Cryptography-Digest Digest #554
Cryptography-Digest Digest #554, Volume #14 Thu, 7 Jun 01 16:13:00 EDT Contents: Re: Best, Strongest Algorithm (gone from any reasonable topic) (Tim Tyler) Re: Best, Strongest Algorithm (gone from any reasonable topic) (Tim Tyler) Re: Best, Strongest Algorithm (gone from any reasonable topic) ([EMAIL PROTECTED]) Re: shifts are slow? (Bob Jenkins) Re: Alice and Bob Speak MooJoo ([EMAIL PROTECTED]) Re: Best, Strongest Algorithm (gone from any reasonable topic) (Tom St Denis) Re: shifts are slow? ([EMAIL PROTECTED]) Re: MD5 for random number generation? (Tim Tyler) Re: Best, Strongest Algorithm (gone from any reasonable topic) ([EMAIL PROTECTED]) Re: MD5 for random number generation? (Tom St Denis) Re: Best, Strongest Algorithm (gone from any reasonable topic) (Tom St Denis) Re: Alice and Bob Speak MooJoo (Janne Tuukkanen) Re: Best, Strongest Algorithm (gone from any reasonable topic) (Tim Tyler) Re: RSA's new Factoring Challenges: $200,000 prize. (my be repeat) (Joseph Ashwood) new NSA/echelon rant (V.Z. Nuri) Re: Best, Strongest Algorithm (gone from any reasonable topic) (Tom St Denis) Re: Best, Strongest Algorithm (gone from any reasonable topic) (Tim Tyler) Re: Best, Strongest Algorithm (gone from any reasonable topic) (JPeschel) Re: Best, Strongest Algorithm (gone from any reasonable topic) (SCOTT19U.ZIP_GUY) From: Tim Tyler [EMAIL PROTECTED] Subject: Re: Best, Strongest Algorithm (gone from any reasonable topic) Reply-To: [EMAIL PROTECTED] Date: Thu, 7 Jun 2001 18:54:57 GMT Tom St Denis [EMAIL PROTECTED] wrote: : I fail to see how knowing the length of the plaintext reveals any : information contained within the plaintext. It lets you rule out plaintexts that were previously possible, and give them a probability of zero. Shannon states that for perfect secrecy the cyphertext must not give *any* clues to the plaintext. Not no clues apart from the length, but no clues at all. : You fail to solve even the most trivial of examples I pose. Hardly suprising is it? I told you that it was obvious to everyone that such examples were impossible to solve uniquely. Why do you not tire of repeatedly presenting them? -- __ |im |yler [EMAIL PROTECTED] Home page: http://alife.co.uk/tim/ -- From: Tim Tyler [EMAIL PROTECTED] Subject: Re: Best, Strongest Algorithm (gone from any reasonable topic) Reply-To: [EMAIL PROTECTED] Date: Thu, 7 Jun 2001 18:57:10 GMT [EMAIL PROTECTED] wrote: : Tim Tyler [EMAIL PROTECTED] writes: : OK - so can you identify one bit in that stream which is *not* : significant? : Everything after the final ``1''. Which bit is that? You don't know where the final 1 is, if you ignore some of the bits, now do you? So all bits *are* significant. -- __ |im |yler [EMAIL PROTECTED] Home page: http://alife.co.uk/tim/ -- Subject: Re: Best, Strongest Algorithm (gone from any reasonable topic) From: [EMAIL PROTECTED] Date: 07 Jun 2001 15:06:16 -0400 Tom St Denis [EMAIL PROTECTED] writes: [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]... Tim Tyler [EMAIL PROTECTED] writes: Those points indicate that the chance of getting a false positive in the system you describe are small. As in, ``you're better off waiting for the sun to burn out and the universe to collapse, than waiting for false positives.'' Yes, correct; I guess you could call that ``small''. You're wrong too. In an OTP like system, it's not that guessing the message is hard or improbable. It's that it's IMPOSSIBLE. Don't lose track Tom--I wasn't talking about OTP. I offered a reasonable (though extremely ballpark) estimate of the likelihood of plausible (or ``false positive'') decryptions when no compression is used. I then suggested approximately HOW MUCH MORE common BICOM would have to make the plausible files before it actually translates into false positive decryptions more often than, say, having our sun burn out. The estimate (1) gives strong reasons to doubt that BICOM has *any* practical benefit, apart from making decryption take a little longer (and the usual benefits of compression), and (2) gives Tim T. some idea what he would have to prove, in order to substantiate his claims for BICOM. ``It's obvious, because there are just lots and lots of...'' doesn't actually mean diddly. Are we all together now? Len. -- The ``attack'' that Warfield mentions was not a qmail problem; it was a fraudulent marketing stunt by the Postfix author. -- Dan Bernstein -- From: [EMAIL PROTECTED] (Bob Jenkins) Subject: Re: shifts are slow? Date: 7 Jun 2001 12:11:00 -0700 Jeffrey Williams [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]... Realistically, given the speed of today's processors, and the insanely low cost per MIP
