Cryptography-Digest Digest #546, Volume #12 Sun, 27 Aug 00 02:13:00 EDT
Contents:
Re: Serious PGP v5 & v6 bug! (Hendrik)
RSA Security Conference for 2001 ([EMAIL PROTECTED])
Re: RSA Security Conference for 2001 (David A Molnar)
Re: PGP Bug: A note from Ralf Senderek (Harald Milz)
Re: DeCSS ruling -- More ("Stou Sandalski")
Re: DeCSS ruling -- More ("Stou Sandalski")
Re: RSA Security Conference for 2001 ([EMAIL PROTECTED])
Re: DeCSS ruling -- More (Eric Lee Green)
Re: RSA Security Conference for 2001 (Paul Rubin)
Re: Bytes, chars, and I/O (Richard Heathfield)
Re: PGP 6.5.8 test: That's NOT enough !!! ("David Sternlight")
Re: Destruction of CDs ("Thomas W. Barr")
Re: RSA Security Conference for 2001 (David A Molnar)
Re: RSA Security Conference for 2001 (David A Molnar)
----------------------------------------------------------------------------
Crossposted-To: alt.security.pgp,comp.security.pgp.discuss
Subject: Re: Serious PGP v5 & v6 bug!
From: [EMAIL PROTECTED] (Hendrik)
Date: Sun, 27 Aug 2000 12:08:40 +0900
Hi,
Nathan Williams <[EMAIL PROTECTED]> wrote:
[...]
> I'm not sure I agree with that. There is no need for a "enterprise"
> environment to have to use the ADK system to have a key escrow.
There may be a need, but there may be better way to satisfy that need
than using ADK.
> Company policy could simply require that employees use keys furnished
> by the IT or security departments. They would keep copies of both
> keys and of its passphases. Simple solution that allows for the use
> of PGP without adding the complexity( and therefore the added risk)
> of a an ADK.
If someones writes encrypted e-mail on behalf of their employer, then it
stands to reason that they should use a key that their employer can use
as well. But your common sense solution has obviously escaped those who
recently have removed the development of PGP from the scrutiniy of the
pubic peer review process - a bad move if there ever was one.
This whole debacle is a nice example of how "market forces" can screw up
what voluntary, open, public cooperation can do much better. :-)
Hendrik
--
You can reach me by e-mail via "NRF8 at HIZ dot BC dot CA"
--
------------------------------
From: [EMAIL PROTECTED]
Subject: RSA Security Conference for 2001
Date: Sun, 27 Aug 2000 03:02:19 GMT
I was wondering what type of qualifications I need to present TC5 to
the Cryptographers Track in 2001?
Has anyone ever applied before? I can't seem to find forms/email
addies on their website relating to the conference.
Thanks,
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: David A Molnar <[EMAIL PROTECTED]>
Subject: Re: RSA Security Conference for 2001
Date: 27 Aug 2000 04:28:36 GMT
[EMAIL PROTECTED] wrote:
> I was wondering what type of qualifications I need to present TC5 to
> the Cryptographers Track in 2001?
I would guess that you just need to submit a paper on TC5, and then
have the paper be sufficiently better than everything else that it is
accepted. With all that implies - i.e. it has to be both a good piece of
research and it has to "fit" with what else is happening at the
conference. Ideally they would do blind reviewing and judge the system
completely on its technical merits. In practice, if any of the reviewers
read sci.crypt, they are likely to recognize the name TC5. :-)
(and come to think of it, I don't know if this conference does blind
reviewing or not) I'm not an expert on this, BTW, nor have I applied
beofre, nor am I on the program committee or anything. take my comments
with a grain of salt.
> Has anyone ever applied before? I can't seem to find forms/email
> addies on their website relating to the conference.
Searching using their search engine popped up this link
http://www.rsasecurity.com/conference/rsa2001/
which in turn points to
http://www.rsasecurity.com/conference/rsa2001/cryptotrack.html
and this page has what looks like complete instructions.
