Cryptography-Digest Digest #661
Cryptography-Digest Digest #661, Volume #13 Thu, 8 Feb 01 23:13:00 EST
Contents:
Re: Encrypting Predictable Files [now on AONTs] (Splaat23)
Re: Disk Overwriting (Albert P. Belle Isle)
Re: Mod function (Darren New)
Re: Phillo's alg is faster than index calculus (Tom St Denis)
Re: Encrypting Predictable Files [completely about AONT, the file is completely
gone] ("Joseph Ashwood")
Re: relative key strength private vs public key (Bob Silverman)
Re: Phillo's alg is faster than index calculus (Bryan Olson)
Re: Encrypting Predictable Files (Bryan Olson)
Rijndael S-box derivation (mjconroy)
Re: crack my enkryption ("John A. Malley")
Re: CipherText patent still pending (Bryan Olson)
Re: Mod function (Darren New)
From: Splaat23 <[EMAIL PROTECTED]>
Subject: Re: Encrypting Predictable Files [now on AONTs]
Date: Fri, 09 Feb 2001 01:02:51 GMT
Definately right. Security _strictly_ through obscurity is bad - this
is what is generally meant when people say "security through
obscurity".
The trick is this: convincing people that your system is secure (aka
using secure elements) without compromising the knowledge of exactly
_which_ elements you are using. No real good solutions to this besides
having a private security analyst come in and, under NDA, check the
code/algorithm. But then everyone has to trust the verifier, and it
might prove to be cheaper to bribe the verifier for the cipher rather
than reverse-engineer.
Of course, the NSA has the best of all worlds: it can have secure
algorithms hidden through an extra layer of obscurity. They seem to
have handled the issue of public disclosure of classified info pretty
well. ;)
Unfortunately (or fortunately), we as cryptographers are paranoid, so
the only system that works for us is full disclosure, where we can
inspect the system ourselves and verify anything and everything.
- Andrew
In article <95u9jq$m7n$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> In article <[EMAIL PROTECTED]>,
> "Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote:
> > [EMAIL PROTECTED] wrote:
> > > leave signatures in the result output. What I mean by this
> > > is that if someone studies enough of your messages why let
> > > them know what method your using for encryption. ... But why
> > > add weknesses in when it is not necessiary.
> >
> > The counterargument is that security should not depend on
> > the enemy not knowing the method you're using anyway, so
> > if you have sufficient security anyway then the fact that
> > the enemy learns your method doesn't help him any.
> >
> > Simplistic example:
> > filep -> [scott19u] -> filec1
> > filep -> [scott19u] -> [prefix with "SCOTT19U:"] -> filec2
> > While filec2 is about 10 bytes longer than filec1, which
> > is a different kind of drawback, I don't think you want to
> > argue that it is *less secure* just because the enemy can
> > readily identify the method of encryption by examining the
> > ciphertext.
> >
>
>Why not even the NSA keeps its ciphers secret and it thinks
> they are secure. Why give any information you don't have to.
> Sure I think my cipher is strong but I think any cipher can be
> broken to a degree far easier than most people let on. Also
> why advertise to an enemy so that they can focus all there
> resources on the methdos you used. If anysthing leave a false
> trail so they think you used something else. Or use two or
> more methods in series. Unfortunately this can't be done with
> Public key crypto. But even in PGP alot more of the structure
> of the file or method used could be hidden in the public key part.
>
> Dave
> I anwsered this yesterday but it did not post for some reason
>
> Sent via Deja.com
> http://www.deja.com/
>
Sent via Deja.com
http://www.deja.com/
--
From: Albert P. Belle Isle <[EMAIL PROTECTED]>
Subject: Re: Disk Overwriting
Date: Thu, 08 Feb 2001 20:28:12 -0500
Reply-To: [EMAIL PROTECTED]
On 8 Feb 2001 15:07:49 GMT, [EMAIL PROTECTED] (Richard Herring) wrote:
>In article <[EMAIL PROTECTED]>, Albert P. Belle Isle
>([EMAIL PROTECTED]) wrote:
>> Since, once again, we have posters authoritatively claiming either
>
>> (1) "Disk data can be recovered from under any amount of overwriting,"
>> or
>> (2)"Just overwriting once with FF is sufficient to preclude recovery,"
>
>> both of which statements are true, but only in context, it seems
>> useful to once again post the following overview in an attempt to
>> provide such context:
>
>How about turning it into an official FAQ ?
