Cryptography-Digest Digest #481, Volume #14 Thu, 31 May 01 07:13:01 EDT
Contents:
Re: Medical data confidentiality on network comms ("Roger Schlafly")
Help with RSA ("Uros Podlogar")
Re: Medical data confidentiality on network comms ("Jordan C. Wiseman")
Re: Help with RSA (Pascal Junod)
Re: Cool Cryptography Website! (Mok-Kong Shen)
Re: Medical data confidentiality on network comms (Michael
=?iso-8859-1?Q?Str=F6der?=)
Re: And the FBI, too (Re: National Security Nightmare?) ("Roger Schlafly")
Re: Cool Cryptography Website! ("Mark Lomas")
Re: differential oddity (Tom St Denis)
Re: Help with RSA (Tom St Denis)
Re: Medical data confidentiality on network comms (David Wagner)
Re: Medical data confidentiality on network comms (Larry Kilgallen)
Fast 8-bit mults on smartcards (Tom St Denis)
Re: Medical data confidentiality on network comms ("Jordan C. Wiseman")
----------------------------------------------------------------------------
From: "Roger Schlafly" <[EMAIL PROTECTED]>
Crossposted-To: comp.security.misc
Subject: Re: Medical data confidentiality on network comms
Date: Thu, 31 May 2001 06:10:24 GMT
"Jordan C. Wiseman" <[EMAIL PROTECTED]> wrote in message
news:EeeR6.83968$[EMAIL PROTECTED]...
> Actually, I do....there are several medical
> institutions that use Citrix boxes with
> high-encryption....Dumb terminals that have no
> floppy (or any other drive) and only route
> connections to the Citrix box from
> internal/private IP's on certain subnets.
> While this is not perfect, it would seem to me
> that this kind of system would make securing the
> medical data easier...especially since all of it
> would reside in a single place that would be
> easier to physically secure.
Sounds great, but there are still all sorts of problems. Eg,
1. Insurance companies and HMOs want all sorts of info, and
may be entitled to most or all of it under policy terms, but the
patients may not trust them with the info.
2. Info goes to and from outside labs, emergency rooms,
etc, where the info is out of control.
3. Somebody usually still controls the network and can access
the data.
4. Gubmnt agencies claim rights to access the data.
Putting all the medical data in one place makes me less
comfortable, not more. I think I'd rather have the data
unencrypted, but spread out and hard to assemble.
------------------------------
From: "Uros Podlogar" <[EMAIL PROTECTED]>
Subject: Help with RSA
Date: Thu, 31 May 2001 09:49:00 +0200
I am a complete beginner, but I have read some books and now know how RSA
works. I have to implement RSA encryption and have some questions:
1. Are there any public sites or free software for RSA key generation? I am
considering key lengths 512 or 1024 bits.
2. Is there a free and simple library that supports RSA encryption and
decryption. I found several big libraries that support also other types of
encryption. I have to port this software to two platforms and I would be
very happy if I could get short source code.
3. As I understand for RSA I need keys P, G and number N. I use one key to
encode and the other one to decode. As I understand encode and decode
functions is the same. The only change is the key that I use. Am I right?
Writing encode and decode routines is not that complicated, but I would very
much like to get keys elsewhere (I would not like to write whole key
generation program that will be used only once).
Thank you for your help.
Bye
Uros
------------------------------
From: "Jordan C. Wiseman" <[EMAIL PROTECTED]>
Crossposted-To: comp.security.misc
Subject: Re: Medical data confidentiality on network comms
Date: Thu, 31 May 2001 08:17:48 GMT
Well, if we can't trust the data's integrity in transit, can't trust all
the agencies who request access to it, and can't trust the people we hire
to secure it, what do we do?
Does the world need the medical equivalent of a CA to verify that everyone
attempting to get the data is who they say they are?
Besides all that, if the data can not be secured in hard-copy...then the
issue of digital security is null. We can spend all the time we want
setting up secure comm channels, but as long as someone can simply take the
file out of cabinet or off a shelf and make copies we can't be sure it is
safe.
I must say that I do not agree that the data should be "spread thin".
First off...it really isn't that hard to put someone's personal data
together no matter how fragmented it is (just ask an advertising
profiler...they do with internet and computer usage traits everyday: they
really ARE watching you). I believe that the only real way to secure the
data is to keep better track of who we give the "written permission" to use
it ...if you can't trust the data to anyone else, make sure the release you
sign does not give them the right to give your data to anyone else with out
your knowledge; read every contract before you sign it.
Well, that's my feeling anyway....common sense goes a lot farther than
paranoia.
