Re: automatic toll collection, was Japan Puts Its Money on E-Cash
On Thu, Dec 15, 2005 at 04:31:36AM -, John Levine wrote: An article in Wikipedia says that congestion tolls in London (UK) are also collected automatically by taking pictures of license plates. The German TollCollect system (used on the national highway system) reads license plates of every vehicle (currently, only trucks are charged) by OCR. The police is purportely very interested to obtain realtime access to the logs. Don't we all feel much safer, already? -- Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org __ ICBM: 48.07100, 11.36820http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE signature.asc Description: Digital signature
Re: crypto for the average programmer
[EMAIL PROTECTED] wrote: On Mon, 12 Dec 2005, Steve Furlong wrote: | My question is, what is the layperson supposed to do, if they must use | crypto and can't use an off-the-shelf product? | | When would that be the case? | | The only defensible situations I can think of in which a | non-crypto-specialist programmer would need to write crypto routines | would be an uncommon OS or hardware, or a new or rare programming | language which doesn't have libraries available from SourceForge etc. | Or maybe implementing an algorithm that's new enough it doesn't have a | decent free implementation, but I'm not sure such an algorithm should | be used in production code. I can tell you a situation that applied in one system I worked on: You could go with SSL, which gets you into GPL'ed code, not to mention the known Eh? OpenSSL is BSD, not GPL. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: automatic toll collection, was Japan Puts Its Money on E-Cash
On Thu, Dec 15, 2005 at 04:31:36AM -, John Levine wrote: An article in Wikipedia says that congestion tolls in London (UK) are also collected automatically by taking pictures of license plates. Yes, the London congestion charge. There were some horror stories about trouble with the ANPR* technology in the first weeks, but now it's just ticking over in the background and appears to be working. There is almost certainly a feed to MI5 (internal security) of the whole thing. The UK government has various plans for rolling out tracking technology more widely, such as ANPR cameras on motorways for detecting speeding, or GPS devices for national road pricing. It's also planning on building a vast database of everyone's name, address, biometrics, and fingerprints. Pete * automatic number plate recognition -- Peter Clay | Campaign for _ _| .__ | Digital / / | | | Rights! \_ \_| | | http://www.ukcdr.org - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: X.509 / PKI, PGP, and IBE Secure Email Technologies
-- From: Werner Koch [EMAIL PROTECTED] You need to clarify the trust model. The OpenPGP standard does not define any trust model at all. The standard merely defines fatures useful to implement a trust model. Clarifying the trust model sounds suspiciously like designers telling customers to conform to designer procedures. This has not had much success in the past. People using PGP in practice verify keys out of band, not through web of trust. People using https tend to click through. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG 9zzvV5qgyWeB4uTJn5vTjFtKeouMk46hiM0EN7Q+ 4CKg4nhwvcBjl855xVUXY5XMP46ZdvXoOl8Wu0Hyb - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Looking for fast KASUMI implementation
Define fast - KASUMI is based heavily on MISTY1. In fact, during a fast scan of the KASUMI spec, I couldn't see anywhere obvious where it different from MISTY1 at all. As far as I know, I'm the only person who has even tried writing fast code for MISTY1, and the result is quite dog-slow compared to most other common ciphers (to pull some numbers out of the air: around 4.3 MB/sec on an 800 MHz Athlon, compared with 9.4 MB/sec from AES-128 and 15 MB/sec from 16-round RC5). Obviously you can do better on a faster processor (and I'm sure there are some cycles yet to be squeezed out of my MISTY1 code - there are many who can hand-optimize better than I), but I don't think MISTY1 (or KASUMI) will ever be very fast in software. Would a FPGA work instead? That seems like your best bet to me. -Jack On Thu, Dec 15, 2005 at 08:24:23AM -0500, james hughes wrote: Hello list: I have research project that is looking for a fast -software- implementation of the KASUMI block cipher. I have found many papers on doing this in hardware, but nothing in software. While free is better (as is beer), I will consider a purchase. FYI, KASUMI is the cryptographic engine of the 3GPP. http://en.wikipedia.org/wiki/3gpp Thanks. jim - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: How security could benefit from high volume spam
Maybe in near future the advantages of that noise produced by millions of bots will outweigh the disadvantages? Comments are welcome. The noise must be made by us, the people, and directed towards leaders and industry. Technology solutions will not fix the fundamental problems. Joe - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Crypto and UI issues
David Mercer wrote: And my appologies to Ben Laurie and friends, but why after all these years is the UI interaction in ssh almost exactly the same when accepting a key for the first time as overriding using a different one when it changed on the other end, whether from mitm or just a key/IP/hostname change? Thanks for the apology, but ... ssh is not my fault. However, I don't really understand the problem here - if the key changes in OpenSSH you can't connect until you take positive action by deleting the old key from the known_hosts file. This is totally different to accepting a new key. I will agree that something better than just showing you the key would be cool. Like maybe it could be signed by something so you can verify it that way. Oh, wait. That's PKI, and we all know PKI is broken. Horrible, horrible UI, and I'm not sure what's worse, that or trying to USE pgp (gpg, whatever) from a command line, or getting it integrated into a gui mail client. Two words: Thunderbird, enigmail. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Crypto and UI issues
