1. Kryptonite v2.0 Now Available!
A totally free, solid encryption program is now available. Some ways it is
better than home-grown encryption programs is:
* It uses a proven algorithm: Blowfish.
* It uses a hash algorithm to detect tampered files and avoids bad
decrypts.
This program is in a .ZIP file, and contains program, documentation, and
credits. E-mail me if you want it. That goes for _anyone_. However, I
would like to thank Davi T. Figueiredo for contributing to this program.
Without him, this program would be impossible since he created both the
Blowfish algorithm and the hash algorithm from specifications. There is a
reason why I am not submitting this to the website. This is an excerpt of
the documentation. Let's just say I believe in very civil, very
non-violent disobedience.
Alan
Legal Notice
The US government forbids exporting of this program. The author
believes, however, that information security is not a weapon, and
that everyone is entitled to have strong information security.
Therefore, as long as the author has an e-mail address, this
package will be available to _anyone_ who wants it.
However, _use_ of this package is not restricted in the United
States, nor in most places. But it is restricted in some places.
Use it at your own risk.
2. Re: Kryptonite v2.0 Now Available!
I want it!
-----Mensaje original-----
De: Alan Tu <ATU5713 at COMPUSERVE.COM>
Para: EUPHORIA at LISTSERV.MUOHIO.EDU <EUPHORIA at LISTSERV.MUOHIO.EDU>
Fecha: Martes 29 de Diciembre de 1998 2:58 PM
Asunto: Kryptonite v2.0 Now Available!
A totally free, solid encryption program is now available. Some ways it is
better than home-grown encryption programs is:
* It uses a proven algorithm: Blowfish.
* It uses a hash algorithm to detect tampered files and avoids bad
decrypts.
This program is in a .ZIP file, and contains program, documentation, and
credits. E-mail me if you want it. That goes for _anyone_. However, I
would like to thank Davi T. Figueiredo for contributing to this program.
Without him, this program would be impossible since he created both the
Blowfish algorithm and the hash algorithm from specifications. There is a
reason why I am not submitting this to the website. This is an excerpt of
the documentation. Let's just say I believe in very civil, very
non-violent disobedience.
Alan
Legal Notice
The US government forbids exporting of this program. The author
believes, however, that information security is not a weapon, and
that everyone is entitled to have strong information security.
Therefore, as long as the author has an e-mail address, this
package will be available to _anyone_ who wants it.
However, _use_ of this package is not restricted in the United
States, nor in most places. But it is restricted in some places.
Use it at your own risk.
3. Re: Kryptonite v2.0 Now Available!
Alan:
First:
Let me say that while I disagree with the current encryption export regs, I
do so not because I think they are wrong, but rather because I think they
are flawed. There is an inherent assumption that we (Americans) are the only
people capable of taking a well published algorithm (like Blowfish) and
converting it to executable code. This is pure folly. Quite frankly this
smells of quasi racial bigotry by implying that peoples of third world
countries are intellectual cripples compared to us.
Second:
I **STRONGLY** disagree with your decision to hand out this code
cart-blanche. Just because you disagree with a law does not give you the
right to ignore it. Civil disobedience is a powerful tool, but it must be
used with prudence. It should be noted that civil disobedience is only
acceptable when ALL other efforts to change the law have been fruitless.
That does not apply here. There are a number of lawsuits in action right now
to lift some or all export regs. Just because you are impatient is not
justification for breaking the law.
Third:
Current US law also allows for algorithms with 56-bit or smaller keys to be
exported. Can your algorithm be adapted to use these smaller key sizes? You
could then export a reasonable security software without breaking the law.
If and when the regs are lifted you could release the better code.
Finally
As to your statement "The author believes, however, that information
security is not a weapon ...". Are you really this naive or is this just
your way of trying to justify (to yourself?) your illegal activities?
