Cryptography-Digest Digest #700

[Digestifier]

Cryptography-Digest Digest #700, Volume #9   Sat, 12 Jun 99 06:13:04 EDT

Contents:
  Re: DES lifetime (was: being burnt by the NSA) ("Douglas A. Gwyn")
  Re: KRYPTOS ("Douglas A. Gwyn")
  Re: KRYPTOS ("Douglas A. Gwyn")
  Question from a neophyte (Donald Clark)
  Re: DES lifetime (was: being burnt by the NSA) (SCOTT19U.ZIP_GUY)
  Re: KRYPTOS (Jim Gillogly)
  Re: DES lifetime (was: being burnt by the NSA) (Jerry Coffin)
  Re: cant have your cake and eat it too (Jerry Coffin)
  Re: Cracking DES (Jerry Coffin)
  Re: Random numbers on a sphere ([EMAIL PROTECTED])
  Re: One Time Pad ([EMAIL PROTECTED])
  Re: Question from a neophyte ([EMAIL PROTECTED])
  Re: Cracking DES (David Wagner)
  Re: cant have your cake and eat it too ([EMAIL PROTECTED])



From: "Douglas A. Gwyn" [EMAIL PROTECTED]
Subject: Re: DES lifetime (was: being burnt by the NSA)
Date: Sat, 12 Jun 1999 02:41:04 GMT

John Savard wrote:
 When DES was first accepted as a standard, it was recommended for
 certain uses, among them "sensitive but unclassified" government data.
 And, as you point out, that includes census data, and it is correct
 that census data from the year DES was adopted is still confidential
 today, and it is correct that DES is breakable today.

If *any* cryptosystem, rather than physical security, was used as the
sole means to protect the census data, then it was unconscionable.
Even the military cryptosystems have a design lifetime of only 50
years, partly because extrapolating cryptanalytic technology farther
than that becomes pure guesswork.

 Of course, I don't think it's reasonable to say that DES resulted from
 the combined efforts of IBM, NBS, and the NSA: that implies that all
 three were pulling in the same direction. IBM certainly was not
 incapable of considering a 128-bit key, as LUCIFER proved.

I guess you aren't familiar with the actual history of the development
of DES.  Certainly, it was the result of a collaborative effort among
those three organizations, even more than has been published.

--

From: "Douglas A. Gwyn" [EMAIL PROTECTED]
Subject: Re: KRYPTOS
Date: Sat, 12 Jun 1999 03:25:11 GMT

Jim Gillogly wrote:
 I solved the transposition section last night.

Drat!  Inspired to action by Jim's previous successes, I was just
about to try a quick attack on that section, on the assumption that
it was double transposition and that the keys were KRYPTOS/KRYPTOS,
VIRTUALLY/INVISIBLE, SHADOW/FORCES, or LUCID/MEMORY.

 There're still those last few lines waiting to be decrypted.

In case anyone wants to make a stab at it:

   OBKR
UOXOGHULBSOLIFBBWFLRVQQPRNGKSSO
TWTQSJQSSEKZZWATJKLUDIAWINFBNYP
VTTMZFPKWGDKZXTJCDIGKUHUAUEKCAR

This might be intractable, if the CIA Public Affairs office's help
note is right in classifying it as a true one-time-pad system.
However, if they misclassified any of the other sections (something
that Jim is now in a position to assess), it would cast doubt on
their ability to make a correct diagnosis.  Their classifications:
(1) Digraphic substitution.
(2) (3) (4) Polyalphabetic, 4 or 8 alphabets.
(5) Transposition, width 11 or 13.
(6) One-time, or perhaps Vigenere based on KRYPTOS tableau.

Jim deserves high praise for almost (so far) totally cracking
KRYPTOS in just a few days.  I guess we need to find another
unsolved puzzle.  How about Zodiac #2?

--

From: "Douglas A. Gwyn" [EMAIL PROTECTED]
Subject: Re: KRYPTOS
Date: Sat, 12 Jun 1999 03:28:57 GMT

Medical Electronics Lab wrote:
...you'll get a whole lot more people interested now in looking at it.

