The Lava Lamp Random Number generator (at http://www.lavarnd.org/)
generates true random numbers from the images of a couple of lava
lamps. Of course, as a source of randomness for cryptographic
purposes, it's useless because it's visible to everyone (though I
suppose it might be used for
I've previously mentioned Flylogic as a company that does cool attacks
on chip-level hardware protection. In http://www.flylogic.net/blog/?p=18
, they talk about attacking the ST16601 Smartcard - described by the
vendor as offering Very high security features including EEPROM flash
erase
On Dec 7, 2008, at 4:10 AM, Alexander Klimov wrote:
http://www.heise-online.co.uk/security/Encrypting-hard-disk-housing-cracked--/news/112141
:
With its Digittrade Security hard disk, the German vendor
Digittrade has launched another hard disk housing based on the
unsafe IM7206 controller by
On Dec 15, 2008, at 2:09 PM, Perry E. Metzger wrote:
Bill Frantz fra...@pwpconsult.com writes:
I find myself in this situation with a design I'm working on. I
have an ARM chip, where each chip has two unique numbers burned
into the chip for a total of 160 bits. I don't think I can really
depend
On Dec 16, 2008, at 12:10 PM, Simon Josefsson wrote:
...I agree with your recommendation to write an AES key to devices at
manufacturing time. However it always comes with costs, including:
1) The cost of improving the manufacture process sufficiently well to
make it unlikely that compromised
On Dec 16, 2008, at 4:22 PM, Charles Jackson wrote:
I probably should not be commenting, not being a real device guy.
But,
variations in temperature and time could be expected to change SSD
timing.
Temperature changes will probably change the power supply voltages
and shift
some of the
On Dec 15, 2008, at 2:28 PM, Joachim Strömbergson wrote:
...One could probably do a similar comparison to the increasingly
popular
idea of building virtual LANs to connect your virtualized server
running
on the same physical host. Ethernet frame reception time variance as
well as other real
On Dec 17, 2008, at 3:18 PM, Perry E. Metzger wrote:
I'd like to expand on a point I made a little while ago about the
just throw everything at it, and hope the good sources drown out the
bad ones entropy collection strategy.
The biggest problem in security systems isn't whether you're using
Just one minor observation:
On Dec 22, 2008, at 5:18 AM, Peter Gutmann wrote:
This leads to a scary rule of thumb for defenders:
1. The attackers have more CPU power than any legitimate user will
ever have,
and it costs them nothing to apply it. Any defence based on
resource
On Dec 26, 2008, at 2:39 AM, Peter Gutmann wrote:
d...@geer.org writes:
I'm hoping this is just a single instance but it makes you remember
that the
browser pre-trusted certificate authorities really needs to be
cleaned up.
Given the more or less complete failure of commercial PKI for
On Dec 27, 2008, at 10:02 AM, Ben Laurie wrote:
On Fri, Dec 26, 2008 at 7:39 AM, Peter Gutmann
pgut...@cs.auckland.ac.nz wrote:
Adding support for a
service like Perspectives (discussed here a month or two back)
would be a good
start since it provides some of the assurance that a commercial
On Dec 28, 2008, at 8:12 PM, Perry E. Metzger wrote:
Semiconductor laser based RNG with rates in the gigabits per second.
http://www.physorg.com/news148660964.html
My take: neat, but not as important as simply including a decent
hardware RNG (even a slow one) in all PC chipsets would be.
On Dec 30, 2008, at 4:21 PM, Sidney Markowitz wrote:
Sidney Markowitz wrote, On 31/12/08 10:08 AM:
or that CA root certs that use MD5 for their hash are
still in use and have now been cracked?
I should remember -- morning coffee first, then post.
The CA root certs themselves have not been
On Jan 9, 2009, at 6:49 AM, Peter Gutmann wrote:
https://visa.com/
I get no response. None at https://www.visa.com either.
On the other hand, the US-specific site, https://usa.visa.com,
responds just fine - but it redirects you to http://usa.visa.com/index.html
. Try that same address
Not cryptography, but the members of this list think in these terms,
so...
