Cryptography-Digest Digest #868, Volume #13 Mon, 12 Mar 01 00:13:01 EST
Contents:
Re: Text of Applied Cryptography .. do not feed the trolls
([EMAIL PROTECTED])
Re: The Foolish Dozen or so in This News Group (Benjamin Goldberg)
Re: Text of Applied Cryptography .. do not feed the trolls ("Tom St Denis")
Re: An extremely difficult (possibly original) cryptogram ("Ashish Kasturia")
Re: Text of Applied Cryptography .. do not feed the trolls (Frodo)
Straw man hash. (Benjamin Goldberg)
Re: Semi-super-strong crypto? (Benjamin Goldberg)
Re: Digital enveloppe ("Trevor L. Jackson, III")
Re: ideas of D.Chaum about digital cash and whether tax offices are (John
Christensen)
Re: An extremely difficult (possibly original) cryptogram (those who know me have no
need of my name)
Re: Text of Applied Cryptography .. do not feed the trolls ("Tom St Denis")
Re: RSA encryption on Windows -- C++ source code (those who know me have no need of
my name)
Re: [REQ] SHA-1 MD5 hashing software (those who know me have no need of my name)
Re: => FBI easily cracks encryption ...? (SCOTT19U.ZIP_GUY)
Re: Noninvertible encryption (SCOTT19U.ZIP_GUY)
Re: arbitrary-precision arithmetic (Benjamin Goldberg)
Re: => FBI easily cracks encryption ...? (Phil Zimmerman)
RE: Anonymous web browsing (Phil Zimmerman)
Re: Digital enveloppe ("Scott Fluhrer")
----------------------------------------------------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: Text of Applied Cryptography .. do not feed the trolls
Reply-To: *
Date: Mon, 12 Mar 2001 02:13:36 GMT
On Sun, 11 Mar 2001 19:52:08 -0500, "Ryan M. McConahy"
<[EMAIL PROTECTED]> wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>Actually, I was not asking for noise. I merely wanted an address. I
>knew that an electronic version was available. I am a teenager, and
>do not have much money, and would prefer it in an electronic version.
Perhaps you might like this, too.
http://www.umich.edu/~umich/fm-34-40-2/
Enjoy the crypto. I hope your fascination lasts your entire life.
------------------------------
From: Benjamin Goldberg <[EMAIL PROTECTED]>
Crossposted-To: alt.hacker
Subject: Re: The Foolish Dozen or so in This News Group
Date: Mon, 12 Mar 2001 02:18:56 GMT
Anthony Stephen Szopa wrote:
[snip]
> > > fclose that flushes all OS buffers associated with the stream.
> > > You would think this would be enough to force a write.
> >
> > How many times does this need to be pounded into your head? fclose
> > flushes the C library buffers, not the OS buffers.
[snip]
> > That's ignoring the hdd buffers. The drive light goes on for a bus
> > transfer of data to the drive, not for actual writing.
>
> I am not convinced this is so. The documentation says specifically
> "system-allocated" buffers are flushed.
If you choose to be stupid about what fclose does, you're allowed to be.
But how do you get off even thinking of the hdd buffers as "system
allocated?" I mean, nothing in the OS /creates/ them... they're part of
dedicated hardware, and the buffers are dedicated to that specific
purpose. Unlike OS buffers, or C library buffers, where it's just
arbitrary blocks of memory, which could be used for anything at all,
until the Os or user program *allocates* them for use. So in no way can
hdd buffers be considered "system allocated."
Also... I'm curious as to what you believe the function close() does, as
opposed to fclose(). Or what write() does as opposed to fwrite(), or
open() as opposed to fopen(). Or what you think fflush() does and what
reason you believe for there to not be any equivilant flush() function.
--
The difference between theory and practice is that in theory, theory and
practice are identical, but in practice, they are not.
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: Text of Applied Cryptography .. do not feed the trolls
Date: Mon, 12 Mar 2001 02:24:40 GMT
"Ryan M. McConahy" <[EMAIL PROTECTED]> wrote in message
news:3aac1d41$0$62147$[EMAIL PROTECTED]...
