On Tue, Jun 10, 2008 at 11:41:56PM +0100, Dave Howe wrote:
The key size would imply PKI; that being true, then the ransom may
be for a session key (specific per machine) rather than the
master key it is unwrapped with.
Per the computerworld.com article:
Kaspersky has the public key in
[Moderator's note: Please don't send giant run on paragraphs to the
list. They're hard to read. --Perry]
From: Marcos el Ruptor [EMAIL PROTECTED]
Interesting. Of course, with the possible exception of Skype,
only the over-the-network part of the communication is
protected. The IM
Allen [EMAIL PROTECTED] wrote:
Agreed, but..., well there is the small matter of figuring out /who/ is
doing it and that just might require some small bit of technology.
Certainly, it is not mutual exclusive. However factor an RSA key
hardly can help with that.
At least two defects in this
Dear people of the cryptography mailing list:
I received a note from Sridhar Vajapey, head of the Sun OpenSPARC
programme, which releases a complete modern CPU under the GPL.
Except that it isn't complete -- the parts that do AES, SHA-1 and
SHA-2, and public key crypto acceleration are
| The key size would imply PKI; that being true, then the ransom may
| be for a session key (specific per machine) rather than the master
| key it is unwrapped with.
|
| Per the computerworld.com article:
|
|Kaspersky has the public key in hand ? it is included in the
|Trojan's code ?
On Wed, Jun 11, 2008 at 11:53:54AM -0400, Leichter, Jerry wrote:
Returning to the point of the earlier question - why doesn't someone
pay the ransom once and then use the key to decrypt everyone's files:
Assuming, as seems reasonable, that there is a session key created
per machine and then
The Fungi wrote:
On Tue, Jun 10, 2008 at 11:41:56PM +0100, Dave Howe wrote:
The key size would imply PKI; that being true, then the ransom may
be for a session key (specific per machine) rather than the
master key it is unwrapped with.
Per the computerworld.com article:
Kaspersky has
Dave Howe wrote on 11 June 2008 19:13:
The Fungi wrote:
On Tue, Jun 10, 2008 at 11:41:56PM +0100, Dave Howe wrote:
The key size would imply PKI; that being true, then the ransom may
be for a session key (specific per machine) rather than the
master key it is unwrapped with.
Per the
| Why are we wasting time even considering trying to break the public key?
|
| If this thing generates only a single session key (rather, a host key)
| per machine, then why is it not trivial to break? The actual encryption
| algorithm used is RC4, so if they're using a constant key without
Leichter, Jerry wrote on 11 June 2008 20:04:
Why are we wasting time even considering trying to break the public
key?
If this thing generates only a single session key (rather, a host
key) per machine, then why is it not trivial to break? The actual
encryption algorithm used is RC4,
On Wed, 11 Jun 2008 15:58:26 -0400
Jeffrey I. Schiller [EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I bet the malware authors can change keys faster then we can factor
them...
To put it mildly. They can can even set up sophisticated structures to
have lots of
On 11 Jun 2008, at 20:13, Dave Howe wrote:
This would seem to imply they already verified the public key was
constant in the trojan and didn't differ between machines (or that
I'm giving Kaspersky's team too much credit with my assumptions).
I've just looked at the virus. Upon invocation, it
- Original Message -
From: Jerry Leichter [EMAIL PROTECTED]
To: Dave Korn [EMAIL PROTECTED]
Cc: Email List - Cryptography cryptography@metzdowd.com
Sent: Wednesday, June 11, 2008 12:04:21 PM (GMT-0800) America/Los_Angeles
Subject: RE: Ransomware
| Why are we wasting time even
On Jun 11, 2008, at 10:04 PM, Steven M. Bellovin wrote:
Let's put it like this: suppose you wanted to use all of your
cryptographic skills to do such a thing. Do you think it could be
cracked? I don't...
Exactly right. After Storm, I don't think anyone reasonable still
believes that
ANNOUNCING Allmydata.org Tahoe, the Least-Authority Filesystem, v1.1
We are pleased to announce the release of version 1.1 of the Tahoe
Least Authority Filesystem.
The Tahoe Least Authority Filesystem is a secure, decentralized,
fault-tolerant filesystem. All of the source code is available
15 matches
Mail list logo