Cryptography-Digest Digest #986, Volume #9 Wed, 4 Aug 99 17:13:03 EDT
Contents:
I need books ("Jeffery Nelson")
where to start? ("Claudio Facilla")
security of algorithm? (Gabe Simon)
Re: Is breaking RSA NP-Complete ? ([EMAIL PROTECTED])
Re: Blowfish x86 assembler ([EMAIL PROTECTED])
Re: What is "the best" file cryptography program out there? ([EMAIL PROTECTED])
Re: Prime number. (John McDonald, Jr.)
Re: Storing keys ([EMAIL PROTECTED])
Re: What is "the best" file cryptography program out there? ([EMAIL PROTECTED])
Re: ORB - Open Random Bit Generator (Alwyn Allan)
Re: Is breaking RSA NP-Complete ? (Bodo Moeller)
Re: ORB - Open Random Bit Generator ([EMAIL PROTECTED])
Re: Infallible authentication scheme ([EMAIL PROTECTED])
Re: The security of TEA ([EMAIL PROTECTED])
Re: Is breaking RSA NP-Complete ? (Bodo Moeller)
Re: Is the output of 3DES really pseudorandom??? ([EMAIL PROTECTED])
Re: where to start? ([EMAIL PROTECTED])
Re: security of algorithm? ([EMAIL PROTECTED])
Re: What is "the best" file cryptography program out there? ([EMAIL PROTECTED])
Re: Intel 810 chipset security ("Thomas J. Boschloo")
----------------------------------------------------------------------------
From: "Jeffery Nelson" <[EMAIL PROTECTED]>
Subject: I need books
Date: Wed, 4 Aug 1999 14:09:27 -0000
I'm looking for good books to read that will help me to understand the more
complex sides of cryptography. I understand the "one time pad" method, but
Hash's elude me. I can get most any book so if you could tell me the name
and author...
-thanks
Jeff
------------------------------
From: "Claudio Facilla" <[EMAIL PROTECTED]>
Subject: where to start?
Date: Wed, 4 Aug 1999 20:26:07 +0200
Well, i was starting to study cryptology - I've found on net many
information but no point of start...
any help for this?
My problem: i have 3 or 4 number (as 2358 2569 2558 and 2589 3698 4571)...
and so on - i want to find the algorithm of generation... where to start?
There are any programs to help me? Where i find it?
Any - any kind of help will be appreciated (like go there and study - start
from there... u can do this and so on)...
I repeat - i m a newbe and i was unable to find any point where to start...
------------------------------
From: [EMAIL PROTECTED] (Gabe Simon)
Subject: security of algorithm?
Date: 4 Aug 1999 19:24:57 GMT
Hi,
This is my first time reading this newsgroup. I found it because after
reading Cryptonomicon I couldn't help delving full-force into the real math
of cryptography. Needless to say I am an ameteur. At any rate, I wrote my
own encryption program and I was wondering if anyone could tell me it's
relative security and/or any potential weaknesses it has. The algorithm
(simplified) goes something like this:
1) Start with plaintext message and 64 bit key.
2) Take each (8) byte of the key and churn it through 10 iterations of the
Fibonacci sequence using it, and the bytes' position in the key (i.e. 1-8)
for starting values. All of this is done modulo 256. This step is to
reversibly pseudo-randomize the key.
3) Simply XOR the a byte of the (randomized) key with a byte of the
plaintext message.
I know that it is fairly simple, but being a complete novice, I can't think
of any way to crack it. The cyphertext is statistically random as far as I
can tell. Anyway, if someone would be so kind as to point out any flaws
and/or make some suggestions I'd be much obliged. Thanks
Gabe Simon
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Is breaking RSA NP-Complete ?
Date: Wed, 04 Aug 1999 19:31:56 GMT
"rosi" wrote:
> Why NP, and why not X1, X2, etc. and forget about complexity? Is it
> already too crowded over there?
Anyone is welcome to forget about complexity.
> Something carrying the name of NP but goes beyond NP?
If it isn't NP, please don't call it NP.
> At
> this point, forgive me for asking a silly question (as NP is getting
> so vague now)
NP is not the slightest bit vague.
> : Do CLR say NP-hard is part of NP?
No.
> Superset. It should not convey the sense of proper. If not proper,
> there is 'no distinction'.
