Cryptography-Digest Digest #635, Volume #14 Sun, 17 Jun 01 14:13:01 EDT
Contents:
Re: The 94 cycle 64-bit block cipher :-) ("Simon Johnson")
Re: The 94 cycle 64-bit block cipher :-) ("Tom St Denis")
Good book to read ("Tom St Denis")
Re: The 94 cycle 64-bit block cipher :-) (Fat Phil)
Re: Tell me could this one-way function be somewhat secure (wtshaw)
Re: The 94 cycle 64-bit block cipher :-) ("Tom St Denis")
Re: Is ECB truly more secure than CBC? (Mark Wooding)
Re: best encryption? (wtshaw)
Re: Bizzare Cryptanalysis (wtshaw)
Re: FIPS-140 statistical test for any length of bits? (DJohn37050)
SHA2 PRNG. ("Cristiano")
Re: integration question ("Robert J. Kolker")
Re: Bizzare Cryptanalysis ("Robert J. Kolker")
Re: Bizzare Cryptanalysis ("Robert J. Kolker")
Re: SHA2 PRNG. ("Tom St Denis")
Re: Bizzare Cryptanalysis ("Tom St Denis")
Still having no luck :( ("Total Annihilation")
Re: How good is steganography in the real world? ("Robert J. Kolker")
Re: integration question ("Douglas A. Gwyn")
Re: Still having no luck :( ("Tom St Denis")
Re: Bizzare Cryptanalysis ("Douglas A. Gwyn")
Re: How good is steganography in the real world? (SCOTT19U.ZIP_GUY)
4 more inducted into NSA Hall of Honor ("Douglas A. Gwyn")
Re: Bizzare Cryptanalysis ("Robert J. Kolker")
----------------------------------------------------------------------------
From: "Simon Johnson" <[EMAIL PROTECTED]>
Subject: Re: The 94 cycle 64-bit block cipher :-)
Date: Sun, 17 Jun 2001 15:08:39 +0100
"Simon Johnson" <[EMAIL PROTECTED]> wrote in message
news:9gibhj$t27$[EMAIL PROTECTED]...
>
> "Phil Carmody" <[EMAIL PROTECTED]> wrote in
message
> news:[EMAIL PROTECTED]...
> > Tom St Denis wrote:
> > > Well I feel honoured that you are archiving my stuff :-) Feel free to
> > > download/repost/edit/whatever anything on my site. You can take my
> source
> > > and redistribute it if you want. (That's the point of sharing ya know
> :-0).
> >
> > Sharing is good. Readers contributing back is even better.
> >
> > > I would appreciate comments on my upcomming ideas though. Even if you
> don't
> > > have something rigorous more than "oh neat". It's nice to just hear
> from
> > > others.
> >
> > Upcoming? Hmmm, I'd rather rewind the clock a few months if I may :-)
> >
> > I'm curious about your 3-hash actually.
> > <<<
> > for (r = 16; r < SIZE; r++) {
> > t = W[r - 3] ^ W[r - 8] ^ W[r - 14] ^ W[r - 16] ^ r ^
> > 0x9E379B93ul;
> > W[r] = (t << 1ul) | (t >> 31ul);
> > }
> > >>>
> >
> > The ^r seems to be added to add a little more non-linearity, an the
> > ^0x9E379B93ul seems to add some noise to those cases over-populated with
> > zeros.
> > However, the ^r only touches the bottom 7 bits (or thereabouts)
> >
> > Assuming x86 has a nice fast integer multiply, wouldn't
> > ^(r*0x9E379B93ul)
> > do a better job, potentially touching all bits?
> >
> >
> > I'm also curious - why aren't the well-known CRC algorithms used as
> > hashes? Is it that they aren't one-way? (they look reversable, but I've
> > not studied them closely). Or is it just that they are too short, and if
> > they were make longer they'd take too long to actually get all the bits
> > mixed up? (so would be useless for a short message)
> >
> > Phil
>
> There reversible. CRC's AFIAK are based on inversion in GF(2^w)/p(x).
