[Cryptography] Homomorphic encryption prototype by microsoft

2011-08-08 Thread Ali, Saqib
Two years after Dr. Craig Gentry of IBM published the proof for fully
homomorphic encryption, Microsoft has come up with a prototype that
utilizes the technique:
http://www.technologyreview.com/computing/38239/page1/


saqib
http://redscarfvestpink.appspot.com/
___
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography


ACM Workshop: Searching an Encrypted Cloud

2009-11-16 Thread Ali, Saqib
Followup from the workshop:
http://www.technologyreview.com/computing/23951/


saqib
http://enterprise20.squarespace.com



On Thu, Nov 12, 2009 at 1:23 PM, Ali, Saqib docbook@gmail.com wrote:

 ACM Workshop on November 13th (yes it is Friday the 13th) will cover the the 
 topic of Searching for encrypted data in the Cloud:
 http://crypto.cs.stonybrook.edu/ccsw09/
 http://www.technologyreview.com/computing/23929/?a=f

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


First Test for Election Cryptography

2009-11-02 Thread Ali, Saqib
http://www.technologyreview.com/web/23836/





saqib
http://replaycall.com

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


BusinessWeek article on IBM Research's Fully Homomorphic Encryption

2009-10-05 Thread Ali, Saqib
Good read:
http://www.businessweek.com/technology/content/sep2009/tc20090930_463595.htm

For more info:
http://www-03.ibm.com/press/us/en/pressrelease/27840.wss
http://portal.acm.org/citation.cfm?id=1536414.1536440

This is just a proof of possibility, not (yet) feasibility.


saqib
http://enterprise20.squarespace.com

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


Re: Privacy Plug-In Fakes out Facebook

2009-09-10 Thread Ali, Saqib
[Moderator's note: I don't want an extended discussion on this topic,
but I'll allow this one message through. --Perry]

Another fine example of throwing cryptography at a behavioral problem.
And why should I trust  a 3rd party server to protect the encryption
keys

I know that Facebook privacy settings were convoluted in the past. But
they have improved a lot. And there are nice tutorials on privacy
settings for facebook. Spend 10 mins, and properly configure these
settings.

Just my $0.02

saqib
http://bit.ly/NISTCloudComputing

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


Re: Unattended reboots (was Re: The clouds are not random enough)

2009-08-03 Thread Ali, Saqib
 If you (or anyone on this forum) know of technology that allows the
 application to gain access to the crypto-hardware after an unattended
 reboot - but can prevent an attacker from gaining access to those keys
 after compromising a legitimate ID on the machine

This is the conundrum of the of the the decade. The TPMs etc, tie a
HDD to a server. This helps in cases where the HDDs are discarded w/o
proper destruction of data or are stolen. If you have a problem of
entire servers being stolen, than you have to worry about physical
security.

saqib
http://kawphi.blogspot.com

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


The clouds are not random enough

2009-08-01 Thread Ali, Saqib
Why Cloud Computing Needs More Chaos:
http://www.forbes.com/2009/07/30/cloud-computing-security-technology-cio-network-cloud-computing.html

[Moderator's note: It is not supposed to be the moderator's job to read
a link and then summarize for the readers it is interesting to click
on. In the future, posters should provide at least a few sentences
explaining why a link is of interest or I'm going to simply stop
forwarding them.

In the current instance, the article is about a growing problem -- the
lack of good quality random numbers in VMs provided by services like EC2
and the effect this has on security. --Perry]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


Re: New Technology to Make Digital Data Disappear, on Purpose

2009-07-29 Thread Ali, Saqib
Online demo of Vanish:
http://regina.cs.washington.edu/cgi-bin/vanishservice.py



saqib
http://kawphi.blogspot.com

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


New Technology to Make Digital Data Disappear, on Purpose

2009-07-21 Thread Ali, Saqib
The researchers said they had struck upon a unique approach that
relies on “shattering” an encryption key that is held by neither party
in an e-mail exchange but is widely scattered across a peer-to-peer
file sharing system.

The pieces of the key, small numbers, tend to “erode” over time as
they gradually fall out of use. To make keys erode, or timeout, Vanish
takes advantage of the structure of a peer-to-peer file system. Such
networks are based on millions of personal computers whose Internet
addresses change as they come and go from the network. This would make
it exceedingly difficult for an eavesdropper or spy to reassemble the
pieces of the key because the key is never held in a single location.
The Vanish technology is applicable to more than just e-mail or other
electronic messages

Read more:
http://www.nytimes.com/2009/07/21/science/21crypto.html



Saqib
http://kawphi.blogspot.com

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


Re: Physical security rather than crypto---but perhaps of interest

2009-07-17 Thread Ali, Saqib
Since we are on this topic:

You don’t need to be a crowned Ranger class master hacker to sneak
into someone’s email or facebook account these days. Which means that
you’re not simply being a nervous nellie if you’re worried about
security.

In fact, users of public WiFi should be worried. If you use WiFi to
access some of the most popular email and social networking services,
like, gmail, yahoo mail, hotmail, and facebook, your account
information floats around in the air, often completely unsecured.

