Re: length-extension and Merkle-Damgard hashes

2007-02-03 Thread Amir Herzberg
Travis H. wrote: So I was reading this: http://en.wikipedia.org/wiki/Merkle-Damgard It seems to me the length-extension attack (given one collision, it's easy to create others) is not the only one, though it's obviously a big concern to those who rely on it. This attack thanks to Schneier: If

Paper summarizing new directions in protecting web users

2006-03-08 Thread Amir Herzberg
. this Friday and in IBM Watson on next Tuesday - so if any of you are around, I'll love to see you. -- Best regards, Amir Herzberg Associate Professor Department of Computer Science Bar Ilan University http://AmirHerzberg.com Try TrustBar - improved browser security UI: http://AmirHerzberg.com/TrustBar

New version (0.9.97) of TrustBar - first from the new developer team

2006-01-22 Thread Amir Herzberg
/index.html#download Feedback will be most welcome! -- Best regards, Amir Herzberg Associate Professor Department of Computer Science Bar Ilan University http://AmirHerzberg.com Try TrustBar - improved browser security UI: http://AmirHerzberg.com/TrustBar Visit my Hall Of Shame of Unprotected Login

DoS attack on The Million Dollar Homepage

2006-01-18 Thread Amir Herzberg
currently working closely with my hosting company, Sitelutions, to bring the site back online as soon as possible. More news soon. -- Best regards, Amir Herzberg Associate Professor Department of Computer Science Bar Ilan University http://AmirHerzberg.com Try TrustBar - improved browser security UI

`Identified by` CA technique of TrustBar adopted by IE, other browsers...

2005-11-30 Thread Amir Herzberg
(IE, FF, Opera, KDE) where they agreed to adopt these ideas http://AmirHerzberg.com/TrustBar - my page for info and downloads of TrustBar... TrustBar is a public domain, open source project. -- Best regards, Amir Herzberg Associate Professor Department of Computer Science Bar Ilan University

Re: US Banks: Training the next generation of phishing victims

2005-10-14 Thread Amir Herzberg
warning of their unprotected login and the fact I'm going to add them to `hall of shame`) by legal threats. Typical case of `pay lawyers a lot, to avoid doing things right`. 4. One company sent me coupons for free trades. Rare example, I'm afraid... -- Best regards, Amir Herzberg Associate

Re: An overview of cryptographic protocols to prevent spam

2005-09-26 Thread Amir Herzberg
Anderson once had to resort to asking Adi to call me on the phone to deliver a message, since a crazy mail filter here (Bar Ilan Univ.) blocked his messages for weeks... And more incidents. So believe me I'm well aware of this problem. -- Best regards, Amir Herzberg Associate Professor Department

Re: Defending users of unprotected login pages with TrustBar 0.4.9.93

2005-09-22 Thread Amir Herzberg
if you edit the URL after login to https, it appears to work ok over SSL also. cool, this may also be something we can do for users (essentially requires us extending the auto-redirection features with wildcard functionality). -- Best regards, Amir Herzberg Associate Professor Department

Re: Defending users of unprotected login pages with TrustBar 0.4.9.93

2005-09-20 Thread Amir Herzberg
, since `everybody` uses Windows, any stupid program can redirect users to fake sites - and do much worse... Anyway - thanks for the feedback. -- Best regards, Amir Herzberg Associate Professor Department of Computer Science Bar Ilan University http://AmirHerzberg.com Try TrustBar - improved

Re: Defending users of unprotected login pages with TrustBar 0.4.9.93

2005-09-20 Thread Amir Herzberg
David Wagner wrote: Amir Herzberg writes: However, quite a few of these sites invoke SSL/TLS only _after_ user has typed in her user name and pw, and clicked `submit`. This allows a MITM adversary to send a modified login page to the user, which sends the pw to the attacker (rather than

Defending users of unprotected login pages with TrustBar 0.4.9.93

2005-09-19 Thread Amir Herzberg
research on secure usability. Thanks! BTW, TrustBar is an open-source project, so if some of you want to provide it to your customers, possibly customized (branded) etc., there is no licensing required. -- Best regards, Amir Herzberg Associate Professor Department of Computer Science Bar Ilan

Re: simple (secure??) PW-based web login (was Re: Another entryin theinternet security hall of shame....)

2005-09-15 Thread Amir Herzberg
with failures, but this is not difficult; I also don't discuss how to support users of `public` PCs and changing PCs, solutions are possible. -- Best regards, Amir Herzberg Associate Professor Department of Computer Science Bar Ilan University http://AmirHerzberg.com Try TrustBar - improved browser

simple (secure??) PW-based web login (was Re: Another entry in theinternet security hall of shame....)

