Re: Security Architect Position at National Archives

At 12:02 PM -0400 4/29/04, Rich Salz wrote: > The role is for a system architec/designer with strong cyber > security experience. Somebody who can evaluate the security > implication of various design proposal. In other words, I'm not > looking just for somebody who can run a firewall or vulnera

acoustic cryptanalysis

Adi Shamir & Eran Tromer find you can literally "listen in" on your computer doing RSA computations: http://www.wisdom.weizmann.ac.il/~tromer/acoustic/ -- Perry E. Metzger[EMAIL PROTECTED] - The Cryptography Ma

Re: The future of security

On Thu, 2004-05-06 at 17:52, Ian Grigg wrote: > c. much less emphasis on deductive no-risk > systems (PKIs like x.509 with SSL) due to the > poor security and market results of the CA > model. > at the nist pki r&d workship (mentioned elsewhere in some other post in this mailing list) there was

E-Voting Commission Gets Earful

Wired News E-Voting Commission Gets Earful By Michael Grebb? Story location: http://www.wired.com/news/evote/0,2645,63349,00.html 02:00 AM May. 06, 2004 PT WASHINGTON -- Passions ran high Wednesday at the first public hearing of the Elect

Quantum crypto gets a speed boost

Optics.org Quantum crypto gets a speed boost 6 May 2004 NIST scientists transfer a quantum key made of single photons at a rate of 1Mbps. A team of US scientists from the National Institute of Standards and Technology (NIST) in Colorado and Acadia Opt

Re: The future of security

Ian Grigg wrote: Graeme Burnett wrote: Hello folks, I am doing a presentation on the future of security, which of course includes a component on cryptography. That will be given at this conference on payments systems and security: http://www.enhyper.com/paysec/ Would anyone there have any good pred

Re: The future of security

Graeme Burnett wrote: Hello folks, I am doing a presentation on the future of security, which of course includes a component on cryptography. That will be given at this conference on payments systems and security: http://www.enhyper.com/paysec/ Would anyone there have any good predictions on how cr

Book Review: Malicious Cryptography- Exposing Cryptovirology

About.com Book Review: Malicious Cryptography >From Tony Bradley, CISSP, Your Guide to Internet/Network Security. Guide Rating - The Bottom Line Most people are familiar with malware- viruses, worms, Trojans, etc.- and mos

Microsoft: 'Palladium' Is Still Alive and Kicking

Wednesday, May 05, 2004 Microsoft: 'Palladium' Is Still Alive and Kicking By Mary Jo Foley Updated: Redmond denies published report that it is axing its Next-Generation Secure Computing Base and insists the technology still wil

Tiny new agency ill-equipped for e-voting oversight

The San Jose Mercury News Posted on Mon, May. 03, 2004 Tiny new agency ill-equipped for e-voting oversight SAN JOSE, Calif. (AP) - As alarm mounts over the integrity of the ATM-like voting mac

Getting Carded

The Wall Street Journal May 4, 2004 REVIEW & OUTLOOK Getting Carded May 4, 2004 The Scottish historian and philosopher David Hume once wrote that "it is seldom that any liberty is lost all at once." British Home Secr

MatrixSSL Embedded SSL/TLS

For those of you who are interested in the coding aspects of crypto, I'd like to announce that our small footprint SSL/TLS library, MatrixSSL is available for download at http://www.matrixssl.org With a footprint under 50KB, MatrixSSL not only meets device requirements, it also provides a protocol

Top Italian Mafia Boss Dies in U.S. Prison

The life, and death, of Mr. Badalamenti is important to cryptography people and cypherpunks for two reasons. First, the so-called "Pizza Connection" case is one of the very few times, if not the first, where actual wiretap data was good enough to convict someone. The other reason it is important

Wikipedia project: Crypto

The good people at Wikipedia have started a cryptography subproject, "an attempt to build a comprehensive and detailed guide to cryptography in the Wikipedia." The project page: http://en.wikipedia.org/wiki/Wikipedia:WikiProject_Cryptography features a list of open tasks and things that need cleanu

Calif. Official Bans Some Voting Machines

Yahoo! Yahoo! News Sat, May 01, 2004 Calif. Official Bans Some Voting Machines Fri Apr 30, 8:56 PM ET Add U.S. National - AP to My Yahoo! By JIM WASSERMAN, Associated Press Writer SACRAM

Fwd: [ISN] Mobile flaws expose executives to bugging

*Took* 'em long enough... Cheers, RAH --- begin forwarded text Date: Fri, 30 Apr 2004 02:30:16 -0500 (CDT) From: InfoSec News <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: [ISN] Mobile flaws expose executives to bugging Reply-To: [EMAIL PROTECTED] List-Id: InfoSec News List-Unsubscribe: <

Credentica (Re: Is there a Brands certificate reference implementation?)