I guess that's the right thing to do, but no one else seems to have
done so, and somehow I haven't yet found time, either.
A fair amount of the above summary was taken verbatim from
http://www.CerberusSystems.com/INFOSEC/threats.htm
by the lazy expedient of cut-and-paste.
That material is, however, page 3 of a presentation focused on data
remanence vulnerabilities leading to sid
Cryptography-Digest Digest #660
Cryptography-Digest Digest #660, Volume #13 Thu, 8 Feb 01 20:13:01 EST
Contents:
Re: NPC (Benjamin Goldberg)
Re: Mod function (Jerry Coffin)
Q: WEP (Mok-Kong Shen)
Re: Mod function (Mok-Kong Shen)
Re: relative key strength private vs public key (Roger Schlafly)
Re: Enigma replicas ? (digiboy | marcus)
Re: File encryption with Rijndael (John Myre)
Re: relative key strength private vs public key (Steve Portly)
Re: ECDSA certs (=?ISO-8859-1?Q?Tom=E1s?= Perlines Hormann)
Re: MIKE - alternative to SPEKE and PAK ("Michael Scott")
Re: Encrypting Predictable Files [now on AONTs] ("parag")
Re: Phillo's alg is faster than index calculus ([EMAIL PROTECTED])
Re: Disk Overwriting (Kat Hopwood)
Re: Mod function (Jerry Coffin)
Re: Encrypting Predictable Files [now on AONTs] ("Joseph Ashwood")
From: Benjamin Goldberg <[EMAIL PROTECTED]>
Subject: Re: NPC
Date: Thu, 08 Feb 2001 21:15:40 GMT
Peter Shugalev wrote:
>
> I think someone tried to prove that either discrete log or factoring
> problem is NPC (not just NP). I'd like to see some results of these
> attempts.
>
> And if they are *not* NPC. Do you know any attempt to create a public
> key algorithm based on the problem that is known to be NPC?
Assuming that P!=NP, then any NP complete problem takes exponential time
in worst case. All known algorithms for doing factoring and DL take
more than polynomial time, but less than exponential time. I believe
(but am not certain) that they belong in a class (or maybe two seperate
classes) of superpolynomial hard problems, seperate from NP complete
problems.
The knapsack problem is NP complete, but the most of the PKE systems
which use it are broken due to lattice attacks (their method of
transforming a hard problem into a PKE system is flawed). The only
knapsack-like system which isn't broken by lattice attack is NTRU.
I don't know of any other NPC problems which are used as ciphers. Maybe
someone else does?
--
A solution in hand is worth two in the book.
Who cares about birds and bushes?
--
From: Jerry Coffin <[EMAIL PROTECTED]>
Subject: Re: Mod function
Date: Thu, 8 Feb 2001 14:17:38 -0700
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
says...
[ ... ]
> Logic doesn't get in the way of greed. You would think that
> it would similarly be impossible for anyone to patent the
> use of XOR to draw and erase a cursor in a bitmap, but
> exactly that did occur and was the source of litigation.
Like most people who mention this patent, you're _grossly_ mis-
characterizing it -- in fact, what you mention is specifically cited
in the patent as prior art. Yes, there was litigation. Yes, the
patent was upheld, and yes, that's because the patent covers things
you haven't mentioned, and nobody (before, during or since the trial)
has come up with even the slightest reason to believe that anybody
had actually come up with the patented technique before the patent
holders did. Above and beyond that, everybody I've ever met who has
actually done their homework and read the patent almost immediately
says something like "Geeze -- now that really IS cool; why didn't I
think of that?"
--
Later,
Jerry.
The Universe is a figment of its own imagination.
--
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Q: WEP
Date: Thu, 08 Feb 2001 22:45:00 +0100
Could some knowledgeable person give a bit useful
information about the WEP (Wired Equivalent Privacy)
algorithm that is used in WLANs? I haven't heard of
it before but read today in a newspaper article that certain
security problems were found in it by scientists in
Berkeley. Thanks in advance.
M. K. Shen
--
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: Mod function
Date: Thu, 08 Feb 2001 22:52:07 +0100
Jerry Coffin wrote:
>
> [EMAIL PROTECTED] wrote:
> > Logic doesn't get in the way of greed. You would think that
> > it would similarly be impossible for anyone to patent the
> > use of XOR to draw and erase a cursor in a bitmap, but
> > exactly that did occur and was the source of litigation.
