Cryptography-Digest Digest #569
Cryptography-Digest Digest #569, Volume #12 Wed, 30 Aug 00 01:13:00 EDT
Contents:
Re: Patent, Patent is a nightmare, all software patent shuld not be allowed (qun
ying)
Re: Serious PGP v5 & v6 bug! ("Nathan Williams")
Re: The DeCSS ruling (Eric Smith)
Re: The DeCSS ruling (Roger Schlafly)
Re: Future computing power (David A Molnar)
Re: Future computing power (David A Molnar)
Re: Best way! (Eric Smith)
Re: Destruction of CDs (Eric Smith)
Re: PRNG Test Theory ("Trevor L. Jackson, III")
Re: The DeCSS ruling (David A. Wagner)
Re: "Warn when encrypting to keys with an ADK" (Philip Stromer)
Re: Patent, Patent is a nightmare, all software patent shuld not be allowed (John
Savard)
Re: Best way! (Edward A. Falk)
Re: 4096 BIT RSA Key ([EMAIL PROTECTED])
Re: Bytes, octets, chars, and characters (Brian Inglis)
From: qun ying <[EMAIL PROTECTED]>
Subject: Re: Patent, Patent is a nightmare, all software patent shuld not be allowed
Date: Wed, 30 Aug 2000 02:03:24 GMT
In article <[EMAIL PROTECTED]>,
Mok-Kong Shen <[EMAIL PROTECTED]> wrote:
> I wonder in the case in question how much is actually
> 'disclosed' in the text that one can read on the web page
> cited. Are there more texts about that patent that one
> can read? Or are these texts inaccessible to the public?
> Since the patent apparently has the potential of attacking
> at the very root of PK applications, if I don't err, we
> should pay due attention to the issue, I suppose.
>
> M. K. Shen
>
> http://home.t-online.de/home/mok-kong.shen
The actual patent is not much more than you can see from the web, just
a few more diagrams. I get the impression that it is some kind of
hotmail services with PKI system. But I don't think that will qualify
for the patent. The company also selling products based on the patent.
the company's address:
http://www.tumbleweed.com/
Sent via Deja.com http://www.deja.com/
Before you buy.
--
From: "Nathan Williams" <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp,comp.security.pgp.discuss
Subject: Re: Serious PGP v5 & v6 bug!
Date: Wed, 30 Aug 2000 02:17:45 GMT
=BEGIN PGP SIGNED MESSAGE=
Hash: SHA1
No it doesn't. Reread my post Shawn. The "master" KEY is SPLIT!!!
No one person could decrypt and use the stored keys.
"Shawn Willden" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> No, this solution is far worse than the ADK solution. This
> solution gives someone else control of your private key, meaning
> they can
> impersonate you. This scenario allows a tie-dyed, sockless,
> ponytailed, late-to-work-every-day geek who hasn't been fired yet
> only because HR isn't sure they could find a replacement in this
> unbelievably tight technical-labor market to impersonate the CEO;
> not a good idea.
>
> [Nothing against tie-dye, ponytails, Tevas or going to work late,
> BTW; I fit that profile whenever possible.]
>
> Really, there is no weakness created by an ADK in a proper
> implementation. The only "badness" about ADKs in general is that
> they create yet another opportunity for making mistakes. But then
> *any* key escrow solution creates another opportunity for error.
> IMO, ADKs are a reasonable solution, as long as they are properly
> authenticated (part of the signed public key package).
>
Shawn.
=BEGIN PGP SIGNATURE=
Version: PGP 6.5.8
iQA/AwUBOaxugd8G10zX/RREEQJdJACferMr1c1UW2brQ0Sflf39Iyb2Bw8AoPRl
WNRGF+eeSyEbIE3nPLY4jdPO
=T15t
=END PGP SIGNATURE=
--
From: Eric Smith <[EMAIL PROTECTED]>
Subject: Re: The DeCSS ruling
Date: 29 Aug 2000 19:20:36 -0700
"Trevor L. Jackson, III" <[EMAIL PROTECTED]> writes:
> Does a security system that publishes the cipher key count as copy
> protection? Calling it copy protection does not make it copy protection.
US Code, Title 17, Chapter 12, Section 1201 (b)(2)(B) sets the legal
standard:
a technological measure `effectively protects a right
of a copyright owner under this title' if the measure, in the
ordinary course of its operation, prevents, restricts, or
otherwise limits the exercise of a right of a copyright owner
under this title.
--
From: Roger Schlafly <[EMAIL PROTECTED]>
Subject: Re: The DeCSS ruling
Date: Tue, 29 Aug 2000 19:27:32 -0700
Eric Smith wrote:
> US Code, Title 17, Chapter 12, Section 1201 (b)(2)(B) sets the legal
> standard:
> a technological measure `effectively protects a right
> of a copyright owner under this title' if the measure, in the
> ordinary course of its operation, prevents, restricts, or
> otherwise limits the exercise of a right of a copyright owner
> under this title.
