Cryptography-Digest Digest #759, Volume #13 Tue, 27 Feb 01 19:13:00 EST
Contents:
Re: How to find a huge prime(1024 bit?) (Robert Scott)
Re: OverWrite freeware completely removes unwanted files from harddrive (Anthony
Stephen Szopa)
Re: Was there ever a CRM-114 Discriminator? (Ed Kubaitis)
Re: encryption and information theory (Andreas Moser)
Re: Fake SSRIHATER ("Tobias Toft")
Re: On RC4 in C ("Roger Schlafly")
Re: encryption and information theory (Bill Unruh)
Re: Help Please !!!!!!!!!!!! ("Andrew U")
Re: Help Please !!!!!!!!!!!! ("Andrew U")
Re: How to find a huge prime(1024 bit?) (Fred W. Helenius)
Re: On RC4 in C (William Hugh Murray)
Re: What is the probability that an md5sum of a group of md5sums will be the same?
([EMAIL PROTECTED])
Re: Fake SSRIHATER ("Col. Viktor Serhejovich Dementiev")
Re: What is the probability that an md5sum of a group of md5sums will be the same?
("Sam Simpson")
Re: In RSA, how d is calculated? (Ian Goldberg)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Robert Scott)
Crossposted-To: alt.security.pgp,sci.math
Subject: Re: How to find a huge prime(1024 bit?)
Reply-To: [EMAIL PROTECTED]
Date: Tue, 27 Feb 2001 19:43:07 GMT
On Tue, 27 Feb 2001 16:47:39 +0000, [EMAIL PROTECTED]
(Christian Bau) wrote:
> first N *prime* numbers together.
>
>You multiply the first N primes and add 1.
>
>The result is not necessarily a prime, but its smallest factor is a prime,
>and since the number is clearly not divisible by any of the first N primes
>the smallest factor is a prime which is not one of the first N primes.
This may be a bit off topic, but I was just curious. Does
anyone know if there are infinitely many primes, p, such that
the product of all primes up to p plus 1 is composite? And if
so, is there any estimate on the ratio between the number of
primes p that yield a prime in this way compared to those that
yield a composite? My intuition is that as p goes to infinity,
for almost all cases, the product of all primes up to p plus
one is prime. I would not be surprised if there were only
finitely many primes for which the above construction does not
yield a prime. Just a hunch. Anyone know for sure?
Robert Scott
Ypsilanti, Michigan
(Respond through newsgroups, not by direct e-mail.)
------------------------------
From: Anthony Stephen Szopa <[EMAIL PROTECTED]>
Crossposted-To: alt.hacker
Subject: Re: OverWrite freeware completely removes unwanted files from harddrive
Date: Tue, 27 Feb 2001 12:22:08 -0800
"Trevor L. Jackson, III" wrote:
>
> Anthony Stephen Szopa wrote:
>
> > Michael Brown wrote:
> > >
> > > <SNIP>
> > > > >
> > > > > I checked the web pages, but I can't find any description for how the
> > > > >>>>>(SNIP SNIP)
>>>
>>>
> the OS might never write to the disk at all.
I told you what the coded instructions are.
You and others suggest that just maybe these coded instructions are
somehow not being carried out.
You are suggesting that maybe sometimes they are and sometimes they
are not.
Urban Legend or FUD.
Either way, refer us to some research papers that clearly
address / demonstrate this.
This is no trivial matter.
------------------------------
From: Ed Kubaitis <[EMAIL PROTECTED]>
Subject: Re: Was there ever a CRM-114 Discriminator?
Date: Tue, 27 Feb 2001 14:26:07 -0600
Mike Rosing wrote:
> Mxsmanic wrote:
> >
> > In Kubrick's classic film _Dr. Strangelove_, airborne SAC bombers use an
> > encryption device called a CRM-114 Discriminator to receive encrypted
> > communications from the ground. The device required a three-letter key
> > (which doesn't sound very secure). Was there ever such a device
> > actually in use?
