Re: The future of security

[Ed Gerck]

Email end-to-end: PGP, PGP/MIME, S/MIME. Not tunnel SSL or SSL
at the end points.
Lars Eilebrecht wrote:
According to Ed Gerck:

But encryption and authentication are a hassle today, with less
than 2% of all email encrypted (sorry, can't cite the source I know).

Are these 2% 'only' S/MIME and PGP-encrypted email messages or
is SSL-encrypted email communication included?
ciao...
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

RE: dual-use digital signature [EMAIL PROTECTED]

[Peter Gutmann]

[EMAIL PROTECTED] writes:

2 centsIn the business cases pointed out where it is good that the multiple
parties hold the private key, I feel the certificate should indicate that
there are multiple parties so that Bob can realize he is having authenticated
and private communications with Alice _and_ Alice's employer. X.509 does not
provide a standard way to encode multiple subjects./2 cents

Yes it does, if you needed this you could add an extension (say)
additionalRecipients with a SEQUENCE of GeneralName naming the additional
parties listening in.

Peter.

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

NIST announces (proposed) withdrawal of DES

[Peter Gutmann]

For those who haven't seen the announcement:

-- Snip --

July 27, 2004 -- NIST has determined that the strength of the (single) Data
Encryption Standard (DES) algorithm is no longer sufficient to adequately
protect Federal government information. As a result, NIST proposes
withdrawing FIPS 46-3, which specifies the DES, and two related standards
(see http://csrc.nist.gov/Federal-register/July26-2004-FR-DES-Notice.pdf).
Future use of DES by Federal agencies is to be permitted only as a
component function of the Triple Data Encryption Algorithm (TDEA; see NIST
Special Publication 800-67 at
http://csrc.nist.gov/publications/nistpubs/800-67/SP800-67.pdf). TDEA may
be used for the protection of Federal information; however, NIST encourages
agencies to implement the faster and stronger algorithm specified by FIPS
197, Advanced Encryption Standard (AES) instead. Comments must be received
on or before September 9, 2004.

To submit comments, concerns or questions please forward them to:
[EMAIL PROTECTED]

Elaine Barker
National Institute of Standards and Technology
100 Bureau Dr., Stop 8930
Gaithersburg, MD 20899-8930
Phone: 301-975-2911
Fax: 301-926-2733
Email: [EMAIL PROTECTED]

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: should you trust CAs? (Re: dual-use digital signature vulnerability)

[Aram Perez]

Hi Adam,

 The difference is if the CA does not generate private keys, there
 should be only one certificate per email address, so if two are
 discovered in the wild the user has a transferable proof that the CA
 is up-to-no-good.  Ie the difference is it is detectable and provable.

As far as I know, there is nothing in any standard or good security
practice that says you can't multiple certificate for the same email
address. If I'm willing to pay each time, Verisign will gladly issue me a
certificate with my email, I can revoke it, and then pay for another
certificate with the same email. I can repeat this until I'm bankrupt and
Verisign will gladly accept my money.

I agree with Michael H. If you trust the CA to issue a cert, it's not that
much more to trust them with generating the key pair.

Respectfully,
Aram Perez

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

ECC 2004

[R. A. Hettinga]

--- begin forwarded text


From: ECC 2004 [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
To: ECC 04 [EMAIL PROTECTED]
Subject:   ECC 2004
Date: Tue, 27 Jul 2004 18:15:49 +0200


=
-
THE 8TH WORKSHOP ON ELLIPTIC CURVE CRYPTOGRAPHY (ECC 2004)

Ruhr-University Bochum, Germany

September 20, 21  22, 2004

FOURTH ANNOUNCEMENT 27th  July , 2004

This announcement lists one more hotel. Note that meanwhile there are
more details available on the summer school.

--

ECC 2004 is the eighth in a series of annual workshops dedicated
to the study of elliptic curve cryptography and related areas.
The main themes of ECC 2004 will be:
- The discrete logarithm problem.
- Efficient parameter generation and point counting.
- Provably secure cryptographic protocols.
- Efficient software and hardware implementation.
- Side-channel attacks.
- Deployment of elliptic curve cryptography.

