Cryptography-Digest Digest #426

[Digestifier]

Cryptography-Digest Digest #426, Volume #14      Thu, 24 May 01 21:13:00 EDT

Contents:
  Re: Medical data confidentiality on network comms ("Harris Georgiou")
  Re: Information hiding in digital TV etc ( WARNING : OT ! ) (Regulator)
  rs232 data encryption (Robert Self)
  Re: Medical data confidentiality on network comms (Paul Rubin)
  Re: rs232 data encryption ("Tom St Denis")
  Re: Quicksilver (David W.)
  Quicky math question ("Tom St Denis")
  Re: Medical data confidentiality on network comms (Mok-Kong Shen)
  Differential cryptanalysis. ("Adam O'Brien")
  Re: Ideas for project (Ichinin)
  Re: Differential cryptanalysis. ("Tom St Denis")
  Re: rs232 data encryption ("Joseph Ashwood")
  algebraic degree ("Tom St Denis")
  Re: rs232 data encryption ("Tom St Denis")
  Hybrids (Terry Cooper)
  Re: Hybrids ("Tom St Denis")
  Re: Hybrids (Ed Kubaitis)
  Re: Hybrids (David A Molnar)
  Re: Quicky math question ("Henrick Hellström")
  Re: Quicky math question ("Tom St Denis")
  Re: Quicky math question ("Jeffrey Walton")
  Re: Message for Alexis Machado ("Paul Pires")
  Crypto NEWBIE, wants to create the 100% SAFE FRACTAL encoding... Am I a fool ? 
("BenZen")
  Re: Crypto NEWBIE, wants to create the 100% SAFE FRACTAL encoding... Am I a fool ? 
(Paul Rubin)
  Re: rs232 data encryption ("Scott Fluhrer")

----------------------------------------------------------------------------

From: "Harris Georgiou" <[EMAIL PROTECTED]>
Crossposted-To: comp.security.misc
Subject: Re: Medical data confidentiality on network comms
Date: Fri, 25 May 2001 00:21:10 +0300

Ï Jeffrey Williams <[EMAIL PROTECTED]> Ýãñáøå óôï ìÞíõìá óõæÞôçóçò:
[EMAIL PROTECTED]
> I have some experience working with medical folks, and lots of experience
with
> networks, but I've not combined the two.  One suggestion I have is to
assume
> that your closed loop will be opened to the outside world.  I've worked on
a
> variety of systems which were ostensibly secure.  In almost every case,
> including military networks, some one compromised security.  More often
than
> not, the source of the compromise was some technically oriented user who
wanted
> to be able to login from home.
>
> If you want to minimize the effort required for someone to login in a
secure
> manner, check out biometrics - there are apparently some new devices
becoming
> available which scan fingerprints, or iris patterns, or facial patterns,
etc.
> They might be cheap enough to be useful in your system.
>
> Jeff

The term "closed loop" I used refers to a group of processes (services)
working together independently or in sequence (request relay), so my design
mainly addresses the issue of authenticated processes interconnection rather
than physical login by users.
Anyway, is it a fact that biometric security devices have been used in
medical facilities? I thought only military or goverment organizations could
affort the cost of them  :-o
Cheers!



--

Harris

- 'Malo e lelei ki he pongipongi!'








------------------------------

From: Regulator <[EMAIL PROTECTED]>
Subject: Re: Information hiding in digital TV etc ( WARNING : OT ! )
Date: Thu, 24 May 2001 21:33:39 GMT

=====BEGIN PGP SIGNED MESSAGE=====
Hash: SHA1

On Thu, 24 May 2001 03:18:27 GMT,  shortly before taking down the
Internet with a well timed crack, Ian Stirling <[EMAIL PROTECTED]>
wrote something that looked remarkably like :

:o)he fight between good and evil, an epic battle. Darth vader and
Luke, 
:o)suddenly in the middle of the fight, Darth pulls Luke to him, and
whispers
:o)"I know what you'r getting for christmas!" Luke exclaims "But how
??!?"
:o)"It's true Luke, I know what you'r getting for christmas" Luke
tries to ignore
:o)this, but wrenches himself free, yelling "How could you know
this?", 
:o)Vader replies "I felt your presents"  -- The Chris Evans breakfast
show ca. 94


Sorry, had to comment on that sig, very funny !

