NSA posts notice about faster, lighter crypto
http://www.fcw.com/article91669-12-09-05-Web
The National Security Agency wants federal agencies to consider using a
group of algorithms it refers to as Suite B to satisfy future
cryptographic requirements. Suite B contains NSA-approved cryptographic
Ed Gerck wrote:
I think that's where PKI got it wrong in several parts and not
just the CPS. It started with the simplest (because it was meant to
work for a global RA -- remember X.500?) and then complexity was
added. Today, in the most recent PKIX dialogues, even RFC authors
often disagree
--- begin forwarded text
Delivered-To: [EMAIL PROTECTED]
Date: Sat, 10 Dec 2005 17:48:40 -0500
To: Philodox Clips List [EMAIL PROTECTED]
From: R. A. Hettinga [EMAIL PROTECTED]
Subject: [Clips] MIT Real ID Conference a Success: Participate in New Virtual
Civic Conversation
Reply-To:
Anne Lynn Wheeler wrote:
OCSP provides for a online
transaction which asks whether the stale, staic information is still
usuable, attempting to preserve the facade that digital certificates
serve some useful purpose when there is online, direct access
capability. The alternative is to eliminate
--- begin forwarded text
Delivered-To: [EMAIL PROTECTED]
Date: Sat, 10 Dec 2005 20:51:58 -0500
To: Philodox Clips List [EMAIL PROTECTED]
From: R. A. Hettinga [EMAIL PROTECTED]
Subject: [Clips] Pentagon Intelligence Agency Gathers Domestic Intelligence
Reply-To: [EMAIL PROTECTED]
Sender:
A recent magazine article suggested a spoofing technique involving
wrapping one's finger with a few layers of cellophane; the latent
print on the reader apparently is visible enough to be reused in this
manner, at least with some currently-available scanners.
--
On Fri, 9 Dec 2005, Ed Gerck wrote:
[...] at least the grand
picture should exist beforehand. This is what this thread's subject
paper is about, the grand picture for secure email and why aren't
we there yet (Phil's PGP is almost 15 years old) --
--
James A. Donald wrote:
However, the main point of attack is phishing, when
an outsider attempts to interpose himself, the man
in the middle, into an existing relationship between
two people that know and trust each other.
Anne Lynn Wheeler [EMAIL PROTECTED]
in the traditional,
James A. Donald wrote:
This was the scenario envisaged when PKI was created,
but I don't see it happening, and in fact attempting to
do so using existing user interfaces is painful. They
don't seem designed to do this.
My product, Crypto Kong, http://echeque.com/Kong was
designed to
--
From: Bill Stewart [EMAIL PROTECTED]
The real security issue for your mother is [...] her
bank and eBay don't cryptographically sign their mail.
And, since her bank and ebay are under massive attack
from phishers, and your mother, if she is using any of
the common email clients is
--
From: Anne Lynn Wheeler [EMAIL PROTECTED]
drastically improving the useability of the interface
to the trusted public key repositories could be viewed
as having two downsides 1) certification authorities
that haven't payed to have their public keys preloaded
can more easily join
One thing I haven't seen from a PRNG or HWRNG library or device is an
unpredictable sequence which does not repeat; in other words, a
[cryptographically strong?] permutation. This could be useful in all
sorts of places in the kernel and elsewhere to prevent replay (for
example, in DNS ID #s, in
In Peter Gutmann's godzilla cryptography tutorial, he has some really
good (though terse) advice on subtle gotchas in using DH/RSA/Elgamal.
I learned a few no-nos, such as not sending the same message to 3
seperate users in RSA (if using 3 as an encryption exponent).
My question is, what is the
My question is, what is the layperson supposed to do, if they must use
crypto and can't use an off-the-shelf product?
When would that be the case?
The only defensible situations I can think of in which a
non-crypto-specialist programmer would need to write crypto routines
would be an uncommon
--
From: Ed Gerck [EMAIL PROTECTED]
Digital certs (X.509 and PGP) are useful when the key
owner is not online. There is a world when this not
only happens but is also useful. BTW, this is
recognized in IBE as well.