Thanks,
-David
------------------------------
From: Harald Milz <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp,comp.security.pgp.discuss
Subject: Re: PGP Bug: A note from Ralf Senderek
Date: 26 Aug 2000 22:46:10 GMT
Reply-To: [EMAIL PROTECTED]
In comp.security.pgp.discuss Michel Bouissou <[EMAIL PROTECTED]> wrote:
> "Use PGP-classic in a reliably secure environment." That would be my
> advice if I had 49 characters left on the telegram.
> Ralf Senderek
...
> -----BEGIN PGP PUBLIC KEY BLOCK-----
> Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>
> Comment: Corrigez le bug PGP ADK. Installez PGP 6.5.8 ou plus recent.
Is it just me, or is that ironic?
--
"50 million potential S/Mime users can't be wrong.... But they can all be
stupid!"
- Sam Simpson in comp.security.pgp.discuss
------------------------------
From: "Stou Sandalski" <tangui [EMAIL PROTECTED]>
Subject: Re: DeCSS ruling -- More
Date: Sat, 26 Aug 2000 21:41:54 -0700
How about something like ROT13 ?
"No User" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> In article <rWMp5.3769$[EMAIL PROTECTED]>
> "Stou Sandalski" <tangui [EMAIL PROTECTED]> wrote:
> >
>
> Okay, here is the game... After all this is sci.crypt. Both Deja-
> News
> & Alta Vista have removed the source from their servers. Someone
> needs
> to figure out a 'encryption method' that would convert the C source
> code
> to something that would not look like the original document, but not
> be
> seen as binary so it would be stored on Deja-News and its ilk.
> Instead of
> ASCII armour we need an 'English' armoured scheme.
>
> Documents would be stored on these servers and no-one would know what
> they
> really represent. The keys could be distributed to convert them
> back. This
> would not need to be a high security scheme, just enough to get it
> through a
> binary scanner to get it stored.
>
> Any idea?
>
------------------------------
From: "Stou Sandalski" <tangui [EMAIL PROTECTED]>
Subject: Re: DeCSS ruling -- More
Date: Sat, 26 Aug 2000 21:49:32 -0700
I don't quite agree here, although I see your point. I don't know what they
did with PGP... but NAI's PGP has a plug in for MS outlook which is very
easy to use... Their arguement is that it will allow "pirates" to copy
DVDs.... which is pretty rediculous since DVD movies can be pirated a
million different ways without the need for the decryption of the movie (ie
one can hook up their hardware DVD player to a video capture card and save
the movie...).... and DVDs themselves can be copied bit-by-bit without the
need for decrypting them... as far as i've understood it... the MPAA is
pissed because they make money from the licensing of the crypto algorithm in
various software players... and the ads in the begining which can't be
skiped... I don't know though I haven't really been following it that
closely
Stou
"Eric Lee Green" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Stou Sandalski wrote:
> > but DeCSS can't be stoped.... no matter what they try to do they can't
shut
> > every server down that has it...
>
> I think you are misreading the goals of the DeCSS prosecution. Everybody
> knows that the freeware DeCSS program is not going to be eradicated.
> However, the goal is to do for DeCSS what the government persecution of
> Phil Zimmerman did for PGP -- render it a difficult-to-use freeware
> product that is not a threat to the commercial interests of the DVD
> Forum. The goal is to prevent a commercial product that uses the DeCSS
> algorithms in order to preserve revenue stream. The approach they are
> taking very likely shall work -- after all, it worked for PGP. How many
> people send PGP-encrypted EMAIL nowdays? Almost nobody, except a few
> dozen avid readers of the Cypherpunks mailing list who are willing to
> endure the clunky software.
>
> I think your mistake was that you thought this was a matter of law. It
> is not. It is a matter of commerce and of protecting the commercial
> interests of various parties, and eradicating DeCSS is not necessary in
> order to protect those commercial interests -- merely making it a
> "fringe" or "marginal" product shall suffice (after all, if people can't
> walk into their local Fry's and buy it, it doesn't exist as far as most
> people are concerned).
