Cryptography-Digest Digest #860
Cryptography-Digest Digest #860, Volume #13 Sun, 11 Mar 01 09:13:01 EST Contents: Re: OverWrite: best wipe software? (those who know me have no need of my name) Re: Really simple stream cipher ("Henrick Hellström") Re: PKI and Non-repudiation practicalities (those who know me have no need of my name) Re: The Foolish Dozen or so in This News Group (those who know me have no need of my name) Re: The Foolish Dozen or so in This News Group (those who know me have no need of my name) Re: Applications of crypto techniques to non-crypto uses (those who know me have no need of my name) Re: Encryption software (Bram Labarque) FIPS 140-2 PRG ("Yoad Lustig") Re: = FBI easily cracks encryption ...? ("Mxsmanic") Re: = FBI easily cracks encryption ...? ("Mxsmanic") Re: = FBI easily cracks encryption ...? ("Mxsmanic") Re: = FBI easily cracks encryption ...? ("Mxsmanic") Re: Applications of crypto techniques to non-crypto uses (Mok-Kong Shen) Re: Super strong crypto (Mok-Kong Shen) Re: Text of Applied Cryptography .. do not feed the trolls ("Tom St Denis") Re: = FBI easily cracks encryption ...? ("Tom St Denis") Re: OverWrite: best wipe software? Re: Encryption software ("Henrick Hellström") Dumb inquiry Re: Question ("Dragon") From: [EMAIL PROTECTED] (those who know me have no need of my name) Crossposted-To: alt.hacker Subject: Re: OverWrite: best wipe software? Date: Sun, 11 Mar 2001 09:54:24 - wtCq6.10367$[EMAIL PROTECTED] divulged: "Anthony Stephen Szopa" [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]... I think I have made Ciphile Software's OverWrite Security Utility Version 1.2 perhaps the best wipe utility available for Windows. Why do you think that? i suppose we shouldn't be too hard on anthony. he doesn't know better, and at times he does appear to learn. the really annoying "wipe" program is the one that comes with nai's pgp products -- they make the same ludicrous claims, and likewise barely mention the constraints. -- okay, have a sig then -- From: "Henrick Hellström" [EMAIL PROTECTED] Subject: Re: Really simple stream cipher Date: Sun, 11 Mar 2001 11:03:45 +0100 "Thomas Wu" [EMAIL PROTECTED] skrev i meddelandet news:[EMAIL PROTECTED]... But code in application layers is often written without the assumption that the format check has security implications. Imagine an FTP daemon that rejects an unknown command by including the offending command name in the response; "FOO" results in "FOO: unknown command". Under these circumstances, it seems possible that an attacker could exploit this behavior under your model to get chosen ciphertext pairs and use it to leverage attacks that would not be possible with explicit MACs. A user-friendly feature at the application level suddenly turns into a security weakness when these abstraction barriers aren't respected. I came to think of some other things: 1. No matter how the encryption is arranged, the attacker will always have partial knowledge of the plain text: All commands are four characters wide and are separated from the parameter line by a space or tab character, all replies begin with a three digit decimal number, etc. To prevent cipher text only attacks or known plain text attacks, a new session key should always be generated, ECB mode should not be used and the vector should not be reset to the same value prior to each message within a session. 2. If e.g. a CBC mode cipher is used and the vector is either reset or chosen by the sender prior to each command, an attacker could easily mount a copy-and-paste chosen cipher text attack even if a MAC is used. If the vector is not reset or if it is set in advance by the recipient, then a denial-of-service attack is possible. In this respect, there is no difference between e.g. CBC-MAC and an error propagating cipher. Now, suppose that an error propagating cipher is used without padding the messages and without vector resets. Then the following seems to be true: (a) The probability will be higher that random chosen cipher text will decrypt into intelligble plain text. (b) The probability that a specific cipher text will decrypt into the same plain text twice, is equal to the probability that any other random cipher text will decrypt into that plain text once. (c) Due to the abscence of padding, an eaves dropper will learn the length of each message, but: (d) Due to the abscence of padding and of a MAC, an eaves dropper will be given less plain text and thereby less information about the key and the vector. (e) Due to the error propagation, a chosen cipher text attack might be mounted at most once each session. Considering (a)-(e), yes, it would be possible to mount attacks against an error propagating cipher you could not mount against e.g. a CBC-MAC, but since the converse is also true, does this really make
Cryptography-Digest Digest #861
