On 2013-10-03 09:49, Peter Gutmann wrote:
> Jerry Leichter writes:
>
>> My favorite more recent example of the pitfalls is TL1, a language and
>> protocol used to managed high-end telecom equipment. TL1 has a completely
>> rigorous syntax definition, but is supposed to be readable.
>
> For thos
On 2013-09-17 07:37, Peter Gutmann wrote:
> Tony Arcieri writes:
>> On Mon, Sep 16, 2013 at 9:44 AM, Bill Frantz wrote:
>>> After Rijndael was selected as AES, someone suggested the really paranoid
>>> should super encrypt with all 5 finalests [...].
>>
>> I wish there was a term for this sort of
On 2013-09-04 16:37, Perry E. Metzger wrote:
Phil Karn described a construction for turning any hash function into
the core of a Feistel cipher in 1991. So far as I can tell, such
ciphers are actually quite secure, though impractically slow.
Pointers to his original sci.crypt posting would be ap
On Jul 29, 2010, at 22:23, Anne & Lynn Wheeler wrote:
> On 07/28/2010 10:34 PM, d...@geer.org wrote:
>> The design goal for any security system is that the number of
>> failures is small but non-zero, i.e., N>0. If the number of
>> failures is zero, there is no way to disambiguate good luck
>> f
On Jul 27, 2010, at 21:14, d...@geer.org wrote:
>
>> False metrics are rampant in the security industry. We really need
>> to do something about them. I propose that we make fun of them.
>
>
> You might consider joining us in D.C. on 10 August at
> http://www.securitymetrics.org/content/Wiki.j
On Mar 23, 2010, at 22:42, Jon Callas wrote:
> If you need to rekey, tear down the SSL connection and make a new one. There
> should be a higher level construct in the application that abstracts the two
> connections into one session.
... which will have its own subtleties and hence probabilit
On Oct 22, 2009, at 16:12, Perry E. Metzger wrote:
I don't think anyone is smart enough to understand all the
implications of this across all the systems that depend on the DNS,
especially as we start to trust the DNS because of the authentication.
"We" trust the DNS already. As far as I c
On Oct 1, 2009, at 16:46, Perry E. Metzger wrote:
It is also completely impossible to prove you've deleted a
record. Someone who can read the record can always make a copy of
it. Cryptography can't fix the DRM problem.
Sorry, I should have clarified that. We don't want to verify that Bob
ha
On Sep 30, 2009, at 06:25, Peter Gutmann wrote:
Stephan Neuhaus writes:
Is there something that could be done that would *not* require a
TTA? (I have
almost given up on this, but it doesn't hurt to ask.)
I think you've abstracted away too much information to provide a
defin
On Sep 26, 2009, at 18:31, Perry E. Metzger wrote:
SP 800-102 is intended to address the timeliness of the digital
signatures generated using the techniques specified in Federal
Information Processing Standard (FIPS) 186-3. [...] SP 800-102
provides
methods of obtaining assurance of the time
On Aug 31, 2009, at 13:20, Jerry Leichter wrote:
It can “...intercept all audio data coming and going to the Skype
process.”
Interesting, but is this a novel idea? As far as I can see, the
process intercepts the audio before it reaches Skype and after it has
left Skype. Isn't that the sa
On Oct 24, 2008, at 15:37, Stephan Neuhaus wrote:
Ah, but for this to hold, you will also have to assume that the N
pools are all independent.
Slight correction: You will have to assume that one of the trusted
pools is independent from the others.
Best,
Stephan
On Oct 24, 2008, at 14:29, John Denker wrote:
On 09/29/2008 05:13 AM, IanG wrote:
My assumptions are:
* I trust no single source of Random Numbers.
* I trust at least one source of all the sources.
* no particular difficulty with lossy combination.
If I have N pools of entropy (all same s
On Aug 3, 2008, at 13:54, Alexander Klimov wrote:
If your p-value is smaller than the significance level (say, 1%)
you should repeat the test with different data and see if the
test persistently fails or it was just a fluke.