The word "effectively" is the interesting one. The whole purpose
is to give legal protection to broken schemes. The unbroken
Cryptography-Digest Digest #568
Cryptography-Digest Digest #568, Volume #12 Tue, 29 Aug 00 21:13:00 EDT
Contents:
Re: Idea for creating primes ([EMAIL PROTECTED])
Re: 4096 BIT RSA Key ([EMAIL PROTECTED])
Re: RSA n-bit key...is p and q n or is the mod n? (Gregory G Rose)
Re: Idea for creating primes ("Big Boy Barry")
Re: R: R: R: Test on pseudorandom number generator. ("Douglas A. Gwyn")
Re: 320-bit Block Cipher (Gregory G Rose)
Secure Deletion of Data ("Jeffrey Walton")
Re: Serious PGP v5 & v6 bug! (Björn Persson)
Re: A little technical note about intepreters ("Douglas A. Gwyn")
Re: Idea for creating primes ([EMAIL PROTECTED])
Re: A little technical note about intepreters (Andrew Carol)
Re: e-cash protocol concept, comments wanted (Julian Morrison)
Re: e-cash protocol concept, comments wanted (Julian Morrison)
Re: Serious PGP v5 & v6 bug! (Shawn Willden)
Re: Optimal length of the sieve before a Miller-Rabin test (Bryan Olson)
Re: 4096 BIT RSA Key (No User)
Schneier's RC 2-Cracking Screen Saver (Champerty)
Re: 4096 BIT RSA Key ([EMAIL PROTECTED])
Re: 4096 BIT RSA Key (Steve)
Re: R: R: R: Test on pseudorandom number generator. (Terry Ritter)
From: [EMAIL PROTECTED]
Subject: Re: Idea for creating primes
Date: Tue, 29 Aug 2000 21:59:25 GMT
In article <[EMAIL PROTECTED]>,
Mok-Kong Shen <[EMAIL PROTECTED]> wrote:
>
>
> [EMAIL PROTECTED] wrote:
> >
> > Mok-Kong Shen <[EMAIL PROTECTED]> wrote:
> > > [EMAIL PROTECTED] wrote:
> > > >
> > > [snip]
> > > > You can test to see if a number is a genrerator by performing g^
> > (p/q) !
> > > > = 1 for various 'q's that divide your testing prime 'p'.
> > > [snip]
> > >
> > > I suspect there is a printing error here. If one knows that
> > > there is a q that divides p, then p is certainly not a prime,
> > > isn't it? Or how should one properly interpret that phrase
> > > above? Thanks.
> >
> > Simple typo.
> >
> > You have your list of smaller primes N1, N2, N3 ...
> >
> > then you have the value p' = 2*N1*N2*N3*N4*...
> >
> > Then you have the value p = p' + 1
> >
> > Sorry for the confusion. You are looking for a value q that divides
> > the value p'
>
> Questions:
>
> (1) Your g is such that (g,p)=1 and g^p' = 1 and g^s != 1
> for all s equal to p' divided by one of its factors?
> Is that right?
Yea, you want to make sure that g doesn't belong to a sub-group.
> (2) How much do the tests g^s != 1 help in practice (in
> comparison to omitting these but retaining the other
> conditions) for the purpose of finding primes?
Once you find one g that doesn't belong to any subgroups you know that
p is prime.
> (3) Could some of the factors of p' be equal or must they
> be distinct? (In the latter case why?)
They need only be known, and they must be prime for this to be provably
exact.
> (4) What is the rationale of having the N's of the same
> magnitude (the same number of bits)?
It makes finding real primes easier. All theprime factors of p' must
in fact be provably prime for this whole scheme to work. It's easier
to find a whole bunch of provable primes if they are smaller.
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
--
From: [EMAIL PROTECTED]
Subject: Re: 4096 BIT RSA Key
Date: Tue, 29 Aug 2000 22:00:07 GMT
In article <[EMAIL PROTECTED]>,
No User <[EMAIL PROTECTED]> wrote:
> How can I make a 4096 bit RSA Key for use in PGP 6.5.8? I tried
generating one
> using the Cybernights Templar 2.6.3 version. But when I import the
key into
> 6.5.8. It says the key is invalid.
Why on earth are you making RSA keys that big?
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
--
From: [EMAIL PROTECTED] (Gregory G Rose)
Subject: Re: RSA n-bit key...is p and q n or is the mod n?
Date: 29 Aug 2000 15:17:18 -0700
In article <[EMAIL PROTECTED]>,
John Matzen wrote:
>When one speaks of a 512-bit RSA key, are p and q 512-bits, or is the
>modulus 512-bits (meaning p and q are 256 bits)?
The size of the modulus is what is being referred
to.
Greg.
--
Greg Rose INTERNET: [EMAIL PROTECTED]
QUALCOMM AustraliaVOICE: +61-2-9181 4851 FAX: +61-2-9181 5470
Suite 410, Birkenhead Point http://people.qualcomm.com/ggr/
Drummoyne NSW 2047 B5 DF 66 95 89 68 1F C8 EF 29 FA 27 F2 2A 94 8F
--
From: "Big Boy Barry" <[EMAIL PROTECTED]>
Subject: Re: Idea for creating primes
Date: Tue, 29 Aug 2000 22:17:56 GMT
did you patent this?
<[EMAIL PROTECTED]> wrote in message news:8ogq3t$l9f$[EMAIL PROTECTED]...