I think motivation is important.  So long as people were thinking that
Kryptos was intractable, they didn't put in the work that it actually
takes to crack the systems.  I'm happy to have played some role in
spurring Jim to tackle it.

--

Subject: Question from a neophyte
From: Donald Clark [EMAIL PROTECTED]
Date: Sat, 12 Jun 1999 04:25:54 GMT

Anyone,
  First of all i would like to conradulate
this ng on it's mutual respect for it's 
members. Very refreshing!
  I have been a lurker here for several months now.
I landed here as a direct result of another
ng that i belong to going PGP. I know very
little about *crypto*; save a couple of simple
decrypts in last semesters phyics class.
  I have, or rather am developing a keen 
interest in the discipline. However, I need
some direction. I would greatly appreciate
anyones opinions as to what books would be
appropriate for the novice.  
  Please feel free to e-mail.

Thank You

Don Clark

[EMAIL PROTECTED]

--

From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: DES lifetime (was: being burnt by the NSA)
Date: Sat, 12 Jun 1999 05:08:23 GMT

In article [EMAIL PROTECTED], "Douglas A. Gwyn" [EMAIL PROTECTED] wrote:
John Savard wrote:
 When DES was first accepted as a standard, 

Cryptography-Digest Digest #701

[Digestifier]

Cryptography-Digest Digest #701, Volume #9   Sat, 12 Jun 99 09:13:05 EDT

Contents:
  Re: Cracking DES (Paul Koning)



From: Paul Koning [EMAIL PROTECTED]
Subject: Re: Cracking DES
Date: Fri, 11 Jun 1999 12:55:13 -0400

Alan Braggins wrote:
 ...
 (And did anyone ever really claim DES took universe lifetimes to
 crack? Dorothy Denning's 1993 review of SKIPJACK
 (http://catless.ncl.ac.uk/Risks/14.80.html#subj2) says
 "Another way of looking at the problem is by comparing a brute force
 attack on SKIPJACK with one on DES, which uses 56-bit keys.  Given
 that no one has demonstrated a capability for breaking DES, DES offers
 a reasonable benchmark. [...] Given the lack of demonstrated
 capability for breaking DES, and the expectation that the situation
 will continue for at least several more years"

Given what Dorothy Denning has said on a variety of topics over
the years, I am not inclined to give *any* credence to anything
she says.  The Skipjack "review" is only one example.

paul

--


** FOR YOUR REFERENCE **

The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:

Internet: [EMAIL PROTECTED]

You can send mail to the entire list (and sci.crypt) via:

Internet: [EMAIL PROTECTED]

End of Cryptography-Digest Digest
**

Cryptography-Digest Digest #702

[Digestifier]

Cryptography-Digest Digest #702, Volume #9   Sat, 12 Jun 99 09:13:05 EDT

Contents:
  A NAKED HORNY WOMAN BASKING IN THE SUN (Anonymous)



From: Anonymous [EMAIL PROTECTED]
Subject: A NAKED HORNY WOMAN BASKING IN THE SUN
Date: Sat, 12 Jun 1999 06:00:06 -0500

Don't you wish you were there? She arouses me


section 1 of uuencode 4.13 of file 126.GIFby R.E.M.

