I am hugely honoured to have my stuff going up on "Popular
Cryptography Magazine" what ever reaction it may provoke from your
I find it a bit off-putting that I have to encrypt any article that I
may send you for your consideration as being of interest and
worthwhile from a publishing aspect - I would very much like to
subscribe occasionally and perhaps you could advise me of any
alternatives - I have no desire for secrecy unless you want that for
reasons unknown to me.
My dilemma now is that not being into AES at all I cannot enjoy seeing
my stuff up front on your new venture.
Good Luck with your new Mag. - thanks - adacrypt
Posting all that encrypted crap is a seriously stupid idea - the only
thing it does is make reading the blog an extra pain in the arse,
discouraging readers and anyone who might submit. Revise that idea by
stupid? Stupid? STUPID??? No my friend, this brings home to the reader
the practical awkwardness of using any modern crypto software. I know
from my experience how difficult it is for a Master of Science to
enter the "all zeros key" and to decrypt a stranger's file. There are
so many TV show to watch and donuts to eat that most people have great
difficulty finding the time and mental energy to decrypt one file with
a known key using the most standardized algorithm in all of cryptodom.
Watch TV, eat, do not try to decrypt stuff.
> My dilemma now is that not being into AES at all I cannot enjoy seeing
> my stuff up front on your new venture.
Not AES. I will encrypt the evaluation of Vector Cryptography using
your own software of Vector Encryption, not AES. Then strangers will
need to install your Vector Cryptography software on their computers
and use "the all zeros key" to read the evaluation. If your software
is difficult to install and use, then readership will be lower than if
your program is easy to install and use.
Some of the introductions are in plaintext. Some essays use Greeek
letters so I can read them slowly without changing them back to
Cryptography is too advanced and complicated for most people to use.
The style of Popular Cryptography Magazine is not pleasant for most
people. But all are welcome!
Digressing a little from your last viewpoint. I take the view that
absolutely everthing about the algorithm is open to the adversary
anyway and the crypto strength has to be demonstrated by the sheer
intractactability of the ciphertext even when it is handed to him.
Using cryptography to manipulate the lethargic reader may prove to be
destructive in that he will do the most common thing known to lazy
people - he will just get some more doughnuts and forget about it. -
Cheers - adacrypt
I think "Popular Cryptography Magazine" is a very useful notice board
as an adjunct to sci crypt and as a means for readers to expand and
expound stuff that the more cryptic sci crypt is impatient about.
Judging from the posts there is a lot of crossfire from different
disciplines of reader in sci crypt who often make no attempt to
rationalise their own input in the eyes of less equipped other readers
and simply see sci crypt as their private preserve - there is a lot of
parochial tunnel vision at times but there is great potential for some
one like yourself to rationalise this in some form of central clearing
I think that a lot of people like myself are not all round crypto
experts but are almost hypnothically focused on the intellectual core
of the cipher-to-be (in their locker - its all I know) and accept that
their finished work is going to be needing huge tertiary inputs from
people like yourself in the form of software engineering (?) and
infrastructure management(?) , something that is way ouside of their
Your method of making people toe the line is a bit draconian - I think
it would be more productive if you studied the deployment of Popular
Cryptography Magazine as a resource and as a flux in the understanding
sphere - I think - adacrypt
The last statement is rather prejudicial, that incompetent people
can't use AES, etc., and that competent people can. It's as specific
and true as stating those that eat figs and ice cream are true
gourmets and those that don't aren't, and I'd stand by the last
statement but I have learned to stay away from such folk, as far away
To play the game, I should offer a better end algorithm of mine, but
who can best evaluate it? All knowledge is founded in values, so how
fair are you willing to be?
You and everyone else use cryptography almost every day, probably
several times a day you/they aren't even aware of the fact - that's how
unobtrusive real cryptography is.
If you wanted to review something useful try PGP or TrueCrypt. For
example, PGP whole disk encryption is so unobtrusive that after you
enter the password you won't notice *any* performance or operational
change on your PC, but turn it off or log off and your entire hard drive
is protected from everyone.
> from my experience how difficult it is for a Master of Science to
> enter the "all zeros key" and to decrypt a stranger's file.
There are 8 year olds who use cryptography daily. Most don't seem to
need a Master's. Do you see a difference between what you do and think
and what is done in practice?
>You and everyone else use cryptography almost every day, probably
>several times a day you/they aren't even aware of the fact - that's how
>unobtrusive real cryptography is.