Just recently, my 8th-grade daughter took a school placement test.
This test (the ISEE) is administered internationally.
When we arrived, we learned that she would not be allowed into the
test room without *one*
I just received a phishing email, allegedly from HSBC:
Dear HSBC Member,
Due to the high number of fraud attempts and phishing scams, it
has been decided to
implement EV SSL Certification on this Internet Banking website.
The use of EV SSL certification works with high
On Jan 26, 2009, at 2:49 AM, Ivan Krstić wrote:
[A]ny idea why the Sectéra is certified up to Top Secret for voice
but only up to Secret for e-mail? (That is, what are the differing
requirements?)
I have no information, but a guess: Phone conversation encryption, at
all levels, has been
I know next to nothing about the state of the art of secure cell
devices; do list members have any (public) knowledge or informed
speculation about the mechanism behind the unclassified/classified
switches? Are we talking two entire separate CPUs with a mutex-
shared screen/keyboard? Or
On Jan 27, 2009, at 2:35 PM, Hal Finney wrote:
John Gilmore writes:
The last thing we need is to deploy a system designed to burn all
available cycles, consuming electricity and generating carbon
dioxide,
all over the Internet, in order to produce small amounts of bitbux to
get emails or
On Jan 28, 2009, at 2:03 PM, Perry E. Metzger wrote:
There's a Classified USB Cable for file transfer with Classified
PC
I wonder what a classified USB cable is. Perhaps it's an
unclassified USB
cable with the little three-prong USB logo blacked out by the
censors.
I would imagine it
On Jan 29, 2009, at 10:07 AM, Donald Eastlake wrote:
Recent research has shown that a new and disturbing form of computer
infection is readily spread: the epidemic copying of malicious code
among wireless routers without the participation of intervening
computers. Such an epidemic could easily
On Jan 30, 2009, at 4:47 PM, Ray Dillinger wrote:
I have a disgustingly simple proposal. [Basically, always include a
cryptographic token when you send mail; always require it when you
receive mail.]
There is little effective difference between this an whitelists. If I
only accept mail
On Feb 2, 2009, at 2:29 AM, Peter Gutmann wrote:
Mark Ryan presented a plausible use case that is not DRM:
http://www.cs.bham.ac.uk/~mdr/research/projects/08-tpmFunc/.
This use is like the joke about the dancing bear, the amazing thing
isn't the
quality of the dancing but the fact that the
Interesting article from the BBC on the state of play in cyber
attack and defense. Not much depth - I'm sure you weren't expecting
it, given the source - but worth looking at.
http://news.bbc.co.uk/2/hi/europe/7851292.stm
-- Jerry
On Feb 19, 2009, at 8:36 AM, Peter Gutmann wrote:
There are a variety of password cost-estimation surveys floating
around that
put the cost of password resets at $100-200 per user per year,
depending on
which survey you use (Gartner says so, it must be true).
You can get OTP tokens as
On Feb 17, 2009, at 6:03 PM, R.A. Hettinga wrote:
Begin forwarded message:
From: Sarad AV jtrjtrjtr2...@yahoo.com
Date: February 17, 2009 9:51:09 AM EST
To: cypherpu...@al-qaeda.net
Subject: Shamir secret sharing and information theoretic security
hi,
I was going through the wikipedia
Summary: Sweden developed its own secure encryption system for
communicating with fighter jets. A new jet, which is scheduled to
replace all existing fighters by 2011, uses a NATO-standard encryption
system - only. There is no plan in place to upgrade the ground
systems to the NATO
On Feb 27, 2009, at 2:13 PM, Santiago Aguiar wrote:
* Is there any standard cryptographic hash function with an output
of about 64 bits? It's OK for our scenario if finding a preimage for
a particular signature takes 5 days. Not if it takes 5 minutes.
Not specifically, but you can simply take
On Mar 2, 2009, at 12:56 PM, Santiago Aguiar wrote:
Hi,
Jerry Leichter wrote:
Not specifically, but you can simply take the first 64 bits from a
larger cryptographically secure hash function.
