Re: [Cryptography] prism-proof email in the degenerate case

2013-10-10 Thread lists
Having a public bulletin board of posted emails, plus a protocol for anonymously finding the ones your key can decrypt, seems like a pretty decent architecture for prism-proof email. The tricky bit of crypto is in making access to the bulletin board both efficient and private. This idea has

Re: Crypto dongles to secure online transactions

2009-11-16 Thread lists
Ben Laurie benl google.com writes: Anyway, I should mention my own paper on this subject (with Abe Singer) from NSPW 2008, Take The Red Pill _and_ The Blue Pill: http://www.links.org/files/nspw36.pdf In writing on page 2 that you do not need to secure what you put in an Amazon shopping basket

Re: Unattended reboots (was Re: The clouds are not random enough)

2009-08-03 Thread lists
Arshad Noor arshad.noor strongauth.com wrote: to the keys, in order for the application to have access to the keys in the crypto hardware upon an unattended reboot, the PINs to the hardware must be accessible to the application. If the application has automatic access to the PINs, then so

Re: Decimal encryption

2008-08-27 Thread lists
Philipp G├╝hring wote: I am searching for symmetric encryption algorithms for decimal strings. Let's say we have various 40-digit decimal numbers: 2349823966232362361233845734628834823823 3250920019325023523623692235235728239462 0198230198519248209721383748374928601923 As far as I

Re: Looking through a modulo operation

2008-07-23 Thread lists
Matt Ball matt.ball ieee.org wrote Here is a C implementation of __random32: typedef unsigned long u32; struct rnd_state { u32 s1, s2, s3; }; static u32 __random32(struct rnd_state *state) { #define TAUSWORTHE(s,a,b,c,d) ((sc)d) ^ (((s a) ^ s)b) state-s1 = TAUSWORTHE(state-s1, 13,

Re: Lack of fraud reporting paths considered harmful.

2008-01-25 Thread lists
Perry wrote: His firm routinely discovers attempted credit card fraud. However, since there is no way for them to report attempted fraud to the credit card network (the protocol literally does not allow for it), all they can do is refuse the transaction -- they literally have no mechanism to

Re: Death of antivirus software imminent

2008-01-14 Thread lists
From: Alex Alten [EMAIL PROTECTED] Writing in support of CALEA capability to assist prosecuting botnet operators etc ... Generally any standard encrypted protocols will probably eventually have to support some sort of CALEA capability. So you havn't heard that the UK has closed down the

No PAL please, we're British

2007-11-15 Thread lists
According to this BBC story until fairly recently the British military refused to have PALs on nuclear weapons. http://news.bbc.co.uk/1/hi/programmes/newsnight/7097101.stm - The Cryptography Mailing List Unsubscribe by sending

Re: Password hashing

2007-10-13 Thread lists
This does not extend the discussion at hand, but it might be useful to some here who may have to deal with FIPS 140-2. On 13 Oct 2007 09:32:44 +1000, Damien Miller wrote: Some comments: * Use of an off-the-shelf algorithm like SHA1 might be nice for tick here for FIPS certification, but

Re: Full Disk Encryption solutions selected for US Government use

2007-10-10 Thread lists
On 8 Oct 2007 10:12:58 -0700, Stephan Somogyi wrote: At 02:11 +1300 09.10.2007, Peter Gutmann wrote: But if you build a FDE product with it you've got to get the entire product certified, not just the crypto component. I don't believe this to be the case. FIPS 140(-2) is about

Re: Scare tactic?

2007-09-21 Thread lists
Ivan Krstic ... But hey, if the peer is malicious or compromised to begin with, it could just as well do DH normally and explicitly send the secret to the listener when it's done. Not much to see here. But it gets more interesting if the endpoints are not completely and solely controlled by

RE: Another Snake Oil Candidate

2007-09-14 Thread lists
On 12 Sep 2007 20:18:22 -0700, Aram Perez wrote: I don't about you, but when I hear terms like (please pardon my cynicism): with military grade AES encryption - Hum, I'll have to ask NIST about that. AES can be permitted for use in classified environments. See

[cryptography] provable security

2007-08-09 Thread Pascal Junod (Mailing Lists)
It is worth reading: http://www.ams.org/notices/200708/tx070800972p.pdf Pascal - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: FIPS 140-2, PRNGs, and entropy sources

2007-07-16 Thread lists
On 9 Jul 2007 16:08:33 -0600, Darren Lasko wrote: 2) Does FIPS 140-2 have any requirements regarding the quality of the entropy source that is used for seeding a PRNG? Yes. The requirement imposed by FIPS 140-2 (http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf) are in section

Re: can a random number be subject to a takedown?

