@stake wows the wireless rubes...
--- begin forwarded text Status: U Date: Wed, 13 Mar 2002 03:17:48 -0600 (CST) From: InfoSec News [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: [ISN] New Attack Intercepts Wireless Net Messages Sender: [EMAIL PROTECTED] Reply-To: InfoSec News [EMAIL PROTECTED] http://www.eweek.com/article/0,3658,s=1884a=23806,00.asp March 11, 2002 By Dennis Fisher and Carmen Nobel It's the stuff of Popular Science. A group of security researchers has discovered a simple attack that enables them to intercept Internet traffic moving over a wireless network using gear that can be picked up at any electronics store and an easily downloadable piece of freeware. The attack, accomplished by @Stake Inc., a security consulting company in Cambridge, Mass., affects a popular consumer version of Research In Motion Ltd.'s BlackBerry devices as well as a variety of handhelds that send unencrypted transmissions over networks such as Mobitex. By design, the Mobitex specification, like other wireless standards such as Global System for Mobile Communications and General Packet Radio Service, sends packets in unencrypted form. The network, which handles data transmissions only, has been in operation since 1986 and has a large base of installed devices, with customers using it for everything from point-of-sale verification to e-mail. The attack is fairly simple, said Joe Grand, one of the researchers who perfected the technique. The problem is, this isn't a bug. It's part of the spec that data is transmitted in the clear, just like it's part of the spec that Internet data is transmitted in the clear. The risk depends on who is using the network and when and what data they're sending. Using a scanner with a digital output, an antenna and freely downloadable software, the researchers were able to intercept traffic destined for BlackBerry Internet Edition devices. And, because the packets aren't encrypted, the attackers can read the messages they intercept without further work. The Internet Edition handhelds are sold mainly through co-branding relationships with ISPs such as AOL Time Warner Inc.'s America Online service, EarthLink Inc. and Yahoo Inc. Executives at RIM said they don't see the attack as a problem because they have never touted the Internet Edition devices as being secure. Internet traffic isn't supposed to be secure, said Jim Balsillie, chairman and co-CEO of RIM. It's kind of like a company making beer and cola and someone saying that there's alcohol in the company's drinks when the children are drinking cola. However, the attack serves as a reminder to users that e-mail and other Internet traffic is open to snooping and is inherently insecure. I always figure that anything that's sent via e-mail can be read by at least hundreds of people which have either legitimate or compromised access to systems sitting between me and my recipient; this just adds another potential access point, said Christopher Bell, chief technology officer of People2People Group, a relationship services company in Boston, and a user of the BlackBerry Internet Edition. I am disappointed that they didn't make at least a modest attempt to obscure the content. Balsillie said the messages are only as secure as the networks of the ISPs that relay them, none of which provide encrypted e-mail. Chris Darby, CEO of @Stake, said RIM has done a thorough job including security in its other devices, which use a server that sits behind corporate firewalls. RIM is incredibly progressive about the way they're addressing security in their Enterprise Edition, Darby said. The attack also applies to other devices on the Mobitex network, many of which are proprietary solutions developed for in-house corporate uses. This attack does not work on the BlackBerry Enterprise Edition, which uses Triple Data Encryption Standard encryption in addition to other security features, @Stake officials said. Typically, Mobitex operators will advise customers that they should choose the security scheme that fits their particular needs, said Jack Barse, executive director of the Mobitex Operators Association, based in Bethesda, Md. It was a conscious decision not to put network-level security in because customers have said that they don't want the overhead associated with security if they're just doing things like instant messages. Customers can absolutely add on their own encryption to whatever application they're using [the network] for. And we encourage that. - ISN is currently hosted by Attrition.org To unsubscribe email [EMAIL PROTECTED] with 'unsubscribe isn' in the BODY of the mail. --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of
NDS Denies Counterfeiting Charges By Canal Plus, Plans Countersuit
