Cryptography-Digest Digest #562
Cryptography-Digest Digest #562, Volume #12 Tue, 29 Aug 00 04:13:01 EDT Contents: Re: secrets and lies in stores (S. T. L.) Re: New algorithm for the cipher contest (David Hopwood) Re: encryption scheme output - samples table? (David Hopwood) Re: Asymmetric Encryption Algorithms (David Hopwood) Re: "Warn when encrypting to keys with an ADK" (David Hopwood) Re: UNIX Passwords (David Hopwood) Re: Future computing power (Anders Thulin) Re: could someone post public key that is tempered ? (jungle) Re: Steganography vs. Security through Obscurity (Benjamin Goldberg) Re: On pseudo-random permutation (Bryan Olson) Re: On pseudo-random permutation (Markku-Juhani Saarinen) Re: Looking for Book Recommendations ([EMAIL PROTECTED]) From: [EMAIL PROTECTED] (S. T. L.) Date: 29 Aug 2000 05:15:15 GMT Subject: Re: secrets and lies in stores Because it doesn't deny the above. It points this out. Then notes that having a perfect lock is not enough. There is a lot more to security, and the way people think about it, and act in a society which has certain kinds of locks, than the lock itself. So much else that often focusing on the lock alone leads us to miss much larger points. That's what I meant by "hardly relevant. Hmmm. I still don't like the idea of calling any field of mathematics or science hardly relevant, no matter how it fits into society. You could call supersymmetry in particle physics completely irrelevant because it'll never affect society. But that doesn't say anything about how important it is to investigate this area. Same with cryptography. Of course, now I'll have to read this danged book to see what it's all about. Heh. Too little time, too many books. If there's such a thing as too many books, that is. :-P -*---*--- S.T.L. My Quotes Page * http://quote.cjb.net * leads to my NEW site. My upgraded Book Reviews Page: * http://sciencebook.cjb.net * Optimized pngcrush executable now on my Download page! Long live pngcrush! :- -- Date: Tue, 29 Aug 2000 06:38:48 +0100 From: David Hopwood [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] Subject: Re: New algorithm for the cipher contest =BEGIN PGP SIGNED MESSAGE= Scott Fluhrer wrote: I believe I have a way that, given K[3] (which is the fourth multiplicative key), distinguishes it from randomness with a relatively few amount of chosen plaintexts and effort, and the actual chosen plaintexts do not depend on K[3]. This immediately leads to a method of rederiving K[3] with about O(2**64) effort and circa 100-1000 chosen plaintexts. Drat, beat me to it :-) I was working on exactly the same attack; I'd done the second case for the distinguisher, and was close to working out the first one. - -- David Hopwood [EMAIL PROTECTED] Home page PGP public key: http://www.users.zetnet.co.uk/hopwood/ RSA 2048-bit; fingerprint 71 8E A6 23 0E D3 4C E5 0F 69 8C D4 FA 66 15 01 Nothing in this message is intended to be legally binding. If I revoke a public key but refuse to specify why, it is because the private key has been seized under the Regulation of Investigatory Powers Act; see www.fipr.org/rip =BEGIN PGP SIGNATURE= Version: 2.6.3i Charset: noconv iQEVAwUBOasmtTkCAxeYt5gVAQG4Mgf9Hgnap4TeE8+IhK4yTGYnENF5sRbp52ox Ynrod5UkcDm/3YDcflsFnwo92uHtNrYumCTqUpuPwx9R5Igr4ZcB5of2aoLHcBRB vtA8iNz2mXMdsFo7PkBdZDQLd/1RYk+Su3NdIZBm19g60OUvhThPGJf1ASoXpCy/ MxL/ggwaG2oRpFEqwa4mEfEihQmMAHWUsu7MGXX21+kwHADHfjVJ4gOijYTMUDI8 dqXzpdbMamIFmHM0cD0zZALukn9Zx+96B5U54iRflzQzeKiPc5xNSSQMr+xa570O Qd/uuhloDCLdgD9ZXtE9Jw4/PV5oioWl6LrknzrAJYye1rz99fRBXw== =Y3LY =END PGP SIGNATURE= -- Date: Tue, 29 Aug 2000 06:38:55 +0100 From: David Hopwood [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] Subject: Re: encryption scheme output - samples table? =BEGIN PGP SIGNED MESSAGE= kihdip wrote: Most encryption schemes result in a bitstream. To be more precise, most modern encryption schemes treat plaintext and ciphertext as streams of octets (8-bit bytes), or occasionally as streams of larger words (e.g. 32 bits). The order of bits within an octet or word is usually not defined. - -- David Hopwood [EMAIL