Cryptography-Digest Digest #783
Cryptography-Digest Digest #783, Volume #8 Mon, 21 Dec 98 17:13:03 EST
Contents:
Re: DIRT ? (MadAdmin)
Re: Code hidden in a piece of music (One Man)
Re: Cryptography board game! (was: CipherSaber for Dummies?) (Robert Munyer)
Re: DIRT ? (NUTSA)
Re: DIRT ? (MadAdmin)
Twas the Eve of Impeachment. ("Bob & Rosann")
Re: On living with the 56-bit key length restriction (Mok-Kong Shen)
Re: On living with the 56-bit key length restriction (Lincoln Yeoh)
Re: What is Randomness? ("Tony T. Warnock")
Re: Two Algorithms (John Savard)
MD5 signatures (Thor Arne Johansen)
MD5 implementation for 8051 (Viorel Ivanescu)
RC4 in 8-bit vs 16-bit (Anonymous)
From: [EMAIL PROTECTED] (MadAdmin)
Crossposted-To: alt.2600,alt.2600.hackerz,alt.hacker.learning
Subject: Re: DIRT ?
Date: Mon, 21 Dec 1998 17:50:21 GMT
Reply-To: LART
On Mon, 21 Dec 1998 16:44:39 GMT, [EMAIL PROTECTED] (NUTSA) wrote:
>On Sat, 19 Dec 1998 01:57:24 -, "donoli" <[EMAIL PROTECTED]>
>wrote:
>
>>
>>[EMAIL PROTECTED] wrote in message
>><75e00q$4lh$[EMAIL PROTECTED]>...
>>>Anybody know how to tell if you have the "DIRT"
>>>trojan installed on your PC. Also, what is the
>>>best way to remove it?
>>>
>>Try the Dirt Devil. It worked for me. Donoli.
>>
>>
>
>
>Now are you guys being facetious in your followups to this inquiry
>about the D.I.R.T. program??? Is there a program called Dirt Devil
>that will detect and remove this electronic surveillance crap??? This
>has caused me some concern since I surfed over the home site of the
>software company offering this to law enforcement agencies and the
>military following a lead provided by a ZD net article about online
>spy tools. The indications I got from the site was that something WAS
>being installed on my box. For those who do not know D.I.R.T. is
>similar to B.O. but a whole lot meaner and newer... Please Let me
>know if you will if there IS a detecter and remover...
>
DIRT is rather controversial. Some of what I've heard is that it's
simply a lame trojan and part of a scam.
Anyhow apparently the trojan actually exists but whether it is better
than BO or not I don't know.
My guess is that if McAffee/Dr. Solomon's are up on their toes they'll
find it. Now if it's supposed to legitimately be a "law enforcement"
tool I don't know how they'd handle it.
H. That may be a question for Patrick Nolan or Graham
Cluely. They tend to hang in alt.comp.virus.
~~~
The sig.
What sig??
.Ooops. I lost my sig!!!
.Anybody seen my sig
--
From: One Man <[EMAIL PROTECTED]>
Subject: Re: Code hidden in a piece of music
Date: Mon, 21 Dec 1998 08:09:28 -1000
Ones and zeros can be defined by new highest notes and new lowest notes.
The newness can be reset by playing two extreme notes in a row. Consider
the following notes where the first note after a reset is a 1:
d e d c d d f c a a d e f f d would translate to
1 1 0 1 0 1 1 1
--
From: [EMAIL PROTECTED] (Robert Munyer)
Crossposted-To: talk.politics.crypto
Subject: Re: Cryptography board game! (was: CipherSaber for Dummies?)
Date: 21 Dec 1998 11:34:20 -0600
In article <75liuo$shs$[EMAIL PROTECTED]>, I wrote:
> random number generator could be a cloth sack, filled with another
> set of 256 CipherSaber chips. They could be a different color
Whoops, no need for that second set of chips. Just write down the
random numbers before doing the key schedule. That way a single
set of chips will suffice.
> "stripped down" version of the game. It could use a five-bit
> character set, with just capital letters and minimal punctuation.
I forgot to mention the maximum key length would also have to be
decreased, because in the five-bit version, the key scheduling
algorithm only consumes a total of 32 of those five-bit bytes.
> a few of the kids, the most ambitious ones, will try the eight-bit
> version just so they can say they've done military-strength
> encryption with their bare hands.
I shouldn't have used the terms "five-bit" and "eight-bit." People
will misinterpret these byte widths as key lengths, and think the
cipher is weak. It would be better to call them the "32-square"
and "256-square" versions of the game.
The 256-square version of the game does full CipherSaber encryption,
which of course has a very respectable key length. From over 100
bits to over 300, depending on how you choose your key.
-- Robert Munyer <[EMAIL PROTECTED]>
--
From: [EMAIL PROTECTED] (NUTSA)
Crossposted-To: alt.2600,alt.2600.hackerz,alt.hacker.learning
Subject: Re: DIRT ?
