Cryptography-Digest Digest #642
Cryptography-Digest Digest #642, Volume #13 Tue, 6 Feb 01 15:13:01 EST
Contents:
Re: Mod function (Richard Heathfield)
Re: Finite field/polynomial mathematics (Bob Silverman)
Re: RSA, discrete log Both not secure... (Bob Silverman)
Re: Pseudo Random Number Generator ("Tony T. Warnock")
Re: Callback security (Tom St Denis)
Re: Callback security (stanislav shalunov)
Nobody is on nobody´s side no contract is truely signed (Markku J.
Saarelainen)
Re: RSA, discrete log Both not secure... ("Carpe Diem")
Re: use of AES?? help (Mike Rosing)
Re: RSA: Finding the private exp instead of factoring (Darren New)
Re: Pseudo Random Number Generator (Bryan Olson)
Re: Pseudo Random Number Generator (Bryan Olson)
Re: Questions about Diffie-Hellman ("Joseph Ashwood")
Re: Phillipine math guy claims to have fast RSA Factoring... (David Schwartz)
RE: Disk Overwriting (Albert P. Belle Isle)
Re: Encrypting Predictable Files ("Joseph Ashwood")
Re: efficient coin flipping ([EMAIL PROTECTED])
Re: On combining permutations and substitutions in encryption (Bryan Olson)
Date: Tue, 06 Feb 2001 18:19:47 +
From: Richard Heathfield [EMAIL PROTECTED]
Subject: Re: Mod function
Nemo psj wrote:
in VB mod is already built in
Buf = 500 mod(255)
that will mod 500 to 255
But the big question is - did MS check the legal position with Szopa
International before adding MOD support to VB?
--
Richard Heathfield
"Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
KR Answers: http://users.powernet.co.uk/eton/kandr2/index.html
--
From: Bob Silverman [EMAIL PROTECTED]
Subject: Re: Finite field/polynomial mathematics
Date: Tue, 06 Feb 2001 17:22:01 GMT
In article 95ovud$dvv$[EMAIL PROTECTED],
"Brendan Lynskey" [EMAIL PROTECTED] wrote:
Sorry for posting such a basic request, but does anyone out there
know of a
well-made tuorial that covers the above types of mathematics?
See:
Lidl Neiderreiter "Finite Fields", Encyclopaedia of Mathematics,
Vol 20.
--
Bob Silverman
"You can lead a horse's ass to knowledge, but you can't make him think"
Sent via Deja.com
http://www.deja.com/
--
From: Bob Silverman [EMAIL PROTECTED]
Subject: Re: RSA, discrete log Both not secure...
Date: Tue, 06 Feb 2001 17:24:10 GMT
In article 95nkdj$iag$[EMAIL PROTECTED],
"Carpe Diem" [EMAIL PROTECTED] wrote:
Well, you can factor an integer in polynomial time and I do not think
this
made RSA less secure.
Where did you get this bit of nonsense???
--
Bob Silverman
"You can lead a horse's ass to knowledge, but you can't make him think"
Sent via Deja.com
http://www.deja.com/
--
From: "Tony T. Warnock" [EMAIL PROTECTED]
Subject: Re: Pseudo Random Number Generator
Date: Tue, 06 Feb 2001 10:34:13 -0700
Reply-To: [EMAIL PROTECTED]
For two binary streams, the proof is short. Let the probability of a 1
bit be 1/2+P for one stream and 1/2+Q for the other. (This assumes an
excess of 1 bits in each stream, the other three cases workout the same
way.) Note that P and Q are less than 1/2 (except in the case of all 1's
or all 0's). Then the probablity of a 1 from combining two independent
sequences is: (1/2+P)(1/2+Q)+(1/2-P)(1/2-Q) =
1/4+1/2(P+Q)+PQ+1/2-1/2(P+Q)+PQ = 1/2+2PQ. As both P and Q are less than
1/2, 1/2+2PQ is closer to 1/2 than either 1/2+P or 1/2+Q. The other
cases follow by symmetry.
--
From: Tom St Denis [EMAIL PROTECTED]
Subject: Re: Callback security
Date: Tue, 06 Feb 2001 17:27:35 GMT
In article [EMAIL PROTECTED],
[EMAIL PROTECTED] wrote:
Can anyone tell me the security problems with modems that use a simple
password and callback facility. I'm not interested in how secure the
password is, just the callback part of it.
These schemes are very old, the idea is that you can't fake a phone number.
You can however go to a friends house and make another account then access
both from your house. But other than that it's a secure way to avoid
duplicate accounts from the same number.
Tom
Sent via Deja.com
http://www.deja.com/
--
From: stanislav shalunov [EMAIL PROTECTED]
Subject: Re: Callback security
Date: 06 Feb 2001 12:56:41 -0500
Steve Amor [EMAIL PROTECTED] writes:
Can anyone tell me the security problems with modems that use a simple
password and callback facility. I'm not interested in how secure the
password is, just the callback part of it.
