Travis H. wrote:
So I was reading this:
http://en.wikipedia.org/wiki/Merkle-Damgard
It seems to me the length-extension attack (given one collision, it's
easy to create others) is not the only one, though it's obviously a
big concern to those who rely on it.
This attack thanks to Schneier:
If
. this Friday and in IBM Watson on
next Tuesday - so if any of you are around, I'll love to see you.
--
Best regards,
Amir Herzberg
Associate Professor
Department of Computer Science
Bar Ilan University
http://AmirHerzberg.com
Try TrustBar - improved browser security UI:
http://AmirHerzberg.com/TrustBar
/index.html#download
Feedback will be most welcome!
--
Best regards,
Amir Herzberg
Associate Professor
Department of Computer Science
Bar Ilan University
http://AmirHerzberg.com
Try TrustBar - improved browser security UI:
http://AmirHerzberg.com/TrustBar
Visit my Hall Of Shame of Unprotected Login
currently working closely with my hosting company,
Sitelutions, to bring the site back online as soon as possible. More
news soon.
--
Best regards,
Amir Herzberg
Associate Professor
Department of Computer Science
Bar Ilan University
http://AmirHerzberg.com
Try TrustBar - improved browser security UI
(IE, FF, Opera, KDE) where they agreed
to adopt these ideas
http://AmirHerzberg.com/TrustBar - my page for info and downloads of
TrustBar... TrustBar is a public domain, open source project.
--
Best regards,
Amir Herzberg
Associate Professor
Department of Computer Science
Bar Ilan University
warning of their unprotected login and
the fact I'm going to add them to `hall of shame`) by legal threats.
Typical case of `pay lawyers a lot, to avoid doing things right`.
4. One company sent me coupons for free trades. Rare example, I'm afraid...
--
Best regards,
Amir Herzberg
Associate
Anderson once had to
resort to asking Adi to call me on the phone to deliver a message, since
a crazy mail filter here (Bar Ilan Univ.) blocked his messages for
weeks... And more incidents. So believe me I'm well aware of this problem.
--
Best regards,
Amir Herzberg
Associate Professor
Department
if you edit the URL after login to https, it appears to work
ok over SSL also.
cool, this may also be something we can do for users (essentially
requires us extending the auto-redirection features with wildcard
functionality).
--
Best regards,
Amir Herzberg
Associate Professor
Department
, since `everybody` uses
Windows, any stupid program can redirect users to fake sites - and do
much worse...
Anyway - thanks for the feedback.
--
Best regards,
Amir Herzberg
Associate Professor
Department of Computer Science
Bar Ilan University
http://AmirHerzberg.com
Try TrustBar - improved
David Wagner wrote:
Amir Herzberg writes:
However, quite a few of these sites invoke SSL/TLS only _after_ user has
typed in her user name and pw, and clicked `submit`. This allows a MITM
adversary to send a modified login page to the user, which sends the pw
to the attacker (rather than
research on secure usability. Thanks!
BTW, TrustBar is an open-source project, so if some of you want to
provide it to your customers, possibly customized (branded) etc., there
is no licensing required.
--
Best regards,
Amir Herzberg
Associate Professor
Department of Computer Science
Bar Ilan
with failures, but this is not
difficult; I also don't discuss how to support users of `public` PCs and
changing PCs, solutions are possible.
--
Best regards,
Amir Herzberg
Associate Professor
Department of Computer Science
Bar Ilan University
http://AmirHerzberg.com
Try TrustBar - improved browser
for now; now tell me what's wrong, etc It is definitely
too simple to be any good.
--
Best regards,
Amir Herzberg
Associate Professor
Department of Computer Science
Bar Ilan University
http://AmirHerzberg.com
Try TrustBar - improved browser security UI:
http://AmirHerzberg.com/TrustBar
Ian G wrote:
Amir Herzberg wrote:
For a stationary user, the extension compares _Iterations_ and confirm
it is at most one less than previous value of _Iterations_ used with
this site.
(Minor point - if relying on incrementing
Iterations, this may impact password sharing
scenarios. Whether
.
Nice oracle to find last 5 digits... making it quite easy to find the
full number.
Not that anybody would bother. Still, I find it funny.