> Say you want to make an 'n' bit prime that is some multiple of 128 (I
> chose this out of my head). What you do is make n/128 128-bit primes
> as described below then multiply them all together (and multiply by
> two) then add one. Next using all the known prime factors try to find
> a primitiv
Cryptography-Digest Digest #567
Cryptography-Digest Digest #567, Volume #12 Tue, 29 Aug 00 18:13:01 EDT
Contents:
Re: NEWBIE!!! Zodiac killer's encryption... (John C. King)
Blowfish IC? ("Richard Sloan")
Re: On pseudo-random permutation (David A. Wagner)
4096 BIT RSA Key (No User)
Re: A little technical note about intepreters (Andrew Carol)
Re: 4096 BIT RSA Key (Tom McCune)
Re: I need ADK tampered key that PGP will not detect ADK, on it ... ("David E. Ross")
Re: Idea for creating primes (Mok-Kong Shen)
Re: Test on pseudorandom number generator. ("Niels J=?ISO-8859-1?B?+A==?=rgen Kruse")
Re: [Q] Do you know a good german newsserver for sci.crypt ? ("Jeffrey Walton")
Re: R: Test on pseudorandom number generator. (Mok-Kong Shen)
Re: A little technical note about intepreters (Mok-Kong Shen)
Re: PRNG Test Theory (Tim Tyler)
Re: PGP ADK Bug: What we expect from N.A.I. (David Hopwood)
Re: Patent, Patent is a nightmare, all software patent shuld not be allowed ("Paul
Pires")
Re: Patent, Patent is a nightmare, all software patent shuld not be allowed (Terry
Ritter)
Re: "Warn when encrypting to keys with an ADK" (Björn Persson)
Re: Serious PGP v5 & v6 bug! (Björn Persson)
Re: "Warn when encrypting to keys with an ADK" (Björn Persson)
Re: Number theory book ("Dann Corbit")
From: John C. King <[EMAIL PROTECTED]>
Subject: Re: NEWBIE!!! Zodiac killer's encryption...
Date: Tue, 29 Aug 2000 20:21:13 GMT
In article <8oeiu3$3bk$[EMAIL PROTECTED]>,
John C. King <[EMAIL PROTECTED]> wrote:
> If anyone knows of any other "solutions" I would like to know. I
> know of one other book (seems to be self published). It too
> provides a "solution" which is a result of what Kahn calls
> "hypercryptanalysis". I'll try to find it and post the book.
The book is "Times 17: The Amazing Story of the Zodiac Murders in
California and Massachusetts, 1966-1981" by Gareth Penn. It's listed
as out-of-print on Amazon.com but isn't worth trying to get unless you
want to see some really goofy cryptanalysis.
Sent via Deja.com http://www.deja.com/
Before you buy.
--
From: "Richard Sloan" <[EMAIL PROTECTED]>
Subject: Blowfish IC?
Date: Tue, 29 Aug 2000 20:31:14 GMT
Has anyone seen a manufacturer for a Blowfish IC?
Richard.
--
From: [EMAIL PROTECTED] (David A. Wagner)
Crossposted-To: comp.programming
Subject: Re: On pseudo-random permutation
Date: 29 Aug 2000 13:45:01 -0700
David A. Wagner <[EMAIL PROTECTED]> wrote:
> The latter can be done by treating the random bits as the binary expansion
> of a random real number R in the interval [0,1). A simple strategy is to
> say that we output the integer i (where 1 <= i <= n!) if (i-1)/n! <= R < i/n!.
> Note that we don't need all the binary digits of R to determine which bucket
> R falls into; it suffices to know a finite prefix of the binary expansion of
> R, since (i-1)/n! and i/n! must differ at some bit position of finite index.
> (Or did I make some stupid mistake?)
Uhhh... As others have pointed, that doesn't always terminate in finite time.
(Oops.) I apologize for the error, and widthdraw the proposed algorithm.
--
Date: Tue, 29 Aug 2000 15:06:39 -0500
From: No User <[EMAIL PROTECTED]>
Subject: 4096 BIT RSA Key
How can I make a 4096 bit RSA Key for use in PGP 6.5.8? I tried generating one
using the Cybernights Templar 2.6.3 version. But when I import the key into
6.5.8. It says the key is invalid.
---
This message did not originate from the Sender address above.
It was posted with the use of anonymizing software at
http://anon.xg.nu
---
--
From: Andrew Carol <[EMAIL PROTECTED]>
Subject: Re: A little technical note about intepreters
Date: Tue, 29 Aug 2000 14:07:55 -0700
In article
<[EMAIL PROTECTED]>,
Daniel Leonard <[EMAIL PROTECTED]> wrote:
> Well, if you do something clever, as you say, then it worths a footpage
> note, doesn't iy ?
You are comparing apples and oranges.
Foot notes, while often on a minor or side point, are PART of the
discourse itself. Comments are ABOUT the item.
For example; A "Commentary of the Bible" would contain the text of the
bible, but in addition has an independant content which points out
things of interest, clarifies difficult points, sets out interesting
notes from the translation, etc. It can be as long as the thing it
comments on.