Actually, I think the three-letter code was used as password, not an
encryption key. As I recollect, the point of the "discriminator"
was to weed out bogus voice "recall" messages being sent by the
Russians to the crew. The discriminator only allowed messages
preceded by the proper three letter code through. As I remember,
one of the generals (Turgidson??) assures the president something to
the effect they are trying all possible codes and at 10 seconds
a try, should hit the right one within a couple days or something:-)
Note, I'm not saying this makes sense, or corresponds to real
equipment on B52s at the time, only that this was the premise for
the CRM-114 I remember in the movie.
On another front, just came across this information just suggesting
that CRM-114 was a continuing motif in Kubrick movies:
http://www.eeggs.com/items/1589.html
> That movie was made around 1959 I think. Even then a 3 letter code would
> have been *way* too small. Kubrik used 3 letters for "precious bodily
> fluids" and "poe" ( a reference to the poet maybe?) and wanted an artistic
> link between the nut case commander and the planes. Other than a few
> real close calls of actual almost launching nukes, there's not much
> in that movie that was even close to real.
1964 actually. And I think you're way too tough a grader on Dr S
authenticity factors.
A couple years before the movie came out, I actually got a chance
to spend a few minutes in a B52 cockpit on an AFROTC field trip.
I thought Dr S did an excellent job of reproducing the "look and feel"
of the crew areas I saw. Although obviously I don't qualify as an
authority on this point:-)
One thing I *can* testify to though: the computer room in which
Peter Sellers discovers the left-behind portable radio which tells
him civilian radio in Alaska is still on the air was an absolutely
accurate rendering of an IBM 7094 machine room. In fact, I'm almost
certain it was shot on location in a *real* such machine room.
I was working as a night shift operator in a similar machine room at
the University of Chicago at the time, so I think I know whereof
I speak on this point.
>
> One of my favorites tho!
Roger that! One of a handful on my short list for the best
movie ever made...
>
> Patience, persistence, truth,
> Dr. mike
--
==========================
Ed Kubaitis ([EMAIL PROTECTED])
CCSO - University of Illinois at Urbana-Champaign
------------------------------
From: Andreas Moser <see@http://www.ztop.freeserve.co.uk>
Subject: Re: encryption and information theory
Date: Tue, 27 Feb 2001 20:54:33 GMT
Mok-Kong Shen wrote:
> > Does the encryption change the entropy, i.e. does the
> > encrypted message still reflect the information content of
> > the original message? Say the original message had an
> Pending answers by experts, I would say that there can
> be an increase in entorpy coming from that of the key
> employed. I am yet ignorant of a good way of determining
> the entropy of a given bit sequence, though.
I thought that it has to increase... Suppose you encrypted a large
binary file with low information content (e.g. all zeros) with
PGP.
The result has much more information which I suppose is coming
from the variety of digits of the large numbers used for the
encryption. I just thought, what if there was way to (reversibly)
compress the encrypted version down to something simple again...
after all the encryption scheme uses only a small amount of
information representing the prime numbers. Wouldn't that result
in a deciphering?
On the other hand, any such compression would probably be
equivalent to a factorization (and therefore just as difficult)...
or not?
Andreas
------------------------------
From: "Tobias Toft" <[EMAIL PROTECTED]>
Crossposted-To:
alt.support.depression.medication,soc.culture.russian,soc.org.kkk,dk.snak.mudderkastning,soc.culture.ukrainian
Subject: Re: Fake SSRIHATER
Date: Tue, 27 Feb 2001 21:10:56 GMT
"HORRIFICALLY HIDEOUS HOSEHEAD HENRIK HANSEN HIDES HIS HAIRY-PALMED HANDS"
<[EMAIL PROTECTED]> skrev i
en meddelelse news:[EMAIL PROTECTED]...
