Cryptography-Digest Digest #439, Volume #14 Fri, 25 May 01 15:13:01 EDT
Contents:
Re: Good crypto or just good enough? ("Douglas A. Gwyn")
Re: Good crypto or just good enough? (Tom St Denis)
Re: Small (not fast) RIPEMD-160 (Ian Stirling)
Re: Good crypto or just good enough? (Doug Kuhlman)
Re: Good crypto or just good enough? (Tom St Denis)
Re: Crypto NEWBIE, wants to create the 100% SAFE FRACTAL encoding... Am I a fool ?
("BenZen")
Re: Crypto NEWBIE, wants to create the 100% SAFE FRACTAL encoding... Am (Tom St
Denis)
Re: Evidence Eliminator Detractors Working Hard But No Result? (Eric Lee Green)
Re: Good crypto or just good enough? (those who know me have no need of my name)
Re: Good crypto or just good enough? ("M.S. Bob")
Re: Evidence Eliminator Detractors Working Hard But No Result? (Mok-Kong Shen)
Re: Crypto NEWBIE, wants to create the 100% SAFE FRACTAL encoding... Am ("M.S. Bob")
Re: Good crypto or just good enough? ("Paul Pires")
----------------------------------------------------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Good crypto or just good enough?
Date: Fri, 25 May 2001 16:55:54 GMT
Tom St Denis wrote:
> Against single DES no one PC is fast enough to find the key
> within a reasonable amount of time.
I doubt that that is true. You're assuming the attacker can't
do better than a brute-force key search.
> His line of thinking is flawed because "better" crypto (better
> as in in theory) is almost always just as easy to come by.
> Specially in the software world.
I doubt that also. The main problem is that you don't have a
good objective measure of the goodness of encryption algorithms.
> ... does it not stand to reason to pick the best tools from each
> field?
Not when you don't know what is "best". Note also that in
real-world situations, there are several competing constraints,
so even with objective measures one would still need to assign
relative weights to the constraints in order to determine the
optimal solution.
For example, it might be that the system needs to interoperate
with an existing key-distribution mechanism, or might require
key escrow, or might have to stream bytes, or might have to
limit transmitted blocks to no more than 128 octets, or ...
A single approach cannot fit all requirements.
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: Good crypto or just good enough?
Date: Fri, 25 May 2001 17:17:44 GMT
"Douglas A. Gwyn" wrote:
>
> Tom St Denis wrote:
> > Against single DES no one PC is fast enough to find the key
> > within a reasonable amount of time.
>
> I doubt that that is true. You're assuming the attacker can't
> do better than a brute-force key search.
>
> > His line of thinking is flawed because "better" crypto (better
> > as in in theory) is almost always just as easy to come by.
> > Specially in the software world.
>
> I doubt that also. The main problem is that you don't have a
> good objective measure of the goodness of encryption algorithms.
This is true. Hmm. Wouldn't known breaks be our only measure of
"goodness"?
>
> > ... does it not stand to reason to pick the best tools from each
> > field?
>
> Not when you don't know what is "best". Note also that in
> real-world situations, there are several competing constraints,
> so even with objective measures one would still need to assign
> relative weights to the constraints in order to determine the
> optimal solution.
Ah, but AES for example is faster, more compact and probably more secure
than DES. I couldn't see a need for DES over AES other than
interoperability.
> For example, it might be that the system needs to interoperate
> with an existing key-distribution mechanism, or might require
> key escrow, or might have to stream bytes, or might have to
> limit transmitted blocks to no more than 128 octets, or ...
> A single approach cannot fit all requirements.
Hmm I agree.
So we have to figure out what "good" means first....
Tom
------------------------------
From: Ian Stirling <[EMAIL PROTECTED]>
Subject: Re: Small (not fast) RIPEMD-160
Date: Fri, 25 May 2001 17:17:54 GMT
jlcooke <[EMAIL PROTECTED]> wrote:
>I've got RIPEMD160 to 1990bytes. SHA-1 to 1360bytes.
Thanks. I've got RIPEMD160 down to 3040 bytes, (with gcc) from around 7K.
I know how to get down to around 2540 or so, perhaps 2200, but there
I think it's going to stick.
