Re: [cryptography] Interesting note on how MS assign vulnerability classifications

2012-09-07 Thread Rose, Greg
On 2012 Sep 7, at 15:54 , Peter Gutmann wrote: Even if the likelihood of transforming the heap corruption into remote code execution is exceedingly low, you still have to classify it as RCE until you can rule out all possibility of code execution. ... and solve the halting problem. Greg.

Re: [cryptography] Crypto Fiddling?

2012-03-30 Thread Rose, Greg
On 2012 Mar 31, at 11:14 , Jeffrey Walton wrote: I'm aware of two standards where folks fiddled with a scheme and destroyed its security properties: * A5/3 based on Kasumi used in GSM networks * EAX' (EAX Prime) based on EAX mode Are there any other spectacular failures that come to

Re: [cryptography] if MitM via sub-CA is going on, need a name-and-shame catalog (Re: really sub-CAs for MitM deep packet inspectors?)

2011-12-02 Thread Rose, Greg
Some random chiming in... On 2011 Dec 2, at 5:00 , Adam Back wrote: On Sat, Dec 03, 2011 at 01:00:14AM +1300, Peter Gutmann wrote: I was asked not to reveal details and I won't, Of course, I would do the same if so asked. But there are lots of people on the list who have not obtained

Re: [cryptography] really sub-CAs for MitM deep packet inspectors? (Re: Auditable CAs)

2011-12-01 Thread Rose, Greg
On 2011 Nov 30, at 22:28 , Jon Callas wrote: On Nov 30, 2011, at 9:32 PM, Rose, Greg wrote: I run a wonderful Firefox extension called Certificate Patrol. It keeps a local cache of certificates, and warns you if a certificate, CA, or public key changes unexpectedly. Sort of like SSH

Re: [cryptography] HMAC over messages digest vs messages

2011-11-02 Thread Rose, Greg
On 2011 Nov 2, at 12:25 , Leandro Meiners wrote: Hi List! I was wondering if anybody could give me some pointers as to papers or books that discuss the advantages/disadvantages of computing an HMAC of a message versus previously computing a hash of the message and then calculating the

Re: [cryptography] Favourite signature scheme?

2011-01-27 Thread Rose, Greg
Some people have been referring to the Rabin signature algorithm as either Rabin-Miller or R-W (I assume meaning Rabin-Williams). Credit where credit is due: the scheme is entirely due to Michael Rabin according to my understanding. His name gets tied to the others in other contexts such as

Re: [cryptography] Fwd: [gsc] Fwd: OpenBSD IPSEC backdoor(s)

2010-12-16 Thread Rose, Greg
On 2010 Dec 17, at 9:46 , Steven Bellovin wrote: preposterous. Inconceivable. And I'm not quoting The Princess Bride. Greg. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography

Re: [cryptography] Micro-SD card encrypts voice on mobile phones

2010-12-02 Thread Rose, Greg
On 2010 Dec 2, at 13:30 , coderman wrote: On Wed, Dec 1, 2010 at 7:26 PM, Steven Bellovin s...@cs.columbia.edu wrote: http://www.cellular-news.com/story/46690.php 521-bit key and other odd claims? think i'll stick with RedPhone ... 521 is one of the standard sizes for characteristic-2 ECC