Cryptography-Digest Digest #714, Volume #13 Mon, 19 Feb 01 07:13:01 EST
Contents:
Re: The Kingdom of God ("Mikal 606")
Re: Any unbroken knapsack cryptosystem? (David A Molnar)
Re: Fractal encryption? (Mok-Kong Shen)
Re: Super strong crypto (Mok-Kong Shen)
Re: Any unbroken knapsack cryptosystem? (Thomas Pornin)
Re: National Security Nightmare? / Drugs (Marc Heusser)
Re: A different concept for email encryption ?? (Rob Warnock)
Job: Applications Engineer UK (Cryptography) (Brice Canvel)
Re: A different concept for email encryption ?? (Paul Rubin)
Re: Fractal encryption? ("John A. Malley")
Re: Steganography with ASCII text files (Mok-Kong Shen)
Re: Fractal encryption? (Mok-Kong Shen)
Re: Ciphile Software: Why .EXE files so large (Anthony Stephen Szopa)
Re: Metallurgy and Cryptography (David Eppstein)
Re: Ciphile Software: Why .EXE files so large (Anthony Stephen Szopa)
__(?) MATRIX version of Fermat's Little Theorem (kctang)
Re: Ciphile Software: Why .EXE files so large (Tim Tyler)
----------------------------------------------------------------------------
From: "Mikal 606" <[EMAIL PROTECTED]>
Crossposted-To: alt.security,comp.security,alt.2600
Subject: Re: The Kingdom of God
Date: Mon, 19 Feb 2001 02:08:30 -0500
"Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> William Hugh Murray wrote:
> > SHE would not waste her time in this thread.
>
> No, "she" implies definite knowledge of feminity,
> while "he" is neutral. I know that the leftists
> have corrupted our educational sytem to the extent
> that "political correctness" is being taught with
> its bogus notions about the English language as
> well as other things, but instead of giving in to
> such philosophical terrorism it should be resisted.
AHA!
We meet again.
She works!
I cant say the same for them leftists though 8^0
------------------------------
From: David A Molnar <[EMAIL PROTECTED]>
Subject: Re: Any unbroken knapsack cryptosystem?
Date: 19 Feb 2001 07:38:34 GMT
mklai <[EMAIL PROTECTED]> wrote:
> I am a novice.
> Are there any unbroken knapsack cryptosystems?
> Serge Vaudenay claimed to break the Chor-Rivest system (see his article in
> Lectures Notes in Computer Science - Crypto '98, the same article also
> appears in Journal of Cryptology 2000). Is now the consenus that Chor-Rivest
> is considered broken?
It should be noted that for large enough, specially chosen parameters, the
exact methods described in the article won't work. It's just that
1) The parameters required make the system extremely inefficient,
especially in comparison to, say, RSA
2) there's no guarantee that the methods cannot be extended, and
much reason to think that they could be.
So I would say that "Chor-Rivest is broken," although perhaps some version of
it could be salvaged if it were *really* necessary. The only situation I
could see which would warrant that, however, would be some catastrophic event
like RSA being decisively broken. Even then, other public-key cryptosystems
might be a better idea given the fate of previous knapsack cryptosystems.
Just IMHO.
The article notes that the attack does not apply as stated to Lenstra's
"Powerline" system[1], and provides references to that system and a
generalization by Camion and Chabanne[2]. These cryptosystems are cast as a
generalization of the Chor-Rivest system. The authors then note "we suspect
that the simultaneous permuted kernel characterization of the underlying
problem may lead to a more general attack on this cryptosystem with any
parameters. We highly encourage further work in this direction."
I don't know if any of that further work has been done.
Thanks,
-David Molnar
[1] H.W. Lenstra Jr. On The Chor-Rivest Cryptosystem. J. Cryptology vol 3
pp 149-155 1991
[2] P. Camion H. Chabanne. On the Powerline System in ICICS '97 Beijing,
China LNCS 1334 pp 381-385 Springer 1997
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Fractal encryption?
