From linux-crypto-bounce@nl.linux.org Thu Nov 02 07:19:24 2006
Received: from localhost ([127.0.0.1] helo=humbolt)
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1GfVv2-00041Q-8i; Thu, 02 Nov 2006 07:19:16 +0100
Received: with ECARTIS (v1.0.0; list linux-crypto); Thu, 02 Nov 2006 07:18:18 +0100 (CET)
Received: from [82.194.46.27] (helo=REFGFI01.BAH.BAPCO.INT)
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1GfVtZ-0003t8-J4
	for linux-crypto@nl.linux.org; Thu, 02 Nov 2006 07:17:45 +0100
Received: from refesg01.bah.bapco.int ([10.1.1.224]) by REFGFI01.BAH.BAPCO.INT with Microsoft SMTPSVC(6.0.3790.1830);
	 Thu, 2 Nov 2006 09:19:40 +0300
From: esafe@bapco.net
To: linux-crypto@nl.linux.org
Subject: Alert from eSafe: text.zip\text.scr  Infected with Win32.Mydoom.m
Date: Sun, 02 Nov 2006 09:19:40 +0300
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-ID: <REFGFI01SaVkpCCuc5b00003e59@REFGFI01.BAH.BAPCO.INT>
X-OriginalArrivalTime: 02 Nov 2006 06:19:40.0762 (UTC) FILETIME=[E14B6BA0:01C6FE46]
Received-SPF: 
X-Spam-Status: No, score=4.1 required=5.0 tests=AWL,BAYES_95,NO_REAL_NAME 
	autolearn=no version=3.0.1
X-Spam-Level: ****
X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on 
	humbolt.nl.linux.org
X-ecartis-version: Ecartis v1.0.0
Sender: linux-crypto-bounce@nl.linux.org
Errors-to: linux-crypto-bounce@nl.linux.org
X-original-sender: esafe@bapco.net
Precedence: bulk
List-help: <mailto:ecartis@nl.linux.org?Subject=help>
List-unsubscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=unsubscribe>
List-software: Ecartis version 1.0.0
List-Id: <linux-crypto.nl.linux.org>
X-List-ID: <linux-crypto.nl.linux.org>
List-subscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=subscribe>
List-owner: <mailto:ecartis-owner@nl.linux.org>
List-post: <mailto:linux-crypto@nl.linux.org>
List-archive: <http://mail.nl.linux.org/linux-crypto/>
X-list: linux-crypto

======================================================

Bapco detected hostile or unwanted content in this message.
If you believe this is in error, please resend the whole message to:

bapcoitd@gmail.com

Please make sure that you specify the recipient email address(es) in
your message.

Your email will be manually inspected and if found to be safe and in
accordance with Bapco's email policy, itwill be forwarded to the 
intended recipient.

======================================================


Time: 02 Nov 2006 09:19:40
Scan result: Mail modified to remove malicious content
Protocol: SMTP in
File Name\Mail Subject:  Delivery reports about your e-mail
Source: 67.10.187.183
Destination: 
Mail Sender: linux-crypto@nl.linux.org
Mail Recipients: alquraan_aek@bapco.net
Details: text.zip\text.scr  Infected with Win32.Mydoom.m, Blocked


-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/



From linux-crypto-bounce@nl.linux.org Sat Nov 04 09:36:05 2006
Received: from localhost ([127.0.0.1] helo=humbolt)
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1GgH0Q-0008F0-Tu; Sat, 04 Nov 2006 09:35:58 +0100
Received: with ECARTIS (v1.0.0; list linux-crypto); Sat, 04 Nov 2006 09:35:17 +0100 (CET)
Received: from romy.inter.net.il ([192.114.186.66])
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1GgGz6-0008Ag-Vw
	for linux-crypto@nl.linux.org; Sat, 04 Nov 2006 09:34:37 +0100
Received: from user-9vkapco571 ([213.8.76.202])
	by romy.inter.net.il (MOS 3.7.3-GA)
	with ESMTP id GDZ98055 (AUTH zza10);
	Sat, 4 Nov 2006 10:25:37 +0200 (IST)
Organization: Zapta Club
Reply-To: club@zapta.co.il
Message-ID: <3bcf80b43a56f921789ef192001b1436@zapta.co.il>
From: "Zapta Club" <club@zapta.co.il>
To: <linux-crypto@nl.linux.org>
Subject: =?windows-1255?Q?=E1=EE=E7=E9=F8_=E1=EC=F2=E3=E9_!_=E9=E4=E5=F8=ED_=E2=E0=E5=EF_=E1=E0=E5=F1=F3_=EB=F4=E5=EC_5_=FA=F7=EC=E9=E8=E5=F8=E9=ED,_=E7=E1=E9=EC=FA_=F8=E2=E9=F2=E4,_=F1=F4=F8=E9_=E1=E9=F9=E5=EC_=E5=F2=E5=E3?=
Date: Sat, 4 Nov 2006 10:11:04 +0200
MIME-Version: 1.0
Content-Type: text/html;
	charset="windows-1255"
Content-Transfer-Encoding: quoted-printable
Received-SPF: 
X-Spam-Status: No, score=2.9 required=5.0 tests=AWL,BAYES_50,
	DNS_FROM_AHBL_RHSBL,HTML_80_90,HTML_MESSAGE,MIME_HTML_ONLY,
	MIME_QP_LONG_LINE,URIBL_WS_SURBL autolearn=no version=3.0.1
X-Spam-Level: **
X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on 
	humbolt.nl.linux.org
X-ecartis-version: Ecartis v1.0.0
Sender: linux-crypto-bounce@nl.linux.org
Errors-to: linux-crypto-bounce@nl.linux.org
X-original-sender: club@zapta.co.il
Precedence: bulk
List-help: <mailto:ecartis@nl.linux.org?Subject=help>
List-unsubscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=unsubscribe>
List-software: Ecartis version 1.0.0
List-Id: <linux-crypto.nl.linux.org>
X-List-ID: <linux-crypto.nl.linux.org>
List-subscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=subscribe>
List-owner: <mailto:ecartis-owner@nl.linux.org>
List-post: <mailto:linux-crypto@nl.linux.org>
List-archive: <http://mail.nl.linux.org/linux-crypto/>
X-list: linux-crypto

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<meta http-equiv=3DContent-Type content=3D"text/html; =
charset=3Dwindows-1255">
</head>
<body style=3D"FONT-FAMILY: Arial">
<p class=3DMsoNormal dir=3Drtl style=3D"MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: =
center"=20
align=3Dcenter><b><span lang=3DHE=20
style=3D"FONT-SIZE: 14pt; COLOR: blue; FONT-FAMILY: Arial">=E1=EC=F2=E3=E9 =
=E1=E0=F8=F5 =E1=F9=E9=FA=E5=F3 =F2=ED=20
=E7=E1=F8=FA =EE=E3=E9=E4 =E3=E9=E9=F8=F7=E8<o:p></o:p></span></b></p>
<p class=3DMsoNormal dir=3Drtl style=3D"MARGIN: 0cm 0cm 0pt"><span =
lang=3DHE><o:p><font=20
face=3D"Times New Roman"></font></o:p></span></p>
<p class=3DMsoNormal dir=3Drtl style=3D"MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: =
center"=20
align=3Dcenter><b><span lang=3DHE style=3D"FONT-FAMILY: =
Arial"><br>=E9=E4=E5=F8=ED =E2=E0=E5=EF =E1=E0=E5=F1=F3=20
=EB=F4=E5=EC 5 =FA=F7=EC=E9=E8=E5=F8=E9=ED =E1- 129 =A4 =E1=EC=E1=E3 - =
<span style=3D"mso-spacerun: yes">&nbsp;</span><a=20
href=3D"http://www.zapta.co.il/product.asp?productid=3D7608&amp;shataf=3Dgm=
">=EC=E7=F5=20
=EB=E0=EF</a><o:p></o:p></span></b></p>
<p class=3DMsoNormal dir=3Drtl style=3D"MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: =
center"=20
align=3Dcenter><b><span lang=3DHE style=3D"FONT-FAMILY: Arial">2 =
=F1=F4=F8=E9 =E1=E9=F9=E5=EC =E1=EE=E7=E9=F8 =E7=EE=E9=ED=20
=E5=EE=E9=E5=E7=E3 =E1- 69 =A4 =E1=EC=E1=E3 - <span style=3D"mso-spacerun: =
yes">&nbsp;</span><a=20
href=3D"http://www.zapta.co.il/product.asp?productid=3D7609&amp;shataf=3Dgm=
">=EC=E7=F5=20
=EB=E0=EF</a><o:p></o:p></span></b></p>
<p class=3DMsoNormal dir=3Drtl style=3D"MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: =
center"=20
align=3Dcenter><b><span lang=3DHE style=3D"FONT-FAMILY: =
Arial">=E7=E1=E9=EC=FA =F8=E2=E9=F2=E4 =F1=F4=F8 =FA=F7=EC=E9=E8=20
=E5=F7=E8=E5=F8=FA <span style=3D"mso-spacerun: yes">&nbsp;</span>- <span=20
style=3D"mso-spacerun: yes">&nbsp;</span><a=20
href=3D"http://www.zapta.co.il/product.asp?productid=3D7607&amp;shataf=3Dgm=
">=EC=E7=F5=20
=EB=E0=EF</a><o:p></o:p></span></b></p>
<p class=3DMsoNormal dir=3Drtl style=3D"MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: =
center"=20
align=3Dcenter><b><span lang=3DHE=20
style=3D"FONT-FAMILY: Arial"><o:p></o:p></span></b></p>
<p class=3DMsoNormal dir=3Drtl style=3D"MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: =
center"=20
align=3Dcenter><b><span lang=3DHE style=3D"FONT-FAMILY: =
Arial"><br>=EC=F2=E5=E3 =F2=F9=F8=E5=FA =EE=EE=E2=E5=E5=EF=20
=EE=E1=F6=F2=E9 =E4=F9=E1=E5=F2 =EB=E5=EC=EC =EE=E7=F9=E1=E9=ED, =
=EE=E3=F4=F1=E5=FA, =EE=F6=EC=EE=E5=FA =E5=F2=E5=E3<o:p></o:p></span></b></p>
<p class=3DMsoNormal dir=3Drtl style=3D"MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: =
center"=20
align=3Dcenter><b><span lang=3DHE style=3D"FONT-FAMILY: =
Arial">=E1=EE=E7=E9=F8=E9=ED =E1=EC=F2=E3=E9=E9=ED<span=20
style=3D"mso-spacerun: yes">&nbsp; </span>-<span style=3D"mso-spacerun: =
yes">&nbsp;=20
</span><a =
href=3D"http://www.zapta.co.il/category.asp?salestag=3D9">=EC=E7=F5=20
=EB=E0=EF</a><br><o:p></o:p></span></b></p>
<p class=3DMsoNormal dir=3Drtl style=3D"MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: =
center"=20
align=3Dcenter><span lang=3DHE style=3D"FONT-FAMILY: =
Arial"><o:p></o:p></span></p>
<p class=3DMsoNormal dir=3Drtl style=3D"MARGIN: 0cm 0cm 0pt; TEXT-ALIGN: =
center"=20
align=3Dcenter><b><span style=3D"FONT-SIZE: 14pt; FONT-FAMILY: Arial"><a=20
href=3D"http://www.zapta.co.il"><span =
dir=3Dltr>www.zapta.co.il</span></a><span=20
lang=3DHE><o:p></o:p></span></span></b></p>
<p class=3DMsoNormal dir=3Drtl style=3D"MARGIN: 0cm 0cm 0pt"><span><font=20
size=3D2></font></span>&nbsp;</p>
<p class=3DMsoNormal dir=3Drtl style=3D"MARGIN: 0cm 0cm 0pt"><span><font=20
size=3D2></font></span>&nbsp;</p>
<p class=3DMsoNormal dir=3Drtl style=3D"MARGIN: 0cm 0cm 0pt"><span><font =
size=3D2>=E1=EE=E9=E3=E4=20
=E5=E0=E9=F0=EA =EE=F2=E5=F0=E9=E9=EF =E1=F7=E1=EC=FA =
=EE=E9=E9=EC&nbsp;=F0=E5=F1=F3, =E0=F0=E0 =E4=F9=E1 =EC=EE=E9=E9=EC =
=E6=E4&nbsp;=E5=FA=E5=F1=F8 =EE=F8=F9=E9=EE=FA=20
=E4=FA=F4=E5=F6=E4</font></span></p>
<p class=3DMsoNormal dir=3Drtl style=3D"MARGIN: 0cm 0cm 0pt"><span><font=20
size=3D2>group</font></span></p>
</body>
</html>



-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/



From linux-crypto-bounce@nl.linux.org Mon Nov 06 12:41:49 2006
Received: from localhost ([127.0.0.1] helo=humbolt)
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1Gh2rG-0004w6-Eu; Mon, 06 Nov 2006 12:41:42 +0100
Received: with ECARTIS (v1.0.0; list linux-crypto); Mon, 06 Nov 2006 12:40:38 +0100 (CET)
Received: from main.gmane.org ([80.91.229.2] helo=ciao.gmane.org)
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1Gh2pj-0004uG-NC
	for linux-crypto@nl.linux.org; Mon, 06 Nov 2006 12:40:07 +0100
Received: from root by ciao.gmane.org with local (Exim 4.43)
	id 1Gh2pe-0003Gi-P3
	for linux-crypto@nl.linux.org; Mon, 06 Nov 2006 12:40:02 +0100
Received: from adsl-69-228-43-19.dsl.irvnca.pacbell.net ([69.228.43.19])
        by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
        id 1AlnuQ-0007hv-00
        for <linux-crypto@nl.linux.org>; Mon, 06 Nov 2006 12:40:02 +0100
Received: from navisf23 by adsl-69-228-43-19.dsl.irvnca.pacbell.net with local (Gmexim 0.1 (Debian))
        id 1AlnuQ-0007hv-00
        for <linux-crypto@nl.linux.org>; Mon, 06 Nov 2006 12:40:02 +0100
X-Injected-Via-Gmane: http://gmane.org/
To: linux-crypto@nl.linux.org
From:  navisf23 <navisf23@yahoo.com>
Subject:  Re: RussianMag Password Confirmation
Date: Mon, 6 Nov 2006 11:33:06 +0000 (UTC)
Lines: 28
Message-ID:  <loom.20061106T123025-229@post.gmane.org>
References:  <200506071549.j57FnI7B026556@tour-b1.sjc.tncservers.net>
Mime-Version:  1.0
Content-Type:  text/plain; charset=us-ascii
Content-Transfer-Encoding:  7bit
X-Complaints-To: usenet@sea.gmane.org
X-Gmane-NNTP-Posting-Host: main.gmane.org
User-Agent: Loom/3.14 (http://gmane.org/)
X-Loom-IP: 69.228.43.19 (Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; YPC 3.0.1; .NET CLR 1.1.4322))
Received-SPF: 
X-ecartis-version: Ecartis v1.0.0
Sender: linux-crypto-bounce@nl.linux.org
Errors-to: linux-crypto-bounce@nl.linux.org
X-original-sender: navisf23@yahoo.com
Precedence: bulk
List-help: <mailto:ecartis@nl.linux.org?Subject=help>
List-unsubscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=unsubscribe>
List-software: Ecartis version 1.0.0
List-Id: <linux-crypto.nl.linux.org>
X-List-ID: <linux-crypto.nl.linux.org>
List-subscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=subscribe>
List-owner: <mailto:ecartis-owner@nl.linux.org>
List-post: <mailto:linux-crypto@nl.linux.org>
List-archive: <http://mail.nl.linux.org/linux-crypto/>
X-list: linux-crypto

TheRussianMag <starter <at> subscriptionemail.com> writes:

> 
> 
> it does not want to confirm my pw.better said activate my account

> 	
> 
>     
> 
> 	
> 	Hello niko,
> 
> 	Thank you for subscribing!Press this link to confirm your subscription& 
activate your password( http://optinmailers.net/cgi-
bin/startM.cgi/X/XRU406243175826553_linux-crypto/4FREE/0 )Before your 
membership can start you must click the above link to activate your 
subscription to the daily newsletter and your password to the site!
> 
> 
> 
> You must be at least eighteen years of age to use this service.* Please 
confirm your subscriptionand activate your password *Press this link to 
activate your password( http://optinmailers.net/cgi-
bin/startM.cgi/X/XRU406243175826553_linux-crypto/4FREE/0 )





-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/



From linux-crypto-bounce@nl.linux.org Sun Nov 12 17:43:46 2006
Received: from localhost ([127.0.0.1] helo=humbolt)
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1GjIQm-0000md-OG; Sun, 12 Nov 2006 17:43:40 +0100
Received: with ECARTIS (v1.0.0; list linux-crypto); Sun, 12 Nov 2006 17:42:33 +0100 (CET)
Received: from mx01.hinterhof.net ([83.137.99.114])
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1GjIOR-0000fs-Ci
	for linux-crypto@nl.linux.org; Sun, 12 Nov 2006 17:41:15 +0100
Received: from localhost (localhost [127.0.0.1])
	by mx01.hinterhof.net (Postfix) with ESMTP id DC50410450;
	Sun, 12 Nov 2006 17:16:33 +0100 (CET)
Received: from dp.vpn.nusquama.org (p54A7F714.dip.t-dialin.net [84.167.247.20])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(Client CN "dp.vpn.nusquama.org", Issuer "Max Vozeler" (verified OK))
	by mx01.hinterhof.net (Postfix) with ESMTP id CF0B710404;
	Sun, 12 Nov 2006 17:16:32 +0100 (CET)
Received: by dp.vpn.nusquama.org (Postfix, from userid 1000)
	id 12DA72E09A5; Sun, 12 Nov 2006 17:16:05 +0100 (CET)
Date: Sun, 12 Nov 2006 17:16:05 +0100
From: Max Vozeler <max@nusquama.org>
To: linux-crypto@nl.linux.org
Cc: pkg-loop-aes-maint@lists.alioth.debian.org
Subject: Script for loop-AES key generation
Message-ID: <20061112161605.GB5776@dp.vpn.nusquama.org>
Mail-Followup-To: linux-crypto@nl.linux.org,
	pkg-loop-aes-maint@lists.alioth.debian.org
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="MW5yreqqjyrRcusr"
Content-Disposition: inline
Received-SPF: 
X-Spam-Level: *
X-Spam-Status: No, score=1.7 required=5.0 tests=AWL,BAYES_99 autolearn=no 
	version=3.0.1
X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on 
	humbolt.nl.linux.org
X-ecartis-version: Ecartis v1.0.0
Sender: linux-crypto-bounce@nl.linux.org
Errors-to: linux-crypto-bounce@nl.linux.org
X-original-sender: max@nusquama.org
Precedence: bulk
List-help: <mailto:ecartis@nl.linux.org?Subject=help>
List-unsubscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=unsubscribe>
List-software: Ecartis version 1.0.0
List-Id: <linux-crypto.nl.linux.org>
X-List-ID: <linux-crypto.nl.linux.org>
List-subscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=subscribe>
List-owner: <mailto:ecartis-owner@nl.linux.org>
List-post: <mailto:linux-crypto@nl.linux.org>
List-archive: <http://mail.nl.linux.org/linux-crypto/>
X-list: linux-crypto


--MW5yreqqjyrRcusr
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

Hey all,

I've found that, whenever I want to create a new loop-AES key, I
always refer to README and look up/copy the exact command. More
than once I typoed and ended up with a bad key. So I thought, why
not make this into a short shell script.

Attached is one which does just that, along with a man page
that describes the available options. The script has been included
in the Debian package loop-aes-utils for about a year or so and
seems to generally work fine. It should work with any POSIX-
compliant shell (tested with bash, dash, posh, busybox sh). 

Let me know if you encounter any problems using it or have
suggestions/patches for improvement. :-)

Features:
 - Check for unsafe swap
 - Support for v1/v2/v3 type keys
 - Symmetric/asymmetric GnuPG encryption 
 - Configurable cipher

cheers,
Max

--MW5yreqqjyrRcusr
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline; filename=loop-aes-keygen

#!/bin/sh
#
# loop-aes-keygen - Create loop-AES encryption keys
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; version 2 dated June, 1991.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program;  if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA.
# 
# Copyright 2005-2006, Max Vozeler <xam@debian.org>
#
# $Id: loop-aes-keygen 1104 2006-03-17 15:43:11Z max $
#

set -e

umask 077

cipher=
userids=
rnd=/dev/random
version=3

usage()
{
	cat << USAGE
usage: loop-aes-keygen [opts] <keyfile>

  -v <1|2|3>	   Key format (Default: $version)
  -u userid        Encrypt for GnuPG pubkey <userid>
  -c cipher        Use GnuPG cipher <cipher>

USAGE
}

get_options()
{
	while getopts 'v:s:c:u:h' f
	do
		case $f in
		v) 
			version=$OPTARG
			;;

		c)
			cipher=$OPTARG
			;;

		s)
			rnd=$OPTARG
			;;

		u)
			userids="$userids $OPTARG"
			;;
			
		h)
			usage
			exit 0
			;;
		esac
	done
	shift `expr $OPTIND - 1`

	keyfile=$1
	
	if [ -z $keyfile ]; then
		echo No output file. Aborting
		usage
		exit 1
	fi

	if [ $version -lt 1 ] || [ $version -gt 3 ]; then
		echo Unsupported key format: $version
		exit 1
	fi
}

check_safe_loop()
{
	loopdev=$1

	opts=$(/sbin/losetup $loopdev 2>&1)
	if [ $? -ne 0 ]; then
		echo "Error: Check for $loopdev failed ($opts)"
		exit 1
	fi
		
	# If loop entry has an encryption= option assume it's safe
	if echo "$opts" | grep -q encryption=; then
		return 0
	fi

	return 1
}

check_safe_swap()
{
	if [ ! -r /proc/swaps ]; then
		echo Error: Cannot read /proc/swaps
		exit 1
	fi

	unsafe=
	while read line
	do
		set -- $line
		case $1 in
		/dev/loop*)
			if ! check_safe_loop $1; then
				unsafe=$1
				break
			fi
			;;
		Filename*)
			;;
		*)
			unsafe=$1
			break
			;;
		esac
	done < /proc/swaps

	if [ $unsafe ]; then
		echo Fatal: Unsafe swap detected: $unsafe
		exit 1
	fi

	return 0
}

keygen()
{
	version=$1
	keyfile=$2
	gpgargs=$3

	# These are the known loop-AES key formats:
	#  v1.x    1     45 bytes           AES key         
	#  v2.x   64   2880 bytes(45 * 64)  AES keys       
	#  v3.x   65   2925 bytes(45 * 65)  #65 is md5 seed
	case $version in
	1) nkeys=1 ;;
	2) nkeys=64 ;;
	3) nkeys=65 ;;
	*) return 1 ;;
	esac

	bytes=$((45*$nkeys))
	head -c $bytes $rnd | uuencode -m - | head -n $(($nkeys+1)) | tail -n $nkeys | gpg $gpgargs > $keyfile
}

get_options $*

if ! check_safe_swap; then
	exit 1
fi

if ! [ -x /usr/bin/gpg ]; then
	echo "Error: gpg not found"
	exit 1
fi

if ! [ -x /usr/bin/uuencode ]; then
	echo "Error: uuencode not found - see package sharutils"
	exit 1
fi

if [ -e $keyfile ]; then
	echo "Keyfile $keyfile exists. Aborting."
	exit 1
fi

gpgargs="--armor"

if [ "$userids" ]; then
	gpgargs="$gpgargs --encrypt"
	for id in $userids; do
		gpgargs="$gpgargs --recipient $id"
	done
else
	gpgargs="$gpgargs --symmetric"
fi

if [ $cipher ]; then
	gpgargs="$gpgargs --cipher-algo=$cipher"
fi

if ! keygen $version $keyfile "$gpgargs"; then
	echo An error occured while creating the key file.
	exit 1
fi

exit 0

--MW5yreqqjyrRcusr
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="loop-aes-keygen.1"

