Re: Certificate-stealing Trojan
On 09/27/2010 08:26 PM, Rose, Greg wrote: On 2010 Sep 24, at 12:47 , Steven Bellovin wrote: Per http://news.softpedia.com/news/New-Trojan-Steals-Digital-Certificates-157442.shtml there's a new Trojan out there that looks for a steals Cert_*.p12 files -- certificates with private keys. Since the private keys are password-protected, it thoughtfully installs a keystroke logger as well Ah, the irony of a trojan stealing something that, because of lack of PKI, is essentially useless anyway... While I agree with the sentiment on PKI, we should accept this evidence for what it is: There exists at least one malware author who, as of recently, did not have a trusted root CA key. Additionally, the Stuxnet trojan is using driver-signing certs pilfered from the legitimate parties the old-fashioned way. This suggests that even professional teams with probable state backing either lack that card or are saving it to play in the next round. Is it possible that the current PKI isn't always the weakest link in the chain? Is it too valuable of a cake to ever eat? Or does it just leave too many footprints behind? - Marsh - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Obama administration revives Draconian communications intercept plans
Essentially, officials want Congress to require all services that enable communications — including encrypted e-mail transmitters like BlackBerry, social networking Web sites like Facebook and software that allows direct “peer to peer” messaging like Skype — to be technically capable of complying if served with a wiretap order. The mandate would include being able to intercept and unscramble encrypted messages. Isn't this just a clarification of existing CALEA practice? In most jurisdictions, if a communications services provider is served an order to make available communications, it is required by law to provide it in the clear. Anything else doesn't make sense, does it? Service providers generally acknowledge this (including Research In Motion, so I don't get why they are singled out in the article). There are indications that governments have access to Skype these days Here's a blog post mentioning it: http://www.lawblog.de/index.php/archives/2010/08/17/skype-staat-hort-mit/ (Udo Vetter is sometimes a bit sensationalist, though.) Another indicator is that German law enforcement no longer calls for new laws granting them access to Skype traffic. In any case, the cleartext requirement for lawful intercept has always been very public. Oddly enough, it has not been perceived as some sort of crypto regulation, although it puts some constraints on key management. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Haystack (helping dissidents?)
On Thu, Sep 16, 2010 at 04:49:19PM +, M.R. wrote: | I said (something like) this when Haystack first appeared on this | list... | | Words dissidents and oppressive regimes have no place in | serious discussions among cryptographers. Once we start assigning | ethical categorizations to those that protect and those that attack | (data files, communications channels, etc.) we are watering the | garden in which the weeds like Haystack flourish. Declarations about the appropriateness of the language of others have no place in serious discussions among cryptographers. Once we start assigning ethical categorizations to words, we are watering the garden in which flamewars flourish. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: 'Padding Oracle' Crypto Attack Affects Millions of ASP.NET Apps
On Tue, Sep 28, 2010 at 12:49 PM, Peter Gutmann pgut...@cs.auckland.ac.nz wrote: Ye gods, how can you screw something that simple up that much? They use the appropriate, and secure, HMAC-SHA1 and AES, but manage to apply it backwards! I guess they just follow SSL. BTW, they screw up more badly in other places. Download .NET Reflector, decompile .NET source, and do a grep 'DecryptString', you'll see at least three places where they don't even use a MAC at all. Thai. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