Regards,

Pete.



***

" Travelling through cyberspace ain't like dustin' crops kid,
  You could fly right through a node or bounce too close to a 
  supercomputer and that'd end your trip real quick wouldn't it ?! "

  - Han Solo ( a long time ago and all that ... )

***

( email to double dot take at bee tee internet dot com )

***

=====BEGIN PGP SIGNATURE=====
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBOw1+Ztx6WhlphOiHEQIFTwCbBvfh1kny2CAyWzCr/k1FlvL2iJQAoNgn
VYcGN/cwbL3R8p54MdLRFNkX
=Yny9
=====END PGP SIGNATURE=====


------------------------------

From: [EMAIL PROTECTED] (Robert Self)
Subject: rs232 data encryption
Date: Thu, 24 May 2001 21:06:18 GMT

I have a 38Kbaud rs232 data stream that I would like to encrypt and
decrypt on the other end in real time. I also need to have the
receiver be able to rapidly get back in sync in case of bad data. Does
anyone know of a fairly secure algorithm to do this? It needs to be
fast since it needs to run in real time on a pc and on a
microprocessor.

thanks


------------------------------

From: Paul Rubin <[EMAIL PROTECTED]>
Crossposted-To: comp.security.misc
Subject: Re: Medical data confidentiality on network comms
Date: 24 May 2001 15:24:58 -0700

"Harris Georgiou" <[EMAIL PROTECTED]> writes:
> Anyway, is it a fact that biometric security devices have been used in
> medical facilities? I thought only military or goverment organizations could
> affort the cost of them  :-o

They're not that expensive.  We use hand scanners for access control
where I work.  Fingerprint scanners are cheap enough that they're built
into some consumer devices like computer mice.


------------------------------

From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: rs232 data encryption
Date: Thu, 24 May 2001 22:25:50 GMT


"Robert Self" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> I have a 38Kbaud rs232 data stream that I would like to encrypt and
> decrypt on the other end in real time. I also need to have the
> receiver be able to rapidly get back in sync in case of bad data. Does
> anyone know of a fairly secure algorithm to do this? It needs to be
> fast since it needs to run in real time on a pc and on a
> microprocessor.

I would try AES in CTR mode and resync the packet number every so often.

Tom



------------------------------

From: David W. <[EMAIL PROTECTED]>
Subject: Re: Quicksilver
Date: Thu, 24 May 2001 17:28:23 -0500

On Thu, 24 May 2001 07:14:35 GMT, "Greg Pierce" <[EMAIL PROTECTED]> wrote:

>Hello,
>
>I was wondering if anyone has experienced any problems using Quicksilver's nym 
>creation wizard. 
>When I try to go through the process of creating a nym, I can't seem to get the key 
>for the nym that I created on my PGP keyring to dropdown from the drop down menu. I 
>followed the directions exactly,...using a RSA key, and limiting it to 2048 bits. It 
>even appears on my keychain from within the QS program.
>
>I would appreciate any comments, suggestions.
>
>Sincerely,
>Greg

You might try posting your message in the "alt.privacy.anon-server" newsgroup.
It is where the author of the program Richard Christman hangs-out.  He would
probably be more than happy to help you out with any problems you are having
with Quicksilver.  The cocksuckers that do most of the posting on this newsgroup
wouldn't piss on their own mother if she was on fire, let alone try to help
someone else out.

David W.



------------------------------

From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Quicky math question
Date: Thu, 24 May 2001 22:31:42 GMT

Ok this may sound very silly... but what does | mean in set notation.  Last
I heard it meant "such that".

I am reading Koblitz's "A course in number theory" (yes I skipped ahead...
oops) on page161 he writes

S = {t^2 - N | \sqrt n + 1 \le t \le \sqrt n + A }

What does the | mean here?

