Cryptography-Digest Digest #18, Volume #14 Mon, 26 Mar 01 20:13:00 EST
Contents:
Re: Idea - (LONG) (Bertrand)
Re: Here's a fun Rijndael Challenge ("Joseph Ashwood")
Re: Kill-filter expression for script weenie (Dave Howe)
Re: Idea - (LONG) ("Joseph Ashwood")
Re: Idea - (LONG) (Bertrand)
Re: New PGP Flaw Verified By Phil Zimmerman, Allows Signatures to be Forged
(Benjamin Goldberg)
Re: Idea - (LONG) ("Joseph Ashwood")
Once again U.S. law enforcement violated illegally ... yesterday in Miami -
([EMAIL PROTECTED])
Talking to AGOD .... reasons for telling the truth ... ([EMAIL PROTECTED])
----------------------------------------------------------------------------
From: Bertrand <[EMAIL PROTECTED]>
Subject: Re: Idea - (LONG)
Date: Mon, 26 Mar 2001 18:46:33 -0400
Just break it with its short key!
I choose a short key and easy function f(k) (additive function), because
I know that even with this simple choice you can't break it.
What if I used long key and complex function????
Just speech spech speech ...your answers.
You do not that you have to solve a stream cipher based on Vernam
principle???
It's not because you are using "high level technical language " that you
are good cryptanalyst.
I skipped volontarly another algo which allow me to build "ideal
substitution cipher".
For every (EVERY) CHARACTER of the plain text, I assign a unique and
specific symbol, without sending any dictionnary to the recipient.
Good bye Mister Joseph and good luck with your cryptography.
Joseph Ashwood wrote:
>
> I'm sorry but there's this pecky little proof that you have to deal with. It
> proves one very simple thing, to have unbreakable security you MUST have a
> key at least as long as the plaintext (I believe it was Shannon that proved
> this). You really do need to read something, otherwise this pesky thing
> called math will keep making a mockery of your statements.
> Joe
>
> "amateur" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > Skip the first step of Cesar and you will understand that my idea is
> > nothing more than a version of OTP with great advantage : using a short
> > key.
> > Even if I used a short key of 12 digits, it's hard to solve.
> > With a key of 100 hundreds digits it's unbreakable.
> > Try just to code two bits with odd and even
> > First communication
> > 01 = 23 it could 47 or 89 or even odd ......
> > Mask them with a key 63
> > Let M= a - k => a = M + k = 23 + 63 = 86
> > I send a = 86
> > Second communication
> > 11 = 37
> > same key 63
> >
> > I send b
> >
> > b = 100
> >
> > You have a difference -14.
> >
> > -14 = 100 - 86 =
> >
> > How could you retrieve m1 and m2?
> >
> > You want to use a known plain-text attack?????
> > Every plain-text gives you a billions of encrypted texts??????
> > Just try to understand that it is a version of of OTP with short key and
> > the possibility of reusing the key.
> >
> >
> >
> >
> > "John A. Malley" wrote:
> > >
> > > amateur wrote:
> > > >
> > > > Don't forget that with my idea the same clear could produce multiple
> > > > cyphertext.
> > > > Schneier is defining restricted algorithm when algo is kept secret.
> > > > That's not my case.
> > > > All my algo is public. The secret who is to find and distinguish two
> > > > categories of symbols is not secret at all.
> > > > But the sender has the freedom to imagine any kind of two categories
> > > > before encrypting.
> > > > This secret is disclose if the recipient has the key.
> > > > All modern cryptography is based on power of computing.
> > > > What I'm proposing is to found a new cryptography based on the
> inability
> > > > of computer to analyse a text trying to distinguish two categories.
> > >
> > > Humans write programs. Algorithms employed by humans to decide
> > > something can be transcribed to a computer program (encoded as binary
> > > numbers.) A human recognizes the symbols in the ciphertext correspond
> > > to one or another category. The ability of a human to spot patterns can
> > > be encoded as an algorithm acting on the data. So a computer program
> > > can be written to do the same thing.