Date: Mon, 19 Feb 2001 09:19:39 +0100
Simon Johnson wrote:
>
> I have pondered this question myself in the past and have concluded that
> Fractal Encryption is not a clever scheme.
>
> It is easy to see why, take a look at a typical fractal, say the mandelbrot
> set, there are large areas where it is plain black. In order for a fractal
> to be a good cipher, it would have to produce white noise really.... Stick
> with Rijndael :)
One useful idea, I believe, is to intentionally introduce
some perturbations into chaotic systems.
M. K. Shen
==========================
http://home.t-online.de/home/mok-kong.shen
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Super strong crypto
Date: Mon, 19 Feb 2001 09:19:28 +0100
"Douglas A. Gwyn" wrote:
>
> Mok-Kong Shen wrote:
> > I guess that the purpose is to defeat those attacks that
> > are based on the availability of some (fairly large)
> > amounts of materials encrypted with the same key.
>
> Yes, it's an attempt to address the problem (certainly
> in theory, and often in practice) of using a few initial
> bits of entropy as the sole protection for many megabytes
> of data (whose source characteristics are known). The
> conventional public "solution" to this is either block
> chaining, which adds no entropy, or periodically
> negotiating another key, which is awkward or infeasible
> in many environments. I would like a solution along the
> lines of my straw-man proposal, if it can be shown to be
> sufficiently secure.
Brute-forcing cannot be easier than in case of a single
key. There is less material encrypted by each key, hence
it is more secure against attacks like differential
analysis. A (rough, global) explanation of the phenomenon
could be as you said, namely that there is more entropy
utilized. Another possibility is to periodically generate
new keys, say, with the aid of a PRNG, without transmitting
them online. (Here we don't have more 'true' entropy,
though.) Using a number of different keys to encrypt a
message is in fact an example of the general benefit of
(appropriately) introducing 'variability' into encryption
schemes.
M. K. Shen
========================
http://home.t-online.de/home/mok-kong.shen
------------------------------
From: [EMAIL PROTECTED] (Thomas Pornin)
Subject: Re: Any unbroken knapsack cryptosystem?
Date: 19 Feb 2001 08:25:22 GMT
According to David A Molnar <[EMAIL PROTECTED]>:
> the fate of previous knapsack cryptosystems.
I think there is a scheme from Naccache and Stern, which uses a knapsack
in a multiplicative group. I don't have a reference handy, but, to my
knowledge, this scheme is currently unbroken. However, since it uses
multiplications where traditional knapsack cryptosystems use additions,
it is much slower.
--Thomas Pornin
------------------------------
From: Marc Heusser <[EMAIL PROTECTED]>
Subject: Re: National Security Nightmare? / Drugs
Date: Sun, 18 Feb 2001 17:53:41 +0100
In article <[EMAIL PROTECTED]>, Mok-Kong Shen
<[EMAIL PROTECTED]> wrote:
> "Douglas A. Gwyn" wrote:
> >
> > Mok-Kong Shen wrote:
...
> ... The
> war on drugs is, contrary to your view, almost lost.
> A tiny indication of this is the news that I recently
> read, saying that in Switzerland one can now cultivate
> and buy cannabis legally. In Netherlands, the addicts
> have since years been able to relatively easily and
> legally get the stuffs they want, if I don't err.
>
> M. K. Shen
Any technology can be abused, and I am rather aware of the right to
privacy.
Not wanting to start a flame war, let me just add some details to the
drugs discussion:
Up to now, it is NOT legal to cultivate or buy cannabis in Switzerland.
But there is a discussion going on to get nearer to the situation of the
Netherlands, where you can buy cannabis legally for your own consumption
BUT not hard drugs.
And in Switzerland drug addicts can get hard drugs administered by
designated centers supervised by medical doctors IF and WHEN they are
participating in a programme that aims at reducing crime by severe drug
addicts where other attempts have failed.
As far as one can tell this has succeeded extremely well, reducing
crimes commited to almost zero and people more integrated into society.
As for cannabis: Yes, there are some damaging effects, but not
necessarily worse than by the two legal drugs, alcohol and tobacco.
