Cryptography-Digest Digest #967
Cryptography-Digest Digest #967, Volume #11 Wed, 7 Jun 00 10:13:01 EDT
Contents:
Re: An interesting page on the Rabin-Miller PP test (Robin Chapman)
Re: Brute forcing for Counterpane's Password Safe ("Dave Foulger")
Re: Brute forcing for Counterpane's Password Safe (Volker Hetzer)
Re: Brute forcing for Counterpane's Password Safe (Paul Rubin)
Re: Some dumb questions (Mok-Kong Shen)
Re: Statistics of occurences of prime number sequences in PRBG output as (Mok-Kong
Shen)
Re: Some dumb questions (Mok-Kong Shen)
Re: testing non linearity of arithmetic-logic combinations (tomstd)
Re: Observer 4/6/2000: "Your privacy ends here" (Paul Shirley)
Re: Thoughts on an encryption protocol? (Mark Wooding)
Re: software protection schemes (Runu Knips)
Re: Brute forcing for Counterpane's Password Safe (Rex Stewart)
Re: Evidence Eliminator, is it patented, copyrighted, trademarked ? (jungle)
Re: Some dumb questions (Volker Hetzer)
Re: Brute forcing for Counterpane's Password Safe (Volker Hetzer)
Re: software protection schemes (jungle)
Re: Is OTP unbreakable?/Station-Station (Tim Tyler)
From: Robin Chapman [EMAIL PROTECTED]
Crossposted-To: sci.math
Subject: Re: An interesting page on the Rabin-Miller PP test
Date: Wed, 07 Jun 2000 09:13:05 GMT
In article 393db17a$[EMAIL PROTECTED],
[EMAIL PROTECTED] (Andrew John Walker) wrote:
Thanks, I don't fully understand the maths yet but it's good to
see a result! Would this line of reasoning work with forms such as
p^2*q
or p*q*r?
I expect so.
If eventually a general result could be found it would allow for much
more
accurate estimates of how often this test produces non-witnesses for
a particular sized composite, forinstance by taking 100 50d numbers
and factoring them.
I'm not so optimistic. The number of non-witnesses will depend
quite strongly on the form of the number n, as pq or pqr or p^2 q etc.,
and will also depend very strongly on how the primes p and q etc.
interact. For instance in the pq case d = gcd(p-1, q-1) can be
anything from 2 up to p-1, which may be of the order of sqrt(n).
--
Robin Chapman, http://www.maths.ex.ac.uk/~rjc/rjc.html
"`The twenty-first century didn't begin until a minute
past midnight January first 2001.'"
John Brunner, _Stand on Zanzibar_ (1968)
Sent via Deja.com http://www.deja.com/
Before you buy.
--
From: "Dave Foulger" [EMAIL PROTECTED]
Subject: Re: Brute forcing for Counterpane's Password Safe
Date: Wed, 7 Jun 2000 11:15:52 +0100
Joeseph Smith [EMAIL PROTECTED] wrote in message
news:rab%4.30$[EMAIL PROTECTED]...
I've been asked to help the executor of the estate
of a fellow who recently died in Florida. The fellow
was techno-savvy enough to use Password Safe
from Counterpane to hold his various account names
and passwords. Unfortunately, he was not real-world
savvy enough to leave a way for his heirs to recover
the data. The executor has tried various obvious
passwords (names of grandchildren, significant dates
and places, etc.), but they have not worked.
Does anyone have a program that does brute
force password guessing for Counterpane's
Password Safe program? Alternatively, does
anyone have the details of the file format and
algorithms so I can write one? Bruce's website
says that it uses Blowfish and that a 2.0 version
would be published with source, but I don't think
the 2.0 version was ever published. Does anyone
have source to it?
Please reply to the list, since I believe the answer
will be generally useful.
Joe
Ask Bruce for the backdoor nsa key ;-)
Dave
--
From: Volker Hetzer [EMAIL PROTECTED]
Subject: Re: Brute forcing for Counterpane's Password Safe
Date: Wed, 07 Jun 2000 10:22:52 +
Dave Foulger wrote:
Joeseph Smith [EMAIL PROTECTED] wrote in message
news:rab%4.30$[EMAIL PROTECTED]...
