card numbers but didn't have the CVV2s -- you could set up an IVR
system to automatically collect them from your victims.
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending
stories have become. --Perry]
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Arshad Noor [EMAIL PROTECTED] writes:
Ben Laurie wrote:
As such, I'm not seeing much value.
That may be because you are a cryptographer. If you were the CSO, an
Operations Director, or an Application Developer in a company that had
to manage encryption keys for 5,000 POS Terminals, 10,000
before it
can use this capability.
That's no different from Kerberos, and kerberos works quite well
already.
Perry
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending
Arshad Noor [EMAIL PROTECTED] writes:
Perry E. Metzger wrote:
That said, kerberos tickets can persist even in the face of
disconnects, so once you've connected tickets can survive as long as
you wish.
But, can the tickets be used for anything useful when the
network does not exist?
If you
://www.infobyte.com.ar/down/isr-evilgrade-Readme.txt
Likely off-topic,
Not entirely. :)
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography
and being widely available.
Perry
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
A web site with lots of material and photographs of old cryptographic
equipment:
http://www.jproc.ca/crypto/index.html
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe
Via boingboing. The pdf brochure is quite interesting, though there
isn't much new in it.
http://www.boingboing.net/2008/07/29/us-state-departments.html
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography
Niels Provos has a web page up with some javascript that automatically
checks if your DNS caching server has been properly patched or not.
http://www.provos.org/index.php?/pages/dnstest.html
It is worth telling people to try.
--
Perry E. Metzger[EMAIL PROTECTED
they say
our secret security system is really good, trust us.
Perry
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
, I'm not sure one should trust FDE drives with
data that one really cares about. Software based solutions can be much
more readily analyzed and verified. They require much less trust that
a vendor has done their job right. I don't think one can trust the
hard drive vendors.
Perry
--
Perry E. Metzger
Dries Schellekens [EMAIL PROTECTED] writes:
Perry E. Metzger wrote:
Has anyone had any real-world experience with these yet? Are there
standards for how they get the keys from the BIOS or OS? (I'm
interested in how they deal with zeroization on sleep and such.)
Most manufacturer
interested in how they deal with zeroization on sleep and such.)
Lastly, anyone have any idea of whether the manufacturers are doing
the encryption correctly or not?
Perry
--
Perry E. Metzger[EMAIL PROTECTED
There is some hope that Bletchley Park may be able to get money from
the UK national lottery, which is used to fund cultural institutions,
but nothing is nailed down yet. They're also apparently selling old
roofing slates as a fundraiser (they've been replacing them in the
process of fixing leaks
My bank doesn't provide any sort of authentication for logging in to
bank accounts other than passwords. However, Blizzard now allows you
to get a one time password keychain frob to log in to your World of
Warcraft account.
http://eu.blizzard.com/en/press/080626-ba.html
Perry
Ivan Krstić [EMAIL PROTECTED] writes:
On Jul 1, 2008, at 12:46 PM, Perry E. Metzger wrote:
My experience with European banks is quite limited -- my consulting
practice is pretty much US centric. My general understanding, however,
is that they are doing better, not worse, with login security
[EMAIL PROTECTED] (Peter Gutmann) writes:
(Actually even that doesn't really explain something like IKE... :-).
Having been peripherally involved in the causation change for IKE, let
me confess that it was caused by human stupidity destroying the
alternatives. The author of the much cleaner
Jack Lloyd [EMAIL PROTECTED] writes:
Having been peripherally involved in the causation change for IKE, let
me confess that it was caused by human stupidity destroying the
alternatives. The author of the much cleaner spec asserted copyright
and control over it, and fearing lawsuits, people
and missing some fraction of list traffic, now
you know why.
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Stephan Neuhaus [EMAIL PROTECTED] writes:
On Jul 1, 2008, at 17:39, Perry E. Metzger wrote:
Ed, there is a reason no one in the US, not even Wells Fargo which you
falsely cited, does what you suggest. None of them use 4 digit PINs,
none of them use customer account numbers as account names
[EMAIL PROTECTED] (Peter Gutmann) writes:
Perry E. Metzger [EMAIL PROTECTED] writes:
No. In fact, it is about as far from the truth as I've ever seen. No real
expert would choose to deliberately make a protocol more complicated.
IPsec. Anything to do with PKI. XMLdsig. Gimme a few minutes
James A. Donald [EMAIL PROTECTED] writes:
Arshad Noor wrote:
While programmers or business=people could be ill-informed, Allen,
I think the greater danger is that IT auditors do not know enough
about cryptography, and consequently pass unsafe business processes
and/or software as being
of foreign banks, as for the most part I consult in the US.
