Cryptography-Digest Digest #554
Cryptography-Digest Digest #554, Volume #14 Thu, 7 Jun 01 16:13:00 EDT Contents: Re: Best, Strongest Algorithm (gone from any reasonable topic) (Tim Tyler) Re: Best, Strongest Algorithm (gone from any reasonable topic) (Tim Tyler) Re: Best, Strongest Algorithm (gone from any reasonable topic) ([EMAIL PROTECTED]) Re: shifts are slow? (Bob Jenkins) Re: Alice and Bob Speak MooJoo ([EMAIL PROTECTED]) Re: Best, Strongest Algorithm (gone from any reasonable topic) (Tom St Denis) Re: shifts are slow? ([EMAIL PROTECTED]) Re: MD5 for random number generation? (Tim Tyler) Re: Best, Strongest Algorithm (gone from any reasonable topic) ([EMAIL PROTECTED]) Re: MD5 for random number generation? (Tom St Denis) Re: Best, Strongest Algorithm (gone from any reasonable topic) (Tom St Denis) Re: Alice and Bob Speak MooJoo (Janne Tuukkanen) Re: Best, Strongest Algorithm (gone from any reasonable topic) (Tim Tyler) Re: RSA's new Factoring Challenges: $200,000 prize. (my be repeat) (Joseph Ashwood) new NSA/echelon rant (V.Z. Nuri) Re: Best, Strongest Algorithm (gone from any reasonable topic) (Tom St Denis) Re: Best, Strongest Algorithm (gone from any reasonable topic) (Tim Tyler) Re: Best, Strongest Algorithm (gone from any reasonable topic) (JPeschel) Re: Best, Strongest Algorithm (gone from any reasonable topic) (SCOTT19U.ZIP_GUY) From: Tim Tyler [EMAIL PROTECTED] Subject: Re: Best, Strongest Algorithm (gone from any reasonable topic) Reply-To: [EMAIL PROTECTED] Date: Thu, 7 Jun 2001 18:54:57 GMT Tom St Denis [EMAIL PROTECTED] wrote: : I fail to see how knowing the length of the plaintext reveals any : information contained within the plaintext. It lets you rule out plaintexts that were previously possible, and give them a probability of zero. Shannon states that for perfect secrecy the cyphertext must not give *any* clues to the plaintext. Not no clues apart from the length, but no clues at all. : You fail to solve even the most trivial of examples I pose. Hardly suprising is it? I told you that it was obvious to everyone that such examples were impossible to solve uniquely. Why do you not tire of repeatedly presenting them? -- __ |im |yler [EMAIL PROTECTED] Home page: http://alife.co.uk/tim/ -- From: Tim Tyler [EMAIL PROTECTED] Subject: Re: Best, Strongest Algorithm (gone from any reasonable topic) Reply-To: [EMAIL PROTECTED] Date: Thu, 7 Jun 2001 18:57:10 GMT [EMAIL PROTECTED] wrote: : Tim Tyler [EMAIL PROTECTED] writes: : OK - so can you identify one bit in that stream which is *not* : significant? : Everything after the final ``1''. Which bit is that? You don't know where the final 1 is, if you ignore some of the bits, now do you? So all bits *are* significant. -- __ |im |yler [EMAIL PROTECTED] Home page: http://alife.co.uk/tim/ -- Subject: Re: Best, Strongest Algorithm (gone from any reasonable topic) From: [EMAIL PROTECTED] Date: 07 Jun 2001 15:06:16 -0400 Tom St Denis [EMAIL PROTECTED] writes: [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]... Tim Tyler [EMAIL PROTECTED] writes: Those points indicate that the chance of getting a false positive in the system you describe are small. As in, ``you're better off waiting for the sun to burn out and the universe to collapse, than waiting for false positives.'' Yes, correct; I guess you could call that ``small''. You're wrong too. In an OTP like system, it's not that guessing the message is hard or improbable. It's that it's IMPOSSIBLE. Don't lose track Tom--I wasn't talking about OTP. I offered a reasonable (though extremely ballpark) estimate of the likelihood of plausible (or ``false positive'') decryptions when no compression is used. I then suggested approximately HOW MUCH MORE common BICOM would have to make the plausible files before it actually translates into false positive decryptions more often than, say, having our sun burn out. The estimate (1) gives strong reasons to doubt that BICOM has *any* practical benefit, apart from making decryption take a little longer (and the usual benefits of compression), and (2) gives Tim T. some idea what he would have to prove, in order to substantiate his claims for BICOM. ``It's obvious, because there are just lots and lots of...'' doesn't actually mean diddly. Are we all together now? Len. -- The ``attack'' that Warfield mentions was not a qmail problem; it was a fraudulent marketing stunt by the Postfix author. -- Dan Bernstein -- From: [EMAIL PROTECTED] (Bob Jenkins) Subject: Re: shifts are slow? Date: 7 Jun 2001 12:11:00 -0700 Jeffrey Williams [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]... Realistically, given the speed of today's processors, and the insanely low cost per MIP
