Re: Tamperproof, yet playing Tetris.

[Anne & Lynn Wheeler]

... and has now made slashdot 

Chip & PIN Terminal Playing Tetris
http://hardware.slashdot.org/hardware/07/01/08/1355221.shtml

previous post
http://www.garlic.com/~lynn/aadsm26.htm#20 Tamperproof, yet playing Tetris

recent related comments
http://www.garlic.com/~lynn/aadsm26.htm#21 FC07 Preliminary Programme - Leaving 
Room for the Bad Guys

and a whole lot of past comments
http://www.garlic.com/~lynn/subintegrity.html#yescard

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

[EMAIL PROTECTED]: [fc-announce] Usable Security--Prelim Program--Jan 8 Hotel Deadline]

[R. Hirschfeld]

From: Rachna Dhamija <[EMAIL PROTECTED]>
Subject: [fc-announce] Usable Security--Prelim Program--Jan 8 Hotel Deadline
To: [EMAIL PROTECTED]
Date: Fri, 5 Jan 2007 11:45:31 -0800

Below is the preliminary program for Usable Security, a workshop that  
will be held in conjunction with FC07.  Note that the hotel  
reservation deadline is this Monday.

Hope to see you in Tobago in February!

Rachna Dhamija
USEC'07 Program Chair


 
 USABLE SECURITY 2007
 
PRELIMINARY PROGRAM & CALL FOR PARTICIPATION

 February 15-16, 2007

https://www.usablesecurity.org


 Hotel & Registration


The FC/USEC Hotel Reservation Deadline is THIS MONDAY, January 8.
 

Registration will open early next week.  The deadline for early
early registration rates is January 22.
 


 Preliminary Program


Thursday, February 15, 2007

12PM - Close of FC'07

1:30PM - Full Paper Session 1
  * An Evaluation of Extended Validation and Picture-in-Picture
Phishing Attacks
Collin Jackson (Stanford University)
Dan Simon (Microsoft Research)
Desney Tan (Microsoft Research)
Adam Barth (Stanford University)

  * WSKE: Web Server Key Enabled Cookies
Chris Masone (Dartmouth College)
Kwang-Hyun Baek (Dartmouth College)
Sean Smith (Dartmouth College)

3:30PM - Panel
The Future of Phishing
Moderator: Ross Anderson (University of Cambridge)

6PM - USEC Reception


Friday, February 16, 2007


9:00AM - Full Paper Session 2

  * Usability Analysis of Secure Pairing Methods
Ersin Uzun (University of California, Irvine and
 Nokia Research Center Helsinki)
Kristiina Karvonen (Helsinki University of Technology)
N. Asokan (Helsinki University of Technology and
Nokia Research Center Helsinki)

  * Low-cost Manufacturing, Usability, and Security: An Analysis
of Bluetooth Simple Pairing and Wi-Fi Protected Setup
Cynthia Kuo (Carnegie Mellon University)
Jesse Walker (Intel Corporation)
Adrian Perrig (Carnegie Mellon University)

  * Empirical Studies on Software Notices to Inform Policy Makers
and Usability Designers
Jens Grossklags (University of California, Berkeley)
Nathan Good (University of California, Berkeley)

11AM - Demo

  * Prime III: Where Usable Security and Electronic Voting Meet
Philicity Williams, E. Vincent Cross, II, Idongesit Mkpong-
Ruffin, Yolanda McMillian, Kathryn Nobles, Priyanka Gupta,
and Juan E. Gilbert (Auburn University)

1PM - Panel
  * Building Trusted Systems: Does Trusting Computing Enable  
Trusted Systems?
Moderator: Raquel Hill (Indiana University)