Information is power and is most often used as either a tool or a weapon. In
this case it is a defensive weapon designed to defeat the offensive efforts
of whomever is seeking knowledge. Imagine Saddam knew all of our troop
movements & attack plans during the original Desert Storm... how effective
would we have been if he had detailed access to our information? Maybe you
should read the story of PURPLE too.
All forms of security are defensive weapons and defensive weapons are the
most effective (AND most non-violent) means to the end. Your car alarm
(physical security) is a defensive weapon against theft. Your insurance
policy (financial security) is a defensive weapon against debt. Your
encryption program (information security) **is** a defensive weapon against
invasions of privacy.
Should we be entitled to such privacy? Absolutely yes.
Should we break the law to get it? Not if we can change the law instead, and
we can.
4. Re: Kryptonite v2.0 Now Available!
- Posted by Ralf Nieuwenhuijsen <nieuwen at XS4ALL.NL>
Dec 29, 1998
-
Last edited Dec 30, 1998
Quality wrote:
>Second:
>I **STRONGLY** disagree with your decision to hand out this code
>cart-blanche. Just because you disagree with a law does not give you the
>right to ignore it. Civil disobedience is a powerful tool, but it must be
>used with prudence. It should be noted that civil disobedience is only
>acceptable when ALL other efforts to change the law have been fruitless.
>That does not apply here. There are a number of lawsuits in action right
now
>to lift some or all export regs. Just because you are impatient is not
>justification for breaking the law.
And this:
>Should we break the law to get it? Not if we can change the law instead,
and
>we can.
Since when does one need justification to brake the law ?
Since when is it wrong to brake the law ?
When I steal a car, do you blame me for braking the law or for taking some
one else's property ?
What is wrong with 'braking the law' on itself. Do you still live in the
illusion of a democracy when you can choose between 2 people/parties ?
Democracy means (originated from grech): power to the people. Laws,
governemnts, and the whole mess that is there is an 'attempt' to achieve
that goal.
In the same way certain laws are an attempt to be in the best interest of
everybody. But they are *always* an attempt. No law, no rule, no system
works for the full 100%. There are always more or less exceptions, and you
are serving the attemp, rather than the idea behind it.
More than that, you are asking one to give up his own beliefs, in the favor
of others. A majority-dictature is not what you want as well, do you ?
And maybe this all is hard to except for those who get brainwashed through
education, that stimulates national feeling and 'overidealizes' democracy.
Just because everybody says so, and because everybody seems to be so
convienced does not mean what they say is right. Have you ever considered
that they might too be so convienced and repeat after the rest, because you
and the rest are saying the same ?
End of discussion.
Ralf
5. Re: Kryptonite v2.0 Now Available!
- Posted by Alan Tu <ATU5713 at COMPUSERVE.COM>
Dec 29, 1998
-
Last edited Dec 30, 1998
This shall be the last message on the listserver on this subject. All
those who want the file (there is a new version with hidden password entry,
file wipe, etc), e-mail me personally. Those inside the US I will give the
file. Those outside the US, I will not I will not I will not give you the
file anymore, but please, e-mail me still if you want it. But I feel I
have to have the chance to respond to some comments that already have been
made.
>It should be noted that civil disobedience is only acceptable when ALL
>other efforts to change the law have been fruitless.
In 1955, when Martin Luther King boycotted the buses at Montgomery,
couldn't he have filed a suit? I'm sure he could have.
>That does not apply here. There are a number of lawsuits in action right
>now
>to lift some or all export regs.
If someone in another land asks for my program, I'm supposed to turn him
away? Then I become the instrument of these regulations.
> Just because you are impatient is not
>justification for breaking the law.
I'm not impatient; I already have my program. But some people want this
program, now.
>Current US law also allows for algorithms with 56-bit or smaller keys to
>be
>exported.
56-bit keys can be broken by brute-force, as was demonstrated at the Crypto
'93 conference. It is no longer considered strong by those authoritative
people in the crypto community. 2^56 boggles my mind, but the fact is it
isn't considered strong.
>If and when the regs are lifted you could release the better code.