Footnotes are meant for minor asides which are part of the main theme
of the work.
Programs are detailed instructions to an unthinking machine. Comments
provide a much richer context suitable for humans and meant to provide
a background for a maintainer or developer.
Having worked on projects with MILLIONS of lines of code, I can assure
you that detailed comments in particularly tricky bits of code are a
wonderful treasure. I have spent countless hours hand tracing some
code which made altogethe
Cryptography-Digest Digest #566
Cryptography-Digest Digest #566, Volume #12 Tue, 29 Aug 00 16:13:01 EDT
Contents:
Re: Patent, Patent is a nightmare, all software patent shuld not be (Mok-Kong Shen)
Re: Idea for creating primes (Mok-Kong Shen)
Re: A little technical note about intepreters (Daniel Leonard)
Re: [Q] Do you know a good german newsserver for sci.crypt ? ("Duran Castore")
Re: I need ADK tampered key that PGP will not detect ADK, on it ... (Rich Wales)
Re: RSA n-bit key...is p and q n or is the mod n? ([EMAIL PROTECTED])
Re: RSA n-bit key...is p and q n or is the mod n? (Roger Schlafly)
Re: [Q] Do you know a good german newsserver for sci.crypt ? (Mok-Kong Shen)
Re: On pseudo-random permutation (wtshaw)
Re: 320-bit Block Cipher (Zulfikar Ramzan)
Re: [Q] Do you know a good german newsserver for sci.crypt ? (Brian Kraft)
Re: Serious PGP v5 & v6 bug! ("Nathan Williams")
R: Test on pseudorandom number generator. ("Cristiano")
R: R: R: Test on pseudorandom number generator. ("Cristiano")
R: R: R: Test on pseudorandom number generator. ("Cristiano")
Re: Idea for creating primes ([EMAIL PROTECTED])
R: Optimal length of the sieve before a Miller-Rabin test ("Cristiano")
R: RSA n-bit key...is p and q n or is the mod n? ("Cristiano")
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Patent, Patent is a nightmare, all software patent shuld not be
Date: Tue, 29 Aug 2000 20:51:25 +0200
Sundial Services wrote:
>
[snip]
> In the very best of circumstances, patent law requires you to COMPLETELY
> DISCLOSE your invention in exchange for the right to (maybe..) exclude
> others from using it for a period of many years. That can be awful in
> the software business because your secrets are fully exposed to
> competitors who, likely as not, can simply "trump your trick" and have
> you begging them for a license. Even the slightest change to your
> algorithm can qualify as an "improvement" which is not only legal -- but
> blocks you from adopting the improvement in your own implementation!
[snip]
I wonder in the case in question how much is actually
'disclosed' in the text that one can read on the web page
cited. Are there more texts about that patent that one
can read? Or are these texts inaccessible to the public?
Since the patent apparently has the potential of attacking
at the very root of PK applications, if I don't err, we
should pay due attention to the issue, I suppose.
M. K. Shen
http://home.t-online.de/home/mok-kong.shen
--
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Idea for creating primes
Date: Tue, 29 Aug 2000 20:51:32 +0200
[EMAIL PROTECTED] wrote:
>
[snip]
> You can test to see if a number is a genrerator by performing g^(p/q) !
> = 1 for various 'q's that divide your testing prime 'p'.
[snip]
I suspect there is a printing error here. If one knows that
there is a q that divides p, then p is certainly not a prime,
isn't it? Or how should one properly interpret that phrase
above? Thanks.
M. K. Shen
--
From: Daniel Leonard <[EMAIL PROTECTED]>
Subject: Re: A little technical note about intepreters
Date: Tue, 29 Aug 2000 18:44:27 GMT
On Tue, 29 Aug 2000, Andrew Carol wrote:
> In article
> <[EMAIL PROTECTED]>,
> Daniel Leonard <[EMAIL PROTECTED]> wrote:
>=20
> > What I told in CS course as TA was that you should put comments as if y=
ou
> > would put footpage notes in an article or a book. That are comments in =
the
> > code, not function header comments. More often than not, the code speak=
s
> > for itself.
>=20
> Code is telling the computer exactly WHAT to do.
> Comments tells other programmers WHY you did it that way.
>=20
> They might also explain assumptions about external state which MUST be
> true for the code, as written, to work.
>=20
> There is a huge difference.
>=20
> Anybody who has put significant code away for a year or two and tried
> to pick it back up. Or taken over someone elses code knows what I'm
> talking about.
>=20
> If code is written very cleanly, without clever optimisations, the code
> might speak for itself.
>=20
> The instant you do something "clever", like take advantage of some
> trick of twos complement math, or a sneaky xor trick, or rely on a
> subtle side-effect of another routine you've got problems. Even things
> like assuming you can access unaligned integers is probably worth a
> comment.
>=20
> Oh well.
>=20
Well, if you do something clever, as you say, then it worths a footpage
note, doesn't iy ?
