1996-10-24 - Montgolfiering aka P Information = P * log_base_infinity P (fwd)

Header Data

From: cypher@cyberstation.net
To: cypherpunks@toad.com
Message Hash: 77870ad1fe70703f96a73f9183bc817a18e5126303fd8d905f0d6ea81a68af08
Message ID: <Pine.BSI.3.95.961024040550.11286A-100000@citrine.cyberstation.net>
Reply To: N/A
UTC Datetime: 1996-10-24 09:07:34 UTC
Raw Date: Thu, 24 Oct 1996 02:07:34 -0700 (PDT)

Raw message

From: cypher@cyberstation.net
Date: Thu, 24 Oct 1996 02:07:34 -0700 (PDT)
To: cypherpunks@toad.com
Subject: Montgolfiering aka P Information = P *  log_base_infinity  P (fwd)
Message-ID: <Pine.BSI.3.95.961024040550.11286A-100000@citrine.cyberstation.net>
MIME-Version: 1.0
Content-Type: text/plain




A cryptogram 

Montgolfiering 

aka 

P Information = P * log_base_infinity P

What does it mean?

First of all, I apologize for taking so much of many reader's time
on the subject of whether the EUREKA algorithm is a "SOFTWARE" OTP or
not. As I have restated over and over and over again, time after time,
after time, it  is a PRNG, it is  a stream cipher, so we will leave it
there. We are taking the OTP question off the table, but I am sure that
the list eupatrids will continue to beat that horse forever.
Accordingly, henceforth Eureka will be referred to as a stream cipher, a
PRNG stream, and we will joust on their muddied pedantric playing field!

I also want to apologize once more to all of the readers for
having to go  down into the gutter where PM insists on duking it
out, but he leaves me no choice. I told you that I would fight no more
with him, forever; but my word is obviously not as good as Chief
Joseph's. He is wounding me by spreading his mendacious
misrepresentations to the point that I must respond.

He is also threatening me, with his malevolent baseness.  That is the
reason that he wrote that one message as private mail, not so that you
readers would not have to suffer through more of his, and yes my,
garbage. It is patently evident that he wrote that message so
that he could threaten me and you readers would not know about it, and
that is the only reason that I went public with it back to you.  

Then he tries to cover up his abhorrent conduct by  trying to make you
believe that he was trying to SAVE YOU from suffering as a labor of love.
That is the only message that he has sent privately, and he did it so that
you would not find out what he had done.  I am sure that most of you can
see through crass deception,  you are smarter than that.  And by the by 
way, thanks, to the many of you that have written in support, even if
most of you do not want to take on the powers to be by expressing your
feelings in public - keep it up, I will be most discreet.

It takes a sick mind to do things like that. I further believe that Perry
may be libeling me by asserting that Adam has already cracked my 
algorithm. Although I have now told him 22 times that is a falsehood, he 
insists on repeating it, even after it has been denied by Adam. That is a
factoidal jactitation as evidenced below. 

One writer today told me that Adam, John Pettitt and Paul Bradley had
cracked both my algorithms in one day, and that the new one was worse than
the old one, and that Perry Metzger had personally confirmed it. At
least, unlike some readers, he had part of the message right, the part
about two algorithms.

The current algorithm web page has now been visited by over 4,500 people
and all of them know that Perry is engaged in some sort of propaganda
campaign  to spread disinformation for some purpose because the algorithm
has almost nothing, just a tiny fragment, to do with what has been posted
previously. And as all of you readers tuned in at that time know, you
were told that that was not the algorithm and never has been. 

I question whether Perry may have a pecuniary interest in these affairs? 
Does Perry have an insider, or other position, or interest in one or
more of the RSA interest? Does he have any interest in PGP, Inc.,
though I rather doubt that? I am making no allegations, I am only asking
the question of why he would deliberately set out on a campaign of
disinformation without arming  himself with the truth, it is so easy all
he has to do is go to the web site and see for himself. Instead, he
ignores that and engages in propaganda. Why? At least Hal Finney had the
intellectual, and moral honesty to disclose that he was now a part
of the PGP Inc, team.

