Cryptography-Digest Digest #863, Volume #13 Sun, 11 Mar 01 16:13:00 EST
Contents:
Re: Text of Applied Cryptography .. do not feed the trolls (dlk)
Re: [REQ] SHA-1 MD5 hashing software (nemo outis)
Re: => FBI easily cracks encryption ...? ("Douglas A. Gwyn")
Re: Text of Applied Cryptography .. do not feed the trolls (Mathew Hendry)
Re: [REQ] SHA-1 MD5 hashing software ("Tom St Denis")
Re: => FBI easily cracks encryption ...? ("Douglas A. Gwyn")
Re: => FBI easily cracks encryption ...? ("Douglas A. Gwyn")
Re: Super strong crypto ("Douglas A. Gwyn")
Re: Question ("Douglas A. Gwyn")
Re: Noninvertible encryption ("Douglas A. Gwyn")
Re: Potential of machine translation techniques? ("Douglas A. Gwyn")
Re: RSA encryption on Windows -- C++ source code ("Douglas A. Gwyn")
Re: => FBI easily cracks encryption ...? ("Mxsmanic")
Re: A question about passphrases (Kent Briggs)
theory edge mailing list ("Vladimir Nuri")
Re: => FBI easily cracks encryption ...? (Free-man)
----------------------------------------------------------------------------
From: dlk <[EMAIL PROTECTED]>
Subject: Re: Text of Applied Cryptography .. do not feed the trolls
Reply-To: dlk <[EMAIL PROTECTED]>
Date: Sun, 11 Mar 2001 19:19:19 GMT
On 3/10/2001, 7:37:38 PM, "Tom St Denis" <[EMAIL PROTECTED]> wrote=20=
regarding Re: Text of Applied Cryptography .. do not feed the trolls:
<snippage>=20
> I dunno who wrote the code in the back of Applied crypto BUT IT SUCKS!=
.
> It's the most sloppiest poorly written code I have ever seen. My blin=
d=20
dog
> with only three legs (that we call "tripod") can write better code by=
> randomly typing keys on the keyboard.
That's because it's function is not to be working or elegant code
but to be clear, easily understood code that models the given algorithm.=
--=20
Dave Keever
{# scanbot whack
$A =3D @ $B =3D hotmail $C =3D .com=20
$Email =3D dlkeever + $A + $B + $C }
------------------------------
From: [EMAIL PROTECTED] (nemo outis)
Subject: Re: [REQ] SHA-1 MD5 hashing software
Date: Sun, 11 Mar 2001 19:24:28 GMT
Best I've found is Veracity at the eponymous:
www.veracity.com
Quoting from the site:
"Veracity can calculate the SHA-0, SHA-1, MD2, MD4, MD5, HAVAL (four variants)
and Snefru (four variants) digest algorithms, and the CRC-16, CRC-32,
Fletcher, Internet, and Sum checksum algorithms."
Also supports a wide range of platforms and OSs.
Available as uncrippled trialware.
Regards,
In article <[EMAIL PROTECTED]>, Thomas Boschloo
<[EMAIL PROTECTED]> wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>I was wondering if any of you guys have some (trustable) hashing
>software on your sites. What I want is a program that computes the hash
>of a file, preferably for MS-DOS or Windows, and that has a lot of them
>(hashes).
>
>I know of one program that does this for windows by Sarah Dean
><http://www.fortunecity.com/skyscraper/true/882>, but I would like to
>know about some alternatives.
>
>Somehow a websearch at e.g. cert didn't turn up much other than
>'tripwire' and (presumably) large sized software like that.
>
>I do want the software to be free and include a lot of hash algorithms
>because I want to link to it on my homepage.
>
>Thanks in Advance, this seemed like the right group to ask,
>Thomas J. Boschloo
>
>-----BEGIN PGP SIGNATURE-----
>Version: PGPfreeware 5.5.3i for non-commercial use <http://www.pgpi.com>
>
>iQB5AwUBOquLEAEP2l8iXKAJAQEj4AMdHLjw9iT8uPoJzG4L7TAN72jqZrnXIhxK
>+vuDjhc+iMOVq6a74Z9gUG86yrs+h+9DdAXt2NTxQxQngnBFaLeAOQ/pHmjDZYCW
>ZYXOow0ebL70vdUgvRLDNYO+5fDwoE2wN24OYQ==
>=UE0h
>-----END PGP SIGNATURE-----
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: => FBI easily cracks encryption ...?