OK, I didn't know if it was right to do just that. We were thinking
to use that hash in an HMAC so
On May 5, 2009, at 1:17 PM, Paul Hoffman wrote:
...This leads to the question: if a CA in a trust anchor pile does
something wrong (terribly wrong, in this case) and fixes it, should
they be punished? If you say yes, you should be ready to answer
who will benefit from the punishment and in
On May 8, 2009, at 3:39 PM, Ian G wrote:
The difficulty with client certs is that I need them to also work
on my
laptop. And my other laptop. And my phone.
So, how do I get hold of them when I'm on the road?
Good point. The difficulty with my passwords is that I have so many
that are so
I recently stumbled across two attempts to solve a cryptographic
problem - which has lead to what look like rather unfortunate solutions.
The problem has to do with using rsync to maintain backups of
directories. rsync tries to transfer a minimum of data by sending
only the differences
On May 11, 2009, at 7:06 PM, silky wrote:
How about this.
When you modify a file, the backup system attempts to see if it can
summarise your modifications into a file that is, say, less then 50%
of the file size.
So if you modify a 10kb text file and change only the first word, it
will
On May 11, 2009, at 7:08 PM, Matt Ball wrote:
Practically, to make this work, you'd want to look at the solutions
that support 'data deduplication' (see
http://en.wikipedia.org/wiki/Data_deduplication). These techniques
typically break the data into variable length 'chunks', and
de-duplicate by
On May 11, 2009, at 8:27 PM, silky wrote:
The local version needs access to the last committed file (to compare
the changes) and the server version only keeps the 'base' file and the
'changes' subsets.
a) What's a committed file.
b) As in my response to Victor's message, note that you can't
The introduction of the acronym DRM has drawn all the hysteria it
always does.
The description you've posted much more closely matches license (or
sometimse entitlement) management software than DRM. There are many
companies active in this field. Many are small, but Microsoft sells
Using retransmissions for steganography.
http://arxiv.org/pdf/0905.0363v3
-- Jerry
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to
On May 29, 2009, at 8:48 AM, Peter Gutmann wrote:
Jerry Leichter leich...@lrw.com writes:
For the most part, software like this aims to keep reasonably honest
people honest. Yes, they can probably hire someone to hack around
the
licensing software. (There's generally not much motivation
On Jun 28, 2009, at 4:05 PM, Ivan Krstić wrote:
Does anyone have a recommended encrypted password storage program for
the mac?
System applications and non-broken 3rd party applications on OS X
store credentials in Keychain, which is a system facility for
keeping secrets. Your user keychain
Randomness from quantum effects at Megabits per second (and they claim
they can get to Gb/s). I can't say I follow all the details of what
they're doing.
http://spie.org/x35516.xml
-- Jerry
On Jul 8, 2009, at 8:46 PM, d...@geer.org wrote:
I don't honestly think that this is new, but even
if it is, a 9-digit random number has a 44% chance
of being a valid SSN (442 million issued to date).
Different attack. What they are saying is that given date and place
of birth - not normally
On Jul 21, 2009, at 3:11 PM, Hal Finney wrote:
The first is equivalent to: knowing g^(xy) is it impossible to
deduce g^x,
where y = H(g^x). Define Y = g^x, then y = H(Y) and g^(xy) = Y^H(Y).
The
question is then:
Given Y^H(Y) can we deduce Y?
To make a simple observation: H matters. If
On Jul 21, 2009, at 10:48 PM, Perry E. Metzger wrote:
d...@geer.org writes:
The pieces of the key, small numbers, tend to =93erode=94 over
time as
they gradually fall out of use. To make keys erode, or timeout,
Vanish
takes advantage of the structure of a peer-to-peer file system. Such
On Jul 26, 2009, at 12:11 AM, james hughes wrote:
On Jul 24, 2009, at 9:33 PM, Zooko Wilcox-O'Hearn wrote:
[cross-posted to tahoe-...@allmydata.org and cryptography@metzdowd.com
]
Disclosure: Cleversafe is to some degree a competitor of my Tahoe-
LAFS project.
