On 14/10/2013 14:36, Eugen Leitl wrote:
Guys, in order to minimize Tor Project's dependance on
federal funding and/or increase what they can do it
would be great to have some additional funding ~10 kUSD/month.
I would say what is needed is not one source at $10K/month but 10K
sources at
On 16/09/2013 23:39, Perry E. Metzger wrote:
On Mon, 16 Sep 2013 11:54:13 -1000 Tim Newsham
tim.news...@gmail.com wrote:
- A backdoor that leaks cryptographic secrets
consider for example applications using an intel chip with
hardware-assist for AES. You're feeding your AES keys
directly
Stephan Neuhaus wrote:
On Aug 31, 2009, at 13:20, Jerry Leichter wrote:
It can “...intercept all audio data coming and going to the Skype
process.”
Interesting, but is this a novel idea? As far as I can see, the process
intercepts the audio before it reaches Skype and after it has left
Travis wrote:
Hello,
Recently I set up certificates for my server's SSL, SMTP, IMAP, XMPP,
and OpenVPN services. Actually, I created my own CA for some of the
certificates, and in other cases I used self-signed. It took me
substantially more time than I had anticipated, and I'm left with
Darren J Moffat wrote:
Warnings aren't enough in this context [ whey already exists ] the
only thing that will work is stopping the page being seen - replacing
it with a clearly worded explanation with *no* way to pass through
and render the page (okay maybe with a debug build of the browser
Paul Hoffman wrote:
At 11:21 PM +0100 9/9/08, Dave Howe wrote:
Darren J Moffat wrote:
Warnings aren't enough in this context [ whey already exists ] the
only thing that will work is stopping the page being seen - replacing
it with a clearly worded explanation with *no* way to pass through
The Fungi wrote:
On Tue, Jun 10, 2008 at 11:41:56PM +0100, Dave Howe wrote:
The key size would imply PKI; that being true, then the ransom may
be for a session key (specific per machine) rather than the
master key it is unwrapped with.
Per the computerworld.com article:
Kaspersky has
Jim Youll wrote:
If there's just one key, then Kaspersky could get maximum press by
paying the ransom and publishing it. If there are many keys, then Kaspersky
still has reached its press-coverage quota, just not as dramatically.
The key size would imply PKI; that being true, then the ransom
Ben Laurie wrote:
Ed Gerck wrote:
Ben Laurie wrote:
But doesn't that prove the point? The trust that you consequently
place in the web server because of the certificate _cannot_ be copied
to another webserver. That other webserver has to go out and buy its
own copy, with its own domain name
James A. Donald wrote:
From time to time I hear that DNSSEC is working fine, and on examining
the matter I find it is working fine except that
DNSSEC is working fine as a technology. However, it is worth
remembering that it works based on digitally signing an entire zone -
the state of
John Levine wrote:
| Presumably the value they add is that they keep browsers from popping
| up scary warning messages
Apple's Mail.app checks certs on SSL-based mail server connections.
It has the good - but also bad - feature that it *always* asks for
user approval if it gets a cert it
[EMAIL PROTECTED] wrote:
So at the company I work for, most of the internal systems have
expired SSL certs, or self-signed certs. Obviously this is bad.
Sorta. TLS gets along with self signed just fine though, and obviously
you can choose to accept a root or unsigned cert on a per-client
Philipp Gühring wrote:
I once implemented SSL over GSM data channel (without PPP and without
TCP), and discovered that SSL needs better integrity protection than
raw GSM delivers. (I am quite sure that´s why people normally run PPP
over GSM channels ...) SSH has the same problems. It also
Perry E. Metzger wrote:
http://www.google.com/patents?vid=USPAT6993661
Hat tip to a party who prefers to remain anonymous who sent me the
patent number.
Interesting. he patented E4M, then two years old or so...
-
The
Saqib Ali wrote:
http://www.freepatentauction.com/patent.php?nb=950
googlepatent gives me:
http://www.google.com/patents?id=HaN6EBAJdq=7,088,821
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe
Leichter, Jerry wrote:
First off, it depends on how the thing is implemented. Since the entire
drive is apparently encrypted, and you have to enter a password just to
boot from it, some of the support is in an extended BIOS or some very
early boot code, which is below any OS you might actually
Allen wrote:
Hi Gang,
In a class I was in today a statement was made that there is no way that
anyone could present someone else's digital signature as their own because no
one has has their private key to sign it with. This was in the context of a
CA certificate which had it inside. I
Chris Olesch wrote:
Ok the lurker posts...
Can someone explain to me why security specialists think this:
The system uses BitLocker Drive Encryption through a chip called TPM
(Trusted Platform Module) in the computer's motherboard.
is going to stop authorities from retreiving data?