Jordan
"Roger Schlafly" <[EMAIL PROTECTED]> wrote in message
news:kflR6.145$[EMAIL PROTECTED]...
> "Jordan C. Wiseman" <[EMAIL PROTECTED]> wrote in message
> news:EeeR6.83968$[EMAIL PROTECTED]...
> > Actually, I do....there are several medical
> > institutions that use Citrix boxes with
> > high-encryption....Dumb terminals that have no
> > floppy (or any other drive) and only route
> > connections to the Citrix box from
> > internal/private IP's on certain subnets.
> > While this is not perfect, it would seem to me
> > that this kind of system would make securing the
> > medical data easier...especially since all of it
> > would reside in a single place that would be
> > easier to physically secure.
>
> Sounds great, but there are still all sorts of problems. Eg,
>
> 1. Insurance companies and HMOs want all sorts of info, and
> may be entitled to most or all of it under policy terms, but the
> patients may not trust them with the info.
> 2. Info goes to and from outside labs, emergency rooms,
> etc, where the info is out of control.
> 3. Somebody usually still controls the network and can access
> the data.
> 4. Gubmnt agencies claim rights to access the data.
>
> Putting all the medical data in one place makes me less
> comfortable, not more. I think I'd rather have the data
> unencrypted, but spread out and hard to assemble.
>
>
>
>
------------------------------
Date: Thu, 31 May 2001 10:48:17 +0200
From: Pascal Junod <[EMAIL PROTECTED]>
Subject: Re: Help with RSA
On Thu, 31 May 2001, Uros Podlogar wrote:
> 1. Are there any public sites or free software for RSA key generation? I am
> considering key lengths 512 or 1024 bits.
> 2. Is there a free and simple library that supports RSA encryption and
> decryption. I found several big libraries that support also other types of
> encryption. I have to port this software to two platforms and I would be
> very happy if I could get short source code.
I don't know if there exists portable libraries only dedicated to RSA. A
good general one is http://www.openssl.org, which has key generation
routines as well as encryption and decryption ones. This library is
portable and quite optimised. In general, it's not worth to reimplement
the wheel...
> 3. As I understand for RSA I need keys P, G and number N. I use one key to
> encode and the other one to decode. As I understand encode and decode
> functions is the same. The only change is the key that I use. Am I right?
Yes, that's right.
RSA:
* Generate two large primes p and q
* The public modulus n = p*q
* Generate a public exponent e such that gcd(e, (p-1)*(q-1)) = 1
* Compute d such that ed = 1 mod (p-1)*(q-1)
* The public key is (n, e), the private one is (n, d)
* Encryption of m is c = m^e mod n
* Decryption of c is m = c^d mod n
So you only need a modular exponentiation procedure ^ for encryption and
decryption.
A+
Pascal
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
* Pascal Junod, [EMAIL PROTECTED] *
* Security and Cryptography Laboratory (LASEC) *
* INF 240, EPFL, CH-1015 Lausanne, Switzerland ++41 (0)21 693 76 17 *
* Place de la Gare 12, CH-1020 Renens ++41 (0)79 617 28 57 *
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Cool Cryptography Website!
Date: Thu, 31 May 2001 11:25:57 +0200
John Savard wrote:
>
> Mok-Kong Shen<[EMAIL PROTECTED]> wrote:
>
> >If someone does a verbatim copy, there is good evidence
> >that he copies from you.
>
> Isn't it equally good evidence that I copied from him?
>
> If he instead decides to be the original author of something for which
> my writings were merely a source of information, then he would have
> done nothing more than I myself have done. But to a multitude of
> victims...that, and putting everything in my own words, is what makes
> it "research".
In case of verbatim copy, those who have read your articles
previously would know that copying has been done. If
he digest the stuffs, writes in his own style, it would
be very difficult to know that his writing isn't 'original'.
(The question would then be one of priority, not stealth.)
Indeed, it is hard to protect intellectual properties
in the modern times. In the ancient times some musicians
published only incomplete versions of their compositions,
if I don't err. But there were certainly lots of imitated
paintings, etc. Anyway, part of the issue has now led to
much of research in digital watermarking etc. (which
is by itself a good undertaking) but it is yet not quite
clear whether some really very effective and economical
protection of certain sectors of intellectual properties
could be achieved at all, I am afraid.