Why should I have to make the people outside the US wait? I should I
choose to be the instrument of, as you put it, bigotry?
>>>>>
Information is power and is most often used as either a tool or a weapon.
In
this case it is a defensive weapon designed to defeat the offensive efforts
of whomever is seeking knowledge. Imagine Saddam knew all of our troop
movements & attack plans during the original Desert Storm... how effective
would we have been if he had detailed access to our information? Maybe you
should read the story of PURPLE too.
<<<<<
That's why encryption should be propagated naturally, like a river.
>>>>>
All forms of security are defensive weapons and defensive weapons are the
most effective (AND most non-violent) means to the end. Your car alarm
(physical security) is a defensive weapon against theft. Your insurance
policy (financial security) is a defensive weapon against debt. Your
encryption program (information security) **is** a defensive weapon against
invasions of privacy.
<<<<<
Pardon, but you're damned right. A weapon implies destruction. A Hawke AA
missile is destructive. But this is not a weapon; it is a counter-measure
since it does not destroy.
>Should we be entitled to such privacy? Absolutely yes.
Tell me how the people in other countries who don't have the talent to
write this can have my program within the next wek legally.
>Should we break the law to get it? Not if we can change the law instead,
>and
>we can.
OK, longer timeline. Tell me how I can cause the law to change oh, say, in
the next six months? Or even a year?
Alan
6. Re: Kryptonite v2.0 Now Available!
- Posted by Quality <quality at ANNEX.COM>
Dec 29, 1998
-
Last edited Dec 30, 1998
You asked some questions, I will answer them. If anyone wants this
discussion to go further we can do it in private e-mail, I am willing to
coordinate a small mail-list for interested parties.
>In 1955, when Martin Luther King boycotted the buses at Montgomery,
>couldn't he have filed a suit? I'm sure he could have.
Obviously you don't know much about our history. A great many lawsuits
**were** filed but the bigoted courts of the time violated the law and
either allowed biased/illegal decisions or dismissed the lawsuits as
"frivolous" preventing their day in court. When the courts failed to work
then civil disobediance became a **WEAPON** to overcome the system.
>>That does not apply here. There are a number of lawsuits in action right
>>now to lift some or all export regs.
>
>If someone in another land asks for my program, I'm supposed to turn him
>away? Then I become the instrument of these regulations.
You become a dutiful citizen obeying the laws of your country. Not all laws
are good, but we have a system that allows changes to bad laws. We should
use this system and not bypass it because it is convenient to do so.
>I'm not impatient; I already have my program. But some people want this
program, now.
And some people want heroine and crack legalized. Would you distribute these
destructive drugs to people just because they asked for it **now**? I think
not.
>Why should I have to make the people outside the US wait? I should I
>choose to be the instrument of, as you put it, bigotry?
You choose to live here. That gives you an obligation to live by the laws of
here. Move to Iraq and distribute your code from there if you dont like
these laws. I promise you will like their laws even less.
>Pardon, but you're damned right. A weapon implies destruction. A Hawke AA
>missile is destructive. But this is not a weapon; it is a counter-measure
>since it does not destroy.
A defensive weapon DESTROYS an offensive effort. A car alarm destroys a
burglury attempt.
>OK, longer timeline. Tell me how I can cause the law to change oh, say, in
>the next six months? Or even a year?
Well, you might start by reading up on the current efforts ongoing, then see
if you can add anything of value to these efforts. You might be surprised
that almost every court decision so far has been on **your** side but laws
are indeed slow to change. I understand that the export limit is being
raised to 64-bits next year (not sure if this is solid yet).
I agree that the law is wrong, but I know our system works (eventually).
What we are really talking about is politics, and politics is like Judo,
Learn to work within the system and use its own force to change the law. It
is not easy, but few worthwhile things are.
** AGAIN, PLEASE REPLY VIA PRIVATE EMAIL AND LETS TAKE THIS OFF THE
LIST-SERVER **
7. Re: Kryptonite v2.0 Now Available!
>* It uses a hash algorithm to detect tampered files and avoids bad
>decrypts.