Cryptography-Digest Digest #554
Cryptography-Digest Digest #554, Volume #13 Fri, 26 Jan 01 07:13:00 EST
Contents:
Re: Why Microsoft's Product Activation Stinks (Anthony Stephen Szopa)
Re: What do you do with broken crypto hardware? (Paul Rubin)
Re: What do you do with broken crypto hardware? (Nicol So)
Re: Durstenfeld Transpositions ARC4 (Benjamin Goldberg)
Re: Durstenfeld Transpositions ARC4 (Mok-Kong Shen)
Decode Algorythim ("Yeah")
Re: Some Enigma Questions ("Yeah")
Re: Steak Stream Cipher ([EMAIL PROTECTED])
Re: Durstenfeld Transpositions ARC4 (Mok-Kong Shen)
Paranoia (Simon Jenkins)
From: Anthony Stephen Szopa [EMAIL PROTECTED]
Crossposted-To: or.politics,talk.politics.crypto,misc.survivalism
Subject: Re: Why Microsoft's Product Activation Stinks
Date: Fri, 26 Jan 2001 00:10:54 -0800
Splaat23 wrote:
He doesn't consider XORing two files together to be significant. That's
easy! He considers XORing two files together, one of which happens to
be generated by a PRNG to be significant. Innovation, what a sight! I
wish I had his foresight to create a slow, unwieldy stream cipher that
has no market to acquire and no use.
He was not stupid for showing it to Microsoft. He's stupid for
believing that not a soul could think it up independently! I love his
lack of understanding of the laws of causation: "I sent my [simple,
bad] program [that could be thought up by any 9-year old reading _AC_]
to Microsoft, and years later they come out with something remotely
similiar, therefore they are liars and thieves!"
Note, I think Microsoft's patenting of this, if that's what they really
intend to do, is silly, like most tech patents, but that's OT.
Enough bashing of Mr. Szopa. From his past posting history (which I had
the urge to view and regret my stupidity), Mr. Szopa will disregard
anything we say here and continue to believe his own superiority over
us mere mortals.
- Andrew
In article [EMAIL PROTECTED],
Richard Heathfield [EMAIL PROTECTED] wrote:
[Sorry to reply to Joe's post when I'm really addressing the issues
raised by Mr Szopa. Mr Szopa's article hasn't hit my newsfeed yet and
may not do so for some time...]
"Anthony Stephen Szopa" [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]...
Richard Heathfield wrote:
Anthony Stephen Szopa wrote:
snip over 200 lines
So that's all I have to say for a while.
Is that a promise?
Here is a guy who spits on the souls of anyone for no damned
reason.
I guess it wasn't a promise after all. (sigh)
I told you that I am the inventor that will save people tens or
hundreds of billions of dollars in lost revenue and you verbally
shit on me with your sarcasm.
You do a good line in invective. Perhaps you should switch from crypto
to politics.
Did you develope an anti-piracy computer software module that will
prevent perhaps half at a minimum of the illegal copying of
computer software in the world?
Certainly not. I wouldn't dream of writing such a pointless program.
Do you know how important a contribution this is?
It's completely insignificant to those who have already realised that
MS
has, for years, been using the very best copy protection of all - i.e.
products that don't work, products that corrupt files, products that
hang the machine... Why would anyone with the slightest semblance of
common sense *want* to copy programs like that?
I can prove that I did this. And if I eventually do prove it
publicly everyone will know you are a fool. But most importantly
you will know. I think you probably already know you are a fool.
If you really were conned by MS, I sympathise (like Joe), but am
stunned
by your naivete.
1) Copy protection doesn't work. sci.crypt already knows this. Why
don't
you?
2) Microsoft is well-known for exploiting anything it can exploit.
I am certainly one of a very very few and perhaps the only person
in
the world who can prove that they did it before MS.
You're the guy with the proprietary no-source-code-provided technique
for XORing two files together, yes? The one with the front end that
looks like something the cat dragged in? The one you said was so
innovative?
I am not going
to divulge my thought processes here or my plans or my actions
regarding the implications of this situation at this time, as I
have
said.
Excellent.
