Cryptography-Digest Digest #981, Volume #13 Fri, 23 Mar 01 16:13:01 EST
Contents:
Re: Fast and Easy crypt send (amateur)
Re: Pike stream cipher (Mok-Kong Shen)
Re: Idea - (LONG) (amateur)
Crack it! (amateur)
Re: Advice on storing private keys (Darryl Wagoner - WA1GON)
Re: Question about coding ("Douglas A. Gwyn")
Re: on-card key generation for smart card (Anne & Lynn Wheeler)
Re: Pike stream cipher ("Sam Simpson")
Re: How good is the KeeLoq algorithm? (Marc)
Re: cryptography using the method of elliptic curve. ("Carpe Diem")
Re: on-card key generation for smart card (Paul Rubin)
Re: Crack it! (Mok-Kong Shen)
Re: Idea ("Douglas A. Gwyn")
Re: Crack it! (amateur)
Re: the classified seminal 1940 work of Alan Turing? (John Savard)
Re: Idea (amateur)
Re: Crack it! (Mok-Kong Shen)
Re: Multiple encryption, more secure ciphers (David Wagner)
Re: AES - which block/key size to use? (David Wagner)
Re: the classified seminal 1940 work of Alan Turing? ("Kristopher Johnson")
----------------------------------------------------------------------------
From: amateur <[EMAIL PROTECTED]>
Subject: Re: Fast and Easy crypt send
Date: Fri, 23 Mar 2001 14:16:06 -0400
I hope you decrypt it, if it's easy and useless.
First communication I sent via network this encrypted message :
1300443387025
1131639164190
1466401443136
1159155876122
1351377516458
1106628398377
1027751582638
1593542128406
and you intercept it
_______________________
Second communication I sent via network this encrypted message :
1516273460338
1142553801552
1269821319190
1422764977616
0899310400137
1527607877779
1412907062933
1207246427960
_________________________
I used very pseudo-random short key : 12 digits
I used the same key in the two communications.
I used two categories other than odds and even.
I'm just an amateur.
Good luck.
Joseph Ashwood wrote:
>
> Quite frankly, I am no longer going to waste my time explaining to you why
> this is such a bad idea. If you want real comments on an algorithm you've
> designed, do some real analysis of it, write a real specification, but first
> and most important read a book about cryptography.
> Joe
>
> "amateur" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> [snip everything]
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Pike stream cipher
Date: Fri, 23 Mar 2001 20:16:14 +0100
Terry Ritter wrote:
>
> Mok-Kong Shen<[EMAIL PROTECTED]> wrote:
>
> >Terry Ritter wrote:
> >>
> >[snip]
> >> Based on this evidence -- as opposed to hearsay, wishes, hopes or
> >> claims -- we see the MacLaren-Marsaglia mixing process not producing
> >> significant (e.g., exponential) additional cryptographic strength.
> >
> >I think that Knuth mentioned that it is difficult to
> >investigate this shuffling theoretically. On the other
> >hand, I guess that the effect depends on the materials
> >that are being shuffled and that its contribution
> >as a component to a whole system may under circumstances
> >not merely be 'additive'/'multiplicative'.
>
> Maybe, maybe not. The referenced literature gives us more evidence
> than we have for most cryptographic constructions, and it is not
> encouraging.
>
> The whole point to using the MacLaren-Marsaglia construction in this
> case is to add strength. If we must have a strong sequence generator
> before that will work, one might think there really is no point in
> using that mixing. A requirement for a strong sequence generator
> would not help anyway, because we cannot guarantee such strength.
>
> If we have to know the strength of the generator before we can
> understand the contribution of the mixing, we are already out of our
> depth. We generally don't know these values even to orders of
> magnitude. The only time we need the mixing is when the generator
> isn't strong, and the evidence we have is precisely about what can
> happen in that case.
What the algorithm normally does is actually a permutation
of the values from one PRNG using the output from another,
though differing from what one would do with the algorithm
of Dustenfeld. If the values being permuted are real values
in [0,1) (like those one could get from a congruential
generator), it confounds the output ordering, thus poses
some difficulty of inprediction. But one can also permute
(shuffle) bits that are obtained from these real values in
some appropriate way (e.g. through getting the parity bit).
