Re: The future of security

2004-05-08 Thread Hadmut Danisch
On Mon, Apr 26, 2004 at 08:21:43PM +0100, Graeme Burnett wrote: Would anyone there have any good predictions on how cryptography is going to unfold in the next few years or so? I have my own ideas, but I would love to see what others see in the crystal ball. My guess is that it is

Brands' private credentials

2004-05-08 Thread Jason Holt
Here's what I remember from about a year ago about the current state of private credentials. That recollection comes with no warranties express or implied. Last I heard, Brands started a company called Credentica, which seems to only have a placeholder page (although it does have an info@

RSA-576 Factored

2004-05-08 Thread R. A. Hettinga
http://mathworld.wolfram.com/news/2003-12-05/rsa/ MathWorld Headline News RSA-576 Factored By Eric W. Weisstein December 5, 2003--On December 3, the day after the announcement of the discovery of the largest known prime by the Great Internet Mersenne Prime Search on December 2 (MathWorld

[Neuclear-general] ANNOUNCE: Released version 0.7 of NeuClear Commons

2004-05-08 Thread R. A. Hettinga
--- begin forwarded text From: Pelle Braendgaard [EMAIL PROTECTED] Organization: VERAX Inc To: [EMAIL PROTECTED], [EMAIL PROTECTED] User-Agent: KMail/1.6.2 Cc: [EMAIL PROTECTED] Subject: [Neuclear-general] ANNOUNCE: Released version 0.7 of NeuClear Commons Sender: [EMAIL PROTECTED]

Re: Can Skype be wiretapped by the authorities?

2004-05-08 Thread Joseph Ashwood
- Original Message - From: Axel H Horns [EMAIL PROTECTED] Subject: Can Skype be wiretapped by the authorities? Is something known about the details of the crypto protocol within Skype? How reliable is the encryption? While Skype is generally rather protective of their protocol, there

Re: How to WASTE and want not

2004-05-08 Thread iang
This page seems to describe the security: http://waste.sourceforge.net/security.html iang - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

message, but also test

2004-05-08 Thread R. A. Hettinga
--- begin forwarded text Date: Thu, 29 Apr 2004 09:07:44 + From: Ryan Lackey [EMAIL PROTECTED] To: [EMAIL PROTECTED] User-Agent: Mutt/1.5.5.1+cvs20040105i Subject: message, but also test Sender: [EMAIL PROTECTED] I have two questions: 1) Does anyone have actual performance measurements of

Re: Is there a Brands certificate reference implementation?

2004-05-08 Thread Anton Stiglic
Stefan Brands started his own company, http://www.credentica.com/ There isn't much on the web site yet, but if you click on the image you get the info email address. The code that was developed for Brands credentials at ZKS was never released. There was also code written during the ESPRIT

Re: The future of security

2004-05-08 Thread geer
Would anyone there have any good predictions on how cryptography is going to unfold in the next few years or so? I have my own ideas, but I would love to see what others see in the crystal ball. prediction: just as in the 1990s the commercial world caught up to the mil world

Security Architect Position at National Archives

2004-05-08 Thread Rich Salz
Forwarded with permission. This may not be appropriate for the list, but it is one of the most interesting and useful crypto/security jobs I've seen in some time... The position is at Archive II in College Park, right next to the University of MD, at the junction of I-95 and the beltway. The

iTunes 4.5: 24 hours after I downloaded it... I've broken it

2004-05-08 Thread R. A. Hettinga
http://craz.net/programs/itunes/ crazney.net - iTunes stuff Welcome to my iTunes stuff website, here you will find various things relating to iTunes hacking that I have written. Last updated:April 29, 2004 iTunes 4.5: iTunes 4.5 uses a new authentication algorithm. However, not even 24

RFC 3766 Determining Strengths For Public Keys Used For Exchanging Symmetric Keys

2004-05-08 Thread Anne Lynn Wheeler
also summary entry at http://www.garlic.com/~lynn/rfcidx12.htm#3766 clicking on .txt=nnn field in the summary retrieves the actual RFC BCP 86 RFC 3766 Title: Determining Strengths For Public Keys Used For Exchanging Symmetric Keys Author(s):

Signs Point to Worm Attack on SSL Vulnerability

2004-05-08 Thread R. A. Hettinga
http://www.eweek.com/print_article/0,1761,a=125527,00.asp EWeek Signs Point to Worm Attack on SSL Vulnerability April 27, 2004 By Dennis Fisher Security experts on Tuesday said they are seeing evidence of what appears to be a worm exploiting the recently announced vulnerability in the

Re: The future of security

2004-05-08 Thread Graeme Burnett
Many thanks to the list members who have contributed ideas to the above - I'll share the results by previewing the paper in the next few weeks if I may. Having been a devotee of the financial crypto community for many years, a thought has just occurred to me about the possible use of Systemics

Fwd: [ISN] Mobile flaws expose executives to bugging

2004-05-08 Thread R. A. Hettinga
*Took* 'em long enough... Cheers, RAH --- begin forwarded text Date: Fri, 30 Apr 2004 02:30:16 -0500 (CDT) From: InfoSec News [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: [ISN] Mobile flaws expose executives to bugging Reply-To: [EMAIL PROTECTED] List-Id: InfoSec News isn.attrition.org