Cryptography-Digest Digest #861, Volume #13 Sun, 11 Mar 01 11:13:01 EST Contents: Re: Hash value repetion ("Simon Johnson") Re: OverWrite: best wipe software? ("Trevor L. Jackson, III") Re: Noninvertible encryption (SCOTT19U.ZIP_GUY) [REQ] SHA-1 MD5 hashing software (Thomas Boschloo) Freeware issues? (Dan Hargrove) A question about passphrases (Crypto Neophyte) Re: = FBI easily cracks encryption ...? ("Sam Simpson") Re: Why do people continue to reply to Szopa? (Vernon Schryver) From: "Simon Johnson" [EMAIL PROTECTED] Subject: Re: Hash value repetion Date: Sun, 11 Mar 2001 14:05:15 -0800 [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]... [EMAIL PROTECTED] writes: If all possible 160 bit values were hashed with SHA1, would there be any hash results repeating? Or is it a 1 to 1 relation? Assuming that SHA-1 behaves like a random function, as it is designed to and certainly appears to, about 1/e of the possible output values would be skipped, meaning that there would be repetitions among the others. For SHA-1 to be a 1-to-1 function, i.e. a permutation of 160 bit values, be a fantastic, incredible, unbelievable coincidence. It would mean that there is hidden and unsuspected structure in the computational universe. One might even consider it tantamount to proof of the existence of God. What about MD5? Same, for 128 bit values. If neither are, are there hashes that are? Hashes are usually by definition intended to be pseudo-random functions rather than pseudo-random permutations. One problem is that you usually want the function to be one-way. For an example of a PRP you can consider RSA encryption using a modulus with an unknown factorization. Discrete log problems are better, the reason being is that you can distribute a generator you made yourself and you can insure people that you do not have the means to reverse it. With RSA based hashes, this is impossible because you have to generate the two primes to make the modulo, which means you (or something else) must have known what they are, meaning people are unlikely to trust it. . Simon. -- From: "Trevor L. Jackson, III" [EMAIL PROTECTED] Crossposted-To: alt.hacker Subject: Re: OverWrite: best wipe software? Date: Sun, 11 Mar 2001 14:54:10 GMT Caveat lector. Lest innocents suffer, let the reader beware: The author of this software has struck out. Strike 1: He has not the slightest concept of the design and implementation of security software. Strike 2: He is impervious to all attempts to help him understand the issues. Strike 3: His products are unusable due to the unbelievably awkward methodology they require of the user. For the record, the descriptions and background presented below are far more misleading than they are informative. Anthony Stephen Szopa wrote: OverWrite: best wipe software? I think I have made Ciphile Software's OverWrite Security Utility Version 1.2 perhaps the best wipe utility available for Windows. Read below and you tell me. Now available for direct download at www.ciphile.com In addition to the prior instructions here are the new recommendations and facilities. What have I forgotten? "NOTE: For best results this program should be used only with Windows OSs and there should be no other programs running while this program is running. Maximum security from using this software results when overwriting files that are stored on 1.44MB floppy disks. Therefore, your most sensitive files should be written directly to 1.44MB floppy disks if you must be as absolutely sure as possible that this data is as nearly impossible as possible to recover once overwritten using this software. SCSI hard drives are not recommended. Nor are compressed drives. I use this software to overwrite files on my own IDE hard drives. RECOMMENDATIONS: You are probably familiar with MS Word. Start a new composition then save it. Then close the file. Now open it again. You will notice that a swap file has been created: ~$Doc1.doc if you saved the file as Doc1.doc. When you are through and close this file the swap file ~$Doc1.doc is deleted. But the ~$Doc1.doc data is still on your hard drive. So if you decide later to overwrite the Doc1.doc file you will not be overwriting previously removed ~$Doc1.doc data that is still on your hard drive. But take notice that even MS Word creates this swap file in the directory where the current document is stored. If you are serious about making sure that any data that has been saved to your hard drive is removed when you overwrite it using Ciphile Software's OverWrite Security Utility program then you should follow these specific recommendations. You should create a hard drive partition dedicated to storing and processing sensitive data. All sensitive data that you create or save or
Cryptography-Digest Digest #864
Cryptography-Digest Digest #864, Volume #13 Sun, 11 Mar 01 16:13:00 EST Contents: An extremely difficult (possibly original) cryptogram (daniel mcgrath) From: [EMAIL PROTECTED] (daniel mcgrath) Crossposted-To: rec.puzzles Subject: An extremely difficult (possibly original) cryptogram Date: Sun, 11 Mar 2001 20:29:30 GMT Tysoizbyjoxs, this may be the most complicated code anyone has ever done! 19055 13058 27195 06095 25106 20605 19506 09528 23322 05502 51306 23006 62330 63311 34096 10551 66944 59241 36792 14330 95670 76105 20216 19291 30532 91304 81059 24139 04603 94218 08644 04655 04086 04037 59165 64604 84686 14457 54488 87766 15275 43155 22490 12472 82332 20550 29101 28231 92525 46564 45764 55714 60894 55222 02161 92913 05329 13048 10558 42654 45589 45869 41592 10064 66945 57510 04558 75249 01247 32256 30572 31955 34509 01837 52031 66110 05846 36946 57619 03932 25630 57231 95060 95148 10232 06051 95060 95211 19223 55970 60124 73319 54724 11929 13020 31611 36106 19280 49095 30050 20615 25609 29096 10551 60629 13053 31052 49106 45090 18375 20316 61100 58463 69465 76190 39300 97060 95148 32974 73005 