http://online.wsj.com/article_print/0,4287,SB101597625854059480,00.html March 13, 2002 EUROPEAN BUSINESS NEWS NDS Denies Counterfeiting Charges By Canal Plus, Plans Countersuit By BRUCE ORWALL Staff Reporter of THE WALL STREET JOURNAL WAR IN TV LAND Canal Plus Alleges NDS Helped Steal Digital-TV Broadcasts1 03/12/02 COMPANIES Dow Jones, Reuters News Corp. Ltd. ADS (NWS) PRICE CHANGE U.S. dollars28.38 -0.57 12:59 p.m. NDS Group PLC ADS (NNDS) PRICE CHANGE U.S. dollars17.60 0.65 1:02 p.m. Vivendi Universal ADS (V) PRICE CHANGE U.S. dollars39.30 -0.25 12:57 p.m. * At Market Close News Corp.'s NDS Group PLC denied allegations that it contributed to the counterfeiting of satellite-TV smart cards made by rival Vivendi Universal SA's Canal Plus Group, even as NDS shares dropped 26% on news of the allegation. Both NDS, based in Britain, and Canal Plus make conditional access software that is used in conjunction with set-top boxes to protect digital television signals from being stolen by consumers who haven't paid to receive them. On Monday, Canal Plus filed a federal lawsuit in San Jose, Calif., charging that NDS had contributed directly to the counterfeiting of its smart cards by breaking the computer code embedded in them, then arranging to have that code distributed on the Internet. Canal Plus, of Paris, said the result was widespread counterfeiting of its card, causing it to lose hundreds of millions of dollars in revenue from the Canal Plus pay-TV systems it operates throughout Europe. NDS, of London, called the lawsuit outrageous and baseless and said it plans a countersuit. NDS President and Chief Executive Officer Abe Peled said that Canal Plus's real problem is the inferior nature of its smart cards and what he called Canal Plus's failure to protect its business from piracy. He also suggested that Canal Plus is trying to deflect attention from the poor financial performance of Canal Plus Group, which hasn't been profitable for several years. While NDS denied that it had anything to do with distributing the Canal Plus code, it said that it does reverse engineer the cards produced by competitors to understand how they work and to advance NDS's own efforts. But Mr. Peled said the company doesn't disseminate such information: We have no involvement with their piracy problem, he said. In 4 p.m. trading on the Nasdaq Stock Market Tuesday, NDS's American depositary receipts were down $6.05 to $16.95. Counterfeiting of smart cards has been a problem for satellite-TV operators, but especially for Canal Plus, which concedes that millions of counterfeit cards are available throughout Europe. The breakout of a nasty public battle between large media companies over a piracy issue is rare as everyone in the industry agrees that piracy is a tough problem for them all. Publicly traded NDS is 80%-owned by News Corp., and a number of News Corp. executives sit on its board. Now that this fight has erupted into the public arena, it is clear that it will be hard-fought on both sides. NDS's Mr. Peled made several allegations of his own Tuesday. He said that late last year Canal Plus Technologies approached NDS to propose what he described as a merger. Mr. Peled said NDS indicated it was interested in exploring such a transaction. But then, according to Mr. Peled, they showed up with a lawyer and attempted to gain leverage in these negotiations based on these baselessallegations. Mr. Peled said that in the course of the discussions Canal Plus conceded that it, too, extracts the computer code from competitors' smart cards. Mr. Peled said that during the course of the merger discussions Canal Plus identified an NDS employee who it said was involved in distributing the smart-card code. Now, NDS said, Canal is trying to hire that employee. In its planned countersuit, NDS said it intends to allege tortious interference in that case and with other employment and contractual relationships of NDS. Canal Plus Technologies Chairman and Chief Executive Francois Carayol rebutted Mr. Peled's claims on every point. He said emphatically that Canal Plus neither now nor ever did reverse engineer its competitors' smart cards. He said the merger discussions were started by NDS in September but never advanced after Canal made its piracy allegations to NDS in December. Canal also said it hasn't offered jobs to NDS employees. Write to Bruce Orwall at [EMAIL PROTECTED] URL for this article: http://online.wsj.com/article/0,,SB101597625854059480.djm,00.html Hyperlinks in this Article: (1) http://online.wsj.com/article/0,,SB1015883213118362160,00.html (2) mailto:[EMAIL PROTECTED] Updated March 13, 2002 Copyright 2002 Dow Jones Company, Inc. All Rights Reserved Printing, distribution, and use of this material is governed by your Subscription agreement and Copyright laws. For information about subscribing go to http://www.wsj.com -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet
[ISN] Cryptography: Its not just about keeping things secret
