Re: [cryptography] openssl on git
You know other source control systems, and presumably git also, have an excludes list which can contain wildcards. It comes prepopulated with eg *.o - as you probably dont want to check them in. I think you could classify this as a git bug (or more probably a mistake in how github are using/configuring git) that it doesnt exclude checking in .ssh and maybe some of the .ssh exclusive related extensions. I say this because its not like ssh is some strange third party app with unknown extension: git and cvs, cvn etc all directly rely on ssh and have various things about ssh baked into them. (The user can always override or change if he really wants to do check in .ssh on a private heavily guarded repo or because hes using it for test keys only etc). Adam On Sun, Jan 27, 2013 at 09:36:44PM -0500, Eitan Adler wrote: On 27 January 2013 21:34, Patrick Mylund Nielsen cryptogra...@patrickmylund.com wrote: I don't understand how you can accidentally check in ~/.ssh to your repository, or at least not notice afterwards. Hopefully the OpenSSL authors won't do that! If you keep ~ in a git repo it is surprisingly easy ;) -- Eitan Adler ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
[cryptography] An encryption project
Hi Folks, I am new to the list and have in interest in encryption, but not much experiance in breaking/testing or a details understanding of modern methods. I am interested in developing some technology to allow a user to communicate as securly as possible between a termial on an unsecure network and another users. ie encrypted message from browser to user on another computer. Under circumstances that the senders life may depend on it being secure. I have a few ideas in mind, but two important questions; is it worth while? - is ssl good enough? ( it doesn't seem to be from my reading) Anyone want to try and decode/break it once I have a demonstrator? Thanks, Paul ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] An encryption project
On 28 January 2013 13:37, Paul Christian pho...@gmail.com wrote: Hi Folks, I am new to the list and have in interest in encryption, but not much experiance in breaking/testing or a details understanding of modern methods. I am interested in developing some technology to allow a user to communicate as securly as possible between a termial on an unsecure network and another users. ie encrypted message from browser to user on another computer. Under circumstances that the senders life may depend on it being secure. I have a few ideas in mind, but two important questions; is it worth while? - is ssl good enough? ( it doesn't seem to be from my reading) It depends what you mean by secure. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] An encryption project
On 28/01/13 16:37 PM, Paul Christian wrote: Hi Folks, I am new to the list and have in interest in encryption, but not much experiance in breaking/testing or a details understanding of modern methods. I am interested in developing some technology to allow a user to communicate as securly as possible between a termial on an unsecure network and another users. What do you mean by terminal? Phone? PC? Green screen? I would suggest you look at things like Skype, OpenPGP, Hushmail. Not because they do what you want but because they do parts of what you want. ie encrypted message from browser to user on another computer. Anything using a browser would only be rated medium security in my book. Under circumstances that the senders life may depend on it being secure. Do you really want that? Or is it just 'cool' ? If you really want that, it will take a long time. If it is just cool, look for something else that might take less time :) you can always come back... I have a few ideas in mind, but two important questions; is it worth while? There are lots and lots of attempts, so to some it must be worthwhile. - is ssl good enough? ( it doesn't seem to be from my reading) SSL is for client to server communications, and it is point to point. So for a start, everyone on the servers can read the messages. Also, it is pretty much encumbered by its certificate design, so it is typically hard to set up and get working for the user/client. Anyone want to try and decode/break it once I have a demonstrator? Typically nobody cares about helping others, they are too busy on their own code. The only way you can get some interest is if your system is famous and used by a lot of people. iang ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] openssl on git
AB == Adam Back a...@cypherspace.org writes: AB You know other source control systems, and presumably git also, have AB an excludes list which can contain wildcards. It comes prepopulated AB with eg *.o - as you probably dont want to check them in. For git, the file is called .gitignore. You can add one in any directory in the repo; each file covers that dir and each child dir, and the syntax provides for overriding parent ignores. Git also support per-clone $GIT_DIR/info/exclude and per-user ignore files. Cf gitignore(1). AB I think you could classify this as a git bug (or more probably a AB mistake in how github are using/configuring git) that it doesnt AB exclude checking in .ssh and maybe some of the .ssh exclusive AB related extensions. There is nothing wrong with using git -- or any other vcs -- to backup one's $HOME. What is arguably dumb is storing that backup on a public site. *Any* public site. And unencrypted at that. This seems to be another case of thoughtless everything to the cloud (said with a Q♥-off-with-their-heads sort of tone). ;^/ I'm pretty sure hg and bzr also require the repo to specify what to ignore. -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 1024D/ED7DAEA6 ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] openssl on git