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Actually, I was not asking for noise. I merely wanted an address. I
> knew that an electronic version was available. I am a teenager, and
> do not have much money, and would prefer it in an electronic version.
Big deal? I got a job when I was 15 and bought my own copy. It's called
the "real world".
Tom
------------------------------
From: "Ashish Kasturia" <[EMAIL PROTECTED]>
Crossposted-To: rec.puzzles
Subject: Re: An extremely difficult (possibly original) cryptogram
Date: Sun, 11 Mar 2001 22:00:49 -0500
> In general, postings of this type are frowned upon.
why is that?
(just a question)
-ash
------------------------------
Date: 12 Mar 2001 02:57:32 -0000
From: [EMAIL PROTECTED] (Frodo)
Subject: Re: Text of Applied Cryptography .. do not feed the trolls
Crossposted-To: alt.security.pgp,talk.politics.crypto
In article <IrWq6.16068$[EMAIL PROTECTED]>
"Tom St Denis" <[EMAIL PROTECTED]> wrote:
>
>
> "Ryan M. McConahy" <[EMAIL PROTECTED]> wrote
in message
> news:3aac1d41$0$62147$[EMAIL PROTECTED]...
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > Actually, I was not asking for noise. I merely wanted an
address. I
> > knew that an electronic version was available. I am a
teenager, and
> > do not have much money, and would prefer it in an electronic
version.
>
> Big deal? I got a job when I was 15 and bought my own copy.
It's called
> the "real world".
Suit yourself.
I got a copy from the posted URL.
That's the real world, too.
------------------------------
From: Benjamin Goldberg <[EMAIL PROTECTED]>
Subject: Straw man hash.
Date: Mon, 12 Mar 2001 03:09:45 GMT
Douglas Gwyn's main concern with his "Straw man crypto" was that the
small amount of entropy is spread across an indefinitly large amount of
CT, and while this might not be a problem, it certainly feels like one.
The scheme he suggested, refered to as "straw man crypto" was as follows
(at least, to the best of my understanding):
1) encrypt and send N blocks under key k
2) generate k_new, encrypt it and send it under key k
3) k := k_new
4) goto (1)
One objection I have to this, is that k_new might not have the full
amount of entropy needed -- for example, if the enemy managed to damage
the RNG used to make it.
To counter this, I've thought up my own scheme, as follows:
1) create a hash context H
2) for N blocks:
2a) add pt to H
2b) add e(k)(pt) to H
2c) send e(k)(pt)
3a) generate k_new
3b) add k_new to H
3c) add e(k)(k_new) to H
3d) send e(k)(k_new)
4) k := H.finish()
5) goto (1)
Done like this, we've added some amount of entropy, and even some
athentification.
--
The difference between theory and practice is that in theory, theory and
practice are identical, but in practice, they are not.
------------------------------
From: Benjamin Goldberg <[EMAIL PROTECTED]>
Subject: Re: Semi-super-strong crypto?
Date: Mon, 12 Mar 2001 03:10:16 GMT
Douglas A. Gwyn wrote:
>
> Benjamin Goldberg wrote:
> > k(i) = encrypt_k0( IV0 + i )
> > ct(-1) = IV1
> > ct(i) = encrypt_(k(i/N))( pt(i) ^ ct(i-1) )
>
> The key schedule is fairly good (assuming a reasonable encrypt
> function), but you might as well not have the "^ ct(i-1)" since
> the enemy knows it (for all i>0) without having to do any work.
> It does stop prearranged tests for busts, however.
Hmm. I suggested CBC style chaining since it prevents codebook attacks.
How about using something like IAPM chaining?
w(i) = encrypt(k0)(IV0 + i); s(i) = pairwise_independent( w )
k(i) = encrypt(k1)(IV1 + (i/N))
ct(i) = s(i) ^ encrypt(k(i))( pt(i) ^ s(i) )
Or perhaps:
w0(i) = encrypt(k0)(IV0 + i); s0(i) = pairwise_independent( w0 )
w1(i) = encrypt(k1)(IV1 + i); s1(i) = pairwise_independent( w1 )
k(i) = encrypt(k2)(IV2 + (i/N))
ct(i) = s0(i) ^ encrypt(k(i))( pt(i) ^ s1(i) )
> Most of the concerns I was addressing in the straw man are
> addressed here. My main concern is that the small amount of
> k0+IV0+IV1 entropy is spread across an indefinitely large amount
> of CT, which might not be a problem, but it sure feels like one.
