Re: Russia Intercepts US Military Communications?

oducts by the Weinstein brothers, which during those days were very active participants in both the Cypherpunks mailing list and Cypherpunks meetings. --Lucky Green - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

RE: Microsoft: Palladium will not limit what you can run

AARG!, having burned the nym with the moderator of this list and who is therefore now posting via the Hermes remailer commented on Microsoft, which similarly burned the Palladium name, claims: > Hopefully this will shed light on the frequent claims that > Palladium will limit what programs people

RE: Columbia crypto box

with the shuttle, but I would not be surprised in the least if all shuttles shared the same key. [Remind me to some time recount the tale of my discussing key management with the chief-cryptographer for a battlefield communication system consid

RE: EU Privacy Authorities Seek Changes in Microsoft 'Passport'

Rich Salz wrote: > Liberty is architected to be federated, unlike Passport. The Liberty Alliance was stillborn to begin with. Not that it made any practical difference, but the Liberty Alliance received an additional bullet through the head the day that RSA Security, a key participant in the Liber

RE: PGPfreeware 8.0: Not so good news for crypto newcomers

Nicko wrote: > > I think this comes down to a classic time/money tradeoff. PGP 8.0 > > Personal edition is currently priced at $39. Even as an > experienced > > Unix and PGP user I think that the GUI on PGP 8.0 will save > me an hour > > of effort over the lifetime of the product, which mean

Transparent drive encryption now in FreeBSD

g/cgi/cvsweb.cgi/src/sys/geom/bde/ Thanks, --Lucky Green [Moderator's note: FYI, NetBSD also has drive encryption these days. --Perry] - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptogr

RE: What email encryption is actually in use?

ional desirable STARTTLS-based feature in future releases of their software. --Lucky Green - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

RE: RSA's RC5-64 Secret Key Challenge has been solved.

may wish to inquire with competent legal counsel as to the legality of performing this research in the U.S. --Lucky Green - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

RE: Cryptogram: Palladium Only for DRM

a number of articles, it seems worth mentioning that Microsoft stated explicitly that increasing the security of DRM schemes protecting digital entertainment content, but not executable code, formed the impetus to the Palladium effort. --Lucky Green - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

FAQ: How will Microsoft respond to Lucky's patent application?

Lastly, I feel obliged to mention that it is quite irrelevant what I, Microsoft, or the subscribers to this list believe to be the case with respect to my patent application. All that matters is what the patent examiner at the USPTO believes. Unless one of the subscribers to this list happens

RE: Challenge to TCPA/Palladium detractors

y from source that matched the hash of the binaries built by PGP. --Lucky Green - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Utilizing Palladium against software piracy

today - an application for an US Patent covering numerous methods by which software applications can be protected against software piracy on a platform offering the features that are slated to be provided by Palladium. --Lucky Green ---

RE: IP: SSL Certificate "Monopoly" Bears Financial Fruit

Enzo wrote quoting Lucky: > > The cert shows as being issued by Equifax because Geotrust > purchased > > Equifax's root embedded in major browsers since MSIE 5 on the > > secondary market. (Geotrust purchased more than just the root). > > This raises an interesting legal issue. Should any loss

RE: IP: SSL Certificate "Monopoly" Bears Financial Fruit

ket. (Geotrust purchased more than just the root). --Lucky Green - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

RE: IP: SSL Certificate "Monopoly" Bears Financial Fruit

he day, getting a new root into the browsers will cost you about, give or take a few hundred k, $1M. Which makes the slightly used nCipher box an even better value. :-) --Lucky Green - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

RE: IP: SSL Certificate "Monopoly" Bears Financial Fruit

James wrote: > On 11 Jul 2002 at 1:22, Lucky Green wrote: > > "Trusted roots" have long been bought and sold on the > secondary market > > as any other commodity. For surprisingly low amounts, you > too can own > > a trusted root that comes pre-

RE: IP: SSL Certificate "Monopoly" Bears Financial Fruit

Peter Gutmann wrote, quoting Matthias Bruestle: > Both Netscape 6 and MSIE 5 contain ~100 built-in, > automatically-trusted CA certs. > > * Certs with 512-bit keys. > > * Certs with 40-year lifetimes. > > * Certs from organisations you've never heard of before > ("Honest Joe's Used >C

TPM cost constraint [was: RE: Revenge of the WAVEoid]

Bill wrote: > At 10:07 PM 06/26/2002 -0700, Lucky Green wrote: > >An EMBASSY-like CPU security co-processor would have seriously blown > >the part cost design constraint on the TPM by an order of > magnitude or > >two. > > Compared to the cost of rewriting Windo

RE: "Wild and Crazy": Interview with Palladium's Mario Juarez

vendor re-bind your data file encryption keys to the new TPM. I am not aware of any such plans for non-user generated data, such as purchased entertainment content, but then requiring the user to repurchase such data when changing motherboards is not incompatible with the content providers

RE: Ross's TCPA paper

behind the TCPA. The motive has been DRM. Does this mean that one should ignore the benefits that TCPA might bring? Of course not. But it does mean that one should carefully weigh the benefits against the risks. --Lucky Green

RE: DRMs vs internet privacy (Re: Ross's TCPA paper)

cate the user to other online services. It is very much the intent of the TCPA to permit the use of pseudonymous credentials for many, if not most, applications. Otherwise, the TCPA's carefully planned attempts at winning over the online liberty groups wo

RE: Revenge of the WAVEoids: Palladium Clues May Lie In AMD Motherboard Design

Bob wrote quoting Mark Hachman: > The whitepaper can not be considered a roadmap to the design > of a Palladium-enabled PC, although it is one practical > solution. The whitepaper was written at around the time the > Trusted Computing Platform Association > (TCPA) was formed in the fall of 2000

