Re: I'll show you mine if you show me, er, mine

| >Briefly, it works like this: point A transmits an encrypted message to point | >B. Point B can decrypt this, if it knows the password. The decrypted text is | >then sent back to point A, which can verify the decryption, and confirm that | >point B really does know point A's password. Point A the

Re: FW: ATM machine security

On Thu, Feb 24, 2005 at 02:24:38AM +1100, Chris Trott wrote: > > > My Apologies to the original poster here, but does this seem like a little > human engineering to anyone else? No problem. As it happens the project I'm working on isn't for ATMs but for a system that shares some similarities:

Re: I'll show you mine if you show me, er, mine

Reading the description from http://www.stealth-attacks.info/, it seems that Peter might be right. I think this is just a re-hash of already well established ideas. In the case of a sending the password back to B, its a very similar scenario to scene III where Athena suggests to Euripides that th

Re: I'll show you mine if you show me, er, mine

On Thu, 24 Feb 2005, Peter Gutmann wrote: > (Either this is a really bad idea or the details have been mangled by the > Register). No, it's just a really bad idea. A small group of us looked at this a few weeks ago when it was announced, and while none of us are professional cryptographers, we

Re: FUD about CGD and GBDE

In message <[EMAIL PROTECTED]>, Thor Lancelot Simon writes: >On Thu, Mar 03, 2005 at 05:31:34PM +0100, Poul-Henning Kamp wrote: >> In message <[EMAIL PROTECTED]>, "ALeine" writes: >> >> >Not necessarily, if one were to implement the ideas I proposed >> >I believe the performance could be kept at t

FYI: paper about Metcalfe's Law

--- begin forwarded text Date: Wed, 2 Mar 2005 23:20:58 -0600 (CST) From: Andrew Odlyzko <[EMAIL PROTECTED]> To: Andrew Odlyzko <[EMAIL PROTECTED]> Subject: FYI: paper about Metcalfe's Law Dear Colleagues, Sorry for the spam, but I thought you might be interested in the paper described below.

Re: MD5 collision in X509 certificates

Ben Laurie wrote: > Dan Kaminsky wrote: > >> The x.509 cert collision is a necessary consequence of the earlier >> discussed prime/not-prime collision. Take the previous concept, make >> both prime, and surround with the frame of an x.509 cert, and you get >> the new paper. > > > Actually, no

Re: MD5 collision in X509 certificates

Dan Kaminsky wrote: The x.509 cert collision is a necessary consequence of the earlier discussed prime/not-prime collision. Take the previous concept, make both prime, and surround with the frame of an x.509 cert, and you get the new paper. Actually, not - an RSA public key is not prime. Gener

Re: MD5 collision in X509 certificates

Ben, Semantic gap, and I do apologize if I didn't make this clear. Wang adapts to any initial state, so you can create arbitrary content to prepend your collision set with, adapt to its output, and then append whatever you like. The temporal ordering is indeed important though; you can't cre

MD5 collision in X509 certificates

Cute. I expect we'll see more of this kind of thing. http://eprint.iacr.org/2005/067 Executive summary: calculate chaining values (called IV in the paper) of first part of the CERT, find a colliding block for those chaining values, generate an RSA key that has the collision as the first part of

Colliding X.509 Certificates

Hi all, We announce the construction of two different valid X.509 certificates that have identical signatures. This is based on MD5 collisions. One could e.g. construct the to-be-signed parts of the certificates, and get the one certificate signed by a CA. Then a valid signature for the other ce

SpookAir, redux: No Secrets -- Eyes on the CIA

-- On 27 Feb 2005 at 18:53, R.A. Hettinga wrote: > March 7 issue - Aviation obsessives with cameras and Internet > connections have become a threat to cover stories established > by the CIA to mask its undercover operations and personnel > overseas. U.S. intel sources complain that "plane >

Grounded: Millionaire John Gilmore stays close to home while making a point about privacy

Pittsburgh Post-Gazette Grounded: Millionaire John Gilmore stays close to home while making a point about privacy He's unable to travel because he refuses to present a government-approved ID Sunday, February 27, 2005 By Dennis Roddy, Pittsbu