This is a bit harder to address, I'll admit. See my new thread "straw
man hash"
--
The difference between theory and practice is that in theory, theory and
practice are identical, but in practice, they are not.
------------------------------
From: "Trevor L. Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: Digital enveloppe
Date: Mon, 12 Mar 2001 03:18:31 GMT
br wrote:
>
> My idea seems to be not clear.
>
The possibility exists that you may be able to fix that. When do you intend to
start?
------------------------------
From: John Christensen <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Crossposted-To: talk.politics.crypto,alt.cypherpunks
Subject: Re: ideas of D.Chaum about digital cash and whether tax offices are
Date: Sun, 11 Mar 2001 23:25:37 -0500
John Christensen wrote:
> Anonymous wrote:
>
> >
> > Sorry to step out of the line, but could you please give me
> > some URL on
> > freenet technology? My search did only turn up some
> > providers. <g>
> >
>
> Try http://www.freenet.org
> Now could you tell me how you use mail2news ?
> Thanks.
Oops, sorry, try this one: http://freenet.sourceforge.net/
------------------------------
From: [EMAIL PROTECTED] (those who know me have no need of my name)
Crossposted-To: rec.puzzles
Subject: Re: An extremely difficult (possibly original) cryptogram
Date: Mon, 12 Mar 2001 03:20:39 -0000
<98hdo3$1u1ml$[EMAIL PROTECTED]> divulged:
>> In general, postings of this type are frowned upon.
>why is that?
>(just a question)
see the faq.
--
okay, have a sig then
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: Text of Applied Cryptography .. do not feed the trolls
Date: Mon, 12 Mar 2001 03:29:29 GMT
"Frodo" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> In article <IrWq6.16068$[EMAIL PROTECTED]>
> "Tom St Denis" <[EMAIL PROTECTED]> wrote:
> >
> >
> > "Ryan M. McConahy" <[EMAIL PROTECTED]> wrote
> in message
> > news:3aac1d41$0$62147$[EMAIL PROTECTED]...
> > > -----BEGIN PGP SIGNED MESSAGE-----
> > > Hash: SHA1
> > >
> > > Actually, I was not asking for noise. I merely wanted an
> address. I
> > > knew that an electronic version was available. I am a
> teenager, and
> > > do not have much money, and would prefer it in an electronic
> version.
> >
> > Big deal? I got a job when I was 15 and bought my own copy.
> It's called
> > the "real world".
>
> Suit yourself.
>
> I got a copy from the posted URL.
>
> That's the real world, too.
The url doesn't goto Applied Crypto. It goes to the US Field Manual....
Tom
------------------------------
From: [EMAIL PROTECTED] (those who know me have no need of my name)
Subject: Re: RSA encryption on Windows -- C++ source code
Date: Mon, 12 Mar 2001 03:34:23 -0000
<98ghpg$eel$[EMAIL PROTECTED]> divulged:
>I'm a little nervous about posting to this group because I don't want to
>distract everyone from more in-depth and interesting discussions,
actually distractions are good. this isn't a study hall, and anyone that
wants to follow a single topic will probably scan subject lines prior to
reading anyway.
hmm. a senior project, that requires a module that's usable in an
exportable commercial product.
>- small: maybe < 20K, otherwise I'd love to use Wei Dai's Crypto++,
have you, in fact, tried crypto++, so as to measure the size of the
additionally linked object's? or do you mean you only want 20k of
source?
--
okay, have a sig then
------------------------------
From: [EMAIL PROTECTED] (those who know me have no need of my name)
Subject: Re: [REQ] SHA-1 MD5 hashing software
Date: Mon, 12 Mar 2001 03:59:35 -0000
<[EMAIL PROTECTED]> divulged:
>Somehow a websearch at e.g. cert didn't turn up much other than
>'tripwire' and (presumably) large sized software like that.
you might want to look at it anyway, at least the library and siggen.
