Steven M. Bellovin writes:
http://www.petitcolas.net/fabien/kerckhoffs/index.html for the actual
articles.)
Does there exist an English translation (I'd be surprised if not)? If
not, I'd be happy to provide one if there were sufficient interest.
--
Chris Palmer
Staff Technologist
People may already have seen this, but maybe not. Another Skype
analysis:
http://www.cs.columbia.edu/~library/TR-repository/reports/reports-2004/cucs-039-04.pdf
--
Chris Palmer
Technology Manager, Electronic Frontier Foundation
415 436 9333 x124 (desk), 415 305 5842 (cell)
81C0 E11D CE73
- Forwarded message from Roger Dingledine [EMAIL PROTECTED] -
From: Roger Dingledine [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Date: Thu, 11 Aug 2005 21:31:32 -0400
Subject: Tor security advisory: DH handshake flaw
Versions affected: stable versions up through 0.1.0.13 and experimental
[EMAIL PROTECTED] writes:
You know, as a security person, I say all the time that the greatest
threat is internal threat, not external threat. In my day job, I/we
make surveillance tools to prevent data threat from materializing, and
to quench it if it does anyhow. I tell clients all day
Peter Saint-Andre writes:
http://www.saint-andre.com/blog/2006-02.html#2006-02-27T22:13
1. Anonymity does matter. You might have heard of a little thing called
the First Amendment. ;) It's great that you're proud of what you say,
but no matter how proud you are, there could be bad, unfair
lorenzo writes:
Am I wrong or if we were living in a DRM- or Trusted Computing- World,
those documents probably would be unreadable, if they were digital
documents? Also they could have prevented printing of the documents,
and so on.
Consider the massive effort Daniel Ellsberg undertook when
Ralph Holz writes:
He wanted to scrape off some additional bits when using AES-CBC because
the messages in his concept are very short (a few hundred bit). So he
I'd rather have a known-safe design than to save 12 bytes.
Seriously: what the hell.
Say you have 1-byte messages, and that the
Peter Gutmann writes:
Readers are cordially invited to go to https://edgecastcdn.net and have a
look at the subjectAltName extension in the certificate that it presents.
Also, keep your eye on:
https://www.defcon.org/html/defcon-18/dc-18-speakers.html#Eckersley
Florian Weimer writes:
I just want to create a generic API which takes a key (most of the time, a
randomly generated session key) and can encrypt and decrypt small blobs.
Application code should not need to worry about details (except getting
key management right, which is difficult enough).
Perry E. Metzger writes:
All in all, this looks bad for anyone depending on WPA2 for high security.
Luckily, that describes nobody, right?
;D
I used to think that non-end-to-end security mechanisms were wastefully
pointless, but adorably harmless. However, in my experience people keep
using
Perry E. Metzger writes:
All major browsers already trust CAs that have virtually no security to
speak of,
...and trust any of those CAs on any (TCP) connection in the (web app)
session. Even if your first connection was authenticated by the right CA,
the second one may not be. Zusmann and
Paul Tiemann writes:
Since this is a certificate we (DigiCert) have issued, I'm trying to
understand if there is a vulnerability here that's more apparent to others
than to me,
If an attacker can steal the cert by any means, perhaps by means particular
to one of the hosted sites, he can now
Ralph Holz writes:
Eckersley's and Burns' presentation at Defcon (coming right up) will
present their findings from a global survey of certs presented by hosts
listening on port 443. Their results are disturbing.
Have these results already been published somewhere, or do you maybe even
Sampo Syreeni writes:
I am not sure what quantitative measurement of vulnerability would even
mean. What units would said quantity be measured in?
I'm not sure either. This is just a gut feeling.
See also:
http://nvd.nist.gov/cvsseq2.htm
Perry E. Metzger writes:
Unless you can perform an experiment to falsify the self-declared
objective quantitative security measurement, it isn't science. I can't
think of an experiment to test whether any of the coefficients in the
displayed calculation is correct. I don't even know what
Paul Tiemann writes:
I like the idea of SSL pinning, but could it be improved if statistics
were kept long-term (how many times I've visited this site and how many
times it's had certificate X, but today it has certificate Y from a
different issuer and certificate X wasn't even near its
Usability engineering requires empathy. Isn't it interesting that nerds
built themselves a system, SSH, that mostly adheres to Perry's theses? We
nerds have empathy for ourselves. But when it comes to a system for other
people, we suddenly lose all empathy and design a system that ignores
Perry's
http://www.eff.org/observatory
We have downloaded a dataset of all of the publicly-visible SSL
certificates, and will be making that data available to the research
community in the near future.
So, keep an eye on that page. The data is very useful. Many more interesting
conclusions remain to be
They tell me they will be releasing the data both raw and as a MySQL
database, so you can learn interesting things just by writing SQL queries.
So, keep an eye on that page. The data is very useful. Many more
interesting conclusions remain to be drawn from the data; once it's out
(I'm told
travis+ml-cryptogra...@subspacefield.org writes:
https://media.blackhat.com/bh-us-10/whitepapers/Kamkar/BlackHat-USA-2010-Kamkar-How-I-Met-Your-Girlfriend-wp.pdf
He doesn't mention the php.ini variables session.entropy_length and
session.entropy_file. Last I checked, their default settings were
Anne Lynn Wheeler writes:
subset ... was based on computational load caused by SSL cryptography
in the online merchant scenario, it cut thruput by 90-95%; alternative to
handle the online merchant scenario for total user interaction would have
required increasing the number of servers
Richard Salz writes:
A really knowledgeable net-head told me the other day that the problem
with SSL/TLS is that it has too many round-trips. In fact, the RTT costs
are now more prohibitive than the crypto costs. I was quite surprised to
hear this; he was stunned to find it out.
f...@mail.dnttm.ro writes:
The idea is the following: we don't want to secure the connection,
Why not?
Using HTTPS is easier than making up some half-baked scheme that won't work
anyway.
--
http://noncombatant.org/
-
The
Thor Lancelot Simon writes:
a significant net loss of security, since the huge increase in computation
required will delay or prevent the deployment of SSL everywhere.
That would only happen if we (as security experts) allowed web developers to
believe that the speed of RSA is the limiting
Q: Could the NSA be intercepting downloads of open-source encryption
software and silently replacing these with their own versions?
Why would they perform the attack only for encryption software? They
could compromise people's laptops by spiking any popular app.
On Fri, Sep 6, 2013 at 5:34 PM, The Doctor dr...@virtadpt.net wrote:
Symmetric cipher RC4 (weak 10/49)
Symmetric key length 128 bits (weak 8/19)
Cert issued by Google, Inc, US SHA-1 with RSA @ 2048 bit (MODERATE 2/6)
First time I've heard of 128-bit symmetric called weak... Sure, RC4
isn't
On Sat, Sep 7, 2013 at 1:33 AM, Brian Gladman b...@gladman.plus.com wrote:
Why would they perform the attack only for encryption software? They
could compromise people's laptops by spiking any popular app.
Because NSA and GCHQ are much more interested in attacking communictions
in transit
On Tue, Sep 10, 2013 at 2:04 PM, Joe Abley jab...@hopcount.ca wrote:
As an aside, I see CAs with Chinese organisation names in my browser list.
I wouldn't pick on/fear/call out the Chinese specifically.
Also, be aware that browsers must transitively trust all the issuers
that the known trust
28 matches
Mail list logo