http://www.nnseek.com/e/sci.crypt/ Posts for sci.crypt Mon, 22 Sep 2008 10:09:06 PDT http://www.nnseek.com/ http://www.nnseek.com/img/64.png 64 64 NNSeek http://www.nnseek.com/e/sci.crypt/srp_3des_secure_enough_339360792t.html http://www.nnseek.com/e/sci.crypt/srp_3des_secure_enough_339360792t.html session data produced during the SRP authentication process to seed
3DES for encrypting the actual communications.

My question. Once encryption is set up, my application does its own
signon handshake. The data in that handshake is pretty much
constant. Is that a big security hole, or does 3DES do more than XOR
the data against a bit unknown (and changing) value? For example,
does 3DES send the data bytes in a random order or do anything else
that would make it impossible to guess the key based on knowing the
data that's being encrypted?

If not, are there recommendations for 'randomizing' the communications
to fix the problem. Something like inserting random numbers into
unused places in the data stream prior to encryption.

Thanks,
Rob

Posted In: sci.crypt

11 Comments

Reply

]]> Mon, 22 Sep 2008 10:09:06 PDT http://www.nnseek.com/e/sci.crypt/putting_the_record_straight_339328024t.html http://www.nnseek.com/e/sci.crypt/putting_the_record_straight_339328024t.html for wrongly claiming and understandably so from their perspective,
that a one-way function is a powerful tool that underwrites
theoretically unbreakable cryptography that this writer came to
realize the hole that exists in our separate understanding of what
this is. The authors of popular handbooks, Bruce Schneier for
instance, are understandably hesitant to make statements that won’t
stand up under close mathematical rigour and these people say that
there is considerable doubt that any one-way functions exist in
mathematics. Bruce Schneier pointedly agrees to pretend that they do
exist just to smooth the ways for imparting his knowledge of hard
functions in “Applied Cryptography” p29.

The writer has used a change-of-origin to a frame of reference as an
intuitive act in a cipher realizing that this is a truly definitive
one-way function. The writer will defy any attempt to say one-way
functions do not exist. It is incredible that it should be necessary
to labour the point of the existence of this very obvious ploy in
vector or coordinate geometry methods. It is a vector function formed
by the addition of a constant vector to vector zero (0).

The one-way function per se is therefore an important ‘first’
discovery of a powerful crypto tool in sci crypt and for the
cryptography industry that should not go unnoticed by the authors of
books.

In contrast with the hitherto wrongly accepted meaning that a ‘hard’
to reverse function is a one-way function a true one-way function has
no mathematical inverse, hence the tag “one-way”.

Given that randomness is watered down to “pseudo random” the case is
made here for a similar thing to be done to one-way functions to be
similarly sub-classed to “pseudo one-way” as the name for what are
indeed ‘hard to reverse’ functions and for this important nuance of
description to be made official in crypto jargon.

The writer has delivered on this very important piece of mathematics
and cryptography methods. No rounds of applause for that but it
should be recorded that it came out of sci crypt.

Authors of books please note and make changes to future text
accordingly. One-way functions do exist in mathematics and happily in
cryptography too.

Note also, randomness is a contrived one-way function. We should be
looking for more of these instead of figuratively 'barking up the
wrong tree' in cryptography as at present – Adacrypt.

Posted In: sci.crypt

no comments

Reply

]]> Mon, 22 Sep 2008 05:15:47 PDT http://www.nnseek.com/e/sci.crypt/when_a_function_is_truly_one_way_339178008t.html http://www.nnseek.com/e/sci.crypt/when_a_function_is_truly_one_way_339178008t.html In Vector Cryptography Alice and Bob calculate displacements relative
to the arbitrary origin defined as vector zero or in coordinate terms
(0, 0, 0). At the end of the calculation they collude and
deliberately confuse an adversary by means of giving the computed
displacement an agreed change-of –origin, (this is school level stuff)
and the new relative displacement is now the cipher text.

This ploy of a change-of-origin is a perfectly proper mathematical
function. This function has no mathematical inverse however and the
only way of reversing it is to put the entities on the rack and force
a value out of them as a verbalized confession. It constitutes a
transfer of data from a human memory to a computer memory by the only
two people in the universe who are in the know. No computer or other
human being will ever be able to do this by mathematical means without
their help. Yet, for all that, this is still a perfectly proper
mathematical function of vector addition by the most rigorous rule
and definition of the word ‘function’ in mathematics and to this
writer that is a rare thing – a function that has no mathematical
inverse and needs human intervention by way of a trapdoor as the only
inverse. The trapdoor means the entities must provide the only operand
in existence that will enable an inverse to be implemented. Without
knowledge of the change that has been made to the origin an inversion
is impossible and that knowledge resides in Alice’s brain-box and in
Bob’s brain-box alone

This is what this writer means by a one way-function modified to a
trapdoor one-way function. This is a truly rare thing in mathematics
and should not be confused with pseudo one-way functions that are
merely ‘hard’ to invert by calculation, ‘hard’ meaning they may
require millions of years to invert. Cryptography is full of the
latter.