...
I am tempted to ignore
On Jul 26, 2009, at 2:27 PM, Perry E. Metzger wrote:
...[T]here is an exploitable hole in
Adobe's Flash right now, and there is no fix available yet
This highlights an unfortunate instance of monoculture -- nearly
everyone on the internet uses Flash for nearly all the video they
watch,
so
On Jul 26, 2009, at 11:20 PM, Perry E. Metzger wrote:
Jerry Leichter leich...@lrw.com writes:
While I agree with the sentiment and the theory, I'm not sure that it
really works that way. How many actual implementations of typical
protocols are there?
I'm aware of at least four TCP/IP
Found on the Telecom list (which I've subscribed to for years but
almost never read any more). The paper is quite interesting.
-- Jerry
Date: Fri, 31 Jul 2009 22:07:03 -0400
From: Monty Solomon mo...@roscom.com
To:
Why Cloud Computing Needs More Chaos:
http://www.forbes.com/2009/07/30/cloud-computing-security-technology-cio-network-cloud-computing.html
[Moderator's note: ... the article is about a growing problem -- the
lack of good quality random numbers in VMs provided by services like
EC2
and the
A couple of weeks ago, Apple distributed a firmware update for their
keyboards - the standalone ones, not the ones built into laptops. I
remarked at the time (perhaps on this list?) that given a way for
Apple to update the firmware ... was there a way for others with
malicious intent?
Just about all notebooks shipped in the last 5 years or more contain a
helpful bit of code in the BIOS that allows for remote tracing in case
of theft. Unfortunately, it's got serious security holes, allowing it
to be used for much more nefarious purposes - like rootkits that
survive disk
3. Cleversafe should really tone down the Fear Uncertainty and
Doubt about today's encryption being mincemeat for tomorrow's
cryptanalysts. It might turn out to be true, but if so it will be
due to cryptanalytic innovations more than due to Moore's Law. And
it might not turn out like
On Aug 11, 2009, at 2:47 PM, Hal Finney wrote:
[Note subject line change]
Jerry Leichter writes:
Since people do keep bringing up Moore's Law in an attempt to justify
larger keys our systems stronger than cryptography, it's worth
keeping in mind that we are approaching fairly deep physical
http://jwis2009.nsysu.edu.tw/location/paper/A%20Practical%20Message%20Falsification%20Attack%20on%20WPA.pdf
A Practical Message Falsification Attack on WPA
Toshihiro Ohigashi and Masakatu Morii
Abstract. In 2008, Beck and Tews have proposed a practical attack on
WPA. Their attack (called the
http://conferences.sigcomm.org/sigcomm/2009/workshops/mobiheld/papers/p31.pdf
ABSTRACT
Modern mobile phones possess three types of capabilities:
computing, communication, and sensing. While these capa-
bilities enable a variety of novel applications, they also raise
serious privacy concerns. We
It can “...intercept all audio data coming and going to the Skype
process.”
Proof of concept, but polished versions will surely follow.
http://www.scmagazineus.com/Skype-snooping-trojan-detected/article/147537/
-- Jerry
On Sep 3, 2009, at 12:26 AM, Peter Gutmann wrote:
This returns us to the previously-unsolved UI problem: how -- with
today's
users, and with something more or less like today's browsers since
that's
what today's users know -- can a spoof-proof password prompt be
presented?
Good enough to
On Sep 7, 2009, at 8:58 AM, Jerry Leichter wrote:
...standard Mac OS GUI element to prompt for passwords ...
I should expand on that a bit: This GUI element is used for all kinds
of things tied to a window, not just passwords. For example, if you
try to close a window that contains stuff
On Sep 4, 2009, at 4:24 PM, Matt Crawford wrote:
. . . federal agents at the conference got a scare on Friday when
they were told they might have been caught in the sights of an RFID
reader.