3PM - Work-in-Progress (WIP) Papers Session


  Program Committee


Ross Anderson, University of Cambridge
Steven Bellovin, Columbia University
Rachna Dhamija, Harvard University (Program Chair)
Dan Boneh, Stanford University
Simson Garfinkel, Harvard University
Raquel Hill, Indiana University
Jason Hong, Carnegie Mellon University
Burt Kaliski, RSA Security and RSA Laboratories
Robert Miller, Massachusetts Institute of Technology
Andrew Patrick, National Research Council Canada
Angela Sasse, University College London
Dan Schutzer, Financial Services Technology Consortium
Sean Smith, Dartmouth College
J. D. Tygar, U.C. Berkeley
Paul van Oorschot, Carleton University
Tara Whalen, Dalhousie University
Ka-Ping Yee, U.C. Berkeley



___
fc-announce mailing list
[EMAIL PROTECTED]
http://mail.ifca.ai/mailman/listinfo/fc-announce
--

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

[EMAIL PROTECTED]: [fc-announce] FC07: Preliminary program and call for participation]

[R. Hirschfeld]

From: Sven Dietrich <[EMAIL PROTECTED]>
Subject: [fc-announce] FC07: Preliminary program and call for participation
To: [EMAIL PROTECTED]
Date: Mon, 8 Jan 2007 08:08:09 -0500 (EST)

Dear Colleague,

Please see below for the preliminary program and call for participation for 
Financial Cryptography and Data Security 2007. Please note the upcoming hotel 
and registration deadlines.

See you in Tobago!

- -- 
Sven Dietrich - [EMAIL PROTECTED]
Program Chair, Financial Cryptography and Data Security 2007
http://fc07.ifca.ai/



Financial Cryptography and Data Security 2007 (FC07)
PRELIMINARY PROGRAM & CALL FOR PARTICIPATION

   Hilton Tobago Resort
 Lowlands, Scarborough, Trinidad/Tobago
February 12-15, 2007



- --
 Hotel & Registration
- --

The FC07 Hotel Reservation Deadline is THIS MONDAY, January 8.
  

Registration will open early next week.  The deadline for early
early registration rates is January 22.
  


- --
Preliminary Program
- --

All events take place at the Hilton Tobago Resort unless otherwise noted.

Sunday, February 11, 2007

5:00pm-7:00pm
Registration reception
poolside Hilton Tobago Resort
Monday, February 12, 2007

7:30am-8:30am
Breakfast and Registration

8:30am-8:45am
Welcome, Minister of Finance (tentative)

8:45am-9:00am
Conference opening, Conference Chairs

9:00am-10:00am
Keynote Address

Mike Bond

Title: Leaving Room for the Bad Guys

When designing a crypto protocol, or building a large security architecture, no 
competent designer ignores considering the bad guy, and anticipating his plans. 
But often we designers find ourselves striving to build totally secure systems 
and protocols -- in effect writing the bad guys entirely out of the equation. 
In a large system, when you exclude the bad guys, they soon muscle their way in 
elsewhere, and maybe in a new and worse way over which you may have much less 
control. A crypto protocol with no known weaknesses may be a strong tool, but 
when it does break, it will break in an unpredictable way.

This talk explores the hypothesis that it is safer and better for designers to 
give the bad guys their cut, but to keep it small, and keep in control. It may 
not just be our systems but also our protocol building blocks that should be 
designed to make room for the bad guy to take his cut. The talk is illustrated 
with examples of very successful systems with known weaknesses, drawn primarily 
from the European EMV payment system, and banking security in general. We also 
discuss a few "too secure" systems that end up failing in worse ways as a 
result.

10:00am-10:30am
Break

10:30am-12:00pm
Technical Paper Session
Payment Systems

Vulnerabilities in First-Generation RFID-enabled Credit Cards, Thomas S. 
Heydt-Benjamin (University of Massachusetts Amherst, USA), Daniel V. Bailey 
(RSA Laboratories, USA), Kevin Fu (University of Massachusetts Amherst, USA), 
Ari Juels (RSA Laboratories, USA), and Tom O'Hare (Innealta, Inc.)