Two additional TCPA/Palladium plays

ch one can obtain its globally unique ID, the serial number of the application that created the document, or the public key of the person who licensed the application. (Other ways to exist but are omitted in the interest of brevity). --Lucky Green

RE: Ross's TCPA paper

but not design documents, available to the public, unfortunately does not provide any documentation which reasoning lead to this decision. --Lucky Green - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

RE: Steven Levy buys Microsoft's bullshit hook, line, and sinker

I mentioned, some which Steven Levy has published (though he largely fell for the designated bait and missed the numerous hooks), some which Bram has realized, and some which have yet to be talked about. Some desirable, some questionable, and a lot of them downright scary. Sincerely, --Lucky Green - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

RE: Ross's TCPA paper

Anonymous writes: > Lucky Green writes regarding Ross Anderson's paper at: > Ross and Lucky should justify their claims to the community > in general and to the members of the TCPA in particular. If > you're going to make accusations, you are obliged to offer > evid

RE: Ross's TCPA paper

no corresponding decryption keys. Reverse engineering turns pretty dim at that point. None of these obstacles are impossible to overcome, but not by Joe Computer User, not by even the most talented 16-year old hacker, and not even by ma

RE: DOJ proposes US data-rentention law.

rephrase John's very valid question in a slightly more targeted fashion: how likely is it that cleared personnel working at the ISP will refuse an official request for law enforcement assistance? --Lucky Green - The Cr

Ross's TCPA paper

orts of the TCPA and the Hollings bill would be greatly aided by attempts to establish which of the two scenarios is the fact the case. --Lucky Green - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Secure mail relays [was:RE: DOJ proposes US data-rentention law. ]

John wrote quoting Lucky: > > Locate the button in your MUA that's labeled "Use secure > connection" > > or something to that effect, search the docs for your MTA for the > > words "STARTTLS", "relaying", and potentially "SASL", don't > use your > > ISP's smtp server, encourage those that you

RE: Shortcut digital signature verification failure

Bill wrote: > I have been thinking about how to limit denial of service > attacks on a server which will have to verify signatures on > certain transactions. It seems that an attacker can just > send random (or even not so random) data for the signature > and force the server to perform exten

RE: DOJ proposes US data-rentention law.

ji wrote: > Under this proposed law, will ISPs have to scan *all* SMTP > traffic and record the envelope, or only the traffic for > which they actually do > SMTP forwarding? If the latter is the case, we can simply go > back to the original end-to-end SMTP delivery model; no > POP/IMAP or an

RE: Lucky's 1024-bit post [was: RE: objectivity and factoring analysis]

Enzo wrote: > Further to Lucky's comments: in the last few days I have > discussed keysize issues with a few people on a couple of > mailing lists, and I have encountered a hostility to large > keysizes of which, frankly, I don't understand the reasons. > On the client side at least, performan

Lucky's 1024-bit post [was: RE: objectivity and factoring analysis]

Anonymous wrote (quoting Adam): > Adam Back wrote: > > The mocking tone of recent posts about Lucky's call seems quite > > misplaced given the checkered bias and questionable > authority of the > > above conflicting claims we've seen quoted. > > No, Lucky made a few big mistakes. First, he in

PGP key server changes [was: RE: 1024-bit RSA keys in danger of compromise]

Enzo wrote: > Hmmm... I see that the new 4096-bit super-duper key, besides > its own (which doesn't prove much), only bears the signatures > of the now revoked -as potentially compromised- old keys > 0x375AD924 and 0xEEE8CFF3, plus 0x06757D2D (which turns out > to be a 1024-bit DSA key) and

1024-bit RSA keys in danger of compromise

urprising, since many vendor offerings fail to support larger keys. In light of the above, I reluctantly revoked all my personal 1024-bit PGP keys and the large web-of-trust that these keys have acquired over time. The keys should be considered compromised. The revoked keys and my new keys ar

RSA on general-purpose CPU's [was:RE: Secure peripheral cards]

Adam Back wrote: > openSSL on a PIII-633Mhz can do 265 512 bit CRT RSA per > second, or 50 1024 bit CRT RSA per second. So wether it will > even speed up current entry-level systems depends on the > correct interpretation of the product sheet. > > And the economics of course depends on how

Re: theory: unconditional security

Carl wrote: > I suspect you find little written about OTP work because people have > always assumed the keys were impractical to distribute, store and > use. While distribution of OTP's has become feasible amongst tightly-knit groups of non-governmental actors, the rate at which OTP's can be gene

Re: Cringely Gives KnowNow Some Unbelievable Free Press... (fwd)

Philip, If we can at all fit it into the schedule, IFCA will attempt to offer a colloquium on this topic at FC. Based on the countless calls inquiring about this issue that I received just in the last few days, the customers of financial cryptography are quite concerned about the Bernstein paper,

Re: PGP & GPG compatibility

this email encryption standard is supported out-of-the-box by the overwhelming majority of deployed MUA's in the world. -- Lucky Green <[EMAIL PROTECTED]> - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

FW: FreeSWAN Release 1.93 ships!

1 7:54 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: FreeSWAN Release 1.93 ships! On Sunday 09 December 2001 07:32 pm, Lucky Green <[EMAIL PROTECTED]> wrote: > The big question is: will FreeS/WAN latest release after some 4 or 5 > years of development finally both compile and ins

RE: FreeSWAN Release 1.93 ships!

The big question is: will FreeS/WAN latest release after some 4 or 5 years of development finally both compile and install cleanly on current versions of Red Hat Linux, FreeS/WAN's purported target platform? --Lucky, who is bothered by the fact that most his Linux using friends so far have been u