So, given the difficulty of protections in general, I
think that, unless one has considerations of revenues,
a practical way (even though one might not like it
very much) is to publish one's stuffs on the internet as
early as possible and in a form that many people would
like to read and understand these. They would know
that these are your ideas/contributions. That leaves
the copiers (including non-verbatim copying) to have
only the chance of getting a relatively small number
of (new) readers that would believe that the copiers
were instead the original authors. I suppose that
those who make free software packages are having this
in mind.
M. K. Shen
========================
http://home.t-online.de/home/mok-kong.shen
------------------------------
From: Michael =?iso-8859-1?Q?Str=F6der?= <[EMAIL PROTECTED]>
Crossposted-To: comp.security.misc
Subject: Re: Medical data confidentiality on network comms
Date: Thu, 31 May 2001 11:37:34 +0200
Reply-To: [EMAIL PROTECTED]
"Jordan C. Wiseman" wrote:
>
> Besides all that, if the data can not be secured in hard-copy...then the
> issue of digital security is null. We can spend all the time we want
> setting up secure comm channels, but as long as someone can simply take the
> file out of cabinet or off a shelf and make copies we can't be sure it is
> safe.
Making paper copies is much more difficult since physical access is
needed. Digital files can usually be copied with much less effort.
Or did I get you wrong?
Ciao, Michael.
------------------------------
From: "Roger Schlafly" <[EMAIL PROTECTED]>
Crossposted-To: talk.politics.crypto
Subject: Re: And the FBI, too (Re: National Security Nightmare?)
Date: Thu, 31 May 2001 08:43:14 GMT
"Paul Rubin" <[EMAIL PROTECTED]> wrote
> If someone showed me a badge and claimed to be an FBI agent and wanted
> some info from me, I suppose I'd call the local FBI office and them
> ask to confirm the person's credentials before talking to them.
They don't do that on the TV shows!
I suspect that most people would believe that the man is an FBI
agent if he looks, acts, and talks like an FBI agent, and if he has
any sort of official-looking badge.
------------------------------
From: "Mark Lomas" <[EMAIL PROTECTED]>
Subject: Re: Cool Cryptography Website!
Date: Wed, 30 May 2001 23:44:27 +0100
"John Savard" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> On Wed, 30 May 2001 16:31:40 +0200, Mok-Kong Shen
> <[EMAIL PROTECTED]> wrote, in part:
>
> >If someone does a verbatim copy, there is good evidence
> >that he copies from you.
>
> Isn't it equally good evidence that I copied from him?
>
> If he instead decides to be the original author of something for which
> my writings were merely a source of information, then he would have
> done nothing more than I myself have done. But to a multitude of
> victims...that, and putting everything in my own words, is what makes
> it "research".
>
> John Savard
> http://home.ecn.ab.ca/~jsavard/frhome.htm
Plagiarize,
Let no one else's work evade your eyes,
Remember why the good Lord made your eyes,
So don't shade your eyes,
But plagiarize, plagiarize, plagiarize...
Only be sure always to call it please, "research".
Tom Lehrer - "[Nicolai Ivanovich] Lobachevsky"
Giving this a citation seems odd :-)
Mark
[Resent due to finger trouble]
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: differential oddity
Date: Thu, 31 May 2001 10:00:23 GMT
JPeschel wrote:
>
> "Tom St Denis" [EMAIL PROTECTED] writes, in part:
>
> >Hmm, well perhaps I will order the preceedings...
>
> Try:
>
> http://adonis.ee.queensu.ca:8000/sac/sac97/papers/paper1.ps
Thanks.
Tom
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: Help with RSA
Date: Thu, 31 May 2001 10:03:52 GMT
Uros Podlogar wrote:
>
> I am a complete beginner, but I have read some books and now know how RSA
> works. I have to implement RSA encryption and have some questions:
Bad bad bad bad bad. If you're a complete beginner and *have* to
implement RSA please do yourself a favour and pick up a crypto text like
Applied Crypto.
> 1. Are there any public sites or free software for RSA key generation? I am
> considering key lengths 512 or 1024 bits.
Well RSA is only secure if you make the key yourself. So I would
desperately hope nobody would send away for their very own PK.
> 2. Is there a free and simple library that supports RSA encryption and
> decryption. I found several big libraries that support also other types of
> encryption. I have to port this software to two platforms and I would be
> very happy if I could get short source code.
Well with a bignum library RSA can be written easily. It requires a
primality testing routine and a random number routine (ontop of
multiplications, lcm, divisions and inversions).
> 3. As I understand for RSA I need keys P, G and number N. I use one key to
> encode and the other one to decode. As I understand encode and decode
> functions is the same. The only change is the key that I use. Am I right?
Yes. Typically however E and D are the exponents (E for encrypt, D for
decrypt).
