Cryptography-Digest Digest #860
Cryptography-Digest Digest #860, Volume #13 Sun, 11 Mar 01 09:13:01 EST
Contents:
Re: OverWrite: best wipe software? (those who know me have no need of my name)
Re: Really simple stream cipher ("Henrick Hellström")
Re: PKI and Non-repudiation practicalities (those who know me have no need of my
name)
Re: The Foolish Dozen or so in This News Group (those who know me have no need of my
name)
Re: The Foolish Dozen or so in This News Group (those who know me have no need of my
name)
Re: Applications of crypto techniques to non-crypto uses (those who know me have no
need of my name)
Re: Encryption software (Bram Labarque)
FIPS 140-2 PRG ("Yoad Lustig")
Re: = FBI easily cracks encryption ...? ("Mxsmanic")
Re: = FBI easily cracks encryption ...? ("Mxsmanic")
Re: = FBI easily cracks encryption ...? ("Mxsmanic")
Re: = FBI easily cracks encryption ...? ("Mxsmanic")
Re: Applications of crypto techniques to non-crypto uses (Mok-Kong Shen)
Re: Super strong crypto (Mok-Kong Shen)
Re: Text of Applied Cryptography .. do not feed the trolls ("Tom St Denis")
Re: = FBI easily cracks encryption ...? ("Tom St Denis")
Re: OverWrite: best wipe software?
Re: Encryption software ("Henrick Hellström")
Dumb inquiry
Re: Question ("Dragon")
From: [EMAIL PROTECTED] (those who know me have no need of my name)
Crossposted-To: alt.hacker
Subject: Re: OverWrite: best wipe software?
Date: Sun, 11 Mar 2001 09:54:24 -
wtCq6.10367$[EMAIL PROTECTED] divulged:
"Anthony Stephen Szopa" [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]...
I think I have made Ciphile Software's OverWrite Security Utility
Version 1.2 perhaps the best wipe utility available for Windows.
Why do you think that?
i suppose we shouldn't be too hard on anthony. he doesn't know better,
and at times he does appear to learn. the really annoying "wipe" program
is the one that comes with nai's pgp products -- they make the same
ludicrous claims, and likewise barely mention the constraints.
--
okay, have a sig then
--
From: "Henrick Hellström" [EMAIL PROTECTED]
Subject: Re: Really simple stream cipher
Date: Sun, 11 Mar 2001 11:03:45 +0100
"Thomas Wu" [EMAIL PROTECTED] skrev i meddelandet
news:[EMAIL PROTECTED]...
But code in application layers is often written without the assumption
that the format check has security implications. Imagine an FTP daemon
that rejects an unknown command by including the offending command name
in the response; "FOO" results in "FOO: unknown command". Under these
circumstances, it seems possible that an attacker could exploit this
behavior under your model to get chosen ciphertext pairs and use it
to leverage attacks that would not be possible with explicit MACs.
A user-friendly feature at the application level suddenly turns into
a security weakness when these abstraction barriers aren't respected.
I came to think of some other things:
1. No matter how the encryption is arranged, the attacker will always have
partial knowledge of the plain text: All commands are four characters wide
and are separated from the parameter line by a space or tab character, all
replies begin with a three digit decimal number, etc. To prevent cipher text
only attacks or known plain text attacks, a new session key should always be
generated, ECB mode should not be used and the vector should not be reset to
the same value prior to each message within a session.
2. If e.g. a CBC mode cipher is used and the vector is either reset or
chosen by the sender prior to each command, an attacker could easily mount a
copy-and-paste chosen cipher text attack even if a MAC is used. If the
vector is not reset or if it is set in advance by the recipient, then a
denial-of-service attack is possible. In this respect, there is no
difference between e.g. CBC-MAC and an error propagating cipher.
Now, suppose that an error propagating cipher is used without padding the
messages and without vector resets. Then the following seems to be true:
(a) The probability will be higher that random chosen cipher text will
decrypt into intelligble plain text.
(b) The probability that a specific cipher text will decrypt into the same
plain text twice, is equal to the probability that any other random cipher
text will decrypt into that plain text once.
(c) Due to the abscence of padding, an eaves dropper will learn the length
of each message, but:
(d) Due to the abscence of padding and of a MAC, an eaves dropper will be
given less plain text and thereby less information about the key and the
vector.
(e) Due to the error propagation, a chosen cipher text attack might be
mounted at most once each session.
Considering (a)-(e), yes, it would be possible to mount attacks against an
error propagating cipher you could not mount against e.g. a CBC-MAC, but
since the converse is also true, does this really make
Cryptography-Digest Digest #861
Cryptography-Digest Digest #861, Volume #13 Sun, 11 Mar 01 11:13:01 EST
Contents:
Re: Hash value repetion ("Simon Johnson")
Re: OverWrite: best wipe software? ("Trevor L. Jackson, III")
Re: Noninvertible encryption (SCOTT19U.ZIP_GUY)
[REQ] SHA-1 MD5 hashing software (Thomas Boschloo)
Freeware issues? (Dan Hargrove)
A question about passphrases (Crypto Neophyte)
Re: = FBI easily cracks encryption ...? ("Sam Simpson")
Re: Why do people continue to reply to Szopa? (Vernon Schryver)
From: "Simon Johnson" [EMAIL PROTECTED]
Subject: Re: Hash value repetion
Date: Sun, 11 Mar 2001 14:05:15 -0800
[EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]...
[EMAIL PROTECTED] writes:
If all possible 160 bit values were hashed with SHA1, would there be any
hash
results repeating? Or is it a 1 to 1 relation?
Assuming that SHA-1 behaves like a random function, as it is designed
to and certainly appears to, about 1/e of the possible output values
would be skipped, meaning that there would be repetitions among the
others.