> > >
> > > Computers sort through data faster than humans. That's the advantage of
> > > a computer.
> > >
> > > > Computer has no this attribute.
> > >
> > > Computers are glorified adding machines. We tell them to add, subtract,
> > > multiply and divide numbers. We encode information as numbers and
> > > manipulate information as numbers. No program "means" anything to a
> > > computer. Computers do literally what we tell them to do with a program.
> > >
> > > For a time the word "computer" meant a person who carried out
> > > particular numerical calculations. "Computers" did not necessarily know
> > > what they were working on or what the calculation results meant.
> > >
> > > > So the cryptanalist even if he use the
> > > > computer is helpless. The only strategy for him is to try to guess
> what
> > > > a sender has choosen to encrypt every bit.
> > > > And this domain is infinite.
> > >
> > > So you encode binary-represented ciphertext with members of two set of
> > > symbols, each set with the same number of elements. The two sets differ
> > > in one property - one set has the property, the other set does not. The
> > > absence and presence of the property corresponds to binary 0 or 1.
> > >
> > > This "encoded" ciphertext is human-readable - it must be, or how can a
> > > human decode it? So a computer program can be written to recognize it
> > > same as a human did.
> > >
> > > This "encoded" ciphertext is program-readable if a program is written to
> > > generate the "encoded" ciphertext to send it electronically or to print
> > > it onto paper. And that which is generated by a program is recognized by
> > > a program.
> > >
> > > I read the "idea" post and the proposed cipher. A human cryptanalyst
> > > *can* figure out which symbols correspond to 0 and 1 no matter what
> > > symbols are used, due to the statistics of the plaintext as exposed in
> > > the ciphertext.
> > >
> > > How! you ask...
> > >
> > > Well, (1) the first thing the cipher does it apply a Caesar substitution
> > > to a fixed length of plaintext message.
> > >
> > > OK. This preserves the frequencies of occurrence of every letter,
> > > digraph
> > > and trigraph in the plaintext message. And the structure of every
> > > sentence. And the order of every plaintext word.
> > >
> > > Next, (2) convert each character in the substitution output into its hex
> > > equivalent, and then to binary (0 and 1.)
> > >
> > > OK. This preserves the frequencies of occurrence of every letter,
> > > digraph and trigraph in the plaintext message. And the structure of
> > > every sentence. And the order of every plaintext word.
> > >
> > > All (2) does it substitute a binary string for each character in the
> > > output of (1). That's why all the salient statistical information in the
> > > plaintext comes sailing on through.
> > >
> > > Now here's a interesting fact:
> > >
> > > The number of 1s and 0s in the resulting binary string produced in the
> > > output of step (2) are NOT equal. There are either more 1s than 0s or
> > > there are more 0s than 1s.
> > >
> > > Why?
> > >
> > > Well, some characters in the plaintext occurred far more often than
> > > others. And after the substitution cipher in step (1), their ciphertext
> > > character equivalents occur far more often than the ciphertext
> > > equivalents of the others. And after (2), the binary string
> > > representations of the ciphertext character equivalents occur far more
> > > often than the binary string equivalents of the ciphertext equivalents
> > > of
> > > the others.
> > >
> > > So what comes next?
> > >
> > > In step (3) of your idea, form two sets of symbols, each set with equal
> > > numbers of elements. Take the binary string representation output of
> > > step (2) and substitute an element out of one set selected uniformly at
> > > random for a 0 and a substitute an element out of the other set selected
> > > uniformly at random for a 1.
> > >
> > > OK. But remember, the number of 1s and 0s in the binary string
> > > representation are NOT equal! So symbols from one set appear more often
> > > than symbols from the other set. And the symbols selected from a set
> > > are selected uniformly a random. For a quantity of ciphertext encrypted
> > > this way, every symbol from the set corresponding to 1 should appear
> > > the same number of times and every symbol from the set corresponding to
> > > 0 should appear the same number of times.