--- begin forwarded text Status: U Date: Thu, 14 Mar 2002 01:43:59 -0600 (CST) From: InfoSec News [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: [ISN] Cryptography: Its not just about keeping things secret Sender: [EMAIL PROTECTED] Reply-To: InfoSec News [EMAIL PROTECTED] http://bermudasun.bm/cgi-local/edpull.pl?cat=03Businessord=03ed=2002-03-13 By Robin Holder Business from 2002-03-13 Edition BERMUDA IS actively promoting itself as a jurisdiction for offshore E-commerce, according to Nicko van Someren, the general chair of the International Financial Cryptography Conference (FC 02) taking place at Sonesta Beach Resort this week. The sixth annual conference, organized by the International Financial Cryptography Association, is bringing together cryptographers, technologists, businesses, bankers and lawyers. It is the only international gathering dedicated to the understanding of cryptography - the science of encoding messages - and its relevance to international finance. Cryptography is not just about encryption codes and keeping things secret. It's about authentication, finding out about the person on the other end of the line, integrity checking and ensuring confidentiality, van Someren, also chief technology officer of nCipher Corp., said. For cryptography to be effective, protocols have to developed in conjunction with functions such as online shopping and sending confidential E-mail, van Someren added. This conference looks at cryptography as applied to all aspects of finance. That might mean anything as simple as retail E-commerce right through to more complex issues like the validity of digital contracts and defining digital currencies which have some of the properties of physical currencies, van Someren said. He said people have been examining the technical aspects of anonymous cash systems for some years but there is a danger since totally anonymous cash systems could be used as tools for money laundering. The conference is a convergence of cryptography as applied to finance in the broader sense. It might be payment processing on the Internet, or it might be managing the digital rights of people creating digital media or protecting people from identity theft, van Someren said. The conference was first held six years ago in Anguilla but this is the first time it is being held in Bermuda. Addressing delegates so far have been Renee Webb, the Minister of Telecommunications and E-commerce and Nigel Hickson, E-business consultant to the Ministry. There are data protection issues that surround the OECD's (Organization for Economic Cooperation and Development) treaty on tax law harmonization and the cryptography involved in E-commerce has significant implications for that, van Someren said. - ISN is currently hosted by Attrition.org To unsubscribe email [EMAIL PROTECTED] with 'unsubscribe isn' in the BODY of the mail. --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire' - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
USENIX Smart Card Research and Advanced Application Conference
This information is from http://www.usenix.org/events/cardis02/cfp/ and there is more info at that url. Fifth Smart Card Research and Advanced Application Conference November 20-22, 2002 Hyatt Ste. Claire, San Jose, California, USA Sponsors IFIP Working Group 8.8 (Smart Cards) USENIX, the Advanced Computing Systems Association Important Dates Submissions due: June 24, 2002 Notification of acceptance: August 12, 2002 Camera-ready final papers due: September 23, 2002 Overview Smart card research is of increasing importance as the need for information security increases rapidly, especially in response to new, urgent demands. Since 1994, CARDIS has been the premier international research conference dedicated to smart cards and their applications. CARDIS '02, the joint IFIP/USENIX International Conference on Smart Card Research and Advanced Applications, constitutes the Fifth IFIP CARDIS conference and the Second USENIX conference on Smart Card Technology. Like its predecessors, CARDIS '02 will bring together researchers and practitioners in the development and deployment of smart card systems and technologies. Aims and Goals The portability, processing power, and tamper resistance of smart cards offers a platform for secure conditional access to information and applications. Smart cards significantly extend the scope of distributed systems by providing a trusted platform for cryptographically secured computation and storage. Notwithstanding their long history, relative to modern computing, the applicability of smart cards in distributed systems remains an untapped resource, limited mainly by our imagination and understanding. Here lie vast uncovered research areas that will have a huge impact on the eventual success of the technology. The research challenges span many domains, including hardware design, cryptographic applications, distributed system architecture, and formal modeling. Unlike events devoted to commercial and application aspects of smart cards, the CARDIS conferences