Date: Sun, 11 Mar 2001 19:25:40 GMT
Mxsmanic wrote:
> The majority of governments in the world have virtually nothing
> valuable enough for anyone else to wish to steal, ...
Yeah, what do we care about what might be happening, in, say,
Bosnia.
------------------------------
From: Mathew Hendry <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: Text of Applied Cryptography .. do not feed the trolls
Date: Sun, 11 Mar 2001 19:28:12 +0000
On Sun, 11 Mar 2001 01:36:21 -0000, "Dan Beale"
<[EMAIL PROTECTED]> wrote:
>people may not agree with giving away the (possibly pirated) text, but how
>about the source code, which (last time I checked) was not available to
>non-Americans.
A number of universities have the CDs shared for use by their students. Not very
hard to find.
-- Mat.
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: [REQ] SHA-1 MD5 hashing software
Date: Sun, 11 Mar 2001 19:31:10 GMT
"nemo outis" <[EMAIL PROTECTED]> wrote in message
news:MhQq6.52508$[EMAIL PROTECTED]...
> Best I've found is Veracity at the eponymous:
>
> www.veracity.com
>
> Quoting from the site:
>
> "Veracity can calculate the SHA-0, SHA-1, MD2, MD4, MD5, HAVAL (four
variants)
> and Snefru (four variants) digest algorithms, and the CRC-16, CRC-32,
> Fletcher, Internet, and Sum checksum algorithms."
>
> Also supports a wide range of platforms and OSs.
>
> Available as uncrippled trialware.
Oh boy trialware... hot digittiy. Who on earth would buy an implementation
of SHA?
Tom
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: => FBI easily cracks encryption ...?
Date: Sun, 11 Mar 2001 19:36:35 GMT
Mxsmanic wrote:
> By looking at the algorithms. In RSA, for example, the resources
> required to generate and use keys don't increase nearly as fast as
> the resources required to factor them, with increasing key length.
Really? I am interested in a reference to a proof of that, as I
suspect Bob S. and others would also be.
Also note that RSA is almost never used for bulk encryption, just
for key exchange and secondary functions like authentication. I'm
more concerned about cracking the bulk data encryption.
> So? Compared to what they were using a few years ago, these
> cryptosystems _are_ unconditionally secure.
That's self-contradictory. Unconditional security would not be
relative. And we know of no cryptosystem in widespread use
that is unconditionally secure; that would mean that no matter
what resources were available for its analysis the enemy could
not extract any information beyond what he started with. It is
evident that that is not true for the systems that are actually
being used. (Although for nearly all of them, the amount of
resources required for publicly-known attacks is prohibitive.)
> > There *are* additional, easy to afford, measures
> > that could be applied to cover one's @$$.
>
> Unless one is an international terrorist or head of a drug-smuggling
> cartel, additional measures are overkill.
Since when is privacy important only to evildoers?
> Actually, the best way to crack modern public cryptosystems is to
> kidnap the person with the key and torture him until he provides it.
No, that has been discussed before. It is often *not* a good way.
For one thing, it guarantees that compromise of secrecy is known
to one of the communicants.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: => FBI easily cracks encryption ...?
Date: Sun, 11 Mar 2001 19:37:12 GMT
Mxsmanic wrote:
> And without those "special circumstances," all of that genuine
> cryptanalysis would have produced nothing at all, over any time
> period.
Sometimes yes, sometimes no, depending on the system.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Super strong crypto
Date: Sun, 11 Mar 2001 19:38:59 GMT
Mok-Kong Shen wrote:
> I am afraid to define and qualtify 'propagation of
> information' is a task that is practically imfeasible in
> the rigorous sense (which a formal treatment requires),
> otherwise one could as well also decide whether a given
> bit source is perfectly random.
I don't understand your reasoning at all.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Question
Date: Sun, 11 Mar 2001 19:40:24 GMT
Dragon wrote:
> ... if there was a program which could decrypt
> based on if you knew some of the contents of the file.
Not in general.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Crossposted-To: sci.math
Subject: Re: Noninvertible encryption
Date: Sun, 11 Mar 2001 19:43:13 GMT
"SCOTT19U.ZIP_GUY" wrote:
> ... That it becomes trivally easy to test a key for a solution ...
The crux of the matter is that, if you have a method of cryptanalysis
that produces the right key, you don't need to test for a solution.
