[Cryptography] Other curves and algos used in France
2013/9/10 james hughes > [...] > Lastly, going a partial step seems strange also. Why do we what to put > ourselves through this again so soon? The French government suggests 2048 > now (for both RSA and DHE), and will only last 6 years. From > http://www.ssi.gouv.fr/IMG/pdf/RGS_B_1.pdf > > They also published their own curve (a 256 bits GF(p) one), named FRP256v1 ( http://www.legifrance.gouv.fr/affichTexte.do?cidTexte=JORFTEXT24668816). But since they don't provide any detail on the parameters' choice, and the use of this curve isn't mandatory at all, I prefer the Brainpool ones. They're also pushing for ECKCDSA adoption, by asking HSM manufacturers to include this mechanism. I don't know anything on this. -- Erwann. ___ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography
Re: and constrained subordinate CA costs?
On Fri, 25 Mar 2005, Florian Weimer wrote: > * Adam Back: > > > Does anyone have info on the cost of sub-ordinate CA cert with a name > > space constraint (limited to issue certs on domains which are > > sub-domains of a your choice... ie only valid to issue certs on > > sub-domains of foo.com). > > Is there a technical option to enforce such a policy on subordinated > CAs? Yes, the nameConstraints extension. But nobody checks it, and since this extension MUST be critical as per RFC3280, it invalidates the CA certificate that includes it, making it useless, for now. The X.509 standard provides less examples of the possible applications of this extension than the RFC3280. -- Erwann ABALEA <[EMAIL PROTECTED]> - RSA PGP Key ID: 0x2D0EABD5 - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Dell to Add Security Chip to PCs
On Wed, 2 Feb 2005, Dan Kaminsky wrote: > Uh, you *really* have no idea how much the black hat community is > looking forward to TCPA. For example, Office is going to have core > components running inside a protected environment totally immune to > antivirus. How? TCPA is only a cryptographic device, and some BIOS code, nothing else. Does the coming of TCPA chips eliminate the bugs, buffer overflows, stack overflows, or any other way to execute arbitrary code? If yes, isn't that a wonderful thing? Obviously it doesn't (eliminate bugs and so on). > Since these components are going to be managing > cryptographic operations, the "well defined API" exposed from within the > sandbox will have arbitrary content going in, and opaque content coming > out. Malware goes in (there's not a executable environment created that > can't be exploited), sets up shop, has no need to be stealthy due to the > complete blockage of AV monitors and cleaners, and does what it wants to > the plaintext and ciphertext (alters content, changes keys) before > emitting it back out the opaque outbound interface. I use cryptographic devices everyday, and TCPA is not different than the present situation. No better, no worse. -- Erwann ABALEA <[EMAIL PROTECTED]> - RSA PGP Key ID: 0x2D0EABD5 - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
RE: Dell to Add Security Chip to PCs
On Thu, 3 Feb 2005, Jay Sulzberger wrote: > On Wed, 2 Feb 2005, Erwann ABALEA wrote: > > > On Wed, 2 Feb 2005, Trei, Peter wrote: > > > >> Seeing as it comes out of the TCG, this is almost certainly > >> the enabling hardware for Palladium/NGSCB. Its a part of > >> your computer which you may not have full control over. > > > > Please stop relaying FUD. You have full control over your PC, even if this > > one is equiped with a TCPA chip. See the TCPA chip as a hardware security > > module integrated into your PC. An API exists to use it, and one if the > > functions of this API is 'take ownership', which has the effect of > > erasing it and regenerating new internal keys. > > After TCPA systems are the only systems for sale at CompUSA, how long > before this off switch is removed? All agree we live in a time of crisis; > at any moment MICROSOFT/RIAA/MPAA/HOMSECPOL/CONGREGATIONOFMARTYRS may > require of all of us an attestation of faith and obedience greater and more > secure than present hardware can convincingly convey. And do you seriously think that "you can't do that, it's technically not possible" is a good answer? That's what you're saying. For me, a better answer is "you don't have the right to deny my ownership". -- Erwann ABALEA <[EMAIL PROTECTED]> - RSA PGP Key ID: 0x2D0EABD5 - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
RE: Dell to Add Security Chip to PCs
Bonjour, On Wed, 2 Feb 2005, Erwann ABALEA wrote: > On Wed, 2 Feb 2005, Trei, Peter wrote: > > > Seeing as it comes out of the TCG, this is almost certainly > > the enabling hardware for Palladium/NGSCB. Its a part of > > your computer which you may not have full control over. > > Please stop relaying FUD. You have full control over your PC, even if this > one is equiped with a TCPA chip. See the TCPA chip as a hardware security > module integrated into your PC. An API exists to use it, and one if the > functions of this API is 'take ownership', which has the effect of > erasing it and regenerating new internal keys. I've read your objections. Maybe I wasn't clear. What's wrong in installing a cryptographic device by default on PC motherboards? I work for a PKI 'vendor', and for me, software private keys is a nonsense. How will you convice "Mr Smith" (or Mme Michu) to buy an expensive CC EAL4+ evaluated token, install the drivers, and solve the inevitable conflicts that will occur, simply to store his private key? You first have to be good to convice him to justify the extra depense. If a standard secure hardware cryptographic device is installed by default on PCs, it's OK! You could obviously say that Mr Smith won't be able to move his certificates from machine A to machine B, but more than 98% of the time, Mr Smith doesn't need to do that. Installing a TCPA chip is not a bad idea. It is as 'trustable' as any other cryptographic device, internal or external. What is bad is accepting to buy a software that you won't be able to use if you decide to claim your ownership... Palladium is bad, TCPA is not bad. Don't confuse the two. -- Erwann ABALEA <[EMAIL PROTECTED]> - RSA PGP Key ID: 0x2D0EABD5 - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
RE: Dell to Add Security Chip to PCs
On Wed, 2 Feb 2005, Trei, Peter wrote: > Seeing as it comes out of the TCG, this is almost certainly > the enabling hardware for Palladium/NGSCB. Its a part of > your computer which you may not have full control over. Please stop relaying FUD. You have full control over your PC, even if this one is equiped with a TCPA chip. See the TCPA chip as a hardware security module integrated into your PC. An API exists to use it, and one if the functions of this API is 'take ownership', which has the effect of erasing it and regenerating new internal keys. -- Erwann ABALEA <[EMAIL PROTECTED]> - RSA PGP Key ID: 0x2D0EABD5 - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]