Re: Digital signatures have a big problem with meaning

2005-06-13 Thread Peter Gutmann
Rich Salz [EMAIL PROTECTED] writes: Peter's shared earlier drafts with me, and we've exchanged email about this. The only complaint that has a factual basis is this: I don't want to have to implement XML processing to do XML Digital Signatures I don't want to have to

Re: Digital signatures have a big problem with meaning

2005-06-13 Thread Rich Salz
I don't want to have to re-implement Apache in order to do an SSL implementation. ... Those analogies aren't apt. XML is a data format, so it's more like I don't want to have to implement ASN1/DER to do S/MIME Which is a nonsensical complaint. Makes sense to me.

Re: encrypted tapes (was Re: Papers about Algorithm hiding ?)

2005-06-13 Thread Ben Laurie
[EMAIL PROTECTED] wrote: [EMAIL PROTECTED] wrote: | Oracle, for example, provides encryption functions, but the real problem | is the key handling (how to make sure the DBA can't get the key, cannot | call functions that decrypt the data, key not copied with the backup, | etc.). | There are

Re: encrypted tapes (was Re: Papers about Algorithm hiding ?)

2005-06-13 Thread astiglic
Ben Laurie wrote [EMAIL PROTECTED] wrote: Example: Cash_Ur_check is in the business of cashing checks. To cash a check, they ask you for sensitive information like SIN, bank account number, drivers licence number, etc. They use the information to query Equifax or the like to see if the

Re: encrypted tapes (was Re: Papers about Algorithm hiding ?)

2005-06-13 Thread Ben Laurie
[EMAIL PROTECTED] wrote: Ben Laurie wrote [EMAIL PROTECTED] wrote: Example: Cash_Ur_check is in the business of cashing checks. To cash a check, they ask you for sensitive information like SIN, bank account number, drivers licence number, etc. They use the information to query Equifax

Re: encrypted tapes (was Re: Papers about Algorithm hiding ?)

2005-06-13 Thread Adam Shostack
On Fri, Jun 10, 2005 at 01:11:45PM -0400, [EMAIL PROTECTED] wrote: | Ben Laurie wrote | Sure, but Equifax should. | | No, they shouldn't! If you think they should, you are missinformed. At | least in Canada, the Privacy Act protects the SIN, Equifax cannot demand | it. | See for example |

Re: encrypted tapes (was Re: Papers about Algorithm hiding ?)

2005-06-13 Thread astiglic
[EMAIL PROTECTED] wrote: Ben Laurie wrote [EMAIL PROTECTED] wrote: Example: Cash_Ur_check is in the business of cashing checks. To cash a check, they ask you for sensitive information like SIN, bank account number, drivers licence number, etc. They use the information to query Equifax

Re: encrypted tapes

2005-06-13 Thread dan
On 6/8/05, [EMAIL PROTECTED] (Perry E. Metzger) wrote: -+-- | If you have no other choice, pick keys for the next five years, | changing every six months, print them on a piece of paper, and put it | in several safe deposit boxes. Hardcode

Re: analysis of the Witty worm

2005-06-13 Thread Steven M. Bellovin
In message [EMAIL PROTECTED], Jerrold Leichter writes: | | The paper itself (there's a link in the article) has several more items | | of interest to this list. Especially interesting is the effective | | cryptanalysis of the PRNG used by the worm. Implicit in many of the | | analyses, though

Re: de-identification

2005-06-13 Thread Florian Weimer
I'd like to come up to speed on the state of the art in de-identification (~=anonymization) of data especially monitoring data (firewall/hids logs, say). We call it pseudonymization (Pseudonymisierung). It's a commonly used technique in Germany to detaint personally identifiable information,

[ANNOUNCE] OpenSSL 0.9.8 beta 5 released

2005-06-13 Thread Richard Levitte - VMS Whacker
OpenSSL version 0.9.8 Beta 5 OpenSSL - The Open Source toolkit for SSL/TLS http://www.openssl.org/ OpenSSL is currently in a release cycle. The fifth beta is now released. The beta release is available for download via HTTP and FTP from the following

Re: Collisions for hash functions: how to exlain them to your boss

2005-06-13 Thread Eric Rescorla
Stefan Lucks [EMAIL PROTECTED] writes: Magnus Daum and myself have generated MD5-collisons for PostScript files: http://th.informatik.uni-mannheim.de/people/lucks/HashCollisions/ This work is somewhat similar to the work from Mikle and Kaminsky, except that our colliding files are not

Re: de-identification

2005-06-13 Thread Anne Lynn Wheeler
Florian Weimer wrote: We call it pseudonymization (Pseudonymisierung). It's a commonly used technique in Germany to detaint personally identifiable information, so you can share it freely for statistics purposes. The methods used in the field are rather crude (time-seeded LCGs are very

Re: expanding a password into many keys

2005-06-13 Thread John Kelsey
From: Ian G [EMAIL PROTECTED] Sent: Jun 12, 2005 11:27 AM To: cryptography@metzdowd.com Subject: expanding a password into many keys I'd like to take a password and expand it into several keys. It seems like a fairly simple operation of hashing the concatonatonation of the password with each key

encrypted backup tapes

2005-06-13 Thread Richard Schroeppel
Back when software was free, ~1974, the standard DEC PDP10 disk-tape backup program, FRS, included an encryption option. Rich Schroeppel [EMAIL PROTECTED] - The Cryptography Mailing List Unsubscribe by sending unsubscribe

RE: Collisions for hash functions: how to exlain them to your boss

2005-06-13 Thread Weger, B.M.M. de
Hi Eric, Technically speaking you're correct, they're signing a program. But most people, certainly non-techies like Alice's boss, view postscript (or MS Word, or name your favourite document format that allows macros) files not as programs but as static data. In being targeted at non-techies I

Re: Collisions for hash functions: how to exlain them to your boss

2005-06-13 Thread Eric Rescorla
Weger, B.M.M. de [EMAIL PROTECTED] writes: Technically speaking you're correct, they're signing a program. But most people, certainly non-techies like Alice's boss, view postscript (or MS Word, or name your favourite document format that allows macros) files not as programs but as static

Re: expanding a password into many keys

2005-06-13 Thread Ondrej Mikle
On 6/12/05, Ian G [EMAIL PROTECTED] wrote: I'd like to take a password and expand it into several keys. It seems like a fairly simple operation of hashing the concatonatonation of the password with each key name in turn to get each key. Are there any 'gotchas' with that? iang I guess

Re: expanding a password into many keys

2005-06-13 Thread Ed Gerck
Ian, You need to go beyond the scope of simple-minded PKCS recommendations to calculate keys from passwords. If you want to improve security, just adding padding and salt is not enough. Yes, of course, your code should add padding, so that the sha1 argument always has the same, fixed, length

Re: expanding a password into many keys

2005-06-13 Thread Anne Lynn Wheeler
Ian G wrote: I'd like to take a password and expand it into several keys. It seems like a fairly simple operation of hashing the concatonatonation of the password with each key name in turn to get each key. there is financial standard for derived key per transaction from x9f taxonomy and

RE: encrypted tapes (was Re: Papers about Algorithm hiding ?)

2005-06-13 Thread Peter Gutmann
Jerrold Leichter [EMAIL PROTECTED] writes: They also sold a full solution for encrypted Ethernet - KDC, encrypting Ethernet adapters, associated software. None of this stuff went anywhere. People just weren't interested. That wasn't quite the case for the Ethernet encryption. What happened