PROTECTED] Home page PGP public key: http://www.users.zetnet.co.uk/hopwood/ RSA 2048-bit; fingerprint 71 8E A6 23 0E D3 4C E5 0F 69 8C D4 FA 66 15 01 Nothing in this message is intended to be legally binding. If I revoke a public key but refuse to specify why, it is because the private key has been seized under the Regulation of Investigatory Powers Act; see www.fipr.org/rip =BEGIN PGP SIGNATURE= Version: 2.6.3i Charset: noconv iQEVAwUBOasxBjkCAxeYt5gVAQGRQwgAk0DXNEeFse75HCp5GyVRCXhmAlCMi57p Qw75mKHyP2LeK0FccuN+okTRyn0JzKSFVYY63wKK7UUHhySdzdjqkjo6WjCwn6XQ lGlBap2WB4TXVB7Pwm9XDWPC2UVOtqmO+1n90vNSEiBqIeRClf1Ovq7x58cQ0Rb1
Cryptography-Digest Digest #563
Cryptography-Digest Digest #563, Volume #12 Tue, 29 Aug 00 08:13:01 EDT
Contents:
Re: Patent, Patent is a nightmare, all software patent shuld not be allowed (Sundial
Services)
Re: Patent, Patent is a nightmare, all software patent shuld not be (Sundial
Services)
Re: Patent, Patent is a nightmare, all software patent shuld not be allowed (Sundial
Services)
Re: Future computing power ("Sam Simpson")
Re: Looking for Book Recommendations ([EMAIL PROTECTED])
Re: e-cash protocol concept, comments wanted (Ragni Ryvold Arnesen)
Re: On pseudo-random permutation (Tim Tyler)
Re: Serious PGP v5 v6 bug! (Phil Harrison)
Re: "Warn when encrypting to keys with an ADK" (S.R. Heller)
Re: Future computing power ([EMAIL PROTECTED])
Re: secrets and lies in stores (Mok-Kong Shen)
Re: Bytes, octets, chars, and characters (Richard Bos)
[Q] Do you know a good german newsserver for sci.crypt ? (Runu Knips)
Re: Looking for Book Recommendations (David A Molnar)
Re: Future computing power (Guy Macon)
Re: Future computing power (Jeffrey Williams)
Re: when does PGP start to support key server (Matt Johnston)
Date: Tue, 29 Aug 2000 01:13:03 -0700
From: Sundial Services [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
Subject: Re: Patent, Patent is a nightmare, all software patent shuld not be allowed
Mack wrote:
hmm seems to cover most of what PGP servers have done for a while
and kerberos and various other methods. wonder when the patent
was applied for.
It may be facially invalid due to prior art.
Thomas Edison once succintly described patents as "a license to steal,"
although he owned more of them than almost anyone. They are a wonderful
lawyer-esque invention, because even after you spend a boatload of legal
fees to acquire one, you still have to defend it against all comers, any
one of whom could [successfully] claim that (essentially) you or the
patent-examiner screwed-up and your claim was invalid from the start ..
as Mack essentially suggests here.
So a patent provides what is actually a very dubious level of
protection, especially in the software business, and it endlessly
requires you to "defend it or lose it."
The patent examiners simply can't, and don't, affirm that your claim is
in fact worth the paper it is printed on. What they say is essentially
what you heard in a game of "Clue," namely "I cannot disprove it," which
when you think about it is -not- saying terribly much at all.
In the very best of circumstances, patent law requires you to COMPLETELY
DISCLOSE your invention in exchange for the right to (maybe..) exclude
others from using it for a period of many years. That can be awful in
the software business because your secrets are fully exposed to
competitors who, likely as not, can simply "trump your trick" and have
you begging them for a license. Even the slightest change to your
algorithm can qualify as an "improvement" which is not only legal -- but
blocks you from adopting the improvement in your own implementation!
In my not-so-humble I'm-not-a-lawyer opinion, patents were an idea
steeped in manufacturing .. and that is where they ought to stay.
Computer software is much too close to the direct expression of "ideas"
(which are unpatentable) and offer too many alternate ways of expressing
the same "idea" (all of which qualify as "prior art" or "improvements"
or simply "patent killers" .. and all of which you discover only after
the patent has been granted and before you discover that it's
worthless).
