[Cryptography] psyops

2013-09-30 Thread David Honig
Bumber sticker: Remember, the NSA is Backing You Up ___ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography

Re: Linux-based wireless mesh suite adds crypto engine support

2004-10-05 Thread David Honig
At 03:25 PM 9/30/04 -0700, John Gilmore wrote: Crypto hardware that generates random numbers can't be tested in production in many useful ways. My suggestion would be to XOR a hardware-generated and a software-generated random number stream. If one fails, whether by accident, malice, or design,

Re: An interesting new computer security problem

2004-09-30 Thread David Honig
At 12:58 PM 9/27/04 -0600, Anne Lynn Wheeler wrote: At 11:03 PM 9/24/2004, Peter Gutmann wrote: A few days ago I was chatting with some people working on a government IT project who had a rather complex security problem that they needed help with. They have a large number of users with Windows

Re: Approximate hashes

2004-09-01 Thread David Honig
At 06:02 PM 9/1/04 +0300, Marcel Popescu wrote: From: Marcel Popescu [EMAIL PROTECTED] Hence my question: is there some approximate hash function (which I could use instead of SHA-1) which can verify that a text hashes very close to a value? So that if I change, say, tabs into spaces, I won't

Re: titles

2004-08-26 Thread David Honig
At 12:34 AM 8/27/04 +0100, Ian Grigg wrote: David Honig wrote: Security Engineer, according to Schneier... I don't like that term for 3 reasons: firstly, when we build stuff, security should be top-to-bottom, integrated in, and not seen as an add-on, an after-thought. That is, the overall

Re: RPOW - Reusable Proofs of Work

2004-08-21 Thread David Honig
At 04:34 PM 8/20/04 -0500, Matt Crawford wrote: I'm wondering how applicable RPOW is. If you think of POW as a possible SPAM mitigation As spam mitigation, it might work better than hashcash. As cash, it lacks the anonymity of bearer-documents (tm) since there is one clearing house. This

Re: should you trust CAs? (Re: dual-use digital signature vulnerability)

2004-08-01 Thread David Honig
At 02:09 PM 7/28/04 -0400, Adam Back wrote: The difference is if the CA does not generate private keys, there should be only one certificate per email address, so if two are discovered in the wild the user has a transferable proof that the CA is up-to-no-good. Ie the difference is it is

Re: Is finding security holes a good idea?

2004-06-16 Thread David Honig
At 08:40 AM 6/16/04 -0700, Eric Rescorla wrote: the search patterns used by blackhats - we are all human and are likely to be drawn to similar bugs. Prof Nancy Levenson once did a study where separate teams coded solutions to the same problem. The different teams' code often erred in the same

Re: my periodic rant on quantum crypto

2004-04-14 Thread David Honig
At 03:37 PM 4/12/04 -0400, Perry E. Metzger wrote: QC can only run over a dedicated fiber over a short run, where more normal mechanisms can work fine over any sort of medium -- copper, the PSTN, the internet, etc, and can operate without distance limitation. Nice essay. I especially liked the

Re: Microsoft publicly announces Penny Black PoW postage project

2003-12-28 Thread David Honig
At 09:13 AM 12/26/03 -0800, Steve Schear wrote: http://news.bbc.co.uk/2/hi/technology/3324883.stm Mr Wobber and his group calculated that if there are 80,000 seconds in a day, a computational price of a 10-second levy would mean spammers would only be able to send about 8,000 messages a day, at

Re: SSL, client certs, and MITM (was WYTM?)

2003-11-12 Thread David Honig
At 07:11 PM 10/22/03 -0400, Perry E. Metzger wrote: Indeed. Imagine if we waited until airplanes exploded regularly to design them so they would not explode, or if we had designed our first suspension bridges by putting up some randomly selected amount of cabling and seeing if the bridge

Re: Open Source (was Simple SSL/TLS - Some Questions)

2003-10-11 Thread David Honig
At 12:08 AM 10/10/03 +0800, Ng Pheng Siong wrote: I believe SSL VPNs are easier than IPsec to deploy For the former, you give a password or two --maybe reuse a POP3 that your users already have-- and all your users get in fairly securely, and you can verify them. Easy for them because they

Re: anonymous DH MITM

2003-10-06 Thread David Honig
At 03:38 PM 10/6/03 -0400, Ian Grigg wrote: I'm asking myself whether anonymous DH is confusingly named. Perhaps it should be called psuedonymous DH because it creates psuedonyms for the life of the session? Or, we need a name that describes the creation of psuedonyms, de novo, from an anonymous

Re: Can Eve repeat?