\" $Id: loop-aes-keygen.1 1104 2006-03-17 15:43:11Z max $
.TH loop-aes-keygen 1 2006-01-19
.SH NAME
loop-aes-keygen
.
.SH SYNOPSIS
.B loop-aes-keygen
[
.I options
]
.I keyfile
.
.SH DESCRIPTION
Creates keys for loop-AES loopback encryption. 
.
.SH OPTIONS
.
.TP
.B \-v <1|2|3>
Key format (Default: 3).
.
.TP
.B \-c cipher
Encrypt using GnuPG cipher
.I cipher
.
.TP
.B \-u id
Encrypt using GnuPG pubkey
.I id
\&. Can be given more than once
(Default: Encrypt symmetrically with passphrase)
.
.TP
.B \-s device
Override random source (Default: /dev/random). 
.B Don't use this option unless you know what you are doing.
A bad source can silently create useless and trivially crackable keys. 
On the other hand, a known good source faster than /dev/random (eg. good
hardware RNG) can significantly speed up the key creation.
.
.SH EXAMPLES
.TP
Create key
$
.B loop-aes-keygen key.gpg
.TP
Create key for multiple users
$
.B loop-aes-keygen -u user1@$HOSTNAME -u \(dqUser 2\(dq key.gpg
.TP
Create blowfish encrypted key in loop-AES v2.x format
$
.B loop-aes-keygen -c BLOWFISH -v2 key.gpg
.
.SH AUTHOR
.TP
Max Vozeler <xam@debian.org>
.
.SH SEE ALSO
.BR losetup (8),
.BR /usr/share/doc/loop-aes-utils/README,
.BR /usr/share/doc/loop-aes-source/README*

--MW5yreqqjyrRcusr--

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/



From linux-crypto-bounce@nl.linux.org Mon Nov 13 10:41:44 2006
Received: from localhost ([127.0.0.1] helo=humbolt)
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1GjYJv-0004H8-DU; Mon, 13 Nov 2006 10:41:39 +0100
Received: with ECARTIS (v1.0.0; list linux-crypto); Mon, 13 Nov 2006 10:40:49 +0100 (CET)
Received: from aibo.runbox.com ([193.71.199.94])
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1GjYIx-0004GH-41
	for linux-crypto@nl.linux.org; Mon, 13 Nov 2006 10:40:39 +0100
Received: from [10.9.9.160] (helo=penny.runbox.com ident=Debian-exim)
	by greyhound.runbox.com with esmtp (Exim 4.34)
	id 1GjXLT-000584-Px
	for linux-crypto@nl.linux.org; Mon, 13 Nov 2006 09:39:11 +0100
Received: from [24.181.239.244] (helo=[192.168.1.101])
	by penny.runbox.com with esmtpsa  (uid:263104 )  (TLS-1.0:DHE_RSA_AES_256_CBC_SHA:32)
	(Exim 4.50)
	id 1GjXLT-0006xK-Fc
	for linux-crypto@nl.linux.org; Mon, 13 Nov 2006 09:39:11 +0100
Message-ID: <45582F2A.4060703@runbox.com>
Date: Mon, 13 Nov 2006 03:39:06 -0500
From: PagCal <pagcal@runbox.com>
User-Agent: Thunderbird 1.5.0.7 (X11/20060911)
MIME-Version: 1.0
To:  linux-crypto@nl.linux.org
Subject: loop-AES integrated into SUSE 10.1
X-Enigmail-Version: 0.94.1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Received-SPF: 
X-ecartis-version: Ecartis v1.0.0
Sender: linux-crypto-bounce@nl.linux.org
Errors-to: linux-crypto-bounce@nl.linux.org
X-original-sender: pagcal@runbox.com
Precedence: bulk
List-help: <mailto:ecartis@nl.linux.org?Subject=help>
List-unsubscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=unsubscribe>
List-software: Ecartis version 1.0.0
List-Id: <linux-crypto.nl.linux.org>
X-List-ID: <linux-crypto.nl.linux.org>
List-subscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=subscribe>
List-owner: <mailto:ecartis-owner@nl.linux.org>
List-post: <mailto:linux-crypto@nl.linux.org>
List-archive: <http://mail.nl.linux.org/linux-crypto/>
X-list: linux-crypto

LOOP_MULTI__KEY_SETUP_V3 seems completely missing from SUSE 10.1.

Has someone put together a loop_aes.c sub-module for same?

It looks like a simple cut and past job from the latest loop-AES-3.1e.

PagCal


-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/



From linux-crypto-bounce@nl.linux.org Tue Nov 14 09:00:19 2006
Received: from localhost ([127.0.0.1] helo=humbolt)
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1GjtDJ-0006Vs-8u; Tue, 14 Nov 2006 09:00:13 +0100
Received: with ECARTIS (v1.0.0; list linux-crypto); Tue, 14 Nov 2006 08:59:12 +0100 (CET)
Received: from mail.tnnet.fi ([217.112.240.26])
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1GjtC4-0006TY-Qm
	for linux-crypto@nl.linux.org; Tue, 14 Nov 2006 08:58:56 +0100
Received: from localhost (localhost [127.0.0.1])
	by mail.tnnet.fi (Postfix) with ESMTP id 427C517B43A;
	Tue, 14 Nov 2006 09:58:49 +0200 (EET)
X-Virus-Scanned: amavisd-new at tnnet.fi
Received: from mail.tnnet.fi ([127.0.0.1])
	by localhost (mail.tnnet.fi [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id sOOIR5DT8E54; Tue, 14 Nov 2006 09:58:43 +0200 (EET)
Received: from a64.adsl.tnnet.fi (a64.adsl.tnnet.fi [217.112.242.64])
	by mail.tnnet.fi (Postfix) with ESMTP id 8BAA217B435;
	Tue, 14 Nov 2006 09:58:43 +0200 (EET)
Message-ID: <45597733.9B1A899@users.sourceforge.net>
Date: Tue, 14 Nov 2006 09:58:43 +0200
From: Jari Ruusu <jariruusu@users.sourceforge.net>
To: Max Vozeler <max@nusquama.org>
Cc: linux-crypto@nl.linux.org,
	pkg-loop-aes-maint@lists.alioth.debian.org
Subject: Re: Script for loop-AES key generation
References: <20061112161605.GB5776@dp.vpn.nusquama.org>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Received-SPF: 
X-Spam-Level: 
X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on 
	humbolt.nl.linux.org
X-Spam-Status: No, score=-1.2 required=5.0 tests=AWL,BAYES_50 autolearn=no 
	version=3.0.1
X-ecartis-version: Ecartis v1.0.0
Sender: linux-crypto-bounce@nl.linux.org
Errors-to: linux-crypto-bounce@nl.linux.org
X-original-sender: jariruusu@users.sourceforge.net
Precedence: bulk
List-help: <mailto:ecartis@nl.linux.org?Subject=help>
List-unsubscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=unsubscribe>
List-software: Ecartis version 1.0.0
List-Id: <linux-crypto.nl.linux.org>
X-List-ID: <linux-crypto.nl.linux.org>
List-subscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=subscribe>
List-owner: <mailto:ecartis-owner@nl.linux.org>
List-post: <mailto:linux-crypto@nl.linux.org>
List-archive: <http://mail.nl.linux.org/linux-crypto/>
X-list: linux-crypto

Max Vozeler wrote:
> Let me know if you encounter any problems using it or have
> suggestions/patches for improvement. :-)

There have been few cases where v3 key file and v2 losetup/mount were used
to set up a file system, and after upgrade to v3 losetup/mount, mounting the
file system failed. There is a warning about this problem in loop-AES README
file, but not everyone reads README files.

May I suggest adding a check that losetup is recent enough. Something like
this:

    strings /sbin/losetup | grep -q -s multi-key-v3
    if [ $? != 0 ] ; then
        echo "too old losetup version"
    fi

-- 
Jari Ruusu  1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9  DB 1D EB E3 24 0E A9 DD

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/



From linux-crypto-bounce@nl.linux.org Tue Nov 14 09:42:22 2006
Received: from localhost ([127.0.0.1] helo=humbolt)
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1Gjts1-0003Us-GA; Tue, 14 Nov 2006 09:42:17 +0100
Received: with ECARTIS (v1.0.0; list linux-crypto); Tue, 14 Nov 2006 09:41:43 +0100 (CET)
Received: from aibo.runbox.com ([193.71.199.94])
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1GjtrE-0003Tr-VG
	for linux-crypto@nl.linux.org; Tue, 14 Nov 2006 09:41:28 +0100
Received: from [10.9.9.162] (helo=pepper.runbox.com ident=Debian-exim)
	by greyhound.runbox.com with esmtp (Exim 4.34)
	id 1Gjtr9-00039U-Lo
	for linux-crypto@nl.linux.org; Tue, 14 Nov 2006 09:41:23 +0100
Received: from [24.181.239.244] (helo=[192.168.1.101])
	by pepper.runbox.com with esmtpsa  (uid:263104 )  (TLS-1.0:DHE_RSA_AES_256_CBC_SHA:32)
	(Exim 4.50)
	id 1Gjtr9-0000vn-Bw
	for linux-crypto@nl.linux.org; Tue, 14 Nov 2006 09:41:23 +0100
Message-ID: <4559812F.30404@runbox.com>
Date: Tue, 14 Nov 2006 03:41:19 -0500
From: PagCal <pagcal@runbox.com>
User-Agent: Thunderbird 1.5.0.7 (X11/20060911)
MIME-Version: 1.0
To:  linux-crypto@nl.linux.org
Subject: loop-AES on SUSE 10.1
X-Enigmail-Version: 0.94.1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Received-SPF: 
X-ecartis-version: Ecartis v1.0.0
Sender: linux-crypto-bounce@nl.linux.org
Errors-to: linux-crypto-bounce@nl.linux.org
X-original-sender: pagcal@runbox.com
Precedence: bulk
List-help: <mailto:ecartis@nl.linux.org?Subject=help>
List-unsubscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=unsubscribe>
List-software: Ecartis version 1.0.0
List-Id: <linux-crypto.nl.linux.org>
X-List-ID: <linux-crypto.nl.linux.org>
List-subscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=subscribe>
List-owner: <mailto:ecartis-owner@nl.linux.org>
List-post: <mailto:linux-crypto@nl.linux.org>
List-archive: <http://mail.nl.linux.org/linux-crypto/>
X-list: linux-crypto

The reason I'd create a loop_aes.c, is that suse 10.1 already has a
loop.c, so it's impractical to just replace that one with the one in the
loop-AES package.

It also seems they've changed the architecture a bit, and instead of
building thing into xfer_functs[MAX_LO_CRYPT] inside of loop.c, modules
such as loop_blowfish.c (not in the official linux sources), make a
callback to get this registration.

I don't want to provide compiled objects, only source files,
loop_aes.[ch], etc.

And, since the ioctl LOOP_MULTI_KEY_SETUP_V3 is not supported by the
standard losetup, it'd have to change as well, but any code added there
would be inside a conditional.



-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/



From linux-crypto-bounce@nl.linux.org Thu Nov 16 14:35:20 2006
Received: from localhost ([127.0.0.1] helo=humbolt)
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1GkhOb-0005Zj-D0; Thu, 16 Nov 2006 14:35:13 +0100
Received: with ECARTIS (v1.0.0; list linux-crypto); Thu, 16 Nov 2006 14:34:05 +0100 (CET)
Received: from imo-m25.mx.aol.com ([64.12.137.6])
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1GkhN7-0005VU-Rt
	for linux-crypto@nl.linux.org; Thu, 16 Nov 2006 14:33:41 +0100
Received: from Mrslinda250@aol.com
	by imo-m25.mx.aol.com (mail_out_v38_r7.6.) id o.c67.534d8b1 (58677)
	 for <linux-crypto@nl.linux.org>; Thu, 16 Nov 2006 08:32:54 -0500 (EST)
From: Mrslinda250@aol.com
Message-ID: <c67.534d8b1.328dc286@aol.com>
Date: Thu, 16 Nov 2006 08:32:54 EST
Subject: passport
To: linux-crypto@nl.linux.org
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="-----------------------------1163683974"
X-Mailer: 9.0 for Windows sub 5124
Received-SPF: 
X-Spam-Status: No, score=0.7 required=5.0 tests=BAYES_60,HTML_80_90,
	HTML_FONT_BIG,HTML_MESSAGE,MIME_QP_LONG_LINE,NO_REAL_NAME 
	autolearn=no version=3.0.1
X-Spam-Level: 
X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on 
	humbolt.nl.linux.org
X-ecartis-version: Ecartis v1.0.0
Sender: linux-crypto-bounce@nl.linux.org
Errors-to: linux-crypto-bounce@nl.linux.org
X-original-sender: Mrslinda250@aol.com
Precedence: bulk
List-help: <mailto:ecartis@nl.linux.org?Subject=help>
List-unsubscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=unsubscribe>
List-software: Ecartis version 1.0.0
List-Id: <linux-crypto.nl.linux.org>
X-List-ID: <linux-crypto.nl.linux.org>
List-subscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=subscribe>
List-owner: <mailto:ecartis-owner@nl.linux.org>
List-post: <mailto:linux-crypto@nl.linux.org>
List-archive: <http://mail.nl.linux.org/linux-crypto/>
X-list: linux-crypto


-------------------------------1163683974
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit

HELLO
 I WOULD LIKE TO FINE OUT WHAT MY MICROSOFT PASSPORT  E- MAIL NAME IS 
  THANK YOU?

-------------------------------1163683974
Content-Type: text/html; charset="US-ASCII"
Content-Transfer-Encoding: quoted-printable

<HTML><HEAD>
<META charset=3DUS-ASCII http-equiv=3DContent-Type content=3D"text/html; cha=
rset=3DUS-ASCII">
<META content=3D"MSHTML 6.00.2900.2963" name=3DGENERATOR></HEAD>
<BODY style=3D"FONT-SIZE: 14pt; FONT-FAMILY: Arial; BACKGROUND-COLOR: #fffff=
f">
<DIV><STRONG><EM><FONT size=3D4>HELLO</FONT></EM></STRONG></DIV>
<DIV><STRONG><EM><FONT size=3D4>&nbsp;I WOULD LIKE TO FINE OUT WHAT MY MICRO=
SOFT PASSPORT&nbsp; E- MAIL NAME IS </FONT></EM></STRONG></DIV>
<DIV><STRONG><EM><FONT size=3D4>&nbsp; THANK YOU?</FONT></EM></STRONG></DIV>=
</BODY></HTML>

-------------------------------1163683974--

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/



From linux-crypto-bounce@nl.linux.org Fri Nov 17 05:11:38 2006
Received: from localhost ([127.0.0.1] helo=humbolt)
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1Gkv4f-0004pt-1h; Fri, 17 Nov 2006 05:11:33 +0100
Received: with ECARTIS (v1.0.0; list linux-crypto); Fri, 17 Nov 2006 05:10:35 +0100 (CET)
Received: from strongmail-silver.bigfishgames.com ([72.5.52.141])
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1Gkv3X-0004ou-7e
	for linux-crypto@nl.linux.org; Fri, 17 Nov 2006 05:10:23 +0100
Received: from localhost ([127.0.0.1]) by strongmail-silver.bigfishgames.com (StrongMail Enterprise 3.1.6(2.00.232)); Thu, 16 Nov 2006 20:04:56 -0800
X-VirtualServerGroup: sm-mbfg-oldsilver
X-VirtualServer: sm-mbfg-oldsilver, strongmail-silver.bigfishgames.com, 10.50.22.199
Received: from prod-assoc-mail1.bigfishgames.com ([10.50.22.14]) by strongmail1.bigfishgames.com (StrongMail Enterprise 3.1.6(2.00.232)); Thu, 16 Nov 2006 20:04:44 -0800
X-Mailer: StrongMail Enterprise 3.1.6(2.00.232)
X-SMHeaderMap: mid="X-MailingID"
X-MailingID: 00000::00000::00000::00000::::66369
X-Destination-ID: <linux-crypto@nl.linux.org>
Received: by prod-assoc-mail1.bigfishgames.com (Postfix, from userid 1001)
	id 7C7C712F86B; Thu, 16 Nov 2006 20:04:09 -0800 (PST)
Received: from prod-assoc-web1.prod.bigfishgames.com (prod-assoc-web1.prod.bigfishgames.com [10.50.19.11])
	by prod-assoc-mail1.bigfishgames.com (Postfix) with ESMTP id 6EA5012F6D4;
	Thu, 16 Nov 2006 20:04:02 -0800 (PST)
Received: from localhost (localhost [127.0.0.1])
	by prod-assoc-web1.prod.bigfishgames.com (Postfix) with ESMTP id E5C5A93C;
	Thu, 16 Nov 2006 20:04:01 -0800 (PST)
Subject: two free games and fun.
From: stenejohn@yahoo.com
Reply-To: stenejohn@yahoo.com
Bounce-To: fsbounce@my-sm.bigfishgames.com
X-MBFG_Source: associate
Message-Id: <20061117040401.E5C5A93C@prod-assoc-web1.prod.bigfishgames.com>
Date: Thu, 16 Nov 2006 20:04:01 -0800 (PST)
To: linux-crypto@nl.linux.org
Received-SPF: 
X-Spam-Status: No, score=4.5 required=5.0 tests=ALL_TRUSTED,BAYES_99,
	FORGED_YAHOO_RCVD,NO_REAL_NAME autolearn=no version=3.0.1
X-Spam-Level: ****
X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on 
	humbolt.nl.linux.org
X-ecartis-version: Ecartis v1.0.0
Sender: linux-crypto-bounce@nl.linux.org
Errors-to: linux-crypto-bounce@nl.linux.org
X-original-sender: stenejohn@yahoo.com
Precedence: bulk
List-help: <mailto:ecartis@nl.linux.org?Subject=help>
List-unsubscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=unsubscribe>
List-software: Ecartis version 1.0.0
List-Id: <linux-crypto.nl.linux.org>
X-List-ID: <linux-crypto.nl.linux.org>
List-subscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=subscribe>
List-owner: <mailto:ecartis-owner@nl.linux.org>
List-post: <mailto:linux-crypto@nl.linux.org>
List-archive: <http://mail.nl.linux.org/linux-crypto/>
X-list: linux-crypto

Hi there!

I just updated My Game Space at My Big Fish Games with some new favorites. Come see what I've been playing and then get your own Game Space so I can see your favorites, too!2 for FREE!!

 -- John


My Game Space: http://my.bigfishgames.com/TheGiant

----------
This e-mail was sent to you by John Stene.
If you received this email in error or do not wish to receive communications from your friends via our Web site, please unsubscribe at: https://my.bigfishgames.com/unsubscribe.php?s=bGludXgtY3J5cHRvQG5sLmxpbnV4Lm9yZw==.

If you find the content of this e-mail to be inappropriate or offensive, please forward it to: support@my.bigfishgames.com.

My Big Fish Games - Share Your Favorites, Choose Your Rewards!

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/



From linux-crypto-bounce@nl.linux.org Fri Nov 17 11:50:20 2006
Received: from localhost ([127.0.0.1] helo=humbolt)
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1Gl1IV-00013a-Cg; Fri, 17 Nov 2006 11:50:15 +0100
Received: with ECARTIS (v1.0.0; list linux-crypto); Fri, 17 Nov 2006 11:49:24 +0100 (CET)
Received: from aibo.runbox.com ([193.71.199.94])
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1Gl1HF-00011I-Vf
	for linux-crypto@nl.linux.org; Fri, 17 Nov 2006 11:48:58 +0100
Received: from [10.9.9.162] (helo=pepper.runbox.com ident=Debian-exim)
	by greyhound.runbox.com with esmtp (Exim 4.34)
	id 1Gl1Gn-0005ye-AF
	for linux-crypto@nl.linux.org; Fri, 17 Nov 2006 11:48:29 +0100
Received: from [24.181.239.244] (helo=[192.168.1.101])
	by pepper.runbox.com with esmtpsa  (uid:263104 )  (TLS-1.0:DHE_RSA_AES_256_CBC_SHA:32)
	(Exim 4.50)
	id 1Gl1Gm-00081F-Mp
	for linux-crypto@nl.linux.org; Fri, 17 Nov 2006 11:48:29 +0100
Message-ID: <455D9379.8000905@runbox.com>
Date: Fri, 17 Nov 2006 05:48:25 -0500
From: PagCal <pagcal@runbox.com>
User-Agent: Thunderbird 1.5.0.7 (X11/20060911)
MIME-Version: 1.0
To:  linux-crypto@nl.linux.org
Subject: LOOP_MULTI_KEY_SETUP_V3 Errors Fixed
X-Enigmail-Version: 0.94.1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Received-SPF: 
X-ecartis-version: Ecartis v1.0.0
Sender: linux-crypto-bounce@nl.linux.org
Errors-to: linux-crypto-bounce@nl.linux.org
X-original-sender: pagcal@runbox.com
Precedence: bulk
List-help: <mailto:ecartis@nl.linux.org?Subject=help>
List-unsubscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=unsubscribe>
List-software: Ecartis version 1.0.0
List-Id: <linux-crypto.nl.linux.org>
X-List-ID: <linux-crypto.nl.linux.org>
List-subscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=subscribe>
List-owner: <mailto:ecartis-owner@nl.linux.org>
List-post: <mailto:linux-crypto@nl.linux.org>
List-archive: <http://mail.nl.linux.org/linux-crypto/>
X-list: linux-crypto

from http://loop-aes.ajept.com/Readme.txt

Hello,
	This mini-project adds LOOP_MULTI_KEY_SETUP_V3 functionality
to SUSE 10.1.

	It's basically a glom between loop_fish2.c and loop-AES.

	The reason it was done is that loop-AES requires you to replace loop.c, and this was unacceptable.

	If you successfully patch this in, you will end up with a loadable module - loop_aes.ko, that will add the missing (and desired) functionality.

How to obtain the kit
---------------------

	This source kit is available from:

	http://loop-AES.ajept.com/loop-AES.tar.gz

What else you will need:
------------------------

        Get a copy of loop-AES-v3.1e.tar.bz2 from Sourceforge, at http://www.sourceforge.net/project=loop-AES

	Get a copy of util-linux-2.12r.tar.bz2, at http://www.kernel.org/pub/linux/utils/util-linux/

Steps to install
----------------

	Any file with a '.patched' at the end should replace a kernel source file of that name. You can either just copy over, or for the tin hat crowd, merge in from these files.

1. Install SUSE 10.1 on your box, and be sure to include the linux kernel source kit. You should end up with the following directories in /usr/src:

   linux
   linux-2.6.16.21-0.25
   linux-2.6.16.21-0.25-obj
   linux-obj
   packages

2. To be sure all is ok at this point, build the kernel as follows:

   cd /usr/src/linux
   make oldconfig
   make

   Don't leave out the 'make oldconfig' step, or misery will follow you for the rest of your life if you do.

   When all is said and done, it should complete without errors.

3. For convenience, create the 'loop-AES' directory in /usr/src/linux/drivers/block/loop-AES, and copy this kit in there.

   - or do -

   cd /usr/src/linux/drivers/block
   tar -xvf loop-AES.tar.gz

4. Then, replace the following kernel files:

   Kconfig.patched => /usr/src/linux/drivers/block/Kconfig
   loop.h => /usr/src/linux/include/linux/loop.h, /usr/include/linux/loop.h
   Makefile.patched => /usr/src/linux/drivers/block/Makefile

5. Copy the following files into /usr/src/linux/drivers/block

   aes.c
   aes.h
   loop_aes.c
   md5.c
   md5.h

6. Once patched, you've got to tell the linux configuration system to build your new loadable driver, loopaes.ko. So so by:

   cd /usr/src/linux
   make menuconfig

   and, under block devices, select loop_aes as a type 'M', a loadable device.