The languages in NP-Hard are a proper superset of
NP-complete.
> If proper, we have NPh into E? into PSPACE?
> or into just-a-bit-tight-for-SPACE? :)
NP-Hard is neither a subset nor superset of PSPACE.
I'm not sure what E is.
> I lack math training, but I hold that there is 'hard' and there is
> 'easy'.
> There may be 'not-so-easy-and-not-so-hard'. I only need to see a
> sensible definition (in complexity terms).
As noted, there is disagreement about the definition
of NP-Hard. You can easilly find the definitions of
all the others.
--Bryan
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Blowfish x86 assembler
Date: Wed, 04 Aug 1999 19:33:21 GMT
In article <[EMAIL PROTECTED]>,
Gord <[EMAIL PROTECTED]> wrote:
> Whoa Tom!
> I was making a joke (hence ":P" above)
>
I am so sorry. I have been getting dumped on lately though ...
Tom
--
PGP key is at:
'http://mypage.goplay.com/tomstdenis/key.pgp'.
Free PRNG C++ lib:
'http://mypage.goplay.com/tomstdenis/prng.html'.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: What is "the best" file cryptography program out there?
Date: Wed, 04 Aug 1999 20:04:19 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> KidMo84 wrote:
>
> > What is the best file cryptography program out there that you can
get online or
> > purchase over the counter. Comparing Ease of use with Security of
encryption.
>
> PGP. Get it at www.pgpi.com . Be sure to set the key size to 4096
(not the
> default 2048). 100% free.
That form of implicit trust scares me. What makes a 1024 bit key less
secure then a 4096 bit key? (And if you say ease of solving you have
no clue about the crypto world).
para-phrase from HOPE conference.... PGP is good, they will not attack
the math, the math is fine. An attacker will find another way. ...
Basically even 512 bit keys are secure, but with the new technologies
they will fall (in about 5-10 years), note that TWINKLE has never
actually been built. 1024 bit keys requires to much for the 'MATRIX'
step (guassian elimination) to make it feasible. So a 1024-bit key
(heck even 768 bit keys) are fine from a math-attackers standpoint. If
I could just upload a fake key in your name do I need to break the math?
Tom
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED] (John McDonald, Jr.)
Subject: Re: Prime number.
Date: Wed, 04 Aug 1999 19:18:28 GMT
On Tue, 03 Aug 1999 23:40:39 GMT, Bob Silverman <[EMAIL PROTECTED]> wrote:
>Bob Silverman
>"You can lead a horse's ass to knowledge, but you can't make him think"
You know, Bob's response to my post really bothered me for about 10
minutes today, until I read the rest of his posts to this NG. It
seems that despite the man's rather costly education, he forgot to
include people skills. Did you skip the course on "How not to come
across like an Asshole?" at Harvard? Did they not offer it at the
University of Chicago?
Anyways, my point is this. I was incorrect. Someone caught me on it.
Good for them. No reason to be an asshole.
I must say that Bob here is one of the most beligerent people I've
ever had the misfortune of coming across in all my six years on the
internet. Or, rather, the most beligerent who didn't turn out to be a
pre-pubescent hacker wannabe. Kudos, Bob!
So here's a personal skills lesson for you Bob. It doesn't matter how
intelligent you are, or how much you actually know. If you come off
like a conceited, cocky SOB, no one will ever care what you have to
say.
[-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-]
John K. McDonald, Jr. Alcatel, USA
[EMAIL PROTECTED]
please remove -delete- for responses.
--
"I speak for me and not this company"
TO SPAMMERS:
Please view the definitions for
"telephone facsimile machine,"
"unsolicted advertisement," and the
prohibition and penalty for sending
unsolicited faxes before sending Un-
solicited Commercial E-mail to the
above address. Violators WILL BE
PROSECUTED. These can be found
in:
The Telephone Consumer Protection Act
of 1991, Title 47, Chapter 5,
Subchapter II, Section 227.
[=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=]
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Storing keys
Date: Wed, 04 Aug 1999 20:10:38 GMT
<snip>
Might I add to avoid dictionary attacks you do this
1. Get username and password, and random R
2. Store user name, R and H(password || R)
To verify
1. read username and R
2. get password, compare H(password || R) with onfile hash
This way to users with the same password will not have the same
hash ... The user doesn't even need to know R.