Or does it mean the set containing t^2 - N "for all" t in the range
specified (greater than sqrt n and less than sqrt N plus A).
--
Tom St Denis
---
http://tomstdenis.home.dhs.org



------------------------------

From: Mok-Kong Shen <[EMAIL PROTECTED]>
Crossposted-To: comp.security.misc
Subject: Re: Medical data confidentiality on network comms
Date: Fri, 25 May 2001 00:45:03 +0200



Harris Georgiou wrote:
> 
[snip]
> Anyway, is it a fact that biometric security devices have been used in
> medical facilities? I thought only military or goverment organizations could
> affort the cost of them  :-o

If my memory is correct, a newspaper said that biometrics
have now been applied to protect even such devices as
cellphones (maybe yet experimental, I don't know). I guess
that the cost depends very much on the type of biometrics
concerned (and with that the quality of security provided,
of course) and may not unconditionally be prohibitive.

M. K. Shen

------------------------------

From: "Adam O'Brien" <[EMAIL PROTECTED]>
Subject: Differential cryptanalysis.
Date: Thu, 24 May 2001 23:05:57 GMT

Could someone recommend a book (ideally) or website explaining more about
differential cryptanalysis. I've read the bit in Applied Crypto and want to
know more.
Adam



------------------------------

From: Ichinin <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: Ideas for project
Date: Sat, 19 May 2001 20:55:42 +0200

Simon West wrote:
<SNIP>

You could do one of the following:

1) A distributed (multi node) codebreaker (i.e. 40 bit RC4)

2) Finding a simple attack on an algorithm that's faster than
   bruteforce.

3) Create your own crypto algorithm, analyse it and get a
   sci.crypt seal of approval :o)

4) Write an internet / file encryptor comm's software.

5) Write a paper about crypto in relation to computer security.

Note: I'm just joe-taxpayer-selftaught-novice, but i've managed
      to do everything except for 3 & 5.

My 0.02 ECU's,
Ichinin

------------------------------

From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: Differential cryptanalysis.
Date: Thu, 24 May 2001 23:11:25 GMT


"Adam O'Brien" <[EMAIL PROTECTED]> wrote in message
news:ptgP6.2576$[EMAIL PROTECTED]...
> Could someone recommend a book (ideally) or website explaining more about
> differential cryptanalysis. I've read the bit in Applied Crypto and want
to
> know more.

Look up "Eli Biham" and read his "Differential Cryptanalysis of DES-Like
Systems".  It's a complete review of the attack.

Ask questions here too (when you start reading it).

Good luck,
Tom



------------------------------

From: "Joseph Ashwood" <[EMAIL PROTECTED]>
Subject: Re: rs232 data encryption
Date: Thu, 24 May 2001 15:59:49 -0700

I'd second the suggestion for AES/Rijndael (same algorithm), but I wouldn't
recommend CTR mode without knowing more about your requirements. Instead I'd
rather generically recommend CBC mode, it will resync itself very fast
(you'll lose 2 blocks regardless of where the flaw was). There should be no
problem keeping up with a 38Kbaud connection in any case, AES/Rijndael
operates orders of magnitude faster on a modern PC.
                        Joe

"Robert Self" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> I have a 38Kbaud rs232 data stream that I would like to encrypt and
> decrypt on the other end in real time. I also need to have the
> receiver be able to rapidly get back in sync in case of bad data. Does
> anyone know of a fairly secure algorithm to do this? It needs to be
> fast since it needs to run in real time on a pc and on a
> microprocessor.
>
> thanks
>



------------------------------

From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: algebraic degree
Date: Thu, 24 May 2001 23:17:04 GMT

I was reading some older Eurocrypt papers on "Fast Auto-correlation
functions" of N => 1 bit functions.  the idea is to find

C(f,g) = 2^{-n} \sum_{X=0}^{2^N - 1} {(-1)^{f(x)} \cdot (-1)^{g(x)} }

Where f(x) is a function from n bits to one bit and g(x) is some binary
polynomial (x is treated as a binary vector).