If you're gonna make money with software, you're gonna have to do it by
producing an altogether "better product," not by planting stakes around
a particular embodiment of a particular idea or trick in your code,
disclosing it to the world and proclaiming to all comers that "It's
Mine!"
I fear that good Mr. Edison was right after all.
--
Date: Tue, 29 Aug 2000 01:16:42 -0700
From: Sundial Services [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
Subject: Re: Patent, Patent is a nightmare, all software patent shuld not be
And of course, Mok-Kong, we also know that most of these anaerobic
bacteria eat .. umm .. ahh ... that is ... :-)
Mok-Kong Shen wrote:
[...]
there is really a risk of what I mentioned sacarstically
long time ago, namely oneday someone will get a patent of
how a human being breathes the air and from that point on
those who can't afford to pay royalities must find a way
of living an-aerobically (there are organisms of that
sort).
M. K. Shen
--
Date: Tue, 29 Aug 2000 01:21:38 -0700
From: Sundial Services [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
Subject: Re: Patent, Patent is a nightmare, all software patent shuld not be allowed
Now they get to start paying the lawyers MORE. First they pay the
lawyers to figure out everyone who might have been infringing upon their
patent. This
Cryptography-Digest Digest #566
Cryptography-Digest Digest #566, Volume #12 Tue, 29 Aug 00 16:13:01 EDT
Contents:
Re: Patent, Patent is a nightmare, all software patent shuld not be (Mok-Kong Shen)
Re: Idea for creating primes (Mok-Kong Shen)
Re: A little technical note about intepreters (Daniel Leonard)
Re: [Q] Do you know a good german newsserver for sci.crypt ? ("Duran Castore")
Re: I need ADK tampered key that PGP will not detect ADK, on it ... (Rich Wales)
Re: RSA n-bit key...is p and q n or is the mod n? ([EMAIL PROTECTED])
Re: RSA n-bit key...is p and q n or is the mod n? (Roger Schlafly)
Re: [Q] Do you know a good german newsserver for sci.crypt ? (Mok-Kong Shen)
Re: On pseudo-random permutation (wtshaw)
Re: 320-bit Block Cipher (Zulfikar Ramzan)
Re: [Q] Do you know a good german newsserver for sci.crypt ? (Brian Kraft)
Re: Serious PGP v5 v6 bug! ("Nathan Williams")
R: Test on pseudorandom number generator. ("Cristiano")
R: R: R: Test on pseudorandom number generator. ("Cristiano")
R: R: R: Test on pseudorandom number generator. ("Cristiano")
Re: Idea for creating primes ([EMAIL PROTECTED])
R: Optimal length of the sieve before a Miller-Rabin test ("Cristiano")
R: RSA n-bit key...is p and q n or is the mod n? ("Cristiano")
From: Mok-Kong Shen [EMAIL PROTECTED]
Subject: Re: Patent, Patent is a nightmare, all software patent shuld not be
Date: Tue, 29 Aug 2000 20:51:25 +0200
Sundial Services wrote:
[snip]
In the very best of circumstances, patent law requires you to COMPLETELY
DISCLOSE your invention in exchange for the right to (maybe..) exclude
others from using it for a period of many years. That can be awful in
the software business because your secrets are fully exposed to
competitors who, likely as not, can simply "trump your trick" and have
you begging them for a license. Even the slightest change to your
algorithm can qualify as an "improvement" which is not only legal -- but
blocks you from adopting the improvement in your own implementation!
[snip]
I wonder in the case in question how much is actually
'disclosed' in the text that one can read on the web page
cited. Are there more texts about that patent that one
can read? Or are these texts inaccessible to the public?
Since the patent apparently has the potential of attacking
at the very root of PK applications, if I don't err, we
should pay due attention to the issue, I suppose.
M. K. Shen
http://home.t-online.de/home/mok-kong.shen
--
From: Mok-Kong Shen [EMAIL PROTECTED]
Subject: Re: Idea for creating primes
Date: Tue, 29 Aug 2000 20:51:32 +0200
[EMAIL PROTECTED] wrote:
[snip]
You can test to see if a number is a genrerator by performing g^(p/q) !
= 1 for various 'q's that divide your testing prime 'p'.