And there is FAR more damage done by the two legal drugs.
And as far as the drugs are concerned: There is reason to assume that
the only way to lower the damage is by making trading drugs not
profitable by providing them at cost level and legally, ie at production
cost, not black market prices. Of course with due safeguards eg not
letting people get access under a certain age etc.
This will not reduce drug consumption to zero, but will reduce damage
done dramatically.
Marc
PS followup set to talk.politics.drugs
--
Marc Heusser
remove the obvious CHEERS and COM... from the reply address to reply via e-mail
------------------------------
From: [EMAIL PROTECTED] (Rob Warnock)
Subject: Re: A different concept for email encryption ??
Date: 19 Feb 2001 09:00:28 GMT
George Weinberg <[EMAIL PROTECTED]> wrote:
+---------------
| However, there's an exception! What if the email address IS the public
| key? You just generate the key pair before you get an email address,
| then use the public key, suitably encoded! Comments on this idea to
|
|[EMAIL PROTECTED]
+---------------
Let's see... Only 72 characters of what looks like a 26+10 = 36-element
alphabet, or ~372 bits. Even using the full 6-bit MIME BASE64 set, at *best*
that's only a 432-bits RSA key. In either case, way too small, sorry.
But it was a cute idea...
-Rob
=====
Rob Warnock, 31-2-510 [EMAIL PROTECTED]
SGI Network Engineering <URL:http://reality.sgi.com/rpw3/>
1600 Amphitheatre Pkwy. Phone: 650-933-1673
Mountain View, CA 94043 PP-ASEL-IA
------------------------------
From: Brice Canvel <[EMAIL PROTECTED]>
Subject: Job: Applications Engineer UK (Cryptography)
Date: Mon, 19 Feb 2001 03:55:35 -0500
Job Title: Senior Applications Engineer
Company: Atmel Smart Card ICs (Scotland, UK)
Applications to [EMAIL PROTECTED] :
=======================================
Job Grade: Dependent on experience
Responsibilities :- The successful candidate will play
a leading role within the Atmel Smart Card ICs Applications
Engineering Group,based in Scotland, with a particular focus
on Security Evaluation and Improvement, though contribution
across the spectrum of activity within the group would be
expected. The role will involve development of security
evaluation techniques and attack capability, product security
evaluation, development of secure software (including cryptographic
software) and consultation of hardware security improvement.
Qualifications/Experience:- The successful candidate will be
qualified to degree level in software engineering, computing,
mathematics or electronic engineering and will have at least
five years of experience in a relevant aspect of engineering.
Experience of the development or testing of embedded software
is essential, as are good team and communication skills. The
following areas of experience would be beneficial, but not
necessarily essential; Smartcard systems and software, cryptography,
software or computer security, electronic hardware design or test,
microcontroller applications, project leadership, customer interfacing.
============================================================
Get your FREE web-based e-mail and newsgroup access at:
http://MailAndNews.com
Create a new mailbox, or access your existing IMAP4 or
POP3 mailbox from anywhere with just a web browser.
============================================================
------------------------------
From: Paul Rubin <[EMAIL PROTECTED]>
Subject: Re: A different concept for email encryption ??
Date: 19 Feb 2001 01:17:40 -0800
[EMAIL PROTECTED] (Rob Warnock) writes:
> Let's see... Only 72 characters of what looks like a 26+10 = 36-element
> alphabet, or ~372 bits. Even using the full 6-bit MIME BASE64 set, at *best*
> that's only a 432-bits RSA key. In either case, way too small, sorry.
>
> But it was a cute idea...
It's workable for elliptic curve public key algorithms (good security
at 160 bits). But those email addresses are still impractical.
------------------------------
From: "John A. Malley" <[EMAIL PROTECTED]>
Subject: Re: Fractal encryption?
Date: Mon, 19 Feb 2001 01:43:08 -0800
What a coincidence.
