[Cryptography] Homomorphic encryption prototype by microsoft
Two years after Dr. Craig Gentry of IBM published the proof for fully homomorphic encryption, Microsoft has come up with a prototype that utilizes the technique: http://www.technologyreview.com/computing/38239/page1/ saqib http://redscarfvestpink.appspot.com/ ___ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography
ACM Workshop: Searching an Encrypted Cloud
Followup from the workshop: http://www.technologyreview.com/computing/23951/ saqib http://enterprise20.squarespace.com On Thu, Nov 12, 2009 at 1:23 PM, Ali, Saqib docbook@gmail.com wrote: ACM Workshop on November 13th (yes it is Friday the 13th) will cover the the topic of Searching for encrypted data in the Cloud: http://crypto.cs.stonybrook.edu/ccsw09/ http://www.technologyreview.com/computing/23929/?a=f - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
First Test for Election Cryptography
http://www.technologyreview.com/web/23836/ saqib http://replaycall.com - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
BusinessWeek article on IBM Research's Fully Homomorphic Encryption
Good read: http://www.businessweek.com/technology/content/sep2009/tc20090930_463595.htm For more info: http://www-03.ibm.com/press/us/en/pressrelease/27840.wss http://portal.acm.org/citation.cfm?id=1536414.1536440 This is just a proof of possibility, not (yet) feasibility. saqib http://enterprise20.squarespace.com - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Privacy Plug-In Fakes out Facebook
[Moderator's note: I don't want an extended discussion on this topic, but I'll allow this one message through. --Perry] Another fine example of throwing cryptography at a behavioral problem. And why should I trust a 3rd party server to protect the encryption keys I know that Facebook privacy settings were convoluted in the past. But they have improved a lot. And there are nice tutorials on privacy settings for facebook. Spend 10 mins, and properly configure these settings. Just my $0.02 saqib http://bit.ly/NISTCloudComputing - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Unattended reboots (was Re: The clouds are not random enough)
If you (or anyone on this forum) know of technology that allows the application to gain access to the crypto-hardware after an unattended reboot - but can prevent an attacker from gaining access to those keys after compromising a legitimate ID on the machine This is the conundrum of the of the the decade. The TPMs etc, tie a HDD to a server. This helps in cases where the HDDs are discarded w/o proper destruction of data or are stolen. If you have a problem of entire servers being stolen, than you have to worry about physical security. saqib http://kawphi.blogspot.com - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
The clouds are not random enough
Why Cloud Computing Needs More Chaos: http://www.forbes.com/2009/07/30/cloud-computing-security-technology-cio-network-cloud-computing.html [Moderator's note: It is not supposed to be the moderator's job to read a link and then summarize for the readers it is interesting to click on. In the future, posters should provide at least a few sentences explaining why a link is of interest or I'm going to simply stop forwarding them. In the current instance, the article is about a growing problem -- the lack of good quality random numbers in VMs provided by services like EC2 and the effect this has on security. --Perry] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: New Technology to Make Digital Data Disappear, on Purpose
Online demo of Vanish: http://regina.cs.washington.edu/cgi-bin/vanishservice.py saqib http://kawphi.blogspot.com - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
New Technology to Make Digital Data Disappear, on Purpose
The researchers said they had struck upon a unique approach that relies on “shattering” an encryption key that is held by neither party in an e-mail exchange but is widely scattered across a peer-to-peer file sharing system. The pieces of the key, small numbers, tend to “erode” over time as they gradually fall out of use. To make keys erode, or timeout, Vanish takes advantage of the structure of a peer-to-peer file system. Such networks are based on millions of personal computers whose Internet addresses change as they come and go from the network. This would make it exceedingly difficult for an eavesdropper or spy to reassemble the pieces of the key because the key is never held in a single location. The Vanish technology is applicable to more than just e-mail or other electronic messages Read more: http://www.nytimes.com/2009/07/21/science/21crypto.html Saqib http://kawphi.blogspot.com - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Physical security rather than crypto---but perhaps of interest
Since we are on this topic: You don’t need to be a crowned Ranger class master hacker to sneak into someone’s email or facebook account these days. Which means that you’re not simply being a nervous nellie if you’re worried about security. In fact, users of public WiFi should be worried. If you use WiFi to access some of the most popular email and social networking services, like, gmail, yahoo mail, hotmail, and facebook, your account information floats around in the air, often completely unsecured. You want some more fear with your coffee? Chris Soghoian, a fellow at the Berkman Center for Internet and Society, took a look into WiFi and account security to find out just how scary the situation is. Listen to the audio at: http://blogs.law.harvard.edu/mediaberkman/2009/07/16/radio-berkman-126-the-g-fail/ saqib http://www.capital-punishment.us - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Weakness in Social Security Numbers Is Found
