Re: More info in my AES128-CBC question

2007-05-12 Thread Leichter, Jerry
| | Frankly, for SSH this isn't a very plausible attack, since | | it's not clear how you could force chosen plaintext into an | | SSH session between messages. A later paper suggested that | | SSL is more vulnerable: A browser plugin can insert data into | | an SSL protected

Re: More info in my AES128-CBC question

2007-05-12 Thread Travis H.
On Wed, May 09, 2007 at 06:11:03PM -0400, Leichter, Jerry wrote: Just being able to generate traffic over the link isn't enough to carry out this attack. Well, it depends on if you key per-flow or just once for the link. If the latter, and you have the ability to create traffic over the link,

Re: phone encryption technology becoming popular in Italy

2007-05-12 Thread Travis H.
On Wed, May 02, 2007 at 06:12:31PM +0100, Dave Korn wrote: If you wanted to be /really/ certain, I guess you'd have to take the tops off all the ICs inside and look at them under an EM, to make sure they really were the parts they claimed to be and don't have any extra circuitry or hidden

RE: Was a mistake made in the design of AACS?

2007-05-12 Thread Ian Farquhar \(ifarquha\)
On Thu, May 03, 2007 at 10:25:34AM -0700, Steve Schear wrote: Well, there's an idea: use different physical media formats for entertainment and non- entertainment content (meaning, content created by MPAA members vs. not) and don't sell writable media nor devices capable of writing it for

RE: Selective disclosure

2007-05-12 Thread Benny Pinkas
Following the Waldo proof, there is recent work showing how to convince someone that you have solved a Sudoku puzzle without revealing the solution (this is a recent paper by Gradwohl, Naor, Rothblum and myself). The paper describes cryptographic and *physical* protocols for this task, accompanied

PRZ status

2007-05-12 Thread Jon Callas
He's out of surgery, doing well, and the doctors say he'll be better than he's been for ten years. Jon - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

no surprise - Sun fails to open source the crypto part of Java

2007-05-12 Thread Ian G
Does anyone know what Sun failed to opensource in the crypto part of Java? http://news.com.com/Open-source+Java-except+for+the+exceptions/2100-7344_3-6182416.html They also involve some elements of sound and cryptography, said Tom Marble, Sun's OpenJDK ambassador. We have already contacted

wiretaps and encryption

2007-05-12 Thread Steven M. Bellovin
Those who remember the Crypto Wars of the 1990s will recall all of the claims about we won't be able to wiretap because of encryption. In that regard, this portion of the latest DoJ wiretap report is interesting: Public Law 106-197 amended 18 U.S.C. 2519(2)(b) to require that

Re: More info in my AES128-CBC question

2007-05-12 Thread Nicolas Williams
On Wed, May 09, 2007 at 06:04:20PM -0400, Leichter, Jerry wrote: | Frankly, for SSH this isn't a very plausible attack, since it's not | clear how you could force chosen plaintext into an SSH session between | messages. A later paper suggested that SSL is more vulnerable: | A browser

Re: More info in my AES128-CBC question

2007-05-12 Thread Travis H.
On Wed, May 09, 2007 at 06:04:20PM -0400, Leichter, Jerry wrote: However, cryptographically secure RNG's are typically just as expensive as doing a block encryption. So why not just encrypt the IV once with the session key before using it? (This is the equivalent of pre-pending a block of

Ross Anderson paper on fraud, risk and nonbank payment systems

2007-05-12 Thread Steve Schear
[Read the paper here: http://www.cl.cam.ac.uk/%7Erja14/Papers/nonbanks.pdf Very interesting stuff, but not likely new to most here.] The Federal Reserve commissioned me to research and write a paper on fraud, risk and nonbank payment systems. I found that phishing is facilitated by payment

Re: Enterprise Right Management vs. Traditional Encryption Tools

2007-05-12 Thread Ali, Saqib
Hi Jon, Rights management systems work against polite attackers. They are useless against impolite attackers. Look at the way that entertainment rights management systems have been attacked. The rights management system will be secure so long as no one wants to break them. There is tension

Re: Enterprise Right Management vs. Traditional Encryption Tools

2007-05-12 Thread Jon Callas
On May 9, 2007, at 5:01 PM, Ali, Saqib wrote: Hi Jon, Rights management systems work against polite attackers. They are useless against impolite attackers. Look at the way that entertainment rights management systems have been attacked. The rights management system will be secure so long as

Re: Enterprise Right Management vs. Traditional Encryption Tools

2007-05-12 Thread Hagai Bar-El
Hello, On 08/05/07 20:16, Ali, Saqib wrote: I was recently asked why not just deploy a Enterprise Right Management solution instead of using various encryption tools to prevent data leaks. Any thoughts? The encryption tools function according to simple, well understood, and more-or-less

Re: Ross Anderson paper on fraud, risk and nonbank payment systems

2007-05-12 Thread Allen
Steve Schear wrote: [snip] In real life, following the money is just as important as following the man. It's time for the system to be rebalanced. In fact, I believe, it is even more important because it is the snail trail that connects the people involved. Significant sized anti-social

Re: no surprise - Sun fails to open source the crypto part of Java

2007-05-12 Thread Florian Weimer
* Ian G.: Does anyone know what Sun failed to opensource in the crypto part of Java? The Sun JCE provider appears to be missing, which means that few cryptographic algorithms are actually implemented in the source drop. All the symmetric encryption algorithms are missing, for instance.

Re: no surprise - Sun fails to open source the crypto part of Java

2007-05-12 Thread Nicolas Williams
Subject: Re: no surprise - Sun fails to open source the crypto part of Java Were you not surprised because you knew that said source is encumbered, or because you think Sun has some nefarious motive to not open source that code? If the latter then keep in mind that you can find plenty of crypto

Re: no surprise - Sun fails to open source the crypto part of Java

2007-05-12 Thread Jack Lloyd
On Fri, May 11, 2007 at 04:42:47PM +0200, Ian G wrote: They also involve some elements of sound and cryptography, said Tom Marble, Sun's OpenJDK ambassador. We have already contacted the copyright holders. We were unable to negotiate release under an open-source license, Marble said. I