(siggen is a stand-alone signature generator.) it does what you want,
should work on many platforms, and isn't restricted to files.
e.g.,
| $ siggen /usr/sbin/siggen
| sig0: nullsig : 0
| sig1: md5 : 0ZGLRqHLfQp2MzcX:rSi1E
| sig2: snefru : 33jXDI2ed2h7BWR3WOYQjZ
| sig3: crc32 : 1y9Vy7
| sig4: crc16 : 0005DA
| sig5: md4 : 3cm2XtLLvW6EMeV1pscnBf
| sig6: md2 : 1KPet.xSeepLAPbtzsnWyR
| sig7: sha : 6LaCOHTLicDgwVMH:0c4nh5NfVk
| sig8: haval : 3hDqL3.gN4oq.DNLEF2QEq
| sig9: nullsig : 0
| $ dd if=/dev/urandom bs=1024 count=10 2>/dev/null | siggen
| sig0: nullsig : 0
| sig1: md5 : 2CKBCtgW3UEu6TbM726bOd
| sig2: snefru : 0vvdiMTknv03yGE8ur5Wzm
| sig3: crc32 : 3Y9I0w
| sig4: crc16 : 000A0Y
| sig5: md4 : 0c69vjiQHG0auoPrWb8i.e
| sig6: md2 : 1PszDmcpPoOxIdEAa9pBWP
| sig7: sha : 6LkMxOXjZ8ms9XpNNov3nGjnByQ
| sig8: haval : 0U0V4wX15eeBC55n68TAck
| sig9: nullsig : 0
--
okay, have a sig then
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: => FBI easily cracks encryption ...?
Date: 12 Mar 2001 03:59:18 GMT
[EMAIL PROTECTED] (CR Lyttle) wrote in
<[EMAIL PROTECTED]>:
>"SCOTT19U.ZIP_GUY" wrote:
>>
>> [EMAIL PROTECTED] (CR Lyttle) wrote in
>> <[EMAIL PROTECTED]>:
>>
>> >Phil Zimmerman wrote:
>> >>
>> >> What encryption was Hansen using that it was so easily cracked?
>> >
>> >It was probably not anything very sophisticated, I would think. After
>> >all Hansen was keeping his id secret from the Russians and they do
>> >not seem to have been in regular electronic contact. If Hansen was
>> >using anything as complex as PGP then he probably used only one key
>> >pair that the FBI got from his home. Exchanging new keys for each
>> >transmission requires two physical contacts, which increases the
>> >chances of being detected. Most of the battle is knowing something is
>> >happening. So whatever he used, it was probably pretty simple and
>> >designed to keep out casual snoopers.
>> >
>>
>> I can see for a first contact or even for a few months or even
>> a year simple encryption may have been used. But give me a break
>> he was an agent for MANY YEARS do you really think that he would
>> have used a very simple encryption method just to keep out casual
>> snoopers when he knew that if he was caught it meant death.
>> I think he used at least something that is as secure as PGP.
>> I am not saying he used PGP. Since he may have been in a position
>> to know that it may be weak. I am just saying he most likely used
>> something he considered very secure.
>>
>> David A. Scott
>> --
>>>SNIP<<
>
>So where did he get his keys? Think about the field logistics. Each
>exchange entails a risk of detection. To do crypto requires an exchange
>of keys separate from the exchange of messages. Therefore each exchange
>of keys means a risk of detection. So keys won't be exchanged very
>frequently. Therefore, it is highly unlikely that something like DES or
>1024 bit key PGP will be used. If he did use something like PGP, the key
>wasn't changed often and the FBI probably found it (or them) on his
>computer. Plus what is the reason for doing encryption in a case like
>this? It is important to keep the very existence of a transfer secret.
>If the existence of a transfer is secret, why encrypt it? Probably the
>Russians trained Hansen is some simple technique just to make him feel
>better. The FBI, in turn, probably found the key in Hansen's residence,
>or got him to reveal it.
>
>The problem with most crypto is key control. The best crypto is useless
>if the key is known.