2005-09-14 Thread Amir Herzberg
for now; now tell me what's wrong, etc It is definitely too simple to be any good. -- Best regards, Amir Herzberg Associate Professor Department of Computer Science Bar Ilan University http://AmirHerzberg.com Try TrustBar - improved browser security UI: http://AmirHerzberg.com/TrustBar

Re: [Anti-fraud] simple (secure??) PW-based web login (was Re:Anotherentry in theinternet security hall of shame....)

2005-09-14 Thread Amir Herzberg
Ian G wrote: Amir Herzberg wrote: For a stationary user, the extension compares _Iterations_ and confirm it is at most one less than previous value of _Iterations_ used with this site. (Minor point - if relying on incrementing Iterations, this may impact password sharing scenarios. Whether

Amazon's

2005-09-14 Thread Amir Herzberg
. Nice oracle to find last 5 digits... making it quite easy to find the full number. Not that anybody would bother. Still, I find it funny. -- Best regards, Amir Herzberg Associate Professor Department of Computer Science Bar Ilan University http://AmirHerzberg.com Try TrustBar - improved

Re: the limits of crypto and authentication

2005-07-14 Thread Amir Herzberg
the other proposals. I may be wrong about the CyberCash role, though, it was a while, and I don't think it matters so much... -- Best regards, Amir Herzberg Associate Professor Department of Computer Science Bar Ilan University http://AmirHerzberg.com Try TrustBar - improved browser security UI

Re: the limits of crypto and authentication

2005-07-11 Thread Amir Herzberg
to such attacks. But... crypto and authentication, imho, are the best tools to prevent such malware from being installed. Yes, I know, this is far from the current situation, with corrupted PCs (Zombies) being a very large fraction (around a third?)... -- Best regards, Amir Herzberg Associate Professor

Re: Feature or Flaw?

2005-07-06 Thread Amir Herzberg
Lance James wrote: Amir Herzberg wrote: Lance James wrote: ... https://slam.securescience.com/threats/mixed.html This site is set so that there is a frame of https://www.bankone.com inside my https://slam.securescience.com/threats/mixed.html site. The imaginative part is that you may

Re: Feature or Flaw?

2005-07-05 Thread Amir Herzberg
-fraud -- Best regards, Amir Herzberg Associate Professor Department of Computer Science Bar Ilan University http://AmirHerzberg.com Try TrustBar - improved browser security UI: http://AmirHerzberg.com/TrustBar Visit my Hall Of Shame of Unprotected Login pages: http://AmirHerzberg.com/shame

Rephrased: Should login pages be protected by SSL - although it won'thelp most users?

2005-06-23 Thread Amir Herzberg
Ole Kasper Olsen wrote: ... Amir Herzberg asked the question of should login pages be SSL encrypted. The flurry of discussion can be summerized as Yes... ... 2. Most people believe that a login page *should* be encrypted for web sites carrying important data. (e.g., financial, etc

Re: AmEx unprotected login site (was encrypted tapes, was Re: PapersaboutAlgorithm hiding ?)

2005-06-09 Thread Amir Herzberg
clueless as to send you corrupted scripts, it may as well publish your password directly... Best, Amir Herzberg Ken Ballou wrote: Unless I misunderstand, the problem is that I can not determine where my login information will go without examining the source of the login page. Sure, the form might

Re: AmEx [add: and other] unprotected login site

2005-06-09 Thread Amir Herzberg
to expect less of AMERICAN EXPRESS? Of VERIZON? That's a non-starter as far as I'm concerned. If you want to have a life of excuses, you don't get to play with the grownups. Perry . -- Best regards, Amir Herzberg Associate Professor Department of Computer Science Bar Ilan University http

Re: AmEx unprotected login site

2005-06-09 Thread Amir Herzberg
the CA visible to the user (but in a way users can understand - I believe we have that with TrustBar). -- Best regards, Amir Herzberg Associate Professor Department of Computer Science Bar Ilan University http://AmirHerzberg.com New: see my Hall Of Shame of Unprotected Login pages: http

Re: AmEx unprotected login site

2005-06-09 Thread Amir Herzberg
in a proxy any CAs you don't trust. Let the user decide among these you can't rule out. -- Best regards, Amir Herzberg Associate Professor Department of Computer Science Bar Ilan University http://AmirHerzberg.com New: see my Hall Of Shame of Unprotected Login pages: http://AmirHerzberg.com

