Re: Judge orders defendant to decrypt PGP-protected laptop

2009-03-03 Thread sbg
With regards to alternative runtime decryptions, recall ...

http://people.csail.mit.edu/rivest/Chaffing.txt

The claim is that the approach is neither encryption nor steganography.

Cheers, Scott

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


Re: Shamir secret sharing and information theoretic security

2009-02-23 Thread sbg
Is it possible that the amount of information that the knowledge of a
sub-threshold number of Shamir fragments leaks in finite precision setting
depends on the finite precision implementation?

For example, if you know 2 of a 3 of 5 splitting and you also know that
the finite precision setting in which the fragments will be used is IEEE
32-bit floating point or GNU bignum can you narrow down the search for the
key relative to knowing no fragments and nothing about the finite
precision implementation?


-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


Re: Property RIghts in Keys

2009-02-12 Thread sbg
 However, a cert seems almost certainly *not* to be IP.

If anybody can alter, revoke or reissue a certificate then I agree it is
common property to which attaches no meaningful notion of property rights.

If on the other hand only certain people can alter, revoke or reissue a
certificate then it seems to me they have some sort of property rights in
the certificate and from their point of view the certificate is their
property and not everybody's property.

Whether it is intellectual property or some other form of property or even
some new form of property is I also agree debatable.


-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


Re: Dutch Transport Card Broken

2008-01-25 Thread sbg
 How much security can you put into a plastic card, the size of a
 credit card, that has to perform its function in a secure manner, all
 in under 2 seconds (in under 1 second in parts of Asia)? And it has to
 do this while receiving its power via the electromagnetic field being
 generated by the reader.

The 24C3 presenters to their credit made this exact point. But mixing the
16-bit nonce with the card identifier was an optimization too far.  That
said, it's a hard problem.  Inside Picopass is one of many examples that
progress is possible.

IMHO as always.

Cheers, Scott


-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]