The goal is to find some g(x) such that C(f,g) approaches -1 or 1.

My question is if f(x) is bent won't all g(x)'s fail?  Also isn't this just
a re-write of the Walsh-Transform used to find linear biases in a function?

Another question, can this be used to make higher order g(x)'s?  I.e a
polynomial of degree n+2 that is more like the original...?
--
Tom St Denis
---
http://tomstdenis.home.dhs.org



------------------------------

From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: rs232 data encryption
Date: Thu, 24 May 2001 23:17:50 GMT


"Joseph Ashwood" <[EMAIL PROTECTED]> wrote in message
news:umf9RWK5AHA.301@cpmsnbbsa07...
> I'd second the suggestion for AES/Rijndael (same algorithm), but I
wouldn't
> recommend CTR mode without knowing more about your requirements. Instead
I'd
> rather generically recommend CBC mode, it will resync itself very fast
> (you'll lose 2 blocks regardless of where the flaw was). There should be
no
> problem keeping up with a 38Kbaud connection in any case, AES/Rijndael
> operates orders of magnitude faster on a modern PC.

Ahh true.  Although if you send non blocks of 16 bytes (say it needs to send
single bytes) you can use CTR mode for that :-)

Tom



------------------------------

From: [EMAIL PROTECTED] (Terry Cooper)
Subject: Hybrids
Date: 24 May 2001 16:19:45 -0700

Where can I get information about hybrids (one-time secret keys sent with PK)?
                                                        --Terry Cooper

------------------------------

From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: Hybrids
Date: Thu, 24 May 2001 23:27:10 GMT


"Terry Cooper" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Where can I get information about hybrids (one-time secret keys sent with
PK)?

Hmm hybrid systems are not that complex.  They work like this.

1.  You have the public key P of some user.
2.  You make at random some symmetric key K.
3.  Encrypt the message using  some symmetric cipher with K to get C'
4.  Encrypt K with the public key P to get K'
5.  Send K' and C' to the user.

They decrypt K' with their private key and then decrypt C' with the
symmetric cipher.

Tom



------------------------------

From: Ed Kubaitis <[EMAIL PROTECTED]>
Subject: Re: Hybrids
Date: Thu, 24 May 2001 18:34:26 -0500

Terry Cooper wrote:
> 
> Where can I get information about hybrids (one-time secret keys sent with PK)?
>                                                         --Terry Cooper

??

SSL and TLS (see google.com) send one-time secret session keys
with PK crypto and probably account for a healthy fraction of the
encrypted bytes xmitted around the planet.

What needs do you have that they don't meet?

/ejk

------------------------------

From: David A Molnar <[EMAIL PROTECTED]>
Subject: Re: Hybrids
Date: 24 May 2001 23:46:58 GMT

Tom St Denis <[EMAIL PROTECTED]> wrote:

> "Terry Cooper" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
>> Where can I get information about hybrids (one-time secret keys sent with
> PK)?

> Hmm hybrid systems are not that complex.  They work like this.

Except when they are. For an example of a flaw in a deployed hybrid 
encryption scheme, see

Jonathan Katz and Bruce Schneier, A Chosen Ciphertext Attack Against Several 
E-mail Encryption Protocols, 9th USENIX Security Symposium, 2000
http://www.counterpane.com/chotext.html

It's not a killer flaw, but it is *a* flaw which shows how difficult it can 
be to get this stuff right.

-David

------------------------------

From: "Henrick Hellström" <[EMAIL PROTECTED]>
Subject: Re: Quicky math question
Date: Fri, 25 May 2001 02:05:02 +0200

"Tom St Denis" <[EMAIL PROTECTED]> skrev i meddelandet
news:iZfP6.28379$[EMAIL PROTECTED]...
> Ok this may sound very silly... but what does | mean in set notation.
Last
> I heard it meant "such that".
>
> I am reading Koblitz's "A course in number theory" (yes I skipped ahead...
> oops) on page161 he writes
>
> S = {t^2 - N | \sqrt n + 1 \le t \le \sqrt n + A }
>
> What does the | mean here?


