RE: [EMAIL PROTECTED]: Skype security evaluation]

2005-11-13 Thread Marcel Popescu
Do you have some articles about these protocols? The authoritative reference for TLS is the TLS RFC (http://www.ietf.org/rfc/rfc2246.txt). The authoritative reference for IPsec is of course the IPsec RFC (http://www.ietf.org/rfc/rfc2401.txt). As to why they wouldn't use these as they stand,

RE: [EMAIL PROTECTED]: Skype security evaluation]

2005-11-13 Thread Peter Gutmann
Marcel Popescu [EMAIL PROTECTED] writes: From: [EMAIL PROTECTED] [mailto:owner- [EMAIL PROTECTED] On Behalf Of Peter Gutmann I can't understand why they didn't just use TLS for the handshake (maybe YASSL) and IPsec sliding-window + ESP for the transport (there's a free minimal

Re: [EMAIL PROTECTED]: Skype security evaluation]

2005-11-04 Thread cyphrpunk
On 10/31/05, Kuehn, Ulrich [EMAIL PROTECTED] wrote: There are results available on this issue: First, a paper by Boneh, Joux, and Nguyen Why Textbook ElGamal and RSA Encryption are Insecure, showing that you can essentially half the number of bits in the message, i.e. in this case the

RE: [EMAIL PROTECTED]: Skype security evaluation]

2005-11-03 Thread Marcel Popescu
From: [EMAIL PROTECTED] [mailto:owner- [EMAIL PROTECTED] On Behalf Of Peter Gutmann I can't understand why they didn't just use TLS for the handshake (maybe YASSL) and IPsec sliding-window + ESP for the transport (there's a free minimal implementation of this whose name escapes me for use by

Re: [EMAIL PROTECTED]: Skype security evaluation]

2005-10-31 Thread Peter Gutmann
Jack Lloyd [EMAIL PROTECTED] writes: I just reread those sections and I still don't see anything about RSA encryption padding either. 3.2.2 just has some useless factoids about the RSA implementation (but neglects to mention important implementation points, like if blinding is used, or if

Re: [EMAIL PROTECTED]: Skype security evaluation]

2005-10-31 Thread cyphrpunk
Wasn't there a rumor last year that Skype didn't do any encryption padding, it just did a straight exponentiation of the plaintext? Would that be safe, if as the report suggests, the data being encrypted is 128 random bits (and assuming the encryption exponent is considerably bigger than 3)?

RE: [EMAIL PROTECTED]: Skype security evaluation]

2005-10-31 Thread Whyte, William
]; cryptography@metzdowd.com Subject: Re: [EMAIL PROTECTED]: Skype security evaluation] Wasn't there a rumor last year that Skype didn't do any encryption padding, it just did a straight exponentiation of the plaintext? Would that be safe, if as the report suggests, the data being encrypted

AW: [EMAIL PROTECTED]: Skype security evaluation]

2005-10-31 Thread Kuehn, Ulrich
-Urspr√ľngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von cyphrpunk Gesendet: Freitag, 28. Oktober 2005 06:07 An: [EMAIL PROTECTED]; cryptography@metzdowd.com Betreff: Re: [EMAIL PROTECTED]: Skype security evaluation] Wasn't there a rumor last year

Re: [EMAIL PROTECTED]: Skype security evaluation]

2005-10-26 Thread Dirk-Willem van Gulik
On Mon, 24 Oct 2005, cyphrpunk wrote: Is it possible that Skype doesn't use RSA encryption? Or if they do, do they do it without using any padding, and is that safe? You may want to read the report itself: http://www.skype.com/security/files/2005-031%20security%20evaluation.pdf and

Re: [EMAIL PROTECTED]: Skype security evaluation]

2005-10-26 Thread Jack Lloyd
On Wed, Oct 26, 2005 at 07:47:22AM -0700, Dirk-Willem van Gulik wrote: On Mon, 24 Oct 2005, cyphrpunk wrote: Is it possible that Skype doesn't use RSA encryption? Or if they do, do they do it without using any padding, and is that safe? You may want to read the report itself:

Re: [EMAIL PROTECTED]: Skype security evaluation]

2005-10-25 Thread cyphrpunk
On 10/23/05, Travis H. [EMAIL PROTECTED] wrote: My understanding of the peer-to-peer key agreement protocol (hereafter p2pka) is based on section 3.3 and 3.4.2 and is something like this: A - B: N_ab B - A: N_ba B - A: Sign{f(N_ab)}_a A - B: Sign{f(N_ba)}_b A - B: Sign{A, K_a}_SKYPE B -

Re: [EMAIL PROTECTED]: Skype security evaluation]

2005-10-24 Thread Damien Miller
On Sun, 23 Oct 2005, Joseph Ashwood wrote: - Original Message - Subject: [Tom Berson Skype Security Evaluation] Tom Berson's conclusion is incorrect. One needs only to take a look at the publicly available information. I couldn't find an immediate reference directly from the Skype

Re: [EMAIL PROTECTED]: Skype security evaluation]

2005-10-24 Thread Travis H.
That's a fairly interesting review, and Skype should be commended for hiring someone to do it. I hope to see more evaluations from vendors in the future. However, I have a couple of suggestions. My understanding of the peer-to-peer key agreement protocol (hereafter p2pka) is based on section

Re: [EMAIL PROTECTED]: Skype security evaluation]

2005-10-23 Thread Joseph Ashwood
- Original Message - Subject: [Tom Berson Skype Security Evaluation] Tom Berson's conclusion is incorrect. One needs only to take a look at the publicly available information. I couldn't find an immediate reference directly from the Skype website, but it uses 1024-bit RSA keys, the