==
Daniel L=E9onard
OGMP Informatics DivisionE-Mail: [EMAIL PROTECTED]
D=E9partement de Biochimie Tel : (514) 343-6111 ext 5149
Universit=E9 de Montr=E9al Fax : (514) 343-2210
Montr=E9al, Quebec Office: Pavillon Principal G-312
Canada H3C 3J7 WWW :
--
From: "Duran Castore" <[
Cryptography-Digest Digest #565
Cryptography-Digest Digest #565, Volume #12 Tue, 29 Aug 00 14:13:01 EDT
Contents:
Re: Optimal length of the sieve before a Miller-Rabin test (DJohn37050)
Re: could someone post public key that is tempered ? (Rich Wales)
Re: 96-bit LFSR needed ([EMAIL PROTECTED])
Re: e-cash protocol concept, comments wanted (Eric Murray)
Re: Reading recommendations on protocol design (Chris Yuen)
Re: A little technical note about intepreters (Daniel Leonard)
Re: Optimal length of the sieve before a Miller-Rabin test ([EMAIL PROTECTED])
Re: On pseudo-random permutation (Herman Rubin)
Idea for creating primes ([EMAIL PROTECTED])
Re: I need ADK tampered key that PGP will not detect ADK, on it ... (jungle)
Re: A little technical note about intepreters (Andrew Carol)
Re: Patent, Patent is a nightmare, all software patent shuld not be allowed ("Paul
Pires")
Re: Idea for creating primes (David A Molnar)
Re: Future computing power (John Myre)
Re: PRNG Test Theory ("Trevor L. Jackson, III")
Re: Future computing power (James Felling)
Re: I need ADK tampered key that PGP will not detect ADK, on it ... ("JL")
RSA n-bit key...is p and q n or is the mod n? ("John Matzen")
Re: Future computing power (Ichinin)
Re: PROMIS-software for worldwide spy network by US/Isreal ("Trevor L. Jackson, III")
From: [EMAIL PROTECTED] (DJohn37050)
Subject: Re: Optimal length of the sieve before a Miller-Rabin test
Date: 29 Aug 2000 15:46:16 GMT
My understanding of the reason to do the small primes tests before MR is that
you really want to have SOME confidence that what you run an MR test on is a
prime. That is, sieving is very fast, MR is slow, so just doing MR is a waste
on a totally random number. As fast RN methods could be considered a
competitve advantage, the dirty details are often left to discover for
yourself, like the break even point. Of course, this depends on how fast you
can make the MR test run.
Don Johnson
--
From: [EMAIL PROTECTED] (Rich Wales)
Crossposted-To: alt.security.pgp,comp.security.pgp.discuss
Subject: Re: could someone post public key that is tempered ?
Date: 29 Aug 2000 09:07:19 -0700
"jungle" wrote:
> the question is open : could someone post public key
> that is tempered & pgp will not detect added ADK to it ?
Have you read Ralf Senderek's paper?
(http://senderek.de/security/key-experiments.html)
Try Ralf's key "A4".
==> http://senderek.de/security/ADK-testkeys/key-A4
contains the actual binary key
==> http://senderek.de/security/ADK-testkeys/html/key-A4.html
contains an analysis of the key
According to Ralf, this key contains one legitimate ADK -- but it
also contains a second (illegitimate) ADK, which was added to the
unhashed part of the key (the kind of thing a malicious attacker
could do).
Ralf reported that PGP 5.5.3i and 6.5.1i saw both ADK's on key A4,
but they failed to note that the second ADK was in the wrong place,
and they encrypted messages to all three keys (the main key, the
legitimate ADK, and the unauthorized ADK) without complaining.
Now, I will admit that Ralf's tampering with this key did not go
totally undetected (since the newly added ADK was reported by PGP).
However, PGP did =not= report any problem with the extra ADK; it
treated the bogus addition exactly as if it were a legitimate part
of the user's public key.
By the way, the correct word in this situation is "tamper", not
"temper". (These two words may sound identical to native speakers
of some non-English languages, but they are completely different.)
Also, "tamper" is normally used together with the preposition "with"
(as in, "someone has tampered with this key", or "this key has been
tampered with").
Rich Wales [EMAIL PROTECTED] http://www.webcom.com/richw/
PGP 2.6+ key generated 2000-08-26; all previous encryption keys REVOKED.
RSA, 2048 bits, ID 0xFDF8FC65, print 2A67F410 0C740867 3EF13F41 528512FA
--
From: [EMAIL PROTECTED]
Subject: Re: 96-bit LFSR needed
Date: Tue, 29 Aug 2000 15:59:23 GMT
In article <[EMAIL PROTECTED]>,
"Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote:
> [EMAIL PROTECTED] wrote:
> > I am trying out the stream cipher where I take three bytes from the
> > LFSR in the form (a, b, c) and return (((a+1)(b+1)) mod 257)+c) mod
256
> > as the stream output.
>
> Why? And how does the plaintext enter into this?
You use the output and xor it against the input.