Or better still, make many tests and see if your p-values are
unif
This article: http://www.spiegel.de/wirtschaft/0,1518,563606,00.html
(sorry, German only) describes a judgment made by a German district
court which says that banks are liable for damages due to phishing
attacks. In the case in question, a customer was the victim of a
keylogger even though
On Jul 1, 2008, at 17:39, Perry E. Metzger wrote:
Ed, there is a reason no one in the US, not even Wells Fargo which you
falsely cited, does what you suggest. None of them use 4 digit PINs,
none of them use customer account numbers as account names. (It is
possible SOMEONE out there does this,
On Apr 28, 2008, at 23:56, Perry E. Metzger wrote:
If you have a rotten apple engineer, he will be able to hide what he's
trying to do and make it look completely legit. If he's really good,
it may not be possible to catch what he's done EVEN IN PRINCIPLE.
Fred Cohen proved in 1984 in his "Co
On Dec 17, 2007, at 17:38, [EMAIL PROTECTED]
wrote:
So... supposing I was going to design a crypto library for use within
a financial organization, which mostly deals with credit card numbers
and bank accounts, and wanted to create an API for use by developers,
does anyone have any advice on
[EMAIL PROTECTED] wrote:
I think it might be fun to start up a collection of snake oil
cryptographic methods and cryptanalytic attacks against them. It
would be more fun for me than crossword puzzles, and educational for
all the would-be cryptographers.
One good candidate would be Enigma 2000,
Peter Gutmann wrote:
Given that all you need for this is a glorified pocket calculator, you could
(in large enough quantities) probably get it made for < $10, provided you shot
anyone who tried to introduce product-deployment DoS mechanisms like smart
cards and EMV into the picture.
That seems
Peter Gutmann wrote:
-- Snip --
This is very scary. I bet that our Minister of the Interior would love
it, though, since he has been pushing a scheme for stealth examination
of suspects' computers (called "Federal Trojan"). Technology like this
would be a large first step towards making th
Peter Gutmann wrote:
Banks like Bank of America have taken some flak in the past for their awful
online banking security practices. [...]
For an example of how you can do it well and still have a well-designed
user interface, consider SaarLB (http://www.saarlb.de). The homepage is
unencrypt
Original article at http://www.heise.de/security/news/meldung/64224
It seems that the German TC TrustCenter GmbH (formerly TC TrustCenter
AG) is now insolvent. TrustCenter was accredited to issue "qualified
signatures", which is what you need in Germany if you want your digital
signature to b
Peter Gutmann wrote:
Alaric Dailey <[EMAIL PROTECTED]> writes:
In my opinion, PSK has the same problems as all symmetric encryption, its
great if you can share the secret securely, but distribution to the masses
makes it infeasible.
Exactly, PSK's are infeasible, and all those thousands of we
James A. Donald wrote:
But does not, in fact, prevent.
Let me rephrase that. Are we now at a point where we must admit that
PKI isn't going to happen for the Web and that we therefore must face
the rewriting of an unknown (but presumably large) number of lines of
code to accomodate PSKs? I
Peter Gutmann wrote:
And that's it's killer feature: Although you can still be duped into handing
out your password to a fake site, you simply cannot connect securely without
prior mutual authentication of client and server if TLS-PSK is used.
If I have understood the draft correctly, using PSK
Anne & Lynn Wheeler wrote:
http://www.infoworld.com/article/05/08/10/33OPstrategic_1.html
The page goes on to say:
"One reason for PKI's slow uptake has been the lack of two kinds of
portability. It hasn't been easy to move cryptographic keys from one
machine to another, or to use credential
Peter Gutmann wrote:
Stephan Neuhaus <[EMAIL PROTECTED]> writes:
Concerning the practical use of AES, you may be right (even though it would
be nice to have some advice on what one *should* do instead).
Definitely. Maybe time for a BCP, not just for AES but for general block
cipher
28 matches
Mail list logo
