Cryptography-Digest Digest #13, Volume #14 Mon, 26 Mar 01 11:13:01 EST
Contents:
Re: Data dependent arcfour via sbox feedback (John Savard)
Re: Data dependent arcfour via sbox feedback (John Savard)
Re: Our newsgroup under attack (John Savard)
Re: Deny Anon Remailers access to this newsgroup (John Joseph Trammell)
Re: Potential of machine translation techniques? (Volker Hetzer)
Re: Deny Anon Remailers access to this newsgroup (Volker Hetzer)
Re: Potential of machine translation techniques? (Lassi
=?iso-8859-1?Q?Hippel=E4inen?=)
Re: Deny Anon Remailers access to this newsgroup (John Joseph Trammell)
Re: Data dependent arcfour via sbox feedback ("Henrick Hellström")
Re: Data dependent arcfour via sbox feedback (Lassi =?iso-8859-1?Q?Hippel=E4inen?=)
Re: Deny Anon Remailers access to this newsgroup (David A Molnar)
TEA, Blowfish with non-random data? (Dan Hargrove)
Re: [STATS] FBI used to eat tasty MIX keys ("Ryan M. McConahy")
Re: Kill-filter expression for script weenie ("Ryan M. McConahy")
Noisebox wants to eat these TLA (lcs Mixmaster Remailer)
Re: Kill-filter expression for script weenie (Gary Woods)
Re: Potential of machine translation techniques? (Mok-Kong Shen)
Re: Potential of machine translation techniques? ("Douglas A. Gwyn")
Re: Data dependent arcfour via sbox feedback (Mok-Kong Shen)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Data dependent arcfour via sbox feedback
Date: Mon, 26 Mar 2001 12:32:18 GMT
On Sun, 25 Mar 2001 14:58:56 +0200, "Henrick Hellström"
<[EMAIL PROTECTED]> wrote, in part:
>Why should I care about a U.S. patent?
OK, you're in Sweden. I didn't check that before replying, and in any
case, many of the other people on this newsgroup would care; it would
be important for them to know that they couldn't use this principle
freely, either in their own software, or in software from elsewhere.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Data dependent arcfour via sbox feedback
Date: Mon, 26 Mar 2001 12:31:05 GMT
On Sun, 25 Mar 2001 22:18:50 GMT, [EMAIL PROTECTED] (Terry Ritter) wrote,
in part:
>If "certain countries" is intended to slight the US, I just note that
>entirely similar patent laws are in force in Europe. Dynamic
>Substitution is not a "software patent."
Furthermore, I don't think that it can be claimed that the principle
of Dynamic Substitution was in any way embodied in the thermostat -
or, for that matter, Watt's governor.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Our newsgroup under attack
Date: Mon, 26 Mar 2001 12:38:19 GMT
On 25 Mar 2001 17:25:58 -0800, Paul Rubin <[EMAIL PROTECTED]>
wrote, in part:
>The person is trying to get anonymous remailers filtered and/or shut
>down. He wants newsgroup posters to be identifiable, so he can stalk
>people who post things he disagrees with.
Well, one would think that the anonymous remailers would filter *him*
out. After all, this is not a mailing list, so it's only the USENET
posting service that needs to be monitored.
John Savard
http://home.ecn.ab.ca/~jsavard/crypto.htm
------------------------------
From: [EMAIL PROTECTED] (John Joseph Trammell)
Subject: Re: Deny Anon Remailers access to this newsgroup
Date: Mon, 26 Mar 2001 13:13:24 GMT
On Mon, 26 Mar 2001 13:28:23 +0200, Frank Gerlach wrote:
> I cannot find a good reason why anon remailers should be allowed to
> post to sci.crypt. If someone needs pseudo-anonymity, just change your
> name in the news client.
No. If someone is bothered by a harrasser on a newsgroup (e.g.
someone flooding the NG with junk), they should put that person
in their killfile.
------------------------------
From: Volker Hetzer <[EMAIL PROTECTED]>
Subject: Re: Potential of machine translation techniques?