Callback per se is a very good security measure, but, of course,
circumventable.
See, e.g., http://www.lonestar.texas.net/~dub/crack2i.html
Also, some guy used to reroute calls to Western Union customers to a
pay phone to get cash (subverting s
Cryptography-Digest Digest #642
Cryptography-Digest Digest #642, Volume #12 Sat, 9 Sep 00 17:13:01 EDT
Contents:
Re: Intel's 1.13 MHZ chip (Mok-Kong Shen)
Re: Intel's 1.13 MHZ chip ("m.a.jones01")
Re: RSA patent expiration party still on for the 20th (Rich Wales)
Re: security warning -- "www.etradebank.com" (Neil Y. Kramo)
R: PRNG ("Cristiano")
Re: Intel's 1.13 MHZ chip (Neil Y. Kramo)
Re: Losing AES Candidates Could Be a Good Bet? (SCOTT19U.ZIP_GUY)
Re: could you please tell me how this calculation has been obtained ? ("Nathan
Williams")
Re: PRNG ("Paul Pires")
Re: Carnivore article in October CACM _Inside_Risks (Anonymous)
Re: RSA?? (Bill Unruh)
DCSB: RSA Expiration Fundraiser for EFF, Downtown Harvard Club of Boston (Robert
Hettinga)
Re: PRNG (Terry Ritter)
Re: on a ligher note... ("Cheri Mike Jackmin")
From: Mok-Kong Shen [EMAIL PROTECTED]
Subject: Re: Intel's 1.13 MHZ chip
Date: Sat, 09 Sep 2000 18:24:17 +0200
Sorry, please replace MHZ by GHZ.
M. K. Shen
--
From: "m.a.jones01" [EMAIL PROTECTED]
Subject: Re: Intel's 1.13 MHZ chip
Date: Sat, 9 Sep 2000 17:16:08 +0100
Wow, 1.13Mhz Pentiums. Suddenly, I feel really lucky that I own a 500Mhz
Pentium ...
Mok-Kong Shen [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]...
Intel has launched a call-back of its 1.13 MHZ Pentium III,
leaving currently AMD's 1.1 MHZ Athlon at the head of the
line.
This shows once again that in information processing there
is much more to be worried about than algorithmics alone.
Compatibility of hardware/software of the communication
partners needs to be assured and diverse forms of
redundancy may be called for in certain critical
applications. I guess that such issues are no less
important than questions like whether the opponent
can obtain the 2^m pairs of plaintext and ciphertext
(m sufficiently large) which the theory shows is
sufficient/necessary for him to get the key.
M. K. Shen
--
From: [EMAIL PROTECTED] (Rich Wales)
Subject: Re: RSA patent expiration party still on for the 20th
Date: 9 Sep 2000 16:16:02 -
"No User" wrote:
Keeping the invention internal and unproductive
for the term of the patent is not enough to claim
the experimental use defense;
If this is true, what implications might it have on the use in the
US of the following:
== RSA code which was written outside the US, and intended at the
time only for use outside the US?
== PGP 2.6.3ia or other software using Phil Zimmermann's MPILIB
code, which was written in the US in the 1980's?
Rich Wales [EMAIL PROTECTED] http://www.webcom.com/richw/
PGP 2.6+ key generated 2000-08-26; all previous encryption keys REVOKED.
RSA, 2048 bits, ID 0xFDF8FC65, print 2A67F410 0C740867 3EF13F41 528512FA
--
From: [EMAIL PROTECTED] (Neil Y. Kramo)
Subject: Re: security warning -- "www.etradebank.com"
Date: Sat, 09 Sep 2000 17:51:17 GMT
"Harvey Rook" [EMAIL PROTECTED] wrote:
-When you call in you must know some personal information
(SSN/Address/Mothers Madden Name/Amount of last deposit or withdrawal )
Although I'm sure many people actually DO give their mother's real maiden
name, it's important to remember that you can give any name that you like
in response to this naive question, so long as you don't later forget what
you said. I generally give a different "mother's maiden name" for each
request that I get, and I make a side note to be skeptical of the security
policies of the company that asked.
--
"Neil Y. Kramo" is actually 8251 074396 [EMAIL PROTECTED].
0123 4 56789 - Use this key to decode my email address and name.
Play Five by Five Poker at http://www.5X5poker.com.
--
From: "Cristiano" [EMAIL PROTECTED]
Subject: R: PRNG
Date: Sat, 9 Sep 2000 19:42:28 +0200
[EMAIL PROTECTED] (S. T. L.) wrote:
/* DIEHARDC ok (no 0.00 no 1.00) */
This is not the way to interpret DieHard results.