bring together researchers who are active in all aspects of the design, validation, and application of smart cards. The breadth of smart card research stimulates a synergy among disparate research communities, making CARDIS an ideal opportunity to present the latest research advances. Call for Papers The program committee seeks papers describing the design, application, and validation of smart card technologies. Submissions across a broad range of smart card development phases are encouraged, from exploratory research and proof-of-concept studies to practical application and deployment of smart card technology. Topics The following topics are of particular interest to the program committee: * Application loading * Smart card operating systems * Virtual machines * Integrated development environments * High-speed, small-footprint encryption * Cryptographic accelerators * On-card data sharing schemes * Smart cards in the Internet * Automatic mask generation * Emerging opportunities for standardization * Smart tokens and other competing technologies * Alternative form factors for smart card chips * Smart card application program interfaces * Trends in smart card hardware * Research in tamper-resistance * Hardware and software certification * Security validation and benchmarks * Biometrics involving smart cards -- - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Attention PGP Customers, Important information concerning E-Business Server
--- begin forwarded text Status: U Date: Fri, 15 Mar 2002 08:02:49 -0800 From: Network Associates [EMAIL PROTECTED] Reply-To: Network Associates [EMAIL PROTECTED] Subject: Attention PGP Customers, Important information concerning E-Business Server To: [EMAIL PROTECTED] [This message is brought to you as a subscriber to the Network Associates or PGP websites. To unsubscribe, please follow the instructions at the bottom of the page.] March 15, 2002 Dear Customer, As you know, we recently integrated several products from the PGP Security business unit into McAfee. These PGP Security products continue to be developed and sold by McAfee: PGP E-Business Server is now McAfee E-Business Server PGP E-Business Server Point-2-Point is now McAfee E-Business Server Partner Edition PGP E-Business Server for OS/390 is now McAfee E-Business Server for OS/390 PGPfire ASaP is now McAfee Desktop Firewall ASaP PGPfire is now McAfee Desktop Firewall PGPvpn will become McAfee VPN Client PGP encryption is retained and continues as the encryption engine within E-Business Server. Network Associates recently announced the official closure of the PGP Security. We have sold the Gauntlet VPN and Firewall products to Secure Computing. Because we have not found an appropriate buyer for PGP Corporate Desktop product bundle, PGPmail, PGPdisk and file, PGPKeyserver and PGPwireless, they have been put into maintenance mode. However, the products that we have integrated into McAfee are unaffected by this change. In fact, we have made and will be making exciting announcements on these products that will benefit our customers by extending the ease of use, ease of management, and platform support for these products. McAfee Desktop Firewall 7.5 and McAfee ThreatScan 2.0 in Beta Desktop Firewall 7.5 allows customers to protect against hackers, blended threats, virus spread, and bandwidth-depleting network traffic. ThreatScan 2.0 enables anti-virus administrators to quickly understand where the vulnerable devices, operating systems and applications are on their networks to proactively reduce risks from viruses and blended threats. Both of these products use our market-leading ePolicy Orchestrator 2.5 management console. Find out more at http://www.mcafeeb2b.com/beta McAfee E-Business Server Simplifying the end userís and developerís ability to protect data, McAfee has now added two more E-Business Server, formerly PGP E-Business Server, family products that we will continue to develop and use PGP encryption. We recently announced McAfee E-Business Client, which enables an end user to drag and drop to encrypt and send data using a pre-configured client. Also, more developers are now able to protect data with encryption by using the Visual Basic, Perl and Java native APIs within their existing applications. The applications for these products include protecting healthcare data, financial transactions, insurance records and Web-based customer credit card transactions on vulnerable Web servers. Find out more at: http://www.mcafeeb2b.com/aboutmcafeeb2b/pressroom We are also promoting our newly re-branded McAfee E-Business Server on mainframe platforms (OS/390), and the addition of Linux for S/390 and zSeries at the SHARE.org conference starting March 3 in Nashville, TN (Booth 107). Find out more at http://www.mcafeeb2b.com/products/ebusiness.asp. If you have any further questions regarding these product changes, contact your sales representative, call us