Re: Yahoo releases internet standard draft for using DNS as public key server
On Thu, May 20, 2004 at 10:07:43AM -0400, R. A. Hettinga wrote: [...] yahoo draft internet standard for using DNS as a public key server http://www.ietf.org/internet-drafts/draft-delany-domainkeys-base-00.txt This sounds quite a lot like the ideas outlined in a paper I co-authored in 1995, proposing the idea of a trustmaster for each domain, keyed to the DNA hierarchy. http://www.hedge.net/fields/projects/trust/trust.pdf http://www.hedge.net/fields/projects/trust/trustfig.pdf -- - Adam - http://www.adamfields.com - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: SSL accel cards
Does anyone know of an SSL acceleration card that actually works under Linux/*BSD? I've been looking at vendor web pages (AEP, Rainbow, etc), and while they all claim to support Linux, Googling around all I find are people saying Where can I get drivers? The ones vendor shipped only work on RedHat 5.2 with a 2.0.36 kernel. (or some similar 4-6 year old system), and certainly they don't (gasp) make updated versions available for download. Because someone might... what, steal the driver? Anyway... with openbsd, http://www.openbsd.org/crypto.html#hardware itojun - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: SSL accel cards
Does anyone know of an SSL acceleration card that actually works under Linux/*BSD? I successfully used a Broadcom PCI card on a Linux (don't remember what Linux and kernel version, this was close to 2 years ago). If I remember correctly it was the BCM5820 processor I used http://www.broadcom.com/collateral/pb/5820-PB04-R.pdf (the product sheet mentions support for Linux, Win98, Win2000, FreeBSD, VxWorks, Solaris). I was able to use it on a Linux and on a Windows (where I offloaded modexp operation from MSCAPI crypto provider). The Linux drivers where available from Broadcom upon request, there was also a crypto library that called the card via the drivers, but at the time I looked at it the code wasn't very stable (e.g. I had to debug the RSA key generation and send patches since it did not work at all, later versions had the key generation part working properly). The library might be stable by now. I also made the Broadcom chip work with OpenCryptoki on a Linux, I submitted the code for supporting Broadcom in OpenCryptoki. http://www-124.ibm.com/developerworks/oss/cvs/opencryptoki/ [] and certainly they don't (gasp) make updated versions available for download. Because someone might... what, steal the driver? Anyway... [] No, but they might find out how poorly written they are??? Don't know the reason... --Anton - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
ADMIN: sad but needed anti-spam measures being implemented
Moderator's Note: One of the main delays I have in moderating the list has been the massive increase in spam that has happened in the last six months. I have had to wade through first two or three spams per real list message, and then five or ten, and finally one hundred or more. Most days, I simply didn't have time or the stomach to deal with it. I was leaving the list with deliberately low levels of certain kinds of protection at the gate (like not blocking mail from non-subscribers) because I didn't want to stop announcements from third parties or anonymous contributions to the list. Unfortunately, I can no longer do that -- it has just become too difficult to deal with. As of yesterday, I implemented some low level blocks on the SMTP server the list is hosted on that prevent most unrepliable addresses from sending mail in. Within the next few days, I intend to block all postings from non-subscribing addresses or which contain certain kinds of content that I've been blocking anyway (such as HTML formatted email.) I realize this will inconvenience some of you, and I'm sorry about that, but I just can't deal with the work any more without taking some steps like this. At one time, I assumed that law enforcement needs would be the reason anonymity died on the internet, but now it appears that spammers have done the anti-privacy job for them. Perry - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: The future of security
At 09:36 AM 5/11/2004, Steven M. Bellovin wrote: In message [EMAIL PROTECTED], Ian Grigg writes: Security architects will continue to do most of their work with little or no crypto. And rightly so, since most security problems have nothing to do with the absence of crypto. j. a cryptographic solution for spam and viruses won't be found. This ties into the same thing: spam is *unwanted* email, but it's not *unauthorized*. Crypto can help with the latter, but only if you can define who is in the authorized set of senders. That's not feasible for most people. one of the issues has been that many crypto security solutions have been oriented towards hiding information. that may work with outsiders ... but traditionally, 90percent of fraud has been insiders ... and recent news last friday about study to be published was that interviewing something like 1000 people involved in identity theft cases ... it was determined that at least 70percent had some sort of