Date: Mon, 26 Mar 2001 15:29:06 +0200
Richard Herring wrote:
> Is there actual evidence for fully-automated translation between:
> just two closely related languages?
> All Germanic or all Romance languages?
> All IE languages?
> All 11 current official EU languages?
> All prospective EU languages?
> Wider?
I thing automatic translation still has a long way to go before it
can replace the learning of foreign languages because the same word
or sentence can mean two different things depending on a context that
encompasses a lot more than just other spoken sentences.
Here's an example:
German: Das ist eine schoene Blume.
English, naive: This is a nice flower.
Now, the context is a german looking at a glass of beer and appreciating
the white foam on top of the glass. This foam in a beer glass is called
Blume (flower). How do the english say to this? Doe they have a special
name for this at all?
Greetings!
Volker
--
They laughed at Galileo. They laughed at Copernicus. They laughed at
Columbus. But remember, they also laughed at Bozo the Clown.
------------------------------
From: Volker Hetzer <[EMAIL PROTECTED]>
Subject: Re: Deny Anon Remailers access to this newsgroup
Date: Mon, 26 Mar 2001 15:41:25 +0200
John Joseph Trammell wrote:
> No. If someone is bothered by a harrasser on a newsgroup (e.g.
> someone flooding the NG with junk), they should put that person
> in their killfile.
What would be a good newsreader for linux that supports killfiles?
Right now I use netscape and it doesn't.
Greetings!
Volker
--
They laughed at Galileo. They laughed at Copernicus. They laughed at
Columbus. But remember, they also laughed at Bozo the Clown.
------------------------------
From: Lassi =?iso-8859-1?Q?Hippel=E4inen?= <[EMAIL PROTECTED]>
Subject: Re: Potential of machine translation techniques?
Date: Mon, 26 Mar 2001 13:39:01 GMT
While I've been kept away from this ng for a while (thanks to Netscape
etc.), this interesting off-topic thread has appeared...
Richard Herring wrote:
>
> In article <99e5mq$kk0$[EMAIL PROTECTED]>, Henrick Hellström
>([EMAIL PROTECTED]) wrote:
> > "Richard Herring" <[EMAIL PROTECTED]> skrev i meddelandet
> > news:99cup3$72m$[EMAIL PROTECTED]...
> > >
...
> > > > Isle of Man and in Scotland, are Celtic languages.
I though Manx isn't alive any more.
> > [snip]
> > > > As far as I know all documents are also translated to the languages of
> > the
> > > > two remaining EES countries (Norway and Iceland, Germanic languages), as
> > > > well as to the languages of the candidate countries, e.g. Estonia
> > (related
> > > > to Finnish)
Estonia also has Russian as an official language (about 30%(?) of
population). When Estonia joins, it's likely that cyrillic letters will
be introduced in Brussels. There is an antecedent: when Finland joined,
also her other official language (Swedish) became official in the EU ;-)
Maybe it is time to start learning Esperanto. It seems to have a good
mix of germanic, romance, and slavic words, and a strainghtforward
grammar. In all documents were in Esperanto, there would be need for a
handful of official translations from E to anything else.
If E isn't rich enough, is it cheaper to develope it, or to develope the
unscalable translator fabric?
-- Lassi
------------------------------
From: [EMAIL PROTECTED] (John Joseph Trammell)
Subject: Re: Deny Anon Remailers access to this newsgroup
Date: Mon, 26 Mar 2001 13:56:55 GMT
On Mon, 26 Mar 2001 15:41:25 +0200, Volker Hetzer wrote:
> John Joseph Trammell wrote:
> > No. If someone is bothered by a harrasser on a newsgroup (e.g.
> > someone flooding the NG with junk), they should put that person
> > in their killfile.
> What would be a good newsreader for linux that supports killfiles?
> Right now I use netscape and it doesn't.
I use slrn -- works like a charm. :-)
Tschuss,
J
------------------------------
From: "Henrick Hellström" <[EMAIL PROTECTED]>
Subject: Re: Data dependent arcfour via sbox feedback
Date: Mon, 26 Mar 2001 15:59:06 +0200
"John Savard" <[EMAIL PROTECTED]> skrev i meddelandet
news:[EMAIL PROTECTED]...
