On 2010-07-11 10:11 AM, Brandon Enright wrote:
> On Fri, 9 Jul 2010 21:16:30 -0400 (EDT) Jonathan
> Thornburg wrote:
>
>> The following usenet posting from 1993 provides an
>> interesting bit (no pun itended) of history on RSA key
>> sizes. The key passage is the last paragraph, asserting
>> tha
On Mon, Jul 12, 2010 at 03:37:45PM -0400, Paul Wouters wrote:
> On Mon, 12 Jul 2010, Eric Murray wrote:
>
>> Then there's FIPS- current 140 doesn't have a provision for HW RNG.
>> They certify software RNG only, presumeably because proving a HW RNG to be
>> random enough is very difficult. So wha
On Mon, 12 Jul 2010, Eric Murray wrote:
Then there's FIPS- current 140 doesn't have a provision for HW RNG.
They certify software RNG only, presumeably because proving a HW RNG to be
random enough is very difficult. So what's probably the primary market
(companies who want to meet FIPS) isn't
> I don't know if the new crack reveals anything new. We have
> a writeup about the Skype protection techniques in
> "Surreptitious Software", our book on security-through-obscurity.
> (Sorry for the blatant self-promotion).
I appreciate the self-promotion. My only request is that you include
ISBN
On Mon, 12 Jul 2010, Ben Laurie wrote:
On 2 July 2010 13:19, Eugen Leitl wrote:
http://www.technologyreview.com/printer_friendly_article.aspx?id=25670&channel=Briefings§ion=Microprocessors
Tuesday, June 29, 2010
Nanoscale Random Number Circuit to Secure Future Chips
Intel unveils a circuit
The skype client was reverse engineered several years ago:
@inproceedings{biondi06silver,
title = {Silver Needle in the Skype},
author = {Philippe Biondi and Fabrice Desclaux},
note =
"\url{www.blackhat.com/presentations/bh-europe-06/bh-eu-06-biondi/bh-eu-06-biondi-up.pdf}",
booktitle = {
On Mon, Jul 12, 2010 at 01:13:10PM -0400, Jack Lloyd wrote:
> I think it's important to make the distinction between trusting Intel
> not to have made it actively malicious, and trusting them to have
> gotten it perfectly correct in such a way that it cannot fail.
> Fortunately, the second problem,
On Mon, Jul 12, 2010 at 12:22:51PM -0400, Perry E. Metzger wrote:
> Plugging in an
> external unit is not going to happen in practice. If it isn't nearly
> free and built in, it won't be used.
I completely agree. But HW RNGs are a pain in a lot of ways- modern chip
design libraries don't include
According to Steve Gibson, on his "Security Now!" podcast, episode 0x0100:
http://wiki.twit.tv/wiki/Security_Now_256
the supposed hack was a case of reverse engineering to reproduce the internal
keys and initialization vectors needed to build a Skype-compatible client, and
not a break
of RC4 per
On Mon, Jul 12, 2010 at 12:22:51PM -0400, Perry E. Metzger wrote:
> BTW, let me note that if Intel wanted to gimmick their chips to make
> them untrustworthy, there is very little you could do about it. The
> literature makes it clear at this point that short of carefully
> tearing apart and analy
On Jul 12, 2010, at 11:22 AM, Perry E. Metzger wrote:
> The
> literature makes it clear at this point that short of carefully
> tearing apart and analyzing the entire chip, you're not going to catch
> subtle behavioral changes designed to allow attackers backdoor
> access.
I happen to be re-read
On Tue, 13 Jul 2010 03:58:51 +1200 Peter Gutmann
wrote:
> Ben Laurie writes:
> >On 2 July 2010 13:19, Eugen Leitl wrote:
> >>
> >>http://www.technologyreview.com/printer_friendly_article.aspx?id=25670&channel=Briefings§ion=Microprocessors
> >>
> >>Tuesday, June 29, 2010
> >>
> >>Nanoscale Random
Ben Laurie writes:
>On 2 July 2010 13:19, Eugen Leitl wrote:
>>
>>http://www.technologyreview.com/printer_friendly_article.aspx?id=25670&channel=Briefings§ion=Microprocessors
>>
>>Tuesday, June 29, 2010
>>
>>Nanoscale Random Number Circuit to Secure Future Chips
>>
>>Intel unveils a circuit that
> Have they forgotten the enormous amount of suspicion last time they
> tried this?
More likely they're expecting everyone else to have forgotten about being
suspicious.
/r$
--
STSM, WebSphere Appliance Architect
https://www.ibm.com/developerworks/mydeveloperworks/blogs/soma/
On 2 July 2010 13:19, Eugen Leitl wrote:
>
> http://www.technologyreview.com/printer_friendly_article.aspx?id=25670&channel=Briefings§ion=Microprocessors
>
> Tuesday, June 29, 2010
>
> Nanoscale Random Number Circuit to Secure Future Chips
>
> Intel unveils a circuit that can pump out truly random
15 matches
Mail list logo