> SSRI Hater wrote:
>
> > I have seen many posts posted under the name SSRIHATER, not penned by me, but
> > seemingly some irrational delusional crazed nut desirous of being anyone but
> > himself.
>
> My guess is the sovok dork Igor Chudov is to blame.
>
Saddam did it!
/2ft
------------------------------
From: "Roger Schlafly" <[EMAIL PROTECTED]>
Crossposted-To: comp.lang.ada,talk.politics.crypto
Subject: Re: On RC4 in C
Date: Tue, 27 Feb 2001 21:03:55 GMT
"William Hugh Murray" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
Getting off-topic here ...
> I was with IBM when the DoJ was even more unhappy with their business
practices
> than they are with Microsoft's. There was never a final judgement in
IBM's
> case but my reading of history suggests that the issues are, for the most
> part, moot.
Moot now, yes. Not in the 1970s.
> DoJ abandoned its requests for relief and IBM never achieved the
> kind of dominance which the DoJ seemed to fear. Some have suggested that
that
> was because, if IBM ever dreamed of such dominance, it took its eye off
the
> ball while it battled the government.
IBM used to have 70% of the computer biz. IBM did change its business
practices significantly as the result of its various antitrust legal
difficulties.
Some people argue that the rise of Microsoft was only possible because
IBM was restrained.
> I await the final judgement of the
> courts in the Microsoft case, though I might prefer a settlement. However
the
> battle now joined ends, I hope that MS is not guilty of such an error.
However
> it ends, I doubt seriously that it will make anybody, much less everybody,
> happy with any, much less all, of Microsoft's business practices. (Does
that
> sentence scan?) On the other hand, I also doubt that, at least in the long
run,
> it will make any difference.
Perhaps, but the MS lawsuit has already had the effect of curbing some
MS business practices. Companies from AOL to RealNetworks have
prospered as a result.
------------------------------
From: [EMAIL PROTECTED] (Bill Unruh)
Subject: Re: encryption and information theory
Date: 27 Feb 2001 21:23:59 GMT
In <97fvk8$j6f$[EMAIL PROTECTED]> Andreas Moser
<see@http://www.ztop.freeserve.co.uk> writes:
>A question regarding the information content (entropy) of
>encrypted messages:
>Does the encryption change the entropy, i.e. does the
Yes.
>encrypted message still reflect the information content of
>the original message? Say the original message had an
>entropy of 1 kbit, then use, say, PGP encryption, does it
>increase?
Yes, by about 128 bits.
>If the answer is yes, where does the additional information
>come from, and if the answer is no, isn't there a way to see
>through the encryption?
The key carries the extra entropy.
Actually for most messages, the entropy to bits is very low. This is
what allows cracking by exhaustive search. It is impossible (?) to crack
a message whose entropy itself equals its number of bits. You never know
when you have teh right message.
------------------------------
From: "Andrew U" <[EMAIL PROTECTED]>
Crossposted-To: ncl.cs.csc331
Subject: Re: Help Please !!!!!!!!!!!!
Date: Tue, 27 Feb 2001 22:06:30 -0000
Volker Hetzer <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> PADDOCK wrote:
> >
> > the following is a list of unix crypt passwords
> >
> > have broken 15 of them using John the ripper and crack etc
> > but can't get the rest - any ideas u clever bods?
> >
> > (and no, this is not for anything illegal!)
> Then, what *is* it for?
It's for the first assessed practical in the CSC331 "System and Network
Security" computing science module at the University of Newcastle Upon Tyne,
England. It is a genuine honest request, but we have been instructed not to
cheat :o)
--
Andrew U (http://www.cs.ncl.ac.uk/people/a.r.urquhart)
o---------------------
http://62.253.162.19/au
"Think why you think the way you think."
------------------------------
From: "Andrew U" <[EMAIL PROTECTED]>
Subject: Re: Help Please !!!!!!!!!!!!