Perry
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Allen [EMAIL PROTECTED] writes:
There are well-attended conferences, papers published online and in many
journals, etcetera. So it's not so difficult for people who don't know
anything about security and crypto to eventually figure out who does, in
the process also learning who else knows
http://news.bbc.co.uk/2/hi/technology/7466174.stm
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
From the No Comment Department:
Date: Tue, 10 Jun 2008 11:01:06 -0400
Message-Id: [EMAIL PROTECTED]
From: CERT Advisory [EMAIL PROTECTED]
Subject: US-CERT Technical Cyber Security Alert TA08-162A -- SNMPv3
Authentication Bypass Vulnerability
National Cyber Alert System
Technical
Forwarded message:
--
From: Morris Dworkin [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: NIST considering submissions of block cipher modes
Date: Sun, 08 Jun 2008 19:28:06 -0400
Message-ID: [EMAIL PROTECTED]
FYI, in recent
architecture and encryption techniques, Skype would
not be able to comply with such a request.
http://news.cnet.com/8301-13578_3-9963028-38.html?part=rsstag=feedsubj=TheIconoclast
--
Perry E. Metzger[EMAIL PROTECTED
Also from Declan McCullagh today, a full survey of instant message
service security:
http://news.cnet.com/8301-13578_3-9962106-38.html?part=rsstag=feedsubj=TheIconoclast
--
Perry E. Metzger[EMAIL PROTECTED
on the electronic ballot. The problem resulted in the
wrong candidate being declared victor in a state House nomination
race.
http://blog.wired.com/27bstroke6/2008/05/arkansas-voting.html
--
Perry E. Metzger[EMAIL PROTECTED
A quick note from your moderator:
A few people have asked about this recently so I thought I'd explain.
The list server blocks posts from people who are not list subscribers.
This is done at the incoming SMTP server, during the SMTP dialog,
based on envelope sender.
I do things this way
in which they promise that they're absolutely trustworthy.
To be really sure, we'll make them fax said document in on genuine
company letterhead, since no one can forge letterhead.
Perry
--
Perry E. Metzger[EMAIL PROTECTED
I don't think anything new is being said in the Can we copy trust
discussion, so I'm calling a halt to it.
Perry
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending
your reply to a message before the
quoted message, instead of after the (trimmed) message.
Q1: What is top posting?
Perry
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe
warnings, even a pretty
good bank that consistently used https would have serious trouble.)
Perry
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography
Ben Laurie [EMAIL PROTECTED] writes:
http://grouper.ieee.org/groups/1363/passwdPK/submissions/hao-ryan-2008.pdf
At last.
See also:
http://www.lightbluetouchpaper.org/2008/05/29/j-pake/
Looks quite interesting indeed.
Perry
I noted the following going back on Cryptome today:
A History of the Cryptographic Branch of the People's Army of
Vietnam, 1945-1975, with a supplement on Cryptography in the Border
Guard (formerly the Armed Public Security Forces) 1959-1989
Translated and Edited by David W. Gaddy,
Center for
Hat tip: Bruce Schneier's blog.
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
A wonderful place. I hope it manages to pull through.
http://resources.zdnet.co.uk/articles/imagegallery/0,102003,39415278,00.htm?r=234
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
I'd been wondering for years when someone would set malware up to run
in systems management mode on x86 processors. Now someone has done it:
http://www.pcworld.com/businesscenter/article/145703/hackers_find_a_new_place_to_hide_rootkits.html
--
Perry E. Metzger[EMAIL PROTECTED
-2 - that took
place on the doomed Shuttle mission.
http://blocksandfiles.com/article/5056
Now, this article isn't written from a security perspective, but I
think the implications are pretty obvious: quite a bit can happen to a
hard drive before the data is no longer readable.
--
Perry E
to other people.
2) If you're replying to someone else's email, edit down the quoted
text to the minimum needed for comprehension.
3) Try to be concise.
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography
Ben Laurie [EMAIL PROTECTED] writes:
I think that's blatantly untrue. For example, if I look at an AND
gate, I can be absolutely sure about its security properties.
An AND gate isn't Turing Equivalent.
Rice's theorem says you can't _always_ solve this problem. It says
nothing about figuring
Florian Weimer [EMAIL PROTECTED] writes:
* Perry E. Metzger:
Marcos el Ruptor [EMAIL PROTECTED] writes:
Nonsense. Total nonsense. A half-decent reverse engineer does not
need the source code and can easily determine the exact operation of
all the security-related components from
Jacob Appelbaum [EMAIL PROTECTED] writes:
Perry E. Metzger wrote:
Until then, OpenVPN let me get started in about five minutes, and the
fact that it is less than completely secure doesn't matter much to me
as I'm running SSH under it anyway.
[...]