For SHA-1 to be a 1-to-1 function, i.e. a permutation of 160 bit
values, be a fantastic, incredible, unbelievable coincidence. It
would mean that there is hidden and unsuspected structure in the
computational universe. One might even consider it tantamount to
proof of the existence of God.
What about MD5?
Same, for 128 bit values.
If neither are, are there hashes that are?
Hashes are usually by definition intended to be pseudo-random
functions rather than pseudo-random permutations. One problem is that
you usually want the function to be one-way. For an example of a PRP
you can consider RSA encryption using a modulus with an unknown
factorization.
Discrete log problems are better, the reason being is that you can
distribute a generator you made yourself and you can insure people that you
do not have the means to reverse it. With RSA based hashes, this is
impossible because you have to generate the two primes to make the modulo,
which means you (or something else) must have known what they are, meaning
people are unlikely to trust it. .
Simon.
--
From: "Trevor L. Jackson, III" [EMAIL PROTECTED]
Crossposted-To: alt.hacker
Subject: Re: OverWrite: best wipe software?
Date: Sun, 11 Mar 2001 14:54:10 GMT
Caveat lector.
Lest innocents suffer, let the reader beware: The author of this software
has struck out.
Strike 1: He has not the slightest concept of the design and
implementation of security software.
Strike 2: He is impervious to all attempts to help him understand the
issues.
Strike 3: His products are unusable due to the unbelievably awkward
methodology they require of the user.
For the record, the descriptions and background presented below are far
more misleading than they are informative.
Anthony Stephen Szopa wrote:
OverWrite: best wipe software?
I think I have made Ciphile Software's OverWrite Security Utility
Version 1.2 perhaps the best wipe utility available for Windows.
Read below and you tell me. Now available for direct download at
www.ciphile.com
In addition to the prior instructions here are the new
recommendations and facilities. What have I forgotten?
"NOTE: For best results this program should be used only with
Windows OSs and there should be no other programs running while this
program is running. Maximum security from using this software
results when overwriting files that are stored on 1.44MB floppy disks.
Therefore, your most sensitive files should be written directly to
1.44MB floppy disks if you must be as absolutely sure as possible
that this data is as nearly impossible as possible to recover once
overwritten using this software. SCSI hard drives are not
recommended. Nor are compressed drives. I use this software to
overwrite files on my own IDE hard drives.
RECOMMENDATIONS: You are probably familiar with MS Word. Start a
new composition then save it. Then close the file. Now open it
again. You will notice that a swap file has been created:
~$Doc1.doc if you saved the file as Doc1.doc. When you are through
and close this file the swap file ~$Doc1.doc is deleted. But the
~$Doc1.doc data is still on your hard drive. So if you decide later
to overwrite the Doc1.doc file you will not be overwriting previously
removed ~$Doc1.doc data that is still on your hard drive. But take
notice that even MS Word creates this swap file in the directory
where the current document is stored.
If you are serious about making sure that any data that has been
saved to your hard drive is removed when you overwrite it using
Ciphile Software's OverWrite Security Utility program then you
should follow these specific recommendations.
You should create a hard drive partition dedicated to storing and
processing sensitive data. All sensitive data that you create or
save or
Cryptography-Digest Digest #864
Cryptography-Digest Digest #864, Volume #13 Sun, 11 Mar 01 16:13:00 EST Contents: An extremely difficult (possibly original) cryptogram (daniel mcgrath) From: [EMAIL PROTECTED] (daniel mcgrath) Crossposted-To: rec.puzzles Subject: An extremely difficult (possibly original) cryptogram Date: Sun, 11 Mar 2001 20:29:30 GMT Tysoizbyjoxs, this may be the most complicated code anyone has ever done! 19055 13058 27195 06095 25106 20605 19506 09528 23322 05502 51306 23006 62330 63311 34096 10551 66944 59241 36792 14330 95670 76105 20216 19291 30532 91304 81059 24139 04603 94218 08644 04655 04086 04037 59165 64604 84686 14457 54488 87766 15275 43155 22490 12472 82332 20550 29101 28231 92525 46564 45764 55714 60894 55222 02161 92913 05329 13048 10558 42654 45589 45869 41592 10064 66945 57510 04558 75249 01247 32256 30572 31955 34509 01837 52031 66110 05846 36946 57619 03932 25630 57231 95060 95148 10232 06051 95060 95211 19223 55970 60124 73319 54724 11929 13020 31611 36106 19280 49095 30050 20615 25609 29096 10551 60629 13053 31052 49106 45090 18375 20316 61100 58463 69465 76190 39300 97060 95148 32974 73005 02061 52560 92909 61055 16062 91305 33105 24910 29555 02240 36720 28408 09455 71426 90470 50403 67751 00574 26677 54585 64755 03240 35777 76190 39300 97060 95148 07596 17621 95472 41192 91302 03161 13610 61927 54901 24714 80759 61762 19547 30097 27241 75942 96677 44125 04637 08944 52040 25046 08144 35614 02042 66720 