What your'e saying is simply an unconscious nuance of human behaviour
- I reckon that there is a myriad out there of real cryptography that
is in truth merely varying degres and instances of failed cryptography
hardly worth calling cryptography in most serious circles - that has
to include the RSA cipher which of course is a declared failure
(somewhere in the "Handbook of Applied Cryptography") of a
mathematical one-way function cipher.
There should be only one cryptography that is implied when that word
i.e. cryptography is used without qualification and that is
'Theoretically Unbreakable Class' of cryptography ( same handbook ).
One way or another this launching of "Popular Cryptography Magazine"
is a turning point for the good in crypto publications in my view - I
just hope that they will change the goal posts - I reckon if they
worked on a policy of publishing by meritorios invitation it would
become such a coveted prize that it would fill a much needed niche
between say the American Mathematical Society and sci crypt. -
You're a funny, funny person.
During these early stages of evaluating your Vector Cipher 2, I am
focussing on two aspects for Popular Cryptography Magazine:
I cannot find a place in your software to enter a key of all zeros.
When I tried to encrypt a file with 24 megabytes of ASCII information,
the ciphertext was only 3 kilobytes long.
Do you, adacrypt, have any comment on those two issues?
Are these the right programs to be evaluating?
It is automated to be unobtrusive so unskilled people can benefit.
That automation disallows anyone to enter the key of all zeros, except
in rare instantiations.
> If you wanted to review something useful try PGP or TrueCrypt.
I tried out TrueCrypt. It disallows me to enter the key of all zeros.
> >I know
> > from my experience how difficult it is for a Master of Science to
> > enter the "all zeros key" and to decrypt a stranger's file.
> There are 8 year olds who use cryptography daily. Most don't seem to
> need a Master's. Do you see a difference between what you do and think
> and what is done in practice?
Yes, I notice that the automated authentication is about as
trustworthy as on-line slot machines.
>Are these the right programs to be evaluating?
Yes, these are the right programs alright.
That version does not display any of the internal computations at
runtime that Mark_0 does - it is a working version - it also an exact
copy of Mark_1
I have no idea what a key of all zeros that you mention is and there
is no accomodation in my source code for it - I suspect my cipher is
rejecting something it is not intended to do - it may sound small-
minded but frankly the only thing I want to understand is security of
information that is encrypted by one of the two cipher types (sporadic
mapping to integer points in space) - that I am promoting - I want to
cooperate with you and suggest that if you email me a file of
plaintext - I will encrypt it at my end and compare results - remember
I work in denary all the time - no binary ever - except inside my
computer as machine code - hope to hear from - cheers - Adacrypt
Hi again ,
Are you able to encrypt and decrypt the test files of plaintext that
are included in the directory (folder) of Vector Cipher_2 ok ? -
Anyone might make a particular program work on one computer as he is
accustomed to do, but try it on several for grins. Programming
languages can mess up due to corruption of the sources,
incompatibilities of platform, or less than transparent
communications. Visit a friend, let him download it and attempt to
make it work. You can learn lots this way. Every day furnishes new
opportunities to go astray. Concentrate and learn, do it myself.
I accept that as a very essential part of the beta testing ! - regards
Suggest also running the Mark_0 program and see where it crashes out
- that is what it is there for - a diagnostic program
I think you have posted this in the wrong place.
The change-of-origin ploy is the basis of a one-way function - it is
totally and utterly impossible to reverse except by access to the
mutual databases - as long as Alice and Bob keep these secret then it
is impossible for anybody to know what the change-of-orign was that is
used for any item of ciphertext - each item of ciphertext has a
different one - it virtually needs a transfer of data from a human
memory to a computer memory - Only Alice and Bob can do that - there
is no secret about anything else - as it should be in principle
according to basic crypto - one-way functions are only workable by
means of mutual database technology - no sweat about how much is
public - at the end of the day Eve cannot get past the change-of-
origin stumbling block - cheers - adacrypt
Dave, please be smart and do not respond to google groups posts.
You will eliminate 99% of idiots just with this simple step.
It does more than waste time. It gives people a motivation to attempt
to decrypt something with a specific key. When those readers of
Popular Cryptography Magazine search the world for software that will
let them enter a key, they will find that there are few with that
power, and that they may need to pay for the software. Many
cryptographic programs disallow keys to be entered, like TrueCrypt,
AES Crypt, and Adacrypt. Popular Cryptography Magazine is sticking
that in your face.