at 1-888- VIRUS-NO or contact us online at www.mcafeeb2b.com. We will continue to provide the best security and availability solutions for your network. Regards, Art Matin, President, McAfee Security This information update is available at no charge to all registered users of Network Associates website. * To cancel this update, send us a reply with the words unsubscribe [EMAIL PROTECTED] in the subject line with the original message attached. * To change your email address, send us a reply with the words, change-address in the subject line. In the body of the message include your old and new email addresses with the original message. Use the following format for email changes: OLD: [EMAIL PROTECTED] NEW: [EMAIL PROTECTED] __ This message was sent by Network Associates, Inc. using Responsys Interact (TM). If you prefer not to receive future e-mail from Network Associates, Inc.: http://nai.rsc01.net/servlet/optout?gHpgJDVAWEkHoFpINJDJhtE0 To view our permission marketing policy: http://www.rsvp0.net --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation
Fwd: [BAWUG] AirTraq Mailing List announcement
--- begin forwarded text Status: U Date: Sat, 16 Mar 2002 17:14:27 + To: [EMAIL PROTECTED] From: Fearghas McKay [EMAIL PROTECTED] Subject: Fwd: [BAWUG] AirTraq Mailing List announcement Reply-To: Usual People List [EMAIL PROTECTED] Sender: [EMAIL PROTECTED] List-Subscribe: mailto:[EMAIL PROTECTED] --- begin forwarded text From: wireless lan [EMAIL PROTECTED] To: [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: [BAWUG] AirTraq Mailing List announcement X-Original-Date: Fri, 15 Mar 2002 19:22:38 -0800 (PST) Date: Fri, 15 Mar 2002 19:22:38 -0800 (PST) Hi All, I dearly appreciate all these mailing list I subscribe. A bunch of friend and I opened a new one _dedicated_ to wireless security research. It's not wlan specific: these last days we spoke about GSM, telco wireless networks auth, wlan DoS, 802.11b spoofing methods. Here is the mailing list description, if you are interested, feel free to join :) Also we are going to make some AirTraq workshop (here in San Francisco, some will probably also happen in Bangkok, London and Paris where we have some AirTraq members) to demonstrate known problems (hands on for everyone interested) and to investigate new issues, discuss ideas... - - - AirTraq - Wireless Security Research Discussion in this group relate to wireless security, wardriving, GSM networks, GPRS, 802.11b and .11a security, WEP, hiperlan2, spread spectrum, WAP, bluetooth, UMTS and 3G, UWB, RIM Blackberry, VSAT, DVB... This list is created in the spirit of BugTraq to provide a forum for full disclosure on wireless security. [EMAIL PROTECTED] http://groups.yahoo.com/group/airtraq - - - Best regards, Philippe. -- Philippe Langlois http://www.wavesecurity.com __ Do You Yahoo!? Yahoo! Sports - live college hoops coverage http://sports.yahoo.com/ -- general wireless list, a bawug thing http://www.bawug.org/ [un]subscribe: http://lists.bawug.org/mailman/listinfo/wireless --- end forwarded text --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire' - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: DNA-Based Computer Solves Truly Huge Logic Problem
--- begin forwarded text Status: U Date: Sat, 16 Mar 2002 14:16:31 -0800 To: [EMAIL PROTECTED] From: Bill Stewart [EMAIL PROTECTED] Subject: Re: DNA-Based Computer Solves Truly Huge Logic Problem Sender: [EMAIL PROTECTED] At 01:44 PM 03/15/2002 -0600, James Choate wrote: http://unisci.com/stories/20021/0315023.htm and many of you autodeleted or ignored it, because it's just Jim forwarding stuff again. However, it had a catchy title, and sure enough, Len Adleman is up to new tricks - this time he's gotten a DNA computer to solve a problem instance with 2**20 possible values. It looks like the popular 3-SAT problem which many NP-complete problems are easily resolved to. The real article is in Science, the AAAS journal, but the unisci.com article doesn't give a real footnote to it. Now, if he'd pointed us to Slashdot, http://slashdot.org/article.pl?sid=02/03/16/1353240mode=threadtid=126 we'd have the references to http://physicsweb.org/article/news/6/3/11 , which says (R Braich et al 2002 Science to appear), a comment by someone who talked to one of the researchers, confirming that, yes, it was a 24-clause 20-variable 3-SAT problem, and references to USC News (Adleman works at USC) http://uscnews.usc.edu/usctoday/action.lasso?-database=USCToday.fmp-response=Detail.html-logicalOp=and-recID=35637-search which has a slightly longer version of the article that _does_ have references, including http://www.sciencemag.org/sciencexpress/recent.shtml which (for a free registration) will let you see the *real* article. But Jim knows y'all can read slashdot for yourselves :-) --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire' - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Knuth on crypto...