Was that 1990 in asm or C?
I really need to polish my C anyway, not been doing it for a while.
--
http://inquisitor.i.am/ | mailto:[EMAIL PROTECTED] | Ian Stirling.
===========================+=========================+==========================
If you've been pounding nails with your forehead for years, it may feel strange
the first time somebody hands you a hammer.
But that doesn't mean that you should strap the hammer to a headband just to
give your skull that old familiar jolt. -- Wayne Throop, during the `TCL Wars'
------------------------------
From: Doug Kuhlman <[EMAIL PROTECTED]>
Subject: Re: Good crypto or just good enough?
Date: Fri, 25 May 2001 12:08:41 -0500
Tom St Denis wrote:
>
> My old employer asked me to ask the group this question.
>
> Would you settle for crypto that is "just secure enough" or "is as
> secure as we know how to make it". Both within reason.
>
<SNIP>
I, personally, would be very happy with "just secure enough", as long as
I know what 'enough' is, someone can convince me that something really,
REALLY is that secure, I get to change my definition of 'enough' for
each and every application -- maybe the application reads my mind and
knows.
That said, I don't think "as secure as we know how" makes sense either.
There are always additional constraints (time, power, size, etc.) that
make security problematic. I would also rather risk some things for a
much easier user experience, when it comes right down to it.
I feel a happy medium is appropriate. I don't know how secure "secure
enough" is for people, so I make it more secure than I think it needs to
be, but I try not to go too far to the other extreme, either.
Doubt that helps, but it's my 37 lira, anyway.
Doug
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: Good crypto or just good enough?
Date: Fri, 25 May 2001 17:26:03 GMT
Doug Kuhlman wrote:
>
> Tom St Denis wrote:
> >
> > My old employer asked me to ask the group this question.
> >
> > Would you settle for crypto that is "just secure enough" or "is as
> > secure as we know how to make it". Both within reason.
> >
> <SNIP>
>
> I, personally, would be very happy with "just secure enough", as long as
> I know what 'enough' is, someone can convince me that something really,
> REALLY is that secure, I get to change my definition of 'enough' for
> each and every application -- maybe the application reads my mind and
> knows.
>
> That said, I don't think "as secure as we know how" makes sense either.
> There are always additional constraints (time, power, size, etc.) that
> make security problematic. I would also rather risk some things for a
> much easier user experience, when it comes right down to it.
>
> I feel a happy medium is appropriate. I don't know how secure "secure
> enough" is for people, so I make it more secure than I think it needs to
> be, but I try not to go too far to the other extreme, either.
So Stanley was right and I was wrong. Now I feel like a jerk... oops..
So the general concensus is "secure enough to keep kid sister out and
99.99% safe" whatever that equates to in real-life is what people want.
Hmm.. Seems I really do have more than just technical stuff to learn..
arrg.
Tom
------------------------------
From: "BenZen" <[EMAIL PROTECTED]>
Subject: Re: Crypto NEWBIE, wants to create the 100% SAFE FRACTAL encoding... Am I a
fool ?
Date: Fri, 25 May 2001 13:31:34 -0400
M. S. Bob wrote in message ...
>"BenZen" <[EMAIL PROTECTED]> wrote in message
>news:<zBhP6.514$[EMAIL PROTECTED]>...
(..)
>> I have a couple of ideas... What are my chances ?.
>
>Let me repeat two key sentences in Paul Rubin's previous post.
>
>Paul Rubin wrote in message <[EMAIL PROTECTED]>...
>> Fractals are cool because they give rise to pictures with
>> interesting-looking structure. But cryptographic output
>> should have NO apparent structure.
>
>I cannot see how this structure would not be the downfall of any such
>fractal based scheme.
>
I'm learning Mister Bob... That's why I was asking here.
If you say '..I cannot see how it (structure) would not be the downfall..'
And when The other Paul; Paul Pires said:
" Choosing the characteristic of a generator to specifically offset the known
bad charateristics of the plaintext (zipfile) sounds like a remarkably bad thing
to do. Perhaps if I ever get this stuff, I'll know why :-) Anybody care to help
me out here?"