employee involvement. in that sense ... the internet and introduction of the possibility of outsider related fraud ... has distracted/obfuscating focus from the real, long standing issues. my repeated observation that current generation of desktop systems were originally introduced to operate in a standalone environment where applications could be introduced that freely took over the whole machine. attempting to continue to satisfy the standalone ... total take-over requirements at the same time using the same platform for generalized interconnect to an increasingly hostile environment creates some diametrically opposing objectives. there have been some number of time-sharing systems from the 60s 70s that were designed from the ground up to handle multiple, concurrent users that potentially had conflicting, competitive, and/or opposing objectives (say multiple users from competing corporations and industrial secrets might be involved). these systems with designed in security from the ground-up have shown to be immune to many of the current day vulnerabilities and exploits. to some extent, there could be valid claims about attempts to use cryptography as bandaids to address fundamentally flawed infrastructures (or at least infrastructures that were specifically designed to not handle many of the existing situations that they have been used for) ... aka lets use bandaids to treat strep infections. -- Anne Lynn Wheelerhttp://www.garlic.com/~lynn/ - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: The future of security
In message [EMAIL PROTECTED], Anton Stiglic writes: - Original Message - From: Steven M. Bellovin [EMAIL PROTECTED] j. a cryptographic solution for spam and viruses won't be found. This ties into the same thing: spam is *unwanted* email, but it's not *unauthorized*. Crypto can help with the latter, but only if you can define who is in the authorized set of senders. That's not feasible for most people. Something like hashcash / client puzzles / Penny Black define a set of authorized email (emails that come with a proof-of-work), and then provide a cryptographic solution. This is not a full-proof solution (as described in the paper Proof-of-Work Proves Not to Work), but a good partial solution that is probably best used in combination with other techniques such as white-lists, Bayesian spam filters , etc... I think cryptography techniques can provide a partial solution to spam. The spammers are playing with other people's money, cycles, etc. They don't care. --Steve Bellovin, http://www.research.att.com/~smb - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
[ISN] REVIEW: Beyond Fear, Bruce Schneier
--- begin forwarded text Date: Wed, 26 May 2004 02:29:33 -0500 (CDT) From: InfoSec News [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: [ISN] REVIEW: Beyond Fear, Bruce Schneier Reply-To: [EMAIL PROTECTED] List-Id: InfoSec News isn.attrition.org List-Archive: http://www.attrition.org/pipermail/isn List-Post: mailto:[EMAIL PROTECTED] List-Help: mailto:[EMAIL PROTECTED] List-Subscribe: http://www.attrition.org/mailman/listinfo/isn, mailto:[EMAIL PROTECTED] Sender: [EMAIL PROTECTED] Forwarded from: Rob, grandpa of Ryan, Trevor, Devon Hannah [EMAIL PROTECTED] BKBYNDFR.RVW 20031219 Beyond Fear, Bruce Schneier, 2003, 0-387-02620-7, U$25.00/C$38.95 %A Bruce Schneier [EMAIL PROTECTED] %C 115 Fifth Ave., New York, NY 10003 %D 2003 %G 0-387-02620-7 %I Copernicus/Springer-Verlag %O U$25.00/C$38.95 800-842-3636 212-254-3232 fax: 212-254-9499 %O http://www.amazon.com/exec/obidos/ASIN/0387026207/robsladesinterne http://www.amazon.co.uk/exec/obidos/ASIN/0387026207/robsladesinte-21 %O http://www.amazon.ca/exec/obidos/ASIN/0387026207/robsladesin03-20 %P 295 p. %T Beyond Fear It is instructive to view this book in light of another recent publication. Marcus Ranum, in The Myth of Homeland Security (cf. BKMYHLSC.RVW) complains that the DHS (Department of Homeland Security) is making mistakes, but provides only tentative and unlikely solutions. Schneier shows how security should work, and does work, presenting basic concepts in lay terms with crystal clarity. Schneier does not tell you how to prepare a security system as such, but does illustrate what goes on in the decision-making process. Part one looks at sensible security. Chapter one points out that all security involves a balancing act between what you want and how badly you want it. An important distinction is also made between safety and security, and the material signals the danger of ignoring the commonplace in order to protect against the sensational but rare. Fundamental security concepts are outlined as well as risk analysis. Chapter two examines the effect (usually negative) that bias and subjective perceptions have on our inherent judgment of risks. Security policy is based on the agenda of the major players, and chapter three notes that we should evaluate security systems in that light. Part two reviews how security works. Chapter four introduces systems and how they fail. Know the enemy, in chapter five, is not just a platitude: Schneier shows how an understanding of motivations allows you to assess the likelihood