Travis H. wrote:
So the opponent then knows the password given to him is not valid, and
might continue to search for a current one.
Not likely for the same data. After all, the data is protected by
a password that "expired".
And/or step through the
program with a debugger, like a software cr
thentication can
make the system less secure than just username/password, while
considerably reducing usability. A lose-lose for users.
Cheers,
Ed Gerck
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
not just do the math and say -- it works! This
was the same mistake of email encryption. That the system can actually
be used turns out to be more important than any security promise.
Cheers,
Ed Gerck
(*) Apparently, at most. Their 3-digit matrix counter, also included
in the
olution is also technologically neutral, but has more chances for
success, and less cost, with e-voting.
Best,
Ed Gerck
[1] In Shannon's cryptography terms, the solution reduces the probability
of existence of a covert channel to a value as close to zero as we want.
This is done by
n into account.
The solution seems fairly intuitive. In fact, it was used about 500
years by the Mogul in India to prevent fraud.
The solution is also technologically neutral, but has more chances for
success, and less cost, with e-voting.
Best,
Ed Gerck
[1] In Shannon's cryptograp
. Moderators are welcome
too.
Best,
Ed Gerck
[1] Based on a general, information-theory model of voting that applies
to any technology, first presented in 2001. See
http://safevote.com/doc/VotingSystems_FromArtToScience.pdf
Provides any desired number of independent records, which are readily
av
tually voted. This
procedure also helps prevent vote selling and coercion. The voter cannot
produce a non-repudiable proof of how the voter voted.
Best,
Ed Gerck
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
.
Best,
Ed Gerck
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
can
easily fall prey to con games. Trust begins as "self-trust". Anyone
interested in trying it out, please send me a personal email with
application info.
Best,
Ed Gerck
-
The Cryptography Mailing List
Unsubscrib
x27;t secure first communications. It is just
harder and _not_ necessary for banks (because the client already knows
the bank and vice versa).
Best,
Ed Gerck
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
James A. Donald wrote:
> Ed Gerck wrote:
>> I am using this insight in a secure email solution that provides
>> just that -- a reference point that the user trusts, both sending
>> and receiving email. Without such reference point, the user can
>> easily fall prey to
Guus Sliepen wrote:
> On Thu, Feb 15, 2007 at 02:47:05PM -0800, Ed Gerck wrote:
>
>> Zmail actually reduces the amount of trust by not storing your usercode,
>> password, or keys anywhere. This makes sense for zmail, and is an incentive
>> to actually do it, to reduce risk
d work, such as magnetic domain encoding when storing it
in a hard disk.
Now, if you pass a copyright-protected work through an irreversible
hash function, it would be hard to claim the result to be
copyright-protected.
Cheers,
Ed
n QC (and QKD based on
QC) might just reflect equally naive security assumptions
found in today's conventional cryptography. [1]
I would suggest QC as a very fruitful area of research, and one
that can add much insight back into conventional cryptography.
Cheers,
Ed Gerck
[1] For example, the
ives/000520.html
Cheers,
Ed Gerck
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
have other SSH security issues that you would like to see solved /in SSH/.
Cheers,
Ed Gerck
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Ivan Krstić wrote:
> On Jul 14, 2007, at 2:43 PM, Ed Gerck wrote:
>> 1. firewall port-knocking to block scanning and attacks
>> 2. firewall logging and IP disabling for repeated attacks (prevent DoS,
>> block dictionary attacks)
>> 3. pre- and post-filtering to prevent
in the blog in
general.
Cheers,
Ed Gerck
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
oss in the remaining through-signal, which
can easily be detected.
Cheers,
Ed Gerck
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
The first is simply a MSFT Vista requirement for BitLocker file
encryption. The second is for example present in ACER laptops
(Aspire 5920) as eLock -- it allows you to protect and then
unlock storage devices that can be mounted as a file system when
plugged into the trusted system (the laptop), or
hy Skype wrote about "love", is
that Skype users worldwide cannot call or hear voicemail for
many hours now.
The visible error is that users cannot login -- hence can't call,
etc. While this could understandable, what is not understandable
is Skype's love declaration
Steven M. Bellovin wrote:
http://www.tgdaily.com/content/view/33425/118/
"Ann Arbor (MI) - University of Michigan scientists have discovered a
breakthrough way to utilize light in cryptography. The new technique
can crack even complex codes in a matter of seconds. Scientists believe
this techniq
e the workload.
What matters here is the expected cost of password search,
not the password or payload Shannon entropy. For some pointers
on this discussion, and why high Shannon entropy does not
mean high workload, see
http://www.cs.berkeley.edu/~daw/my-posts/entropy-measures
Cheers,
Ed
is a "service oracle" that
does not necessarily reveal code details or flaws. SaaS could be supplied
remotely or locally, with a secure processor card or secure USB-processor.
Cheers,
Ed Gerck
-
The Cryptography Ma
(entirely on their own and
not by a mandate) to point out non-compliance of evaluated products
-- proprietary or open source -- to basic architectural requirements
of the standard. Here [x] = competitors, attackers, outside experts,
anyone in general.
Cheers,
Ed Gerck
legal frameworks that can
be used to bind the key to a person.
Cheers,
Ed Gerck
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
fraud paid for by
insurance, which is what happens today. We did solve the e-commerce security
problem, by putting in insurance. We can not solve it that way [for elections].
(from my Brookings Symposium comment, Washington, DC, January 2000).
Cheers,
Ed Gerck
--
on.
It is misleading to claim that port 587 solves the security problem of email
eavesdropping, and gives people a false sense of security. It is worse than
using a 56-bit DES key -- the email is in plaintext where it is most vulnerable.
