Re: Use of TPM chip for RNG?

2006-06-30 Thread Jason Holt

On Thu, 29 Jun 2006, Hal Finney wrote:

A few weeks ago I asked for information on using the increasingly
prevalent built-in TPM chips in computers (especially laptops) as a
random number source.  I got some good advice and want to summarize the
information for the benefit of others.

Thanks for the useful summary!  For the sake of completeness, let me also add 
that RNGs in tamper-proof hardware are potentially rather controversial, since 
there are several known ways to produce output which looks very random to 
anyone who doesn't know some secret, but allows those who do to predict what 
future outputs will be.  I believe one straightforward way to do this would be 
to simply use a symmetric encryption function outputting random data blocks

r_i=Encrypt(key, r_(i-1))

If you don't know the secret key, the output will look at least somewhat 
random, but if you do, you can use any block to predict all subsequent and 
prior ones.  (This topic has been discussed in the literature, and my 
off-the-cuff example may not be particularly strong.)

I believe it's a fair summary to say that hardware RNG is a neat and useful 
feature, but may be unsuitable for the sufficiently paranoid when it comes in 
a tamper-proof package.


The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: Voice phishing

2006-06-30 Thread Stefan Kelm
 Hi-tech fraudsters have begun using recorded telephone messages in a bid
 to trick users into handing over confidential account information. The
 tactic has been adopted as a variant of recently detected phishing
 attacks targeting customers of the Santa Barbara Bank  Trust.

Cloudmark had a similar press release a while ago:



Stefan Kelm
Security Consultant

Secorvo Security Consulting GmbH
Ettlinger Strasse 12-14, D-76137 Karlsruhe

Tel. +49 721 255171-304, Fax +49 721 255171-100
PGP Fingerprint 87AE E858 CCBC C3A2 E633 D139 B0D9 212B

The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]