> > >
> > > This information allows a cryptanalyst to determine which symbols
> > > correspond to which of the two sets representing 0 and 1.
> > > It can be determined by frequency count of each symbol in the encoded
> > > ciphertext. Half of the symbols in the "encoded" ciphertext will occur
> > > with the same frequency, f_a, and half of the symbols in the "encoded"
> > > ciphertext will occur with the same frequency f_b, and f_a will NOT
> > > equal f_b. Which set corresponds to 1 and 0? It's one or the other -
> > > but a clever cryptanalyst knows already what the binary coding of
> > > characters is, so therefore already knows if 1s or 0s occur with more
> > > frequency in the binary representation of the plaintext alphabet.
> > >
> > > So in step (3) the 0s are represented with {0,1,2,3,4} and 1s are
> > > represented with {5,6,7,8,9}.
> > >
> > > Again, the number of 0s, 1s, 2s, 3s, 4s will tend to be equal and the
> > > number of 5s, 6s, 7s, 8s, and 9s will tend to be equal but the number of
> > > 0s will not equal the number of 5s, #1s will not equal #5s, etc.
> > >
> > > In Step (4) a further Caesar substitution (? there's no modulo operation
> > > though, it's just addition) is done by adding a constant key value to
> > > the numerical result
> > > of Step (3).
> > >
> > > Does this hide the fact that the number of 0s and 1s in the binary
> > > representation output of step (2) are not equal?
> > >
> > > No.
> > >
> > > In fact, take any two message blocks encrypted with this cipher (using
> > > your notation, E1' + K and E2' + K, and just subtract one from the
> > > other to get E1' - E2'.
> > >
> > > No key involved here now. It's possible for the cryptanalyst to examine
> > > the statistics of the plaintext directly. What are the statistics of the
> > > differences between plaintext binary representations - they show up
> > > directly in the ciphertext.
> > >
> > > The addition of a fixed constant (key) in step (4) will not change the
> > > statistics of the underlying plaintext as revealed by the substituted
> > > ciphertext in step (2).
> > >
> > > Once a cryptanalyst determines which symbols represent 0s and 1s in a
> > > manner like the described, he replaces the symbols with 0s and 1s and
> > > gets the binary string equivalent to the Caesar substitution on the
> > > original plaintext (output of step 3.) Then all the known tools for
> > > cracking simple substitution ciphers apply to rapidly crack this cipher.
> > >
> > > The attack is even quicker and easier with known plaintext! Try it
> > > yourself and see. :-)
> > >
> > > In summary, here's the core of the attack:
> > >
> > > Homophonic substitution of the 0s and 1s of the binary string
> > > equivalents of the ciphertext output of a simple substitution cipher
> > > keeps the statistics of the plaintext (and its binary string equivalent
> > > ) intact. Any bias in the number of occurrences of 0s and 1s shows up
> > > in the frequencies of the symbols used to encode 0s and 1s.
> > >
> > > Hope this helps,
> > >
> > > John A. Malley
> > > [EMAIL PROTECTED]
> > >
> > >
> > >
> > >
> > > > You have multiple combinations using only the characters of ASCII
> table.
> > > > If using others codes, you have to understand thas it's quite
> impossible
> > > > to attack.
> > > >
------------------------------
From: "Joseph Ashwood" <[EMAIL PROTECTED]>
Subject: Re: Here's a fun Rijndael Challenge
Date: Mon, 26 Mar 2001 15:47:02 -0800
I'm sorry but we don't do that stuff here. We deal with actual cryptanalysis
(although there are a few that do puzzles). Now on to the actual problems
with your method.
First and foremost, Rijndael takes 128-bits as input, and generates 128-bits
as output, you have taken a phone number, and a word. Assuming your phone
number and word are each less than 64 characters, that should be no more
than 8 blocks of Rijndael, you have managed to create more than 8 times
that. I'm sorry but since your idea results in at least an 8 fold text bloat
it is not useful for anything except creating puzzles. Might I suggest that
you instead publis it to rec.puzzles?