> Inversion can be reversed. :) (the choice of the field is speed related
> IRRC)
>
> Simon.
>
This is wrong as Tom has pointed out... Touch�
(there is a big lag in time on my ISP)
It should be division in GF(2^w)/p(x), sorry..Still reversible, so not a
one-way hash.
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: The 94 cycle 64-bit block cipher :-)
Date: Sun, 17 Jun 2001 14:25:07 GMT
"Simon Johnson" <[EMAIL PROTECTED]> wrote in message
news:9gidkh$22n$[EMAIL PROTECTED]...
> This is wrong as Tom has pointed out... Touch�
>
> (there is a big lag in time on my ISP)
>
> It should be division in GF(2^w)/p(x), sorry..Still reversible, so not a
> one-way hash.
This is wrong too. 457 mod 257 => 200, but I would hardly see a method of
going from 200 to 457 [without adding a variable].
Typically CRCs are one-way but not collision resistent since they are
linear.
Tom
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Good book to read
Date: Sun, 17 Jun 2001 14:32:30 GMT
A good book on coding theory
"Coding and Information Theory" by Richard W. Hamming. I found a copy in my
College library [along with Numerical recipes in C and applied_calculus].
It covers alot of Shannons work as well as Hammings work. For the most part
it is not too hard to follow, some of it is above my head but that's ok.
--
Tom St Denis
---
http://tomstdenis.home.dhs.org
------------------------------
From: Fat Phil <[EMAIL PROTECTED]>
Subject: Re: The 94 cycle 64-bit block cipher :-)
Date: Sun, 17 Jun 2001 17:36:07 +0300
Tom St Denis wrote:
>
> "Simon Johnson" <[EMAIL PROTECTED]> wrote in message
> news:9gibhj$t27$[EMAIL PROTECTED]...
> > There reversible. CRC's AFIAK are based on inversion in GF(2^w)/p(x).
> > Inversion can be reversed. :) (the choice of the field is speed related
> > IRRC)
>
> Close, CRCs are based on division. You treat the message as a huge
> polynomial in boolean polynomial basis, divide it by a prime polynnomial and
> get the remainder.
>
> Of course they are implemented as shift registers for speed...
Thanks Tom, you've hit the nail _squarely_ on the head.
If memory's no object they're implemented as lookup tables for even more
speed, you can clock the shift register forward by say 8 bits at a time
with a 2^8 lookup table.
A quick search found this:
http://www.mactech.com/articles/mactech/Vol.09/09.04/CRC/
Phil
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: Tell me could this one-way function be somewhat secure
Date: Sun, 17 Jun 2001 08:46:58 -0600
In article <9gi0f7$sb6$[EMAIL PROTECTED]>, "Simon Johnson"
<[EMAIL PROTECTED]> wrote:
> "Marko Lavikainen" <[EMAIL PROTECTED]> wrote in message
> news:9gdm8n$2us$[EMAIL PROTECTED]...
> > I was wondering that when using hash-function, there is always a change
> for
> > collision. So, could not one use, say, two hash functions with different
> > properties.
>
> Yes you could.. but i wouldn't advise it on the reasoning that you have
> replaced one assumption (of whatever cryptosystem your designing) with two
> because you are now forced to assume that two hashing algorithms are secure
> instead of one. It only takes one of these hashes to get broken (in your
> case, i'm not sure wether this is true for all constructions of this type)
> for the system to be rended completely weak.
>
> I think its wise to always reduce the number of assumptions in systems to
> its bear minimum. So i'd just use a single hash with a bigger digest size.
>
> Simon.
Hashes can have different purposes. One hash in key generation may not
produce a desired digest size for a particular purpose whereas another
might be required for some other purpose. I use three hashes in one
implemention that have different properties to avoid a cascaded solution
of all of them. It works well, and no other hash scheme is as efficient
or works appropriately at all.
Demanding that only a certain hash scheme cab be used is the tail waggging
the dog and drives entrenched an possibly poor design rather that
supporting novel and new options.