begin 644 126.GIF
M1TE.#=AP@$-`?4```0$!`@("`P,#!`0$!04%!@8!P'"`@("0D)"@H6
M*"PL+#`P,#0T-#@X.#P\/$%!045%14E)24U-35%145E965U=76%A865EA
M96EI:6UM;7%Q75U=7EY7U]?8*"@H:AHJ*BHZ.CI*2DI:6EIJ:FIZGJ*B"
MHJ:FIJZNKK*RLK:VMKJZNKZ^OL/#P\?'Q\O+R\_/S]/3T]?7U]O;V]_?C
MW^/CX^?GY^OKZ^_O[_/S\_?W]_O[^RP`P@$-`0`_L!4JY4J"E.8.
M#JA4C4_(Q`I.I02AWG)B(`/*28C:3S63!**8G%,K+-8#,6ZTTCCJ"E%@LU
M:_%9+3V-C2$A'U8'PP``!(CQ0?%-,(S`T-]^-'QOA#,SA9QPHG%Z118;1
M+"HI)8!Z0VBM*DPJK(I7*5FAH)TJR50(R,=*3!SH+U\*BVBF9E[='Q#HVY/K
M%!(+C`8%!0MJ"0L6#`(1:R"/#Q@28P\4!$L;C,JQ@JH$/*?2V:?'!]8)0`3
M`8A%B@_H/FPH,-*$SY4B#[YV=(Q68P4JA@,0+?K%82^;1"V,'"AP@`$EAXA
MP`B```8;E@R4(=)$R8?2ARBIZ+._@AY%)L$*+B6!,GK.;0$G),!4D*$0P8+
M2%`@01=!:ZZ!%#`@`!U288QD5/D4M-FF7JEZ+BJ:$ZG"TL(+D!!`A(%CJ(\
M!S`:$52(\$)"`0DR;(U+!(IPSK%_H3`)G083K)^@P9ARM0'V(8$7HBI/
M`\E*;@LT_Q:3B9JYPQ"DJ72*(1#;-CJ(DLED+36_`?W0*[%!W0@,'UZ]1
ML9RV4RC0W`[Y-2OD,"5":@*R"I`P((("ZIBS@`8,(DRRLDT!A`07UT4X[$
M=6+5S)3S"$'Y,?*2)^B?'`RPQ`:`1?=;W\,".`*LP'`E-^#$32N^=AP$YU
M!:24RA)9_OA1`FVH(''GK8\N%P1322M*Z%94'+]D5@'%S(PE1D,6.62#
M`0MPTY4W$40@`8B\M=)9/BPPH9HLO37@CG'\16,/0L\`(D!`!C`P`)=J2%!
MB.T`,]*/%Y15(,%MK)$/J1L5@@+8:002C\/I949(9O!,@,)5B0``-.6*`3(
M9[6,P-XSBS6`FO?=(+)J?9)4LMIP"H1Y)-D`B%'+=L(,@GW+6"2(?I"*)#
M7);)X=PE;PR$#Y]\`(10`9MH4V6#X#673=8Y2A5=UDR\`!X#$BP)0."%I7"1
M@S=5Q"JMQK`68"$W"%A**$[).6U`3BQ'YX"=6+3)RJ`H,0_H(."`@2V0G]
M`0;O'=C-Q+DI%!.2RV40O,S+`LHXO5MFP'S"0UT$`;=%!+/OV"PD(VQGH3,
MWI_YIB28.R%QP`40@S"T1RJ/I21+:HU10N(@$@@9#81@)`-!=9$`%H+7'U*
M$B0)?+'!=PEO(:A-"E?RP="HKH;9+ZX,XIR;I!CBZL"LD`#3T-`;11SWX
M@6J`B(0R'+9,1%P2KO2SR6DA:B0GVDRLA4%*,::YVJM!//!BVDYQ!PLL44AR
M)R9X?O++!^_AZ)([4IG7E8Z,F%S2ULN\':/$9"!1]W"*WNL\%1(`SJE%!
MHUQQF,5DM!79!WJLRPA]KS%R2!A!_E?9,!"GU59)8$]"*$#"#ZG,7@3/F\85
MA`4'TW1%N;7*WY#"!$(.P"[F@C3OLD9-E`N93XD1$3K+ZR($`_NG)6`+
MV,(""?#(``4=/#`RG^AY!+W%ABK1@=Z114!L.04Y*T)@!*J$V`F0#?P04
M.,`]0VZSND_PE-:H.SVD)GFX3X#40@6!)`\8(Z):)@;!+]X0[S3\`^"6:$0!J
MUFB%;`P"HT(YHP+0BT3W'#1GPSCA`Q%\/X!4W$`T2B)`E[P'D1PZMS
ME,,\;F0.\P3-`_Q84^/PM-BD)$,BO!C".@82(36182F.T8?_-%13;RAYYDC
M9!A(*:$_CJ0(_D58%CR`T"QL`2HFXQ`(@RR!4@.U@RR+L#,2GDMZIFK0V^)
M`02I@,H#)+"$SR1`#1JGR8S=,D-.($8=P-7UT[QM2W^HS]-@(%@K#2T$SN=
M'28Q5)`NF1,I+"0.)2E6$4`T@QL0@1E,-C):!F5[4I%(;830])KE.`04V
M(+A"'*@D3VX06Z+::,SEUF@C+1M(YO!DRT8P-^$XD9#""M9@O6_PQ5`?A
M:YPL"H0AQ"#[[`TR;^L0=.6*L0PRE#%\K#I:Y,,F@2*8U!.C`[K'0C`O9(Z
