Cryptography-Digest Digest #489, Volume #14 Fri, 1 Jun 01 09:13:01 EDT
Contents:
Re: crypt education ("Jeffrey Walton")
Re: National Security Nightmare? ("Sam Simpson")
Jacobian projective coordinates ("himanee")
A Newbie Question ("Robert J. Kolker")
Re: Stream Cipher combiners (Nicol So)
Re: Stream Cipher combiners (Nicol So)
Re: And the FBI, too (Re: National Security Nightmare?) (SCOTT19U.ZIP_GUY)
Re: Uniciyt distance and compression for AES ([EMAIL PROTECTED])
Re: Uniciyt distance and compression for AES (SCOTT19U.ZIP_GUY)
Re: Uniciyt distance and compression for AES (SCOTT19U.ZIP_GUY)
Re: A Newbie Question ("Henrick Hellstr�m")
Re: crypt education (SCOTT19U.ZIP_GUY)
Re: Help with Comparison Of Complexity of Discrete Logs, Knapsack, and Large Primes
(Bob Silverman)
HELP WITH RSA ENCRYPTION/DECRYPTION INCLUDING GARNER CRT ALGORITHM (Sam)
Re: A Newbie Question ("Robert J. Kolker")
Re: HELP WITH RSA ENCRYPTION/DECRYPTION INCLUDING GARNER CRT ALGORITHM ("Tom St
Denis")
----------------------------------------------------------------------------
From: "Jeffrey Walton" <[EMAIL PROTECTED]>
Subject: Re: crypt education
Date: Fri, 1 Jun 2001 04:25:11 -0400
Reply-To: "Jeffrey Walton" <[EMAIL PROTECTED]>
Rubin's list seems to be fairly complete. Kind of
impressive for a dynamic medium like the web.
"M.S. Bob" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
| Thorsten Holz wrote:
| >
| > Hello,
| >
| > I've got a question for the same topic:
| >
| > Which University would you recommend for someone who is
interested in
| > cryptography and maths? Currently I study in Germany,
but I want to
| > take a year abroad :)
|
| Avi Rubin's list of crypto and security courses
| http://avirubin.com/courses.html
|
| Counterpane's list of courses
| http://www.counterpane.com/courses.html
|
| Google Groups thread - Re: _"Good" school in Cryptography
("was" I got
| accepted)
|
<http://groups.google.com/groups?hl=en&lr=&safe=off&ic=1&th=
fe1adeb318105b77,29&seekm=Pine.LNX.4.10.10104121305001.6111-
100000%40gs264.sp.cs.cmu.edu#p>
------------------------------
From: "Sam Simpson" <[EMAIL PROTECTED]>
Subject: Re: National Security Nightmare?
Date: Thu, 31 May 2001 10:19:00 +0100
"Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Sam Simpson wrote:
> > True, in the same way that the UK GCHQ equivalent of doesn't spy on UK
> > citizens....It gets other countries security establishments to do their
> > dirty work.............
>
> I won't say it doesn't happen, but actually our regulations
> apply to intelligence received about US citizens from foreign
> sources as well. Really, if some citizen does pose a risk to
> national security, there is a mechanism already, and if he
> doesn't, why waste precious resources surveilling him?
To use the only example I know of (*), Margaret Thatcher was not permitted
to use GCHQ to monitor UK subjects, so instead she asked CSE to spy on
several Cabinet Ministers in London.
If MP's aren't even safe from this kind of snooping, then I have grave
doubts about the rights of normal citizens being upheld!
Regards,
--
Sam Simpson
http://www.scramdisk.clara.net/
(*) From Secret Power by Nicky Hager
------------------------------
From: "himanee" <[EMAIL PROTECTED]>
Subject: Jacobian projective coordinates
Date: Fri, 1 Jun 2001 16:43:19 +0530
Hello,
In recent snapshots of openssl ecc code, in a comment, I came across the
term 'Jacobian projective coordinates' and coversion between Jacobian
projective coordinates and affine coordinates.