   Exit menuconfig and be sure to save your configuration.

7. Rebuild the kernel

   cd /usr/src/linux
   make

   I don't recommend a 'make install' as you don't have to. Just remember the location of loopaes.ko.

   Contratulations! You've done it. You end up with loopaes.ko, a loadable driver that supports LOOP_MULTI_KEY_SETUP_V3.

8. utils need upgrade

   Before you can get it to work, you've got to build a copy of losetup that knows about loop-AES. Do so by
   applying patch loop-AES-v3.1e/util-linux-2.12r.diff to util-linux-2.12r/

   - or do -

   cd util-linux-2.12r
   patch -p1 < loop-AES-v3.1e/util-linux-2.12r.diff
   make

   I don't recommend installing this package, as I have no idea what the patch does. None the less, you
   do end up with one executable, util-linux-2.12r/mount/losetup. I'd rather just rename this to
   losetupaes and remember its location.

Using your new driver
---------------------

   Just load loopaes.ko before use. You can do so as follows:

   cd /usr/src/linux/drivers/block
   insmod ./loopaes.ko

   Voilla! LOOP_MULTI_KEY_SETUP_V3 should now work with losetupaes.

   For further information in doing so, please refer to the excellent doc at loop-AES-v3.1e/README

Discussion
----------

   I don't claim to have QA'd this package. I did load the module and used LOOP_MULTI_KEY_SETUP_V3 to
   initialize, mount, and dismount a loop disk - which is, in reality, only one five minute test.

   Things I haven't done:

     A. Try to mount a previously encrypted disk from some other software base.
     B. Run it for more than 5 minutes.
     C. Verify that loop-AES-v3.1e/loop.h changes any of the structures.
     D. Do any sort of code review of any of the code.
     E. Verify that the encryption scheme actually provide any sort of security

   Furthermore, the api changed for transfer_aes, to:

      int transfer_aes(struct loop_device *lo, int cmd,
        struct page *raw_page, unsigned raw_off,
        struct page *loop_page, unsigned loop_off,
        int size, sector_t devSect)
      {
      char *raw_buf = kmap_atomic(raw_page, KM_USER0) + raw_off;
      char *loop_buf = kmap_atomic(loop_page, KM_USER1) + loop_off;
      ...
      }

   What's kmap_atomic? Why did the api change? Who changed it? Where is the architect? How
   can I contact the architect? Is this correct? Why is the sky blue? What is the
   meaning of life?

   So, I make no claims about usability what-so-ever.

Contacting the author
---------------------
Feel free to email me for any reason at:

  mailto:// pagcal @ runbox.com

and be sure to include 'loop-AES' in the subject or my email system will junk the message.



-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/



From linux-crypto-bounce@nl.linux.org Fri Nov 17 13:37:22 2006
Received: from localhost ([127.0.0.1] helo=humbolt)
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1Gl2y4-0006h6-Ou; Fri, 17 Nov 2006 13:37:16 +0100
Received: with ECARTIS (v1.0.0; list linux-crypto); Fri, 17 Nov 2006 13:36:33 +0100 (CET)
Received: from mail.tnnet.fi ([217.112.240.26])
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1Gl2xC-0006gM-4n
	for linux-crypto@nl.linux.org; Fri, 17 Nov 2006 13:36:22 +0100
Received: from localhost (localhost [127.0.0.1])
	by mail.tnnet.fi (Postfix) with ESMTP id B7F4A17B44E;
	Fri, 17 Nov 2006 14:36:10 +0200 (EET)
X-Virus-Scanned: amavisd-new at tnnet.fi
Received: from mail.tnnet.fi ([127.0.0.1])
	by localhost (mail.tnnet.fi [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id eflLxbi6cXH7; Fri, 17 Nov 2006 14:36:05 +0200 (EET)
Received: from a64.adsl.tnnet.fi (a64.adsl.tnnet.fi [217.112.242.64])
	by mail.tnnet.fi (Postfix) with ESMTP id 2D5E917B43C;
	Fri, 17 Nov 2006 14:36:05 +0200 (EET)
Message-ID: <455DACB4.22C87010@users.sourceforge.net>
Date: Fri, 17 Nov 2006 14:36:04 +0200
From: Jari Ruusu <jariruusu@users.sourceforge.net>
To: PagCal <pagcal@runbox.com>
Cc: linux-crypto@nl.linux.org
Subject: Re: LOOP_MULTI_KEY_SETUP_V3 Errors Fixed
References: <455D9379.8000905@runbox.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Received-SPF: 
X-Spam-Level: 
X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on 
	humbolt.nl.linux.org
X-Spam-Status: No, score=-2.5 required=5.0 tests=AWL,BAYES_00 autolearn=no 
	version=3.0.1
X-ecartis-version: Ecartis v1.0.0
Sender: linux-crypto-bounce@nl.linux.org
Errors-to: linux-crypto-bounce@nl.linux.org
X-original-sender: jariruusu@users.sourceforge.net
Precedence: bulk
List-help: <mailto:ecartis@nl.linux.org?Subject=help>
List-unsubscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=unsubscribe>
List-software: Ecartis version 1.0.0
List-Id: <linux-crypto.nl.linux.org>
X-List-ID: <linux-crypto.nl.linux.org>
List-subscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=subscribe>
List-owner: <mailto:ecartis-owner@nl.linux.org>
List-post: <mailto:linux-crypto@nl.linux.org>
List-archive: <http://mail.nl.linux.org/linux-crypto/>
X-list: linux-crypto

PagCal wrote:
> from http://loop-aes.ajept.com/Readme.txt
[snip]
> How to obtain the kit
> ---------------------
> 
>         This source kit is available from:
> 
>         http://loop-AES.ajept.com/loop-AES.tar.gz

Please call your project something else than loop-AES.
That name is already taken.

>    Furthermore, the api changed for transfer_aes, to:
> 
>       int transfer_aes(struct loop_device *lo, int cmd,
>         struct page *raw_page, unsigned raw_off,
>         struct page *loop_page, unsigned loop_off,
>         int size, sector_t devSect)
>       {
>       char *raw_buf = kmap_atomic(raw_page, KM_USER0) + raw_off;
>       char *loop_buf = kmap_atomic(loop_page, KM_USER1) + loop_off;
>       ...
>       }
> 
>    What's kmap_atomic? Why did the api change?

Mainline linux folks wanted to kmap/kunmap multiple times per page instead
of once per page as is done in loop-AES version of loop. That is why I
prefer to call mainline loop as 'sabotaged'.

-- 
Jari Ruusu  1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9  DB 1D EB E3 24 0E A9 DD

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/



From linux-crypto-bounce@nl.linux.org Fri Nov 17 21:00:30 2006
Received: from localhost ([127.0.0.1] helo=humbolt)
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1Gl9sr-0001KQ-BD; Fri, 17 Nov 2006 21:00:21 +0100
Received: with ECARTIS (v1.0.0; list linux-crypto); Fri, 17 Nov 2006 20:59:18 +0100 (CET)
Received: from ms4-1.1blu.de ([213.83.63.61] ident=Debian-exim)
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1Gl9rh-0001Jp-4Z
	for linux-crypto@nl.linux.org; Fri, 17 Nov 2006 20:59:09 +0100
Received: from [82.83.219.53] (helo=[192.168.0.110])
	by ms4-1.1blu.de with esmtpa (Exim 4.50)
	id 1Gl52c-0008BK-1B
	for linux-crypto@nl.linux.org; Fri, 17 Nov 2006 15:50:06 +0100
Message-ID: <455DCC2A.10805@lars-reimann.de>
Date: Fri, 17 Nov 2006 15:50:18 +0100
From: Lars Reimann <mail@lars-reimann.de>
User-Agent: Thunderbird 1.5.0.8 (Windows/20061025)
MIME-Version: 1.0
To:  linux-crypto@nl.linux.org
Subject: Huge Problem with cryptoloop and AES: Lost Password
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Con-Id: 2340
Received-SPF: 
X-ecartis-version: Ecartis v1.0.0
Sender: linux-crypto-bounce@nl.linux.org
Errors-to: linux-crypto-bounce@nl.linux.org
X-original-sender: mail@lars-reimann.de
Precedence: bulk
List-help: <mailto:ecartis@nl.linux.org?Subject=help>
List-unsubscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=unsubscribe>
List-software: Ecartis version 1.0.0
List-Id: <linux-crypto.nl.linux.org>
X-List-ID: <linux-crypto.nl.linux.org>
List-subscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=subscribe>
List-owner: <mailto:ecartis-owner@nl.linux.org>
List-post: <mailto:linux-crypto@nl.linux.org>
List-archive: <http://mail.nl.linux.org/linux-crypto/>
X-list: linux-crypto

Hi all,

ive a huge problem: i have mission critical data on a 400 GB raid 1. (2x400). I encrypted a single partition spanning all disk space with the following setup:

losetup -e AES256 -C 500 /dev/loop0 /dev/md2

the filesystem of md2 was ext3 or ext2. ext2 most likely.

I stored my 20 character passwords on my palm device only (i know by now that this was stupid!). However, that one chrashed and apparently all data was lost, including passwords. 
However, i may remember certain details of the password, for example which characters I used not, and how the password ends.

my first question if there is ANY way to recover the data. I heard about cryptoloop being weak, and if i could remember some more details about the password, it could be narrowed down to some characters. For example it begins with letter then a number...

Also, i would like to automate to try different passwords. Is there a program available which does such (brute force) things with the cryptoloop? however I may have to write it on my own if nothing is available. I heard it may be possible to extract some sectors of ext2/3 partitions which are always "zero". Then the decryption can be verified by using such sectors. Has anyone an idea which SECTORS this are on ext2/3 partitions and how to extract them?

My goal is to test the decryption on a faster system, maybe on a cluster system. But ANY IDEAS ARE WELCOME. I know the result set is big, but the data is really important...and i am prepared trying to recover it for a long time.


greeting,
L.R.


-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/



From linux-crypto-bounce@nl.linux.org Fri Nov 17 21:49:55 2006
Received: from localhost ([127.0.0.1] helo=humbolt)
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1GlAeh-00080h-2R; Fri, 17 Nov 2006 21:49:47 +0100
Received: with ECARTIS (v1.0.0; list linux-crypto); Fri, 17 Nov 2006 21:49:12 +0100 (CET)
Received: from cobalt0.barnhard.net ([216.181.81.129])
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1GlAe0-000807-K6
	for linux-crypto@nl.linux.org; Fri, 17 Nov 2006 21:49:04 +0100
Received: from localhost.localdomain (dhcp50.barnhard.net [216.181.81.50])
	(authenticated bits=0)
	by cobalt0.barnhard.net (8.13.6/8.13.6) with ESMTP id kAI0Td66016974;
	Fri, 17 Nov 2006 19:29:39 -0500
Received: from amon by localhost.localdomain with local (Exim 4.50)
	id 1GlAPV-0003lb-Mi; Fri, 17 Nov 2006 15:34:05 -0500
Date: Fri, 17 Nov 2006 15:34:05 -0500
From: Dale Amon <amon@vnl.com>
To: Lars Reimann <mail@lars-reimann.de>
Cc: linux-crypto@nl.linux.org
Subject: Re: Huge Problem with cryptoloop and AES: Lost Password
Message-ID: <20061117203405.GH31978@vnl.com>
Mail-Followup-To: Dale Amon <amon@vnl.com>,
	Lars Reimann <mail@lars-reimann.de>, linux-crypto@nl.linux.org
References: <455DCC2A.10805@lars-reimann.de>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <455DCC2A.10805@lars-reimann.de>
X-Operating-System: Linux, the choice of a GNU generation
User-Agent: Mutt/1.5.9i
Received-SPF: 
X-ecartis-version: Ecartis v1.0.0
Sender: linux-crypto-bounce@nl.linux.org
Errors-to: linux-crypto-bounce@nl.linux.org
X-original-sender: amon@vnl.com
Precedence: bulk
List-help: <mailto:ecartis@nl.linux.org?Subject=help>
List-unsubscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=unsubscribe>
List-software: Ecartis version 1.0.0
List-Id: <linux-crypto.nl.linux.org>
X-List-ID: <linux-crypto.nl.linux.org>
List-subscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=subscribe>
List-owner: <mailto:ecartis-owner@nl.linux.org>
List-post: <mailto:linux-crypto@nl.linux.org>
List-archive: <http://mail.nl.linux.org/linux-crypto/>
X-list: linux-crypto

It may be cheaper to send the disk from your palm
out to a facility that does data recovery. 

-- 
------------------------------------------------------
          Wyoming Space and Information Systems
   Dale Amon       amon@vnl.com      +44-7802-188325
            We serve the New Space industry
------------------------------------------------------

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/



From linux-crypto-bounce@nl.linux.org Fri Nov 17 23:07:50 2006
Received: from localhost ([127.0.0.1] helo=humbolt)
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1GlBs6-0007TP-AT; Fri, 17 Nov 2006 23:07:42 +0100
Received: with ECARTIS (v1.0.0; list linux-crypto); Fri, 17 Nov 2006 23:06:53 +0100 (CET)
Received: from mta-1.ms.rz.rwth-aachen.de ([134.130.7.72])
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1GlBqc-0006G8-Di
	for linux-crypto@nl.linux.org; Fri, 17 Nov 2006 23:06:10 +0100
Received: from circe ([134.130.3.36]) by mta-1.ms.rz.RWTH-Aachen.de
 (Sun Java System Messaging Server 6.2-7.05 (built Sep  5 2006))
 with ESMTP id <0J8W00M1D7Y2K750@mta-1.ms.rz.RWTH-Aachen.de> for
 linux-crypto@nl.linux.org; Fri, 17 Nov 2006 22:06:02 +0100 (CET)
Received: from talos.rz.RWTH-Aachen.DE ([134.130.3.22])
	by circe (MailMonitor for SMTP v1.2.2 ) ; Fri, 17 Nov 2006 22:06:02 +0100 (MET)
Received: from enterprise.ram.rwth-aachen.de
 (enterprise.ram.RWTH-Aachen.DE [137.226.68.2])	by smarthost.rwth-aachen.de
 (8.13.8/8.13.1/1) with ESMTP id kAHL611k028591	for
 <linux-crypto@nl.linux.org>; Fri, 17 Nov 2006 22:06:01 +0100
Received: from localhost (localhost [127.0.0.1])
	by enterprise.ram.rwth-aachen.de (Postfix) with ESMTP id 219F35B8EF	for
 <linux-crypto@nl.linux.org>; Fri, 17 Nov 2006 22:06:02 +0100 (CET)
Received: from enterprise.ram.rwth-aachen.de ([127.0.0.1])
	by localhost (enterprise [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id 19392-06 for <linux-crypto@nl.linux.org>; Fri,
 17 Nov 2006 22:06:00 +0100 (CET)
Received: from tatooine.rebelbase.local
 (wintergate.ram.rwth-aachen.de [137.226.69.158])
	by enterprise.ram.rwth-aachen.de (Postfix) with ESMTP id ABD8A5B8D6	for
 <linux-crypto@nl.linux.org>; Fri, 17 Nov 2006 22:06:00 +0100 (CET)
Received: by tatooine.rebelbase.local (Postfix, from userid 500)
	id 8B1531A6220; Fri, 17 Nov 2006 22:06:07 +0100 (CET)
Date: Fri, 17 Nov 2006 22:06:07 +0100
From: markus reichelt <ml@mareichelt.de>
Subject: Re: Huge Problem with cryptoloop and AES: Lost Password
In-reply-to: <455DCC2A.10805@lars-reimann.de>
To: linux-crypto@nl.linux.org
Mail-followup-to: linux-crypto@nl.linux.org
Message-id: <20061117210607.GB12210@tatooine.rebelbase.local>
Organization: still stuck in reorganization mode
MIME-version: 1.0
Content-type: multipart/signed; micalg=pgp-sha1;
 protocol="application/pgp-signature"; boundary="TB36FDmn/VVEgNH/"
Content-disposition: inline
X-PGP-Key: 0xC2A3FEE4
X-PGP-Fingerprint: FFB8 E22F D2BC 0488 3D56  F672 2CCC 933B C2A3 FEE4
X-Request-PGP: http://mareichelt.de/keys/c2a3fee4.asc
X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at
 enterprise.ram.rwth-aachen.de
References: <455DCC2A.10805@lars-reimann.de>
User-Agent: Mutt/1.5.11
Received-SPF: 
X-ecartis-version: Ecartis v1.0.0
Sender: linux-crypto-bounce@nl.linux.org
Errors-to: linux-crypto-bounce@nl.linux.org
X-original-sender: ml@mareichelt.de
Precedence: bulk
List-help: <mailto:ecartis@nl.linux.org?Subject=help>
List-unsubscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=unsubscribe>
List-software: Ecartis version 1.0.0
List-Id: <linux-crypto.nl.linux.org>
X-List-ID: <linux-crypto.nl.linux.org>
List-subscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=subscribe>
List-owner: <mailto:ecartis-owner@nl.linux.org>
List-post: <mailto:linux-crypto@nl.linux.org>
List-archive: <http://mail.nl.linux.org/linux-crypto/>
X-list: linux-crypto


--TB36FDmn/VVEgNH/
Content-Type: text/plain; charset=iso-8859-15
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

* Lars Reimann <mail@lars-reimann.de> wrote:

> my first question if there is ANY way to recover the data. I heard
> about cryptoloop being weak, and if i could remember some more
> details about the password, it could be narrowed down to some
> characters. For example it begins with letter then a number...

Without the password, chances are slim of recovering your data.

did you use a sole password or a pw protected gpg keyfile?


> Also, i would like to automate to try different passwords. Is there
> a program available which does such (brute force) things with the
> cryptoloop?  however I may have to write it on my own if nothing is
> available. I heard it may be possible to extract some sectors of
> ext2/3 partitions which are always "zero". Then the decryption can
> be verified by using such sectors.  Has anyone an idea which
> SECTORS this are on ext2/3 partitions and how to extract them?

known plaintext attack. possible, but you'd be better off cracking
the password bruteforce, given that you partially remember it.

modern fs are structured in a certain way so one knows which sectors
to seek out. if one knows the start of the fs / partition...

basically, it's about what Jari wrote here
http://marc.theaimsgroup.com/?l=3Dlinux-kernel&m=3D107419912024246&w=3D2


> My goal is to test the decryption on a faster system, maybe on a
> cluster system. But ANY IDEAS ARE WELCOME. I know the result set is
> big, but the data is really important...and i am prepared trying to
> recover it for a long time.

well, if you used a gpg encrypted keyfile (doesn't matter which
v-format version it was, really) ... have a look at nasty. it's a
bruteforce tool, http://www.vanheusden.com/nasty/



--=20
left blank, right bald

--TB36FDmn/VVEgNH/
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFXiQ/LMyTO8Kj/uQRArk5AJ9DcW66wTS9fgCUp6K6oZn0WJ6L0QCeLsUt
f9doxht1YX7NluPqY5cBztY=
=lQGS
-----END PGP SIGNATURE-----

--TB36FDmn/VVEgNH/--


-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/



From linux-crypto-bounce@nl.linux.org Sat Nov 18 11:50:15 2006
Received: from localhost ([127.0.0.1] helo=humbolt)
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1GlNlv-0004p7-PH; Sat, 18 Nov 2006 11:50:07 +0100
Received: with ECARTIS (v1.0.0; list linux-crypto); Sat, 18 Nov 2006 11:49:16 +0100 (CET)
Received: from ns2.g-housing.de ([81.169.133.75] helo=mail.g-house.de)
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1GlNkv-0004oO-JE
	for linux-crypto@nl.linux.org; Sat, 18 Nov 2006 11:49:05 +0100
Received: from [82.41.152.154] (helo=82-41-152-154.cable.ubr01.linl.blueyonder.co.uk)
	by mail.g-house.de with esmtpsa (TLS-1.0:DHE_RSA_AES_256_CBC_SHA:32)
	(Exim 4.50)
	id 1GlNWF-0001ZK-2Q; Sat, 18 Nov 2006 11:33:55 +0100
Date: Sat, 18 Nov 2006 10:33:50 +0000 (GMT)
From: Christian Kujau <lists@nerdbynature.de>
X-X-Sender: evil@sheep.housecafe.de
To: Lars Reimann <mail@lars-reimann.de>
cc: linux-crypto@nl.linux.org
Subject: Re: Huge Problem with cryptoloop and AES: Lost Password
In-Reply-To: <455DCC2A.10805@lars-reimann.de>
Message-ID: <Pine.LNX.4.64.0611181015480.29314@sheep.housecafe.de>
References: <455DCC2A.10805@lars-reimann.de>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Received-SPF: 
X-ecartis-version: Ecartis v1.0.0
Sender: linux-crypto-bounce@nl.linux.org
Errors-to: linux-crypto-bounce@nl.linux.org
X-original-sender: lists@nerdbynature.de
Precedence: bulk
List-help: <mailto:ecartis@nl.linux.org?Subject=help>
List-unsubscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=unsubscribe>
List-software: Ecartis version 1.0.0
List-Id: <linux-crypto.nl.linux.org>
X-List-ID: <linux-crypto.nl.linux.org>
List-subscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=subscribe>
List-owner: <mailto:ecartis-owner@nl.linux.org>
List-post: <mailto:linux-crypto@nl.linux.org>
List-archive: <http://mail.nl.linux.org/linux-crypto/>
X-list: linux-crypto

On Fri, 17 Nov 2006, Lars Reimann wrote:
> ive a huge problem: i have mission critical data on a 400 GB raid 1. (2x400).

something you don't wanna hear right now, but still: "mission critical 
data" always has a backup (and no, RAID is not a backup).

> lost, including passwords. However, i may remember certain details of the 
> password, for example which characters I used not, and how the password ends.

How many characters do you know *for sure*? Even if there're still 10 
unknown characters left and you're sure that you only uses alphanumeric 
characters, perhaps a few special characters, the already suggested 
brute-force attack might be worth (and interesting!) to try.