I've been asked to help the executor of the estate
of a fellow who recently died in Florida. The fellow
was techno-savvy enough to use Password Safe
from Counterpane to hold his various account names
and passwords. Unfortunately, he was not real-world
savvy enough to leave a way for his heirs to recover
the data. The executor has tried various obvious
passwords (names of grandchildren, significant dates
and places, etc.), but they have not worked.
Ask Bruce for the backdoor nsa key ;-)
I agree. Since you appear to have a legitimate reason, you
(or the executor) can propably count on the goodwill of
Counterpane. But I don't think that they designed weaknesses
into their product, so you'll IMHO be out of luck anyway.
Greetings!
Volker
--
The early bird gets the worm. If you want something else for
breakfast, get up later.
--
From: [EMAIL PROTECTED] (Paul Rubin)
Subject: Re: Brute forcing for Counterpane's Password Safe
Date: 7 Jun 2000 10:38:09 GMT
Cryptography-Digest Digest #968
Cryptography-Digest Digest #968, Volume #11 Wed, 7 Jun 00 11:13:01 EDT
Contents:
Re: Is OTP unbreakable?/Station-Station (Tim Tyler)
Re: software protection schemes (Jim Steuert)
BeeCrypt 1.0.0 released (Bob Deblier)
Re: Question about recommended keysizes (768 bit RSA) ("Thomas J. Boschloo")
DH-Key Exchange Questions. ([EMAIL PROTECTED])
Enigma Variations (John Spicer)
Re: DH-Key Exchange Questions. (Anton Stiglic)
Re: Thoughts on an encryption protocol? (Dido Sevilla)
Re: DH-Key Exchange Questions. (Mark Wooding)
Re: Observer 4/6/2000: "Your privacy ends here" (me)
Re: testing non linearity of arithmetic-logic combinations ("Dark Nebular")
Re: Request for review of "secure" storage scheme (Baruch Even)
Re: Question about recommended keysizes (768 bit RSA) (Paul Koning)
Re: Some citations (Paul Koning)
vb crypto library ("norman")
From: Tim Tyler [EMAIL PROTECTED]
Subject: Re: Is OTP unbreakable?/Station-Station
Reply-To: [EMAIL PROTECTED]
Date: Wed, 7 Jun 2000 13:25:59 GMT
Nicol So [EMAIL PROTECTED] wrote:
: Tim Tyler wrote:
: Bryan Olson [EMAIL PROTECTED] wrote:
: : The method presented by ciphermax is flawed, but a one-time
: : random key does offer provable authentication, and no other
: : technique does.
:
: The scheme you describe - like other sorts of "provable" security does
: not actually /prevent/ the possibility of faking identity. Instead it
: tries to reduce it to 1/S.
: I don't think Bryan Olson characterized the protection offered by the
: scheme as "prevention". He only referred to it as "provable", which is
: true. [...]
It's true only in an abstract, mathematical world.
In the real world, there's no guarantee of being able to produce a
"random key" in the first place - and this is the world where authenticity
is actually important.
: The "proof" also depends on an unprovable assumption - the existence of an
: unguessable random stream.
: I think there is some confusion here. [...]
: Apparently, your objection is that there might not be anything in the
: physical world of which a sequence of independent, uniformly distributed
: 0-1 variables is a good model. That's a fair question, but that has
: nothing to do with proofs. [...]
: You seem to be very skeptical about the existence of "unguessable random
: streams". What kind of evidence would it take to convince you that
: physical phenomena exist that correspond (closely) to idealized unbiased
: coin flips? [...]
I beleive a "close" correspondence may well exist in some cases, but...
IMO, the question of whether such a stream can be generated for
cryptographic purposes (in the face of an active attacker) is far
from resolved.
: Your "standard of proof" seems to be very high. If you look
: at other things in everyday life, you'll find that we accept
: mathematical models as _adequate_ based on much lower standards than
: yours. We know that Newtonian mechanics is only approximate, yet we
: build cars, bridges, buildings etc on it.
Nobody claims to have **proved** that these bridges won't fall down.
An academic with such a "proof" would undoubtedly be ridiculed.
: These sorts of concern always make me uneasy about the use of the term
: "provable" in relation to secrecy, or authentication.