That only encourages me to find-out the reason it can't work;
I don't like to take another mind's doubts for an answer.
>If your goal is simply to write a good encryption program, I would
>recommend you check out Applied Cryptography by Bruce Schneier and
>Security Engineering by Ross Anderson. The suggest of using
>AES/Rijndael <http://www.nist.gov/aes/> is very sensible.
>
I'm a bit sceptical when it comes to leaving the Government chose for me;
DES before that was cracked.. I understand that using the same cracking
algorithm, to crack an AES key would take: (for a powerful 255 keys per second)
149 thousand-billion (149 trillion) years to crack a 128-bit AES key.
http://www.shmoo.com/crypto/Cracking_DES/cracking-des.htm
http://www.eff.org/descracker/
Expensive machines have been build that can do 57600 key search chips,
each capable of testing 50 million keys per second... That's for a start.
It can now Crack DES in a matter of minutes.
So, Rijndael is the Winning Algorithm chosen in AES.
http://www.esat.kuleuven.ac.be/~rijmen/rijndael/
Which was inspired by the Block Cypher code:
http://www.esat.kuleuven.ac.be/~rijmen/square/index.html
I'm trying to get a sense of security with this new AES code;
That's why I do my research.
I've read praises to the Government for AES:
http://stacks.msnbc.com/news/557761.asp?cp1=1 (by Adi Shamir)
.
I will continue to surf for AES Crackers.
In cas there are some underground-papers.
Meanwhile,
Thanks for your post;.. On my way I found this very interesting Lectures on Crypto.
**********************CLASSICAL CRYPTO *******************************
*** http://www.fortunecity.com/skyscraper/coding/379/lesson1.htm **
********************************************************************************
>If you want to take this idea of creating your own scheme further, I
>would recommend you learn some basics and some history. The
>Codebreakers by David Kahn, which includes almost an underlying theme
>of the repeated fall of "unbreakable" cipher schemes in the
>real-world. The sci.crypt FAQ
><http://www.faqs.org/faqs/by-newsgroup/sci/sci.crypt.html>, the RSA
>Security FAQ <http://www.rsasecurity.com/rsalabs/faq/> are good
>starting points for learning the basic "game play" and standard
>language of modern cryptology.
>
Yes.....
You are most welcome.. I appologize for sounding like an Heretic in all this
Crypto science.
I feel I have enough papers on the subject to read for a while; And I might
even tone down my paranoia with Governement, and listen to what Crypto Guru's
have to say about AES.
>Sidenote:
>Proof that Pi is irrational
><http://www.seanet.com/~ksbrown/kmath313.htm>
>Pi is transcendental
><http://www.math.niu.edu/~rusin/known-math/95/transcend>
WOW !... This is very welcomed.
I'm fascinated by some areas of mathematics.
Regards,
Ben
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: Crypto NEWBIE, wants to create the 100% SAFE FRACTAL encoding... Am
Date: Fri, 25 May 2001 17:45:15 GMT
BenZen wrote:
>
> M. S. Bob wrote in message ...
> >"BenZen" <[EMAIL PROTECTED]> wrote in message
>news:<zBhP6.514$[EMAIL PROTECTED]>...
> (..)
> >> I have a couple of ideas... What are my chances ?.
> >
> >Let me repeat two key sentences in Paul Rubin's previous post.
> >
> >Paul Rubin wrote in message <[EMAIL PROTECTED]>...
> >> Fractals are cool because they give rise to pictures with
> >> interesting-looking structure. But cryptographic output
> >> should have NO apparent structure.
> >
> >I cannot see how this structure would not be the downfall of any such
> >fractal based scheme.
> >
> I'm learning Mister Bob... That's why I was asking here.
> If you say '..I cannot see how it (structure) would not be the downfall..'
> And when The other Paul; Paul Pires said:
> " Choosing the characteristic of a generator to specifically offset the known
> bad charateristics of the plaintext (zipfile) sounds like a remarkably bad thing
> to do. Perhaps if I ever get this stuff, I'll know why :-) Anybody care to help
> me out here?"
>
> That only encourages me to find-out the reason it can't work;
> I don't like to take another mind's doubts for an answer.