A truly one-way function is the ultimate device in cryptography and
guarantees theoretically unbreakable class, a pseudo one-way function
can only provide ‘practically’ unbreakable class however. All
cryptography to date is comprised of searches for pseudo one-way
functions that have sufficient complexity to pass a test, this
represents a huge amount of intellectual effort that would have been
better spent looking for randomness or a de facto one-way function.
This is defeatist acceptance of the inferior ‘practically unbreakable
cryptography’ by a group pf people who have failed to use the powerful
tools of computer science that they are blessed with. A lot of self-
professed experts cannot write a program even and will never rise
above longhand thinking because of it. They have little to offer
cryptography.

The writer of a well known handbook agrees to pretend reluctantly that
there are one-way functions in mathematics. Many people reckon they
do not exist. Very often the models created and presented in
cryptography as one-way functions are indeed not functions at all, let
alone be one-way functions, y = x** 1/2 or y = x**2 for instance are
not functions per se in mathematics but license is granted to treat
them as functions because of the great need in cryptography for
algorithms. This latter needs to be remembered however and this
tolerance should be reciprocated later by readers instead of being
abused.

The One-way function described above may well be the only one that
exists in mathematics, hence my remark that these functions are “as
rare as rocking horse droppings “.

In the ASCII modulated OTP, randomness is a synthesized one-way
function, it too guarantees theoretically unbreakable class in
cryptography. It is underwritten by a truly one-way function modified
to a one-way trapdoor function in which the algorithm of the random
sequence of the cipher text is known only to the entities. That is
the structure of the keypad that in this case is alphanumeric in
nature. Being alphanumeric means this structure cannot be deduced by
any inversion mathematics or indeed lexical methods either so it is
totally invulnerable to attack.

Pseudo one-way functions in cryptography are as common as mud! Cheers
– adacrypt.

PS . That word “pseudo one-way functions” should be used in
cryptography handbooks so as to clear the air as to what is the real
thing and what is merely an imitation.

Posted In: sci.crypt

no comments

Reply

]]> Sat, 20 Sep 2008 06:04:48 PDT http://www.nnseek.com/e/sci.crypt/aes_128_in_rfc_4493_339161112t.html http://www.nnseek.com/e/sci.crypt/aes_128_in_rfc_4493_339161112t.html
In the RFC 4493, i find the source code in C language for AEC CMAC
algorithm.
I find that there is an API called as AES_128 . But, there is no
definition for that API :( :(
Can anyone give me a definition for the AES_128 API that is being
used in the RFC 4493.
Is there any link for the definition of AES_128 ?

Below is an extract from RFC 4493 for your reference :-
" printf("\nSubkey Generation\n");
AES_128(key,const_Zero,L);
printf("AES_128(key,0) "); print128(L); printf("\n");
"

Thx in advans,
Karthik Balaguru

Posted In: sci.crypt

4 Comments

Reply

]]> Sat, 20 Sep 2008 03:43:44 PDT http://www.nnseek.com/e/sci.crypt/the_modernised_ascii_modulated_one_time_pad_cipher_339083288t.html http://www.nnseek.com/e/sci.crypt/the_modernised_ascii_modulated_one_time_pad_cipher_339083288t.html http://www.adacrypt.com
Quote from “ Handbook of Applied Cryptography” – A.Menezes, Paul Van
Oorsccot, S Vanstone. “The One-Time Pad can be shown to be
theoretically unbreakable. That is, if a cryptanalyst has a cipher
text string encrypted using a random key string which has been used
only once, the cryptanalyst can do no more than guess at the plaintext
being any string of length ‘t’ ( i.e., t-bit binary strings are
equally likely as plaintext). It has been proven that that to realize
an unbreakable system requires a random key of the same length as the
message – Unquote.

In default of the latter requirement the message string is then some
float multiple of the key string and the numbers of the component data
variables in the key string will not be equal, implying unequal
probability and therefore not a random key. A theoretically
unbreakable system cannot then be claimed in the absence of
randomness.