Read more: http://www.nytimes.com/2009/07/07/us/07numbers.html?_r=2ref=instapundit saqib http://www.capital-punishment.us [Moderator's note: this isn't really a weakness in SSNs, unless you're stupid enough to use them as a password -- which we already knew was bad. None the less, interesting work. --Perry] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
OT: Presentation on Effectively and Securely Using the Cloud Computing Paradigm
NIST has published a working draft of the Cloud Computing Security presentation: http://csrc.nist.gov/groups/SNS/cloud-computing/index.html Both of the documents on this page are excellent read for anyone interested in Cloud Computing. Some of the Security Advantages mentioned in the presentation are: Shifting public data to a external cloud reduces the exposure of the internal sensitive data Cloud homogeneity makes security auditing/testing simpler Clouds enable automated security management Redundancy / Disaster Recovery Data Fragmentation and Dispersal Dedicated Security Team Greater Investment in Security Infrastructure Fault Tolerance and Reliability Greater Resiliency Hypervisor Protection Against Network Attacks Possible Reduction of CA Activities (Access to Pre-Accredited Clouds) Simplification of Compliance Analysis Data Held by Unbiased Party (cloud vendor assertion) Low-Cost Disaster Recovery and Data Storage Solutions On-Demand Security Controls Real-Time Detection of System Tampering Rapid Re-Constitution of Services Advanced Honeynet Capabilities What are your thoughts on these benefits? Thanks Saqib http://www.capital-punishment.us - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
A Service to Prove You are Really You
On the Internet, nobody knows you’re a dog, as the New Yorker cartoon famously said. But what if, while you are surfing, you want to prove your pedigree? Equifax, the big credit agency that already knows more about your flea count than you do, wants to help. : http://bits.blogs.nytimes.com/2009/05/19/a-service-to-prove-you-are-really-you/ Saqib http://www.capital-punishment.us - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Response to The Strange Rise and Fall of Hardware Disk Encryption
Here is a response to Jon Callas' The Strange Rise and Fall of Hardware Disk Encryption[1]: http://security-basics.blogspot.com/2009/04/re-fde-mgiebelpgpcom-has-shared-strange_6682.html 1. http://blog.pgp.com/index.php/2009/04/the-strange-rise-and-fall-of-hardware-disk-encryption/ - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
How to Share without Spilling the Beans
A new protocol aims to protect privacy while allowing organizations to share valuable information: http://www.technologyreview.com/communications/22238/?a=f saqib http://www.capital-punishment.net - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
UK must balance surveillance and data collection with privacy
Britain's House of Lords Constitution Committee released a report Friday saying that the country's use of widespread video surveillance and personal data collection pose a threat to citizens' privacy and freedom. The committee said that while such surveillance and data collection could serve legitimate law-enforcement purposes, those interests should be balanced against privacy concerns, including Article 8 of the European Convention on Human Rights. The committee also issued specific recommendations that DNA data on individuals be consolidated to the National DNA Database, and that closed-circuit television surveillance only be used under strict oversight and where it has been shown to be effective. More info: http://jurist.law.pitt.edu/paperchase/2009/02/uk-must-balance-surveillance-and-data.php http://www.publications.parliament.uk/pa/ld200809/ldselect/ldconst/18/18.pdf saqib http://www.capital-punishment.net - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
More on (no pun intended) D-wave quantum computer
Source: http://bits.blogs.nytimes.com/2008/12/22/d-wave-arms-smoking-gun-proof-of-quantum-computer/ Once D-Wave collects the results of the simulations and processes the information, it will compare the simulation against an actual run of its latest quantum computer, which should be completed in the next few months. If the figures match up, then D-Wave will have shown that it really has a quantum machine, silencing skeptics, according to Geordie Rose, the company's chief technology officer. I still don't see how figures matching up prove that what d-wave developed is a quantum computer. it just proves that it is a faster computer…….. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Lifting Some Restrictions on Encryption Exports
Does anyone have more info on the following: http://snurl.com/75m3f I couldn't find any other article that talked about it. The pay per news is the only item I found. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: usable security at www.usable.com