Fractals are not inherantly random that's a big problem. For a good bit
stream generator (I assume that's what we are talking about) you need
some generator that is not self similar. Of course in theory the period
of a Julia Set is infinite but in practical terms there is only so much
resolution you can get. And it's not terribly random :-(
> >If your goal is simply to write a good encryption program, I would
> >recommend you check out Applied Cryptography by Bruce Schneier and
> >Security Engineering by Ross Anderson. The suggest of using
> >AES/Rijndael <http://www.nist.gov/aes/> is very sensible.
> >
> I'm a bit sceptical when it comes to leaving the Government chose for me;
>
> DES before that was cracked.. I understand that using the same cracking
> algorithm, to crack an AES key would take: (for a powerful 255 keys per second)
> 149 thousand-billion (149 trillion) years to crack a 128-bit AES key.
> http://www.shmoo.com/crypto/Cracking_DES/cracking-des.htm
> http://www.eff.org/descracker/
>
> Expensive machines have been build that can do 57600 key search chips,
> each capable of testing 50 million keys per second... That's for a start.
> It can now Crack DES in a matter of minutes.
>
> So, Rijndael is the Winning Algorithm chosen in AES.
> http://www.esat.kuleuven.ac.be/~rijmen/rijndael/
> Which was inspired by the Block Cypher code:
> http://www.esat.kuleuven.ac.be/~rijmen/square/index.html
>
> I'm trying to get a sense of security with this new AES code;
> That's why I do my research.
> I've read praises to the Government for AES:
> http://stacks.msnbc.com/news/557761.asp?cp1=1 (by Adi Shamir)
> .
> I will continue to surf for AES Crackers.
> In cas there are some underground-papers.
Um "undeground"? It's not hard to write a brute force crack for AES.
It's not entirely feasible but not impossible.
> Meanwhile,
> Thanks for your post;.. On my way I found this very interesting Lectures on Crypto.
> **********************CLASSICAL CRYPTO *******************************
> *** http://www.fortunecity.com/skyscraper/coding/379/lesson1.htm **
> ********************************************************************************
>
> >If you want to take this idea of creating your own scheme further, I
> >would recommend you learn some basics and some history. The
> >Codebreakers by David Kahn, which includes almost an underlying theme
> >of the repeated fall of "unbreakable" cipher schemes in the
> >real-world. The sci.crypt FAQ
> ><http://www.faqs.org/faqs/by-newsgroup/sci/sci.crypt.html>, the RSA
> >Security FAQ <http://www.rsasecurity.com/rsalabs/faq/> are good
> >starting points for learning the basic "game play" and standard
> >language of modern cryptology.
> >
> Yes.....
> You are most welcome.. I appologize for sounding like an Heretic in all this
> Crypto science.
> I feel I have enough papers on the subject to read for a while; And I might
> even tone down my paranoia with Governement, and listen to what Crypto Guru's
> have to say about AES.
Of course its good to listen but also to touch and feel. Alot of
attacks dont make sense to me. Only through actually trying them have I
learned how differential and linear attacks work. (Now if I only had
the math+tact+education+work to back me up in my studies...).
> >Sidenote:
> >Proof that Pi is irrational
> ><http://www.seanet.com/~ksbrown/kmath313.htm>
> >Pi is transcendental
> ><http://www.math.niu.edu/~rusin/known-math/95/transcend>
>
> WOW !... This is very welcomed.
> I'm fascinated by some areas of mathematics.
> Regards,
> Ben
------------------------------
From: [EMAIL PROTECTED] (Eric Lee Green)
Crossposted-To: alt.privacy,alt.security.pgp
Subject: Re: Evidence Eliminator Detractors Working Hard But No Result?
Reply-To: [EMAIL PROTECTED]
Date: Fri, 25 May 2001 17:46:29 GMT
=====BEGIN PGP SIGNED MESSAGE=====
Hash: SHA1
On Fri, 25 May 2001 11:31:17 +0200, Mok-Kong Shen <[EMAIL PROTECTED]>
wrote:
>Eric Lee Green wrote:
>> Robin Hood Software's http://www.evidence-eliminator.com site is now
>> hosted by UUNET-UK.