I have the following *mathematics* question. At least, I would like to
request a reference.
I know about the usual projective coordinates and affine cooordinates, and
the "usual" relationship between them, viz.
x = X/Z,
y = Y/Z,
where (x, y) are affine coorninates, (X, Y, Z) are projective coordinates,
and we have assumed that Z is not zero.
I can imagine the following. A projective plane is the set of all straight
lines through the origin in 3-space. Instead of straight lines through the
origin, one can think of some curves through the origin in 3-space,
(corresponding to the transformations x = X/(Z^2), y = (Y/Z^3)). Is that the
idea behind Jacobian projective coordinates?
Projective plane means affine plane + points (and lines) at infinity.
Is there some kind of a 'Jacobian projective plane' or something? If so, is
there something corresponding to the above paragraph? If not, what is the
idea behind Jacobian projective coordinates?
What is the mathematical significance of the transformations :
x = X/(Z^2)
y = Y/(Z^3) ?
Also, can someone give me reference/s for Jacobian projective coordinates?
Thanks in advance.
Best wishes,
Himanee
------------------------------
From: "Robert J. Kolker" <[EMAIL PROTECTED]>
Subject: A Newbie Question
Date: Fri, 01 Jun 2001 07:41:57 -0400
<apology>
I have looked in the FAQ, however the questions
I have do not seem to be there.
</apology>
Assume you have done a differential attack on a set
of crypts and have gotten part of the key. However
there are still a few thousand possible keys for which
bruit force is used.
Now, you are particularly interested in breaking one
crypt, and you run a moderate number of key guesses
against it.
Doesn't one still have to * read * ( I mean with a pair of
eyes and a brain) the resulting decrypts to see if they
make sense? Isn't this time consuming? Can a computer
program speed up this phase? What sort of computer
program?
Thank you for your input,
Bob Kolker
------------------------------
From: Nicol So <[EMAIL PROTECTED]>
Subject: Re: Stream Cipher combiners
Date: Fri, 01 Jun 2001 07:44:47 -0400
Reply-To: see.signature
Paul Crowley wrote:
>
> Nigel Smart <[EMAIL PROTECTED]> writes:
> > There is a distinct confusion here between what Math generally people do
> > and what CS/Engineers do. Rather like the sqrt(-1) being i or j depending
> > on where you come from. Neither is wrong/right just a matter of taste....
>
> All of these notations refer to groups; what would you use for the
> field of integers modulo a prime? Is GF(p) the one universally used
> notation?
I think Z/nZ can refer to a group or a ring (which may happen to be a
field), depending on the context. (The same notation can refer to a
quotient group or a quotient ring, depending on how you interpret the
first "Z" in the notation.)
--
Nicol So, CISSP // paranoid 'at' engineer 'dot' com
Disclaimer: Views expressed here are casual comments and should
not be relied upon as the basis for decisions of consequence.
------------------------------
From: Nicol So <[EMAIL PROTECTED]>
Subject: Re: Stream Cipher combiners
Date: Fri, 01 Jun 2001 07:51:07 -0400
Reply-To: see.signature
David Wagner wrote:
>
> Paul Crowley wrote:
> >All of these notations refer to groups; what would you use for the
> >field of integers modulo a prime? Is GF(p) the one universally used
> >notation?
>
> I tend to use GF(p) when I care mainly that it is a finite field
> and am not using much about how the elements are represented; when
> it is somehow relevant that the elements are represented as integers
> taken modulo p, then I tend to prefer Z/pZ. But this is just a
> personal (and possibly idiosyncratic) preference.
Sounds reasonable. BTW, what would be a _natural_ alternative way of
representing the elements of GF(p)?
--
Nicol So, CISSP // paranoid 'at' engineer 'dot' com
Disclaimer: Views expressed here are casual comments and should
not be relied upon as the basis for decisions of consequence.
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Crossposted-To: talk.politics.crypto
Subject: Re: And the FBI, too (Re: National Security Nightmare?)
