply gravely overlooked. I don't
remember to have seen a (really) new method of attack of
any (respectable) cipher or an (essential) improvement of
old ones in posts in our group.
> > In the meantime the best that can be achieved
> [...]
>
> No one is trying to take away your right to write. Don't
> forget that for some time you've been suggesting that I
> shouldn't post here, while I've been suggesting that you
> should make a serious effort to understand cryptology.
Since you are an expert, it is on the contrary very
desirable that you post much in this group and kindly
help the learners (including myself). I was only saying
that, if anybody finds it intolerable to see a relatively
large volume of chaffs/nonsenses (which is by nature
inevitable in posts of the less/little knowledgeable),
then there are very very simple and effective ways to
avoid his annoyance without having to impose any
'disciplines' into the group. (In fact, in another
completely different context, namely with respect to the
employment of bad words, I once asked whether there
shouldn't be some 'rules/disciplines'. I was flamed and
I at once realized that I had commited a very grave error
thereby. For it is the freedom, not constraints, that is
the principal and indispensable characteristic of the
internet and hence, in particular, of our group.) As to non-technical
matters, which you in a previous post
mentioned as being against the charter of the group, I
think our opinions are more or less in the same direction,
though apparently not identical. I also do not favour to
see much political matters in the group, for there are
groups dedicated to that. On the other hand, since
presumably most people of our group don't subscribe
simultaneously to these other groups and some political
events do have indirect essential impact on the use of
encryption, I am of the humble opinion that these could
occasionally be discussed, provided that such discussions
don't take on an over-proportional dimension and lead,
as happened several times, eventually to disputes that
are barely of any relevance to the issue of practical
employment of encryption. If I don't err, you seem to
have in this respect a more restrictive opinion than
that of mine.
M. K. Shen
==========================
http://home.t-online.de/home/mok-kong.shen
------------------------------
From: [EMAIL PROTECTED] (Bill Unruh)
Subject: Re: Purenoise defeats Man In The Middle attack?
Date: 10 Feb 2001 19:28:05 GMT
In <[EMAIL PROTECTED]> Rich W. <[EMAIL PROTECTED]>
writes:
] Does anyone know anything about this piece of software for secure
]instant messages that has a key exchange protocol that supposedly
]defeats the man in the middle attack?
] Their website makes some rather large claims like:
] "Uses 128 rounds of a ridiculously strong 3072 bit paranoid
]encryption that far exceeds even military standards!"
] -and-
] "Patent Pending secure key exchange protocol that defeats the Man In
]The Middle Attack."
] -and-
] "Every single part of PureNoise is proprietary and is made of
]standard algorithms and protocols improved to leave eavesdroppers
]absolutely without a chance!"
]
] I discovered this program when browsing the Counterpane site. Bruce
]has a link to it from his "Products that use Twofish" page. I've been
]looking for a secure message client and that is what lured me there.
]It sounds rather suspect though. I didnt look further but I suspect
]his protocols are closed and will nto allow anyone to see them, but I
]do not know that for certain.
Read the Snake Oil Faq, posted here about once a month.
------------------------------
From: David A Molnar <[EMAIL PROTECTED]>
Subject: Re: DSA PRG Flaw
Date: 10 Feb 2001 19:18:19 GMT
DJohn37050 <[EMAIL PROTECTED]> wrote:
> DSA RNG is biased as spec'ed with about a 2:1 bias favoring lower numbers.
> This can be exploited when used to generate the k per-message secret (key).
> Don Johnson
Perhaps it builds on this work:
The Insecurity of the Digital Signature Algorithm with Partially Known Nonces
Phong Nguyen and Igor Sharplinski
http://www.di.ens.fr/~pnguyen/pub.html#NgSh00
------------------------------
From: "drumstik" <[EMAIL PROTECTED]>
Crossposted-To: comp.security,alt.security,alt.2600
Subject: Re: I encourage people to boycott and ban all Russian goods and services, if
the Russian Federation is banning Jehovah's Witnesses .......
Date: Sat, 10 Feb 2001 19:47:28 GMT
go away
--
drumstik
Soy el gallo del ninja!
www.ameriphreak.com
"Markku J. Saarelainen" <[EMAIL PROTECTED]> wrote in message
news:96408r$csb$[EMAIL PROTECTED]...
>
>
> I encourage all people around the world to boycott and ban all Russian
> goods and services, if the Russian Federation is banning Jehovah's
> Witnesses .......
>
>
> Sent via Deja.com
> http://www.deja.com/
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