I'm always curious to hear what designers
Thor Lancelot Simon [EMAIL PROTECTED] writes:
On Sat, May 03, 2008 at 07:50:01PM -0400, Perry E. Metzger wrote:
I disagree. Fundamentally, OpenVPN isn't doing anything IPSEC couldn't
do, and yet is is fairly easy to configure.
And yet there's no underlying technical reason why it is any
Marcos el Ruptor [EMAIL PROTECTED] writes:
To be sure that implementation does not contain back-doors, one needs
not only some source code but also a proof that the source code one
has is the source of the implementation.
Nonsense. Total nonsense. A half-decent reverse engineer does not
Stephan Neuhaus [EMAIL PROTECTED] writes:
On Apr 28, 2008, at 23:56, Perry E. Metzger wrote:
If you have a rotten apple engineer, he will be able to hide what he's
trying to do and make it look completely legit. If he's really good,
it may not be possible to catch what he's done EVEN
Ed Gerck [EMAIL PROTECTED] writes:
Each chip does not have to be 100% independent, and does not have to
be used 100% of the time.
Assuming a random selection of both outputs and chips for testing, and
a finite set of possible outputs, it is possible to calculate what
sampling ratio would
Ed Gerck [EMAIL PROTECTED] writes:
Perry E. Metzger wrote:
Ed Gerck [EMAIL PROTECTED] writes:
Each chip does not have to be 100% independent, and does not have to
be used 100% of the time.
Assuming a random selection of both outputs and chips for testing, and
a finite set of possible
Ed Gerck [EMAIL PROTECTED] writes:
Perry E. Metzger wrote:
No. It really does not. Shannon's tenth theorem is about correcting
lossy channels with statistically random noise. This is about making
sure something bad doesn't happen to your computer like having someone
transmit blocks of your
against this sort of thing a lot of the
time (by no means all) if it is done by quite ordinary criminals. If
it is done by really good people, I have very serious doubts.
--
Perry E. Metzger[EMAIL PROTECTED
Charles McElwain [EMAIL PROTECTED] writes:
Follow-ups on this line of research will be interesting for the
evaluation of any impact of quantum computers on cryptography, and
even generally, since the decoherence behavior would tend to make
quantum computers approximate improving classical
A good article just posted in Matt's blog:
http://www.crypto.com/blog/hardware_security/
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography
blog.
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Allen [EMAIL PROTECTED] writes:
I find it odd that the responses all seem to focus on pure brute force
when I did mention three other factors that might be in play: a defect
in the algorithm much like the attack on MD5 which reduces it to an
effective length of about 80 bits, if I recall
attackers do not use brute
force.
I'd suggest that Allen should be a bit more careful when doing back of
the envelope calculations...
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe
The NSA has been declassifying some interesting material of late:
http://www.nsa.gov/public/cryptologic_histories.cfm
http://www.nsa.gov/public/cryptologicquarterly.cfm
--
Perry E. Metzger[EMAIL PROTECTED
A paper enigma machine:
http://mckoss.com/Crypto/Enigma.htm
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
blog.
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
-how-to-hack-an.html
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
A combination of factors unexpectedly kept me away from moderation
duties for a few weeks. I'll be forwarding highlights of the backlog
shortly.
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing
Bruce Schneier has a good blog post on the latest A5/1 attack.
http://www.schneier.com/blog/archives/2008/02/cryptanalysis_o_1.html
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Paper: http://citp.princeton.edu.nyud.net/pub/coldboot.pdf
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Ali, Saqib [EMAIL PROTECTED] writes:
This methods requires the computer to be recently turned-on and unlocked.
No, it just requires that the computer was recently turned on. It need
not have been unlocked -- it jut needed to have keying material in RAM.
So the only way it would work is that
. As always, the question is
whether what you are protecting is worth more than the attackers would
have to spend on the attack.
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending
Ali, Saqib [EMAIL PROTECTED] writes:
i think in most cases tamper-resistant is sufficient - provided the
device that can detect an attempt of tampering, and erase itself.
Clearly, if the anti-tamper mechanisms work, the device will not be
compromised. The problem is, such mechanisms don't
.]
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
for the rest of his life.
--me
I got the exact same email from Amtrak. It is pretty disappointing to
me, but sadly not surprising, that big organizations are still
conditioning their users to become fraud victims.
--
Perry E. Metzger[EMAIL PROTECTED
numbers at a data rate of 2.0 megabits
a second, according to Toshiba in a paper presented at the
International Solid-State Circuits Conference (ISSCC) here.
http://www.eetimes.com/rss/showArticle.jhtml?articleID=206106199
--
Perry E. Metzger[EMAIL PROTECTED
Sandy Harris [EMAIL PROTECTED] writes:
What I don't understand is why you think tinc is necessary,
or even worth the trouble.