Date: 1 Jun 2001 11:52:31 GMT
[EMAIL PROTECTED] (Paul Crowley) wrote in
<[EMAIL PROTECTED]>:
>Paul Rubin <[EMAIL PROTECTED]> writes:
>> I don't think "NSA agents" are likely to show anyone badges to start
>> questioning them.
>
>Hey, I've been questioned by someone with an NSA badge!
>
>OK, so it was at a crypto conference, and the "badge" was a perfectly
>ordinary delegate laminate bearing the name of his employer, and the
>questions were about the presentation I'd given, but it still counts,
>right? :-)
Well there are many NSA's how do you know its the spook one.
Just as many may think NBA has something to do with basket ball.
But if you from Nevada think brothels.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE "OLD VERSIOM"
http://www.jim.com/jamesd/Kong/scott19u.zip
My website http://members.nbci.com/ecil/index.htm
My crypto code http://radiusnet.net/crypto/archive/scott/
MY Compression Page http://members.nbci.com/ecil/compress.htm
**NOTE FOR EMAIL drop the roman "five" ***
Disclaimer:I am in no way responsible for any of the statements
made in the above text. For all I know I might be drugged or
something..
No I'm not paranoid. You all think I'm paranoid, don't you!
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Uniciyt distance and compression for AES
Date: Fri, 01 Jun 2001 03:10:07 -0800
Dennis Ritchie wrote:
>
> [EMAIL PROTECTED] asked:
>
> > Where does Shannon discuss compression in detail? I did a quick flip
> > through
> > his "Comm. Theory of Secrecy Systems" and only found a passing reference
> > to
> > compression. If memory serves, he doesn't discuss it in "A Mathematical
> > Theory of Comm. Systems" either.
> >
> > I would be interested in reading any research he did on compression.
> > As far as I'm concerned, Shannon was "the man" (and not just because
> > of his secrecy system theory).
>
> One place is
>
> C.E. Shannon, "Prediction and Entropy of Printed English," Bell Syst. Tech J,
> v. 30, pp 50-64, 1951.
>
> It is reprinted in the Sloane and Wyner compilation of Shannon's papers,
> IEEE press, ISBN 0-7803-0434-9. This book is expensive and takes
> a while to be delivered, but my copy arrived a month or so ago.
>
> This paper is an expansion and analysis of the discussion of entropy
> of English in his epochal paper, but not a general treatise on compression.
>
> Still, if he's "the man", you might want to spring for the book; there's lots
> in it.
>
> Dennis
I think I will order that (although I may have to save my lunch money
for a month to pay for it). BTW, are you "the" Dennis Ritchie (as in
one of "the men")? ;)
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Uniciyt distance and compression for AES
Date: 1 Jun 2001 12:06:18 GMT
[EMAIL PROTECTED] (John A. Malley) wrote in
<[EMAIL PROTECTED]>:
>
>"SCOTT19U.ZIP_GUY" wrote:
>[...]
>>
>> I don't have the papers readily avialable but I think it was in
>> his Comm paper where he discusses enropy and he calls it H.
>> But I am sure others know exactly where it is. I confuses idea
>> security and perfect secure definations and someone pointed to out.
>>
>
>It's probably this post from March 28 2001, in the thread titled "Idea -
>(LONG)", which I found on Google:
>
>http://groups.google.com/groups?start=20&hl=en&lr=&safe=off&th=1eb1c8b75d
>79c44e,75&rnum=29&ic=1&selm=3AC2DEDD.C9F93AC1%40compuserve.com
>
I checked this out. Notive that if compression was used it would
have to be bijective since for any hope of cipher text to map back
to a seperate plain text for each key that is the only kind of compression
that would work.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE "OLD VERSIOM"
http://www.jim.com/jamesd/Kong/scott19u.zip
My website http://members.nbci.com/ecil/index.htm
My crypto code http://radiusnet.net/crypto/archive/scott/
MY Compression Page http://members.nbci.com/ecil/compress.htm
**NOTE FOR EMAIL drop the roman "five" ***
Disclaimer:I am in no way responsible for any of the statements
made in the above text. For all I know I might be drugged or
something..
