Cryptography-Digest Digest #824, Volume #10 Sun, 2 Jan 00 09:13:01 EST
Contents:
Simon Sigh Enigm ("Paul Masurel")
Re: Wagner et Al. (Tom St Denis)
----------------------------------------------------------------------------
From: "Paul Masurel" <[EMAIL PROTECTED]>
Crossposted-To: fido7.crypt,fr.misc.cryptologie
Subject: Simon Sigh Enigm
Date: Sun, 02 Jan 2000 12:54:28 GMT
Hi,
I'm looking for someone who has an english (or german) version of the
recent book of Simon Singh about the History of the Cryptology
to exchange with the french version of the 10 encrypted text at the end of
the book...
It would inform us of the language of the text: english text have been
translated before being encrypted in the french version.
Thanks,
Paul.
------------------------------
From: Tom St Denis <[EMAIL PROTECTED]>
Subject: Re: Wagner et Al.
Date: Sun, 02 Jan 2000 13:19:44 GMT
In article <[EMAIL PROTECTED]>,
"Daniel Roethlisberger" <[EMAIL PROTECTED]> wrote:
> Well, I'm no 'pro', but still, FWIW:
> You are sending secret data (such as the resulting key of a DH
exchange) as
> a Windows message to the main window. These windows messages can quite
> easily intercepted, as far as I know and understand the win
architecture. I
> think that is not a good way to handle sensitive data.
> I have only looked at the Diffie-Hellman part of it, but I suppose
you use
> the same technique all over the code.
thanks for looking at it.
Now let me ask you, how would you intercept a windows message? Via a
trojan? Probably. What if I told you I could write a trojan to take
snapshots every 5 seconds and send it to me. Basically you can't
protect against trojans, so I didn't really try to. I think that line
of attack is moot since well most people are smartenough to avoid
programs that may have trojans [such as email greating cards]
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