Re: AmEx unprotected login site

2005-06-09 Thread Amir Herzberg
, can protect reasonably well even naive or unsuspecting users. -- Best regards, Amir Herzberg Associate Professor Department of Computer Science Bar Ilan University http://AmirHerzberg.com New: see my Hall Of Shame of Unprotected Login pages: http://AmirHerzberg.com/shame.html

Hall of Shame of Unprotected Login Sites, and Phishing/Spoofing FAQ

2005-06-07 Thread Amir Herzberg
on phishing and spoofing, at http://www.cs.biu.ac.il/~herzbea/shame/FAQ.htm -- Best regards, Amir Herzberg Associate Professor Department of Computer Science Bar Ilan University http://AmirHerzberg.com New: see my Hall Of Shame of Unprotected Login pages: http://AmirHerzberg.com/shame.html

Re: Trojan horse attack involving many major Israeli companies, executives

2005-06-01 Thread Amir Herzberg
and developers, and hence improve the security of their systems. -- Best regards, Amir Herzberg Associate Professor Department of Computer Science Bar Ilan University http://AmirHerzberg.com New: see my Hall Of Shame of Unprotected Login pages: http://AmirHerzberg.com/shame.html

Re: Trojan horse attack involving many major Israeli companies, executives

2005-05-31 Thread Amir Herzberg
15:34 +0200 ) Amir Herzberg: See more info e.g. at http://www.haaretz.com/hasen/spages/581790.html an excellent tale [still unfolding]- no doubt coming to a bookstore or movie theatre near you real soon. of course, it was never mentioned in the article, but they *had* to be running windows

Re: Citibank discloses private information to improve security

2005-05-31 Thread Amir Herzberg
users understand quite the TrustBar UI for SSL protected sites. We display something like name/logo of site identified by name/logo of CA. I'll appreciate your thoughts/feedback, try it at http://TrustBar.MozDev.org. -- Best regards, Amir Herzberg Associate Professor Department of Computer

Trojan horse attack involving many major Israeli companies, executives

2005-05-30 Thread Amir Herzberg
problems. This couple were apparently targeted by the Trojan for personal reasons; the programmer is their ex-son-in-law... See more info e.g. at http://www.haaretz.com/hasen/spages/581790.html -- Best regards, Amir Herzberg Associate Professor Department of Computer Science Bar Ilan University

Re: how email encryption should work (and how to get it used...)

2005-05-20 Thread Amir Herzberg
feedback...] Best, Amir Herzberg James A. Donald wrote: -- In my blog http://blog.jim.com/ I post how email encryption should work I would appreciate some analysis of this proposal, which I think summarizes a great deal of discussion that I have read. * The user should automagically get

Re: PK - OTP?

2005-03-20 Thread Amir Herzberg
the device encryption of a random number (using the public key of the device), and the device sending back the number as proof of possession of the corresponding secret key? Best, Amir Herzberg - The Cryptography Mailing List

Re: $90 for high assurance _versus_ $349 for low assurance

2005-03-20 Thread Amir Herzberg
sufficiently to identify sites, and to _know_ which CA is identifying the (protected) site they use. This is easy to do, and of course you can add this to your Mozilla/FireFox browser by installing our TrustBar (from http://TrustBar.mozdev.org). Best, Amir Herzberg John Levine wrote: Does

Re: A cool demo of how to spoof sites (also shows how TrustBar preventsthis...)

2005-02-10 Thread Amir Herzberg
Taral wrote: On Wed, Feb 09, 2005 at 07:41:36PM +0200, Amir Herzberg wrote: Want to protect your Mozilla/FireFox from such attacks? Install our TrustBar: http://TrustBar.Mozdev.org (this was the first time that I had a real reason to click the `I don't trust this authority` button...) Opinions

Re: A cool demo of how to spoof sites (also shows how TrustBar preventsthis...)

2005-02-10 Thread Amir Herzberg
, Amir Herzberg - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: A cool demo of how to spoof sites (also shows how TrustBar preventsthis...)

2005-02-10 Thread Amir Herzberg
encouraging people to review the code (it is all script so you can just download TrustBar and read it), write their own better code, etc... Best, Amir Herzberg - The Cryptography Mailing List Unsubscribe by sending unsubscribe

A cool demo of how to spoof sites (also shows how TrustBar preventsthis...)

2005-02-09 Thread Amir Herzberg
TrustBar: http://TrustBar.Mozdev.org (this was the first time that I had a real reason to click the `I don't trust this authority` button...) Opinions? Best, Amir Herzberg - The Cryptography Mailing List Unsubscribe by sending

Re: Can you help develop crypto anti-spoofing/phishing tool ?