40250 44081 46092 44076 10092 44888 67204 08514 40854 13551 00546 51455 91156 46092 45885 81440 85412 50426 67202 24136 54038 85145 57614 02046 08041 37576 10094 65145 75040 25041 88391 10087 71443 56410 20284 08094 13561 40204 05934 60204 21561 00946 56445 92100 72955 50460 80412 50445 71443 56100 27906 83694 60466 16426 54115 90683 69460 46567 20100 55156 10094 65145 75046 57645 59555 04266 79241 36544 08141 85644 59210 07144 57510 08444 57646 75044 36945 88085 47550 40352 89463 80204 50764 48708 54141 11775 04058 14485 94557 14508 04265 64576 72010 05515 61007 44488 36541 02045 57640 85144 08510 07144 59555 04107 64607 14266 51008 94152 04036 54436 94588 02040 36795 55040 38380 80448 75351 00916 54426 56445 92426 78803 51008 94552 04085 64407 64059 11614 60955 67201 00551 56100 74448 83654 10204 05911 56403 64100 74448 66450 85413 90100 74448 55413 77504 65764 55955 50453 83614 08644 40955 50403 67751 00764 03786 14409 55672 01005 51561 00946 51457 50465 76455 95550 41869 44855 10089 44520 46080 41250 40869 44370 93460 76455 20403 67751 00744 48836 54102 04607 14502 04266 79244 75044 88080 41375 20445 76460 94669 45584 45750 40367 75100 91691 45880 76443 77504 05955 50460 95670 81445 79100 81445 20458 70764 08614 15814 07504 08694 10764 57672 01005 06654 60804 48835 94205 04216 14575 04366 78946 86541 35541 85610 09465 14575 04366 78946 86720 40366 44867 79100 80426 77504 15911 61413 67754 57504 03677 51009 24215 61009 01564 48708 54125 04215 61009 46514 57504 58837 59116 94636 77541 35510 07295 56510 08041 25041 08141 08811 18020 40365 46851 47677 50463 78561 00814 60204 60891 00814 60915 50415 93440 85100 74403 70714 08614 60955 67201 00591 69405 89410 95550 43667 76467 50468 60475 50421 56100 94651 45750 46080 42677 50468 51475 65100 72934 60204 45894 05894 10955 50405 89460 80413 75764 10204 21614 42504 03528 94638 02042 68020 41361 46080 41375 20405 76408 51463 78561 00804 12504 68514 57504 03759 11694 18514 45921 00714 45751 00804 48788 08144 07614 54714 82049 01247 30097 27241 75942 84265 45559 15504 15911 61413 67754 57502 11614 40854 75651 00561 69413 91140 20403 67751 00516 51455 86426 59445 20468 56455 76100 71440 85100 94156 45595 55040 86544 87856 18550 46080 41361 45520 44089 47651 44092 47550 46089 10076 40354 42050 44880 80413 75204 68514 57504 03554 43614 55714 05854 12672 01005 96677 61008 78141 86046 03510 09242 15647 55040 36544 02041 07640 86141 07641 02046 08910 07944 75046 08910 07110 09115 64588 07146 37571 44592 10074 40365 44076 41020 27426 78785 14316 94637 76720 10057 42678 78514 31694 63775 04585 64559 41564 10204 02504 08694 43528 14457 14608 14486 72044 85720 41591 15644 57442 05040 88361 45861 44576 10071 44575 10051 17571 48161 44081 40367 20413 67924 55277 64035 44638 07618 65645 76720 10062 42156 42675 20468 51426 80911 56458 77504 60804 03802 04458 14186 04602 04685 14575 01159 06836 94604 66144 03758 64766 54475 79068 36946 04656 72010 06166 04125 04685 14575 04159 34458 79559 41008 04035 51007 11007 94486 94102 04585 64459 16561 00894 15204 21836 64487 53720 10062 42156 10079 46391 45750 41367 82894 76564 10204 60714 40844 26677 91009 46614 60801 00804 13752 04036 77510 08289 43661 44579 10071 45589 46367 75145 20100 64660 41367 20426 80204 68514 57504 60814 43561 00778 94552 04107 64587 85645 59214 02026 65145 58647 66544 75040 59116 94635 94218 02044 88380 20402 50455 89463 67751 00894 15204 18757 64136 72044 36144 08410 07789 45520 41385 76455 95669 44576
Cryptography-Digest Digest #865
Cryptography-Digest Digest #865, Volume #13 Sun, 11 Mar 01 17:13:00 EST
Contents:
recursive feistel design ("Tom St Denis")
Re: PKI and Non-repudiation practicalities ("Lyalc")
Re: Noninvertible encryption (SCOTT19U.ZIP_GUY)
Re: OverWrite: best wipe software? ("Doom the Mostly Harmless")
Re: [REQ] SHA-1 MD5 hashing software ("Doom the Mostly Harmless")
Re: [REQ] SHA-1 MD5 hashing software ("Tom St Denis")
Blowfish name ("Liam McGann")
Re: [REQ] SHA-1 MD5 hashing software ("Doom the Mostly Harmless")
Re: OverWrite: best wipe software? (Anthony Stephen Szopa)
Re: Really simple stream cipher (David Wagner)
Re: boycott Russia (Jim D)
Re: OverWrite: best wipe software? ("Tom St Denis")
Re: [REQ] SHA-1 MD5 hashing software ("Tom St Denis")
Re: PKI and Non-repudiation practicalities (Anne Lynn Wheeler)
Re: Why do people continue to reply to Szopa? (Eric Lee Green)
From: "Tom St Denis" [EMAIL PROTECTED]
Subject: recursive feistel design
Date: Sun, 11 Mar 2001 20:37:03 GMT
I was wondering if anyone has tried to attack the TC5 cipher I design about
6 months ago. It's designed like Turtle (Matt Blaze) to use recursive
feistel networks as F functions. So basically at the top level there is a
128-bit feistel that uses a 64-bit feistel a the round function. The 64-bit
feistel uses the 32-bit feistel for the round function and so on downto the
16-bit feistel. The 16-bit feistel uses a 8x8 sbox as a round function.
The source is at http://tomstdenis.home.dhs.org/src/tc5.c and is easy to
follow I may write a short pseudo-code thingy if anyone is interested.
The cool thing about my cipher is that it's provably secure against std
linear/diff attacks (not guranteed against other attacks though)...