Date: Tue, 27 Feb 2001 22:09:55 -0000
Frank Gerlach <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> it would most probably be nice to remove the names of the users
> involved, before posting.
> They might use the same password somewhere else....
The password file is fake, yes it's based on real people at the University
of Newcastle Upon Tyne, UK - but they are not their real passwords - unless
by amazing coincidence.
--
Andrew U (http://www.cs.ncl.ac.uk/people/a.r.urquhart)
o---------------------
http://62.253.162.19/au
"Think why you think the way you think."
------------------------------
From: Fred W. Helenius <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp,sci.math
Subject: Re: How to find a huge prime(1024 bit?)
Date: Tue, 27 Feb 2001 18:01:38 -0500
[EMAIL PROTECTED] (Robert Scott) wrote:
>This may be a bit off topic, but I was just curious.
Followups set to sci.math only.
>Does
>anyone know if there are infinitely many primes, p, such that
>the product of all primes up to p plus 1 is composite?
It's an open question, but there are heuristics suggesting
that there should be infinitely many.
> And if
>so, is there any estimate on the ratio between the number of
>primes p that yield a prime in this way compared to those that
>yield a composite?
Conjecturally, zero; even if there are infinitely many, they
would be expected to become increasingly rare. The heuristics
suggest that the number of primes yielded in this way by the
primes up to N would be proportional to log N.
> My intuition is that as p goes to infinity,
>for almost all cases, the product of all primes up to p plus
>one is prime. I would not be surprised if there were only
>finitely many primes for which the above construction does not
>yield a prime. Just a hunch. Anyone know for sure?
Let's see how the numerical data (from the Prime Pages' list at
http://www.utm.edu/research/primes/lists/top20/PrimorialFactorial.html)
compare with your intuition:
Using the first 100 primes, 7 (or 7%) yield primes using this
formula. Using the first 1000 primes results in 13 primes (1.3%).
Of the first 9592 primes (all those < 100000), 19 (0.2%) yield
primes.
--
Fred W. Helenius <[EMAIL PROTECTED]>
------------------------------
From: William Hugh Murray <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Crossposted-To: comp.lang.ada,talk.politics.crypto
Subject: Re: On RC4 in C
Date: Tue, 27 Feb 2001 22:57:28 GMT
Roger Schlafly wrote:
> "William Hugh Murray" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> Getting off-topic here ...
>
> > I was with IBM when the DoJ was even more unhappy with their business
> practices
> > than they are with Microsoft's. There was never a final judgement in
> IBM's
> > case but my reading of history suggests that the issues are, for the most
> > part, moot.
>
> Moot now, yes. Not in the 1970s.
>
> > DoJ abandoned its requests for relief and IBM never achieved the
> > kind of dominance which the DoJ seemed to fear. Some have suggested that
> that
> > was because, if IBM ever dreamed of such dominance, it took its eye off
> the
> > ball while it battled the government.
>
> IBM used to have 70% of the computer biz. IBM did change its business
> practices significantly as the result of its various antitrust legal
> difficulties.
The question remains as to whether or not that had anything to do with their
change in fortune. I will grant you that we are all better off in that they no
longer dominate. It is less obvious to me that there is a causal relationship
between or prosperity and their loss of it. I will grant you that we will
probably be better off when, rather than because, MS no longer dominates. I
still question whether litigation and regulation are a necessary or efficient
remedy.
> Some people argue that the rise of Microsoft was only possible because
> IBM was restrained.
Perhaps. I would argue that IBM's change of fortune was rooted in
* failure to recognize the reasons for the success of hardware competition from
Digital, Apple, Prime, and Compaq
* investing where its revenues were at the expense of investing where its growth
was (mainframes v. small systems)
* continuing to sell at the top as the scale of computers changed and decision
making moved down in the enterprise
* selling exclusively to the enterprise and ignoring the consumer
* investing in OS/2 at the expense of Windows, SNA/SDLC and ISO/OSI at the
expense of TCP/IP, token-ring at the expense of
ethernet, host-guest at the expense of client-server, etc.