>
> Like most people who mention this patent, you're _grossly_ mis-
> characterizing it -- in fact, what you mention is specifically cited
[snip]
Is that patent available online? Could someone give the
URL? Thanks.
M. K. Shen
--
From: Roger Schlafly <[EMAIL PROTECTED]>
Subject: Re: relative key strength private vs public key
Date: Thu, 08 Feb 2001 13:56:37 -0800
DJohn37050 wrote:
> NIST has agreed that the minimum DSA key size is 1024 bits. This will be made
> explicit in the update to DSA (aka DSA-2) that will allow use of longer hash
> output sizes (SHA-2).
You mean NIST intends to agree to that. AFAIK, 512-bit DSA keys
still conform to the FIPS.
--
From: digiboy | marcus <[EMAIL PROTECTED]
Cryptography-Digest Digest #659
Cryptography-Digest Digest #659, Volume #13 Thu, 8 Feb 01 16:13:00 EST
Contents:
Re: ECDSA certs (=?ISO-8859-1?Q?Tom=E1s?= Perlines Hormann)
Re: relative key strength private vs public key (DJohn37050)
Re: DSA PRG Flaw (DJohn37050)
Re: crack my enkryption (Daniel)
Re: Distributed entropy distribution ([EMAIL PROTECTED])
Re: File encryption with Rijndael (John Myre)
Re: crack my enkryption (Thomas Holenstein)
Re: DSA PRG Flaw (Bryan Olson)
Re: relative key strength private vs public key (DJohn37050)
Re: ECDSA certs (DJohn37050)
Re: Distributed entropy distribution (Tom St Denis)
Re: ECDSA certs (Roger Schlafly)
Re: relative key strength private vs public key (Roger Schlafly)
Re: ECDSA certs (Roger Schlafly)
Re: File encryption with Rijndael (Jirka Klaue)
Re: ECDSA certs (Peter Gutmann)
Re: File encryption with Rijndael (Benjamin Goldberg)
Re: ith bit of an LFSR sequence? ("Paul Pires")
Re: Encrypting Predictable Files [now on AONTs] (wtshaw)
Re: relative key strength private vs public key (DJohn37050)
From: =?ISO-8859-1?Q?Tom=E1s?= Perlines Hormann <[EMAIL PROTECTED]>
Subject: Re: ECDSA certs
Date: Thu, 08 Feb 2001 19:13:48 +0100
I don't think they are going to be used in near future. I have recently
tried to gather some info about the standard (X9.68) and merely found a
draft dated september 99. Until now nobody has been able to show me a
more recent draft, or even the final standard.
If I am mistaken, I please ask you to correct me and tell me where I can
find X9.68 standard document. I need it for my research studies.
FYI: X9.68 is supposed to serve as the spec for certificates including
ECDSA public keys (X9.62).
Maybe X.509, SPKI or other certificate formats may be used for it, but I
doubt it, as public-key-algo and signature-algo need to be included in
the respective specs and standards. Is this already done? I only know it
for sure on WTLS certs (WAP).
Nigel Smart wrote:
> Roger Schlafly wrote:
>
>> Is there anyone who is actually using ECDSA certificates?
>> People talk about using ECDSA, but I couldn't find any
>> actual certificates on the net. Can anyone point me to
>> some X9.62 ECDSA certificates?
>
>
> Agreed, if anyone knows a place one can obtain such certs
> plus a plug in for netscrape to use the certs to sign email
> I would also be interested.
>
> Assuming the certs/plugin can be cheaply and easily installed
> I will start signing my emails using ECDSA from tommorrow.
>
> Yours
>
> Nigel
--
--
Quick answering: mailto:[EMAIL PROTECTED]
Check it out: http://www.weh.rwth-aachen.de/~tomas
Do it Now!
:o) Tomás Perlines (o:
--
From: [EMAIL PROTECTED] (DJohn37050)
Date: 08 Feb 2001 18:23:39 GMT
Subject: Re: relative key strength private vs public key
I do not use AES 256 bit keys. I meet ANSI X9 requirements, Triple-DES (soon to
be replaced with AES) 1024-bit RSA/DSA keys and 161-bit ECDSA keys. I do not
have lots of risk or lots of assets associated with my transactions. But that
is not the point, someone else or a biz MIGHT.
