Cryptography-Digest Digest #568, Volume #14 Fri, 8 Jun 01 15:13:01 EDT
Contents:
Re: National Security Nightmare? ([EMAIL PROTECTED])
Re: National Security Nightmare? (JPeschel)
Re: Best, Strongest Algorithm (gone from any reasonable topic) (Mok-Kong Shen)
Re: Brute-forcing RC4 (David Wagner)
Re: Best, Strongest Algorithm (gone from any reasonable topic) ("Tom St Denis")
Re: Help with Comparison Of Complexity of Discrete Logs, Knapsack, and (Mok-Kong
Shen)
Re: Brute-forcing RC4 ("Tom St Denis")
Re: National Security Nightmare? ("Tom St Denis")
Re: Brute-forcing RC4 (Paul Rubin)
Re: National Security Nightmare? (JPeschel)
Re: National Security Nightmare? ("Tom St Denis")
Re: Best, Strongest Algorithm (gone from any reasonable topic) ("Douglas A. Gwyn")
Re: Def'n of bijection ("Douglas A. Gwyn")
Re: Def'n of bijection ("Douglas A. Gwyn")
Rip Van Winkle ("Tom St Denis")
Re: Brute-forcing RC4 (David Wagner)
----------------------------------------------------------------------------
Subject: Re: National Security Nightmare?
From: [EMAIL PROTECTED]
Date: 08 Jun 2001 13:43:03 -0400
"Tom St Denis" <[EMAIL PROTECTED]> writes:
>
> I don't know where you are going with this but it is ARE
>
> "A bunch of people is wrong". Doesn't sound right since it is more
> than one person who is wrong.
No, it doesn't sound right--but it is grammatically correct. ``of people''
is an adjective phrase modifying ``bunch''. Just try it by omitting the
adjective phrase:
``A bunch are wrong.'' vs ``A bunch is wrong.''
``The whole group of you are wrong.'' vs ``The whole group are wrong.''
In the second example, the first sentence sounds right, while the
second sounds completely wrong. Admittedly, ``bunch'' by common usage
screams to be treated as a plural, when preceded by the indefinite
article. ``A bunch is wrong'' doesn't sound right, but ``The bunch is
wrong'' is obviously correct. That's because ``a bunch'' is identical
in meaning and usage to ``some'' or ``many''--at least to Americans--
and both of those are plural.
Len.
--
It's the fundamental responsibility of an MTA to bounce any message
that it can't deliver.
-- Dan Bernstein, author of qmail
------------------------------
From: [EMAIL PROTECTED] (JPeschel)
Date: 08 Jun 2001 17:44:48 GMT
Subject: Re: National Security Nightmare?
"Tom St Denis" [EMAIL PROTECTED] writes:
>"JPeschel" <[EMAIL PROTECTED]> wrote in message
>news:[EMAIL PROTECTED]...
>> Phil Carmody [EMAIL PROTECTED] writes:
>>
>> >Tom St Denis wrote:
>> >> "SCOTT19U.ZIP_GUY" <[EMAIL PROTECTED]> wrote in message
>> >
>> >> > what perfect security is. A bunch of nuts claim it means one thing
>> >
>> >> "A bunch of nuts *ARE* ...".
>> >
>> >Let he who is without blame cast the first stone.
>> >
>> >American and English may be mutually understood, but that does not mean
>> >they are the same language. I belive that the term for uncountable and
>> >uncounted groups is 'mass nouns'. The English and Amricans have
>> >different, both correct, priorities when judging the singularity or
>> >plurality of these entities.
>> >
>> >The logic is as follows:
>> >_A_ bunch (of what just happen to be nuts) _is_ singluar.
>> >(many, I guess you could call them a bunch,) _nuts_ are plural.
>> >
>> >I have to favour the former, personally. However, for some mass nouns
>> >_it really doesn't matter at all_, as long as you're not internally
>> >inconsistant. Some words provide more confusion than others, such as
>> >'committee'.
>> >
>>
>> No, Phil, the English of Americans and the British is one language.
>> There are a few differences in spelling, punctuation, and, naturally, in
>idiom
>> and dialect,
>> but, other than a few different sentence constructions, that's about it.
>>
>> I agree with you that "A bunch" is singular: noun-verb agreement.
>>
>> But Dave wrote: "A bunch of nuts claim it means one thing..." This is also
>> correct.
