They can't be as anonymous as cash if the party being dealt with
can be identified. And the party can be identified if the
transaction is online, real-time. Even if other clues are erased,
there's still traffic analysis in this case.
If I show up at a store and pay cash for something every
Udhay Shankar N writes:
-+-
| http://www.claybennett.com/pages/security_fence.html
|
Earlier this week, I heard Dr. Donald Kerr, Principal
Deputy Director, ODNI, say that the greatest challenge
of the next (U.S.) administration would be a fundamental
re-thinking of the
James A. Donald wrote:
I have figured out a solution, which I may post here
if you are interested.
Ian G wrote:
I'm interested. FTR, zooko and I worked on part of
the problem, documented briefly here:
http://www.webfunds.org/guide/sdp/index.html
I have posted How to do VPNs right at
On Sun, Feb 03, 2008 at 09:24:48PM +1000, James A. Donald wrote:
Nicolas Williams wrote:
What, specifically, are you proposing?
I am still writing it up.
Running the web over UDP?
In a sense.
That should have been done from the beginning, even before security
became a problem.
Guus Sliepen [EMAIL PROTECTED] writes:
Peter sent us his write-up up via private email a few days before he posted
it to this list (which got it on Slashdot). I had little time to think about
the issues he mentioned before his write-up became public.
I should provide some background for the
Ian G [EMAIL PROTECTED] writes:
James A. Donald wrote:
I have been considering the problem of encrypted channels over UDP or
IP. TLS will not work for this, since it assumes and provides a
reliable, and therefore non timely channel, whereas what one wishes to
provide is a channel where
Steven M. Bellovin [EMAIL PROTECTED] writes:
On Fri, 01 Feb 2008 13:29:52 +1300
[EMAIL PROTECTED] (Peter Gutmann) wrote:
Actually it doesn't even require X.509 certs. TLS-SRP and TLS-PSK
provide mutual authentication of client and server without any use of
X.509. The only problem has been
' =JeffH ' [EMAIL PROTECTED] writes:
[EMAIL PROTECTED] said:
http://www.xml-dev.com/blog/index.php?action=viewtopicid=196
thanks, but that doesn't actually answer my first question. It only documents
that a and b (alice and bob) arrive at the ZZ value independently. My question
is actually
Eric Rescorla [EMAIL PROTECTED] writes:
I don't propose to get into an extended debate about whether it is better to
use SRTP or to use generic DTLS. That debate has already happened in IETF and
SRTP is what the VoIP vendors are doing. However, the good news here is that
you can use DTLS to key
On Feb 1, 2008, at 9:34 PM, Ian G wrote:
* Browser vendors don't employ security people as we know them on
this mailgroup [...] But they are completely at sea when it comes
to systemic security failings or designing new systems.
I don't know about other browsers, but Mozilla's CSO-type is
On Jan 31, 2008, at 10:32 PM, Richard Salz wrote:
Developers working in almost any field should know the history and
best
practices -- is PGP's original bass o matic any more important
than the
code in a defibrillator? -- but this is not the way our field works
right
now. Compare it to
Frank Siebenlist [EMAIL PROTECTED] writes:
That's actually a sad observation.
I keep telling my colleagues that this technology is coming any day now to
a browser near you - didn't realize that that there was no interest with the
browser companies to add support for this...
I know of a number
Commenting on just one portion:
| 2. VoIP over DTLS
| As Perry indicated in another message, you can certainly run VoIP
| over DTLS, which removes the buffering and retransmit issues
| James is alluding to. Similarly, you could run VoIP over IPsec
| (AH/ESP). However, for performance reasons,
At Mon, 4 Feb 2008 09:33:37 -0500 (EST),
Leichter, Jerry wrote:
Commenting on just one portion:
| 2. VoIP over DTLS
| As Perry indicated in another message, you can certainly run VoIP
| over DTLS, which removes the buffering and retransmit issues
| James is alluding to. Similarly, you
Ok thanks, I'm going to risk pedanticism in order to nail things down a bit
more rigorously..
' =JeffH ' [EMAIL PROTECTED] writes:
[EMAIL PROTECTED] said:
http://www.xml-dev.com/blog/index.php?action=viewtopicid=196
thanks, but that doesn't actually answer my first question. It only documents
- Original Message -
From: ' =JeffH ' [EMAIL PROTECTED]
Sent: Saturday, February 02, 2008 12:56 PM
Subject: Re: questions on RFC2631 and DH key agreement
If a purportedly secure protocol employing a nominal DH exchange in
order to
establish a shared secret key between a requester and
Comments inline.
On Feb 3, 2008, at 5:56 PM, Eric Rescorla wrote:
- If you use DTLS with AES in CBC mode, you have the 4 byte DTLS
header, plus a 16 byte IV, plus 10 bytes of MAC (in truncated MAC
mode), plus 2 bytes of padding to bring you up to the AES block
boundary: DTLS adds 32 bytes of
Nicolas Williams wrote:
Sounds a bit like SCTP, with crypto thrown in.