To rephrase, I don't understand why anyone would push their /home/user / backup git repository to a public one on GitHub :) On Mon, Jan 28, 2013 at 3:49 AM, ianG i...@iang.org wrote: On 28/01/13 05:36 AM, Eitan Adler wrote: On 27 January 2013 21:34, Patrick Mylund Nielsen cryptography@patrickmylund.**com cryptogra...@patrickmylund.com wrote: I don't understand how you can accidentally check in ~/.ssh to your repository, or at least not notice afterwards. Hopefully the OpenSSL authors won't do that! If you keep ~ in a git repo it is surprisingly easy ;) Which a lot of developers do for backups. iang __**_ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/**mailman/listinfo/cryptographyhttp://lists.randombit.net/mailman/listinfo/cryptography ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] An encryption project
On Mon, Jan 28, 2013 at 8:37 AM, Paul Christian pho...@gmail.com wrote: ... not much experiance ... or a details understanding of modern methods. I am interested in developing some technology ... One summary of why that may be hard: http://en.citizendium.org/wiki/Cryptography#Cryptography_is_difficult ie encrypted message from browser to user on another computer. Under circumstances that the senders life may depend on it being secure. What sort of message? If email is enough, just use PGP. For internet chat, look at Off-the-record messaging: http://www.cypherpunks.ca/otr/ If file transfer is enough, look at the secure ftp component of SSH for client/server transfers or whatever is up with secure torrent-sharing systems for P2P. For more general solutions that give you a whole encrypted network, look at TOR, IPsec or Freedombox servers: https://www.freedomboxfoundation.org/ None of those (except perhaps TOR I am not sure about it) give you protection against traffic analysis. A snoop may not be able to read your messages, but he can tell you are using encryption and who you are using it with. Against an oppressive government, that is a fatal flaw. Monitoring can fairly easily pick up where encryption is used and it can be enough for the snoops to apply a nasty label -- with connections to Al Qaeda for the US, disturbing to social harmony in China, ... ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] OAEP for RSA signatures?
Peter Gutmann wrote: the reason why Bleichenbacher attacked v1.5 rather than OAEP is because use of the latter is [...] compared to v1.5, [...] Please correct me if I'm wrong. My point is that the highly significant academic contributions (among which I would put Bleichenbacher attack) should not be mis-represented by authoritative contributors to this list. Bleichenbacher attack uses 1) characteristics of the PKCS v1.5 specs according to which RSA is used in a hybrid cryptosystem, and 2) some oracle which tells the attacker whether a give ciphertext is well-formed or not. The Bleichenbacher attack adaptation to OAEP is non-existent today and would be an even more significant academic result. I must assume that Bleichenbacher would have published results in this direction if his research would have given those. The oracle needed for a practical deployment of the Bleichenbacher attack may be a timing/side channel attack vulnerability, but it may also be something like a too detailed error code reported in the main channel of a protocol. So the minefield from pure timing/side channel attacks versus Bleichenbacher is distinct (and overlapping). Protect against side channel attacks is one motto. Spot the oracle is another one. I find the latter important these days (that's an opinion, no need to correct me on this one!). Use of OAEP is a way to avoid the Bleichenbacher attack oracle vulnerability, i.e. resist Bleichenbacher even if the oracle still remains. Regards, -- - Thierry Moreau CONNOTECH Experts-conseils inc. 9130 Place de Montgolfier Montreal, QC, Canada H2M 2A1 Tel. +1-514-385-5691 ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] openssl on git
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/27/2013 09:34 PM, Patrick Mylund Nielsen wrote: I don't understand how you can accidentally check in ~/.ssh to your repository, or at least not notice afterwards. Hopefully the OpenSSL authors won't do that! There are people who set up personal Git repositories on Github for their configuration files (in /etc, ~/.config, and apparently sometimes ~/.ssh). Some seem to do a `git add .ssh/*` without stopping to think about what might be in there aside from a config file. - -- The Doctor [412/724/301/703] [ZS|Media] Developer, Project Byzantium: http://project-byzantium.org/ PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1 WWW: https://drwho.virtadpt.net/ You can't condemn an entire species. --Ganthet -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iEYEARECAAYFAlEGncQACgkQO9j/K4B7F8Ee6wCgsTivnv2ZJZRUU+ZrEuJouyBf hYoAnAnvwlrHRpho1hfpPbUbl4vXhaH6 =Z+zH -END PGP SIGNATURE- ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] OAEP for RSA signatures?