Tom
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: What is "the best" file cryptography program out there?
Date: Wed, 04 Aug 1999 20:07:43 GMT
In article <7o87v8$pde$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (SCOTT19U.ZIP_GUY) wrote:
> If you want security of your own personnel files and you are
capable of
> understanfing DOS and if you have a modern machine with lots of speed
> and a large memory you can do no better than the FREE one I wrote
> I also include the source code.
>
> Get scott19u.zip
Not to mention no actual analyis, key exchange or reasonable
efficiency :)
Again what makes scottu any better then say DES? It's how the
application is designed which makes security work. In your scheme the
private key has to be sent somehow. There may even be ciphertext only
attacks ... no one knows since no one really analyzed the algorithm.
I would say PGP is more usefull then scottu since it allows easy
keyexchange. Although the problem with PGP is alot of paranoia is put
in key lengths. use 4096 bit keys they say ... what a waste. The
minute someone factors a 512 or 768 bit key I would agree ...
Tom
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
Date: Wed, 04 Aug 1999 16:25:47 -0400
From: Alwyn Allan <[EMAIL PROTECTED]>
Subject: Re: ORB - Open Random Bit Generator
David Wagner wrote:
> Why do you use MD2? It's slow, and serious concerns have been raised
> about its security (it was nearly broken at SAC one year). SHA1 is the
> obvious choice these days...
The chip I am using has 1024 words of ROM 128 bytes of RAM. I would prefer to
use SHA1 but when I investigated I concluded it would not fit. If/when a chip
is available in the same price class with A/D onboard, I will make the switch.
In the mean time, MD2 is *not* broken, and even if collisions are found,
predicting ORB's output or distinguishing it from "true" randomness will not
be easy.
> You appear to have applied DIEHARD to the output of the generator after
> hashing. This is poor methodology -- any generator (even a counter) will
> pass DIEHARD if you hash it first. You should apply your tests to the
> raw, unhashed output from your randomness source (the d_i, in your terms).
Good point. Good statistics on the hashed output give comfort that everything
(including the hash) is working. I will make a special chip to test the d_i's
when I get a chance.
The full link is:
http://www.delanet.com/~apa/orb/
-----------== Posted via Newsfeeds.Com, Uncensored Usenet News ==----------
http://www.newsfeeds.com The Largest Usenet Servers in the World!
======== Over 73,000 Newsgroups = Including Dedicated Binaries Servers =======
------------------------------
From: [EMAIL PROTECTED] (Bodo Moeller)
Subject: Re: Is breaking RSA NP-Complete ?
Date: 4 Aug 1999 20:31:49 GMT
Bob Silverman <[EMAIL PROTECTED]>:
> I have seen different definitions of NP-Hard. The definition I prefer
> is:
>
> A problem is NP-Hard if it is polynomial time reducible (in the sense
> of Karp reducibility) to the hardest problem in NP.
My impression (derived from a possibly too small set of samples) was
that nowadays most people agree that NP-hardness is about
Turing-reductions ... isn't that also the definition that Garey &
Johnson seem to prefer?
And of course even for NP-completeness we have some choice. While
Cook's original definition (which was about Turing-reductions, except
that he did not use that word) seems to be out of fashion, both P- and
LOGSPACE-reductions (of the Karp kind) seem to be in. YMMV.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: ORB - Open Random Bit Generator
Date: Wed, 04 Aug 1999 20:25:12 GMT
In article <[EMAIL PROTECTED]>,
Alwyn Allan <[EMAIL PROTECTED]> wrote:
> Announcing ORB - Open Random Bit Generator
>
> ORB is a single-chip random bit generator featuring:
>
> * Low cost (~$2 each in production quantities)
Of how many? Can hobbyist purchase orders of 10s, 50s or 100s?
> * Low power consumption (2 mA, 1 mA standby)
At how many volts? Standard 5v?
> * Wide operating voltage range (2.5 - 5.5 V)
> * Wide temperature range (-40 to 85°C, 125°C avail.)
> * Moderate speed (1000+ bits/sec)
Via what? A serial port? or SPI?
> * Good statistical properties
Says who?
> * Cryptographic quality randomness
Says who?