02061 52560 92909 61055 16062 91305 33105 24910 29555 02240 36720 28408 09455 71426 90470 50403 67751 00574 26677 54585 64755 03240 35777 76190 39300 97060 95148 07596 17621 95472 41192 91302 03161 13610 61927 54901 24714 80759 61762 19547 30097 27241 75942 96677 44125 04637 08944 52040 25046 08144 35614 02042 66720 40250 44081 46092 44076 10092 44888 67204 08514 40854 13551 00546 51455 91156 46092 45885 81440 85412 50426 67202 24136 54038 85145 57614 02046 08041 37576 10094 65145 75040 25041 88391 10087 71443 56410 20284 08094 13561 40204 05934 60204 21561 00946 56445 92100 72955 50460 80412 50445 71443 56100 27906 83694 60466 16426 54115 90683 69460 46567 20100 55156 10094 65145 75046 57645 59555 04266 79241 36544 08141 85644 59210 07144 57510 08444 57646 75044 36945 88085 47550 40352 89463 80204 50764 48708 54141 11775 04058 14485 94557 14508 04265 64576 72010 05515 61007 44488 36541 02045 57640 85144 08510 07144 59555 04107 64607 14266 51008 94152 04036 54436 94588 02040 36795 55040 38380 80448 75351 00916 54426 56445 92426 78803 51008 94552 04085 64407 64059 11614 60955 67201 00551 56100 74448 83654 10204 05911 56403 64100 74448 66450 85413 90100 74448 55413 77504 65764 55955 50453 83614 08644 40955 50403 67751 00764 03786 14409 55672 01005 51561 00946 51457 50465 76455 95550 41869 44855 10089 44520 46080 41250 40869 44370 93460 76455 20403 67751 00744 48836 54102 04607 14502 04266 79244 75044 88080 41375 20445 76460 94669 45584 45750 40367 75100 91691 45880 76443 77504 05955 50460 95670 81445 79100 81445 20458 70764 08614 15814 07504 08694 10764 57672 01005 06654 60804 48835 94205 04216 14575 04366 78946 86541 35541 85610 09465 14575 04366 78946 86720 40366 44867 79100 80426 77504 15911 61413 67754 57504 03677 51009 24215 61009 01564 48708 54125 04215 61009 46514 57504 58837 59116 94636 77541 35510 07295 56510 08041 25041 08141 08811 18020 40365 46851 47677 50463 78561 00814 60204 60891 00814 60915 50415 93440 85100 74403 70714 08614 60955 67201 00591 69405 89410 95550 43667 76467 50468 60475 50421 56100 94651 45750 46080 42677 50468 51475 65100 72934 60204 45894 05894 10955 50405 89460 80413 75764 10204 21614 42504 03528 94638 02042 68020 41361 46080 41375 20405 76408 51463 78561 00804 12504 68514 57504 03759 11694 18514 45921 00714 45751 00804 48788 08144 07614 54714 82049 01247 30097 27241 75942 84265 45559 15504 15911 61413 67754 57502 11614 40854 75651 00561 69413 91140 20403 67751 00516 51455 86426 59445 20468 56455 76100 71440 85100 94156 45595 55040 86544 87856 18550 46080 41361 45520 44089 47651 44092 47550 46089 10076 40354 42050 44880 80413 75204 68514 57504 03554 43614 55714 05854 12672 01005 96677 61008 78141 86046 03510 09242 15647 55040 36544 02041 07640 86141 07641 02046 08910 07944 75046 08910 07110 09115 64588 07146 37571 44592 10074 40365 44076 41020 27426 78785 14316 94637 76720 10057 42678 78514 31694 63775 04585 64559 41564 10204 02504 08694 43528 14457 14608 14486 72044 85720 41591 15644 57442 05040 88361 45861 44576 10071 44575 10051 17571 48161 44081 40367 20413 67924 55277 64035 44638 07618 65645 76720 10062 42156 42675 20468 51426 80911 56458 77504 60804 03802 04458 14186 04602 04685 14575 01159 06836 94604 66144 03758 64766 54475 79068 36946 04656 72010 06166 04125 04685 14575 04159 34458 79559 41008 04035 51007 11007 94486 94102 04585 64459 16561 00894 15204 21836 64487 53720 10062 42156 10079 46391 45750 41367 82894 76564 10204 60714 40844 26677 91009 46614 60801 00804 13752 04036 77510 08289 43661 44579 10071 45589 46367 75145 20100 64660 41367 20426 80204 68514 57504 60814 43561 00778 94552 04107 64587 85645 59214 02026 65145 58647 66544 75040 59116 94635 94218 02044 88380 20402 50455 89463 67751 00894 15204 18757 64136 72044 36144 08410 07789 45520 41385 76455 95669 44576
Cryptography-Digest Digest #865
Cryptography-Digest Digest #865, Volume #13 Sun, 11 Mar 01 17:13:00 EST Contents: recursive feistel design ("Tom St Denis") Re: PKI and Non-repudiation practicalities ("Lyalc") Re: Noninvertible encryption (SCOTT19U.ZIP_GUY) Re: OverWrite: best wipe software? ("Doom the Mostly Harmless") Re: [REQ] SHA-1 MD5 hashing software ("Doom the Mostly Harmless") Re: [REQ] SHA-1 MD5 hashing software ("Tom St Denis") Blowfish name ("Liam McGann") Re: [REQ] SHA-1 MD5 hashing software ("Doom the Mostly Harmless") Re: OverWrite: best wipe software? (Anthony Stephen Szopa) Re: Really simple stream cipher (David Wagner) Re: boycott Russia (Jim D) Re: OverWrite: best wipe software? ("Tom St Denis") Re: [REQ] SHA-1 MD5 hashing software ("Tom St Denis") Re: PKI and Non-repudiation practicalities (Anne Lynn Wheeler) Re: Why do people continue to reply to Szopa? (Eric Lee Green) From: "Tom St Denis" [EMAIL PROTECTED] Subject: recursive feistel design Date: Sun, 11 Mar 2001 20:37:03 GMT I was wondering if anyone has tried to attack the TC5 cipher I design about 6 months ago. It's designed like Turtle (Matt Blaze) to use recursive feistel networks as F functions. So basically at the top level there is a 128-bit feistel that uses a 64-bit feistel a the round function. The 64-bit feistel uses the 32-bit feistel for the round function and so on downto the 16-bit feistel. The 16-bit feistel uses a 8x8 sbox as a round function. The source is at http://tomstdenis.home.dhs.org/src/tc5.c and is easy to follow I may write a short pseudo-code thingy if anyone is interested. The