MF/540@%W(,VX(K@,4NWS''%"DGYH(XW]?"@:?J!0(JW6-Z_@@X@[!H(7?@"
MGV#68894L.1/-F+`$8Q70F:L(C8Y#-X@1P2,%_BCXJPR"E*-OO(LE//K.E
MA7(FJFH`P3\N@-!TL(9=5098I%P@"0H.CM`(0Z!I(O0YVG)B$41@(LM3
MV#B+WY7R#L.`4P(Z``,WN"E/UKPF)B#3TJ'-M4%A9,$HSB*)(F/GQ.!!3-LA
M((@1"D@SUM(GG?[##"GA7K2LP`%#(`!S=!C#26P9V;4A1:N=A69GP.#5)0?
M409DJ!O#DIX[116I;1@!#W*4!%C\HB,"6`,X*D7OXJ24LV%"WP!Z@-$T.(0S
MP8U*(W"(CAQ"-BKAC*(9R\$$FN[R_@$)YP+_VOK0'+%1_XEAYBN`NFU6#
M6=@=LMBW9[2`]`E(`".5,9ENY'LRP53O?L1V(H@4BY:GKG`8"Z']3JZ#P
M\8\5"JL"\AZD"TD@1R9:M4(4E,0E/4$;:8``0,(=IIW589.3M:)SCSO%J`%
MY`X((9TR,/,)*!COSPX9TRL]AP*M.'*[7/,9P@!0F49PU*[,#RDL2R!6W
M9IXWC:G\\,-9$@J4LE.!![!`(*TXA$.2@)VLI(=++^'ARKS@5PMSCFI`+
MP-G/:A[UP\$Z"S?[H@4M8L,/!Y$TG:UTV8($5/KN$@D4!'[!D@(5TJ`B8E
M*I]]C7'F_OF$Q"+LPD;2:N@0`8?NWQQI8R)`"OU*P`%*BH3O+!+^#H31_B5
M6NZS#+*'.=!`(6*@)`AR(A2H(%\#(,%LQ1`O-:R1B?:`$)]P"0M:#!)+X^-
M146U1,\56,2807I@R*44+S4^A`CAU+Y9`YY5@QT[3,SO'L*FLN7R7$
M)'-BCPD1C#G-Z46)+()D0."9(\/6!JQ7PIY)GJ2/`U%(:M-@(S-HYRHO*7!+%
M@)27#UQZU#R]P3$`D%;.W"Z$/[7.H5@V26I@W_F2IV`_#J@!`UI"EV""
MN"/#[*Z:*/-0UN3TKR84I1\_)="%:?6/8X`@5WL:'G,83WO_F2#*UZQW;O^2
MY@]/Y"F\X(+AKJ["(D+"^8CIT0EAL%\LXF`AX7\`*V!JGX$+P*EEA%-1%%M
MC4)BJQUD+9K-3@P3RXK!(\NE%3(XH2=H29KR%"+Y.IS%'\PTWWP1K*7K$:]
MXJB''R;9,7'$"8-"LRI@S99FQ]FIEQB2LJXQ[\Q*`EDY![+"-8!*ZX`:PL6
M5;1F`S5'ORWW%D38@P4[.!]DH+L)S#NS,P?;R!\-`CP``21,**F;6BA%YKGU
MJ"KG*=;LNM2PCS@`4ZHF[G*UK;30G26E0V4[1URR7QN,Y$NV6A9KF1FTE
M?W%2UC$6TD$927?P@4M(%"_O$_AR(Y13%4BL(!9,(!,"`6_I1''H0*FZ
MM2]%%(N4B*T@#R@%`P=,6S:`@H]YA#+I6%KD'Z*10@,Y`:'(\B,V,`90S5?
M$DZ!T_OQAK4X54D(DAWD#]!)8LX05CX`N90`2*Q4_?`H32PAZQPA?,3M['
MM2RQQAY3T`([0`/K9#$%8`X5@R6M]@[:LW'S(P%6LA)@`N0$P$TRAX=C)_7
M!",`41U1AT(18(\482X00%D5!E@UTG0Q#^T@KP\'K;@$AYY`TW(GSF$$@#?
ML02[9`1APP(5X'`A`X$4RUSX@U$B2W0R/O8@'?$6NVU0UCZ"$80$L(`CXE
M=!JDLPJQ_K(61?$*B7('K@`^;3$@2G(72%MA),7?[$L,L$$RU.#U[0?P0`[7
MKO"!('$2Q4`21!(%BG5RHO(?!\%"_-,1RG@,%31O1C9C]P$1@%,G1I9NF"=;[
MR:1%Q3.!;^-_.*(]6D(!BC4GRD%KE^=\BZ(0?M(27[$[ZQ`72I`$@#!8*@`S!
M6*(2?\$$U`LPA(3UO,X65$.O(54]!V2P`0ZK(6)9$OTT`BG7-#_F(3IT)2!
M0N`$)P5`(U`\W0B..($.9+(5W9$SB6.W.-);R,!B-6(*$V)Z,OMZ`1+\(D'
M'E1?!*N#4Y$6`8D`1:WVYM%JZ0(*!U$4J(%G$3%_V14A_@^R!UQ,F=4$
M!T2R0UB`2#1"$.MW)K(P0.G735+3A64)'(@$\/#$A0%Q48+6TR9,NQ+%0-
M89,"7E86A"IH6A$$-[V5WG33\OD,([1%5C-7[U":BX2K?5^*P$$92$ZG37

