[Cryptography] Crypto Standards v.s. Engineering habits - Was: NIST about to weaken SHA3?

2013-10-01 Thread Dirk-Willem van Gulik
Op 30 sep. 2013, om 05:12 heeft Christoph Anton Mitterer cales...@scientia.net het volgende geschreven: Not sure whether this has been pointed out / discussed here already (but I guess Perry will reject my mail in case it has): https://www.cdt.org/blogs/joseph-lorenzo-hall/2409-nist-sha-3

Re: [Cryptography] Crypto Standards v.s. Engineering habits - Was: NIST about to weaken SHA3?

2013-10-01 Thread Dirk-Willem van Gulik
Op 1 okt. 2013, om 17:59 heeft Jerry Leichter leich...@lrw.com het volgende geschreven: On Oct 1, 2013, at 3:29 AM, Dirk-Willem van Gulik di...@webweaving.org wrote: ...I do note that in crypto (possibly driven by the perceived expense of too many bits) we tend to very carefully observe

Re: [Cryptography] Cryptographic mailto: URI

2013-09-24 Thread Dirk-Willem van Gulik
Op 20 sep. 2013, om 14:55 heeft Phillip Hallam-Baker hal...@gmail.com het volgende geschreven: On Fri, Sep 20, 2013 at 4:36 AM, Dirk-Willem van Gulik di...@webweaving.org wrote: Op 19 sep. 2013, om 19:15 heeft Phillip Hallam-Baker hal...@gmail.com het volgende geschreven: Let us say

Re: [Cryptography] Cryptographic mailto: URI

2013-09-21 Thread Dirk-Willem van Gulik
Op 19 sep. 2013, om 19:15 heeft Phillip Hallam-Baker hal...@gmail.com het volgende geschreven: Let us say I want to send an email to al...@example.com securely. ... ppid:al...@example.com:example.net:Syd6BMXje5DLqHhYSpQswhPcvDXj+8rK9LaonAfcNWM ... example.net is a server which will resolve

Re: [Cryptography] Security is a total system problem (was Re: Perfection versus Forward Secrecy)

2013-09-15 Thread Dirk-Willem van Gulik
Op 13 sep. 2013, om 21:23 heeft Perry E. Metzger pe...@piermont.com het volgende geschreven: On Fri, 13 Sep 2013 08:08:38 +0200 Eugen Leitl eu...@leitl.org wrote: Why e.g. SWIFT is not running on one time pads is beyond me. I strongly suspect that delivering them securely to the vast

Re: [Cryptography] Is ECC suspicious?

2013-09-06 Thread Dirk-Willem van Gulik
Op 6 sep. 2013, om 01:09 heeft Perry E. Metzger pe...@piermont.com het volgende geschreven: http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance …. The Suite B curves were picked some time ago. Maybe they have problems. …. Now, this certainly was a problem for

Re: Watermarking...

2010-04-20 Thread Dirk-Willem van Gulik
On 19 Apr 2010, at 23:29, Massimiliano Pala wrote: Hi all, I was wondering if any of you have some pointers on the security of watermarking. In particular I am interested in public-key or asymmetric watermarking algorithms. Also, do you know of any free-to-use (opensource/etc.)

Re: HSM outage causes root CA key loss

2009-07-14 Thread Dirk-Willem van Gulik
Weger, B.M.M. de wrote: - if they rely on the CA for signing CRLs (or whatever revocation mechanism they're using) then they have to find some other way to revoke existing certificates. ... Seems to me that for signing CRLs it's better to have a separate Revocation Authority (whose

Re: Why the poor uptake of encrypted email? [Was: Re: Secrets and cell phones.]

2008-12-09 Thread Dirk-Willem van Gulik
On 8 Dec 2008, at 22:43, David G. Koontz wrote: JOHN GALT wrote: StealthMonger wrote: This may help to explain the poor uptake of encrypted email. It would be useful to know exactly what has been discovered. Can you provide references? The iconic Paper explaining this is Why Johnny

Raw RSA binary string and public key 'detection'

2008-11-20 Thread Dirk-Willem van Gulik
Been looking at the Telnic (dev.telnic.org) effort. In essence; NAPTR dns records which contain private details such as a phone number. These are encrypted against the public keys of your friends (so if you have 20 friends and 3 phone numbers visible to all friends - you need 20 subdomains

Re: once more, with feeling.