You want some more fear with your coffee? Chris Soghoian, a fellow at
the Berkman Center for Internet and Society, took a look into WiFi and
account security to find out just how scary the situation is.

Listen to the audio at:
http://blogs.law.harvard.edu/mediaberkman/2009/07/16/radio-berkman-126-the-g-fail/



saqib
http://www.capital-punishment.us

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


Weakness in Social Security Numbers Is Found

2009-07-08 Thread Ali, Saqib
Read more:
http://www.nytimes.com/2009/07/07/us/07numbers.html?_r=2ref=instapundit


saqib
http://www.capital-punishment.us

[Moderator's note: this isn't really a weakness in SSNs, unless you're
stupid enough to use them as a password -- which we already knew was
bad. None the less, interesting work. --Perry]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


Transcripts of the NIST Sessions from the first SHA3 Candidate Conference

2009-06-17 Thread Ali, Saqib
The transcripts are available at:
http://csrc.nist.gov/groups/ST/hash/sha-3/Round1/Feb2009/program.html




saqib
http://www.capital-punishment.us

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


OT: Presentation on Effectively and Securely Using the Cloud Computing Paradigm

2009-06-14 Thread Ali, Saqib
NIST has published a working draft of the Cloud Computing Security presentation:
http://csrc.nist.gov/groups/SNS/cloud-computing/index.html

Both of the documents on this page are excellent read for anyone
interested in Cloud Computing.

Some of the Security Advantages mentioned in the presentation are:

Shifting public data to a external cloud reduces the exposure of the
internal sensitive data
Cloud homogeneity makes security auditing/testing simpler
Clouds enable automated security management
Redundancy / Disaster Recovery
Data Fragmentation and Dispersal
Dedicated Security Team
Greater Investment in Security Infrastructure
Fault Tolerance and Reliability
Greater Resiliency
Hypervisor Protection Against Network Attacks
Possible Reduction of CA Activities (Access to Pre-Accredited Clouds)
Simplification of Compliance Analysis
Data Held by Unbiased Party (cloud vendor assertion)
Low-Cost Disaster Recovery and Data Storage Solutions
On-Demand Security Controls
Real-Time Detection of System Tampering
Rapid Re-Constitution of Services
Advanced Honeynet Capabilities

What are your thoughts on these benefits?

Thanks
Saqib
http://www.capital-punishment.us

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


A Service to Prove You are Really You

2009-05-21 Thread Ali, Saqib
On the Internet, nobody knows you’re a dog, as the New Yorker cartoon
famously said. But what if, while you are surfing, you want to prove
your pedigree?
Equifax, the big credit agency that already knows more about your flea
count than you do, wants to help. :
http://bits.blogs.nytimes.com/2009/05/19/a-service-to-prove-you-are-really-you/


Saqib
http://www.capital-punishment.us

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


Response to The Strange Rise and Fall of Hardware Disk Encryption

2009-05-01 Thread Ali, Saqib
Here is a response to Jon Callas'  The Strange Rise and Fall of
Hardware Disk Encryption[1]:
http://security-basics.blogspot.com/2009/04/re-fde-mgiebelpgpcom-has-shared-strange_6682.html


1. 
http://blog.pgp.com/index.php/2009/04/the-strange-rise-and-fall-of-hardware-disk-encryption/

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


How to Share without Spilling the Beans

2009-03-02 Thread Ali, Saqib
A new protocol aims to protect privacy while allowing organizations to
share valuable information:
http://www.technologyreview.com/communications/22238/?a=f


saqib
http://www.capital-punishment.net

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


UK must balance surveillance and data collection with privacy

2009-02-12 Thread Ali, Saqib
Britain's House of Lords Constitution Committee released a report
Friday saying that the country's use of widespread video surveillance
and personal data collection pose a threat to citizens' privacy and
freedom. The committee said that while such surveillance and data
collection could serve legitimate law-enforcement purposes, those
interests should be balanced against privacy concerns, including
Article 8 of the European Convention on Human Rights. The committee
also issued specific recommendations that DNA data on individuals be
consolidated to the National DNA Database, and that closed-circuit
television surveillance only be used under strict oversight and where
it has been shown to be effective.

More info:
http://jurist.law.pitt.edu/paperchase/2009/02/uk-must-balance-surveillance-and-data.php
http://www.publications.parliament.uk/pa/ld200809/ldselect/ldconst/18/18.pdf


saqib
http://www.capital-punishment.net

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


More on (no pun intended) D-wave quantum computer

2008-12-23 Thread Ali, Saqib
Source:
http://bits.blogs.nytimes.com/2008/12/22/d-wave-arms-smoking-gun-proof-of-quantum-computer/


Once D-Wave collects the results of the simulations and processes the
information, it will compare the simulation against an actual run of
its latest quantum computer, which should be completed in the next few
months. If the figures match up, then D-Wave will have shown that it
really has a quantum machine, silencing skeptics, according to Geordie
Rose, the company's chief technology officer. 

I still don't see how figures matching up prove that what d-wave
developed is a quantum computer. it just proves that it is a faster
computer……..