--
Best regards,
Amir Herzberg
Associate Professor
Department of Computer Science
Bar Ilan University
http://AmirHerzberg.com
Try TrustBar - improved
the other proposals. I may be wrong
about the CyberCash role, though, it was a while, and I don't think it
matters so much...
--
Best regards,
Amir Herzberg
Associate Professor
Department of Computer Science
Bar Ilan University
http://AmirHerzberg.com
Try TrustBar - improved browser security UI
to such attacks.
But... crypto and authentication, imho, are the best tools to prevent
such malware from being installed. Yes, I know, this is far from the
current situation, with corrupted PCs (Zombies) being a very large
fraction (around a third?)...
--
Best regards,
Amir Herzberg
Associate Professor
Lance James wrote:
Amir Herzberg wrote:
Lance James wrote:
...
https://slam.securescience.com/threats/mixed.html
This site is set so that there is a frame of https://www.bankone.com
inside my https://slam.securescience.com/threats/mixed.html site. The
imaginative part is that you may
-fraud
--
Best regards,
Amir Herzberg
Associate Professor
Department of Computer Science
Bar Ilan University
http://AmirHerzberg.com
Try TrustBar - improved browser security UI:
http://AmirHerzberg.com/TrustBar
Visit my Hall Of Shame of Unprotected Login pages:
http://AmirHerzberg.com/shame
Ole Kasper Olsen wrote:
...
Amir Herzberg asked the question of should login pages be SSL encrypted.
The flurry of discussion can be summerized as Yes...
...
2. Most people believe that a login page *should* be encrypted
for web sites carrying important data. (e.g., financial, etc
clueless as to send you corrupted scripts, it may as well publish your
password directly...
Best, Amir Herzberg
Ken Ballou wrote:
Unless I misunderstand, the problem is that I can not determine where my
login information will go without examining the source of the login
page. Sure, the form might
to expect less of AMERICAN EXPRESS? Of VERIZON?
That's a non-starter as far as I'm concerned. If you want to have
a life of excuses, you don't get to play with the grownups.
Perry
.
--
Best regards,
Amir Herzberg
Associate Professor
Department of Computer Science
Bar Ilan University
http
the CA visible to the user
(but in a way users can understand - I believe we have that with TrustBar).
--
Best regards,
Amir Herzberg
Associate Professor
Department of Computer Science
Bar Ilan University
http://AmirHerzberg.com
New: see my Hall Of Shame of Unprotected Login pages:
http
in
a proxy any CAs you don't trust. Let the user decide among these you
can't rule out.
--
Best regards,
Amir Herzberg
Associate Professor
Department of Computer Science
Bar Ilan University
http://AmirHerzberg.com
New: see my Hall Of Shame of Unprotected Login pages:
http://AmirHerzberg.com
, can protect reasonably well even
naive or unsuspecting users.
--
Best regards,
Amir Herzberg
Associate Professor
Department of Computer Science
Bar Ilan University
http://AmirHerzberg.com
New: see my Hall Of Shame of Unprotected Login pages:
http://AmirHerzberg.com/shame.html
on phishing and spoofing, at
http://www.cs.biu.ac.il/~herzbea/shame/FAQ.htm
--
Best regards,
Amir Herzberg
Associate Professor
Department of Computer Science
Bar Ilan University
http://AmirHerzberg.com
New: see my Hall Of Shame of Unprotected Login pages:
http://AmirHerzberg.com/shame.html
and developers, and hence improve the security of their systems.
--
Best regards,
Amir Herzberg
Associate Professor
Department of Computer Science
Bar Ilan University
http://AmirHerzberg.com
New: see my Hall Of Shame of Unprotected Login pages:
http://AmirHerzberg.com/shame.html
15:34 +0200 ) Amir Herzberg:
See more info e.g. at http://www.haaretz.com/hasen/spages/581790.html
an excellent tale [still unfolding]- no doubt coming to a bookstore or
movie theatre near you real soon.
of course, it was never mentioned in the article, but they *had* to be
running windows
users
understand quite the TrustBar UI for SSL protected sites. We display
something like name/logo of site identified by name/logo of CA. I'll
appreciate your thoughts/feedback, try it at http://TrustBar.MozDev.org.