The reader, connected to a web camera, sniffed data from RFID-
enabled ID cards and other documents
On Sep 17, 2009, at 1:20 AM, Peter Gutmann wrote:
Kevin W. Wall kevin.w.w...@gmail.com writes:
(Obviously some of these padding schemes such as OAEP are not
suitable with
symmetric ciphers. Or at least I don't think they are.)
You'd be surprised at what JCE developers will implement just
Well, here I'll expect one. :-)
As there is increasing pressure to keep
records of Internet use, there will be a counter-move to use VPN's
which promise to keep no records. Which will lead to legal orders
that records be kept, with no notification to those being tracked.
Enter secure
On Oct 3, 2009, at 2:42 AM, Kevin W. Wall wrote:
Hi list...I have a question about Shamir's secret sharing.
According to the _Handbook of Applied Cryptography_
Shamir’s secret sharing (t,n) threshold scheme works as follows:
SUMMARY: a trusted party distributes shares of a secret S to n
On Oct 14, 2009, at 7:54 PM, Perry E. Metzger wrote:
...We should also recognize that in cryptography, a small integer
safety
margin isn't good enough. If one estimates that a powerful opponent
could attack a 1024 bit RSA key in, say, two years, that's not even a
factor of 10 over 90 days, and
A bit too far for a quick visit (at least for me):
http://news.bbc.co.uk/2/hi/uk_news/england/8241617.stm
-- Jerry
-
The Cryptography Mailing List
Unsubscribe by sending
On Oct 17, 2009, at 5:23 AM, John Gilmore wrote:
Even using keys that have a round number of bits is foolish, in my
opinion. If you were going to use about 2**11th bits, why not 2240
bits, or 2320 bits, instead of 2048? Your software already handles
2240 bits if it can handle 2048, and it's
The article at http://www.net-security.org/article.php?id=1322 claims
that both are easily broken. I haven't been able to find any public
analyses of Keychain, even though the software is open-source so it's
relatively easy to check. I ran across an analysis of File Vault not
long ago
A couple of days ago, I pointed to an article claiming that these were
easy to break, and asked if anyone knew of security analyses of these
facilities.
I must say, I'm very disappointed with the responses. Almost everyone
attacked the person quoted in the article. The attacks they
On Nov 1, 2009, at 10:32 PM, Steven Bellovin wrote:
On Oct 29, 2009, at 11:25 PM, Jerry Leichter wrote:
A couple of days ago, I pointed to an article claiming that these
were easy to break, and asked if anyone knew of security analyses
of these facilities.
I must say, I'm very
On Nov 2, 2009, at 5:36 PM, Jeffrey I. Schiller wrote:
- Jerry Leichter leich...@lrw.com wrote:
for iPhone's and iPod Touches, which are regularly used to hold
passwords (for mail, at the least).
I would not (do not) trust the iPhone (or iPod Touch) to protect a
high value password
On Nov 6, 2009, at 4:19 PM, Erwan Legrand wrote:
On Tue, Nov 3, 2009 at 9:41 PM, David-Sarah Hopwood
david-sa...@jacaranda.org wrote:
Jerry is absolutely correct that the practical result will be that
most
users of OpenID will become more vulnerable to compromise of a single
password.
Do
On Nov 8, 2009, at 2:07 AM, John Levine wrote:
At a meeting a few weeks ago I was talking to a guy from BITS, the
e-commerce part of the Financial Services Roundtable, about the way
that malware infected PCs break all banks' fancy multi-password logins
since no matter how complex the login
On Nov 8, 2009, at 6:30 AM, Zooko Wilcox-O'Hearn wrote:
I propose the following combined hash function C, built out of two
hash functions H1 and H2:
C(x) = H1(H1(x) || H2(x))
I'd worry about using this construction if H1's input block and output
size were the same, since one might be able
On Nov 8, 2009, at 7:45 PM, Thorsten Holz wrote:
...There are several approaches to stop (or at least make it more
difficult) this attack vector. A prototype of a system that
implements the techniques described in your blog posting was
presented by IBM Zurich about a year ago, see
On Nov 11, 2009, at 10:36 AM, Matt Crawford wrote:
On Nov 10, 2009, at 8:44 AM, Jerry Leichter wrote:
Whether or not it can, it demonstrates the hazards of freezing
implementations of crypto protocols into ROM: Imagine a world in
which there are a couple of hundred million ZTIC's
On Nov 16, 2009, at 12:30 PM, Jeremy Stanley wrote:
If one organization distributes the dongles, they could accept
only updates signed by that organization. We have pretty good
methods for keeping private keys secret at the enterprise level,
so the risks should be manageable.