:
: It seems to me that "provable" security is almost a sort of academically-
: respectable snake-oil marketing technique :-|
: The term "provable" does mean something--rigor of reasoning in the
: mathematical model. Unfortunately, many researchers use the term to
: refer to results that don't guarantee what a reader might expect when
: he sees the word "provable".
It seems to me that more qualifications are needed.
I see textbooks referring to the OTP as "provably" secure, and
an "unbreakable" crypto system.
Only rarely does it get mentioned that without a secure source of
randomness - something which has never been demonstrated to exist - these
systems are not secure, let alone "provably" secure.
--
__ Lotus Artificial Life http://alife.co.uk/ [EMAIL PROTECTED]
|im |yler The Mandala Centre http://mandala.co.uk/ I'm pink :. I'm spam
--
From: Jim Steuert [EMAIL PROTECTED]
Subject: Re: software protection schemes
Date: Wed, 07 Jun 2000 09:58:15 -0400
I actually coded one of those schemes for Solaris. Here's how it worked:
1. It used /proc file system ioctl() calls to hook the read,write,open,
access, lseek, etc calls. This is similar to the way truss, strace (public
domain), and debugger packages work for various unixes.
2. It used the solaris processor id (there is an faq on spoofing this) and
other "tricky" means of identifying the specfic client machine. A
client must issue a command which generates a machine-specific
code, and then is given a corresponding key which would only
work on that machine.
3. For example, my "runner"
Cryptography-Digest Digest #969
Cryptography-Digest Digest #969, Volume #11 Wed, 7 Jun 00 13:13:00 EDT
Contents:
Re: Enigma Variations (Jim Gillogly)
An idea of a simple unsophisticated encryption scheme (Mok-Kong Shen)
Re: Some dumb questions (Mok-Kong Shen)
Re: Cryptographic voting ("Thomas J. Boschloo")
Re: Could RC4 used to generate S-Boxes? (Simon Johnson)
Re: Enigma Variations (Mok-Kong Shen)
Re: Thoughts on an encryption protocol? (John Myre)
Re: Some citations (Mok-Kong Shen)
Re: Question about recommended keysizes (768 bit RSA) (Jerry Coffin)
Re: Observer 4/6/2000: "Your privacy ends here" ("Morgan Holt")
Re: Cryptographic voting (Mok-Kong Shen)
Re: testing non linearity of arithmetic-logic combinations (Terry Ritter)
Re: testing non linearity of arithmetic-logic combinations (tomstd)
Re: Could RC4 used to generate S-Boxes? (tomstd)
Re: Some dumb questions (Jim Reeds)
Re: Request for review of "secure" storage scheme (Anne Lynn Wheeler)
Re: testing non linearity of arithmetic-logic combinations (Mark Wooding)
Re: Cryptographic voting (zapzing)
Re: testing non linearity of arithmetic-logic combinations (tomstd)
Re: Solution for file encryption / expiration? (Frank M. Siegert)
From: Jim Gillogly [EMAIL PROTECTED]
Subject: Re: Enigma Variations
Date: Wed, 07 Jun 2000 15:13:50 +
John Spicer wrote:
This led me to wonder what was the state of the cryptography used by the
Allies and what in-roads had the Germans and Japanese made? Did the
Allies learn from their successes against the Axis cryptos and
strengthen their own, or did they fall into the same traps?
The Germans read American M-209 traffic, according to POW interviews.
So far as we know (unclassified, anyway) none of the Axis powers read
SIGABA, the top US system. If the British Typex was ever broken, I
don't know about it. At a conference I attended one speaker
said that while the blunders of German operators made the Allied
c/a effort much easier than it otherwise would have been, the Allied
operators were even sloppier. I didn't get a feel for how much actual
traffic was compromised by this.
The Japanese had some notable non-successes, including a failure to
read JFK's Playfair rescue message after PT-109 was rammed out from
under him; and an inability to crack the Navajo Code Talkers' tactical
system, even with the coerced help of at least one native Navajo POW
who wasn't trained in the system.
