Re: Obama administration seeks warrantless access to email headers.

2010-07-30 Thread Stefan Kelm

Perry,


  The administration wants to add just four words -- electronic
  communication transactional records -- to a list of items that the
  law says the FBI may demand without a judge's approval. Government


Would that really make that much of a difference? In Germany,
at least, the so-called judge's approval often isn't worth
a penny, esp. wrt. phone surveillance. It simply is way too
easy to get such an approval, even afterwards.

Cheers,

Stefan.

--
Stefan Kelm   sk...@bfk.de
BFK edv-consulting GmbH   http://www.bfk.de/
Kriegsstrasse 100 Tel: +49-721-96201-1
D-76133 Karlsruhe Fax: +49-721-96201-99

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


Re: A mighty fortress is our PKI, Part II

2010-07-28 Thread Stefan Kelm

Peter,

In any case though the whole thing is really a moot point given the sucking 
void that is revocation-handling, the Realtek certificate was revoked on the 
16th but one of my spies has informed me that as of yesterday it was still 
regarded as valid by Windows.  


I can confirm that, at least for XP SP3: revocation just doesn't
matter. What's even more worrying is the fact that one of the
stuxnet/tmphider variants used the lnk exploit to install a dll signed
w/ the (expired) Realtek key but w/ a *broken* signature in the first
place. Still, it doesn't matter altough, as wireshark tells me, the
host connects to microsoft.com in order to fetch certificates.
When looking at the file properties, though, Windows tells you
that this digital signature is not valid ...  :-(

Cheers,

Stefan.

--
Stefan Kelm   sk...@bfk.de
BFK edv-consulting GmbH   http://www.bfk.de/
Kriegsstrasse 100 Tel: +49-721-96201-1
D-76133 Karlsruhe Fax: +49-721-96201-99

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


Re: A mighty fortress is our PKI, Part II

2010-07-28 Thread Stefan Kelm

Perry,


I think public key cryptography is a wonderful thing. I'm just not
sure I believe at all in PKI -- that is, persistent certification via
certificates, certificate revocation, etc.


I'm sure you remember Peter Honeyman's PK-no-I talk from
the '99 USENIX Security Symposium?  :-)

Cheers,

Stefan.

--
Stefan Kelm   sk...@bfk.de
BFK edv-consulting GmbH   http://www.bfk.de/
Kriegsstrasse 100 Tel: +49-721-96201-1
D-76133 Karlsruhe Fax: +49-721-96201-99

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


Re: TLS break

2009-11-17 Thread Stefan Kelm

Jonathan,

Anyone care to give a layman's explanation of the attack? The 


I find this paper to be useful:

  http://www.g-sec.lu/practicaltls.pdf

Cheers,

Stefan.

--
Stefan Kelm   sk...@bfk.de
BFK edv-consulting GmbH   http://www.bfk.de/
Kriegsstrasse 100 Tel: +49-721-96201-1
D-76133 Karlsruhe Fax: +49-721-96201-99

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


Re: HSM outage causes root CA key loss

2009-07-14 Thread Stefan Kelm

http://www.heise.de/security/E-Gesundheitskarte-Datenverlust-mit-Folgen--/news/meldung/141864

reports that the PKI for their electronic health card has just run into
trouble: they were storing the root CA key in an HSM, which failed.  They now
have a PKI with no CA key for signing new certs or revoking existing ones.


Actually, for a couple of days now they didn't stop pointing out that
they were still running the PKI in a test environment and that only
'a few hundred test cards' are affected... Just stupid nonetheless...
:-\

Cheers,

Stefan.

--
Stefan Kelm   sk...@bfk.de
BFK edv-consulting GmbH   http://www.bfk.de/
Kriegsstrasse 100 Tel: +49-721-96201-1
D-76133 Karlsruhe Fax: +49-721-96201-99

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


[heise online UK] Secure deletion: a single overwrite will do it

2009-01-20 Thread Stefan Kelm
The myth that to delete data really securely from a hard disk you have
to overwrite it many times, using different patterns, has persisted for
decades, despite the fact that even firms specialising in data recovery,
openly admit that if a hard disk is overwritten with zeros just once,
all of its data is irretrievably lost.

Craig Wright, a forensics expert, claims to have put this legend finally
to rest. He and his colleagues ran a scientific study to take a close
look at hard disks of various makes and different ages, overwriting
their data under controlled conditions and then examining the magnetic
surfaces with a magnetic-force microscope. They presented their paper at
ICISS 2008 and it has been published by Springer AG in its Lecture Notes
in Computer Science series (Craig Wright, Dave Kleiman, Shyaam Sundhar
R. S.: Overwriting Hard Drive Data: The Great Wiping Controversy).

They concluded that, after a single overwrite of the data on a drive,
whether it be an old 1-gigabyte disk or a current model (at the time of
the study), the likelihood of still being able to reconstruct anything
is practically zero. Well, OK, not quite: a single bit whose precise
location is known can in fact be correctly reconstructed with 56 per
cent probability (in one of the quoted examples). To recover a byte,
however, correct head positioning would have to be precisely repeated
eight times, and the probability of that is only 0.97 per cent.
Recovering anything beyond a single byte is even less likely.

Nevertheless, that doesn't stop the vendors of data-wiping programs
offering software that overwrites data up to 35 times, based on
decades-old security standards that were developed for diskettes.
Although this may give a data wiper the psychological satisfaction of
having done a thorough job, it's a pure waste of time.

