[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

(1) a cypherpunk gold mine (2) RSA-PKP patent treatise (3) registration saturation (4) L.D. cypherpunk awards




Cypherpunk Gold Mine
---

Hello, Mark Riordan runs ripem.msu.edu and this has some *hot* files of
interest to cypherpunks. He has a very complete DES library with many
versions, BigNum packages, and a *lot* of collected files from the net
on a wide variety of interesting topics. Many excellent and fascinating
bibliographies too.

Of particular current interest -- he also has the complete current ITAR
online (as I noted earlier). I'm enclosing various file lists at the
end of this document.



RSA-PKP patent treatise
---

Also, for everyone who has ever wondered about the RSA-PKP patent
claims (and there's been a recent flurry on the list): An excellent and
very authoritative posting on the subject was written by G. Irlam and
posted to sci.crypt, etc. on May 20 1991. His email address in the file
does not appear to work anymore, but this file is so well researched I
am considering turning it into a FAQ on Usenet.

pub/crypt/docs/public-key-partners-patents.txt

Thanks to S. Bellovin for holding on to this, sending it to me in
response to a query, and to M. Riordan for very quickly sticking it on
the site after I uploaded it yesterday.


Registration Saturation
---

But I'm writing chiefly on the following subject. H. Finney, in his
first brilliant post analyzing the ITAR relative to PGP distribution,
noted that D. Bernstein posted an interesting note about his trials and
tribulations in attempting to `export' a cryptographic algorithm
SNUFFLE on sci.crypt. All he wanted to do was *post* to the newsgroup.
He has a big batch of letters in a file he posted to sci.crypt that
show the interesting relationships between the Commerce and the State
Departments related to the `Arms registration' involved in legal
cryptographic documentation distribution.

This is an *extremely* important file for anyone that wants to see what
the actual process of getting approval for cryptographic distribution
entails, even for simply *publishing* simple algorithms. If anyone
wants to `saturate the process' as has been discussed repeatedly on
this list, this is a MUST READ.  D. Bernstein went through this
amazingly hilarious-at-times procedure as an academic exercise in
showing the world how obtuse and bizarre the actual U.S. bureacratic
structures are that regulate this stuff. Here's a guy that went through
the whole surreal process just to POST to SCI.CRYPT. Its MIND BOGGLING.

I've also uploaded the file to soda.berkeley.edu, but I don't know if
E.H. will put it online (space is apparently very tight on soda). In
the meantime, the file is

ripem.msu.edu:/pub/crypt/docs/shuffle-export-hassles.

for the hard-core cypherpunks who drool over code and algorithms, the
code itself is in

ripem.msu.edu:/pub/crypt/other/snuffle.zip

Note: this and other files on the site (e.g. DES code) require that you
submit an application attesting to U.S. citizenship and promising not
to further distribute the code.

(I don't know what has happened to D. Bernstein on the net. He used to
be a great dogged flamer of people like Sternlight and Silverberg, but
haven't seen him lately. I suspect he's working on a new important
project and hasn't time for all the noise!)


Cypherpunk Awards
---

Finally, I should note that M. Riordan and D. Bernstein are sci.crypt
FAQ editors, but other than that I don't know much about them except
that they have both been instrumental in providing some *fabulous*
public services over the internet, particularly to the cryptographic
community. I vote them Cypherpunks of the Month (even though they're
not on the list).

D. Koontz gets my vote as Cypherpunk of the Week for the *sharp*
analysis that twists Clipper into something useful -- sort of Security
by Exploiting Exploitation. I sure hope Mycotronx isn't listening! We
might find that LEEF/IV hole patched up in the next version! (nobody
sneezed at the dumpster post, so I tend to think some of this stuff
goes on in a vacuum.)  I've asked him to put the Clipper specs he has
pored over into a more public place (scanned for FTP site?) for other
scheming cypherpunks to poke at.



Ripem.msu.edu File Lists
---

Here are some ripem.msu.edu indexes. Don't forget, you have to register
to get some of these (particularly the code). Check out file
/pub/crypt/GETTING_ACCESS. Flames for including this will be ignored.