--
Best regards,
Amir Herzberg
Associate Professor
Department of Computer
problems. This couple were
apparently targeted by the Trojan for personal reasons; the programmer
is their ex-son-in-law...
See more info e.g. at http://www.haaretz.com/hasen/spages/581790.html
--
Best regards,
Amir Herzberg
Associate Professor
Department of Computer Science
Bar Ilan University
feedback...]
Best, Amir Herzberg
James A. Donald wrote:
--
In my blog http://blog.jim.com/ I post how email
encryption should work
I would appreciate some analysis of this proposal, which
I think summarizes a great deal of discussion that I
have read.
* The user should automagically get
the device encryption of a random number
(using the public key of the device), and the device sending back the
number as proof of possession of the corresponding secret key?
Best, Amir Herzberg
-
The Cryptography Mailing List
sufficiently to identify
sites, and to _know_ which CA is identifying the (protected) site they use.
This is easy to do, and of course you can add this to your
Mozilla/FireFox browser by installing our TrustBar (from
http://TrustBar.mozdev.org).
Best, Amir Herzberg
John Levine wrote:
Does
Taral wrote:
On Wed, Feb 09, 2005 at 07:41:36PM +0200, Amir Herzberg wrote:
Want to protect your Mozilla/FireFox from such attacks? Install our
TrustBar: http://TrustBar.Mozdev.org
(this was the first time that I had a real reason to click the `I don't
trust this authority` button...)
Opinions
, Amir Herzberg
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
encouraging
people to review the code (it is all script so you can just download
TrustBar and read it), write their own better code, etc...
Best, Amir Herzberg
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe
TrustBar: http://TrustBar.Mozdev.org
(this was the first time that I had a real reason to click the `I don't
trust this authority` button...)
Opinions?
Best, Amir Herzberg
-
The Cryptography Mailing List
Unsubscribe by sending
complex for naive users).
Thanks (also for the URL)! Amir Herzberg
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
thing.
I find it almost a professional insult, that people go for non-crypto
identification mechanisms to prevent spoofing and phishing. I mean, if
we can't sell crypto for this purpose, this - imho - is a real failure.
Best, Amir Herzberg
, I wouldn't
object if some serious open-code developer assumed responsibility...
If people are interested, and want to discuss face to face, I'll be in
RSA on 15-18/February...
Best, Amir Herzberg
-
The Cryptography Mailing List
...
--
Best regards,
Amir Herzberg
Associate Professor, Computer Science Dept., Bar Ilan University
http://amirherzberg.com (information and lectures in cryptography
security)
Mirror site: http://www.mfn.org/~herzbea/
begin:vcard
fn:Amir Herzberg
n:Herzberg;Amir
org:Bar Ilan University;Computer
before releasing (hoping in a week or two) or longer term? Can you do it
for IE or other browser?
(for the paper, see my homepage as below...)
--
Best regards,
Amir Herzberg
Associate Professor, Computer Science Dept., Bar Ilan University
http://amirherzberg.com (information and lectures
signatures) that the signed documents are structured with a random field
before and after the `actual contract`, as long as the fields are well
defined.
--
Best regards,
Amir Herzberg
Associate Professor, Computer Science Dept., Bar Ilan University
http://amirherzberg.com (information and lectures
year's antiphishing meeting who said they'd been thinking of
something like that.
Agree! We call this a credential, see in paper or just this screen shot
http://www.cs.biu.ac.il/~herzbea/Papers/ecommerce/spoofing_files/image006.gif
--
Best regards,
Amir Herzberg
Associate Professor, Computer
at
http://www.cs.biu.ac.il/~herzbea/Papers/ecommerce/spoofing.htm), I'll
love to hear their feedback..
--
Best regards,
Amir Herzberg
Associate Professor, Computer Science Dept., Bar Ilan University
http://amirherzberg.com (information and lectures in cryptography
security)
begin:vcard
fn:Amir
(and
they definitely _don't_ slow down...).
So I think this observation about EZ Pass is probably true, but for some
time ago; with current technology, reading license plates is possible
(which, I guess, has some alarming privacy implications...).
