Cryptography-Digest Digest #452, Volume #14 Sat, 26 May 01 21:13:01 EDT
Contents:
Re: Good crypto or just good enough? (SCOTT19U.ZIP_GUY)
Re: A generic feistel cipher with hash and gf(257) mixers (David Wagner)
Mainstream Quasiprobabilities and Memory Theory - Doctorow ("Osher Doctorow")
Re: Mainstream Quasiprobabilities and Memory Theory - Doctorow ("Tom St Denis")
Re: Getting back to the self-study Analysis ("Harris Georgiou")
Re: A generic feistel cipher with hash and gf(257) mixers (SCOTT19U.ZIP_GUY)
Re: A generic feistel cipher with hash and gf(257) mixers (SCOTT19U.ZIP_GUY)
Re: Crypto NEWBIE, wants to create the 100% SAFE FRACTAL encoding... Am (Mok-Kong
Shen)
Re: Crypto NEWBIE, wants to create the 100% SAFE FRACTAL encoding... (Scientific
Language) ("BenZen")
Re: Good crypto or just good enough? (John Savard)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Good crypto or just good enough?
Date: 26 May 2001 21:07:05 GMT
[EMAIL PROTECTED] (Bryan Olson) wrote in <[EMAIL PROTECTED]>:
>
>
>"John A. Malley" wrote:
>>
>> Bryan Olson wrote:
>> [...]
>> >
>> > Today, crypto has two serious problems:
>> > 1. We don't really understand complexity.
>> > 2. The world runs on cleartext.
>>
>> I think I understand the first stated problem. I do not understand the
>> second problem as stated.
>
>All I mean there is that use of encryption is still rare.
>We discuss new ciphers and multiple encryption while our
>most private information resides in the clear.
>
>
>--Bryan
However I think due to storage requirements and bandwith
requitements needed for communications. Less and less will
be in clear text. The entropy per bit of messages will approach
one. This means unless one has a precise understanding of how
the data was compressed. It will appear more and more like
encrypted data. If people start to use bijective compressors
that will make it even tougher for a casually person monitoring
the line since he may have no idea what compression was being used.
That coupled with bijective encryptors will make decryption
much harder.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE "OLD VERSIOM"
http://www.jim.com/jamesd/Kong/scott19u.zip
My website http://members.nbci.com/ecil/index.htm
My crypto code http://radiusnet.net/crypto/archive/scott/
MY Compression Page http://members.nbci.com/ecil/compress.htm
**NOTE FOR EMAIL drop the roman "five" ***
Disclaimer:I am in no way responsible for any of the statements
made in the above text. For all I know I might be drugged or
something..
No I'm not paranoid. You all think I'm paranoid, don't you!
------------------------------
From: [EMAIL PROTECTED] (David Wagner)
Subject: Re: A generic feistel cipher with hash and gf(257) mixers
Date: 26 May 2001 23:37:17 GMT
SCOTT19U.ZIP_GUY wrote:
>Do you have a place where the source code can be down loaded.
No, not that I know of. I guess you'll have to implement it yourself.
See my other post for a description of the construction, if you'd like to
try it out.
------------------------------
From: "Osher Doctorow" <[EMAIL PROTECTED]>
Subject: Mainstream Quasiprobabilities and Memory Theory - Doctorow
Date: Sat, 26 May 2001 17:59:12 -0700
From: Osher Doctorow [EMAIL PROTECTED], Sat. May 26, 2001 4:31PM
R. R. Puri (Bhabba Atomic Research Centre, India), in Mathematical Methods
of Quantum Optics, Springer-Verlag: Berlin 2001, presents an excellent
introduction to his and others' developments in quasiprobability theory
(which relates to entanglement and spherical harmonics among others things).
His theory and others like it are examples of what I refer to as the
*Enlightened Mainstream* of quantum theory, which instead of deserting
probability or treating it in a cavalier fashion, analyzes it and uses some
of its best characteristics to either apply it to quantum theory or to apply
somewhat analogous methods to quantum theory. Because of its special value
in entanglement, I would urge sci.crypt members to read especially chapter 4
of his book, Quasiprobabilities and Non-classical States, 81-97, and also
some of the references on which the chapter is based, including R. R. Puri
J. Phys. A29, 5719 (1996). Quantum statistics as used by some researchers
recently is also contributing heavily to the Enlightened Mainstream, but
especially in statistics they have far to go to overcome what was a general
trend of even eminent theoretical physicists to use probability and
statistics without exceptionally profound understanding of them - from the
1920s onward. Expertise and even genius in non-probability/statistics
fields does not, in my opinion, transfer over to probability/statistics, and
even beyond that probability or statistics specialists (including myself)
are only presently at the tip of the iceberg and need to be very careful to
allow and even search out competing ideas.
