, but it is not everything.
Dan
___
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
Because not being fast enough means you don't ship. You don't ship, you
didn't secure anything.
Performance will in fact trump security. This is the empirical reality.
There's some budget for performance loss. But we have lots and lots of
slow functions. Fast is the game.
(Now, whether my
of the
U.S. Federal government that handle electronic health records is
ASCII encoded, and readable. Called The Blue Button,[1] there
is even an HL7-Blue Button file converter.[2]
Score one for human readable.
/utter_tangent
--dan
[1] www.va.gov/BLUEBUTTON/Resources.asp
[2] www.hl7.org/implement
, not penetrated.[*]
Nevertheless, the value of scepticism is profound; it is
the chastity of the intellect.
--dan
[*]
www.financialcryptography.com/mt/archives/000147.html
___
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com
this and the
cited paper are).
http://kebesays.blogspot.com/2010/11/mac-then-encrypt-also-harmful-also-hard.html
Dan
___
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
On 9/11/2013 6:47 PM, Dave Horsfall wrote:
Given that there is One True Source of randomness to wit radioactive
emission, has anyone considered playing with old smoke detectors?
I did that a decade ago, to wit:
http://etoan.com/random-number-generation/index.html
Cheers,
Dan
).
Dan
___
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
... but I must scream.
http://kebesays.blogspot.com/2013/09/i-have-no-whistle-to-blow-but-i-must.html
FYI, and thanks,
Dan McD.
___
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
Consider the Suite B set of algorithms:
AES-GCM
AES-GMAC
IEEE Elliptic Curves (256, 384, and 521-bit)
Traditionally, people were pretty confident in these. How are people's
confidence in them now?
Curious,
(first-time caller) Dan McD
to know collectively what each part of it is doing and
that without a CC channel other than the repurposed MSM; the fun
begins when the botnet reads the obituary of a certain person
/spoiler
--dan
___
The cryptography mailing list
cryptography@metzdowd.com
as usual, there's an XKCD for that
http://xkcd.com/504/
--dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
investment than the accumulated profits in the sale
of SSL domain name certs, we could have solved this by now.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
be unwitting)?
Probably too out there.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
at the toll stations where the license
plates are read and correlation between plate number and
current radio fingerprint trivially recorded.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography
Best,
--dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
False metrics are rampant in the security industry. We really need
to do something about them. I propose that we make fun of them.
You might consider joining us in D.C. on 10 August at
http://www.securitymetrics.org/content/Wiki.jsp?page=Metricon5.0
--dan, program committee
and - most importantly - certified random by laws of
physics.
article cut there as there both a diagram and a video
--dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
of using RSA-1280? Or should we stick to RSA-1024?
--Dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Dan,
I looked at the GNFS runtime and plugged a few numbers in. It seems
RSA Security is using a more conservative constant of about 1.8 rather
than the suggested 1.92299...
See:
http://mathworld.wolfram.com/NumberFieldSieve.html
So using 1.8, a 1024 bit RSA key is roughly equivalent
://www.ietf.org/mailman/listinfo/cicm .
Dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
in SSL
and certificates when (as far as we can determine) 100% of
all certificate errors seen by users are false positives.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord
-protecting that
it is capable of refusing a command.
Long live HAL,
--dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
|
| This is the first attack against TLS that I consider to be
| the real deal. To really fix it is going to require a change to
| all affected clients and servers. Fortunately, Eric Rescorla
| has a protocol extension that appears to do the job.
|
...silicon...
--dan
. Put differently, only within airtight
surveillance will the absence of evidence be the
evidence of absence.
In factually, if not politically, correct terms, the
Electronic Health Record is the surest path to a
surveillance state, but I digress.
--dan
they can debug. This
may apply to the world at large.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
addresses change as they come and go from the network.
One would imagine that as IPv6 rolls out, the need
for DHCP goes to zero excepting for mobile devices
attaching to public (not carrier) nets. Yes?
--dan
-
The Cryptography Mailing
sequential numbers.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
. The theme of
this episode is The Importance of Context. This workshop
series is intense, and is focused on progress rather than
claims of first discovery. See
http://securitymetrics.org/content/Wiki.jsp?page=Metricon4.0
Dan Geer
to take no longer baked into
the browser as effectively revocation, there is a
retrospective clerical job that might be a fun project
if you had some graduate student labor to assign.