> On Sun, 25 Mar 2001 22:18:50 GMT, [EMAIL PROTECTED] (Terry Ritter) wrote,
> in part:
>
> >If "certain countries" is intended to slight the US, I just note that
> >entirely similar patent laws are in force in Europe. Dynamic
> >Substitution is not a "software patent."
>
> Furthermore, I don't think that it can be claimed that the principle
> of Dynamic Substitution was in any way embodied in the thermostat -
> or, for that matter, Watt's governor.
So? The principle of Dynamic Substitution might have been a discovery, but
clearly it only involves abstract principles of information processing. It
does not add any previously unknown physical effect, and it does not present
a previously unknown method to reach a particular kind of physical effect.
It is only a mathematical method, and as such unpatentable in some European
contries.
The conclusion is that it is simply not true that "entirely similar patent
laws are in force in Europe". It would perhaps be nice if it was true, but I
don't think it would be just to change the rules under way. No Swedish
cryptographer, computer scientist, mathematician etc had a chance to file a
conflicting patent back in 1990 or before that. Hence, no Swedish
cryptographer etc is morally or legally obliged to respect that patent (or
any similar patent).
--
Henrick Hellström [EMAIL PROTECTED]
StreamSec HB http://www.streamsec.com
------------------------------
From: Lassi =?iso-8859-1?Q?Hippel=E4inen?= <[EMAIL PROTECTED]>
Subject: Re: Data dependent arcfour via sbox feedback
Date: Mon, 26 Mar 2001 14:16:31 GMT
"Henrick Hellström" wrote:
>
> "John Savard" <[EMAIL PROTECTED]> skrev i meddelandet
> news:[EMAIL PROTECTED]...
> > On Sun, 25 Mar 2001 22:18:50 GMT, [EMAIL PROTECTED] (Terry Ritter) wrote,
> > in part:
> >
> > >If "certain countries" is intended to slight the US, I just note that
> > >entirely similar patent laws are in force in Europe. Dynamic
> > >Substitution is not a "software patent."
The patent laws are much the same, when IPR is concerned. If you get a
patent, you know your position.
The difference is in defining the field where patents are granted. The
boundaries of that field are amorphous and on the move, but still
software patents are much easier to get in the U.S. than in Europe.
Whether this is good or bad has been discussed ad nauseam without
reaching consensus.
> >
> > Furthermore, I don't think that it can be claimed that the principle
> > of Dynamic Substitution was in any way embodied in the thermostat -
> > or, for that matter, Watt's governor.
>
> So? The principle of Dynamic Substitution might have been a discovery, but
> clearly it only involves abstract principles of information processing. It
> does not add any previously unknown physical effect, and it does not present
> a previously unknown method to reach a particular kind of physical effect.
> It is only a mathematical method, and as such unpatentable in some European
> contries.
Change "some" to "most". Mathematical formulae are still considered to
be laws of nature, and cannot be patented. If the method can be bundled
with a physical implementation, it may be patentable. But the patent
cover is then bundled with that implementation.
> The conclusion is that it is simply not true that "entirely similar patent
> laws are in force in Europe". It would perhaps be nice if it was true, but I
> don't think it would be just to change the rules under way.
Sorry, but the rules *are* changing all the time, even though not fast.
A patent is an asset, and assets must respect the market forces.
> No Swedish
> cryptographer, computer scientist, mathematician etc had a chance to file a
> conflicting patent back in 1990 or before that. Hence, no Swedish
> cryptographer etc is morally or legally obliged to respect that patent (or
> any similar patent).
At home. Once you move to the U.S. you may discover that you've become a
criminal...
But please remember that patents are relevant only in the commercial
field. A cryptographer doing research can (and should) use them as
sources of ideas. Things get rough only when you start talking about
money. Even then you can negotiate a licence. Using a patent to prevent
fair competition is illegal in many countries - even in the U.S., IIRC.