> --
> Eric Lee Green There is No Conspiracy
> [EMAIL PROTECTED] http://www.badtux.org
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: RSA Security Conference for 2001
Date: Sun, 27 Aug 2000 04:55:55 GMT
In article <8oa5dk$oeh$[EMAIL PROTECTED]>,
David A Molnar <[EMAIL PROTECTED]> wrote:
> [EMAIL PROTECTED] wrote:
> > I was wondering what type of qualifications I need to present TC5 to
> > the Cryptographers Track in 2001?
>
> I would guess that you just need to submit a paper on TC5, and then
> have the paper be sufficiently better than everything else that it is
> accepted. With all that implies - i.e. it has to be both a good piece
of
> research and it has to "fit" with what else is happening at the
> conference. Ideally they would do blind reviewing and judge the system
> completely on its technical merits. In practice, if any of the
reviewers
> read sci.crypt, they are likely to recognize the name TC5. :-)
Thanks, I touched up a few math errors and submited the paper (gziped
uuencoded) to the email on their website (related to that track). I
hope they accept it.
Admitedly it's not the best paper in the world, but the research is
valid and interesting (I think).
> (and come to think of it, I don't know if this conference does blind
> reviewing or not) I'm not an expert on this, BTW, nor have I applied
> beofre, nor am I on the program committee or anything. take my
comments
> with a grain of salt.
Sure no prob. I value your opinion mainly because it's not clouded by
flame war ambition.
> > Has anyone ever applied before? I can't seem to find forms/email
> > addies on their website relating to the conference.
>
> Searching using their search engine popped up this link
>
> http://www.rsasecurity.com/conference/rsa2001/
>
> which in turn points to
>
> http://www.rsasecurity.com/conference/rsa2001/cryptotrack.html
>
> and this page has what looks like complete instructions.
>
> Thanks,
> -David
Righto, well let's cross our fingers...
Tom
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: Eric Lee Green <[EMAIL PROTECTED]>
Subject: Re: DeCSS ruling -- More
Date: Sun, 27 Aug 2000 05:15:30 GMT
Stou Sandalski wrote:
> easy to use... Their arguement is that it will allow "pirates" to copy
> DVDs....
You are confusing legal arguments with corporate goals. They must argue
the piracy thing in court in order to obtain the rulings they wish.
However, the corporate goal is to prevent use of the DeCSS algorithms in
competing commercial products (and especially easy-to-use ones that
would allow easy decoding and recoding of DVD movies into other
formats). They really could care less whether they eliminate some klunky
program named "DeCSS" off of every mirror on the planet, as long as
folks can't go to Fry's Electronics or Tucows.com and get an easy-to-use
version of it.
I do not personally know (in "real life") any person who uses PGP to
encrypt their EMAIL. If they can accomplish for DVD what the Federal
government accomplished for encryption via their persecution of Phil
Zimmerman, the DVD CSS Forum and MPAA shall be VERY happy.
--
Eric Lee Green There is No Conspiracy
[EMAIL PROTECTED] http://www.badtux.org
------------------------------
From: [EMAIL PROTECTED] (Paul Rubin)
Subject: Re: RSA Security Conference for 2001
Date: 27 Aug 2000 05:26:04 GMT
In article <8oa0bj$38k$[EMAIL PROTECTED]>, <[EMAIL PROTECTED]> wrote:
>I was wondering what type of qualifications I need to present TC5 to
>the Cryptographers Track in 2001?
>
>Has anyone ever applied before? I can't seem to find forms/email
>addies on their website relating to the conference.