It is hoped that the meeting will continue to encourage
and stimulate further research on the security and implementation
of elliptic curve cryptosystems and related areas, and encourage
collaboration between mathematicians, computer scientists and
engineers in the academic, industry and government sectors.

There will be approximately 15 invited lectures (and no contributed
talks), with the remaining time used for informal discussions.
There will be both survey lectures as well as lectures on latest
research developments.


SPONSORS:
  BSI - Bundesamt für Sicherheit in der Informationstechnik
  Bundesdruckerei GmbH
  DFG-Graduate School on Cryptography
  ECRYPT - European Network of Excellence in Cryptography
  ESCRYPT - Embedded Security
  GTEM - European Research Training Network
  Ruhr-University Bochum
  University of Duisburg Essen, Campus Essen
  University of Waterloo


ORGANIZERS:
  Gerhard Frey (University of Duisburg-Essen)
  Tanja Lange  (Ruhr-University Bochum)
  Alfred Menezes   (University of Waterloo)
  Christof Paar(Ruhr-University Bochum)
  Scott Vanstone   (University of Waterloo)


CONFIRMED SPEAKERS:
  Roberto Avanzi   (University of Duisburg-Essen, Germany)
The state of HEC efficient implementation
  Paulo Barreto(Scopus Tecnologia and University of Sao Paulo,
 Brazil) The Well-Tempered Pairing
  Ming-Deh Huang   (University of Southern California, USA)
Global methods for discrete logarithm problems
  Pierrick Gaudry  (LIX Paris, France)
Discrete logarithm in elliptic curves over extension fields of small
degree
  Marc Joye(Gemplus, France)
Secure Implementation of Elliptic Curve Cryptography
  Norbert Luetkenhaus  (University of Erlangen, Germany)
Quantum Key Distribution - Chances and Restrictions
  Kim Nguyen   (Bundesdruckerei, Germany)
Cryptography  Travel documents
  Alexander May(University of Paderborn, Germany)
New RSA Vulnerabilities using Coppersmith's Method
  Wayne Raskind(University of Southern California, USA)
(see Ming-Deh Huang)
  Matt Robshaw (Royal Holloway University of London, UK)
The Advanced Encryption Standard: A Four Year Anniversary
  Werner Schindler (BSI, Germany)
Optimizing the Efficiency of Side-Channel Attacks with Advanced
Stochastical Methods
  Jasper Scholten  (KU Leuven, Belgium)
Cover attacks on trace-zero groups
  Hovav Shacham(Stanford University, USA)
A New Life for Group Signatures
  Igor Shparlinski (Macquarie University, Australia)
Pseudorandom Points on Elliptic  Curves
  Nigel Smart  (University of Bristol, UK)
The link between ECDHP and ECDLP revisited
  Thomas Wollinger (Ruhr-University Bochum, Germany)
Hardware Implementation of Hyperelliptic Curve Cryptosystems


SUMMER SCHOOL ON ELLIPTIC CURVE CRYPTOGRAPHY:

For the first time the ECC workshop will be held together with a
summer school on elliptic curve cryptography. This summer school is
organized by VAMPIRE, the Virtual Application and Implementation
Research Lab within the European project ECRYPT
www.ecrypt.eu.org

The school will take place September 13.-17.th in the Ruhr-University
Bochum. Our target audience are students, PhD students and
practitioners with background in applications and industry. It would
be nice if you could guide interested people to the summer school
web-page:

www.rub.de/itsc/tanja/summerschool

--

LOCAL ARRANGEMENTS AND REGISTRATION:

Bochum is situated approximately 50 km from Dusseldorf International
Airport and about 300 km from Frankfurt Airport. Participants should
plan to arrive on September 19 to be able to attend the lectures on
Monday morning.

If you did not receive this announcement by email and would like