Tom
--
From: "Lyalc" [EMAIL PROTECTED]
Subject: Re: PKI and Non-repudiation practicalities
Date: Mon, 12 Mar 2001 07:37:48 +1100
those who know me have no need of my name wrote in message ...
xMiq6.686$[EMAIL PROTECTED] divulged:
Well, in somne cases, it makes for good customer retention.
they seem to like keeping you on a leash. i don't see how they'd like
you being in charge of your own secret. (to wit, most institutions
will not allow you to select an alternative to your ssn or mother's
maiden name as additional security verifiers.)
Well, you must with a certificate-based solution - the password you use to
control access/usage of the certificate - you DO use a password to control
use of your certificate, don't you?
And as a generalisation, your password is being verified on a machine of
unknown security or integrity.
What's the difference between the 2 environments we've been discussing?
scale.
True, noone has managed to get personal PKI certificates scaled above a few
tens of thousands to my knowledge. A previous employer had more than 6
million PINs on issue, used on average 46 times/year in 1998.
About the same as most shared secret models and all CRL based models
i'm not overly interested in the crl models.
i don't see the same effort as most shared secret models. i suspect
i'm missing something, so i need to think about it some more.
Please do. The challenge is not only the technology, but what the
technology is used for, and it's specific needs
That is always the revocation challenge, PKI, shared secret or whatever.
Commercially, I (non-lawyer that I am) think most companies would revoke
on the suspicion of compromise, to avoid their own negligence liability
for insisting something is safe for a relying party to act upon, when it
may not be.
and that shows the other half of the revocation challenge -- a denial of
service attack. and if there is but one secret that can be so revoked it
can be even more devastating (when even a mistake happens).
Commercial implementation issues are outside the standard as with all
well crafted standards.
i'm not sure i agree that what i described is an implementation issue, if
the standard makes no allowances.
We are starting stray off-list topics, so perhaps we'd be better off taking
this off the list.
Lyal
--
okay, have a sig then
--
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Crossposted-To: sci.math
Subject: Re: Noninvertible encryption
Date: 11 Mar 2001 21:02:13 GMT
[EMAIL PROTECTED] (Douglas A. Gwyn) wrote in [EMAIL PROTECTED]:
"SCOTT19U.ZIP_GUY" wrote:
... That it becomes trivally easy to test a key for a solution ...
The crux of the matter is that, if you have a method of cryptanalysis
that produces the right key, you don't need to test for a solution.
And in any other case, what are you doing testing keys? There are too
many of them for that to be a feasible mathod of attack.
Its not that you necessiarly have a key to test. The fact that
you can shows that the encrypted text carries with it all the information
to be decrypted. Some smart person at the
Cryptography-Digest Digest #866
Cryptography-Digest Digest #866, Volume #13 Sun, 11 Mar 01 19:13:01 EST
Contents:
Re: Blowfish name (SCOTT19U.ZIP_GUY)
Re: [REQ] SHA-1 MD5 hashing software (Eric Lee Green)
Re: Noninvertible encryption ("Douglas A. Gwyn")
Re: Really simple stream cipher ("Henrick Hellström")
Re: Really simple stream cipher (David Wagner)
Re: FIPS 140-2 PRG (Gregory G Rose)
Quantum Computing Key Sizes (Tom McCune)
Re: Quantum Computing Key Sizes ("Tom St Denis")
Re: Text of Applied Cryptography (Anonymous)
Re: RSA encryption on Windows -- C++ source code (Ben Cantrick)
Re: Quantum Computing Key Sizes ([EMAIL PROTECTED])
Re: Quantum Computing Key Sizes ("Sam Simpson")
Re: Freeware issues? ("Nick Payne")
Re: = FBI easily cracks encryption ...? (CR Lyttle)
Re: Quantum Computing Key Sizes (Tom McCune)
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Blowfish name
Date: 11 Mar 2001 21:59:05 GMT
[EMAIL PROTECTED] (Liam McGann) wrote in
TfSq6.9082$[EMAIL PROTECTED]:
Anyone know where Blowfish gots its name?
Thanks,
L.M.
I could guess break it up into words "blow fish". Two
nice 4 letter words let you imagination run. Also if
I worked for the NSA and wanted to trick people into
using fishy software what better name. It would be
funny. Note these just my thoughts I have no idea why
he named it that. I also don't think I would belive the
originator if he told me while on truth serum during a
polygraph test while he was under hypnosis and knew if
he lied his loved ones assuming the person had any would be
terminated.
David A. Scott
P.S. I hope that helps.
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.xoom.com/ecil/index.htm
Scott LATEST UPDATED source for scott*u.zip
http://radiusnet.net/crypto/ then look for
sub directory scott after pressing CRYPTO
Scott famous Compression Page
http://members.xoom.com/ecil/compress.htm
**NOTE EMAIL address is for SPAMERS***
I leave you with this final thought from President Bill Clinton:
--
From: [EMAIL PROTECTED] (Eric Lee Green)
Subject: Re: [REQ] SHA-1 MD5 hashing software
Reply-To: [EMAIL PROTECTED]
Date: 11 Mar 2001 16:04:23 -0600
On Sun, 11 Mar 2001 21:20:14 GMT, Doom the Mostly Harmless [EMAIL PROTECTED]
wrote:
snip
Oh boy trialware... hot digittiy. Who on earth would buy an
implementation
of SHA?
Someone without your 3l33t k0d1ng sk1LLz? :-)
Or somebody too stupid to go to:
http://www.openssl.org
http://www.cs.auckland.ac.nz/~pgut001/cryptlib/
http://www.eskimo.com/~weidai/cryptlib.html
http://www.cryptix.org/
etc. etc. etc.
But what can I say, there's a sucker born every day.