Something much more important, from a security point of view, is
actually to overwrite all copies of the data that are to be deleted. If
a sensitive document has been edited on a PC, overwriting the file is
far from sufficient because, during editing, the data have been saved
countless times to temporary files, back-ups, shadow copies, swap files
... and who knows where else? Really, to ensure that nothing more can be
recovered from a hard disk, it has to be overwritten completely, sector
by sector. Although this takes time, it costs nothing: the dd command in
any Linux distribution will do the job perfectly.

(djwm)

http://www.heise-online.co.uk/news/Secure-deletion-a-single-overwrite-will-do-it--/112432


T.I.S.P.  -  Lassen Sie Ihre Qualifikation zertifizieren
vom 09.-13.03.2009 - http://www.secorvo.de/college/tisp/
-
Stefan Kelm
Security Consulting

Secorvo Security Consulting GmbH
Ettlinger Strasse 12-14, D-76137 Karlsruhe
Tel. +49 721 255171-304, Fax +49 721 255171-100
stefan.k...@secorvo.de, http://www.secorvo.de/
PGP: 87AE E858 CCBC C3A2 E633 D139 B0D9 212B

Mannheim HRB 108319, Geschaeftsfuehrer: Dirk Fox

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com


Re: EV certs: Doing more of what we already know doesn't work

2008-10-24 Thread Stefan Kelm
Cool!  ;-)

Verisign's CPS has been an inspiration for me for quite
a few years now. E.g., this statement has been in there
for a number of years:

  The Certificate, however, provides no proof of the identity
  of the Subscriber.

Taken from page 12 of the current version, obviously (?)
referring to so-called Class 3 certificates.

Cheers,

Stefan.

-
Stefan Kelm
Security Consulting

Secorvo Security Consulting GmbH
Ettlinger Strasse 12-14, D-76137 Karlsruhe
Tel. +49 721 255171-304, Fax +49 721 255171-100
[EMAIL PROTECTED], http://www.secorvo.de/
PGP: 87AE E858 CCBC C3A2 E633 D139 B0D9 212B

Mannheim HRB 108319, Geschaeftsfuehrer: Dirk Fox

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: road toll transponder hacked

2008-08-28 Thread Stefan Kelm
 http://en.wikipedia.org/wiki/Toll_Collect is in operation in entire
 Germany. It does OCR on all license plates (also used for police
 purposes in realtime, despite initial vigorous denial) but currently 
 is only used for truck toll.

 How well does that actually work?  There were many articles in RISKS
 Digest about problems with the early deployment.

That's true wrt to early deployment. Given that the Toll Collect
system has been up and running since January 2005 it (technically)
runs surprisingly well. They have improved tremendously and are
likely to sell their technology to other european countries.

Cheers,

Stefan.


Symposium Wirtschaftsspionage 03.09.2008 KA/Ettlingen
http://www.symposium-wirtschaftsspionage.de/
-
Stefan Kelm
Security Consulting

Secorvo Security Consulting GmbH
Ettlinger Strasse 12-14, D-76137 Karlsruhe
Tel. +49 721 255171-304, Fax +49 721 255171-100
[EMAIL PROTECTED], http://www.secorvo.de/
PGP: 87AE E858 CCBC C3A2 E633 D139 B0D9 212B

Mannheim HRB 108319, Geschaeftsfuehrer: Dirk Fox

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: road toll transponder hacked

2008-08-28 Thread Stefan Kelm
 everything forever.  With disk prices falling
 as they are, keeping everything is cheaper
 than careful selective deletion, that's for
 sure.

I disagree.

We've been helping the German Toll Collect system (as
discussed in this thread as well) setting up and implementing
their data privacy concept. This concept requires Toll Collect
to delete almost any data after a certain (quite short, actually)
amount of time. Even with disk prices falling they save lots
and lots of money (even compared to what we charged them for
telling them... :-) ).

Cheers,

Stefan.


Symposium Wirtschaftsspionage 03.09.2008 KA/Ettlingen
http://www.symposium-wirtschaftsspionage.de/
-
Stefan Kelm
Security Consulting

Secorvo Security Consulting GmbH
Ettlinger Strasse 12-14, D-76137 Karlsruhe
Tel. +49 721 255171-304, Fax +49 721 255171-100
[EMAIL PROTECTED], http://www.secorvo.de/
PGP: 87AE E858 CCBC C3A2 E633 D139 B0D9 212B

Mannheim HRB 108319, Geschaeftsfuehrer: Dirk Fox

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: Kiwi expert cracks chip passport

2008-08-19 Thread Stefan Kelm
Peter,

 Which card reader(s) did you use?
 
 Adam and I used the Omnikey Cardman 5321

Did the Golden Reader Tool (GRT) recognize the Cardman reader w/o
any modifications? The most current version I have (GRT v2.9)
says in the ePassport Reader List:

 - Integrated Engineering Smart-ID
 - NMDA Tx-PR-400
 - Philips Pegoda

Cheers,

Stefan.


Symposium Wirtschaftsspionage 03.09.2008 KA/Ettlingen
http://www.symposium-wirtschaftsspionage.de/
-
Stefan Kelm
Security Consulting

Secorvo Security Consulting GmbH
Ettlinger Strasse 12-14, D-76137 Karlsruhe
Tel. +49 721 255171-304, Fax +49 721 255171-100
[EMAIL PROTECTED], http://www.secorvo.de/
PGP: 87AE E858 CCBC C3A2 E633 D139 B0D9 212B

Mannheim HRB 108319, Geschaeftsfuehrer: Dirk Fox

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: Kiwi expert cracks chip passport

2008-08-18 Thread Stefan Kelm
Peter,

 The original story was actually the coverage in the UK Times last week,

Which card reader(s) did you use?

Cheers,

Stefan.


