Philips/NXP/Mifare CRYPTO1 mostly reverse-engineered

2007-12-30 Thread Ralf-Philipp Weinmann
From MiFare’s CRYPTO1 stream cipher has captured my attention for a while. However, hardware reverse-engineering is not a field I actively engage in. So I was very happy when Karsten Nohl (University of Virginia), Starbug and Henryk

Re: WEP cracked even worse

2007-04-05 Thread Ralf-Philipp Weinmann
On Apr 4, 2007, at 03:38 , Dave Korn wrote: On 04 April 2007 00:44, Perry E. Metzger wrote: Not that WEP has been considered remotely secure for some time, but the best crack is now down to 40,000 packets for a 50% chance of cracking the key.

Re: padlocks with backdoors - TSA approved

2007-02-27 Thread Ralf-Philipp Weinmann
On Feb 26, 2007, at 21:20 , Hadmut Danisch wrote: Hi, has this been mentioned here before? Yes. It is old news, Bruce Schneier's Cryptogram mentioned it in April 2004, actually [1]. Never seen anything in real world which is such a precise analogon of a crypto backdoor for governmental

Re: Exponent 3 damage spreads...

2006-09-28 Thread Ralf-Philipp Weinmann
On Sep 25, 2006, at 10:29 AM, Simon Josefsson wrote: Leichter, Jerry [EMAIL PROTECTED] writes: I agree that there are two issues, and they need to be treated properly. The first - including data after the ASN.1 blob in the signature computation but then ignoring it in determining the

Re: [cryptography] Re: Why the exponent 3 error happened:

2006-09-20 Thread Ralf-Philipp Weinmann
On Sep 20, 2006, at 3:10 PM, Kuehn, Ulrich wrote: -BEGIN CERTIFICATE- MIICgzCCAWugAwIBAgIBFzANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzEl MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMp U3RhcmZpZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDYw

Re: [cryptography] Re: Why the exponent 3 error happened:

2006-09-19 Thread Ralf-Philipp Weinmann
On Sep 16, 2006, at 11:31 PM, Eric Young wrote: This is a question I would not mind having answered; while the exponent 3 attack works when there are low bits to 'modify', there has been talk of an attack where the ASN.1 is correctly right justified (hash is the least significant bytes),

CLC 2006 - Workshop on Codes and Lattices in Cryptography

2006-07-31 Thread Ralf-Philipp Weinmann
Apologies in advance if you receive multiple copies of this announcement. -Ralf CLC2006 - Workshop on Codes and Lattices in Cryptography September 25th-27th, 2006

Re: Secure Science issues preview of their upcoming block cipher

2005-03-25 Thread Ralf-Philipp Weinmann
Jerrold Leichter wrote: I can come up with a cipher provably just as secure as AES-128 very quickly (Actually, based on the paper a while back on many alternative ways to formulate AES - it had a catchy title something like How Many Ways Can You Spell AES?, except that I can't find one like

Re: Easy VPNs?

2003-10-11 Thread Ralf-Philipp Weinmann
Ian Grigg [EMAIL PROTECTED] writes: I'm curious - my understanding of a VPN was that it set up a network that all applications could transparently communicate over. Port forwarding appears not to be that, in practice each application has to be reconfigured to talk to the appropriate port,