> 1) In a cable-modem system, the layer-1 signal to/from
> your cable is physically present in your neighbors' homes.
>
> 2) To defend against the obvious privacy problems this
> implies, the standards provide for Baseline Privacy (BPI)
> which encrypts the signals.
>
> So you're safe, right?
>
[Dr. Wiebes ran the excellent conference on Cold War SIGINT, held
in the Netherlands a few years ago. -- John]
Date: Wed, 04 Jun 2003 21:14:21 +0200
From: "C.Wiebes" <[EMAIL PROTECTED]>
It is my pleasure to inform you that book dealing with the Intelligence and
the War in Bosnia 1992 - 1995 has
> as in previous observations having a domain name owner register their
> public key in the internet registry (domain name infrastructure or
> ip-address registery) starts to lesson the requirement for having SSL
> domain certificates.
Yes; this is why (I think) VeriSign bought Network Sol
The FCC is certainly turning Orwellian these days. Now the firms
that it regulates are making "voluntary" contributions to the government
at the whim of the FCC. Remember, these are the regulators who
sided totally with the FBI when it demanded that everything be designed
for wiretapping, even th
http://cryptome.org/nsa-seatap.htm
17 July 2003
Wall Street Jounral, July 17, 2003
Concerns of Wiretapping Imperil a Planned Merger
By *YOCHI J. DREAZEN* and *DENNIS K. BERMAN* *
Staff Reporters of THE WALL STREET JO
Carl,
What's the design lifetime of this security system?
1024 bit RSA is too short. If you're going to all the trouble to
build a supposedly secure system, use a length that won't be broken.
My suggestion these days is significantly north of 2048 bits. Don't
use a power of two, and, ideally, u
> And this says nothing at all about the need for tactical
> military wiretaps on GSM systems under battlefield conditions when
> soldiers lives may depend on determining what the enemy is saying over
> cellphones used to direct attacks against friendly forces.
Or when innocent civilians nee
> See their paper at CRYPTO 2003 for more details. I am disappointed that
> you seem to be criticizing their work before even reading their paper.
> I encourage you to read the paper -- it really is interesting.
OK, then, where is it? I looked on:
www.iacr.org under Crypto 2003 -- no papers t
you are innocent if you work for the government. That
alone is reason enough to stop it.
EFF has also set up an Action Alert web site as another way to submit
your comments on CAPPS-2. See:
http://action.eff.org/action/index.asp?step=2&item=2785
John Gilmore
http://freetotravel.org
and Electronic Frontier Foundation (EFF)
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
http://www.nbc4.tv/technology/2502786/detail.html
DirecTV Hacker Is First Person Convicted Under Digital Millennium Copyright Act
Man Faces 30 Years In Prison, Millions In Fines For Selling Illegal Hardware
UPDATED: 1:51 p.m. PDT September 22, 2003
...
Spertus said Whitehead -- also known as Jung
The CAPPS-2 Privacy Act notice says:
System manager(s) and address:
Director, CAPPS II, TSA, P.O. Box 597, Annapolis Junction, MD 20701-0597.
Annapolis Junction PO boxes have a long history of being NSA addresses.
Is this one? That would be very interesting.
John
---
> ... it does look very much from the outside that there is an
> informal "Cryptographers Guild" in place...
The Guild, such as it is, is a meritocracy; many previously unknown
people have joined it since I started watching it in about 1990.
The way to tell who's in the Guild is that they can bre
Rich $alz said:
> it might be more useful to create a user-friendly management
> interface to IPsec implementations to join the zero or so already
> out there. The difficulty in setting up any IPsec tunnel is what's
> been motivating the creation of (often insecure) non- IPsec VPN
> software, so w
> I usually travel with zipper closed duffel bags. I fasten the zipper
> closed with a screw link. Anyone can unscrew the link and get into the
> bag, but it does effectively keep the zipper closed in transit.
That's a good idea for cheaply monkey-wrenching the whole illegal
search apparatus. F
This bill makes it a crime to use any false or misleading information
in a domain name or email account application, and then send an email.
That would make a large fraction of hotmail users instant criminals.
It also makes it a crime to remove or alter information in message
headers in ways that
> No, it only makes it illegal to use false or misleading information to
> send commercial e-mail. That's a rather important distinction.
So, I get non-commercial emails all the time, from topica mailing
lists and from people forwarding New York Times articles and such.