Cryptographers track not withstanding, RSA Security isn't a good
conference for this type of paper. It's mostly a security industry
trade show. I recommend looking for a more research-oriented type of
conference, like Fast Software Encryption or one of the IACR
conferences. Unfortunately you just missed SAC 2000 (Selected Areas
in Cryptography) in Waterloo, Ontario, which I think is kind of near
you; and anyway, the submission deadline was May 1. You might try for
next year though.
------------------------------
Date: Sun, 27 Aug 2000 06:37:40 +0100
From: Richard Heathfield <[EMAIL PROTECTED]>
Crossposted-To: comp.lang.c
Subject: Re: Bytes, chars, and I/O
Mark McIntyre wrote:
>
> On Fri, 25 Aug 2000 20:44:31 +0100, David Hopwood
> <[EMAIL PROTECTED]> wrote:
>
<snip>
>
> >As for implementations where files could not be transferred portably
> >between languages, I'm sure that users would complain vociferously.
>
> They do, frequently. Ever tried to transfer data between IBM, Unix and
> Intel?
Yes. They all use CHAR_BIT of 8, however; the problems of transferring
data between them are the old chestnuts of endianism, collating
sequence, floating point representation, and line end representation,
NOT the issues raised in this thread.
--
Richard Heathfield
"Usenet is a strange place." - Dennis M Ritchie, 29 July 1999.
C FAQ: http://www.eskimo.com/~scs/C-faq/top.html
65 K&R Answers: http://users.powernet.co.uk/eton/kandr2/index.html (32
to go)
------------------------------
From: "David Sternlight" <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp,comp.security.pgp.discuss
Subject: Re: PGP 6.5.8 test: That's NOT enough !!!
Date: Sun, 27 Aug 2000 05:48:23 GMT
The dancing, fast footwork, and apologetics of PGP die-hards here is truly
sad. PGP has, after all the hubris of the past, acquired a fatal error. If
you can't detect a forged key, it's all over.
The only reliable solution is a "new" PGP which is deliberately incompatible
with all previous versions but classical PGP. This is the ONLY way to
restore trust on the part of the general (non-specialist) user.
Does NA have the guts to do this? Will they absorb the cost of a complete
product (recall and) replacement. Will "pay" PGP users be willing to replace
much of their PGP infrastructure? If not, I say game over.
And if something like this had happened to Netscape/Microsoft S/MIME X.509,
honest PGP die-hards here will concede they would be among the first to say
what I am saying (about PGP) about S/MIME. When the ordinary user loses
control over his cryptosystem and cannot detect forged keys, no amount of
apologetics will sweep that under the rug.
David
P.S. For the ad hominem types here who think this is some anti-PGP crusade
on my part, I too have now had to suspend use of a good part of my crypto
infrastructure (PGP 6.x) and any number of PGP certificates from Thawte.
David
"Michel Bouissou" <[EMAIL PROTECTED]> wrote in message
news:8o87bf$p7m$[EMAIL PROTECTED]...
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I've just tested the "ADK-bug-fixed" PGP 6.5.8 against Ralf's B1
> forged key that holds a faked ADK.
>
> Where previous versions would show this key as having an ADK, and use
> the forged ADK, the "fixed" PGP 6.5.8 shows the forged key as being a
> normal, valid key, without any ADK.
>
> PGP 6.5.8 will not use the forged ADK for encryption, and will just
> behave as for a normal key.
>
> Well, okay, it "fixes" the bug.
>
> BUT IT DOESN'T WARN YOU IN ANY WAY THAT THE KEY YOU'RE USING HAS BEEN
> FORGED. You just see a valid key and the forged ADK is ignored.
>
> So:
>
> - - You don't know the recipient's key has been victim of an attack;
> - - You don't know that this key remains a potential danger for users
> that still have previous versions of PGP.
>
> Actually with PGP 6.5.8, you have LESS CHANCES to ever detect that a
> key was forged, than you had with previous vulnerable versions.
>
> That's no good folks.
>
> Waiting for 6.5.9 that will display a BIG WARNING that an ADK sits
> where it shouldn't on a given key.
