Werner Koch | 23 Feb 17:23 2015

Re: PGP word list

On Mon, 23 Feb 2015 10:26, ph@... said:

> One, gpg's implementation of the ICAO alphabet seems slightly buggy.
> Foxtrott (sic) and Nine caught my eye. I seemed to recall the supposed
> pronunciation of nine as NIN-er, and Foxtrot spelt with a single 't'.

Okay, fixed spelling of "Foxtrot".
Wikipedia says "Nine or Niner".  I'll switch to "Niner"

> This would make better use of the given alphabet. On the other hand, it
> would have a strong negative impact on usability, as I don't think any of
> the available tools will either print or read base-32 key fingerprints.

Yes, the purpose would be to help spelling the hext digits and not to
come up with another encoding which would required that the fingerprint
will also be printed in this encoding.




Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
Kevin | 23 Feb 00:51 2015

Spacetime encryption of a signal

This was born out of quantum information projects I have seen that NIST 
is working on.  I figured, well, we can't express quantum information on 
a clasic processing system, but we could use a spacetime model.  The 
post for this can be found at:
The code for easy review:
;Spacetime Encryption
;Kevin J. Sisco(kevinsisco61784@...
;Spacetime Encryption takes a signal and encrypts it using the power of 
the universe!
;this algorithm uses key material from the spacetime continuum
;Spacetime Encryption is written in Autoit
;see the following URL:

$p = 3.1415926535897932384626433832795
;value of pi
$ms =  <at> MSEC
;ms value of clock
$s =  <at> SEC
;second value of clock
$m =  <at> MIN
;minute value of clock
$h =  <at> HOUR
;hour value of clock
$y =  <at> YEAR
$t = $ms+$s+$m+$h+$y
(Continue reading)

Marci | 21 Feb 13:14 2015

Supersingular isogenie Diffie-Hellman Key Exchange

Can anyone help me with an low-level explanation for Supersingular
isogenie Key Exchange? How far are we with actual implementations and/
or cryptanalysis regarding security against quantum computers (Read
about some reduction to hidden shift problem, but did not realy get it)?

- Marcel
Jeffrey Walton | 19 Feb 21:50 2015



AMERICAN AND BRITISH spies hacked into the internal computer network
of the largest manufacturer of SIM cards in the world, stealing
encryption keys used to protect the privacy of cellphone
communications across the globe, according to top-secret documents
provided to The Intercept by National Security Agency whistleblower
Edward Snowden.

The hack was perpetrated by a joint unit consisting of operatives from
the NSA and its British counterpart Government Communications
Headquarters, or GCHQ. The breach, detailed in a secret 2010
GCHQdocument, gave the surveillance agencies the potential to secretly
monitor a large portion of the world’s cellular communications,
including both voice and data.

The company targeted by the intelligence agencies, Gemalto, is a
multinational firm incorporated in the Netherlands that makes the
chips used in mobile phones and next-generation credit cards. Among
its clients are AT&T, T-Mobile, Verizon, Sprint and some 450 wireless
network providers around the world. The company operates in 85
countries and has more than 40 manufacturing facilities. One of its
three global headquarters is in Austin, Texas and it has a large
factory in Pennsylvania.

In all, Gemalto produces some 2 billion SIM cards a year. Its motto is
“Security to be Free.”

With these stolen encryption keys, intelligence agencies can monitor
mobile communications without seeking or receiving approval from
(Continue reading)

John Young | 16 Feb 21:39 2015

Equation Group Multiple Malware Program, NSA Implicated

Kaspersky Q and A for Equation Group multiple malware program, in use early
as 1996. NSA implicated.


Dan Goodin: How “omnipotent” hackers tied to NSA hid for 14 years­and were found at last


cryptography mailing list
John Young | 16 Feb 18:34 2015

Encryption used to secure transports is used to hide data exfiltration

"The very encryption used to secure transports is used to hide data 


John Young | 14 Feb 15:15 2015

Business Wants Accessible Crypto from Business


"Dave DeWalt, CEO of security firm Mandiant, a participant in Friday's summit, hopes that fear of privacy invasion won't get in the way of the work that needs to get done. He pointed to the way the way public backlash to government surveillance programs revealed by former NSA contractor Edward Snowden stymied previous efforts to effectively open the lines of communication.

"This balance between privacy and security ebbs and flows and unfortunately that was a huge setback -- a setback to the tune of several years," he said.

via cypherpunks

cryptography mailing list
Marci | 12 Feb 08:59 2015

Quantum (HSP) secure cryptosystems

Given that quantum computers break the major public key encryption
schemes there has been
some research on quantum secure cryptosystems. Systems like McEliece
NTRU (Lattice based) and some multivariate cryptosystems seem to be
quantum secure by now.
Many of the pub-key schemes have been broken due to the (Quantum) Hidden
Subgroup Problem,
but this seems infeasible for (most) non-abelian groups.
I did found very little research to cryptosystems based on the suspected
"hardness" of the non-abelian
HSP. But most of the reasearch i found were papers, requiring knowledge
beyond my level and it was hard
to follow what they were even doing there...

Does anyone know some (not a hardcore research paper)-work that gives a
general view of (quantum) HSP
based cryptosystems?
Or an overview why certain mathematical problems over non-abelian groups
(not a general view on non-abelian group HSP)  can not be computed
efficiently with a quantum computer?

- Marcel
John Young | 8 Feb 02:42 2015

ODNI Counsel: Governments Want Accessible Crypto from Business

ODNI counsel Robert Litt is "optimistic" cryptographers will devise 
secure encryption which provides government access, it's "what many 
governments want."

"One of the many ways in which Snowden's leaks have damaged our 
national security is by driving a wedge between government and 
providers and technology companies so that some companies that 
formerly recognized that protecting our nation was a valuable and 
important public service they could perform now feel compelled to 
stand in opposition."

Thor Lancelot Simon | 4 Feb 14:22 2015

Cryptanalysis of RADIUS MD5 cipher?

For at least 15 years there's been general grumbling that the MD5 based
stream cipher used for confidentiality in RADIUS looks like snake oil.

Given how widely used the protocol is, and the failure of various successor
protocols (cute names and all -- TANGENT anyone?) I have always been surprised
that the cipher seems not to have received any serious cryptanalytic
attention.  On the other hand I am not mathy enough to frequently read the
primary literature.

Does anyone know of any work that's been done on this?

John Young | 29 Jan 15:48 2015

Why Google made the NSA

https://medium.com/ <at> NafeezAhmed/why-google-made-the-nsa-2a80584c9c1

Part 2 of the Google TLA allegations.