>
What logistcis? He could have left his public PGP key among
some of his many drops. You only need to do it once. Also when
they gave him cash or diamonds they could have given him theres.
It really isn't rocket science.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.xoom.com/ecil/index.htm
Scott LATEST UPDATED source for scott*u.zip
http://radiusnet.net/crypto/ then look for
sub directory scott after pressing CRYPTO
Scott famous Compression Page
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Crossposted-To: sci.math
Subject: Re: Noninvertible encryption
Date: 12 Mar 2001 04:07:04 GMT
[EMAIL PROTECTED] (Douglas A. Gwyn) wrote in <[EMAIL PROTECTED]>:
>"SCOTT19U.ZIP_GUY" wrote:
>> One would like to be able to give a false key so they will be happy.
>
>However, if the decryption is gibberish they won't be happy.
>So you at the very least would want a system that encrypts
>both the real message and an alternate, meaningful message
>under separate keys. This isn't hard under the usual OTP
>system, because you can take the CT and fake PT and easily
>find a corresponding key, but for systems with short keys
>it's not going to be possible unless you allow the CT to be
>about twice as large as would otherwise be necessary.
>
Who cares if its gibberish. You can say it was output from
a random number generator. If you give a key that works I think
its up to them to prove its false. Also if you where using an OTP
and it was known that you where the FBI could pull a key out of
there ass and make the message be what ever the hell kind of
phony proof they need to nail you. Its just that if its something
of real value there out of luck.
If your using scott16u and you end up in court and they use
they claim its an OTP and they make a fasle key. You could
embarass the hell out of them on the last day of trail by
using the correct key and showing it a trival hello son
how was college this week.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.xoom.com/ecil/index.htm
Scott LATEST UPDATED source for scott*u.zip
http://radiusnet.net/crypto/ then look for
sub directory scott after pressing CRYPTO
Scott famous Compression Page
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
------------------------------
From: Benjamin Goldberg <[EMAIL PROTECTED]>
Subject: Re: arbitrary-precision arithmetic
Date: Mon, 12 Mar 2001 04:23:03 GMT
Cristiano wrote:
>
> > What are the different arbitrary-precision arithmetic packages
> > available? Which seem to be the best?
>
> I've implemented elliptic curve cryptography with 3 math packages:
> vlong, free-LIP v1.1 and miracl.
> vlong is a C++ class, miracl is a C/C++ package, LIP is C only.
> For speed comparison I ran the *identical* algorithm in a pentium II
> 450MHz with winzozz98. The elliptic curve choosen is 160 r1 from "SEC
> 2: Recommended Elliptic Curve Domain Parameters" (base point with
> prime order of 160 bits). These are the times (in seconds):
> vlong LIP miracl
> ECKEP 8,684 0,748 0,033 (each user)
> ECES 4,307 0,258 0,017 (encryption)
> ECES 2,182 0,139 0,009 (decryption)
>
> miracl has many optimizations (also in assembly) especially in
> elliptic curves.
>
> Cristiano
Looks like miracl is pretty damn fast, but I'm curious... I've read that
there's a way (called "projective coordinates" or somesuch) of
tranforming (x,y) into (x,y,z) which allows removal of all divisions but
the last, in return for doing a few extra multiplications, which in turn
results in a much faster point multiplication algorithm.
Since, as far as I can recall, lip does not have built in ec math, I
feel I have to ask whether or not you used projective coordinates in
your tests. Considering how long divisions normally take, I would
expect that this gives a very large speedup... it might make enough of a
diffference that lip would be close in speed to miracl.
Also... How do the gnu mp and gmp libraries compare to lip and miracl?
--
The difference between theory and practice is that in theory, theory and
practice are identical, but in practice, they are not.
------------------------------
Subject: Re: => FBI easily cracks encryption ...?
From: Phil Zimmerman <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp,talk.politics.crypto
Date: Mon, 12 Mar 2001 04:21:38 GMT
=====BEGIN PGP SIGNED MESSAGE=====
Hash: SHA1
Exchanging keys does not involve any public contact what so ever. That is
the beauty of the public-key encryption system. Had Hansen used a single key
system, or a self-decrypting archive system, then Hansen would have had to
transmit the "passphrase" to his Russian handlers, thereby exponentially
compromising his ID.