SCTP is what we should have done http over, though of
course SCTP did not exist back then. Perhaps, like
quite a few other standards, it still does not quite
exist.
I thought it was the latency cause by unnecessary
On Tue, Feb 05, 2008 at 08:17:32AM +1000, James A. Donald wrote:
Nicolas Williams wrote:
Sounds a bit like SCTP, with crypto thrown in.
SCTP is what we should have done http over, though of
course SCTP did not exist back then. Perhaps, like
quite a few other standards, it still does not
I'd scrawled:
If a purportedly secure protocol employing a nominal DH exchange in
order to
establish a shared secret key between a requester and responder, employs
widely known published (on the web) fixed values for g (2) and p (a
purportedly prime 1040 bit number) for many of it's
' =JeffH ' [EMAIL PROTECTED]
[EMAIL PROTECTED] said:
I'm going to approach the answer somewhat differently: Why are you using
this mechanism?
Are you referring to the above mentioned mechanism of arriving at the ZZ
value independently, which is implied in RFC2631?
I'm referring to the X9.42
http://www.nytimes.com/2008/02/05/science/space/05spotters.html
When the government announced last month that a top-secret spy satellite
would, in the next few months, come falling out of the sky, American
officials said there was little risk to people because satellites fall
out of orbit
- Original Message -
From: ' =JeffH ' [EMAIL PROTECTED]
To: Joseph Ashwood [EMAIL PROTECTED]
Cc: cryptography@metzdowd.com
Sent: Monday, February 04, 2008 5:18 PM
Subject: Re: questions on RFC2631 and DH key agreement
I'd scrawled:
If a purportedly secure protocol employing a
[EMAIL PROTECTED] said:
*nix /dev/urandom should work well, the entropy harvesting is reasonably
good, and the mixing/generating are sufficient to keep it from being the
weak link.
yeah, that's the way it sounds from the man page (on linux). thx.
Actually I'm saying that if p and g do
Peter Gutmann wrote:
Frank Siebenlist [EMAIL PROTECTED] writes:
That's actually a sad observation.
I keep telling my colleagues that this technology is coming any day now to
a browser near you - didn't realize that that there was no interest with the
browser companies to add support for
a recent reference
Research unmasks anonymity networks
http://www.techworld.com/security/news/index.cfm?newsID=11295
Research unmasks anonymity networks
http://www.networkworld.com/news/2008/020108-research-unmasks-anonymity.html
Research unmasks anonymity networks
On Mon, 4 Feb 2008 09:33:37 -0500 (EST)
Leichter, Jerry [EMAIL PROTECTED] wrote:
The NSA quote someone - Steve Bellovin? - has repeated comes to mind:
Amateurs talk about algorithms. Professionals talk about economics.
Using DTLS for VOIP provides you with an extremely high level of
On Wed, Feb 06, 2008 at 09:21:47AM -0800, Frank Siebenlist wrote:
With the big browser war still going strong, wouldn't that provide
fantastic marketing opportunities for Firefox?
If Firefox would support these secure password protocols, and the banks
would openly recommend their
Thanks Hal.
It turns out the supplied default for p is 1024 bit -- I'd previously goofed
when using wc on it..
DCF93A0B883972EC0E19989AC5A2CE310E1D37717E8D9571BB7623731866E61EF75A2E27898B057
F9891C2E27A639C3F29B60814581CD3B2CA3986D2683705577D45C2E7E52DC81C7A171876E5CEA7
Jeff Hodges writes:
If a purportedly secure protocol employing a nominal DH exchange in order
to
establish a shared secret key between a requester and responder, employs
widely known published (on the web) fixed values for g (2) and p (a
purportedly prime 1040 bit number) for many of it's
Joseph Ashwood writes, regarding unauthenticated DH:
I would actually recommend sending all the public data. This does not take
significant additional space and allows more verification to be performed. I
would also suggest looking at what exactly the goal is. As written this
provides no
On Feb 4, 2008, at 1:55 PM, Arshad Noor wrote:
Do business people get it? Do security professionals get it?
Apparently not.
Arshad Noor
StrongAuth, Inc.
Huge losses reported by Société Générale were apparently enabled
by forgotten low-level IT chores such as password management.
At Mon, 04 Feb 2008 14:29:50 +1000,
James A. Donald wrote:
James A. Donald wrote:
I have figured out a solution, which I may post here
if you are interested.
Ian G wrote:
I'm interested. FTR, zooko and I worked on part of
the problem, documented briefly here:
It is a number of things that I will elucidate, Jon; but it is
definitely not raw security.
It is:
* a recognition that a company in business using other people's
money has a fiduciary responsibility for managing it with prudence;
* an awareness that computerized trading has the potential to
[EMAIL PROTECTED] (Peter Gutmann) on Monday, February 4, 2008 wrote:
Eric Rescorla [EMAIL PROTECTED] writes:
I don't propose to get into an extended debate about whether it is better to
use SRTP or to use generic DTLS. That debate has already happened in IETF and
SRTP is what the VoIP vendors
35 matches
Mail list logo