of different types of attack. Chapter six is less focused than those prior: it notes that attackers reuse old attacks with new technologies, but it is difficult to find a central thread as the text meanders into different topics. Finding a theme in chapter seven is also difficult: yes, technology creates imbalances in existing power structures, and, yes, complexity and common mechanisms do tend to weaken security positions, but the relationships between those facts is not as lucidly presented as in earlier material. The point of chapter eight, that you always have to be aware of the weakest link in the security chain, even when it changes, is more straightforward, but the relevance of the illustrations surrounding it is not always obvious. Resilience in security systems is important, but it is not clear why this needs to be addressed in a separate chapter nine when it could have been discussed in eight with defence in depth (or class breaks and single-points-of-failure in seven). The hurried ending is also very likely to confuse naive readers in regard to fail-safe and fail- secure: Schneier does not sufficiently stress the fact that the two concepts are not only different, but frequently in conflict. Chapter ten notes that people are both the strongest and weakest part of security: adaptable and resilient but terrible at detail; frequently surprisingly intuitive but often randomly foolish. At this point the book is not only repetitive, but loses some of its earlier focus and structure. Detection and prevention are examined, in chapter eleven, not as part of the classic matrix of controls, but as yet another example or aspect of resilience. Most of the rest of the types of controls in the preventive/detective axis are listed in chapter twelve, lumped together as response. Chapter thirteen looks at identification, authentication, and authorization (but not accountability, which was seen, in the form of audit, in chapter eleven). Various types of countermeasures are described in chapter fourteen. Countermeasures with respect to terrorism are examined, in chapter fifteen, both in general terms and in light of the events of 9/11. What works is discussed, as well as what does not, and there is an interesting look at the different roles of the media in the US as contrasted with the UK. Part three, entitled The Game of Security, is not clear as to purpose. Chapter sixteen starts off by
Re: The future of security
In message [EMAIL PROTECTED], Ben Laurie writes: Steven M. Bellovin wrote: In message [EMAIL PROTECTED], Anton Stiglic write s: - Original Message - From: Steven M. Bellovin [EMAIL PROTECTED] j. a cryptographic solution for spam and viruses won't be found. This ties into the same thing: spam is *unwanted* email, but it's not *unauthorized*. Crypto can help with the latter, but only if you can define who is in the authorized set of senders. That's not feasible for most people. Something like hashcash / client puzzles / Penny Black define a set of authorized email (emails that come with a proof-of-work), and then provide a cryptographic solution. This is not a full-proof solution (as described in the paper Proof-of-Work Proves Not to Work), but a good partial solution that is probably best used in combination with other techniques such as white-lists, Bayesian spam filters , etc... I think cryptography techniques can provide a partial solution to spam. The spammers are playing with other people's money, cycles, etc. They don't care. We took that into account in the paper. Perhaps you should read it? http://www.dtc.umn.edu/weis2004/clayton.pdf We're saying something different. If I understood your paper correctly, it says, more or less, that setting the cost high enough to reduce spam will make the cost too high for legitimate users. My point is that even if you do raise the cost high enough, they'll become more aggressive at 0wning machine so that they can throw more (stolen) cylces or (stolen) zorkmids at the problem. The economic question, then, is what is the cost of compromising enough new machines. Given the code base and the user behavior that we see in the field, my answer is pretty low. The consequence, in your metric, would be an increase in C, which would further inconvenience legitimate users, thus creating a feedback loop. --Steve Bellovin, http://www.research.att.com/~smb - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: The future of security
Ben Laurie wrote: Steven M. Bellovin wrote: The spammers are playing with other people's money, cycles, etc. They don't care. We took that into account in the paper. Perhaps you should read it? http://www.dtc.umn.edu/weis2004/clayton.pdf (Most of the people on this list are far too professional and busy to fall for that. If the argument has merit, please summarise it. If it really has merit, the summary might tease people into reading the full paper.) I for one don't see it. I like hashcash as an idea, but fundamentally, as Steve suggests, we expect email from anyone, and it's free. We have to change one of those basic features to stop spam. Either make it non-free, or make it non-authorised. Hashcash doesn't achieve either of those, although a similar system such as a payment based system might achieve it. Mind you, I would claim that if we change either of the two fundamental characteristics of email, then it is no longer email. For this reason, I predict that email will die out (ever so slowly and painfully) to be replaced by better and more appropriate forms of chat/IM. iang - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Microsoft Plans Security Perks for SQL Server 2005
