From: “L. Detweiler” <ld231782@longs.lance.colostate.edu>
To: cypherpunks@toad.com
Message Hash: 0e42674627fc65423ec02e96bdaec019e4d54d963ad997ebe5b7e18fed59bbf5
Message ID: <9309300255.AA05515@longs.lance.colostate.edu>
Reply To: N/A
UTC Datetime: 1993-09-30 02:56:33 UTC
Raw Date: Wed, 29 Sep 93 19:56:33 PDT
From: "L. Detweiler" <ld231782@longs.lance.colostate.edu>
Date: Wed, 29 Sep 93 19:56:33 PDT
To: cypherpunks@toad.com
Subject: (1) a cypherpunk gold mine (2) RSA-PKP patent treatise (3) registration saturation (4) L.D. cypherpunk awards
Message-ID: <9309300255.AA05515@longs.lance.colostate.edu>
MIME-Version: 1.0
Content-Type: text/plain
Cypherpunk Gold Mine
---
Hello, Mark Riordan runs ripem.msu.edu and this has some *hot* files of
interest to cypherpunks. He has a very complete DES library with many
versions, BigNum packages, and a *lot* of collected files from the net
on a wide variety of interesting topics. Many excellent and fascinating
bibliographies too.
Of particular current interest -- he also has the complete current ITAR
online (as I noted earlier). I'm enclosing various file lists at the
end of this document.
RSA-PKP patent treatise
---
Also, for everyone who has ever wondered about the RSA-PKP patent
claims (and there's been a recent flurry on the list): An excellent and
very authoritative posting on the subject was written by G. Irlam and
posted to sci.crypt, etc. on May 20 1991. His email address in the file
does not appear to work anymore, but this file is so well researched I
am considering turning it into a FAQ on Usenet.
pub/crypt/docs/public-key-partners-patents.txt
Thanks to S. Bellovin for holding on to this, sending it to me in
response to a query, and to M. Riordan for very quickly sticking it on
the site after I uploaded it yesterday.
Registration Saturation
---
But I'm writing chiefly on the following subject. H. Finney, in his
first brilliant post analyzing the ITAR relative to PGP distribution,
noted that D. Bernstein posted an interesting note about his trials and
tribulations in attempting to `export' a cryptographic algorithm
SNUFFLE on sci.crypt. All he wanted to do was *post* to the newsgroup.
He has a big batch of letters in a file he posted to sci.crypt that
show the interesting relationships between the Commerce and the State
Departments related to the `Arms registration' involved in legal
cryptographic documentation distribution.
This is an *extremely* important file for anyone that wants to see what
the actual process of getting approval for cryptographic distribution
entails, even for simply *publishing* simple algorithms. If anyone
wants to `saturate the process' as has been discussed repeatedly on
this list, this is a MUST READ. D. Bernstein went through this
amazingly hilarious-at-times procedure as an academic exercise in
showing the world how obtuse and bizarre the actual U.S. bureacratic
structures are that regulate this stuff. Here's a guy that went through
the whole surreal process just to POST to SCI.CRYPT. Its MIND BOGGLING.
I've also uploaded the file to soda.berkeley.edu, but I don't know if
E.H. will put it online (space is apparently very tight on soda). In
the meantime, the file is
ripem.msu.edu:/pub/crypt/docs/shuffle-export-hassles.
for the hard-core cypherpunks who drool over code and algorithms, the
code itself is in
ripem.msu.edu:/pub/crypt/other/snuffle.zip
Note: this and other files on the site (e.g. DES code) require that you
submit an application attesting to U.S. citizenship and promising not
to further distribute the code.
(I don't know what has happened to D. Bernstein on the net. He used to
be a great dogged flamer of people like Sternlight and Silverberg, but
haven't seen him lately. I suspect he's working on a new important
project and hasn't time for all the noise!)
Cypherpunk Awards
---
Finally, I should note that M. Riordan and D. Bernstein are sci.crypt
FAQ editors, but other than that I don't know much about them except
that they have both been instrumental in providing some *fabulous*
public services over the internet, particularly to the cryptographic
community. I vote them Cypherpunks of the Month (even though they're
not on the list).
D. Koontz gets my vote as Cypherpunk of the Week for the *sharp*
analysis that twists Clipper into something useful -- sort of Security
by Exploiting Exploitation. I sure hope Mycotronx isn't listening! We
might find that LEEF/IV hole patched up in the next version! (nobody
sneezed at the dumpster post, so I tend to think some of this stuff
goes on in a vacuum.) I've asked him to put the Clipper specs he has
pored over into a more public place (scanned for FTP site?) for other
scheming cypherpunks to poke at.