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


Lifting Some Restrictions on Encryption Exports

2008-12-05 Thread Ali, Saqib
Does anyone have more info on the following:
http://snurl.com/75m3f

I couldn't find any other article that talked about it. The pay per
news is the only item I found.

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: usable security at www.usable.com

2008-09-11 Thread Ali, Saqib
 to make it easy to login to participating web sites.  However, I don't
 see any details of the protocols or algorithms.

The service looks very user friendly and secure (i.e. if implemented properly)

It is unfortunate that being a security aware company they don't
provide information about the protocols or algorithms. I haven't used
the service either. So I am as clueless as anyone else. But I won't
let that stop me from making some speculations ;-)

Note: The following are pure speculations and wild guesses:

The service seems to incorporate a technology similar to RSA's
passmark to perform mutual authentication i.e. authenticate the client
machine to the server to prevent phishing. In addition, it appears,
they are also utilizing host-proof hosting AJAX paradigm such that
your login information is never sent to the Usable's cloud servers in
clear-text.

Both of these technologies are well-defined and, if implemented
properly, provide reasonable amount of security.

BankOfAmerica utilizes RSA's Passmark for Logons. Passpack utilizes
Host-proof hosting AJAX paradigm.

saqib
http://doctrina.wordpress.com/

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


No Legitimate Expectation of Privacy for Data on Office Computer, Court Says

2008-09-08 Thread Ali, Saqib
An employee has no reasonable expectation of privacy in personal files
stored on a company-owned computer and an employer's consent makes a
police search lawful, an appeals court says in a ruling of first
impression in New Jersey.

We conclude ... that neither the law nor society recognize as
legitimate defendant's subjective expectation of privacy in a
workplace computer he used to commit a crime, Judge Marie Simonelli
wrote for the three-judge panel in State v. M.A., A-4922-06.

Read More:
http://www.law.com/jsp/article.jsp?id=1202424228730


saqib
http://doctrina.wordpress.com/

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: Security by restraining order

2008-08-15 Thread Ali, Saqib
JOLT's coverage of the topic and some new updates:
http://jolt.law.harvard.edu/digest/district-courts/mbta-v-anderson


saqib
http://doctrina.wordpress.com/

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Introducing Cryptanalysis

2008-08-15 Thread Ali, Saqib
A informative blog post on the topic of cryptanalysis by Mark
Chu-Carroll of Google:
http://scienceblogs.com/goodmath/2008/08/introducing_cryptanalysis.php



saqib
http://doctrina.wordpress.com/

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: Dutch chipmaker sues to silence security researchers

2008-07-19 Thread Ali, Saqib
Latest updates (17.07.08):
Dutch courts OKs publishing how to hack NXP chip
http://uk.reuters.com/article/governmentFilingsNews/idUKL186838820080718


saqib
http://doctrina.wordpress.com/

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Dutch chipmaker sues to silence security researchers

2008-07-10 Thread Ali, Saqib
Dutch chipmaker NXP Semiconductors has sued a university in The
Netherlands to block publication of research that details security
flaws in NXP's Mifare Classic wireless smart cards, which are used in
transit and building entry systems around the world.

More at:
http://news.cnet.com/8301-10784_3-9985886-7.html?hhTest=1

saqib
http://doctrina.wordpress.com/

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: Permanent Privacy - Snake Oil or unbreakable encryption?

2008-07-08 Thread Ali, Saqib
 This reads like snake oil.
 http://www.foxbusiness.com/story/hackers-hell-privacy-compromised/
 This reads like a pump'n'dump stock scam.

zdnet tries to expose the snake-oil crypto and the pump'n'dump stock scam:
http://blogs.zdnet.com/security/?p=1448

good start. but i think they could have done better..


saqib
http://doctrina.wordpress.com/

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Permanent Privacy - Snake Oil or unbreakable encryption?

2008-07-07 Thread Ali, Saqib
Quoting the Foxbusiness article:

PermanentPrivacy announces the world's first practical data
encryption system that is absolutely unbreakable. And is offering a
$1,000,000 challenge to anyone who can crack it.

Permanent Privacy (patent pending) has been verified by Peter
Schweitzer, one of Harvard's top cryptanalysts, and for the inevitable
cynics Permanent Privacy is offering $1,000,000 to anyone who can
decipher a sample of ciphertext.


http://www.foxbusiness.com/story/hackers-hell-privacy-compromised/
http://www.permanentprivacy.com/


saqib
http://doctrina.wordpress.com/

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: Code makers and breakers of WWII era

2008-06-05 Thread Ali, Saqib
Actually the correct URL is:
http://www.sscnet.ucla.edu/geog/gessler/collections/cryptology.htm

On Wed, Jun 4, 2008 at 1:59 PM, Ali, Saqib [EMAIL PROTECTED] wrote:
 Here is another site that has a lot more details and photographs:
 http://www.sscnet.ucla.edu/geog/gessler/collections/crypto-hebern.htm

 saqib
 http://doctrina.wordpress.com/


-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: Code makers and breakers of WWII era