If strength of a system is to be entirely in the keys, trying to shift it
to the responsibility of algorithm complexity is wrong headed from a
purist point of view. Repeated, I want simple algorithms, hashing
included, that get complex and as strong as possible results results, not
ones that are easy to counter or make radical ideas impossible to
implement.
--
In trying to get meaning from the TmV-OK saga, remember that
those who do not learn from history are apt to repeat it.
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: The 94 cycle 64-bit block cipher :-)
Date: Sun, 17 Jun 2001 15:04:28 GMT
"Fat Phil" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Tom St Denis wrote:
> >
> > "Simon Johnson" <[EMAIL PROTECTED]> wrote in message
> > news:9gibhj$t27$[EMAIL PROTECTED]...
> > > There reversible. CRC's AFIAK are based on inversion in GF(2^w)/p(x).
> > > Inversion can be reversed. :) (the choice of the field is speed
related
> > > IRRC)
> >
> > Close, CRCs are based on division. You treat the message as a huge
> > polynomial in boolean polynomial basis, divide it by a prime polynnomial
and
> > get the remainder.
> >
> > Of course they are implemented as shift registers for speed...
>
> Thanks Tom, you've hit the nail _squarely_ on the head.
>
> If memory's no object they're implemented as lookup tables for even more
> speed, you can clock the shift register forward by say 8 bits at a time
> with a 2^8 lookup table.
> A quick search found this:
> http://www.mactech.com/articles/mactech/Vol.09/09.04/CRC/
Yup. They are ideal for finding burst errors upto n-bits for a CRC-n.
The 8-bits at a time is just one way to speed it up though...
Tom
------------------------------
From: [EMAIL PROTECTED] (Mark Wooding)
Subject: Re: Is ECB truly more secure than CBC?
Date: 17 Jun 2001 15:21:44 GMT
Tim Tyler <[EMAIL PROTECTED]> wrote:
> * Protocol can't cope with it - e.g.:
> Multiple recipients, with new keys from a pad at midnight every
> night.
I don't see how that's incompatible with David's scheme. Just add the
key-derivation step as required.
> * Recipient or sender is an embedded device - with no PRF handy.
You've got a block cipher, right? Use that (in, say, counter mode)!
-- [mdw]
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: best encryption?
Date: Sun, 17 Jun 2001 09:04:53 -0600
In article <9gib3v$i7i$[EMAIL PROTECTED]>, "Simon Johnson"
<[EMAIL PROTECTED]> wrote:
>
> Note: Scotts technology is unanalysed.
Not true.
> Un-analysed material is not trusted
> in the crypto-community.
>
> Simon.
It all depends who is doing the looking and what prejudices they have in
tending to predeterming results. Science should minimize prejudices and
deflate false egos that stand in the way of progress. Naturally, the
sword has those illegal dual edges that can nick the neophyte and the
puffed up as well. Everyone should expect to shed some blood in the
search for truth, get over their injuries, and share what they have
learned.
--
In trying to get meaning from the TmV-OK saga, remember that
those who do not learn from history are apt to repeat it.
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: Bizzare Cryptanalysis
Date: Sun, 17 Jun 2001 08:57:47 -0600
In article <9gi4e0$1tj$[EMAIL PROTECTED]>, "Simon Johnson"
<[EMAIL PROTECTED]> wrote:
> Lets assume for a second that we can define a process by which we can
> differentiate an algorithm. Now, since all algorithms we use are
> deterministic and have a period of some description this would seem to imply
> that there would also be a period to the differentiation series. Thus, we
> can define a Maclaurin expansion for the algorithm..
>
> I'm pretty sure extraction of a key could be performed from this expansion
> and would be a nice way to attack algebraic ciphers.
>
> Simon.
>
The problem with bad and/or false assumptions are that they tend to force
people to thing that only well worn ruts are worth traveling in. You
could have just as well said, "Let's assume that all algorithms are
designed to be readily broken and that none would contemplate doing
otherwise."
Frankly, avoiding the facilitation of nice ways to solve ciphers is rather
the domain of good crypto design and your suggestion points out the
prevalence of designs that ignore the basics.
