Re: [Cryptography] Why is emailing me my password?

2013-10-01 Thread Kent Borg
On 10/01/2013 10:28 AM, Greg wrote: This falls somewhere in the land of beyond-the-absurd. I noticed the password would be mailed in the clear when I signed up, but even if I had not, I would not have been bothered to later discover it. What is the harm? The sensitivity of this password is

Re: [Cryptography] Gilmore response to NSA mathematician's make rules for NSA appeal

2013-09-18 Thread Kent Borg
On 09/18/2013 01:31 PM, Walter van Holst wrote: What makes me a tad bitter is that we apparantly live in a world with two classes: US citizens and the subhuman rest of it. NSA-style blanket surveillance violates the fundamental right to privacy and ultimately also the fundamental right to

[Cryptography] Broken RNG Generating Taiwanese Citizen Digital Certificates

2013-09-16 Thread Kent Borg
Broken RNG-time again: In looking 2.2 million certificates, researchers found reused primes in 103 of them. News story: http://arstechnica.com/security/2013/09/fatal-crypto-flaw-in-some-government-certified-smartcards-makes-forgery-a-snap/ Original paper:

Re: [Cryptography] real random numbers

2013-09-15 Thread Kent Borg
On 09/15/2013 10:19 AM, John Kelsey wrote: But those are pretty critical things, especially (a). You need to know whether it is yet safe to generate your high-value keypair. For that, you don't need super precise entropy estimates, but you do need at least a good first cut entropy

Re: [Cryptography] real random numbers

2013-09-15 Thread Kent Borg
John Kelsey wrote: I think the big problem with (b) is in quantifying the entropy you get. Maybe don't. When Bruce Schneier last put his hand to designing an RNG he concluded that estimating entropy is doomed. I don't think he would object to some coarse order-of-magnitude confirmation that

Re: [Cryptography] real random numbers

2013-09-14 Thread Kent Borg
On 09/14/2013 03:29 PM, John Denker wrote: Things like clock skew are usually nothing but squish ... not reliably predictable, but also not reliably unpredictable. I'm not interested in squish, and I'm not interested in speculation about things that might be random. I see theoretical the

[Cryptography] Finding Entropy Isn't That Hard

2013-09-13 Thread Kent Borg
On 09/11/2013 07:18 PM, Perry E. Metzger wrote: the world's routers, servers, etc. do not have good sources, especially at first boot time, and for customer NAT boxes and the like the price points are vicious. I agree that things like consumer NAT boxes have a tricky problem, and anything

Re: [Cryptography] Finding Entropy Isn't That Hard

2013-09-13 Thread Kent Borg
On 09/12/2013 10:41 AM, Kent Borg wrote: routers and servers are not as bad off as people say. Not that more sources is bad. A new trustworthy HW entropy source would be good. Even a suspect rdrand is worth XORing in (as Linux does on the machine I am using right now). But if you thirst

Re: [Cryptography] Finding Entropy Isn't That Hard

2013-09-13 Thread Kent Borg
On 09/13/2013 11:59 AM, Marcus Leech wrote: Any physical-world sensor driver, where the sensor inherently has a bit of noise, I think has a moral obligation to contribute bits to the kernel entopy pool. Within limits. Mixing the entropy pool on Linux takes work and battery power. Looking

Re: [Cryptography] Techniques for malevolent crypto hardware

2013-09-09 Thread Kent Borg
On 09/08/2013 11:56 PM, Jerry Leichter wrote: Which brings into the light the question: Just *why* have so many random number generators proved to be so weak. Your three cases left off an important one: Not bothering to seed the PRNG at all. I think the Java/Android cryptographic (!)

Re: [Cryptography] Techniques for malevolent crypto hardware

2013-09-08 Thread Kent Borg
On 09/08/2013 06:16 PM, John Kelsey wrote: I don't think you can do anything useful in crypto without some good source of random bits. I don't see the big worry about how hard it is to generate random numbers unless: a) You need them super fast (because you are Google, trying to secure

Re: [Cryptography] Techniques for malevolent crypto hardware

2013-09-08 Thread Kent Borg
On 09/08/2013 09:15 PM, Perry E. Metzger wrote: Perhaps you don't see the big worry, but real world experience says it is something everyone else should worry about anyway. I overstated it. Good random numbers are crucial, and like any cryptography, exact details matter. Programmers are

Re: Computer health certificate plan indistinguishable from Denial Of Service attack.

2010-10-07 Thread Kent Yoder
I'd love to know how they plan to validate my Linux boxes. OpenPTS [1] + TrouSerS [2] + Grub-IMA [3] + IMA [4] ;-) Kent [1] http://openpts.sourceforge.jp/ [2] http://trousers.sourceforge.net/ [3] http://sourceforge.jp/projects/openpts/wiki/GRUB-IMA [4] http://linux-ima.sourceforge.net

Re: full-disk subversion standards released

2009-03-05 Thread Kent Yoder
time I tested this it worked fine... Circa 2006... Kent functionality and implementation quality of TPMs is more or less a required second step).  I've implemented PGP email using a Fortezza card (which is surely the very last thing it was ever intended for), but not using a TPM... Mark Ryan

Re: full-disk subversion standards released

2009-03-05 Thread Kent Yoder
On Thu, Mar 5, 2009 at 12:13 PM, Kent Yoder shpedoi...@gmail.com wrote: Hi Peter, Apart from the obvious fact that if the TPM is good for DRM then it is also good for protecting servers and the data on them, In which way, and for what sorts of protection?  And I mean that as a serious inquiry

Re: DNSSEC to be strangled at birth.

2007-04-06 Thread kent
On Thu, Apr 05, 2007 at 04:49:33PM -0700, Paul Hoffman wrote: At 7:26 PM -0400 4/5/07, Thor Lancelot Simon wrote: On Thu, Apr 05, 2007 at 07:32:09AM -0700, Paul Hoffman wrote: Control: The root signing key only controls the contents of the root, not any level below the root. That is, of

Re: Status of opportunistic encryption

2006-06-02 Thread kent crispin
in the docs)? I've used openvpn to set up dedicated tunnels, but it isn't immediately obvious to me how it would be configured to do opportunistic encryption. -- Kent Crispin [EMAIL PROTECTED]p: +1 310 823 9358 f: +1 310 823 8649 [EMAIL PROTECTED] SIP: [EMAIL PROTECTED

Re: Trusting the Tools - was Re: Open Source ...

2003-10-13 Thread kent
it with a verified disassembler. (eg, what shows as bss 0 in the assembler listing is really code; what shows as one set of instructions in the listing is in reality different.) Kent -- Kent Crispin Be good, and you will be [EMAIL PROTECTED],[EMAIL PROTECTED

Re: traffic analysis

2003-08-29 Thread kent
any significant protection if the goal is to provide real-time access. -- Kent Crispin Be good, and you will be [EMAIL PROTECTED],[EMAIL PROTECTED] lonesome. p: +1 310 823 9358 f: +1 310 823 8649 -- Mark Twain