“Used once” need not be taken to mean never, ever used again. A used
key of such a length as is being used in the new cipher in question
becomes random soon after it is used, this is brought about by two
things, 1) the continued mass usage together with a scrambling process
that causes total obfuscation of the original order and 2) the
alphanumeric nature of the keypad data. Also, policing large, used
alphanumeric keys 14000 chqracters long is impossible in practice,
unlike the much shorter alphabetic keys of the 1920’s that could be
done almost by direct inspection, all of this is a private opinion
that is at odds with what some popular writers say in their handbooks
but is fair comment in the light of today’s events.

This snippet of information from the well known handbook is of immense
value as a reference yard stick. Clearly, the cipher text string is
simply one permutation in a permutation space of massive magnitude,
equal to some t-bit number. Each permutation is a random string (in
this case it was a string of binary-based data hence the use of ‘t-
bits’ as the means of quantifying the permutation space). The key,
the plaintext and the cipher text are all equally qualified members of
the same permutation space in an ASCII based OTP. The varying
plaintext strings actually help to shuffle the other two around inside
the permutation space at encryption time. Specifying that the key is
random means there is no mathematical rule for finding any of the
permutations in the permutation space that might enable an adversary
to discern keys due to them having visible structure or to search for
it by means of a computer program. Specifying that the key is used
only once means ‘in a particular session’ so that the ensuing message
must be the same length as the key and thus qualify to retain its
place in the permutation space. They are then both elements in the
same permutation space and the caveat of ‘equally likely’ or having
the same probability is met i.e., they are random permutations.

In the new OTP called “A Modernised One-Time Pad Cipher” http://www.adacrypt.com
the permutation space is 14250 (factorial) strong – a vast number, the
key length is 14250 which means a message length of between 1 and
14250 characters long can be achieved. Enlarging the key like this so
as to make possible a message of reasonable length has its drawbacks.
An entire permutation in the form of one key must be used each time
even for quite small messages that don’t require all of it. This is
because a subset of a random permutation (if it was used to encrypt a
small message on its own) is not random per se, in the same way that
any float multiple of a permutation is not random either. This is
true of any OTP.

This may mean creating a number of suitably sized smaller available
permutation spaces of random keys to suit individual users’ needs in
smaller messages. This is not much of a problem and once created,
individual key spaces can be reused again and again simply by
scrambling the particular key to be used. The use of a large key to
encrypt a very small message means large redundancy however in cipher
text and increases key management costs. A message may need to padded
with blank spacebar characters.

Suggestion:
If the ASCII set of 95 writable characters is scrambled and no visible
structure is discernible after scrambling then that may be taken as a
unit basis for forming random permutation spaces of any size simply
by multiplying this set by some positive integer ‘n’ large enough for
a particular given message length. Then the permutation space is (95
x n)! (factorial) and it will be random when used as a whole unit in
one go. This can be programmed in with the encryption software easily
enough, n = 150 is the maximum on my old home computer. A program
that incorporates this method is up and running.

This latter event does not happen with “Vector Cryptography” – see “A
New Approach to cryptography” where the cipher text may be any length,
large or small without a management penalty – this is because it
depends on the change-of-origin one-way function alone and not on
randomness albeit there is fallout randomness available also as a
happy coincidence – a useful bonus but that is another matter. -
adacrypt
http://www.adacrypt.com

Posted In: sci.crypt

6 Comments

Reply

]]> Fri, 19 Sep 2008 06:51:24 PDT http://www.nnseek.com/e/sci.crypt/leading_source_online_for_quality_used_rare_and_out_339061272t.html http://www.nnseek.com/e/sci.crypt/leading_source_online_for_quality_used_rare_and_out_339061272t.html New, Used, Rare Books & Textbooks
Lowest shipping rates on the Web:
Free shipping in the USA, and $2.97 shipping worldwide.
Deep savings (up to 90%%) on college textbooks.
http://sciandtechbooks.blogspot.com/

Posted In: sci.crypt

no comments

Reply

]]> Fri, 19 Sep 2008 04:14:59 PDT http://www.nnseek.com/e/sci.crypt/javascript_implementation_of_pkcs12_338999320t.html http://www.nnseek.com/e/sci.crypt/javascript_implementation_of_pkcs12_338999320t.html
Anyone know of a PKCS#12 implementation in Javascript?

Posted In: sci.crypt

2 Comments

Reply

]]> Thu, 18 Sep 2008 13:03:50 PDT http://www.nnseek.com/e/sci.crypt/conventional_des_byte_order_338982680t.html http://www.nnseek.com/e/sci.crypt/conventional_des_byte_order_338982680t.html Can anyone tell me if there is a conventional byte order for DES?
That is, when reading octet strings into the 64-byte blocks that DES
operates on? I can't find any clear indication in the specification. I
realize it's largely irrelevant, but it seems to matter for a padded
block. Is there any agreement on this matter "in the community"? Or
does it vary by implementation.