--- begin forwarded text Status: U From: Nomen Nescio [EMAIL PROTECTED] Comments: This message did not originate from the Sender address above. It was remailed automatically by anonymizing remailer software. Please report problems or inappropriate use to the remailer administrator at [EMAIL PROTECTED]. To: [EMAIL PROTECTED] Subject: Knuth needs killing Date: Sun, 17 Mar 2002 05:50:20 +0100 (CET) Sender: [EMAIL PROTECTED] Question: What do you think of research in cryptographic algorithms? And what do you think of efforts by politicians today to put limits on ryptography research? Knuth: Certainly the whole area of cryptographic algorithms has been one of the most active and exciting a reas in computer science for the past ten years, and many of the results are spectacular and beautiful. I cant claim that Im good at that particular subject, though, because I cant think of sneaky attacks myself. But the key problem is, what about the abuse of secure methods of communication? I dont want criminals to use these methods to become better criminals. Im a religious person, and I think that God knows all my secrets, so I always feel that whatever Im thinking is public knowledge in some way. I come from this kind of background. I dont feel I have to encrypt everything I do. On the other hand, I would certainly feel quite differently if somebody started to use such openness against me, by stealing my bank accounts or whatever. So I am supportive of a high level of secrecy. But whether it should be impossible for the authorities to decode things even in criminal investigations, in extreme casesthere I tend to come down on the side of wanting to have some way to break some keys sometimes. --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire' -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire' - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Omniscient Cryptanalysis... (was Re: Knuth needs killing)
...or, Newby's Rejoinder to Knuth's Paradox. This is just about the funniest thing I've read on cryptography in months. Maybe years. Outstanding. Laugh-out-loud funny. Somewhere, I bet even St. Anselm is laughing, and Bishop Berkeley is pouring himself a stiff one... Still grinning, RAH --- begin forwarded text Status: U Date: Sun, 17 Mar 2002 09:53:21 -0500 From: Greg Newby [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: Knuth needs killing User-Agent: Mutt/1.3.27i Sender: [EMAIL PROTECTED] Knuth used to be a logical man. What happened? (Religious) Logic: - God knows all of Knuth's secrets, thus Knuth's keys are public - Knuth is a man, and God knows all men - Therefore, God knows all of everyone's secrets, and all keys are public So what's the problem? All law enforcement needs to do, in the case of urgent need to get keys, is pray. It doesn't matter how tough the crypto is, and the NSA doesn't even need to be consulted. We already know that the God is on the US' side, so we know this technique won't work for the foreign pagans. In this case, a little less separation of church state might serve us well -- Greg On Sun, Mar 17, 2002 at 05:50:20AM +0100, Nomen Nescio wrote: Question: What do you think of research in cryptographic algorithms? And what do you think of efforts by politicians today to put limits on ryptography research? Knuth: Certainly the whole area of cryptographic algorithms has been one of the most active and exciting a reas in computer science for the past ten years, and many of the results are spectacular and beautiful. I cant claim that Im good at that particular subject, though, because I cant think of sneaky attacks myself. But the key problem is, what about the abuse of secure methods of communication? I dont want criminals to use these methods to become better criminals. Im a religious person, and I think that God knows all my secrets, so I always feel that whatever Im thinking is public knowledge in some way. I come from this kind of background. I dont feel I have to encrypt everything I do. On the other hand, I would certainly feel quite differently if somebody started to use such openness against me, by stealing my bank accounts or whatever. So I am supportive of a high level of secrecy. But whether it should be impossible for the authorities to decode things even in criminal investigations, in extreme casesthere I tend to come down on the side of wanting to have some way to break some keys sometimes. --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire' - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
[Mnet-devel] Experiences Deploying a Large Scale EmergentNetwork
--- begin forwarded text Status: U To: [EMAIL PROTECTED] From: Zooko [EMAIL PROTECTED] Reply-to: Zooko [EMAIL PROTECTED] Subject: [Mnet-devel] Experiences Deploying a Large Scale Emergent Network Sender: [EMAIL PROTECTED] List-Help: mailto:[EMAIL PROTECTED]?subject=help List-Post: mailto:[EMAIL PROTECTED] List-Subscribe: https://lists.sourceforge.net/lists/listinfo/mnet-devel, mailto:[EMAIL PROTECTED]?subject=subscribe List-Id: mnet-devel.lists.sourceforge.net List-Archive: http://www.geocrawler.com/redir-sf.php3?list=mnet-devel Date: Sun, 17 Mar 2002 05:46:20 -0800 I gave a talk about my experiences with Mojo Nation at the First International Workshop on Peer-to-Peer Systems [1] recently. Here is the position paper that accompanied the talk: Experiences Deploying a Large Scale Emergent Network http://www.cs.rice.edu/Conferences/IPTPS02/188.pdf While speaking in front of this small audience of eminent systems researchers, and while answering their questions, I realized that a simple hack should make a big difference in the overall reliability of the file space: do not publish data to a server unless you have seen that server before, more than one hour ago! And more generally, use the age and average availability of a server as a general heuristic for preferring to publish to him. This was idea was inspired by a DHT (distributed hash table) design named Kademlia that I really like: [2]. See my paper to understand why this heuristic would make such a big difference. It is easy to implement something like this using a handicapper, and I intend to do it for the next Mnet release. Regards, Zooko [1] http://www.cs.rice.edu/Conferences/IPTPS02/ [2] http://www.cs.rice.edu/Conferences/IPTPS02/109.pdf --- zooko.com Security and Distributed Systems Engineering --- ___ Mnet-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/mnet-devel --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire' - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