In that case the prediction gets comparatively more
difficult. (Compare also your proposed scheme DT.)
M. K. Shen
------------------------------
From: amateur <[EMAIL PROTECTED]>
Subject: Re: Idea - (LONG)
Date: Fri, 23 Mar 2001 14:18:29 -0400
"John A. Malley" wrote: The attack is even quicker and easier with known
plaintext! Try it yourself and see. :-)
_________________________________
I hope you decrypt it, if it's easy and useless.
First communication I sent via network this encrypted message :
1300443387025
1131639164190
1466401443136
1159155876122
1351377516458
1106628398377
1027751582638
1593542128406
and you intercept it
_______________________
Second communication I sent via network this encrypted message :
1516273460338
1142553801552
1269821319190
1422764977616
0899310400137
1527607877779
1412907062933
1207246427960
_________________________
I used very pseudo-random short key : 12 digits
I used the same key in the two communications.
I used two categories other than odds and even.
I'm just an amateur.
Good luck.
------------------------------
From: amateur <[EMAIL PROTECTED]>
Subject: Crack it!
Date: Fri, 23 Mar 2001 14:20:37 -0400
I used what I had proposed in posts "Idea" and "fast and easy".
I hope you decrypt it, if it's easy and useless.
First communication I sent via network this encrypted message :
1300443387025
1131639164190
1466401443136
1159155876122
1351377516458
1106628398377
1027751582638
1593542128406
and you intercept it
_______________________
Second communication I sent via network this encrypted message :
1516273460338
1142553801552
1269821319190
1422764977616
0899310400137
1527607877779
1412907062933
1207246427960
_________________________
I used very pseudo-random short key : 12 digits
I used the same key in the two communications.
I used two categories other than odds and even.
I'm just an amateur.
Good luck.
------------------------------
From: [EMAIL PROTECTED] (Darryl Wagoner - WA1GON)
Subject: Re: Advice on storing private keys
Date: Fri, 23 Mar 2001 19:24:28 -0000
[EMAIL PROTECTED] (those who know me have no need of my name)
wrote in <[EMAIL PROTECTED]>:
>>At any rate the transport will be the Internet.
>
>completely? if that's true then there is _no_ reason to create your own
>certificate. if you decide that e-mail is the mechanism then all the
>tools actually necessary (s/mime) are already present in at least one a
>mass market client (outlook express).
Well, I wouldn't like to restrict it to just the internet, but I
don't think I will send digital signatures and certs over packet
radio until I get a ruling from the FCC.
I am fair new to this games, so I am still coming up to speed.
When I have dealt with standard certs before, I found them to be
very error prone. I am open to changing my mind about standard
certs if they meet my requirements. Here is what I currently believe
the requirements to be:
1. Open source. For it work logbook authors have to put it
into their programs and most are too cheap to pay for it.
2. The validation tool must be able to read a file of single line
records and validate the digital signatures. This too must be
easy to use and set up by award sponsors.
3. Easy for the amateurs to use and understand. Some of these
folks are very bright.
4. An easy API/SDI for software developers to add to their logbook
programs. Many are doing it as a side line, so they won't spend
a lot of time learning how to create and store certs. This is
why I created glue code for them.
5. The signature with cert should be able to be stored as ascii
in a field of a single line record. The record doesn't have a length
restriction.
6. The CA tools must be easy to use and understand.
7. Must be trusted/secure
Note that trust and security is the last requirement. That is
because if it can be trusted at all. It will beat what they
have now, which is unvalidated paper post cards.
I am also fighting a battle of time. An active arbitrator system
is gaining a lot of strengh. Not only is this a poor model but
he claims to have patents pending for his eQSL system and will
shutdown their competitor. I am hoping to get an open source
trusted QSL in place before they hit critical mass.
Thanks very much for the advice.
--
Darryl Wagoner - WA1GON
Join the TrustedQSL mailing list. An Open Source solution.
Post message: [EMAIL PROTECTED]
Subscribe: [EMAIL PROTECTED]
List owner: [EMAIL PROTECTED]
http://www.trustedQSL.org
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Question about coding
Date: Fri, 23 Mar 2001 19:01:45 GMT
amateur wrote:
> how could crack "hello" if it's represented by 23.35.43.86.12?