--dan
-
The Cryptography Mailing List
Unsubscribe
=AJournalNumber=6221
As always, the phrase proprietary coding readable
only by us caught my ear.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
. On this basis and others,
bot-nets are a life form.
Rest of text upon request. Incidentally, I *highly* recommend
Daniel Suarez's _Daemon_; trust me as to its relevance. Try
this for a non-fiction taste:
http://fora.tv/2008/08/08/Daniel_Suarez_Daemon_Bot-Mediated_Reality
--dan
Peter Gutmann has responded
http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html
(see the Further Epilogue section well down the page)
--dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe
or asking Can I trust you?
---
http://blog.startcom.org/?p=145
Slashdot and others are reporting on this story about how it was
possible for a person to receive a completely valid certificate for
a random domain of his choosing without any
.
Thinking out loud,
--dan
[ just for amusement, 2008 world production of wheat
and rice would each cover 53 squares, with maize
coming in at 51 squares ]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe
ones signed?
|
quorum threshhold crypto; if Avishai Wool or Moti Yung
or Yvo Desmedt or Yair Frankel or... are here on this
list, they should answer
a *tiny* contribution on my part
http://geer.tinho.net/geer.yung.pdf
humbly,
--dan
Damien Miller writes:
-+---
|
| David Molnar [EMAIL PROTECTED] writes:
|
| Dan Geer's comment about the street price of heroin as a metric for
| success has me thinking - are people tracking the street prices of
| digital underground goods over time?
|
| I've been
David Molnar writes, in part:
-+---
| Dan Geer's comment about the street price of
| heroin as a metric for success has me thinking -
| are people tracking the street prices of digital
| underground goods over time?
This material is in fact tracked but not so
Sigh... typing in a moving vehicle. This is
the right URL, verified by cutpaste.
http://geer.tinho.net/ieee/ieee.sp.geer.0801.pdf
Sorry.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe
) and the growing
role of virtual machines should be of intense interest.
Inferentially yours,
--dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
for the company to do is to just keep
everything forever. With disk prices falling
as they are, keeping everything is cheaper
than careful selective deletion, that's for
sure.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending
,
at least the kind of security that says they
can't misuse what they ain't got.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
wouldn't
go into government in the first place.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
reproduce it. It was a photo of
the tail end of her car and on it a bumper sticker.
That bumper sticker read
PREVENT UNWANTED PRESIDENCIES
MAKE VOTE COUNTING A HAND JOB
In no other state could a Constitutional Officer
get away with such a bumper sticker, but...
--dan
yet another proprietary symmetric cipher ?
http://www.pureentropy.com
...
Encryption Security Solutions provides unprecedented encryption
security, efficiency, and performance for business applications ensuring
critical information is secure.
Encryption Security Solutions, LLC (ES²) has
Eric Rescorla wrote:
At Fri, 8 Aug 2008 17:31:15 +0100,
Dave Korn wrote:
Eric Rescorla wrote on 08 August 2008 16:06:
At Fri, 8 Aug 2008 11:50:59 +0100,
Ben Laurie wrote:
However, since the CRLs will almost certainly not be checked, this
means the site will still be
://www.infobyte.com.ar/down/isr-evilgrade-Readme.txt
Likely off-topic,
--dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
number
| (in some cases after 3 tries).
| ...
So I hold the PIN constant and vary the bank account number.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
not occur, but two such parties, if
they really care, would do their own end-to-end
protections even if it is a simple as speaking
Navajo.
All hail Saltzer, Reed, and Clark.
--dan
-
The Cryptography Mailing List
Unsubscribe
MetriCon 3.0 agenda at this URL
http://www.securitymetrics.org/content/Wiki.jsp?page=Metricon3.0
Workshop is limited attendance though some small number
of requests can still be granted; send same by e-mail to
[EMAIL PROTECTED]
Best,
--dan
, then it would today be $300. (1968-present)
--dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
.
Important Dates
Requests to participate: by May 12, 2008
Notification of acceptance: by June 2, 2008
Materials for distribution: by July 21, 2008
Workshop Organizers
Dan Geer, Geer Risk Services, Chair
Bob Blakley, The Burton Group
Fred Cohen, Fred Cohen Associates California Sciences
the previous batch's encrypted self (a change that halves
performance), I can't see much wrong. I rather deeply doubt I'm the
first to come up with a suggestion like that either. So, uh, why do
weak RNG's keep showing up? Is there something fundamentally breakable
in the above design?