IPsec is readily available -- built into Windows, Mac OS
and various routers, and with implementations for Linux
and all the *BSDs -- has had quite a bit of expert
.
With respect, James, I think they'd be better off using DTLS. It was
designed by experts and it shares the same security properties as TLS.
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
TLS for a packet delivery requirement is simply wrong.
DTLS is there for packet delivery.
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography
James A. Donald [EMAIL PROTECTED] writes:
Perry E. Metzger wrote:
(No, I'm not a fan of X.509 certs, but those are not
core to the protocol, and you can think of them as
nothing more than a fancy key container format if you
like. Key management is not addressed by SSL, so there
is no reason
horse. My opinion (and just about everyone else's) is well
known. We live in a world where you are free to have a dissenting view.
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe
.
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
to
Know: http://www.ntk.net/2004/01/09/ )]
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
up quite well to quite determined
attacks, and the cards themselves are insanely cheap to produce.
I therefore expect no one else will ever use the technology --
anything cheap, secure and well tested in the field can't possibly see
wide adoption.
--
Perry E. Metzger[EMAIL
James A. Donald [EMAIL PROTECTED] writes:
Perry E. Metzger wrote:
The call-the-customer-and-reissue mechanism is a
mediocre solution to the fraud problem, but it is the
one we have these days.
Why is it a mediocre solution?
The credit card number is a widely shared secret. It
has been
Ian G [EMAIL PROTECTED] writes:
There is a philosophical problem with suggesting an automated protocol
method for reporting fraud, in that one might be better off ... fixing
the underlying fraud.
Lets say you're a big company like Amazon or someone similar. You're
pretty sure someone is
Wikileaks has released documents from the German police revealing
Skype interception technology. The leaks are currently creating a
storm in the German press[...]
http://yro.slashdot.org/article.pl?sid=08/01/26/1339249from=rss
--
Perry E. Metzger[EMAIL PROTECTED
Matt Blaze blogs about a paper he, Steve Bellovin, Whit Diffie, Susan
Landau, Peter Neumann and Jennifer Rexford have written on the hazards
of surveillance technologies:
http://www.crypto.com/blog/wiretap_risks/
--
Perry E. Metzger[EMAIL PROTECTED
not reasonable.
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
should be very skeptical
when someone claims that they need to use a home grown crypto
algorithm or that they need to use a home grown protocol instead of
a well proven one. Generally these are not engineering tradeoffs but
reflections of ignorance on the part of the designers.
Perry
--
Perry E
Unless people have more interesting stuff to say about TLS for email
submission, I'm closing the thread.
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe
http://www.google.com/patents?vid=USPAT6993661
Hat tip to a party who prefers to remain anonymous who sent me the
patent number.
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe
the
right contacts to get the right people to do something about this.
Perry
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Forwarded from Dave Farber's list:
From: Rich Kulawiec [EMAIL PROTECTED]
Sent: Monday, January 14, 2008 6:41 PM
To: Fergie; David Farber; Richard Forno; Lauren Weinstein
Subject: US drafting plan to allow government access to any email or Web search
http://www.fas.org/blog/secrecy/2008/01/nsa_announces_power_upgrades_p.html
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL
/content/article/2007/12/30/AR2007123002435.html
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
http://www.dilbert.com/comics/dilbert/archive/dilbert-20071117.html
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Need to invert an MD5 hash? Try googling for the hash value:
http://www.lightbluetouchpaper.org/2007/11/16/google-as-a-password-cracker/
Perry
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
From: Angelos D. Keromytis [EMAIL PROTECTED]
Subject: [ias-opportunities] Call For Papers: Applied Cryptography and Network
Security (ACNS)
Conference, 2008
To: [EMAIL PROTECTED]
Date: Thu, 27 Sep 2007 14:41:39 -0400
Organization: Department of Computer Science, Columbia University
Reply-To:
Perry E. Metzger [EMAIL PROTECTED] writes:
It appears that Apple may have altered the firmware of newer iPods so
that they require a proper cryptographic hash in the iTunesDB loaded
onto the units or they won't work. This effectively blocks people from
using third party software with an iPod
on Linux with iPods.
http://ipodminusitunes.blogspot.com/2007/09/apple-cuts-us-off.html
--
Perry E. Metzger[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL
Secrets From The Future, MC Frontalot's song about crypto:
http://frontalot.com/media.php/325/MC_Frontalot_SFTF_%2801%29_Secrets_From_The_Future.mp3
Perry
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe
A rare 17th century crypto book is being auctioned.
http://www.liveauctioneers.com/item/4122383/
Hat tip: Bruce Schneier's blog.
Perry
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL
301 - 400 of 623 matches
Mail list logo