> * Open design (not free)
Where? Are there design specs online? Who designed it? Are there
custom chips avail?
> * Simple interface
You mean a single 8-bit data port?
> * Small footprint (5.3 x 8.1 mm, 8-lead SOIC)
Super.
> ORB is based on a Microchip Technology 8-bit microcontroller, and uses
> one external resistor. Entropy is generated by a unique (patent
pending)
> process in which a capacitor is charged and discharged according to
the
> contents of a bitstream, and the capacitor's voltage is measured by an
> A/D converter. The low-order bits of the A/D results are "stirred"
into
> an entropy pool, which is then processed through a cryptographic hash
> function (MD2). Part of the hash result is the random output and part
of
> it forms the bitstream to continue the process.
What is the period of the bitstream? What if the bitstream is biased?
I though chips using capacitors allready exist ...
> Orb is now shipping in sample quantities. Please see
>
> www.delanet.com/~apa/orb
>
> for more details.
Any freebies?
Tom
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Infallible authentication scheme
Date: Wed, 04 Aug 1999 19:45:38 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (Michelle Davis) wrote:
> Of course, you're right. But since the security requirements of the
> scheme are extreme, there is the possibility that someone will try to
> utilise known elements in the string to be hashed (in your example,
> A||R||I) to facilitate a dictionary attack (a dictionary attack tasked
> at getting back to the hash input from the MD, and discovering your
> secret key A). There just wouldn't be sufficient entropy in the
> message digest if you know half the hash input, and so your attacker
> might just try to "guess," and could succeed. At least, that's what
> I've been advised by someone who develops solutions quite similar to
> this (not a cryptographer, I should mention). If it's complete
> bollocks, let me know, but I thought there was something to this
> entropy business, so I threw in DES to make it totally foolproof.
lol... If the hash is strong then knowing 99% of the message will not
give you the rest. There are birthday attacks though, but the counter
and fixed 'private key' should stop that (the input to the hash is not
completely random). I dunno exactly.
Adding DES does not make this any more secure though. Either you can
do a birthday attack or you can't. I would review ciphers like
ARDVARK, BEAR and LION for ideas/attacks with respect to keyed 'hash'
operations. There are some mitm attacks I believe ... I would have to
look them up (which means work).
> p.s. Just thinking about this - if you're trying to get back to your
> hash input from a truncated SHA-1 message digest, you essentially have
> to find on the order of 2^80 collissions until you get to the correct
> 512-bit string. Now, any known elements in your hash input would
> greatly narrow this down, since you'd know that the correct string can
> only end with R||I. This brings you down to far less than 2^80
> collissions (how much less, I can't say). Van Oorson and Wiener
> estimate a six million dollar machine (in today's terms) can find a
> collission in SHA-1 over twenty days or so. If the number of
> collissions was reasonable, some kind of net-based massive parrallel
> attack would then be able to compromise my scheme. With 3DES thrown
> in, they can brute-force it for the next quarter-million years, and it
> wouldn't do them any good.
Well in this instance where you have
output = H(K|R|I)
K = 160 bit key, R = 64 bit random string, I = 64 bit counter
Learning anything at all about the preimage would break the hash. If
the hash is strong you can't learn anything about the private component.
Which leads me to another idea. You can't do birthday attacks against
this since you can only control one input. In a birthday attack you
can control both hashes, but here you have a preimage.
The input string is 128+160 or 288 bits. There are 2^288/2^160 or
2^128 messages that could have hashed down to the known output. This
would suggest keysizes the sum of the two known components. If you had
128 bit R and I you would get 256+256=512 512-160=352 or 2^352 messages
that could have hashed down to. This means searching all possible
inputs would be harder then guessing the key.
Just some thoughts...
Tom
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: The security of TEA
Date: Wed, 04 Aug 1999 19:52:45 GMT
In article <7o8evv$rhc$[EMAIL PROTECTED]>,
"Rick Braddam" <[EMAIL PROTECTED]> wrote:
> I think what Tom is saying is that people don't post code and ask if
their own use of algorithm X is secure, and if so, I agree with
> him. You also don't see any examples of good or bad use of an
algorithm in an application. Occasionally, you see a remark about a
> certain application being weak because it doesn't wipe the password
or phrase as soon as possible after it is entered, exposing the
> password unnecessarily.
