Cryptography-Digest Digest #724, Volume #13 Tue, 20 Feb 01 17:13:01 EST
Contents:
Re: Question about RSA excryption... (Taylor Francis)
Re: Key expansion. ("Cristiano")
Re: A different concept for email encryption ?? (Paul Rubin)
Re: Anonymous web surfing? (Paul Rubin)
Re: Key expansion. (Ichinin)
Re: Question about RSA excryption... ("Jeff Moser")
Re: New unbreakable code from Rabin? (Ichinin)
Re: Question about RSA excryption... (Jerry Coffin)
Re: Given any arbitrary numbers a and b. Can I ALWAYS find a (Richard
Heathfield)
Random number encryption (Taylor Francis)
Re: Key expansion. ("Cristiano")
Shall you reach to Heaven to help the work of Angels to help those who want to reach
Heaven ... tell me the truth and I shall reach Heaven ... ([EMAIL PROTECTED])
Re: Is there an algorithm to sequentially enumerate all transcendental ("Trevor L.
Jackson, III")
Re: New unbreakable code from Rabin? ("Trevor L. Jackson, III")
Re: New unbreakable code from Rabin? ("Trevor L. Jackson, III")
Re: New unbreakable code from Rabin? ("Trevor L. Jackson, III")
Re: The Kingdom of God ("Trevor L. Jackson, III")
Re: Is there an algorithm to sequentially enumerate all transcendental (Doug
Kuhlman)
----------------------------------------------------------------------------
From: Taylor Francis <[EMAIL PROTECTED]>
Subject: Re: Question about RSA excryption...
Date: Tue, 20 Feb 2001 13:13:21 -0600
Jeff Moser wrote:
>
> p = 1234567891
> q = 9876543211
> N = pq = 12193263122374638001
> e = 65537
> d = 12191402595354763373
>
> Encrypting the message "111222" yields: 4883125278959820367
> Encrypting the message "222111" yields: 9586466168913275336
how did you do that? byte by byte or digit by digit or pair by pair,
how? and how did the ciphertexts turn out different?
------------------------------
From: "Cristiano" <[EMAIL PROTECTED]>
Subject: Re: Key expansion.
Date: Tue, 20 Feb 2001 20:05:01 +0100
> I don't think that Cristiano wanted to do anything more than encrypt
> messages securely (without having to keep a copy of the key bits).
Yes, this is what I want to do.
However, it interest me also the case in which I am the unique owner of the
message.
Cristiano
------------------------------
From: Paul Rubin <[EMAIL PROTECTED]>
Subject: Re: A different concept for email encryption ??
Date: 20 Feb 2001 11:21:48 -0800
Paul Crowley <[EMAIL PROTECTED]> writes:
> Under some circumstances PK-based identifiers make sense; see SPKI.
> If you need them to be shorter, hash them and truncate all but, say,
> the first 96 bits of the hash; you don't have to worry about birthday
> attacks against the hash function, only second preimage attacks, which
> are much more expensive.
>
> With MIME-style 8-into-6 encoding, 96 bits is 16 characters:
>
> [EMAIL PROTECTED]
>
> which I think is pretty practical.
How do you use the hash as a public key? I missed something.
------------------------------
From: Paul Rubin <[EMAIL PROTECTED]>
Subject: Re: Anonymous web surfing?
Date: 20 Feb 2001 11:24:25 -0800
Mok-Kong Shen <[EMAIL PROTECTED]> writes:
> The German news magazine Spiegel in its recent issue
> (19th Feb) reports that a software firm Safeweb sales a
> product named Triangle Boy that enables one to surf on the
> internet anonymously without leaving any traces. Does
> anyone have experience with that software or can tell
> the principles of its functioning? I can't yet imagine
> that surfing from a fixed location couldn't be recorded
> and analysed for finding out which sites (at least some
> of them) one has visited. Thanks.
Triangle Boy is either still unreleased or was just released, so nobody
in the general public has experience with it yet.
Basically it's just an http proxy that you can run on your own
computer, that rewrites url's in html that it passes through,
so A can surf B's website through yours:
A----your computer----B
and B sees web hits coming from your computer rather than A's.
Safeweb's proxy is similar to Anonymizer.com but they did a really
nice job. Give it a try: www.safeweb.com.
------------------------------
From: Ichinin <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: Key expansion.
Date: Sat, 17 Feb 2001 19:16:49 +0100
Cristiano wrote:
> If I want to use 192 or 256 bits how would I do?
>
> There are problems if I withdraw only 128 bits instead of 160 (I don't want
> to use MD5)?
Hi.
Unless there is an algorithm that require K to be of this size, fail to
see
why you need the key to be expanded into N extra bits?
Think of it like this:
A 32 bit key, say 0x11223344 expanded into 0x1122334455667788, (still)
only
require 2^32 encryptions + expansions = hardly an increase in security.
(OTOH: If you needed a keystream, then i'd understand.)
Regards,
Glenn
------------------------------
From: "Jeff Moser" <[EMAIL PROTECTED]>
Subject: Re: Question about RSA excryption...
Date: Tue, 20 Feb 2001 14:45:20 -0500
"Taylor Francis" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
>
>
> Jeff Moser wrote:
> >
> > p = 1234567891
> > q = 9876543211
> > N = pq = 12193263122374638001
> > e = 65537
> > d = 12191402595354763373
> >
> > Encrypting the message "111222" yields: 4883125278959820367
> > Encrypting the message "222111" yields: 9586466168913275336
>
> how did you do that? byte by byte or digit by digit or pair by pair,
> how? and how did the ciphertexts turn out different?
M^e mod N
I took the whole M of 111222 as decimal one hundred eleven thousand two
hundred twenty two.. etc
Jeff
------------------------------
From: Ichinin <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: New unbreakable code from Rabin?
Date: Sat, 17 Feb 2001 19:22:20 +0100
Mok-Kong Shen wrote:
> There is a problem that needs to be clarified, I suppose.
> How 'random' should the publicly visible stream of random
> bits be? (Could they e.g. stem from PRNGs?)
>
> M. K. Shen
Dare i mention the syncronisation problem for both parties;
i.e. do they need precicely tuned atom clocks?
Regards,
Ichinin
------------------------------
From: Jerry Coffin <[EMAIL PROTECTED]>
Subject: Re: Question about RSA excryption...
Date: Tue, 20 Feb 2001 12:52:55 -0700
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] says...
> Admittedly, I'm a beginner, but the RSA method, seems to produce the
> same ciphertext for the same plaintext.
Assuming the same key is used, yes, that's true.
> Despite the prime numbers and difficultites of factoring, doesn't
> this just produce a simple substitution cipher?
Yes and no. "Substitution cipher" is normally used to refer to a
cipher that does substitutions on a character-by-character basis.
Ultimately, all block ciphers could be viewed as "simply
substitution" -- for a given block of input, the output will be the
same for the same key.
The reason this isn't a problem is the block size -- with single
characters, you can attack the cipher one character at a time,
matching up single characters of input to single characters of
output. If you have (for example) known-plaintext, it's quite
trivial to make a table of what character of input produces what
character of output -- it doesn't take much known plaintext at all
before you have a relatively complete table for doing decrypting.
When the block gets larger though, the storage to do this becomes
prohibitive very quickly -- for example, with a 128-bit block size,
you'd need to store 2^128 blocks of information, which is
substantially more than the number of iron molecules on earth.
With RSA, things get even worse for the attacker -- instead of 128-
bit block, the block size is the same as the key size. A typical key
size of RSA at the present time is 1024 bits, and some people go
larger still, using 2048- or even 4096-bit keys. At one bit of
information per atom, there's not enough atoms in the universe to do
the job, so to do the job, you need something like (lots of) parallel
universes or an ability to store information a LOT more densely than
one bit per atom -- but even at one bit per quark (or whatever), I'm
not sure there are enough particles to do the job (though there might
be -- I haven't even considered trying to estimate who many quantum
particles there are in the universe).