2005-02-06 Thread Amir Herzberg
complex for naive users). Thanks (also for the URL)! Amir Herzberg - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: Can you help develop crypto anti-spoofing/phishing tool ?

2005-02-04 Thread Amir Herzberg
thing. I find it almost a professional insult, that people go for non-crypto identification mechanisms to prevent spoofing and phishing. I mean, if we can't sell crypto for this purpose, this - imho - is a real failure. Best, Amir Herzberg

Can you help develop crypto anti-spoofing/phishing tool ?

2005-02-02 Thread Amir Herzberg
, I wouldn't object if some serious open-code developer assumed responsibility... If people are interested, and want to discuss face to face, I'll be in RSA on 15-18/February... Best, Amir Herzberg - The Cryptography Mailing List

Re: Websites, Passwords, and Consumers (Re: CRYPTO-GRAM, August 15,2004)

2004-08-16 Thread Amir Herzberg
... -- Best regards, Amir Herzberg Associate Professor, Computer Science Dept., Bar Ilan University http://amirherzberg.com (information and lectures in cryptography security) Mirror site: http://www.mfn.org/~herzbea/ begin:vcard fn:Amir Herzberg n:Herzberg;Amir org:Bar Ilan University;Computer

On SSL, SET, `real PKI` and real code against Phishing/Spoofing

2004-07-22 Thread Amir Herzberg
before releasing (hoping in a week or two) or longer term? Can you do it for IE or other browser? (for the paper, see my homepage as below...) -- Best regards, Amir Herzberg Associate Professor, Computer Science Dept., Bar Ilan University http://amirherzberg.com (information and lectures

Re: dual-use digital signature vulnerability

2004-07-22 Thread Amir Herzberg
signatures) that the signed documents are structured with a random field before and after the `actual contract`, as long as the fields are well defined. -- Best regards, Amir Herzberg Associate Professor, Computer Science Dept., Bar Ilan University http://amirherzberg.com (information and lectures

Re: Can crypto help against Phishing, Spoofing and Spamming...

2004-07-14 Thread Amir Herzberg
year's antiphishing meeting who said they'd been thinking of something like that. Agree! We call this a credential, see in paper or just this screen shot http://www.cs.biu.ac.il/~herzbea/Papers/ecommerce/spoofing_files/image006.gif -- Best regards, Amir Herzberg Associate Professor, Computer

Re: Question on the state of the security industry

2004-07-13 Thread Amir Herzberg
at http://www.cs.biu.ac.il/~herzbea/Papers/ecommerce/spoofing.htm), I'll love to hear their feedback.. -- Best regards, Amir Herzberg Associate Professor, Computer Science Dept., Bar Ilan University http://amirherzberg.com (information and lectures in cryptography security) begin:vcard fn:Amir

Re: EZ Pass and the fast lane ....

2004-07-11 Thread Amir Herzberg
(and they definitely _don't_ slow down...). So I think this observation about EZ Pass is probably true, but for some time ago; with current technology, reading license plates is possible (which, I guess, has some alarming privacy implications...). Best regards, Amir Herzberg Associate Professor

Re: Using crypto against Phishing, Spoofing and Spamming...

2004-07-11 Thread Amir Herzberg
on the first time you get a public key from the server... -- Best regards, Amir Herzberg Associate Professor, Computer Science Dept., Bar Ilan University http://amirherzberg.com (information and lectures in cryptography security) begin:vcard fn:Amir Herzberg n:Herzberg;Amir org:Bar Ilan

Can crypto help against Phishing, Spoofing and Spamming...

2004-07-09 Thread Amir Herzberg
, at http://eprint.iacr.org/2004/155/ and http://www.cs.biu.ac.il/~herzbea/Papers/ecommerce/Spam.htm # Controlling Spam by Secure Internet Content Selection, at http://eprint.iacr.org/2004/154/ and http://www.cs.biu.ac.il/~herzbea/Papers/ecommerce/Spam.htm -- Best regards, Amir Herzberg

Re: Using crypto against Phishing, Spoofing and Spamming...

2004-07-08 Thread Amir Herzberg
Florian Weimer wrote: * Amir Herzberg: # Protecting (even) Naïve Web Users, or: Preventing Spoofing and Establishing Credentials of Web Sites, at http://www.cs.biu.ac.il/~herzbea/Papers/ecommerce/trusted%20credentials%20area.PDF The trusted credentials area is an interesting concept. Thanks

Using crypto against Phishing, Spoofing and Spamming...