Best regards,
Amir Herzberg
Associate Professor
on the first time you get a public key from the server...
--
Best regards,
Amir Herzberg
Associate Professor, Computer Science Dept., Bar Ilan University
http://amirherzberg.com (information and lectures in cryptography
security)
begin:vcard
fn:Amir Herzberg
n:Herzberg;Amir
org:Bar Ilan
, at
http://eprint.iacr.org/2004/155/ and
http://www.cs.biu.ac.il/~herzbea/Papers/ecommerce/Spam.htm
# Controlling Spam by Secure Internet Content Selection, at
http://eprint.iacr.org/2004/154/ and
http://www.cs.biu.ac.il/~herzbea/Papers/ecommerce/Spam.htm
--
Best regards,
Amir Herzberg
Florian Weimer wrote:
* Amir Herzberg:
# Protecting (even) Naïve Web Users, or: Preventing Spoofing and
Establishing Credentials of Web Sites, at
http://www.cs.biu.ac.il/~herzbea/Papers/ecommerce/trusted%20credentials%20area.PDF
The trusted credentials area is an interesting concept.
Thanks
) we developed for Mozilla, and it works great; I hope
we'll feel soon confident enough with the code so we'll be able to put
it in the public domain. Experienced Mozilla developers who will be
willing to help test and evaluate the code are invited to contact me.
--
Best regards,
Amir Herzberg
to the list. Important aspects include reliability, functionality,
performance, documentation, cost (for development system - no `per seat`
cost!), and licensing terms (in particular can it be used for commercial
products, and any restrictions).
Thanks a lot...
--
Best regards,
Amir Herzberg
reliable and persistent.
In the meanwhile, if you find you cannot download the files, I guess I'll
have to send by e-mail... Unfortunately these are pretty large files.
Needless to say, technical comments and corrections are also (or:
especially) welcome.
Best regards,
Amir Herzberg
Professor
the bug in this simple solution? If anybody wants to implement I'm
willing to assist in developing/validating the protocols.
Best regards,
Amir Herzberg
Computer Science Department, Bar Ilan University
Homepage (and lectures in applied cryptography, secure communication and
commerce): http
At 18:02 29/12/2003, Ben Laurie wrote:
Amir Herzberg wrote:
...
specifications, I use `non-repudiation` terms for some of the
requirements. For example, the intuitive phrasing of the Non-Repudiation
of Origin (NRO) requirement is: if any party outputs an evidence evid
s.t. valid(agreement, evid
really object and if so why? What of
applications/scenarios that seem to require non-repudiation, e.g. certified
mail, payments, contract signing,...?
Best regards,
Amir Herzberg
Computer Science Department, Bar Ilan University
Lectures: http://www.cs.biu.ac.il/~herzbea/book.html
Homepage: http
of origin, i.e. the ability of recipient to convince a
third party that a message was sent (to him) by a particular sender (at
certain time)?
Or - do you think this is not an important requirement?
Or what?
Best regards,
Amir Herzberg
Computer Science Department, Bar Ilan University
Lectures: http
,
Amir Herzberg
Computer Science Department, Bar Ilan University
Lectures: http://www.cs.biu.ac.il/~herzbea/book.html
Homepage: http://amir.herzberg.name
At 16:25 15/12/2003, Matt wrote:
Quoting Ben Laurie [EMAIL PROTECTED]:
I don't see any value added by cipher1 - what's the point?
The message
as I wrote before...) that you don't achieve your
stated goal of identifying the intended receiver. This is also solved if
you sign the ciphertext and the receiver's public key, or simply sign the
identity of the receiver.
Anyway, I am repeating myself, so...
Best regards,
Amir Herzberg
on encryption and hashing which cover much of
this topic (see in site if interested).
Best, Amir Herzberg
http://amir.herzberg.name
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL
of systems, while cute, are not
really helping applied cryptography (IMHO).
Best regards...
Amir Herzberg
http://amir.herzberg.name
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
to key length requirements); in
particular public key systems are always `only` computationally secure.
This is not really a problem and certainly not a motivation to design new
systems, without a proof of security...
Best, Amir Herzberg
http://amir.herzberg.name
61 matches
Mail list logo