2008-06-05 Thread Ali, Saqib
Here is another site that has a lot more details and photographs:
http://www.sscnet.ucla.edu/geog/gessler/collections/crypto-hebern.htm

saqib
http://doctrina.wordpress.com/

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: Question re Turing test and image recognition

2008-05-22 Thread Ali, Saqib
Check out http://www.numenta.com/ . They have an SDK that you d/l and
play with it.

saqib
http://doctrina.wordpress.com/

On Fri, May 16, 2008 at 8:36 AM, Allen [EMAIL PROTECTED] wrote:
 Hi gang,

 In looking at captchas that have been broken via software it dawned on me
 that the amount of mental processing involved is actually very little. I'm
 interested in what the current state of image recognition via software of
 things like knowing the difference between a monkey and a cat or a child
 laughing or just happy and the degree of reliability of the differentiation.
 I've done a bit of looking around and don't find much. Does anyone have
 knowledge of or a  pointer to someone who might know where to look about
 this?

 Thanks,

 Allen

 -
 The Cryptography Mailing List
 Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: It seems being in an explosion isn't enough...

2008-05-09 Thread Ali, Saqib
Edwards said the Seagate hard drive -- which was
about eight years old in 2003 -- featured much
greater fault tolerance and durability than current
hard drives of similar capacity.

I am not so sure about this statement. The newer drives are far more
ruggedized and superior in constuction. For e.g. the newer EE25 are
designed to operate @
1) Operating temperatures of –30°C to 85°C
2) Operating altitudes from –1000 feet to 16,400 feet
3) Operating vibration up to 2.0 Gs
4) Long-duration (11 ms) shock capability of 150 Gs

where as the older ST9385AG:
1) Operating temperatures of 5° to 55°C (41° to 131°F)
2) Operating altitudes from –1,000 ft to 10,000 ft (–300 m to 3,000 m)
3) Operating vibration up to 0.5 Gs
4) shock capability of 100 Gs


Source:
http://www.seagate.com/docs/pdf/datasheet/disc/ds_ee25_2.pdf
http://www.seagate.com/support/disc/manuals/ata/9655pma.pdf

saqib
http://doctrina.wordpress.com/

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Pentagon looks for 'Killer Switch'

2008-05-01 Thread Ali, Saqib
Not exactly related to Malicious Hardware/Software discussion, but
interesting nonetheless:
http://blog.wired.com/defense/2008/04/the-case-of-the.html
http://spectrum.ieee.org/may08/6171

saqib
http://doctrina.wordpress.com/

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Snake oil crypto of the day: BabelSecure Samurai

2008-04-18 Thread Ali, Saqib
See:
http://babelsecure.com/challenge.aspx

Snake-oil sales pitch:
The creators of BabelSecure are so confident in the ability and
security of Samurai, they have created the Turing Challenge. The first
individual or team to break the following code will earn $5000

saqib
http://doctrina.wordpress.com/

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: Levels of security according to the easiness to steel biometric data

2008-04-16 Thread Ali, Saqib
I believe ISC2 (https://www.isc2.org/ ) did some testing and published
their findings. Maybe someone from ISC2 on this list can give you the
exact reference to that material.

saqib
http://doctrina.wordpress.com/

On Mon, Mar 31, 2008 at 11:10 AM, Danilo Gligoroski
[EMAIL PROTECTED] wrote:
 Hi,


  Probably you have heard about this:

  CCC publishes fingerprints of German Home Secretary
  Date: 31 March 2008
  Source: Heise.de

  In a protest against the use of biometric data, the
  Chaos Computer Club (CCC) has taken a step that will
  raise a few eyebrows ­ in the current issue of its
  club magazine Die Datenschleuder, the hackers have
  published the fingerprint of German Home Secretary,
  ...
  Link: http://www.liveleak.com/view?i=b29_1206968252



  QUESTION: Does anybody knows about the existence of a
  security research in area of grading the easiness to
  steel biometric data.
  For example, I guess that stealing information of
  someone's face is easier than stealing information
  about someone's fingerprints,
  but stealing information about someone's retina
  would be much harder.


  Such a scale can be useful in the design of secure
  protocols and secured information systems.


  Danilo Gligoroski!


-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Privacy as Contextual Integrity - A lecture by Dr. Nissembaum of NYU

2008-04-16 Thread Ali, Saqib
Dr. Helen Nissenbaum of NYU gave an extremely interesting, engaging
and stimulating lecture entitled Privacy in Context at UC Berkeley:

http://security-basics.blogspot.com/2008/04/fde-privacy-as-contextual-integrity.html
(audio recording and lecture notes)

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: cold boot attacks on disk encryption

2008-02-21 Thread Ali, Saqib
interesting paper. but i fail to see how this could be deadly (as
the author puts it) to the disk encryption products.

This methods requires the computer to be recently turned-on and unlocked.

So the only way it would work is that the victim unlocks the disks
i.e. enter their preboot password and turn off the computer and
immediately handover (conveniently) the computer to the attacker so
that the attacker remove the DRAM chip and store in nitrogen. And the
attacker has to do all this in less then 2 seconds :) If the
attacker is standing right next to the victim, why even let the victim
turn-off the unlocked computer

Or am I missing something?