> may have to write it on my own if nothing is available. I heard it may be 
> possible to extract some sectors of ext2/3 partitions which are always

filesystems often (always?) have "magic numbers" on the beginning:

$ file -s /dev/sda2
/dev/sda2: Linux rev 1.0 ext2 filesystem data

If you're sure it's an ext2 filesystem, then just look/compare other 
ext2 filesystems. This magic number is documented in 
include/linux/magic.h (here: 0xef53)

# head -1 /dev/sda2 | od -x | grep ef53
0002060 443e 455e 0003 0021 ef53 0001 0002 0000

good luck,
Christian.
-- 
BOFH excuse #59:

failed trials, system needs redesigned

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/



From linux-crypto-bounce@nl.linux.org Sat Nov 18 13:53:18 2006
Received: from localhost ([127.0.0.1] helo=humbolt)
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1GlPh4-0003jl-DK; Sat, 18 Nov 2006 13:53:14 +0100
Received: with ECARTIS (v1.0.0; list linux-crypto); Sat, 18 Nov 2006 13:52:25 +0100 (CET)
Received: from mail.tnnet.fi ([217.112.240.26])
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1GlPg2-0003hU-Ca
	for linux-crypto@nl.linux.org; Sat, 18 Nov 2006 13:52:10 +0100
Received: from localhost (localhost [127.0.0.1])
	by mail.tnnet.fi (Postfix) with ESMTP id EFAF517B436;
	Sat, 18 Nov 2006 14:52:07 +0200 (EET)
X-Virus-Scanned: amavisd-new at tnnet.fi
Received: from mail.tnnet.fi ([127.0.0.1])
	by localhost (mail.tnnet.fi [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id HSUp0g8QWwAs; Sat, 18 Nov 2006 14:52:02 +0200 (EET)
Received: from a64.adsl.tnnet.fi (a64.adsl.tnnet.fi [217.112.242.64])
	by mail.tnnet.fi (Postfix) with ESMTP id 2123A17B423;
	Sat, 18 Nov 2006 14:52:02 +0200 (EET)
Message-ID: <455F01F1.24BC3FB7@users.sourceforge.net>
Date: Sat, 18 Nov 2006 14:52:01 +0200
From: Jari Ruusu <jariruusu@users.sourceforge.net>
To: Lars Reimann <mail@lars-reimann.de>
Cc: linux-crypto@nl.linux.org
Subject: Re: Huge Problem with cryptoloop and AES: Lost Password
References: <455DCC2A.10805@lars-reimann.de>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Received-SPF: 
X-Spam-Level: 
X-Spam-Status: No, score=-1.2 required=5.0 tests=AWL,BAYES_50 autolearn=no 
	version=3.0.1
X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on 
	humbolt.nl.linux.org
X-ecartis-version: Ecartis v1.0.0
Sender: linux-crypto-bounce@nl.linux.org
Errors-to: linux-crypto-bounce@nl.linux.org
X-original-sender: jariruusu@users.sourceforge.net
Precedence: bulk
List-help: <mailto:ecartis@nl.linux.org?Subject=help>
List-unsubscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=unsubscribe>
List-software: Ecartis version 1.0.0
List-Id: <linux-crypto.nl.linux.org>
X-List-ID: <linux-crypto.nl.linux.org>
List-subscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=subscribe>
List-owner: <mailto:ecartis-owner@nl.linux.org>
List-post: <mailto:linux-crypto@nl.linux.org>
List-archive: <http://mail.nl.linux.org/linux-crypto/>
X-list: linux-crypto

Lars Reimann wrote:
> I stored my 20 character passwords on my palm device only (i know by now
> that this was stupid!). However, that one chrashed and apparently all data
> was lost, including passwords. However, i may remember certain details of
> the password, for example which characters I used not, and how the
> password ends.

This won't help you now, but one way to handle lost/forgotten passphrases is
to use gpg encrypted key files where all key files are encrypted using both
employer's "recovery" public key and user's public key. Employer's
"recovery" public key can be distributed to everyone, and copies of private
keys physically locked in a safe. That way employer can recover user's data
even if user drops dead.

> Also, i would like to automate to try different passwords. Is there a
> program available which does such (brute force) things with the
> cryptoloop? however I may have to write it on my own if nothing is
> available. I heard it may be possible to extract some sectors of ext2/3
> partitions which are always "zero". Then the decryption can be verified by
> using such sectors. Has anyone an idea which SECTORS this are on ext2/3
> partitions and how to extract them?

First 16 bytes of fourth 512 byte sector are always zero on unencrypted ext2
and ext3 file systems.

This command shows you your ciphertext (in hex):

    dd if=/dev/md2 bs=16 skip=96 count=1 2>/dev/null | od -An -tx1 -

And when you find a key that decrypts to (in hex):

    03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

Then you have found your key. That 03 number is the XOR of zero file system
data and sector number IV of fourth 512 byte sector.

If you used loop-AES version of losetup, as your losetup syntax seems to
imply, then you need to:

1) Compute hash #1 of your passphrase using SHA512, store first 256 bits as
   'bulk_key'. Zero/CR/LF byte at the end of string NOT included in hash.

2) Compute hash #2 of your passphrase using SHA512, but bit 0 of first
   passphrase byte inverted.

3) Encrypt first 128 bits of bulk_key, using first 256 bits of hash #2 as
   AES256 key.

4) Encrypt second 128 bits of bulk_key, using first 256 bits of hash #2 as
   AES256 key.

5) Exchange bytes bulk_key[8...15] with bulk_key[16...23]

6) Repeat steps 3...5 for total of 500000 times.

7) Decrypt your file system ciphertext using AES256 and bulk_key

8) Compare to known plaintext (03 00 .... 00 00). If it matches, then you
   found your passphrase.

-- 
Jari Ruusu  1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9  DB 1D EB E3 24 0E A9 DD

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/



From linux-crypto-bounce@nl.linux.org Sat Nov 18 15:37:30 2006
Received: from localhost ([127.0.0.1] helo=humbolt)
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1GlRJv-0001NP-EL; Sat, 18 Nov 2006 15:37:27 +0100
Received: with ECARTIS (v1.0.0; list linux-crypto); Sat, 18 Nov 2006 15:36:40 +0100 (CET)
Received: from mx01.hinterhof.net ([83.137.99.114])
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1GlRIV-0001JK-Dj
	for linux-crypto@nl.linux.org; Sat, 18 Nov 2006 15:35:59 +0100
Received: from localhost (localhost [127.0.0.1])
	by mx01.hinterhof.net (Postfix) with ESMTP id A6565100C9;
	Sat, 18 Nov 2006 15:36:31 +0100 (CET)
Received: from dp.vpn.nusquama.org (p54A7C727.dip.t-dialin.net [84.167.199.39])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(Client CN "dp.vpn.nusquama.org", Issuer "Max Vozeler" (verified OK))
	by mx01.hinterhof.net (Postfix) with ESMTP id DD0A1FF62;
	Sat, 18 Nov 2006 15:36:30 +0100 (CET)
Received: by dp.vpn.nusquama.org (Postfix, from userid 1000)
	id E27EA2E09A0; Sat, 18 Nov 2006 15:35:47 +0100 (CET)
Date: Sat, 18 Nov 2006 15:35:47 +0100
From: Max Vozeler <max@nusquama.org>
To: Jari Ruusu <jariruusu@users.sourceforge.net>
Cc: linux-crypto@nl.linux.org,
	pkg-loop-aes-maint@lists.alioth.debian.org
Subject: Re: Script for loop-AES key generation
Message-ID: <20061118143547.GA5482@dp.vpn.nusquama.org>
Mail-Followup-To: Jari Ruusu <jariruusu@users.sourceforge.net>,
	linux-crypto@nl.linux.org, pkg-loop-aes-maint@lists.alioth.debian.org
References: <20061112161605.GB5776@dp.vpn.nusquama.org> <45597733.9B1A899@users.sourceforge.net>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="bp/iNruPH9dso1Pn"
Content-Disposition: inline
In-Reply-To: <45597733.9B1A899@users.sourceforge.net>
Received-SPF: 
X-Spam-Level: 
X-Spam-Status: No, score=-0.6 required=5.0 tests=AWL,BAYES_50 autolearn=no 
	version=3.0.1
X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on 
	humbolt.nl.linux.org
X-ecartis-version: Ecartis v1.0.0
Sender: linux-crypto-bounce@nl.linux.org
Errors-to: linux-crypto-bounce@nl.linux.org
X-original-sender: max@nusquama.org
Precedence: bulk
List-help: <mailto:ecartis@nl.linux.org?Subject=help>
List-unsubscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=unsubscribe>
List-software: Ecartis version 1.0.0
List-Id: <linux-crypto.nl.linux.org>
X-List-ID: <linux-crypto.nl.linux.org>
List-subscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=subscribe>
List-owner: <mailto:ecartis-owner@nl.linux.org>
List-post: <mailto:linux-crypto@nl.linux.org>
List-archive: <http://mail.nl.linux.org/linux-crypto/>
X-list: linux-crypto


--bp/iNruPH9dso1Pn
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

Hi Jari,

On Tue, Nov 14, 2006 at 09:58:43AM +0200, Jari Ruusu wrote:
> There have been few cases where v3 key file and v2 losetup/mount were
> used to set up a file system, and after upgrade to v3 losetup/mount,
> mounting the file system failed. There is a warning about this problem
> in loop-AES README file, but not everyone reads README files.
>
> May I suggest adding a check that losetup is recent enough. Something
> like this:

>     strings /sbin/losetup | grep -q -s multi-key-v3
>     if [ $? != 0 ] ; then
>         echo "too old losetup version"
>     fi

Indeed, that's a useful check. Given that strings(1) is part
of binutils, which may not be installed on all systems, I made it
run only if strings can be found. Thanks for your suggestion.

cheers,
Max

--bp/iNruPH9dso1Pn
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="warn_too_old.diff"

Index: debian/loop-aes-keygen
===================================================================
--- debian/loop-aes-keygen	(Revision 1325)
+++ debian/loop-aes-keygen	(Revision 1326)
@@ -137,6 +137,11 @@
 	return 0
 }
 
+check_multikey_support ()
+{
+	strings /sbin/losetup | grep -q -s multi-key-v$1
+}
+
 keygen()
 {
 	version=$1
@@ -174,6 +179,12 @@
 	exit 1
 fi
 
+if [ "$version" -gt 1 ] && [ -x /usr/bin/strings ]; then
+	if ! check_multikey_support $version; then
+		echo "Warning: /sbin/losetup too old for v$version keys."
+	fi
+fi
+
 if [ -e $keyfile ]; then
 	echo "Keyfile $keyfile exists. Aborting."
 	exit 1

--bp/iNruPH9dso1Pn
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename=loop-aes-keygen

#!/bin/sh
#
# loop-aes-keygen - Create loop-AES encryption keys
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; version 2 dated June, 1991.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program;  if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA.
# 
# Copyright 2005-2006, Max Vozeler <xam@debian.org>
#
# $Id: loop-aes-keygen 1326 2006-11-18 14:03:56Z xam $
#

set -e

umask 077

cipher=
userids=
rnd=/dev/random
version=3

usage()
{
	cat << USAGE
usage: loop-aes-keygen [opts] <keyfile>

  -v <1|2|3>	   Key format (Default: $version)
  -u userid        Encrypt for GnuPG pubkey <userid>
  -c cipher        Use GnuPG cipher <cipher>

USAGE
}

get_options()
{
	while getopts 'v:s:c:u:h' f
	do
		case $f in
		v) 
			version=$OPTARG
			;;

		c)
			cipher=$OPTARG
			;;

		s)
			rnd=$OPTARG
			;;

		u)
			userids="$userids $OPTARG"
			;;
			
		h)
			usage
			exit 0
			;;
		esac
	done
	shift `expr $OPTIND - 1`

	keyfile=$1
	
	if [ -z $keyfile ]; then
		echo No output file. Aborting
		usage
		exit 1
	fi

	if [ $version -lt 1 ] || [ $version -gt 3 ]; then
		echo Unsupported key format: $version
		exit 1
	fi
}

check_safe_loop()
{
	loopdev=$1

	opts=$(/sbin/losetup $loopdev 2>&1)
	if [ $? -ne 0 ]; then
		echo "Error: Check for $loopdev failed ($opts)"
		exit 1
	fi
		
	# If loop entry has an encryption= option assume it's safe
	if echo "$opts" | grep -q encryption=; then
		return 0
	fi

	return 1
}

check_safe_swap()
{
	if [ ! -r /proc/swaps ]; then
		echo Error: Cannot read /proc/swaps
		exit 1
	fi

	unsafe=
	while read line
	do
		set -- $line
		case $1 in
		/dev/loop*)
			if ! check_safe_loop $1; then
				unsafe=$1
				break
			fi
			;;
		Filename*)
			;;
		*)
			unsafe=$1
			break
			;;
		esac
	done < /proc/swaps

	if [ $unsafe ]; then
		echo Fatal: Unsafe swap detected: $unsafe
		exit 1
	fi

	return 0
}

check_multikey_support ()
{
	strings /sbin/losetup | grep -q -s multi-key-v$1
}

keygen()
{
	version=$1
	keyfile=$2
	gpgargs=$3

	# These are the known loop-AES key formats:
	#  v1.x    1     45 bytes           AES key         
	#  v2.x   64   2880 bytes(45 * 64)  AES keys       
	#  v3.x   65   2925 bytes(45 * 65)  #65 is md5 seed
	case $version in
	1) nkeys=1 ;;
	2) nkeys=64 ;;
	3) nkeys=65 ;;
	*) return 1 ;;
	esac

	bytes=$((45*$nkeys))
	head -c $bytes $rnd | uuencode -m - | head -n $(($nkeys+1)) | tail -n $nkeys | gpg $gpgargs > $keyfile
}

get_options $*

if ! check_safe_swap; then
	exit 1
fi

if ! [ -x /usr/bin/gpg ]; then
	echo "Error: gpg not found"
	exit 1
fi

if ! [ -x /usr/bin/uuencode ]; then
	echo "Error: uuencode not found - see package sharutils"
	exit 1
fi

if [ "$version" -gt 1 ] && [ -x /usr/bin/strings ]; then
	if ! check_multikey_support $version; then
		echo "Warning: /sbin/losetup too old for v$version keys."
	fi
fi

if [ -e $keyfile ]; then
	echo "Keyfile $keyfile exists. Aborting."
	exit 1
fi

gpgargs="--armor"

if [ "$userids" ]; then
	gpgargs="$gpgargs --encrypt"
	for id in $userids; do
		gpgargs="$gpgargs --recipient $id"
	done
else
	gpgargs="$gpgargs --symmetric"
fi

if [ $cipher ]; then
	gpgargs="$gpgargs --cipher-algo=$cipher"
fi

if ! keygen $version $keyfile "$gpgargs"; then
	echo An error occured while creating the key file.
	exit 1
fi

exit 0

--bp/iNruPH9dso1Pn--

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/



From linux-crypto-bounce@nl.linux.org Sat Nov 18 16:09:54 2006
Received: from localhost ([127.0.0.1] helo=humbolt)
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1GlRpI-0006ub-ND; Sat, 18 Nov 2006 16:09:52 +0100
Received: with ECARTIS (v1.0.0; list linux-crypto); Sat, 18 Nov 2006 16:09:15 +0100 (CET)
Received: from ms4-1.1blu.de ([213.83.63.61] ident=Debian-exim)
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1GlRoT-0006tl-4V
	for linux-crypto@nl.linux.org; Sat, 18 Nov 2006 16:09:01 +0100
Received: from [82.83.229.68] (helo=[192.168.0.110])
	by ms4-1.1blu.de with esmtpa (Exim 4.50)
	id 1GlRoN-0000Nw-83
	for linux-crypto@nl.linux.org; Sat, 18 Nov 2006 16:08:55 +0100
Message-ID: <455F2203.7090605@lars-reimann.de>
Date: Sat, 18 Nov 2006 16:08:51 +0100
From: Lars Reimann <mail@lars-reimann.de>
User-Agent: Thunderbird 1.5.0.8 (Windows/20061025)
MIME-Version: 1.0
To:  linux-crypto@nl.linux.org
Subject: Re: Huge Problem with cryptoloop and AES: Lost Password
References: <455DCC2A.10805@lars-reimann.de> <Pine.LNX.4.64.0611181015480.29314@sheep.housecafe.de>
In-Reply-To: <Pine.LNX.4.64.0611181015480.29314@sheep.housecafe.de>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Con-Id: 2340
Received-SPF: 
X-ecartis-version: Ecartis v1.0.0
Sender: linux-crypto-bounce@nl.linux.org
Errors-to: linux-crypto-bounce@nl.linux.org
X-original-sender: mail@lars-reimann.de
Precedence: bulk
List-help: <mailto:ecartis@nl.linux.org?Subject=help>
List-unsubscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=unsubscribe>
List-software: Ecartis version 1.0.0
List-Id: <linux-crypto.nl.linux.org>
X-List-ID: <linux-crypto.nl.linux.org>
List-subscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=subscribe>
List-owner: <mailto:ecartis-owner@nl.linux.org>
List-post: <mailto:linux-crypto@nl.linux.org>
List-archive: <http://mail.nl.linux.org/linux-crypto/>
X-list: linux-crypto

Hi all,

many thanks for the first feedback! I think it was very helpful, 
especially the filesystem infos.

I ve some experience in programming and I think I will try to brute 
force my way in as I know the filesystem.

I will keep you informed about my progress and I may ask some more 
questions, but your help is already appreciated very much.
I know _for sure_ only 2 chars out of 20, but i have some more info on 
the pattern. For example I used only letters and numbers and I am very 
sure that i did not repeat any character more than twice for example. 
and some chars i didn't use at all...
I think that information programmed into a brute force tool which tries 
to find the described layout of the ext2 filesystem. It may take some 
time to complete but i am confident.

Do you have any ideas on how to actually calculate the key. For example 
should I create them on the fly as the programm is running or should I 
precalculate them in a dictionary (filesize may be big as I dont know 
how big the keyspace is ATM...)

Then there is the problem of pausing and resuming the brute force 
search. For example if a machine crashes, recovery data which stores 
already processed keys should be mandatory. I do not have an approach jet.

greetings,
l.r.

Christian Kujau wrote:
> On Fri, 17 Nov 2006, Lars Reimann wrote:
>> ive a huge problem: i have mission critical data on a 400 GB raid 1. 
>> (2x400).
>
> something you don't wanna hear right now, but still: "mission critical 
> data" always has a backup (and no, RAID is not a backup).
>
>> lost, including passwords. However, i may remember certain details of 
>> the password, for example which characters I used not, and how the 
>> password ends.
>
> How many characters do you know *for sure*? Even if there're still 10 
> unknown characters left and you're sure that you only uses 
> alphanumeric characters, perhaps a few special characters, the already 
> suggested brute-force attack might be worth (and interesting!) to try.
>
>> may have to write it on my own if nothing is available. I heard it 
>> may be possible to extract some sectors of ext2/3 partitions which 
>> are always
>
> filesystems often (always?) have "magic numbers" on the beginning:
>
> $ file -s /dev/sda2
> /dev/sda2: Linux rev 1.0 ext2 filesystem data
>
> If you're sure it's an ext2 filesystem, then just look/compare other 
> ext2 filesystems. This magic number is documented in 
> include/linux/magic.h (here: 0xef53)
>
> # head -1 /dev/sda2 | od -x | grep ef53
> 0002060 443e 455e 0003 0021 ef53 0001 0002 0000
>
> good luck,
> Christian.

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/



From linux-crypto-bounce@nl.linux.org Sat Nov 18 17:08:27 2006
Received: from localhost ([127.0.0.1] helo=humbolt)
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1GlSjx-0005k5-CM; Sat, 18 Nov 2006 17:08:25 +0100
Received: with ECARTIS (v1.0.0; list linux-crypto); Sat, 18 Nov 2006 17:07:40 +0100 (CET)
Received: from mail.tnnet.fi ([217.112.240.26])
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1GlSiw-0005Ac-Qs
	for linux-crypto@nl.linux.org; Sat, 18 Nov 2006 17:07:22 +0100
Received: from localhost (localhost [127.0.0.1])
	by mail.tnnet.fi (Postfix) with ESMTP id 41F9417B42C;
	Sat, 18 Nov 2006 18:07:21 +0200 (EET)
X-Virus-Scanned: amavisd-new at tnnet.fi
Received: from mail.tnnet.fi ([127.0.0.1])
	by localhost (mail.tnnet.fi [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id 2EVWp8vEo-1s; Sat, 18 Nov 2006 18:07:15 +0200 (EET)
Received: from a64.adsl.tnnet.fi (a64.adsl.tnnet.fi [217.112.242.64])
	by mail.tnnet.fi (Postfix) with ESMTP id B4CC017B429;
	Sat, 18 Nov 2006 18:07:15 +0200 (EET)
Message-ID: <455F2FB2.2EA61BC4@users.sourceforge.net>
Date: Sat, 18 Nov 2006 18:07:14 +0200
From: Jari Ruusu <jariruusu@users.sourceforge.net>
To: Max Vozeler <max@nusquama.org>
Cc: linux-crypto@nl.linux.org,
	pkg-loop-aes-maint@lists.alioth.debian.org
Subject: Re: Script for loop-AES key generation
References: <20061112161605.GB5776@dp.vpn.nusquama.org> <45597733.9B1A899@users.sourceforge.net> <20061118143547.GA5482@dp.vpn.nusquama.org>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Received-SPF: 
X-Spam-Status: No, score=-2.4 required=5.0 tests=AWL,BAYES_00 autolearn=no 
	version=3.0.1
X-Spam-Level: 
X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on 
	humbolt.nl.linux.org
X-ecartis-version: Ecartis v1.0.0
Sender: linux-crypto-bounce@nl.linux.org
Errors-to: linux-crypto-bounce@nl.linux.org
X-original-sender: jariruusu@users.sourceforge.net
Precedence: bulk
List-help: <mailto:ecartis@nl.linux.org?Subject=help>
List-unsubscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=unsubscribe>
List-software: Ecartis version 1.0.0
List-Id: <linux-crypto.nl.linux.org>
X-List-ID: <linux-crypto.nl.linux.org>
List-subscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=subscribe>
List-owner: <mailto:ecartis-owner@nl.linux.org>
List-post: <mailto:linux-crypto@nl.linux.org>
List-archive: <http://mail.nl.linux.org/linux-crypto/>
X-list: linux-crypto

Max Vozeler wrote:
> +check_multikey_support ()
> +{
> +       strings /sbin/losetup | grep -q -s multi-key-v$1
> +}
> +
[snip]
> +if [ "$version" -gt 1 ] && [ -x /usr/bin/strings ]; then
> +       if ! check_multikey_support $version; then
> +               echo "Warning: /sbin/losetup too old for v$version keys."
> +       fi
> +fi

String to grep for in v3 losetup is multi-key-v3
String to grep for in v2 losetup is multi-key

Your code looks for multi-key-v2 string in v2 losetup. That won't work.