Basically my point. Nobody talks about how to secure an application.
It's not enough for the application to use secure algorithms, itself
has to be secure (and the protocals) for the entire thing to work.
> You also don't read much from anyone who has found ways to work
around some of the weaknesses in Windows. Maybe the problems with
> Windows are too tough, or maybe it's just that no one is interested
because there are easier operating systems to work with, from a
> security point of view.
Well counterpane has exposed the VPN stuff from MS but that's about
it. Everyone knows the default RC4 .DLLs use 40 bit keys ... which is
another bummer (but RC4 is so easy to code who needs dlls anyways?).
> Just one person's 2 cents worth, and probably overvalued at that.
I've got to go study the Windows keyboard driver... I may have
> thought of a way to prevent password snooping, or at least make it
very difficult. Back to lurking...
Basically you would have to tap the keyboard interrupt. A snooping
program would do the same. At least that's how I would do it in DOS
(tap the port and make a file with all keystrokes).
Tom
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED] (Bodo Moeller)
Subject: Re: Is breaking RSA NP-Complete ?
Date: 4 Aug 1999 20:53:27 GMT
Bodo Moeller <[EMAIL PROTECTED]>:
> Bob Silverman <[EMAIL PROTECTED]>:
>> I have seen different definitions of NP-Hard. The definition I prefer
>> is:
>>
>> A problem is NP-Hard if it is polynomial time reducible (in the sense
>> of Karp reducibility) to the hardest problem in NP.
Oops, it seems I did not read this definition too carefully before I
posted my previous article. I don't think that you really prefer that
definition, because even the easiest of problems can be reduced to
hard ones, so even trivial ones would qualify as "NP-hard" by that
definition. I read it the other way around, which is probably what
you meant.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Is the output of 3DES really pseudorandom???
Date: Wed, 04 Aug 1999 19:48:46 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (Michelle Davis) wrote:
> Okay, but I suppose that if nobody knows my previous 2000 outputs, it
> wouldn't really help them to guess the next one. Am I right? So in
> this scenario, effectively, it is pseudorandom?
Well 2000 outputs is not really a security risk. Your chances of
guessing the next output (assuming the attacker knows all 2000 outputs)
is 1 in 18446744073709549616 .... hardly a great risk. I would suggest
re-keying as often as possible though. It's not always possible to get
good inputs (say there is no keyboard or mouse events). In this case
you would have to 'risk' it.
> >BTW 3des was used in Yarrow by www.counterpane.com
>
> Thanks, I'll check this out.
Well they have a good paper on it. Their code is a bit messy
though ... oh well (I shouldn't talk though).
Tom
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: where to start?
Date: Wed, 04 Aug 1999 20:45:01 GMT
In article <7oa0ho$9c9$[EMAIL PROTECTED]>,
"Claudio Facilla" <[EMAIL PROTECTED]> wrote:
> Well, i was starting to study cryptology - I've found on net many
> information but no point of start...
>
> any help for this?
Well I like the word 'Cryptography' more... does that help?
>
> My problem: i have 3 or 4 number (as 2358 2569 2558 and 2589 3698
4571)...
> and so on - i want to find the algorithm of generation... where to
start?
>
> There are any programs to help me? Where i find it?
Well depends. Are those from a LFSR or fib. gen? If so try to solve
them with linear algebra. If it's a LFSR use the Massey algorithm to
find the polynomial and degree ...
> Any - any kind of help will be appreciated (like go there and study -
start
> from there... u can do this and so on)...
> I repeat - i m a newbe and i was unable to find any point where to
start...
>
Well I would not suggest starting by looking at facts or figures. Get
the ideas down first. I would suggest learning about the variety
of 'standard' PRNGs such as LFSRs, fibs., MWC and LCG generators. They
will get you started.
Tom
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: security of algorithm?
Date: Wed, 04 Aug 1999 20:42:19 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (Gabe Simon) wrote:
> Hi,
> This is my first time reading this newsgroup. I found it because
after
> reading Cryptonomicon I couldn't help delving full-force into the
real math
> of cryptography. Needless to say I am an ameteur. At any rate, I
wrote my
> own encryption program and I was wondering if anyone could tell me
it's
> relative security and/or any potential weaknesses it has. The
algorithm
> (simplified) goes something like this:
Well why not... :)
>
> 1) Start with plaintext message and 64 bit key.