[snip]
I suspect there is a printing error here. If one knows that
there is a q that divides p, then p is certainly not a prime,
isn't it? Or how should one properly interpret that phrase
above? Thanks.
M. K. Shen
--
From: Daniel Leonard [EMAIL PROTECTED]
Subject: Re: A little technical note about intepreters
Date: Tue, 29 Aug 2000 18:44:27 GMT
On Tue, 29 Aug 2000, Andrew Carol wrote:
In article
[EMAIL PROTECTED],
Daniel Leonard [EMAIL PROTECTED] wrote:
=20
What I told in CS course as TA was that you should put comments as if y=
ou
would put footpage notes in an article or a book. That are comments in =
the
code, not function header comments. More often than not, the code speak=
s
for itself.
=20
Code is telling the computer exactly WHAT to do.
Comments tells other programmers WHY you did it that way.
=20
They might also explain assumptions about external state which MUST be
true for the code, as written, to work.
=20
There is a huge difference.
=20
Anybody who has put significant code away for a year or two and tried
to pick it back up. Or taken over someone elses code knows what I'm
talking about.
=20
If code is written very cleanly, without clever optimisations, the code
might speak for itself.
=20
The instant you do something "clever", like take advantage of some
trick of twos complement math, or a sneaky xor trick, or rely on a
subtle side-effect of another routine you've got problems. Even things
like assuming you can access unaligned integers is probably worth a
comment.
=20
Oh well.
=20
Well, if you do something clever, as you say, then it worths a footpage
note, doesn't iy ?
==
Daniel L=E9onard
OGMP Informatics DivisionE-Mail: [EMAIL PROTECTED]
D=E9partement de Biochimie Tel : (514) 343-6111 ext 5149
Universit=E9 de Montr=E9al Fax : (514) 343-2210
Montr=E9al, Quebec Office: Pavillon Principal G-312
Canada H3C 3J7 WWW :
--
From: "Duran Castore" [EMAIL PROTECTED]
Subject: Re: [Q] Do you know a good german
Cryptography-Digest Digest #567
Cryptography-Digest Digest #567, Volume #12 Tue, 29 Aug 00 18:13:01 EDT
Contents:
Re: NEWBIE!!! Zodiac killer's encryption... (John C. King)
Blowfish IC? ("Richard Sloan")
Re: On pseudo-random permutation (David A. Wagner)
4096 BIT RSA Key (No User)
Re: A little technical note about intepreters (Andrew Carol)
Re: 4096 BIT RSA Key (Tom McCune)
Re: I need ADK tampered key that PGP will not detect ADK, on it ... ("David E. Ross")
Re: Idea for creating primes (Mok-Kong Shen)
Re: Test on pseudorandom number generator. ("Niels J=?ISO-8859-1?B?+A==?=rgen Kruse")
Re: [Q] Do you know a good german newsserver for sci.crypt ? ("Jeffrey Walton")
Re: R: Test on pseudorandom number generator. (Mok-Kong Shen)
Re: A little technical note about intepreters (Mok-Kong Shen)
Re: PRNG Test Theory (Tim Tyler)
Re: PGP ADK Bug: What we expect from N.A.I. (David Hopwood)
Re: Patent, Patent is a nightmare, all software patent shuld not be allowed ("Paul
Pires")
Re: Patent, Patent is a nightmare, all software patent shuld not be allowed (Terry
Ritter)
Re: "Warn when encrypting to keys with an ADK" (Björn Persson)
Re: Serious PGP v5 v6 bug! (Björn Persson)
Re: "Warn when encrypting to keys with an ADK" (Björn Persson)
Re: Number theory book ("Dann Corbit")
From: John C. King [EMAIL PROTECTED]
Subject: Re: NEWBIE!!! Zodiac killer's encryption...
Date: Tue, 29 Aug 2000 20:21:13 GMT
In article 8oeiu3$3bk$[EMAIL PROTECTED],
John C. King [EMAIL PROTECTED] wrote:
If anyone knows of any other "solutions" I would like to know. I
know of one other book (seems to be self published). It too
provides a "solution" which is a result of what Kahn calls
"hypercryptanalysis". I'll try to find it and post the book.
The book is "Times 17: The Amazing Story of the Zodiac Murders in
California and Massachusetts, 1966-1981" by Gareth Penn. It's listed
as out-of-print on Amazon.com but isn't worth trying to get unless you
want to see some really goofy cryptanalysis.
