[ADMIN] List moderation resuming

2008-03-15 Thread Perry E. Metzger
A combination of factors unexpectedly kept me away from moderation duties for a few weeks. I'll be forwarding highlights of the backlog shortly. -- Perry E. Metzger[EMAIL PROTECTED] - The Cryptography Mailing

Re: cold boot attacks on disk encryption

2008-03-15 Thread Peter Gutmann
Leichter, Jerry [EMAIL PROTECTED] writes: I seem to recall some (IBM?) research in which you wore a ring with an RFID- like chip in it. Move away from your machine for more than some preset time and it locks. I'm sure we'll see many similar ideas come into use. There were commercial products

Re: Fixing SSL (was Re: Dutch Transport Card Broken)

2008-03-15 Thread Ben Laurie
Philipp G├╝hring wrote: I had the feeling that Microsoft wants to abandon the usage of client certificates completely, and move the people to CardSpace instead. But how do you sign your emails with CardSpace? CardSpace only does the realtime authentication part of the market ... It's not

Re: Toshiba shows 2Mbps hardware RNG

2008-03-15 Thread Peter Gutmann
Dan Kaminsky [EMAIL PROTECTED] writes: For example, the following construction: Start with an RNG. Retrieve 64K of random data. Assume there might be a bias somewhere in there, but that at least 256 bits are good. SHA-256 the data. AES-256 encrypt the data with the result from the SHA-256.

Re: wrt Cold Boot Attacks on Disk Encryption

2008-03-15 Thread Ken Buchanan
A lot of people seem to agree with what Declan McCullagh writes here: It's going to make us rethink how we handle laptops in sleep mode and servers that use encrypted filesystems (a mail server, for instance). What I'd like to know is why people weren't already rethinking this when people

delegating SSL certificates

2008-03-15 Thread travis+ml-cryptography
So at the company I work for, most of the internal systems have expired SSL certs, or self-signed certs. Obviously this is bad. I know that if we had IT put our root cert in the browsers, that we could then generate our own SSL certs. Are there any options that don't involve adding a new root

Re: cold boot attacks on disk encryption

2008-03-15 Thread Steven M. Bellovin
On Thu, 21 Feb 2008 13:37:20 -0800 Ali, Saqib [EMAIL PROTECTED] wrote: Umm, pardon my bluntness, but what do you think the FDE stores the key in, if not DRAM? The encrypting device controller is a computer system with a CPU and memory. I can easily imagine what you'd need to build to do

Rewriting the cryptography debate

2008-03-15 Thread Matt Blaze
So I recently re-read Lawrence Wright's controversial piece in the New Yorker profiling Director of National Intelligence Mike McConnell. (http://www.newyorker.com/reporting/2008/01/21/080121fa_fact_wright) While the piece's glimpse into the administration's attitudes toward torture and

Politics 1, security 0

2008-03-15 Thread Peter Gutmann
Microsoft recently published the specs for a pile of previously undocumented or semi-documented protocols and data formats. One of them covers the atrociously-named Health Certificates, which have nothing to do with healthcare but are used to indicate compliance of systems with security policies.

Safari falls afoul of the security fashionistas

2008-03-15 Thread Peter Gutmann
Various browsers (e.g. Firefox and IE) recently implemented the latest fashion in security, EV certs (already discussed on this list in the past) and blacklists, neither of which have much effect on phishing but both of which make great security fashion statements. Unfortunately, it looks like

Book Review

2008-03-15 Thread Aram Perez
Hi Folks, Does anyone have a review on the upcoming book Modern Cryptanalysis: Techniques for Advanced Code Breaking by Christopher Swenson? Thanks, Aram Perez - The Cryptography Mailing List Unsubscribe by sending unsubscribe

Mixmaster 3.0 released

2008-03-15 Thread Len Sassaman
Dear all, [Apologies if you get multiple copies of this email.] Mixmaster 3.0 has been released this week. This is the first major version release since 2.9, and a continuation of that code, though it incorporates numerous improvements, feature enhancements, and bug-fixes. It is recommended that

RNG for Padding

2008-03-15 Thread COMINT
Hi, This may be out of the remit of the list, if so a pointer to a more appropriate forum would be welcome. In Applied Crypto, the use of padding for CBC encryption is suggested to be met by ending the data block with a 1 and then all 0s to the end of the block size. Is this not introducing a