cool thing about my cipher is that it's provably secure against std linear/diff attacks (not guranteed against other attacks though)... Tom -- From: "Lyalc" [EMAIL PROTECTED] Subject: Re: PKI and Non-repudiation practicalities Date: Mon, 12 Mar 2001 07:37:48 +1100 those who know me have no need of my name wrote in message ... xMiq6.686$[EMAIL PROTECTED] divulged: Well, in somne cases, it makes for good customer retention. they seem to like keeping you on a leash. i don't see how they'd like you being in charge of your own secret. (to wit, most institutions will not allow you to select an alternative to your ssn or mother's maiden name as additional security verifiers.) Well, you must with a certificate-based solution - the password you use to control access/usage of the certificate - you DO use a password to control use of your certificate, don't you? And as a generalisation, your password is being verified on a machine of unknown security or integrity. What's the difference between the 2 environments we've been discussing? scale. True, noone has managed to get personal PKI certificates scaled above a few tens of thousands to my knowledge. A previous employer had more than 6 million PINs on issue, used on average 46 times/year in 1998. About the same as most shared secret models and all CRL based models i'm not overly interested in the crl models. i don't see the same effort as most shared secret models. i suspect i'm missing something, so i need to think about it some more. Please do. The challenge is not only the technology, but what the technology is used for, and it's specific needs That is always the revocation challenge, PKI, shared secret or whatever. Commercially, I (non-lawyer that I am) think most companies would revoke on the suspicion of compromise, to avoid their own negligence liability for insisting something is safe for a relying party to act upon, when it may not be. and that shows the other half of the revocation challenge -- a denial of service attack. and if there is but one secret that can be so revoked it can be even more devastating (when even a mistake happens). Commercial implementation issues are outside the standard as with all well crafted standards. i'm not sure i agree that what i described is an implementation issue, if the standard makes no allowances. We are starting stray off-list topics, so perhaps we'd be better off taking this off the list. Lyal -- okay, have a sig then -- From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) Crossposted-To: sci.math Subject: Re: Noninvertible encryption Date: 11 Mar 2001 21:02:13 GMT [EMAIL PROTECTED] (Douglas A. Gwyn) wrote in [EMAIL PROTECTED]: "SCOTT19U.ZIP_GUY" wrote: ... That it becomes trivally easy to test a key for a solution ... The crux of the matter is that, if you have a method of cryptanalysis that produces the right key, you don't need to test for a solution. And in any other case, what are you doing testing keys? There are too many of them for that to be a feasible mathod of attack. Its not that you necessiarly have a key to test. The fact that you can shows that the encrypted text carries with it all the information to be decrypted. Some smart person at the
Cryptography-Digest Digest #866
Cryptography-Digest Digest #866, Volume #13 Sun, 11 Mar 01 19:13:01 EST Contents: Re: Blowfish name (SCOTT19U.ZIP_GUY) Re: [REQ] SHA-1 MD5 hashing software (Eric Lee Green) Re: Noninvertible encryption ("Douglas A. Gwyn") Re: Really simple stream cipher ("Henrick Hellström") Re: Really simple stream cipher (David Wagner) Re: FIPS 140-2 PRG (Gregory G Rose) Quantum Computing Key Sizes (Tom McCune) Re: Quantum Computing Key Sizes ("Tom St Denis") Re: Text of Applied Cryptography (Anonymous) Re: RSA encryption on Windows -- C++ source code (Ben Cantrick) Re: Quantum Computing Key Sizes ([EMAIL PROTECTED]) Re: Quantum Computing Key Sizes ("Sam Simpson") Re: Freeware issues? ("Nick Payne") Re: = FBI easily cracks encryption ...? (CR Lyttle) Re: Quantum Computing Key Sizes (Tom McCune) From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) Subject: Re: Blowfish name Date: 11 Mar 2001 21:59:05 GMT [EMAIL PROTECTED] (Liam McGann) wrote in TfSq6.9082$[EMAIL PROTECTED]: Anyone know where Blowfish gots its name? Thanks, L.M. I could guess break it up into words "blow fish". Two nice 4 letter words let you imagination run. Also if I worked for the NSA and wanted to trick people into using fishy software what better name. It would be funny. Note these just my thoughts I have no idea why he named it that. I also don't think I would belive the originator if he told me while on truth serum during a polygraph test while he was under hypnosis and knew if he lied his loved ones assuming the person had any would be terminated. David A. Scott P.S. I hope that helps. -- SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE http://www.jim.com/jamesd/Kong/scott19u.zip Scott famous encryption website **now all allowed** http://members.xoom.com/ecil/index.htm Scott LATEST UPDATED source for scott*u.zip http://radiusnet.net/crypto/ then look for sub directory scott after pressing CRYPTO Scott famous Compression Page http://members.xoom.com/ecil/compress.htm **NOTE EMAIL address is for SPAMERS*** I leave you with this final thought from President Bill Clinton: -- From: [EMAIL PROTECTED] (Eric Lee Green) Subject: Re: [REQ] SHA-1 MD5 hashing software Reply-To: [EMAIL PROTECTED] Date: 11 Mar 2001 16:04:23 -0600 On Sun, 11 Mar 2001 21:20:14 GMT, Doom the Mostly Harmless [EMAIL PROTECTED] wrote: snip Oh boy trialware... hot digittiy. Who on earth would buy an implementation of SHA? Someone without your 3l33t k0d1ng sk1LLz? :-) Or somebody too stupid to go to: http://www.openssl.org http://www.cs.auckland.ac.nz/~pgut001/cryptlib/ http://www.eskimo.com/~weidai/cryptlib.html http://www.cryptix.org/ etc. etc. etc. But what can I say, there's a sucker born every day. -- Eric Lee Green [EMAIL PROTECTED] http://www.badtux.org AVOID EVIDENCE ELIMINATOR -- for details, see http://badtux.org/eric/editorial/scumbags.html == Posted via Newsfeeds.Com, Uncensored Usenet News == http://www.newsfeeds.com - The #1 Newsgroup Service in the World! === Over 80,000 Newsgroups = 16 Different Servers! == -- From: "Douglas A. Gwyn" [EMAIL PROTECTED] Crossposted-To: sci.math Subject: Re: Noninvertible encryption Date: Sun, 11 Mar 2001 22:24:54 GMT "SCOTT19U.ZIP_GUY" wrote: One would like to be able to give a false key so they will be happy. However, if the decryption is gibberish they won't be happy. So you at the very least would want a system that encrypts both the real message and an alternate, meaningful message under separate keys. This isn't hard under the usual OTP system, because you can take the CT and fake PT and easily find a corresponding key, but for systems with short keys it's not going to be possible unless you allow the CT to be about twice as large as would otherwise be necessary. -- From: "Henrick Hellström" [EMAIL PROTECTED] Subject: Re: Really simple stream cipher Date: Sun, 11 Mar 2001 23:40:11 +0100 Well, no, that's not the way I view it. I view crypto engines as (a) inflexible, (b) performance sinks and (c) potential security risks, at least those that are linked to / called by the executable at run time. It is not that hard to write a dll-file called e.g. "cryptnet.dll" with the right interface entries but with rigged implementations, and plant it in a computer of your choice. Since the dll is there and it has the right interface entries, the application will happily inform the user that he has connected securely - although he hasn't, because the person who planted the dll has made sure that he is able to mount a MITM attack. Sure, you could perform the same kind of attack against any kind of executable, but on e.g. Win32 platforms a dll file is usually well hidden in the system directory under a suspiciously non-informative name. Few users would know which file to
Cryptography-Digest Digest #867
Cryptography-Digest Digest #867, Volume #13 Sun, 11 Mar 01 21:13:00 EST Contents: Re: Really simple stream cipher ("Henrick Hellström") Got my wish (Was: [REQ] SHA-1 MD5 hashing software) (Thomas Boschloo) Re: Super strong crypto (David Wagner) Re: Quantum Computing Key Sizes ("Tom St Denis") Re: Quantum Computing Key Sizes (Bill Unruh) Re: Quantum Computing Key Sizes (Bill Unruh) Re: Text of Applied Cryptography .. do not feed the trolls ("Ryan M. McConahy") pgp262i-ns.zip cracking contest (Was: Attn: Chris Drake and Thomas (Thomas Boschloo) Re: ideas of D.Chaum about digital cash and whether tax offices are (John Christensen) Re: Quantum Computing Key Sizes (Tom McCune) Re: A question about passphrases (Crypto Neophyte) Digital enveloppe (br) Re: Digital enveloppe ("Tom St Denis") Re: Digital enveloppe (br) Re: An extremely difficult (possibly original) cryptogram (John Savard) Re: Really simple stream cipher (David Wagner) From: "Henrick Hellström" [EMAIL PROTECTED] Subject: Re: Really simple stream cipher Date: Mon, 12 Mar 2001 01:13:19 +0100 "David Wagner" [EMAIL PROTECTED] skrev i meddelandet news:98gvd5$chs$[EMAIL PROTECTED]... Huh? Whether you use static vs. dynamic linking is orthogonal to what your crypto code does. In a way it does depend. I would possibly mess up the lives of a lot of people if I were to rewrite some commonly used dll file just to add my favourite protocols, algorithms and modes of operation. But nothing prevents me from adding such code to our own applications. Anyway, we are not discussing the same thing. I am a security product developer with an interest in cryptography. My major concern is whether or own products are safe or not. It is at most a minor concern that we sometimes use technologies any software developer could not be recommended to use. Just we do it right ourselves and are able to convince others that we do. And, unless I have misunderstood your line of argument, it might very well be the case that we do it right. When I say "crypto engine", I'm referring to what your crypto code does (i.e., whether it uses a MAC or not, whether it uses CBC mode or CFB mode), no matter whether it's in a DLL or hard-coded into your application. If you're having troubles with spoofed DLL's, you may want to re-consider your choice of operating systems. Well, a security product developer shouldn't keep any secrets anyway. He leaves that to his customers. ;-) -- Henrick Hellström [EMAIL PROTECTED] StreamSec HB http://www.streamsec.com -- From: Thomas Boschloo [EMAIL PROTECTED] Crossposted-To: alt.security.pgp,comp.security.pgp.discuss Subject: Got my wish (Was: [REQ] SHA-1 MD5 hashing software) Date: Mon, 12 Mar 2001 01:09:05 +0100 =BEGIN PGP SIGNED MESSAGE= Tom St Denis wrote: "nemo outis" [EMAIL PROTECTED] wrote in message news:MhQq6.52508$[EMAIL PROTECTED]... Best I've found is Veracity at the eponymous: www.veracity.com Quoting from the site: "Veracity can calculate the SHA-0, SHA-1, MD2, MD4, MD5, HAVAL (four variants) and Snefru (four variants) digest algorithms, and the CRC-16, CRC-32, Fletcher, Internet, and Sum checksum algorithms." Also supports a wide range of platforms and OSs. Available as uncrippled trialware. Oh boy trialware... hot digittiy. Who on earth would buy an implementation of SHA? Maybe you were kindly referring to http://freeveracity.org/?? hint But I got my wish, ftp://ftp.veracity.com/ is perfect for my needs. They've got a MS-DOS version for 2.0.1 and a windows version for 3.1.0. And they seem totally uncrippled, although the program is a bit overkill for my modest needs. But hits-himself-on-head I should first have gone to http://www.gnupg.org/download.html. They have a windows version that is fully capable of producing hashes. Here is some output of both to demonstrate the easy with which they can be used. And thanks ELG (you know who you are) for implicating I am a sucker. Greetingz, Thomas =BEGIN PGP SIGNATURE= Version: PGPfreeware 5.5.3i for non-commercial use http://www.pgpi.com iQB5AwUBOqwEmQEP2l8iXKAJAQGnEwMeNQiVQ0CAIs/dzuXiv8Cv6Q2y4j9SZuo6 n7SuRl50t5MzTz0hw2qBejiIiyIgLHtPtwC2gKnqI6I05af7Sxk7N92sY4NdD3xo /MhUJRiV4RBZWdEDUGrpVf9ZSyzMvxZUtZRy2A== =gHBq =END PGP SIGNATURE= == C:\My Download Files\ygpg --version gpg (GnuPG) 1.0.4-1 Copyright (C) 2000 Free Software Foundation, Inc. This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. See the file COPYING for details. Home: c:/gnupg Supported algorithms: Cipher: 3DES, CAST5, BLOWFISH, RIJNDAEL, RIJNDAEL192, RIJNDAEL256, TWOFISH Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA, ELG Hash: MD5, SHA1, RIPEMD160 C:\My Download Files\ygpg --print-md sha1 veracity.exe veracity.exe: D9E1
Cryptography-Digest Digest #868
Cryptography-Digest Digest #868, Volume #13 Mon, 12 Mar 01 00:13:01 EST Contents: Re: Text of Applied Cryptography .. do not feed the trolls ([EMAIL PROTECTED]) Re: The Foolish Dozen or so in This News Group (Benjamin Goldberg) Re: Text of Applied Cryptography .. do not feed the trolls ("Tom St Denis") Re: An extremely difficult (possibly original) cryptogram ("Ashish Kasturia") Re: Text of Applied Cryptography .. do not feed the trolls (Frodo) Straw man hash. (Benjamin Goldberg) Re: Semi-super-strong crypto? (Benjamin Goldberg) Re: Digital enveloppe ("Trevor L. Jackson, III") Re: ideas of D.Chaum about digital cash and whether tax offices are (John Christensen) Re: An extremely difficult (possibly original) cryptogram (those who know me have no need of my name) Re: Text of Applied Cryptography .. do not feed the trolls ("Tom St Denis") Re: RSA encryption on Windows -- C++ source code (those who know me have no need of my name) Re: [REQ] SHA-1 MD5 hashing software (those who know me have no need of my name) Re: = FBI easily cracks encryption ...? (SCOTT19U.ZIP_GUY) Re: Noninvertible encryption (SCOTT19U.ZIP_GUY) Re: arbitrary-precision arithmetic (Benjamin Goldberg) Re: = FBI easily cracks encryption ...? (Phil Zimmerman) RE: Anonymous web browsing (Phil Zimmerman) Re: Digital enveloppe ("Scott Fluhrer") From: [EMAIL PROTECTED] Crossposted-To: alt.security.pgp,talk.politics.crypto Subject: Re: Text of Applied Cryptography .. do not feed the trolls Reply-To: * Date: Mon, 12 Mar 2001 02:13:36 GMT On Sun, 11 Mar 2001 19:52:08 -0500, "Ryan M. McConahy" [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Actually, I was not asking for noise. I merely wanted an address. I knew that an electronic version was available. I am a teenager, and do not have much money, and would prefer it in an electronic version. Perhaps you might like this, too. http://www.umich.edu/~umich/fm-34-40-2/ Enjoy the crypto. I hope your fascination lasts your entire life. -- From: Benjamin Goldberg [EMAIL PROTECTED] Crossposted-To: alt.hacker Subject: Re: The Foolish Dozen or so in This News Group Date: Mon, 12 Mar 2001 02:18:56 GMT Anthony Stephen Szopa wrote: [snip] fclose that flushes all OS buffers associated with the stream. You would think this would be enough to force a write. How many times does this need to be pounded into your head? fclose flushes the C library buffers, not the OS buffers. [snip] That's ignoring the hdd buffers. The drive light goes on for a bus transfer of data to the drive, not for actual writing. I am not convinced this is so. The documentation says specifically "system-allocated" buffers are flushed. If you choose to be stupid about what fclose does, you're allowed to be. But how do you get off even thinking of the hdd buffers as "system allocated?" I mean, nothing in the OS /creates/ them... they're part of dedicated hardware, and the buffers are dedicated to that specific purpose. Unlike OS buffers, or C library buffers, where it's just arbitrary blocks of memory, which could be used for anything at all, until the Os or user program *allocates* them for use. So in no way can hdd buffers be considered "system allocated." Also... I'm curious as to what you believe the function close() does, as opposed to fclose(). Or what write() does as opposed to fwrite(), or open() as opposed to fopen(). Or what you think fflush() does and what reason you believe for