Hello Steve, From: Steve Furlong <[EMAIL PROTECTED]> To: [EMAIL PROTECTED], [EMAIL PROTECTED] > Fwd: [EMAIL PROTECTED], [EMAIL PROTECTED] Date: 25 Apr 2004 12:14:30 -0400 Does anyone know of a reference implementation for Stefan Brands's digital certificate scheme? Alternatively, does anyone have

[Publicity-list]: DATE CHANGE- DIMACS Workshop on Mobile and Wireless Security

DATE CHANGE **DATE CHANGE **DATE CHANGE ** * DIMACS Workshop on Mobile and Wireless Security November 3 - 5, 2004*** NEW DATE DIMACS Center, Rutgers University, Piscataway, NJ Organizers: B

Re: The future of security

Many thanks to the list members who have contributed ideas to the above - I'll share the results by previewing the paper in the next few weeks if I may. Having been a devotee of the financial crypto community for many years, a thought has just occurred to me about the possible use of Systemics Ric

Signs Point to Worm Attack on SSL Vulnerability

EWeek Signs Point to Worm Attack on SSL Vulnerability April 27, 2004 By Dennis Fisher Security experts on Tuesday said they are seeing evidence of what appears to be a worm exploiting the recently announced vulnerability in the Win

RFC 3766 Determining Strengths For Public Keys Used For Exchanging Symmetric Keys

also summary entry at http://www.garlic.com/~lynn/rfcidx12.htm#3766 clicking on ".txt=nnn" field in the summary retrieves the actual RFC BCP 86 RFC 3766 Title: Determining Strengths For Public Keys Used For Exchanging Symmetric Keys Author(s)

iTunes 4.5: "24 hours after I downloaded it... I've broken it"

crazney.net - iTunes stuff Welcome to my iTunes stuff website, here you will find various things relating to iTunes hacking that I have written. Last updated:April 29, 2004 iTunes 4.5: iTunes 4.5 uses a new authentication algorithm. However, not even 24 ho

Security Architect Position at National Archives

Forwarded with permission. This may not be appropriate for the list, but it is one of the most interesting and useful crypto/security jobs I've seen in some time... The position is at Archive II in College Park, right next to the University of MD, at the junction of I-95 and the beltway. The h

Re: The future of security

Would anyone there have any good predictions on how cryptography is going to unfold in the next few years or so? I have my own ideas, but I would love to see what others see in the crystal ball. prediction: just as in the 1990s the commercial world caught up to the mil world i

Re: Can Skype be wiretapped by the authorities?

At 10:49 PM +0200 4/27/04, Axel H Horns wrote: Is something known about the details of the crypto protocol within Skype? How reliable is the encryption? See e.g. http://www.financialcryptography.com/mt/archives/76.html Can Skype be wiretapped by the authorities? With collaboration of the Skype

Re: Is there a Brands certificate reference implementation?

Stefan Brands started his own company, http://www.credentica.com/ There isn't much on the web site yet, but if you click on the image you get the info email address. The code that was developed for Brands credentials at ZKS was never released. There was also code written during the ESPRIT proje

message, but also test

--- begin forwarded text Date: Thu, 29 Apr 2004 09:07:44 + From: Ryan Lackey <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] User-Agent: Mutt/1.5.5.1+cvs20040105i Subject: message, but also test Sender: [EMAIL PROTECTED] I have two questions: 1) Does anyone have actual performance measurements o

Re: Can Skype be wiretapped by the authorities?

- Original Message - From: "Axel H Horns" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, April 28, 2004 4:49 AM Subject: Can Skype be wiretapped by the authorities? > Is something known about the details of the crypto protocol within > Skype? How reliable is the encryption?

Re: How to WASTE and want not

This page seems to describe the security: http://waste.sourceforge.net/security.html iang - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: Can Skype be wiretapped by the authorities?

- Original Message - From: "Axel H Horns" <[EMAIL PROTECTED]> Subject: Can Skype be wiretapped by the authorities? > Is something known about the details of the crypto protocol within > Skype? How reliable is the encryption? While Skype is generally rather protective of their protocol,

[Neuclear-general] ANNOUNCE: Released version 0.7 of NeuClear Commons

--- begin forwarded text From: Pelle Braendgaard <[EMAIL PROTECTED]> Organization: VERAX Inc To: [EMAIL PROTECTED], [EMAIL PROTECTED] User-Agent: KMail/1.6.2 Cc: [EMAIL PROTECTED] Subject: [Neuclear-general] ANNOUNCE: Released version 0.7 of NeuClear Commons Sender: [EMAIL PROTECTED] Lis

RSA-576 Factored

MathWorld Headline News RSA-576 Factored By Eric W. Weisstein December 5, 2003--On December 3, the day after the announcement of the discovery of the largest known prime by the Great Internet Mersenne Prime Search on December 2 (MathWorld

The crypto whiz

CNET News http://www.news.com/ The crypto whiz By Michael Kanellos and Charles Cooper Staff Writer, CNET News.com http://news.com.com/2008-7355-5201504.html Story last modified April 28, 2004, 4:00 AM PDT Paul Koche

[Neuclear-general] ANNOUNCE: NeuClear XMLSig 0.13 Released

--- begin forwarded text From: Pelle Braendgaard <[EMAIL PROTECTED]> To: [EMAIL PROTECTED], [EMAIL PROTECTED] User-Agent: KMail/1.6.2 Cc: [EMAIL PROTECTED], <[EMAIL PROTECTED]> Subject: [Neuclear-general] ANNOUNCE: NeuClear XMLSig 0.13 Released Sender: [EMAIL PROTECTED] List-Id: List-Po

Brands' private credentials

Here's what I remember from about a year ago about the current state of private credentials. That recollection comes with no warranties express or implied. Last I heard, Brands started a company called Credentica, which seems to only have a placeholder page (although it does have an info@ addres

Re: The future of security

On Mon, Apr 26, 2004 at 08:21:43PM +0100, Graeme Burnett wrote: > > Would anyone there have any good predictions on how > cryptography is going to unfold in the next few years > or so? I have my own ideas, but I would love > to see what others see in the crystal ball. My guess is that it is un