-- 
Saqib Ali,
http://www.full-disk-encryption.net


On 2/21/08, Perry E. Metzger [EMAIL PROTECTED] wrote:

  Ed Felten blogs on his latest research:

  http://www.freedom-to-tinker.com/?p=1257

  Excerpt:

 Today eight colleagues and I are releasing a significant new
 research result. We show that disk encryption, the standard
 approach to protecting sensitive data on laptops, can be defeated
 by relatively simple methods. We demonstrate our methods by using
 them to defeat three popular disk encryption products: BitLocker,
 which comes with Windows Vista; FileVault, which comes with MacOS
 X; and dm-crypt, which is used with Linux.

  More info: http://citp.princeton.edu/memory

  Paper: http://citp.princeton.edu.nyud.net/pub/coldboot.pdf



  --
  Perry E. Metzger[EMAIL PROTECTED]

  -
  The Cryptography Mailing List
  Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: cold boot attacks on disk encryption

2008-02-21 Thread Ali, Saqib
After thinking about this a bit, i have changed my views on this
attack. i think it is quite easy to perform this attack. i myself have
been in similar situations, where my personal computer could have been
easily compromised by this attack

However, the hardware based encryption solutions like (Seagate FDE)
would easily deter this type of attacks, because in a Seagate FDE
drive the decryption key never gets to the DRAM. The keys always
remain in the Trusted ASIC on the drive.


On Thu, Feb 21, 2008 at 11:51 AM, Perry E. Metzger [EMAIL PROTECTED] wrote:

  Ali, Saqib [EMAIL PROTECTED] writes:
   This methods requires the computer to be recently turned-on and unlocked.

  No, it just requires that the computer was recently turned on. It need
  not have been unlocked -- it jut needed to have keying material in RAM.


   So the only way it would work is that the victim unlocks the disks
   i.e. enter their preboot password and turn off the computer and
   immediately handover (conveniently) the computer to the attacker so
   that the attacker remove the DRAM chip and store in nitrogen.

  LN2 is pretty trivial to get your hands on, and will remain happy and
  liquid in an ordinary thermos for quite some hours or longer. However,
  the authors point out that canned air works fine, too.


   And the attacker has to do all this in less then 2 seconds :)

  No, they may even have minutes depending on the RAM you have.


   Or am I missing something?

  People readily assume that rebooting or turning off a computer wipes
  RAM. It doesn't. This is just more evidence that it is bad
  to assume that the contents of RAM are gone even if you turn off the
  machine.

  Perry




-- 
Saqib Ali, CISSP, ISSAP
http://www.full-disk-encryption.net

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: cold boot attacks on disk encryption

2008-02-21 Thread Ali, Saqib
i think in most cases tamper-resistant is sufficient - provided the
device that can detect an attempt of tampering, and erase itself. DRAM
chips referred to in this attack are not tamper-resistant.

http://www.linkedin.com/in/encryption


On Thu, Feb 21, 2008 at 2:59 PM, Perry E. Metzger [EMAIL PROTECTED] wrote:

  Ali, Saqib [EMAIL PROTECTED] writes:

  How about TPM? Would this type of attack work on a tamper-resistant ver1.2 
  TPM?

  The phrase is tamper resistant, not tamper proof. Depending on how
  determined your attackers are, pretty much anything depending on
  tamper resistant hardware will fall. As always, the question is
  whether what you are protecting is worth more than the attackers would
  have to spend on the attack.

  --


 Perry E. Metzger[EMAIL PROTECTED]




-- 
Saqib Ali, CISSP, ISSAP
http://www.full-disk-encryption.net

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: cold boot attacks on disk encryption

2008-02-21 Thread Ali, Saqib
  Umm, pardon my bluntness, but what do you think the FDE stores the key
  in, if not DRAM? The encrypting device controller is a computer system
  with a CPU and memory. I can easily imagine what you'd need to build
  to do this to a disk drive. This attack works on anything that has RAM.

How about TPM? Would this type of attack work on a tamper-resistant ver1.2 TPM?

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: Open source FDE for Win32

2008-02-13 Thread Ali, Saqib
I installed TrueCrypt on my laptop and ran some benchmark tests/

Benchmark Results:
http://www.full-disk-encryption.net/wiki/index.php/TrueCrypt#Benchmarks

Pros:
1) Easy to use product. Simple clean interface. Very user-friendly!
2) Free and Open Source
3) Multiple Encryption and Hashing algorithm available.

Cons:
1) Buffered Read and Buffered Transfer Rate was almost halved after
TrueCrypt FDE was enabled :-(.
2) Access Time for large file (250+MB) increased by 11%.
3) The initial encryption of the 120 GB HDD took 2 hours.




On Feb 7, 2008 11:46 PM, Hagai Bar-El [EMAIL PROTECTED] wrote:
 List,

 Finally, an open source FDE (Full Disk Encryption) for Win32. It is the
 first one I am aware of:

 www.truecrypt.org

 TC is not a new player, but starting February 5th (version 5) it also
 provides FDE.

