Re: should you trust CAs? (Re: dual-use digital signature vulnerability)

[Aram Perez]

Hi Adam,

 From: Adam Back [EMAIL PROTECTED]
 Date: Fri, 30 Jul 2004 17:54:56 -0400
 To: Aram Perez [EMAIL PROTECTED]
 Cc: [EMAIL PROTECTED], Cryptography [EMAIL PROTECTED], Adam
 Back [EMAIL PROTECTED]
 Subject: Re: should you trust CAs? (Re: dual-use digital signature
 vulnerability)
 
 On Wed, Jul 28, 2004 at 10:00:01PM -0700, Aram Perez wrote:
 As far as I know, there is nothing in any standard or good security
 practice that says you can't multiple certificate for the same email
 address. If I'm willing to pay each time, Verisign will gladly issue me a
 certificate with my email, I can revoke it, and then pay for another
 certificate with the same email. I can repeat this until I'm bankrupt and
 Verisign will gladly accept my money.
 
 Yes but if you compare this with the CA having the private key, you
 are going to notice that you revoked and issued a new key; also the CA
 will have your revocation log to use in their defense.
 
 At minimum it is detectable by savy users who may notice that eg the
 fingerprint for the key they have doesn't match with what someone else
 had thought was their key.
 
 I agree with Michael H. If you trust the CA to issue a cert, it's
 not that much more to trust them with generating the key pair.
 
 Its a big deal to let the CA generate your key pair.  Key pairs should
 be generated by the user.

From a purely (and possibly dogmatic) cryptographic point of view, yes, key
pairs should be generated by the user. But in the real world, as Ian G
points out, where businesses are trying to minimize costs and maximize
profits, it is very attractive to have the CA generate the key pair (and as
Peter G pointed, delivers the pair securely), and issue a certificate at the
same time. I hope you are not using a DOCSIS cable modem to connect to the
Internet, because that is precisely what happened with the cable modem. A
major well-known CA generated the key pair, issued the certificate and
securely delivered them to the modem manufacturer. The modem manufacturer
then injected the key pair and certificate into the modem and sold it. I
guess you can say/argue that there is a difference between a user key pair
and a device key pair, and therefore, it can work for cable modems, but I
don't how you feel/think/believe in this case.

Until fairly recently, when smart card could finally generate their own key
pairs, smart cards were delivered with key pairs that were generated outside
the smart card and then injected into them for delivery to the end user.

I'm not trying to change your mind, I'm just trying to point out how the
real business world works, whether we security folks like it or not.

Respectfully,
Aram Perez

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Cryptography Research Joins Smart Card Alliance

[R. A. Hettinga]

http://biz.yahoo.com/prnews/040803/sftu064_1.html

Yahoo! Finance


Press Release
Source: Cryptography Research, Inc.

Cryptography Research Joins Smart Card Alliance
Tuesday August 3, 8:10 am ET

Patented Countermeasures Help Industry Protect Against Differential Power
Analysis Security Risks

SAN FRANCISCO, Aug. 3 /PRNewswire/ -- Furthering its mission to help the
smart card industry understand, evaluate and implement differential power
analysis (DPA) resistant solutions, Cryptography Research, Inc. today
announced it has joined the Smart Card Alliance, an industry group
committed to the development and deployment of smart cards within the
United States. With its broad portfolio of patents covering countermeasures
to DPA vulnerabilities, Cryptography Research is able to help licensed chip
manufacturers and smart card systems integrators protect their products
against DPA-related security risks.

ADVERTISEMENT
 We look forward to working closely with Smart Card Alliance members to
help the industry develop secure products, said Kit Rodgers, director of
licensing at Cryptography Research. We are excited about contributing to
the Alliance's efforts to increase the success of the North American smart
card market.

Cryptography Research has long been a pioneer in developing and analyzing
techniques for protecting smart cards against DPA and other attacks, said
Randy Vanderhoof, executive director of the Smart Card Alliance. I am
pleased to welcome Cryptography Research to the Smart Card Alliance. Their
expertise and innovative contributions to smart card security make them a
significant addition to the group.

Smart Card Security Efforts at Cryptography Research

Cryptography Research develops security technologies that are used in smart
cards. The company's DPA-related patents provide the basis for implementing
effective DPA countermeasures in smart cards and other devices. The company
also provides the DPA Workstation(TM) to help companies improve resistance
to DPA attacks, and to help unlicensed vendors recognize the need to obtain
licenses and protect their products.

Differential power analysis and related attacks were first discovered at
Cryptography Research by Paul Kocher, Joshua Jaffe and Benjamin Jun. DPA
involves monitoring the fluctuating electrical power consumption of smart
cards and other devices then applying advanced statistical methods to infer
secret keys and other information. Effective resistance to DPA is required
to prevent counterfeiting of digital cash, impersonation, piracy of digital
content, election fraud and other attacks.

Cryptography Research has been awarded a portfolio of fundamental patents
covering countermeasures to DPA attacks, including U.S. patents #6,654,884;
#6,539,092; #6,381,699; #6,298,442; #6,327,661; #6,278,783; and #6,304,658.
Other Cryptography Research patents are issued and pending in the United
States, Europe, Japan, Canada and other countries.

About the Smart Card Alliance

The Smart Card Alliance is a not-for profit, multi-industry association of
over 100 member firms working to accelerate the widespread acceptance of
multiple application smart card technology. Through specific projects such
as education programs, market research, advocacy, industry relations, and
open forums the Alliance keeps its members connected to industry leaders
and innovative thought. The Alliance also is the single industry voice for
smart cards, leading industry discussion on the impact and value of smart
cards in the U.S. More information about the Alliance is available at
http://www.smartcardalliance.org .

According to the Smart Card Alliance, in 2003 the United States became the
third largest market for microprocessor-based smart cards in the world,
with more than 70 million smart cards shipped to customers.

About Cryptography Research, Inc.

Cryptography Research, Inc. provides consulting services and technology to
solve complex security problems. In addition to security evaluation and
applied engineering work, CRI is actively involved in long-term research in
areas including tamper resistance, content protection, network security,
and financial services. Security systems designed by Cryptography Research
engineers annually protect more than $60 billion of commerce for wireless,
telecommunications, financial, digital television, and Internet industries.
For additional information or to arrange a consultation with a member of
our technical staff, please contact Jennifer Craft at 415-397-0123, ext.
329 or visit www.cryptography.com.



 Source: Cryptography Research, Inc.


-- 
-
R. A. Hettinga mailto: [EMAIL PROTECTED]
The Internet Bearer Underwriting Corporation http://www.ibuc.com/
44 Farquhar Street, Boston, MA 02131 USA
... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: Al Qaeda crypto reportedly fails the test

[Steve Furlong]

On Mon, 2004-08-02 at 15:03, John Denker wrote:
 News article
http://news.bbc.co.uk/2/hi/americas/3528502.stm
 says in part:
 
  The BBC's Zaffar Abbas, in Islamabad, says it appears that US
  investigators were able to unscramble information on the computers
  after Pakistan passed on suspicious encrypted documents.

Bah. They were probably Word documents with the password required
option turned on.


-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]