> Writing encode and decode routines is not that complicated, but I would very
> much like to get keys elsewhere (I would not like to write whole key
> generation program that will be used only once).
Again this defeats the entire purpose of using RSA.
Tom
------------------------------
From: [EMAIL PROTECTED] (David Wagner)
Crossposted-To: comp.security.misc
Subject: Re: Medical data confidentiality on network comms
Date: Thu, 31 May 2001 10:19:15 +0000 (UTC)
Jordan C. Wiseman wrote:
>Does the world need the medical equivalent of a CA to verify that everyone
>attempting to get the data is who they say they are?
No! The problem is not authentication. Part of the problem is that
too many parties are currently authorized to do too many things with my
medical data. (For instance, insurance companies, government, entire
hospital staff, ...) A CA won't help this.
Securing the communication channel is far enough down the list of threats
that, IMHO, it's not worth spending a lot of time on it until there is
some reason to believe the other threats can be defended against.
Medical privacy has a radically different set of problems from military
security.
------------------------------
From: [EMAIL PROTECTED] (Larry Kilgallen)
Crossposted-To: comp.security.misc
Subject: Re: Medical data confidentiality on network comms
Date: 31 May 2001 06:43:16 -0500
In article <9f55r3$2ffu$[EMAIL PROTECTED]>, [EMAIL PROTECTED] (David
Wagner) writes:
> Jordan C. Wiseman wrote:
>>Does the world need the medical equivalent of a CA to verify that everyone
>>attempting to get the data is who they say they are?
>
> No! The problem is not authentication. Part of the problem is that
> too many parties are currently authorized to do too many things with my
> medical data. (For instance, insurance companies, government, entire
> hospital staff, ...) A CA won't help this.
Authorization controls are worthless without strong authentication.
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Fast 8-bit mults on smartcards
Date: Thu, 31 May 2001 10:47:29 GMT
Probably someone has thought of this but I have never seen it
discussed....
I was reading some SAC'97 papers and one of them (by Adams) discusses
how to make MDS matrices that are also involutions (i.e if A is an MDS
then AA = I). And got to thinking...
Why not make an entire 128-bit block cipher out of a huge 16x16 MDS in
GF(2^8)[2]/p(x)? The biggest problem is all the multiplications you
must perform. Then I got to thinking this.
Why not take a 512kbit EPROM (16-bit addressable) and just make the high
order and low order addresses point to the result of the
multiplication. You than have todo 256 lookups and 240 xor operations
todo the mult. which is slow on it's own but the diffusion power would
be awesome.
Of course we need non-linear substitutions so we can replace the first
512 bytes (which would be 0*x and 1*x anyways) with the sbox and inverse
(and just make a MDS without 0's (which can't occur anyways) and 1's
which are avoidable).
This way the entire cipher data fits in an external EPROM and the code
inside the ROM is minimal.
If we used an sbox with a DPmax of say 8/256 = 2^-5 we will observe that
in each two rounds there are 17 active sboxes. That is 17*-5 = -85
(log2). So with four rounds we get a upper bound on the probability of
a differential to 2*17*-5 = -170, or 2^-170
Four rounds would require a total of 4*(16+256)=1088 lookups and 960 xor
operations.
Just looking at my 8051 I see the avg access time is -10 (is that ms or
ns?) assuming it's ns 1088 lookups would not take too long.
The inverse can reuse the primitives and alternative sbox (or make the
sbox an involution itself).
Also if the MDS is analyzed for duplicates it may be possible to reduce
the # of lookups at an expense in code size...
Tom
------------------------------
From: "Jordan C. Wiseman" <[EMAIL PROTECTED]>
Crossposted-To: comp.security.misc
Subject: Re: Medical data confidentiality on network comms
Date: Thu, 31 May 2001 11:03:22 GMT
No, you got me...but my point wasn't that someone could copy the
hard-copies easier, just that we need to make sure that the current data
(mostly hard-copy) is better secured before we spend too much time and
effort on
paranoia about the data's digital security.
Jordan
"Michael Str�der" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> "Jordan C. Wiseman" wrote:
> >
> > Besides all that, if the data can not be secured in hard-copy...then
the
> > issue of digital security is null. We can spend all the time we want
> > setting up secure comm channels, but as long as someone can simply take
the
> > file out of cabinet or off a shelf and make copies we can't be sure it
is
> > safe.
>
> Making paper copies is much more difficult since physical access is
> needed. Digital files can usually be copied with much less effort.
> Or did I get you wrong?
>
> Ciao, Michael.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