And in any other case, what are you doing testing keys? There are too
many of them for that to be a feasible mathod of attack.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Potential of machine translation techniques?
Date: Sun, 11 Mar 2001 19:44:48 GMT
Mok-Kong Shen wrote:
> Now that machine translation of natural languages has reached
> a fairly advanced state, wouldn't it be feasible to create an
> appropriate generic class of artificial languages covering a
> more or less limited universe of discourse and with grammars
> that are not too difficult for achieving fidelity of results
> such that, with a key, one can select which one of such
> languages is to be used in a concrete situation?
No, you'd be better off with a code system.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: RSA encryption on Windows -- C++ source code
Date: Sun, 11 Mar 2001 19:49:00 GMT
My recommendation is that *as a senior project* you should simply
note the requirement for encryption, then instead of trying to
implement something like RSA that is fairly involved (bignums,
primality testing, etc.) substitute some mickey-mouse method
that is easy to implement and note that in an actual product
one would of course need to use something like SSL.
------------------------------
From: "Mxsmanic" <[EMAIL PROTECTED]>
Subject: Re: => FBI easily cracks encryption ...?
Date: Sun, 11 Mar 2001 20:09:59 GMT
"Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Yeah, what do we care about what might be
> happening, in, say, Bosnia.
I've often wondered the same thing.
------------------------------
From: Kent Briggs <[EMAIL PROTECTED]>
Subject: Re: A question about passphrases
Date: Sun, 11 Mar 2001 14:09:32 -0600
Scott Fluhrer wrote:
> > Typically, your passphrase is run through a one-way hashing function and
> > just the
> > hash or a portion of the hash is saved with the file. When you enter your
> > passphrase for decryption, the hashing is repeated and compared with the
> > original.
>
> That is, in fact, common, but that's not quite what PGP does.
Depends on whether you are using the "conventional" encryption option in PGP or
are encrypting with public keys.
--
Kent Briggs, [EMAIL PROTECTED]
Briggs Softworks, http://www.briggsoft.com
------------------------------
From: [EMAIL PROTECTED] ("Vladimir Nuri")
Subject: theory edge mailing list
Date: 11 Mar 2001 21:17:45 +0100
hi, just an invitation to everyone here to visit and/or join
the theory-edge mailing list with possible relevance to anyone
reading this newsgroup.
groups.yahoo.com/group/theory-edge/
we discuss cutting edge algorithmic & mathematical topics,
and the intersection with practical applications.
we get into "open science" collaborations in which we push
the boundaries of knowledge right on the mailing list.
we have about 350 subscribers right now. traffic is light at
the moment, maybe something like 10 msg/week, many of them mine.
the archives are totally open, you don't have to receive email
to browse or search them. egroups also has a web-based delivery
option, no need to crowd your inbox. we are getting close to
the 3yr anniversary of the list. over 2,700 msgs.
would love to hear from newcomers. I encourage people to post
an introduction to yourself to the list.
especially seeking talkative academics!! we already have many
PhDs and masters' students on the list.
you can click on above page for the general charter which is
diverse. generally we are interested in progress in the hardest
problems in algorithmics & mathematics, such as the P =? NP
question.
lots of other highlights in the archives. hard to keep track
of it all!!
hope to hear from you soon!!
============================================================
--== Sent via Deja.com ==--
http://www.deja.com/
--
Posted from [199.174.224.146] by way of mail6.bigmailbox.com [209.132.220.37]
via Mailgate.ORG Server - http://www.Mailgate.ORG
------------------------------
From: [EMAIL PROTECTED] (Free-man)
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: => FBI easily cracks encryption ...?
Date: Sun, 11 Mar 2001 20:30:44 GMT
On 11 Mar 2001 05:58:04 GMT, [EMAIL PROTECTED]
(SCOTT19U.ZIP_GUY) wrote:
>[EMAIL PROTECTED] (Phil Zimmerman) wrote in
><[EMAIL PROTECTED]>:
>
>>What encryption was Hansen using that it was so easily cracked?
>
> Well Phil maybe it was PGP.
On a TV program last week (I think it was 60 minutes) they showed
copies of letters that were written by Hanssen to his Russian contact.
According to the program, these decrypted letters were retrieved by
a US mole who had penetrated Russian intelligence.
Of course, the story may be intentional disinformation.
Rich Eramian aka freeman at shore dot net
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