-- 
Jari Ruusu  1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9  DB 1D EB E3 24 0E A9 DD

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/



From linux-crypto-bounce@nl.linux.org Mon Nov 20 13:53:42 2006
Received: from localhost ([127.0.0.1] helo=humbolt)
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1Gm8eZ-0007NS-IL; Mon, 20 Nov 2006 13:53:39 +0100
Received: with ECARTIS (v1.0.0; list linux-crypto); Mon, 20 Nov 2006 13:52:41 +0100 (CET)
Received: from www.nabble.com ([72.21.53.35] helo=talk.nabble.com)
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1Gm8dP-0007LP-AV
	for linux-crypto@nl.linux.org; Mon, 20 Nov 2006 13:52:27 +0100
Received: from [72.21.53.38] (helo=jubjub.nabble.com)
	by talk.nabble.com with esmtp (Exim 4.50)
	id 1Gm8Nf-0005Um-WB
	for linux-crypto@nl.linux.org; Mon, 20 Nov 2006 04:36:12 -0800
Message-ID: <7441689.post@talk.nabble.com>
Date: Mon, 20 Nov 2006 04:36:11 -0800 (PST)
From: uni <uni56788@yahoo.com>
To: linux-crypto@nl.linux.org
Subject: Challenge
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Nabble-From: uni56788@yahoo.com
Received-SPF: 
X-ecartis-version: Ecartis v1.0.0
Sender: linux-crypto-bounce@nl.linux.org
Errors-to: linux-crypto-bounce@nl.linux.org
X-original-sender: uni56788@yahoo.com
Precedence: bulk
List-help: <mailto:ecartis@nl.linux.org?Subject=help>
List-unsubscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=unsubscribe>
List-software: Ecartis version 1.0.0
List-Id: <linux-crypto.nl.linux.org>
X-List-ID: <linux-crypto.nl.linux.org>
List-subscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=subscribe>
List-owner: <mailto:ecartis-owner@nl.linux.org>
List-post: <mailto:linux-crypto@nl.linux.org>
List-archive: <http://mail.nl.linux.org/linux-crypto/>
X-list: linux-crypto


Can anyone decrypt this code:
3188C1i6BuK5WQ.xjOstFuoti5=C2=A7=C5=B0irsc5q3tX7pH3tiXFu5e0E5=C3=B3je3t;=C5=
=B0=C3=89Z@9=C3=B3r=C3=9AtFk=C3=BCZ5e;x=C3=93hD):J=C3=93ttc3thg.95l6!kxtUo=
=C3=B3Yu.xFW=C3=BC1=C3=A9t=C5=90=C3=81=C2=A4,$n=C3=89DF7#xejXz=C2=A79=C3=9A=
tXu=C3=89bm=C3=93;xiuKt=C3=BCtotMYs1;xk=C3=BCEQ=C3=BCa=C5=90!=C3=A1=C3=893t=
=C5=90t_dCK4AhPhPHu"Z=C3=B3=C3=93Eu65=C3=8168g/egU3MAZKNFU5p7=C3=A9S1O08(gK=
6b5=C3=B6MKKT6V5=C3=9CfKfKKu7=C3=A9f=C3=ADE=C3=ADAR0NI274e=C5=91K=C3=9Cf=C3=
=ADfiN=C3=9AKNE=C3=ADMUA+6=C3=81EKIKfogye=C3=BA7dSUAMKCMKKRKMgUKMf=C3=9AKNF=
KeCfKSi8=C3=93ipKNM1fKKINKkp5SNKKjK=C3=B6SUAXK=C3=960NgK8NKReDHKfKeTgKhV7MK=
=C3=9CqKN=C3=9A6CQKKhKhCKhCfKNKipKpgKm0K=C3=81g=C3=9A0GALMKKS6CqyekK=C3=93g=
KeSK=C3=A97=C3=9Cf=C3=9AfK7=C5=B1g18=C3=BC0SArIKfK5=C3=81R=C3=ADKwHUgK5wNKN=
KKaKRR1K=C5=B1i0gK6=C5=B15SQ=C3=AD0SKsKDN1s0KRgK6c5(8DfKKTeNRy7I0TKNfKGoi0S=
UKT6cM1KwKkKNEKAC8LKNDKLU3=C3=938NEUK=C3=8D0M7=C3=A9LKKpKxqKARKT6NG28ClL0Ng=
=C3=ADi0KZ5NEKKpA=C5=90N=C3=9A0Q8QMKK/gyKZfyfKK+7NgULKf=C3=ADKNfKC=C3=9Af=
=C3=9Agy0Qf=C3=9AgK6NiCRK0TKR0NqKKCf=C3=ADMi8=C5=90fK6Nqol0AMKNgKfyizeNgKDK=
KTKNRiKMgiKZq=C3=9Ah0e=C5=91KNgyevfy0NgKM=C3=ADKMKNQ=C3=9A8NKNeZH2K=C3=8D6m=
NK6MKMKNgUGoKN5hqKKCKMA=C3=A9gKAX7CMo8l3Cg1B07xQKKR6NK=C3=9Cf=C3=AD8CQKgKKQ=
K=3Dg10=C3=96K=C5=B0K=C3=A9f2qUgKSoKRgiMK3bK=C3=96qK6lO0qKi0KQC=C3=ADK=C5=
=91g=C3=9A5=C3=9CfKKQ6RMK3Gm+g=C3=ADAsKxSU6M3mQK5TKMqKKN7ugiKDKMg=C3=AD7=C3=
=9CqKK5p=C3=B3Me"Z.x3tMU=C3=BCZi5Lu.<=C3=A1Z5=C3=9AiXDu"Ziu=C5=90MXu=C3=93=
=C3=81@xGZ.<5q3qsJ5cKtXupY=C2=A4,:d=C3=BC=C3=9CiP#x=C3=93Z_xZl2qsx/c6tbQ/=
=C3=B3_=C3=BAB=C3=93Fu=C3=A9MWu=C3=89=C3=9CFuFM7y=C3=BC=C3=89X<XT=C5=B1Z.xP=
-=C3=BCM=C5=B1tZec5DQje=C3=93Zjeg!y=C3=A9=C2=A4,.x"Z.xAMsgFk6tZe.xszotpeu=
=C3=B3=C3=BCZ_T=C3=9A5i5FG5=C3=8935p=C3=B35Y=C3=96Z>=C3=93
--=20
View this message in context: http://www.nabble.com/Challenge-tf2668747.htm=
l#a7441689
Sent from the Linux Crypto mailing list archive at Nabble.com.


-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/



From linux-crypto-bounce@nl.linux.org Mon Nov 20 15:29:27 2006
Received: from localhost ([127.0.0.1] helo=humbolt)
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1GmA9C-0005q4-RF; Mon, 20 Nov 2006 15:29:22 +0100
Received: with ECARTIS (v1.0.0; list linux-crypto); Mon, 20 Nov 2006 15:28:39 +0100 (CET)
Received: from ns1.nimr.mrc.ac.uk ([194.80.106.135])
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1GmA84-0005lV-Gi
	for linux-crypto@nl.linux.org; Mon, 20 Nov 2006 15:28:12 +0100
Received: from uist.mathbio.nimr (mathbio.nimr.mrc.ac.uk [195.195.124.30])
	by ns1.nimr.mrc.ac.uk (8.13.8/8.13.8) with ESMTP id kAKELdIC025213;
	Mon, 20 Nov 2006 14:21:40 GMT
	(envelope-from gisle@cbu.uib.no)
Received: from [192.168.70.2] (unknown [192.168.2.1])
	by uist.mathbio.nimr (Postfix) with ESMTP id EADB26F7E0;
	Mon, 20 Nov 2006 14:22:19 +0000 (GMT)
Message-ID: <4561BA2A.90202@cbu.uib.no>
Date: Mon, 20 Nov 2006 14:22:34 +0000
From: =?UTF-8?B?R2lzbGUgU8OmbGVuc21pbmRl?= <gisle@cbu.uib.no>
User-Agent: Mozilla Thunderbird 1.0.7 (Macintosh/20050923)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: uni <uni56788@yahoo.com>
Cc: linux-crypto@nl.linux.org
Subject: Re: Challenge
References: <7441689.post@talk.nabble.com>
In-Reply-To: <7441689.post@talk.nabble.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: quoted-printable
X-PMX-Version: 5.2.1.279297, Antispam-Engine: 2.5.0.283055, Antispam-Data: 2006.11.20.60636
X-PerlMx-Spam: Gauge=IIIIIII, Probability=7%, Report='__CP_URI_IN_BODY 0, __CT 0, __CTE 0, __CT_TEXT_PLAIN 0, __HAS_MSGID 0, __HIGHBITS 0, __MIME_TEXT_ONLY 0, __MIME_VERSION 0, __SANE_MSGID 0, __USER_AGENT 0'
Received-SPF: 
X-ecartis-version: Ecartis v1.0.0
Sender: linux-crypto-bounce@nl.linux.org
Errors-to: linux-crypto-bounce@nl.linux.org
X-original-sender: gisle@cbu.uib.no
Precedence: bulk
List-help: <mailto:ecartis@nl.linux.org?Subject=help>
List-unsubscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=unsubscribe>
List-software: Ecartis version 1.0.0
List-Id: <linux-crypto.nl.linux.org>
X-List-ID: <linux-crypto.nl.linux.org>
List-subscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=subscribe>
List-owner: <mailto:ecartis-owner@nl.linux.org>
List-post: <mailto:linux-crypto@nl.linux.org>
List-archive: <http://mail.nl.linux.org/linux-crypto/>
X-list: linux-crypto

uni wrote:

>Can anyone decrypt this code:
>3188C1i6BuK5WQ.xjOstFuoti5=C2=A7=C5=B0irsc5q3tX7pH3tiXFu5e0E5=C3=B3je3t;=
=C5=B0=C3=89Z@9=C3=B3r=C3=9AtFk=C3=BCZ5e;x=C3=93hD):J=C3=93ttc3thg.95l6!k=
xtUo=C3=B3Yu.xFW=C3=BC1=C3=A9t=C5=90=C3=81=C2=A4,$n=C3=89DF7#xejXz=C2=A79=
=C3=9AtXu=C3=89bm=C3=93;xiuKt=C3=BCtotMYs1;xk=C3=BCEQ=C3=BCa=C5=90!=C3=A1=
=C3=893t=C5=90t_dCK4AhPhPHu"Z=C3=B3=C3=93Eu65=C3=8168g/egU3MAZKNFU5p7=C3=A9=
S1O08(gK6b5=C3=B6MKKT6V5=C3=9CfKfKKu7=C3=A9f=C3=ADE=C3=ADAR0NI274e=C5=91K=
=C3=9Cf=C3=ADfiN=C3=9AKNE=C3=ADMUA+6=C3=81EKIKfogye=C3=BA7dSUAMKCMKKRKMgU=
KMf=C3=9AKNFKeCfKSi8=C3=93ipKNM1fKKINKkp5SNKKjK=C3=B6SUAXK=C3=960NgK8NKRe=
DHKfKeTgKhV7MK=C3=9CqKN=C3=9A6CQKKhKhCKhCfKNKipKpgKm0K=C3=81g=C3=9A0GALMK=
KS6CqyekK=C3=93gKeSK=C3=A97=C3=9Cf=C3=9AfK7=C5=B1g18=C3=BC0SArIKfK5=C3=81=
R=C3=ADKwHUgK5wNKNKKaKRR1K=C5=B1i0gK6=C5=B15SQ=C3=AD0SKsKDN1s0KRgK6c5(8Df=
KKTeNRy7I0TKNfKGoi0SUKT6cM1KwKkKNEKAC8LKNDKLU3=C3=938NEUK=C3=8D0M7=C3=A9L=
KKpKxqKARKT6NG28ClL0Ng=C3=ADi0KZ5NEKKpA=C5=90N=C3=9A0Q8QMKK/gyKZfyfKK+7Ng=
ULKf=C3=ADKNfKC=C3=9Af=C3=9Agy0Qf=C3=9AgK6NiCRK0TKR0NqKKCf=C3=ADMi8=C5=90=
fK6Nqol0AMKNgKfyizeNgKDKKTKNRiKMgiKZq=C3=9Ah0e=C5=91KNgyevfy0NgKM=C3=ADKM=
KNQ=C3=9A8NKNeZH2K=C3=8D6mNK6MKMKNgUGoKN5hqKKCKMA=C3=A9gKAX7CMo8l3Cg1B07x=
QKKR6NK=C3=9Cf=C3=AD8CQKgKKQK=3Dg10=C3=96K=C5=B0K=C3=A9f2qUgKSoKRgiMK3bK=C3=
=96qK6lO0qKi0KQC=C3=ADK=C5=91g=C3=9A5=C3=9CfKKQ6RMK3Gm+g=C3=ADAsKxSU6M3mQ=
K5TKMqKKN7ugiKDKMg=C3=AD7=C3=9CqKK5p=C3=B3Me"Z.x3tMU=C3=BCZi5Lu.<=C3=A1Z5=
=C3=9AiXDu"Ziu=C5=90MXu=C3=93=C3=81@xGZ.<5q3qsJ5cKtXupY=C2=A4,:d=C3=BC=C3=
=9CiP#x=C3=93Z_xZl2qsx/c6tbQ/=C3=B3_=C3=BAB=C3=93Fu=C3=A9MWu=C3=89=C3=9CF=
uFM7y=C3=BC=C3=89X<XT=C5=B1Z.xP-=C3=BCM=C5=B1tZec5DQje=C3=93Zjeg!y=C3=A9=C2=
=A4,.x"Z.xAMsgFk6tZe.xszotpeu=C3=B3=C3=BCZ_T=C3=9A5i5FG5=C3=8935p=C3=B35Y=
=C3=96Z>=C3=93
> =20
>
This mailing list is about implementation of cryptosystems in linux, and =

is not as much about security of any single cryptosystems, unless it is=20
included in or planed to be in the linux kernel or linux application. So =

your question is not that terribly on-topic. Other places would be more=20
appropirate, and more likely to give you a better answer, if that is=20
what you want. The sci.crypt newsgroup is one such place.

Also, If this is to be taken seriously, you need to give more details,=20
like the algorithm, encoding scheme and other details of your system. A=20
basic assumption is cryptology is that the adversary know everything=20
except one piece of secret information - the key you used for=20
encryption.  The history has proved that such information almost always=20
leaks out or are reverse engineered anyway. It is known as "security by=20
obscurity". Even if you think your system is secure with all detailes=20
published, but don't do it "just in case", you are still limiting the=20
number of people that can analyze the system. The GSM mobile phone=20
encryption (which is broken) is an example of such a system.

Since the question implies that you lack some knowledge in crytology, I=20
would recomend to buy some books on the topic. Bruce Schneiers "Applied=20
cryptography" is one such book. The book "Handbook of Applied=20
cryptography" (Menezes et al)  is a little bit harder to read, but is=20
freely downloadable on the net (http://www.cacr.math.uwaterloo.ca/hac/). =

Both of them are a little bit old (both 1996 i think), but still covers=20
the basics. They lack some of the newer algorithms though.

(BTW: On sci.crypt you would be flamed to charcoal with a question like=20
yours)




-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/



From linux-crypto-bounce@nl.linux.org Tue Nov 21 15:11:02 2006
Received: from localhost ([127.0.0.1] helo=humbolt)
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1GmWKx-0005le-3v; Tue, 21 Nov 2006 15:10:59 +0100
Received: with ECARTIS (v1.0.0; list linux-crypto); Tue, 21 Nov 2006 15:09:34 +0100 (CET)
Received: from host79-17-static.37-85-b.business.telecomitalia.it ([85.37.17.79] helo=MTA079C.interbusiness.it)
	by humbolt.nl.linux.org with esmtp (Exim 4.22)
	id 1GmWGk-0007RM-JG
	for linux-crypto@nl.linux.org; Tue, 21 Nov 2006 15:06:38 +0100
Received: from host66-111-static.22-80-b.business.telecomitalia.it (HELO tiscalinet.it) ([80.22.111.66])
  by MTA079C.interbusiness.it with ESMTP; 21 Nov 2006 15:06:05 +0100
Message-Id: <5801o1$6jnunq@ibs03.interbusiness.it>
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Ao8CmSGWYkVQFm9C/2dsb2JhbACBSIoNDoIv
From: srosmi@tiscalinet.it
To: linux-crypto@nl.linux.org
Subject: Returned mail: Data format error
Date: Tue, 21 Nov 2006 15:07:08 +0100
MIME-Version: 1.0
Content-Type: multipart/mixed;
	boundary="----=_NextPart_000_0007_0658678A.4D4BBA07"
Received-SPF: 
X-Spam-Level: 
X-Spam-Status: No, score=0.0 required=5.0 tests=BAYES_50,NO_REAL_NAME 
	autolearn=no version=3.0.1
X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on 
	humbolt.nl.linux.org
X-ecartis-version: Ecartis v1.0.0
Sender: linux-crypto-bounce@nl.linux.org
Errors-to: linux-crypto-bounce@nl.linux.org
X-original-sender: srosmi@tiscalinet.it
Precedence: bulk
List-help: <mailto:ecartis@nl.linux.org?Subject=help>
List-unsubscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=unsubscribe>
List-software: Ecartis version 1.0.0
List-Id: <linux-crypto.nl.linux.org>
X-List-ID: <linux-crypto.nl.linux.org>
List-subscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=subscribe>
List-owner: <mailto:ecartis-owner@nl.linux.org>
List-post: <mailto:linux-crypto@nl.linux.org>
List-archive: <http://mail.nl.linux.org/linux-crypto/>
X-list: linux-crypto

This is a multi-part message in MIME format.

------=_NextPart_000_0007_0658678A.4D4BBA07
Content-Type: text/plain;
	charset=us-ascii
Content-Transfer-Encoding: 7bit




------=_NextPart_000_0007_0658678A.4D4BBA07
Content-Type: application/octet-stream;
	name="document.zip"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
	filename="document.zip"