But even then,
On Nov 18, 2009, at 6:16 PM, Anne Lynn Wheeler wrote:
... we could moved to a person-centric paradigm ... where a person
could use the same token for potentially all their interactions ...
we claimed we do something like two orders magnitude reduction in
fully-loaded costs by going to no
On Nov 21, 2009, at 6:12 PM, Bill Frantz wrote:
leich...@lrw.com (Jerry Leichter) on Saturday, November 21, 2009
wrote:
It's no big deal to read these cards,
and from many times the inch or so that the standard readers require.
So surely someone has built a portable reader
On Mar 25, 2010, at 8:05 AM, Dave Kleiman wrote:
March 24th, 2010 New Research Suggests That Governments May Fake SSL
Certificates
Technical Analysis by Seth Schoen
http://www.eff.org/deeplinks/2010/03/researchers-reveal-likelihood-governments-fake-ssl
Today two computer security
On Apr 21, 2010, at 7:29 PM, Samuel Neves wrote:
EC definitely has practical merit. Unfortunately the patent issues
around
protocols using EC public keys are murky.
Neither RSA nor EC come with complexity proofs.
While EC (by that I assume you mean ECDSA) does not have a formal
security
On Jul 9, 2010, at 1:55 PM, Jonathan Katz wrote:
CTR mode seems a better choice here. Without getting too technical,
security of CTR mode holds as long as the IVs used are fresh
whereas security of CBC mode requires IVs to be random.
In either case, a problem with a short IV (no matter what
On Jul 9, 2010, at 1:00 PM, Pawel wrote:
Hi,
On Apr 27, 2010, at 5:38 AM, Peter Gutmann (alt) pgut001.reflec...@gmail.com
wrote:
GPS tracking units that you can fit to your car to track where your
kids are taking it [T]he sorts of places that'll sell you card
skimmers and RFID
On Jun 3, 2010, at 10:39 AM, Sandy Harris wrote:
India recently forbade some Chinese companies from bidding on some
cell phone infrastructure projects, citing national security
concerns...
The main devices to worry about are big infrastructure pieces --
telephone switches, big routers and
On Jun 29, 2010, at 3:33 AM, Steven Bellovin wrote:
For years, there have been unverifiable statements in the press
about assorted hostile parties using steganography. There may now
be a real incident -- or at least, the FBI has stated in court
documents that it happened.
According to
On Jul 11, 2010, at 1:16 PM, Ben Laurie wrote:
Beyond simple hacking - someone is quoted saying You can consider
GPS a
little like computers before the first virus - if I had stood here
before
then and cried about the risks, you would've asked 'why would anyone
bother?'. - among the
On Jul 27, 2010, at 5:34 PM, Ben Laurie wrote:
On 24/07/2010 18:55, Peter Gutmann wrote:
- PKI dogma doesn't even consider availability issues but expects the
straightforward execution of the condition problem - revoke cert. For a
situation like this, particularly if the cert was used to
On Jul 28, 2010, at 11:04 AM, Jonathan Thornburg wrote:
http://www.crashie.com/ - if you're feeling malicious, just include
the one line JavaScript that will make IE6 crash, maybe eventually
the
user will figure it out. (Or maybe not).
Please stop and think about the consequences before
On Aug 1, 2010, at 10:34 AM, Henrique de Moraes Holschuh wrote:
(Please keep all CCs).