No I'm not paranoid. You all think I'm paranoid, don't you!
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Uniciyt distance and compression for AES
Date: 1 Jun 2001 12:09:27 GMT
[EMAIL PROTECTED] (Dennis Ritchie) wrote in
<[EMAIL PROTECTED]>:
>
>
>[EMAIL PROTECTED] asked:
>
>> Where does Shannon discuss compression in detail? I did a quick flip
>> through
>> his "Comm. Theory of Secrecy Systems" and only found a passing
>> reference to
>> compression. If memory serves, he doesn't discuss it in "A
>> Mathematical Theory of Comm. Systems" either.
>>
>> I would be interested in reading any research he did on compression.
>> As far as I'm concerned, Shannon was "the man" (and not just because
>> of his secrecy system theory).
>
>One place is
>
> C.E. Shannon, "Prediction and Entropy of Printed English," Bell Syst.
> Tech J, v. 30, pp 50-64, 1951.
>
>It is reprinted in the Sloane and Wyner compilation of Shannon's papers,
>IEEE press, ISBN 0-7803-0434-9. This book is expensive and takes
>a while to be delivered, but my copy arrived a month or so ago.
>
>This paper is an expansion and analysis of the discussion of entropy
>of English in his epochal paper, but not a general treatise on
>compression.
>
>Still, if he's "the man", you might want to spring for the book; there's
>lots in it.
>
> Dennis
Notice that if compression was used it would
have to be bijective since for any hope of cipher text to map back
to a seperate plain text for each key that is the only kind of compression
that would work. I doubt if I will spring for the book but I bet its
a good book. I do have a question if you actually read it. Does Shannon
every talk about the kind of compression. I am I know it has to be
lossless. But doesn't he also imply that for a piece of cipher text
eack key test would have to lead back to a plain text so that imples
some sort of bijective compression.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE "OLD VERSIOM"
http://www.jim.com/jamesd/Kong/scott19u.zip
My website http://members.nbci.com/ecil/index.htm
My crypto code http://radiusnet.net/crypto/archive/scott/
MY Compression Page http://members.nbci.com/ecil/compress.htm
**NOTE FOR EMAIL drop the roman "five" ***
Disclaimer:I am in no way responsible for any of the statements
made in the above text. For all I know I might be drugged or
something..
No I'm not paranoid. You all think I'm paranoid, don't you!
------------------------------
From: "Henrick Hellstr�m" <[EMAIL PROTECTED]>
Subject: Re: A Newbie Question
Date: Fri, 1 Jun 2001 14:25:06 +0200
It depends. You will normally need lots of known plain text for a
differential attack, because, normally, differential attacks reduces the
effort you need to retrieve the key at the expense of an increased amount of
known plain text. (Just to pick some figures, let's say you need four known
plain text blocks for brute force on the cipher in question, but several
millions of known plain text blocks for a differential attack.) So all you
have to do is to test all the remaining keys and see which one matches the
known plain text you already have.
--
Henrick Hellstr�m [EMAIL PROTECTED]
StreamSec HB http://www.streamsec.com
"Robert J. Kolker" <[EMAIL PROTECTED]> skrev i meddelandet
news:[EMAIL PROTECTED]...
> <apology>
> I have looked in the FAQ, however the questions
> I have do not seem to be there.
> </apology>
>
> Assume you have done a differential attack on a set
> of crypts and have gotten part of the key. However
> there are still a few thousand possible keys for which
> bruit force is used.
>
> Now, you are particularly interested in breaking one
> crypt, and you run a moderate number of key guesses
> against it.
>
> Doesn't one still have to * read * ( I mean with a pair of
> eyes and a brain) the resulting decrypts to see if they
> make sense? Isn't this time consuming? Can a computer
> program speed up this phase? What sort of computer
> program?
