Re: [Cryptography] Crypto Standards v.s. Engineering habits - Was: NIST about to weaken SHA3?

2013-10-01 Thread Dirk-Willem van Gulik
Op 1 okt. 2013, om 17:59 heeft Jerry Leichter het volgende geschreven: > On Oct 1, 2013, at 3:29 AM, Dirk-Willem van Gulik > wrote: >> ...I do note that in crypto (possibly driven by the perceived expense of too >> many bits) we tend to very carefully observe the various

[Cryptography] Crypto Standards v.s. Engineering habits - Was: NIST about to weaken SHA3?

2013-10-01 Thread Dirk-Willem van Gulik
Op 30 sep. 2013, om 05:12 heeft Christoph Anton Mitterer het volgende geschreven: > > Not sure whether this has been pointed out / discussed here already (but > I guess Perry will reject my mail in case it has): > > https://www.cdt.org/blogs/joseph-lorenzo-hall/2409-nist-sha-3 > This makes NIS

Re: [Cryptography] Cryptographic mailto: URI

2013-09-24 Thread Dirk-Willem van Gulik
Op 20 sep. 2013, om 14:55 heeft Phillip Hallam-Baker het volgende geschreven: > On Fri, Sep 20, 2013 at 4:36 AM, Dirk-Willem van Gulik > wrote: > > Op 19 sep. 2013, om 19:15 heeft Phillip Hallam-Baker het > volgende geschreven: > > > Let us say I wan

Re: [Cryptography] Cryptographic mailto: URI

2013-09-21 Thread Dirk-Willem van Gulik
Op 19 sep. 2013, om 19:15 heeft Phillip Hallam-Baker het volgende geschreven: > Let us say I want to send an email to al...@example.com securely. ... > ppid:al...@example.com:example.net:Syd6BMXje5DLqHhYSpQswhPcvDXj+8rK9LaonAfcNWM ... > example.net is a server which will resolve the reference

Re: [Cryptography] Security is a total system problem (was Re: Perfection versus Forward Secrecy)

2013-09-15 Thread Dirk-Willem van Gulik
Op 13 sep. 2013, om 21:23 heeft Perry E. Metzger het volgende geschreven: > On Fri, 13 Sep 2013 08:08:38 +0200 Eugen Leitl > wrote: >> Why e.g. SWIFT is not running on one time pads is beyond me. > > I strongly suspect that delivering them securely to the vast number > of endpoints involved a

Re: [Cryptography] Is ECC suspicious?

2013-09-06 Thread Dirk-Willem van Gulik
Op 6 sep. 2013, om 01:09 heeft "Perry E. Metzger" het volgende geschreven: > http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance …. > The Suite B curves were picked some time ago. Maybe they have problems. …. > Now, this certainly was a problem for the random numb

Re: [Cryptography] Keeping backups (was Re: Separating concerns

2013-09-06 Thread Dirk-Willem van Gulik
Would be interested & interesting. Been doing the same thing with on-chipcard generated public keys to to the 'reverse' - be able to wipe a part of your off-site backup store by cutting up the secret. So I think there is a general case - and I've got a gut feeling that when propably analysed som

Re: Watermarking...

2010-04-20 Thread Dirk-Willem van Gulik
On 19 Apr 2010, at 23:29, Massimiliano Pala wrote: > Hi all, > > I was wondering if any of you have some pointers on the security of > watermarking. In particular I am interested in public-key or asymmetric > watermarking algorithms. > > Also, do you know of any free-to-use (opensource/etc.) im

Re: HSM outage causes root CA key loss

2009-07-14 Thread Dirk-Willem van Gulik
Weger, B.M.M. de wrote: - if they rely on the CA for signing CRLs (or whatever revocation mechanism they're using) then they have to find some other way to revoke existing certificates. ... Seems to me that for signing CRLs it's better to have a separate "Revocation Authority" (whose cer

Re: Why the poor uptake of encrypted email? [Was: Re: Secrets and cell phones.]