Symposium Wirtschaftsspionage 03.09.2008 KA/Ettlingen
http://www.symposium-wirtschaftsspionage.de/
-
Stefan Kelm
Security Consulting

Secorvo Security Consulting GmbH
Ettlinger Strasse 12-14, D-76137 Karlsruhe
Tel. +49 721 255171-304, Fax +49 721 255171-100
[EMAIL PROTECTED], http://www.secorvo.de/
PGP: 87AE E858 CCBC C3A2 E633 D139 B0D9 212B

Mannheim HRB 108319, Geschaeftsfuehrer: Dirk Fox

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: security questions

2008-08-07 Thread Stefan Kelm
 Wells Fargo is requiring their online banking customers to provide 
 answers to security questions such as these:

Does Wells Fargo really use the term security question here?

Just wondering,

Stefan.


Symposium Wirtschaftsspionage 03.09.2008 KA/Ettlingen
http://www.symposium-wirtschaftsspionage.de/
-
Stefan Kelm
Security Consultant

Secorvo Security Consulting GmbH
Ettlinger Strasse 12-14, D-76137 Karlsruhe
Tel. +49 721 255171-304, Fax +49 721 255171-100
[EMAIL PROTECTED], http://www.secorvo.de/
PGP: 87AE E858 CCBC C3A2 E633 D139 B0D9 212B

Mannheim HRB 108319, Geschaeftsfuehrer: Dirk Fox

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: the joy of enhanced certs

2008-06-05 Thread Stefan Kelm
There's a nice short paper by Swiss Company keyon entitled
Faking EV SSL in IE7:

http://www.keyon.ch/de/News/Faking%20Extended%20Validation%20SSL%20Certificates%20in%20Internet%20Explorer%207%20V1.1b.pdf

Cheers,

Stefan.

-
Security Awareness Symposium 17.-18.06.2008 KA/Ettlingen
http://www.security-awareness-symposium.de/
-
Stefan Kelm
Security Consultant

Secorvo Security Consulting GmbH
Ettlinger Strasse 12-14, D-76137 Karlsruhe
Tel. +49 721 255171-304, Fax +49 721 255171-100
[EMAIL PROTECTED], http://www.secorvo.de/
PGP: 87AE E858 CCBC C3A2 E633 D139 B0D9 212B

Mannheim HRB 108319, Geschaeftsfuehrer: Dirk Fox

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: Want to drive a Jaguar?

2008-04-02 Thread Stefan Kelm
Peter Gutmann wrote:
   http://eprint.iacr.org/2008/058
   
   Physical Cryptanalysis of KeeLoq Code Hopping Applications

Addition (http://www.heise-online.co.uk/security/news/print/110446):

Scientists at the Ruhr-Universität Bochum[1] have defeated the Keeloq[2]
immobiliser and door opener used in many cars. Attackers need only
intercept two transmissions between the transmitter and receiver in
order to clone the digital key and gain access to the car. Microchip
Technology's RFID-based KeeLoq process, is used in automobiles
manufactured by Chrysler, Daewoo, Fiat, General Motors, Honda, Toyota
(Lexus), Volvo, Volkswagen and Jaguar. KeeLoq is also used in building
access systems and garage door openers. Signal interception is possible
at a range of 100 metres, according to Professor Christof Paar of the
School of Electronics and Information Technology. In addition to gaining
unauthorised access, the systems can be manipulated, denying the
rightful owners access.

Both the KeeLoq transmitter and receiver encrypt their signals. A
proprietary, non-linear encryption algorithm is used which encrypts
controller commands with a unique code before transmission to the
vehicle. A 32 bit initialisation vector together with a 32 bit hopping
code is used as a key. An ID unique to each electronic key is added to
the calculation.

But there is also a manufacturer's master key for all of the products in
a series. This is precisely what Professor Paar's Bochum group was able
to retrieve using a procedure known as side channel analysis. To obtain
the master key the researchers used differential power analysis (DPA)
and differential electromagnetic analysis (DEMA) at both the transmitter
and receiver during the transmission. Once the master key is known, only
two transmissions are needed in order to obtain the crypto key of a
particular KeeLoq remote control. The vulnerability was tested on
commercial systems, according the Bochum scientists.

In early February the researchers presented a detailed description[3] of
the attack that required them to intercept a number of activation
procedures in order to obtain the manufacturer's key. At the CRYPTO 2007
cryptography conference, an international group of researchers presented
a method by which the individual keys could be cracked[4] using
distributed computing.

Cheers,

Stefan.

  [1] http://www.crypto.rub.de/en_news.html
  [2]
http://www.microchip.com/stellent/idcplg?IdcService=SS_GET_PAGEnodeId=2074
  [3] http://eprint.iacr.org/2008/058
  [4]
http://www.heise-online.co.uk/security/Computer-farm-cracks-car-key-code--/news/94874

-
Identity Management Symposium 22.-23.04.2008 KA/Ettlingen
http://www.identity-management-symposium.de/
-
Stefan Kelm
Security Consultant

Secorvo Security Consulting GmbH
Ettlinger Strasse 12-14, D-76137 Karlsruhe
Tel. +49 721 255171-304, Fax +49 721 255171-100
[EMAIL PROTECTED], http://www.secorvo.de/
PGP: 87AE E858 CCBC C3A2 E633 D139 B0D9 212B

Mannheim HRB 108319, Geschaeftsfuehrer: Dirk Fox

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Fwd: Study on the standardisation aspects of eSignatures

2007-05-26 Thread Stefan Kelm
from the 'yet another study on signatures of the month' list:


Von: isss-forum - CENORM created 6 March 98
[mailto:[EMAIL PROTECTED] Im Auftrag von Van den Berghe Luc
Gesendet: Freitag, 18. Mai 2007 09:00
An: [EMAIL PROTECTED]
Betreff: Re: Study on the standardisation aspects of eSignatures



Dear Forum member,



Please be informed that:



For the European Commission, SEALED, DLA Piper and Across Communications are
currently conducting a Public Survey on eSignatures standardisation aspects.
This online survey aims to establish objective findings reflecting the
market needs in this area. We urge you not to miss this opportunity to make
your own contribution to a revamped eSignatures standardisation scheme for
Europe. www.esstandardisation.eu http://www.esstandardisation.eu/



___

CEN - European Committee for Standardization

Luc Van den Berghe

Unit Manager, Pre-Standards
Rue de Stassart, 36
B-1050 Brussels
tel: +32 2 550 09 57
fax: +32 2 550 08 19
E-mail:  mailto:[EMAIL PROTECTED] [EMAIL PROTECTED]
Website:  http://www.cen.eu www.cen.eu
-- 



Security Awareness Symposium 12.-13.06.2007 KA/Ettlingen
http://www.security-awareness-symposium.de/

Stefan Kelm
Security Consultant

Secorvo Security Consulting GmbH
Ettlinger Strasse 12-14, D-76137 Karlsruhe
Tel. +49 721 255171-304, Fax +49 721 255171-100
[EMAIL PROTECTED], http://www.secorvo.de/
PGP: 87AE E858 CCBC C3A2 E633 D139 B0D9 212B

Mannheim HRB 108319, Geschaeftsfuehrer: Dirk Fox

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: crypto component services - is there a market?

2007-04-27 Thread Stefan Kelm
Ian,

 Stefan is talking about Germany which has issued a plethora of
 recommendations, laws and what-not to cause ecommerce to leap into
 life.  Unfortunately, they did not understand, and electronic documents
 are much much harder to do in these environments, with no general added
 benefit and lots of downside.

Moreoever, some other countries blindly copied what the Germans did,
thinking that would be a good idea. The Austrians made some of the
exact same mistakes but seem to have learned faster than the Germans.

 The German rules have defied, there is no easy way to get into them ...
 at least, the Germans have sworn to me it is impossible...

Sad but true. This year'll mark the 10th anniversary of our signature
law. I reckon nobody will be celebrating that event...

 Qualified certificates are defined in the European Digital Signature
 Directive, which is an over-arching design for all the EU countries to
 pass into local law.

Yes, this has already happened and has even been evaluated by the
European Commission in 2003:
http://www.law.kuleuven.ac.be/icri/itl/elsig.php
http://www.secorvo.de/publikationen/electronic-sig-report.pdf

 It's only under the German code where they try and define it all, as far
 as I can see.  We are talking about a country where they tried to tax
 servers so as to pay for their TV...

Yeah, bloody Germans...  :-)

Cheers,

Stefan.


T.I.S.P.  -  Lassen Sie Ihre Qualifikation zertifizieren
vom 25.-30.06.2007 - http://www.secorvo.de/college/tisp/

Stefan Kelm
Security Consultant

Secorvo Security Consulting GmbH
Ettlinger Strasse 12-14, D-76137 Karlsruhe
Tel. +49 721 255171-304, Fax +49 721 255171-100
[EMAIL PROTECTED], http://www.secorvo.de/
PGP: 87AE E858 CCBC C3A2 E633 D139 B0D9 212B

Mannheim HRB 108319, Geschaeftsfuehrer: Dirk Fox

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: crypto component services - is there a market?

2007-04-27 Thread Stefan Kelm
Nicholas,

 Stefan is talking about Germany 
 
 I realise that, but he said Europe, so I felt a UK counter-example was
 in order!

Point taken.  :)  However, there are other countries w/ similar rules.

 Qualified certificates are defined in the European Digital Signature
 Directive, which is an over-arching design for all the EU countries to
 pass into local law.

 Basically, they are personal smart cards operating under (harsh and
 uneconomic) secure conditions, because they really tried hard to make
 the results like human signatures.
 
 As I read it, the cards are the so-called secure signature creation
 devices, while the certificates are, well, just certificates.

Yep.

 I received and continue to receive electronic invoices from time to
 time, but none appear to be digitally signed, nor have I seen evidence
 of time-stamping in operation.

 UK probably ignored the whole thing.  More power to them. Under Anglo
 common law this is not an issue, as long as there is a lightweight
 digsig model shall not be denied legal standing solely on the basis
 that it is a digsig.
 
 Well, we implemented the Directive, which didn't require much change to
 the law, as you note.  But there has been little take-up for a solution
 in search of a problem.

There's another EU Diretive on simplifying, modernising and harmonising
the conditions laid down for invoicing in respect of value added tax.

   Invoices sent by electronic means shall be accepted
   by Member States provided that the authenticity of
   the origin and integrity of the contents are guaranteed:

   - by means of an advanced electronic signature
 within the meaning of Article 2(2) of Directive
 1999/93/EC of the European Parliament and of
 the Council of 13 December 1999 on a
 Community framework for electronic signatures;
 Member States may however ask for
 the advanced electronic signature to be based on
 a qualified certificate and created by a secure-signature-
 creation device, within the meaning of
 Article 2(6) and (10) of the aforementioned
 Directive;

That's the one I was talking about earlier. eInvoicing
slowly seems to take off in a few european countries.
I have no idea as to how this Directive has been
transposed into UK law, though.

Cheers,

Stefan.