The expression to the left of the bar specifies each element in the set. The
expression to the right is a list of additional conditions those elements
must meet: S consists of all element t^2 - N such that ... (whatever that
strange expression means. Do you use some kind of latex or what?)

--
Henrick Hellström  [EMAIL PROTECTED]
StreamSec HB  http://www.streamsec.com



------------------------------

From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: Quicky math question
Date: Fri, 25 May 2001 00:05:43 GMT


"Henrick Hellström" <[EMAIL PROTECTED]> wrote in message
news:9ek7i2$lp2$[EMAIL PROTECTED]...
> "Tom St Denis" <[EMAIL PROTECTED]> skrev i meddelandet
> news:iZfP6.28379$[EMAIL PROTECTED]...
> > Ok this may sound very silly... but what does | mean in set notation.
> Last
> > I heard it meant "such that".
> >
> > I am reading Koblitz's "A course in number theory" (yes I skipped
ahead...
> > oops) on page161 he writes
> >
> > S = {t^2 - N | \sqrt n + 1 \le t \le \sqrt n + A }
> >
> > What does the | mean here?
>
>
> The expression to the left of the bar specifies each element in the set.
The
> expression to the right is a list of additional conditions those elements
> must meet: S consists of all element t^2 - N such that ... (whatever that
> strange expression means. Do you use some kind of latex or what?)

Ok cool. Hmm I wrote that off the top of my head... \le means <= \sqrt means
square root of...

Tom



------------------------------

Reply-To: "Jeffrey Walton" <[EMAIL PROTECTED]>
From: "Jeffrey Walton" <[EMAIL PROTECTED]>
Subject: Re: Quicky math question
Date: Thu, 24 May 2001 20:09:45 -0400

| is "such that".  He's specifying a condition of the set.

For example, S = { x | x%2 = 0 }    // all x that are even

As to what Koblitz is specifying, I give.  I'm weak in number theory :)
Apparrently, he's saying SQRT(N) + 1 <= t <= SQRT(N) + A

"Tom St Denis" <[EMAIL PROTECTED]> wrote in message
news:iZfP6.28379$[EMAIL PROTECTED]...
: Ok this may sound very silly... but what does | mean in set notation.
Last
: I heard it meant "such that".
:
: I am reading Koblitz's "A course in number theory" (yes I skipped
ahead...
: oops) on page161 he writes
:
: S = {t^2 - N | \sqrt n + 1 \le t \le \sqrt n + A }
:
: What does the | mean here?
:
: Or does it mean the set containing t^2 - N "for all" t in the range
: specified (greater than sqrt n and less than sqrt N plus A).
: --
: Tom St Denis
: ---
: http://tomstdenis.home.dhs.org
:
:



------------------------------

From: "Paul Pires" <[EMAIL PROTECTED]>
Subject: Re: Message for Alexis Machado
Date: Thu, 24 May 2001 17:19:11 -0700


wrote in message news:[EMAIL PROTECTED]...
> Paul Crowley <[EMAIL PROTECTED]> writes: > Alexis, I got your 
>mail, but your mail provider is *seriously*
broken;
> > the DNS for the brfree.com.br is very bad, and my attempt to send mail
> > to the one administrator whose address is outside that domain bounced
> > further down the line.  More details on request.
> >
> > But I was interested in your paper and would like to respond; if you
> > have another email address that's nothing to do with the broken
> > brfree.com.br domain, please announce it here so I can mail you.
> > Thanks.
> > --
> >   __  Paul Crowley
> > \/ o\ [EMAIL PROTECTED]
> > /\__/ http://www.cluefactory.org.uk/paul/
> > "Conservation of angular momentum makes the world go around" - John Clark
> I WAS WONDERING HOW SOMEONE LEARNS THE ART OF ENCRYPTION/OR ENCRYPTING,         OH 
>GOSH, HOW DOES ONE LEARN TO DESYPHER SUCH
WRITINGS TO BEGIN WITH?  PLEASE EMAIL ME AT :  [EMAIL PROTECTED] Thanks ! 
Melrose

(Just in case this wasn't Alexis's clever way to pass an E-mail address in
plain sight. Melrose?   Rosebud?  Sounds so cloak and dagger)

A couple of suggestions:

(a) TURN OFF CAPSLOCK
We can here you just fine, you don't need to yell.