Ripem.msu.edu File Lists
---
Here are some ripem.msu.edu indexes. Don't forget, you have to register
to get some of these (particularly the code). Check out file
/pub/crypt/GETTING_ACCESS. Flames for including this will be ignored.
===cut=here==
FTP Directory /pub/crypt/docs
Parent Directory
luc-algorithm.txt
dss-proposal.txt
tmp
nist-secure-hash.txt
nsa-letter.txt
merkle-khufu-khafre-snefru.txt
crypt-bookstores.txt
crypto-history-books.txt
crypt-journals.txt
secure-netnews.txt
getting-nist-pubs.txt
factoring-bibliography.txt
polygonal-pubkey-algorithm.txt
rsa-conf-93
ritter-cloak.txt
sci.crypt-faq.txt
crc-discussion.txt
blair-crypt-lesson.tex.Z
public-key-overview-by-nist.txt.Z
scientific-american-pgp-letter.txt
rabin-algorithm.txt
des-break.ps.Z
golding-weak-consistency-dissertation.ps.Z
password-certification-authority.ps.Z
fast-random-nums.txt
enigma-wiring.txt
shuffle-array.txt
crypt-sites.txt
md5-cryptanalysis.txt
crypto.bib
rsa-faq.ps.Z
rsa-public-key-cryptography-standards
secret-sharing.txt
des-validation.txt
arj-encryption.txt
playfair-challenge.txt
luc-public-key-paper.ps.Z
zero-knowledge-proofs.txt
goldbug-book-dedication.txt
nonlinear-combiners.txt
clipper-chip.txt
dss-subliminal-channels.txt
nist-capstone.txt
nist-dss-clipper-testimony.txt
dod-pmsp-messages.txt
msdos6.0-compression-calls.txt
software-cryptophones.txt
letters-against-clipper.txt
elgamal-using-dss.txt
english-trigram-frequencies.txt
privacy-anonymity-faq.txt
three-cryptographers-problem.txt
crypto-random-num.bib
kryptoknight-authentications-and-distribution.tar.Z
arms-controls-phone-number.txt
feal-algorithm.txt
warlock-matrix-pubkey-algorithm.txt
s-box-exam-question.txt
rsa-nist-dsa-agreement.txt
des-chip-paper-src-090.ps.Z
tis-pem-faq.txt
des-break-errata.txt
itar-export-bibliography.txt
dept-of-commerce-crypto-docs.txt
sbox-overview.txt
cpsr-statement.txt
letter-against-nist-dsa-giveaway.txt
shuffle-export-hassles.txt
sbox-bibliography.txt
ky-28-military-voice-encryptor.txt
itar-july-93.txt
williams-crc-guide.txt
british-intelligence-books.txt
des-key-search.ps
idea-eurocrypt90.ps
english-dictionary-ftp-site.txt
intelligence-bibliographies.txt
intelligence-journals.txt
public-key-partners-patents.txt
file /pub/crypt/other/CRYPT-COLLECTION.TXT
=Index of Cryptology Programs
=Compiled by Mark Riordan mrr@scss3.cl.msu.edu
=Last updated 9 October 1992
Note: I can't seem to keep this document up-to-date, especially
for the "docs" subdirectory on ripem.msu.edu. So, I have tried
to create new files in the "crypt" tree with long, descriptive
filenames. To find the latest on ripem.msu.edu, be sure to do
an FTP rather than relying on this document. /mrr 22 Feb 93
Warning: the .zip files here were created with zip 5.0, not
with pkzip.exe, and cannot be extracted with pkunzip. Get
unzip.exe (also available at this site).
cbw.tar.Z
Robert W. Baldwin baldwin@xx.lcs.mit.edu
Crypt Breaker's Workbench, circa Oct 1986. Program to help you cryptanalyze
messages enciphered with the simple, obsolete program crypt(1).
Reportedly used to help decipher R. T. Morris's worm (after the fact) from
source code found on backup tapes at Cornell.
enigma-peake.c
Philip Peake (philip@axis.uucp in Paris)
C program inspired by the World War II Enigma cipher machine,
but the algorithm is not completely identical.
enigma_2.zip
Devours, et al.