Also, see the Popular Cryptography Magazine page on random numbers to
imagine the possible uses of posting encrypted files of random numbers
with a standard file size of 8 kilobytes. You do not yet realize the
full power of the random side.
First off, calling a blog a magazine is just stupid. Magazines are
collections of articles published in a periodic fashion as issues
collected on a larger period as volumes. A blog is a place where
people vomit their conscious stream of thought and other people read
it out of sheer boredom.
Second, calling yours "popular" in the title is about as authentic and
original as Fox's "Fair and Balanced" or calling NK "democratic."
Third, being able to (assuming) ECB decrypt a file with a zero key is
in no way a form of power. For starters, an application written to do
that is totally useless in a real cryptographic application. You have
no key negotiation (other than to explicitly state what it is), you're
not even using a chaining mode let alone an authentication code which
means I can post your ciphertext altered and it would still decrypt.
In short it proves that you don't know how cryptography is supposed to
Fourth, I write cryptography for a living. Been doing it for nearly
10 years and I could whip up an AES decrypt with keys all zero
application while sitting sloshed in my seat after 4 pints of beer.
And I still don't care to. Why? Why the fuck would I read your
article? You've shown me no evidence that you have the first FSM damn
clue about cryptography at all. I'd rather take lessons on
cryptography from the writers of Swordfish than you. The fact that
you're gravitating towards Adacrypt as some sort of authority is proof
enough that you're clueless.
Good luck with your "Popular" "Cryptography" "Magazine" ...
>You do not yet realize the
>full power of the random side.
I think there are a lot of others that also do not understand what
random really means - they confuse it with a haphazard collection
process that's supposed to carry along some extraordinary inbuilt
intractability that must surely emanate from being haphazrd they
think, when its used later - instead of meaning equal probability of
being the next one to be called in some unbiased retrievable system.
In passing - quite frankly I do not know enough of the wider field of
cryptodom to be able to analyse how destructive claims in posts such
as Dave's can be discredited by the available software, methodology
etc - at present I am following my instincts entirely and justifying
it mathematically as I go along - I have no doubt of the veracity of
my stuff to date - I don't need to collect any baggage that the
current crypto industry throws up - I am convinced it is on the way
out anyway even if it takes a few years - Cheers - adacrypt
Your bitterness is evident.
> Second, calling yours "popular" in the title is about as authentic and
> original as Fox's "Fair and Balanced" or calling NK "democratic."
Your denunciation is premature.
> Third, being able to (assuming) ECB decrypt a file with a zero key is
> in no way a form of power. For starters, an application written to do
> that is totally useless in a real cryptographic application.
That is a lie. Test vectors are published commonly with a zero key so
people can input the zero key into the software with a known plaintext
to prove that the known ciphertext results.
> You have
> no key negotiation
Lies, all lies. The Magazine asks people to send in their writings and
to define the key themselves. You seem prone to extremist
exaggerations and absolutism.
> Fourth, I write cryptography for a living.
I want to read the Magazine you write for. Where is it?
> Been doing it for nearly
> 10 years and I could whip up an AES decrypt with keys all zero
"application"? Do you need to write a new program that specializes in
the all zeros key? I just double click on the program a bought using
money called Perfect File Encryption Using AES. I don't throw a temper
while sitting sloshed in my seat after 4 pints of beer.
> And I still don't care to. Why? Why the fuck
That beer makes you swear alot, does it? Good. Your anger makes you
stronger and bold.
would I read your
> article? You've shown me no evidence that you have the first FSM damn
> clue about cryptography at all. I'd rather take lessons on
> cryptography from the writers of Swordfish than you. The fact that
> you're gravitating towards Adacrypt
Adacrypt has an even temperment. He is a pleasant fellow to correspond
with. I also enjoy reading about your anger and beer. Please write
again about Popular Cryptography Magazine.
as some sort of authority is proof
> enough that you're clueless.
> Good luck with your "Popular" "Cryptography" "Magazine" ...
Ha Ha Ha ..............
I'm not bitter, I'm just idiot resistant.
> > Second, calling yours "popular" in the title is about as authentic and
> > original as Fox's "Fair and Balanced" or calling NK "democratic."
> Your denunciation is premature.
And your command of language is not inspiring.
> > Third, being able to (assuming) ECB decrypt a file with a zero key is
> > in no way a form of power. For starters, an application written to do
> > that is totally useless in a real cryptographic application.