Cryptography-Digest Digest #554
Cryptography-Digest Digest #554, Volume #13 Fri, 26 Jan 01 07:13:00 EST Contents: Re: Why Microsoft's Product Activation Stinks (Anthony Stephen Szopa) Re: What do you do with broken crypto hardware? (Paul Rubin) Re: What do you do with broken crypto hardware? (Nicol So) Re: Durstenfeld Transpositions ARC4 (Benjamin Goldberg) Re: Durstenfeld Transpositions ARC4 (Mok-Kong Shen) Decode Algorythim ("Yeah") Re: Some Enigma Questions ("Yeah") Re: Steak Stream Cipher ([EMAIL PROTECTED]) Re: Durstenfeld Transpositions ARC4 (Mok-Kong Shen) Paranoia (Simon Jenkins) From: Anthony Stephen Szopa [EMAIL PROTECTED] Crossposted-To: or.politics,talk.politics.crypto,misc.survivalism Subject: Re: Why Microsoft's Product Activation Stinks Date: Fri, 26 Jan 2001 00:10:54 -0800 Splaat23 wrote: He doesn't consider XORing two files together to be significant. That's easy! He considers XORing two files together, one of which happens to be generated by a PRNG to be significant. Innovation, what a sight! I wish I had his foresight to create a slow, unwieldy stream cipher that has no market to acquire and no use. He was not stupid for showing it to Microsoft. He's stupid for believing that not a soul could think it up independently! I love his lack of understanding of the laws of causation: "I sent my [simple, bad] program [that could be thought up by any 9-year old reading _AC_] to Microsoft, and years later they come out with something remotely similiar, therefore they are liars and thieves!" Note, I think Microsoft's patenting of this, if that's what they really intend to do, is silly, like most tech patents, but that's OT. Enough bashing of Mr. Szopa. From his past posting history (which I had the urge to view and regret my stupidity), Mr. Szopa will disregard anything we say here and continue to believe his own superiority over us mere mortals. - Andrew In article [EMAIL PROTECTED], Richard Heathfield [EMAIL PROTECTED] wrote: [Sorry to reply to Joe's post when I'm really addressing the issues raised by Mr Szopa. Mr Szopa's article hasn't hit my newsfeed yet and may not do so for some time...] "Anthony Stephen Szopa" [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]... Richard Heathfield wrote: Anthony Stephen Szopa wrote: snip over 200 lines So that's all I have to say for a while. Is that a promise? Here is a guy who spits on the souls of anyone for no damned reason. I guess it wasn't a promise after all. (sigh) I told you that I am the inventor that will save people tens or hundreds of billions of dollars in lost revenue and you verbally shit on me with your sarcasm. You do a good line in invective. Perhaps you should switch from crypto to politics. Did you develope an anti-piracy computer software module that will prevent perhaps half at a minimum of the illegal copying of computer software in the world? Certainly not. I wouldn't dream of writing such a pointless program. Do you know how important a contribution this is? It's completely insignificant to those who have already realised that MS has, for years, been using the very best copy protection of all - i.e. products that don't work, products that corrupt files, products that hang the machine... Why would anyone with the slightest semblance of common sense *want* to copy programs like that? I can prove that I did this. And if I eventually do prove it publicly everyone will know you are a fool. But most importantly you will know. I think you probably already know you are a fool. If you really were conned by MS, I sympathise (like Joe), but am stunned by your naivete. 1) Copy protection doesn't work. sci.crypt already knows this. Why don't you? 2) Microsoft is well-known for exploiting anything it can exploit. I am certainly one of a very very few and perhaps the only person in the world who can prove that they did it before MS. You're the guy with the proprietary no-source-code-provided technique for XORing two files together, yes? The one with the front end that looks like something the cat dragged in? The one you said was so innovative? I am not going to divulge my thought processes here or my plans or my actions regarding the implications of this situation at this time, as I have said. Excellent. I am actively pursuing my interests. I think I read that there is about $50 billion dollars worth of computer software piracy going on every year. Well, people will play those games, I suppose. If you don't want people to steal your software, give it away. It's that simple. You must be a real high achiever to top this. Tell your friend