* investing in closed/proprietary systems (e.g., AS/400) at the expense of
open/industry-standard systems (e.g., Unix)
In other words, they were protecting their market rather than growing it,
protecting their advantage rather than innovating. I argued some of this at
the time, certainly the first two, but most of it is easy to see in
hind-sight. They shot themselves in the foot. They were driving over a rough
and windy road while looking through the rear-view mirror. With this aim and
vision, they needed no help from DoJ and were ill prepared to deal with
Microsoft. (Speaking of MS, does any of this remind you of them?)
> > I await the final judgement of the
> > courts in the Microsoft case, though I might prefer a settlement. However
> the
> > battle now joined ends, I hope that MS is not guilty of such an error.
> However
> > it ends, I doubt seriously that it will make anybody, much less everybody,
> > happy with any, much less all, of Microsoft's business practices. (Does
> that
> > sentence scan?) On the other hand, I also doubt that, at least in the long
> run,
> > it will make any difference.
>
> Perhaps, but the MS lawsuit has already had the effect of curbing some
> MS business practices. Companies from AOL to RealNetworks have
> prospered as a result.
(Notice that many already complain about the dominance and business practices of
both of these companies. We seem to have a penchant for attributing to
predatory practices the results of wise, not to say courageous, investment and
novel business models.)
Having been through this once, I have more faith in the markets and competition
than in litigation and regulation. Time will tell. In any case, this too is a
discussion for another day and another forum. Perhaps over a glass of bubbly
some time.
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: sci.math
Subject: Re: What is the probability that an md5sum of a group of md5sums will be the
same?
Date: 27 Feb 2001 15:30:21 -0800
jtnews <[EMAIL PROTECTED]> writes:
> Given:
>
> Files: 1 to N
>
> A program takes files 1 to N and generates
> an array of N md5sums S[1..N].
>
> An md5sum is then generated on array S.
>
> What is the probability that the md5sum
> generated on array S will be the same
> if only one of the files 1 to N
> is changed?
Zero. Or at least, so close as to be indistinguishable for all
practical purposes.
> I've made up a security-audit script which
> does the above and I want to calculate
> the probability of an undetected compromise.
If you ever see an undetected compromise, it is overwhelmingly more
likely that you have experienced brain damage which is causing you to
hallucinate the facts, or that your computer is misbehaving, or that
md5 has been broken (making probability calculations irrelevant), than
that a compromise has occured which the 128 bit checksum was
statistically unable to detect.
Alpha
------------------------------
From: "Col. Viktor Serhejovich Dementiev" <who-you?@vhyYOUwantKNOW!>
Crossposted-To:
alt.support.depression.medication,soc.culture.russian,soc.org.kkk,dk.snak.mudderkastning,soc.culture.ukrainian
Subject: Re: Fake SSRIHATER
Date: 27 Feb 2001 16:11:56 -0500
Reply-To: "Col. Viktor Serhejovich Dementiev" <who-you?@vhyYOUwantKNOW!>
"Tobias Toft" <[EMAIL PROTECTED]> a écrit dans le message
news:AJUm6.4901$[EMAIL PROTECTED]...
>"HORRIFICALLY HIDEOUS HOSEHEAD HENRIK HANSEN HIDES HIS HAIRY-PALMED HANDS"
><[EMAIL PROTECTED]> skrev i
>en meddelelse news:[EMAIL PROTECTED]...
>> SSRI Hater wrote:
>>
>> > I have seen many posts posted under the name SSRIHATER, not penned by me, but
>> > seemingly some irrational delusional crazed nut desirous of being anyone but
>> > himself.
>>
>> My guess is the sovok dork Igor Chudov is to blame.
>>
>
>Saddam did it!