>> It is written in the present tense and it uses the preferable active,
>rather
>> than the passive, voice.
>>
>
>I don't know where you are going with this but it is ARE
>
>"A bunch of people is wrong". Doesn't sound right since it is more than one
>person who is wrong.
>
>"A list of primes is odd" etc...
Nope, if you want to use the passive voice, the verb should be "is." Here is a
way you can see that for yourself. Open MS-Word, or any word processor that can
check formal English
grammar. Make sure the options are set to check formal English. Now type:
"A bunch of nuts are claiming it means one thing." Word will suggest: "A bunch
of nuts is" or "Bunches of nuts are" as the proper replacement.
But Dave wrote, as I said before, "A bunch of nuts claim it means one
thing...," which
is correct. He cast the beginning of his sentence in the active voice, so there
is
no "are" or "is" needed in this instance.
I am not really sure why I'm bothering with this other than I enjoy writing and
get paid for it. On the other hand, I'm afraid I'm one of the nuts he was
talking about. :-)
Joe
__________________________________________
Joe Peschel
D.O.E. SysWorks
http://members.aol.com/jpeschel/index.htm
__________________________________________
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Best, Strongest Algorithm (gone from any reasonable topic)
Date: Fri, 08 Jun 2001 19:42:53 +0200
Tom St Denis wrote:
>
> "Mok-Kong Shen" <[EMAIL PROTECTED]> wrote:
> > Tom St Denis wrote:
> > >
> > > <[EMAIL PROTECTED]> wrote in message
> > > news:[EMAIL PROTECTED]...
> > > > Tim Tyler <[EMAIL PROTECTED]> writes:
> > > > > [EMAIL PROTECTED] wrote:
> > > > >:> The fish are plausible plaintexts. The tank represents files
> > > > >:> sorted by size. Files at the end of the tank are shorter than
> ones
> > > > >:> further away. The directional swimming of the fish represents
> > > > >:> compression.
> > > > >
> > > > >: GLORY, GLORY HALELUJAH! NOW I GET IT! Please, please, write this up
> and
> > > > >: submit it to the Acta Mathematica...
> > > > >
> > > > > I assume you didn't understand :-( I figure that makes you a lost
> cause.
> > > >
> > > > Don't go easy on me--give me the full-bore mathematical proof. If you
> > > > like, we can trade: I'll send you a copy of my PhD thesis, and you
> send
> > > > me a copy of your actual proof.
> > >
> > > What's your thesis on? Mind sending me a copy?
> >
> > Unless you are a 'collectioner' by nature, I wouldn't
> > in your (and my own) place access thesis in math, for these
> > are invariably virtually 'undigestable' by non-mathematicians.
> > If you already feel very comfortable reading graduate
> > textbooks in math (I don't unfortunately), that may not
> > apply for you though.
>
> Let you in on a tip. I wouldn't even be this [un]knowledgeable about
> comp.sci and crypto (and compiler theory and data compression and automaton
> code generators) if I didn't get in over my head.
>
> When I was 14 I took the EMS/XMS memory manuals. At first they were big and
> confusing (call this, int that, mov this) however I did eventually write
> some support code I needed to use both.
>
> So yeah, I will most likely not understand his thesis. But in time after
> re-reading it etc, I might.
I thought that something I learned from my own experience
could be of some value to you, thus I ventured to give
you an advice (with good will). There are lots of lots
of stuffs that one could learn with sufficient efforts
and that all could be very interesting. But one's time
is limited. Thus, before attempting to look for and
acquire stuffs whole title (subject in a subfield in a
big discipline, e.g. math), I would go to the library
or a book shop and get some textbooks. After one has
built up sufficient capabilities, one can better study
very special things like thesis, which are almost always
dealing with very very special themes and have to
be studied together with lots of reference materials
that their authors have used. My own math knowledge is
poor, maybe much poorer than yours. But, from the fact
that in a recent thread that you were asking people about
the definition of injective and surjective mappings,
I surmise that to interest yourself at the current moment
for a math PhD thesis is with high probability a yet
premature undertaking.