Hell, I can't crack QZJMV, which is "hello" in a very simple
system. However, given enough material to work with, the
system can be cracked. If you study the cryptanalysis texts
we previously suggested, you will learn how.
------------------------------
Subject: Re: on-card key generation for smart card
Reply-To: Anne & Lynn Wheeler <[EMAIL PROTECTED]>
From: Anne & Lynn Wheeler <[EMAIL PROTECTED]>
Date: Fri, 23 Mar 2001 19:36:24 GMT
Chenghuai Lu <[EMAIL PROTECTED]> writes:
> Could anybody tell me the average time of on-card 1024-bit RSA key
> generation for the best smartcard application.
>
> Thanks.
>
> -------------
for standard 3.?mhz 7816 chips ... i've seen times of 8minutes for
1024bit key generation.
--
Anne & Lynn Wheeler | [EMAIL PROTECTED] - http://www.garlic.com/~lynn/
------------------------------
From: "Sam Simpson" <[EMAIL PROTECTED]>
Subject: Re: Pike stream cipher
Date: Fri, 23 Mar 2001 19:38:09 -0000
Lol, why can't people use Google? ;)
5th item from:
http://www.google.com/search?hl=en&lr=&safe=off&q=pike+ross+stream+cipher =
http://www.cl.cam.ac.uk/Research/Security/studies/st-alg.html
Includes a paper at: http://www.cl.cam.ac.uk/ftp/users/rja14/fibonacci.ps.Z
Do you want me to read it for you? ;))))
--
Regards,
Sam
http://www.scramdisk.clara.net/
Public <Anonymous_Account> <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Does anyone have any references (or thoughts of their own they can
> offer) concerning the security of Ross Anderson's "Pike" stream
> cipher?
>
>
------------------------------
From: [EMAIL PROTECTED] (Marc)
Subject: Re: How good is the KeeLoq algorithm?
Date: 23 Mar 2001 19:43:01 GMT
>> It is inplemented with the use of single bit rotations, xor and a very
>> small look-up table only.
>Same with RC4, only that the (constantly changing) table is 256 bytes of
>RAM.
Typical controllers for KeeLoq have around 20-30 bytes of RAM, and
code memory for 500 instructions.
There exist DES implementations for similarily small controllers, but
256 bytes of RAM is a no-go requirement without question.
------------------------------
From: "Carpe Diem" <[EMAIL PROTECTED]>
Subject: Re: cryptography using the method of elliptic curve.
Date: Fri, 23 Mar 2001 13:45:27 -0600
I agree, and that is true especially in math. The only way to approach math
is with humility. No matter how good you are the theory sometimes requires a
huge amount of background. When you begin reading a math book (I am not
talking about "Math for Dummies") you have be prepared to meet concepts that
require you a lot of background work in order to understand. And even if you
understand you still do not master it until you have had experince with
doing problem solving on your own. The same is true in Cryptanalysis as
Schneier writes in one of his papers. You do not learn only by reading but
also by applying what you read.
For what regards Elliptic Curves, that is one of the most difficult areas of
Algebraic Number Theory. There is a lot of work being done by Wiles (the guy
who solved Fermat's Last Theorem using elliptic curves), Conrad, Taylor,
etc. and can be considered the Number Theory of this century. Even one of
the milion dollars prize problems, ( the Birch and Swinnerton - Dyer
conjecture), has to do with elliptic curves.
-- Carpe Diem
"Mok-Kong Shen" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
>
>
> Tom St Denis wrote:
> >
> [snip]
> > No it's math prof's using sentences like "it's obvious that..." that
really
> > turn me off. Yeah I am a "baby" and I have tons to learn, I admit that
but
> > honestly all too often people write papers assuming they are the target
> > audience....
>
> In all natural sciences, each book or journal has its
> implicit assumption of the background of readers. (True
> also elsewhere. If you step into certain exquisite
> boutiques, the saleswomen assume that your bank account
> is non-trivial.) You are not obliged to buy or subscribe
> these.
>
> M. K. Shen
------------------------------
From: Paul Rubin <[EMAIL PROTECTED]>
Subject: Re: on-card key generation for smart card
Date: 23 Mar 2001 11:48:56 -0800
Chenghuai Lu <[EMAIL PROTECTED]> writes:
> Could anybody tell me the average time of on-card 1024-bit RSA key
> generation for the best smartcard application.