> That is a lie. Test vectors are published commonly with a zero key so
> people can input the zero key into the software with a known plaintext
> to prove that the known ciphertext results.
Ok, you're right, it's useful for TEST VECTOR PURPOSES. Not for
> > You have
> > no key negotiation
> Lies, all lies. The Magazine asks people to send in their writings and
> to define the key themselves. You seem prone to extremist
> exaggerations and absolutism.
So I tell you [and the world] what my key is? And this is a form of
"realistic" key negotiation in your mind?
> > Fourth, I write cryptography for a living.
> I want to read the Magazine you write for. Where is it?
I've published two books on the subject.
> "application"? Do you need to write a new program that specializes in
> the all zeros key? I just double click on the program a bought using
> money called Perfect File Encryption Using AES. I don't throw a temper
I wouldn't buy a piece of software to do something I could accomplish
with a dozen lines of C. And I wouldn't write those dozen lines to
read your blog.
I think I like Globemaker guy. Any one who pisses off little
Tommy can't be all bad. Second DAVE WHO do you mean
me Turener Eather or who dave is a common name.
Though I like the Globe guy he seems very clever. I would never
read your article if I need to buy your software. Though you write
great I have this gut feeling you code is crap. Maybe the Globe
guy since he had money to burn and actually bought you pile
of whatever it is can give us more thoughts of how good he
thinks it is. Say compared to scott19u.
David A. Scott
My Crypto code
http://www.jim.com/jamesd/Kong/scott19u.zip old version
My Compression code http://bijective.dogma.net/
**TO EMAIL ME drop the roman "five" **
Disclaimer:I am in no way responsible for any of the statements
made in the above text. For all I know I might be drugged.
As a famous person once said "any cryptograhic
system is only as strong as its weakest link"
Right back at you, pal.
> Though I like the Globe guy he seems very clever. I would never
> read your article if I need to buy your software. Though you write
> great I have this gut feeling you code is crap. Maybe the Globe
> guy since he had money to burn and actually bought you pile
> of whatever it is can give us more thoughts of how good he
> thinks it is. Say compared to scott19u.
You guys need a clubhouse to go with your "publication."
I thought you were writing about cryptography not about who you do and
don't get on with.
Since I deal with indirect key words in key generation processes, the
letters "allzeros" could be used as a key, which is also a pun, joke,
or parody of the transportable nature of such things when given a
For example in the modification of base64 coding to base65 cipher,
"allzeros" in one pass produces /
might present a slight problem for most to remember.
Hello Mr. Scott, I already have used scott19u.zip and I evaluated it
many years ago. It works perfectly. The security is practically
unbreakable, due to the large key size and the complicatedx rounds.
Congratulations on 15 years of good cryptgraphic algorithm donations.
Comparing scott19u.zip with adacrypt's Vector Cipher 2 is like
comparing an Audi A6 car to a Stanley Steamer. While scott19u.zip is
not a Lamborghini, at least I can use a key that I choose. With Vector
Cipher 2, I cannot define one key. Also, Vector Cipher 2 failed to
encrypt a 25 megabyte file. Scott19u alway succeeded to encrypt any
file I gave it.
Once again, good work, David A. Scott. We spoke on the telephone,
once. Thank you for a polite and articulate conversation. You are
persistent and helpful. Keep up the efforts, you are a shining example
of a paragon, and a truely motivational paradigm.
> I thought you were writing about cryptography not about who you do and
> don't get on with.
Yes, the Popular Cryptography Magazine discusses crypto, but on
sci.crypt I decided to make an exception for this one thread. I
remember when The Saint first posted on sci.crypt in late 1994, he
seems so bright and smart, I am shocked to now read The Saint using
foul language about my new Magazine, rolling in his beer-fueled puke-
speech to insult a Magazine that is one week old. How infantile Tom
"The Saint" Denis seems, perhaps due to the pressures of working at
AMD, Advanced Micro Devices. I also worked at AMD as an engineer, so I
have some sympathy for the aggravation and anxiety that AMD commonly
produces in engineers who once cared about technology.
So, Dave Eather, you are right to chastise me for responding to The
Saint's emotional outburst. I am sorry. I was wrong. I apologise to
The Saint and to all readers of sci.crypt for that. In the future I
will let the infantile temper tantrums pass under my hull, like 2.4
million gallons of oil per day, never expecting to plug it fully.