--
In trying to get meaning from the TmV-OK saga, remember that
those who do not learn from history are apt to repeat it.
------------------------------
From: [EMAIL PROTECTED] (DJohn37050)
Date: 17 Jun 2001 15:48:21 GMT
Subject: Re: FIPS-140 statistical test for any length of bits?
The CRC handbook has stat tables, this is almost always a ref. in the library.
Don Johnson
------------------------------
From: "Cristiano" <[EMAIL PROTECTED]>
Subject: SHA2 PRNG.
Date: Sun, 17 Jun 2001 18:45:28 +0200
I need a cryptographically secure prng.
To such purpose I fill a 256 bits vector with 8 pseudorandom 32 bits numbers
and then:
1) I hash the vector and I store the result in the same vector;
2) I get the 8 numbers;
3) go to step 1.
#define SHA2b 256
ULONG SHA2rnd(void)
{
static flg=1; static ULONG sha[SHA2b/32]; static int j=SHA2b/32;
if(flg) { flg=0; for(int i=0;i<SHA2b/32;i++) sha[i]=RND(); }
if(j==SHA2b/32) { j=0; SHA256(sha,SHA2b/8,sha); }
return sha[j++];
}
Testing 50 sequence of 5 million of bits with NIST, I get poor results in
DFT test:
0,0003 0,0637 0,2110
0,0023 0,0693 0,2274
0,0105 0,0738 0,2330
0,0115 0,0832 0,2410
0,0117 0,0858 0,2469
0,0141 0,0912 0,2627
0,0147 0,1029 0,2714
0,0165 0,1131 0,2752
0,0255 0,1233 0,3112
0,0260 0,1269 0,3637
0,0295 0,1313 0,3730
0,0383 0,1366 0,3745
0,0459 0,1663 0,3952
0,0478 0,1936 0,4735
0,0566 0,1936 0,6529
0,0581 0,1986 0,9676
0,0593 0,2017
the other tests seem good.
Any comment?
Thanks
Cristiano
------------------------------
From: "Robert J. Kolker" <[EMAIL PROTECTED]>
Subject: Re: integration question
Date: Sun, 17 Jun 2001 13:07:59 -0400
Roger Fleming wrote:
>
> Wow. Doug, do all US high schools do Latin? 8^)
You quip is taken. BTW, if * Newton's * Principia
Mathematic Philosphea Naturalus is study even in
a good English translation (there are several such) most
of us would have a had time with it.
Why?
Becuase Newton deliberately chose the geometic mode
of presenting the theorems and the proofs. Must of us
moderns have been thoroughly "alebraicized" and would
have a hard time with this presentation.
As to Russel and Whiteheads Principia Mathematica, it is so
formalized as to be incomprehensible to most students of
mathematics. In point of fact, most of the work on formal
systems is * metamathematical * in nature. That is most of
effort is to produce theorems * about * the formal system
rather than within the formal system.
Bob Kolker
------------------------------
From: "Robert J. Kolker" <[EMAIL PROTECTED]>
Subject: Re: Bizzare Cryptanalysis
Date: Sun, 17 Jun 2001 13:09:38 -0400
Simon Johnson wrote:
> Lets assume for a second that we can define a process by which we can
> differentiate an algorithm. Now, since all algorithms we use are
> deterministic and have a period of some description this would seem to imply
> that there would also be a period to the differentiation series. Thus, we
> can define a Maclaurin expansion for the algorithm..
Hello? What are you really saying. Infinite series expansions only
have meaning with regard to compact metric spaces, not descrete
systems. Formal series expansions generally ignore matters of
convergence and are a neat way of doing recursion.
Bob Kolker
------------------------------
From: "Robert J. Kolker" <[EMAIL PROTECTED]>
Subject: Re: Bizzare Cryptanalysis
Date: Sun, 17 Jun 2001 13:12:05 -0400
Fat Phil wrote:
>
> The problem with this is that 'differentiation' is an operator which can
> only sensibly be applied to continuous functions. The functions used in
> all the crypto I can think of are discrete.