MS-DOS .EXE of a BASIC program that emulates the real
WWII Enigma cipher machine. Unfortunately, source is not
included.
hill.zip
John Cowan <magpie.MASA.COM!cowan>
C program to implement Lester Hill's encryption scheme involving
matrix arithmetic. I believe the algorithm dates to the 1920's.
This code is from comp.sources.unix, Volume 17 (Feb 1989).
i-hat-correlation-analysis.zip
Douglas A. Gwyn <Gwyn@BRL.MIL> (Theory by many others)
C code for various cryptographically useful statistical analysis
functions: Kullback's information measure for a 2-way contingency table,
Gamma and related functions (Poisson, Chi-squared, etc.),
Pearson's Chi-squareed, etc.
jones-splay-compression.zip
Jeffrey Chilton, Douglas W. Jones <jones@cs.uiowa.edu>
Compression/encryption program based on splay trees.
C functions.
linear-rng.zip
William S.England (Theory by Stephen K. Park and Keith W. Miller)
High-quality linear congruential random number generator.
I doubt it's truly of cryptographic quality, though.
In C, with instructions for adding directly into Perl.
lucifer-outerbridge.c
Richard Outerbridge <71755.204@CompuServe.COM>
C implementation of IBM's Lucifer cipher, a predecessor of DES.
Speed-optimized version of April 1984, but the algorithm is
inherently slow. Includes program which implements CBC.
lucifer-smith.c
Jonathan M. Smith (original by Arthur Sorkin)
C implementation of IBM's Lucifer cipher, a predecessor of DES.
Version of March 1991. Includes main program. Pretty slow.
md4dos.zip
Jouko Holopainen <jhol@stekt.oulu.fi> (Theory by Ron Rivest)
Fast DOS implementation of the MD4 message digest function.
With DOS executable and C and 8086 assembly code.
md5.zip
Ronald L. Rivest, RSA Data Security rivest@theory.lcs.mit.edu
Fast and popular one-way hash function in C taken from RFC 1321.
Contains a test program. Version of April 1992.
md5-karn.zip
Phil Karn
Very fast DOS 386 assembler implementation of Ron Rivest's
MD5 hash function.
Contains the Transform routine only (the time-consuming part).
Uses Borland C. Version of February 1992.
mrrcip.zip
Mark Riordan <mrr@scss3.cl.msu.edu>
Implementations of many classical cipher schemes (simple substitution,
columnar transpostion, Playfair, "straddling checkerboard", Vigenere,
and so on). Of historical interest only. Main programs all,
most in C but some in FORTRAN (hey, I wrote 'em a long time ago).
nsea.zip
Peter C. Gutmann <pgut1@cs.aukuni.ac.nz>
"Nonpatented Simple Encryption Algorithm"--actually fairly complex
block cipher similar to DES. C functions and main program,
with optional 8086 assembler module. In-depth description
of algorithm, invented by author.
okeefe_encrypt.tar.Z
R. A. O'Keefe, Edinburgh.
C code for a fairly simple block transposition cipher
based on linear congruential random number generators.
rot13.c
Unknown
This is the well-known "Rot-13" cipher used to obscure offensive
Usenet postings. Complete C program (very short).
scott-newdes.zip
Robert Scott, Mark Riordan (mrr@scss3.cl.msu.edu)
C implementation of NEWDES, an unfortunately-named block
cipher (doesn't have much to do with DES, but probably
has similar security) designed by Robert Scott and
described in a 1985 issue of Cryptologia. The algorithm
is fast and doesn't take much code. C functions & driver program included.
setzer-trans.zip
William Setzer <setzer@math.ncsu.edu>
"Quick hack" C program that does transposition of 8192-byte chunks
of its input, based on a random number generator.
snefru2.5a.tar.Z
Ralph C. Merkle (merkle@xerox.com)
One-way fast hash function in C by a well-known cryptologist.
C functions and test main program.
Most people seem to use MD5 instead.
Version of November 1990.
snuffle.zip
Dan Bernstein <brnstnd@nyu.edu>
Encryption program which turns a secure hash function into
a very good cipher. Oriented towards the Snefru hash function, which is not
included here. Simple (but profound) C code. May be an old version.
wpcrack.tar.Z
Ron Dippold <rdippold@qualcomm.com>
Programs to crack the encryption on WordPerfect 5.1 encrypted files.
Source code in Borland C.