--
Jim Gillogly
Sterday, 18 Forelithe S.R. 2000, 15:01
12.19.7.4.18, 11 Edznab 1 Zotz, Eighth Lord of Night
--
From: Mok-Kong Shen [EMAIL PROTECTED]
Subject: An idea of a simple unsophisticated encryption scheme
Date: Wed, 07 Jun 2000 17:23:21 +0200
The following sketch of an encryption scheme is not claimed
to be particularly strong, being, I suppose, comparable and
in fact in some sense related to the methods centred on
base conversions (see the recent thread 'A Family of
Algorithms, Base78Ct', initiated by wtshaw), nor entirely
novel, being simply composed of basic and well-known
techniques (I should appreciate obtaining pointers, if the
same is already in the literature). It is a tiny response to
wtshaw's recent advocacy of wide crypto diversity (cf. his
utopic idea of 'a cipher each day').
Let n be the block size in bits and N=2^n. Let a range
[d1, d2] be chosen. Generate with a PRNG (with a secret
key as seed) a set of relatively prime numbers g_i in that
range, such that their product GN. (For simplicity of
implementation, one could choose g_i to be all primes.)
Choose a random number R in [0, G-N]. Let P be the integer
number that represents the block of plaintext currently to
be processed and Q=P+R. Compute the sequence c_i with
c_i = Q mod g_i
Let c_i be appropriately represented, e.g. in hexs or
decimals and separated from one another with separators,
and let S be the string of their concatenation. (One
could dispense with the separators, but this is an
implemention issue.) Do a random permutaton of the
elements of S. This results in the ciphertext C. The
decryption of C is straightforward with application of
the Chinese remainder theorem.
M. K. Shen
==
http://home.t-online.de/home/mok-kong.shen
--
From: Mok-Kong Shen [EMAIL PROTECTED]
Subject: Re: Some dumb questions
Date: Wed, 07 Jun 2000 17:23:15 +0200
Volker Hetzer wrote:
Mok-Kong Shen wrote:
It is my fault for not having clearly/correctly stated what I had in
mind when I wrote that 'there is no plaintext knowledge available'.
I assume that the opponent knows the language used and even has
a good frequency distribution. But I assume (from what I know
about practical use of OTP) also that OTP is not used 'purely',
i.e. not used alone, and that there is a processing step before doing
the xor, in order to prevent the opponent from
Cryptography-Digest Digest #970
Cryptography-Digest Digest #970, Volume #11 Wed, 7 Jun 00 16:13:00 EDT
Contents:
Re: testing non linearity of arithmetic-logic combinations (Terry Ritter)
Re: DH-Key Exchange Questions. ([EMAIL PROTECTED])
Re: software protection schemes (Mike Rosing)
Re: Thoughts on an encryption protocol? (Mike Rosing)
Re: Request for review of "secure" storage scheme (Rodd Snook)
Re: Enigma Variations (Jim)
Re: testing non linearity of arithmetic-logic combinations ("Adam Durana")
Re: DES -- Annoyed ([EMAIL PROTECTED])
Re: Some dumb questions (Bryan Olson)
Re: Enigma Variations (Joseph Reuter)
Re: Call for evaluating and testing a stream cipher program
([EMAIL PROTECTED])
Re: RIP Bill 3rd Reading in Parliament TODAY 8th May (zapzing)
From: [EMAIL PROTECTED] (Terry Ritter)
Subject: Re: testing non linearity of arithmetic-logic combinations
Date: Wed, 07 Jun 2000 17:16:38 GMT
On 7 Jun 2000 16:27:09 GMT, in [EMAIL PROTECTED],
in sci.crypt [EMAIL PROTECTED] (Mark Wooding) wrote:
tomstd [EMAIL PROTECTED] wrote:
Latin squares have the problem of consuming too much memory,
That depends on how large they are, surely. A pair of 4 x 4 squares
wouldn't be any larger than a standard S-box.
We have 64MB+ in the usual computer, and 2nd level cache is going
on-chip and increasing rapidly. The raw store is available.
Since hardware continues to change, it seems more useful to
concentrate on the structure of the cipher per se than to limit the
structure to what current computing hardware does best. What current
hardware does best is simple "linear" computation, which is just what
we do not want a cipher to be.