 Didn't get to try it yet.

 Hagai.


 -
 The Cryptography Mailing List
 Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: patent of the day

2008-01-23 Thread Ali, Saqib
can anyone please shed more light on this patent. It seems like a
patent on the simple process of cryptographic erase..

saqib
http://www.full-disk-encryption.net/wiki


On Jan 22, 2008 7:29 PM, Perry E. Metzger [EMAIL PROTECTED] wrote:

 http://www.google.com/patents?vid=USPAT6993661

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


DRM Helps Sink Another Content Distribution Project

2007-12-31 Thread Ali, Saqib
See:
http://msl1.mit.edu/furdlog/?p=6538

And Foxtrot on DMCA:
http://www.gocomics.com/foxtrot/2007/12/30/

And Opus on e-books:
http://www.salon.com/comics/opus/2007/12/30/opus/


saqib
http://www.quantumcrypto.de/dante/

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Electronic Voting: Danger and Opportunity

2007-12-24 Thread Ali, Saqib
University of Illinois will hold a talk on Electronic Voting: Danger
and Opportunity. Professor Edward W. Felten of Princeton University
will be speaking.See:
http://webtools.uiuc.edu/calendar/Calendar?calId=504eventId=78090ACTION=VIEW_EVENT


saqib
http://www.quantumcrypto.de/dante/

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: gauging interest in forming an USA chapter of IISP

2007-12-14 Thread Ali, Saqib
How will this be any different from being a member of ISC2 or ISACA?
Why do we need to be a member of yet another organization?

saqib
http://www.quantumcrypto.de/dante/


On Dec 12, 2007 12:21 PM, Alex Alten [EMAIL PROTECTED] wrote:

 Would anyone on this list be interested in forming a USA chapter of the
 Institute
 of Information Security Professionals (IISP, www.instisp.org)?

 I'm finding it rather difficult to attend events, etc., that are only in
 London.

 - Alex

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Perfect Storm is gathering

2007-10-29 Thread Ali, Saqib
I a good artikle about Storm worm in Guardian:
http://observer.guardian.co.uk/business/story/0,,2195730,00.html


saqib
http://security-basics.blogspot.com/2007/10/execute-spammers.html

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: Commercial CAPTCHA-breakers for sale

2007-10-23 Thread Ali, Saqib
On 10/22/07, Ian G [EMAIL PROTECTED] wrote:
 Peter Gutmann wrote:
  http://www.lafdc.com/captcha/ is a site that sells commercial 
  CAPTCHA-breaking
  software.

The complexity of some the captchas shown on this web-site made me
think. We have gone to such extents to prevent against spammers. When
we should be prosecuting and hanging the spammers.

Remember
Men are not hanged for stealing horses, but that horses may not be
stolen George Savile

saqib
http://security-basics.blogspot.com/

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: Full Disk Encryption solutions selected for US Government use

2007-10-08 Thread Ali, Saqib
Arshad,

Some of the solutions already include a KMS. One of the key
requirements of this particular RFP was Transparency. Can you please
elaborate more on how StrongKey KMS would have improved on
transparency?

Thanks
saqib
http://security-basics.blogspot.com/



On 10/8/07, Arshad Noor [EMAIL PROTECTED] wrote:
 We submitted a letter to the Program Manager, that while they RFP
 was asking for an FDE solution, they really needed to focus on Key
 Management across the agency, rather than the actual encryption
 solution itself, before they deployed any encryption product.

 We proposed our open-source Symmetric Key Management System (SKMS)
 software - StrongKey - as a solution since it includes utilities to
 perform file, directory and column-level database encryption using
 FIPS-certified tokens: smartcards, HSMs and software modules (NSS).

 Given that the solution we proposed was OSS, that it could leverage
 any FIPS-certified token through their published JCE/PKCS11 library,
 and that the StrongKey protocol is winding its way through OASIS
 towards becoming the Symmetric Key Services Markup Language (SKSML)
 with the support of 33 companies/individuals including the DoD, we
 believed that this solution was optimal for the government from many
 different points of view.

 However, because the RFP was narrowly written for FDE products only,
 our submission was not accepted.  That's life in the Federal
 procurement lane they think they're buying a state of the art
 security solution and they don't realize that the state of the art
 has already shifted under their feet.

 Arshad Noor
 StrongAuth, Inc.

 - Original Message -
 From: Steven M. Bellovin [EMAIL PROTECTED]

 On Mon, 18 Jun 2007 22:57:36 -0700
 Ali, Saqib [EMAIL PROTECTED] wrote:

  US Government has select 9 security vendors that will product drive
  and file level encryption software.
 
  See:
  http://security-basics.blogspot.com/2007/06/fde-fde-solutions-selected-for-us.html
  OR
  http://tinyurl.com/2xffax
 

 Out of curiousity, are any open source FDE products being evaluated?