Technically there is no valid way to interpret DH results...
You too do you think Diehard give "strange" result?
I my many and many tests Diehard seems not to give p-values very
understandable.
Cristiano
--
From: [EMAIL PROTECTED] (Neil Y. Kramo)
Subject: Re: Intel's 1.13 MHZ chip
Date: Sat, 09 Sep 2000 17:59:44 GMT
Mok-Kong Shen [EMAIL PROTECTED] wrote:
Intel has launched a call-back of its 1.13 MHZ Pentium III,
leaving currently AMD's 1.1 MHZ Athlon at the head of the
line.
Don't those idiots realize that there are processors today that are a
thousand times faster? What were they thinking?
--
"Neil Y. Kramo" is actually 8251 074396 [EMAIL PROTECTED].
0123 4 56789 - Use this key
Cryptography-Digest Digest #642
Cryptography-Digest Digest #642, Volume #10 Sun, 28 Nov 99 10:13:01 EST
Contents:
Re: Attack 2x Playfair how? (Was: Nova program...also cipher contest) (Niteowl)
Re: How safe is Mobile Phone ? ("Hank")
Re: replay.com? where's this great crypto archive gone? (Paul Rubin)
Re: Secretly Obscured Subset (David Hopwood)
Re: smartcard idea? (Daniel James)
Re: Random Noise Encryption Buffs (Look Here) (Guy Macon)
A dangerous question ([EMAIL PROTECTED])
Re: Random Noise Encryption Buffs (Look Here) (Tom St Denis)
Re: Random Noise Encryption Buffs (Look Here) (Tom St Denis)
Re: cryptography control? (SCOTT19U.ZIP_GUY)
Fact or Fiction ? Quantum device breaks RSA-512 encryption in 12
([EMAIL PROTECTED])
Re: bits of diffiehellman private key ("Michael Scott")
Re: New U.S. Crypto Regulations (advance copy: do not distribute) (cat)
Re: Random Noise Encryption Buffs (Look Here) (Tom St Denis)
Re: Fact or Fiction ? Quantum device breaks RSA-512 encryption in 12 micro sec
(John Savard)
Re: AES cyphers leak information like sieves ("Trevor Jackson, III")
From: Niteowl [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
Subject: Re: Attack 2x Playfair how? (Was: Nova program...also cipher contest)
Date: Sun, 28 Nov 1999 08:26:11 GMT
Jim Gillogly wrote:
I'm afraid my observations are discouraging also. The best idea I
have
is "shotgun hillclimbing", where you start guessing squares based on
the crib information you have, and keep readjusting and calculating
the
plaintext. The Double Playfair turned out to be too hard for this
kind
of a contest. My excuse is that I had thought when first creating the
contest that Double Playfair was the same as two-square with a little
extra wrinkle, and that much information would have been enough to
solve it. However, just before the contest went up I visited the
National
Archives in D.C. and discovered some recently declassified docs from
Bletchley Park (in the NSA Open Door collection) that had some
material
on Double Playfair, including a paper with a bunch of German
intercepts.
I did a quick revision, added a big clue (i.e. one of the keywords),
and
hoped that would be enough to make it accessible. However, the
British
typically needed quite a lot more material to begin reconstructing the
squares... mea culpa.
I got nowhere with this approach. I tried using the suggested keywords
asone of the squares and then random improvement on the other square but
it still didn't approach anything close to readable text. Trying random
improvement on both squares at the same time was much worse. I also
tried
using a dictionary attack on the unknown keyword but that didn't work
either.
However, the double transposition (the third problem) is more
accessible.
Besides the suggested method of dinking with the assumed keys to find
out
what went wrong, that cipher can even be solved without a crib because
the keys are relatively short compared to those used in WW2.
I struck out on the 3rd problem too. I tried variations on the keywords
but maybenot enough of them. I tried to brute force all keys less than
5 or 6 letters but it
appears the keywords would have been roughly the same length as the
'right'
ones and I didn't have the horsepower for it, especially since I'm
running a
background job to crack Singh's 9th problem
All in all, I enjoyed the contest. I added 2 more ciphers to my list
and improved
some of the code to handle ciphers with 2 keywords.
Ed
--
From: "Hank" [EMAIL PROTECTED]
Subject: Re: How safe is Mobile Phone ?
Date: Sun, 28 Nov 1999 17:58:14 +0800
Douglas A. Gwyn [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]...
Lincoln Yeoh wrote:
Most analog cellular phones have no encryption. Trivial to eavesdrop
with a scanner. Easy to clone too.
In fact, several of us commented on this during the (US) FCC
proceedings leading to the establishment of the US cell-phone
system. But it wasn't "three-letter agencies" that ignored
the problem, it was manufacturers greedy for quick bucks who
didn't want to delay while a proper engineering job was done.