I
Travis H. wrote:
In the FBI's public statement about Hannsen, they relate how he used a 3.5
floppy in 40 track mode to store data, but if it was read in the ordinay
way it would appear blank. IIRC, high-density floppies are 80 tracks per
inch, and double density were 40 tpi. So, how do you
Eugen Leitl wrote:
Sudden thermal stress (liquid nitrogen, etc) might be good enough to
delaminate, leaving clear disks behind.
Not sure what the data surface is made from but - surely a suitable organic
solvent could remove the paint into suspension leaving a clear plastic disc
and no trace of
John Denker wrote:
Dave Howe wrote:
Hmm. can you selectively blank areas of CD-RW?
Sure, you can. It isn't s much different from rewriting any
other type of disk.
Yeah, I know. just unsure how effective blanking is on cd-rw for (say) a pattern
that has been in residence for two
Anton Stiglic wrote:
I agree. The cryptodox page looks nice, but I would rather see the content
go in wikipedia, which is worked on, and looked at, by many more people, a
really beautiful community work.
There is also the wiki crypto wikibook, which is sorta a co-production and
shares a lot of
Jonathan Thornburg wrote:
1. How to insure physical security for the N years between when you
exchange CDs and the use of a given chunk of keying material? The
single CD system is brittle -- a single black-bag burglary to
copy the CD, and poof, the adversary has all your keys for the next
N
R.A. Hettinga wrote:
http://www.betanews.com/article/print/Sony_to_Help_Remove_its_DRM_Rootkit/1130965475
Unfortunately, this is an exaggeration of what Sony have agreed to do - they
have issued an installable which removes the filename cloaking component while
leaving the rest (primarily, the
Eugen Leitl wrote:
On Sun, Sep 11, 2005 at 06:49:58PM -0400, Scott Guthery wrote:
1) GSM/3G handsets are networked card readers that are pretty
successful. They are I'd wager about as secure as an ATM or a POS,
particularly with respect to social attacks.
The smartphones not secure at all,
Peter Gutmann wrote:
TLS-PSK fixes this problem by providing mutual authentication of client and
server as part of the key exchange. Both sides demonstrate proof-of-
possession of the password (without actually communicating the password), if
either side fails to do this then the TLS handshake
James A. Donald wrote:
SSL works in practice, X509 with CA certs does not work
in practice. People have been bullied into using it by
their browsers, but it does not give the protection
intended, because people do what is necessary to avoid
being nagged by browsers, not what is necessary to
Nicolas Williams wrote:
Yes, a challenge-response password authentication protocol, normally
subject to off-line dictionary attacks by passive and active attackers
can be strengthened by throwing in channel binding to, say, a TLS
channel, such that: a) passive attacks are not possible, b) MITMs
Ian G wrote:
none of the above. Using SSL is the wrong tool
for the job.
For the one task mentioned - transmitting the username/password pair to the
server - TLS is completely appropriate. However, hash based verification would
seem to be more secure, require no encryption overhead on the
Ilya Levin wrote:
John Denker [EMAIL PROTECTED] wrote:
So, unless/until somebody comes up with a better metaphor,
I'd vote for one-picket fence.
Nonsense fence maybe less metaphoric but more clear.
I disagree - one picket fence gives a clear impression of a protective device
that is
Peter Fairbrother wrote:
I don't think there is much danger of severe torture, but I don't think
innocent-until-proven-guilty applies either, and suspicion should be
minimised or avoided.
Depends on what you want to avoid.
Best solution for software is dual-use - 7-zip for file encryption,
Joseph Ashwood wrote:
I believe you are incorrect in this statement. It is a matter of public
record that RSA Security's DES Challenge II was broken in 72 hours by
$250,000 worth of semi-custom machine, for the sake of solidity let's
assume they used 2^55 work to break it. Now moving to a
Dave Howe wrote:
I think this is part of the
purpose behind the following paper:
http://eprint.iacr.org/2004/229.pdf
which I am currently trying to understand and failing miserably at *sigh*
Nope, finally strugged to the end to find a section pointing out that it
does *not* prevent mitm attacks
Steven M. Bellovin wrote:
It was only to protect against differential cryptanalysis; they did not
know about linear cryptanalysis.