They come with embedded ad
[Oops, I mean the Bush anti-civil-liberties board on terror. But
seriously, folks, there seem to be some honest politicians blowing the
whistle here. Check out the report on Monday. PS: I am no relation
to Jim Gilmore. -- John]
http://www.time.com/time/nation/printout/0,8816,561414,00.html
Sa
> | means that some entity is supposed to "trust" the kernel (what else?). If
> | two entities, who do not completely trust each other, are supposed to both
> | "trust" such a kernel, something very very fishy is going on.
>
> Why? If I'm going to use a time-shared machine, I have to trust that th
From: [EMAIL PROTECTED]
Sent: Wednesday, December 17, 2003 12:29 PM
To: [EMAIL PROTECTED]
Subject: [NEC] #2.12: The RIAA Succeeds Where the CypherPunks Failed
NEC @ Shirky.com, a mailing list about Networks, Economics, and Culture
Published periodically / #2.12 / December 17, 2003
random, in inscrutable
ways. Only about 1% of them will tell you "This site requires
JavaScript" -- and of those that do, only about a quarter of them
actually do require it.
John Gilmore
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
ath: <[EMAIL PROTECTED]>
Received: from toad.com (localhost.localdomain [127.0.0.1])
by new.toad.com (8.12.9/8.12.9) with ESMTP id hBVMptKD002623;
Wed, 31 Dec 2003 14:51:55 -0800
Message-Id: <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: Re: why &q
> Sarbanes-Oxley Act in the US. Section 1102 of that act:
> Whoever corruptly--
>"(1) alters, destroys, mutilates, or conceals a
>record, document, or other object, or attempts to
>do so, with the intent to impair the object's
>integrity or availability for use
> ... once again I heard the readings about the
> edict from Caesar that all people return to their home towns to be counted
> in a census. Maybe we can take a lesson from that - and have everyone
> return to people who have known the person, uninterrupted, from birth to t
> > Will the banknote detection software be made publicly available to the
> > Gimp developer team?
...
> It's time to start wearing t-shirts bearing the image of a banned banknote.
> (To circumvent counterfeiting laws, wear the banknote of a foreign country).
> Imagine the frustration of the pol
> Really, a "red page" needs to be "red" all the way through all levels of
> virtualization. Very low level, or even hardware, support might even prove
> useful - e.g., if for whatever reason the data in the physical page frame
> needs to be copied (after a soft ECC error?), zero the previous page
o take our tax
money, use it to label all of us like cattle with ear-tags, and deny
us our constitutional right to travel unless we submit to being
tagged.
We protest. Do you?
John Gilmore
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
> It would be relatively easy to catch someone
> doing this - just cross-correlate with other
> information (address of home and work) and
> then photograph the car at the on-ramp.
Am I missing something?
It seems to me that EZ Pass spoofing should become as popular as
cellphone cloning, until th
[By the way, [EMAIL PROTECTED] is being left out of this conversation,
by his own configuration, because his site censors all emails from me. --gnu]
> Well, I am presuming that ... the EZ Pass does have an account
> number, right? And then, the car does have a licence place? So,
> just correla
> >- sufficient documentation and really transparent provable details so that
> >users could trust and verify that the hardware and software were doing what
> >they claimed to be doing and weren't doing anything evil that they didn't
> >admit to, such as including backdoors or bad random number gen
From EDRI-gram via Wendy Seltzer:
4. Dutch police report: traffic data seldom essential
Telephone traffic data are only necessary to solve crimes in a minority of
police inve
> MCI Inc. will offer secure two-way messaging through its SkyTel
> Communications subsidiary next month, encrypting wireless text
> with the Advanced Encryption Algorithm.
Note that they don't say it's "end to end" encryption:
> Messages are encrypted between the device and an encryption server
> ... they can't really test how effective the system is ...
Effective at what? Preventing people from traveling?
The whole exercise ignores the question of whether the Executive Branch
has the power to make a list of citizens (or lawfully admitted non-citizens)
and refuse those people their con
NIST mulls new WLAN security guidelines
By Ellen Messmer
The National Institute of Standards and Technology, the federal
agency responsible for defining security standards and practices
for the government, plans to issue new guidelines pertaining to
wireless LANs in the near future.