You mean that it's the result as manufacturers want to reduce their RD cost ?
--
From: [EMAIL PROTECTED] (Paul Rubin)
Subject: Re: replay.com? where's this great crypto archive gone?
Date: 28 Nov 1999 10:51:49 GMT
In article [EMAIL PROTECTED],
Markus S. [EMAIL PROTECTED] wrote:
hello,
i just noticed that www.replay.com now redirects to www.replaytv.com.
does anyone know what happend to the crypto archive on ftp.replay.com?
where's all of that gone?
thanks, Markus
It's moved to www.zedz.net.
--
Date: Sun, 28 Nov 1999 10:51:52 +
From: David Hopwood [EMAIL PROTECTED
Cryptography-Digest Digest #642
Cryptography-Digest Digest #642, Volume #9Thu, 3 Jun 99 00:13:03 EDT Contents: Re: The BRUCE SCHNEIER Tirade (SCOTT19U.ZIP_GUY) Re: random numbers in ml ([EMAIL PROTECTED]) Re: Smart Cards (Hideo Shimizu) Re: One-Way hash functions (Gregory G Rose) Re: New Computer Printer for Dave Scott (STL137) Re: PGP Key security? (STL137) Re: 8Bit encryption code. Just try and break it. (Pierre Abbat) From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) Crossposted-To: talk.politics.crypto,alt.privacy Subject: Re: The BRUCE SCHNEIER Tirade Date: Thu, 03 Jun 1999 02:10:04 GMT In article [EMAIL PROTECTED], [EMAIL PROTECTED] (Tim Redburn) wrote: On Wed, 02 Jun 1999 01:56:35 GMT, [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) wrote: In article [EMAIL PROTECTED], [EMAIL PROTECTED] (Tim Redburn) wrote: snip identical to the problems of using a OTP, and therefore if someone finds a practical use for scott19u.zip then they would be better off going for the proven OTP. I think you are being mislead in that you feel one needs to use the long key feature. You could in theory use almost any file as the source of keyenc.key And then use a short phrase of 128 bits or whatever your heart desires. It is just that you don't have to use a short key of less than a thousand bits unless you really have your heart set on it. The problem with scott19u.zip is that a 128bit key given to the algorithm, does NOT produce 128bits of security. There is a loss of entropy during the S-Box setup method. You have shown that the if one uses a uniformily random file that the entropy is less than the maximum if a uniformly random key was used. However it is still over one million bytes. Now if one is using any file for the keyenc.key file and then use 16 charcters as the pass word you do not have 128bits since for one reason one can not enter all combinations of 256 bits for each character so one would have to type a longer string i am not sure how long I guess it depends on the ascii charter subset you use and but one can calulate the number of characters needed. You can still get the 128 or 200 or what ever you little heart desires. For those that what entropy that matches severy possilbe S table I have code at my site but I feel most people would be happy with a million bytes or so. snip I don't actually run the software, for the reason you mention amongst others, but even the doEnce function is hard to follow due to the nonsense variable names used. Well I liked the names used if you don't change the names in your copy of the code. My god what is in a name they only represent numbers so I can't think what you want there and I am sure if I made long names they would have no meaning. Hell it reminds me if code I write for an interial navigation system people bitched no names so made a table of names up. Like DAS was equal in table to Directionary Analog Scaler this made people like you happy. But it was goobly gook I used DAS as a varibale since it was my name. By the way the code worked but I doubt if anyone has any idea why. The doEnce function is the main encryption routine it is very short on input you have a pointer to location in memory while the virtual file is laid out and the other input is the number of bytes in the file on output the virtual file has overlaid the other file in memory and it is the output file and the lenght in is exactly the same as lenght out. The rest should be easy to follow in the routine it is very short. The macros used for the 19bit access also make it extremly hard to read, but add nothing to security - the NSA, MI6 , DFS, and other gourps (only joking on the DFS one before any complains) would give new recruits the task of 'deciphering' your source and then it would probably only take a few days to crack your algorithm (Yes - that is my opinion based solely on the fact that you, the designer, couldn't accurately determine the effective key length of your own algorithm) It took a long time to develop those macros I had many more but the compiler barfed when the level got deeper. I don't blame it. I do the macros make it more like a good macro assembler which are the best kind so you can build you own high level code. I don't have a good macro assembler like the good old PDP machines of yesterday. The macros were meant to make it easier in the main program since they hanfle most of the problems of 19bit access on a machine that really was made to do 8 16 or 32 bits. Personally, I don't like code hidden away in macros, just to 'make things easier'. This means that you have to trust the macro writer did his / her job properly. Why not use functions instead ? Finctions are slower during execution time. And stick to one method, there seem to be places in your code where you use one method to access the tables one minute, then another the next. like where in the code do you