>
> - --
> [EMAIL PROTECTED]
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>
> Comment: Corrigez le bug PG ADK. Installez PGP 6.5.8 ou plus recent.
>
> iQA/AwUBOaeSnY7YarFcK+6PEQJUCACdFPt9KmCr+ImmCdpYt8i6XUlcmYUAnRRj
> +OXfvsBkFugPmzNIlCaVO2N5
> =iGL6
> -----END PGP SIGNATURE-----
>
>
>
>
------------------------------
From: "Thomas W. Barr" <[EMAIL PROTECTED]>
Subject: Re: Destruction of CDs
Date: Sun, 27 Aug 2000 05:58:29 GMT
How about CD-Rs, is there any equipment of software to roast the disc,
by flipping ALL the data are along the ttrack to its burnt state, not
its blank state? This would add yet another layer of security to the
data and you could then use some of the methods shown earlier in this
thread.
I, for one, would use a CD-RW for my one-time-pads and then go through
an erase cycle, write 650mb of junk data (make sure you overwrite the
FAT), and erase that. This would remove ALL remnants of data that could
be left behind in the walls of the tracks.
Just a thought
Thomas W. Barr
[EMAIL PROTECTED]
Guy Macon wrote:
> Thomas Kellar wrote:
> >
> >
> >There was a thread on this topic a couple of weeks ago.
> >I received an advertisement for a device that shreds
> >CDs. If anyone is interested the company name/address is
> >
> >Schleicher & Co. of America, Inc.
> >5715 Clyde Rhyne Dr.
> >Sanford, NC 27330-9909
> >
> >ph: 1 800 775 7570 email: [EMAIL PROTECTED]
> >
> >They claim their "501 CD shredder" can eliminate 800 to
> >1200 CDs or credit cards per hour.
> >
> >A disinterested party. (Actually uninterested, I would burn them
> >myself.)
>
> I have one in my lab. It doesn't chop them fione enough for
> crypto.
------------------------------
From: David A Molnar <[EMAIL PROTECTED]>
Subject: Re: RSA Security Conference for 2001
Date: 27 Aug 2000 05:48:43 GMT
[EMAIL PROTECTED] wrote:
> Thanks, I touched up a few math errors and submited the paper (gziped
> uuencoded) to the email on their website (related to that track). I
> hope they accept it.
Sounds good. You did remember to read over the submission instructions and
all that, right? I ask only because I noticed that they actually *do* do
blind refereeing, and specifically ask that you take your name off the
front. Wouldn't want something silly like that to get in the way...
> Admitedly it's not the best paper in the world, but the research is
> valid and interesting (I think).
Well, even if it's rejected, the comments from the reviewers may be
helpful. or so I've found. Even if the comments convince you to spend time
on something else, that's still helpful.
> comments
>> with a grain of salt.
> Sure no prob. I value your opinion mainly because it's not clouded by
> flame war ambition.
Thank you.
> Righto, well let's cross our fingers...
Best of luck.
-David
------------------------------
From: David A Molnar <[EMAIL PROTECTED]>
Subject: Re: RSA Security Conference for 2001
Date: 27 Aug 2000 05:55:41 GMT
Paul Rubin <[EMAIL PROTECTED]> wrote:
> Cryptographers track not withstanding, RSA Security isn't a good
> conference for this type of paper. It's mostly a security industry
> trade show. I recommend looking for a more research-oriented type of
> conference, like Fast Software Encryption or one of the IACR
> conferences. Unfortunately you just missed SAC 2000 (Selected Areas
> in Cryptography) in Waterloo, Ontario, which I think is kind of near
> you; and anyway, the submission deadline was May 1. You might try for
> next year though.
With that in mind, this link may be helpful :
http://www.dice.ucl.ac.be/crypto/call_for_papers.html
Important deadline to note is FSE '01 papers due December 29.
Thanks to the UCL crypto group for collecting these calls for papers!
-David
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