The decisi
For the privilege of being able to communicate securely using SSL and a
popular web browser, you can pay anything from $10 to $1500. Clif
Cox researched cert prices from various vendors:
http://neo.opn.org/~clif/SSL_CA_Notes.html
John
--
[Here's where an unconstitutional National ID will get created by the
back door. Do we have anybody in this community who cares? I can't
participate, because I can't travel to Washington for meetings,
because I don't have the proper ID documents. I note that they did
not think to include a repre
Lexar Media has come up with a Compact Flash card that won't actually
work until you do a nonstandard, proprietary handshake with it. They
worked with a couple of camera makers (and built their own CF reader
and Windows software) to implement it. Amazingly, it doesn't actually
store the photos en
http://www.spacedaily.com/news/spacetravel-05y.html
First crypto, now space travel. The lunatics in Washington are
working hard to drive another industry that's critical to US interests
overseas.
Did they think that after collecting $20M in prepayments from
passengers, Sir Richard Branson would
NETWORK WORLD NEWSLETTER: OPTICAL NETWORKING
05/04/05
Today's focus: Hooked on photonics
By Amy Schurr
CAMBRIDGE, MASS. - Chip Elliott is every hacker's worst
nightmare.
Elliott, principal scientist at BBN Technologies, leads a team
building the world's first continuously operating quantum
out of 846 total. (These stats are on
page 15.)
The inspectors, and the Commerce Dept., also propose a rule that says
the country where you were born trumps your current citizenship. The
export regs are different for each country, so someone who fled Hong
Kong and took up Canadian citize
> That cuts both ways though. Since so many systems *do* screw with data (in
> insignificant ways, e.g. stripping trailing blanks), anyone who does massage
> data in such a way that any trivial change will be detected is going to be
> inundated with false positives. Just ask any OpenPGP implement
7;s caled an expanding totalitarian state, kiddies, and
every totalitarian stste tells its citizens how they are the freest
country in the world. Get out and compare for yourself!
Then tell me what the "basic tenets of modern society" are.
John Gilmore (posting from Greece)
PS:
> >Generally speaking, I think software with a security impact should not
> >be written in C.
Hooey.
The C language is not the problem. The C library is not the problem.
Both of these things were fixed during ANSI standardization, so that
standard-conforming programs will not fail runtime checks
>
> http://www.nccmembership.co.uk/pooled/articles/BF_WEBART/view.asp?Q=BF_WEBART_171100
Interesting article, but despite the title, there seems to be no
mention of any of the actual security (or privacy) challenges involved
in deploying massive RFID payment systems. E.g. I can extract money
fr
Perhaps the idea of "automatically" redirecting people to alternative
pages goes a bit too far:
> 1. TrustBar will automatically download from our own server,
> periodically, a list of all of the unprotected login sites, including
> any alternate protected login pages we are aware of. By default,
g the obvious
moral problems.
Interspersed were discussions of various kinds of port blocking. The
Internet is too good for people who'd censor other peoples'
communications, whether by port number (application) or by IP address
(person). It saddens me to see many of my friends among
> ...how many people on this list use or have used online banking?
> To start the ball rolling, I have not and won't.
Dan, that makes two of us.
John
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cr
[See the details at EFF:
http://www.eff.org/legal/cases/USA_v_PenRegister/
including the three court orders, and EFF's argument to the first court.
The real story is that for years prosecutors have been asking
magistrates to issue court orders to track cellphones in real time
WITHOUT WARRANT
Paragraph 40, below, is about as bald a statement as an NSA director
could make, saying he needs help to decide what he should be allowed
to wiretap about US persons. We, the privacy community, did not
respond. We were a bit surprised, but that was about the extent of
the support we offered.
Of
[Moderator's note: Not our usual fare, but since a bunch of people
reading this list will be at codecon I thought I'd forward it
anyway. --Perry]
An annual mass treasure hunt, roaming part of San Francisco for clues,
occurs on Saturday, Feb 11th, the middle day of CodeCon. By skipping
2-1/2 eveni
From: Simon Josefsson <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED], help-gnutls@gnu.org, info-gnu@gnu.org
OpenPGP: id=B565716F; url=http://josefsson.org/key.txt
X-Hashcash: 1:21:060209:[EMAIL PROTECTED]::zaOuZtWmJFhp9CnX:7K5h
X-Hashcash: 1:21:060209:help-gnutls@gnu.org::jeAkm4ig/gb/UmeB:9RnD
X-Hashcas
http://www.firingsquad.com/hardware/ati_nvidia_hdcp_support/
HDCP is Intel-designed copy prevention that uses strong crypto to
encrypt the digital video signal on the cable between your video card
(or TV or DVD player) and your monitor. There is no need for it --
you are seeing the signal that it
> I am aware of, Direct Anonymous Attestation proposed for the Trusted
> Computing group, http://www.zurich.ibm.com/security/daa/ .
