1) If you want to prevent tampering, use a MAC, not a cipher. My
recommendation is HMAC-SHA-2. Be sure to use a constant time equality check
while verifying the MAC.
2) If you want to encrypt something symmetrically, use authenticated
encryption. Either with a specialized mode, like AES-GCM or
On 2013-07-22 9:01 AM, Randall Webmail wrote:
[SNIP]
To derive a DES OTA key, an attacker starts by sending a binary SMS to
a target device. The SIM does not execute the improperly signed OTA
command, but does in many cases respond to the attacker with an error
code carrying a cryptographic
On 21 July 2013 22:40, Ben Lincoln f70c9...@beneaththewaves.net wrote:
Maybe I am misunderstanding (and I apologize if so), but I don't think
authenticated encryption will address the main problem I'm trying to solve.
Preventing tampering is important (and I think some of what I suggested has
A number of projects have been launched to use cell phones as a money
device, a smart card. I am pretty sure if your malware can send sms, it can
transfer funds.
This not all that fatal, as the money is traceable, but it means that the
financial institution needs an apparatus to reverse