>
> Thank you for your input,
>
> Bob Kolker
>
>
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: crypt education
Date: 1 Jun 2001 12:21:29 GMT
[EMAIL PROTECTED] (M.S. Bob) wrote in <[EMAIL PROTECTED]
edy>:
>http://avirubin.com/courses.html
will i see form the cutting below that MIT
and Ron is there. Tha was the one I recomended.
"
MIT
Ron Rivest's course on network and computer security.
"
May someday I will teach a class. I taught univac assembly
language before. And was the main Univac systems programs for
years at the place I worked. There are many many things that
are weak. People who never worked with it don't relize the
scope of the problem. Trust me if I teach it it will make the
students think and hopefully learn to use there brains. Maybe some
day at a college in Texas I will see if they let me teach
crypto concepts and security. I do have the years of experience
in the real world working with various forms of security problems.
And use Shannon and my bijetive compression theory would be a
main part.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE "OLD VERSIOM"
http://www.jim.com/jamesd/Kong/scott19u.zip
My website http://members.nbci.com/ecil/index.htm
My crypto code http://radiusnet.net/crypto/archive/scott/
MY Compression Page http://members.nbci.com/ecil/compress.htm
**NOTE FOR EMAIL drop the roman "five" ***
Disclaimer:I am in no way responsible for any of the statements
made in the above text. For all I know I might be drugged or
something..
No I'm not paranoid. You all think I'm paranoid, don't you!
------------------------------
From: [EMAIL PROTECTED] (Bob Silverman)
Subject: Re: Help with Comparison Of Complexity of Discrete Logs, Knapsack, and Large
Primes
Date: 1 Jun 2001 05:59:41 -0700
[EMAIL PROTECTED] (Merc42) wrote in message
news:<[EMAIL PROTECTED]>...
> I am semi-new to cryptography and am currently in the middle of a
> school project based on it. I was wondering if anybody could give me
> any advice in helping me with my project in which i hope to compare
> the mathematical differences
I'll be glad to help, but your meaning isn't clear. What do you
mean by "compare the mathematical differences"? They are based
on different hard problems. What comparison did you have in mind?
> in using discrete logs, the knapsack
> (super increasing and non), and factoring large primes
Factoring large primes is a waste of time.....
> as a basis of
> cryptographic security. I was wondering if anybody knows any good
> books on complexity theory
For discrete logs and factoring, you need to learn about the number field
sieve. Look up
Lenstra & Lenstra (eds)
Development of the Number Field Sieve Springer-Verlag
For knapsack, you need to learn about lattices and lattice basis reduction.
I know of no good books on this subject; Schrijver's book on the theory
of Integer & Linear Programming can be a start. For a discussion of the
L^3 lattice basis reduction algorithm see: Lenstra & Tijdeman (eds)
Computational Methods in Number Theory, Math. Centre Tracts #154,155.
I mean no offense, but I suspect you are trying to do something for which
you lack the mathematical background. Understanding the Number Field Sieve
requires knowledge of algebraic number theory at least at the level of a first
year graduate course.
------------------------------
Date: Fri, 01 Jun 2001 22:58:17 +1000
From: Sam <[EMAIL PROTECTED]>
Subject: HELP WITH RSA ENCRYPTION/DECRYPTION INCLUDING GARNER CRT ALGORITHM
<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
<html>
May be I am missing something or taking a wrong approach.