Regards,
M. K. Shen
------------------------------
From: [EMAIL PROTECTED] (David Wagner)
Subject: Re: Brute-forcing RC4
Date: Fri, 8 Jun 2001 17:47:56 +0000 (UTC)
Ichinin wrote:
>David Wagner wrote:
>> in WEP. All the WEP cards that I've seen start their IV off at 0
>> when they are reset, and count up incrementally from there.
>
>Could (frequent) denial of service attacks against the access point or
>mobile device facilitate the resetting of the IV ?
Intriguing question! I don't know whether anyone has tested this,
but it sounds like a plausible hypothesis. One question, though, is
how to mount a denial-of-service attack on a wireless network that is
not publicly accessible. How would you do this?
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: Best, Strongest Algorithm (gone from any reasonable topic)
Date: Fri, 08 Jun 2001 18:00:56 GMT
"Mok-Kong Shen" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
>
>
> Tom St Denis wrote:
> >
> > "Mok-Kong Shen" <[EMAIL PROTECTED]> wrote:
> > > Tom St Denis wrote:
> > > >
> > > > <[EMAIL PROTECTED]> wrote in message
> > > > news:[EMAIL PROTECTED]...
> > > > > Tim Tyler <[EMAIL PROTECTED]> writes:
> > > > > > [EMAIL PROTECTED] wrote:
> > > > > >:> The fish are plausible plaintexts. The tank represents files
> > > > > >:> sorted by size. Files at the end of the tank are shorter than
> > ones
> > > > > >:> further away. The directional swimming of the fish represents
> > > > > >:> compression.
> > > > > >
> > > > > >: GLORY, GLORY HALELUJAH! NOW I GET IT! Please, please, write
this up
> > and
> > > > > >: submit it to the Acta Mathematica...
> > > > > >
> > > > > > I assume you didn't understand :-( I figure that makes you a
lost
> > cause.
> > > > >
> > > > > Don't go easy on me--give me the full-bore mathematical proof. If
you
> > > > > like, we can trade: I'll send you a copy of my PhD thesis, and you
> > send
> > > > > me a copy of your actual proof.
> > > >
> > > > What's your thesis on? Mind sending me a copy?
> > >
> > > Unless you are a 'collectioner' by nature, I wouldn't
> > > in your (and my own) place access thesis in math, for these
> > > are invariably virtually 'undigestable' by non-mathematicians.
> > > If you already feel very comfortable reading graduate
> > > textbooks in math (I don't unfortunately), that may not
> > > apply for you though.
> >
> > Let you in on a tip. I wouldn't even be this [un]knowledgeable about
> > comp.sci and crypto (and compiler theory and data compression and
automaton
> > code generators) if I didn't get in over my head.
> >
> > When I was 14 I took the EMS/XMS memory manuals. At first they were big
and
> > confusing (call this, int that, mov this) however I did eventually write
> > some support code I needed to use both.
> >
> > So yeah, I will most likely not understand his thesis. But in time
after
> > re-reading it etc, I might.
>
> I thought that something I learned from my own experience
> could be of some value to you, thus I ventured to give
> you an advice (with good will). There are lots of lots
> of stuffs that one could learn with sufficient efforts
> and that all could be very interesting. But one's time
> is limited. Thus, before attempting to look for and
> acquire stuffs whole title (subject in a subfield in a
> big discipline, e.g. math), I would go to the library
> or a book shop and get some textbooks. After one has
> built up sufficient capabilities, one can better study
> very special things like thesis, which are almost always
> dealing with very very special themes and have to
> be studied together with lots of reference materials
> that their authors have used. My own math knowledge is
> poor, maybe much poorer than yours. But, from the fact
> that in a recent thread that you were asking people about
> the definition of injective and surjective mappings,
> I surmise that to interest yourself at the current moment
> for a math PhD thesis is with high probability a yet
> premature undertaking.
Not to be "a naive kid" but I doubt even PhD math types could read a thesis
and understand it in one pass.
I find often the biggest problem with math papers/discussions is the lack of
a good language to discuss it in. For example, my book on Group Theory I
got (From Dover) only has 13 words in the entire text. The rest is vague
human egyptian art work that future archeologists will look at and say "this
means fire, and that's water, and ...".
For example, look at some of the papers by Vaudenay. Typically he goes
overboard when trying to say the simplest thing. The benefits of
decorrelation in GF(2^w) wrt to diff/linear analysis can be summed up with
two simple proofs. Yet he brings in all these wierd symbols like
||A||^d_{oo}, etc..