-- Lassi
>
> --
> Henrick Hellström [EMAIL PROTECTED]
> StreamSec HB http://www.streamsec.com
------------------------------
From: David A Molnar <[EMAIL PROTECTED]>
Subject: Re: Deny Anon Remailers access to this newsgroup
Date: 26 Mar 2001 14:19:04 GMT
Frank Gerlach <[EMAIL PROTECTED]> wrote:
> I cannot find a good reason why anon remailers should be allowed to
> post to sci.crypt. If someone needs pseudo-anonymity, just change your
> name in the news client.
That's not sufficient - looking at message headers will give up information
about where you're from.
There are at least two reasons why cryptography discussion groups, sci.crypt
in particular, might be a good place for the use of anon remailers.
* Someone might want to discuss a project or algorithm which is
not public knowledge, but which they have special knowledge of.
Using an anonymous remailer allows someone to discuss such things
and at least have a hope of not being "thrown in jail" for it.
(Please note that I'm not taking a position on whether this is a
good or moral thing - only that this kind of motive exists and
would be a reason to use an anonymous remailer).
For example, the alleged RC4 code was posted via an anonymous
remailer. More recently, we had the "Iraqi Block Cipher" (probably
a hoax, but still).
* Someone might want to post to sci.crypt without having the
statements here tied to their professional identity. For example,
on the coderpunks mailing list, every now and then an anonymous
poster shows up who has a surprising command of math and
cryptographic literature. If I had to guess, I'd say it was a
professor someplace who didn't want to get in trouble for
"extra-curricular" activities.
Here on sci.crypt, for a while we had lordcow77. While that wasn't
an anonymous remailer, I'm not sure who the True Name of that
poster was either.
I think both fora are the richer for these posters - and it would
be a shame if the lack of anonymous remailers prevented them or
people like them from posting.
-David
------------------------------
From: [EMAIL PROTECTED] (Dan Hargrove)
Subject: TEA, Blowfish with non-random data?
Date: 26 Mar 2001 14:32:09 GMT
I have a layman's question about the security of certain implementations of
cryptography which are offered as freeware.
The problem is that there is no information given for either one regarding
how pseudo-random data is produced. This would lead one to believe that
the implementation is less than secure. The quality of the pseudo-random
data produced by the software is less than assured, in my view.
How secure are TEA and Blowfish when "imperfect" pseudo-random data is used
to produce the encryption?
At issue are two freeware products. The first is Abi-Coder, which offers
the choice of Triple-DES or Blowfish. It can create self-decrypting files
with a 128 bit key with Blowfish, or a 192 bit key with Triple-DES. You
can get it at the following site. As you can see from the documentation
offered, nowhere does it mention how the "random" data required for an
implementation of Blowfish is produced;
http://www.abisoft.net/
The other freeware product I would mention is MP-Crypt, which can encrypt
files, and even recursive directories to a self-decrypting file, using the
TEA algorithm. Once again, no information is given on the production of
"random" data. You can get it here;
http://members.fortunecity.com/petraru/
Any responses will be much appreciated. Please bear in mind that I know
little about the math of cryptology, so please put your answer into
practical, non-disicplinary language.
Best regards;
Dan
------------------------------
From: "Ryan M. McConahy" <[EMAIL PROTECTED]>
Crossposted-To: soc.men,alt.security.pgp
Subject: Re: [STATS] FBI used to eat tasty MIX keys
Date: Mon, 26 Mar 2001 09:38:22 -0500
Ok ive had it... SCREW YOU!!
*works on kill filter*
lcs Mixmaster Remailer wrote in message
<[EMAIL PROTECTED]>...