I will only give a few general comments here on quasiprobabilities. They
are analogs of classical phase space distribution functions which are
constructed by rules of replacement somewhat similar to the way in which
quantum field theory was constructed from quantum mechanics (although the
rules are very different ones). It turns out that when this is done, the
resulting quasiprobabilities depend strongly on spherical harmonics among
other things, especially in reference to spin. Puri proved in his 1996
paper that classical versus non-classical quantum states of a system of N
spin-1/2 s components are distinguished by whether the joint
quasiprobabilities for the eigenvalues of the components for each spin in
three perpendicular directions (one of which is the average direction of the
spin) are all nonnegative or not (in the not case at least one is negative)
respectively. Uncorrelated states are regarded as classical. Puri's proof
identifies the coherent states as classical and also the single spin-1/2,
but any pure entangled state of two spin-1/2s as non-classical, and squeezed
spin states are non-classical.
I will hopefully have time in the near future to make some more comments.
Osher Doctorow Ph.D.
Doctorow Consultants
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: Mainstream Quasiprobabilities and Memory Theory - Doctorow
Date: Sun, 27 May 2001 00:25:32 GMT
Why are you posting these messages?
"Osher Doctorow" <[EMAIL PROTECTED]> wrote in message
news:9epg7u$g05$[EMAIL PROTECTED]...
> From: Osher Doctorow [EMAIL PROTECTED], Sat. May 26, 2001 4:31PM
>
> R. R. Puri (Bhabba Atomic Research Centre, India), in Mathematical Methods
> of Quantum Optics, Springer-Verlag: Berlin 2001, presents an excellent
> introduction to his and others' developments in quasiprobability theory
> (which relates to entanglement and spherical harmonics among others
things).
> His theory and others like it are examples of what I refer to as the
> *Enlightened Mainstream* of quantum theory, which instead of deserting
> probability or treating it in a cavalier fashion, analyzes it and uses
some
> of its best characteristics to either apply it to quantum theory or to
apply
> somewhat analogous methods to quantum theory. Because of its special
value
> in entanglement, I would urge sci.crypt members to read especially chapter
4
> of his book, Quasiprobabilities and Non-classical States, 81-97, and also
> some of the references on which the chapter is based, including R. R. Puri
> J. Phys. A29, 5719 (1996). Quantum statistics as used by some researchers
> recently is also contributing heavily to the Enlightened Mainstream, but
> especially in statistics they have far to go to overcome what was a
general
> trend of even eminent theoretical physicists to use probability and
> statistics without exceptionally profound understanding of them - from the
> 1920s onward. Expertise and even genius in non-probability/statistics
> fields does not, in my opinion, transfer over to probability/statistics,
and
> even beyond that probability or statistics specialists (including myself)
> are only presently at the tip of the iceberg and need to be very careful
to
> allow and even search out competing ideas.
>
> I will only give a few general comments here on quasiprobabilities. They
> are analogs of classical phase space distribution functions which are
> constructed by rules of replacement somewhat similar to the way in which
> quantum field theory was constructed from quantum mechanics (although the
> rules are very different ones). It turns out that when this is done, the
> resulting quasiprobabilities depend strongly on spherical harmonics among
> other things, especially in reference to spin. Puri proved in his 1996
> paper that classical versus non-classical quantum states of a system of N
> spin-1/2 s components are distinguished by whether the joint
> quasiprobabilities for the eigenvalues of the components for each spin in
> three perpendicular directions (one of which is the average direction of
the
> spin) are all nonnegative or not (in the not case at least one is
negative)
> respectively. Uncorrelated states are regarded as classical. Puri's
proof
> identifies the coherent states as classical and also the single spin-1/2,
> but any pure entangled state of two spin-1/2s as non-classical, and
squeezed
> spin states are non-classical.
>
> I will hopefully have time in the near future to make some more comments.
>
> Osher Doctorow Ph.D.
> Doctorow Consultants
>
>
>
>
>
>
------------------------------
From: "Harris Georgiou" <[EMAIL PROTECTED]>
Subject: Re: Getting back to the self-study Analysis
Date: Sun, 27 May 2001 03:25:50 +0300
Ο <[EMAIL PROTECTED]> έγραψε στο μήνυμα συζήτησης:
9epbas$egb$[EMAIL PROTECTED]
> In article <[EMAIL PROTECTED]>, Tom St Denis
> <[EMAIL PROTECTED]> writes:
> >Anyways, not like my original thread didn't go down hill...