--- DES implementations ---
barrett-des.zip
David A. Barrett <barrett@asgard.cs.colorado.edu>
Fast DES implementation, with main program that works in Cipher Feedback
mode. Sometimes known as "fast-des". Vintage Feb 1991.
cdes-bishop.zip
Matt Bishop, NASA Ames <bishop@bear.dartmouth.edu>
Nice C main program/front-end to DES to implement just about every
known mode of DES: ECB, CBC, CFB, OFB. Does NOT include an actual
DES implementation. Includes man page.
chalmers-des-1.0.tar.Z
Stig Ostholm ostholm@ce.chalmers.se
DES implementation with several utility programs and many useful
extra functions. Runs on a variety of Unix systems. Pretty good
documentation.
Vintage October 1990.
crypt-bsd-4.3-reno.c
University of California at Berkeley
This is the "crypt" password hashing function from BSD Unix. It
necessarily includes an implementation of DES. Code is marked
as being from 1990. I haven't tested it, but I believe it
is probably quite slow. Nevertheless, it's probably in wide use.
csu10des.zip
Phil Karn <karn@Qualcomm.COM> (original by James Gillogly)
Famous public domain DES implementation by Phil Karn of KA9Q fame.
Includes C functions & main programs.
This is one of the first public domain DES implementations,
and many minor variations of it are floating around.
This one, last modified March 1987, was posted to comp.sys.unix, Volume 10.
Karn's DES is not as fast as
most of the more recent DES implementations but it's a "classic".
d3des.zip
Richard Outerbridge <71755.204@CompuServe.COM>
Fast, compact DES implementation from a longtime DES programmer.
Includes optional double and triple DES encryption.
C functions only; skimpy but adequate documentation.
August 1992 version.
desCore-2-How.tar.Z
Dana How <how@isl.stanford.edu>
Portable, very fast implementation of basic DES routines only.
Supposedly the fastest C version around. Not so fast at key-setting
(i.e., password hacking). This code was submitted to comp.sources.misc
as Volume 29, Issue 80 and later updated in Volume 29, Issue 128.
May 92 version.
des-dist.tar.Z
Antti Louko (alo@kampi.hut.fi)
Fast DES implementation, with main program and C function library
for arbitrary precision integer arithmetic. Also known as "alodes".
Last modified September 1992, but most code seems to date from 1989.
fdes5-baldwin.zip
Robert W. Baldwin <BALDWIN@xx.lcs.mit.edu>
Fast DES/crypt implementation in C (functions only) This seems to be
1989-vintage code. Evidently it was/is a favorite of password crackers.
koontz-des.tar.Z
David G. Koontz <2004ktz%ucsbuxa@hub.ucsb.edu>
Fast but large DES C functions and main program.
Dates to March 1991, at which time it was one of the fastest around.
Good verification suite included.
libdes-young-p2.tar.Z
Eric Young (eay@psych.psy.uq.oz.au)
This is one of the fastest DES implementations around.
These C library routines are designed to replace the MIT Athena
DES routines that MIT does not make available for export.
Includes a main program and a test program.
This is Patch level 2, from July 1992. I believe an
earlier version was known as eBones.
mitchell-des.zip
D. P. Mitchell
DES implementation in C, with minimal driver program.
Version of June 1983. I don't know how fast this is.
There's no documentation and the code is uncommented.
pfdes.zip
Stuart Levy, Minnesota Supercomputer Center
Portable, fast DES implementation in C, from April 1988.
Includes demo & benchmark programs.
Warning: files need cleaning up (control-Z's and extra spaces in makefile).
ufc-crypt-pl1.tar.Z
Michael Glad, email: glad@daimi.aau.dk
Ultra Fast Crypt, fast replacement for crypt(3), patchlevel 1.
This comes from comp.sources.misc volume 28, issues 115-116, March 1992.
allen-des486.zip
Steve Allen, email: 73277.620@compuserve.com
DES source (Turbo C & Assembler) & executable for MS-DOS. Requires
486 due to use of BSWAP instruction. Runs at 108KB/sec on 486-33.
Includes triple-DES. Main programs as well as functions provided.
June 1993.
Return to September 1993
Return to ““L. Detweiler” <ld231782@longs.lance.colostate.edu>”
1993-09-30 (Wed, 29 Sep 93 19:56:33 PDT) - (1) a cypherpunk gold mine (2) RSA-PKP patent treatise (3) registration saturation (4) L.D. cypherpunk awards - “L. Detweiler” <ld231782@longs.lance.colostate.edu>