Date: Mon, 21 Dec 1998 18:14:12 GMT
On Mon, 21 Dec 1998 17:50:21 GMT, [EMAIL PROTECTED] (MadAdmin) wrote:
>
>DIRT is rather controversial. Some of what I've heard is that it's
>simply a lame trojan and part of a scam.
>An
Cryptography-Digest Digest #782
Cryptography-Digest Digest #782, Volume #8 Mon, 21 Dec 98 13:13:02 EST
Contents:
Re: What is Randomness? (Dr. Yongge Wang)
md5 sample implementation
Re: Slow Key Scheduling (Mok-Kong Shen)
Re: break-even point n! vs Miller-Rabin ? (Leif Nilsen)
Re: biometrics (David A Molnar)
Re: Protocol flaw in widely-deployed access control software (Bryan G. Olson; CMSC
(G))
Re: On living with the 56-bit key length restriction (Mok-Kong Shen)
Re: Computers getting faster? (Mok-Kong Shen)
Re: (fwd) Strike to protest Wassenaar! (Lutz Donnerhacke)
Re: On living with the 56-bit key length restriction (Matthias Bruestle)
Re: PGP Signature Hash, Algorithm & Key Size ([EMAIL PROTECTED])
Re: Cryptography board game! (was: CipherSaber for Dummies?) ("jay")
Hashing for randomness (Logi Ragnarsson)
Re: Protocol flaw in widely-deployed access control software (Michael Sierchio)
For Sale : Computer and Cryptology Books FS ([EMAIL PROTECTED])
Re: DIRT ? (NUTSA)
From: [EMAIL PROTECTED] (Dr. Yongge Wang)
Subject: Re: What is Randomness?
Date: 21 Dec 1998 04:42:09 GMT
Indeed, for the randomness you may go to
Martin-Loef's definition of randomness.
(Chaitin has an equivalent difinition)
but all these definitions are for infinite sequences.
For finite sequence, Kolmogorov complexity
(or Chaitin) complexity may be a good way
to define randomness
Andrew Wall ([EMAIL PROTECTED]) wrote:
: Bill,
: Can you tell me more about auto correlation?
: I have tried using an FFT on random numbers and I get a plot which has all
:frequencies present, looking a lot like the input, but
: shouldn't all frequencies be present more or less evenly?
: I have also thought that an FFT may not be that much use (eg I used a 1024 point
:FFT) as you should need to examine a very large
: amount of data (several megabytes?) at one time to ensure that any non-random
:looking parts are just a fluke and equally likely as
: any other sequence to arise.
: Andrew
: Bill Thomas wrote in message <[EMAIL PROTECTED]>...
: >a uniform random number generator can be tested by auto correlation, and then
: >by a spectrum - its white noise i.e., equal energy at all frequencies. The
: >repeat of the sequence is governed by
: >the pn generator used to produce the uniform random numbers. pn generators
: >can be made to
: >any length. where the sequence starts is set by the initial value (seed) in
: >the pn generator.
: >
--
==.
Yongge Wang| |
Dept. of EE & CS | |
Univ. of Wisconsin--Milwaukee | |
P.O.Box 784|Yongge Wang |
Milwaukee, WI 53201|2545 N.Frederick Ave. |
|Apt. 104 |
Tel: (414)229-5731 |Milwaukee, WI 53211 |
Fax: (414)229-2769 | |
[EMAIL PROTECTED]|Tel: (414)3324794 |
http://www.cs.uwm.edu/~wang|Fax: (414)3324794 |
=='
--
From: <[EMAIL PROTECTED]>
Subject: md5 sample implementation
Date: Mon, 21 Dec 1998 11:06:29 +0200
Hi all,
I want to find out a -very_clear- md5 implementation. I know RSA's
reference implementation, GNU fileutils' md5 implementation and that of
SSLeay but they are optimized for performance. Any of you know a more
clear implementation for presentation purposes?
Regards,
- burak
--
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Slow Key Scheduling
Date: Mon, 21 Dec 1998 08:59:12 +0100
Bruce Schneier wrote:
>
> On 19 Dec 98 17:25:14 GMT, [EMAIL PROTECTED] () wrote:
>
> >Bruce Schneier ([EMAIL PROTECTED]) wrote:
> >: All a slow key schedule does is make brute force searches that much
> >: harder. It helps DES just as much as any other algorithm in that
> >: respect.
> >
> >Yes, but only up to a point. If DES with independent subkeys is subject to
> >an attack with complexity 2^65, then, if you use a slow key schedule to
> >improve DES with a 56-bit key, you still can't make it _stronger than with
> >independent subkeys_. Hence, only slowing the key generation process by up
> >to 512 times (plus, of course, a correction for the difference in time
> >constants between trying a regular 56 bit key, and the steps in the 2^65
> >attack) is effective.
>
> Yes. Of course. The point of a slow key schedule is not to make a
> cipher stronger, but any given attack slower.
>
> Your math is correct.
>
> >On the other hand, a block cipher that is, with independent subkeys, so
> >strong that only brute-force attack is possible _on the independent
> >subkeys_, can be "improved" in security by a much greater amount by a slow
> >key schedule. (Of course, a slow key schedule doesn't really increase the
> >