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
--
From: [EMAIL PROTECTED][Rot 13] (Eric Murray)
Crossposted-To: alt.cypherpunks,alt.cypherpunks.technical
Subject: Re: e-cash protocol concept, comments wanted
Date: 29 Aug 2000 09:21:03 -0700
In article <[EMAIL PROTECTED]>,
Julian Morrison <[EMAIL PROTECTED]> wrote:
>If you are knowledgeable about ecash, please check out my idea
Cryptography-Digest Digest #564
Cryptography-Digest Digest #564, Volume #12 Tue, 29 Aug 00 11:13:01 EDT
Contents:
Re: Future computing power (Ichinin)
Re: Future computing power (Ichinin)
Re: An interesting cryptographic problem ([EMAIL PROTECTED])
A little technical note about intepreters (Runu Knips)
Re: 4x4 s-boxes ([EMAIL PROTECTED])
Reading recommendations on protocol design (Chris Yuen)
Re: R: R: Test on pseudorandom number generator. ("Douglas A. Gwyn")
Re: NEWBIE!!! Zodiac killer's encryption... ("Douglas A. Gwyn")
Re: A little technical note about intepreters (SCOTT19U.ZIP_GUY)
Re: Reading recommendations on protocol design (David A Molnar)
Re: Future computing power (David A Molnar)
Re: Future computing power ([EMAIL PROTECTED])
Re: 96-bit LFSR needed ("Douglas A. Gwyn")
Re: Bytes, octets, chars, and characters ("Douglas A. Gwyn")
Re: Asymmetric Encryption Algorithms (DJohn37050)
Optimal length of the sieve before a Miller-Rabin test ("Pedro Félix")
From: Ichinin <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: Future computing power
Date: Tue, 29 Aug 2000 03:06:28 +0200
Brian McKeever wrote:
>
> <[EMAIL PROTECTED]> wrote in message news:8oeilk$308$[EMAIL PROTECTED]...
> > In article <[EMAIL PROTECTED]>,
> > [EMAIL PROTECTED] wrote:
> > >
> > > Floating operation: 1/3 = 0,33...
> > >
> > > More terms (Dhrystones etc) can be learned through studying
> > > theory of benchmarking.
> >
> > You are best off doing osmething like a vector projection, dct, etc...
> > that is REAL instead of
> >
> > for a = 0 to 1
> >b = c * 1/3;
> >
> > So your speed is in "vector projections",etc per second, something more
> > real and tangible
> >
> > Tom
>
> Are you really telling this guy, who obviously knows more about benchmarking
> than you, that he's using the wrong units?
It was just an example.
/Ichinin
--
From: Ichinin <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: Future computing power
Date: Tue, 29 Aug 2000 03:19:13 +0200
Guy Macon wrote:
> In my job (toy designer), I use what amounts to a 6502 running at 3 to 10
> Mhz and costing well under a dollar for everything - CPU, RAM, ROM, clock
> circuit, PWB - the whole computing subsystem.
How much power can you squeese out of a 6502 with todays technology ?
(would be intresting to know)
(Have a friend who's talking about the same things as you, but he's a
more Zilog orientated.)
Regards,
Glenn
(Yup, i had a C64 and a Vic20 :o)
--
From: [EMAIL PROTECTED]
Subject: Re: An interesting cryptographic problem
Date: Tue, 29 Aug 2000 13:42:32 GMT
In article <[EMAIL PROTECTED]>,
Daniel Newby <[EMAIL PROTECTED]> wrote:
> [EMAIL PROTECTED] wrote:
> >
[snip]
> Let me succinctly state the problem: users are granted RDBMS access
> permissions they should not have, in order that flawed applications
may
> run.
>
> There it is. No amount of talking can cover up that ugly fact. The
> user can destroy and forge data, but they should not be able to.
>
> You go on to say what the consequences are:
> > Because the user can easily access the database using third-party
query
> > and reporting tools, any application-level security is easily
bypassed.
> > This leads to serious security weaknesses and potential audit
> > nightmares.
>
> You use the phrases "serious security weaknesses" and "potentional
audit
> nightmares". You didn't say, but I'm assuming the database contains
> corporate financial information (or inventory and sales data, which is
> about the same). Presumably the sort of information that gets used
> in SEC filings, and quarterly reports to investors. The sort of
> information that, if it is falsified, will lead to fines, bad
publicity,
> or even prison sentences. Not to mention the straightforward risk of
> bankruptcy if somebody spends money that isn't there.
>
> In a later posting, you said:
> > DES is more than sufficiently secure for this
> > application, which is not 'mission-critical'. DES in CFB mode has
the
> > advantage that successive encryptions of the same plaintext produce
> > different encrypted text. This makes dictionary attacks much less
easy.
>
> How do you go from "audit nightmare" to "not mission-critical"?!