(b) Try reading up on the subject to get a familiarity
with the subjects and the jargon. Bruce Schneier's
book, Applied Cryptography is a good beginning.
If you that works for you, ask for more suggestions.

(c) A must for following the flow here on sci.crypt
is the 10 part FAQ sheet posted here once a month.
Matt Curtins Snakeoil FAQ sheet is a good one too.
Many of the folks here maintain crypto websites which
are a fine resource. You need to get a familiarity first
or they will be of little help. I don't think you will find
anyone here willing to teach you but there are some
kind folks who will help you learn if you take the
initiative.

Paul





------------------------------

From: "BenZen" <[EMAIL PROTECTED]>
Subject: Crypto NEWBIE, wants to create the 100% SAFE FRACTAL encoding... Am I a fool ?
Date: Thu, 24 May 2001 20:22:21 -0400

I'm a senior engineer with a lots of time on my hands now.
I was recently coding a small program to Encrypt binary files
in a simple way.

Then I decided it would be fun to use a 'Fractal' sequence
instead of a simple binary pattern induced by the password.

I searched the web and was astonished not to read much on
this subject; Other than StarTrek Borg adventures, common nonsense.

I have a couple of ideas... What are my chances ?.
I am aware of a number of issues, as I found on the web:
-- I do understand the difficulty of finding a proper set within the Fractal domain.
c, in the equation z[n+1]=z[n]*z[n]+c, z[0]=0.

So,.. a Mr Jay answered another dude like myself, wondering the same thing:
==================================== Here is Jay's comment .....
The main weakness is that the values z[n] are not uniformly distributed.
Although this may be offset by a hash function, it can limit the search
space of the attacker.  Even worse, key values not carefully chosen
lead quickly to divergence to infinity or to a periodic attractor. Only
chaotic c are acceptable. While marginally chaotic c are known
on the boundaries of the components, the only really chaotic values
can be found accurately on the real line.  This greatly limits your key
space - to one dimension.

A possibility of a two dimensional key space might be to include the
initial z[0] as part of the key rather than using z[0]=0.  Care must be
taken that c is in fact not in a bud or cardioid (a component).

For every point that is truly chaotic, a periodic point (in a component)
is only an infinitesimal distance away.  If c is in a component, then
the z[n] sequence is doomed to periodicity.

The Lyapunov exponent is a measure the chaos........
===========

That made me better aware of the few difficulties, avoiding mostly periodicity.
But I also gained knowledge that I could measure my eventual results with
a 'Lyapunov' exponent... I'd like to find an algorithm for that if anyone knows.

But then; I think the principle of using a Fractal is just perfect for Encryption.

Suppose, my 'document' is always compressed using a standard ZIP/RAR algo;
Then this document has very special properties in term of "bit density", or
distribution of 1's vs 0's... It is a highly structured sequence of bits; presenting
**very little** redundancy.

*IDEALLY* my idea would be to find a binary sequence, that would match,
as closely as possible the property of this 'document'; So when properly
combining the two's it would literally ERASE most of statistical traces of the content.
The apparent 'NOISE' would be impossible to extract; and since a ZIP is so
dependent as-a whole; Nothing could be extracted in part; Once the combination;
(Fractal<*>Document) is done.

The main difficulty is finding a Fractal algorithm, that insures sufficiently VAST
domain for seeds (like a random-number-generator)... And that we can insure
1) it won't become periodic.
2) The content statistics matches as closely as possible, ZIP bit distributions.

Then I need a TOOL, technique to demonstrate my algorith works...Lyapunov ?