<p>Plaintext 'm' to be encrypted : m= ABCD12345
<br>* convert chars in 'm' to a byte array with ascii values of the chars
in the plaintext :
<br>inputStr = [065 066 067 068 049 050 051 052 053]
<p> encryption ciphertext c = m^e mod n
<br>where e =17, and
<br>n (size 128 bits) =
604617013676588903089819459843928561595967634140770680278581402097188044430156586545307409371288684871273873727250749538931794090167705319066304181984583
<p> so c will be a string (065^e mod n 066^e mod n 067^e
mod 068^e modn 049^e modn 050^e mod n 051^e mod
n 052^e mod n 053^e mod n), whic may come out some thing like
this
<p>CipherText:
!,0129140163,16926659444736,762939453125,0129140163,16926659444736,16926659444736,0232630513987207,16926659444736
<br>,232630513987207,0232630513987207,16926659444736,2251799813685248,0129140163,17179869184,16677181699666569,0129140163,7629394
<br>53125,0129140163,0129140163,762939453125,1,0129140163,762939453125,131072,02251799813685248,762939453125,129140163
<p>when this ciphertext is passed to decrypt function to get original messege
m
<br>m = c^d mod n
<p>where d =
<br>exp
<br>106697120060574512309968139972457981458111935436606590637396718017150831370018871731047547545813561329601322725228331964181118052002625130275185842812553
<p>m =(0129140163^d mod n, 16926659444736^d mod n,
............
................... ....................... , 762939453125^d
mod n,129140163^d mod n)
<p>= 065 066 067 068 049 050 051 052 053 which when converted to char gives
back m = ABCD12345.
<br>
<p>IS THIS THE CORRECT WAY BUT WHEN USING
GARNER ALGORITHM TO DECRYPT I HAVE PROBLEMS
<p>BigInteger temp = p.subtract(CONST_ONE);
<br> dP = e.modInverse(temp);
<br> System.out.println("dP: " + dP);
<br> dQ = e.modInverse(q.subtract(CONST_ONE));
<br> System.out.println("dQ: " + dQ);
<br>
<br> m1 = c.modPow(dP,p);
<br> System.out.println("m1: " + m1);
<br>
<br> m2 = c.modPow(dQ,q);
<br> System.out.println("m2: " + m2);
<br>
<br> BigInteger qInv = q.modInverse(p);
<br> System.out.println("qInv: " + qInv);
<br> h = m1.subtract(m2);
<br> h = h.multiply(qInv);
<br> h = h.mod(p);
<br> System.out.println("h: " + h);
<br>
<br> m = m2.add(q.multiply(h));
<br> System.out.println("M: " + m.toString());
<br>
<br> return m;
<br>
<p>* Do I pass ciphertext string
<br>CipherText:
!,0129140163,16926659444736,762939453125,0129140163,16926659444736,16926659444736,0232630513987207,16926659444736
<br>,232630513987207,0232630513987207,16926659444736,2251799813685248,0129140163,17179869184,16677181699666569,0129140163,7629394
<br>53125,0129140163,0129140163,762939453125,1,0129140163,762939453125,131072,02251799813685248,762939453125,129140163
<p>to both
<br> m1 = c.modPow(dP,p);
<br> m2 = c.modPow(dQ,q);
<p>Then I will get two different byte arrays
<br>then how do I proceed to get m
<br> BigInteger qInv = q.modInverse(p);
<br> h = m1.subtract(m2);
<br> h = h.multiply(qInv);
<br> h = h.mod(p);
<br> m = m2.add(q.multiply(h));
<p>Will I get to right answer, will I get real impimprovement in efficiency
using Garner algorithm. does somebody have some comparision results.
<br>messege may be much bigger than ABCD12345
<br>can somebody give me some example
<p>Thanks a lot in advance
<p>Sam
<br>
<br>
<br> </html>
------------------------------
From: "Robert J. Kolker" <[EMAIL PROTECTED]>
Subject: Re: A Newbie Question
Date: Fri, 01 Jun 2001 09:07:42 -0400
"Henrick Hellstr�m" wrote:
> It depends. You will normally need lots of known plain text for a
> differential attack, because, normally, differential attacks reduces the
> effort you need to retrieve the key at the expense of an increased amount of
> known plain text. (Just to pick some figures, let's say you need four known
> plain text blocks for brute force on the cipher in question, but several
> millions of known plain text blocks for a differential attack.) So all you
> have to do is to test all the remaining keys and see which one matches the
> known plain text you already have.
Bingo! And thank you. Why didn't I think of that?