A single Latin square is most likely to be used as a replacement for
the XOR operation in a stream cipher, thus opposing known-plaintext
attacks on the confusion sequence. Such an Ls can be a 2 dimension
index of bytes, a total of 64KB. But a far smaller alternative is to
use my patented Dynamic Substitution technique:
http://www.io.com/~ritter/#DynSubTech
http://www.io.com/~ritter/DYNSUB.HTM
in which case we have a little more computation, and the usual small
table. I have described such a cipher:
http://www.io.com/~ritter/CLO2DESN.HTM
and even still I have yet to see any published results on good sboxes
formed by Latin Squares.
Surely you could analyse it in pretty much the same way as you do a
normal S-box: look at the output difference probabilities for each input
difference as usual; look at its nonlinearity in a similar way, and so
on.
http://www.io.com/~ritter/ARTS/PRACTLAT.HTM
In any event, it can't be much weaker than XOR, so you're onto a winner
from a strength point of view.
If we describe this sort of strength as an unknowable transformation
(the ability to key-select one from among a large number of different
transformations), at least a keyed Latin square *has* strength; XOR
has none at all. And if we describe this strength as nonlinearity, at
least a Ls *can* have strength; again, XOR has none at all.
The only question is whether it's worth
it for the performance penalty.
A Latin square is a table look-up, an array access. In general, the
reason to use an explicit Latin square instead of a computation is
that the Ls can be far more complex. In the end, a complex
transformation is what we want.
---
Terry Ritter [EMAIL PROTECTED] http://www.io.com/~ritter/
Crypto Glossary http://www.io.com/~ritter/GLOSSARY.HTM
--
From: [EMAIL PROTECTED]
Subject: Re: DH-Key Exchange Questions.
Date: Wed, 07 Jun 2000 17:27:10 GMT
In article [EMAIL PROTECTED],
[EMAIL PROTECTED] (Mark Wooding) wrote:
[EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
I've been playing with DH-Key exchange and come across few problems
with large numbers before doing the mod part.
This sounds like you're doing it wrong. Do the modular reduction
after
each multiplication. You need a multiprecision maths library of some
kind to deal with (at least) 700-odd bit numbers.
The problem I'm having is storing the results when doing the
claculations using VBScript. It doesn't like big numbers. So you are
right I'm doing something wrong - using VBScript. I just wondered if I
could get away with a prime number of 71 ... well at least I now know.
I'll start looking for a maths lib and use a proper language although
my work mates are quite impressed with the idea of using an insecure
medium to generate keys. The Dan Quail version I have knocked up -
using JavaScript and ASP's - I'll make available for political
reasons. Namely that governments want to control maths, when you get to
play with the maths in question it makes it more real and the position
of the "controller" look really silly.
Anyway enough ranting and thanks for the help.
Sent via Deja.com http://www.deja.com/
Before you buy.
--
From: Mike Rosing [EMAIL
Cryptography-Digest Digest #971
Cryptography-Digest Digest #971, Volume #11 Wed, 7 Jun 00 19:13:01 EDT
Contents:
questions on TEA (Dido Sevilla)
Re: Thoughts on an encryption protocol? (Dido Sevilla)
Re: Cryptographic voting (David A Molnar)
Re: Some dumb questions (E-mail)
Re: RIP Bill 3rd Reading in Parliament TODAY 8th May ("Scotty")
Re: Thoughts on an encryption protocol? (Dido Sevilla)
Re: Observer 4/6/2000: "Your privacy ends here" (Bob)
Re: Cryptographic voting (Mok-Kong Shen)
Re: Some dumb questions (Mok-Kong Shen)
Another Idea for attacking Storin (tomstd)
Re: testing non linearity of arithmetic-logic combinations (Mok-Kong Shen)
equation involving xor and mod 2^32 operations (Anton Stiglic)
Re: Brute forcing for Counterpane's Password Safe ([EMAIL PROTECTED])
Re: testing non linearity of arithmetic-logic combinations (Terry Ritter)
Re: Observer 4/6/2000: "Your privacy ends here" (Marcin Tustin)
Re: Thoughts on an encryption protocol? ([EMAIL PROTECTED])
Re: Enigma Variations (Sundial Services)
Re: Brute forcing for Counterpane's Password Safe ([EMAIL PROTECTED])
Re: equation involving xor and mod 2^32 operations (John Myre)
From: Dido Sevilla [EMAIL PROTECTED]
Subject: questions on TEA
Date: Thu, 08 Jun 2000 04:10:00 +0800
This post has to do with the Tiny Encryption Algorithm (TEA) described
by Wheeler and Needham (http://www.cl.cam.ac.uk/ftp/users/djw3/tea.ps
and http://www.cl.cam.uk/ftp/users/djw3/xtea.ps). Has anyone tried to
use this block cipher? From what I see, the algorithm is really quite
simple and looks pretty easy to code, even in most forms of assembly
language. It doesn't go through quite as many contortions as the more
sophisticated algorithms do, but it runs a fairly simple core through a
lot of rounds (32 to be exact). Does it have any weaknesses which the
authors have not described in their papers yet?