On Sat, 26 Jan 2013, ianG wrote: Apologies in advance ;) but a cryptography question: I'm coding (or have coded) a digital signature class in RSA. In my research on how to frame the input to the RSA private key operation, I was told words to effect just use OAEP and you're done and dusted. Which was convenient as that was already available/coded. However I haven't seen any other code doing this - it is mostly PKCS1, etc, and RFC3447 doesn't enlighten in this direction. Could OAEP be considered reasonable for signatures? or is this a case of totally inappropriate? Or somewhere in between? iang The following paper seems relevant here: Versatile Padding Schemes for Joint Signature and Encryption, Dodis et al., ACM CCCS 2004. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] openssl on git
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/28/2013 10:24 AM, Patrick Mylund Nielsen wrote: To rephrase, I don't understand why anyone would push their /home/user / backup git repository to a public one on GitHub :) For the use case of personal config files, it makes setting up one's preferred environment across multiple machines easier. One can check out their customized /.*rc/ files, their desktop customizations, and other such things instead of recreating the config files by hand. I do this with the contents of my ~/.config/backpac/hostname/ directories on my Arch Linux machines, because I can do a bare-bones install and then use Backpac to deploy my laptop package list, my workstation package list, my server package list, et cetera without having to leaf through a number of notebooks to figure out what package names I need to start installing. So long as the user does not do something dumb, like including crypto keys in the repository, chances are most-but-probably-not-all of the contents of those repos are not sensitive, so the user probably cares little about making their personal settings for their text editor of choice public. - -- The Doctor [412/724/301/703] [ZS|Media] Developer, Project Byzantium: http://project-byzantium.org/ PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1 WWW: https://drwho.virtadpt.net/ You can't condemn an entire species. --Ganthet -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iEYEARECAAYFAlEGn2AACgkQO9j/K4B7F8ESLwCfawDP0WGKg1f3bMu3nG8wJjwO jmQAn36M+wNZKsuvUM3ABefogmacdJ/q =ehmt -END PGP SIGNATURE- ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] An encryption project
Sorry for the top posting. Are you sure that you want to do something in this field before reading in depth anything ? Crypto is no more magic art. Anyway, it always better to use something that most expert consider, or better, have some proof that it is rock solid, in the modern crypto sense. Jmho 2013/1/28, Paul Christian pho...@gmail.com: Hi Folks, I am new to the list and have in interest in encryption, but not much experiance in breaking/testing or a details understanding of modern methods. I am interested in developing some technology to allow a user to communicate as securly as possible between a termial on an unsecure network and another users. ie encrypted message from browser to user on another computer. Under circumstances that the senders life may depend on it being secure. I have a few ideas in mind, but two important questions; is it worth while? - is ssl good enough? ( it doesn't seem to be from my reading) Anyone want to try and decode/break it once I have a demonstrator? Thanks, Paul -- Inviato dal mio dispositivo mobile ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography