Re: IGE mode is broken (Re: IGE mode in OpenSSL)

2006-09-11 Thread James A. Donald
Typo: James A. Donald wrote: Let P(k) be the kth block of plain text. We prepend a random block, P(0) to the text, and append a fixed block to the end. If anything is altered, the fixed block at the end will not contain the expected data, but will be gibberish. The adversary knows every

Re: Raw RSA

2006-09-11 Thread Alexander Klimov
On Sun, 10 Sep 2006, James A. Donald wrote: Could you describe this attack in more detail. I do not see a scenario where it would be useful. Suppose that an attacker runs an activex control on the user's computer and the control is able to ask a smart card connected to the computer to perform

Re: Exponent 3 damage spreads...

2006-09-11 Thread Peter Gutmann
Ben Laurie [EMAIL PROTECTED] quotes: Since I've been told often that most of the world won't upgrade resolvers, presumably most of the world will be vulnerable to this problem for a long time. What you really meant to say was most of the vanishingly small proportion of the world that bothers

Re: Exponent 3 damage spreads...

2006-09-11 Thread Ben Laurie
James A. Donald wrote: -- James A. Donald wrote: What is the penetration of Secure DNS? Ben Laurie wrote: Anyone who is running any vaguely recent version of BIND is DNSSEC enabled, whether they are using it now or not. I am not well informed about DNSSEC, but I am under the

Re: Exponent 3 damage spreads...

2006-09-11 Thread Jostein Tveit
Ben Laurie [EMAIL PROTECTED] writes: ...thought this might interest people here. Anyone got a test key with a real and a forged signature to test other implementations than OpenSSL? Thanks in advance. Regards, -- Jostein Tveit [EMAIL PROTECTED]

Re: secure key storage APIs

2006-09-11 Thread Ivan Krstić
Perry, please merge with my previous message; I hit 'send' by mistake. Also, the following are of general interest: Henson S., `Netscape certificate database info`: http://www.drh-consultancy.demon.co.uk/cert7.html Henson S., `Netscape key database format`:

Re: secure key storage APIs

2006-09-11 Thread Ivan Krstić
Travis H. wrote: Does anyone know of any OSS OS facilities for managing keys? Take a look at the GNOME Keyring: http://en.wikipedia.org/wiki/GNOME_Keyring http://cvs.gnome.org/viewcvs/gnome-keyring/ In addition, various frontends exists to GnuPG, e.g. KGPG. It's not yet clear, but I might

Re: Exponent 3 damage spreads...

2006-09-11 Thread Thierry Moreau
Jostein Tveit wrote: Ben Laurie [EMAIL PROTECTED] writes: ...thought this might interest people here. Anyone got a test key with a real and a forged signature to test other implementations than OpenSSL? If I understand the attack mathematics correctly, the following algorithm should