Sent via Deja.com http://www.deja.com/
Before you buy.
--
From: "Richard Sloan" [EMAIL PROTECTED]
Subject: Blowfish IC?
Date: Tue, 29 Aug 2000 20:31:14 GMT
Has anyone seen a manufacturer for a Blowfish IC?
Richard.
--
From: [EMAIL PROTECTED] (David A. Wagner)
Crossposted-To: comp.programming
Subject: Re: On pseudo-random permutation
Date: 29 Aug 2000 13:45:01 -0700
David A. Wagner [EMAIL PROTECTED] wrote:
The latter can be done by treating the random bits as the binary expansion
of a random real number R in the interval [0,1). A simple strategy is to
say that we output the integer i (where 1 = i = n!) if (i-1)/n! = R i/n!.
Note that we don't need all the binary digits of R to determine which bucket
R falls into; it suffices to know a finite prefix of the binary expansion of
R, since (i-1)/n! and i/n! must differ at some bit position of finite index.
(Or did I make some stupid mistake?)
Uhhh... As others have pointed, that doesn't always terminate in finite time.
(Oops.) I apologize for the error, and widthdraw the proposed algorithm.
--
Date: Tue, 29 Aug 2000 15:06:39 -0500
From: No User [EMAIL PROTECTED]
Subject: 4096 BIT RSA Key
How can I make a 4096 bit RSA Key for use in PGP 6.5.8? I tried generating one
using the Cybernights Templar 2.6.3 version. But when I import the key into
6.5.8. It says the key is invalid.
---
This message did not originate from the Sender address above.
It was posted with the use of anonymizing software at
http://anon.xg.nu
---
--
From: Andrew Carol [EMAIL PROTECTED]
Subject: Re: A little technical note about intepreters
Date: Tue, 29 Aug 2000 14:07:55 -0700
In article
[EMAIL PROTECTED],
Daniel Leonard [EMAIL PROTECTED] wrote:
Well, if you do something clever, as you say, then it worths a footpage
note, doesn't iy ?
You are comparing apples and oranges.
Foot notes, while often on a minor or side point, are PART of the
discourse itself. Comments are ABOUT the item.
For example; A "Commentary of the Bible" would contain the text of the
bible, but in addition has an independant content which points out
things of interest, clarifies difficult points, sets out interesting
notes from the translation, etc. It can be as long as the thing it
comments on.
Footnotes are meant for minor asides which are part of the main theme
of the work.
Programs are detailed instructions to an unthinking machine. Comments
provide a much richer context suitable for humans and meant to provide
a background for a maintainer or developer.
Having worked on projects with MILLIONS of lines of code, I can assure
you that detailed comments in particularly tricky bits of code are a
wonderful treasure. I have spent countless hours hand tracing some
code which made altogether too many access to global state,
Cryptography-Digest Digest #568
Cryptography-Digest Digest #568, Volume #12 Tue, 29 Aug 00 21:13:00 EDT
Contents:
Re: Idea for creating primes ([EMAIL PROTECTED])
Re: 4096 BIT RSA Key ([EMAIL PROTECTED])
Re: RSA n-bit key...is p and q n or is the mod n? (Gregory G Rose)
Re: Idea for creating primes ("Big Boy Barry")
Re: R: R: R: Test on pseudorandom number generator. ("Douglas A. Gwyn")
Re: 320-bit Block Cipher (Gregory G Rose)
Secure Deletion of Data ("Jeffrey Walton")
Re: Serious PGP v5 v6 bug! (Björn Persson)
Re: A little technical note about intepreters ("Douglas A. Gwyn")
Re: Idea for creating primes ([EMAIL PROTECTED])
Re: A little technical note about intepreters (Andrew Carol)
Re: e-cash protocol concept, comments wanted (Julian Morrison)
Re: e-cash protocol concept, comments wanted (Julian Morrison)
Re: Serious PGP v5 v6 bug! (Shawn Willden)
Re: Optimal length of the sieve before a Miller-Rabin test (Bryan Olson)
Re: 4096 BIT RSA Key (No User)
Schneier's RC 2-Cracking Screen Saver (Champerty)
Re: 4096 BIT RSA Key ([EMAIL PROTECTED])
Re: 4096 BIT RSA Key (Steve)
Re: R: R: R: Test on pseudorandom number generator. (Terry Ritter)
From: [EMAIL PROTECTED]
Subject: Re: Idea for creating primes
Date: Tue, 29 Aug 2000 21:59:25 GMT
In article [EMAIL PROTECTED],
Mok-Kong Shen [EMAIL PROTECTED] wrote:
[EMAIL PROTECTED] wrote:
Mok-Kong Shen [EMAIL PROTECTED] wrote:
[EMAIL PROTECTED] wrote:
[snip]
You can test to see if a number is a genrerator by performing g^
(p/q) !
