Re: [Cryptography] Gilmore response to NSA mathematician's "make rules for NSA" appeal

2013-09-18 Thread Peter Gutmann
Walter van Holst writes: >These are not rights that are solely vested in the exceptional Americans. The >Bill of Tights [...] For people unfamiliar with this one, it's the bit that reads: Congress shall make no law respecting the wearing of hosiery, or prohibiting the free exercise thereof;

Re: [Cryptography] PRISM-Proofing and PRISM-Hardening

2013-09-18 Thread Viktor Dukhovni
On Wed, Sep 18, 2013 at 08:47:17PM +, Viktor Dukhovni wrote: > On Wed, Sep 18, 2013 at 08:04:04PM +0100, Ben Laurie wrote: > > > > This is only realistic with DANE TLSA (certificate usage 2 or 3), > > > and thus will start to be realistic for SMTP next year (provided > > > DNSSEC gets off the

Re: [Cryptography] RSA equivalent key length/strength

2013-09-18 Thread Lucky Green
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2013-09-14 08:53, Peter Fairbrother wrote: > I get that 1024 bits is about on the edge, about equivalent to 80 > bits or a little less, and may be crackable either now or sometime > soon. Moti Young and others wrote a book back in the 90's (or per

Re: [Cryptography] PRISM-Proofing and PRISM-Hardening

2013-09-18 Thread John Kemp
On Sep 18, 2013, at 4:05 AM, ianG wrote: > On 17/09/13 23:52 PM, John Kemp wrote: >> On Sep 17, 2013, at 2:43 PM, Phillip Hallam-Baker >>> I am sure there are other ways to increase the work factor. >> >> I think that "increasing the work factor" would often result in >> switching the kind of

Re: [Cryptography] Gilmore response to NSA mathematician's "make rules for NSA" appeal

2013-09-18 Thread Kent Borg
On 09/18/2013 01:31 PM, Walter van Holst wrote: What makes me a tad bitter is that we apparantly live in a world with two classes: US citizens and the subhuman rest of it. NSA-style blanket surveillance violates the fundamental right to privacy and ultimately also the fundamental right to freed

Re: [Cryptography] PRISM-Proofing and PRISM-Hardening

2013-09-18 Thread Viktor Dukhovni
On Wed, Sep 18, 2013 at 08:04:04PM +0100, Ben Laurie wrote: > > This is only realistic with DANE TLSA (certificate usage 2 or 3), > > and thus will start to be realistic for SMTP next year (provided > > DNSSEC gets off the ground) with the release of Postfix 2.11, and > > with luck also a DANE-cap

Re: [Cryptography] PRISM-Proofing and PRISM-Hardening

2013-09-18 Thread Bill Frantz
On 9/18/13 at 6:08 AM, hal...@gmail.com (Phillip Hallam-Baker) wrote: If I am trying to work out if an email was really sent by my bank then I want a CA type security model because less than 0.1% of customers are ever going to understand a PGP type web of trust for that particular purpose. But i

Re: [Cryptography] PRISM-Proofing and PRISM-Hardening

2013-09-18 Thread Ben Laurie
On 18 September 2013 15:30, Viktor Dukhovni wrote: > On Tue, Sep 17, 2013 at 11:48:40PM -0700, Christian Huitema wrote: > > > > Given that many real organizations have hundreds of front end > > > machines sharing RSA private keys, theft of RSA keys may very well be > > > much easier in many cases

Re: [Cryptography] An NSA mathematician shares his from-the-trenches view of the agency's surveillance activities

2013-09-18 Thread Pat Farrell
On 9/18/13 10:44 AM, Phillip Hallam-Baker wrote: The enterprise bridge control center certainly does not seem to be Hayden's style either. Hayden is not the type to build a showboat like that. Moving abit OT: On the PBS Newshour coverage of this story, the showed the website of DBI Architects wh

Re: [Cryptography] Gilmore response to NSA mathematician's "make rules for NSA" appeal

2013-09-18 Thread Walter van Holst
On 18/09/2013 01:50, John Gilmore wrote: > Re Big Data: I have never seen data that could be abused by someone > who didn't have a copy of it. My first line of defense of privacy is > to deny copies of that data to those who would collect it and later > use it against me. This is exactly the pol

Re: [Cryptography] An NSA mathematician shares his from-the-trenches view of the agency's surveillance activities