> >
> >Any hints or tips? I am gonna work it out on paper a bit more later
> >on... I can't figure out how to exploit the linear relationship
> >
> >A xor K = B
> >A' xor K = B'
> >
> >(Dave you are not invited into this thread).
> >
> >Tom
>
> To recover key material, you usually do two things. First, you build a
> .......
> In your case, the distinguishing property *never* disappears, so you can
> calculate the key directly. Xor the plaintext A with the ciphertext B and
> you get the key K.
>
My point exactly. In equation:
A' = (A xor B) xor B'
the key (K) is in fact the first xor, so that the second xor between the
ciphertext and the key retrieves the plaintext.
--
Harris
- 'Malo e lelei ki he pongipongi!'
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: A generic feistel cipher with hash and gf(257) mixers
Date: 26 May 2001 22:48:17 GMT
[EMAIL PROTECTED] (David Wagner) wrote in
<9epagr$p0i$[EMAIL PROTECTED]>:
>
>Don't get the wrong opinion: I'm not saying this out of some kind
>of snobbery. Perhaps it would help if I mentioned that I don't
>really trust myself to design new ciphers, and I've tried to avoid
>it whereever possible. The one time that I did give it a try was
>when I had a team of many other folks experienced at cryptanalysis,
>and we had a great deal of time to thoroughly study our choices,
>*and* we published the design and knew that others would give it
>a great deal of study as well. It is easy to get this stuff wrong,
>no matter how much experience you have in this field.
I think he had to add the snob thing since thats the snobbish
way to attack. Wagner has not intentions of learning from you.
Just as he stated he knows nothing about BICOM. I think he knows
more that he lets on. If course since it was done by one not in
the club and is not one that he can claim litters the road side
as broken. He chooses the common way of never looking at it since
his mind is already made up. Its actaully a quite clever snobbish
way of ding things.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE "OLD VERSIOM"
http://www.jim.com/jamesd/Kong/scott19u.zip
My website http://members.nbci.com/ecil/index.htm
My crypto code http://radiusnet.net/crypto/archive/scott/
MY Compression Page http://members.nbci.com/ecil/compress.htm
**NOTE FOR EMAIL drop the roman "five" ***
Disclaimer:I am in no way responsible for any of the statements
made in the above text. For all I know I might be drugged or
something..
No I'm not paranoid. You all think I'm paranoid, don't you!
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: A generic feistel cipher with hash and gf(257) mixers
Date: 26 May 2001 22:15:42 GMT
[EMAIL PROTECTED] (Jim Steuert) wrote in <[EMAIL PROTECTED]>:
>The statement, "Designing ciphers as a hobbyist is a Really Bad Idea",
>really depends of your definition of a hobbyist. If you mean one who
>is not really skilled in the math, then I heartily disagree. In fact, I
>consider
>that a challenge. I am now motivated to write a paper on "design
>principles of cryptographic hash functions and ciphers", which should
>put the design of these things in the hands of us "ignorant" hobbyists.
>I am now motivated.
>
Good for you!!
>Of course, I will not try to have it reviewed. I think that it might get
>killed in review because a) it isn't "better" than some existing ciphers
>or b) it's "slower" than some existing cipher. While I think those are
>valid objections, I disagree that custom ciphers are always a bad
>idea.
>
So far right on.
>
>My point is that, when you strip away the jargon, the concepts
>of cryptography are really quite simple. They are simply presented in
>a "cryptic" fashion, generally without the aid of diagrams. Of
>course, many of the papers could benefit from more examples
>and diagrams. I have keyed in on some important concepts, such
>as bijectivity, multipermutation, etc. which are missing from the books.
>
I wish you luck in trying to publish. Please since Wagner
apperantly will never look. Could you at least test BICOM
>As for the contributions of hobbyist, well, I just invented
>a novel public key method, posted on this newsgroup, which has
>garnered feedback from related proven methods being studied in Europe.
>Perhaps it may be used some day. Who knows? Again hobbyists
>can certainly learn from experts, but it is folly to think that experts
>cannot
>
>learn from hobbyists.
>
>As for my math skills, as a freshman at Princeton ( many years ago),
>I took graduate all-graduate math courses, and advanced-placed
>a year. I have published in a couple of reviewed journals (years ago).