T.I.S.P.  -  Lassen Sie Ihre Qualifikation zertifizieren
vom 25.-30.06.2007 - http://www.secorvo.de/college/tisp/

Stefan Kelm
Security Consultant

Secorvo Security Consulting GmbH
Ettlinger Strasse 12-14, D-76137 Karlsruhe
Tel. +49 721 255171-304, Fax +49 721 255171-100
[EMAIL PROTECTED], http://www.secorvo.de/
PGP: 87AE E858 CCBC C3A2 E633 D139 B0D9 212B

Mannheim HRB 108319, Geschaeftsfuehrer: Dirk Fox

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: crypto component services - is there a market?

2007-04-20 Thread Stefan Kelm
Ian,

 Hmmm... last I heard, qualified certificates can only be issued to
 individuals, and invoicing (of the e-form that the regulations speak)
 can only be done by VAT-registered companies.

True.

 Is that not the case?  How is Germany resolving the contradictions?

By using pseudonyms within the certificate's common name. This
is not only done in Germany but in other countries as well.
Even CAs (and, at least in Germany, the root CA) are being
issued qualified certificates, thus they need to use
pseudonyms. The timestamping service by Deutsche Post, e.g.,
has a qualified certificate with the following DN:

Subject DN : CN  = TSS DP Com 31:PN
 OU  = Signtrust
 O   = Deutsche Post Com GmbH
 C   = DE

 Since electronic invoices need to be archived in
 most countries some vendors apply time-stamps and
 recommend to re-apply time-stamps from time to time.
 
 
 Easier to invoice with paper!

potentially much more expensive, though.

Cheers,

Stefan.


T.I.S.P.  -  Lassen Sie Ihre Qualifikation zertifizieren
vom 25.-30.06.2007 - http://www.secorvo.de/college/tisp/

Stefan Kelm
Security Consultant

Secorvo Security Consulting GmbH
Ettlinger Strasse 12-14, D-76137 Karlsruhe
Tel. +49 721 255171-304, Fax +49 721 255171-100
[EMAIL PROTECTED], http://www.secorvo.de/
PGP: 87AE E858 CCBC C3A2 E633 D139 B0D9 212B

Mannheim HRB 108319, Geschaeftsfuehrer: Dirk Fox

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: crypto component services - is there a market?

2007-04-19 Thread Stefan Kelm
 Same with digital timestamping.

Here in Europe, e-invoicing very slowly seems to be
becoming a (or should I say the?) long-awaited
application for (qualified) electronic signatures.
Since electronic invoices need to be archived in
most countries some vendors apply time-stamps and
recommend to re-apply time-stamps from time to time.

Cheers,

Stefan.


T.I.S.P.  -  Lassen Sie Ihre Qualifikation zertifizieren
vom 25.-30.06.2007 - http://www.secorvo.de/college/tisp/

Stefan Kelm
Security Consultant

Secorvo Security Consulting GmbH
Ettlinger Strasse 12-14, D-76137 Karlsruhe
Tel. +49 721 255171-304, Fax +49 721 255171-100
[EMAIL PROTECTED], http://www.secorvo.de/
PGP: 87AE E858 CCBC C3A2 E633 D139 B0D9 212B

Mannheim HRB 108319, Geschaeftsfuehrer: Dirk Fox

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: Voice phishing

2006-06-30 Thread Stefan Kelm
 Hi-tech fraudsters have begun using recorded telephone messages in a bid
 to trick users into handing over confidential account information. The
 tactic has been adopted as a variant of recently detected phishing
 attacks targeting customers of the Santa Barbara Bank  Trust.

Cloudmark had a similar press release a while ago:

http://www.cloudmark.com/press/releases/?release=2006-04-25-2

Cheers,

Stefan.


Stefan Kelm
Security Consultant

Secorvo Security Consulting GmbH
Ettlinger Strasse 12-14, D-76137 Karlsruhe

Tel. +49 721 255171-304, Fax +49 721 255171-100
[EMAIL PROTECTED], http://www.secorvo.de/
---
PGP Fingerprint 87AE E858 CCBC C3A2 E633 D139 B0D9 212B


-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Deal on EU data retention law

2005-12-14 Thread Stefan Kelm
[http://www.europarl.eu.int/news/expert/infopress_page/019-3536-348-12-50-902-20051206IPR03225-14-12-2005-2005--false/default_en.htm]

Deal on EU data retention law

The European Parliament adopted today by 378 votes in favour, 197
against and 30 abstentions a directive on data retention in first
reading. The final text negotiated beforehand with the Council aims to
facilitate judicial co-operation in criminal matters by approximating
Member States' legislation on the retention of data processed by
telecommunications companies.

The directive covers traffic and location data generated by telephony,
SMS and internet, but not the content of the information communicated.

The new EU law will help national authorities to track down possible
criminals and terrorists by granting them access to a list of all
telephone calls, SMS or Internet connections made by suspects during the
previous few months.  The amendments finally adopted were a compromise
between the PES and EPP groups with the Council and differed in some key
points to the draft directive adopted initially by the Civil Liberties
Committee.  The GUE, Greens and UEN groups and some members from the
ALDE group voted against the directive in the final vote.  Alexander
Nuno ALVARO (ALDE, DE) was unhappy with the result of the compromise
adopted and withdrew his name as rapporteur.

Limited access to data

In the final text adopted, Parliament is proposing a number of
amendments to the Commission text to restrict the use of retained data
and ensure that the future law fully respects the privacy of the
telephone and internet users.

On the aim of the directive, MEPs agree with the need to retain data for
the detection, investigation and prosecution of crime, but only for
“specified forms” of serious criminal offences (terrorism and organised
crime), and not for the mere “prevention” of all kinds of crime.  MEPs
feel that the concept of prevention is too vague and could lead to abuse
of the system from national authorities.