On Sun, 01 Aug 2010, Jerry Leichter wrote:
file might be reused: Stir in the date and time and anything else
that might vary - even if it's readily guessable/detectable - along
Well, yes, we have several
On Aug 1, 2010, at 7:10 AM, Peter Gutmann wrote:
Thanks to all the folks who pointed out uses of m-of-n threshold
schemes,
however all of them have been for the protection of one-off, very
high-value
keys under highly controlled circumstances by trained personnel,
does anyone
know of any
On Aug 2, 2010, at 2:30 AM, Peter Gutmann wrote:
Jerry Leichter leich...@lrw.com writes:
One could certainly screw up the design of a recovery system, but one
would have to try. There really ought not be that much of difference
between recovering from m pieces and recovering from one
On Aug 2, 2010, at 1:25 PM, Nicolas Williams wrote:
On Mon, Aug 02, 2010 at 12:32:23PM -0400, Perry E. Metzger wrote:
Looking forward, the there should be one mode, and it should be
secure philosophy would claim that there should be no insecure
mode for a protocol. Of course, virtually all
On Aug 2, 2010, at 4:19 PM, Paul Wouters wrote:
...Of course, TLS hasn't been successful in the sense that we care
about
most. TLS has had no impact on how users authenticate (we still send
usernames and passwords) to servers, and the way TLS authenticates
servers to users turns out to be
We discussed the question of why IE6 is still out there. Well ... http://arstechnica.com/microsoft/news/2010/08/despite-petition-uk-government-to-keep-ie6.ars
reports that the UK government has officially decided not to replace
IE6, feeling the costs outweigh the benefits. Quoting from the
Excerpted from
http://arstechnica.com/security/news/2010/08/cars-hacked-through-wireless-tyre-sensors.ars
-- Jerry
The tire pressure monitors built into modern cars have been shown to
be insecure by researchers from Rutgers University
On Aug 17, 2010, at 4:20 AM, Peter Gutmann wrote:
Your code-signing system should create a tamper-resistant audit
trail [0] of
every signature applied and what it's applied to.
Peter.
[0] By this I don't mean the usual cryptographic Rube-Goldbergery,
just log
the details to a separate
Yesterday I asked about Haystack, an anti-censorship system that
appears to exist mainly as newspaper articles. So today I ran across
another system, which appears to be real: Collage (http://gigaom.com/2010/07/12/software-uses-twitter-flickr-to-let-dissidents-send-secret-messages/
),
On Aug 25, 2010, at 4:37 PM, travis+ml-cryptogra...@subspacefield.org
wrote:
I also wanted to double-check these answers before I included them:
1) Is Linux /dev/{u,}random FIPS 140 certified?
No, because FIPS 140-2 does not allow TRNGs (what they call non-
deterministic). I couldn't tell
On Sep 6, 2010, at 10:49 PM, John Denker wrote:
If you think about the use of randomness in cryptography, what
matters
isn't really randomness - it's exactly unpredictability.
Agreed.
This is a very
tough to pin down: What's unpredictable to me may be predictable to
you,
It's easy to
On Sep 22, 2010, at 9:34 AM, Steven Bellovin wrote:
Does anyone know of any ciphers where bits of keys modify the
control path, rather than just data operations? Yes, I know that
that's a slippery concept, since ultimately things like addition and
multiplication can be implemented with
On Oct 1, 2010, at 11:34 PM, Richard Outerbridge wrote:
Any implementation that returns distinguishable error conditions
for invalid padding is vulnerable...
Oh come on. This is really just a sophisticated variant of the old
never say which was wrong - login ID or password - attack. In
On Oct 7, 2010, at 4:14 AM, Christoph Gruber gr...@guru.at wrote:
a 19-year-old just got a 16-month jail sentence for his refusal to
disclose the password that would have allowed investigators to see
what was on his hard drive.
What about
On Oct 7, 2010, at 1:10 PM, Bernie Cosell wrote:
a 19-year-old just got a 16-month jail sentence for his refusal to
disclose the password that would have allowed investigators to see
what was on his hard drive.
What about http://www.truecrypt.org/docs/?s=plausible-deniability
Could this be
1 - 100 of 210 matches
Mail list logo