2008-12-09 Thread Dirk-Willem van Gulik
On 8 Dec 2008, at 22:43, David G. Koontz wrote: JOHN GALT wrote: StealthMonger wrote: This may help to explain the poor uptake of encrypted email. It would be useful to know exactly what has been discovered. Can you provide references? The iconic Paper explaining this is "Why Johnny Ca

Raw RSA binary string and public key 'detection'

2008-11-20 Thread Dirk-Willem van Gulik
Been looking at the Telnic (dev.telnic.org) effort. In essence; NAPTR dns records which contain private details such as a phone number. These are encrypted against the public keys of your friends (so if you have 20 friends and 3 phone numbers visible to all friends - you need 20 subdomains

Re: once more, with feeling.

2008-09-17 Thread Dirk-Willem van Gulik
> ... discussion on CA/cert acceptance hurdles in the UI I am just wondering if we need a dose of PGP-style reality here. We're really seeing 3 or 4 levels of SSL/TLS happening here - and whilst they all appear use the same technology - the assurances, UI, operational regimen, 'investmen

Re: On the "randomness" of DNS

2008-07-30 Thread Dirk-Willem van Gulik
On 30 Jul 2008, at 21:33, Ben Laurie wrote: For sure, it would be better if we could check the source code and match the implemented RNG against an already known RNG. But, then, there is a "the chicken or the egg" problem: how would you ensure that a *new* RNG is a good source of "randomness" ?

Re: On the "randomness" of DNS

2008-07-30 Thread Dirk-Willem van Gulik
On 30 Jul 2008, at 19:57, Pierre-Evariste Dagand wrote: But just how GREAT is that, really? Well, we don' t know. Why? Because there isn't actually a way test for randomness. Your DNS resolver could be using some easily predicted random number generator like, say, a linear congruential one,

Re: the joy of "enhanced" certs

2008-06-04 Thread Dirk-Willem van Gulik
On Wed, 4 Jun 2008, Perry E. Metzger wrote: I'm thinking of starting a CA that sells "super duper enhanced security" certs, where we make the company being certified sign a document in which they promise that they're absolutely trustworthy. To be really sure, we'll make them fax said document

Re: [mm] delegating SSL certificates

2008-03-17 Thread Dirk-Willem van Gulik
On Mar 16, 2008, at 7:52 PM, Ben Laurie wrote: Dirk-Willem van Gulik wrote: So I'd argue that while x509, its CA's and its CRL's are a serious pain to deal** with, and seem add little value if you assume avery diligent and experienced operational team -- they do pro

Re: delegating SSL certificates

2008-03-16 Thread Dirk-Willem van Gulik
On Mar 16, 2008, at 12:32 PM, Ben Laurie wrote: [EMAIL PROTECTED] wrote: So at the company I work for, most of the internal systems have expired SSL certs, or self-signed certs. Obviously this is bad. You only think this is bad because you believe CAs add some value. SSH keys aren't signed

Re: kit to prevent computers from losing power during seizure.

2008-02-21 Thread Dirk-Willem van Gulik
On Fri, 15 Feb 2008, Perry E. Metzger wrote: > > It appears that disk encryption techniques are spawning technical > responses. This gadget lets law enforcement take a computer without > ever turning off the power. > > http://www.wiebetech.com/products/HotPlug.php > > Countermeasures are, of cour

Re: Toshiba shows 2Mbps hardware RNG

2008-02-14 Thread Dirk-Willem van Gulik
On Feb 10, 2008, at 4:02 AM, Peter Gutmann wrote: The device generates random numbers at a data rate of 2.0 megabits a second, according to Toshiba in a paper presented at the International Solid-State Circuits Conference (ISSCC) here. I've always wondered why RNG speed is such a big deal f

Re: patent of the day

2008-01-24 Thread Dirk-Willem van Gulik
On Wed, 23 Jan 2008, Leichter, Jerry wrote: > well be prior art, but the idea of erasing information by deliberately > discarding a key is certainly not completely obvious except in > retrospect. If you look at any traditional crypto text, you won't Hmm - it is commonly mentioned that (early) h

Re: PlayStation 3 predicts next US president

2007-12-05 Thread Dirk-Willem van Gulik
On Dec 3, 2007, at 2:47 PM, William Allen Simpson wrote: Dirk-Willem van Gulik wrote: Keep in mind that the notary is still 'careful' -- effectively they sign the hash -- rather than the document; and state either such (e.g. in the case of some software/code where you do not