Regards,
--jonathan

Posted In: sci.crypt

4 Comments

Reply

]]> Thu, 18 Sep 2008 10:23:31 PDT http://www.nnseek.com/e/sci.crypt/cryptanalysis_to_a_homemade_keyed_md5_mac_338972440t.html http://www.nnseek.com/e/sci.crypt/cryptanalysis_to_a_homemade_keyed_md5_mac_338972440t.html = MD5(key || Message) and MAC = MD5(key XOR Message). As a programmer
knowing some cryptography, I believe it is a worse design compared to
the official rfc2104 HMAC. Still, it looks "secure enough" to some of
my team.

So my plan is to use some real results such as a forgery message with
a legal keyed hash code to convince them to abandon this design.
Moreover, I know from Wikipedia it's possible to attach bytes after
Message without knowing the key.

So my question is how to attach bytes to the message in practice?
Shall I use collision attack, extension length attack or to exploit
MD5 internal state? Please give me some hints about this
cryptanalysis. Thanks a lot:-)

Posted In: sci.crypt

7 Comments

Reply

]]> Thu, 18 Sep 2008 08:47:57 PDT http://www.nnseek.com/e/sci.crypt/the_winds_of_change_must_be_allowed_to_blow_338878744t.html http://www.nnseek.com/e/sci.crypt/the_winds_of_change_must_be_allowed_to_blow_338878744t.html pitch for vector cryptography or indeed an attempt to teach grannie
how to crack eggs. It's to do with achieving theoretically unbreakable
cryptography at all costs on the premise that like me, the reader will
not settle for anything less. It comes after a lot of very hard work
over a long period.

Briefly:
Theoretically unbreakable cryptography is guaranteed outright by a one-
way function. A one-way function is the ultimate security device in
cryptography and in mathematics these are as rare as rocking horse
droppings. To say a natural occurrence of a one-way function simply
means one that becomes visible in everyday methodology. More
correctly to cryptographers, a one way function enables the entities
to create a one-way ‘trapdoor’ function as a development of a one-way
function. They decide on a ‘trapdoor’ which is simply information
that they alone are privy to.

One way functions can also be contrived. Randomness is a contrived
i.e., a constructive (legal sense) one-way function. The RSA cipher
nearly made it to being a one-way function but was shot down by school
level factoring of positive integers before it got there.

Vector cryptography uses a one-way function that this writer has
discovered. The famous One-Time Pad cipher is contingent upon and
totally mandatory in the requirement of a one way function in the form
of randomness. These two forms of cryptography are theoretically
unbreakable and the serious crypto reader/enthusiast/researcher is
exhorted to get his head around them instead of the excruciating task
of pursuing randomness in other fields such as number theory where it
does not seem to exist (45 years –since the inception of ASCII have
been devoted to the search and the result is nil).

Randomness is a black or white property there are no degrees of
randomness, you have it completely or not at all. So, randomness and
the change of origin ploy in vector cryptography are the only ones
that are here to stay.

The longest running mistake in the history of mathematics has to be
the search for randomness in the wrong places. Whereas it might show
up in physics, engineering or applied mathematics in that order of
likelihood of success, the gut feeling is that pure mathematics and
especially number theory have been mined to exhaustion and its time to
get honest and admit this – it is not there in that locale for the
finding, now or ever, just as surely as one-way functions do not exist
in modular arithmetic – that myth was blown out of the water with the
RSA cipher. Pure mathematics was always a bad choice for
cryptography.

A huge industry has been built up around the search for randomness in
number theory so much so that the target of randomness has disappeared
and time/memory complexity is replacing it as the new goalposts to
play to – with ‘practically’ (only) unbreakable security as the
second best result.

Scalar cryptography is a “nice little earner” to some folks and the
politics of filibuster and inertia in the establishment are now a very
real stumbling block to genuine innovation. The funding of research
can be counted in the tens of millions of pounds – shh ! …. there is
no expectation of a return for their money, especially the Jules Verne
like Quantum Cryptography stuff, nice little piece of bull dust that
it may be however.

Readers should look for one-way functions and randomness instead but
not in pure mathematics and least of all in number theory. I happen
to like pure mathematics as a hobby so while being an engineer I have
no axe to grind with pure mathematicians.

Current cryptography is so difficult it is like juggling a set of
balls while cycling backwards. The daily postings to sci crypt tell
the agonizing story of well intentioned people who have been led
astray. It is time to come clean and admit that the party is over and
change it all for something better.

Note: The constant of integration in calculus might be worth looking
at as a possible one-way function for cryptography. - adacrypt

Posted In: sci.crypt

9 Comments

Reply

]]> Thu, 18 Sep 2008 06:10:35 PDT