there to not be any equivilant flush() function. -- The difference between theory and practice is that in theory, theory and practice are identical, but in practice, they are not. -- From: "Tom St Denis" [EMAIL PROTECTED] Crossposted-To: alt.security.pgp,talk.politics.crypto Subject: Re: Text of Applied Cryptography .. do not feed the trolls Date: Mon, 12 Mar 2001 02:24:40 GMT "Ryan M. McConahy" [EMAIL PROTECTED] wrote in message news:3aac1d41$0$62147$[EMAIL PROTECTED]... -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Actually, I was not asking for noise. I merely wanted an address. I knew that an electronic version was available. I am a teenager, and do not have much money, and would prefer it in an electronic version. Big deal? I got a job when I was 15 and bought my own copy. It's called the "real world". Tom -- From: "Ashish Kasturia" [EMAIL PROTECTED] Crossposted-To: rec.puzzles Subject: Re: An extremely difficult (possibly original) cryptogram Date: Sun, 11 Mar 2001 22:00:49 -0500 In general, postings of this type are frowned upon. why is that? (just a question) -ash -- Date: 12 Mar 2001 02:57:32 - From: [EMAIL PROTECTED] (Frodo) Subject: Re: Text of Applied Cryptography .. do not feed the trolls Crossposted-To:
Cryptography-Digest Digest #869
Cryptography-Digest Digest #869, Volume #13 Mon, 12 Mar 01 00:13:01 EST Contents: Re: An extremely difficult (possibly original) cryptogram ("Jared Karr") Reply-To: "Jared Karr" [EMAIL PROTECTED] From: "Jared Karr" [EMAIL PROTECTED] Crossposted-To: rec.puzzles Subject: Re: An extremely difficult (possibly original) cryptogram Date: Mon, 12 Mar 2001 04:58:44 GMT Maybe you should post a shorter message in the same code. I don't think anybody wants to decode half a million characters by hand. JK "daniel mcgrath" [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]... Tysoizbyjoxs, this may be the most complicated code anyone has ever done! 19055 13058 27195 06095 25106 20605 19506 09528 23322 05502 51306 23006 62330 63311 34096 10551 66944 59241 36792 14330 95670 76105 20216 19291 30532 91304 81059 24139 04603 94218 08644 04655 04086 04037 59165 64604 84686 14457 54488 87766 15275 43155 22490 12472 82332 20550 29101 28231 92525 46564 45764 55714 60894 55222 02161 92913 05329 13048 10558 42654 45589 45869 41592 10064 66945 57510 04558 75249 01247 32256 30572 31955 34509 01837 52031 66110 05846 36946 57619 03932 25630 57231 95060 95148 10232 06051 95060 95211 19223 55970 60124 73319 54724 11929 13020 31611 36106 19280 49095 30050 20615 25609 29096 10551 60629 13053 31052 49106 45090 18375 20316 61100 58463 69465 76190 39300 97060 95148 32974 73005 02061 52560 92909 61055 16062 91305 33105 24910 29555 02240 36720 28408 09455 71426 90470 50403 67751 00574 26677 54585 64755 03240 35777 76190 39300 97060 95148 07596 17621 95472 41192 91302 03161 13610 61927 54901 24714 80759 61762 19547 30097 27241 75942 96677 44125 04637 08944 52040 25046 08144 35614 02042 66720 40250 44081 46092 44076 10092 44888 67204 08514 40854 13551 00546 51455 91156 46092 45885 81440 85412 50426 67202 24136 54038 85145 57614 02046 08041 37576 10094 65145 75040 25041 88391 10087 71443 56410 20284 08094 13561 40204 05934 60204 21561 00946 56445 92100 72955 50460 80412 50445 71443 56100 27906 83694 60466 16426 54115 90683 69460 46567 20100 55156 10094 65145 75046 57645 59555 04266 79241 36544 08141 85644 59210 07144 57510 08444 57646 75044 36945 88085 47550 40352 89463 80204 50764 48708 54141 11775 04058 14485 94557 14508 04265 64576 72010 05515 61007 44488 36541 02045 57640 85144 08510 07144 59555 04107 64607 14266 51008 94152 04036 54436 94588 02040 36795 55040 38380 80448 75351 00916 54426 56445 92426 78803 51008 94552 04085 64407 64059 11614 60955 67201 00551 56100 74448 83654 10204 05911 56403 64100 74448 66450 85413 90100 74448 55413 77504 65764 55955 50453 83614 08644 40955 50403 67751 00764 03786 14409 55672 01005 51561 00946 51457 50465 76455 95550 41869 44855 10089 44520 46080 41250 40869 44370 93460 76455 20403 67751 00744 48836 54102 04607 14502 04266 79244 75044 88080 41375 20445 76460 94669 45584 45750 40367 75100 91691 45880 76443 77504 05955 50460 95670 81445 79100 81445 20458 70764 08614 15814 07504 08694 10764 57672 01005 06654 60804 48835 94205 04216 14575 04366 78946 86541 35541 85610 09465 14575 04366 78946 86720 40366 44867 79100 80426 77504 15911 61413 67754 57504 03677 51009 24215 61009 01564 48708 54125 04215 61009 46514 57504 58837 59116 94636 77541 35510 07295 56510 08041 25041 08141 08811 18020 40365 46851 47677 50463 78561 00814 60204 60891 00814 60915 50415 93440 85100 74403 70714 08614 60955 67201 00591 69405 89410 95550 43667 76467 50468 60475 50421 56100 94651 45750 46080 42677 50468 51475 65100 72934 60204 45894 05894 10955 50405 89460 80413 75764 10204 21614 42504 03528 94638 02042 68020 41361 46080 41375 20405 76408 51463 78561 00804 12504 68514 57504 03759 11694 18514 45921 00714 45751 00804 48788 08144 07614 54714 82049 01247 30097 27241 75942 84265 45559 15504 15911 61413 67754 57502 11614 40854 75651 00561 69413 91140 20403 67751 00516 51455 86426 59445 20468 56455 76100 71440 85100 94156 45595 55040 86544 87856 18550 46080 41361 45520 44089 47651 44092 47550 46089 10076 40354 42050 44880 80413 75204 68514 57504 03554 43614 55714 05854 12672 01005 96677 61008 78141 86046 03510 09242 15647 55040 36544 02041 07640 86141 07641 02046 08910 07944 75046 08910 07110 09115 64588 07146 37571 44592 10074 40365 44076 41020 27426 78785 14316 94637 76720 10057 42678 78514 31694 63775 04585 64559 41564 10204 02504 08694 43528 14457 14608 14486 72044 85720 41591 15644 57442 05040 88361 45861 44576 10071 44575 10051 17571 48161 44081 40367 20413 67924 55277 64035 44638 07618 65645 76720 10062 42156 42675 20468 51426 80911 56458 77504 60804 03802 04458 14186 04602 04685 14575 01159 06836 94604 66144 03758 64766 54475 79068 36946 04656 72010 06166 04125 04685 14575 04159 34458 79559 41008 04035 51007 11007 94486 94102 04585 64459 16561 00894 15204 21836 64487 53720 10062 42156 10079 46391 45750 41367 82894 76564 10204 60714 40844 26677 91009
