Santiago Aguiar wrote:
As I wrote in my last email, in Brazil they are devising a protocol to
activate tracking/blocking devices to be installed from factory in
*every* vehicle, starting progressively from august 2009. The idea is
that a service operator (SO) can activate a device to work
David Wagner wrote:
This does sound like it introduces novel risks. I would suggest that
rather than spending too much energy on the cryptomath, it would make
sense to focus energy on the systems issues and the security requirements.
Very interesting read. These topics are being discussed,
I'm afraid this email will probably will be a) flamed away (because it's
not from a cryptographer, but forced to do crypto-things, and I do know
your opinion about this matter...) b) ignored (same reason!). I'm
sending it anyway because any kind of feedback would be welcomed ;), and
the
On Feb 27, 2009, at 2:13 PM, Santiago Aguiar wrote:
* Is there any standard cryptographic hash function with an output
of about 64 bits? It's OK for our scenario if finding a preimage for
a particular signature takes 5 days. Not if it takes 5 minutes.
Not specifically, but you can simply take
Hi,
Jerry Leichter wrote:
Not specifically, but you can simply take the first 64 bits from a
larger cryptographically secure hash function.
OK, I didn't know if it was right to do just that. We were thinking to
use that hash in an HMAC so the TCU and SO can know that they were
originated from
As it has been pointed out numerous times on this and other places, this
is a singularly bad idea.
The crypto isn't even the hardest part (and it's hard enough).
Just don't do it. If you are going to spend your energy on anything, it
should be to work against such a plan.
/ji
John Ioannidis wrote:
Just don't do it. If you are going to spend your energy on anything,
it should be to work against such a plan.
I would agree, but I fear that a this is never going to work, drop it
will be less heard than any effort in at least trying to raise the bar
for an attack.
On Mar 2, 2009, at 12:56 PM, Santiago Aguiar wrote:
Hi,
Jerry Leichter wrote:
Not specifically, but you can simply take the first 64 bits from a
larger cryptographically secure hash function.
OK, I didn't know if it was right to do just that. We were thinking
to use that hash in an HMAC so