I am actively pursuing my interests.
I think I read that there is about $50 billion dollars worth of
computer software piracy going on every year.
Well, people will play those games, I suppose.
If you don't want people to steal your software, give it away. It's
that
simple.
You must be a real high achiever to top this. Tell your friend
Cryptography-Digest Digest #554
Cryptography-Digest Digest #554, Volume #12 Mon, 28 Aug 00 07:13:00 EDT
Contents:
Re: On pseudo-random permutation (Mok-Kong Shen)
Re: PRNG Test Theory (Mok-Kong Shen)
Re: Steganography vs. Security through Obscurity ("Douglas A. Gwyn")
Re: My encryption algorithm (Mok-Kong Shen)
Re: PRNG Test Theory ("Douglas A. Gwyn")
Re: Patent, Patent is a nightmare, all software patent shuld not be (Mok-Kong Shen)
Re: Who can show me a good Cryptology site? ("kihdip")
Re: PRNG Test Theory (Mok-Kong Shen)
Re: Patent, Patent is a nightmare, all software patent shuld not be allowed (qun
ying)
Re: On pseudo-random permutation (Benjamin Goldberg)
Re: My (New) New algorithm (Mok-Kong Shen)
Re: SHA-1 program, wrongo ! (those who know me have no need of my name)
Re: avalanche characteristic (Mok-Kong Shen)
e-cash protocol concept, comments wanted (Julian Morrison)
Re: Patent, Patent is a nightmare, all software patent shuld not be
([EMAIL PROTECTED])
Re: Patent, Patent is a nightmare, all software patent shuld not be (Mok-Kong Shen)
Re: On pseudo-random permutation (Tim Tyler)
Re: e-cash protocol concept, comments wanted (Ragni Ryvold Arnesen)
Re: PGP ADK Bug: What we expect from N.A.I. ("Michel Bouissou")
Re: The DeCSS ruling - Reverse engineering? (Gisle =?iso-8859-1?Q?S=E6lensminde?=)
Re: Bytes, octets, chars, and characters (Johnny Billquist)
From: Mok-Kong Shen [EMAIL PROTECTED]
Crossposted-To: comp.programming
Subject: Re: On pseudo-random permutation
Date: Mon, 28 Aug 2000 10:22:14 +0200
Bryan Olson wrote:
Mok-Kong Shen wrote:
[...]
If the collision resolution is chosen such that the first
element of the pair is always considered less than the
second, then indeed there is a bias. The effect is however
dependent on the chance of collision, which is practically
negligible when the space of the random numbers is large,
e.g. 32 bits.
Specifically, the when the space of the random numbers is
large compared to the number of elements being permuted.
One can on the other hand use a random
choice rule to resolve collision, in which case no bias
can occur.
False for any of the usual sorting algorithms. Remember
that collisions are not limited to two elements. You could
achieve zero bias (assuming a perfect RNG) by recursively
applying the procedure to each non-singleton collision set.
Though the recursive procedure terminates with probability
one, it is technically a non-terminator. Given a generator
of perfect random bits as the one and only source of
randomness, can you find any procedure for generating
perfectly uniform random permutations (of more than two
elements) that strictly terminates? Can you show that no
such procedure exists?
(Theoretically) technically the matter is even much
worse. For, in order to have a meaningful result, one has
to be sure that one has a perfect random sequence at hand
but there is no way of verifying that in practice.
M. K. Shen
--
From: Mok-Kong Shen [EMAIL PROTECTED]
Subject: Re: PRNG Test Theory
Date: Mon, 28 Aug 2000 10:22:07 +0200
Bryan Olson wrote:
There is no universal test of randomness. There is no
algorithm that can distinguish bits produced by an algorithm
from truly random bits.
Right, though lots of theories apparently assume there
IS something that is perfectly random. Whether this
could mean a problem of certain philosophical nature I
am not very certain.
BTW, the gist of the other follow-ups was questioning
whether the approach indicated by the original poster
is methodologically meaningful even under practical
points of view.
M. K. Shen
--
From: "Douglas A. Gwyn" [EMAIL PROTECTED]
Subject: Re: Steganography vs. Security through Obscurity
Date: Mon, 28 Aug 2000 04:14:05 -0400
Runu Knips wrote:
So stenography does NOT require obscurity. It only hides the
fact if there is an encrypted message OR if there is random
data.
No, that's wrong. Some successful steganographic schemes hide
the message without encrypting it; the method of hiding itself
uses a crypto key, but that is used to select sites, modes,
etc., while the data itself is used directly.
In many applications, the main goal of steganography is to
avoid detection, which is in effect a requirement for obscurity.