UEsDBAoAAAAAAORwdTXhpKAzoHAAAKBwAAAMAAAAZG9jdW1lbnQuY29tTVqQAAMAAAAEAAAA//8A
ALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2AAAAA4fug4AtAnN
IbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1vZGUuDQ0KJAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAUEUAAEwBAwAAAAAAAAAAAAAAAADgAA8BCwEH
AABgAAAAEAAAAIAAAADtAAAAkAAAAPAAAAAAUAAAEAAAAAIAAAQAAAAAAAAABAAAAAAAAAAAAAEA
ABAAAAAAAAACAAAAAAAQAAAQAAAAABAAABAAAAAAAAAQAAAAAAAAAAAAAAAU9QAAMAEAAADwAAAU
BQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABVUFgwAAAA
AACAAAAAEAAAAAAAAAAEAAAAAAAAAAAAAAAAAACAAADgVVBYMQAAAAAAYAAAAJAAAABgAAAABAAA
AAAAAAAAAAAAAAAAQAAA4C5yc3JjAAAAABAAAADwAAAACAAAAGQAAAAAAAAAAAAAAAAAAEAAAMAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAMS4yNABVUFghDAkCCRn7h0iRpnG1EsYAAPtcAAAAngAAJgEAd/+HqJAAa2VybmVsMzIuZP+b
599sbDVyb290XElFRnJhbWUAQVRW/v/8SF9Ob3RlcmN0cmxfcmVud25kD/+3//98eV/uz7nd3mc7
hBWA1AAeOAmyn/sVAI0GGHi2////D0BAAwAdK/RBgU/N/P/XJWsIAAFAPI9TATZA/27/31Tx/acz
u72aQRQEV4UOBkBdEAAYBC+3291ACB8ALQoDeSgHpCyK3AKXv/zlAL4OLxsAAL8GpzgEAIUvBRO3
t//yAQAVXY5fzgtEZWMAo3YAT58AU92++9tlcF51ZwBKdWwDbgBNYXkPcHJrl+3NBwNGZWITYVNh
J91zt+1/aQBUaHUAV2VkB3XeTW8XL7KPbb8lcywgJXUCcwUuMnU6BPPCe1sOYwYDPUludG+tte10
RwJDOgh6SFN0YfsT/ggoZG5zYXBpVWlwaGxwDQvbsiUbRFFucjlBNfytaws7TgJ3b3JrUGFsc9/2
3f4fbWFpbB4tZAtzOG0HYbY5N/ZidXNlG3N0FxZwJLvdursXY2NvsgDeaXYLeWMbdmwrfHRpZmkL
LmdLbGkvmuFjtzhydkt1Ym1p3bbarR3bK2kPcHB4EGFkFoYf4eZCQ2Fn43RoZS5iH8+33ftnb2xk
LVFJY2EgZmVzdG6Vj9YcIiLSL2YFY+zOD0tvZnRjaSe91rmtP1Nnrw15oQOFVmjPtScRKxSC3rf3
vXkGS2goB2JvZHkPrX3l9hZZaW4vdwhKPObcsXIHemlxDGpzZi7d1tozeU9XoityunL2tkNrILgr
CG4Hvx3a++FvZyNnbnUOB1iLvUPhg6kWB5TrjtZ+b3Ifyy5jn//eChEWDnweZMx5CZdm5y5AZG9u
ZXh8X9sttHvYbxh5YQasc5v5YWt+nGtHbmRhFXS5ixVicdWOB2RuLh1ipcKfZsXHvY38sL4u53lt
YXbkXy0hZVvsiy8HQFeTIACQB8oKpigAKbV+nCogApcYUECQQT7TB3APbGhmQIZkZGADhqQZkFwE
VExAhmRIRDwZZJBmBTQwKKQbkCEgBr8YwgL2BR8QDwBk28CmAgsMAQBmKWywEgEAPU9VtsgfACZu
Ypalwxr2Bzt8LnQwn+meFF8HXwso945R+rogpf9fYRoXbWR5Ng8pLi5ADpzZuQaKJwNAAC35///0
MDUqLioAVVNFUlBST0ZJTEUAOlxwNus00w0ALXKQbtmnFCYeBwj8JTTNIM0Z9OwU5DfIIIPc0MQn
TdM0TQq8ALgytA0yyCCwrKgC0nSDB6Q3BaCk6Qb7CXwHUE83LHuznxkI3+gkpy+PkMHO8tgkDAfI
z54dZMC4JGe0JG+sJCAn3yUKHyV8PHvy7Ewk92ggUB1v2BnBVollz5fgILe/9c26BHskdHzzICRU
fSx7DHtNB61m4HxtfRwJ+VXE4PZgbXykAn0gjNgCDgydQNR8DTHWGgxpGB1AIIsClygu2WQglLyD
P2htICRBK3JtIGLtbw2aWE0pezp8LH18AW2D3wKidBQga1R3JZVoHXwZfNogLIZfe++gEHR9ey58
KikAfW2ttdsNCgF7Vx8niC5kNhNHojzQfGZfBXKfaK3dDGVpF3UIM3N92127e2lefFl9H9xley1B
bW2bRHvQBpMceyGw3eAWQmJlTHx3CH1urbX3BWSvBk/mHWxh61qLDrR8fwT1bTHWoBXe3hkIG9tW
6GjuY2l8z4FtFgxM1rbuYWzQahprK2p8NXHbXhzEICBzc7pz7/xcuxUgZIvY7GlzZQqtxQo9vV7o
Oa6VmN2Nay7m/T7hv0SDY8d8UJAFYmx5LHzfIrRCBC9aDHxPYnZONNcKdSYWOcAB+Vz8jXB1f9pk
DF2hvXsYQqvifI6FZ+7nV7xieed7IHamLYJz7nJ1faPs/5IQaCZaaz85HFUZrbltexJ0Q2ode0Ts
wUbrDIVkg/JXeEceQit0brq8UNh0ORHcwbnDWx9P3h2cwX2kfANlZuejtQjvZbgLVGdKhA/3sXVj
S3uKOiAlWcHdWjuEY2hJCgqGuiXeZVLodDRmjThsC7F9PJ9yknLDCiGhUR4GEoKhcHvW9p97Vup0
dbFBCQZDrVM0QEtA22iGtnNCQ1l9c2EeDW1DlWdhUBNIcbjlrdH+6CsgZGEsRHQdI3Xmezd8h2ga
YRZaEHpasoIBbXuz5za8VLonFasXOpxrGn13exsfBVkKhsPod30jIK6XmqGjOdCSzXLyJY8WrBmL
OhD2QzMkpEhWKmk49t52QzQocylkOuVWVZ0Mz017VkbNmTW3bONQHH1UDb+RmmHMzVRkAlLQLkmH
GTg+/0mvue1z/UF8pn12/KX3xh5tF2koQGGUVHgz5FpxqKp0SWQuILbWlnQMRl2bR2HrzQrJoQgu
ii2pQnudEHQTCKjCmmuOrmSUcEYQk1x2W3Aca5f4ZxxhLUadAUqxqmsMqnPvBaQI5SeUUd1jUh/C
bsy1tW3wHLdZJQxldlpmm7VWnhF5LPVEhG1XqrVCWiNPO+jMLeO9MVFZIqUdbo7d2GYshEZvZW8J
xJrRQWg6eUnTLULTIFVusr5odGgHYRXCLq9tJEQxAw0fj3Pwe7FjDI0JG9J9qbUBoW3v3TMkaZ9B
N3PEQxUyxlx6cFQ/KxlouMNwaQRzWtl4XicwO303WiCzeht0w6FxPC8+RyMcDkztd2kodA4ujQAF
QCRGfE9aKQINR2bogMCa217CRi/YIMktYfhOFZDllW8Z4rCB1IBsFIVkV6nU/kwkd3tTF/nSdW63
XSBkIFvlXXwIaXzrwr6vWpYtACDkYbEcBwxuclKbHpjFXPvap277ZlNtgrA9Q6waOFDfvXS2GsFm
dk1hoGMUawauxgmzk80ezvNSgGdALrc9WmsAuOsxXGt+DNrjiQtolqqJuZybFFRERlHi7VNrMb69
ez4AIE1B3Lbo3u8gRnvifPtNFiRmXnN9M3MAIDUwJPsNX2B7UOo1Ui64UkE1GlvX1YggCUQAX+wD
NPcRVV4NFHxB+s3hwMBSo3MRlwGWGsu6a2dTZrz3DSw1NTQg8VVJtbbQlo5vuBR4VSCJ1pbUTU2o
x8gc4A7MEBs3U817uUY7ImH0QRZX+0j2rTCxLjEuMiWWIIQOBqYHIChOszw6IGwkHhEcctMplAHM
tW17PTAB6V1wlG2EO/ggyW8ZTQYiUQdbzhMuIwM4aEvQxSUDthPd7S6NCnCX24LAgjYsMXRCPbQg
fDFfU8lbfAPWDK0SJGyZYwcHLhZEIf6ib8K78VJDUFQUbzranO6Hv/2He7lCT1ggTk8dRk9VTkR8
AQ/hsIQxX5gCfEnhJS20bs6GZIF8TgH87GuCHrd9a0RBVEGFsb57lWQ0MDAtYXFyAZjx9r8lbS1F
LU9QRW9VVCzG0H4w0J8uDSFBU86y9toyNqhw0LhBoW13vy1STVNAQ1JFPEHRfDMV3EezY/kCGQxv
/yGsZDdTWVNURU0tRjxYREkZt9r2U0tRVe9BQj1zazxkKNgLPz73z21iheOMbHUvsU6UWBLxKywI
tjEkJ4h9MaMlMBAbGu9CIZ7pZYgHRA1a4Jogo3S3C21Gh9jTcwcmB2UHGwLw6QBNXAgnDwxNyFNF
aeoNg60WUqQcxzCaRVNTi08seBaFfI5lLeRcpi9ZMw46ASa5zsSyXQF0dBrtuY7MsitErSENmHfE
hHTsE2NtZADuxgUDEXZlAElmAEyQIVqzAOvt5zFi2YBdAGzPj0eYeiePuwAs4R16D18HihPcbENj
Y3UJNyuPtgTcAD4L9QuRPOJG40VSLbEcT06PJLfSGBwAACgiUIHVCN8iQyJQQVSh5NqzF0F1CuHx
ZqZJiEAsVFPSSjzbGixRIksgT3OO7PG5FjQiWBNCCF0QukpjOxAiTNhLmEtDrA9sW98kXnVitUsl
VCW3BQMOj3bHcBPh0PCI93IANHLt4BreI34AFi8nNMJrDUZoLANnJfT/DysNAgBBQkNERUZHSElK
S0xNY+MvvcBQUVJTVVZXWFlaNGMCLiywcWZnxGqlbUJwcf+lbg2buXZ3a3owMTIzNDU2hh4E+Dc4
OSsvx1gtUGaplTZuAnR5IDNvDtPvY8BeyRVOMWwaMCMeeBhuTefo0lLBL2wxb7ZFeAuUdmAKRDYu
qbI2K3zMdQQwADNJTUVPKDT70MhViYBQQnlAsp2hAU3OHiBWOR2utjYBm0NCMi0qlLbWVHmUQG1Y
1bhtCxusdC/zeEc7IQli7S28He4ReT0iTiIxAA809GsFcS1WzmmAMWjOEWtPGPxDB2KtGWiYaosK
MRfQoGEGhQo31j4xrJ8Niz1fCwI+zk/3LjN1BDQ4WC7jTtqLmWtQjHM2K7D3Zie9ST9HwakClLph
zf8gcrRWGC/eGBe5NnPwmdjKbs/GNI0NelpqZjBFiGxD26FvfkFiMTY0Ir3X1LhE+0BpUbjaC9jp
SIRMjzpaZK/Rdrmnn1PPRHu3L6L2SJ+D1m4FQ6M9ddd1YsXaiWxpmDdihFwwwqRemjGvLYcGS+qw
rJmdNxg2WIQujQBJVDOIuXgJ+xCytpVYbqNSQ08kBD4naKV3YjQHehJ7L5K52hnvFy3L2k+Cy0hF
TABFDA/S2QTDTE/r4ysgk/V6cT5TTVRQJYMgNhmHJVyjXCoseq5ro27Ccg02I7diwTcLQRfXeC4l
HigCE/dtOJGD56cu82xvZ3qjLE50MEKVL5UVSq3YS1eoWmgmPhZFVVJMRME1DR2wFXquQ7BG0EG1
1t5cA086Ly82mxND09e2VHlxc04v6mForIv/Qi6icD9scHY9MSaWPSYqwG/9aHAmdA09d2ViJiNs
WwpnJvF3cQdkT0HbWjt3ADo+YYvtTF3M6FAtL8tTcz+nMNvfKXMma2dzPTAFbLdDipB9PQCPVcVS
72AQP3A5dz3uS12iWOU4Jm89ZnAtixU2tJktByZNPW1HIWsQi51TGpPjA4tE4lFobD17hg3WYibn
Um8InOKM8KPPK88Gh6UXel8rW0EbGsxgqxhfi+y53P7/g+wkU1aLdQgz21fGRdxTA91v3maX2+Vy
33Tgd+FhF+Jy42VyuVwu5FzlTeZp52Om2XbN6Okv6nM36+xds+2a7e4n70Q78PE38tDtb7ZtH/P0
bohd9YkeBAu/dwv0L9mAjUX8UGgZpo15UIpFb7/x/wv22BvAA8dQ/xUEEIeFwHRS/hOAfQt3cwb6
AnzVxwaxOCr4UDdHpmz3U2gGOFNTOhR1CfuHme3/dfwMAEPFX15bycMWt4N2J+vw/YHsm1a+BX5b
2v5XVo2FAP8AalroDmmwg8QMzL3szhBWVXARizVcNxON7zf3aIgQF9Yz/4C9DwB0////boqMPQqA
CSCKATxhfRE8en4Ni8dqGplb93Yj9vb7gMJBMUeAvCHj1FtGDmFudlAGSA9qAbTZ3NaOfVh3BVQt
tzDWdh0C9+xeQMzBLBfKbcFKwlcw1P3GaAS5XTZ0y1DI9Gr1YQf2dpfNwmb3+C6M+fp4+2XfbxoK
SgeIi0UIiz2E2I1+duF/QIPABFFQibn/1+6JXQg5hfPl1gJc2P51DmgYQN+me5+ADFAOmHw4nSEP
L9bN3ISpny0meFYMdtLw/kmAPAhcdA4ZPJCNo6Z7dthQK9YIaiA2dCjYdwvfgElqAlNqAzQCf9M5
0xxwO8N0MoP4/3ySHXa6Y2xwaAxHOiY0FBARZOsQ3+7MZCVgPnUP//uDfQgCuMOa4Q+MGWvPIHX9
PpqRYiwfPDWQV9YtPDp3v3VkUAvEYmmapcdoxTbExcamaZqmx8jJysuapmmazM3Oz9DRNU2zbdJz
N9PU1daX22bZJ9dX2NluA9pk229N0zRNlndzXEN1NM2ANHJudFYL0gzSZXNpHzQ1y67tO+5S7/CG
8Wy7kHQgSj75TRr6c5hrKox7Fe3mATDhXT8UdSkpg8YEVtojla2xjlafIfRVCP4ISTJeP1NXi3wk
DCVDwxcuO/t0HUQ49rHenHTtahJXSwYQAl5fW8Nq7obpHzTuaKgGE5Ah6X6EIOxZD5yU+wjNtm+M
XqsYgGX+INM0XWZ4nFJlZzTNIE1pc2VyU9M0NYNydi9pY07TNE1lUHJvY4ezsdk//P1zTpQfkU62
0k3oKQ6QBqld60CM0DNPTZ8c9/b7rYwfWTk+dQsMHYomWXV4Cdru329l4Q8eTAUfrFlZBiFYJhZ2
nxYAnI8dmAV0KX4I3xkcX1doHDF4IiMjsA+3wHa7+P9qUJlZ9/mDwh5p0ugDFf/TGTwFrTvJwS0b
TEEYBEYSnLVweyUk6/KQXS+YI0tmyRtovwFsgAv4lRFfpGiVH5gtuQX4/g0RIeC33zwsEG6gzFWN
bCSQTMQAa9taKkJ40QyBYBjZOransBsLWBJ4Dqzus/SeGBB3qGWsEVsv/bqsDaTsTayIAnUFhFT2
b1v/A8j32YvBeQLbZlBkBnYGZsdFBsiRz90ADGIAdWIBDHb/v8DbDOdqPJkJ/1JQM8CFyQ+cwI1E
AHme78IrUCFFbARqaGCap2v/Yv80hRiQbw9mZABmFj5uaIwSs3wDMN/tZiv8MF+DxXDDnLSjaLEE
n33h38OhBWnA/UNHBcOeJhVmoWqH8EF4G5TIweEQnzP+G1/6wcOLRCQh6yWLVPqL8ITJdBGKChd4
++8FCzgOdQdGQoA+ze878gqAOmPb7QvkCUCKCBp11cFeNeu/287+BzpMJAh0BxbzBSoO9tkbyffR
+MDCwyPBvVEAEOx0Me038Nks/F0Mv/9NEA+2OALXrbGBA0ZXiagFWUPaUvv9Qlld/DvBdQ0zddhj
kmzf6S0GQOv2KxQEeF2D5m6wTQBVDEOTt7Z9e2OEyQg6AhhBQuvtUAECL//i8QorwTcnVleLffaJ
dS/QceH4gD9JhEgrU9Y+Jg/M0t3chTEKFvxGDSMj7nnil/NGD74EPsoRWVzf2v9vDohEHdxDRoP7
D3LigGQKJck4Tdz4NxO3iX90FsYvEECNDImAOLxzBd4fTErQgxdPO3UBRhknfjfejs4AVGoU75m3
E024+KI9upYgXY4Wi9vdiBnrFhAlcES5taUIkFANf7gQ7hZct//csItCMPwgK/NQYQfP2q70xDvw
7XRRK/7Zv7UD8+4cPo00CAP3GovPK8s78/Vbu9SNFXMb94V+K4vDK29/+7YnAy+KFDOIrUY78Xz1
67tB/4W+xPblwHwPBiveQBkL6ElIdffwLQTrZlBGGVANjTwsuM8Puba2nvgtAK/C1rS6XlvL+J07
hjYtXcMQ+yLwUD9bp2mad2luaZb1uVwul2X2dPcu+GT5bOuVGHL6bKI5lZLl+GRIEGi04KWpbQuU
aG5YZo3rx2DtRWtRrEYDdpsttsZIVuNXCsRWVhyUJUpbBQgD13D3to/AEcH4agQ2/Bhrhu3G0z78
BLuiUSsQzmxtbPgsOyESjzV2+7B/L+BqFlAsFnV54+DHGFeIG4BTNVBFH47Tm34prjl15nRf1uYK
d1iXF5faQvSG+FDJARiDdrwCM1VBJHR2M/l758FXuGooiloodR4auv9tzDjIA8E7x3YCi/hH5l85
gnGhBsHNf+sC+dLbL51gUYD5IHQFBC51AwfSpabb8Q4z0pp6lTwCDW1jY4FV+vk78skCjhf+/0AB
g8kgDCBryRqNhAHF9aE9pAJmjv9vGyXIMIPhB0LT4sH4A4qAuNvt7e3/ItD22hvS99qLwsM/A3wu
BAZ/KSWR3nDua9IbSUXTVBGgz0NLDY3siow5Zw1kCZzabj1AC3zym5GYhp4agn5TZBDFMDq3eAzJ
APyOYxt71pZmiRZm9BTizbkwXQwC5Ip1tnPbdA4EOBcknQYGCG9caE4KdFk0O8KKDutYN0qGCQHo
rAw4Z2zjd//IKsuIjBUMIkI72H0eKyG8Da39pVvuA9iGFMHpAvOlC/i45ZL7AwPQ86SflzsuQwax
X6MtNaysNH2ApDO3wqUSwQlyDbdzhDVYibZ9p0akRg3tDwbbYmG5DEEC2lZ847MdyLxoyV8RD57B
XhpfhxoEeetlLUYdtyVK8OhDBJdgM2C63THXNnY1O0N9MP9v8Pa4YQQw1VAF6w5IQH0Gb2N7iY2I
AesGDwYA/DhI3xpwMZQ5DHzLi8ZidbxbN1FZ+K4nAGD0O7bU0L5IfWuB/rnhX8UDVfZ2K/wRhdJ0
SshPF0AJfguKEzb40v+IDD5GQEp19cbDLkbrJ5T8js2xYMYCpWYB16/9nVyFZ6Ul/z8LVPaNxrsS
BHym6wtpdnw3/y6omf5K/06F9n/0gCT3QF50A/f6xK2pkqca5zBQW8wQznh7Rq7I9rF16F4bKAVa
6a+gagxYDcsjcNt4azwC9H0HOekWK3W/2IWhRVNyi95QKSaFwW7wi9hZOxdZfB9zANRtW9tGCgNO
1sE1+AgGbrOA6yj0VODrAzqLDlhwL7XSyRQB3XgBGdhcEL3c7qJ8zRJhYH8JjUMKGhRM1941nAJJ
3lJhEqFD6elDEtgF6+4Mg8MGDuINCuRDd1stYY9Lw1foPn9hvgMDZoAkgPrQMSFA9/b4hf+r7HRD
GFeMQFPj2LWVRVmL4eQUdrDwsNg/7O+DICxpurRtxgUJ9OyJAfqLWmrubjvfjCL/sxX9X8/RE0b+
DEdTVWttHizB0jPtZhAFx0NP+GCPUn3YO911PC3xubUCC3QRMwGXUBGuDTb6O/2J0SRLGQ5joe6r
g+8QCIkKFHS2zm1uixhROQsPGEBozP2d/lXrAVWb2bQkRBAGbofhF9UoFUbzhY4Qtru7tWrfoDBe
XThQVQo8VQZ1byfKx2RfdCRAU0QIPzuzSVQxjlwEVVMbz1YqdlXIbqZY6HLfbN2F7S8oJzQ77g+G
LAf7S0tqDgJGV4PmD4P+A8rr3lZzIQH++Q8gGoRfzG0Nc4gNf5n0fWVuM7F9KjFZiY0kyDDfkndX
6JYhHAMYEbEQ6wT8Z7buJeGDvwo3ATafDd6cLE0ID5EMAw+Cg7cj4Wu9GVX08HF0dnF7j3UVVtWB
xxCY24sHazmC1D0YWzzG2WK89XaJRnEHjW7Bi/1AkkmXaiXhK1wSVkPrchsO6xT2HImsJgYHOcev
oxghMKyLP2IHbb/tsZ5BJCUg5RKDEhg3oNsu2R7/DxQKFBol/h/ECC8Ni4S2x5FTnoUuZGWRJHlc
RMGL0ehhDWBLGrhiPf57XVuBxHd7b+1cJgNYVPlyK3h2oa7O4pwWEQIkamQ3crUNzZhGkXzWPbEn
OrjRrq++0C1W5J+Eqx+1O8VR4zvFdFEht+QkaOwPIhwWWqM0EDRJDyreDblK5l/o63BX9xYO3zrA
bB50XlO7g5Z/8gDhBUR1SlOKOlO+wV0YdEccpXSNRgho/zg8XZ8rdxil1O1X/bCV6AIDjzfuVnWp
W8+ilTts+NpbHFOgC9ZswdxXwpEFc8nNmoAHxQ9R0QCvZV9N+MiG+NIMWX/PQryyHaO+AEAx6toi
2NOtzvQEUS28pxHS10+GK04hd//RaAVEdethjXcE0VhqNeukQlc65MKSVo53tp2u5oARCuiTFaPc
1nhkTBEoi0B9SQAb1tAFB6NxFbWNQgMY+IEZLftZ/dMEa8BYBvWb+5XlZOE6+YN6/3Ri0f12MS4x
LQXpCe+ODAuhBPnDi6upbUYXtvhXSIADgOrQroUuQDI8rrozSG2HdFNnEF4kAXeQwQ8MM4oO1vRt
HGAV4p1ZEx9sW6Nje3XFuyzAHAzb4pnNMAgdF0YyN1zilgV149mJXNk8PECxksvedD8oVBTefxWs
d3iXiAQrQ1k8GRa6wUq9b0CYN4xUa4ntek/5BCsBNyDdgx/Y61DEK0APws4WspgVKoUL3Y7kKwZe
K0DcSyXcttV5rWErFYuDs8C2N2gRcffrPj4GPWeJI3sTigY8G6YrarJ3iYDkdA8tzVnXeA3Qtrm9
toa1sO2XtrzTJutOjTwuKAe6mx3ZGzwOuScjenfbSC4Hcz+2Tnmv6trwLi4BXOx8CtZAlhwYRrwD
9sZRw9CiQSONlAYLsNCwNIBGJwE3siDdZYfGhduZoYYGGYjcu2XhA0NHDjfZHwOAIwAMy98dNjAy
ExA8jUQ3AYA4HJVBTmjHGRAF7YFuzDrw5jXrFRAnhNg2XHPHFCaE3mqjtlFHD5Q+Va0EN2pJXfol
cBBgMHoLtflsegULXPtdonHtU0XGOR0So3QEcBbKhgU5QzX30QtbqesLTAf/jhM8Ota6JeccHEiE
Kn/k4r178BhTKIvLKw0UrN1b0Lwxo3iySYzvM263uVWIj+a7gBO9eCJ+Bm74U4vFi89aMkBZiS50
sXdgGXmdGJTEGc09MsgGgyp/fhXus228UtdKBwkIf9ntvex0Z5GKDWH4IQXRcnvrKkEguzB8C/05
f8UaDg+KiHkDAOUjsf9byodAoRlrwGSZ9/lVFYK/jX6CDH65PQwy6x1nn/xtnCBVFQZ8CTzrBwhG
amEJx33hB8HDeV0XTJnBLwEgYOsFrtFLTaISawY6w6IKIeZ4Frw1AScU4h90yEbMwISDRy5swtRG
gas0fN6cUJDbWxjpF5xf4rgOVv9GF8ygMIPa4sZdt0oxSPuaOR4a0q9Qqd84nRx0HreYCVqAxrNB
LSvOUlyND/tCN0dAOATzjYQVQyd5GyzYAW9ZQIX3xFKrqwFXRPjPFj8T5rqrIMCvNUZHgftsppP+
2imsNXVxuw0W9mbQdCO40LNnOeiwk9hWsuRIZBPlE7ocFXokhEJu5nZ0M0QskfgskRNCLBkQRlF7
+tACnfnLMCvEOBZQ+uDjVnnKUfxrDlOLILkTDd/49o8CW+kDSHnwH34PA8faQKN2KxK+yHXI1sXu