Which looks neat, but doesn't mean anything to me. (I know ||A|| means
normal form, but what "normal form" means is beyond me).
In my MDFC paper I proved in about 1/2 a page that pair-wise decorrelation
in GF(2^w) leads to functions immune to differential and linear analysis.
[N.B His papers go far into more formal notions of randomness which is why
he uses the funny notation. But to simply prove immunity to 1st order
attacks you don't need such a lengthly paper]
Tom
------------------------------
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Help with Comparison Of Complexity of Discrete Logs, Knapsack, and
Date: Fri, 08 Jun 2001 19:59:15 +0200
Mark Wooding wrote:
>
> Mok-Kong Shen <[EMAIL PROTECTED]> wrote:
>
> > I suppose Joseph Ashwood was referring to the known fact that in the
> > book of Whitehead and Russell 1+1=2 was only proved after having first
> > developed sufficient foundations that occupied several hundred pages
> > of other materials in logic. Depending on where one starts (matters
> > assumed or established as theorems), a mathematical proof can be more
> > or less long/involved.
>
> I think my objection is that I see the statement `1 + 1 = 2' as being
> the /definition/ of `2'. That this is a sensible thing to want to
> define is a matter for proof, but it is a trivial one.
>
> The statement `1 + 1 = 2' can only be in doubt if you have some other
> definition in mind for `2'. If you have such a definition, then the
> statement above requires proof, but I've not seen a definition of `2'
> that makes it hard to deduce that `2 = 1 + 1'. If you have one, I'd be
> glad to see it.
What I said is a known fact, more exactly one that I learned
from some people. My math knowledge is poor. I haven't ever
touched Whitehead and Russell's famous book 'Principia
Mathematica' myself. But it is a work well respected by
mathematicians, as far as I am aware. I recommend that you
try to look at it in a big local library. I am sure that
there are very good reasons (though I am ignorant of these)
why a foundation of a couple of hundred pages is needed
in order to rigorously prove 1+1=2.
M. K. Shen
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: Brute-forcing RC4
Date: Fri, 08 Jun 2001 18:01:25 GMT
"David Wagner" <[EMAIL PROTECTED]> wrote in message
news:9fr34c$mlb$[EMAIL PROTECTED]...
> Ichinin wrote:
> >David Wagner wrote:
> >> in WEP. All the WEP cards that I've seen start their IV off at 0
> >> when they are reset, and count up incrementally from there.
> >
> >Could (frequent) denial of service attacks against the access point or
> >mobile device facilitate the resetting of the IV ?
>
> Intriguing question! I don't know whether anyone has tested this,
> but it sounds like a plausible hypothesis. One question, though, is
> how to mount a denial-of-service attack on a wireless network that is
> not publicly accessible. How would you do this?
Powerful RF xmitter next to the office :-)
tom
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: National Security Nightmare?
Date: Fri, 08 Jun 2001 18:03:58 GMT
<[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> "Tom St Denis" <[EMAIL PROTECTED]> writes:
> >
> > I don't know where you are going with this but it is ARE
> >
> > "A bunch of people is wrong". Doesn't sound right since it is more
> > than one person who is wrong.
>
> No, it doesn't sound right--but it is grammatically correct. ``of people''
> is an adjective phrase modifying ``bunch''. Just try it by omitting the
> adjective phrase:
>
> ``A bunch are wrong.'' vs ``A bunch is wrong.''
> ``The whole group of you are wrong.'' vs ``The whole group are wrong.''
>
> In the second example, the first sentence sounds right, while the
> second sounds completely wrong. Admittedly, ``bunch'' by common usage
> screams to be treated as a plural, when preceded by the indefinite
> article. ``A bunch is wrong'' doesn't sound right, but ``The bunch is
> wrong'' is obviously correct. That's because ``a bunch'' is identical
> in meaning and usage to ``some'' or ``many''--at least to Americans--
> and both of those are plural.
Hmm well I am only 4 wks into my College English (actually we touched on
this last week).
So it is in fact "A plethora of people is here" since it's only one
plethora?
N.B reply via email if you feel this is a tad OT.
