Re: long-term GPG signing key
Travis H. wrote: Why the heck am I expiring encryption keys each year? Anyone who records the email can crack it even if the key is invalid by then. All it really does is crudely limit the quantity of data sent under that key, which is little to none anyway. If your threat model includes attacks on the system(s) you use to decrypt messages, or rubber hose/subpoena key-cracking, expiring *and wiping* confidentiality keys limits the time during which the keys can be compromised using those methods. -- Blogzilla:http://dooom.blogspot.com/ Say no to ID cards! http://www.pledgebank.com/refuse2 - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: mother's maiden names...
Steven M. Bellovin wrote: Cambridge Trust puts your picture on the back of your VISA card, for instance. They have for more than a decade, maybe even two. One New York bank -- long since absorbed into some megabank -- did the same thing about 30 years ago. They gave up -- it was expensive then, and may not have solved any real problems. (Possibly, it simply didn't fit their real purpose of attracting more customers.) They don't for example seem to reduce fraud -- shop staff don't compare the photo to the customer carefully enough: R. Kemp, N. Towell, G. Pike, When seeing should not be believing: Photographs, credit cards and fraud, Applied Cognitive Psychology Vol 11(3) (1997) pp 211-222. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: They Said It Couldn't Be Done
[snip HAVA quote and Nevada news] So unless there is a amendment to that law (that I am obviously unaware of) it isn't up to individual States to add this as an additional requirement - its already required. perhaps someone could enlighten me? I believe many e-voting machines meet this requirement by printing out a tally of votes *when the election has closed* -- and so the voter doesn't get to check that the paper record actually matches the vote they intended to cast :( -- +44 7970 164 526 / http://www.cs.ucl.ac.uk/staff/I.Brown/ - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Al Qaeda crypto reportedly fails the test
In message [EMAIL PROTECTED], John Denker writes: Here's a challenge directly relevant to this group: Can you design a comsec system so that pressure against a code clerk will not do unbounded damage? What about pressure against a comsec system designer? Modulo Steve's comments about the threat model, Ben Laurie and I wrote a paper on this theme a few years ago: http://www.acsac.org/2000/papers/47.pdf I developed that paper's threat model into chapter 4 of my PhD thesis: http://www.cs.ucl.ac.uk/staff/I.Brown/pimms/thesis.pdf We are still hopeful that we will eventually get somewhere with our Internet draft improving the forward secrecy capabilities of OpenPGP: http://www.cs.ucl.ac.uk/staff/I.Brown/openpgp-pfs.txt -- +44 7970 164 526 / http://www.cs.ucl.ac.uk/staff/I.Brown/ - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