--
Rafael R. Sevilla [EMAIL PROTECTED] +63 (2) 4342217
Mobile Robotics Laboratory +63 (917) 4458925
University of the Philippines Diliman
--
From: Dido Sevilla [EMAIL PROTECTED]
Subject: Re: Thoughts on an encryption protocol?
Date: Thu, 08 Jun 2000 04:19:35 +0800
Mike Rosing wrote:
If you use a PK system you can eliminate this weak link. It would
reduce
your maintanance costs substantually if a person doesn't have to travel
around to every box (except for repairs) every so often. Might not mean
much with a few boxes, but if you get to have lots of them, it'll add
up.
Frankly, I don't think all the effort to implement a PK system is worth
it in this case. There will only be 34 client terminals, one per
building, and given the financial constraints of my employer, it will be
a very long time before any more will be necessary. These are also not
so widely distributed, so going to every terminal should not take more
than a day.
Handbook of Applied Cryptography and Applied Cryptography are good
starting points.
Any websites or other online docs I can look at for stream ciphers and
cryptographically secure PRNG's?
--
Rafael R. Sevilla [EMAIL PROTECTED] +63 (2) 4342217
Mobile Robotics Laboratory +63 (917) 4458925
University of the Philippines Diliman
--
From: David A Molnar [EMAIL PROTECTED]
Crossposted-To: sci.math
Subject: Re: Cryptographic voting
Date: 7 Jun 2000 20:08:57 GMT
In sci.crypt Anton Stiglic [EMAIL PROTECTED] wrote:
Jim Ferry wrote:
I was wondering if there's a way for a small group of people
(less than 100) to vote cryptographically. ...
Check out http://www.acm.org/crossroads/xrds2-4/voting.html
for a starters
There's also a bibliography at
http://theory.lcs.mit.edu/~cis/voting/greenstadt-voting-bibliography.html
which may be helpful.
Thanks,
-David
--
From: E-mail [EMAIL PROTECTED]
Subject: Re: Some dumb questions
Date: Wed, 7 Jun 2000 16:41:41 -0400
Bryan,
How much would the effort have been hindered if the second use of
the pad was done after transforming the pad with a pseudo-random
number generator (and the pad is discarded after its second use)?
Jim Trek
http://eznet.net/~progress
[EMAIL PROTECTED]
On Wed, 7 Jun 2000, Bryan Olson wrote:
In article,
[...]
2. If an ideal OTP is misused, in that it is used a small
number n of times, how is one going to attack, if
absolutely no known plaintext is available?
As a final project in an under grad crypto course I worked on
finding the smallest n such that I could, in practice, break
the n-time pad. I assumed english language text coded in
ASCII, and XOR as the OTP combiner. I found n=2.
