RE: Microsoft .NET PRNG (fwd)
There is some detail in the FIPS 140 security policy of Microsoft's cryptographic provider, for Windows XP and Windows 2000. See for example http://csrc.nist.gov/cryptval/140-1/140sp/140sp238.pdf where they say the RNG is based on FIPS 186 RNG using SHS. The seed is based on the collection of allot of data, enumerated in the security policy. I would guess that what is written is true, less NIST would look very bad if someone reversed engineered the code and showed that what they certified was wrong. So based on that it would seem that the PRNG in recent Microsoft cryptographic providers is o.k. --Anton - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Cryptography and the Open Source Security Debate
From: lrk [EMAIL PROTECTED] Sent: Aug 6, 2004 1:04 PM To: R. A. Hettinga [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: Cryptography and the Open Source Security Debate ... More dangerous is a key generator which deliberately produces keys which are easy to factor by someone knowing a secret. These should be found in open source but I suggest many reviewers could miss this and again the group think would probably cause most not to even look. So, how many people on this list have actually looked at the PGP key generation code in any depth? Open source makes it possible for people to look for security holes, but it sure doesn't guarantee that anyone will do so, especially anyone who's at all good at it. --John - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
How a Digital Signature Works
http://www.businessweek.com/print/technology/content/aug2004/tc20040810_3053_tc024.htm?tc Business Week AUGUST 10, 2004 NEWS ANALYSIS :TECH By Stephen H. Wildstrom How a Digital Signature Works Microsoft's new Service Pack makes life tough for programs lacking the proper electronic credentials. Here's why A technology called public key cryptography makes it possible for you to make sure that the publisher of any piece of software that claims to be from Microsoft (MSFT ) or any other publisher really came from there. It has the added benefit of insuring that the contents weren't maliciously altered or damaged in transmission. Here's how it works: The publisher first has to obtain a digital certificate from a recognized certificate authority or CA (VeriSign (VRSN ) is the largest and best known CA in the U.S.). The publisher receives a private and a public key, each of which is a long number of about 300 digits. These are used to create a digital signature for each program (see BW Online, 8/10/04, Windows of Vulnerability No More?). When the software is ready to be posted for download, the publisher runs it through a mathematical process called a one-way hash which reduces it to a long number called the message digest. The message digest is then encrypted using the publisher's private key, and the result, which looks like a string of gibberish when displayed, is appended to the program when it's downloaded. HASH SLINGING. The trick of public key encryption -- the best known approach is called RSA for the initials of its inventors -- is that one key can be used to scramble the data while a different, mathematically related, key is used to unscramble it. When you download a digitally signed program, the first thing your computer does is check the Web site's digital certificate. It then queries the CA that issues the certificate to make sure it's still valid and to obtain the public key. When the download is complete, your computer uses the public key to decrypt the message digest. It also runs the same one-way hash procedure on the downloaded software. If everything is as it should be, the decrypted message digest and the one just created should be identical. If they differ by a single bit, something is wrong and the downloaded software will be rejected. For the curious, here's the message digest of the five paragraphs above (as plain text), created using the MD5 algorithm from RSA Data Security Inc: c21196eb8e026d47a67883d746c72c8d. Wildstrom is Technology You columnist for BusinessWeek. Follow his Flash Product Reviews, only at BusinessWeek Online -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire' - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: How a Digital Signature Works
NEWS ANALYSIS :TECH By Stephen H. Wildstrom How a Digital Signature Works Is this a count the errors contest? I count six. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Microsoft .NET PRNG (fwd)
The PRNG should be the least concern when using MSFT's cryptographic provider. The MSFT report 140sp238.pdf says: RSAENH stores keys in the file system, but relies upon Microsoft Windows XP for the encryption of the keys prior to storage. Not only RSAENH writes keys to a lower-security file system... it also does not provide the encryption security to protect those keys. Because RSAENH trusts Windows XP to provide that critical link in the security, RSAENH cannot be trusted to provide the security. In addition, there is a third problem in securing the keys, namely the security gap between RSAENH and Windows XP. The most troubling aspect, however, is that RSAENH makes it easy to provide a covert channel for key access. FIPS 140-1 Level 1 compliant. Cheers, Ed Gerck Anton Stiglic wrote: There is some detail in the FIPS 140 security policy of Microsoft's cryptographic provider, for Windows XP and Windows 2000. See for example http://csrc.nist.gov/cryptval/140-1/140sp/140sp238.pdf where they say the RNG is based on FIPS 186 RNG using SHS. The seed is based on the collection of allot of data, enumerated in the security policy. I would guess that what is written is true, less NIST would look very bad if someone reversed engineered the code and showed that what they certified was wrong. So based on that it would seem that the PRNG in recent Microsoft cryptographic providers is o.k. --Anton - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]