to make it easy to login to participating web sites. However, I don't see any details of the protocols or algorithms. The service looks very user friendly and secure (i.e. if implemented properly) It is unfortunate that being a security aware company they don't provide information about the protocols or algorithms. I haven't used the service either. So I am as clueless as anyone else. But I won't let that stop me from making some speculations ;-) Note: The following are pure speculations and wild guesses: The service seems to incorporate a technology similar to RSA's passmark to perform mutual authentication i.e. authenticate the client machine to the server to prevent phishing. In addition, it appears, they are also utilizing host-proof hosting AJAX paradigm such that your login information is never sent to the Usable's cloud servers in clear-text. Both of these technologies are well-defined and, if implemented properly, provide reasonable amount of security. BankOfAmerica utilizes RSA's Passmark for Logons. Passpack utilizes Host-proof hosting AJAX paradigm. saqib http://doctrina.wordpress.com/ - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
No Legitimate Expectation of Privacy for Data on Office Computer, Court Says
An employee has no reasonable expectation of privacy in personal files stored on a company-owned computer and an employer's consent makes a police search lawful, an appeals court says in a ruling of first impression in New Jersey. We conclude ... that neither the law nor society recognize as legitimate defendant's subjective expectation of privacy in a workplace computer he used to commit a crime, Judge Marie Simonelli wrote for the three-judge panel in State v. M.A., A-4922-06. Read More: http://www.law.com/jsp/article.jsp?id=1202424228730 saqib http://doctrina.wordpress.com/ - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Security by restraining order
JOLT's coverage of the topic and some new updates: http://jolt.law.harvard.edu/digest/district-courts/mbta-v-anderson saqib http://doctrina.wordpress.com/ - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Introducing Cryptanalysis
A informative blog post on the topic of cryptanalysis by Mark Chu-Carroll of Google: http://scienceblogs.com/goodmath/2008/08/introducing_cryptanalysis.php saqib http://doctrina.wordpress.com/ - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Dutch chipmaker sues to silence security researchers
Latest updates (17.07.08): Dutch courts OKs publishing how to hack NXP chip http://uk.reuters.com/article/governmentFilingsNews/idUKL186838820080718 saqib http://doctrina.wordpress.com/ - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Dutch chipmaker sues to silence security researchers
Dutch chipmaker NXP Semiconductors has sued a university in The Netherlands to block publication of research that details security flaws in NXP's Mifare Classic wireless smart cards, which are used in transit and building entry systems around the world. More at: http://news.cnet.com/8301-10784_3-9985886-7.html?hhTest=1 saqib http://doctrina.wordpress.com/ - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Permanent Privacy - Snake Oil or unbreakable encryption?
This reads like snake oil. http://www.foxbusiness.com/story/hackers-hell-privacy-compromised/ This reads like a pump'n'dump stock scam. zdnet tries to expose the snake-oil crypto and the pump'n'dump stock scam: http://blogs.zdnet.com/security/?p=1448 good start. but i think they could have done better.. saqib http://doctrina.wordpress.com/ - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Permanent Privacy - Snake Oil or unbreakable encryption?
Quoting the Foxbusiness article: PermanentPrivacy announces the world's first practical data encryption system that is absolutely unbreakable. And is offering a $1,000,000 challenge to anyone who can crack it. Permanent Privacy (patent pending) has been verified by Peter Schweitzer, one of Harvard's top cryptanalysts, and for the inevitable cynics Permanent Privacy is offering $1,000,000 to anyone who can decipher a sample of ciphertext. http://www.foxbusiness.com/story/hackers-hell-privacy-compromised/ http://www.permanentprivacy.com/ saqib http://doctrina.wordpress.com/ - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Code makers and breakers of WWII era
Actually the correct URL is: http://www.sscnet.ucla.edu/geog/gessler/collections/cryptology.htm On Wed, Jun 4, 2008 at 1:59 PM, Ali, Saqib [EMAIL PROTECTED] wrote: Here is another site that has a lot more details and photographs: http://www.sscnet.ucla.edu/geog/gessler/collections/crypto-hebern.htm saqib http://doctrina.wordpress.com/ - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Code makers and breakers of WWII era
Here is another site that has a lot more details and photographs: http://www.sscnet.ucla.edu/geog/gessler/collections/crypto-hebern.htm saqib http://doctrina.wordpress.com/ - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Question re Turing test and image recognition
Check out http://www.numenta.com/ . They have an SDK that you d/l and play with it. saqib http://doctrina.wordpress.com/ On Fri, May 16, 2008 at 8:36 AM, Allen [EMAIL PROTECTED] wrote: Hi gang, In looking at captchas that have been broken via software it dawned on me that the amount of mental processing involved is actually very little. I'm interested in what the current state of image recognition via software of things like knowing the difference between a monkey and a cat or a child laughing or just happy and the degree of reliability of the differentiation. I've done a bit of looking around and don't find much. Does anyone have knowledge of or a pointer to someone who might know where to look about this? Thanks, Allen - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: It seems being in an explosion isn't enough...
