not everything.
Dan
___
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
Because not being fast enough means you don't ship. You don't ship, you
didn't secure anything.
Performance will in fact trump security. This is the empirical reality.
There's some budget for performance loss. But we have lots and lots of
slow functions. Fast is the game.
(Now, whether my theo
spread to all but all parts of the
U.S. Federal government that handle electronic health records is
ASCII encoded, and readable. Called "The Blue Button,"[1] there
is even an HL7->Blue Button file converter.[2]
Score one for human readable.
--dan
[1] www.va.gov/BLUEBUTT
ir so adequately said,
"Cryptography is typically bypassed, not penetrated."[*]
Nevertheless, the value of scepticism is profound; it is
the chastity of the intellect.
--dan
[*]
www.financialcryptography.com/mt/archives/000147.html
corrections to which contain the
answer to the question you wanted to ask.
We now return you to your program already in progress,
--dan
___
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
tart* your attack not the decryption key.
People have made these attacks mildly practical (and note how old this and the
cited paper are).
http://kebesays.blogspot.com/2010/11/mac-then-encrypt-also-harmful-also-hard.html
Dan
___
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
On 9/11/2013 6:47 PM, Dave Horsfall wrote:
> Given that there is One True Source of randomness to wit radioactive
> emission, has anyone considered playing with old smoke detectors?
I did that a decade ago, to wit:
http://etoan.com/random-number-generation/index.html
Cheer
uld set them free, it would help humanity (at the
cost of the patent revenues, alas).
Dan
___
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
... but I must scream.
http://kebesays.blogspot.com/2013/09/i-have-no-whistle-to-blow-but-i-must.html
FYI, and thanks,
Dan McD.
___
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
Consider the Suite B set of algorithms:
AES-GCM
AES-GMAC
IEEE Elliptic Curves (256, 384, and 521-bit)
Traditionally, people were pretty confident in these. How are people's
confidence in them now?
Curious,
(first-time caller) Da
collectively what each part of it is doing and
that without a C&C channel other than the repurposed MSM; the fun
begins when the botnet reads the obituary of a certain person
--dan
___
The cryptography mailing list
cryptography@metzdowd.com
as usual, there's an XKCD for that
http://xkcd.com/504/
--dan
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
ve required, no
more investment than the accumulated profits in the sale
of SSL domain name certs, we could have solved this by now.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
which might even be unwitting)?
Probably too out there.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
the toll stations where the license
plates are read and correlation between plate number and
current radio fingerprint trivially recorded.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptograph
uck
from spending too much. Calibration requires differing outcomes.
Regulatory compliance, on the other hand, stipulates N==0 failures
and is thus neither calibratable nor cost effective. Whether
the cure is worse than the disease is an exerc
useful
http://geer.tinho.net/measuringsecurity.tutorial.pdf
Best,
--dan
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
> False metrics are rampant in the security industry. We really need
> to do something about them. I propose that we make fun of them.
You might consider joining us in D.C. on 10 August at
http://www.securitymetrics.org/content/Wiki.jsp?page=Metricon5.0
--dan, program com
Dan,
>
> I looked at the GNFS runtime and plugged a few numbers in. It seems
> RSA Security is using a more conservative constant of about 1.8 rather
> than the suggested 1.92299...
>
> See:
> http://mathworld.wolfram.com/NumberFieldSieve.html
>
> So using 1.8, a
intermediate
step of using RSA-1280? Or should we stick to RSA-1024?
--Dan
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
and - most importantly - certified random by laws of
physics.
article cut there as there both a diagram and a video
--dan
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography"
://www.ietf.org/mailman/listinfo/cicm .
Dan
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
s for not being interested in SSL
and certificates when (as far as we can determine) 100% of
all certificate errors seen by users are false positives.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cry
-protecting that
it is capable of refusing a command.
Long live HAL,
--dan
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
|
| This is the first attack against TLS that I consider to be
| the real deal. To really fix it is going to require a change to
| all affected clients and servers. Fortunately, Eric Rescorla
| has a protocol extension that appears to do the job.
|
...silicon...
--dan
s possible to
prove deletion. Put differently, only within airtight
surveillance will the absence of evidence be the
evidence of absence.
In factually, if not politically, correct terms, the
Electronic Health Record is the surest path to a
surveillance state, bu
will
deliver the most complex code they can debug. This
may apply to the world at large.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
ose Internet
> addresses change as they come and go from the network.
One would imagine that as IPv6 rolls out, the need
for DHCP goes to zero excepting for mobile devices
attaching to public (not carrier) nets. Yes?
--dan
-
T
s.
Hell, my brother and I have sequential numbers.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
theme of
this episode is The Importance of Context. This workshop
series is intense, and is focused on progress rather than
claims of first discovery. See
http://securitymetrics.org/content/Wiki.jsp?page=Metricon4.0
Dan Geer
take "no longer baked into
the browser" as effectively revocation, there is a
retrospective clerical job that might be a fun project
if you had some graduate student labor to assign.
--dan
-
The Cryptography Mailing List
U
DF.pdf?PatentNo=GB2446424&DocType=A&JournalNumber=6221
As always, the phrase "proprietary coding readable
only by us" caught my ear.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
a non-fiction taste:
http://fora.tv/2008/08/08/Daniel_Suarez_Daemon_Bot-Mediated_Reality
--dan
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
Peter Gutmann has responded
http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html
(see the "Further Epilogue" section well down the page)
--dan
-
The Cryptography Mailing List
Unsubscribe by sending &q
or asking "Can I trust you?"
---
http://blog.startcom.org/?p=145
Slashdot and others are reporting on this story about how it was
possible for a person to receive a completely valid certificate for
a random domain of his choosing without any q
t a cipher.
Thinking out loud,
--dan
[ just for amusement, 2008 world production of wheat
and rice would each cover 53 squares, with maize
coming in at 51 squares ]
-
The Cryptography Mailing List
Unsubscribe by sending &q
uting protocols, per se, would be no joke
--dan
related...
http://voices.washingtonpost.com/securityfix/2008/12/hackers_hijacked_large_e-b
ill.html
http://news.softpedia.com/news/Online-Bill-Payment-Website-Hijacked-99262.shtml
--
n m,
| or which ones signed?
|
quorum threshhold crypto; if Avishai Wool or Moti Yung
or Yvo Desmedt or Yair Frankel or... are here on this
list, they should answer
a *tiny* contribution on my part
http://geer.tinho.net/geer.yung.pdf
humb
Damien Miller writes:
-+---
|
| > David Molnar <[EMAIL PROTECTED]> writes:
| >
| > >Dan Geer's comment about the street price of heroin as a metric for
| > >success has me thinking - are people tracking the street prices of
| > >
Sigh... typing in a moving vehicle. This is
the right URL, verified by cut&paste.
http://geer.tinho.net/ieee/ieee.sp.geer.0801.pdf
Sorry.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending "un
David Molnar writes, in part:
-+---
| Dan Geer's comment about the street price of
| heroin as a metric for success has me thinking -
| are people tracking the street prices of digital
| underground goods over time?
This material is in fact tracked but n
n) and the growing
role of virtual machines should be of intense interest.
Inferentially yours,
--dan
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
ssachusetts), the rational
thing for the company to do is to just keep
everything forever. With disk prices falling
as they are, keeping everything is cheaper
than careful selective deletion, that's for
sure.
--dan
-
The Cry
sieve for not caring about
such issues because, if you did care, you wouldn't
go into government in the first place.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
s security,
at least the kind of security that says "they
can't misuse what they ain't got."
--dan
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
but I can reproduce it. It was a photo of
the tail end of her car and on it a bumper sticker.
That bumper sticker read
PREVENT UNWANTED PRESIDENCIES
MAKE VOTE COUNTING A HAND JOB
In no other state could a Constitutional Officer
get away with such a bumper sticker, but...
yet another proprietary symmetric cipher ?
http://www.pureentropy.com
...
Encryption Security Solutions provides unprecedented encryption
security, efficiency, and performance for business applications ensuring
critical information is secure.
Encryption Security Solutions, LLC (ES²) has devel
Eric Rescorla wrote:
At Fri, 8 Aug 2008 17:31:15 +0100,
Dave Korn wrote:
Eric Rescorla wrote on 08 August 2008 16:06:
At Fri, 8 Aug 2008 11:50:59 +0100,
Ben Laurie wrote:
However, since the CRLs will almost certainly not be checked, this
means the site will still be vulnerabl
27;s
autoupdate feature.
http://www.infobyte.com.ar/down/isr-evilgrade-Readme.txt
Likely off-topic,
--dan
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
number
| (in some cases after 3 tries).
| ...
So I hold the PIN constant and vary the bank account number.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
s not occur, but two such parties, if
they really care, would do their own end-to-end
protections even if it is a simple as speaking
Navajo.
All hail Saltzer, Reed, and Clark.
--dan
-
The Cryptography Mailing List
Unsubscri
MetriCon 3.0 agenda at this URL
http://www.securitymetrics.org/content/Wiki.jsp?page=Metricon3.0
Workshop is limited attendance though some small number
of requests can still be granted; send same by e-mail to
[EMAIL PROTECTED]
Best,
--dan
en it would today be $300. (1968-present)
--dan
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
, and meals
for the day.
Important Dates
Requests to participate: by May 12, 2008
Notification of acceptance: by June 2, 2008
Materials for distribution: by July 21, 2008
Workshop Organizers
Dan Geer, Geer Risk Services, Chair
Bob Blakley, The Burton Group
Fred Cohen, Fred Cohen & Associat
I'm the
first to come up with a suggestion like that either. So, uh, why do
weak RNG's keep showing up? Is there something fundamentally breakable
in the above design?
--Dan
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
> Amateurs talk about algorithms. Professionals talk about economics.
That would be
Amateurs study cryptography; professionals study economics.
-- Allan Schiffman, 2 July 04
Quotationally yours,
--dan
-
inter-relation of security & privacy.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
>> (as if anyone uses client certificates anyway)?
>>
>
> Guess why so few people are using it ...
> If it were secure, more people would be able to use it.
>
>
People don't use it because the workload of getting signed up is vastly
beyond their skillset, and the user experience using the
be classified as useful
and unobvious) *and* Type II (false negative)
errors (when confronted with something sufficiently
unobvious that they find it impossible to understand
that it is either unobvious or useful much less
both).
--dan
[1]
http://www.usenix.org/publications/library/p
So, what is Apple doing for its brand-new iTunes movie rental thing?
1/3rd of the way into Jobs' song-and-dance
http://stream.qtv.apple.com/events/jan/f27853y2/m_972345688g_650_ref.mov
--dan
-
The Cryptography Mailing
Well, for all of you who want to prove that hacking
the vote is easy, here's your chance to do something:
http://apnews.myway.com/article/20080121/D8UA8VGG0.html
[ ObDebate: is a winner-take-all state more or less
attractive to vote hacking? ]
t a McCabe score of <10 is essential -- an argument
that I am quoting from some NASA spec I read a while ago
and can dig up again if that turns out to be necessary.
Always ready for re-education, but wary of the best
being the enemy of the
he new
patch patches is no longer likely to be substantially
more probable than the inadvertent introduction of an
unknown flaw at the same time. As such, I would guess
that the more often an application receives security
patches the less secure it
Anomaly detection doesn't work because anomalies are normal, and
2) Unless you're scrubbing up and down the application and network
stacks, you just have no idea what the host endpoint is parsing.
At the point where crypto
lashdot. Apologies for
boring those who've already seen it.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
export to the embargoed country
list (Cuba, Iran, Sudan, Syria, North Korea, and Libya).
YMMV.
--dan
-8<cut-here8<-
A. BIS Checklist of Questions:
1. Does your product perform "cryptography", or otherwise
contain any pa
secure as it can and still
apparently function. Why should voting be
different?
We are approaching a rat hole...
--dan
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
with real money.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
May I point out that if voting systems have a level
of flaw that says only an idiot would use them, then
how can you explain electronic commerce, FaceBook,
or gambling sites? More people use just those three
than will *ever* vote.
--dan
If on the one hand, the correct procedure is sign-encrypt-sign,
then why, on the other hand, is the parallel not sign-hash-sign ?
--dan
=
http://world.std.com/~dtd/sign_encrypt/sign_encrypt7.ps
Donald T. Davis, "Defective Sign & Encrypt in S/MIME, PKCS#7, MOSS, PEM,
PGP
ed for stealing horses, but that horses may
| not be stolen" George Savile
|
I stand ready to organize a massive conspiracy
to execute all conspiracy theorists.
Are you with me?
--dan
-
The Cryptography Mailing List
Un
f the entropy-reducing information the Wheel of Fortune
contestant is able to take advantage of are not available to a password
cracking algorithm.
--dan
> While 2.5 bits/word seems low, the TV game show Wheel Of Fortune is
> evidence that
> people can correctly guess phrases even when a large
nificantly.
In fact, for passphrases up to 5 words in length, the entire phrase is
probably already in the Google data, it's just a matter of having the
resources to be able to get through them all.
--dan
> Leichter, Jerry wrote:
>> > | A couple of questions. How did you come u
just said is hearsay,
though my office-mate says that he has bought three cars
by this method. It almost causes me to say "relying party"
out loud...
If this idea is a rathole, then my fault and my apology.
--dan
-
The Cr
Would any of you care to advance an opinion of Harold Gans?
[ "Who?" is not an opinion, and I am not asking for anyone
to go do research. ]
Offlist or on, as you prefer.
--dan
-
The Cryptography Mailing List
Unsu
Ed Gerck writes:
| We've heard it so many times: "There's nothing to worry about."
| Now, Skype adds a new IT protection measure -- "love":
|
| "The Skype system has not crashed or been victim of a cyber
| attack. We love our customers too much to let that happen."
|
-- Forwa
tem so that keylogging
can't happen while trades are being booked, are being
floated. Think about what that would mean -- training
users to use their Admin privilege to accept ActiveX
controls that strip the OS of this or that subsystem,
and to do so in the name of security.
--dan
P.S., Th
;Any compromise of any
sub-component makes the entire edifice untrustable").
--dan
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
istribution business, but you are not
a common carrier and you are responsible
for the content you carry.
Note that what they want is the good
parts of both (we can charge what we
like and it is never our fault).
--dan
"Perry E. Metzger" writes:
-+
| Slightly o
nalytic model rather than an
all-countries-are-created-equal position statement.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
the seeds used in encryption.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
http://dwave.wordpress.com/2007/01/19/quantum-computing-demo-announcement/
--dan
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
http://news.com.com/Jailed+ID+thieves+thwart+cops+with+crypto/2100-7348_3-6144521.html
Jailed ID thieves thwart cops with crypto
By Tom Espiner
Story last modified Tue Dec 19 06:46:45 PST 2006
Three men have been jailed in the U.K. for their part in a massive
data theft operation.
One o
I hesitate to use the syllable "crypto" in describing this paper,
but those who have not seen it may find it interesting.
http://www.arx.com/documents/The_Unbearable_Lightness_of_PIN_Cracking.pdf
Or profitable.
--dan
---
http://news.zdnet.com/2100-1009_22-6142935.html?part=rss&tag=feed&subj=zdnn
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
http://www.amazon.com/gp/product/customer-reviews/0833030477/ref=cm_cr_dp_pt/102-8179025-1336125?ie=UTF8&n=283155&s=books
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
http://www.boston.com/news/globe/obituaries/articles/2006/10/01/mildred_hayes_78_decoded_russian_messages_for_nsa/
Mildred Hayes, 78; decoded Russian messages for NSA
By Joe Holley, Washington Post | October 1, 2006
WASHINGTON -- Mildred Louise Hayes, a retired Russian-language
cryptologist wi
ot; at your earliest capability.
No, not urge but rather beg.
--dan
P.S., If needing further examples, take a shot at
the fattest, sittingest duck -- the PERL credo:
"There's more than one way to do it."
---
Anyone know what is up with this?
http://www.gcn.com/online/vol1_no1/41371-1.html
--dan
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
t;
maps to "prove a negative" at least as I mean it here.
This may be, in other words, de facto versus de jure
and your interpretation may be the correct one. It
doesn't seem so to me, but YMMV.
And, yes, SarbOx is worse.
--dan
g wrong (which is why Arthur Anderson
went out of business, e.g.), then you get prove-a-negative
from the regulators and auditors -- madness on the same
scale as tulip mania or the defenestration of Prague.
--dan
-
The Cryptography
osed to
be chipped and the owner's home address recorded in GPS
form (google for NAIS) with a requirement to file with
USDA any off premises transportation (taking the kids'
heifer to the the 4H show included).
--dan
===
The great distinction:
A conservative i
reminded of Adi Shamir's 2004 Turing Award Lecture
* Absolutely secure systems do not exist
* To halve your vulnerability, you have to double your expenditure
* Cryptography is typically bypassed, not penetrated
--dan
-
The Crypt
cular administration. As Gilmore
would say now (hi, John), don't give any
government a power you would not want a
despot to have.
--dan
=
What's on my car
https://www.protestwarrior.com/store/files/master/democra
Alan,
You and I are in agreement, but how do we get
the seemingly (to us) plain truth across to
others? I've been trying for a good while now,
reaching a point where I'd almost wish for a
crisis of some sort as persuasiveness is not
working.
We are probably well off-topic for this li
able to see (such as organized
survey takers who talk to each other). Sort of like
an Internet-mailing-list, no?
--dan
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
nd all security-related lists are composed
of people who are off-center when it comes to risk,
it is us what be the outliers in the distribution
and in no way are our various paranoias widely shared.
Not trying to debate the hive min
hers to the National Security Agency as part of an
effort to thwart terrorism.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
ill be the place.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
OK, I'll say it. This site:
http://www.truecrypt.org/
makes me visualize tinfoil hats.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
1 - 100 of 175 matches
Mail list logo