Conditional E-Cash, Larry Shi and Bogdan Carbunar (Motorola Labs) and Radu Sion 
(Stony Brook University, USA)

A Privacy-Protecting Multi-Coupon Scheme with Stronger Protection against 
Splitting, Liqun Chen (HP Laboratories), Alberto Escalante, Hans Loehr, Mark 
Manulis, and Ahmad-Reza Sadeghi (Horst Goertz Institute Bochum, Germany)

12:00pm-1:00pm
Lunch

1:00pm-2:30pm
Panel: RFID - yes or no, Moderator: TBD

2:30pm-3:00pm
Break

3:00pm-4:00pm
Technical Paper Session
Anonymity

A Model of Onion Routing with Provable Anonymity, Joan Feigenbaum (Yale 
University), Aaron Johnson (Yale University, USA), and Paul Syverson (Naval 
Research Laboratory, USA)

K-Anonymous Multi-party Secret Handshakes, Shouhuai Xu (UTSA) and Moti Yung 
(RSA Laboratories and Columbia University, USA)

4:00pm
Adjourn

6:00pm-9:00pm
Reception
Location: TBA



Tuesday, February 13, 2007

7:30am-9:00am
Breakfast

9:00am-10:30am
Technical Paper Session
Authentication

Using a Personal Device to Strengthen Password Authentication from an Untrusted 
Computer, Mohammad Mannan and Paul C. van Oorschot (Carleton University, 
Canada)

Scalable Authenticated Tree Based Group Key Exchange for Ad-Hoc Groups, Yvo 
Desmedt (University College London, UK), Tanja Lange (Eindhoven University of 
Technology, Netherlands) and Mike Burmester (Florida State University, USA)

On Authentication with HMAC and Non-Random Properties, Christian Rechberger and 
Vincent Rijmen (Graz University of Technology, Austria)

10:30am-11:00am
Break

11:00am-12:00pm
Technical Paper Session
Anonymity and Privacy

Hidden Identity-Based Signatures, Aggelos Kiayias and Hong-Sheng Zhou 
(Unive

Re: secure CRNGs and FIPS (Re: How important is FIPS 140-2 Level 1 cert?)

[Matthias Bruestle]

Adam Back wrote:
> About the criticisms of Common Critera evaluation in general, I think
> why people complain it is a documentation exercise is because pretty
> much all it does ensure that it does what it says it does.  So
> basically you have to enumerates threats, state what threats the
> system is designed to protect against, and which are out of scope.
> 
> Then the rest of the documentation is just saying that in increasing
> detail, that you have not made mistakes in the design and
> specification and to some extent implementation.

CC has very good points. One of the best points is IMO the ST/PP concept
which encourages to think what to protect against what. And I do think
that most of the CC documents are helpful. But some, esp. these which
occupy the most paper, are IMO not worth their effort. These are the
low- and high-level design. They are meant to be the link between
specification and implementation, but I am sure that there are simpler
ways to show the link. And my experience is that these two documents do
not change the product in any way.

Matthias

-- 
Matthias Bruestle, Managing Director
Phone +49 (0) 91 19 55 14 91, Fax +49 (0) 91 19 55 14 97
MaskTech GmbH, Nordostpark 16, 90411 Nuernberg, Germany

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: (Short) Intro and question

[Chris Kuethe]

On 1/6/07, Allen <[EMAIL PROTECTED]> wrote:

One of the questions that I have been raising is trust and how to
ensure that that it is not misplaced or eroded over time. Which
leads me to my question for the list: I can see easily how to do
split key for 2 out of x for key recovery, but I can't seem to
find a reference to the 3 out of x problem.

In case I have not been clear enough, it is commonly known that
it is harder to get collusion when three people need to act
together than when there are just two. For most encryption 2 out
x is just fine, but some things need a higher level of security
than 2 out of x can provide.


http://freshmeat.net/projects/sharesecret/
http://freshmeat.net/projects/shsecret/
http://freshmeat.net/projects//

I can't speak much about them other than when I last tested them, they
were able to split and reassemble a few test cases.

