Re: Fed's RFIDiocy pwnd at DefCon

2009-09-09 Thread Jerry Leichter
On Sep 4, 2009, at 4:24 PM, Matt Crawford wrote: . . . federal agents at the conference got a scare on Friday when they were told they might have been caught in the sights of an RFID reader. The reader, connected to a web camera, sniffed data from RFID- enabled ID cards and other documents

Re: RNG using AES CTR as encryption algorithm

2009-09-09 Thread Peter Gutmann
David Johnston d...@deadhat.com writes: Convincing yourself that you have implemented AES-CTR correctly usually involves first checking that your AES-ECB is correct, then putting the output of you counter construction into some other known good AES-CTR implementation and comparing the results

Re: Client Certificate UI for Chrome?

2009-09-09 Thread James A. Donald
Steven Bellovin wrote: Several other people made similar suggestions. They all boil down to the same thing, IMO -- assume that the user will recognize something distinctive or know to do something special for special sites like banks. Not if he only does it for special sites like banks,

Re: Client Certificate UI for Chrome?

2009-09-09 Thread Steven M. Bellovin
On Wed, 09 Sep 2009 15:42:34 +1000 James A. Donald jam...@echeque.com wrote: Steven Bellovin wrote: Several other people made similar suggestions. They all boil down to the same thing, IMO -- assume that the user will recognize something distinctive or know to do something special for

Re: RNG using AES CTR as encryption algorithm

2009-09-09 Thread Matt Ball
On Tue, Sep 1, 2009 at 11:28 PM, priya yelgar wrote: I have implemented RNG using AES algorithm in CTR mode. To test my implementation I needed some test vectors. How ever I searched on the CSRC site, but found the test vectors for AES_CBC not for AES CTR. PleaseĀ  can any one tell me

NSA intercepts led to a terrorist conviction

2009-09-09 Thread Steven Bellovin
Threat Level Privacy, Crime and Security Online NSA-Intercepted E-Mails Helped Convict Would-Be Bombers The three men convicted in the United Kingdom on Monday of a plot to bomb several transcontinental flights were prosecuted in part using crucial e-mail correspondences intercepted by the

Re: RNG using AES CTR as encryption algorithm

2009-09-09 Thread Zooko Wilcox-O'Hearn
And while you are at it, please implement these test vectors and report to Niels Ferguson: http://blogs.msdn.com/si_team/archive/2006/05/19/aes-test-vectors.aspx Regards, Zooko - The Cryptography Mailing List Unsubscribe by