Don Johnson
--
From: [EMAIL PROTECTED] (DJohn37050)
Date: 08 Feb 2001 18:24:53 GMT
Subject: Re: DSA PRG Flaw
DSA RNG is biased as spec'ed with about a 2:1 bias favoring lower numbers.
This can be exploited when used to generate the k per-message secret (key).
Don Johnson
--
From: [EMAIL PROTECTED] (Daniel)
Subject: Re: crack my enkryption
Date: Thu, 08 Feb 2001 18:27:30 GMT
On Wed, 07 Feb 2001 23:32:33 -0800, "John A. Malley"
<[EMAIL PROTECTED]> wrote:
>Such enthusiasm for cryptography! That's good.
>
>
>Mr. Ritter's site at http://www.io.com/~ritter/
>
>Mr. Savard's site at http://home.ecn.ab.ca/~jsavard/crypto.htm
>
>Mr. Peschel's site at http://members.aol.com/jpeschel/index.htm
>
>and to on-line crypto courses like (this for Classical Cryptography)
>
>http://www.fortunecity.com/skyscraper/coding/379/lesson1.htm
>
>They can point you to beginner, intermediate and advanced books and
>journal articles on the subjects of cryptography and cryptanalysis
>(which together make cryptology). They can answer questions on some of
>the most arcane corners of mathematics relating to cryptography and
>cryptanalysis.
>
>They will expect you to put in the time reading and studying the subject
>on your own. They are always willing to help answer questions as you
>make your way through the subject - but it's a journey you make with
>their assisting guidance - no one carries any bags for you, so to speak.
>
>And don't forget the group FAQ - Well worth the reading! The most
>common questions on crypto are answered therein. Including the question
>you posed on cracking an unknown cipher system's output. :-)
>
>Hope this helps,
>
>John A. Malley
>[EMAIL PROTECTED]
John,
I'd like to thank you as well as th
Cryptography-Digest Digest #658
Cryptography-Digest Digest #658, Volume #13 Thu, 8 Feb 01 13:13:00 EST
Contents:
Re: crack my enkryption ("Paul Pires")
Re: Enigma replicas ? (Jerry Coffin)
Re: PGP 2.6.3ia-cb (now supports CAST5 and BLOWFISH) (jungle)
Re: Low-tech homemade crypto keycards ("Paul Pires")
DSA PRG Flaw ("Pedro Félix")
Re: Distributed entropy distribution ([EMAIL PROTECTED])
Re: Distributed entropy distribution (Tom St Denis)
Re: relative key strength private vs public key (Tom St Denis)
Re: DSA PRG Flaw (Roger Schlafly)
From: "Paul Pires" <[EMAIL PROTECTED]>
Subject: Re: crack my enkryption
Date: Thu, 8 Feb 2001 09:10:14 -0800
That was a first class response. A demonstration that
consideration and comunication can be powerful tools.
Nice to see.
Paul
John A. Malley <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
>
> neXussT wrote:
> >
> > hi,
> > i'm writting an enkryption program, and would like someone to crack
> > the enkryption. Or, if i could get my hands on a program that does it
> > for me, that would be great too.
> >
> > Here is the Plaintext:"This is an encrypted file."
> > Here is the Cyphertext:"1.262497®ÐB½9C³SÅ<G¶I²3´6ÁFD½>Á|"
> > (without quotes)
> >
> > please email me at [EMAIL PROTECTED] with questions or comments...or
> > if you crack it :)
> >
>
> Such enthusiasm for cryptography! That's good.
>
> Finding a ready-made program free and on-line to crack the encryption is
> a tall order.
> There are tools to aid cryptanalysis. There are ways, techniques and
> methods to work the problem.
> In fact there are different kinds of cryptanalytic problems to work
> (different attacks like the known-plaintext attack,
> the ciphertext-only attack, the chosen-plaintext attack, etc.)