===cut=here==

FTP Directory /pub/crypt/docs

   Parent Directory 
   luc-algorithm.txt 
   dss-proposal.txt 
   tmp 
   nist-secure-hash.txt 
   nsa-letter.txt 
   merkle-khufu-khafre-snefru.txt 
   crypt-bookstores.txt 
   crypto-history-books.txt 
   crypt-journals.txt 
   secure-netnews.txt 
   getting-nist-pubs.txt 
   factoring-bibliography.txt 
   polygonal-pubkey-algorithm.txt 
   rsa-conf-93 
   ritter-cloak.txt 
   sci.crypt-faq.txt 
   crc-discussion.txt 
   blair-crypt-lesson.tex.Z 
   public-key-overview-by-nist.txt.Z 
   scientific-american-pgp-letter.txt 
   rabin-algorithm.txt 
   des-break.ps.Z 
   golding-weak-consistency-dissertation.ps.Z 
   password-certification-authority.ps.Z 
   fast-random-nums.txt 
   enigma-wiring.txt 
   shuffle-array.txt 
   crypt-sites.txt 
   md5-cryptanalysis.txt 
   crypto.bib 
   rsa-faq.ps.Z 
   rsa-public-key-cryptography-standards 
   secret-sharing.txt 
   des-validation.txt 
   arj-encryption.txt 
   playfair-challenge.txt 
   luc-public-key-paper.ps.Z 
   zero-knowledge-proofs.txt 
   goldbug-book-dedication.txt 
   nonlinear-combiners.txt 
   clipper-chip.txt 
   dss-subliminal-channels.txt 
   nist-capstone.txt 
   nist-dss-clipper-testimony.txt 
   dod-pmsp-messages.txt 
   msdos6.0-compression-calls.txt 
   software-cryptophones.txt 
   letters-against-clipper.txt 
   elgamal-using-dss.txt 
   english-trigram-frequencies.txt 
   privacy-anonymity-faq.txt 
   three-cryptographers-problem.txt 
   crypto-random-num.bib 
   kryptoknight-authentications-and-distribution.tar.Z 
   arms-controls-phone-number.txt 
   feal-algorithm.txt 
   warlock-matrix-pubkey-algorithm.txt 
   s-box-exam-question.txt 
   rsa-nist-dsa-agreement.txt 
   des-chip-paper-src-090.ps.Z 
   tis-pem-faq.txt 
   des-break-errata.txt 
   itar-export-bibliography.txt 
   dept-of-commerce-crypto-docs.txt 
   sbox-overview.txt 
   cpsr-statement.txt 
   letter-against-nist-dsa-giveaway.txt 
   shuffle-export-hassles.txt 
   sbox-bibliography.txt 
   ky-28-military-voice-encryptor.txt 
   itar-july-93.txt 
   williams-crc-guide.txt 
   british-intelligence-books.txt 
   des-key-search.ps 
   idea-eurocrypt90.ps 
   english-dictionary-ftp-site.txt 
   intelligence-bibliographies.txt 
   intelligence-journals.txt 
   public-key-partners-patents.txt 



file /pub/crypt/other/CRYPT-COLLECTION.TXT

=Index of Cryptology Programs 
=Compiled by Mark Riordan    [email protected]
=Last updated 9 October 1992

Note:  I can't seem to keep this document up-to-date, especially
for the "docs" subdirectory on ripem.msu.edu.  So, I have tried
to create new files in the "crypt" tree with long, descriptive
filenames.  To find the latest on ripem.msu.edu, be sure to do
an FTP rather than relying on this document.   /mrr  22 Feb 93

Warning:  the .zip files here were created with zip 5.0, not
with pkzip.exe, and cannot be extracted with pkunzip.  Get
unzip.exe (also available at this site).

cbw.tar.Z
Robert W. Baldwin  [email protected]
Crypt Breaker's Workbench, circa Oct 1986.  Program to help you cryptanalyze
messages enciphered with the simple, obsolete program crypt(1).
Reportedly used to help decipher R. T. Morris's worm (after the fact) from 
source code found on backup tapes at Cornell.