2003-09-24 Thread David Honig
At 08:34 AM 9/24/03 -0400, Greg Troxel wrote: A consequence of the infinite CPU assumption is that ciphers like AES, hash functions like SHA-1, etc. are all considered useless by the purist QC community. Thus, people talk about doing authentication with families of universal hash functions. This

RE: Code breakers crack GSM cellphone encryption

2003-09-08 Thread David Honig
At 05:04 PM 9/8/03 -0400, Trei, Peter wrote: Why the heck would a government agency have to break the GSM encryption at all? The encryption is only on the airlink, and all GSM calls travel through the POTS land line system in the clear, where they are subject to warranted wiretaps. Breaking GSM

Re: Code breakers crack GSM cellphone encryption

2003-09-07 Thread David Honig
At 03:32 PM 9/7/03 -0400, R. A. Hettinga wrote: If the cellphone companies in 197 countries want to correct the code errors that expose them to trickery and abuse, they will have to call in each customer to make a change in the cellphone's programming, or replace all of the cellular phones used by

Re: U.S. seeks OSCE pact on biometric passports

2003-09-03 Thread David Honig
At 04:50 PM 9/2/03 -0400, Duncan Frissell wrote: Anyone have any pointers to non destructive methods of rendering Smart Chips unreadable? Just curious. DCF Perhaps I'm being dense but how could this be non-destructive? Do you mean non-obvious? Or reversible? If the usual microwave games

Re: traffic analysis (was: blackmail / stego)

2003-08-28 Thread David Honig
At 01:01 PM 8/27/03 -0700, Jim McCoy wrote: While IANL, it seems that the whole anonymity game has a flaw that doesn't even require a totalitarian regime. I would direct you to the various laws in the US (to pick a random example :) regarding conspiracy. Subscribing to an anonymity service

Re: Information-Theoretic Analysis of Information Hiding

2003-07-15 Thread David Honig
At 12:30 AM 7/15/03 -0400, Don Davis wrote: An electrical engineer at Washington University in St. Louis has devised a theory that sets the limits for the amount of data that can be hidden in a system and then provides guidelines for how to store data and decode it. Contrarily, the theory

Re: basic question: semantics of map, tie, etc in PKI

2003-07-08 Thread David Honig
At 11:40 AM 7/8/03 -0600, Anne Lynn Wheeler wrote: A hardware token that requires a PIN/password to operate can be considered two-factor authentication (something you have and something you know). I was going to comment on how a simple plastic debit card that includes a photo provides the

RE: Keyservers and Spam

2003-06-15 Thread David Honig
At 03:41 PM 6/13/03 -0700, Bill Frantz wrote: The HighFire project at Cryptorights http://www.cryptorights.org/research/highfire/ is planning on building a web of trust rooted in the NGOs who will be using the system. Each NGO will have a signing key. A NGO will sign the keys of the people

Re: An attack on paypal

2003-06-12 Thread David Honig
At 03:38 PM 6/11/03 -0600, Anne Lynn Wheeler wrote: even before e-commerce, the real BBB process was that people called up the BBB and got realtime information i.e. it was an online, realtime process. the equiivalent for an online, internet paradigm (as opposed to something left over

RE: Keyservers and Spam

2003-06-12 Thread David Honig
At 05:47 PM 6/11/03 -0700, Bill Frantz wrote: To try to reflect some of David's points with a real-world situation. I was at work, with a brand new installation of PGP. I wanted to send some confidential data home so I could work with it. However I didn't have my home key at work, so I didn't

RE: Keyservers and Spam

2003-06-10 Thread David Honig
At 12:43 PM 6/10/03 -0400, Jeffrey Kay wrote: number (which I now use Call Intercept to avoid telephone solicitors). But for privacy reasons, some folks will not automatically forward their phone number. You either deny them access or require them to jump through extra hoops (redial w/ special