BTW before you post a challenge again, please read the FAQ which
specifically states NOT to post them.
Joe
------------------------------
From: Dave Howe <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp
Subject: Re: Kill-filter expression for script weenie
Date: Tue, 27 Mar 2001 01:02:47 +0100
In our last episode (<alt.security.pgp>[26 Mar 2001 10:02:37 GMT]),
[EMAIL PROTECTED] (filterguy) said :
>A filter expression that kills the Script Kiddie posts:
>
>for (Forte) Agent:
>
>subject: (love*|need*|ask*|require*|uses*|want*|used) and from:
>(anonymous|melon|frog2|remailer|steeleye|nescio)
Thankyou - Better than 300 examples of this crap were just set as
read.
--== DaveHowe ( is at) Bigfoot dot com ==--
------------------------------
From: "Joseph Ashwood" <[EMAIL PROTECTED]>
Subject: Re: Idea - (LONG)
Date: Mon, 26 Mar 2001 16:14:29 -0800
"Bertrand" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Just break it with its short key!
Why? I charge good money for my time.
> I choose a short key and easy function f(k) (additive function), because
> I know that even with this simple choice you can't break it.
And I know that no matter what I do you still won't realize that your claims
are patently false, have been from the beginning, and will always be.
> What if I used long key and complex function????
That depends on how long you make the key (if you make it long enough it
will be unbreakable, but then it would be a OTP), and depends on the
function you choose, you choose a good function it will be secure, you
continue choosing laughable functions it will be laughed at.
> Just speech spech speech ...your answers.
Just listen listen listen to the answer I've already told you several times.
> You do not that you have to solve a stream cipher based on Vernam
> principle???
You really should learn what you are saying, it's not a stream cipher, it's
a pitiful attempt to build a block cipher that lacks any security. Also is
there a proper English version of that question/sentence available, it makes
no sense.
> It's not because you are using "high level technical language " that you
> are good cryptanalyst.
No it is because I have the ability to think, listen, read, learn,
understand that means I am far better than you at cryptanalysis.
> I skipped volontarly another algo which allow me to build "ideal
> substitution cipher".
Now that's a rich one. An "ideal substitution cipher" do you even know what
the words you're putting together mean? A substitution cipher requires one
location in ram for each valid symbol, that limits you to 16-bit (assuming
32-bit address space) ciphers which are by nature weak, feel free to read up
on RAM while you're at it. So by definition the "ideal substitution cipher"
simply can't exist. Would you care to try again? Perhaps you'd like to
describe your algorithms as "Completely worthless waste of bits" instead, at
least it's reasonable terminolgy for cryptography.
> For every (EVERY) CHARACTER of the plain text, I assign a unique and
> specific symbol, without sending any dictionnary to the recipient.
Now that would almost be interesting except for one very problematic thing,
you would have to make it very weak in order for a human to be able to
analyze it, and that means a computer could much more easily analyze it, I'm
fairly sure this has been pointed out to you before.
> Good bye Mister Joseph and good luck with your cryptography.
Well Best of Luck to you, it's rather difficult to get me to leave so I can
only conclude that you will choose other persuits.
Joe
------------------------------
From: Bertrand <[EMAIL PROTECTED]>
Subject: Re: Idea - (LONG)
Date: Mon, 26 Mar 2001 19:31:33 -0400
No more than speech again.
Crack it! that's what I'm waiting for to be convinced.
Joseph Ashwood wrote:
>
> "Bertrand" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > Just break it with its short key!
>
> Why? I charge good money for my time.
>
> > I choose a short key and easy function f(k) (additive function), because
> > I know that even with this simple choice you can't break it.
>
> And I know that no matter what I do you still won't realize that your claims
> are patently false, have been from the beginning, and will always be.
>
> > What if I used long key and complex function????
