Re: "ISAKMP" flaws?

2005-11-18 Thread Florian Weimer
* William Allen Simpson: > Florian Weimer wrote: >> Photuris uses a baroque variable-length integer encoding similar to >> that of OpenPGP, a clear warning sign. 8-/ > > On the contrary: > > + a VERY SIMPLE "variable-length integer encoding", where every number >has EXACTLY ONE possible repr

Re: "ISAKMP" flaws?

2005-11-18 Thread Ian G
Florian Weimer wrote: Photuris uses a baroque variable-length integer encoding similar to that of OpenPGP, a clear warning sign. 8-/ Actually, if one variable-length integer encoding is used instead of 5 other formats in all sorts of strange places, I'd say this is a good sign. Although I did

Re: "ISAKMP" flaws?

2005-11-18 Thread William Allen Simpson
Florian Weimer wrote: Photuris uses a baroque variable-length integer encoding similar to that of OpenPGP, a clear warning sign. 8-/ On the contrary: + a VERY SIMPLE "variable-length integer encoding", where every number has EXACTLY ONE possible representation (unlike ASN.1 which even the

Re: solving, simplification and factorization of boolean equations

2005-11-18 Thread Ariel Waissbein
Dear Travis, simplification can be reduced to elimination, which is indeed intractable in the general case (for real-sized problems). (I am assuming that you need to simplify a "big" system; however if you only want to simplify a small SBox, then brute forcing might do.). The standard citation on

Re: "ISAKMP" flaws?

2005-11-18 Thread Steven M. Bellovin
In message <[EMAIL PROTECTED]>, Paul Hoffman writes: >At 11:20 AM +0100 11/17/05, Florian Weimer wrote: >>These bugs have been uncovered by a PROTOS-style test suite. Such >>test suites can only reveal missing checks for boundary conditions, >>leading to out-of-bounds array accesses and things lik

Re: "ISAKMP" flaws?

2005-11-18 Thread Florian Weimer
* William Allen Simpson: > Quoting "Photuris: Design Criteria", LNCS, Springer-Verlag, 1999: > > The hallmark of successful Internet protocols is that they are > relatively simple. This aids in analysis of the protocol design, > improves implementation interoperability, and reduces operatio

Re: "ISAKMP" flaws?

2005-11-18 Thread Florian Weimer
* Peter Gutmann: >>> I haven't been following the IPSec mailing lists of late -- can anyone >>> who knows details explain what the issue is? >> >>These bugs have been uncovered by a PROTOS-style test suite. Such test >>suites can only reveal missing checks for boundary conditions, leading to >>ou

Re: Fermat's primality test vs. Miller-Rabin

2005-11-18 Thread Joseph Ashwood
- Original Message - From: "Anton Stiglic" <[EMAIL PROTECTED]> Subject: RE: Fermat's primality test vs. Miller-Rabin The general consensus is that for 500-bit numbers one needs only 6 MR tests for 2^{-80} error probability [1]: My own tests disagreed with this, 512-bits seemed to hav

Re: the effects of a spy

2005-11-18 Thread Jack Lloyd
On Thu, Nov 17, 2005 at 12:10:53PM -0500, John Kelsey wrote: > c. Maybe they just got it wrong. SHA0 and SHA1 demonstrate that this > is all too possible. (It's quite plausible to me that they have very > good tools for analyzing block ciphers, but that they aren't or > weren't sure how to best