>Shinn requires to encode some TLA
>0,1761681 0,904277 0,6188152 -2001/03/26 01:27:28-
>Script-Kiddie MASTER of APAS/ADRU/SM/AUK
>For a 21st Century completely REMAILER-FREE
>That CRAP brought to you by request from Thomas J. BOSCHLOO
>[EMAIL PROTECTED]
>NSA needs NSA
------------------------------
From: "Ryan M. McConahy" <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp
Subject: Re: Kill-filter expression for script weenie
Date: Mon, 26 Mar 2001 09:41:17 -0500
Sooo much better. :)
------------------------------
Date: 26 Mar 2001 15:00:06 -0000
From: lcs Mixmaster Remailer <[EMAIL PROTECTED]>
Subject: Noisebox wants to eat these TLA
Crossposted-To: soc.men,alt.security.pgp
Swiss requires to code NSA
0,7024298 0,2418129 0,1697451 -2001/03/25 22:36:52-
Script-Kiddie MASTER of APAS/ADRU/SM/AUK
For a 21st Century completely REMAILER-FREE
That CRAP brought to you by request from Thomas J. BOSCHLOO
[EMAIL PROTECTED]
Stealth uses NSA
[ANNOUNCE] Rascal absolutely wants most of MIX keys
[STATS] Bush asks these radishes
Arafat wants to burn plenty of priapic PGP code
------------------------------
From: Gary Woods <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp
Subject: Re: Kill-filter expression for script weenie
Date: Mon, 26 Mar 2001 15:08:29 GMT
[EMAIL PROTECTED] (filterguy) wrote:
>A filter expression
It would be best to discuss this off-group, since the person trying to
disrupt things clearly feeds on any talk about them.
(I have one that works pretty well for agent).
The flooding has spread, primarily because in alt.privacy.anon-server it's
being ignored, with occasional thanks for the cover traffic {:-)
--
Gary Woods O- K2AHC Public keys at www.albany.net/~gwoods, or get 0x1D64A93D via
keyserver
[EMAIL PROTECTED] [EMAIL PROTECTED]
fingerprint = E2 6F 50 93 7B C7 F3 CA 1F 8B 3C C0 B0 28 68 0B
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Potential of machine translation techniques?
Date: Mon, 26 Mar 2001 17:43:33 +0200
Volker Hetzer wrote:
>
> I thing automatic translation still has a long way to go before it
> can replace the learning of foreign languages because the same word
> or sentence can mean two different things depending on a context that
> encompasses a lot more than just other spoken sentences.
> Here's an example:
>
> German: Das ist eine schoene Blume.
> English, naive: This is a nice flower.
>
> Now, the context is a german looking at a glass of beer and appreciating
> the white foam on top of the glass. This foam in a beer glass is called
> Blume (flower). How do the english say to this? Doe they have a special
> name for this at all?
Certainly very good quality translation would not be
achievable by machine. Note that human translations of
famous literature works are often of questionable nature.
There are nowadays translation packages on sale in
stores. I have not tried them. Does anyone have experiences?
Thanks.
M. K. Shen
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Potential of machine translation techniques?
Date: Mon, 26 Mar 2001 15:30:45 GMT
Volker Hetzer wrote:
> German: Das ist eine schoene Blume.
> English, naive: This is a nice flower.
> Now, the context is a german looking at a glass of beer and appreciating
> the white foam on top of the glass. This foam in a beer glass is called
> Blume (flower). How do the english say to this? Doe they have a special
> name for this at all?
It's usually called a "head" in the US.
However, "nice head" has other connotations, so probably
a native US English speaker would phrase it differently.
The general issue is that correct language translation requires
that the original be *understood*, i.e. related to the real world,
and the constructed understanding used to re-express it in the
target language. Good human translators, e.g. of literary works,
routinely do this.
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Data dependent arcfour via sbox feedback
Date: Mon, 26 Mar 2001 17:53:26 +0200
Lassi Hippeläinen wrote:
>
> But please remember that patents are relevant only in the commercial
> field. A cryptographer doing research can (and should) use them as
> sources of ideas. Things get rough only when you start talking about
> money. Even then you can negotiate a licence. Using a patent to prevent
> fair competition is illegal in many countries - even in the U.S., IIRC.
Are you sure of that? From some stuffs about genomes I
read in newspaper, I got the impression that researches
in molecular biology would be hampered, if these involve
patented materials. Or putting the question in another
field, could a research institution self-build and use a
piece of patented machine purely for research without
any monetary exploitation?
M. K. Shen
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