However the algebraic definition of differentiating could be
given without regard for limits. Example: The derivative
of x^n can be * defined* to be n*x^(n-1) with no thought
to defining limits.
Bob Kolker
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: SHA2 PRNG.
Date: Sun, 17 Jun 2001 17:12:20 GMT
"Cristiano" <[EMAIL PROTECTED]> wrote in message
news:9gimtg$d4d$[EMAIL PROTECTED]...
> I need a cryptographically secure prng.
> To such purpose I fill a 256 bits vector with 8 pseudorandom 32 bits
numbers
> and then:
> 1) I hash the vector and I store the result in the same vector;
> 2) I get the 8 numbers;
> 3) go to step 1.
It's weak against a known output attack. It's forward insecure.
Tom
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: Bizzare Cryptanalysis
Date: Sun, 17 Jun 2001 17:14:07 GMT
"Robert J. Kolker" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
>
>
> Fat Phil wrote:
>
> >
> > The problem with this is that 'differentiation' is an operator which can
> > only sensibly be applied to continuous functions. The functions used in
> > all the crypto I can think of are discrete.
>
> However the algebraic definition of differentiating could be
> given without regard for limits. Example: The derivative
> of x^n can be * defined* to be n*x^(n-1) with no thought
> to defining limits.
Yes but the proof comes from first principles. Which are based on limits.
Therefore if first principles do not hold [and they don't] then the limit is
not defined and therefore the derivative isn't defined.
Tom
------------------------------
From: "Total Annihilation" <[EMAIL PROTECTED]>
Subject: Still having no luck :(
Date: Sun, 17 Jun 2001 18:12:16 +0100
Any chance of a BIGGER hint LOL :)
Cheers m8
ToTaL out!
------------------------------
From: "Robert J. Kolker" <[EMAIL PROTECTED]>
Crossposted-To: comp.security.misc,talk.politics.crypto
Subject: Re: How good is steganography in the real world?
Date: Sun, 17 Jun 2001 13:21:16 -0400
[EMAIL PROTECTED] wrote:
>
> Navaho was chosen for two reasons. One was its obscurity.
> The second is that it has many strange phonemes, and can only be
> spoken properly by somebody that learned it as a small child. This
> meant that spoofing was not possible, as all the receivers would
> instantly detect any fake message.
Here is a follow on: What are the prospects for generating
artificial languages as needed such that
1. the A.L. does not resemble any "real" language too much.
2. the A.L. is sufficiently expressive to be useful
Bob Kolker
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: integration question
Date: Sun, 17 Jun 2001 17:21:18 GMT
Roger Fleming wrote:
> Wow. Doug, do all US high schools do Latin? 8^)
No, although mine did (I took 2 years of Latin).
These days, they don't even "do English".
All that is beside the point, as the text we were discussing
was not written in Latin.
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: Still having no luck :(
Date: Sun, 17 Jun 2001 17:24:52 GMT
"Total Annihilation" <[EMAIL PROTECTED]> wrote in message
news:9giois$fbt$[EMAIL PROTECTED]...
> Any chance of a BIGGER hint LOL :)
>
> Cheers m8
>
> ToTaL out!
>
>
Hint for? If its a puzzle try rec.puzzles
Tom
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Bizzare Cryptanalysis
Date: Sun, 17 Jun 2001 17:38:12 GMT
Tom St Denis wrote:
> "Robert J. Kolker" <[EMAIL PROTECTED]> wrote :
> > Fat Phil wrote:
> > > Simon Johnson wrote:
> > > > Lets assume for a second that we can define a process by which
> > > > we can differentiate an algorithm. Now, since all algorithms
> > > > we use are deterministic and have a period of some description
> > > > this would seem to imply that there would also be a period to
> > > > the differentiation series. Thus, we can define a Maclaurin
> > > > expansion for the algorithm..
> > > > I'm pretty sure extraction of a key could be performed from
> > > > this expansion and would be a nice way to attack algebraic
> > > > ciphers.