Italian GSM provider warns: too many wiretaps

Now, boys and girls, try not to laugh *too* hard, and be sure you swallow your Wheaties before you read this... Cheers, RAH --- | EDRI EDRI-gram » EDRI-gram - Number 3.4, 24 February 2005 Italian GSM provider warns: too many wiretaps 24 Feb

Senators Boxer, Clinton Unveil "Count Every Vote Act of 2005"

Daily Kos :: Political Analysis and other daily rants on the state of the nation. Senators Boxer, Clinton Unveil "Count Every Vote Act of 2005" by Hunter Sat Feb 26th, 2005 at 17:40:31 PST The email alerts on this were sent out last week. In

SpookAir, redux: No Secrets -- Eyes on the CIA

MSNBC.com No Secrets: Eyes on the CIA Newsweek March 7 issue - Aviation obsessives with cameras and Internet connections have become a threat to cover stories established by the CIA to mask its undercover operations

When paying with plastic, why swipe? Just wave

ZDNet News By Alorie Gilbert URL: http://news.zdnet.com/2100-9588_22-5589512.html Tired of having to swipe and sign every time you use a credit card? Visa is hoping to simplify the process of paying with plastic with a new payme

China walks out of wireless LAN security talks

China walks out of wireless LAN security talks Patrick Mannion Feb 24, 2005 (12:26 PM) MANHASSET, N.Y. - China walked out of a wireless standards meeting this week, accusing the Inter

Chatter Punks

--- begin forwarded text Date: Thu, 24 Feb 2005 12:25:10 -0800 To: [EMAIL PROTECTED] From: John Young <[EMAIL PROTECTED]> Subject: Chatter Punks Sender: [EMAIL PROTECTED] Maybe it's been mentioned here but the book, "Chatter: Dispatches from the Secret World of Global Eavesdropping," by Patrick

No Encryption for E-Passports

Wired News No Encryption for E-Passports By Ryan Singel? Story location: http://www.wired.com/news/privacy/0,1848,66686,00.html 02:00 AM Feb. 24, 2005 PT Despite widespread criticism from security experts that a proposed high-tech upgrad

Feds square off with organized cyber crime

The Register Biting the hand that feeds IT The Register » Security » Network Security » Feds square off with organized cyber crime By Kevin Poulsen, SecurityFocus (klp at securityfocus.com) Published W

FW: [IP] One cryptographer's perspective on the SHA-1 result

Full disclosure: Burt Kaliski and I share an employer. Peter Trei -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of David Farber Sent: Wednesday, February 23, 2005 7:48 PM To: Ip Subject: [IP] One cryptographer's perspective on the SHA-1 result From: "Kalis

Re: [IP] One cryptographer's perspective on the SHA-1 result

Burt Kaliski posted the following to Dave Farber's IP list. I was about to post something similar myself. >Beyond that, it is now clear that the industry needs an open evaluation >process -- like the Advanced Encryption Standard competition -- to establish >a new hash function standard for the l

Re: SHA-1 results available

* Jack Lloyd: > http://theory.csail.mit.edu/~yiqun/shanote.pdf Thanks for the pointer. > No real details, just collisions for 80 round SHA-0 (which I just confirmed) > and 58 round SHA-1 (which I haven't bothered with), plus the now famous work > factor estimate of 2^69 for full SHA-1. > > As us

Re: I'll show you mine if you show me, er, mine

--- begin forwarded text To: [EMAIL PROTECTED] Subject: Re: I'll show you mine if you show me, er, mine Date: Wed, 23 Feb 2005 12:14:04 -0800 (PST) From: [EMAIL PROTECTED] ("Hal Finney") Sender: [EMAIL PROTECTED] Markus Jakobsson is a really smart guy who's done some cool stuff, so I think this

Re: I'll show you mine if you show me, er, mine

-- On 24 Feb 2005 at 2:29, Peter Gutmann wrote: > Isn't this a Crypto 101 mutual authentication mechanism (or > at least a somewhat broken reinvention of such)? If the > exchange to prove knowledge of the PW has already been > performed, why does A need to send the PW to B in the last > step?