--Dan
Amateurs talk about algorithms. Professionals talk about economics.
That would be
Amateurs study cryptography; professionals study economics.
-- Allan Schiffman, 2 July 04
Quotationally yours,
--dan
of the inter-relation of security privacy.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
(as if anyone uses client certificates anyway)?
Guess why so few people are using it ...
If it were secure, more people would be able to use it.
People don't use it because the workload of getting signed up is vastly
beyond their skillset, and the user experience using the things
and unobvious) *and* Type II (false negative)
errors (when confronted with something sufficiently
unobvious that they find it impossible to understand
that it is either unobvious or useful much less
both).
--dan
[1]
http://www.usenix.org/publications/library/proceedings/sec96/boneh.html
Well, for all of you who want to prove that hacking
the vote is easy, here's your chance to do something:
http://apnews.myway.com/article/20080121/D8UA8VGG0.html
[ ObDebate: is a winner-take-all state more or less
attractive to vote hacking? ]
--dan
So, what is Apple doing for its brand-new iTunes movie rental thing?
1/3rd of the way into Jobs' song-and-dance
http://stream.qtv.apple.com/events/jan/f27853y2/m_972345688g_650_ref.mov
--dan
-
The Cryptography Mailing List
anomalies are normal, and
2) Unless you're scrubbing up and down the application and network
stacks, you just have no idea what the host endpoint is parsing.
At the point where crypto shows up, it's already too late.
--Dan
who've already seen it.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
to the embargoed country
list (Cuba, Iran, Sudan, Syria, North Korea, and Libya).
YMMV.
--dan
-8cut-here8-
A. BIS Checklist of Questions:
1. Does your product perform cryptography, or otherwise
contain any parts or components that are capable
May I point out that if voting systems have a level
of flaw that says only an idiot would use them, then
how can you explain electronic commerce, FaceBook,
or gambling sites? More people use just those three
than will *ever* vote.
--dan
money.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
and still
apparently function. Why should voting be
different?
We are approaching a rat hole...
--dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
If on the one hand, the correct procedure is sign-encrypt-sign,
then why, on the other hand, is the parallel not sign-hash-sign ?
--dan
=
http://world.std.com/~dtd/sign_encrypt/sign_encrypt7.ps
Donald T. Davis, Defective Sign Encrypt in S/MIME, PKCS#7, MOSS, PEM,
PGP, and XML
of the entropy-reducing information the Wheel of Fortune
contestant is able to take advantage of are not available to a password
cracking algorithm.
--dan
While 2.5 bits/word seems low, the TV game show Wheel Of Fortune is
evidence that
people can correctly guess phrases even when a large proportion
just said is hearsay,
though my office-mate says that he has bought three cars
by this method. It almost causes me to say relying party
out loud...
If this idea is a rathole, then my fault and my apology.
--dan
-
The Cryptography
Ed Gerck writes:
| We've heard it so many times: There's nothing to worry about.
| Now, Skype adds a new IT protection measure -- love:
|
| The Skype system has not crashed or been victim of a cyber
| attack. We love our customers too much to let that happen.
|
-- Forwarded
their Admin privilege to accept ActiveX
controls that strip the OS of this or that subsystem,
and to do so in the name of security.
--dan
P.S., The S.E.C. tackling some Estonian clown for $353,609 [2],
is an irrelevant side show at the scale I am talking about: It's
not material to anyone who
makes the entire edifice untrustable).
--dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
an
all-countries-are-created-equal position statement.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
as
the seeds used in encryption.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
http://news.com.com/Jailed+ID+thieves+thwart+cops+with+crypto/2100-7348_3-6144521.html
Jailed ID thieves thwart cops with crypto
By Tom Espiner
Story last modified Tue Dec 19 06:46:45 PST 2006
Three men have been jailed in the U.K. for their part in a massive
data theft operation.
One
I hesitate to use the syllable crypto in describing this paper,
but those who have not seen it may find it interesting.
http://www.arx.com/documents/The_Unbearable_Lightness_of_PIN_Cracking.pdf
Or profitable.