>
>Sorry for not having followed past postings. Is this
>something analogous to SafeWeb? (See
Sorry, have no info about SafeWeb. Do have info about EE (see
http://badtux.org/eric/editorial/scumbags.html ). Basically, what we
have here is some virulent spammer spawn. I personally do not buy
anything from spammers, because if they're ethically challenged enough
to spam, they're probably ethically challenged enough to sell you
worthless overpriced junk too.
=====BEGIN PGP SIGNATURE=====
Version: GnuPG v1.0.5 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE7DplV3DrrK1kMA04RAsa5AJ9ALoskjp+5QL733rNvLiooTnzqnACfbm1/
5ezS/RWw8TuYk2DVkvLxMPY=
=xzCE
=====END PGP SIGNATURE=====
------------------------------
From: those who know me have no need of my name <[EMAIL PROTECTED]>
Subject: Re: Good crypto or just good enough?
Date: 25 May 2001 17:29:38 GMT
<[EMAIL PROTECTED]> divulged:
>Against single DES no one PC is fast enough to find the key within a
>reasonable amount of time. Would you be willing to tell me you want to
>use single DES when triple-DES is just as available and afawk much more
>secure?
if the threat model suggets that single des is sufficient i'd use it
if speed were an issue.
>Why [use] tools that open doors to attacks that can easily be shut?
why use tools to prevent attacks that don't exist or don't matter?
--
okay, have a sig then
------------------------------
From: "M.S. Bob" <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: Good crypto or just good enough?
Date: Fri, 25 May 2001 19:20:29 +0100
Tom St Denis wrote:
>
> > Tom St Denis wrote:
> > >
> > > My old employer asked me to ask the group this question.
> > >
> > > Would you settle for crypto that is "just secure enough" or "is as
> > > secure as we know how to make it". Both within reason.
> > >
> > <SNIP>
>
> Hmm.. Seems I really do have more than just technical stuff to learn..
> arrg.
>
> Tom
Bingo!
"There are more things in heaven and earth, Horatio, than
are dreamt of in your philosophy." -- Hamlet; Act I Scene 5
(Natural philosophy is an old phrase for what we now call science, so I
would suggest reading "philosophy" as "science".)
That sums it up. Engineering products for the real world both includes
technical and non-technical considerations.
I think you could look at the field of software engineering for many
similar examples, why does code suck? In part because of mistakes which
we (academically) know how to detect or reduce. Then why does the
software industry as a whole (not just Microsoft) still turn out
software packages with numerous flaws and security holes? Many reasons
including economic trade-offs.
An adage I'm likely misquoting: A line of code in the space shuttle
flight control ($1 per line) is 10-100 times the cost of a line of code
of commercial off the shelf software package ($0.01 to $0.10 per line).
Are customers willing to pay 10 to 100 times more (and wait longer) for
their products? No.
You do have a point though, the costs associated with using good
cryptographic primitives and protocols _may not_ be more "expensive"
than older/weaker ones. In a new software product it would be silly to
use DES rather than AES.
In the end remember, software companies are for-profit businesses.
I've make many mistakes myself as a young programmer/analysis too,
including being full of myself.
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Crossposted-To: alt.privacy,alt.security.pgp
Subject: Re: Evidence Eliminator Detractors Working Hard But No Result?
Date: Fri, 25 May 2001 20:50:23 +0200
Eric Lee Green wrote:
>
Mok-Kong Shen <[EMAIL PROTECTED]> wrote:
> >Sorry for not having followed past postings. Is this
> >something analogous to SafeWeb? (See
>
> Sorry, have no info about SafeWeb. Do have info about EE (see
> http://badtux.org/eric/editorial/scumbags.html ). Basically, what we
> have here is some virulent spammer spawn. I personally do not buy
> anything from spammers, because if they're ethically challenged enough
> to spam, they're probably ethically challenged enough to sell you
> worthless overpriced junk too.
What I don't understand, when glancing at the web page
www.evidence-eliminator.com, is the sentence:
your PC is keeping frightening records of both your
online and off-line activity.