I'm not enough of a physicist to say those are absolutely impossible,
but I certainly can't call either one a practical consideration.
--
Later,
Jerry.
The Universe is a figment of its own imagination.
------------------------------
Date: Tue, 20 Feb 2001 07:05:09 +0000
From: Richard Heathfield <[EMAIL PROTECTED]>
Crossposted-To: sci.math
Subject: Re: Given any arbitrary numbers a and b. Can I ALWAYS find a
Paul Lutus wrote:
>
> "jtnews" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > Since my previous post seemed to be not to clear
> > to some people. Let me restate the problem another
> > way which I hope will be simpler to understand.
> >
> > Given any arbitrary numbers a and b where a and
> > b are NOT the same number.
> >
> > Can I ALWAYS find a transcendental number
> > between a and b?
>
> If A and B are integers, yes.
>
> 1. Pi is transcendental.
> 2. Therefore, by definition, Pi+n is transcendental if n = integer.
> 3. Therefore this sequence can be constructed:
>
> A, A+Pi-3, B.
>
> As usual, I am more than happy to be corrected on this sequence of steps by
> those more skilled than I am.
But A and B don't have to be integers.
Someone else demonstrated this already, but here's another way of
looking at it.
Let a and b be the limits, which are real numbers, such that a < b (a !=
b is given by the OP, and we can always swap them round if need be).
Let A be floor(a), and let B be ceil(b).
Use your method to get a transcendental number T, using A and B. Then:
T = T - A // get a number between 0 and (B - A)
T = T / (B - A) // get a number between 0 and 1
(We are assured that B != A, so we're not dividing by zero here)
t = T * (b - a) // get a number between 0 and (b - a)
(Same again: b != a)
t = t + a // t is transcendental and in the range a through b
QED.
--
Richard Heathfield
"Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
K&R Answers: http://users.powernet.co.uk/eton/kandr2/index.html
------------------------------
From: Taylor Francis <[EMAIL PROTECTED]>
Subject: Random number encryption
Date: Tue, 20 Feb 2001 14:29:40 -0600
Can someone tell me why random number encryption isn't (seemingly) used
much?
Thanks...
------------------------------
From: "Cristiano" <[EMAIL PROTECTED]>
Subject: Re: Key expansion.
Date: Tue, 20 Feb 2001 21:28:06 +0100
"Ichinin" ha scritto:
> Cristiano wrote:
> > If I want to use 192 or 256 bits how would I do?
> >
> > There are problems if I withdraw only 128 bits instead of 160 (I don't
want
> > to use MD5)?
> [...]
> A 32 bit key, say 0x11223344 expanded into 0x1122334455667788, (still)
> only require 2^32 encryptions + expansions = hardly an increase in
security.
>
> (OTOH: If you needed a keystream, then i'd understand.)
I need to expand the key because for symmetric block cypher I need 128, 192
or 256 bits and I only want to have password like "ciao", "beltempo" and so
on.
Thank you for your answer,
Cristiano
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: alt.2600,alt.security
Subject: Shall you reach to Heaven to help the work of Angels to help those who want
to reach Heaven ... tell me the truth and I shall reach Heaven ...
Date: 20 Feb 2001 20:34:04 GMT
Walking on the bridge to Heaven .... what was build by telling the truth and
nothing but the truth ... you shall reach the light ... to fight those
satanic forces that violate the Jehovah's Law and attack the Kingdom of ATOK
(good) and so helping the forces of ALOK (evil) in the world of AGOD ... you
as the agent of an Angel shall fight with others like you ...
Markku (vladimireuru) from Tallahassee, Florida ... on the way to Heaven ....