> "Mission-critical" doesn't mean the world will end if it fails, it
just
> means the organization's mission is at stake. Financial and operating
> data normally *is* mission critical, especially if it is used as a
> basis for government financial filings. Maybe it's time to go read
that
> mission statement? ;-)
>
> You need to do some threat modeling. If the threat is accidents
> committed by benevolent employees, then just about any solution will
> work. If the threat is deliberate fraud by motivated opponents, and
> there are large financial and legal stakes, then half-measures are
> worthless: someone will eventual
Cryptography-Digest Digest #563
Cryptography-Digest Digest #563, Volume #12 Tue, 29 Aug 00 08:13:01 EDT
Contents:
Re: Patent, Patent is a nightmare, all software patent shuld not be allowed (Sundial
Services)
Re: Patent, Patent is a nightmare, all software patent shuld not be (Sundial
Services)
Re: Patent, Patent is a nightmare, all software patent shuld not be allowed (Sundial
Services)
Re: Future computing power ("Sam Simpson")
Re: Looking for Book Recommendations ([EMAIL PROTECTED])
Re: e-cash protocol concept, comments wanted (Ragni Ryvold Arnesen)
Re: On pseudo-random permutation (Tim Tyler)
Re: Serious PGP v5 & v6 bug! (Phil Harrison)
Re: "Warn when encrypting to keys with an ADK" (S.R. Heller)
Re: Future computing power ([EMAIL PROTECTED])
Re: secrets and lies in stores (Mok-Kong Shen)
Re: Bytes, octets, chars, and characters (Richard Bos)
[Q] Do you know a good german newsserver for sci.crypt ? (Runu Knips)
Re: Looking for Book Recommendations (David A Molnar)
Re: Future computing power (Guy Macon)
Re: Future computing power (Jeffrey Williams)
Re: when does PGP start to support key server (Matt Johnston)
Date: Tue, 29 Aug 2000 01:13:03 -0700
From: Sundial Services <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: Patent, Patent is a nightmare, all software patent shuld not be allowed
Mack wrote:
> hmm seems to cover most of what PGP servers have done for a while
> and kerberos and various other methods. wonder when the patent
> was applied for.
>
> It may be facially invalid due to prior art.
Thomas Edison once succintly described patents as "a license to steal,"
although he owned more of them than almost anyone. They are a wonderful
lawyer-esque invention, because even after you spend a boatload of legal
fees to acquire one, you still have to defend it against all comers, any
one of whom could [successfully] claim that (essentially) you or the
patent-examiner screwed-up and your claim was invalid from the start ..
as Mack essentially suggests here.
So a patent provides what is actually a very dubious level of
protection, especially in the software business, and it endlessly
requires you to "defend it or lose it."
The patent examiners simply can't, and don't, affirm that your claim is
in fact worth the paper it is printed on. What they say is essentially
what you heard in a game of "Clue," namely "I cannot disprove it," which
when you think about it is -not- saying terribly much at all.
In the very best of circumstances, patent law requires you to COMPLETELY
DISCLOSE your invention in exchange for the right to (maybe..) exclude
others from using it for a period of many years. That can be awful in
the software business because your secrets are fully exposed to
competitors who, likely as not, can simply "trump your trick" and have
you begging them for a license. Even the slightest change to your
algorithm can qualify as an "improvement" which is not only legal -- but
blocks you from adopting the improvement in your own implementation!
In my not-so-humble I'm-not-a-lawyer opinion, patents were an idea
steeped in manufacturing .. and that is where they ought to stay.
Computer software is much too close to the direct expression of "ideas"
(which are unpatentable) and offer too many alternate ways of expressing
the same "idea" (all of which qualify as "prior art" or "improvements"
or simply "patent killers" .. and all of which you discover only after
the patent has been granted and before you discover that it's
worthless).
If you're gonna make money with software, you're gonna have to do it by
producing an altogether "better product," not by planting stakes around
a particular embodiment of a particular idea or trick in your code,
disclosing it to the world and proclaiming to all comers that "It's
Mine!"
I fear that good Mr. Edison was right after all.
--
Date: Tue, 29 Aug 2000 01:16:42 -0700
From: Sundial Services <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: Patent, Patent is a nightmare, all software patent shuld not be
And of course, Mok-Kong, we also know that most of these anaerobic
bacteria eat .. umm .. ahh ... that is ... :-)
>Mok-Kong Shen wrote:
[...]
> there is really a risk of what I mentioned sacarstically
> long time ago, namely oneday someone will get a patent of
> how a human being breathes the air and from that point on
> those who can't afford to pay royalities must find a way
> of living an-aerobically (there are organisms of that
> sort).
