Re: classical crypto programmatic aids

[Max A.]

Travis,

Take a look at http://www.cryptool.com/

Regards,
Max

On 6/27/06, Travis H. [EMAIL PROTECTED] wrote:

Hi folks,

Does anyone here know of any computer-based aids for breaking
classical cryptosystems?  I'm thinking in particular of the ones in
Body of Secrets, which are so short that I really hope they're
monoalphabetic substitutions.  But I'm interested in these sorts of
programs more generally.  I could use paper, but it'd be nice if a
computer could keep track of what I've tried and otherwise ruled out.
I am aware of the crypt breaker's workbench, but that's specific to
classic Unix crypt(3).  What else is there?

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: classical crypto programmatic aids

[lists]

Travis,

 Does anyone here know of any computer-based aids for breaking
 classical cryptosystems?  I'm thinking in particular of the ones in
 Body of Secrets, which are so short that I really hope they're
 monoalphabetic substitutions.  But I'm interested in these sorts of
 programs more generally.  I could use paper, but it'd be nice if a
 computer could keep track of what I've tried and otherwise ruled out.
 I am aware of the crypt breaker's workbench, but that's specific to
 classic Unix crypt(3).  What else is there?

In the 1990s Remo Pini (Pini Computer Trading, Switzerland) was distributing
a crypto CD with such things on it.  At the time his address was [EMAIL 
PROTECTED]
and google suggests some more recent addresses.
 
 Incidentally, if anyone's interested, on my web page I have an article
 on how I used classical techniques to recover files encrypted with CFS

I thought that was interesting and it's living in my magazine pile.


GCHQ issue a puzzle occasionally (looks like twice a year)
http://www.gchq.gov.uk/codebreaking/index.html
and I tackled the December 2004 one
http://www.gchq.gov.uk/codebreaking/challengedec04.html
like this
http://www.notatla.org.uk/CRYPTO/gchq_puzzle/index.html
using a program of Paul Leyland's off the Pini CD.



-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

EMC is buying RSA

[Steven M. Bellovin]

http://www.tmcnet.com/usubmit/-emc-announces-definitive-agreement-acquire-rsa-security-further-/2006/06/29/1700560.htm
says that EMC is buying RSA.

--Steven M. Bellovin, http://www.cs.columbia.edu/~smb

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Voice phishing

[Jason Holt]

http://www.theregister.co.uk/2006/06/26/voice_phishing/

Hi-tech fraudsters have begun using recorded telephone messages in a bid to 
trick users into handing over confidential account information. The tactic has 
been adopted as a variant of recently detected phishing attacks targeting 
customers of the Santa Barbara Bank  Trust.

...

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: Use of TPM chip for RNG?

[Hal Finney]

A few weeks ago I asked for information on using the increasingly
prevalent built-in TPM chips in computers (especially laptops) as a
random number source.  I got some good advice and want to summarize the
information for the benefit of others.

The TPM chip as spec'd by the Trusted Computing Group
(www.trustedcomputinggroup.org) is a complex and controversial device.
Despite (or perhaps because of) all the fuss over it when the technology
was introduced, nothing much has happened with it and they are mostly
used to add a bit of security to encrypted files and such.  TPMs do have
hardware RNGs and I wanted to find out how to access this capability.

On Windows, there are several APIs available which can work.
The native API for the TPM is the Trusted Software Stack (TSS).
https://www.trustedcomputinggroup.org/groups/software/ This provides a
wide range of TPM-specific functions, including ones to access the RNG.
Another alternative is Microsoft's Crypto API (MS-CAPI).  CAPI uses a
plug-in architecture where Crypto Service Providers (CSPs) provide the
required functionality.  TPM-based CSPs allow access to TPM functions
via CAPI.  Third, the PKCS-11 (Cryptoki) API is designed for access
to smart cards, but TPM manufacturers often deliver PKCS-11 compatible
libraries for access to the chips.  Both CAPI and PKCS-11 have random
number functionality which can be used to access the TPM RNG.

The main problem in practice with using this functionality on Windows is
that there is as yet no standard for naming or locating the DLL's which
supply the necessary functions.  I am testing on an IBM Thinkpad with
an Atmel TPM, and it comes with DLL's that provide TSS, CAPI and PKCS-11
interfaces.  But all are supplied with non-standard names and located in
non-standard places.  Software to use these functions has to know where
the DLLs are and what they are called in order to load them explicitly.

The exception is MS-CAPI.  CAPI provides an interface to enumerate all
the CSPs, so if you can figure out which one is the TPM CSP you can then
use that one to generate random numbers.  One of the CAPI functions lets
you query to see if the CSP has hardware RNG support.  On my system,
this returns TRUE for the TPM CSP.  However, a colleague has a Dell
system with a different TPM and different software, and that TPM's CSP
does not set this bit.  So I don't have a foolproof method of figuring
out which CSP to use in order to access the TPM.  It might be possible
to hard-code the names of all known TPM CSPs but that would not be very
flexible going forward.

At this point MS-CAPI still looks like the best choice for
machine-independent access to the TPM RNG on Windows.  The ability to
reliably enumerate all the CSPs is much easier than hunting through the
disk to try to find a DLL to implement the TSS or PKCS-11 APIs.  OTOH if
you are building the software for a particular system and can build in
the location of the necessary DLL, one of the other APIs could work too.

On Linux systems, as I mentioned earlier, the standard appears
to be an open-source TSS implementation called Trousers, at
http://trousers.sourceforge.net .  This requires the Linux kernel to
have a TPM device driver built-in or as a loadable module.  This has
been available in the kernel since 2.6.12, but many distributions do
not enable it, even as a module, so some work is needed to make a kernel
with TPM support.  Then the Trousers software builds a daemon process,
tcsd, which opens /dev/tpm exclusively, and a library, libtspi, for
remote access to tcsd and the TPM.

If you want a cross-platform solution, TSS is probably the best approach
going forward.  As noted, at present the software support is a little
immature and some local configuration will be necessary - locating the
TSS DLL on Windows, and installing the TPM kernel support and Trousers
software on Linux.  Once this is done, the TSS API should provide for
cross-platform capability.  And of course it has additional functionality
if you want to use the TPM for more than just random number generation.

Intel Macs have TPM chips as well but I don't know of any software yet
that can access them.  Eventually I would expect a TSS solution to be
available on that platform as well.

Thanks again to the people who provided me information about these
various solutions!

Hal Finney

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: EMC is buying RSA

[Aram Perez]

On Jun 29, 2006, at 2:26 PM, Steven M. Bellovin wrote:

http://www.tmcnet.com/usubmit/-emc-announces-definitive-agreement- 
acquire-rsa-security-further-/2006/06/29/1700560.htm

says that EMC is buying RSA.

--Steven M. Bellovin, http://www.cs.columbia.edu/~smb


Here's another version of the story: http:// 
news.moneycentral.msn.com/ticker/article.asp?Feed=BWDate=20060629ID

=5836046Symbol=US:RSAS

Regards,
Aram Perez



-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]