>
> But you won't find a ready-made universal cracker for all ciphers :-(
>
> Here you will find people who can teach you more in the science/art of
> making and breaking ciphers. :-)
>
> They can point you to web sites on crypto, like (just scratching the
> surface here)
>
> Mr. Ritter's site at http://www.io.com/~ritter/
>
> Mr. Savard's site at http://home.ecn.ab.ca/~jsavard/crypto.htm
>
> Mr. Peschel's site at http://members.aol.com/jpeschel/index.htm
>
> and to on-line crypto courses like (this for Classical Cryptography)
>
> http://www.fortunecity.com/skyscraper/coding/379/lesson1.htm
>
> They can point you to beginner, intermediate and advanced books and
> journal articles on the subjects of cryptography and cryptanalysis
> (which together make cryptology). They can answer questions on some of
> the most arcane corners of mathematics relating to cryptography and
> cryptanalysis.
>
> They will expect you to put in the time reading and studying the subject
> on your own. They are always willing to help answer questions as you
> make your way through the subject - but it's a journey you make with
> their assisting guidance - no one carries any bags for you, so to speak.
>
> And don't forget the group FAQ - Well worth the reading! The most
> common questions on crypto are answered therein. Including the question
> you posed on cracking an unknown cipher system's output. :-)
>
> Hope this helps,
>
> John A. Malley
> [EMAIL PROTECTED]
== Posted via Newsfeeds.Com, Uncensored Usenet News ==
http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
=== Over 80,000 Newsgroups = 16 Different Servers! ==
--
From: Jerry Coffin <[EMAIL PROTECTED]>
Subject: Re: Enigma replicas ?
Date: Thu, 8 Feb 2001 10:13:59 -0700
In article <95u366$gmg$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] says...
> Hi all,
> I was wondering if any company ever produced Enigma replicas (for us, crypto
> enthousiasts, and not intended to be used for secure communication, for sure
> ;=) ) . I am quite sure the company would sell many of them ;=)
> [By the way, is the Enigma in public domain, or does family of A. Schoerbius
> (spelling ?) still owns the patent ???]
There doesn't seem to be much chance of a patent problem. First of
all, it seems unlikely that a patent would have been applied for
anywhere outside of Germany, so outside of Germany it never would
have been protected. Second, I believe Germany's patent system has
always expired patents some period of time after application, which
means that the patent would long since have expired in any case.
OTOH, I'm not aware of anybody who's built replicas -- the closest
I've seen have been computer-based simulations.
--
Later,
Jerry.
The Universe is a figment of its own imagination.
--
Date: 8 Feb 2001 17:18:13 -
From: jungle
Subject: Re: PGP 2.6.3ia-cb (now supports CAST5 and BLOWFISH)
Crossposted-To: alt.security.pgp,comp.security.pgp.discuss
=BEGIN PGP SIGNED MESSAGE=
08 Feb 2001 in <[EMAIL PROTECTED]>
[EMAIL PROTECTED] wrote:
> jungle wrote:
> > > I just added another ci
Cryptography-Digest Digest #657
Cryptography-Digest Digest #657, Volume #13 Thu, 8 Feb 01 12:13:01 EST
Contents:
Re: unpredicable random number generator ? (Mok-Kong Shen)
Re: Encrypting Predictable Files [now on AONTs] ([EMAIL PROTECTED])
Re: PGP 2.6.3ia-cb (now supports CAST5 and BLOWFISH) ([EMAIL PROTECTED])
Re: Bleichenbacher finds bug in DSA RNG (DJohn37050)
Re: relative key strength private vs public key (DJohn37050)
Re: unpredicable random number generator ? (Eric's Login)
Re: Disk Overwriting (Richard Herring)
Re: Disk Overwriting (Richard Herring)
Re: unpredicable random number generator ? ("John A. Malley")
Distributed entropy distribution (Richard Heathfield)
Re: relative key strength private vs public key (Tom St Denis)
Re: File encryption with Rijndael (Jirka Klaue)
Re: Pseudo Random Number Generator (Benjamin Goldberg)
Re: relative key strength private vs public key (DJohn37050)
Re: Distributed entropy distribution (Tom St Denis)
Re: Phillipine math guy claims to have fast RSA Factoring... (Jerry Coffin)
Re: relative key strength private vs public key (Benjamin Goldberg)
Re: Distributed entropy distribution ("Paul Pires")
From: Mok-Kong Shen <[EMAIL PROTECTED]>
Subject: Re: unpredicable random number generator ?
Date: Thu, 08 Feb 2001 15:15:26 +0100
Amaury Jacquot wrote:
>
> the only known ones are based on counting radio-actives beep on a geiger
> counter.
Presumably you wouldn't also be able to predict my sequences
obtained from casting of dice.