I don't plan on using a simple mapping of a common Mandelbrot graphic.
I plan on finding a Fractal sequence generator with the proper statistical output,
by trunkating the fractal surface.. Think of a fractal with depth instead of colors.
Then if I truncate it (we also do this with colors); I get an additionnal parameter,
which is the SPEED at which it wants to evade.  I used to use this factor to add
some depth to my fractal images... But now this value, could be used to 'control',
the fractal 'sampling' in the 2D C domain.

My point is:
One way or the other; Me, or another smarter matematician shall find such a
simple algorithm, based on Fractals but not necessarily 'pure'.. Maybe add some
'Strange Attractors' to map the Fractal domain...  I'm just wild imagination here.

... Then when the sequence is tested against statistical models for demonstration.
.... Then it's 100% Safe Fractal based encoding.

It's just a matter of time.. I just don't see any problem.
Hence the question:  Am I a fool ?
IMHO, pseudorandom, is just bound to fail, as a pale imitation of Fractal+Chaos.

Please give me your thoughts,
And I would appreciate some tips on how to verify if my algorithm generates
a sufficiently (random/chaotic) sequence.
[EMAIL PROTECTED]
Ben Zen



------------------------------

From: Paul Rubin <[EMAIL PROTECTED]>
Subject: Re: Crypto NEWBIE, wants to create the 100% SAFE FRACTAL encoding... Am I a 
fool ?
Date: 24 May 2001 17:51:23 -0700

"BenZen" <[EMAIL PROTECTED]> writes:
> Then I decided it would be fun to use a 'Fractal' sequence
> instead of a simple binary pattern induced by the password.

That turns out to be kind of a dumb idea.  Fractals are cool because
they give rise to pictures with interesting-looking structure.  But
cryptographic output should have NO apparent structure.  So the goals
of cryptography and fractals are incompatible.  (Note: I didn't think
that up--I think it's mentioned in the sci.crypt FAQ).

You're best off using an existing encryption algorithm like AES (Rijndael).

------------------------------

From: "Scott Fluhrer" <[EMAIL PROTECTED]>
Subject: Re: rs232 data encryption
Date: Thu, 24 May 2001 17:43:15 -0700


Robert Self <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> I have a 38Kbaud rs232 data stream that I would like to encrypt and
> decrypt on the other end in real time. I also need to have the
> receiver be able to rapidly get back in sync in case of bad data. Does
> anyone know of a fairly secure algorithm to do this? It needs to be
> fast since it needs to run in real time on a pc and on a
> microprocessor.
Well, unless the microprocessor you're using is seriously slow (or seriously
loaded with other tasks), you can use AES CFB mode with a block shift of 8
bits.  This is (in C-like pseudocode):

Encryption Process:

byte Encrypt( byte Plaintext ) {
   byte Result = Plaintext ^ Encrypt( State );
   State = (State << 8) | Result;
   return Result;
}


Decryption Process:

byte Decrypt( byte Ciphertext ) {
   byte Result = Ciphertext ^ Encrypt( State );
   State = (State << 8) | Ciphertext;
   return Result;
}

(where State is a 16 byte internal variable, and the result of Encrypt is
implicitly reduced to 8 bits).

This will do 1 AES encryption per byte sent (which, in your application,
means at most 4000 block encryptions per second).  In addition, after an
arbitrary error, it will resync after 16 bytes (as long as byte boundaries
are respected, which you can assume with RS-232).

The most severe security problem is that, if the attacker wants to make
specific modifications to a particular byte, and doesn't care what happens
to the decrypted plaintext immediately afterwards, he can flip bits in the
ciphertext byte.  This will flip the corresponds bits in the decrypted
ciphertext byte, and engibberish the next 16 bytes of decrypted plaintext.
Whether this is a serious concern depends on the protocol, and the attack
model.

--
poncho






------------------------------


** FOR YOUR REFERENCE **

The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:

    Internet: [EMAIL PROTECTED]

You can send mail to the entire list by posting to sci.crypt.

End of Cryptography-Digest Digest
******************************