Re: Zfone and ZRTP :: encryption for voip protocols

2006-03-17 Thread Damien Miller
On Wed, 15 Mar 2006, Ed Gerck wrote:

 cybergio wrote:
  
  Zfone :: http://www.philzimmermann.com/EN/zfone/index.html
 
 ...it achieves security without reliance on a PKI, key certification,
 trust models, certificate authorities, or key management...
 
 Good. But, uf course, there's a trust model and you need to rely on it.

Points to them for making it explicit.

 ...allows the detection of man-in-the-middle (MiTM) attacks by
 displaying a short authentication string for the users to read and
 compare over the phone.
 
 Depends on the trust model. May not work.

This is incomplete. The paragraph goes on to say:

 we still get fairly decent authentication against a MiTM attack, based
 on a form of key continuity. It does this by caching some key material
 to use in the next call, to be mixed in with the next call's DH shared
 secret, giving it key continuity properties analogous to SSH.

The SSH trust model has certainly proved itself as useful, and is
probably perfectly appropriate for semi-adhoc telephony where voice
nuance offers an additional means of detecting phonies (pun!).

The screenshot on that page seems to indicate only three [a-z0-9]
characters form the key fingerprint. My first impression was that
this was insufficient, but it is probably a good tradeoff. It is
short enough that people will actually use it, and an attacker might
only get a couple of tries of getting it wrong (in a 2^15 bit space)
before a human would be very suspicious.

-d


-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


World of Warcraft massive surveillance...

2006-03-17 Thread Perry E. Metzger

  We live in a world where the technology exists that the government or
   other technically sophisticated group is able to monitor and analyze a
   substantial fraction of the communications of the world's population,
   or can track their movements throughout the day, or keep tabs on their
   financial transactions.

   And that world is called World of Warcraft.

http://terranova.blogs.com/terra_nova/2006/03/confessions_of_.html

[Hat tip to Bruce Schneier's blog.]

Perry

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


MD5 collisions in one minute

2006-03-17 Thread Weger, B.M.M. de
Hi all,

You might be interested in knowing that my MSc student
Marc Stevens has found a considerable speedup of MD5 
collision generation. His improvements of Wang's method
enables one to make MD5 collisions typically in one
minute on a PC; sometimes it takes a few minutes, and 
sometimes only a few seconds.
His paper (shortly to appear on the Cryptology ePrint
Archive) can be found on http://www.win.tue.nl/hashclash/,
where we've also made his software available (source code
and a Win32 executable).

Grtz,
Benne de Weger

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Call for Participation: HOPE#6, July 21-23

2006-03-17 Thread Dominick LaTrappe
Colleagues:

The sixth HOPE (Hackers On Planet Earth) conference is taking place this
summer, on July 21-23 at New York City's Hotel Pennsylvania.  This is a
semi-unofficial invitation to the members of this list, to participate in
this unique event.

The HOPE Number Six conference is inviting proposals for:

- conference-style presentations on all matters of technology,
  especially those with security or social relevance;

- exhibitions of all scale, including demonstrations, artworks, 
  on-site collaborations, etc.; and,

- vendor displays.

Not including the auditorium areas, there is an additional 20,000 square
feet, or 1800 square meters, of space for all types of relevant
activities to take place.

As usual, we expect the conference to attract thousands of attendees
from diverse groups.  As a participant, your audience and collaborators
will include technology professionals, scientists and academics,
underground researchers and engineers, artists, activists, journalists,
spooks, a few celebrities, and many individuals overlapping and/or
defying these categories.

The official Call for Participation and other information can be found 
at: http://www.hopenumbersix.net/cfp.html

Please submit your proposals to speakers(at)2600(dot)com.

Thanks, and hope to see you there!

DCL

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]