> > > The problem with this is that 'differentiation' is an operator
> > > which can only sensibly be applied to continuous functions. The
> > > functions used in all the crypto I can think of are discrete.
> > However the algebraic definition of differentiating could be
> > given without regard for limits. Example: The derivative
> > of x^n can be * defined* to be n*x^(n-1) with no thought
> > to defining limits.
> Yes but the proof comes from first principles. Which are based on
> limits.
> Therefore if first principles do not hold [and they don't] then the
> limit is not defined and therefore the derivative isn't defined.
Wrong (except for Kolker).
It isn't the "algorithm" that should be considered, but rather the
function implemented by the algorithm. For encipherment systems,
this is normally a Boolean vector-valued function of several Boolean
variables. Such functions can indeed be differentiated, merely by
first embedding the Boolean algebra into the real-number field.
This turns out to be quite useful, actually.
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Crossposted-To: comp.security.misc,talk.politics.crypto
Subject: Re: How good is steganography in the real world?
Date: 17 Jun 2001 17:37:27 GMT
[EMAIL PROTECTED] (Robert J. Kolker) wrote in
<[EMAIL PROTECTED]>:
>
>
>[EMAIL PROTECTED] wrote:
>
>>
>> Navaho was chosen for two reasons. One was its obscurity.
>> The second is that it has many strange phonemes, and can only be
>> spoken properly by somebody that learned it as a small child. This
>> meant that spoofing was not possible, as all the receivers would
>> instantly detect any fake message.
>
>Here is a follow on: What are the prospects for generating
>artificial languages as needed such that
>
>1. the A.L. does not resemble any "real" language too much.
>2. the A.L. is sufficiently expressive to be useful
>
>Bob Kolker
>
I suspose once we get "real machine intellagence"
such that a machine is selfaware and maybe can wonder
about life and death. And when language translation
machines become more realistic. It would at that point
be rather trival to have artifical languages. That would
be extremely suited to compression and encryption. So that
any key tested would lead to a possible message. The question
only is. Will man survive long enough in a mode where the work
can be done. Its very likely we will destory our selves. Or maybe
even if the chinese take over they can plunge the world back into
a new dark age where man never again can reach our current level
of technology. I think history has shown the Chinese were once
more advanced than Europe and them stumbled backwards. Theres no
reason to assume history can't repeat its self one or two more
times before our sun burns out.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE "OLD VERSIOM"
http://www.jim.com/jamesd/Kong/scott19u.zip
My website http://members.nbci.com/ecil/index.htm
My crypto code http://radiusnet.net/crypto/archive/scott/
MY Compression Page http://members.nbci.com/ecil/compress.htm
**TO EMAIL ME drop the roman "five" **
Disclaimer:I am in no way responsible for any of the statements
made in the above text. For all I know I might be drugged.
As a famous person once said "any cryptograhic
system is only as strong as its weakest link"
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: 4 more inducted into NSA Hall of Honor
Date: Sun, 17 Jun 2001 17:45:12 GMT
The Hall of Honor occupies one wall of the National Cryptologic Museum.
There was an induction ceremony Thursday for 4 more awardees (3 of whom
are still alive and attended the ceremony, the 4th being represented by
family). Read about the Hall at http://www.nsa.gov/honor/index.html
------------------------------
From: "Robert J. Kolker" <[EMAIL PROTECTED]>
Subject: Re: Bizzare Cryptanalysis
Date: Sun, 17 Jun 2001 13:48:57 -0400
Tom St Denis wrote:
>
> Therefore if first principles do not hold [and they don't] then the limit is
> not defined and therefore the derivative isn't defined.
Not really. For example the alebraic form for derivatives can be
gotten from the calculus of finite differences, where no limits
are defined:
Example (x+h)^n -x^n = n*x^(n-1)*h + other terms
if you divide out the h you get the principle term
n*x^(n-1) so this could guide the defnition.
Its a cheat, but one does not need a formal definition of
limit to make an algebraic definition.
Bob Kolker
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