On 12/15/05, Ben Laurie [EMAIL PROTECTED] wrote: David Mercer wrote: Thanks for the apology, but ... ssh is not my fault. Sorry, crosswired openssl and openssh in my brain! I will agree that something better than just showing you the key would be cool. Like maybe it could be signed by something so you can verify it that way. Oh, wait. That's PKI, and we all know PKI is broken. Yeah, 'broken' is about the strongest language we'd want to use on a public list, huh? Horrible, horrible UI, and I'm not sure what's worse, that or trying to USE pgp (gpg, whatever) from a command line, or getting it integrated into a gui mail client. Two words: Thunderbird, enigmail. Sorry, I've become totally addicted to gmail and just can't imagine being tied down to a single desktop machine. Not that gmail is the end all be all of webmail or anything, and I'm not completely sure how far I trust them, but they are top dog right now for email in my book. -David Mercer Tucson, AZ - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: crypto for the average programmer
[EMAIL PROTECTED] wrote: | | My question is, what is the layperson supposed to do, if they must use | | crypto and can't use an off-the-shelf product? | | | | When would that be the case? | | | | The only defensible situations I can think of in which a | | non-crypto-specialist programmer would need to write crypto routines | | would be an uncommon OS or hardware, or a new or rare programming | | language which doesn't have libraries available from SourceForge etc. | | Or maybe implementing an algorithm that's new enough it doesn't have a | | decent free implementation, but I'm not sure such an algorithm should | | be used in production code. | I can tell you a situation that applied in one system I worked on: You | could | go with SSL, which gets you into GPL'ed code, not to mention the known | | Eh? OpenSSL is BSD, not GPL. When I last looked at this, OpenSSL was BSD, but it required some libraries (GMP?) that were GPL. No, OpenSSL is self-contained. There is, IIRC, an engine that uses GMP if you want, but its entirely optional; OpenSSL has its own bignum implementation that's just as good. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: X.509 / PKI, PGP, and IBE Secure Email Technologies
James A. Donald wrote: -- From: Werner Koch [EMAIL PROTECTED] You need to clarify the trust model. The OpenPGP standard does not define any trust model at all. The standard merely defines fatures useful to implement a trust model. Clarifying the trust model sounds suspiciously like designers telling customers to conform to designer procedures. This has not had much success in the past. People using PGP in practice verify keys out of band, not through web of trust. James, Yes. Your observation on out-of-band PGP key verification is very important and actually exemplifies what Werner wrote. Exactly because there's no trust model defined a priori, uses can choose the model they want including one-on-one trust. This is important because it eliminates the need for a common root of trust -- with a significant usability improvement. If the web of trust is used, the sender and recipient must a priori trust each other's key signers, requiring a common root of trust -- that may not even exist to begin with. So, instead of worrying about what trust model PGP uses, the answer is that you can use any trust model you want -- including a hierarchical trust model as used with X.509. Jon Callas and I had several conversations on trust in May '97, when Jon visited me for two weeks while I was in Brazil at the time, I think before the OpenPGP WG was even working on these issues. This is one of the comments Jon wrote in a listserv then, with a great insight that might be useful today: As I understand it, then, I've been thinking about some of the wrong issues. For example, I have been wondering about how exactly the trust model works, and what trust model can possibly do all the things Dr Gerck is claiming. I think my confusion comes from my asking the wrong question. The real answer seems to be, 'what trust model would you like?' There is a built in notion (the 'archetypical model' in the abstract class) of the meta- rules that a trust model has to follow, but I might buy a trust model from someone and add that, design my own, or even augment one I bought. Thus, I can ask for a fingerprint and check it against the FBI, Scotland Yard, and Surite databases, check their PGP key to make sure that it was signed my Mother Theresa, ask for a letter of recommendation from either the Pope or the Dalai Lama (except during Ramadan, when only approval by the Taliban will do), and then reject them out of hand if I haven't had my second cup of coffee. Cheers, Ed Gerck - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Crypto and UI issues
-- From: Ben Laurie [EMAIL PROTECTED] if the key changes in OpenSSH you can't connect until you take positive action by deleting the old key from the known_hosts file. This is totally different to accepting a new key. I will agree that something better than just showing you the key would be cool. Like maybe it could be signed by something so you can verify it that way. Oh, wait. That's PKI, and we all know PKI is broken. But in what it is it broken? Let us imagine that SSH had certified keys. Well, certifying a key is bound to be complicated, and things are bound to go wrong, and the name that you bind it to is bound to be somewhat shifty. You might bind the key to ben.com, but then your host is ssh.ben.com. So pretty soon users are frequently seeing error dialogs - and so, pretty soon, are always clicking through them. What is a true name is a deep and difficult question, and one that people have little patience for when trying to log in. We are overloaded with names, with the result that true names are of limited value in ascertaining true relationships. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG Ot8xxQDU9pyVndHTn5kzTOr2CRK60LeWklc4NDLR 4M3vcDbhvr3PhPb10v1p7VO47zgc7ubuUbnhrhoXa - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