>
> M. K. Shen
--
Date: Tue, 29 Aug 2000 01:21:38 -0700
From: Sundial Services <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: Patent, Patent is a nightmare, all software patent shuld not be allowed
Now they get to start paying the lawyers MORE. First they pay the
lawyers to figure out everyone who might have been infringing upon t
Cryptography-Digest Digest #562
Cryptography-Digest Digest #562, Volume #12 Tue, 29 Aug 00 04:13:01 EDT Contents: Re: secrets and lies in stores (S. T. L.) Re: New algorithm for the cipher contest (David Hopwood) Re: encryption scheme output - samples table? (David Hopwood) Re: Asymmetric Encryption Algorithms (David Hopwood) Re: "Warn when encrypting to keys with an ADK" (David Hopwood) Re: UNIX Passwords (David Hopwood) Re: Future computing power (Anders Thulin) Re: could someone post public key that is tempered ? (jungle) Re: Steganography vs. Security through Obscurity (Benjamin Goldberg) Re: On pseudo-random permutation (Bryan Olson) Re: On pseudo-random permutation (Markku-Juhani Saarinen) Re: Looking for Book Recommendations ([EMAIL PROTECTED]) From: [EMAIL PROTECTED] (S. T. L.) Date: 29 Aug 2000 05:15:15 GMT Subject: Re: secrets and lies in stores <> Hmmm. I still don't like the idea of calling any field of mathematics or science hardly relevant, no matter how it fits into society. You could call supersymmetry in particle physics completely irrelevant because it'll never affect society. But that doesn't say anything about how important it is to investigate this area. Same with cryptography. Of course, now I'll have to read this danged book to see what it's all about. Heh. Too little time, too many books. If there's such a thing as too many books, that is. :-P -*---*--- S.T.L. My Quotes Page * http://quote.cjb.net * leads to my NEW site. My upgraded Book Reviews Page: * http://sciencebook.cjb.net * Optimized pngcrush executable now on my Download page! Long live pngcrush! :-> -- Date: Tue, 29 Aug 2000 06:38:48 +0100 From: David Hopwood <[EMAIL PROTECTED]> Reply-To: [EMAIL PROTECTED] Subject: Re: New algorithm for the cipher contest =BEGIN PGP SIGNED MESSAGE= Scott Fluhrer wrote: > I believe I have a way that, given K[3] (which is the fourth multiplicative > key), distinguishes it from randomness with a relatively few amount of > chosen plaintexts and effort, and the actual chosen plaintexts do not depend > on K[3]. This immediately leads to a method of rederiving K[3] with about > O(2**64) effort and circa 100-1000 chosen plaintexts. Drat, beat me to it :-) I was working on exactly the same attack; I'd done the second case for the distinguisher, and was close to working out the first one. - -- David Hopwood <[EMAIL PROTECTED]> Home page & PGP public key: http://www.users.zetnet.co.uk/hopwood/ RSA 2048-bit; fingerprint 71 8E A6 23 0E D3 4C E5 0F 69 8C D4 FA 66 15 01 Nothing in this message is intended to be legally binding. If I revoke a public key but refuse to specify why, it is because the private key has been seized under the Regulation of Investigatory Powers Act; see www.fipr.org/rip =BEGIN PGP SIGNATURE= Version: 2.6.3i Charset: noconv iQEVAwUBOasmtTkCAxeYt5gVAQG4Mgf9Hgnap4TeE8+IhK4yTGYnENF5sRbp52ox Ynrod5UkcDm/3YDcflsFnwo92uHtNrYumCTqUpuPwx9R5Igr4ZcB5of2aoLHcBRB vtA8iNz2mXMdsFo7PkBdZDQLd/1RYk+Su3NdIZBm19g60OUvhThPGJf1ASoXpCy/ MxL/ggwaG2oRpFEqwa4mEfEihQmMAHWUsu7MGXX21+kwHADHfjVJ4gOijYTMUDI8 dqXzpdbMamIFmHM0cD0zZALukn9Zx+96B5U54iRflzQzeKiPc5xNSSQMr+xa570O Qd/uuhloDCLdgD9ZXtE9Jw4/PV5oioWl6LrknzrAJYye1rz99fRBXw== =Y3LY =END PGP SIGNATURE= -- Date: Tue, 29 Aug 2000 06:38:55 +0100 From: David Hopwood <[EMAIL PROTECTED]> Reply-To: [EMAIL PROTECTED] Subject: Re: encryption scheme output - samples table? =BEGIN PGP SIGNED MESSAGE= kihdip wrote: > > Most encryption schemes result in a bitstream. To be more precise, most modern encryption schemes treat plaintext and ciphertext as streams of octets (8-bit bytes), or occasionally as streams of larger words (e.g. 32 bits). The order of bits within an octet or word is usually not defined. - -- David Hopwood <[EMAIL PROTECTED]> Home page & PGP public key: http://www.users.zetnet.co.uk/hopwood/ RSA 2048-bit; fingerprint 71 8E A6 23 0E D3 4C E5 0F 69 8C D4 FA 66 15 01 Nothing in this message is intended to be legally binding. If I revoke a public key but refuse to specify why, it is because the private key has been seized under the Regulation of Investigatory Powers Act; see www.fipr.org/rip =BEGIN PGP SIGNATURE= Version: 2.6.3i Charset: noconv iQEVAwUBOasxBjkCAxeYt5gVAQGRQwgAk0DXNEeFse75HCp5GyVRCXhmAlCMi57p Qw75mKHyP2LeK0FccuN+okTRyn0JzKSFVYY63wKK7UUHhySdzdjqkjo6WjCwn6XQ lGlBap2WB4TXVB7Pwm9XDWPC2UVOtqmO+1n90vNSEiBqIeRClf1Ovq7x58cQ0Rb1 cTQ0U8AdId1QeTvZrSzw0TgJEdGsTSeym1RtpcMmet/qhVKBg+XMqanQRTPAmdAx 7sEcAz4Oj6mnAQP3UVctJQQHO+MpPDLNk23ZJk3iSUHo6DxOPRx19lPXDU4/UMUb SpB3Gt2t2ZrxYZgoIsOEBEP5z1lsBUOHLY+xec8JM0w2e9s2mPUtKw== =/MkC =END PGP SIGNATURE= -- Date: Tue, 29 Aug 2000 06:39:03 +0100 From: David Hopwood <[EMAIL PROTECTED]> Reply-To: [EMAIL PROTECTED] Subject: Re: Asymmetric Encryption Algorithms =BEG