In any event to clear up any misunderstanding, let us examine what my
ALLEGED algorithm was, and compare it to the actual algorithm.


> Adam
> | > The algorithm is:
> | > 
> | >     for ( ; ; ) {
> | > 	for (i=0; i<63; i++) {
> | > 	    a[i] = (a[i] + b[i]) % c[i];
> | > 	    d = (d + a[i]) & 255;
> | > 	    *data++ ^= d;		/* xor with data */
> | > 	}
> | >     }
> | > 
> 
> 
As I have told Perry and Paul, both several times, at the time it
was first reported and later, and indirectly to all of you several times,
the above algorithm is not the algorithm posted at:
  
            www.netprivacy.com/algo.html

All anyone would have to do to determine that is to take a few seconds and
look. Yet Perry and Paul, did not do that, instead they spread the
malevolent  message around that they have broken the algorithm. In Paul's
case, it may just be confusion resulting from Perry's incessant
jabberwocky.

To those of you who might want to know the truth, I have been forced into
the position of taking your time to disclose the algorithm here, The
algorithm to follow,  is the only one that has ever existed, as most
readers should know but do not because of nazi like  propaganda.   

In a highly abbreviated form, only to show how stupid this argument about
which algorithm is which, the actual algorithm is:


A highly condensed version of the Eureka Algorithm:


Given a key, user, message, etal specific parameter set derived from
a truly random key, in this instance,  256 bytes long, 10^616 entropy,
then :

All of the parameters below, vary with each generator key, except
where the variance is limited by range factors - for instance, there
are only 49 to 79 possible Juncture Values, JV values, so that number must
be one of those corresponding values.

Starting values derived from the key, as modified by message number and
other variables. That is slightly in excess of 2^54 possibilities for the
initial D1, D2, D3, and D4 values, the differential variables.


                   D1 =  1,691
                   D2 =  1,194
                   D3 =  3,564
                   D4 =    483
                   JV =     34

          (I)          A(I)    B(I)     C(I)
           0          11908    7109    17581
           1           2252   11863    16589
           ..................................
           .................................
          51          14544    9349    17964
          52          15759   11836    17021


And the three tables:

DISP, Displacement Table - a table of the values 0 through 4095,
      randomly scrambled, by the hardware sourced truly random key.

DIFF, Diffusion Table - a second independent table of the values 0
      through 4095, randomly scrambled, by the hardware sourced truly
      random key.

DETR, Determinate Table, a third independent table of 16 sets of the
      ASCII values, 0 through 255. 



EXKEY is an 8192 byte key expanded from the 256 byte key, thus only
2^2048 bits of entropy, at the most.


IN PSEUDO CODE, the algorithm for medium level security, level 5, is:



     LEV5 SECURITY
     I=0
     DO
         DO
              JV=JV+1
              IF JV=53 THEN JV=0
              REM JV<53 is for Level 5, it ranges from 49 to 79.
              A(JV)=(A(JV)+B(JV)) MOD C(JV)
         WHILE (A(JV) AND 16384) = 1
         D1=(D1+A(JV)) AND 4095
         D2=DISP((D2+D1) AND 4095)
         F=DETR(D2)<<8
         D3=(D3+D2) AND 4095
         BUF(DIFF(I))=BUF(DIFF(I)) XOR (F+(DETR(DISP(D3))))
         D1=(D1+D3) AND 4095
         F=DETR(DISP(D1))<<8
         D4=(D4+D1) AND 4095
         BUF(DIFF(I+1))=BUF(DIFF(I+1)) XOR (F+(DETR(DISP(D4))))
              REMARK SWAP D1 AND D4, and D2 AND D3 so that the
              REMARK SELECTION COUNTERS ARE NEVER CONGRUENTIAL, EVEN
              REMARK FOR TWO SUCCESSIVE SELECTIONS
         SWAP D1,D4
         SWAP D2,D3
              REMARK SWAP VALUES IN BOTH THE DISPLACEMENT TABLE AND
              REMARK THE DETERMINATE TABLE TO INSURE THAT THE TABLES
              REMARK CONSTANTLY MUTATING - THEY ARE NEVER STATIC
              REMARK CANNOT CHANGE THE DIFFUSION TABLE UNTIL
              REMARK DIFFUSION HAS BEEN COMPLETE FOR 8192 BYTES
         SWAP DETR(D1),DETR(D3)
         SWAP DISP(D2),DISP(D4)
              REM
              REM - A NEAR DUPLICATE BUTTERFLY SECTION TO INSURE THAT
              REM - EVEN AND ODD CHARACTERS CANNOT BE BLOCKED
              REM
         DO
              JV = JV + 1
              IF JV = 53 THEN JV=0
              A(JV)=(A(JV)+B(JV)) MOD C(JV)
         WHILE (A(JV) AND 16384) = 1
         D1=(D1+A(JV)) AND 4095
         D2=DISP((D2+D1) AND 4095)
         F=DETR(D2)
         D3=(D3+D2) AND 4095
         BUF(DIFF(I+2))=BUF(DIFF(I+2)) XOR ((DETR(DISP(D3))<<8)+F)
         D1=(D1+D3) AND 4095
         F=DETR(DISP(D1))
         D4=(D4+D1) AND 4095
         BUF(DIFF(I+3))=BUF(DIFF(I+3)) XOR ((DETR(DISP(D4))<<8)+F)
              REMARK SWAP AS BEFORE EXCEPT USE DIFFERENT D VALUES
         SWAP D1,D4
         SWAP D2,D3
         SWAP DETR(D1),DETR(D3)
         SWAP DISP(D2),DISP(D4)
              REMARK CANNOT SWAP DIFFUSION TABLE VALUES BUT WE CAN
              REMARK MUTATE THE KEY SOME MORE, SO THAT WE CAN
              REMARK EVENTUALLY RESCRAMBLE THE DIFFUSION TABLE
         SWAP EXKEY(D2),EXKEY(D3)
         I = I + 4
   WHILE I < 4096
              REMARK IF JV<16 THEN RESCRAMBLE THE DIFFUSION TABLE
              REMARK THIS WILL HAPPEN APPROXIMATELY 30% OF THE TIME
   LONG IF JV < 16
       I=0,M=4096
       DO
         SEL=(SEL+EXKEY(I+2300)) MOD M
         SWAP DIFF(I),DIFF(I+SEL)
         I=I+1
         M=M-1
       WHILE I<4095
   END IF

Now I ask a candid world. Is that the same algorithm as the one Perry says
that Adam broke, the first one above? Is it the same one that Paul claims
to have broken as detailed in his message? Both claim that they are one
and the same. Are they? You can see the answer know the answer to that.

This is just an example of how the haughty eyed will use their malevolence
to intimidate the rest of you. I belive that Perry is deliberately
distorting the truth, as this proves. Paul on the other hand, may only be
confused by Metzger's montgolfiering.

The above algorithm has been condensed considerably to show that it
is not the one that Perry and Paul are referring to at all. If you are
going to analyze it in any depth, go to the web site and work with the
full algorithm, that is URL:

                    www.netprivacy.com/algo.html

If you have questions from the brief description set out above, visit the
web site and I believe that your questions will be cleared up. There are
also almost 200 megabytes of raw encryptor stream output at the site, you
do not need known plain text, it is there for all to see. What is the key
that generated the text, or what is the next 100 characters of encryptor
stream for messages 1 through 6? Bet you cannot figure it out!

How about the cryptogram?

Montgolfiering aka P Information = P log_base_infinity P

Most of you have it figured out, n'est pas?


With every best wish, 

Don Wood



> 
> 










Thread