FW: ATM machine security

> Hi, > I'm working on a project that requires a benchmark against which to judge > various suppliers. The closest that has similar requirements is the ATM > industry. To this end I'm looking for any papers, specifications or > published attacks against ATM machines and their infrastructure. I'm

Re: I'll show you mine if you show me, er, mine

"R.A. Hettinga" <[EMAIL PROTECTED]> forwarded: >Briefly, it works like this: point A transmits an encrypted message to point >B. Point B can decrypt this, if it knows the password. The decrypted text is >then sent back to point A, which can verify the decryption, and confirm that >point B really d

I'll show you mine if you show me, er, mine

The Register Biting the hand that feeds IT The Register » Security » Identity » Original URL: http://www.theregister.co.uk/2005/02/21/crypto_wireless/ I'll show you mine if you show me, er, mine By Lucy Sherriff (lucy.sher

Re: Many Wireless Security Breaches Reported At (RSA) Security Conference

> (As I've said many times, security breaches reported at > conferences full of security people don't count as a > predictor of what's out in the real world as a threat. > But, it makes for interesting reading and establishes > some metric on the ease of the attack. iang) I also recommend the bri

Re: SHA-1 cracked

-- On 17 Feb 2005 at 13:04, Jim McCoy wrote: > While I think that the recent results do not bode well for > the future of the SHA line of hashes, The sky is not falling. The attack gets the attacker eleven bits - at the cost of being an extremely narrow attack with few practical uses. So a

Re: [p2p-hackers] SHA1 broken?

> --- begin forwarded text > > > To: [EMAIL PROTECTED] > Subject: Re: [p2p-hackers] SHA1 broken? > Date: Thu, 17 Feb 2005 14:25:36 -0800 (PST) > From: [EMAIL PROTECTED] ("Hal Finney") [...] > Now, it would be a big leap from this to being able to take two arbitrary > different initial values an

Adi Shamir "timing attack" quote

In the "Gates not his cocky self at RSA conference" Roger Smith article, the author says: [Adi Shamir] cautioned that many of the current generation of Intel processors that use multi-threading and multi-core technology seem to be vulnerable to timing attacks that can use unprivileged

Re: Code name "Killer Rabbit": New Sub Can Tap Undersea Cables

On Feb 18, 2005, at 19:47, R.A. Hettinga wrote: "It does continue to be something of a puzzle as to how they get this stuff back to home base," said John Pike, a military expert at GlobalSecurity.org. I should think that in many cases, they can simply lease a fiber in the same cable. What could

Re: Digital Water Marks Thieves

On Feb 22, 2005, at 10:57, Dan Kaminsky wrote: The point is that the thief should think anything expensive is protected, by which I mean it's too traceable to fence. That would be the thinking of a thief who read the article and took it at face value. A more clever thief would realize that the ma

RE: SHA-1 results available

> http://theory.csail.mit.edu/~yiqun/shanote.pdf > > No real details, just collisions for 80 round SHA-0 (which I > just confirmed) > and 58 round SHA-1 (which I haven't bothered with), plus the > now famous work > factor estimate of 2^69 for full SHA-1. > > As usual, "Technical details will b

Re: Digital Water Marks Thieves

> > My complaint is against the parroting of patently absurd claims by > manufacturers (or governments, for that matter) under the guide of > journalism. > > If you need the reason to be concrete, here's one: I might buy this > magic water and apply it to some of my stuff, figuring I don't have to

Re: ATM machine security

Lee Parkes wrote: Hi, I'm working on a project that requires a benchmark against which to judge various suppliers. The closest that has similar requirements is the ATM industry. To this end I'm looking for any papers, specifications or published attacks against ATM machines and their infrastructu

Re: SHA-1 cracked

> > No, that's not what it says. It says that "Note that padding rules > were not applied to the message." This is exactly the same as the > previous breaks; it just means that the collision appears in the > chaining output... if you just append anything at all to the end of > the texts, and pad i

Re: [IP] SHA-1 cracked?

In message <[EMAIL PROTECTED]>, "J.A. Terranson" writes: > >On Wed, 16 Feb 2005, Ben Laurie wrote: > >> A work factor of 2^69 is still a serious amount of work. > >Yep. > >Does anyone recall DeepCrack's specs? See http://www.eff.org/Privacy/Crypto/Crypto_misc/DESCracker/ which includes links to sc