The directive will provide for data to be retained by the
telecommunications companies for a minimum of six months and a maximum
of 24.  MEPs also added a provision for “effective, proportionate and
dissuasive” penal sanctions for companies who fail to store the data or
misuse the retained information.

Only the competent authorities determined by Member States should have
access to the retained data from phone or internet providers.
Furthermore, each national government will designate an independent
authority responsible for monitoring the use of the data.

MEPs also establish that access to retained data should be limited to
specific purpose and on a case by case basis (push system): each time,
the authorities would need to request to the telecom company that the
data related to a concrete suspect, instead of having granted access to
the whole database.

As for the type of data to be retained, MEPs finally supported the
registration of location data on calls, SMS and internet use, including
unsuccessful calls.  This point was controversial due to the fact that
telecom companies do not currently register lost calls for billing
purposes and so to do this using new technologies would be expensive.
Spanish MEPs strongly supported the Council position to include the
retention of unsuccessful calls, since the terrorist attacks in Madrid
were prosecuted thanks to the investigation of specific lost calls from
mobile phones.

Who foots the bill?

Finally, MEPs decided to delete the paragraph in which it was mandatory
for Member States to reimburse telecom companies for all additional
costs of retention, storage and transmission of data.  In the draft
directive adopted by the Civil Liberties Committee, MEPs had initially
called for the full reimbursement of costs.


---
Stefan Kelm
Security Consultant

Secorvo Security Consulting GmbH
Ettlinger Strasse 12-14, D-76137 Karlsruhe

Tel. +49 721 255171-304, Fax +49 721 255171-100
[EMAIL PROTECTED], http://www.secorvo.de/
---
PGP Fingerprint 87AE E858 CCBC C3A2 E633 D139 B0D9 212B

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: [Clips] The summer of PKI love

2005-08-12 Thread Stefan Kelm
  On the token front, we're still unfortunately waiting for the ideal key
  storage device. USB tokens, smart cards, and cell  phones are all
  candidates, and the pros and cons of these options form a complex matrix.
  Universities tend to prefer the USB  approach because the tokens work with
  PCs and Macs that can't easily be outfitted with card readers.

On that subject I highly recommend a report very recently
published by DFN-CERT and SurfNET.

  http://www.dfn-pca.de/bibliothek/reports/pki-token/ :

  Abstract

The usage of X.509 certificates and related PKI techniques is getting
more and more common. It enables users to sign and encrypt messages, to
use secure communication channels for internet communication and to
authenticate themselves to all kind of network services. The overall
level of security for the usage of public key cryptography depends
heavily on that of the private key, which is usually installed on the
local host of the user. This poses not only a security risk but it does
also restrict the increasing user demand for mobility. A solution to
these problems can be smart cards and USB-tokens, which store private
keys in such a way that they cannot be retrieved from these. Instead data
can be send to these devices and is being processed, decrypted or signed,
by the device itself and only then the results are provided by these
devices for further processing.

These devices are very promising for the widespread usage of PKI. In a PC-
dominated world the USB-tokens have the advantage, that no additional
reader is necessary to use them even on foreign hosts. Both types of
devices, smart cards and USB-tokens, still need support by the underlying
operating systems and by the used applications. This makes it very
difficult to decide which token may be successfully used in any given
environment and will meet the demands of the applications and indented
usage. This report tries to ease the decision process when selecting a
token for a particular environment and platform.

For this purpose a number of the available tokens were tested together
with the most common applications on the most commonly used operating
systems. A reproduceable test framework was established to ensure the
comparability and re-usability of these tests.

Overall it is safe to say in a homogenous environment with commonly used
applications the tested tokens perform well. Nevertheless rolling out
tokens on a large scale is still not something to be undertaken on a
friday afternoon.

[snip]

Cheers,

Stefan.
---
Stefan Kelm
Security Consultant

Secorvo Security Consulting GmbH
Ettlinger Straße 12-14, D-76137 Karlsruhe

Tel. +49 721 255171-304, Fax +49 721 255171-100
[EMAIL PROTECTED], http://www.secorvo.de/
---
PGP Fingerprint 87AE E858 CCBC C3A2 E633 D139 B0D9 212B



-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: NY Times article on biometrics and border control

2005-08-11 Thread Stefan Kelm
 Hurdles for High-Tech Efforts to Track Who Crosses Borders
 By ERIC LIPTON
 The government's effort to collect biometric data to track foreigners
 visiting the U.S. has fallen far short of its goals.

Well, this article is somewhat blurry. They start by
Hoping to block the entry of criminals and terrorists
whereas even immigration officers agree that that's not
one of their goals.

Fortunately, they then cite some politician:

When it's all in place, there's still no real additional
security or at least it's of marginal value which is, as
we all know, correct.

BTW, on some airports DHS does indeed take one's fingerprint
and photos when leaving the country. They currently do so
at Baltimore for example.

What worries me is that all the information collected
can be, and will be, misused eventually.

What worries me even more is that the europeans now
feel under pressure and happily will introduce the
very same crap.

Cheers,

Stefan.
---
Stefan Kelm
Security Consultant

Secorvo Security Consulting GmbH
Ettlinger Straße 12-14, D-76137 Karlsruhe

Tel. +49 721 255171-304, Fax +49 721 255171-100
[EMAIL PROTECTED], http://www.secorvo.de/
---
PGP Fingerprint 87AE E858 CCBC C3A2 E633 D139 B0D9 212B



-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: UK EU presidency aims for Europe-wide biometric ID card

2005-07-14 Thread Stefan Kelm
 when we were called into help word-smith the cal. state and later the
 fed. electronic signature law ... a lot of effort went into making the
 wording technology agnostic as well as trying to avoid confusing
 authentication and identification.