A pair of researchers posted a new paper on chaos and fractals for
stream ciphers today at the LANL pre-print web site:
http://xxx.lanl.gov/abs/cs.CR/0102012
Chaos for Stream Cipher
Authors: Ninan Sajeeth Philip, K. Babu Joseph
Comments: 8 pages 6 figures
Subj-class: Cryptography and Security
ACM-class: A0
Journal-ref: In proceedings of ADCOM 2000, Tata McGraw Hill 2001
"This paper discusses mixing of chaotic systems as a dependable method
for secure communication. Distribution of the entropy function for
steady state as well as plaintext input sequences are analyzed. It is
shown that the mixing of chaotic sequences results in a sequence that
does not have any state dependence on the information encrypted by them.
The generated output states of such a cipher approach the theoretical
maximum for both complexity measures and cycle length. These features
are then compared with some popular ciphers."
I downloaded it tonight and started reading it. Mr. Ritter's work is
cited in the paper.
John A. Malley
[EMAIL PROTECTED]
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Steganography with ASCII text files
Date: Mon, 19 Feb 2001 11:10:53 +0100
Bram Labarque wrote:
>
[snip]
> I just wanted to mention there is a program SNOW that I think fits part your
>description:
> It uses ASCII plaintext. Maybe its technique is usable/extendable to HTMLtext or
>HTMLformatting.
> http://www.darkside.com.au/snow/index.html
I have some difficulty in understanding. You seem to say
that you first apply Huffman compression and then insert
a number of spaces (with numbers equal to the bits --
three in a group -- to be embedded) at the end of each
line. How are you doing that actually? The compressed file
is one contigeous bit sequence, without separation into
lines. What pattern of bits do you put in for these extra
spaces? Further, in one place you wrote that in empty lines
a number of such space groups can be placed, separated by
tabs, contrary to the convention of putting the extra
spaces only at the end of lines. The whole idea is thus
yet fairly unclear to me. Do you perhaps want instead to
insert extra spaces at the end of each line BEFORE doing
compression? Thanks.
M. K. Shen
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Fractal encryption?
Date: Mon, 19 Feb 2001 11:31:58 +0100
"John A. Malley" wrote:
>
> http://xxx.lanl.gov/abs/cs.CR/0102012
[snip]
> I downloaded it tonight and started reading it. Mr. Ritter's work is
> cited in the paper.
When you have finished it, would you please explain the
Eq(2) there? I have difficulty to understand the meaning
(purpose) of the last three equations in that group.
Thanks.
M. K. Shen
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto
Subject: Re: Ciphile Software: Why .EXE files so large
Date: Mon, 19 Feb 2001 03:07:24 -0800
Michael Brown wrote:
>
> <SNIP>
> > You know, I asked Borland why they don't take the bull by the horns
> > and put out their own books that teach C++ from the ground up using
> > their Builder RAD compiler. I asked them if they were stupid, also.
> But there are books (search Amazon for "borland builder"). Just not by
> Borland. BTW, what was their reply?
>
> > I told them that it must be a combination of stupidity and no guts.
> > I guess they are scared of MS. They are in some sort of
> > relationship with MS since they have a license(?) I guess to use
> > their MFC library.
> True, but that's going south with Kylix.
>
> > I mean, Borland touts their Builder compiler so righteously that I
> > would think they would like to strike down the MS Beast and take
> > the RAD compiler market for themselves.
> Again, I don't consider MSVCC to offer anywhere near the speed of
> development as CPP Builder. In fact, I don't consider MSVCC to be a RAD
> tool. It's basically a souped up notepad.
>
> > And the only way to do this is to put out their own books that teach
> > C++ programming from the ground up using their Builder compiler as
> > the programming IDE environment. DUH!
> >
> > Bunch of IDIOTS they are.
> See above.
>
> > I am upset because I like Builder too but can't see upgrading to Version
> > 5.0 or 6 when it comes out because I don't feel their documentation lays
> > it all out.
> What do you find bad about the documentation. I find it very useful (the
> help file, anyhow, which is what I always use).
>
> Cheers,
> Michael
Never got a reply.
For what it's worth: If you are expert with Borland C++ Builder
you can make yourself a million dollars by writing a book similar to
Visual Basic 6: Environment, Programming, and Applications by the
two authors Eliason & Malarkey.