2013-09-18 Thread Phillip Hallam-Baker
On Tue, Sep 17, 2013 at 8:01 PM, John Gilmore wrote: > Techdirt takes apart his statement here: > > > https://www.techdirt.com/articles/20130917/02391824549/nsa-needs-to-give-its-rank-and-file-new-talking-points-defending-surveillance-old-ones-are-stale.shtml > > NSA Needs To Give Its Rank-and-

Re: [Cryptography] An NSA mathematician shares his from-the-trenches view of the agency's surveillance activities

2013-09-18 Thread Lodewijk andré de la porte
"Everybody has to write a statement. The statement that most convinces the public that we're okay gets published and a big-o-bonus. You guys have 3 days." ___ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo

Re: [Cryptography] PRISM-Proofing and PRISM-Hardening

2013-09-18 Thread ianG
On 17/09/13 23:52 PM, John Kemp wrote: On Sep 17, 2013, at 2:43 PM, Phillip Hallam-Baker I am sure there are other ways to increase the work factor. I think that "increasing the work factor" would often result in switching the kind of "work" performed to that which is easier than breaking se

Re: [Cryptography] PRISM-Proofing and PRISM-Hardening

2013-09-18 Thread Phillip Hallam-Baker
A few clarifications 1) PRISM-Proof is a marketing term I have not spent a great deal of time looking at the exact capabilities of PRISM vs the other programs involved because from a design point they are irrelevant. The objective is to harden/protect the infrastructure from any ubiquitous, indis

Re: [Cryptography] PRISM-Proofing and PRISM-Hardening

2013-09-18 Thread Albert Lunde
Another consideration is that the NSA isn't the only bad actor out there. Improving the robustness of TLS and other security protocols will defend against other attacks. ___ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.c

Re: [Cryptography] PRISM-Proofing and PRISM-Hardening

2013-09-18 Thread Viktor Dukhovni
On Tue, Sep 17, 2013 at 11:48:40PM -0700, Christian Huitema wrote: > > Given that many real organizations have hundreds of front end > > machines sharing RSA private keys, theft of RSA keys may very well be > > much easier in many cases than broader forms of sabotage. > > Or we could make it easy

[Cryptography] Some (limited) info about Apple A7 security for fingerprints, keychains

2013-09-18 Thread Jerry Leichter
A level beyond marketing talk, but nowhere near technical detail. Still a bit more than has been previously described. Links to some perhap http://www.quora.com/Apple-Secure-Enclave/What-is-Apple%E2%80%99s-new-Secure-Enclave-and-why-is-it-important There's a link to an ARM site with a reasonabl

Re: [Cryptography] End to end

2013-09-18 Thread Max Kington
On 18 Sep 2013 07:44, "Christoph Gruber" wrote: > > On 2013-09-17 Max Kington wrote: > > > [snip] > > Hence, store in the clear, keep safe at rest using today's archival mechanism and when that starts to get dated move onto the next one en-masse, for all your media not just emails. > [snip] > > I

Re: [Cryptography] PRISM-Proofing and PRISM-Hardening

2013-09-18 Thread Perry E. Metzger
On Tue, 17 Sep 2013 23:48:40 -0700 "Christian Huitema" wrote: > > Given that many real organizations have hundreds of front end > > machines sharing RSA private keys, theft of RSA keys may very > > well be much easier in many cases than broader forms of sabotage. > > Or we could make it easy to h

Re: [Cryptography] End to end

2013-09-18 Thread Christoph Gruber
On 2013-09-17 Max Kington wrote: [snip] > Hence, store in the clear, keep safe at rest using today's archival mechanism > and when that starts to get dated move onto the next one en-masse, for all > your media not just emails. [snip] I would tend to agree for environments with very high regul

Re: [Cryptography] An NSA mathematician shares his from-the-trenches view of the agency's surveillance activities

2013-09-18 Thread ianG
On 18/09/13 00:56 AM, John Gilmore wrote: Forwarded-By: David Farber Forwarded-By: "Annie I. Anton Ph.D." http://www.zdnet.com/nsa-cryptanalyst-we-too-are-americans-720689/ NSA cryptanalyst: We, too, are Americans Speaking as a non-American, you guys have big problems concerning the n

Re: [Cryptography] PRISM-Proofing and PRISM-Hardening

2013-09-18 Thread Christian Huitema
> Given that many real organizations have hundreds of front end > machines sharing RSA private keys, theft of RSA keys may very well be > much easier in many cases than broader forms of sabotage. Or we could make it easy to have one separate RSA key per front end, signed using the main RSA key of