Hi list
Has anybody already gained experience concerning the technical
implementation of SRP (http://srp.stanford.edu)? There is one point I
couldn't find in any documentation: Should the modulus and the generator
(N and g) be unique for each client or can they be chosen
application-wide? What
Hovav Shacham wrote:
On Aug 24, 2008, at 5:20 AM, Peter Gutmann wrote:
Speaking of CPU-specific optimisations, I've seen a few algorithm
proposals
from the last few years that assume that an algorithm can be scaled
linearly
in the number of CPU cores, treating a multicore CPU as some kind
Drivers using the automated FasTrak toll system on roads and
bridges in California's Bay Area could be vulnerable to fraud,
according to a computer security firm in Oakland, CA.
Despite previous reassurances about the security of the system,
Nate Lawson of Root Labs claims that
Brian Gladman wrote:
But a fully byte oriented implementation runs at about 140 cycles/byte
and here the S-Box substitution step is a significant bottleneck.
...
It is also possible that the PPERM instruction could be used to speed up
the Galois field calculations to produce the S-Box
Michael Tschannen wrote:
Has anybody already gained experience concerning the technical
implementation of SRP (http://srp.stanford.edu)? There is one point I
couldn't find in any documentation: Should the modulus and the generator
(N and g) be unique for each client or can they be chosen
On Tue, Aug 26, 2008 at 9:24 AM, Perry E. Metzger [EMAIL PROTECTED] wrote:
http://www.technologyreview.com/Infotech/21301/?a=f
From the article: other toll systems, like E-Z Pass and I-Pass, need
to be looked at too
A couple years ago I got a letter from E-Z Pass a few days after I
used my
On Tue, Aug 26, 2008 at 9:24 AM, Perry E. Metzger [EMAIL PROTECTED] wrote:
Despite previous reassurances about the security of the system,
Nate Lawson of Root Labs claims that the unique identity numbers
used to identify the FasTrak wireless transponders carried in cars
can be copied
Hat tip: John Young's Cryptome...
http://www.nsa.gov/public/tech_journals.cfm
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL
On Aug 26, 2008, at 10:15, [EMAIL PROTECTED] wrote:
On Tue, Aug 26, 2008 at 9:24 AM, Perry E. Metzger
[EMAIL PROTECTED] wrote:
http://www.technologyreview.com/Infotech/21301/?a=f
From the article: other toll systems, like E-Z Pass and I-Pass, need
to be looked at too
A couple years ago I
On Tue, 2008-08-26 at 10:52 -0400, Matt Blaze wrote:
On Aug 26, 2008, at 10:15, [EMAIL PROTECTED] wrote:
So, I believe, at least for E-Z Pass, the attack would have to include
cloning the license plate and pictures may still be available whenever
a victim realizes they have been charged for
On Tue, Aug 26, 2008 at 11:56 AM, Dustin D. Trammell
[EMAIL PROTECTED] wrote:
This is the same for the state-wide Texas tag, TxTag[1]. If your tag
doesn't register, or you disable or remove it, the toll system can still
accurately bill you based on your license plate and vehicle
registration.
So, I believe, at least for E-Z Pass, the attack would have to include
cloning the license plate and pictures may still be available whenever
a victim realizes they have been charged for trips they did not take.
The 407 toll road in Toronto uses entirely automated toll collection.
They
On Tue, 2008-08-26 at 13:22 -0400, Ken Buchanan wrote:
On Tue, Aug 26, 2008 at 11:56 AM, Dustin D. Trammell
[EMAIL PROTECTED] wrote:
This is the same for the state-wide Texas tag, TxTag[1]. If your tag
doesn't register, or you disable or remove it, the toll system can still
accurately
[EMAIL PROTECTED] (Ken Buchanan) on Tuesday, August 26, 2008 wrote:
I think this is a bit different than what Michael Heyman said. TxTag,
IIRC, was implemented by the same company (Raytheon) that implemented
the 407 ETR toll system in Toronto. In the case of the 407, there is
no image
I'm a bit surprised no one has mentioned the Red Hat server being
hacked and the certificated being compromised on Fedora.
http://www.eweek.com/c/a/Security/Red-Hat-Digital-Keys-Violated-By-Intruder/
Best,
Allen
-
The
15 matches
Mail list logo