--
Eric Lee Green [EMAIL PROTECTED] http://www.badtux.org
AVOID EVIDENCE ELIMINATOR -- for details, see
http://badtux.org/eric/editorial/scumbags.html
== Posted via Newsfeeds.Com, Uncensored Usenet News ==
http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
=== Over 80,000 Newsgroups = 16 Different Servers! ==
--
From: "Douglas A. Gwyn" [EMAIL PROTECTED]
Crossposted-To: sci.math
Subject: Re: Noninvertible encryption
Date: Sun, 11 Mar 2001 22:24:54 GMT
"SCOTT19U.ZIP_GUY" wrote:
One would like to be able to give a false key so they will be happy.
However, if the decryption is gibberish they won't be happy.
So you at the very least would want a system that encrypts
both the real message and an alternate, meaningful message
under separate keys. This isn't hard under the usual OTP
system, because you can take the CT and fake PT and easily
find a corresponding key, but for systems with short keys
it's not going to be possible unless you allow the CT to be
about twice as large as would otherwise be necessary.
--
From: "Henrick Hellström" [EMAIL PROTECTED]
Subject: Re: Really simple stream cipher
Date: Sun, 11 Mar 2001 23:40:11 +0100
Well, no, that's not the way I view it. I view crypto engines as (a)
inflexible, (b) performance sinks and (c) potential security risks, at least
those that are linked to / called by the executable at run time. It is not
that hard to write a dll-file called e.g. "cryptnet.dll" with the right
interface entries but with rigged implementations, and plant it in a
computer of your choice. Since the dll is there and it has the right
interface entries, the application will happily inform the user that he has
connected securely - although he hasn't, because the person who planted the
dll has made sure that he is able to mount a MITM attack.
Sure, you could perform the same kind of attack against any kind of
executable, but on e.g. Win32 platforms a dll file is usually well hidden in
the system directory under a suspiciously non-informative name. Few users
would know which file to
Cryptography-Digest Digest #867
Cryptography-Digest Digest #867, Volume #13 Sun, 11 Mar 01 21:13:00 EST
Contents:
Re: Really simple stream cipher ("Henrick Hellström")
Got my wish (Was: [REQ] SHA-1 MD5 hashing software) (Thomas Boschloo)
Re: Super strong crypto (David Wagner)
Re: Quantum Computing Key Sizes ("Tom St Denis")
Re: Quantum Computing Key Sizes (Bill Unruh)
Re: Quantum Computing Key Sizes (Bill Unruh)
Re: Text of Applied Cryptography .. do not feed the trolls ("Ryan M. McConahy")
pgp262i-ns.zip cracking contest (Was: Attn: Chris Drake and Thomas (Thomas Boschloo)
Re: ideas of D.Chaum about digital cash and whether tax offices are (John
Christensen)
Re: Quantum Computing Key Sizes (Tom McCune)
Re: A question about passphrases (Crypto Neophyte)
Digital enveloppe (br)
Re: Digital enveloppe ("Tom St Denis")
Re: Digital enveloppe (br)
Re: An extremely difficult (possibly original) cryptogram (John Savard)
Re: Really simple stream cipher (David Wagner)
From: "Henrick Hellström" [EMAIL PROTECTED]
Subject: Re: Really simple stream cipher
Date: Mon, 12 Mar 2001 01:13:19 +0100
"David Wagner" [EMAIL PROTECTED] skrev i meddelandet
news:98gvd5$chs$[EMAIL PROTECTED]...
Huh? Whether you use static vs. dynamic linking is orthogonal
to what your crypto code does.
In a way it does depend. I would possibly mess up the lives of a lot of
people if I were to rewrite some commonly used dll file just to add my
favourite protocols, algorithms and modes of operation. But nothing prevents
me from adding such code to our own applications.
Anyway, we are not discussing the same thing. I am a security product
developer with an interest in cryptography. My major concern is whether or
own products are safe or not. It is at most a minor concern that we
sometimes use technologies any software developer could not be recommended
to use. Just we do it right ourselves and are able to convince others that
we do. And, unless I have misunderstood your line of argument, it might very
well be the case that we do it right.
When I say "crypto engine", I'm
referring to what your crypto code does (i.e., whether it uses
a MAC or not, whether it uses CBC mode or CFB mode), no matter
whether it's in a DLL or hard-coded into your application.
If you're having troubles with spoofed DLL's, you may want to
re-consider your choice of operating systems.
Well, a security product developer shouldn't keep any secrets anyway. He
leaves that to his customers. ;-)
--
Henrick Hellström [EMAIL PROTECTED]
StreamSec HB http://www.streamsec.com
--
From: Thomas Boschloo [EMAIL PROTECTED]
Crossposted-To: alt.security.pgp,comp.security.pgp.discuss
Subject: Got my wish (Was: [REQ] SHA-1 MD5 hashing software)
Date: Mon, 12 Mar 2001 01:09:05 +0100
=BEGIN PGP SIGNED MESSAGE=
Tom St Denis wrote:
"nemo outis" [EMAIL PROTECTED] wrote in message
news:MhQq6.52508$[EMAIL PROTECTED]...
Best I've found is Veracity at the eponymous:
www.veracity.com
Quoting from the site:
"Veracity can calculate the SHA-0, SHA-1, MD2, MD4, MD5, HAVAL (four variants)
and Snefru (four variants) digest algorithms, and the CRC-16, CRC-32,
Fletcher, Internet, and Sum checksum algorithms."
Also supports a wide range of platforms and OSs.
Available as uncrippled trialware.
Oh boy trialware... hot digittiy. Who on earth would buy an implementation
of SHA?
Maybe you were kindly referring to http://freeveracity.org/?? hint
But I got my wish, ftp://ftp.veracity.com/ is perfect for my needs.
They've got a MS-DOS version for 2.0.1 and a windows version for 3.1.0.
And they seem totally uncrippled, although the program is a bit overkill
for my modest needs.
But hits-himself-on-head I should first have gone to
http://www.gnupg.org/download.html. They have a windows version that
is fully capable of producing hashes. Here is some output of both to
demonstrate the easy with which they can be used.