I don't know what encryption system he used. Now the NSA is years ahead of
public cryptography, hence one of its former algorithms was a defeated
candidate for AES. I don't know whether or not the NSA was involved in
helping the FBI decrypt Hansen's data.
BTW, I usually use 4096 length. Anyone have any comments on which algorithm
they prefer? TwoFish, AES, CAST, IDEA, TripleDES???
=====BEGIN PGP SIGNATURE=====
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>
Comment: Trust But Verify
iQA/AwUBOqxOpYQHeAMpsuAHEQK7EgCglwPPxbKQaPFXIVjDfCU9e8GldQwAnR3G
M+DRW0fqwS0rxhZwKu60gY86
=ODxk
=====END PGP SIGNATURE=====
------------------------------
Subject: RE: Anonymous web browsing
From: Phil Zimmerman <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp,talk.politics.crypto
Date: Mon, 12 Mar 2001 04:29:19 GMT
=====BEGIN PGP SIGNED MESSAGE=====
Hash: SHA1
Does anyone use any of the anonymouse web browsing services such as
Anonymizer or SafeWeb?
=====BEGIN PGP SIGNATURE=====
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>
Comment: Trust But Verify
iQA/AwUBOqxQh4QHeAMpsuAHEQLzDgCeIptnXlynUBi0iyAO1jP5QLgfRw0AnjAt
BIAAtrVTyo3WGHTZe9f+QxXb
=wWrr
=====END PGP SIGNATURE=====
------------------------------
From: "Scott Fluhrer" <[EMAIL PROTECTED]>
Subject: Re: Digital enveloppe
Date: Sun, 11 Mar 2001 20:27:18 -0800
br <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED]...
> I found a site using my idea but my idea doesn't need any Pin or
> password.
> http://www.digital-envelope.com/
>
> Only the recipient can open the email.
>
> Description of the system "digital enveloppe". I just quote it
>
> Digital Envelope is a simple but efficient way to encrypt all your
> emails so that nobody else than the
> recipient of the mail is able to read what you sent.
>
> The way it works:
>
> You encrypt your message with the recipients email address as
> key.
What asymmetric algorithm do you use? If you encrypt it only using a
symmetric algorithm, then obviously anyone who knows the recipients email
address can decrypt it.
> You also can define how long the
> message will be readable by specifying an expiration period.
Someone else has already asked, but how do you intend to enforce the
expiration period?
> If you have something really secret, you
> may enter an extra PIN or pass phrase. You must inform the
> recipient about this extra PIN, because
> otherwise s/he cannot read it. Then send your message.
>
> The recipient will get the encrypted message in the Inbox of
> the mail client. In order to decrypt it, a
> personal key must be requested here. The personal key is
> protected by a customer chosen Pin or pass
> phrase and is delivered by email to the email address
> specified in the key. Then the gets activated and
> the recipient can read your mail. So easy.
Who sends the email containing the personal key? If the "personal key" is
sent, on a per message basis, to the recepient, then why it any more secure
than sending the original message via email? If it's from a trusted third
party, then 1) how do you ensure that only the intended recepient get it,
and 2) how do you relate that key to the key that the sender used?
>
> We provide you with all the small pieces of software you will
> need for free, so visit our download pages.
>
> Some cryptographic details:
>
> The encryption uses a 128 symmetric encryption and in
> addition a chameleon type algorithm that
> changes its behavior during the encryption. We think, its
> pretty secure. Still there are more secure
> encryption schemes available, but this one will give you a
> good level of privacy.
You use a home brew system? I feel a quote coming on:
"Anyone who creates his or her own cryptographic primitive is either a
genius or a fool. Given the genius/fool ratio for our species, the odds
aren't very good." (Schneier, _Secrets & Lies_).
What peer review has your homebrew scheme had? Has a competent cryptanalyst
ever even looked at it? If not, why do you suspect that it is secure? What
advantage does it have over 3DES or AES?
--
poncho
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