Are you sure that's a good idea? Watch this (using my encryption program,
not released.)
C:\TEXT>encrypt secure.txt secure.enc
Encrypt 1.0 by Robert Brandon Pilkington
[E]ncrypt or [D]ecrypt? e
Input password: ****
Retype password: ****
Encrypting...
100% done!
C:\TEXT>encrypt secure.txt secure2.enc
Encrypt 1.0 by Robert Brandon Pilkington
[E]ncrypt or [D]ecrypt? d
Input password: *****
Retype password: *****
Decrypting...
100% done!
Now, secure2.enc is more secure than secure.enc. To decode it, you have to
encrypt it with the decryption password, and decrypt it using the encryption
password. Pretty sneaky, the text (or binary, whatever) would be even more
mangled, but still repairable. What do you think? 
8. Re: Kryptonite v2.0 Now Available!
On Wed, 30 Dec 1998, Robert Pilkington wrote:
> C:\TEXT>encrypt secure.txt secure.enc
> Encrypt 1.0 by Robert Brandon Pilkington
> [E]ncrypt or [D]ecrypt? e
> Input password: ****
> Retype password: ****
> Encrypting...
> 100% done!
> ...wrong password. Pretty sneaky, the text (or binary, whatever) would
> be even more mangled, but still repairable. What do you think?
Does it use XOR password encryption? I have something that does this:
My Site -> Euphoria -> My Programs -> eucode/ -> eucode.ex
eucode.txt
My site's down at the moment. Server trouble. It'll be up in the new year.
I go home now,
Carl
--
Carl R White -- Final Year Computer Science at the University of Bradford
E-mail...: cyrek- at -bigfoot.com -- Remove the hyphens before mailing. Ta :)
URL......: http://www.bigfoot.com/~cyrek/
Ykk rnyllaqur rgiokc cea nyemdok ymc giququezka caysgr -- B.Q.Vgesa
9. Re: Kryptonite v2.0 Now Available!
>>>>>
Now, secure2.enc is more secure than secure.enc. To decode it, you have to
encrypt it with the decryption password, and decrypt it using the
encryption
password. Pretty sneaky, the text (or binary, whatever) would be even more
mangled, but still repairable. What do you think?
<<<<<
It is sneaky, and therefore more secure. But I'm not counting on sneaks
here; I'm counting on blowfish. Your program (I don't mean this mean) is
one of those fly-by-nighters; hey, I made one. Its soley based on
algorithm. So you can decrypt and encrypt or whatever; in the "business"
world, e is e and d is d. See what I mean?
Alan
10. Re: Kryptonite v2.0 Now Available!
- Posted by Flash Braden <anathema at IX.NETCOM.COM>
Dec 30, 1998
-
Last edited Dec 31, 1998
Ralf, you sanctimonious moron, the word is spelled B R E A
K, not
B R A K E. The post to which you are responding contains
several
correctly spelled examples for you to copy. Last but not
least, your
perspective on the law is no better than your spelling. So,
tell
me, how long have you been employed at the White House?
cheers,
-Flash->
Ralf Nieuwenhuijsen wrote:
>
> Quality wrote:
> >Second:
> >I **STRONGLY** disagree with your decision to hand out this code
> >cart-blanche. Just because you disagree with a law does not give you the
> >right to ignore it. Civil disobedience is a powerful tool, but it must be
> >used with prudence. It should be noted that civil disobedience is only
> >acceptable when ALL other efforts to change the law have been fruitless.
> >That does not apply here. There are a number of lawsuits in action right
> now
> >to lift some or all export regs. Just because you are impatient is not
> >justification for breaking the law.
>
> And this:
> >Should we break the law to get it? Not if we can change the law instead,
> and
> >we can.
>
> Since when does one need justification to brake the law ?
> Since when is it wrong to brake the law ?
>
> When I steal a car, do you blame me for braking the law or for taking some
> one else's property ?