--dan
http://news.zdnet.com/2100-1009_22-6142935.html?part=rsstag=feedsubj=zdnn
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
http://www.amazon.com/gp/product/customer-reviews/0833030477/ref=cm_cr_dp_pt/102-8179025-1336125?ie=UTF8n=283155s=books
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Anyone know what is up with this?
http://www.gcn.com/online/vol1_no1/41371-1.html
--dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
, e.g.), then you get prove-a-negative
from the regulators and auditors -- madness on the same
scale as tulip mania or the defenestration of Prague.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe
for NAIS) with a requirement to file with
USDA any off premises transportation (taking the kids'
heifer to the the 4H show included).
--dan
===
The great distinction:
A conservative is a socialist who worships order.
A liberal is a socialist who worships safety
2004 Turing Award Lecture
* Absolutely secure systems do not exist
* To halve your vulnerability, you have to double your expenditure
* Cryptography is typically bypassed, not penetrated
--dan
-
The Cryptography Mailing List
-related lists are composed
of people who are off-center when it comes to risk,
it is us what be the outliers in the distribution
and in no way are our various paranoias widely shared.
Not trying to debate the hive mind, etc.,
--dan
not be able to see (such as organized
survey takers who talk to each other). Sort of like
an Internet-mailing-list, no?
--dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Alan,
You and I are in agreement, but how do we get
the seemingly (to us) plain truth across to
others? I've been trying for a good while now,
reaching a point where I'd almost wish for a
crisis of some sort as persuasiveness is not
working.
We are probably well off-topic for this list.
--dan
administration. As Gilmore
would say now (hi, John), don't give any
government a power you would not want a
despot to have.
--dan
=
What's on my car
https://www.protestwarrior.com/store/files/master/democrat_president.gif
Security Agency as part of an
effort to thwart terrorism.
snip
--dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
, this will be the place.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
OK, I'll say it. This site:
http://www.truecrypt.org/
makes me visualize tinfoil hats.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
, perhaps the canoe is
now far enough upriver. If it is a patent claim or the
like and one needs to find the exact wet spot in the
ground that the river starts, well, let me know.
--dan
[1] Proceedings of the IEEE. Vol. 63, No. 9 (September 1975), pp.
1278-1308; Manuscript received October 11, 1974
Usability should by now be recognized as the key issue for security -
namely, if users can't use it, it doesn't actually work.
% man gpg | wc -l
1705
% man gpg | grep dry
-n, --dry-run Don't make any changes (this is not completely implemented).
I rest my case.
--dan
In our office, we have a shredder that happily
takes CDs and is designed to do so. It is noisy
and cost $500.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
interpret as apologies for the first
or second estate are, at least as I mean them,
nothing but an attempt at Real Politik. Hope
I'm wrong, but I don't bet against my intuition.
Probably a rat hole,
--dan
-
The Cryptography Mailing
can attack location independently, and
likely without self identification, your only
choice is pre-emption, which requires intell,
which requires surveillance, which requires
listening posts.
And I'm just talking about intellectual property
in the Fortune 1000, not the freaking country.
--dan
Clinton's Asst. A.G.
http://www.chicagotribune.com/news/opinion/chi-0512210142dec21,0,3553632.story?
coll=chi-newsopinioncommentary-hed
Dick Morris
http://www.drudgereport.com/flash7.htm
--dan
-
The Cryptography Mailing
You know, I'd wonder how many people on this
list use or have used online banking.
To start the ball rolling, I have not and won't.
--dan
Cryptography is nothing more than a mathematical framework for
discussing the implications of various paranoid delusions.
-- Don Alvarez
with a potentially
more expensive test that has low/no false positives.
There is a whole health policy management
literature on this. I reproduce the barest
precis of same below, assuming the reader can
manage to view it in a fixed width font while
respecting my hard carriage returns as writ.
--dan
cheat
to be an expert to be safe.
--dan
[1]
http://www.cra.org/Activities/grand.challenges/security/home.html
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Dare I say that the best must not be the enemy of the good?
--dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Ben Laurie wrote:
I wrote some code to show the internal state of MD5 during a collision...
http://www.shmoo.com/md5-collision.html
Cheers,
Ben.
Ben--
http://www.doxpara.com/md5_anim.gif
Thpt ;)
(That being said -- I do like your output. Very nice.)
--Dan
text on-disk to
see what tape it was on and to then read that
tape.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
it in the DB.
--Dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
1 - 100 of 144 matches
Mail list logo