> DAA provides
> optionally unlinkable credential showing and relies on blacklisting to
> counter credential sharing.
Hmm, why doesn't this blacklisting get mentione
> > I guess perhaps the reason they don't do integrity checking is that it
> > involves redundant data, so the encrypted volume would be smaller, or
> > the block offsets don't line up, and perhaps that's trickier to handle
> > than a 1:1 correspondence.
>
> Exactly, many file systems rely on bloc
> nothing in it that seemed in any way related to security. Every one of
> those database entries could have been there -- and probably were there --
> for the convenience of airline passengers. In particular, I'm referring
> to the ability to check in online and print your own boarding pass. Fo
Some alternative media groups have called for a national day of protests
against the telcos' latest sleazy activities, including their cooperation
in NSA's illegal surveillance of innocent citizens.
http://saveaccess.org/
Events are already scheduled in Boston, Chicago, San Francisco, and
NYC.
http://www.nsa.gov/releases/relea00072.html
While testifying to a joint hearing of the House and Senate
intelligence committees a year after 9/11, Michael Hayden, as NSA
Director, testified about NSA's response to 9/11. In closing, he
said:
38. When I spoke with our workforce shortly after the S
Date: Sun, 6 Aug 2006 23:37:30 -0700 (PDT)
From: [EMAIL PROTECTED]
Subject: SSL Cert Notes
Howdy Hackers,
Here is the latest quick update on SSL Certs. It's interesting that
generally prices have risen. Though ev1servers are still the best commercial
deal out there.
The good news is that CAcer
[The Memory Hole also publishes an interesting list of FOIA logs,
listing who asked NSA for what, across many years. I see a lot of
friends in there. http://www.thememoryhole.org/foi/caselogs/ -- gnu]
HUGE CACHE OF NATIONAL SECURITY AGENCY INDEXES PUBLISHED ONLINE
By Michael Ravnitzky , [EMAIL
> What we want is that a bank client can prove to the bank
> it is the real client, and not trojaned. What the evil
> guys at RIAA want is that their music player can prove
> it is their real music player, and not hacked by the end
> user. Having a system that will only boot up in a known
> state
http://augustans.blogspot.com/2006/12/out-of-thin-air.html
This comes from an interesting "SIGINT and more" blog from
the Augusta "Metro Spirit", a local weekly newspaper. Excerpts:
... Augusta is about to get a $340-million taste of Sweet Tea.
The National Security Agency is building a massive
http://news.com.com/IBM+donates+new+privacy+tool+to+open-source/2100-1029_3-6153625.html
IBM donates new privacy tool to open-source
By Joris Evers
Staff Writer, CNET News.com
Published: January 25, 2007, 9:00 PM PST
IBM has developed software designed to let people keep personal
informa
http://www.intel.com/technology/architecture/new_instructions.htm
ftp://download.intel.com/technology/architecture/new-instructions-paper.pdf
Page 7 of the PDF describes the POPCNT "application-targeted accelerator".
John
PS: They don't give much detail, but they seem to be adding a gre
Forwarded-By: Brad Templeton <[EMAIL PROTECTED]>
http://www.informationweek.com/news/showArticle.jhtml?articleID=197700861
The plaintiff is suing Microsoft (and already got a settlement from
Compaq and Circuit City) because in spite of the security tools they
sold him, the FBI forensic lab was ab
> Well, there's an idea: use different physical media formats for
> entertainment and non-entertainment content (meaning, content created by
> MPAA members vs. not) and don't sell writable media nor devices capable
> of writing it for the former, not to the public, keeping very tight
> controls on
http://www.latimes.com/news/nationworld/world/la-fg-mexico25may25,0,7011563.story?coll=la-home-center
Mexico to boost tapping of phones and e-mail with U.S. aid
Calderon is seeking to expand monitoring of drug gangs; Washington also may
have access to the data.