I created a table of 4-gram frequencies from about ten
megabytes of text, and a program to interactively try these
against the target ciphertext. The user would enter a
position in the text, and the program
Cryptography-Digest Digest #972
Cryptography-Digest Digest #972, Volume #11 Thu, 8 Jun 00 00:13:01 EDT
Contents:
Re: Brute forcing for Counterpane's Password Safe (Paul Rubin)
Re: Some dumb questions (Bryan Olson)
Re: Retail distributors of DES chips? (Thor Arne Johansen)
Re: Brute forcing for Counterpane's Password Safe (Roger Schlafly)
Re: testing non linearity of arithmetic-logic combinations ("cranky cransky")
Re: equation involving xor and mod 2^32 operations (tomstd)
Re: testing non linearity of arithmetic-logic combinations ("cranky cransky")
Re: Brute forcing for Counterpane's Password Safe (Paul Rubin)
Re: Enigma Variations (Paul Rubin)
Re: equation involving xor and mod 2^32 operations (Scott Contini)
Re: Brute forcing for Counterpane's Password Safe (Roger Schlafly)
Re: equation involving xor and mod 2^32 operations (tomstd)
Re: Question about recommended keysizes (768 bit RSA) ("Trevor L. Jackson, III")
Re: bamburismus ("Trevor L. Jackson, III")
Opening digital envelope decrypting data encrypted with DES3 (Abid Farooqui)
From: [EMAIL PROTECTED] (Paul Rubin)
Subject: Re: Brute forcing for Counterpane's Password Safe
Date: 7 Jun 2000 23:15:20 GMT
Volker Hetzer [EMAIL PROTECTED] wrote:
The heirs would normally care about stuff like bank accounts,
which the executor should be able to locate by knowing the SSN (tax ID
number) of the dead person.
I was assuming that there is a legally defensible reason for this.
Is there any circumstance in your country where you can be legally forced
to hand over encryption keys to somebody else or where they can be seized
while you're absent or dead?
This gets debated in the newsgroups sometimes and the answer seems to
be "no" (in the case of stuff like passwords) but "yes" for physical
objects such as documents. However, that's not relevant here. I'm
saying that without direct evidence, I'm skeptical of the story about
the dead person in Florida as posted by the fairly obvious pseudonym
Joe Smith at hotmail.com. I think it's more likely that someone wants
to crack a password belonging to a living person who doesn't want it
cracked, and the cracker is not being honest with us about it. I
don't feel inclined to be helpful in that situation.
--
From: Bryan Olson [EMAIL PROTECTED]
Subject: Re: Some dumb questions
Date: Wed, 07 Jun 2000 23:38:13 GMT
E-mail asked:
How much would the effort have been hindered if the second use of
the pad was done after transforming the pad with a pseudo-random
number generator (and the pad is discarded after its second use)?
That would depend on the PRNG, and my experiment doesn't say
(for any PRNG). One trouble with these "in practice"
investigations is that they are very sensitive to the exact
conditions.
--Bryan
--
email: bolson at certicom dot com
Sent via Deja.com http://www.deja.com/
Before you buy.
--
From: Thor Arne Johansen [EMAIL PROTECTED]
Subject: Re: Retail distributors of DES chips?
Date: Thu, 08 Jun 2000 02:26:11 +0200
If after all this flaming/discussion/exploration you're still interested
in a DES chip, you should check out:
http://www.pcc.pijnenburg.nl/
BR,
Thor A. Johansen
--
From: Roger Schlafly [EMAIL PROTECTED]
Crossposted-To: talk.politics.crypto
Subject: Re: Brute forcing for Counterpane's Password Safe
Date: Wed, 07 Jun 2000 17:11:14 -0700
Paul Rubin wrote:
I was assuming that there is a legally defensible reason for this.
Is there any circumstance in your country where you can be legally forced
to hand over encryption keys to somebody else or where they can be seized
while you're absent or dead?
This gets debated in the newsgroups sometimes and the answer seems to
be "no" (in the case of stuff like passwords) but "yes" for physical
objects such as documents.
BTW, Justice Thomas on the US Supreme Court just expressed the opinion
that the answer should be "no" for documents (if you plead the Fifth in
a criminal case). See:
http://supct.law.cornell.edu/supct/html/99-166.ZC.html
The case involved Web Hubbell who Clinton prosecutor Ken Starr forced to
produce a lot of financial documents, and was then charged with various
irregulaties. The majority sided with Hubbell, but did not go as far
as Thomas. (For those outside the US, Hubbell was a friend of Clinton
and the assistant Attorney General.)
You'd never know it from the press he gets, but IMHO Clarence Thomas's
opinions are models of clarity compared to the mush that others like
O'Connor and Souter write, and Thomas is the most reliable defender
of the Bill of Rights on the Supreme Court.
--
From: "cranky cransky" [EMAIL PROTECTED]
Subject: Re: testing non linearity of arithmetic-logic combinations
Date: Thu, 8 Jun 2000 11:03:19 +1000
thankyou all for the information. its has been helpfull.
Terry Ritter [EMAIL