Another NXP Mifare Classic attack

2008-03-15 Thread Allen
http://www.dailyprogress.com/servlet/Satellite?pagename=CDP/MGArticle/CDP_BasicArticlec=MGArticlecid=1173354778618path= The article is not real clear about the level of physical dissection actually used, but it does appear that progress is being made on that front as well. Allen

Unique locks on microchips could reduce hardware piracy

2008-03-15 Thread David G. Koontz
http://www.physorg.com/news123951684.html The technique is called EPIC, short for Ending Piracy of Integrated Circuits. It relies on established cryptography methods and introduces subtle changes into the chip design process. But it does not affect the chips' performance or power consumption.

Re: Unique locks on microchips could reduce hardware piracy

2008-03-15 Thread David G. Koontz
David G. Koontz wrote: http://www.physorg.com/news123951684.html Two more articles: http://arstechnica.com/news.ars/post/20080309-fighting-the-black-market-crypto-locks-for-cpus-other-ics.html This one has a bit of the technical description

Re: Unique locks on microchips could reduce hardware piracy

2008-03-15 Thread David G. Koontz
Two papers of interest in evaluating the paper http://www.eecs.umich.edu/~imarkov/pubs/conf/date08-epic.pdf EPIC: Ending Piracy of Integrated Circuits Jarrod A. Roy?, Farinaz Koushanfar? and Igor L. Markov? ?The University of Michigan, Department of EECS, 2260 Hayward Ave., Ann Arbor, MI

RFID-hack hits 1 billion digital access cards worldwide

2008-03-15 Thread David G. Koontz
http://computerworld.co.nz/news.nsf/scrt/3FF9713E23292846CC25740A0069243E The Dutch government has issued a warning about the security of access keys that are based on the widely used Mifare Classic RFID chip. The warning comes in a week when two research teams independently demonstrated hacks

announcing allmydata.org Tahoe v0.9

2008-03-15 Thread zooko
ANNOUNCING: Allmydata.org Tahoe version 0.9 We are pleased to announce the release of version 0.9 of allmydata.org Tahoe. Allmydata.org Tahoe is a secure, decentralized, fault-tolerant filesystem. All of the source code is available under a Free Software, Open Source licence (or two). This

Re: wrt Cold Boot Attacks on Disk Encryption

2008-03-15 Thread Jacob Appelbaum
Ken Buchanan wrote: A lot of people seem to agree with what Declan McCullagh writes here: It's going to make us rethink how we handle laptops in sleep mode and servers that use encrypted filesystems (a mail server, for instance). What I'd like to know is why people weren't already

Re: wrt Cold Boot Attacks on Disk Encryption

2008-03-15 Thread Len Sassaman
On Mon, 25 Feb 2008, Ken Buchanan wrote: Adam Boileau demonstrated finding passwords, but of course we already know that it's easy to locate cryptographic keys in large volumes of data (Shamir, van Someren: http://citeseer.ist.psu.edu/265947.html). This was implemented (in part by some of my

Re: RNG for Padding

2008-03-15 Thread Leichter, Jerry
| Hi, | | This may be out of the remit of the list, if so a pointer to a more | appropriate forum would be welcome. | | In Applied Crypto, the use of padding for CBC encryption is suggested | to be met by ending the data block with a 1 and then all 0s to the end | of the block size. | | Is this

Re: delegating SSL certificates

2008-03-15 Thread John Levine
Are there any options that don't involve adding a new root CA? Assuming your sites all use subdomains of your company domain, a wildcard cert for *.whatever might do the trick. It's relatively expensive, but you can use the same cert in all your servers. I would think this would be rather

Re: RNG for Padding

2008-03-15 Thread Steven M. Bellovin
On Fri, 7 Mar 2008 15:04:49 +0100 COMINT [EMAIL PROTECTED] wrote: Hi, This may be out of the remit of the list, if so a pointer to a more appropriate forum would be welcome. In Applied Crypto, the use of padding for CBC encryption is suggested to be met by ending the data block with a 1

Re: delegating SSL certificates

2008-03-15 Thread Dave Howe
[EMAIL PROTECTED] wrote: So at the company I work for, most of the internal systems have expired SSL certs, or self-signed certs. Obviously this is bad. Sorta. TLS gets along with self signed just fine though, and obviously you can choose to accept a root or unsigned cert on a per-client