Edwards said the Seagate hard drive -- which was about eight years old in 2003 -- featured much greater fault tolerance and durability than current hard drives of similar capacity. I am not so sure about this statement. The newer drives are far more ruggedized and superior in constuction. For e.g. the newer EE25 are designed to operate @ 1) Operating temperatures of –30°C to 85°C 2) Operating altitudes from –1000 feet to 16,400 feet 3) Operating vibration up to 2.0 Gs 4) Long-duration (11 ms) shock capability of 150 Gs where as the older ST9385AG: 1) Operating temperatures of 5° to 55°C (41° to 131°F) 2) Operating altitudes from –1,000 ft to 10,000 ft (–300 m to 3,000 m) 3) Operating vibration up to 0.5 Gs 4) shock capability of 100 Gs Source: http://www.seagate.com/docs/pdf/datasheet/disc/ds_ee25_2.pdf http://www.seagate.com/support/disc/manuals/ata/9655pma.pdf saqib http://doctrina.wordpress.com/ - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Pentagon looks for 'Killer Switch'
Not exactly related to Malicious Hardware/Software discussion, but interesting nonetheless: http://blog.wired.com/defense/2008/04/the-case-of-the.html http://spectrum.ieee.org/may08/6171 saqib http://doctrina.wordpress.com/ - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Snake oil crypto of the day: BabelSecure Samurai
See: http://babelsecure.com/challenge.aspx Snake-oil sales pitch: The creators of BabelSecure are so confident in the ability and security of Samurai, they have created the Turing Challenge. The first individual or team to break the following code will earn $5000 saqib http://doctrina.wordpress.com/ - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Levels of security according to the easiness to steel biometric data
I believe ISC2 (https://www.isc2.org/ ) did some testing and published their findings. Maybe someone from ISC2 on this list can give you the exact reference to that material. saqib http://doctrina.wordpress.com/ On Mon, Mar 31, 2008 at 11:10 AM, Danilo Gligoroski [EMAIL PROTECTED] wrote: Hi, Probably you have heard about this: CCC publishes fingerprints of German Home Secretary Date: 31 March 2008 Source: Heise.de In a protest against the use of biometric data, the Chaos Computer Club (CCC) has taken a step that will raise a few eyebrows in the current issue of its club magazine Die Datenschleuder, the hackers have published the fingerprint of German Home Secretary, ... Link: http://www.liveleak.com/view?i=b29_1206968252 QUESTION: Does anybody knows about the existence of a security research in area of grading the easiness to steel biometric data. For example, I guess that stealing information of someone's face is easier than stealing information about someone's fingerprints, but stealing information about someone's retina would be much harder. Such a scale can be useful in the design of secure protocols and secured information systems. Danilo Gligoroski! - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Privacy as Contextual Integrity - A lecture by Dr. Nissembaum of NYU
Dr. Helen Nissenbaum of NYU gave an extremely interesting, engaging and stimulating lecture entitled Privacy in Context at UC Berkeley: http://security-basics.blogspot.com/2008/04/fde-privacy-as-contextual-integrity.html (audio recording and lecture notes) - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: cold boot attacks on disk encryption
interesting paper. but i fail to see how this could be deadly (as the author puts it) to the disk encryption products. This methods requires the computer to be recently turned-on and unlocked. So the only way it would work is that the victim unlocks the disks i.e. enter their preboot password and turn off the computer and immediately handover (conveniently) the computer to the attacker so that the attacker remove the DRAM chip and store in nitrogen. And the attacker has to do all this in less then 2 seconds :) If the attacker is standing right next to the victim, why even let the victim turn-off the unlocked computer Or am I missing something? -- Saqib Ali, http://www.full-disk-encryption.net On 2/21/08, Perry E. Metzger [EMAIL PROTECTED] wrote: Ed Felten blogs on his latest research: http://www.freedom-to-tinker.com/?p=1257 Excerpt: Today eight colleagues and I are releasing a significant new research result. We show that disk encryption, the standard approach to protecting sensitive data on laptops, can be defeated by relatively simple methods. We demonstrate our methods by using them to defeat three popular disk encryption products: BitLocker, which comes with Windows Vista; FileVault, which comes with MacOS X; and dm-crypt, which is used with Linux. More info: http://citp.princeton.edu/memory Paper: http://citp.princeton.edu.nyud.net/pub/coldboot.pdf -- Perry E. Metzger[EMAIL PROTECTED] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: cold boot attacks on disk encryption
After thinking about this a bit, i have changed my views on this attack. i think it is quite easy to perform this attack. i myself have been in similar situations, where my personal computer could have been easily compromised by this attack However, the hardware based encryption solutions like (Seagate FDE) would easily deter this type of attacks, because in a Seagate FDE drive the decryption key never gets to the DRAM. The keys always remain in the Trusted ASIC on the drive. On Thu, Feb 21, 2008 at 11:51 AM, Perry E. Metzger [EMAIL PROTECTED] wrote: Ali, Saqib [EMAIL PROTECTED] writes: This methods requires the computer to be recently turned-on and unlocked. No, it just requires that the computer was recently turned on. It need not have been unlocked -- it jut needed to have keying material in RAM. So the only way it would work is that the victim unlocks the disks i.e. enter their preboot password and turn off the computer and immediately handover (conveniently) the computer to the attacker so that the attacker remove the DRAM chip and store in nitrogen. LN2 is pretty trivial to get your hands on, and will remain happy and liquid in an ordinary thermos for quite some hours or longer. However, the authors point out that canned air works fine, too. And the attacker has to do all this in less then 2 seconds :) No, they may even have minutes depending on the RAM you have. Or am I missing something? People readily assume that rebooting or turning off a computer wipes RAM. It doesn't. This is just more evidence that it is bad to assume that the contents of RAM are gone even if you turn off the machine. Perry -- Saqib Ali, CISSP, ISSAP http://www.full-disk-encryption.net - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: cold boot attacks on disk encryption
i think in most cases tamper-resistant is sufficient - provided the device that can detect an attempt of tampering, and erase itself. DRAM chips referred to in this attack are not tamper-resistant. http://www.linkedin.com/in/encryption On Thu, Feb 21, 2008 at 2:59 PM, Perry E. Metzger [EMAIL PROTECTED] wrote: Ali, Saqib [EMAIL PROTECTED] writes: How about TPM? Would this type of attack work on a tamper-resistant ver1.2 TPM? The phrase is tamper resistant, not tamper proof. Depending on how determined your attackers are, pretty much anything depending on tamper resistant hardware will fall. As always, the question is whether what you are protecting is worth more than the attackers would have to spend on the attack. -- Perry E. Metzger[EMAIL PROTECTED] -- Saqib Ali, CISSP, ISSAP http://www.full-disk-encryption.net - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: cold boot attacks on disk encryption
Umm, pardon my bluntness, but what do you think the FDE stores the key in, if not DRAM? The encrypting device controller is a computer system with a CPU and memory. I can easily imagine what you'd need to build to do this to a disk drive. This attack works on anything that has RAM. How about TPM? Would this type of attack work on a tamper-resistant ver1.2 TPM? - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Open source FDE for Win32
I installed TrueCrypt on my laptop and ran some benchmark tests/ Benchmark Results: http://www.full-disk-encryption.net/wiki/index.php/TrueCrypt#Benchmarks Pros: 1) Easy to use product. Simple clean interface. Very user-friendly! 2) Free and Open Source 3) Multiple Encryption and Hashing algorithm available. Cons: 1) Buffered Read and Buffered Transfer Rate was almost halved after TrueCrypt FDE was enabled :-(. 2) Access Time for large file (250+MB) increased by 11%. 3) The initial encryption of the 120 GB HDD took 2 hours. On Feb 7, 2008 11:46 PM, Hagai Bar-El [EMAIL PROTECTED] wrote: List, Finally, an open source FDE (Full Disk Encryption) for Win32. It is the first one I am aware of: www.truecrypt.org TC is not a new player, but starting February 5th (version 5) it also provides FDE. Didn't get to try it yet. Hagai. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: patent of the day
can anyone please shed more light on this patent. It seems like a patent on the simple process of cryptographic erase.. saqib http://www.full-disk-encryption.net/wiki On Jan 22, 2008 7:29 PM, Perry E. Metzger [EMAIL PROTECTED] wrote: http://www.google.com/patents?vid=USPAT6993661 - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
DRM Helps Sink Another Content Distribution Project
See: http://msl1.mit.edu/furdlog/?p=6538 And Foxtrot on DMCA: http://www.gocomics.com/foxtrot/2007/12/30/ And Opus on e-books: http://www.salon.com/comics/opus/2007/12/30/opus/ saqib http://www.quantumcrypto.de/dante/ - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Electronic Voting: Danger and Opportunity
University of Illinois will hold a talk on Electronic Voting: Danger and Opportunity. Professor Edward W. Felten of Princeton University will be speaking.See: http://webtools.uiuc.edu/calendar/Calendar?calId=504eventId=78090ACTION=VIEW_EVENT saqib http://www.quantumcrypto.de/dante/ - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: gauging interest in forming an USA chapter of IISP
How will this be any different from being a member of ISC2 or ISACA? Why do we need to be a member of yet another organization? saqib http://www.quantumcrypto.de/dante/ On Dec 12, 2007 12:21 PM, Alex Alten [EMAIL PROTECTED] wrote: Would anyone on this list be interested in forming a USA chapter of the Institute of Information Security Professionals (IISP, www.instisp.org)? I'm finding it rather difficult to attend events, etc., that are only in London. - Alex - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Perfect Storm is gathering
I a good artikle about Storm worm in Guardian: http://observer.guardian.co.uk/business/story/0,,2195730,00.html saqib http://security-basics.blogspot.com/2007/10/execute-spammers.html - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Commercial CAPTCHA-breakers for sale
On 10/22/07, Ian G [EMAIL PROTECTED] wrote: Peter Gutmann wrote: http://www.lafdc.com/captcha/ is a site that sells commercial CAPTCHA-breaking software. The complexity of some the captchas shown on this web-site made me think. We have gone to such extents to prevent against spammers. When we should be prosecuting and hanging the spammers. Remember Men are not hanged for stealing horses, but that horses may not be stolen George Savile saqib http://security-basics.blogspot.com/ - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Full Disk Encryption solutions selected for US Government use
Arshad, Some of the solutions already include a KMS. One of the key requirements of this particular RFP was Transparency. Can you please elaborate more on how StrongKey KMS would have improved on transparency? Thanks saqib http://security-basics.blogspot.com/ On 10/8/07, Arshad Noor [EMAIL PROTECTED] wrote: We submitted a letter to the Program Manager, that while they RFP was asking for an FDE solution, they really needed to focus on Key Management across the agency, rather than the actual encryption solution itself, before they deployed any encryption product. We proposed our open-source Symmetric Key Management System (SKMS) software - StrongKey - as a solution since it includes utilities to perform file, directory and column-level database encryption using FIPS-certified tokens: smartcards, HSMs and software modules (NSS). Given that the solution we proposed was OSS, that it could leverage any FIPS-certified token through their published JCE/PKCS11 library, and that the StrongKey protocol is winding its way through OASIS towards becoming the Symmetric Key Services Markup Language (SKSML) with the support of 33 companies/individuals including the DoD, we believed that this solution was optimal for the government from many different points of view. However, because the RFP was narrowly written for FDE products only, our submission was not accepted. That's life in the Federal procurement lane they think they're buying a state of the art security solution and they don't realize that the state of the art has already shifted under their feet. Arshad Noor StrongAuth, Inc. - Original Message - From: Steven M. Bellovin [EMAIL PROTECTED] On Mon, 18 Jun 2007 22:57:36 -0700 Ali, Saqib [EMAIL PROTECTED] wrote: US Government has select 9 security vendors that will product drive and file level encryption software. See: http://security-basics.blogspot.com/2007/06/fde-fde-solutions-selected-for-us.html OR http://tinyurl.com/2xffax Out of curiousity, are any open source FDE products being evaluated? - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Seagate announces hardware FDE for laptop and desktop machines
I think the really interesting question is what happens when you lose a FDE-ed hard drive. Do you still need to publish the incident and contact potentially affected individuals? If the answer is no, I'm sure this technology will be quickly adopted, independently of its actual implementation. California Senate Bill CA1386 provides a Get Out of Jail Free Card if you are using reasonable means to protect the confidentiality of data. However you still have to proof it saqib http://security-basics.blogspot.com/ - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: flavors of reptile lubricant, was Another Snake Oil Candidate
On 13 Sep 2007 13:45:42 -, John Levine [EMAIL PROTECTED] wrote: I always understood snake oil crypto to refer to products that were of no value to anyone, e.g., products that claim to have secret unbreakable encryption, million bit keys, or one time pads produced by PRNGs. hear hear! I think in the zeal for criticism of the IronDrive, folks have expanded the definition of Snake Oil to include All security products. I don't like the Military Grade AES Encryption phrase that IronDrive uses on their website, cause that implies they know what Military is using. Maybe somebody should notify DoD that these IronDrive folks know what Military uses to encrypt info ;-) But other then that I don't see any Snake Oil Crypto like techno-babble used by IronDrive Marketing. saqib http://security-basics.blogspot.com/ - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Another Snake Oil Candidate
On 9/11/07, Aram Perez [EMAIL PROTECTED] wrote: The world's most secure USB Flash Drive: https://www.ironkey.com/demo. you didn't explain why it is a Snake Oil Candidate.. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: New DoD encryption mandate
On 8/17/07, Ivan Krstic [EMAIL PROTECTED] wrote: How so? If your computer goes bad, you need a *backup*. That's entirely orthogonal to the drive encryption problem. One of the functions provided by the TPM is to wrap/bind and store the bulk encryption keys. Now let's us say the mother board or the TPM goes bad on your notebook or you simply want to upgrade the computer. You need to be able to restore+transfer the information stored in the TPM to your new computer. This is where you need TPM management suite that support key backup/restore and transfer. A large company's (name withheld) strategy regarding TPM was to ignore it. Not too long ago few key engineers from that company decided that a TPM enabled encrypted vault would be good place to secure their documents. Somehow they managed to lock themselves out of the encrypted vaults (maybe forgotten password / or lost keys). Had that company not ignored the TPM and instituted a key backup/archive program, the engineers would have been able to recover their confidential documents. We can blame the engineers, but at the end of the day it was the whole company that lost money and valuable design documents. saqib http://security-basics.blogspot.com/ - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: New DoD encryption mandate
I still don't follow. BitLocker explicitly includes a (optionally file-based) recovery password. If you want central management, why not centrally manage _that_? On if MS provided some way to manage them centrally. Using a encrypted DB to manually store the keys in it, is simply not feasible. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Quantum Cryptography
- Quantum Cryptography is fiction (strictly claims that it solves an applied problem are fiction, indisputably interesting Physics). Well that is a broad (and maybe unfair) statement. Quantum Key Distribution (QKD) solves an applied problem of secure key distribution. It may not be able to ensure unconditional secrecy during key exchange, but it can detect any eavesdropping. Once eavesdropping is detected, the key can be discarded. saqib http://security-basics.blogspot.com/ - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Quantum Cryptography
...whereas the key distribution systems we have aren't affected by eavesdropping unless the attacker has the ability to perform 2^128 or more operations, which he doesn't. Paul: Here you are assuming that key exchange has already taken place. But key exchange is the toughest part. That is where Quantum Key Distribution QKD comes in the picture. Once the keys are exchanged using QKD, you have to rely on conventional cryptography to do bulk encryption using symmetric crypto. Using Quantum Crypto to do bulk encryption doesn't make any sense. It is only useful in key distribution. saqib http://www.linkedin.com/in/encryption - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Full Disk Encryption solutions selected for US Government use
US Government has select 9 security vendors that will product drive and file level encryption software. See: http://security-basics.blogspot.com/2007/06/fde-fde-solutions-selected-for-us.html OR http://tinyurl.com/2xffax - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: question re practical use of secret sharing
There is a opensource implementation available: http://point-at-infinity.org// On 6/13/07, Charles Jackson [EMAIL PROTECTED] wrote: A quick question. Is anyone aware of a commercial product that implements secret sharing? If so, can I get a pointer to some product literature? -- Saqib Ali, CISSP, ISSAP http://www.full-disk-encryption.net - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: A crazy thought?