We've been discussing those very same topics within Europe for
many years now. When some EU Member States (Germany, Austria, ...)
already had very stringent signature laws the EU was kind of
forced to act. They tried to enact a signature directive which
they thought would be as technology neutral as possible. And
although that approach seemed to be a good one they failed:
they were overambitious wrt certain issues, what's more the
implementation of the directive into national legislation
lead to 20+ different EU signature laws:

http://www.pki-page.info/eu/

In 2003 we wrote a report for the European Commission,
trying to compare the situation throughout the Member States
as well as focussing on practical applications:

http://www.law.kuleuven.ac.be/icri/itl/elsig.php
http://www.secorvo.de/publikationen/electronic-sig-report.pdf

Cheers,

Stefan.
---
Stefan Kelm
Security Consultant

Secorvo Security Consulting GmbH
Ettlinger Straße 12-14, D-76137 Karlsruhe

Tel. +49 721 255171-304, Fax +49 721 255171-100
[EMAIL PROTECTED], http://www.secorvo.de/
---
PGP Fingerprint 87AE E858 CCBC C3A2 E633 D139 B0D9 212B



-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: [Forwarded] RealID: How to become an unperson.

2005-07-06 Thread Stefan Kelm
 Isn't that ridiculous? In the USA where they allegedly don't have ID cards
 you are approx. more than 20 times as often asked for a picture ID than
 in Germany where we have ID cards officially.

True. But funny, isn't it: I always enjoy looking at the most
puzzled facial expression of some twenty-odd year old selling
beer at a football game trying to understand my german passport.
They give up eventually, selling me what I wanted...   :-)

(asking me for an ID is absolutely ludicrous in the first place
since I've been looking older than 21 for decades now...)

Cheers,

Stefan.
---
Stefan Kelm
Security Consultant

Secorvo Security Consulting GmbH
Ettlinger Straße 12-14, D-76137 Karlsruhe

Tel. +49 721 255171-304, Fax +49 721 255171-100
[EMAIL PROTECTED], http://www.secorvo.de/
---
PGP Fingerprint 87AE E858 CCBC C3A2 E633 D139 B0D9 212B



-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: Many Wireless Security Breaches Reported At (RSA) Security Conference

2005-03-03 Thread Stefan Kelm
 (As I've said many times, security breaches reported at
 conferences full of security people don't count as a
 predictor of what's out in the real world as a threat.
 But, it makes for interesting reading and establishes
 some metric on the ease of the attack.  iang)

I also recommend the brief discussion between Marcus Ranum and
Bill Cheswick on the very same topic in the aftermath of the
recent USENIX Security Symposium:

  http://www.usenix.org/publications/login/2004-12/openpdfs/wireless.pdf

Cheers,

Stefan.

Unsere Anschrift und Telefonnummer haben sich geaendert!

Stefan Kelm
Security Consultant

Secorvo Security Consulting GmbH
Ettlinger Straße 12-14, D-76137 Karlsruhe

Tel. +49 721 255171-304, Fax +49 721 255171-100
[EMAIL PROTECTED], http://www.secorvo.de/
---
PGP Fingerprint 87AE E858 CCBC C3A2 E633 D139 B0D9 212B



-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


(Fwd) OpenPGP flaw prompts quick fix

2005-02-16 Thread Stefan Kelm
http://www.pgp.com/library/ctocorner/openpgp.html

10 Feb 2005
Today, cryptographers Serge Mister and Robert Zuccherato from Entrust
released a paper outlining an attack on the way OpenPGP does symmetric
cryptography. They have been kind enough to give the OpenPGP community
advance notice of their paper, and it is thus the subject of this CTO
Corner article, which I'm writing in cooperation with David Shaw of Gnu
Privacy Guard (GnuPG), Brian Smith of Hush Communications, Derek Atkins
of the OpenPGP Working Group, and Phil Zimmermann. In it, we'll discuss:

 - What this discovery means to OpenPGP users
 - Details of the attack and how it works
 - What software and standards developers are doing about it

We in the OpenPGP community feel strongly about the quality of our work
and appreciate the trust the world places in us. OpenPGP is arguably the
most used and most relied-upon cryptosystem for messages and files.
Consequently, it is our obligation to describe any problems with the
standard and proposed resolution of those problems.
[...]


Unsere Anschrift und Telefonnummer haben sich geaendert!

Stefan Kelm
Security Consultant

Secorvo Security Consulting GmbH
Ettlinger Straße 12-14, D-76137 Karlsruhe

Tel. +49 721 255171-304, Fax +49 721 255171-100
[EMAIL PROTECTED], http://www.secorvo.de/
---
PGP Fingerprint 87AE E858 CCBC C3A2 E633 D139 B0D9 212B



-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: Non-repudiation (was RE: The PAIN mnemonic)

2003-12-23 Thread Stefan Kelm
 Let's just leave the term non-repudiation to be used by people who don't
 understand security, but rather mouth things they've read in books that
 others claim are authoritative.  There are lots of those books listing
 non-repudiation as a feature of public key cryptography, for example,
 and many listing it as an essential security characteristic.  All of that
 is wrong, of course, but it's a test for the reader to see through it.