 -
 The Cryptography Mailing List
 Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: Seagate announces hardware FDE for laptop and desktop machines

2007-10-05 Thread Ali, Saqib
 I think the really interesting question is what happens when you lose
 a FDE-ed hard drive.  Do you still need to publish the incident and
 contact potentially affected individuals?  If the answer is no, I'm
 sure this technology will be quickly adopted, independently of its
 actual implementation.

California Senate Bill CA1386 provides a Get Out of Jail Free Card
if you are using reasonable means to protect the confidentiality of
data. However you still have to proof it


saqib
http://security-basics.blogspot.com/

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: flavors of reptile lubricant, was Another Snake Oil Candidate

2007-09-13 Thread Ali, Saqib
On 13 Sep 2007 13:45:42 -, John Levine [EMAIL PROTECTED] wrote:
 I always understood snake oil crypto to refer to products that were of
 no value to anyone, e.g., products that claim to have secret
 unbreakable encryption, million bit keys, or one time pads produced
 by PRNGs.

hear hear!

I think in the zeal for criticism of the IronDrive, folks have
expanded the definition of Snake Oil to include All security
products.

I don't like the Military Grade AES Encryption phrase that IronDrive
uses on their website, cause that implies they know what Military is
using. Maybe somebody should notify DoD that these IronDrive folks
know what Military uses to encrypt info ;-)

But other then that I don't see any Snake Oil Crypto like
techno-babble used by IronDrive Marketing.

saqib
http://security-basics.blogspot.com/

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: Another Snake Oil Candidate

2007-09-11 Thread Ali, Saqib
On 9/11/07, Aram Perez [EMAIL PROTECTED] wrote:
 The world's most secure USB Flash Drive: https://www.ironkey.com/demo.

you didn't explain why it is a Snake Oil Candidate..

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: New DoD encryption mandate

2007-08-19 Thread Ali, Saqib
On 8/17/07, Ivan Krstic [EMAIL PROTECTED] wrote:
 How so? If your computer goes bad, you need a *backup*. That's
 entirely orthogonal to the drive encryption problem.

One of the functions provided by the TPM is to wrap/bind and store the
bulk encryption keys. Now let's us say the mother board or the TPM
goes bad on your notebook or you simply want to upgrade the computer.
You need to be able to restore+transfer the information stored in the
TPM to your new computer. This is where you need TPM management suite
that support key backup/restore and transfer.

A large company's (name withheld) strategy regarding TPM was to ignore
it. Not too long ago few key engineers from that company decided that
a TPM enabled encrypted vault would be good place to secure their
documents. Somehow they managed to lock themselves out of the
encrypted vaults (maybe forgotten password / or lost keys). Had that
company not ignored the TPM and instituted a key backup/archive
program, the engineers would have been able to recover their
confidential documents. We can blame the engineers, but at the end of
the day it was the whole company that lost money and valuable design
documents.

saqib
http://security-basics.blogspot.com/

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: New DoD encryption mandate

2007-08-19 Thread Ali, Saqib
 I still don't follow. BitLocker explicitly includes a (optionally
 file-based) recovery password. If you want central management, why
 not centrally manage _that_?

On if MS provided some way to manage them centrally. Using a encrypted
DB to manually store the keys in it, is simply not feasible.

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: Quantum Cryptography

2007-06-22 Thread Ali, Saqib

- Quantum Cryptography is fiction (strictly claims that it solves
  an applied problem are fiction, indisputably interesting Physics).


Well that is a broad (and maybe unfair) statement.

Quantum Key Distribution (QKD) solves an applied problem of secure key
distribution. It may not be able to ensure unconditional secrecy
during key exchange, but it can detect any eavesdropping. Once
eavesdropping is detected, the key can be discarded.

saqib
http://security-basics.blogspot.com/

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: Quantum Cryptography

2007-06-22 Thread Ali, Saqib

...whereas the key distribution systems we have aren't affected by
eavesdropping unless the attacker has the ability to perform 2^128 or
more operations, which he doesn't.


Paul: Here you are assuming that key exchange has already taken place.
But key exchange is the toughest part. That is where Quantum Key
Distribution QKD comes in the picture. Once the keys are exchanged
using QKD, you have to rely on conventional cryptography to do bulk
encryption using symmetric crypto.

Using Quantum Crypto to do bulk encryption doesn't make any sense. It
is only useful in key distribution.

saqib
http://www.linkedin.com/in/encryption

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Full Disk Encryption solutions selected for US Government use

2007-06-21 Thread Ali, Saqib

US Government has select 9 security vendors that will product drive
and file level encryption software.

See:
http://security-basics.blogspot.com/2007/06/fde-fde-solutions-selected-for-us.html
OR
http://tinyurl.com/2xffax

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: question re practical use of secret sharing

2007-06-21 Thread Ali, Saqib

There is a opensource implementation available:
http://point-at-infinity.org//



On 6/13/07, Charles Jackson [EMAIL PROTECTED] wrote:

A quick question.

Is anyone aware of a commercial product that implements secret sharing? If
so, can I get a pointer to some product literature?



--
Saqib Ali, CISSP, ISSAP
http://www.full-disk-encryption.net

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: A crazy thought?