enigma-peake.c
Philip Peake    ([email protected] in Paris)
C program inspired by the World War II Enigma cipher machine,
but the algorithm is not completely identical.  

enigma_2.zip
Devours, et al.
MS-DOS .EXE of a BASIC program that emulates the real
WWII Enigma cipher machine.  Unfortunately, source is not
included.

hill.zip
John Cowan <magpie.MASA.COM!cowan>
C program to implement Lester Hill's encryption scheme involving
matrix arithmetic.  I believe the algorithm dates to the 1920's.
This code is from comp.sources.unix, Volume 17 (Feb 1989).

i-hat-correlation-analysis.zip
Douglas A. Gwyn <[email protected]>  (Theory by many others)
C code for various cryptographically useful statistical analysis
functions:  Kullback's information measure for a 2-way contingency table,
Gamma and related functions (Poisson, Chi-squared, etc.),
Pearson's Chi-squareed, etc.

jones-splay-compression.zip
Jeffrey Chilton, Douglas W. Jones <[email protected]>
Compression/encryption program based on splay trees.
C functions.

linear-rng.zip
William S.England  (Theory by Stephen K. Park and Keith W. Miller)
High-quality linear congruential random number generator.
I doubt it's truly of cryptographic quality, though.
In C, with instructions for adding directly into Perl.

lucifer-outerbridge.c
Richard Outerbridge <[email protected]>
C implementation of IBM's Lucifer cipher, a predecessor of DES.
Speed-optimized version of April 1984, but the algorithm is 
inherently slow.  Includes program which implements CBC.

lucifer-smith.c
Jonathan M. Smith  (original by Arthur Sorkin)
C implementation of IBM's Lucifer cipher, a predecessor of DES.
Version of March 1991.  Includes main program.  Pretty slow.

md4dos.zip
Jouko Holopainen <[email protected]> (Theory by Ron Rivest)
Fast DOS implementation of the MD4 message digest function.
With DOS executable and C and 8086 assembly code.

md5.zip
Ronald L. Rivest, RSA Data Security  [email protected]
Fast and popular one-way hash function in C taken from RFC 1321.
Contains a test program.  Version of April 1992.

md5-karn.zip
Phil Karn
Very fast DOS 386 assembler implementation of Ron Rivest's
MD5 hash function.  
Contains the Transform routine only (the time-consuming part).
Uses Borland C.  Version of February 1992.

mrrcip.zip
Mark Riordan  <[email protected]>
Implementations of many classical cipher schemes (simple substitution,
columnar transpostion, Playfair, "straddling checkerboard", Vigenere,
and so on).  Of historical interest only.  Main programs all,
most in C but some in FORTRAN (hey, I wrote 'em a long time ago).

nsea.zip
Peter C. Gutmann  <[email protected]>
"Nonpatented Simple Encryption Algorithm"--actually fairly complex
block cipher similar to DES.  C functions and main program,
with optional 8086 assembler module.  In-depth description
of algorithm, invented by author.

okeefe_encrypt.tar.Z
R. A. O'Keefe, Edinburgh.
C code for a fairly simple block transposition cipher
based on linear congruential random number generators.

rot13.c
Unknown
This is the well-known "Rot-13" cipher used to obscure offensive
Usenet postings.  Complete C program (very short).

scott-newdes.zip
Robert Scott, Mark Riordan ([email protected])
C implementation of NEWDES, an unfortunately-named block
cipher (doesn't have much to do with DES, but probably
has similar security) designed by Robert Scott and
described in a 1985 issue of Cryptologia.  The algorithm
is fast and doesn't take much code.  C functions & driver program included.

setzer-trans.zip
William Setzer   <[email protected]>
"Quick hack" C program that does transposition of 8192-byte chunks
of its input, based on a random number generator.

snefru2.5a.tar.Z
Ralph C. Merkle   ([email protected])
One-way fast hash function in C by a well-known cryptologist.
C functions and test main program.
Most people seem to use MD5 instead. 
Version of November 1990.

snuffle.zip
Dan Bernstein  <[email protected]>
Encryption program which turns a secure hash function into
a very good cipher.  Oriented towards the Snefru hash function, which is not
included here.  Simple (but profound) C code.  May be an old version.

wpcrack.tar.Z
Ron Dippold   <[email protected]>
Programs to crack the encryption on WordPerfect 5.1 encrypted files.
Source code in Borland C.