Re: PlayStation 3 predicts next US president

2007-12-03 Thread Dirk-Willem van Gulik
On Dec 2, 2007, at 3:09 AM, William Allen Simpson wrote: There are no circumstances in which any reputable certifier will ever certify any of the "multitude" containing a hidden pdf image, especially where generated by another party. It is getting fairly common for notaries in for example t

Re: [EMAIL PROTECTED]: Skype security evaluation]

2005-10-26 Thread Dirk-Willem van Gulik
On Mon, 24 Oct 2005, cyphrpunk wrote: > Is it possible that Skype doesn't use RSA encryption? Or if they do, > do they do it without using any padding, and is that safe? You may want to read the report itself: http://www.skype.com/security/files/2005-031%20security%20evaluation.pdf an

Re: [Forwarded] RealID: How to become an unperson.

2005-07-08 Thread Dirk-Willem van Gulik
On Tue, 5 Jul 2005 [EMAIL PROTECTED] wrote: > (currently in Boston, MA, after giving fingerprints at the > airport immigration) And you may have then noticed the interesting effect; in Germany we have mandatory cards - carry them round always - but virtually have to show them. And only to offici

Re: encrypted tapes

2005-06-09 Thread Dirk-Willem van Gulik
On Wed, 8 Jun 2005, Perry E. Metzger wrote: > Dan Kaminsky <[EMAIL PROTECTED]> writes: > > Yes, because key management is easy or free. Eh - my experience is that that is where 99% of the cost is - in the whole human procedures and vetting around it. The paper work, the auditing, dealing with

Re: SSL/TLS passive sniffing

2004-12-05 Thread Dirk-Willem van Gulik
On Wed, 1 Dec 2004, Anne & Lynn Wheeler wrote: > the other attack is on the certification authorities business process Note that in a fair number of Certificate issuing processes common in industry the CA (sysadmin) generates both the private key -and- certificate, signs it and then exports bot

Re: SSL/TLS passive sniffing

2004-12-01 Thread Dirk-Willem van Gulik
On Tue, 30 Nov 2004, Ben Nagy wrote: > I'm a bumbling crypto enthusiast as a sideline to my other, real, areas of > security expertise. Recently a discussion came up on firewall-wizards about > passively sniffing SSL traffic by a third party, using a copy of the server Access to the private key

Re: Undergraduate wireless LAN security project?

2004-10-07 Thread Dirk-Willem van Gulik
On Thu, 7 Oct 2004, Damien O'Rourke wrote: > I was just wondering if anyone had any ideas for a project in wireless > LAN security for a final year undergraduate? Or something along those (Free)BSD implementation/BSD license implentation of a 802.1x stack usable in a wireless environment where

Re: Customs and Excise Electronic Returns

2004-10-04 Thread Dirk-Willem van Gulik
On Thu, 30 Sep 2004, Ian Grigg wrote: > PKI, and the Customs & Excise's, mistake was to assume that a > key is only useful if it is signed by someone else. From a Right; that is often forgotten and very useful - as the dutch root PKI was signed under rather dubious circumstances (and its safeg

Re: Satellite eavesdropping of 802.11b traffic

2004-05-30 Thread Dirk-Willem van Gulik
On May 27, 2004, at 12:35 PM, John Kelsey wrote: Does anyone know whether the low-power nature of wireless LANs protects them from eavesdropping by satellite? Is there some simple reference that would easily let me figure out whether transmitters at a given power are in danger of eavesdropping

Re: Verisign CRL single point of failure

2004-04-01 Thread Dirk-Willem van Gulik
On Jan 9, 2004, at 8:06 PM, Rich Salz wrote: dave kleiman wrote: Because the client has a Certificate Revocation Checking function turned on in a particular app (i.e. IE or NAV). I don't think you understood my question. Why is crl.verisign.com getting overloaded *now.* What does the expirat

Re: Peppercoin Raises $4 Million in First Round Funding, Appoints CEO

2003-09-24 Thread Dirk-Willem van Gulik
On Tue, 23 Sep 2003, R. A. Hettinga wrote: > On Tuesday, September 23, 2003, at 03:45 PM, R. A. Hettinga wrote: > > > Rivest and Micali's microcheque protocol gets a ducat-download. > > > > Next stop an IPO -- and then an eBay buyout... ;-). > > Hahaha... "about 7 percent per transaction" - NOT