Cheers
Paul Hoffman wrote:
At 10:38 AM -0800 1/22/08, Ed Gerck wrote:
The often expressed idea that SSL/TLS and port 587 are somehow able to
prevent warrantless wiretapping and so on, or protect any private
communications, is IMO simply not supported by facts.
Can you point to some sources of this
tless wiretapping and so on, why any private communications should
be "in the clear" I just don't know. Even my MTA offers up SSL or TLS to
other MTA's when advertising its capabilities. The RFC is there, use it
as they say.
--
Steven M. Bellovin wrote:
On Tue, 22 Jan 2008 21:49:32 -0800
Ed Gerck <[EMAIL PROTECTED]> wrote:
As I commented in the
second paragraph, an attack at the ISP (where SSL/TLS is
of no help) has been the dominant threat -- and that is
why one of the main problems is called "
have been prevented by SSL/TLS
protecting email submission.
Cheers,
Ed Gerck
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
din.cs.cmu.edu/wp-uploads/hamming.pdf
(BTW, this was a great talk!)
Cheers,
Ed Gerck
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Leichter, Jerry wrote:
No real technical data I can find on the site, and I've never seen
a site with so little information about who's involved. (Typically,
you at least get a list of the top execs.) Some ex-spooks? Pure
snake oil? Somewhere in between?
He's likely called Paul McGough, of
chip)
[**]. Trust can be positive (what we call trust), negative (distrust),
and zero (atrust -- there is no trust value associated with the
information, neither trust nor distrust). More in [*].
Cheers,
Ed Gerck
References:
[*] www.nma.com/papers/it-trust-part1.pdf
www.mcwg.org/mcg-mirror/t
Perry E. Metzger wrote:
Ed Gerck <[EMAIL PROTECTED]> writes:
Each chip does not have to be 100% independent, and does not have to
be used 100% of the time.
Assuming a random selection of both outputs and chips for testing, and
a finite set of possible outputs, it is possible to calculat
;s reaction time and make sure that the error-correcting
channel has enough capacity to counter-react within that reaction
time. For chip fabrication, this may be quite long.
Cheers,
Ed Gerck
-
The Cryptography Maili
as a synergy: with
more usability in a secure system, security increases. With less
usability in a secure system, security decreases. A secure system that
is not usable will be left aside by users.
Cheers,
Ed Gerck
third-parties that most people will trust.
This is how SSL works. The site provides a digital certificate signed by
a CA that most browsers trust, providing an independent channel to
verify that the web address is correct -- in addition to what the
browser's location line says.
Cheers
n previous post). Similarly, we have to do it right when we
transmit data (for example, if we don't have enough bandwidth or if
there is too much noise, the data will be not be 100% transferred).
Cheers,
Ed Gerck
-
The Crypt
Bill Frantz wrote:
[EMAIL PROTECTED] (Ed Gerck) on Monday, June 2, 2008 wrote:
To trust something, you need to receive information from sources OTHER
than the source you want to trust, and from as many other sources as
necessary according to the extent of the trust you want. With more trust
ts B". You can't call that operation a "copy".
Trust is indeed expressed by relationships. And those relationships
can be transmitted with proper consideration -- just not in your
example. In the case of SSL certs, a simple file copy is enough.
Cheers,
Ed Gerck
Addendum:
D
se copy and transfer trust in our social interactions, not just
in our digital interactions.
Cheers,
Ed Gerck
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
IanG wrote:
Ed Gerck wrote:
When you look at trust in various contexts, you will still find the
need to receive information from sources OTHER than the source you
want to trust. You may use these channels under different names, such
as memory which is a special type of output that serves as
gue use of its private-key for signing end-user certs.
This trust, limited by this extent, can be used in automating use of
certs from that CA -- for example, only accept signatures from
end-user certs of that CA if the cert is less than 31 days old (or, 15
days -- whatever your risk m
time you need to try enough combinations so that you can succeed.
I'm not defending the designers of that email system, as I do not know
any specifics -- I'm just pointing out that what you mention is not
necessarily a problem and may be even safer than secure online banking
today.
[EMAIL PROTECTED] wrote:
Ed Gerck writes:
-+--
| ...
| Not so fast. Bank PINs are usually just 4 numeric characters long and
| yet they are considered /safe/ even for web access to the account
| (where a physical card is not required).
|
| Why? Because after 4 tries the
arios.
Cheers,
Ed Gerck
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
an perform for each account.
What makes a good difference in preventing an attack as mentioned by
Dan is to /not/ allow weak passwords in the first place! But, because
this is not really possible with PIN systems (even with 6 digits), the
security designer can detect attack pattern
[Moderator's note: I'll let Ed have the last word. I'm sure everyone
knows what I'd say anyway. --Perry]
Perry E. Metzger wrote:
Ed Gerck <[EMAIL PROTECTED]> writes:
In any case, there are a large number of reasons US banks don't
(generally) require or even
d
success so far.
Comments are welcome. More at
Best regards,
Ed Gerck
e...@gerck.com
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
silky wrote:
On Sun, Feb 22, 2009 at 6:33 AM, Ed Gerck wrote:
(UI in use since 2000, for web access control and authorization) After you
enter a usercode in the first screen, you are presented with a second screen
to enter your password. The usercode is a mnemonic 6-character code such as
,
if they so want and are motivated to, or learn to be motivated. Mark
Twain's cat was afraid of the cold stove.
Cheers,
Ed Gerck
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography&
silky wrote:
On Tue, Feb 24, 2009 at 8:30 AM, Ed Gerck wrote:
[snip]
Thanks for the comment. The BofA SiteKey attack you mention does not work
for the web access scheme I mentioned because the usercode is private and
random with a very large search space, and is always sent after SSL starts
101 - 154 of 154 matches
Mail list logo