M. K. Shen
--
From: [EMAIL PROTECTED]
Subject: Re: Encrypting Predictable Files [now on AONTs]
Date: Thu, 08 Feb 2001 14:14:25 GMT
In article <[EMAIL PROTECTED]>,
"Douglas A. Gwyn" <[EMAIL PROTECTED]> wrote:
> [EMAIL PROTECTED] wrote:
> > leave signatures in the result output. What I mean by this
> > is that if someone studies enough of your messages why let
> > them know what method your using for encryption. ... But why
> > add weknesses in when it is not necessiary.
>
> The counterargument is that security should not depend on
> the enemy not knowing the method you're using anyway, so
> if you have sufficient security anyway then the fact that
> the enemy learns your method doesn't help him any.
>
> Simplistic example:
> filep -> [scott19u] -> filec1
> filep -> [scott19u] -> [prefix with "SCOTT19U:"] -> filec2
> While filec2 is about 10 bytes longer than filec1, which
> is a different kind of drawback, I don't think you want to
> argue that it is *less secure* just because the enemy can
> readily identify the method of encryption by examining the
> ciphertext.
>
Why not even the NSA keeps its ciphers secret and it thinks
they are secure. Why give any information you don't have to.
Sure I think my cipher is strong but I think any cipher can be
broken to a degree far easier than most people let on. Also
why advertise to an enemy so that they can focus all there
resources on the methdos you used. If anysthing leave a false
trail so they think you used something else. Or use two or
more methods in series. Unfortunately this can't be done with
Public key crypto. But even in PGP alot more of the structure
of the file or method used could be hidden in the public key part.
Dave
I anwsered this yesterday but it did not post for some reason
Sent via Deja.com
http://www.deja.com/
--
From: [EMAIL PROTECTED]
Crossposted-To: alt.security.pgp,comp.security.pgp.discuss
Subject: Re: PGP 2.6.3ia-cb (now supports CAST5 and BLOWFISH)
Date: Thu, 08 Feb 2001 16:32:49 +0200
jungle wrote:
> > I just added another cipher to PGP 2.6.3ia - Blowfish
> > why? because it was easy :)
>
> and you are calling it PGP ?
> it is not PGP any more ...
then PGP5, 6, 7 is not PGP too ! or is it ? ;-)
== ==
Disastry http://i.am/disastry/
http://disastry.dhs.org/pgp <--PGP plugins for Netscape and MDaemon
^--^GPG for Win32 (supports loadable modules & IDEA)
^PGP 2.6.3ia-cb (supports CAST5 and BLOWFISH)
remove .NOSPAM.NET for email reply
--
From: [EMAIL PROTECTED] (DJohn37050)
Date: 08 Feb 2001 14:50:31 GMT
Subject: Re: Bleichenbacher finds bug in DSA RNG
Bleichenbacher's attack exploits a 2:1 skew (towards low values) of the per
message secret (key) k in DSA, as given by the DSA spec.
Don Johnson
--
From: [EMAIL PROTECTED] (DJohn37050)
Date: 08 Feb 2001 14:57:29 GMT
Subject: Re: relative key strength private vs public key
Just for the record, for 256 bit AES keys, I have heard ideas that RSA keys
should be 20,000 bits or even more. I prefer to call the numbers I use NIST
numbers, as that is where they came from. It is EXACTLY because I MAY be
identified as anti-RSA (which I am NOT, but that is another matter) that I
defer to NIST and their numbers. Similarly, others may be identified with
other in
Cryptography-Digest Digest #656
Cryptography-Digest Digest #656, Volume #13 Thu, 8 Feb 01 09:13:00 EST
Contents:
Re: crack my enkryption ("John A. Malley")
Re: crack my enkryption (neXussT)
Re: Phillipine math guy claims to have fast RSA Factoring... (Bill Unruh)
Re: ECDSA certs (Nigel Smart)
Re: Phillo's alg is faster than index calculus (Mok-Kong Shen)
Re: OverWrite freeware completely removes unwanted files from hard drive
("Midnight's Own Fire")
unpredicable random number generator ? (yomgui)
Re: Pseudo Random Number Generator (Benjamin Goldberg)
Re: ith bit of an LFSR sequence? (Benjamin Goldberg)
NPC ("Peter Shugalev")
Re: Pseudo Random Number Generator (Mok-Kong Shen)
Re: unpredicable random number generator ? (Mok-Kong Shen)
Re: break RSA? ("Mark Rabin")
Enigma replicas ? ("*")
Re: Enigma replicas ? (John Savard)
Re: Affordable High-Quality Patents ("Amaury Jacquot")
Re: Low-tech homemade crypto keycards ("Amaury Jacquot")
Re: File encryption with Rijndael ("Amaury Jacquot")
Re: Discrete log problem. (Bob Silverman)
Re: unpredicable random number generator ? ("Amaury Jacquot")
Re: unpredicable random number generator ? (yomgui)
From: "John A. Malley" <[EMAIL PROTECTED]>
Subject: Re: crack my enkryption
Date: Wed, 07 Feb 2001 23:32:33 -0800
neXussT wrote:
>
> hi,
> i'm writting an enkryption program, and would like someone to crack
> the enkryption. Or, if i could get my hands on a program that does it
> for me, that would be great too.