= 1 for various 'q's that divide your testing prime 'p'.
[snip]
I suspect there is a printing error here. If one knows that
there is a q that divides p, then p is certainly not a prime,
isn't it? Or how should one properly interpret that phrase
above? Thanks.
Simple typo.
You have your list of smaller primes N1, N2, N3 ...
then you have the value p' = 2*N1*N2*N3*N4*...
Then you have the value p = p' + 1
Sorry for the confusion. You are looking for a value q that divides
the value p'
Questions:
(1) Your g is such that (g,p)=1 and g^p' = 1 and g^s != 1
for all s equal to p' divided by one of its factors?
Is that right?
Yea, you want to make sure that g doesn't belong to a sub-group.
(2) How much do the tests g^s != 1 help in practice (in
comparison to omitting these but retaining the other
conditions) for the purpose of finding primes?
Once you find one g that doesn't belong to any subgroups you know that
p is prime.
(3) Could some of the factors of p' be equal or must they
be distinct? (In the latter case why?)
They need only be known, and they must be prime for this to be provably
exact.
(4) What is the rationale of having the N's of the same
magnitude (the same number of bits)?
It makes finding real primes easier. All theprime factors of p' must
in fact be provably prime for this whole scheme to work. It's easier
to find a whole bunch of provable primes if they are smaller.
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
--
From: [EMAIL PROTECTED]
Subject: Re: 4096 BIT RSA Key
Date: Tue, 29 Aug 2000 22:00:07 GMT
In article [EMAIL PROTECTED],
No User [EMAIL PROTECTED] wrote:
How can I make a 4096 bit RSA Key for use in PGP 6.5.8? I tried
generating one
using the Cybernights Templar 2.6.3 version. But when I import the
key into
6.5.8. It says the key is invalid.
Why on earth are you making RSA keys that big?
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
--
From: [EMAIL PROTECTED] (Gregory G Rose)
Subject: Re: RSA n-bit key...is p and q n or is the mod n?
Date: 29 Aug 2000 15:17:18 -0700
In article [EMAIL PROTECTED],
John Matzen jmatzen(at)origin(d0t)ea(d0t)com wrote:
When one speaks of a 512-bit RSA key, are p and q 512-bits, or is the
modulus 512-bits (meaning p and q are 256 bits)?
The size of the modulus is what is being referred
to.
Greg.
--
Greg Rose INTERNET: [EMAIL PROTECTED]
QUALCOMM AustraliaVOICE: +61-2-9181 4851 FAX: +61-2-9181 5470
Suite 410, Birkenhead Point http://people.qualcomm.com/ggr/
Drummoyne NSW 2047 B5 DF 66 95 89 68 1F C8 EF 29 FA 27 F2 2A 94 8F
--
From: "Big Boy Barry" [EMAIL PROTECTED]
Subject: Re: Idea for creating primes
Date: Tue, 29 Aug 2000 22:17:56 GMT
did you patent this?
[EMAIL PROTECTED] wrote in message news:8ogq3t$l9f$[EMAIL PROTECTED]...