>
> That depends on how long you make the key (if you make it long enough it
> will be unbreakable, but then it would be a OTP), and depends on the
> function you choose, you choose a good function it will be secure, you
> continue choosing laughable functions it will be laughed at.
>
> > Just speech spech speech ...your answers.
>
> Just listen listen listen to the answer I've already told you several times.
>
> > You do not that you have to solve a stream cipher based on Vernam
> > principle???
>
> You really should learn what you are saying, it's not a stream cipher, it's
> a pitiful attempt to build a block cipher that lacks any security. Also is
> there a proper English version of that question/sentence available, it makes
> no sense.
>
> > It's not because you are using "high level technical language " that you
> > are good cryptanalyst.
>
> No it is because I have the ability to think, listen, read, learn,
> understand that means I am far better than you at cryptanalysis.
>
> > I skipped volontarly another algo which allow me to build "ideal
> > substitution cipher".
>
> Now that's a rich one. An "ideal substitution cipher" do you even know what
> the words you're putting together mean? A substitution cipher requires one
> location in ram for each valid symbol, that limits you to 16-bit (assuming
> 32-bit address space) ciphers which are by nature weak, feel free to read up
> on RAM while you're at it. So by definition the "ideal substitution cipher"
> simply can't exist. Would you care to try again? Perhaps you'd like to
> describe your algorithms as "Completely worthless waste of bits" instead, at
> least it's reasonable terminolgy for cryptography.
>
> > For every (EVERY) CHARACTER of the plain text, I assign a unique and
> > specific symbol, without sending any dictionnary to the recipient.
>
> Now that would almost be interesting except for one very problematic thing,
> you would have to make it very weak in order for a human to be able to
> analyze it, and that means a computer could much more easily analyze it, I'm
> fairly sure this has been pointed out to you before.
>
> > Good bye Mister Joseph and good luck with your cryptography.
>
> Well Best of Luck to you, it's rather difficult to get me to leave so I can
> only conclude that you will choose other persuits.
> Joe
------------------------------
From: Benjamin Goldberg <[EMAIL PROTECTED]>
Crossposted-To:
alt.privacy.anon-server,alt.security.pgp,comp.security.pgp.discuss,comp.security.pgp.resources,comp.security.pgp.tech
Subject: Re: New PGP Flaw Verified By Phil Zimmerman, Allows Signatures to be Forged
Date: Tue, 27 Mar 2001 00:35:28 GMT
Roger Schlafly wrote:
>
> "Imad R. Faiad" <[EMAIL PROTECTED]> wrote in message
> > The Klima & Rosa attack may sound good in theory,
> > but in practice it is not workable.
> > Here is what the attacker has to do:-
> > 1) Get your private key.
> > 2) Change certain public key parameters in such a way
> > so that your secret key may be derived from a signed
> > message.
> > 3) Wait for you to sign a message.
> > 4) Capture the message in 3).
> > 5) Restore your private key to it's original state.
> > 6) Use the signature in 4) to derive your secret key.
> > 7) Build your secret key.
> > 8) Sign messages on your behalf.
>
> If the attack has access to my private machine to do all that,
> wouldn't it be easier for him to patch my PGP.exe in some way
> to make it insecure?
>
> This "attack" just looks like a cheap publicity stunt to me.
Suppose you are one user on a multiuser unix system. Due to having
downloaded a virus or trojan horse, someone has managed to change your
files. Not the system's pgp executable (which is owned by root or wheel
or bin or whomever), just the files which your account owns.
Also... one could concievably write a single perl script to patch the
private key, which would be able to run on multiple versions of unix,
and even on windows as well -- whereas patching an executable is highly
magical, and highly system dependent, and probably larger than the perl
script.
--
The difference between theory and practice is that in theory, theory and
practice are identical, but in practice, they are not.