I know too little about current OSs. Could you tell where
these records are kept under Window98? I guess that the
product is to delete these automatically. (The issue
of stealth of your intellectual property, which is
claimed on your web page, is an legal or ethical one
that I am personally not interested in.) But how does
that have a connection with 'spams' which are incoming
mails that is independent of one's own 'online and
offline activity'? BTW, I barely know anything substantial
about SafeWeb either. But I think that basically it allows
one to channel one's web page access requests through a
specific site and that site removes the origin site
information of the accessor such that the log files of
the servers of the web pages being accessed don't yield
any useful information for tracing who actually have
accessed these web pages. I think that's more useful
for many people than deletion of records of activity on
one's own computer. SafeWeb's service is said to be
entirely free.
M. K. Shen
------------------------------
From: "M.S. Bob" <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: Crypto NEWBIE, wants to create the 100% SAFE FRACTAL encoding... Am
Date: Fri, 25 May 2001 19:46:51 +0100
BenZen wrote:
>
> That only encourages me to find-out the reason it can't work;
> I don't like to take another mind's doubts for an answer.
If you read the material (including the books) I referred to, you will
find the explainations and references to the original material contains
the proofs in their full mathematic gory detail.
> >If you want to take this idea of creating your own scheme further, I
> >would recommend you learn some basics and some history. The
> >Codebreakers by David Kahn, which includes almost an underlying theme
> >of the repeated fall of "unbreakable" cipher schemes in the
> >real-world. The sci.crypt FAQ
> ><http://www.faqs.org/faqs/by-newsgroup/sci/sci.crypt.html>, the RSA
> >Security FAQ <http://www.rsasecurity.com/rsalabs/faq/> are good
> >starting points for learning the basic "game play" and standard
> >language of modern cryptology.
> >
> Yes.....
> You are most welcome.. I appologize for sounding like an Heretic in all this
> Crypto science.
Don't reinvent the square wheel. Learn the history and the state of the
art, to help avoid looking like a fool. We will forgive mistakes, but
not suffer fools lightly.
------------------------------
From: "Paul Pires" <[EMAIL PROTECTED]>
Subject: Re: Good crypto or just good enough?
Date: Fri, 25 May 2001 12:01:28 -0700
M.S. Bob <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Tom St Denis wrote:
> >
> > > Tom St Denis wrote:
> > > >
> > > > My old employer asked me to ask the group this question.
> > > >
> > > > Would you settle for crypto that is "just secure enough" or "is as
> > > > secure as we know how to make it". Both within reason.
> > > >
> > > <SNIP>
> >
> > Hmm.. Seems I really do have more than just technical stuff to learn..
> > arrg.
> >
> > Tom
>
> Bingo!
>
> "There are more things in heaven and earth, Horatio, than
> are dreamt of in your philosophy." -- Hamlet; Act I Scene 5
>
> (Natural philosophy is an old phrase for what we now call science, so I
> would suggest reading "philosophy" as "science".)
>
> That sums it up. Engineering products for the real world both includes
> technical and non-technical considerations.
>
> I think you could look at the field of software engineering for many
> similar examples, why does code suck? In part because of mistakes which
> we (academically) know how to detect or reduce. Then why does the
> software industry as a whole (not just Microsoft) still turn out
> software packages with numerous flaws and security holes? Many reasons
> including economic trade-offs.
Like unrealistic time to market release and the whole bunch of bad
practices that this "oooraaahhh" attitude engenders. Programmers
living on Jolt Cola and Peppridge Farm Goldfish while they stay up
36 hours straight can't be good. What is the true cost of labor at
the expense of judgement?
Paul
> An adage I'm likely misquoting: A line of code in the space shuttle
> flight control ($1 per line) is 10-100 times the cost of a line of code
> of commercial off the shelf software package ($0.01 to $0.10 per line).
> Are customers willing to pay 10 to 100 times more (and wait longer) for
> their products? No.
>
> You do have a point though, the costs associated with using good
> cryptographic primitives and protocols _may not_ be more "expensive"
> than older/weaker ones. In a new software product it would be silly to
> use DES rather than AES.
>
> In the end remember, software companies are for-profit businesses.
>
> I've make many mistakes myself as a young programmer/analysis too,
> including being full of myself.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