2007-06-09 Thread Ali, Saqib

Allen,

I am not sure what you are trying to achieve. The CA never has your
private key. They are just signing a X.509 certificate that holds your
public key. This way they are vouching that that you own the public.
Even if you subpoena a CA they won't be able to decrypt any
information encrypted with your public key.

So having a separation-of-duty is not providing any additional security.

Can you please elaborate on you are trying to achieve?

Thanks
saqib
http://www.full-disk-encryption.net

On 5/26/07, Allen [EMAIL PROTECTED] wrote:

Hi Gang,

In a class I was in today a statement was made that there is no way
that anyone could present someone else's digital signature as their
own because no one has has their private key to sign it with. This
was in the context of a CA certificate which had it inside. I tried
to suggest that there might be scenarios that could accomplish this
but was told impossible. Not being totally clear on all the
methods that bind the digital signature to an identity I let it be;
however, the impossible mantra got me to thinking about it and
wondering what vectors might make this possible.

Validating a digital signature requires getting the public key from
some source, like a CA, or a publicly accessible database and
decrypting the signature to validate that the private key associated
with the public key created the digital signature, or open message.

Which lead me to the thought of trust in the repository for the
public key. Here in the USA, there is a long history of behind the
scenes cooperation by various large companies with the forces of
the law, like the wiretap in the ATT wire room, etc.

What is to prevent this from happening at a CA and it not being
known for a lengthy period of time? Jurors have been suborned for
political reasons, why not CAs? Would you, could you trust a CA
based in a country with a low ethics standard or a low regard for
human rights?

Which lead me to the thought that if it is possible, what could be
done to reduce the risk of it happening?

It occurred to me that perhaps some variation of separation of
duties like two CAs located in different political environments
might be used to accomplish this by having each cross-signing the
certificate so that the compromise of one CA would trigger an
invalid certificate. This might work if the compromise of the CA
happened *after* the original certificate was issued, but what if
the compromise was long standing? Is there any way to accomplish this?

Thoughts?

Best to all,

Allen

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]




--
Saqib Ali, CISSP, ISSAP
http://www.full-disk-encryption.net

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: Enterprise Right Management vs. Traditional Encryption Tools

2007-05-12 Thread Ali, Saqib

Hi Jon,


Rights management systems work against polite attackers. They are
useless against impolite attackers. Look at the way that
entertainment rights management systems have been attacked.
The rights management system will be secure so long as no one wants
to break them. There is tension between the desire to break it and
the degree to which its users rely on it. At some point, this tension
will snap and it's going to hurt the people who rely on it. A
metaphor involving a rubber band and that smarting is likely apt.


What about DRM/ERM that uses TPM? With TPM the content is pretty much
tied to a machine (barring screen captures etc)

Will ERM/DRM be ineffective even with the use of TPM?

Thanks
Saqib Ali

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Enterprise Right Management vs. Traditional Encryption Tools

2007-05-09 Thread Ali, Saqib

I was recently asked why not just deploy a Enterprise Right Management
solution instead of using various encryption tools to prevent data
leaks.

Any thoughts?

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: phone encryption technology becoming popular in Italy

2007-05-02 Thread Ali, Saqib

A notable mention is http://www.cryptophone.com/ . They are the only
secure phone provider that allows for independent review of the source
code.

On 4/30/07, Steven M. Bellovin [EMAIL PROTECTED] wrote:

According to an NY Times article
(http://news.com.com/Phone+taps+in+Italy+spur+rush+toward+encryption/2100-1029_3-6180118.html?tag=nefd.top),
phone encryption technology is becoming popular in Italy because of
many recent incidents of conversations being published.  Sometimes, a
wiretap is being leaked; other times, it seems to be private behavior:

What has spurred encryption sales is not so much the legal
wiretapping authorized by Italian magistrates--though
information about those calls is also frequently leaked to the
press--but the widespread availability of wiretapping
technology over the Internet, which has created a growing pool
of amateur eavesdroppers. Those snoops have a ready market in
the Italian media for filched celebrity conversations.



--Steve Bellovin, http://www.cs.columbia.edu/~smb

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]




--
Saqib Ali, CISSP, ISSAP
http://www.full-disk-encryption.net

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: crypto component services - is there a market?

2007-04-17 Thread Ali, Saqib

i am not sure what you mean by crypto component services. Can you
please elaborate?

saqib
http://www.full-disk-encryption.net

On 4/16/07, Travis H. [EMAIL PROTECTED] wrote:

So back when I was reading about secure logging I thought it'd be
a fun service to offer, but it doesn't seem like a product that
the average business would be interested in; it seems more like
something that would be a component of a larger system, or used by
other systems.

Same with digital timestamping.

Does anyone think there is a market for these point solutions?

--
Kill dash nine, and its no more CPU time, kill dash nine, and that
process is mine. -- URL:http://www.subspacefield.org/~travis/
For a good time on my UBE blacklist, email [EMAIL PROTECTED]





--
Saqib Ali, CISSP, ISSAP
http://www.full-disk-encryption.net

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]