2007-05-01 Thread lists
A lot of sites have been getting DMCA takedowns for the HD-DVD processing key that got leaked recently. My question to the assembled: are cryptographic keys really subject to DMCA subject to takedown requests? I suspect they are not copyrightable under the criterion from the phone directory

Re: How important is FIPS 140-2 Level 1 cert?

2007-01-02 Thread lists
On 27 Dec 2006 14:10:10 -0500, Thor Lancelot Simon wrote: On Tue, Dec 26, 2006 at 05:36:42PM +1300, Peter Gutmann wrote: In addition I've heard of evaluations where the generator is required to use a monotonically increasing counter (clock value) as the seed, so you can't just use the PRNG

Re: How important is FIPS 140-2 Level 1 cert?

2006-12-27 Thread lists
On 22 Dec 2006 11:43:58 -0500, Perry E. Metzger wrote: [I was asked to forward this anonymously. --Perry] From: [Name Withheld] To: cryptography@metzdowd.com Subject: Re: How important is FIPS 140-2 Level 1 cert? Paul Hoffman [EMAIL PROTECTED] wrote: At 11:25 AM -0500 12/21/06, Saqib

Re: classical crypto programmatic aids

2006-06-29 Thread lists
Travis, Does anyone here know of any computer-based aids for breaking classical cryptosystems? I'm thinking in particular of the ones in Body of Secrets, which are so short that I really hope they're monoalphabetic substitutions. But I'm interested in these sorts of programs more

Re: Pseudonymity for tor: nym-0.1 (fwd)

2005-10-07 Thread lists
From: Bill Frantz [EMAIL PROTECTED] system, for example, recognition of the number on an image. In fact, This solution is subject to a rather interesting attack, which to my knowledge has not yet been named, although it is occasionally used Stealing Cycles from Humans is the name I know for

Re: European country forbids its citizens from smiling for passport photos

2005-09-17 Thread lists
From: William Allen Simpson [EMAIL PROTECTED] Do you really need to click on this link to know which one it is? http://cbs5.com/watercooler/watercooler_story_258152613.html Which one it is depends what the meaning of one is. Announced in multiple news sources last year:

Re: The cost of online anonymity

2005-09-11 Thread lists
From: R.A. Hettinga [EMAIL PROTECTED] http://news.bbc.co.uk/1/low/programmes/click_online/4227578.stm Digital evidence expert at the London School of Economics, Peter Sommer says: A few years ago I was very much in favour of libertarian computing. What changed my mind was the

Re: encrypted tapes

2005-06-09 Thread lists
From: Perry E. Metzger [EMAIL PROTECTED] It is worse than that. At least one large accounting company sends new recruits to a boot camp where they learn how to conduct security audits by rote. They then send these brand new 23 year old security auditors out to conduct security audits, with

Re: encrypted tapes (was Re: Papers about Algorithm hiding ?)

2005-06-09 Thread lists
From: Charles M. Hannum [EMAIL PROTECTED] I can name at least one obvious case where sensitive data -- namely credit card numbers -- is in fact something you want to search on: credit card billing companies like CCbill and iBill. Without the ability to search by CC#, customers are pretty

Re: Is finding security holes a good idea?

2004-06-13 Thread lists
From: Eric Rescorla [EMAIL PROTECTED] Is finding security holes a good idea? Paper:http://www.dtc.umn.edu/weis2004/rescorla.pdf Slides: http://www.dtc.umn.edu/weis2004/weis-rescorla.pdf In section 1 there's a crucial phrase not properly followed up: significant opportunity cost

Re: Reliance on Microsoft called risk to U.S. security

2003-10-02 Thread lists
From: bear [EMAIL PROTECTED] Heh. You looked at my mail headers, didn't you? Yes, I use pine - primarily *because* of that property. It treats all incoming messages as text rather than live code. BUGTRAQ in the last 3 years lists over 80 mails on pine - including reference to this recently