What psych meds is the sand Negro on? Prozac? Klonopin?
------------------------------
From: "Sam Simpson" <[EMAIL PROTECTED]>
Crossposted-To: sci.math
Subject: Re: What is the probability that an md5sum of a group of md5sums will be the
same?
Date: Tue, 27 Feb 2001 23:52:24 -0000
I for one would be pretty interested if you found such a collision! ;)
--
Regards,
Sam
http://www.scramdisk.clara.net/
jtnews <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Given:
>
> Files: 1 to N
>
> A program takes files 1 to N and generates
> an array of N md5sums S[1..N].
>
> An md5sum is then generated on array S.
>
> What is the probability that the md5sum
> generated on array S will be the same
> if only one of the files 1 to N
> is changed?
>
> Does anyone have a clue on how to proceed
> with such a calculation?
>
> I've made up a security-audit script which
> does the above and I want to calculate
> the probability of an undetected compromise.
>
> References:
>
> http://www.ietf.org/rfc/rfc1321.txt?number=1321
>
> RedHat 7.0 md5sum Manual Page
> man md5sum
------------------------------
From: [EMAIL PROTECTED] (Ian Goldberg)
Subject: Re: In RSA, how d is calculated?
Date: 28 Feb 2001 00:06:25 GMT
In article <[EMAIL PROTECTED]>,
Doug Stell <[EMAIL PROTECTED]> wrote:
>On Tue, 27 Feb 2001 14:55:25 GMT, "david Hopkins"
><[EMAIL PROTECTED]> wrote:
>
>>N = P x Q = 37x 13= 481
>>PHI = (P-1)(Q-1) = 432
>>The public exponent E will be generated by the computer
>>so that the greater common divisor of E and PHI is 1.
>>In other words, E is relatively prime with PHI.
>>E = 5
>>N and E are your public keys. Your private key (D) is the
>>inverse of E modulo PHI.
>>
>>By using extended Euclidian algorithm, the private key, D, is 173
>>
>>how d is calculate?
>
> D = (E)^-1 (mod Phi[N]) = (E)^(Phi[N]-1) (mod Phi[N])
> = (5)^(P-1)*(Q-1)-1 (mod (P-1)*(Q-1))
> = (5)^431 (mod 432) = 173
>
Interesting. Your logic above is actually _incorrect_, though it happens
to produce the correct answer in this case. Try it for a different N:
N = 47 * 7 = 329
PHI = 46 * 6 = 276
E = 5
You would calculate above that
D = 5^(46*6-1) mod (46*6) = 5^275 mod 276 = 137
But D*E = 685 = 133 mod 276 (not 1)
If you wanted to proceed this way, you'd need to calculate
D = E^(PHI(PHI(N))-1) mod PHI(N) = E^(PHI(276)-1) mod 276
= E^(88-1) mod 276 = 5^87 mod 276 = 221
And D*E = 1105 = 1 mod 276.
The reason it worked for N = 481 is that it so happens that
PHI(481) = 432 is a multiple of PHI(PHI(481)) = 144, but that's not
true in general.
However, this isn't usually a good way to calculate D, since you'd need
to know PHI(PHI(N)) = PHI((p-1)(q-1)), so you need the factorization of
p-1 and q-1. [This is OK if you know, for example, that (p-1)/2 and
(q-1)/2 are prime themselves.]
But the EEA would be faster, anyway:
0 276 <-- start with a row containing [0 N]
1 5 <-- and a row containing [1 E]
-55 1 <-- row reduce (row 1 - 55 * row 2) until you get [D 1]
So D = -55 = 221 mod 276.
The original example:
0 432 <-- [0 N]
1 5 <-- [1 E]
-86 2 <-- row 1 - 86 * row 2
173 1 <-- row 2 - 2 * row 3
So D = 173 mod 432.
You can find D in this way with a few multiplications and subtractions.
- Ian
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