Cryptography-Digest Digest #709

[Digestifier]

Cryptography-Digest Digest #709, Volume #9   Sat, 12 Jun 99 19:13:04 EDT

Contents:
  Re: Slide Attack on Scott19u.zip (SCOTT19U.ZIP_GUY)
  Re: RSA example with small numbers (Jim Gillogly)
  Re: RSA example with small numbers (Gergo Barany)
  Re: RSA msg length... (James Pate Williams, Jr.)
  Re: RSA example with small numbers (James Pate Williams, Jr.)
  Re: Cracking DES ([EMAIL PROTECTED])
  Re: Cracking DES (Boris Kazak)
  Re: RSA example with small numbers (James Pate Williams, Jr.)
  Re: Slide Attack on Scott19u.zip (David Wagner)
  Re: RSA example with small numbers ([EMAIL PROTECTED])
  Re: Cracking DES (David Wagner)
  Re: Slide Attack on Scott19u.zip ([EMAIL PROTECTED])
  How to read postscript files (David Wagner)



From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Slide Attack on Scott19u.zip
Date: Sat, 12 Jun 1999 22:38:17 GMT

In article [EMAIL PROTECTED], [EMAIL PROTECTED] (Tim 
Redburn) wrote:
On Sat, 12 Jun 1999 20:33:23 GMT, [EMAIL PROTECTED]
(SCOTT19U.ZIP_GUY) wrote:


  Actually it is rather well documented. It complies and runs on a PC what
more to you want?


How do I compile it on my Linux PC - an Intel Pentium using gcc 2.8.1?

The compiler complains that it can't find keys.h or pc.h,  neither of 
which are included in the scott19u.zip file.