More accurately, they didn't protect against linear cryptanalysis -
there is no way to know if they knew about it and either didn't want to
make changes to
R. A. Hettinga wrote:
Nevada has taken the lead on paper trails not only in its own elections,
but also in Congress. Its senators - John Ensign, a Republican, and Harry
Reid, a Democrat - have co-sponsored the bipartisan Voting Integrity and
Verification Act, one of a number of pending bills that
R. A. Hettinga wrote:
The publisher first has to obtain a digital certificate from a recognized
certificate authority or CA (VeriSign (VRSN ) is the largest and best
known CA in the U.S.). The publisher receives a private and a public key,
each of which is a long number of about 300 digits. These
Anne Lynn Wheeler wrote:
ONE of Britain's biggest banks is asking customers to use cash
machines as little as possible to help combat soaring card fraud.
That's odd - given a deliberate policy of encouraging Cash Machine use
over the last few years, as Cash Machine costs+fraud still come to less
R. A. Hettinga wrote:
If we're going to move to a national identification card, we can't afford
to do it badly. Now is the time to figure out how to create a card that
helps identify people but doesn't rob them of a huge swath of their civil
liberties in the process.
Just watch how the british do
R. A. Hettinga wrote:
To prevent loss or theft, the data is backed up automatically and
redundantly on dedicated Martus servers in Manila, Toronto, Seattle and
Budapest. Nobody can read the files without access to the original user's
cryptography key and password -- with the exception of
Ian Grigg wrote:
Dave Howe wrote:
No - it means you might want to consider a system that guarantees
end-to-end encryption - not just first link, then maybe if it feels
like it
That doesn't mean TLS is worthless - on the contrary, it adds an
additional layer of both user authentication
opinions?
http://www.wisdom.weizmann.ac.il/~tromer/acoustic/
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
http://www.cse.ucsd.edu/users/tkohno/papers/WinZip/
Abstract: WinZip is a popular compression utility for Microsoft Windows
computers, the latest version of which is advertised as having
easy-to-use AES encryption to protect your sensitive data. We exhibit
several attacks against WinZip's new
Hadmut Danisch wrote:
- He didn't find any single mistake. He just says that everything is
already known and taken from literature.
certainly possible - if he didn't know (or deliberately ignored) that it had
been written in 1988 :)
How much of it is *still* new or at least hard to find in the
Do Cryptographers burn?
Sometimes they blush hard enough to ignite, if that helps :)
Cryptography is a lot about math, information theory,
proofs, etc. But there's a certain level where all this
is too complicated and time-consuming to follow all those
theories and claims. At a certain point
Peter Gutmann wrote:
Dave Howe [EMAIL PROTECTED] writes:
Key management and auditing is pretty much external to the actual
software regardless of which solution you use I would have thought.
Not necessarily. I looked at this in an ACSAC'2000 paper (available
from http://www.acsac.org/2000
Ian Grigg wrote:
(link is very slow:)
http://theregister.co.uk/content/68/34096.html
Cryptophone locks out snoopers
By electricnews.net
Posted: 20/11/2003 at 10:16 GMT
I see the source release has been put back... again.
Ralf-P. Weinmann wrote:
This is *NOT* the interesting part. The interesting part is the
payload it is to deliver. The claim This enables the software to spy
on the user and remain hidden to the operating system. rather
interests me. How do they achieve this in an OS-agnostic fashion?
They
Ian Grigg wrote:
I'm curious - my understanding of a VPN was that
it set up a network that all applications could
transparently communicate over.
spot on.
Port forwarding appears not to be that, in
practice each application has to be reconfigured
to talk to the appropriate port, or, each
slightly ranting, you might want to hit del now :)
Ian Grigg wrote:
What is written in these posts (not just the present one)
does derive from that viewpoint and although one can
quibble about the details, it does look very much from
the outside that there is an informal Cryptographers
Guild
Jill Ramonsky wrote:
Is it possible for Bob to instruct his browser to (a) refuse to trust
anything signed by Eve, and (b) to trust Alice's certificate (which
she handed to him personally)? (And if so, how?)
I am very much hoping that you can answer both (a) and (b) with a yes,
ok then yes :)
Joel Sing wrote:
Hi Adam,
I believe they have, at least to a large degree. InstantSSL
(www.instantssl.com) sell 128-bit certificates for $49USD/annum.
Certainly far cheaper than the VeriSign or Thawte equivalent. This is
their 'base' level service which comes with a $50USD warranty, email
John Young wrote:
James Ellis, GCHQ, in his account of the development of non-secret
encryption credits a Bell Laboratories 1944 report on Project
C-43 for stimulating his conception:
However the concept seems familiar enough - unless I am missing something, a
PRNG (n for noise rather than
in a world where there are repeated human mistakes/failures
at some point it is recognized that people aren't perfect and the design
is changed to accommodate peoples foibles. in some respects that is what
helmets, seat belts, and air bags have been about.
The problem is here, we are
53 matches
Mail list logo