http://www.internetnews.com/dev-news/article.php/3358991 Internet News May 25, 2004 Microsoft Plans Security Perks for SQL Server 2005 By Clint Boulton Little by little, Microsoft (Quote, Chart) is peeling away the layers of SQL Server 2005, the company's forthcoming database server software. The Redmond, Wash., software giant unveiled new native security encryption and decryption support as well as government security certification. Operating under the Do More with Less mantra at its TechEd 2004 conference in San Diego, Calif., Microsoft is touting more capabilities, reliability and security at less cost and complexity for the duration of the show. Along those lines, Tom Rizzo, director of product management for SQL Server, said the company is writing complex encryption and decryption functionality directly into the product so customers don't have to procure security features from a third party, or roll their own when the product becomes generally available next year. The idea is to make the already successful product more attractive to customers, not only by making it more secure, but by saving users any time or labor associated with building complicated security software. While rivals Oracle (Quote, Chart) and IBM (Quote, Chart) offer security features in their database software, Rizzo told internetnews.com they aren't doing encryption and decryption and key management the way Microsoft plans to do it for SQL Server 205. Data encryption and decryption and key management is not for the faint of heart. This is the harder part of encryption and decryption that our competitors do not do, Rizzo said. So imagine the scenario where you want to have your data encrypted so that just in case someone breaks in, they can't pull the data out. Rizzo said one of the catalysts for Microsoft adding the features to the forthcoming SQL Server 2005 is the increase of data privacy laws in the U.S. States such as California are calling for sensitive data to be protected like never before, which led the SQL Server team to turn to encryption/decryption features. More broadly, Microsoft has taken its lumps from skeptics critical about its ability to secure products. Success in this area for its keystone database software could bolster the company's tarnished reputation for offering safe products. Along those lines, Rizzo said Microsoft will put SQL Server 2005 through the government's Common Criteria certification, a stringent procedure for securing computer software developed by the National Security Administration. Common Criteria, which covers auditing, security and Social Security documentation, is an important certification because enterprises want to be able to do business with government agencies, which won't reciprocate unless certain standards of quality are met. With the final release delayed along with Whidbey until early 2005, the second beta of SQL Server 2005 is due this summer, with a third beta following by the end of the year. The third beta is expected to have advanced Data Transformation Services or extraction, transform and load integration features, that outdo anything ETL (define) vendors are currently providing. In related database news, Rizzo said Microsoft has finished the final version of SQL Server Best Practices Analyzer, a performance tool that employs a number of rules, or best practices while scanning SQL servers to help database administrators better maintain the product. The software tool automatically scans design, implementation and backup strategies for DBAs. Rizzo said the November beta topped 40,000 downloads. Best Practices Analyzer includes SQL 2005 Upgrade Advisor, which will scan SQL Server 2005 systems when they become available next year. -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire' - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
ADMIN: subscribers only posting
Moderator's Note: As of now, if you want to be able to send a message to the list, you have to be a subscriber. Otherwise, the message will bounce at the SMTP transaction with my mail server. The old fashioned method of forwarding non-member posts to the moderator (me) for approval was swamping me with too much spam to wade through. Those of you who habitually post from an address other than the one you are subscribed under can ask me to put you on a special list of people who can post but are not subscribed. I apologize for the inconvenience, but things were just too difficult to deal with any other way. Perry PS Jon Postel's be conservative in what you send, and liberal in what you receive is dead. I miss it, and the sort of network it was a part of... - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]