And thanks ELG (you know who you are) for implicating I am a sucker.
Greetingz,
Thomas
=BEGIN PGP SIGNATURE=
Version: PGPfreeware 5.5.3i for non-commercial use http://www.pgpi.com
iQB5AwUBOqwEmQEP2l8iXKAJAQGnEwMeNQiVQ0CAIs/dzuXiv8Cv6Q2y4j9SZuo6
n7SuRl50t5MzTz0hw2qBejiIiyIgLHtPtwC2gKnqI6I05af7Sxk7N92sY4NdD3xo
/MhUJRiV4RBZWdEDUGrpVf9ZSyzMvxZUtZRy2A==
=gHBq
=END PGP SIGNATURE=
==
C:\My Download Files\ygpg --version
gpg (GnuPG) 1.0.4-1
Copyright (C) 2000 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.
Home: c:/gnupg
Supported algorithms:
Cipher: 3DES, CAST5, BLOWFISH, RIJNDAEL, RIJNDAEL192, RIJNDAEL256,
TWOFISH
Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA, ELG
Hash: MD5, SHA1, RIPEMD160
C:\My Download Files\ygpg --print-md sha1 veracity.exe
veracity.exe: D9E1
Cryptography-Digest Digest #868
Cryptography-Digest Digest #868, Volume #13 Mon, 12 Mar 01 00:13:01 EST
Contents:
Re: Text of Applied Cryptography .. do not feed the trolls
([EMAIL PROTECTED])
Re: The Foolish Dozen or so in This News Group (Benjamin Goldberg)
Re: Text of Applied Cryptography .. do not feed the trolls ("Tom St Denis")
Re: An extremely difficult (possibly original) cryptogram ("Ashish Kasturia")
Re: Text of Applied Cryptography .. do not feed the trolls (Frodo)
Straw man hash. (Benjamin Goldberg)
Re: Semi-super-strong crypto? (Benjamin Goldberg)
Re: Digital enveloppe ("Trevor L. Jackson, III")
Re: ideas of D.Chaum about digital cash and whether tax offices are (John
Christensen)
Re: An extremely difficult (possibly original) cryptogram (those who know me have no
need of my name)
Re: Text of Applied Cryptography .. do not feed the trolls ("Tom St Denis")
Re: RSA encryption on Windows -- C++ source code (those who know me have no need of
my name)
Re: [REQ] SHA-1 MD5 hashing software (those who know me have no need of my name)
Re: = FBI easily cracks encryption ...? (SCOTT19U.ZIP_GUY)
Re: Noninvertible encryption (SCOTT19U.ZIP_GUY)
Re: arbitrary-precision arithmetic (Benjamin Goldberg)
Re: = FBI easily cracks encryption ...? (Phil Zimmerman)
RE: Anonymous web browsing (Phil Zimmerman)
Re: Digital enveloppe ("Scott Fluhrer")
From: [EMAIL PROTECTED]
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: Text of Applied Cryptography .. do not feed the trolls
Reply-To: *
Date: Mon, 12 Mar 2001 02:13:36 GMT
On Sun, 11 Mar 2001 19:52:08 -0500, "Ryan M. McConahy"
[EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Actually, I was not asking for noise. I merely wanted an address. I
knew that an electronic version was available. I am a teenager, and
do not have much money, and would prefer it in an electronic version.
Perhaps you might like this, too.
http://www.umich.edu/~umich/fm-34-40-2/
Enjoy the crypto. I hope your fascination lasts your entire life.
--
From: Benjamin Goldberg [EMAIL PROTECTED]
Crossposted-To: alt.hacker
Subject: Re: The Foolish Dozen or so in This News Group
Date: Mon, 12 Mar 2001 02:18:56 GMT
Anthony Stephen Szopa wrote:
[snip]
fclose that flushes all OS buffers associated with the stream.
You would think this would be enough to force a write.
How many times does this need to be pounded into your head? fclose
flushes the C library buffers, not the OS buffers.
[snip]
That's ignoring the hdd buffers. The drive light goes on for a bus
transfer of data to the drive, not for actual writing.
I am not convinced this is so. The documentation says specifically
"system-allocated" buffers are flushed.
If you choose to be stupid about what fclose does, you're allowed to be.
But how do you get off even thinking of the hdd buffers as "system
allocated?" I mean, nothing in the OS /creates/ them... they're part of
dedicated hardware, and the buffers are dedicated to that specific
purpose. Unlike OS buffers, or C library buffers, where it's just
arbitrary blocks of memory, which could be used for anything at all,
until the Os or user program *allocates* them for use. So in no way can
hdd buffers be considered "system allocated."
Also... I'm curious as to what you believe the function close() does, as
opposed to fclose(). Or what write() does as opposed to fwrite(), or
open() as opposed to fopen(). Or what you think fflush() does and what
reason you believe for there to not be any equivilant flush() function.
--
The difference between theory and practice is that in theory, theory and
practice are identical, but in practice, they are not.
--
From: "Tom St Denis" [EMAIL PROTECTED]
Crossposted-To: alt.security.pgp,talk.politics.crypto
Subject: Re: Text of Applied Cryptography .. do not feed the trolls
Date: Mon, 12 Mar 2001 02:24:40 GMT
"Ryan M. McConahy" [EMAIL PROTECTED] wrote in message
news:3aac1d41$0$62147$[EMAIL PROTECTED]...
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Actually, I was not asking for noise. I merely wanted an address. I
knew that an electronic version was available. I am a teenager, and
do not have much money, and would prefer it in an electronic version.
Big deal? I got a job when I was 15 and bought my own copy. It's called
the "real world".
