Re: What email encryption is actually in use?

2002-10-02 Thread Paul Krumviede 

--On Wednesday, 02 October, 2002 10:54 -0500 Jeremey Barrett 
[EMAIL PROTECTED] wrote:

 Udhay Shankar N wrote:
| At 10:04 AM 10/2/02 -0500, Jeremey Barrett wrote:
|
| Amusingly, virtually none of them support STARTLS on any other protocol.
| :) IMAP and POP are almost all supported only on dedicated SSL ports
| (IMAPS, POP3S). Argh.
|
| I use Eudora, as I'm very comfortable with it (so comfortable, in fact,
| that it's my primary reason for booting Windows at all.)
|
| The version I use, 5.1, *does* support STARTTLS for POP over both the
| regular port 110 as well as alternate ports, as well as user-defined
| ports. It needs some tweaking, but the capability exists.
|
| I don't know about IMAP, as I don't use IMAP to get my mail.
|

 Yes, Eudora is the exception. It supports both STARTTLS and dedicated
 SSL ports for all mail protocols (it even does SMTPS I think).

it isn't the only exception: i use mulberry with IMAP, and it supports
STARTTLS for both IMAP and SMTP over the normal ports; haven't
tried POP3, although it looks like it should work. and this seems to
work for mulberry on linux, macs and windows.

-paul


-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: Real-world steganography

2002-09-30 Thread Paul Krumviede 

--On Tuesday, 01 October, 2002 13:54 +1200 Peter Gutmann 
[EMAIL PROTECTED] wrote:

 I recently came across a real-world use of steganography which hides extra
 data in the LSB of CD audio tracks to allow (according to the vendor) the
 equivalent of 20-bit samples instead of 16-bit and assorted other
 features. According to the vendors, HDCD has been used in the recording
 of more than 5,000 CD titles, which include more than 250 Billboard Top
 200 recordings and more than 175 GRAMMY nominations, so it's already
 fairly widely deployed.

maybe. i'm not sure how many players support it (my spectral D/A
convertor does, but then some of the people at spectral seem to
have invented HDCD). while the CDs i have that use it sound
pretty good, i don't have any good way to compare them when
played back over a non-HDCD capable convertor (i could hook
up one of my computer CD drives, but that doesn't seem fair
compared to the spectral transport-D/A combination).

but when i do play such CDs on other gear, i don't notice any
audible degradation, so it isn't obviously harmful.

i've seen comments in reviews of professional CD mastering
gear that there are other, seemingly preferred, technologies,
although i've never found details of them.

-paul


-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: Japan Broke U.S. Code Before Pearl Harbor, Researcher Finds

2001-12-09 Thread Paul Krumviede 

while not really cryptography related, i'd suggest a reading of the chapter
prologue to pearl harbor of herbert bix's hirohito and the making of
modern japan before taking seriously anything other than the finding that 
the
japanese may have broken one (or more) american cipher.

comments on japanese surprise at the (long-standing) american insistence
on withdrawal from china seem akin to japanese hopes in mid-1945 that
somehow the soviets could be persuaded to intervene on their behalf
to avoid surrendering... (on this subject, richard frank's downfall has
some interesting analysis of what the americans were learning from the
various japanese ciphers in 1945, including the diplomatic and military
systems.)

-paul

--On Friday, 07 December, 2001 11:09 -0500 R. A. Hettinga 
[EMAIL PROTECTED] wrote:

 http://www.latimes.com/templates/misc/printstory.jsp?slug=la%2D120701codes

 http://www.latimes.com/news/nationworld/world/la-120701codes.story
 Japan Broke U.S. Code Before Pearl Harbor, Researcher Finds

 Asia: Discovery is based on papers unearthed in Tokyo. They show attack
 may have been prompted by belief that Washington had decided on war. By
 VALERIE REITMAN
 Times Staff Writer

 December 7 2001

 TOKYO -- Toshihiro Minohara made a startling discovery while digging
 through the U.S. National Archives in College Park, Md., last summer.
 While researching secret codes used prior to the attack on Pearl Harbor
 60 years ago, the young Japanese American professor stumbled upon a
 document, declassified by the CIA about five years ago, that proved that
 Tokyo had succeeded in breaking the U.S. and British diplomatic codes. A
 few microfilmed documents, showing the Japanese translations of the
 telegrams, were attached.

