-Original Message-
From: pgut001 [mailto:pgut...@wintermute01.cs.auckland.ac.nz]
On Behalf Of Peter Gutmann
Sent: October 5, 2009 10:07 PM
To: a...@poneyhot.org; cryptography@metzdowd.com
Subject: Re: Trusted timestamping
Alex Pankratov a...@poneyhot.org writes:
I have
of servers.
Alex
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
-Original Message-
From: [EMAIL PROTECTED] [mailto:owner-
[EMAIL PROTECTED] On Behalf Of Eric Rescorla
Sent: August 20, 2008 10:31 AM
To: Alex Pankratov
Cc: 'theory and practice of decentralized computer networks';
cryptography@metzdowd.com
Subject: Re: [p2p-hackers] IETF rejects
ediface
will collapse.
- Alex
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
designing a good security system a real
challenge. You need a reference monitor somewhere in it that you can truly
trust.
- Alex
- Original Message -
From: John Ioannidis [EMAIL PROTECTED]
To: Cryptography cryptography@metzdowd.com
Subject: Just update the microcode (was: Re
? - Alex
--
Alex Alten
[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
), or even the
compromise of a key or two.
Randomness is the most fundamental underpinning of a crypto system
and having lots of it on demand is really fabulous to have in our
system security design tool box.
- Alex
products.
- Alex
--
Alex Alten
[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Great. What next? I guess air-gap transfer of flash memory might be the
best solution.
Malware's new infection route: photo frames
http://www.sfgate.com/cgi-bin/article.cgi?file=/c/a/2008/01/26/MNE7UHOOQ.DTL
- Alex
--
Alex Alten
[EMAIL PROTECTED
At 07:35 PM 1/18/2008 +1000, James A. Donald wrote:
Alex Alten wrote:
Generally any standard encrypted protocols will
probably eventually have to support some sort of CALEA
capability. For example, using a Verisign ICA
certificate to do MITM of SSL, or possibly requiring
Ebay to provide
encrypted traffic allow inspection of
their contents under proper authority (CALEA essentially). If we
can do this then we can put real policing pressure on these virus
writers, essentially removing them from being able to attack us
over the Internet.
- Alex
--
Alex Alten
[EMAIL PROTECTED
it's performance, doing the tradeoff between cryptography
and speed and reliability. And you need to design it to be robust
in the face of operational failure.
Just my two cents worth (based on over a decade's worth of
cryptographic based security system design).
- Alex
--
Alex Alten
[EMAIL
all.
- Alex
At 11:05 AM 12/13/2007 -0800, Ali, Saqib wrote:
How will this be any different from being a member of ISC2 or ISACA?
Why do we need to be a member of yet another organization?
saqib
http://www.quantumcrypto.de/dante/
On Dec 12, 2007 12:21 PM, Alex Alten [EMAIL PROTECTED] wrote
Would anyone on this list be interested in forming a USA chapter of the
Institute
of Information Security Professionals (IISP, www.instisp.org)?
I'm finding it rather difficult to attend events, etc., that are only in
London.
- Alex
--
Alex Alten
[EMAIL PROTECTED
-Original Message-
From: Ben Laurie [mailto:[EMAIL PROTECTED]
Sent: Friday, October 26, 2007 3:56 PM
To: Alex Pankratov
Cc: cryptography@metzdowd.com
Subject: Re: Password vs data entropy
[snip]
In other words, your password needs to be x/y times the size of the
secret
?
Thanks,
Alex
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Leichter, Jerry
Sent: Monday, October 08, 2007 11:48 AM
To: Alex Pankratov
Cc: cryptography@metzdowd.com
Subject: RE: Trillian Secure IM
| But, opportunistic cryptography is even more fun
-Original Message-
From: Ian G [mailto:[EMAIL PROTECTED]
Sent: Monday, October 08, 2007 6:05 AM
To: Peter Gutmann
Cc: [EMAIL PROTECTED]; cryptography@metzdowd.com
Subject: Re: Trillian Secure IM
Peter Gutmann wrote:
Alex Pankratov [EMAIL PROTECTED] writes:
SecureIM
eWeek Insider Channel published an interesting article today about, Skype
working with domain owners to shut down malicious sites infecting Skype for
Windows users via instant messages.
http://www.channelinsider.com/article/Skype%20Worm%20Attacks%20Security%
- Alex
).
- Alex
--
Alex Alten
[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
future.
- Alex
--
Alex Alten
[EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
of people
start using them before the serious problems start to crop up (like thievery
or illegal wiretapping) and then it's too late to retrofit them properly
(for example Skype seems to have made these types of mistakes).
- Alex
Steve,
It could be that the linkage between user ids and auth keys is too weak,
allowing a MITM attack to be undetected that sniffs the data encryption
key. This seems to be common problem with many of the secure protocols
I've examined.
- Alex
- Original Message -
From: Steven M
This may be a bit off the crypto topic, but it is interesting nonetheless.
Russia accused of unleashing cyberwar to disable Estonia
http://www.guardian.co.uk/print/0,,329864981-103610,00.html
Estonia accuses Russia of 'cyberattack'
http://www.csmonitor.com/2007/0517/p99s01-duts.html
- Alex
lawyers out there who would know how to interpret US federal law regarding
this area? (European/Japan, or other rule-of-law type countries are of
interest too.)
Thanks,
- Alex
--
Alex Alten
[EMAIL PROTECTED]
-
The Cryptography
for the
evaluation and feel free to advertise WISSec 2007!
Thank you for your help,
The WISSec 2007 program co-chairs
Alex Biryukov and Sjouke Mauw.
P.S: sorry if you get this mail twice.
? Even if it got erased, it's
image could
be recovered from a disk or RAM. My understanding is that even tamperproof
cards
one can get keys from them with the right equipment from the right folks.
- Alex
At 02:51 AM 12/23/2006 +1300, Peter Gutmann wrote:
Jim Gellman [EMAIL PROTECTED] writes:
Well
. You could hear them driving around, with
the usual car noises, and sometimes the radio on too. Occasionally I
heard them in conversation with someone else. This went on for months.
- Alex
--
Alex Alten
[EMAIL PROTECTED
.).
Did I miss something or do you need help in updating these, since I, and
probably
others too, need them?
- Alex
At 01:19 PM 10/9/2006 -0400, Russ Housley wrote:
PKCS#7 has been turned over to the IETF for maintenance. The most recent
version is RFC 3852. Since the protocol is more stable than
for implementations repeatedly as
the
standards catch up to reality. Updating these various heavily used standards
quickly is quite important.
Sincerely (and thanks in advance for all of your replies),
- Alex
At 09:05 AM 10/6/2006 -0700, Alex Alten wrote:
Does anyone know if the OpenSSL PKCS #7 functions
of these semiconductor trends will make
existing hashes become bottlenecks and will make it harder to
design a fast new hash.
- Alex
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
,
This works for me in a vanilla (well, debian) Thunderbird, using our
university LDAP directory (at Dartmouth). The certificates are present under
key userCertificate;binary in the LDAP, in base64.
Alex
-
The Cryptography Mailing List
is full of obvious mistakes, so they might've gotten
this part wrong too.
Alex
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
security without a body search.
- Alex
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
On Sat, Apr 08, 2006 at 02:31:58PM -0400, Steven M. Bellovin wrote:
A study at the Max Planck Institute said that Italy, followed by the
Netherlands, does the most wiretapping. One of the authors said:
And the sad thing is most of the Dutch tapping rooms are build by
Comverse (Mossad Inside)
Any time estimates for SHA-1 or SHA-2 attacks?
- Alex
- Original Message -
From: [EMAIL PROTECTED]
To: cryptography@metzdowd.com
Subject: Tunnels in Hash Functions: MD5 Collisions in 40 seconds
Date: Sat, 18 Mar 2006 18:05:40 +0100 (CET)
Congratulations to Marc Stevens, who
and both A and B will be under the
impression that they are protected by 'key continuity' from
their previous (A-B) session.
Their SAS won't match of course, but since they see shared secret
being used for KE, they are not likely to bother with SAS check.
Alex
A or B can actually discover that they've been MitM'd by
M *unless* they do SAS check. They do however see that KE
used cached shared secret, and they (being humans) are
likely to skip SAS check because of that.
Alex
Philip Zimmermann wrote:
An attacker can easily present the wrong ZID, but he
decaying strength and to avoid several types of attacks on
the pad generation.
It is of great personal interest to me to watch Dr. M slowly prove
that the underlying mathematics of Dr. A's Tristrata cipher may not
have been snake oil after all.
- Alex
At 05:58 AM 3/3/2006 +, Ben Laurie wrote:
[EMAIL PROTECTED] wrote:
[EMAIL PROTECTED] wrote:
Alex Alten wrote:
At 05:12 PM 2/26/2006 +, Ben Laurie wrote:
Alex Alten wrote:
At 02:59 PM 2/24/2006 +, Ben Laurie wrote:
Ed Gerck wrote: We have keyservers for this (my chosen
mistakes
would be common.
I won't mention the questions regarding certificate revocaton vs user email
name.
:-)
- Alex
--
- Alex Alten
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL
At 05:12 PM 2/26/2006 +, Ben Laurie wrote:
Alex Alten wrote:
At 02:59 PM 2/24/2006 +, Ben Laurie wrote:
Ed Gerck wrote: We have keyservers for this (my chosen technology
was PGP). If you liken their use to looking up an address in an
address book, this isn't hard for users to grasp
I replied to Tero privately, then realized that I was
not the only recipient of his email. So here's a copy
for everyone's reference.
Alex
Tero Kivinen wrote:
Travis H. writes:
http://www.hamachi.cc/security
Based on a cursory look over this, I'm impressed by both the level of
detail
automatically.
Last I heard (early 2005) one system was operational over in the nuclear
engineering
department at Ohio State (for DOE work?). Of course one old system rack in
the
dusty corner of a school building does not a market make.
- Alex
--
- Alex Alten
Travis H. wrote:
On 2/24/06, Alex Pankratov [EMAIL PROTECTED] wrote:
Tero Kivinen wrote:
[snip]
The protocol description is missing some details, so cannot say
anything about them (things like what is the format of Ni, Nr, Gi, Gr
when sent over wire and when put to the signatures etc
.
Alex
--
Alex Iliev [EMAIL PROTECTED]
Dartmouth College Computer Science
http://www.cs.dartmouth.edu/~sasho/
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
From what I understand simple quantum computers can easily brute-force attack
RSA keys or other types of PK keys. Is ECC at risk too? And are we at risk
in 10, 20 or 30 years from now?
- Alex
- Original Message -
From: Steven M. Bellovin [EMAIL PROTECTED]
To: cryptography
Is there any comparable fraud with the USA ATM system in recent decades?
I've only heard of this type of wholesale fraud in Europe or in pre-1980 USA.
- Alex
At 01:58 AM 10/22/2005 -0400, R.A. Hettinga wrote:
--- begin forwarded text
Date: Sat, 22 Oct 2005 01:58:34 -0400
To: Philodox
to reduce
support costs, which is not unreasonable these days.
- Alex
--
- Alex Alten
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Steve,
At 05:34 PM 7/29/2005 -0400, Steven M. Bellovin wrote:
In message [EMAIL PROTECTED], Alex Alten
write
s:
At 08:12 AM 7/25/2005 -0400, Steven M. Bellovin wrote:
In message [EMAIL PROTECTED], Alex Alten
write
s:
Steve,
This also seems to be in conjunction with the potential switch
You may want to look at US Patents 4,268,715 and 4,268,715.
I believe these are among the core group of ATM patents.
- Alex
At 09:58 AM 2/17/2005 +0100, Lee Parkes wrote:
Hi,
I'm working on a project that requires a benchmark against which to judge
various suppliers. The closest that has similar
51 matches
Mail list logo