--- DES implementations ---

barrett-des.zip
David A. Barrett <[email protected]>
Fast DES implementation, with main program that works in Cipher Feedback
mode.  Sometimes known as "fast-des".  Vintage Feb 1991.

cdes-bishop.zip
Matt Bishop, NASA Ames <[email protected]>
Nice C main program/front-end to DES to implement just about every
known mode of DES:  ECB, CBC, CFB, OFB.  Does NOT include an actual
DES implementation.  Includes man page.

chalmers-des-1.0.tar.Z
Stig Ostholm  [email protected]
DES implementation with several utility programs and many useful
extra functions.  Runs on a variety of Unix systems.  Pretty good
documentation.
Vintage October 1990.

crypt-bsd-4.3-reno.c
University of California at Berkeley
This is the "crypt" password hashing function from BSD Unix.  It 
necessarily includes an implementation of DES.  Code is marked
as being from 1990.  I haven't tested it, but I believe it
is probably quite slow.  Nevertheless, it's probably in wide use.

csu10des.zip
Phil Karn <[email protected]>  (original by James Gillogly)
Famous public domain DES implementation by Phil Karn of KA9Q fame.
Includes C functions & main programs.  
This is one of the first public domain DES implementations,
and many minor variations of it are floating around.
This one, last modified March 1987, was posted to comp.sys.unix, Volume 10.
Karn's DES is not as fast as
most of the more recent DES implementations but it's a "classic".

d3des.zip
Richard Outerbridge <[email protected]>
Fast, compact DES implementation from a longtime DES programmer.
Includes optional double and triple DES encryption.
C functions only; skimpy but adequate documentation.
August 1992 version.

desCore-2-How.tar.Z
Dana How <[email protected]>
Portable, very fast implementation of basic DES routines only.
Supposedly the fastest C version around.  Not so fast at key-setting
(i.e., password hacking).  This code was submitted to comp.sources.misc
as Volume 29, Issue 80 and later updated in Volume 29, Issue 128.  
May 92 version.

des-dist.tar.Z
Antti Louko ([email protected])
Fast DES implementation, with main program and C function library
for arbitrary precision integer arithmetic.  Also known as "alodes".
Last modified September 1992, but most code seems to date from 1989.

fdes5-baldwin.zip
Robert W. Baldwin <[email protected]>
Fast DES/crypt implementation in C (functions only)  This seems to be
1989-vintage code.  Evidently it was/is a favorite of password crackers.

koontz-des.tar.Z
David G. Koontz  <2004ktz%[email protected]>
Fast but large DES C functions and main program.
Dates to March 1991, at which time it was one of the fastest around.
Good verification suite included.

libdes-young-p2.tar.Z
Eric Young ([email protected])
This is one of the fastest DES implementations around.
These C library routines are designed to replace the MIT Athena
DES routines that MIT does not make available for export.
Includes a main program and a test program.
This is Patch level 2, from July 1992.  I believe an 
earlier version was known as eBones.

mitchell-des.zip
D. P. Mitchell
DES implementation in C, with minimal driver program.
Version of June 1983.  I don't know how fast this is.
There's no documentation and the code is uncommented.

pfdes.zip
Stuart Levy, Minnesota Supercomputer Center
Portable, fast DES implementation in C, from April 1988.
Includes demo & benchmark programs.
Warning: files need cleaning up (control-Z's and extra spaces in makefile).

ufc-crypt-pl1.tar.Z
Michael Glad, email: [email protected]
Ultra Fast Crypt, fast replacement for crypt(3), patchlevel 1.
This comes from comp.sources.misc volume 28, issues 115-116, March 1992.

allen-des486.zip
Steve Allen, email: [email protected]
DES source (Turbo C & Assembler) & executable for MS-DOS.  Requires
486 due to use of BSWAP instruction.  Runs at 108KB/sec on 486-33.
Includes triple-DES.  Main programs as well as functions provided.
June 1993.