more MD5 collisions
John Black, Martin Cochran, and Trevor Highland had an optimized attack at FSE this year, they also released a toolkit for finding the collisions and playing around with the attack techniques. http://www.cs.colorado.edu/~jrblack/papers/md5e-full.pdf toolkit available at http://www.cs.colorado.edu/~jrblack/md5toolkit.tar.gz -- Mads Rasmussen LEA - Laboratório de Ensaios e Auditoria (Cryptographic Certification Laboratory) Office: +55 11 4208 3873 Mobile: +55 11 9655 8885 Skype: mads_work http://www.lea.gov.br - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: NPR : E-Mail Encryption Rare in Everyday Use
Ian G wrote: Chris Palmer wrote: Peter Saint-Andre writes: http://www.saint-andre.com/blog/2006-02.html#2006-02-27T22:13 3. I see on your site you use and advertise for CACert. I hope CACert's signing cert(s) are never trusted by my browser, because then my browser would trust any cheap-ass random pseudonym in the world. IMHO trust is something you do, not something your browser does. Unless you're going to delegate trust to the browser manufacturers... Which brings us to my next point... You are probably talking about the Class 1 root that CAcert uses to issue pseudonymous certs. Yes, they can be acquired by any cheap-ass psuedonym (but not randomly, as I think there is a serial number in there which I was told was an unavoidable artifact of x.509). Over on Peter's blog it seems to indicate he is an Assurer ... assuming that is correct [it isn't a cryptographically sound image :) ] then this means he is at least assured which is their term for his identity having been verified. In CAcert, assurance is an action. You show me two government-issued photo IDs (GIPIDs) and I compare them with your visage and physical person; if I think they match, I assure you for some number of points in the web of trust. If you get to a certain number of points, you can use the Class 3 root. If you get even more points, you can become an assurer (someone who does assurances). I happened to use the trusted third party process for assurance (get copies of my GIPIDs witnessed and notarized by two persons who are legally authorized in my jurisdiction to witness and notarize documents), which results in more points initially and the ability to become an assurer more quickly. Peter -- Peter Saint-Andre Jabber Software Foundation http://www.jabber.org/people/stpeter.shtml smime.p7s Description: S/MIME Cryptographic Signature
Creativity and security
I was tearing up some old credit card receipts recently - after all these years, enough vendors continue to print full CC numbers on receipts that I'm hesitant to just toss them as is, though I doubt there are many dumpster divers looking for this stuff any more - when I found a great example of why you don't want people applying their creativity to security problems, at least not without a great deal of review. You see, most vendors these days replace all but the last 4 digits of the CC number on a receipt with X's. But it must be boring to do the same as everyone else, so some bright person at one vendor(*) decided they were going to do it differently: They X'd out *just the last four digits*. After all, who could guess the number from the 10,000 possibilities? Ahem. -- Jerry (*) It was Build-A-Bear. The receipt was at least a year old, so for all I know they've long since fixed this. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
pipad, was Re: bounded storage model - why is R organized as 2-d array?
Anyone see a reason why the digits of Pi wouldn't form an excellent public large (infinite, actually) string of random bits? There's even an efficient digit-extraction (a/k/a random access to fractional bits) formula, conveniently base 16: http://mathworld.wolfram.com/BBPFormula.html I dub this pi pad. Is this idea transcendental or irrational? -- Security Guru for Hire http://www.lightconsulting.com/~travis/ -- GPG fingerprint: 9D3F 395A DAC5 5CCC 9066 151D 0A6B 4098 0C55 1484 [Moderator's note: I'd say irrational but I'll let other people chime in first. --Perry] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