 Minohara knew he was on to something important: For decades it was widely
 believed that Japan, then a developing country with a fierce rivalry
 between its army and navy, hadn't been up to measure when it came to
 code-breaking, particularly the documents of the Americans.

 We are so . . . arrogant, said Donald Goldstein, a professor at the
 University of Pittsburgh and co-author of At Dawn We Slept: The Untold
 Story of Pearl Harbor. It's very possible they could have broken our
 code, so why shouldn't they have?

 Research in Tokyo Confirms Findings

 Further research by a colleague in Japan confirmed the findings--and may
 shed light on the mind-set that caused Japan's last holdouts for peace to
 opt for war just weeks before the attack, Minohara said this week.

 When Minohara sent fellow Kobe University teacher Satoshi Hattori to check
 Japan's diplomatic archives in Tokyo, he wasn't optimistic: Most
 top-secret documents were burned after being read in wartime Japan. Those
 that remained were confiscated by the U.S. during the occupation that
 followed Japan's 1945 defeat; they are now housed in U.S. archives.

 But Hattori unearthed a folder marked Special Documents, containing 34
 communiques that would have been easy to overlook--and apparently have
 been by other Japanese researchers numerous times. They are simple typed
 pages, written primarily in English, of U.S. and British diplomatic
 discussions and telegrams, many from U.S. Secretary of State Cordell Hull
 to various U.S. ambassadors.

 The contents of the documents have long been known to historians the world
 over, and some even pop up on the Internet. But their appearance in the
 Japanese archives reveals that Tokyo knew what was going on in Washington
 in the weeks before Dec. 7, 1941, when the Japanese attacked Pearl Harbor,
 killing more than 2,000 people.

 Minohara says his findings may shed light on why the few doves in the
 Japanese Cabinet--in particular, Foreign Minister Shigenori Togo--dropped
 their opposition to war.

 Japan Stunned by Hard-Line U.S. Edict

 The U.S., alarmed by the march of Japan's Imperial Army through Asia, had
 imposed an oil embargo on the nation and told it to get out of China,
 among other things. Togo had sent a conciliatory rebuttal, known as the
 Five Points Plan, offering some concessions and seeking to continue
 discussions.

 Japan knew from the decoded cables that the U.S. had been seriously
 considering some of the compromises. But on Nov. 26, 1941, the Americans
 stunned Japan with a hard-line edict essentially ordering Tokyo's troops
 to get out of China and Indochina or face the consequences. This
 apparently convinced even Togo that the U.S. had decided on war.

 Many historians have speculated that President Franklin D. Roosevelt was
 looking for an excuse to get into the war in Europe; they posit that he
 knew Japan would attack but thought the target might be American forces in
 the Philippines or instead perhaps Malaya, then a British colony, which
 would prompt the U.S. to come to the aid of its ally.

 The newly revealed documents raise an interesting question, Minohara says.
 Had the American side accepted the compromises it was considering--lifting
 the oil

Re: Forward Security Question

2001-11-18 Thread Paul Krumviede 

--On Sunday, 18 November, 2001 12:30 -0800 AARG!Anonymous 
[EMAIL PROTECTED] wrote:

 Hi All,

 I have recently been reading about password-based authentication schemes,
 especially EKE and its variants.  The papers I've read on EKE, DH-EKE,
 and  SPEKE all refer to their perfect forward security, though I have
 been  unable to find a formal definition of this property, or any
 detailed  explanation of what this really means.

rfc 2828 has a discussion of this, but mentions that this is to be a 
muddled
area.

-paul




-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]