Allen, I am not sure what you are trying to achieve. The CA never has your private key. They are just signing a X.509 certificate that holds your public key. This way they are vouching that that you own the public. Even if you subpoena a CA they won't be able to decrypt any information encrypted with your public key. So having a separation-of-duty is not providing any additional security. Can you please elaborate on you are trying to achieve? Thanks saqib http://www.full-disk-encryption.net On 5/26/07, Allen [EMAIL PROTECTED] wrote: Hi Gang, In a class I was in today a statement was made that there is no way that anyone could present someone else's digital signature as their own because no one has has their private key to sign it with. This was in the context of a CA certificate which had it inside. I tried to suggest that there might be scenarios that could accomplish this but was told impossible. Not being totally clear on all the methods that bind the digital signature to an identity I let it be; however, the impossible mantra got me to thinking about it and wondering what vectors might make this possible. Validating a digital signature requires getting the public key from some source, like a CA, or a publicly accessible database and decrypting the signature to validate that the private key associated with the public key created the digital signature, or open message. Which lead me to the thought of trust in the repository for the public key. Here in the USA, there is a long history of behind the scenes cooperation by various large companies with the forces of the law, like the wiretap in the ATT wire room, etc. What is to prevent this from happening at a CA and it not being known for a lengthy period of time? Jurors have been suborned for political reasons, why not CAs? Would you, could you trust a CA based in a country with a low ethics standard or a low regard for human rights? Which lead me to the thought that if it is possible, what could be done to reduce the risk of it happening? It occurred to me that perhaps some variation of separation of duties like two CAs located in different political environments might be used to accomplish this by having each cross-signing the certificate so that the compromise of one CA would trigger an invalid certificate. This might work if the compromise of the CA happened *after* the original certificate was issued, but what if the compromise was long standing? Is there any way to accomplish this? Thoughts? Best to all, Allen - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED] -- Saqib Ali, CISSP, ISSAP http://www.full-disk-encryption.net - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Enterprise Right Management vs. Traditional Encryption Tools
I was recently asked why not just deploy a Enterprise Right Management solution instead of using various encryption tools to prevent data leaks. Any thoughts? - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: phone encryption technology becoming popular in Italy
A notable mention is http://www.cryptophone.com/ . They are the only secure phone provider that allows for independent review of the source code. On 4/30/07, Steven M. Bellovin [EMAIL PROTECTED] wrote: According to an NY Times article (http://news.com.com/Phone+taps+in+Italy+spur+rush+toward+encryption/2100-1029_3-6180118.html?tag=nefd.top), phone encryption technology is becoming popular in Italy because of many recent incidents of conversations being published. Sometimes, a wiretap is being leaked; other times, it seems to be private behavior: What has spurred encryption sales is not so much the legal wiretapping authorized by Italian magistrates--though information about those calls is also frequently leaked to the press--but the widespread availability of wiretapping technology over the Internet, which has created a growing pool of amateur eavesdroppers. Those snoops have a ready market in the Italian media for filched celebrity conversations. --Steve Bellovin, http://www.cs.columbia.edu/~smb - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED] -- Saqib Ali, CISSP, ISSAP http://www.full-disk-encryption.net - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: crypto component services - is there a market?
i am not sure what you mean by crypto component services. Can you please elaborate? saqib http://www.full-disk-encryption.net On 4/16/07, Travis H. [EMAIL PROTECTED] wrote: So back when I was reading about secure logging I thought it'd be a fun service to offer, but it doesn't seem like a product that the average business would be interested in; it seems more like something that would be a component of a larger system, or used by other systems. Same with digital timestamping. Does anyone think there is a market for these point solutions? -- Kill dash nine, and its no more CPU time, kill dash nine, and that process is mine. -- URL:http://www.subspacefield.org/~travis/ For a good time on my UBE blacklist, email [EMAIL PROTECTED] -- Saqib Ali, CISSP, ISSAP http://www.full-disk-encryption.net - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