CeBIT: Federal German Ministry of Economics Forces E-mailEncryption
http://www.cebit.de/top-21508.html?druckeboot=1news_article_id=350archiv=1 CeBIT 2002 18.03.2002, © Deutsche Messe AG 2002 IT Newsticker 16.03.2002 11:49 CeBIT: Federal German Ministry of Economics Forces E-mail Encryption At the CeBIT the Federal German Ministry of Economics distributes for free the mail encryption program GnuPP 1.1 complete with manual. The mail roboter Adele shall provide a lead-in to the issue by practising the krypto mail communication together with the user. The Federal German Ministry of Economics is supporting the open source project GnuPP ( GNU Privacy Project) since the year 2000. With that the Ministry wants to provide the development of a cryptography infrastructure that does not depend on manufacturers, that is safe and corresponds to international standards. It would not be recommended to use standard software in security sensitive areas and the Ministry explicitly warns to do so in its press release. Only the open source principle allows the user to look at the complete programming of a software, and that means security to the greatest extent. Apart from the software the package of the Ministry contains a two-piece manual that is completely new written and designed. With the help of this manual even laypersons shall be able to clear the first hurdle of e-mail encryption. And something else is new: Adele ([EMAIL PROTECTED]), an exercise roboter for practising the procedure of encryption and decryption as often as the entry-level user will need it. Adele reacts to sent-in public keys and encrypted e-mails, sends its own public key, and answers to encrypted and decrypted incoming e-mails. In this way a dialog between correspondence partners is formed so that entry-level users can practise transactions of e-mail encryption like in real life and may gain confidence in the safety of this procedure. At the CeBIT one can get the GnuPP package (manual with CD-ROM) for free at the stands of the Federal German Ministry of Economics. During the entire fair the Ministry also provides presentations and advisory service for free. For background informations and details on the fair please surf tecCHANNEL.DE and read our big CeBIT Special (German only, please bear with us). Moreover we have compiled for you all CeBIT news in category-specific news channels. (jlu/bmu) Federal German Ministry of Economics: pavilion11, stand D25 Pavillon D / 11, stands 76 and 5 Origin: tecCHANNEL In cooperation with IDG Interactive Back to the News-Overview -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire' - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Secure peripheral cards
Well, there's always the IBM 4758, which we built as a general-purpose secure computer environment for hostile environments, with the ability for on-device applications to prove to the outside world what they are and where they're running. IBM's been marketing it primarily as a crypto accelerator, unfortunately. The official product pages make it hard to distinguish the box from the CCA application sw. For basic architecture stuff: S.W. Smith, S.H. Weingart. `Building a High-Performance, Programmable Secure Coprocessor.'' Computer Networks (Special Issue on Computer Network Security.) 31: 831-860. April 1999. For some recent creative applications: S. Jiang, S.W. Smith, K. Minami. ``Securing Web Servers against Insider Attack.'' ACSA/ACM Annual Computer Security Applications Conference. December 2001 A. Iliev, S.W. Smith. Prototyping an Armored Data Vault: Rights Management on Big Brother's Computer. Privacy-Enhancing Technology 2002, Springer-Verlag, to appear. These and more live at: http://www.cs.dartmouth.edu/~sws/papers/ --Sean Prof. Sean W. Smith [EMAIL PROTECTED] http://www.cs.dartmouth.edu/~sws/ (has ssl link to pgp key) Department of Computer Science, Dartmouth College, Hanover NH USA - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: crypto question
At 01:45 PM 3/21/2002 +1100, McMeikan, Andrew wrote: Question. Is it possible to have code that contains a private encryption key safely? Every way I look at it the answer seems no, yet some degree of safety might be possible by splitting an encrypting routine across several nodes. Can someone give me a pointer to any work in this area? I don't believe so, but maybe someone else on the list has a better answer. Secret splitting will clearly make it harder for Mallet to gather the key. In the past Atalla (later Compaq, now HP) and Harris sold hardware boxes that kept keys in tamper proof boxes. They worked because opening the box lost the key. Banks used them heavily in the late 1990s. The usual good solution is to make a human type in a secret. The usual bad solution is to store it in a secret place, or encrypted with a key kept elsewhere (source, secret file, LDAP, etc.) The old CyberCash wallet, which used strong RSA keys, used simple 56bit DES to protect the private key on the local PC's hard disk. The thinking was that user won't use more entropy in their keys to really justify 3DES, and once one has physical access to the computer and hard drive, there are simpler attacks than breaking the crypto on the key: keystroke sniffers being one obvious example. I'd also love to hear of real solutions to protecting a key stored on local disk Pat Pat Farrell [EMAIL PROTECTED] http://www.pfarrell.com - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: crypto question