----- Posted via NewsOne.Net: Free (anonymous) Usenet News via the Web -----
http://newsone.net/ -- Free reading and anonymous posting to 60,000+ groups
NewsOne.Net prohibits users from posting spam. If this or other posts
made through NewsOne.Net violate posting guidelines, email [EMAIL PROTECTED]
------------------------------
From: "Trevor L. Jackson, III" <[EMAIL PROTECTED]>
Crossposted-To: sci.math
Subject: Re: Is there an algorithm to sequentially enumerate all transcendental
Date: Tue, 20 Feb 2001 21:22:47 GMT
Virgil wrote:
> In article <[EMAIL PROTECTED]>, jtnews
> <[EMAIL PROTECTED]> wrote:
>
> > Jan Kristian Haugland wrote:
> > >
> > > jtnews wrote:
> > >
> > > > Is there an algorithm to sequentially enumerate
> > > > all possible transcendental numbers?
> >
> > Thanks for the quick response!
> >
> > Is there some reference anyone can give
> > where I can find mathematical proof of this?
>
> The first proofs of the uncountability of the reals are due to Georg
> Cantor.
Are there any non-diagonalization proofs?
------------------------------
From: "Trevor L. Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: New unbreakable code from Rabin?
Date: Tue, 20 Feb 2001 21:33:38 GMT
Mok-Kong Shen wrote:
> "Douglas A. Gwyn" wrote:
> >
> > Roger Schlafly wrote:
> > > From the NY Times:
> >
> > Thanks for the pointer. Upon closer examination, this is a method
> > that I have seen before, perhaps in this newsgroup -- basically,
> > establish a publicly visible stream of random bits, and the
> > communicating parties select a running sample from the bit stream
> > pool according to some agreed-upon rule, and use that as an XOR
> > stream one-time key. The idea is apparently that since the enemy
> > cannot store all the "infinite" bit pool, he cannot keep up with
> > the communicants, since he doesn't know in advance of analysis
> > which of the pool bits need to be recorded.
>
> There is a problem that needs to be clarified, I suppose.
> How 'random' should the publicly visible stream of random
> bits be? (Could they e.g. stem from PRNGs?)
They could not. If the adversary knew the pool was pseudo random he
would have no difficulty keeping track of it.
------------------------------
From: "Trevor L. Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: New unbreakable code from Rabin?
Date: Tue, 20 Feb 2001 21:40:35 GMT
Hard wrote:
> On Mon, 19 Feb 2001 21:45:09 -0800, Roger Schlafly
> <[EMAIL PROTECTED]> wrote:
>
> >From the NY Times:
> ><snip>
> >Dr.
> >Rabin said. "We have proved that the adversary is helpless."
> >http://www.nytimes.com/2001/02/20/science/20CODE.html?pagewanted=all
> >(free reg reqd)
>
> Hmmmm...
>
> The adversary is helpless? No way to store that much data? OK then
> let's say I'm his adversary:
>
> If we all have access to the same "random" bit stream, and I know that
> Dr. Invincible is going to send a short encrypted message to Mr. X at
> 16:00:00 hours today, what is to keep me from capturing 15:59:59 to
> 16:00:01 of that stream and just crunching the numbers on it? It
> seems trivial. Maybe I'm missing something.
>
> He states that the random data stream is going to be something like a
> million million bytes per second. He might as well have said
> bazillion. The tech to keep that kind of stream flowing crypto
> quality random continuously is going to be hard to come by, as is the
> ability to sync up at any time in a continuous fashion.
>
> But the ability to capture a few seconds (3-4 terabytes by my calc) is
> possible now with current disk storage technology. And if you can
> capture the part that was used, can you not decrypt?
>
> You can fit a stack of common DVD disks (4GB - very conservative) 18
> of them to an inch in the space a human man would stand (six stacks at
> 72 inches each) and have eight hours worth of this stream.
>
> Now it is true that most individuals or groups of individuals could
> not keep up with this, but I'm *sure* the NSA could if it would mean
> being able to chew through a significant portion of encrypted traffic.
>
> The adversary does not appear to be helpless. But again, one of you
> is probably going to clue me in as to why Dr. Rabin's scheme is
> provably impossible to crack.
>
> BTW, thanks for the post, Mr. Schlafly.