Cryptography-Digest Digest #554
Cryptography-Digest Digest #554, Volume #12 Mon, 28 Aug 00 07:13:00 EDT Contents: Re: On pseudo-random permutation (Mok-Kong Shen) Re: PRNG Test Theory (Mok-Kong Shen) Re: Steganography vs. Security through Obscurity ("Douglas A. Gwyn") Re: My encryption algorithm (Mok-Kong Shen) Re: PRNG Test Theory ("Douglas A. Gwyn") Re: Patent, Patent is a nightmare, all software patent shuld not be (Mok-Kong Shen) Re: Who can show me a good Cryptology site? ("kihdip") Re: PRNG Test Theory (Mok-Kong Shen) Re: Patent, Patent is a nightmare, all software patent shuld not be allowed (qun ying) Re: On pseudo-random permutation (Benjamin Goldberg) Re: My (New) New algorithm (Mok-Kong Shen) Re: SHA-1 program, wrongo ! (those who know me have no need of my name) Re: avalanche characteristic (Mok-Kong Shen) e-cash protocol concept, comments wanted (Julian Morrison) Re: Patent, Patent is a nightmare, all software patent shuld not be ([EMAIL PROTECTED]) Re: Patent, Patent is a nightmare, all software patent shuld not be (Mok-Kong Shen) Re: On pseudo-random permutation (Tim Tyler) Re: e-cash protocol concept, comments wanted (Ragni Ryvold Arnesen) Re: PGP ADK Bug: What we expect from N.A.I. ("Michel Bouissou") Re: The DeCSS ruling - Reverse engineering? (Gisle =?iso-8859-1?Q?S=E6lensminde?=) Re: Bytes, octets, chars, and characters (Johnny Billquist) From: Mok-Kong Shen [EMAIL PROTECTED] Crossposted-To: comp.programming Subject: Re: On pseudo-random permutation Date: Mon, 28 Aug 2000 10:22:14 +0200 Bryan Olson wrote: Mok-Kong Shen wrote: [...] If the collision resolution is chosen such that the first element of the pair is always considered less than the second, then indeed there is a bias. The effect is however dependent on the chance of collision, which is practically negligible when the space of the random numbers is large, e.g. 32 bits. Specifically, the when the space of the random numbers is large compared to the number of elements being permuted. One can on the other hand use a random choice rule to resolve collision, in which case no bias can occur. False for any of the usual sorting algorithms. Remember that collisions are not limited to two elements. You could achieve zero bias (assuming a perfect RNG) by recursively applying the procedure to each non-singleton collision set. Though the recursive procedure terminates with probability one, it is technically a non-terminator. Given a generator of perfect random bits as the one and only source of randomness, can you find any procedure for generating perfectly uniform random permutations (of more than two elements) that strictly terminates? Can you show that no such procedure exists? (Theoretically) technically the matter is even much worse. For, in order to have a meaningful result, one has to be sure that one has a perfect random sequence at hand but there is no way of verifying that in practice. M. K. Shen -- From: Mok-Kong Shen [EMAIL PROTECTED] Subject: Re: PRNG Test Theory Date: Mon, 28 Aug 2000 10:22:07 +0200 Bryan Olson wrote: There is no universal test of randomness. There is no algorithm that can distinguish bits produced by an algorithm from truly random bits. Right, though lots of theories apparently assume there IS something that is perfectly random. Whether this could mean a problem of certain philosophical nature I am not very certain. BTW, the gist of the other follow-ups was questioning whether the approach indicated by the original poster is methodologically meaningful even under practical points of view. M. K. Shen -- From: "Douglas A. Gwyn" [EMAIL PROTECTED] Subject: Re: Steganography vs. Security through Obscurity Date: Mon, 28 Aug 2000 04:14:05 -0400 Runu Knips wrote: So stenography does NOT require obscurity. It only hides the fact if there is an encrypted message OR if there is random data. No, that's wrong. Some successful steganographic schemes hide the message without encrypting it; the method of hiding itself uses a crypto key, but that is used to select sites, modes, etc., while the data itself is used directly. In many applications, the main goal of steganography is to avoid detection, which is in effect a requirement for obscurity. -- From: Mok-Kong Shen [EMAIL PROTECTED] Subject: Re: My encryption algorithm Date: Mon, 28 Aug 2000 10:28:00 +0200 Runu Knips wrote: The funnier part is that I miss the previous posting of the one I'm now answering, while all postings I've written friday didn't appeared on my server. Couldn't a server crash be an explanation? M. K. Shen -- From: "Douglas A. Gwyn" [EMAIL PROTECTED] Subject: Re: PRNG Test Theory Date:
Cryptography-Digest Digest #554