Cryptography-Digest Digest #870
Cryptography-Digest Digest #870, Volume #13 Mon, 12 Mar 01 02:13:00 EST Contents: Re: OverWrite: best wipe software? ("Trevor L. Jackson, III") Re: Super strong crypto ("Bryan Olson") Improvement of a simple cipher ("Alexis Machado") Re: Noninvertible encryption ("Douglas A. Gwyn") Re: Any news on the KFB mode? ("Bryan Olson") RE: Anonymous web browsing (SCOTT19U.ZIP_GUY) Re: = FBI easily cracks encryption ...? (SCOTT19U.ZIP_GUY) Re: Super strong crypto (SCOTT19U.ZIP_GUY) Re: An extremely difficult (possibly original) cryptogram (SCOTT19U.ZIP_GUY) Re: Text of Applied Cryptography .. do not feed the trolls (Frodo) Re: = FBI easily cracks encryption ...? (Phil Schneier) Re: Super strong crypto (Mok-Kong Shen) Re: Anonymous web browsing ("Mxsmanic") Re: Super strong crypto (Paul Crowley) Re: Encryption software (Paul Crowley) Re: Encryption software (Paul Crowley) Re: Potential of machine translation techniques? (Mok-Kong Shen) Re: Dumb inquiry (Mok-Kong Shen) From: "Trevor L. Jackson, III" [EMAIL PROTECTED] Crossposted-To: alt.hacker Subject: Re: OverWrite: best wipe software? Date: Mon, 12 Mar 2001 05:00:07 GMT Anthony Stephen Szopa wrote: "Trevor L. Jackson, III" wrote: Caveat lector. Lest innocents suffer, let the reader beware: The author of this software has struck out. Strike 1: He has not the slightest concept of the design and implementation of security software. Strike 2: He is impervious to all attempts to help him understand the issues. Strike 3: His products are unusable due to the unbelievably awkward methodology they require of the user. major snip Take as much care as you think you should." Let's see you get out of this box. Tell us now why OverWrite will not work. Take the training at http://ftp.fedworld.gov/pub/irs-pdf/p3202.pdf and then tell us how well your software works. -- From: "nospam"@"nonsuch.org" ("Bryan Olson") Subject: Re: Super strong crypto Date: Mon, 12 Mar 2001 05:03:25 GMT Douglas A. Gwyn wrote: Bryan Olson wrote: But understand it's no small detail. Thousands have tried to bridge that chasm, and so far all have failed. But in the meantime, we can try to beef up the methods we have by such methods as I was suggesting. Well, yeah sure, or other methods. But this was supposed to be about more than one's opinion on what things might help. In applications such as one I'm supporting at the moment, there are real-world constraints that force the security implementation to work too close to the edge, and efficient implementation is paramount (so the data encryption will be something like Rijndael with small parameters). Under such circumstances, anything that can be done to get in the way of the enemy cryptanalysts is welcome. If you have some result showing Rijndael is flawed, or showing your scheme is strong, that would be significant. Hypothesizing Rijndael is weak and conjecturing that your scheme would fix the weakness is not even in the direction you stated this thread seemed to be about. --Bryan -- From: "Alexis Machado" [EMAIL PROTECTED] Subject: Improvement of a simple cipher Date: Mon, 12 Mar 2001 02:24:24 -0300 Last year I presented here a block cipher called Nimbus. The encryption process iterates "r" rounds: X := K[i] * g(X xor K[r+i])(mod 2**s)(i = 0 .. r-1) where 1) X and K[...] are s-bit integers 2) X is the block been encrypted 3) Vector K is derived from a t-bit master key 4) Elements K[i] are odd, allowing multiplicative inverse (mod 2**s) 5) g is a bit-reversal function (Ex: g(10110010) = 01001101) My current implementation uses r = 5, s = 64 and t = 128. The palindrome differential D = 2**(s-1) - 2 = 0111...1110 "propagates", using xor difference, with probability 1/2 in each round and 1/2**r after r rounds. To reduce the probability of high Hamming weight differentials, I'm proposing an additive subkey. The cipher becomes X := K[i] * g(X xor K[r+i] + K[2r+i])(mod 2**s)(i = 0 .. r-1) Let a) h(X) = X + A represent the round addition (xor operation have no influence on differential propagation) b) I(m,n) be a bit sequence extracted from an integer "I", starting on bit m, ending on bit n. If n m and D(m,n) contains only 1's, the probability of h(X) xor h(X xor D) = D(equation E1) will be zero unless A(m,n) contains only 0's or only 1's(condition C1) Once C1 is satisfied, A(0, m-1) determines E1 probability. If subkeys are randomly generated, A satisfy C1 with probability p = 1/2**(n-m). Now, is very unlikely (1/2**(s-3)) that the differential used to attack the original cipher (D = 2**(s-1) - 2) could have a non-zero probability. Suggestions, comments and attacks (of course :-)) are welcome. --- Alexis