But the key owner is always online, for in practice,
In Peter Gutmann's godzilla cryptography tutorial, he has some really
good (though terse) advice on subtle gotchas in using DH/RSA/Elgamal.
I learned a few no-nos, such as not sending the same message to 3
seperate users in RSA (if using 3 as an encryption exponent).
My question is, what
On Mon, Dec 12, 2005 at 12:20:26AM -0600, Travis H. wrote:
2) While CTR mode with a random key is sufficient for creating a
permutation of N-bit blocks for a fixed N, is there a general-purpose
way to create a N-bit permutation, where N is a variable? How about
picking a cryptographically
Seems like a lot of new folks (myself included) ask questions that
have the following answer:
Read the literature, no there's no one site, that would be too much effort, c.
Would a wiki specifically for crypto distribute the burden enough to be useful?
Or should we just stick to wikipedia? Is
NIST, in its series of FIPS standards and Special Publications, has defined
federal standards for digital signatures and modes of operation for symmetric
ciphers, and is moving towards standardizing key exchange mechanisms based
on public key algorithms. Those standards are also free, though
On Mon, 12 Dec 2005, Travis H. wrote:
In Peter Gutmann's godzilla cryptography tutorial, he has some really
good (though terse) advice on subtle gotchas in using DH/RSA/Elgamal.
I learned a few no-nos, such as not sending the same message to 3
seperate users in RSA (if using 3 as an encryption
On Sat, 10 Dec 2005, Anne Lynn Wheeler wrote:
NSA posts notice about faster, lighter crypto
http://www.fcw.com/article91669-12-09-05-Web
This makes me wonder how news are created -- the NSA announcement made
on 16 February 2005 becomes a news in December...
BTW, we already discussed here
Not to side track the discussion, but frequently I've heard PKI
compared to PGP's model. Isn't PGP's trust model the same as everyone
being their own CA?
I find PGP to be problematic. Many keys I see are only self-signed,
and this includes important keys like CERT. Many others sit unsigned
on
At 9:57 AM -0600 12/12/05, Travis H. wrote:
Would a wiki specifically for crypto distribute the burden enough to
be useful?
Or should we just stick to wikipedia? Is it doing a satisfactory job?
I cannot answer the first question: I am leery of wikis that have
open posting rights, and I am
On Mon, 12 Dec 2005, Travis H. wrote:
Seems like a lot of new folks (myself included) ask questions that
have the following answer: Read the literature, no there's no one
site, that would be too much effort, c. Would a wiki specifically
for crypto distribute the burden enough to be useful?
--
From: Ralf Senderek [EMAIL PROTECTED]
I think what's missing is the understanding that there
cannot be secure email without the persons involved
acting responsible and knowing their role in the
process. Your mother will probably expect the computer
to do the job for her (mine will
Date sent: Mon, 12 Dec 2005 00:41:13 -0600
From: Travis H. [EMAIL PROTECTED]
To: cryptography@metzdowd.com
Subject:crypto for the average programmer
In Peter Gutmann's godzilla cryptography tutorial, he has some really
good
--
From: Whyte, William [EMAIL PROTECTED]
Check the standards.
The RSA PKCS#1 standard, which are free, describe how
to do RSA securely and summarize known security
results.
http://www.rsasecurity.com/rsalabs/node.asp?id=2124.
Don't use PKCS#3-style Diffie Hellman; it's been
Travis H. wrote:
Would a wiki specifically for crypto distribute the burden enough to be useful?
Or should we just stick to wikipedia? Is it doing a satisfactory job?
I'd read it. More resources == better. But keep the current Wikipedia
controversy in mind WRT the veracity of the
On Mon, 12 Dec 2005, Steve Furlong wrote:
| My question is, what is the layperson supposed to do, if they must use
| crypto and can't use an off-the-shelf product?
|
| When would that be the case?
|
| The only defensible situations I can think of in which a
| non-crypto-specialist programmer
29 matches
Mail list logo