Re: Kiwi expert cracks chip passport
David G. Koontz [EMAIL PROTECTED] writes: http://www.stuff.co.nz/4659100a28.html?source=RSStech_20080817 Peter Gutmann has gotten himself in the news along with Adam Laurie and Jeroen van Beek for altering the passport microchip in a passport. The original story was actually the coverage in the UK Times last week, http://www.timesonline.co.uk/tol/news/uk/crime/article4467098.ece. It was a three-person effort, Adam Laurie did the RFID part (via RFIDIOt), Jeroen van Beek did the passport software implementation and tying the whole thing together, all I did was the signing. We never touched the passport chip, what we showed was that it's possible to create your own fictitious e-passport that's accepted as valid by the reference Golden Reader Tool. In other words we showed that what security researchers had been warning about ever since e- passports were first proposed was actually possible, following the l0pht's motto Making the theoretical practical. Jeroen presented the work at Black Hat'08, http://www.blackhat.com/html/bh-usa-08/bh-usa-08-speakers.html#vanBeek. http://www.stuff.co.nz/images/748842.jpg Ugh, no, make it go away. (Alert readers may notice the anomaly with the carefully-placed monitor right behind my head, which is displaying something slightly different from the surrounding sea of Vista desktops :-). It's actually a file photo from a news story from the start of last year about Vista). Peter. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Kiwi expert cracks chip passport
Peter, The original story was actually the coverage in the UK Times last week, Which card reader(s) did you use? Cheers, Stefan. Symposium Wirtschaftsspionage 03.09.2008 KA/Ettlingen http://www.symposium-wirtschaftsspionage.de/ - Stefan Kelm Security Consulting Secorvo Security Consulting GmbH Ettlinger Strasse 12-14, D-76137 Karlsruhe Tel. +49 721 255171-304, Fax +49 721 255171-100 [EMAIL PROTECTED], http://www.secorvo.de/ PGP: 87AE E858 CCBC C3A2 E633 D139 B0D9 212B Mannheim HRB 108319, Geschaeftsfuehrer: Dirk Fox - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Voting machine security
On Fri, Aug 15, 2008 at 11:57 AM, John Ioannidis [EMAIL PROTECTED] wrote: This just about sums it up: http://xkcd.com/463/ Only slightly better then suggested by the comic. McAfee anti-virus software was on the servers, not the DRE voting machines themselves. From http://www.middletownjournal.com/n/content/oh/story/news/local/2008/08/06/ddn080608votingweb.html Premier spokesman Chris Riggall had not seen the counterclaim [breach-of-contract lawsuit counterclaim filed by the Ohio Secretary of State] and declined comment on it. But he blamed the vote tabulation problems on McAfee anti-virus software on computer servers. -Michael Heyman - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Kiwi expert cracks chip passport
Stefan Kelm [EMAIL PROTECTED] writes: The original story was actually the coverage in the UK Times last week, Which card reader(s) did you use? Adam and I used the Omnikey Cardman 5321 (I'm not sure what Jeroen used, probably the same), which is cheap, well-supported with drivers, and cheap. Oh, and it's cheap too. The card was a standard NXP JCOP 41, one country's passport implementation didn't change the ATR so when you ping the passport it returns the product ID in the response :-). Having said that, going with the JCOP 41 was more a case of OK, we'll use that too then rather than now we know the secret so having the product ID returned in the ATR isn't really a security problem. In practice anything programmable with a 13.56MHz RFID interface should do it, you don't have to specifically use a JCOP 41 card. As with the reader, the card just happened to be available and cheap. Given that people have built their own prox card emulators it wouldn't surprise me if someone did the same for a 13.56MHz card (e.g. using the freely-available OpenPICC design) so you can return foo'; DROP TABLE passports; -- as your passport MRZ when the card is read :-). One thing that wasn't mentioned in the news coverage is that, as with any SCADA-type software, there are bound to be all manner of bugs and holes in the various reader implementations just waiting to be exploited. For example when I was initially playing with creating signatures I just memcpy()d some fixed data together to create something to sign and was surprised when the Golden Reader software accepted invalid signed data that should have been rejected as valid. I also managed to crash it at one point, quickly fixed the problem, and then spent the next day kicking myself for not recording what data I'd fed in to cause this (all your readers are belong to buffer overflows). I'm sure there's going to be many more Black Hat/Defcon talks on this in the future. Has there ever been any third-party analysis of passport reader software as there has for voting-machine software? By analysis I don't mean the usual Common Criteria rubber-stamping, I mean actual independent scrutiny of the code. Peter. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Fw: NIST Documents Available for Review
Begin forwarded message: Date: Mon, 18 Aug 2008 10:56:16 -0400 From: Sara Caswell [EMAIL PROTECTED] To: undisclosed-recipients:; Subject: NIST Documents Available for Review NIST revised the first drafts of Special Publication(SP) 800-106, Randomized Hashing for Digital Signatures, and SP 800-107, Recommendation for Applications Using Approved Hash Algorithms after receiving great comments from many public and private individuals and organizations. The second drafts of these two SPs have been posted at http://csrc.nist.gov/publications/PubsDrafts.html. The deadlines for public comments and the point-of-contact are listed with the documents. NIST also would like to announce that FIPS 198-1 has already been approved and it is posted at http://csrc.nist.gov/publications/fips/fips198-1/FIPS-198-1_final.pdf. --Steve Bellovin, http://www.cs.columbia.edu/~smb - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Voting machine security
At 9:24 AM -0700 8/18/08, Eric Rescorla wrote: (and because of the complexity of US elections, hand counting is quite expensive) This is quite disputable. Further, hand vs. machine counting is core to the way we think about the security of the voting system. On a complex ballot, there are maybe 20 races or propositions, some of which may allow multiple votes per race. The pre-electronic method for hand-counting these was to start with race #1, have one person reading each vote out load from a large stack of ballots, and another person tabulating. In most districts, this is done twice with different people doing the counting and, often, those people coming from the opposite party in our wonderful two-party system. The numbers I saw in the late 1970's said that each vote took 2.5 seconds per ballot per race when done slowly; so that's 5 seconds when run twice. Per complex ballot, that's about 100 seconds, or roughly 2 minutes, or roughly 1/30 of an hour. At current labor rates of $12/hour for this type of work (that's high, but we want qualified people to count), that means it costs about US$0.40 per ballot for a complex ballot. Essentially no one would argue that is is quite expensive. I suspect that nearly everyone in the country would be happy to pay an additional $1/election for more reliable results. --Paul Hoffman, Director --VPN Consortium - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Voting machine security
Paul Hoffman writes: -+-- | At 9:24 AM -0700 8/18/08, Eric Rescorla wrote: | (and because of the complexity of US elections, | hand counting is quite expensive) | | This is quite disputable. Further, hand vs. machine counting is core | to the way we think about the security of the voting system. | The keynote talk for the USENIX Security Symposium was Dr. Strangevote or: How I Learned to Stop Worrying and Love the Paper Ballot Debra Bowen, California Secretary of State and her talk had one slide only. I do not have the slide, but I can reproduce it. It was a photo of the tail end of her car and on it a bumper sticker. That bumper sticker read PREVENT UNWANTED PRESIDENCIES MAKE VOTE COUNTING A HAND JOB In no other state could a Constitutional Officer get away with such a bumper sticker, but... --dan - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Extended certificate error
Hi Gang, More from the land of CAs. I just got a warning that a certificate had expired and yet the data in it says: [From: Tue Aug 05 17:00:00 PDT 2003, To: Mon Aug 05 16:59:59 PDT 2013] The error message says: The digital signature was generated with a trusted certificate but has expired. I'm running Firefox 3.01, and Java 6 Update 7. The error appears to be with Java as that is the window that pops up. Best, Allen - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