Say you want to make an 'n' bit prime that is some multiple of 128 (I
chose this out of my head). What you do is make n/128 128-bit primes
as described below then multiply them all together (and multiply by
two) then add one. Next using all the known prime factors try to find
a primitive generator. If you can find one then you know for a fact
that the number
Cryptography-Digest Digest #569
Cryptography-Digest Digest #569, Volume #12 Wed, 30 Aug 00 01:13:00 EDT
Contents:
Re: Patent, Patent is a nightmare, all software patent shuld not be allowed (qun
ying)
Re: Serious PGP v5 v6 bug! ("Nathan Williams")
Re: The DeCSS ruling (Eric Smith)
Re: The DeCSS ruling (Roger Schlafly)
Re: Future computing power (David A Molnar)
Re: Future computing power (David A Molnar)
Re: Best way! (Eric Smith)
Re: Destruction of CDs (Eric Smith)
Re: PRNG Test Theory ("Trevor L. Jackson, III")
Re: The DeCSS ruling (David A. Wagner)
Re: "Warn when encrypting to keys with an ADK" (Philip Stromer)
Re: Patent, Patent is a nightmare, all software patent shuld not be allowed (John
Savard)
Re: Best way! (Edward A. Falk)
Re: 4096 BIT RSA Key ([EMAIL PROTECTED])
Re: Bytes, octets, chars, and characters (Brian Inglis)
From: qun ying [EMAIL PROTECTED]
Subject: Re: Patent, Patent is a nightmare, all software patent shuld not be allowed
Date: Wed, 30 Aug 2000 02:03:24 GMT
In article [EMAIL PROTECTED],
Mok-Kong Shen [EMAIL PROTECTED] wrote:
I wonder in the case in question how much is actually
'disclosed' in the text that one can read on the web page
cited. Are there more texts about that patent that one
can read? Or are these texts inaccessible to the public?
Since the patent apparently has the potential of attacking
at the very root of PK applications, if I don't err, we
should pay due attention to the issue, I suppose.
M. K. Shen
http://home.t-online.de/home/mok-kong.shen
The actual patent is not much more than you can see from the web, just
a few more diagrams. I get the impression that it is some kind of
hotmail services with PKI system. But I don't think that will qualify
for the patent. The company also selling products based on the patent.
the company's address:
http://www.tumbleweed.com/
Sent via Deja.com http://www.deja.com/
Before you buy.
--
From: "Nathan Williams" [EMAIL PROTECTED]
Crossposted-To: alt.security.pgp,comp.security.pgp.discuss
Subject: Re: Serious PGP v5 v6 bug!
Date: Wed, 30 Aug 2000 02:17:45 GMT
=BEGIN PGP SIGNED MESSAGE=
Hash: SHA1
No it doesn't. Reread my post Shawn. The "master" KEY is SPLIT!!!
No one person could decrypt and use the stored keys.
"Shawn Willden" [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]...
No, this solution is far worse than the ADK solution. This
solution gives someone else control of your private key, meaning
they can
impersonate you. This scenario allows a tie-dyed, sockless,
ponytailed, late-to-work-every-day geek who hasn't been fired yet
only because HR isn't sure they could find a replacement in this
unbelievably tight technical-labor market to impersonate the CEO;
not a good idea.
[Nothing against tie-dye, ponytails, Tevas or going to work late,
BTW; I fit that profile whenever possible.]
Really, there is no weakness created by an ADK in a proper
implementation. The only "badness" about ADKs in general is that
they create yet another opportunity for making mistakes. But then
*any* key escrow solution creates another opportunity for error.
IMO, ADKs are a reasonable solution, as long as they are properly
authenticated (part of the signed public key package).
Shawn.
=BEGIN PGP SIGNATURE=
Version: PGP 6.5.8
iQA/AwUBOaxugd8G10zX/RREEQJdJACferMr1c1UW2brQ0Sflf39Iyb2Bw8AoPRl
WNRGF+eeSyEbIE3nPLY4jdPO
=T15t
=END PGP SIGNATURE=
--
From: Eric Smith [EMAIL PROTECTED]
Subject: Re: The DeCSS ruling
Date: 29 Aug 2000 19:20:36 -0700
"Trevor L. Jackson, III" [EMAIL PROTECTED] writes:
Does a security system that publishes the cipher key count as copy
protection? Calling it copy protection does not make it copy protection.
US Code, Title 17, Chapter 12, Section 1201 (b)(2)(B) sets the legal
standard:
a technological measure `effectively protects a right
of a copyright owner under this title' if the measure, in the
ordinary course of its operation, prevents, restricts, or
otherwise limits the exercise of a right of a copyright owner
under this title.
--
From: Roger Schlafly [EMAIL PROTECTED]
Subject: Re: The DeCSS ruling
Date: Tue, 29 Aug 2000 19:27:32 -0700
Eric Smith wrote:
US Code, Title 17, Chapter 12, Section 1201 (b)(2)(B) sets the legal
standard:
a technological measure `effectively protects a right
of a copyright owner under this title' if the measure, in the
ordinary course of its operation, prevents, restricts, or
otherwise limits the exercise of a right of a copyright owner
under this title.
The word "effectively" is the interesting one. The whole purpose
is to give legal protection to broken schemes. The unbroken schemes
do not need protection.