2008-09-17 Thread Dirk-Willem van Gulik
... discussion on CA/cert acceptance hurdles in the UI I am just wondering if we need a dose of PGP-style reality here. We're really seeing 3 or 4 levels of SSL/TLS happening here - and whilst they all appear use the same technology - the assurances, UI, operational regimen,

Re: On the randomness of DNS

2008-07-30 Thread Dirk-Willem van Gulik
On 30 Jul 2008, at 19:57, Pierre-Evariste Dagand wrote: But just how GREAT is that, really? Well, we don' t know. Why? Because there isn't actually a way test for randomness. Your DNS resolver could be using some easily predicted random number generator like, say, a linear congruential

Re: On the randomness of DNS

2008-07-30 Thread Dirk-Willem van Gulik
On 30 Jul 2008, at 21:33, Ben Laurie wrote: For sure, it would be better if we could check the source code and match the implemented RNG against an already known RNG. But, then, there is a the chicken or the egg problem: how would you ensure that a *new* RNG is a good source of randomness ?

Re: the joy of enhanced certs

2008-06-04 Thread Dirk-Willem van Gulik
On Wed, 4 Jun 2008, Perry E. Metzger wrote: I'm thinking of starting a CA that sells super duper enhanced security certs, where we make the company being certified sign a document in which they promise that they're absolutely trustworthy. To be really sure, we'll make them fax said document

Re: [mm] delegating SSL certificates

2008-03-17 Thread Dirk-Willem van Gulik
On Mar 16, 2008, at 7:52 PM, Ben Laurie wrote: Dirk-Willem van Gulik wrote: So I'd argue that while x509, its CA's and its CRL's are a serious pain to deal** with, and seem add little value if you assume avery diligent and experienced operational team -- they do provide a useful

Re: delegating SSL certificates

2008-03-16 Thread Dirk-Willem van Gulik
On Mar 16, 2008, at 12:32 PM, Ben Laurie wrote: [EMAIL PROTECTED] wrote: So at the company I work for, most of the internal systems have expired SSL certs, or self-signed certs. Obviously this is bad. You only think this is bad because you believe CAs add some value. SSH keys aren't

Re: patent of the day

2008-01-24 Thread Dirk-Willem van Gulik
On Wed, 23 Jan 2008, Leichter, Jerry wrote: well be prior art, but the idea of erasing information by deliberately discarding a key is certainly not completely obvious except in retrospect. If you look at any traditional crypto text, you won't Hmm - it is commonly mentioned that (early)

Re: [EMAIL PROTECTED]: Skype security evaluation]

2005-10-26 Thread Dirk-Willem van Gulik
On Mon, 24 Oct 2005, cyphrpunk wrote: Is it possible that Skype doesn't use RSA encryption? Or if they do, do they do it without using any padding, and is that safe? You may want to read the report itself: http://www.skype.com/security/files/2005-031%20security%20evaluation.pdf and

Re: [Forwarded] RealID: How to become an unperson.

2005-07-08 Thread Dirk-Willem van Gulik
On Tue, 5 Jul 2005 [EMAIL PROTECTED] wrote: (currently in Boston, MA, after giving fingerprints at the airport immigration) And you may have then noticed the interesting effect; in Germany we have mandatory cards - carry them round always - but virtually have to show them. And only to

Re: encrypted tapes

2005-06-09 Thread Dirk-Willem van Gulik
On Wed, 8 Jun 2005, Perry E. Metzger wrote: Dan Kaminsky [EMAIL PROTECTED] writes: Yes, because key management is easy or free. Eh - my experience is that that is where 99% of the cost is - in the whole human procedures and vetting around it. The paper work, the auditing, dealing with

Re: SSL/TLS passive sniffing

2004-12-05 Thread Dirk-Willem van Gulik
On Wed, 1 Dec 2004, Anne Lynn Wheeler wrote: the other attack is on the certification authorities business process Note that in a fair number of Certificate issuing processes common in industry the CA (sysadmin) generates both the private key -and- certificate, signs it and then exports both

Re: Customs and Excise Electronic Returns

2004-10-04 Thread Dirk-Willem van Gulik
On Thu, 30 Sep 2004, Ian Grigg wrote: PKI, and the Customs Excise's, mistake was to assume that a key is only useful if it is signed by someone else. From a Right; that is often forgotten and very useful - as the dutch root PKI was signed under rather dubious circumstances (and its

Re: Satellite eavesdropping of 802.11b traffic

2004-05-30 Thread Dirk-Willem van Gulik
On May 27, 2004, at 12:35 PM, John Kelsey wrote: Does anyone know whether the low-power nature of wireless LANs protects them from eavesdropping by satellite? Is there some simple reference that would easily let me figure out whether transmitters at a given power are in danger of eavesdropping

Re: Verisign CRL single point of failure

2004-04-01 Thread Dirk-Willem van Gulik
On Jan 9, 2004, at 8:06 PM, Rich Salz wrote: dave kleiman wrote: Because the client has a Certificate Revocation Checking function turned on in a particular app (i.e. IE or NAV). I don't think you understood my question. Why is crl.verisign.com getting overloaded *now.* What does the