  THe guy in germany was able to comple in visual C with out any problem.
(At least he had no problems with scott16u)
drop pc.h and key.h  and change the access() to what every your system use
also change make more room for the arrays rt ft bt as I described in past 
posts. This should allow you to compile. Put I don't have your system so
I can't tell exactly what is needed.


-Tim.



David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
http://members.xoom.com/ecil/index.htm
NOTE EMAIL address is for SPAMERS

--

From: Jim Gillogly [EMAIL PROTECTED]
Subject: Re: RSA example with small numbers
Date: Sat, 12 Jun 1999 14:28:52 -0700

Gergo Barany wrote:
 I selected two primes, p=23 and q=37 (I could use any primes, but they
 shouldn't be a lot bigger or smaller, I felt). Their product n=851,
 (p-1)(q-1)=792. Then, I had the RSA Algorithm Javascript Page
 [http://www.orst.edu/dept/honors/makmur/] generate my keys, d=317 and
 e=5 ...
 
 I chose the number 10 as my plaintext and encrypted it:
 C=M^e mod n=10^5 mod 851=433
 
 Then I took the cyphertext 433 and decrypted it:
 M=C^d mod n=433^{317} mod 851=499

"bc" says (433^317) % 851 = 10.
Looks to me like you're OK -- check that last step again.

-- 
Jim Gillogly
Hevensday, 22 Forelithe S.R. 1999, 21:26
12.19.6.4.17, 1 Caban 5 Zotz, Seventh Lord of Night

--

From: [EMAIL PROTECTED] (Gergo Barany)
Subject: Re: RSA example with small numbers
Date: 12 Jun 1999 21:39:46 GMT

In article 7jue4p$gao$[EMAIL PROTECTED], [EMAIL PROTECTED] wrote:

 I chose the number 10 as my plaintext and encrypted it:
 C=M^e mod n=10^5 mod 851=433

 Then I took the cyphertext 433 and decrypted it:
 M=C^d mod n=433^{317} mod 851=499

You did something wrong because

433**317 (mod 851) = 10 in the win98 calc.

Ok, thanks. Apparently, the Win98 calculator works better than my TI-85
when it comes to 835-digit numbers. Thanks also to the other poster for
the link to his FreeLIP package. Looks like I'll have to use my PC for
calculations, then.

Gergo

-- 
Bureaucrats cut red tape -- lengthwise.

GU d- s:+ a--- C++$ UL+++ P++ L+++ E++ W+ N++ o? K- w--- !O !M !V
PS+ PE+ Y+ PGP+ t* 5+ X- R+ tv++ b DI+ D+ G++ e* h! !r !y+

--

From: [EMAIL PROTECTED] (James Pate Williams, Jr.)
Subject: Re: RSA msg length...
Date: Sat, 12 Jun 1999 21:47:29 GMT

On Sat, 12 Jun 1999 14:43:39 -0400, "Particle" [EMAIL PROTECTED]
wrote:

how big can a msg (block) be?

Think of an example with artificially small parameters:
p = 3 and q = 5, n = p * q = 15 =  (in binary). The largest
message is m = 14 = 1110. This has bit length 4 which is the bit
length of the modulus. Out of curiosity, why is a binary space-
partitioning tree interested in cryptography, usually BSP trees
are prevalent in computer graphics?

==Pate Williams==
[EMAIL PROTECTED]
http://www.mindspring.com/~pate




--

From: [EMAIL PROTECTED] (James Pate Williams, Jr.)
Subject: Re: RSA example with small numbers
Date: Sat, 12 Jun 1999 21:56:31 GMT

On 12 Jun 1999 21:39:46 GMT, [EMAIL PROTECTED] (Gergo Barany)
wrote:

 Thanks also to the other poster for
the link to his FreeLIP package. Looks like I'll have to use my PC for
calculations, then.

A correction is in order, Arjen K. Lenstra of the special and general
number field sieve fame (a well-known factoring algorithm) wrote
FreeLIP which is portable to PCs under Microsoft's Visual C/C++