Bob Kolker
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: HELP WITH RSA ENCRYPTION/DECRYPTION INCLUDING GARNER CRT ALGORITHM
Date: Fri, 01 Jun 2001 13:08:44 GMT
DONT POST IN HTML READ THE BLOODY FAQ
YOUR N IS NOT A 128-BIT NUMBER (LEARN TO COUNT)
CITE THE ALGORITHM NOT JUST THE NAME. THIS SERVES LITTLE PURPOSE JUST TO
SAY "THE GARNER" ALGORITHM.
DONT POST WITH CAPS ON EITHER.
TOM
========================
"Sam" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
May be I am missing something or taking a wrong approach.
Plaintext 'm' to be encrypted : m= ABCD12345
* convert chars in 'm' to a byte array with ascii values of the chars in the
plaintext :
inputStr = [065 066 067 068 049 050 051 052 053]
encryption ciphertext c = m^e mod n
where e =17, and
n (size 128 bits) =
6046170136765889030898194598439285615959676341407706802785814020971880444301
5658654530740937128868487127387372725074953893179409016770531906630418198458
3
so c will be a string (065^e mod n 066^e mod n 067^e mod 068^e modn
049^e modn 050^e mod n 051^e mod n 052^e mod n 053^e mod n), whic may
come out some thing like this
CipherText:
!,0129140163,16926659444736,762939453125,0129140163,16926659444736,169266594
44736,0232630513987207,16926659444736
,232630513987207,0232630513987207,16926659444736,2251799813685248,0129140163
,17179869184,16677181699666569,0129140163,7629394
53125,0129140163,0129140163,762939453125,1,0129140163,762939453125,131072,02
251799813685248,762939453125,129140163
when this ciphertext is passed to decrypt function to get original messege m
m = c^d mod n
where d =
exp
1066971200605745123099681399724579814581119354366065906373967180171508313700
1887173104754754581356132960132272522833196418111805200262513027518584281255
3
m =(0129140163^d mod n, 16926659444736^d mod n, ............
................... ....................... , 762939453125^d mod
n,129140163^d mod n)
= 065 066 067 068 049 050 051 052 053 which when converted to char gives
back m = ABCD12345.
IS THIS THE CORRECT WAY BUT WHEN USING GARNER ALGORITHM TO DECRYPT I
HAVE PROBLEMS
BigInteger temp = p.subtract(CONST_ONE);
dP = e.modInverse(temp);
System.out.println("dP: " + dP);
dQ = e.modInverse(q.subtract(CONST_ONE));
System.out.println("dQ: " + dQ);
m1 = c.modPow(dP,p);
System.out.println("m1: " + m1);
m2 = c.modPow(dQ,q);
System.out.println("m2: " + m2);
BigInteger qInv = q.modInverse(p);
System.out.println("qInv: " + qInv);
h = m1.subtract(m2);
h = h.multiply(qInv);
h = h.mod(p);
System.out.println("h: " + h);
m = m2.add(q.multiply(h));
System.out.println("M: " + m.toString());
return m;
* Do I pass ciphertext string
CipherText:
!,0129140163,16926659444736,762939453125,0129140163,16926659444736,169266594
44736,0232630513987207,16926659444736
,232630513987207,0232630513987207,16926659444736,2251799813685248,0129140163
,17179869184,16677181699666569,0129140163,7629394
53125,0129140163,0129140163,762939453125,1,0129140163,762939453125,131072,02
251799813685248,762939453125,129140163
to both
m1 = c.modPow(dP,p);
m2 = c.modPow(dQ,q);
Then I will get two different byte arrays
then how do I proceed to get m
BigInteger qInv = q.modInverse(p);
h = m1.subtract(m2);
h = h.multiply(qInv);
h = h.mod(p);
m = m2.add(q.multiply(h));
Will I get to right answer, will I get real impimprovement in efficiency
using Garner algorithm. does somebody have some comparision results.
messege may be much bigger than ABCD12345
can somebody give me some example
Thanks a lot in advance
Sam
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