--
From: Mok-Kong Shen [EMAIL PROTECTED]
Subject: Re: My encryption algorithm
Date: Mon, 28 Aug 2000 10:28:00 +0200
Runu Knips wrote:
The funnier part is that I miss the previous posting of the one I'm
now answering, while all postings I've written friday didn't
appeared on my server.
Couldn't a server crash be an explanation?
M. K. Shen
--
From: "Douglas A. Gwyn" [EMAIL PROTECTED]
Subject: Re: PRNG Test Theory
Date:
Cryptography-Digest Digest #554
Cryptography-Digest Digest #554, Volume #10 Fri, 12 Nov 99 15:13:02 EST
Contents:
Intelligence System Behavior Newsletters ("Markku J. Saarelainen")
From: "Markku J. Saarelainen" [EMAIL PROTECTED]
Crossposted-To:
alt.politics.org.cia,soc.culture.russian,soc.culture.ukrainian,soc.culture.europe,alt.security,soc.culture.soviet
Subject: Intelligence System Behavior Newsletters
Date: Fri, 12 Nov 1999 12:22:57 +
This is a multi-part message in MIME format.
==2D30142335C5A1FC0FDBB794
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
If you like to receive all Intelligence Systems Behavior Newsletters,
please, email me to [EMAIL PROTECTED] and write in the subject line:
"Subscription to ISBN".
Thanks,
Markku
Atlanta, GA
P.S. I have attached some samples below - I have added also the listing
of all ISBN since 1994.
==2D30142335C5A1FC0FDBB794
Content-Type: text/html; charset=us-ascii;
name="Isbn0494.htm"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="Isbn0494.htm"
!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN"
HTML
HEAD
TITLEIntelligence Systems Behavior Newsletter/TITLE
/HEAD
BODY BGCOLOR="#80" TEXT="#00" LINK="#FF" VLINK="#FF"
p
Copyright 1994 Markku J. Saarelainen
p
CENTERIntelligence Systems Behavior Newsletter
p
April, 1994 Issue
p
by
p
Markku J. Saarelainen
p
ORGANIZATIONAL BEHAVIOR AND THE ISO 9000 INTELLIGENCE SYSTEM
/CENTER
p
The ISO 9000 series describe general requirements for the intelligence system
creating a framework for an organization to define its own unique intelligence system
including necessary policies, procedures, work instructions and other documentation.
By designing the system, the organization also defines and establishes its
requirements for the organizational behavior - a part of the organizational culture.
The behavioral requirements shall establish specific behavioral patterns and roadmaps
among its organizational members.
p
Organizational behavior is the conduct of structured, coordinated and planned
acts and actions by an organization and its members in any event or situation either
internally or externally. The behavior is most often influenced by those whose
powerbase and activeness of using this powerbase is greatest. In this way the
organization reflects values, attitudes, perceptions and interests of the
organizational leadership. Impacts of actions vary depending on the suitability of
this behavior in any particular situation.
p
The preestablished behavior can be changed by designing new patterns and roadmaps
within the organization for different functions, departments, events and situations.
This is often referred to as the Business Process Reengineering or shortly BPR.
However, any change in existing behavior can be stressful among those who need to
change their established patterns. This shall increase the stress level within the
organization, which can have multiple symptoms such as increased internal politics,
resignations or negative attitudes towards the organization and its members. To
minimize negative impacts of any effort to change behavior, the change has to be
managed in a coordinated and predetermined manner to guarantee the most benefits from
the behavioral change. Several tools can be used for managing the change including the
following methods:
p
1. involving all organizational levels in the change process and its design,
p
2. providing adequate training and information, 3. creating an open, honest and
constructive organizational environment,
p
4. providing necessary counselling and assistance for organizational members,
p
5. planning all changes adequately,
p
6. initiating only incremental changes,
p
7. team building,
p
8. defining and sharing common visions, missions, objectives, goals and targets and
p
9. obtaining and providing positive and negative feedback in a timely and accurate
manner - establishing good internal communication mechanisms.
p
Do the best organizations have the best organizational policies, procedures and
other established practices? The only answer - Yes. The intelligence system
development provides an opportunity for an organization to change its established
behaviors and redesign some of its systems to meet new business requirements. The ISO
9000 series itself already establishes some key intelligent requirements for the
business; however it is the responsibility of the organization to design its own way
of doing business while meeting the ISO 9000 requirements. During this design process,
some benchmarking techniques can be used to determine targets for improvement projects
and an extensive research can be completed to identify future business requirements.
This design proces