It appears that the adversary cannot capture a segment including the
(dense) key stream, but only a segment containing the (sparse) keystream.
Thus the adversary is confronted with the need to search not just the
starting positions within the random stream, but the powerset of those
positions.
Thus giving the communicants a common PRNG is sufficient. They use the
PRNG to sample the /i/n/f/i/n/i/t/e/ inexhaustible public TRNG stream.
I suppose this counts as a distribution mechanism for an OTP, but assuming
a _trustworthy_ inexhaustible public TRNG stream is a form of cheating.
------------------------------
From: "Trevor L. Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: New unbreakable code from Rabin?
Date: Tue, 20 Feb 2001 21:42:11 GMT
Erwin Bolwidt wrote:
> Hard wrote:
>
> [...]
> >
> > You can fit a stack of common DVD disks (4GB - very conservative) 18
> > of them to an inch in the space a human man would stand (six stacks at
> > 72 inches each) and have eight hours worth of this stream.
> >
> > Now it is true that most individuals or groups of individuals could
> > not keep up with this, but I'm *sure* the NSA could if it would mean
> > being able to chew through a significant portion of encrypted traffic.
> >
> > The adversary does not appear to be helpless. But again, one of you
> > is probably going to clue me in as to why Dr. Rabin's scheme is
> > provably impossible to crack.
> >
> > BTW, thanks for the post, Mr. Schlafly.
>
> I wonder why this method should be considered 'practical'. The NY Times
> article talks about some source of the random data, like a satelite
> broadcasting a random data stream at an extremely fast rate.
> I don't really see how launching a satelite for your private
> communications is more practical than sending a One-Time Pad on a set of
> DVD's to another party. Well-funded terrorist groups, drug traffickers,
> military organizations and other well-funded people could probably do
> both with a reasonable guarantee of success.
> A One-Time Pad could have been intercepted or copied while it was being
> sent to the receiver, and a satelite can also be tampered with before
> launch or perhaps even after launch if the adversary has enough
> technology.
Less if he only needs to diddle the user's antenna, or overwhelm the signal
at the user's antenna.
------------------------------
From: "Trevor L. Jackson, III" <[EMAIL PROTECTED]>
Crossposted-To: alt.security,comp.security,alt.2600
Subject: Re: The Kingdom of God
Date: Tue, 20 Feb 2001 21:44:25 GMT
Alun Jones wrote:
> In article <cnqk6.145873$[EMAIL PROTECTED]>, "Jashter"
> <[EMAIL PROTECTED]> wrote:
> > Yeah, but then you must wonder if there really is a god in the first
> > place...
>
> . . . Not to mention whether or not He could build a system that even He
> could not penetrate :-)
A Zen response to this query is "No". The rationale for the response is "He
would not". Further questions are pointless due to the attitude (arrogance)
of the rationale.
------------------------------
From: Doug Kuhlman <[EMAIL PROTECTED]>
Crossposted-To: sci.math
Subject: Re: Is there an algorithm to sequentially enumerate all transcendental
Date: Tue, 20 Feb 2001 15:40:36 -0600
"Trevor L. Jackson, III" wrote:
>
> Virgil wrote:
>
> > In article <[EMAIL PROTECTED]>, jtnews
> > <[EMAIL PROTECTED]> wrote:
> >
> > > Jan Kristian Haugland wrote:
> > > >
> > > > jtnews wrote:
> > > >
> > > > > Is there an algorithm to sequentially enumerate
> > > > > all possible transcendental numbers?
> > >
> > > Thanks for the quick response!
> > >
> > > Is there some reference anyone can give
> > > where I can find mathematical proof of this?
> >
> > The first proofs of the uncountability of the reals are due to Georg
> > Cantor.
>
> Are there any non-diagonalization proofs?
Yes. At the very least, you can prove it with a power set argument
(prove no set can have the same cardinality as its power set and then
prove the reals have the same cardinality as the power set of the
integers. The former is a fair bit harder than the latter.)
Doug
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