Cryptography-Digest Digest #554, Volume #10 Fri, 12 Nov 99 15:13:02 EST Contents: Intelligence System Behavior Newsletters ("Markku J. Saarelainen") From: "Markku J. Saarelainen" [EMAIL PROTECTED] Crossposted-To: alt.politics.org.cia,soc.culture.russian,soc.culture.ukrainian,soc.culture.europe,alt.security,soc.culture.soviet Subject: Intelligence System Behavior Newsletters Date: Fri, 12 Nov 1999 12:22:57 + This is a multi-part message in MIME format. ==2D30142335C5A1FC0FDBB794 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit If you like to receive all Intelligence Systems Behavior Newsletters, please, email me to [EMAIL PROTECTED] and write in the subject line: "Subscription to ISBN". Thanks, Markku Atlanta, GA P.S. I have attached some samples below - I have added also the listing of all ISBN since 1994. ==2D30142335C5A1FC0FDBB794 Content-Type: text/html; charset=us-ascii; name="Isbn0494.htm" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="Isbn0494.htm" !DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN" HTML HEAD TITLEIntelligence Systems Behavior Newsletter/TITLE /HEAD BODY BGCOLOR="#80" TEXT="#00" LINK="#FF" VLINK="#FF" p Copyright 1994 Markku J. Saarelainen p CENTERIntelligence Systems Behavior Newsletter p April, 1994 Issue p by p Markku J. Saarelainen p ORGANIZATIONAL BEHAVIOR AND THE ISO 9000 INTELLIGENCE SYSTEM /CENTER p The ISO 9000 series describe general requirements for the intelligence system creating a framework for an organization to define its own unique intelligence system including necessary policies, procedures, work instructions and other documentation. By designing the system, the organization also defines and establishes its requirements for the organizational behavior - a part of the organizational culture. The behavioral requirements shall establish specific behavioral patterns and roadmaps among its organizational members. p Organizational behavior is the conduct of structured, coordinated and planned acts and actions by an organization and its members in any event or situation either internally or externally. The behavior is most often influenced by those whose powerbase and activeness of using this powerbase is greatest. In this way the organization reflects values, attitudes, perceptions and interests of the organizational leadership. Impacts of actions vary depending on the suitability of this behavior in any particular situation. p The preestablished behavior can be changed by designing new patterns and roadmaps within the organization for different functions, departments, events and situations. This is often referred to as the Business Process Reengineering or shortly BPR. However, any change in existing behavior can be stressful among those who need to change their established patterns. This shall increase the stress level within the organization, which can have multiple symptoms such as increased internal politics, resignations or negative attitudes towards the organization and its members. To minimize negative impacts of any effort to change behavior, the change has to be managed in a coordinated and predetermined manner to guarantee the most benefits from the behavioral change. Several tools can be used for managing the change including the following methods: p 1. involving all organizational levels in the change process and its design, p 2. providing adequate training and information, 3. creating an open, honest and constructive organizational environment, p 4. providing necessary counselling and assistance for organizational members, p 5. planning all changes adequately, p 6. initiating only incremental changes, p 7. team building, p 8. defining and sharing common visions, missions, objectives, goals and targets and p 9. obtaining and providing positive and negative feedback in a timely and accurate manner - establishing good internal communication mechanisms. p Do the best organizations have the best organizational policies, procedures and other established practices? The only answer - Yes. The intelligence system development provides an opportunity for an organization to change its established behaviors and redesign some of its systems to meet new business requirements. The ISO 9000 series itself already establishes some key intelligent requirements for the business; however it is the responsibility of the organization to design its own way of doing business while meeting the ISO 9000 requirements. During this design process, some benchmarking techniques can be used to determine targets for improvement projects and an extensive research can be completed to identify future business requirements. This design proces