The usual good solution is to make a human type in a secret. Of course, the downside is that the appropriate human must be present for the system to come up properly. In some situations, the system must be able to boot into a working state. That way, even if somebody accidentally trips the power-- I've had this happen on production boxen --the system outage lasts only as long as the boot time. If a particular human (or one of a small number of secret holders) must be involved, then the outage could be measured in hours rather than minutes. Don't forget that Availability is also an important aspect of security. It all depends on your threat model. --mkb - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: crypto question
On Thu, 21 Mar 2002, McMeikan, Andrew wrote: A question and a probe. Question. Is it possible to have code that contains a private encryption key safely? Every way I look at it the answer seems no, yet some degree of safety might be possible by splitting an encrypting routine across several nodes. Can someone give me a pointer to any work in this area? There are several different possible scenarios which fit this description. My message will overlap a little with the other reply I've seen, for which I apologize. Here they are in rough order of what I think you're asking. 1) You are trying to distribute an obfuscated binary which encrypts/decrypts using a secret key, with the goal that the key resist reverse engineering. The usual application for this is DRM, but you can also use this to do public-key encryption from any symmetric algorithm (obfuscate the encryption function!). (disclaimer: I work for ShieldIP, which is a DRM company. All statements and opinions here are my own.) There's a recent result showing that there exist some functions which *cannot* be obfuscated, for several technical formalizations of the notion obfuscated. That result is available as: On the (Im)possibility of Obfuscating Programs Boaz Barak Oded Goldreich, Russell Impagliazzo, Steven Rudich, Amit Sahai, Salil Vadhan, Ke Yang http://citeseer.nj.nec.com/barak01impossibility.html It is important to note that this result doesn't necessarily apply to the kinds of programs we want to obfuscate in practice. Rather it shows that there is a large class of unobfuscatable functions and builds such functions through clever means. At least that's my current take; I should hedge here and say I haven't gone through it thoroughly -- I'd welcome correction from anyone who's taken more time to map out the practical implications (for instance, is it possible that a block cipher could be obfuscated?). Naturally this result hasn't stopped people from trying practical techniques for code obfuscation. Cloakware (www.cloakware.com) is just one of the companies pursuing research into software obfuscation. Doing a google search for code obfuscation provides many links. I don't know enough to say which of them are any good. People have also tried to obtain a similar level of protection by embedding code in tamper-resistant hardware. IBM's ABYSS project was an early example of this aimed specifically at copy protection. That begat Citadel which begat 4758 and thus was the begatting begun. As another message mentions, Atallah/Compaq/HP and Wave Systems today do similar things. I note that the Intertrust web page mentions a Rights|Chip which may or may not do similar things. Bennet Yee's thesis, among other places, is a good place to learn about secure coprocessors. ftp://www.cs.ucsd.edu/pub/bsy/pub/th.ps.gz 2) You have an application which uses private keys and you are worried about writing them to disk. Your adversary is not the user, but someone who may gain lunch-time access to the machine and not plant keyloggers, bugs, etc, but only transfers files or swap to a diskette. This is kind of a weak adversary, but it's also about what most co-workers or kid sisters can mount, and hey we have to protect at least against them... The best practice here, AFAIK, is to do what PGP does. Encrypt the private key while it's on disk using some key not on the machine. Then use a kernel driver to obtain memory which is guaranteed not to be paged to disk and use that memory for all sensitive operations. Get yourself a copy of the WinPGP source code and take a look. 3) You are worried about an adversary breaking in and stealing your own signing or decryption key from your computer. You also just happen to have a bunch of other computers lying around that are not running the same OS or same version (so they are unlikely to be cracked at the same time as your first machine). Now you're in the territory of threshold cryptography and proactive security. The MIT Threshold Cryptography page explains it better than I could: http://theory.lcs.mit.edu/~cis/cis-threshold.html Dan Boneh's group has put some of these ideas into code: http://theory.stanford.edu/~dabo/ITTC/ With proactive security, you refresh machines from time to time so as to limit damage from machines which are compromised and then renewed. Here's the abstract from the paper reporting on the IBM implementation. http://www.cs.huji.ac.il/~feit/artzi/artzi18.html#abs1 that paper citation is B. Barak, A. Herzberg, D. Naor, and E. Shai. The proactive security toolkit and applications. In Proceedings of the 6th ACM Conference on Computer and Communications Security (CCS'99), pages 18--27, Kent Ridge Digital Labs, Singapore, November 1999. ACM SIGSAC, ACM There used to be an IBM page specifically on the topic of proactive security and they were even going to let people download the toolkit! I don't think that actually happened. If it did, dude, I'd like to know. -David Molnar