2004-07-04 Thread Amir Herzberg
) we developed for Mozilla, and it works great; I hope we'll feel soon confident enough with the code so we'll be able to put it in the public domain. Experienced Mozilla developers who will be willing to help test and evaluate the code are invited to contact me. -- Best regards, Amir Herzberg

recommendations/evaluations of free / low-cost crypto libraries

2004-06-15 Thread Amir Herzberg
to the list. Important aspects include reliability, functionality, performance, documentation, cost (for development system - no `per seat` cost!), and licensing terms (in particular can it be used for commercial products, and any restrictions). Thanks a lot... -- Best regards, Amir Herzberg

Looking for mirror (or: better) sites to host my crypto/security lectures

2004-05-25 Thread Amir Herzberg
reliable and persistent. In the meanwhile, if you find you cannot download the files, I guess I'll have to send by e-mail... Unfortunately these are pretty large files. Needless to say, technical comments and corrections are also (or: especially) welcome. Best regards, Amir Herzberg Professor

Re: why penny black etc. are not very useful (could crypto stop spam??)

2004-01-02 Thread Amir Herzberg
the bug in this simple solution? If anybody wants to implement I'm willing to assist in developing/validating the protocols. Best regards, Amir Herzberg Computer Science Department, Bar Ilan University Homepage (and lectures in applied cryptography, secure communication and commerce): http

Re: Non-repudiation (was RE: The PAIN mnemonic)

2003-12-30 Thread Amir Herzberg
At 18:02 29/12/2003, Ben Laurie wrote: Amir Herzberg wrote: ... specifications, I use `non-repudiation` terms for some of the requirements. For example, the intuitive phrasing of the Non-Repudiation of Origin (NRO) requirement is: if any party outputs an evidence evid s.t. valid(agreement, evid

Re: example: secure computing kernel needed

2003-12-30 Thread Amir Herzberg
At 04:20 30/12/2003, David Wagner wrote: Ed Reed wrote: There are many business uses for such things, like checking to see if locked down kiosk computers have been modified (either hardware or software), I'm a bit puzzled why you'd settle for detecting changes when you can prevent them. Any

Re: Non-repudiation (was RE: The PAIN mnemonic)

2003-12-28 Thread Amir Herzberg
really object and if so why? What of applications/scenarios that seem to require non-repudiation, e.g. certified mail, payments, contract signing,...? Best regards, Amir Herzberg Computer Science Department, Bar Ilan University Lectures: http://www.cs.biu.ac.il/~herzbea/book.html Homepage: http

Re: Non-repudiation (was RE: The PAIN mnemonic)

2003-12-23 Thread Amir Herzberg
of origin, i.e. the ability of recipient to convince a third party that a message was sent (to him) by a particular sender (at certain time)? Or - do you think this is not an important requirement? Or what? Best regards, Amir Herzberg Computer Science Department, Bar Ilan University Lectures: http

Re: Super-Encryption

2003-12-18 Thread Amir Herzberg
, Amir Herzberg Computer Science Department, Bar Ilan University Lectures: http://www.cs.biu.ac.il/~herzbea/book.html Homepage: http://amir.herzberg.name At 16:25 15/12/2003, Matt wrote: Quoting Ben Laurie [EMAIL PROTECTED]: I don't see any value added by cipher1 - what's the point? The message

Re: Super-Encryption

2003-12-18 Thread Amir Herzberg
as I wrote before...) that you don't achieve your stated goal of identifying the intended receiver. This is also solved if you sign the ciphertext and the receiver's public key, or simply sign the identity of the receiver. Anyway, I am repeating myself, so... Best regards, Amir Herzberg

RE: Are there...one-way encryption algorithms

2003-11-16 Thread Amir Herzberg
on encryption and hashing which cover much of this topic (see in site if interested). Best, Amir Herzberg http://amir.herzberg.name - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL

Re: Fwd: [IP] A Simpler, More Personal Key to Protect Online Messages

2003-07-08 Thread Amir Herzberg
of systems, while cute, are not really helping applied cryptography (IMHO). Best regards... Amir Herzberg http://amir.herzberg.name - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: grumpf: PODC (and security in distributed computing) announcement

2003-06-19 Thread Amir Herzberg
of the conference (it's about podcs?), the dates, and the location. Topic: Distributed computing, and this year special focus on distributed security and crypto Dates: July 13-17 Location: Boston, MA URL: http://www.podc.org/podc2003/ Best, a very apologetic Amir Herzberg

Re: Maybe It's Snake Oil All the Way Down

2003-06-03 Thread Amir Herzberg
to key length requirements); in particular public key systems are always `only` computationally secure. This is not really a problem and certainly not a motivation to design new systems, without a proof of security... Best, Amir Herzberg http://amir.herzberg.name