Then follow it up with an advanced text.
At $50 a pop, let's see, 1,000,000/50 = 20,000 books. Then multiply
this by at least 10 because you will at most get $10 per book
yourself (hopefully.)
So you'd just have to sell 200,000 copies.
If your book was as good as the one above you could do this.
It should be a slam dunk getting it published since there are no
comparable books like this out there for Borland C++ Builder.
Good luck. Love to buy one.
AS
------------------------------
From: David Eppstein <[EMAIL PROTECTED]>
Subject: Re: Metallurgy and Cryptography
Date: Sun, 18 Feb 2001 08:28:52 -0800
In article <ryRj6.79650$[EMAIL PROTECTED]>, "Tad
Johnson" <[EMAIL PROTECTED]> wrote:
> What the heck is going on here?
I think it's just an ironic coincidence.
--
David Eppstein UC Irvine Dept. of Information & Computer Science
[EMAIL PROTECTED] http://www.ics.uci.edu/~eppstein/
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Subject: Re: Ciphile Software: Why .EXE files so large
Date: Mon, 19 Feb 2001 03:14:03 -0800
Sundial Services wrote:
>
> VB is simply an excruciatingly bad interpreter.
>
> Usually, crypto primitives ARE written with optimizing compilers, with
> some assembly for the heavy-duty bit-twiddling. But a DECENT
> interpreter could certainly manage the job, at least for low-volume
> encryption.
>
> >Paul Crowley wrote:
> >
> > "Michael Brown" <[EMAIL PROTECTED]> writes:
> > > Isn't it effectively interpreted? I've never used Python, but after seeing
> > > the shocking performance of VB when you try to do anything fast I have a
> > > great suspicion of interpreted languages.
> >
> > Yes. From a performance point of view, Python would be a bad language
> > to implement, say, Rijndael in.
> >
> --
> ------------------------------------------------------------------
> Sundial Services :: Scottsdale, AZ (USA) :: (480) 946-8259
> mailto:[EMAIL PROTECTED] (PGP public key available.)
> > Fast(!), automatic table-repair with two clicks of the mouse!
> > ChimneySweep(R): "Click click, it's fixed!" {tm}
> > http://www.sundialservices.com/products/chimneysweep
I just don't understand: don't you know that VB 6.0 has a full
machine code compiler now? It generates native machine code
executables. It is no longer an interpreted language. Of course
you can still generate P-code. You have the option now: Pseudo
code or native machine code executables.
AS
------------------------------
From: kctang <[EMAIL PROTECTED]>
Subject: __(?) MATRIX version of Fermat's Little Theorem
Date: Mon, 19 Feb 2001 16:12:16 +0800
Hi,
We know that a^(p-1) = 1 mod p, where p is a prime, and p does not
divide a.
Is there a *Matrix* version of Fermat's little theorem? (e.g.
mod p taking element-wisely, what is the index?)
Thanks, kctang
------------------------------
Crossposted-To: talk.politics.crypto
From: Tim Tyler <[EMAIL PROTECTED]>
Subject: Re: Ciphile Software: Why .EXE files so large
Reply-To: [EMAIL PROTECTED]
Date: Mon, 19 Feb 2001 11:45:02 GMT
In sci.crypt phil hunt <[EMAIL PROTECTED]> wrote:
: On Sat, 17 Feb 2001 16:02:35 +1300, Michael Brown <[EMAIL PROTECTED]>
:wrote:
:>> Have you considered using Python?
:>
:>Isn't it effectively interpreted? I've never used Python, but after seeing
:>the shocking performance of VB when you try to do anything fast I have a
:>great suspicion of interpreted languages.
: Python. like Java is compiled to intermediate code which is then
: interpreted.
Java is mostly compiled these days - a "Just In Time" compiler
changes the bytecodes into machine code.
Python can work this way as well - see http://www.jpython.org/
--
__________
|im |yler [EMAIL PROTECTED] Home page: http://alife.co.uk/tim/
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