>
> Thanks.
The cards I've been using can do it in under a minute, and I doubt
those are the fastest. 8 minutes is ridiculous.
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Crack it!
Date: Fri, 23 Mar 2001 21:11:10 +0100
amateur wrote:
>
> I used what I had proposed in posts "Idea" and "fast and easy".
> I hope you decrypt it, if it's easy and useless.
[snip]
In a recent thread posted by someone else, the following
questions were raised:
Is this a workable cipher system?
How could you ever break it?
To that I replied with the following comment, which I guess
could also apply to the current thread with respect to your
challenge above:
I my humble view answering questions like your last one is
in general difficult. For breaking a given cipher (that
is susceptible to be broken by the current state of
knowledge) may often require much thoughts/intuitions and
experimentations/work/time. Thus it is always easy to put
up a challenge but hard to take it up. If nobody answers
that question of yours, it doesn't follow at all that your
cipher is strong. An analogy: In mathematics it is easy to
put up problems that are hard to get worked out. Some may
need much work to be solved, others may be not solvable
but the non-solvability is rather difficult to prove (e.g.
the trisection of an angle). But this is all opionions of
a humble non-expert like me. I don't exclude that some
experts would at once give a very easy break of your scheme
or prove the opposite.
BTW, please avoid repeatedly post virtually the same stuff.
It is good etiquette not to waste bandwidth of the group.
M. K. Shen
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Idea
Date: Fri, 23 Mar 2001 19:08:49 GMT
amateur wrote:
> If those who are thinking it's useless, I will post two messages to
> break using the same algo I exposed in posts "Idea" and "fast and easy".
> If they think that it is easy to break, I ask them just to try.
That's not how it's normally done. You need to let the cryptanalyst
specify the conditions of the test; otherwise, it might be that your
system fails miserably under real-world conditions but not for some
restricted uses.
Note that if nobody reports cracking your challenge, it *could* mean
that nobody (competent) bothered to try. Some cipher challenges
have offered prizes of one form or another in an attempt to attract
serious attention from competent cryppies.
------------------------------
From: amateur <[EMAIL PROTECTED]>
Subject: Re: Crack it!
Date: Fri, 23 Mar 2001 15:26:14 -0400
Thank you for your message. I received it in my valid email.
I read it.
Your post is talking about encrypting goups of bits not a single bit.
So it's not the same.
I encrypted every bit without scrambling group of bits.
Even if the grammatical structure of the plain-text is not changed,
using for every character a specific encryption hide this structure.
I'm using substitution only without permutation.
I replace every bit by random values owning one property.(i.e. odd and
even etc...).
I mask with a simple key when sending my message.
Mok-Kong Shen wrote:
>
> amateur wrote:
> >
> > I used what I had proposed in posts "Idea" and "fast and easy".
> > I hope you decrypt it, if it's easy and useless.
> [snip]
>
> In a recent thread posted by someone else, the following
> questions were raised:
>
> Is this a workable cipher system?
> How could you ever break it?
>
> To that I replied with the following comment, which I guess
> could also apply to the current thread with respect to your
> challenge above:
>
> I my humble view answering questions like your last one is
> in general difficult. For breaking a given cipher (that
> is susceptible to be broken by the current state of
> knowledge) may often require much thoughts/intuitions and
> experimentations/work/time. Thus it is always easy to put
> up a challenge but hard to take it up. If nobody answers
> that question of yours, it doesn't follow at all that your
> cipher is strong. An analogy: In mathematics it is easy to
> put up problems that are hard to get worked out. Some may
> need much work to be solved, others may be not solvable
> but the non-solvability is rather difficult to prove (e.g.
> the trisection of an angle). But this is all opionions of
> a humble non-expert like me. I don't exclude that some
> experts would at once give a very easy break of your scheme
> or prove the opposite.
>
> BTW, please avoid repeatedly post virtually the same stuff.
> It is good etiquette not to waste bandwidth of the group.
>
> M. K. Shen
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: the classified seminal 1940 work of Alan Turing?
Date: Fri, 23 Mar 2001 19:34:35 GMT
On Fri, 23 Mar 2001 14:26:11 +0100, Frank Gerlach
<[EMAIL PROTECTED]> wrote, in part:
>Is it that Schneier is referring to ? Seems to be more an analysis of
>Enigma and not a general theory...