By Sam Enriquez, Times Staff Writer
See:
https://www.eff.org/document/nsa-business-records-fisa-redactedex-ocr
This is one of the documents that an EFF Freedom of Information
lawsuit asked for. The government had been claiming they could not
release ANY FISA court orders or submissions. When the President
ordered the intelligence
Forwarded-By: David Farber
Forwarded-By: "Annie I. Anton Ph.D."
http://www.zdnet.com/nsa-cryptanalyst-we-too-are-americans-720689/
NSA cryptanalyst: We, too, are Americans
Summary: ZDNet Exclusive: An NSA mathematician shares his from-the-trenches
view of the agency's surveillance activit
ets. NSA will be on the cops' and prosecutors' side.
They have recently filed legal memos declaring that they don't have to
help the defense side in any criminal trials, even when NSA has
exculpatory data, and even when NSA provided wiretapped Big Data that
led the prosecutors to yo
Techdirt takes apart his statement here:
https://www.techdirt.com/articles/20130917/02391824549/nsa-needs-to-give-its-rank-and-file-new-talking-points-defending-surveillance-old-ones-are-stale.shtml
NSA Needs To Give Its Rank-and-File New Talking Points Defending
Surveillance; The Old Ones
The FISA court has a web site (newly, this year):
http://www.uscourts.gov/uscourts/courts/fisc/index.html
Today they released a "Memorandum Opinion and Primary Order" in
case BR 13-109 ("Business Records, 2013, case 109"), which lays
out the legal reasoning behind ordering several telephone co
> And the problem appears to be compounded by dofus legacy implementations
> that don't support PFS greater than 1024 bits. This comes from a
> misunderstanding that DH keysizes only need to be half the RSA length.
>
> So to go above 1024 bits PFS we have to either
>
> 1) Wait for all the servers
> > Here's a crazy idea: instead of using one of these formats, use a
> > human readable format that can be described by a formal grammar
> > which is hopefully regular, context-free, or context-sensitive in a
> > limited manner
If only we could channel the late Jon Postel. Didn't you ever notice
> b. There are low-end environments where performance really does
> matter. Those often have rather different properties than other
> environments--for example, RAM or ROM (for program code and S-boxes)
> may be at a premium.
Such environments are getting very rare these days. For example, an
e
> Does PGP have any particular support for key signing parties built in or is
> this just something that has grown up as a practice of use?
It's just a practice. I agree that building a small amount of automation
for key signing parties would improve the web of trust.
I have started on a prototy
> http://eprint.iacr.org/2013/338.pdf
I'll be the first to admit that I don't understand this paper. I'm
just an engineer, not a mathematician. But it looks to me like the
authors are academics, who create an imaginary construction method for
a random number generator, then prove that /dev/rando
http://www.denverpost.com/business/ci_7230967?source=commented
Nacchio affects spy probe
His court filings point to government surveillance months before 9/11
By Andy Vuong
The Denver Post
Article Last Updated: 10/20/2007 11:38:08 PM MDT
Extras
Previously sealed documents filed by former Qwe
ill be much
safer than losing privacy and anonymity AND being subject to tyrants.
John Gilmore
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
https://secure.wikileaks.org/wiki/On_the_take_and_loving_it
Grant code 'MDA904' - National Security Agency
The NSA has pushed tens or hundreds of millions into the academy
through research grants using one particular grant code. ...
John
> "Silicon has no secrets."
It would be very interesting to examine some of the DES Cracker gate
array chips with these tools. Though the chips worked great in
simulation, and each search engine came from exactly the same VHDL
source code, some number of the 24 search engines on each manufactured
it. I think Sun would be well within its rights to ship
VHDL or Verilog source code that implements crypto under an open
source license. And I'd be happy to point them at good lawyers who'd
be happy to be paid to render a more definitive opinion.
John Gilmore
[News report below.]
This highly classified little-publicized multi-billion dollar "vague"
program to secure Federal computers seems doomed to failure. People
like you and I, in the unclassified private sector, design and build
and program all those computers and networks.
But of course we've ne
[British shoppers were promised high security by switching from credit
cards to cards that have a chip in them and require that a PIN be entered
for each transaction. That was the reason for changing everything over,
at high cost in both money and inconvenience to shops and shoppers. Perhaps
chip
"Usability research" about how to track web users? How Google-like.
Can't you just dump a 25-year cookie on them from twelve different
directions, and be done with it?
> Federated Login has been a "holy grail" in the identity community
> for a long time. We have known how to do the technical pa
> > If POW tokens do become useful, and especially if they become money,
> > machines will no longer sit idle. Users will expect their computers to
> > be earning them money (assuming the reward is greater than the cost to
> > operate).