I can handle this.
>
> 2) Take each (8) byte of the key and churn it through 10 iterations
of the
> Fibonacci sequence using it, and the bytes' position in the key (i.e.
1-8)
> for starting values. All of this is done modulo 256. This step is
to
> reversibly pseudo-randomize the key.
10 iterations of a fib sequence? What does that mean? Normally you
would here the term 'clocking' which means to generate one output.
What polynomial are you using? How big is the state? How are you
keying the state? A 8-byte state would have a period of no more then
(2^n - 1)(2 ^ (w-1)) or in this case (255)(128) = 32640 bytes ...
There would be 2^(w-1)(n-1) or 2^49 possible full length cycles.
> 3) Simply XOR the a byte of the (randomized) key with a byte of the
> plaintext message.
A known-plaintext attack could solve that in no time using linear
algebra. It's just as easy to step a fib sequence forwards as
backwards. If you know what the xor key thingny in #3 was you can solve
and find the key.
Basically it's the same as
1. Get byte of plaintext A
2. Clock PRNG once into B
3. output A xor B
only more complicated (not linearly complcated though)
I think you should read up on fib sequences more. I have a couple
papers (well not mine, but in my possesion ...) if you want I could
privately email them (just ask). I could also send you source code of
how a simple fib. generator works.
I would suggest learning about LFSRs as well. They are the background
theory in fib. generators.
Tom
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: What is "the best" file cryptography program out there?
Date: Wed, 04 Aug 1999 20:00:49 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (KidMo84) wrote:
> What is the best file cryptography program out there that you can get
online or
> purchase over the counter. Comparing Ease of use with Security of
encryption.
Sadly I must say you don't know what cryptography is or why you need it.
If you have to ask why then that confirms it.
Basically when you consider the worth of a security application or
system you have to think of: will this product make it useless for a
hacker to attack the system directly? Will they have to become in
direct contact to subvert it? Will it hinder/stop fraud?
Cryptography is about many things, such as authentication and privacy.
The two main goals. The purpose of a cryptographic system is to
provide those digitally. But it depends on your direct needs as too
what makes a good product. Alot of companies say a product is secure
because it uses MD5/DES or 3DES even. However an algorithm does't make
a program automatically secure. Consider using DES with the fixed
key '0x000000000000001' ...
Basically there is more to security then a good algorithm. We have the
algorithms now. Just no good way to implement them, which is the real
problem (note CMEA/ORYX/A5 and MS-VPN have all been broken which are
good examples of systems falling).
I would suggest reading some of Bruce S. talks on cryptography.
Especially the HOPE conference (www.counterpane.com). You can learn
alot about cryptography in the 'real world'.
BTW comparing 'ease of use' with 'strength' is really apples vs.
oranges. People say PGP is hard to use, but strong, does that make it
bad?
Tom
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: "Thomas J. Boschloo" <[EMAIL PROTECTED]>
Subject: Re: Intel 810 chipset security
Date: Wed, 04 Aug 1999 22:44:26 +0200
[EMAIL PROTECTED] wrote:
>
> > I would lone to see analysis of that and the PIII ID thingy. has
> > anyone written software yet to emulate the instructions and fake ids
> > yet?
>
> www.bigbrotherinside.com has said that they have already created a program
> that will allow you to randomize your ID (although I am not sure where to
> get it). Intel says that if you turn it off, you cannot reenable the code
> unless you reboot. They found a way around the reboot and did it
> immediatly. It's all a bunch of BS. I personally am running a K-6 400
> mHz, as I suggest everyone else do.
The exploit is at <http://www.zks.net>, but it uses a signed ActiveX
applet that also crashes the machine when it is done (forcing a reboot),
so I do not consider it a real exploit.
You would have to be insane to run ActiveX
<http://www.w3.org/Security/Faq/wwwsf7.html#Q65>
<http://www.ccc.de/radioactivex.html>.
Thomas
--
Buy an AMD K6-III <http://www.bigbrotherinside.com/#help>
PGP key: http://x11.dejanews.com/getdoc.xp?AN=453727376
Email: boschloo_at_multiweb_dot_nl
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