Calif. Official Bans Some Voting Machines

2004-05-08 Thread R. A. Hettinga
http://news.yahoo.com/news?tmpl=storycid=519u=/ap/20040501/ap_on_re_us/electronic_votingprinter=1 Yahoo! Yahoo! News Sat, May 01, 2004 Calif. Official Bans Some Voting Machines Fri Apr 30, 8:56 PM ET Add U.S. National - AP to My Yahoo! By JIM WASSERMAN, Associated Press Writer

Wikipedia project: Crypto

2004-05-08 Thread Ivan Krstic
The good people at Wikipedia have started a cryptography subproject, an attempt to build a comprehensive and detailed guide to cryptography in the Wikipedia. The project page: http://en.wikipedia.org/wiki/Wikipedia:WikiProject_Cryptography features a list of open tasks and things that need cleanup

Top Italian Mafia Boss Dies in U.S. Prison

2004-05-08 Thread R. A. Hettinga
The life, and death, of Mr. Badalamenti is important to cryptography people and cypherpunks for two reasons. First, the so-called Pizza Connection case is one of the very few times, if not the first, where actual wiretap data was good enough to convict someone. The other reason it is important

MatrixSSL Embedded SSL/TLS

2004-05-08 Thread J Harper
For those of you who are interested in the coding aspects of crypto, I'd like to announce that our small footprint SSL/TLS library, MatrixSSL is available for download at http://www.matrixssl.org With a footprint under 50KB, MatrixSSL not only meets device requirements, it also provides a

Tiny new agency ill-equipped for e-voting oversight

2004-05-08 Thread R. A. Hettinga
http://www.siliconvalley.com/mld/siliconvalley/8580743.htm?template=contentModules/printstory.jsp The San Jose Mercury News Posted on Mon, May. 03, 2004 Tiny new agency ill-equipped for e-voting oversight SAN JOSE, Calif. (AP) - As alarm mounts over the integrity of the ATM-like voting

Microsoft: 'Palladium' Is Still Alive and Kicking

2004-05-08 Thread R. A. Hettinga
http://www.microsoft-watch.com/article2/0,1995,1585354,00.asp Wednesday, May 05, 2004 Microsoft: 'Palladium' Is Still Alive and Kicking By Mary Jo Foley Updated: Redmond denies published report that it is axing its Next-Generation Secure Computing Base and insists the technology still will

Book Review: Malicious Cryptography- Exposing Cryptovirology

2004-05-08 Thread R. A. Hettinga
http://netsecurity.about.com/cs/encryptionbooks/gr/aaprmalcrypto.htm About.com Book Review: Malicious Cryptography From Tony Bradley, CISSP, Your Guide to Internet/Network Security. Guide Rating - The Bottom Line Most people are familiar with malware- viruses, worms, Trojans, etc.- and most

Re: The future of security

2004-05-08 Thread Ian Grigg
Graeme Burnett wrote: Hello folks, I am doing a presentation on the future of security, which of course includes a component on cryptography. That will be given at this conference on payments systems and security: http://www.enhyper.com/paysec/ Would anyone there have any good predictions on how

Re: The future of security

2004-05-08 Thread Graeme Burnett
Ian Grigg wrote: Graeme Burnett wrote: Hello folks, I am doing a presentation on the future of security, which of course includes a component on cryptography. That will be given at this conference on payments systems and security: http://www.enhyper.com/paysec/ Would anyone there have any good

Quantum crypto gets a speed boost

2004-05-08 Thread R. A. Hettinga
http://optics.org/articles/news/10/5/2/1 Optics.org Quantum crypto gets a speed boost 6 May 2004 NIST scientists transfer a quantum key made of single photons at a rate of 1Mbps. A team of US scientists from the National Institute of Standards and Technology (NIST) in Colorado and Acadia

E-Voting Commission Gets Earful

2004-05-08 Thread R. A. Hettinga
http://www.wired.com/news/print/0,1294,63349,00.html Wired News E-Voting Commission Gets Earful By Michael Grebb? Story location: http://www.wired.com/news/evote/0,2645,63349,00.html 02:00 AM May. 06, 2004 PT WASHINGTON -- Passions ran high Wednesday at the first public hearing of the

Re: The future of security

2004-05-08 Thread Anne Lynn Wheeler
On Thu, 2004-05-06 at 17:52, Ian Grigg wrote: c. much less emphasis on deductive no-risk systems (PKIs like x.509 with SSL) due to the poor security and market results of the CA model. at the nist pki rd workship (mentioned elsewhere in some other post in this mailing list) there was

acoustic cryptanalysis

2004-05-08 Thread Perry E. Metzger
Adi Shamir Eran Tromer find you can literally listen in on your computer doing RSA computations: http://www.wisdom.weizmann.ac.il/~tromer/acoustic/ -- Perry E. Metzger[EMAIL PROTECTED] - The Cryptography

Re: Security Architect Position at National Archives

2004-05-08 Thread Don Davis
At 12:02 PM -0400 4/29/04, Rich Salz wrote: The role is for a system architec/designer with strong cyber security experience. Somebody who can evaluate the security implication of various design proposal. In other words, I'm not looking just for somebody who can run a firewall or