On 11 May 2015 at 20:13, d...@deadhat.com wrote:
There is also the Lightweight Crypto Workshop at NIST. This heavily
overlaps with the ECC thing, because the right options for ECC curves are
also the right options for lightweight crypto.
I'm attending the lightweight Crypto Workshop, but not
On Jan 28, 2015 5:00 PM, d...@geer.org wrote:
https://underhandedcrypto.com/rules/
We will keep submissions secret until they have been judged. Once the
contest is over, all submissions will be published. Winners will be
announced on December 30, 2014.
Did this complete? If it
On 18 August 2014 23:29, Tony Arcieri basc...@gmail.com wrote:
Anyone know why this hasn't gained adoption?
http://tools.ietf.org/html/rfc2817
I've been watching various efforts at widespread opportunistic encryption,
like TCPINC and STARTTLS in SMTP. It's made me wonder why it isn't used
https://www.kickstarter.com/projects/620001568/jackpair-safeguard-your-phone-conversation
https://www.youtube.com/watch?v=rh6yF79FkAA
DH with a 'Pairing Code' (ala ZRTP) to prevent MITM. Light on exact
details, but they say it will be open source.
we think 10-12 digits [for a pairing code] is
You're talking about two different things here.
As others have said, if you XOR good random with 'not very good but
non-malicious random' - you are unlikely to reduce the entropy. (And
as Seth said, if you XOR good random with malicious random (e.g. a
trojaned RDRAND instruction) you're in bad
On 14 March 2014 08:40, Guido Witmond gu...@witmond.nl wrote:
Dear all,
I have a question regarding TLS, client certificates and Tor Exit nodes.
Am I correct in my assumption that when a client connects to a
TLS-server, both the server and client certificate are passed in
clear-text (clear
Hey all, wondering if anyone knows of any commercialized hardware
(e.g. developed into a product, not just a research paper) that
conducts attacks on powered-on, Full Disk Encrypted Android/iPhone
phones that _isn't_ PIN guessing?
So a powered-off FDE-ed iPhone or Android can be attacked by brute
-- Forwarded message --
From: shawn wilson
How about a dictionary and rules. Even if you choose an alphanumeric
strong pass, you're kinda limited to the phone's keyboard - you're not
going to want to switch case or between letters and special too often.
Also, IIRC Android limits
On Mar 2, 2014 11:47 AM, Kevin kevinsisco61...@gmail.com wrote:
Tom:
Pherhaps I am in the dark about this, but I'm sure attacking android is
quite simple as mobile security is farely new. I have to wonder why you
are asking?
If it's simple, surely there are product descriptions, manuals,
On 30 September 2013 07:07, Ralph Holz h...@net.in.tum.de wrote:
Hi Ben,
Boy, are you out of
date: http://en.wikipedia.org/wiki/Server_Name_Indication.
I am not so sure many servers support it, though. My latest data,
unfortunately, is not evaluated yet. But in 2011 the difference between
On 13 August 2013 07:00, Peter Gutmann pgut...@cs.auckland.ac.nz wrote:
Erwann Abalea eaba...@gmail.com writes:
Looks like paypal-communication.com is a legit domain owned by Paypal, Inc.
Even though, according to the second article I referenced, Paypal said it was
a phishing site and said
On 1 July 2013 05:04, Ben Laurie b...@links.org wrote:
On 1 July 2013 01:55, Jacob Appelbaum ja...@appelbaum.net wrote:
So then - what do you suggest to someone who wants to leak a document to
a press agency that has a GlobaLeaks interface?
I would suggest: don't use GlobalLeaks, use
From a high level view this looks like it provides similar features as
OTR + OTR's SMP. Which works pretty well.
Well, actually, I have to say it works 'okay' because in practice I
have to run SMP a couple of times with my partner until we hit upon
the identical punctuation, capitalization, and
This comes from the same school of Attacker controlled requests
inside of an SSL tunnel to reveal some other portion of the data going
over SSL style attacks, BEAST being the other big example. Many
people (including me) *think* this is the new CRIME attack Thai and
Juliano have announced [0].
On 26 February 2012 14:21, Ondrej Mikle ondrej.mi...@nic.cz wrote:
I've just found an article about the OAEP padding oracle (that I couldn't
recall
before):
http://ritter.vg/blog-mangers_oracle.html
Reportedly there is no major implementation that would suffer from error
side-channel,
On 1 March 2012 13:14, Thierry Moreau thierry.mor...@connotech.com wrote:
May I ask a (maybe stupid) question?
... audit proofs will be valid indefinitely ...
Then what remains of the scheme reputation once Mallory managed to inject a
fraudulent certificate in whatever is being audited (It's
On 15 February 2012 11:56, Ben Laurie b...@links.org wrote:
I did this years ago for PGP keys. Easy: take all the keys, do
pairwise GCD. Took 24 hours on my laptop for all the PGP keys on
keyservers at the time. I'm trying to remember when this was, but I
did it during PETS at Toronto, so that
On 27 November 2011 20:10, Steven Bellovin s...@cs.columbia.edu wrote:
Does anyone know of any (verifiable) examples of non-government enemies
exploiting flaws in cryptography? I'm looking for real-world attacks on
short key lengths, bad ciphers, faulty protocols, etc., by parties other
than
So my biggest question is what defines a publically visible
certificate? Of course every certificate gmail uses would be
public... but what about the cert that corresponds to the new product
google is launching that's in beta for a few users? That cert should
be published... but then that lets
A long time ago I read an account on a website of a test done in the 90s
on public RSA keys. A keyserver operator was politely asked for the
entire database of public keys, and he complied (I think it was the MIT
keyserver and the researchers were at MIT, but I don't recall.)
The public keys
Perhaps anybody else that was there or is familiar with Shamir's work along
this line might comment.
I was in Boston last Friday as well - Jean-Philippe is correct, the
second half of the talk was on the Even-Mansour system, and Adi talked
about his SLIDEX attack. He may have expanded on it a
What happens if the bad guy just strips the signature? What are the
circumstances under which an OS or user+OS will refuse to run code that just
isn't signed at all?
In the case of Microsoft Clickonce, the Install Dialog is changed from
Publisher: Discount Bob's Software Hanggliding to
At most, I would think you'd only be able to collect a few bits.
Agreed, I think using anything but the lowest bits would be dangerous.
But most smartphones (especially ones with GPS sensors) have other
sensors that would be better contributors of entropy, and aren't
monitorable by any remote
23 matches
Mail list logo