CK

--
GDB has a 'break' feature; why doesn't it have 'fix' too?

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: (Short) Intro and question

[Saqib Ali]

I think you are looking for the m of n solution, or commonly known as
shared secret which can be implemented using shamir's or blakley's
scheme.

you can find a open source implementation of shamir's scheme @
http://point-at-infinity.org//

or more info check out the wikipedia entry:
http://en.wikipedia.org/wiki/Secret_sharing

saqib
http://www.full-disk-encryption.net



On 1/6/07, Allen <[EMAIL PROTECTED]> wrote:

Hi everyone,

I'm Allen Schaaf and I'm primarily an information security
analyst - I try to look at things like a total stranger and ask
all the dumb questions hoping to stumble on one or two that
hadn't been asked before that will reveal a potential risk.

I'm currently consulting at a very large HMO and finding that
there are lots of questions that have not been asked so I'm
having fun.

One of the questions that I have been raising is trust and how to
ensure that that it is not misplaced or eroded over time. Which
leads me to my question for the list: I can see easily how to do
split key for 2 out of x for key recovery, but I can't seem to
find a reference to the 3 out of x problem.

In case I have not been clear enough, it is commonly known that
it is harder to get collusion when three people need to act
together than when there are just two. For most encryption 2 out
x is just fine, but some things need a higher level of security
than 2 out of x can provide.

Thanks for any tips, ideas, solutions, or pointers.

Allen Schaaf
Information Security Analyst
Certified Network Security Analyst and
Intrusion Forensics Investigator - CEH, CHFI
Certified EC-Council Instructor - CEI

Security is lot like democracy - everyone's for it but
few understand that you have to work at it constantly.

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]




--
Saqib Ali, CISSP, ISSAP
http://www.full-disk-encryption.net

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: (Short) Intro and question

[Ivan Krstić]

Allen wrote:
> One of the questions that I have been raising is trust and how to ensure
> that that it is not misplaced or eroded over time. Which leads me to my
> question for the list: I can see easily how to do split key for 2 out of
> x for key recovery, but I can't seem to find a reference to the 3 out of
> x problem.

Read Shamir's original paper:
http://www.cs.tau.ac.il/~bchor/Shamir.html

and the Wikipedia page:
http://en.wikipedia.org/wiki/Secret_sharing

-- 
Ivan Krstić <[EMAIL PROTECTED]> | GPG: 0x147C722D

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: (Short) Intro and question

[Steven M. Bellovin]

On Sat, 06 Jan 2007 13:13:32 -0800
Allen <[EMAIL PROTECTED]> wrote:

> Hi everyone,
> 
> I'm Allen Schaaf and I'm primarily an information security analyst -
> I try to look at things like a total stranger and ask all the dumb
> questions hoping to stumble on one or two that hadn't been asked
> before that will reveal a potential risk.
> 
> I'm currently consulting at a very large HMO and finding that there
> are lots of questions that have not been asked so I'm having fun.
> 
> One of the questions that I have been raising is trust and how to
> ensure that that it is not misplaced or eroded over time. Which leads
> me to my question for the list: I can see easily how to do split key
> for 2 out of x for key recovery, but I can't seem to find a reference
> to the 3 out of x problem.
> 
> In case I have not been clear enough, it is commonly known that it is
> harder to get collusion when three people need to act together than
> when there are just two. For most encryption 2 out x is just fine,
> but some things need a higher level of security than 2 out of x can
> provide.
> 
There's a vast literature on the subject.  The classic paper is "How to
Share a Secret", by Shamir, Comm. ACM 22:11, Nov 1979.  Gus Simmons
published a survey of the field about 10 years ago, but I don't have
the citation handy.  I've always been fond of "Cryptographic sealing
for information secrecy and authentication", David Gifford, Comm. ACM
25:4, April 1982, but remarkably few people seem to have heard of it --
even Simmons was surprised when I mentioned it to him.




--Steve Bellovin, http://www.cs.columbia.edu/~smb

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]