Tom
--
From: "Ashish Kasturia" [EMAIL PROTECTED]
Crossposted-To: rec.puzzles
Subject: Re: An extremely difficult (possibly original) cryptogram
Date: Sun, 11 Mar 2001 22:00:49 -0500
In general, postings of this type are frowned upon.
why is that?
(just a question)
-ash
--
Date: 12 Mar 2001 02:57:32 -
From: [EMAIL PROTECTED] (Frodo)
Subject: Re: Text of Applied Cryptography .. do not feed the trolls
Crossposted-To:
Cryptography-Digest Digest #869
Cryptography-Digest Digest #869, Volume #13 Mon, 12 Mar 01 00:13:01 EST
Contents:
Re: An extremely difficult (possibly original) cryptogram ("Jared Karr")
Reply-To: "Jared Karr" [EMAIL PROTECTED]
From: "Jared Karr" [EMAIL PROTECTED]
Crossposted-To: rec.puzzles
Subject: Re: An extremely difficult (possibly original) cryptogram
Date: Mon, 12 Mar 2001 04:58:44 GMT
Maybe you should post a shorter message in the same code. I don't think
anybody wants to decode half a million characters by hand.
JK
"daniel mcgrath" [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]...
Tysoizbyjoxs, this may be the most complicated code anyone has ever
done!
19055 13058 27195 06095 25106 20605 19506 09528 23322 05502
51306 23006 62330 63311 34096 10551 66944 59241 36792 14330
95670 76105 20216 19291 30532 91304 81059 24139 04603 94218
08644 04655 04086 04037 59165 64604 84686 14457 54488 87766
15275 43155 22490 12472 82332 20550 29101 28231 92525 46564
45764 55714 60894 55222 02161 92913 05329 13048 10558 42654
45589 45869 41592 10064 66945 57510 04558 75249 01247 32256
30572 31955 34509 01837 52031 66110 05846 36946 57619 03932
25630 57231 95060 95148 10232 06051 95060 95211 19223 55970
60124 73319 54724 11929 13020 31611 36106 19280 49095 30050
20615 25609 29096 10551 60629 13053 31052 49106 45090 18375
20316 61100 58463 69465 76190 39300 97060 95148 32974 73005
02061 52560 92909 61055 16062 91305 33105 24910 29555 02240
36720 28408 09455 71426 90470 50403 67751 00574 26677 54585
64755 03240 35777 76190 39300 97060 95148 07596 17621 95472
41192 91302 03161 13610 61927 54901 24714 80759 61762 19547
30097 27241 75942 96677 44125 04637 08944 52040 25046 08144
35614 02042 66720 40250 44081 46092 44076 10092 44888 67204
08514 40854 13551 00546 51455 91156 46092 45885 81440 85412
50426 67202 24136 54038 85145 57614 02046 08041 37576 10094
65145 75040 25041 88391 10087 71443 56410 20284 08094 13561
40204 05934 60204 21561 00946 56445 92100 72955 50460 80412
50445 71443 56100 27906 83694 60466 16426 54115 90683 69460
46567 20100 55156 10094 65145 75046 57645 59555 04266 79241
36544 08141 85644 59210 07144 57510 08444 57646 75044 36945
88085 47550 40352 89463 80204 50764 48708 54141 11775 04058
14485 94557 14508 04265 64576 72010 05515 61007 44488 36541
02045 57640 85144 08510 07144 59555 04107 64607 14266 51008
94152 04036 54436 94588 02040 36795 55040 38380 80448 75351
00916 54426 56445 92426 78803 51008 94552 04085 64407 64059
11614 60955 67201 00551 56100 74448 83654 10204 05911 56403
64100 74448 66450 85413 90100 74448 55413 77504 65764 55955
50453 83614 08644 40955 50403 67751 00764 03786 14409 55672
01005 51561 00946 51457 50465 76455 95550 41869 44855 10089
44520 46080 41250 40869 44370 93460 76455 20403 67751 00744
48836 54102 04607 14502 04266 79244 75044 88080 41375 20445
76460 94669 45584 45750 40367 75100 91691 45880 76443 77504
05955 50460 95670 81445 79100 81445 20458 70764 08614 15814
07504 08694 10764 57672 01005 06654 60804 48835 94205 04216
14575 04366 78946 86541 35541 85610 09465 14575 04366 78946
86720 40366 44867 79100 80426 77504 15911 61413 67754 57504
03677 51009 24215 61009 01564 48708 54125 04215 61009 46514
57504 58837 59116 94636 77541 35510 07295 56510 08041 25041
08141 08811 18020 40365 46851 47677 50463 78561 00814 60204
60891 00814 60915 50415 93440 85100 74403 70714 08614 60955
67201 00591 69405 89410 95550 43667 76467 50468 60475 50421
56100 94651 45750 46080 42677 50468 51475 65100 72934 60204
45894 05894 10955 50405 89460 80413 75764 10204 21614 42504
03528 94638 02042 68020 41361 46080 41375 20405 76408 51463
78561 00804 12504 68514 57504 03759 11694 18514 45921 00714
45751 00804 48788 08144 07614 54714 82049 01247 30097 27241
75942 84265 45559 15504 15911 61413 67754 57502 11614 40854
75651 00561 69413 91140 20403 67751 00516 51455 86426 59445
20468 56455 76100 71440 85100 94156 45595 55040 86544 87856
18550 46080 41361 45520 44089 47651 44092 47550 46089 10076
40354 42050 44880 80413 75204 68514 57504 03554 43614 55714
05854 12672 01005 96677 61008 78141 86046 03510 09242 15647
55040 36544 02041 07640 86141 07641 02046 08910 07944 75046
08910 07110 09115 64588 07146 37571 44592 10074 40365 44076
41020 27426 78785 14316 94637 76720 10057 42678 78514 31694
63775 04585 64559 41564 10204 02504 08694 43528 14457 14608
14486 72044 85720 41591 15644 57442 05040 88361 45861 44576
10071 44575 10051 17571 48161 44081 40367 20413 67924 55277
64035 44638 07618 65645 76720 10062 42156 42675 20468 51426