------------------------------
From: "Joseph Ashwood" <[EMAIL PROTECTED]>
Subject: Re: Idea - (LONG)
Date: Mon, 26 Mar 2001 16:52:59 -0800
I did oversimplify to the point of error. What was proven is that you must
have plaintext and key such that there is at least as much combined entropy
as space in the ciphertext. In all honesty I am not entirely sure who proved
it. It's a rather intuitive result actually, or at least it is once you've
been told it.
Joe
"Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Joseph Ashwood wrote:
> > ... to have unbreakable security you MUST have a key at least as long
> > as the plaintext (I believe it was Shannon that proved this).
>
> Actually Shannon showed something else. A shorter key could suffice
> if the source has appreciable redundancy. And that whole approach
> doesn't take into account work factor.
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: alt.politics.org.fbi,alt.politics.org.nsa,alt.2600
Subject: Once again U.S. law enforcement violated illegally ... yesterday in Miami -
Date: 26 Mar 2001 14:36:00 GMT
=======
For your potential news reporting:
Once again I was violated by the U.S. cops who came and started asking
questions and other activities without me doing anything wrong or illegal.
Actually, I was just in a parking space in my car without doing really
anything. At this time there were three police cars and it was in Miami. This
is the second time within two weeks it has happened to me here in the U.S.A.
1.5 weeks earlier the similar violation by these U.S. cops took place in Los
Angeles.
They violate criminally and I seemed to be targeted by them. I have never even
got a traffic ticket or done anything illegal. This Miami violation by the
U.S. cops happened just few hours after I had attended a Jewish event (one
similar to Rabbe Carlebach's events in Leningrad in 1989) in Miami.
These abuses by the U.S. police and law enforcement forces started after the
U.S. government stole my spouse (now ex spouse) in December, 1999 and after
my spouse left there have been at least eight separate violations against me
by the U.S. cops or police officers.
Basically, they are doing this criminally and I have never done anything
illegal and not even got a traffic ticket. I do not drink, smoke, I have
never even tried any illegal drugs and I practice my religion (the religion
of AGOD) every day praying at least three times a day. I have no associations
with any illegal groups or activities. So all their violations are illegal.
But this is the way it has been for 1.5 years now and I do not foresee me
staying in the U.S.A. for very much longer due to all these criminal abuses
by the U.S. law enforcement. It is ironic, I have never done anything wrong
or illegal.
Markku J. Saarelainen
from Miami
P.S. Minun viestini noille "law enforcement" ... joka kerta kun tata tapahtuu
paasette uutisiin ympari maapalloa jne. ... te "law enforcement" olette
rikollisia ja rikkomassa minun oikeuksiani.
----- Posted via NewsOne.Net: Free (anonymous) Usenet News via the Web -----
http://newsone.net/ -- Free reading and anonymous posting to 60,000+ groups
NewsOne.Net prohibits users from posting spam. If this or other posts
made through NewsOne.Net violate posting guidelines, email [EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: alt.2600
Subject: Talking to AGOD .... reasons for telling the truth ...
Date: 26 Mar 2001 19:27:41 GMT
The reason why I started speaking on the Internet in 1999 and have continued
ever since from the U.S.A. is that it is my way to communicate with AGOD
which is the Creator of all Universe after realizing the deception by the
White House and the USA in 1999. AGOD is in the whole Universe, in the world
and in each of us. We are living in the world of AGOD and my communications
on the Internet or in other mediums are my way to tell the truth to AGOD who
has the absolute capability and power to make decisions and changes in the
world of AGOD based on my messages of the truth. Each of us is an element of
AGOD as are any outputs from any processes of ours in the world of AGOD. So I
am talking to AGOD."Talking to AGOD without any fear to change the world"
----- Posted via NewsOne.Net: Free (anonymous) Usenet News via the Web -----
http://newsone.net/ -- Free reading and anonymous posting to 60,000+ groups
NewsOne.Net prohibits users from posting spam. If this or other posts
made through NewsOne.Net violate posting guidelines, email [EMAIL PROTECTED]
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