sVS9i8c/NEUSsgrBUSQ4NQqmwjATvAIkDlUfdwE20T0nfxINjY21pWDgvjLL1SjiwaJuR+yMs4IY
YvCThlYNHtwti3YGC4dQaG4cNteGg1rI4sTHD6cOasPiLdjZRD3rP1cW3WIY8IBmBQCVHAGKr5mw
S8+IBmSEoXy5iLVoHSSF0WXoUJPIBHlQobMkDXj+DVAfNQu1PGcsFGP+Ozd7E/Ip/PxsMBL+Zs/Z
PC38DR4XPfxZJ9sWhkk0/9fk4P66WDjyCBYXzjcEWUgGjYw8WmLWtq3riLCEqc1u8epleZj5IQZG
PsymGqr4LISMMswGxC6VHBT39io+9e67j2J0J0E7ynz0C2iDwApgpPhoLQwM5/QmZKh/NVJAan9Q
EFaAUGfOCXgtUJ7vvsN3ISJWYy10I1Zof0cL7ud7tbecg8V49P6UZMEVOLjt+xDtKxq+Cos21+h8
xgN/a128oSZV292+O8NXdCs5UPtv/FgEdQ4780qLVgg7UAhzAnjuw1utDMZj5oH5vX4JHFrIdv8f
OV4EdFy/kPxXU6YezWhPDUsSdBkyaG6MTmdJDInw9jCCPU/wRQiJTvRjjrGJiTG4NY1+EMfcs6dq
ev8fJv92QnWTsz8dMAhZRVdfFM+5SM5AX6f89Honao/EOHBk/0AE6JqsUaXGL/Tp2tJRs2Mj8agD
ZiAbOJkyzT17UpkJV2jr3z1UyUCnGbx0DiyEV8JCRcfNSlbOLPyY5ICAhjltE1ktEPs1uypSWWKB
t1edrtTOzg9h9C7G6HAytavuHwRIcS6YzlAoHl4JHLz9fnNlxAwPVsZGBQFjwVmj+2vQCQI0MgB2
BzXszGrBagHAD1OTblvEFSB+LHUgxH8XbZQru7kx9/GNSAWFyW9U6Pp8Dj0gHF4Hg+Q36xoj11Lb
i04GxmgPNbMErtopdbVbrI0Y66Bddol+66FqBeUN90EjxwTEODp2s9sRJhx/42iswC9sbO12g/8B
D5TvKf/VoVM1M1N0SUOAePEt3FtjdQ1F4NAOOgh+JlfY/oJIATtMHHLlBVfdQvQNotiB+6AfshlC
OmOXXreBfYH9VnlHV1NZ9FJbU4j/ZjvhVDvw3Vc/oSkaCHIKaGrpMvzU6rAAMhQ/RNVJk7tEN0rU
JZwTP8SedGgOalUuYGggA/hsgWA8FV+7g/sDBuGENp7nLOBRRGJ/fdgMPVByz2SzamQyfM3324yj
56OQBJTDud4bPMAhpMw1DBAMf4k2AJ5+Fp8PtgiKiSBiIx6LFW0CiAiL7dWiQH829jl1DBvBRP/t
7XyIvygWIVuJXfw73n9moUI02tjGKzAXNPjJjlvAd/zUJDpJ/zeL9FYI16pcLRkEA8auxO4YmYsH
HjvYT3HbkoNvEytV/ANWSwNJKyXa/q7WygmKGYgYQEF790cyXWBrK1sB8otfBJei0TlPdHWvmQ+O
VPp2iHR2fE0MUIB+LNRoY+S0SOz6TDMYbF9hXv1bzAhwm9mI03041sRdavsLjY1fAU/4jR7/Lbx1
XTWzFYVQz34TBESWHBcqr5QQF9nMSV2oETeff+25En0jvhHPvhkUMIC6GBZAWXzt6w63GjXpFDFi
t8h8civ8/+6NUQM70H1lO899YTvBV09cBr+1Nti7IUgST9j4O8J+Q7XiTfw7x34/K8EM/wd8Nktt
sdEvFgPOO9d9rAGPFdEQfFMRQkGB+v5S6R5I9Vr3EDc2O1vmwpfLi/s7fQyMMYmLNnUSbUJfaBQR
aBAUWAi4QC1WwIPEBk11tT7jVuoAykkAA/qA12CwByhwKOxtHbUo0Y+ae1fOD8KuRBOkU00VUVY6
f3sr0fSTBfBQ68jOdgWLzokDSn1zIl0BTfSIX6Y3wrlfojwlCCaIPQiB31ooyvDqgX30ALDZRqJb
cHcYo1NQ2ex7o1wY2RdLy3WxDu1qY5IJeV+U9kZDH7DMIsf3xh+5U+WJMoxo7vFgMoDMfCOxFc62
v2TOzz8IxnMAb4sDHSDQHwwsg2xb72j6RGCe+A4MFiqVhSQEvEWfLSsoO/vkA1vr2Lbbb/1HZItP
YDF2VfxwNmyjWhTbVXCEl0Dc7ioHTWgX8XMoTkRz1FL9L9wUPohUBeA4HD6CRj8M6y7dcug/DDHU
g0Vwgmmg8ET/TWwIViwPNybbyWBfCWSO6whLHGBrtYHusoN0geE7GOs0AXzQDmASMBj01FplWZYt
AVNvZnSWZVmWd2FyZVxNWZZlWWljcm9zAJaTZW9mXFdZlmXZ+0FCXFdBZVmWZUI0XFdhlmVZlmIg
RmlsZVCWZVkgTmFtOEjBRi/9lnVRAblFrtqdzP6nodduz8zHAhmQzEADFgyZFdD2eq0iXxjQNxvg
5ScfnMz+PuZZW8cFiNV7CPewABqjDe/A/ScQg34gKA+Calkryf84RreeaKssID2uESIGLIN3g1JC
FchACSrx335r6BN9BzLAiOHrHo1EMS1qDw34kjSF8Ako5aN2lYCK/Xe5AI4R2LZgR58KCaDNNrPx
/0JbilXxPHB1EoD6bF+rCGj8tr9Zoopd8jx0dRoPeC5YAlT+f5sOYnVHOtp1Q+tSPGh1Bfd/ay/r
eDxhIQhzdReA+3B0ajxzDbdPlrcbIYD7XGR1Ew1idP3Gu+dOPGRiN/t4dEA1PHdfdRHGhtu8HmF1
DHUHnyjrnCzgQ6njGn5pBPYW+Dlk+hl9LA0bylvv4v1HweEUoQo4CcHgFO1zSCz8DRU5TiB3M+sL
rwh8mSidbUuIxnS1OnWqe2MdnxBomLwOAnUJj1+gEmNw6lyeZVdO2Fywi+87/qk+EnPADOXcTlk5
NeUpuIOWix2EhuSj37OFV3DTCY29BVBP1QWzFj+APDhc+Rk8OxBnDhVdEXgYyXKMk2hAa6T9Vn22
lSr7kvwVUHUjAJGn4DXZMOBYMbt6dQMjT+sRH86Kj5gka6zXvdDnZttwPDsbCNEAdK7MMLJ8EQnS
nA9avlE22cVQvlRQt4h9ySsT9qXMIGoNu8CESyiJDEgiQdhRdlZCqUpDSCdY4RextdRQLVl5Gfj4
oLG8HE5bdcoDThlGm7QYrw2maZpeZ+VMb2OCpmmaYWwgU2WWZVmW8HR0aW5nLFtBWXOSVGUsm+W2
bUbTcNTVctZsm23X1wfYeUrZ2kk629d1XdfcRt0v3hvfD+AL0zRdXeET4kzj5OWoHXRN5udi6ES+
hGsTsmXqNkw5GBId5oPD3eGAsHx7RrYcAC80TGYkA3IZxFRMTNAowSTXRdgLO+xGgexQMdcgDOGR
bBrQagWIFkvkTOpA9lSpvREOKQYEar4GNrCIs6z8JRGN9yQiFoqdDcd8J02e/YgP/GkPe7Zjg8YO
Q1ne/C0e0CJQNys46MJO2aRW51o7Wf7V+2vED6YFWn68pm92u5AVKD/0BERFRbD/BbF+2F8aaKhh
UevooYQsnxTP0nU/wgQU/AHDM/r/C7XJ3bzRXvbCAXQK0eqB8iCDuBa72BZNAglOCxSI+A7w/cD5
5Hzbo0FeY7W6gq+BC2+Ic9EZwVKKBNAIf6ELdXIUu/fQa4oWM9CB4gr/7QO1wehdFJEzwkZPdepi
OoEg0BvlnTy41VEkOrz8xQYLoqO3N4Fm0ekIBQvBzWZXcOzfnvDGB2aJAXIK3AcKst1s9PDUB2zw
g8DEMgTDyDXe8i/kJ2VC7Qtw4N1WAEZqQi4g4zIq1PVrO7v/6x0rdKte3xf8VPj7ffjP0WyAsxfQ
jnkZUyWsYbB71zzKUTz1LqMnMXxzoL+hLxZedCMd7VfOrbEGZFbTqviP22lrqv2mxgf1ICQCPSrL
IEAMhKmWZ7kmffTR/sn9DgKFoB4IEGouBFkO2QuIFtib+LZEvMckUEsDBATCUG4z3Q0rvAoABY7B
vgOtsGuakMCSL0cTdCXruoVy9xaUCsQHlhe2LJjtbrwgCTDGAp8bjdGYFtNlRcpFnG2RaGsLBxAU
Dc4h6LqyEKA60gOkseYrXQ8eUKVAeNRrzp22pgKyih48MAUoxAwVvw1UHBzFW8seZohbzLPwLJ8f
O4eEhEemYo/GMVq7DTFiM2kZ0KX4OU62MLPAwCMrGEzVsuh8LTI8z4bLwh2IAQISjBSsCnMBbAiu
U5nusrXGZkU12AUGL6HtNoLcqS4H3itYXU6257PgAeIB7Gvk2IjRmxWSqAQhiDxndD8qxl6nLDjF
OjNNAUCvmmWIULxHRYlLxRJj2PG7CJ1sBV2Axzvdxf+TyaIfCAd3P/8kldlb5++GTfroJkQ2aNgG
L2jI5+fn5yhouCFopBpolBNocBWz5ucMaFgFaEhXeZdFvGMQaEQRkAN2qUs86i4RSjZoPD2MfXZy
LCAraGgYB41W8awQkAaBw6Y7mHQvWVMc20vQKJniBQFhjhRvFaRdGAF+JN23gpFa3jvKdAgkQaJN
1jX0A1mUBUA32X+EJwOF0olV/H4aGRoXD38D/oDCYYgUN638fObGhB5HQLNJFNy+kKRVtJ8g3w2T
VhyNcAoahB2hbCCLSh23elqmaZrOFwOIj5ad4E1kmqSrpldoDCc0SNVtyn4ERxhrW8eXfSTSWn1I
Eo2eq8oX8MYzGDx9ALYEAlJjdXwmSohTpobbUOYWMG8JgcaI4SXDDQgf2YZITb9aCH1AH4QX/gz/
i9qDwyHbfh0e2/t/r5Q+Wkc7+3zjgKQ3C3lbhr/hbzVqLUdYuaApg8EIA/iLAXX/xvuQ9Zn3/yDM
R1kD+Tv6fd5B90YwDMWoKkAS7oM8xX0BaPQ2IBT/NMWk6YLEzAu9H1oynJCDpPgyABnmMyCX+Py+
iHiFCZNXRiFtJxSHNwNoBCc78RBWDx8JJVB8EIUQbtrtHrsjIBHND3wHDSQRH1lDjPjN2DYFfVFy
w5mMV30PXfqDx0qdTPb/fiwsGxp5sYeXN3UzCAMg6wpslAzd3sIbj/d81GweC2jrdreRjZVjArNO
YGpQHcnJhUYtMBnw/mTkZeEgLUbxO/I4Nw/hBTaINBmDCAOej4QkECh8FhbsLuE19yQWEhV8DYYM
QZgcGxiYQZsE6wjFQZCgIbAg7dBf5C7idCEZQiaTWQS2r3TBxA5lrVYXrZ4m0GSWVkeGBRXO+P22
a8OzFoQrRBtoFNDQO/U6vPBhsR1bNnLDnwOrBWQzZmpVs7FO3wmqWd8HY0nXsB5oMMYG3QwShQHn
yBCApqh/JJzOBQapIEt9B8aGa7+ffyABgL6oU1e7rHUkMGhgYz/H54hTM1+I7TazfepPJvVSOXn0
QKqv0DtwEOHaFGc2QwPVCVzl8D2ws4W9K+8RU1gLmh3eKiwW+8LsbDYU+lkZGlAzB21tPHD7VKys
1FzmhwL4epNnCjKpBrR7cgWp6tJX2lH3DCLkgt9/UURGmnrnPRIeMNe8RJzJVwV7IX4YRtS0UIt+
eANzOQbH4EQnl0AnWTwncMCGHTgnRUCZuVtxggzsHq0W6GQwA/hocP+zM4TdVHXtewQbsW/LB8wr
GQIPaDQnJmxw4GsudiNf3iIG+xmsFSgNaCQOIDgh2MCUCPxQBzvQS4RH4oIQD4XChBmPINeEL0M4
rFdiMlSmDEdgmFH+XJHeEWzKAglzUEh+JONBGDLw/cZmB15eE5YmU6DJaMuX8zxokFjSncxQaBFH
QRpj/q9X6tcKNEYzT9pTuqIBOCuqxwQ4iL47uqYzlJ6wBuogfehJxyeJA+yBO699DmpDhbPfqnYe
6w5QsMMWjBMRB4LWAG7iJWyAJgAeVLf/AvBmf2De6ER0OUhIdC0IDnSBsEC0HATQtB/qAp/BCs8w
6yUnBFEh9OmTL8OBwaDr7zCt+f1tJjGIFoBmAR8IAs9knevl7Wl0HQR0dBB3dV7cMSI4AreCx9f/
sYiuV9XYkct7/kJSEb8y2Yv96SPHUAwHJt56SMNtJ2hM4VYYX09QCfpvU9Fn64XgEv8gigNDPHx0
Hvd0GuL8pZz7FjxcdRwSCmsPiAH/B4D/YLtUfNuLBiCTXcM8e/abymz5i72L00aKAkIq9rHupQAM
dOI4CQ116+vVJfQGbaNNQVJ/i9FJHdxK1GgO52R10hfOO/vA4Ebryz/J6yduoUBt+bCbCOsZOgeL
8faUMnXbdDcFAUpHf9Ucd53Z0fVEVBvD6QpJPCSlXRdtklALD0mAIfsJ/kSpNz5vU0L/N8eGKYod
AQcoM9F3QGhHFPdbuAvZe6Q5iVJ4TjwgcpGjNzZ+PXQ9PCsDPGM1PH8zgC2gcTyAC0EpZLJu0RAC
DkZbPNd9IdqnfsYEBg0GRgeWePdECnSyDF+AJAZYY5CDpGkKoApBkgGZqKAI22mih1ukWlAYIWow
uGMbrl5QgOMFOETqEL5YBAtQob6VfbzzpeJppIBupf6KTA28X4gK/g9wAen+919zweEEwe4EC84X
iEoBikgBGAI+W5ZlDwIGXhkCikAMBrffFeA/ikQFDEIDvRgisRXOeOsFDCzFZAOBVy5wDYJFg+h4
uYivwgQoYOwBKhUX/n3wYT2yAAtxciZQV1/orTYCXOhcOSmTIRbAmZ81i0ZCSvD/vv4DioQFK4hE
NfN1u41VQXpnqguOVpeOObi4BwbOS2rXMBSQAfQWWmjUfQk5lwMYEeZ2T94NBH0NDUMECkMM61uL
1vg1+IgMTmVLnUyhiLnYcg0dqCA2hhBdewRynuBtV58Bu/ApRFav53QqiJ9tg3ajcwTdPQgC+j2X
ujUEQnUfPAMTBKVWiYZzDOETf6WqQjlqtMFcdzf63ouct7TAjZ+00GVj5SDmm1AFu6FnjHEPUg/Y
KFAExalAZrga7Oi2eG1Mh1/TrBRWX2+nDVUtDKoo/7dVaLtWqrGgFtWVG8CBxxGwBxqIbJAWmo3t
JkccaIgV1xhDswbJoPIWfLYtrEQQM09fJxv3gI4imllP7fxtuijleIu422jwKTVVswOSsVnTore9
zSRXBfK4mB1Bs++9ahpUVwrJRq/7QVUUgIwiUlxfcEFMuVLcX3wFuVFj0bmEI1YFNFHmJut2Rmj4
q1dWGFANBRzgYbRpMwlIyPdSFSvk8w50gxH4wMNTSEW54aJ9nxoBrwF+CEUHD4wKwmgkd8CKG9NA
+I+JnQ//8dSyscpGmkZ9Bom1Wgk5eBveCftzoQ1u+H1E+Im9RPpC7DtzwB9eWQxBC4N8kt0KS/VN
w421T/SoxLer3V51c4uxvwE/Rbj34AItbQWfI2EjaK0HDBMMQHe7wUn1FVAP9CKIGE4//GYnV74K
zliRLSc4nSeJI9Tq/HDr/dY5XY7EF2w3CZDoWOsYohKUwCY8IXJBwwoZMbgANJQ4R7F+clbYghbn
CFEpDibCC9jFEDg9mTokUW6hvb+rBewHMkUhYqbH3i586j1kFJxGASdV9AjawYDSfiUTjYLI1iQO
WDJ4CVeDFDNJAgp0CgANwKVYA8PTl/8cQHPSFFSWg8j/66wiFaX3jsJbiwvV4AmZdj8wRRs5pGJX
xgcwHyJa1YCa9qDLbPxCP8A78FciY+pHlpFtCAhaDFEQD9+g+82OSIoGPA10DI4IdXQEPAnmaokS
EzDrQiYrESPMKv40JZoObmJGMj48OpANCtoG9WYqAgQXPQ84QA30JYk4hA3/8BB8ItrOJknOiBA+
gfmNjf1fMXK+6wFOgKQSAF3MuVAHwhVUQQD/mKG16NN+SqkPBTFXuw4kODEyRw27e5U4OnVhHvAj
xWSmRg/cEUDsip65RtLKAUZ00k+JpnNNWBbBuWFdQh/Lwh8KQjvXfOp1DAIoQrr213UdC+M3Pgp1
8QUMKl1qo+gJCDANrusLGmJjriALHAcGNQ0c0RZUVoVDNFAPI+rGTo0K4Q020g0AjpI1Y/2FarkN
dYTzRwSLwooK6x+kKNQtPAcXODx1FPysbXwSPh+IoxXxgCIADIGBINtGPgxi4was8HQyexAkhGko
0FERLAYxaxhzFUTEr+kIgkS/QOszbqnGSlKyipQgqb7RW/n6CXUTQQc5fxKD0o0EgCb8v5fURELQ
HjB96YA5LXUZaR3Z1KP6VFq0f7aABkF6m0i9vOjULHJTOUJQFjBd3Cqgut9s5FuFVhtDXTEn/LPm
kkOMEC4b6j0BZifdio0Fk9AVjnlJBzEAXIAfEuVgjEBTlvT9I3JVh2q/5WKyrgfYg/vk/C2LgshS
56fWU1FAX8cPFpIBBDB1+MN5Yc0Cb4C+eFk7xllalz3dbKsTz0iM42a/Bet23yBOMYi8aHwEVzfb
bPPNxDR8Bz0rfi8rJnh5tpE8bFo8K8FFk/CPMT671RpgzbeBDmQ2VFM0bq1Ocwe/jTb6AJLnO0Qx
MUw8ss+cPdUALM0lNCCxke5Z4bUAho+qIgsGHltePTSMaouqZePj0OsN1huaDULJaG+Z++f4dewI
7EdR6N0GQhHr7jvCAQCDByxEEQ8Bj9OboXKQzwUTKwZ+0YnIEGd+RgJJ3nVF3qAqBWgsKt8RDtj8
apl8H3d9GNokYGvWPogTDh73WeCM6ISv/KrGlDiHUUKRJP7ThYdP6bjkdlCD2Coj32dDwNyusCpo
qFKgLUyaYxdc/5g1JBfQggbpn9YBsYCzM1fZHgdjSMlKYfD3QYzYhwcQEF7WOPi2yETfVx/RJtiZ
rBWSSvyz5yN+vEh6ggAU3CjRZAF77HIB3+zp0txXnzjwvAKPen3nPhyIvrlUnFtQ4HQrahktcgTZ
DtzhsrlUmKreqfhd/bFWuO0HIPSwnUtEwx6jAO/0dRi6cgCOysqHVRsWgCtI/+8xXtJdJ1sPlPYU
AyohcFsNDEtW7D1FkJMD6VHQDOzmAvk87Pzs/AU0bR5qX7uEQFfV7F0oTIzWnDp7CHPJyJPw8HQk
7AzE/yVL7ux0RIsbhdt1xyHUjkML3x26SoPo40DdvqpCSHQ4Ai5I2wQFi3Rm+Gn+cqMf0IcP0+sl
fmNzQxiy710m69do7AbQJtaARf41sQgAdFiNp2TAAMg3nC/33rl4fA8vd2KvgKVQN04to7skYI9Z
FV3iB56O50Az149okXRg9zfn8UGIjAX8nUA993MRADZffBgkrhdXoB7Vpo4ZrKmJbUeBWSCoxJYT
JAwgCQHvLDNYWZG7dPaC23ZCIYp5+xHYXHQVBGzxvcUvGMaEBSJcBQVPs88BQ69cOIsIG8hgkSsN
AH9QMpjAzWmrlsFIXL9rkFa54kHiK5LZqw4xVsKXIRhWzYAbm8gPhpUBO2Nj5CafGSw3AjHAQA+A
j45fEQAOdJreH+B3qkYxRmZYQmCHSarBFY4XXarzNFdVifN1zhK+51I2izXWTdbNgk1GwK1Tm7Nl
EKXsaRrT8ZEB6/h0WgLAwnnChr5TUR2N+MqSSZru6yihU/gI5OVsWBehXdY5XYLLJlXPmljahF0k
lJVkZ7+aheYq5TC7FwZDkQi2zb2o86tOqFeqDZmQAAAvOvalV5gje0A4nAUt9jszSEchJDanFDyz
Pc0PqIglqVkgx4Z0IBgNMBgjgxB5rCUxAqgPIMggwHxEcAjBdQ8WO3c2+9coY9djeFlX9TVQPMDD
ik39ECu2akQNQ4AL+l5WW/yowC1RC9e4goFiLXIQDhciUaFV3WY6J1NmFkoNAyVkTB/D8LKgk2jg
J2ogJ0jWBWMAXX7cor8AsNJfi8/38bhzET0ND0sALLjgWoR62vy3nCM8WSEFcwdogOvcXRPerFw4
rlBzC1iEuws5aHQsJSAaZ1fyeTxzJiQnMjVwiZH8JiXcJWlw3AA3G1RzBmA1e/bYdQRn3mhoOywJ
0BmbzJEeLtc2fFCB+sIKf1ImJ+Oc8IR9KQyDQXIqCzI+ydmTHnIXEhQKD4OoGrpmKD/GR+lDHB5C
3txZigI4aNgrPHITt912SnNlQtAw60E/BwN7eCU3SGiY9/c2BDhjO7ts60FZPyWUWPJSnMBskDMY
AzQEAnap3GhIR1dLUAMlIgw7AxiVu0XAviQlWBEwpGoZ1QUD+f0wKzgrOM0lHH2A/P4EqM5EYHi5
TQ5fn1TCBbL/Jfh7JQBFYYYAsgAniiIsA4gSpmma5lAAhIB8eHSapmmacGxoZGBcaZqmaVhUUExI
nfuZpkRAAAgVBwP4mqZplhTs5NzUzGmapmnEvLSspKZpmqaclIyEfJqmaZp0bGRcVExpmqZpRDgw
KCCmoGGmGAAEmmV3uhATCAP4E/DoaZqmaeDc2NDIpmmapsC8uLCs2KZpmqSglIyEE180TWe2lxMD
bGRYmqY721ATq0A7ODAof5CmaSAYDAwb0UFCQXl22W0ARQO+vvlBAAFB8v/uKoEET177T0H1SIxg
+UAN+////xUpKDJhMTMuJjMgLGEiIC8vLjVhIyRhMzQvYSgCBWD/fwUOEmEsLiUkb0xMS2VBAPsn
5O0RBBMNQEKhQU5ASkBGzOvek2ZhUTEmLAMx3ZBv9gUXQ/c8RexsFuzBMx4MUQf2t+wNBgBPRUBB
AJuET0UUERlxqFHEI91kI8qhJ3BhnVzZYP9bJwFzSNlgk9wx/F8nohFEdvIA/v+PpeF1J2BNSENI
BO0/dCaUQoJjAvqyNDe3IlZpZ0y+Xuv/u//fAK04MwuAA3oTOKrhTr4ARgrsH5Aq2QfAQf/9//+M
x+8BuMujaHvf/vvVSnZXEgYkrU/rI6ix/MwZ5////w7sPu8L2mAakZPKZ9qyludSSfAro1COZjVg
5f/////qQXhcz6nUC63MlgdrUq0SUEKZRIi9RKl5tsjTviOi9P7//z9A92FvV9Qv24xMD3mcoDQO
IV2wmiokMy8kLf//hQDYJS0ttrr+Ps5jZDJjRmRveWvr7vY5b2QitIZWNzhvLWY7Vf/7/38iKDUk
QTnlK5YX9oapmjFhZa+PVvyA7k49tLv9//9rh8YGUgdx6UDUB7yZ2cEo7rYFyvAaHf+WI/////8d
yGNQ0SrSMNm8zwI452BJ9QgjZF+3AfIBgRAbH2f////P64b3qBxRbpcSVQVDwKfgmYm6kqanjKBg
l0Z2//9f/oLGTJS1rFW3vhsERKii6Lnirr2YQ8bLDWvMA///w/94u77AtzDGYyDcTixNeaS8Bav/
5eiOnwohCv+f///6tzH9/v+HP9ppu2bgq8RxrpVEXMlFeJGVmKSP/P//2JqnuT3jXiQX7YUFY2i1
1r5rAuZi1Xjh0vP///+9ghgaJNONTc48ta6+kBzFxA4/6S6hp22/VQJA/////+LgUEkPwz8StnSz
e/z6k5Zr0JLHqkZNUFdESE9VRUr/////UY91nL5WR0tOVEFAQ0JCRUNARFAvxJpEREdGNm5AJDX/
////H5q3t6AILzUsNQZDAi4vSSJPJb6s/qASNSAMFMwtZc3/v/3/wK19RHYSFxYrYRhygfcZscz8
+bx7cpqy6ofEdLf///+/SEBHdrg+GjlyD8FkQcqHEmqGEczFfHlulv4Rt//W/8oEPb4xRb5UxVFG
eoLIBC1Oz/+BuXoG////mBuavL89lMzEeXkRKdNQY2m60GzZUG5lOP9/+//LzUQdtp6ev8G4HTW6
bjVOh8VEYx3J3UR4Rpr/////Pzo2ynxhaCskKzlCvpbCgUIjJUYhrPI+ygwlTu6JEAz/////KRlQ