>
>Would any of the designers of ciphers and/or hash functions share their
>design methodology/rationales. I know that some of the AES candidate
>papers did this, and I've found a few college lectures on the web which
>go more into the rationales, but certainly not in any books. There is a
>lot of accumulated lore, which is not repeated in papers, which could
>be assembled. (I've actually found a couple of good theses, one on
>sboxes, which are very comprehensive and tutorial)
>
>
>
>
>David Wagner wrote:
>
>> Jim Steuert wrote:
>> > What I am getting at, in general, though,
>> >is a methodology which would take designing ciphers out of the hands
>> >of the "experts" (no disrespect intended) and put it into the hands
>> >of hobbyists, who could still come up with creative ideas, but based
>> >on well-understood design principles.
>>
>> Why? Designing ciphers as a hobbyist is a Really Bad Idea, if you
>> want to deploy the result in a real system: most such ciphers end up
>> being weak. Read Bruce Schneier's Memo to an Amateur Cryptographer for
>> details (see the Cryptograms at www.counterpane.com).
>>
>> In any case, such a methodology does not exist today. You are much
>> better off to use a trusted, well-understood cipher, such as 3DES
>> (which has seen tens or hundreds of person-years of analysis) or AES
>> (which soon will see an equivalent amount of analysis).
>>
>> I don't want to discourage you, but if you want to maximize the odds
>> of making a contribution to the science of cryptography as a hobbyist,
>> block cipher design is not exactly the area I'd pick.
>
>
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE "OLD VERSIOM"
http://www.jim.com/jamesd/Kong/scott19u.zip
My website http://members.nbci.com/ecil/index.htm
My crypto code http://radiusnet.net/crypto/archive/scott/
MY Compression Page http://members.nbci.com/ecil/compress.htm
**NOTE FOR EMAIL drop the roman "five" ***
Disclaimer:I am in no way responsible for any of the statements
made in the above text. For all I know I might be drugged or
something..
No I'm not paranoid. You all think I'm paranoid, don't you!
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Crypto NEWBIE, wants to create the 100% SAFE FRACTAL encoding... Am
Date: Sun, 27 May 2001 02:40:28 +0200
John Savard wrote:
>
> On Sat, 26 May 2001 12:38:44 +0200, Mok-Kong Shen
> <[EMAIL PROTECTED]> wrote, in part:
>
> >max { n | H(m,n) > 0 } means the largest of all candidate
> >n values that satisfy the condition H(m,n)>0 (for a given m).
>
> Although I could have told him _that_, I didn't see your earlier post
> to find the URL to translate it more fully into layman's language.
> (What's H(m,n), and why are we interested in it?)
Sorry, I thought the notation was the only problem for him.
The URL concerned is:
http://home.t-online.de/home/mok-kong.shen/#problem1
M. K. Shen
------------------------------
From: "BenZen" <[EMAIL PROTECTED]>
Subject: Re: Crypto NEWBIE, wants to create the 100% SAFE FRACTAL encoding...
(Scientific Language)
Date: Sat, 26 May 2001 20:40:16 -0400
John Savard wrote in message <[EMAIL PROTECTED]>...
>On Sat, 26 May 2001 14:21:49 -0400, "BenZen" <[EMAIL PROTECTED]>
>wrote, in part:
>
>>Seriously;.. Is there a comprehensive web site that could introduce me to the
>>Layman's language and notation ?
>
>Since the "lay" are the ordinary people, originally as opposed to the
>"clergy", one does not need an introduction to the layman's language;
>that is what one is already speaking.
>
ROTFL !
I've beed duped....
Back to learning NULL language,
I'm experimenting with the NOP instruction
and Windows keeps giving me a blue screen.
Cheers,
Ben
------------------------------
From: [EMAIL PROTECTED] (John Savard)
Subject: Re: Good crypto or just good enough?
Date: Sun, 27 May 2001 00:41:05 GMT
On 26 May 2001 01:07:16 GMT, [EMAIL PROTECTED]
(SCOTT19U.ZIP_GUY) wrote, in part:
>If I was working on a break and found one
>I would fear for my life.
Just splash it all over the Internet before anyone knows what you were
working on. That _should_ work.
I certainly don't know a break. I have noted, on my web page, that
there are certain structural characteristics in Rijndael similar to
those found in Feistel ciphers found to be weak (such as 15-round DES,
or SKIPJACK with a 64-bit key) unless you use certain key lengths and
block sizes, one of which is a 224-bit key with a 128-bit block, which
don't happen to be likely to be part of the standard.
On the other hand, it has a really nice S-box.
John Savard
http://home.ecn.ab.ca/~jsavard/frhome.htm
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