>
> What is wrong with 'braking the law' on itself. Do you still live in the
> illusion of a democracy when you can choose between 2 people/parties ?
> Democracy means (originated from grech): power to the people. Laws,
> governemnts, and the whole mess that is there is an 'attempt' to achieve
> that goal.
>
> In the same way certain laws are an attempt to be in the best interest of
> everybody. But they are *always* an attempt. No law, no rule, no system
> works for the full 100%. There are always more or less exceptions, and you
> are serving the attemp, rather than the idea behind it.
>
> More than that, you are asking one to give up his own beliefs, in the favor
> of others. A majority-dictature is not what you want as well, do you ?
>
> And maybe this all is hard to except for those who get brainwashed through
> education, that stimulates national feeling and 'overidealizes' democracy.
> Just because everybody says so, and because everybody seems to be so
> convienced does not mean what they say is right. Have you ever considered
> that they might too be so convienced and repeat after the rest, because you
> and the rest are saying the same ?
>
> End of discussion.
>
> Ralf
--
-------------------
C. C. -Flash-> Braden, linkmaster:
http://www.freecitizen.com/
This week's cartoon:
http://www.freecitizen.com/carlmoore/NEW.HTM
11. Re: Kryptonite v2.0 Now Available!
Flash lived up to his age and said:
>So, tell me, how long have you been employed at the White House?
Interesting. You feel I insulted your country, and as your been programmed,
and as you have associated america with yourself, you are going to defend
is. Since normal reason doesnt work, you resort to having comments on my
spelling. This is *constructive* critism on your society, without at any
point making any comparsiments with other societies. Now, get over you ego,
and start using reason:
As to your (pathic) 'argument' above:
The White House has got nothing to do with it. To be a more positive person
(and insult less others) I assumed, the positive motivations behind the
existence of a law, which is:
A law is the 'implementation' of the goal: society, preferbly democracy
The second you claim that my view is wrong, is the second YOU claim to live
under a fascist regime. Not me. However, no implementation is always
correct. However, it is always *applied*. It are these situaties where
people are suprised because ethics are compromized. Now 'Quality' said that
we should obey the law, unless there is no way to change it. It is one of
his values. In which my return (should have been/was):: maybe I and Alan
(the person in question who wanted to offer his code) have different values.
Personally, I dont believe obbeying *every* law in *every* case, helps the
goal behind the laws, which is: (again) society, preferbly democracy, for
me. And I know that religious people, and other people too, have values much
stronger than obbey the laws of the state where they currently live in. And
the amount of nationalism that floads out of your message, gives me a hint,
that if you are not aware that these same 'values' / 'goals' were behind
YOUR society (the society in question, in other words: no comparisment is
made to other countries, what so ever, dont feel insulted: you are not your
country, and you are not responsible for all it flaws. I would kill myself,
if I felt responsible for all MY country(= Holland) flaws.)
No, I have explained with for me 'breaking' (correctly spelled ?) a law is
not always in conflict with my ethics, and I know, it is not always in
conflict with the values of many. The whitehouse *makes* the laws, not the
ideals behind it, and like me, can only assume the positive goal behind such
a law. Their opinion is not important to me.. what the (beep) has the white
house got to do with this. They are only the machine that tries to implement
those goals. And I believe they really try that. Like most western
goverments try that. And like America, and like Holland, and like many other
countries they prove it is not easy to do so. Also because society is a
dynamic thing, they are always running behind it.
No, you either accept and respect this opinion, or eh.. I dont care.. shoke
in your nationalism, but try to 'puke' in the direction of my mail, rather
than the list-server: nieuwen at xs4all.nl
Ralf
12. Re: Kryptonite v2.0 Now Available!
This battle of wits and getting the last word in needs to stop, I, as a casual
observer, have to step in for the good of the server and the people on it who
want pure unadulterated information on programming. I ask as a mature human
being that all contributing parties who are not making Non-euphoria
programming posts stop immediately.
Thank you for your cooperation,
Adam