>
> Here is the Plaintext:"This is an encrypted file."
> Here is the Cyphertext:"1.262497®ÐB½9C³Å<G¶I²3´6ÁFD½>Á|"
> (without quotes)
>
> please email me at [EMAIL PROTECTED] with questions or comments...or
> if you crack it :)
>
Such enthusiasm for cryptography! That's good.
Finding a ready-made program free and on-line to crack the encryption is
a tall order.
There are tools to aid cryptanalysis. There are ways, techniques and
methods to work the problem.
In fact there are different kinds of cryptanalytic problems to work
(different attacks like the known-plaintext attack,
the ciphertext-only attack, the chosen-plaintext attack, etc.)
But you won't find a ready-made universal cracker for all ciphers :-(
Here you will find people who can teach you more in the science/art of
making and breaking ciphers. :-)
They can point you to web sites on crypto, like (just scratching the
surface here)
Mr. Ritter's site at http://www.io.com/~ritter/
Mr. Savard's site at http://home.ecn.ab.ca/~jsavard/crypto.htm
Mr. Peschel's site at http://members.aol.com/jpeschel/index.htm
and to on-line crypto courses like (this for Classical Cryptography)
http://www.fortunecity.com/skyscraper/coding/379/lesson1.htm
They can point you to beginner, intermediate and advanced books and
journal articles on the subjects of cryptography and cryptanalysis
(which together make cryptology). They can answer questions on some of
the most arcane corners of mathematics relating to cryptography and
cryptanalysis.
They will expect you to put in the time reading and studying the subject
on your own. They are always willing to help answer questions as you
make your way through the subject - but it's a journey you make with
their assisting guidance - no one carries any bags for you, so to speak.
And don't forget the group FAQ - Well worth the reading! The most
common questions on crypto are answered therein. Including the question
you posed on cracking an unknown cipher system's output. :-)
Hope this helps,
John A. Malley
[EMAIL PROTECTED]
--
From: [EMAIL PROTECTED] (neXussT)
Subject: Re: crack my enkryption
Date: Thu, 08 Feb 2001 08:01:44 GMT
thx fer replying John, i really appreciate the links you gave me and
i'll make sure i read all the material i can get :)
neXussT
On Wed, 07 Feb 2001 23:32:33 -0800, "John A. Malley"
<[EMAIL PROTECTED]> wrote:
>Such enthusiasm for cryptography! That's good.
>
>Finding a ready-made program free and on-line to crack the encryption is
>a tall order.
>There are tools to aid cryptanalysis. There are ways, techniques and
>methods to work the problem.
>In fact there are different kinds of cryptanalytic problems to work
>(different attacks like the known-plaintext attack,
>the ciphertext-only attack, the chosen-plaintext attack, etc.)
>
>But you won't find a ready-made universal cracker for all ciphers :-(
>
>Here you will find people who can teach you more in the science/art of
>making and breaking ciphers. :-)
>
>They can point you to web sites on crypto, like (just scratching the
>surface here)
>
>Mr. Ritter's site at http://www.io.com/~ritter/
>
>Mr. Savard's site at http://home.ecn.ab.ca/~jsavard/crypto.htm
>
>Mr. Peschel's site at http://members.aol.com/jpeschel/index.htm
>
>and to on-line crypto courses like (this for Classical Cryptography)
>
>http://www.fortunecity.com/skyscraper/coding/379/lesson1.htm
>
>