80911 56458 77504 60804 03802 04458 14186 04602 04685 14575
01159 06836 94604 66144 03758 64766 54475 79068 36946 04656
72010 06166 04125 04685 14575 04159 34458 79559 41008 04035
51007 11007 94486 94102 04585 64459 16561 00894 15204 21836
64487 53720 10062 42156 10079 46391 45750 41367 82894 76564
10204 60714 40844 26677 91009
Cryptography-Digest Digest #870
Cryptography-Digest Digest #870, Volume #13 Mon, 12 Mar 01 02:13:00 EST
Contents:
Re: OverWrite: best wipe software? ("Trevor L. Jackson, III")
Re: Super strong crypto ("Bryan Olson")
Improvement of a simple cipher ("Alexis Machado")
Re: Noninvertible encryption ("Douglas A. Gwyn")
Re: Any news on the KFB mode? ("Bryan Olson")
RE: Anonymous web browsing (SCOTT19U.ZIP_GUY)
Re: = FBI easily cracks encryption ...? (SCOTT19U.ZIP_GUY)
Re: Super strong crypto (SCOTT19U.ZIP_GUY)
Re: An extremely difficult (possibly original) cryptogram (SCOTT19U.ZIP_GUY)
Re: Text of Applied Cryptography .. do not feed the trolls (Frodo)
Re: = FBI easily cracks encryption ...? (Phil Schneier)
Re: Super strong crypto (Mok-Kong Shen)
Re: Anonymous web browsing ("Mxsmanic")
Re: Super strong crypto (Paul Crowley)
Re: Encryption software (Paul Crowley)
Re: Encryption software (Paul Crowley)
Re: Potential of machine translation techniques? (Mok-Kong Shen)
Re: Dumb inquiry (Mok-Kong Shen)
From: "Trevor L. Jackson, III" [EMAIL PROTECTED]
Crossposted-To: alt.hacker
Subject: Re: OverWrite: best wipe software?
Date: Mon, 12 Mar 2001 05:00:07 GMT
Anthony Stephen Szopa wrote:
"Trevor L. Jackson, III" wrote:
Caveat lector.
Lest innocents suffer, let the reader beware: The author of this software
has struck out.
Strike 1: He has not the slightest concept of the design and
implementation of security software.
Strike 2: He is impervious to all attempts to help him understand the
issues.
Strike 3: His products are unusable due to the unbelievably awkward
methodology they require of the user.
major snip
Take as much care as you think you should."
Let's see you get out of this box.
Tell us now why OverWrite will not work.
Take the training at http://ftp.fedworld.gov/pub/irs-pdf/p3202.pdf and then
tell us how well your software works.
--
From: "nospam"@"nonsuch.org" ("Bryan Olson")
Subject: Re: Super strong crypto
Date: Mon, 12 Mar 2001 05:03:25 GMT
Douglas A. Gwyn wrote:
Bryan Olson wrote:
But understand it's no small detail. Thousands have tried
to bridge that chasm, and so far all have failed.
But in the meantime, we can try to beef up the methods we have
by such methods as I was suggesting.
Well, yeah sure, or other methods. But this was supposed to
be about more than one's opinion on what things might help.
In applications such as
one I'm supporting at the moment, there are real-world
constraints that force the security implementation to work too
close to the edge, and efficient implementation is paramount
(so the data encryption will be something like Rijndael with
small parameters). Under such circumstances, anything that can
be done to get in the way of the enemy cryptanalysts is welcome.
If you have some result showing Rijndael is flawed, or
showing your scheme is strong, that would be significant.
Hypothesizing Rijndael is weak and conjecturing that your
scheme would fix the weakness is not even in the direction
you stated this thread seemed to be about.
--Bryan
--
From: "Alexis Machado" [EMAIL PROTECTED]
Subject: Improvement of a simple cipher
Date: Mon, 12 Mar 2001 02:24:24 -0300
Last year I presented here a block cipher called Nimbus.
The encryption process iterates "r" rounds:
X := K[i] * g(X xor K[r+i])(mod 2**s)(i = 0 .. r-1)
where
1) X and K[...] are s-bit integers
2) X is the block been encrypted
3) Vector K is derived from a t-bit master key
4) Elements K[i] are odd, allowing multiplicative inverse (mod 2**s)
5) g is a bit-reversal function (Ex: g(10110010) = 01001101)
My current implementation uses r = 5, s = 64 and t = 128.
The palindrome differential D = 2**(s-1) - 2 = 0111...1110 "propagates",
using xor difference, with probability 1/2 in each round and 1/2**r after
r rounds.
To reduce the probability of high Hamming weight differentials, I'm
proposing an additive subkey. The cipher becomes
X := K[i] * g(X xor K[r+i] + K[2r+i])(mod 2**s)(i = 0 .. r-1)
Let
a) h(X) = X + A represent the round addition (xor operation have no
influence on differential propagation)
b) I(m,n) be a bit sequence extracted from an integer "I", starting on
bit m,
ending on bit n.
If n m and D(m,n) contains only 1's, the probability of
h(X) xor h(X xor D) = D(equation E1)
will be zero unless
A(m,n) contains only 0's or only 1's(condition C1)
Once C1 is satisfied, A(0, m-1) determines E1 probability.
If subkeys are randomly generated, A satisfy C1 with probability p =
1/2**(n-m).
Now, is very unlikely (1/2**(s-3)) that the differential used to attack the
original cipher (D = 2**(s-1) - 2) could have a non-zero probability.
Suggestions, comments and attacks (of course :-)) are welcome.
---
Alexis