Tom
------------------------------
From: Paul Rubin <[EMAIL PROTECTED]>
Subject: Re: Brute-forcing RC4
Date: 08 Jun 2001 11:18:54 -0700
[EMAIL PROTECTED] (David Wagner) writes:
> Intriguing question! I don't know whether anyone has tested this,
> but it sounds like a plausible hypothesis. One question, though, is
> how to mount a denial-of-service attack on a wireless network that is
> not publicly accessible. How would you do this?
The word for that "jamming" :)
------------------------------
From: [EMAIL PROTECTED] (JPeschel)
Date: 08 Jun 2001 18:24:01 GMT
Subject: Re: National Security Nightmare?
"Tom St Denis" [EMAIL PROTECTED] writes:
>So it is in fact "A plethora of people is here" since it's only one
>plethora?
Yes, if you're using formal English. You're probably better
off writing, "There are too many people here" if that's all you
meant.
Joe
__________________________________________
Joe Peschel
D.O.E. SysWorks
http://members.aol.com/jpeschel/index.htm
__________________________________________
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: National Security Nightmare?
Date: Fri, 08 Jun 2001 18:29:18 GMT
"JPeschel" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> "Tom St Denis" [EMAIL PROTECTED] writes:
>
> >So it is in fact "A plethora of people is here" since it's only one
> >plethora?
>
> Yes, if you're using formal English. You're probably better
> off writing, "There are too many people here" if that's all you
> meant.
Hmm... conclusion: I should spend more time awake in English.
I still think something like "A bunch" should be plural.
Tom
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Best, Strongest Algorithm (gone from any reasonable topic)
Date: Fri, 8 Jun 2001 17:35:47 GMT
Re. length of ciphertext: The fact that any communication occurred at
all
gives information to the opponent, unless communications are conducted
sufficiently randomly to hide the meaningful ones. (Tends to be
wasteful.)
We make a distinction between the externally evident characteristics of
a
communication and its internal, obscured content. Traffic analysts work
to extract useful information from the former, while cryptanalysts work
to extract useful information from the latter. These activities
interact.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Def'n of bijection
Date: Fri, 8 Jun 2001 17:39:08 GMT
John Myre wrote:
> > down to one bit.
> And then compress once more...
It only gets interesting when you go one *more* stage.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Def'n of bijection
Date: Fri, 8 Jun 2001 17:48:30 GMT
Tim Tyler wrote:
> [EMAIL PROTECTED] wrote:
> : Um, it's a mathematical term, Tim. A statement is vacuously true when it
> : cannot possibly be false. In other words, the statement contains no
> : information.
> I guess you think Fermat's Last Theorem is vacuous, then. It's negation
> is known to be an impossiblity, after all.
Actually, Len gave a woefully misleading explanation.
A statement is "vacuously true" only when it asserts some
property of a member of a set whose specification ensures
that the set contains no elements.
For example, "The present King of the USA is a retard"
is vacuously true, because there is no present King of the USA.
"The present President of the USA is George W. Bush" is
incontrovertibly true (well, except to people who dispute
the election) or trivially true (easily verified), but not
vacuously true.
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Rip Van Winkle
Date: Fri, 08 Jun 2001 18:48:20 GMT
I thought the RVW cipher was the only "perfectly secure" method? I.e you
send X streams at Y bits per second constantly and the key is when and over
what channels the message is really being sent. (Of course you xor the RNG
output with the message).
This way you don't know when the message is being sent or over what
channels.
--
Tom St Denis
---
http://tomstdenis.home.dhs.org
------------------------------
From: [EMAIL PROTECTED] (David Wagner)
Subject: Re: Brute-forcing RC4
Date: Fri, 8 Jun 2001 19:01:43 +0000 (UTC)
Paul Rubin wrote:
>[EMAIL PROTECTED] (David Wagner) writes:
>> Intriguing question! I don't know whether anyone has tested this,
>> but it sounds like a plausible hypothesis. One question, though, is
>> how to mount a denial-of-service attack on a wireless network that is
>> not publicly accessible. How would you do this?
>
>The word for that "jamming" :)
But how would jamming cause the IV to be reset to zero?
I think the idea of the original post was that if you can use some
sort of denial-of-service attack to cause a laptop to reboot or something,
then that will reset the IV to zero on the WEP cards I've looked at.
But I don't see how causing a few messages to be dropped will reset
the IV. Is the idea to hope that the user will reboot his machine
voluntarily when he sees that the network seems to have frozen?
What am I missing?
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