Computers are already designed to consume much less electrici
If it comes from the "Trusted Computing Group", you can pretty much
assume that it will make your computer *less* trustworthy. Their idea
of a trusted computer is one that random unrelated third parties can
trust to subvert the will of the computer's owner.
John
-
p down to "TCPA" in the body below.)
John
Message-Id: <200312162153.hbglrods029...@new.toad.com>
To: Jerrold Leichter
cc: cryptography@metzdowd.com, gnu
Subject: Re: Difference between TCPA-Hardware and other forms of trust
In-reply-to:
Date: Tue, 16 Dec 2003 13:53:24 -0800
From:
> * Is there any standard cryptographic hash function with an output
> of about 64 bits? It's OK for our scenario if finding a preimage for
> a particular signature takes 5 days. Not if it takes 5 minutes.
This is a protocol designed for nasty guys who want to steal your car,
which would forci
> I would not read too much into this ruling -- I think that this is a
> special situation, and does not address the more important general
> issue.
> In other cases, where alternative evidence is not available to the
> government, and where government agents have not already had a look at
> the
http://www.ilounge.com/index.php/news/comments/chinese-hackers-crack-itunes-store-gift-codes-sell-certificates/
Chinese hackers crack iTunes Store gift codes, sell certificates
By Charles Starrett
Senior Editor, iLounge
Published: Tuesday, March 10, 2009
A group of Chinese hackers has succeeded
It's a little hard to help without knowing more about the situation.
I.e. is this a software company? Hardware? Music? Movies?
Documents? E-Books? Is it trying to prevent access to something, or
the copying of something? What's the something? What's the threat
model? Why is the company tryi
or us to invade
their niche when they had deliberately forsworn a feature set like that.
John Gilmore
PS: Our trade-show giveaway button one year was "License Managers Suck";
it was very popular.
PPS: On a consulting job one time, I helped my customer patch out the
license
David Burgess, a software/radio engineer formerly employed in building
GSM-tapping equipment, has turned his efforts to publicly implementing
the GSM standards in free software under GPLv3. He hopes to provide
low-cost GSM communication service to billions in underserved regions
of the world. He
> >2) If you throw TCP processing in there, unless you are consistantly going to
> >have packets on the order of at least 1000 bytes, your crypto algorithm is
> >almost _irrelevant_.
This is my experience, too. And I would add "and lots of packets".
The only crypto "overhead" that really mattered
> > While I agree with the sentiment and the theory, I'm not sure that it
> > really works that way. How many actual implementations of typical
> > protocols are there?
For Adobe Flash, there are three separate implementations -- Adobe's
proprietary one, GNU Gnash, and Swfdec.
Gnash is focused o
[But we don't know who they are! --gnu]
http://www.theregister.co.uk/2009/08/11/ripa_iii_figures/
Two convicted for refusal to decrypt data
Up to five years in jail after landmark prosecutions
By Chris Williams
Posted in Policing, 11th August 2009 13:17 GMT
Two people have been successfully
nificantly greater than the cost of using
a weak cryptosystem; and cracking the crypto HAS become the weakest
link in the overall security of many systems (CSS is an obvious one).
See:
http://www.toad.com/des-stanford-meeting.html
John
To: torva...@osdl.org, g...@toad.com
Subject: SH
FYI. As I understand it, TI calculator boot ROMs use a 512 bit RSA
public key to check the signature of the software they're loading.
When hobbyists who wanted to run their own alternative OS software on
their calculator calculated the corresponding private key and were
thus able to sign their own
> Even plain DSA would be much more space efficient on the signature
> side - a DSA key with p=2048 bits, q=256 bits is much stronger than a
> 1024 bit RSA key, and the signatures would be half the size. And NIST
> allows (2048,224) DSA parameters as well, if saving an extra 8 bytes
> is really tha
> designed 25 years ago would not scale to today's load. There was a
> crucial design mistake: DNS packets were limited to 512 bytes. As a
> result, there are 10s or 100s of millions of machines that read *only*
> 512 bytes.
Yes, that was stupid, but it was done very early in the evolution
> ts a fun story, but... RFC 4034 says RSA/SHA1 is mandatory and DSA is
> optional.
I was looking at RFC 2536 from March 1999, which says "Implementation
of DSA is mandatory for DNS security." (Page 2.) I guess by March 2005
(RFC 4034), something closer to sanity had prevailed.
http://rfc-edit
1 - 100 of 117 matches
Mail list logo