Ah. That's why they're trying to rename the corresponding keyUsage bit
to contentCommitment then:

  http://www.pki-page.info/download/N12599.doc

:-)

Cheers,

Stefan.
---
Dipl.-Inform. Stefan Kelm
Security Consultant

Secorvo Security Consulting GmbH
Albert-Nestler-Strasse 9, D-76131 Karlsruhe

Tel. +49 721 6105-461, Fax +49 721 6105-455
E-Mail [EMAIL PROTECTED], http://www.secorvo.de
---
PGP Fingerprint 87AE E858 CCBC C3A2 E633 D139 B0D9 212B

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


(Fwd) Electronic Signatures: Final Report available

2003-10-22 Thread Stefan Kelm
FYI:

From:   Jos Dumortier [EMAIL PROTECTED]
Subject:Electronic Signatures: Final Report available 
Date sent:  Tue, 21 Oct 2003 18:08:33 +0200

Dear colleagues and friends,
The final report on legal and market aspects of electronic signatures in
Europe has been published by the European Commission on the e-Europe
website. The URL is
http://europa.eu.int/information_society/eeurope/2005/index_en.htm
On behalf of the core research team, I wish to thank all of you who
contributed to this study.
Kind regards
Jos Dumortier

--


http://www.Anti-Spam-Symposium.de  18.-19. November 2003

Dipl.-Inform. Stefan Kelm
Security Consultant

Secorvo Security Consulting GmbH
Albert-Nestler-Strasse 9, D-76131 Karlsruhe

Tel. +49 721 6105-461, Fax +49 721 6105-455
E-Mail [EMAIL PROTECTED], http://www.secorvo.de/
---
PGP Fingerprint 87AE E858 CCBC C3A2 E633 D139 B0D9 212B


-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


(Fwd) IPsec interoperability testing event

2003-06-30 Thread Stefan Kelm
FYI ( from http://www.cenorm.be/isss/newsletter/ ):

--- Forwarded message follows ---

ETSI interoperability testing event for IPsec on 21-25 July 2003
The European Telecommunications Standards Institute's (ETSI) Plugtests
service is mounting its first interoperability testing event for IPsec,
the increasingly popular security protocol which aims to protect
information exchanges at the Internet Protocol (IP) layer. Companies
involved in IPsec implementation and providers of Public Key
Infrastructures (PKI) will meet at ETSI headquarters in Sophia Antipolis
in the South of France, from 21-25 July 2003, to improve interoperability
between their implementations. By bringing together engineers from
competing organizations in a multi-vendor environment, this event will
provide an invaluable opportunity to identify and rectify any
interoperability problems before products hit the market place. IPsec's
potential contribution to the security of the information infrastructure
is now widely recognized, and its development has recently been 
attracting
considerable interest globally as the use of IP in company networks and
for sensitive applications increases. Defined by the Internet Engineering
Task Force (IETF), its various security services include the guarantee of
authenticity and confidentiality of data. The deadline for registration 
is
6 July 2003. Further information about this event is available at:
www.etsi.org/plugtests/home.htm

--- End of forwarded message ---
---
Dipl.-Inform. Stefan Kelm
Security Consultant

Secorvo Security Consulting GmbH
Albert-Nestler-Strasse 9, D-76131 Karlsruhe

Tel. +49 721 6105-461, Fax +49 721 6105-455
E-Mail [EMAIL PROTECTED], http://www.secorvo.de
---
PGP Fingerprint 87AE E858 CCBC C3A2 E633 D139 B0D9 212B


-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: The meat with multiple PGP subkeys

2003-06-18 Thread Stefan Kelm
David,

 A reasonable question would be Why don't all the PKS operators
 replace their server with SKS or something else?.  I don't have a
 good answer to that.  It's certainly been asked.[3]

...and has been answered a number of times. The thing is (and most people 
seem to forget about this now and then) that most, if not all, of the 
pgp.net server operators do run their servers in their spare time. Since 
pksd has a long history of not being overly stable one is happy once the 
server is up and running. Thus, the never-change-a-running-system 
paradigm is being lived in this realm.  

Cheers,

Stefan.

Security Awareness Symposium - 24.-25.06.2003, Karlsruhe
http://www.security-awareness-symposium.de/

Dipl.-Inform. Stefan Kelm
Security Consultant

Secorvo Security Consulting GmbH
Albert-Nestler-Strasse 9, D-76131 Karlsruhe

Tel. +49 721 6105-461, Fax +49 721 6105-455
E-Mail [EMAIL PROTECTED], http://www.secorvo.de/
---
PGP Fingerprint 87AE E858 CCBC C3A2 E633 D139 B0D9 212B



-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: Wildcard Certs

2003-06-16 Thread Stefan Kelm
Martin,

 Are wildcard certficates good? secure? useful?

There's a problem with wildcard certs wrt how URLs are being displayed in 
many of the browsers, esp. the older ones. If the host name is extremely 
long the browser will be unable to show the complete URL to the user, 
with some browsers even inserting ... into the address window.   

Now, suppose I buy a certificate for *.i-am-bad.com (assuming that I'm 
the owner of that domain). I could then set up an SSL server with a 
hostname of something like   

www.security-products.microsoft.com.order.registration.checkout.user-
support.i-am-bad.com

hoping that the browser will only display the more familiar looking parts 
of the URL to the user who in turn will happily accept the certificate.  

You get the idea.

Cheers,

Stefan.

Security Awareness Symposium - 24.-25.06.2003, Karlsruhe
http://www.security-awareness-symposium.de/

Dipl.-Inform. Stefan Kelm
Security Consultant

Secorvo Security Consulting GmbH
Albert-Nestler-Strasse 9, D-76131 Karlsruhe

Tel. +49 721 6105-461, Fax +49 721 6105-455
E-Mail [EMAIL PROTECTED], http://www.secorvo.de/
---
PGP Fingerprint 87AE E858 CCBC C3A2 E633 D139 B0D9 212B



-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]