I would suspect that what is referred to is something that relates to
the work of Claude Shannon as well; work that unifies the concepts
behind cryptography with the fundamentals of mathematics.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: amateur <[EMAIL PROTECTED]>
Subject: Re: Idea
Date: Fri, 23 Mar 2001 15:32:25 -0400
I'm just trying to understand. I proposed algo to encipher. Some think
that is easy to crack. I tell them crack it.
Why treating with scorn a simple algo proposed by an amateur?
I'm very patient. If it takes a year to be cracked no problem. I'll wait
until someone give a solution.
"Douglas A. Gwyn" wrote:
>
> amateur wrote:
> > If those who are thinking it's useless, I will post two messages to
> > break using the same algo I exposed in posts "Idea" and "fast and easy".
> > If they think that it is easy to break, I ask them just to try.
>
> That's not how it's normally done. You need to let the cryptanalyst
> specify the conditions of the test; otherwise, it might be that your
> system fails miserably under real-world conditions but not for some
> restricted uses.
>
> Note that if nobody reports cracking your challenge, it *could* mean
> that nobody (competent) bothered to try. Some cipher challenges
> have offered prizes of one form or another in an attempt to attract
> serious attention from competent cryppies.
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Crack it!
Date: Fri, 23 Mar 2001 21:35:57 +0100
amateur wrote:
>
> Thank you for your message. I received it in my valid email.
> I read it.
> Your post is talking about encrypting goups of bits not a single bit.
> So it's not the same.
Have you read the second to last paragraph of the material
(copy of an article of mine of last year) that starts
with the phrase 'Note that an interesting special case is
one where u=2, ...' ??
M. K. Shen
------------------------------
From: [EMAIL PROTECTED] (David Wagner)
Subject: Re: Multiple encryption, more secure ciphers
Date: 23 Mar 2001 20:43:29 GMT
Reply-To: [EMAIL PROTECTED] (David Wagner)
Mok-Kong Shen wrote:
>Could you please give a reference?
Damgaard & Knudsen: "Multiple Encryption with Minimum Key".
Cryptography: Policy and Algorithms. International Conference,
Brisbane, Queensland, Australia, July 1995, LNCS 1029, pp. 156-164,
Springer Verlag, Berlin Heidelberg.
------------------------------
From: [EMAIL PROTECTED] (David Wagner)
Subject: Re: AES - which block/key size to use?
Date: 23 Mar 2001 20:45:14 GMT
Reply-To: [EMAIL PROTECTED] (David Wagner)
Henrick Hellström wrote:
>"DJohn37050" <[EMAIL PROTECTED]> wrote
>> The point is one should not assume that ENCRYPTION provides ANY MESSAGE
>> AUTHENTICATION.
>
>No, the point is that when you flip a bit of a CFB cipher text anywhere but
>in the last block, the plain text output of the next block will be obscured.
No, Don Johnson is absolutely correct. CFB should not be relied
upon to provide protection against modifications or tampering, no
matter which block you're talking about.
------------------------------
From: "Kristopher Johnson" <[EMAIL PROTECTED]>
Subject: Re: the classified seminal 1940 work of Alan Turing?
Date: Fri, 23 Mar 2001 20:29:13 GMT
The mouse can avoid the trap. But he can't get the cheese.
-- Kris
"Henrick Hellström" <[EMAIL PROTECTED]> wrote in message
news:99fggb$j7d$[EMAIL PROTECTED]...
> "Jim Farrand" <[EMAIL PROTECTED]> skrev i meddelandet
> news:[EMAIL PROTECTED]...
> > Frank Gerlach wrote:
> >
> > > > Who, where, why it is kept classified?
> > > Why don't you tell the mouse how the mousetrap works ?
> >
> > If you build a good enough mousetrap, the mouse should get caught even
> > if he knows how it works. ;)
> >
> > Regards,
> > Jim
>
> Isn't it the other way around? If the mouse is sufficiently skilled in
> avoiding mousetraps, he will not get caught even if the mousetrap designer
> knows the escape routine. ;)
>
>
> --
> Henrick Hellström [EMAIL PROTECTED]
> StreamSec HB http://www.streamsec.com
>
>
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