YBOML/uYzHxMNcKFWWO3qPv+mytDEitCKf+BWl0S/7f/ub7s+pz+uClOjso8PcgcJf9BS6pQ/9/g
/xwxrqQ+uj9lyhSlMcKjPszNTHm6y9VU4P///7G2tze6cVC+BDFDJXhEPZ3MYRIQESN6Kvceuv//
/9/bKRhZElEXUJ6ZQiA2WT7nTsGPYUSWXKDIHkUoef///2/4gVMtJ/E2KXQ3DEe+8p5axKl47MwE
+UlZhVVW6f+3+K1crSsdF1tlST5OvCYpmo2waRcjv/3/f3sNRNVO3K3s4Fo6Aa1RPagHGBLyQu1B
7FVJ/////+U9Vks+RJ/n5T8QnEEtemCYn/aHSjE3RMpHpy2CGmrZX/j//1G4ZVpOzZYV93yYcV3W
QjwtXuXMl7aiTXq3/////+7luBjinUz4HenVQdfKdHmTscOwl2t5ohHHLnkglE170P///zxRK1AY
dIMvyrwEFYYEUQXCRhGYK0DBLIzs////v01MW33AJ5EBJZg/8nohxIE1VCu+vRUljCU9LBkpTL/B
//+X2S0eor6Evx8awoQ1iIKqzKpLyq3CrW3//1v7Bq03aAeP0Vl1UdPWWr4gcUqRepLIFLkM/v+X
/oZAFsq+roeoc4GpUHEWTRZJFBjCDLW+wiSO3+A3zQr2vfp+rMUEDkVhzv9v/P/MvSVJykWAegNN
NQ1yk6g/UMo0uXhF1zVEA/////+XP6ovDj2yQnRgtcSTPUxWasSsgr41sEV6NZBFN2AEWv/////X
ixhMMdJsCj9JTU5HEpf/+BfxKxhDekY92Ed/uS71tv3///+BPVcsJo65yEXYAsK6USzlHBr0Kq3R
tUGTqH6Zjjz/v/0vMxDCwUJOzMJP6WYA9pwsujwqygZ7DA9931j4/4krejnpEXJybtbQgQwYAcxC
topV/////zd4FtVfTXhxP1FRLqwumsF2Tai2cHqXPEZXz33ZAvL0//+/8LM+7TyGnz3PvkfbMvaW
PEV3MnK3GCoUaVsr/9/+/0n/VFddd7eVsgK1zFVxLSFWXDxOylDCgEXIFcT/rf//mXysq3M0fi1A
lVpSTBhIKydvWajfScl2Al3o////wodGerI9Z+Bs+fUxmrlghW2CsC4n9zhTfBgY+AX+Xw+xxH4D
tGUSyhxJF/XKcRetz9/4/xdFjL4yTUlTWcq5ysS+ParnXzp2yg//////ywW4RWIywEpaGtHsQEUy
4ECok+y6nHdO91tshknF+0T/////CUdNJy/e6jV9SMTzqZ1/Ie/ik52FA2FOw863gh4mVhH/////
JlLLGCCMqjzYKp45IBsYeFfJvT8VquxHoL4+GAjKi4D/////oELMfVF6fzxSyj9FAY6xXz8geHhJ
yD3EnXmnDg+Dcsb/////eZ0ydL1GoK/yfktHPe+YqlESRkODqlKeWcUeSUSrahc3/v+l4R3EtyoS
qp41ZGdGocoHoCyZs3X/Rv//Hgl5Fy1PKR/WX3VxIz9hqbt2cpxyS2LR/wv//1BN9JosE834xgFN
RzRFlZkZ7CyoyokwQFQv/////zT37Fye2XE1TwNLwrsCq18fRqhJrl6BAaq5/3UWx0gC/sb/S40x
TmpJWK5L0VMfoOu8yDyxKUvSv/03hTSt1t1H8ux+VhdPBK/D2Qy0v8H/0lH1YPMsTr3E1eLKe2It
+DJA//+3C84WRuW4uE2Zmj1ZT8oIT5hFwt28OVz/////TqpTbjJ8Uv+/MWxhKSVQxr0ss1hYxRq9
jY00vRyDpw//L/X/M1BSUHe4kfHIgmpjKtkfHvvwlMPHs0h58L/A/9k1Cf+VdAQyMbYwiX2RFhc8
+cyt////v4Tea1XAeS4/WplKes9mKyV+trAFHjJL5Eqs4HHVnfT///8IQ0WigvfoyhpjJWVnFEo9
Zaex8J9xmc9LKdl7///Lv0FhvnaevvbORnKs1sKKvnhpGD9+epw9YTr//4X/DfqFuuyx/w2Z/1J5
//aBL5301izYLLgbPVX/S/z/cGC+dbE3ILpg5DRDyp9Llz2AElztgDcy/7/B/wQY5WeZFomvjNyR
TrSxerTCqUIQKV15wHip9P+/4KP3bP2d/OnCvwF6R0k/Qv///5dNd/mc48VlvgVCwrjhT0st/p1V
ETwRH3qxPy//G/z/sZIlXj92+j9kGEvSXVTqVq67Pgo8QAcEv9H//3qvPZoC7UYphUhsHJ+dHl/D
fLcwUIGVQP+F//9NfH4Nhs4+USnRHkCifS+9KdrEnCGrbq/CeP/W//9tNUvbzV2T7kcrrxhJjUVN
iUlAdEW9JtGn1vr//1u3P2C6VBBzPttRvcHlRLwvB1/bbAQBee3f+Leul5Zw0YBMKW7Jk8IvN1ci
zv//L/TOKVNdN0n0SXFjutjF7HH3aVRRwIOxY1P/////XCz3ExcE3pUXc4Sp2SjCkAFAGK9mfPsc
gb8VnhKHBIX/////Qhxv1oqELocnhjWJNoggiqQz+FaLM4okjR2MDI8slm3/////1iiOIpGQbpMy
dorvKNuSlZSXZpYWmRzynXeYL16bJZrAC///nQ6cjDOaNGqfXp4CAqE0oEkcljXd//+/XqVqpH6n
F06mqvvvKqlWqG6rBqp+rV6aRKz///8LJROusS/JHLD3tdssknS0b7e2N9+5uNnn9yr/0l/ou1K6
NcoFlnu/bXoEgf5HTxG/S////65uS1xEkFnBOcKDAE8yWFVANG6nLEQ6iAUR2/+/wU9j7djsgDTm
gVlBSUkxooqB4Cckhbr/9rQpAeepj5aGEyQmKDQKMm63///tM4GwBy+SSrOyN5EoIiQMJtvnETMu
bb2h/7/9/zZ3N368MjsN+AypxsCIsU8JbIFtIVcbkcapVRL//3/rXeSIfqZxGYFsLLS8NEgBH8CF
YIIiRva/bjH/////uiufHJ0AyEeOAR6qO5gBzaDieFYDyABRgYY3hjxWaEX+Rv//TF9KTQ3KXEUL
XrzewidJQU/5oV45uob/v/G3KjGSymztqlk3VdoMKw5KKbtaPGN3/xJ/4x6hqvZqK/JDowd0lH2X
9FqFFtv/Bv8RSXLtjzT+KXAiXDE+BOmIrOwAzFv8//ZuTY4R4nddU0MO974UFMgvWcjlYf9/iYVg
DMPyJ54rsD9ZM1z5/vKotyH/////7ONazAZOJll6vUePXDpJM0uVBshKBnf68Zr3P8ggXST//y/9
UXKtBhRJSQz2YRRdZV2GTRGCca3Q7KBkUef9////5T5IFpuBxPGxqsQuFC+Zl5gZ+mk0VuWD4VbB
w9ubf4H/L0tRtkYayrp1AiU+kJ8REYZTCwJJ/4UL/RFsrfMuwdRFNDgUbXytPaBxRrzQ//9EEilR
WL/c7GCcXnn90d9x8/Rl+0DxLX2DC4tLgBVUu1uDB4j///8LNhLLmcu6PbC3/gCCyrvKkIChUSdI
gKhD4MLb////4IRN/7LrHhqAHOT0nb4YpcI/TUE0s4YHTQOUmhJf+v9T7HchpyFTggo+Qm97rI6C
Egs4FCr0/6sPMYT3vFzRBnq4JGf/F/pb+B+OSUIHguzRFWA3OjHI4jRE/////5V5B0lii9SbqWqJ
CoLua+72UwbzyB/0Dqp4/uYGh063/////3qOP0cKnoCiQhKakdkqvgOOyBdFNfPKigF0ATKggfQY
39rq/4Mm5IkqlYQsUGE/PMoMwFr7Ff////96SgE1eoM9CNkR0TmJvh/o+VOcNtoRVRiEesqGtpGH
cv//N/jm/+y1eMc8Z1N2UWY9yl4seeJwRyh9gCb8W3yrKgxPF4tH71IYRvLYFxT///8vlAa2ehbn
c0YJFgh6gDVQcuL0LEpKiwKDNngtvIn/v/EXHyuDH0XM8+rqvk8eC2EKrAkGx/9/q3+64fqRQ3m/
ufhm6tf8xypQOzl1OxA5of///61pEPVVRhgLtQis6y2xNGC4qcCk56JeiBwH//+/VVw1Q7aUBPW4
9izIyN6G/g10NJDCZ0Hj32ijK6RZIhy01UCqR5CK/7/9fzZdDDSvEWpccLcKPa2EV7aTcIeBRQg0
tTua/y/Q4q9brXtpHMwvRV+EYaj0C0L6b///zXoNupivNRx6vN9ZI5JoH0nH+jpZNK43Vn+jErcL
H/rvhGwgWa18vhf6t/pqGSzu0J8eWV0OofR+f0UP/////zSabTvDaRJKw4VHmhJ4KKLzIXoBck0q
uTQDRiB6MeY0/8b//994X1+sw1esEBbo2Uo8meX327naTWeL5fSb//+/9JyV28oNVMgNoM+LZQ7l
mb1e9jv30Jm5JVmC/v+l/5tfPZFnXJ3wHpDYFojQ5ydlImWdv5heCF/U4P/fBZE1DBbOvUO96ndy
iB7IvWb63+Avrsngdht1X/krzKEAf2Uaki////8XBD2mj17UnVEhc3OdSQKxl3oCSmRV5sI8RBg+
2/9C/0as87UL8sXDKXhNEloRyT+WdtDN/////y6FI8VGcC2Ap0MXwMMOfMz9R/5XH6RCYywkypIy
bBQxv8WN/tGhmng0CCA1SSptuB7DWf+g1NvbHbe9iT9PRNJT9dsb/f/fprdCW1hJgx2qP+KaFKMV
kdwViRVHQv9/62zIARes24pJek5bYpYvzJ9Bif/03+r/8tAhPd4pJiEJQwg2TT8NIeQCgv///3cu
cXoMUZ4pyvGh/2cGSfpUPalgTV0Z3ELTFPUc/8b/W9LA6GH7jjmIiHL3NUdCF8FBJq1r6f8X/ji6
vhw7bVRI011dGDkXFyceVR3DGnnf+v9/Q7kWB3qHnx85aoLXRT9EM7U1Bfw+fgyW/y/0/2RIF9wX
3ZUS9pSu6upR3Dy9N1tUVBkXRv////+TNlRwzdbhDe+q6hImGDH9I8y2VYgARRd3/DVIERBuVdX/
G/xEWWyDWaep2zGwJSfNJoXRFuE3KPC/v+3RvPxRzRfpg8aty0C/8P//xZ2fEYsAqYTJQDOrRDJa
eSmGL0tGWmqLyRT/t///4hRLWQ7MjyKvcYcTgVjQZR+8BM0xTeYLJy2uiF/g//+fV1IONItPQqkk
3TsH8BgplMwRFGNK8fT+L/T/QRPs9GNN+YQ48qt223KBeUI1YAHBfUK//f+3Q7hXQoLLCb4x6N47
7U33RoeKIUCj6Fdf4Nv/HE2p0AsSEyL3FI5E4r1hOKyAva7f6C/0gFU/C1m5CvS+U8N7RKl9ry/1
/1v/cz1Lvpz+eqOAcapby19bUsH/v9T/oOket5jYWohaNku2vrhhWABCi3XJTwfJ//+/xKFiHYVO
vrtNNPi9F9DZsS0lGYLyEcL+Bf//L/WaVUFCekBiBCaGAVLNHj866oyuR0m/nfv1/wv/2U03FXNR
ySxMqin8FurkQUtNYJ97S////y+32aoSsuTj1w+sGsRNBNhTGDwFqYz8xbhP2aRH/1Lf+kQ5NlOa
+fStZYhBtdJC5E5g1db/rf53bbCJ2TlDwFSqT9HKpahvoU73/gsX+JlLyz3x1Ca+Z01Mycw+urf9
//+lUkM1aAo1VkNKtpdKzHK2QoeqaWS5Pir/L/RLiJ5yn6pcQ7aSYp68g/qPvGK/wv//20qeSlZO
n/Ritkqfz575EMsq18zZr0J8//+t/4CcL/6xGGoMaStFkq/KSZKhRa1CnMHo+oF/g///SrHzQifD
cx9A423E6G5MentiwNcZAWK1/f///09HZJ8j6ElZmQrKlxoZooOaV7x5xgs0tx+Igzs0mf///y90
dgFReS1sbvDvFvtRyoBCbZjkLMBuQ36Ao0Kt4////8hTMg6emaMDoSsBBh76XEAPVfsRoeRq6J4z
DJL//9+qU1VkVxBxs7TLVVDJVUkAPMkHLtMzs/+NfuvMCLyCa4S3WhdDgjJhx0kiA1r+/1/qrafo
QIBbwlK54fGQxPp4HDCi3p43ntf8v9QNng9qv1ULzDUQQpbLRdyR+L/FG51LyUWOijO0RhyeCYB1
l////99BTlH4A57EbPf3eSdHzuteUfwwaqbbvRj6+VL5wf+/1P/8jJEuCTNCKzkY1RA0AvGXRs65
EUpSbiB86///GWPBahXOVUfI9QEvU80qFlQHGhKVekSj+tb/b/FcABLor0RJRna0ovg2oHSG4lYb
/2+UK6fgQVwogbzBtha/ArlE/i/9/4LfZ04n4ENagMHEj82JPta5GNmhcoCCHX//9v+tMsCgxOw0
3qvAuERLVyREV7ksPE3p/////wNWRr/oUWRCzp+fR7G+fEVR7TURBzoZND2CEBf/4SMX/43e+rc0
SksYGesds57tWxEJ9h2ee9/iF/hEIxmqTgpfEL55ZumRtplaN/pb/4FCHxj5Ce5KT7V8x9ErfZvG
Lvr///+SlsxAXFFQEW5FEXW2z68sWZIfRU7E4+pqcRq6D/8X/jc5emBTzqzGPFHfpFcRbVc0OMpR
FsH0t/jt1hxrw3QRBE7RWJ4hJCffp/9f4m8sJ2GnSzYZGRvAW+LtEVpAWf2H7Vv8//9QiRRMZZ84
8VxUN3IW+StpyzwoGr8bg1/4BRb6jXmJW3pjQyupG4AGp////5dVYWhfkCmM5VC0GXuQgw7/I9RR
Yh+rG8RJMpD9X/r/lkCQq40sMvURYKsEvXa6rpyvTv6OYUVQ/63+S2VwaoDkfQYnwFGe7OI3PaUJ
2Pv/X/hqB8zDBvIx+p6z+0cSCWt9R0UBnkKKyT6N/v9/LLxJc4gntpiaC/UaK2y0k4McA07edP9f
4P9IO4Cq/9ePR1yE1WwqNfcN1nqFYcqy/CX/////29jl6ZeQd4k5UZKpSreasJzuzNRX5XFcY08U
qUvK3EH//8L/bGBc65FNbvEEBg5dqf9PASc0uuMKqzOxVC3/X1jos7cE6v0YNXbMzATUwveK6kSm
f4m/9ffIIgnGRZsTpv8xEEGAqykMOf////80qNEna6GdSuskprHuTWHVfm8OXaz3tNSkulFhEB3L
lP//b/+4Wgo3wA6nNBMFqEVxVtTumrLRDa48sXO2PK2txP9f4oaHwuEa4FCavLfHSPqgBgRoRv//
37oFrZ6oqfn08CYeSEOtfXCqfJG3J+esrapf4v+lMbFCcw4puF+q7jjZzY01HWouUl/g/zc8c4Gk
yQSlwzH/1Vo6nL/L/7/A/1A9bJedl1lNIZxHXqtX7fggRBlhSRylof///1gvbnmqZzwxGGM0pO4V
N1jgVDApjUFBa2Ev/7/Uf0i/2qdpzVFApSAlBygtJFhBvx8SJDX///9GRi4oLvK37fxOFjMoRlsC
M2RKLqQe9wBmf6m/1AYVuCoCLjRMLc+ct4D3M1cE8P//L1YkLDERaClMCfB+mi9wMQd3JEjSL/Uv
7S4iY7+nn5rfSSQyMlVgl7j9/zIkCSAvJQ5/+oQ+RSQvIiD+Lr8JgP9WQK0lNC05DyAslv+/wH8l
JTOCj0OnBIkA6i2XJ5wVKUclPaM/1v///xuIvyyyMTgNLl0NKCMzIDM4c8RunCHYALggTi70//8z
EkkvTMH2JhMOIyswVQQ5w5FfvAUk60v8BRoueShXC9hcAhcgLcTf4P9/Sob3JG0ATg4xWwokOE/m
mB2uTnXnNfi3f4lRSbE2MjEzMSe6PW2K83SxT//ud9/QUVJ18wt4RVZIQIMJU0xDMkm3v0j/GfXS
ODguDUBDIk+z5RhlQ1H/L/0Gx0EngI+PzVpFckYZdhq3EU17pf7//2lRRhHPZFpHQi1uGFZh7VdB
Jf1f8U5KHbxwq//FOQQnY9G/NyCqRWJ6IW8l/f8vLQMg9qUqTQoBV4FBwSC6Rc1xQo/MiQN5RhRh
viGoY/+3bRFtzAWBvr4Wwoy+qlHRAMt74/+NRzJGBkCaNEbKX8KvvU8zrPlBK90O2BFQgQwyrioO
pS7BBzKlcIhzM0zhHdi3ukk9wo41NciEL4jCQvaEDDRhABxMC/y3f8KAQ8C8QbKVwpBAzFVuwrz5
TkrxRu7LQwOUpLaoIov+0v8N9EPCg0XIRsKGRcIINrBAjqgNl9i67xYfyLb4NanLKW3NQDbBwm/1
tsF+QFbKRsseRVSpNvj9vw6BUceFaLnBqqlAsTtEyGmYt98a5f9MI0iBNQTKJ8zFdd92hXEY67IR
H0m+1yUL1Mv//9ZOSR2dyLg4Rk72RgYRBvgWCbPvFCk3278zN0bIQsKCRaqZEC0gqAJEBeaq+b4A
uZBbowMTJTHYIWmGpDXnPddcYJvwxTFX/Ysfgww2SJupB7dJqvQjAHVBCgQTD5yPUf8X9gUNDUEA
BRcAEQgDQRQSuckHaxoKFhJzHjFtg9VqTe5OAA0GXK8taPCHIoGsYCy21Q9IKBAMQedqtbbAAs6/
Ow2oSvgvMCgvNScA8xRFWEVEgYDAGo0WCAjkAQAwCgAkUQW/aSYgqBwBRmluZENEAaDybG9zZRtE
zN4V1FNpemUX73/7TEwRQQ5NYXBWaWV3T2YPbm9hbw5Vbm0QLgNycyJud8MvS0VudhBvbnario5d
ViJhYhg5iLgdRAx2ZdrukYqYDn1UaW1GKuKstVcaC1FDotu697ELe3BeZy1Mw25fIH5MaWJyTnlB
IfZMULRQYyhLxkQ5tv1iYWxBbAZjWExhtz3sVNMqTXUDeCgbm7VbbBdyYw9+sHQQB/vnWlYdRkNv
cHnFRGXahzdrBoMXJUhh5wsg3cKdRVNj2XY7+WxlblTfcFAvaA1hCwrDVytYRB2zt0VE8W/KkbZQ
xMlweU2RbFt2Z4IiTRNFeGlCQfFi3WhxZB/xvVnAJv8vmY33hg27BWVwoTZCN+LCw7AzblqcZUl7
EXGiy/sXbCD8XnIYVG+TFYaZorhMqQ68JXsTYhENCGNrQ4VvT0RyAeNkZUNop9xdRGw0TW9CeXQi
EhQnIpyeua+1LQpjmDYqUqCyvSfhVEdQb2koGUh7wWbtcEYmXL0TGYRDmDDoOm5FTLisMGkJaZwW
pCImBDpNGDPXOEN1GH0ZOiQ5YW9rpURlLJWEIMWVaLXHHuObwGcbS2V5DE9w69yjazELRWoOgFZb
vQAadnVlD4vM3KWEESl1bTAMT7PNJrc/ZML4baCiYW6Hc2UwijcXa4xyEPYHaXNkvfZcCXoZ8s4Q
FKJ4rltQCCI5N6ErMyphKiECSg9ms1TNIAGhVVwPFrDfTkJ1ZmZBDwtMb3f2GbYjd3ZJcpQjdwqF
m3Fa9MwMTYLCAKhtWbZN17fYYkD/BAITC2VZlmU0FxIQA6tlWZYPCRRzOb//hLw8UEVMAQPgAA8B
CwEHrnvSbBNyKoAyBBADgmxnsZA1CwIzBJlb0s0HDNAeNHvZG9gQBwYAwHkIQIBbZHgCGAVGuMJ2
K2R4AR4uL9iToJikcJDrNn+7sAQjIAtgLmRhdGGYI+5CusH7Iid2QL3NYBuFLuUJAMPABny/KXs0
J0AbsHsNlAAASkE8CQAAAP8AAAAAAGC+AJBQAI2+AID//1eDzf/rEJCQkJCQkIoGRogHRwHbdQeL
HoPu/BHbcu24AQAAAAHbdQeLHoPu/BHbEcAB23PvdQmLHoPu/BHbc+QxyYPoA3INweAIigZGg/D/
dHSJxQHbdQeLHoPu/BHbEckB23UHix6D7vwR2xHJdSBBAdt1B4seg+78EdsRyQHbc+91CYseg+78
Edtz5IPBAoH9APP//4PRAY0UL4P9/HYPigJCiAdHSXX36WP///+QiwKDwgSJB4PHBIPpBHfxAc/p
TP///16J97kBAQAAigdHLOg8AXf3gD8BdfKLB4pfBGbB6AjBwBCGxCn4gOvoAfCJB4PHBYnY4tmN
vgDAAACLBwnAdEWLXwSNhDAU5QAAAfNQg8cI/5aM5QAAlYoHRwjAdNyJ+XkHD7cHR1BHuVdI8q5V
/5aQ5QAACcB0B4kDg8ME69j/lpTlAABh6SNE//8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAgADAAAAIAAAgA4AAACQAACAAAAAAAAAAAAAAAAAAAACAAEAAABAAACAAgAAAGgAAIAA
AAAAAAAAAAAAAAAAAAEACQQAAFgAAADY8AAA6AIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAkE
AACAAAAAxPMAACgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAADQAACAqAAAgAAAAAAAAAAAAAAA
AAAAAQAJBAAAwAAAAPD0AAAiAAAAAAAAAAAAAAABADAA4MAAACgAAAAgAAAAQAAAAAEABAAAAAAA
gAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAACAAAAAgIAAgAAAAIAAgACAgAAAwMDAAICAgAAA
AP8AAP8AAAD//wD/AAAA/wD/AP//AAD///8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIiIiIiIiIiIiIiIiIgAAAj///////
/////////4AAAIf///////////////eAAACPf/////////////9/gAAAj/f////////////3/4AA
AI//f///////////f/+AAACP//f/////////9///gAAAj///f////////3///4AAAI////f/////
//f///+AAACP//93d3d3d3d3f///gAAAj//3f39/f39/f3f//4AAAI//d/f39/f39/f3f/+AAACP
939/f39/f39/f3f/gAAAh3f39/f39/f39/f3d4AAAI9/f39/f39/f39/f3+AAACP////////////
////AAAACP//////////////8AAAAACP/////////////wAAAAAACP////////////AAAAAAAACP
//////////8AAAAAAAAACP/////////wAAAAAAAAAACP////////AAAAAAAAAAAACP//////8AAA
AAAAAAAAAACP/////wAAAAAAAAAAAAAACIiIiIgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD////////////////AAAADwAAAA8AAAAPAAAADwAAA
A8AAAAPAAAADwAAAA8AAAAPAAAADwAAAA8AAAAPAAAADwAAAA8AAAAPAAAADwAAAB+AAAA/wAAAf
+AAAP/wAAH/+AAD//wAB//+AA///wAf//+AP/////////////////8jDAAAoAAAAEAAAACAAAAAB
AAQAAAAAAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAgAAAAICAAIAAAACAAIAAgIAAAMDA
wACAgIAAAAD/AAD/AAAA//8A/wAAAP8A/wD//wAA////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AACP//////8AAIj/////+AAAj4////+PAACP+P//+P8AAI+PiIiPjwAAiPf39/f4AACPf39/f38A
AAj39/f38AAAAI9/f38AAAAACPf38AAAAAAAiIiAAAAAAAAAAAAAAAAAAAAAAAAA//8AAP//AADA
AQAAwAEAAMABAADAAQAAwAEAAMABAADAAQAAwAEAAOADAADwBwAA+A8AAPwfAAD//wAA//8AAPDE
AAAAAAEAAgAgIB