Real World Exploit for Bleichenbachers Attack on SSL from Crypto'06 working

2006-09-14 Thread Erik Tews
Hi I had an idea very similar to the one Peter Gutmann had this morning. I managed to write a real world exploit which takes as input: * an CA-Certificate using 1024 Bit RSA and Exponent 3 (ca-in) * a Public Key, using an algorithm and size of your choice (key-in) and

RE: Real World Exploit for Bleichenbachers Attack on SSL fromCrypto'06 working

2006-09-15 Thread Erik Tews
Am Donnerstag, den 14.09.2006, 22:23 -0700 schrieb Tolga Acar: You need to have one zero octet after bunch of FFs and before DER encoded has blob in order to have a proper PKCS#1v1.5 signature encoding. Based on what you say below, I used this cert and my key to sign an end-entity

Re: Real World Exploit for Bleichenbachers Attack on SSL from Crypto'06 working

2006-09-15 Thread Erik Tews
Am Freitag, den 15.09.2006, 00:40 +0200 schrieb Erik Tews: I have to check some legal aspects before publishing the names of the browser which accepted this certificate and the name of the ca-certificates with exponent 3 I used in some hours, if nobody tells me not to do that. Depending

Re: Exponent 3 damage spreads...

2006-09-28 Thread Erik Tews
Am Montag, den 25.09.2006, 01:28 +0200 schrieb Philipp G├╝hring: Hi, We have been researching, which vendors were generating Exponent 3 keys, and we found the following until now: * Cisco 3000 VPN Concentrator * CSP11 * AN.ON / JAP (they told me they would change it on the next day)

Re: TPM disk crypto

2006-10-02 Thread Erik Tews
Am Sonntag, den 01.10.2006, 23:42 -0500 schrieb Travis H.: Anyone have any information on how to develop TPM software? Yes, thats easy. We created a java library for the tpm chip. You can get it at http://tpm4java.datenzone.de/ Using this lib, you need less than 10 lines

Re: TPM disk crypto

2006-10-06 Thread Erik Tews
Am Donnerstag, den 05.10.2006, 16:25 -0500 schrieb Travis H.: On 10/2/06, Erik Tews [EMAIL PROTECTED] wrote: Am Sonntag, den 01.10.2006, 23:42 -0500 schrieb Travis H.: Anyone have any information on how to develop TPM software? http://tpm4java.datenzone.de/ Using

Re: TPM disk crypto

2006-10-08 Thread Erik Tews
Am Freitag, den 06.10.2006, 17:29 -0400 schrieb Thor Lancelot Simon: On Thu, Oct 05, 2006 at 11:51:49PM +0200, Erik Tews wrote: Am Donnerstag, den 05.10.2006, 16:25 -0500 schrieb Travis H.: On 10/2/06, Erik Tews [EMAIL PROTECTED] wrote: Am Sonntag, den 01.10.2006, 23:42 -0500 schrieb

Re: A web site that believes in crypto

2007-01-13 Thread Erik Tews
Am Mittwoch, den 10.01.2007, 18:31 -0500 schrieb Steven M. Bellovin: I just stumbled on a web site that strongly believes in crypto -- *everything* on the site is protected by https. If you go there via http, you receive a Redirect. The site? www.cia.gov: http://www.trustedcomputing.org/

Re: SSL Server needs access to raw HTTP data (Request for adivce)

2007-01-14 Thread Erik Tews
Am Samstag, den 13.01.2007, 19:03 -0800 schrieb Richard Powell: I was hoping someone on this list could provide me with a link to a tool that would enable me to dump the raw HTTP data from a web request that uses SSL/HTTPS. I have full access to the server, but not to the client, and I want

Re: OT: SSL certificate chain problems

2007-01-25 Thread Erik Tews
Am Dienstag, den 23.01.2007, 20:47 -0600 schrieb Travis H.: Verify return code: 21 (unable to verify the first certificate) --- DONE I can't seem to get that certificate chain to have any contents other than what you see above, no matter what I do, and hence can't get rid of the Verify

Re: man in the middle, SSL

2007-02-03 Thread Erik Tews
Am Freitag, den 02.02.2007, 16:15 -0500 schrieb James Muir: You can find more and download Odysseus here: http://www.bindshell.net/tools/odysseus It is my understanding that SSL is engineered to resist mitm attacks, so I am suspicious of these claims. I wondered if someone more

Re: AES128-CBC Question

2007-04-19 Thread Erik Tews
Am Mittwoch, den 18.04.2007, 23:29 -0700 schrieb Aram Perez: Hi Folks, Is there any danger in using AES128-CBC with a fixed IV of all zeros? This is being proposed for a standard because that's how SD cards implemented it. That depends. What would be a valid attack on a SD-card?

Re: How the Greek cellphone network was tapped.

2007-07-06 Thread Erik Tews
Am Freitag, den 06.07.2007, 02:52 -0400 schrieb silvio: http://www.spectrum.ieee.org/print/5280 So what are the options these days (the article even mentions end-to-end encryption to make such an attack far more difficult)? Every crypto-phone offering seems to go stale and disappear after

Re: debunking snake oil

2007-09-03 Thread Erik Tews
Am Donnerstag, den 30.08.2007, 20:43 -0500 schrieb travis [EMAIL PROTECTED]: If you have a break of some scheme you wish to contribute, please do forward me a URL and I'll link to it. Sorry, german, but definitely worth reading: http://www.kryptochef.de/ signature.asc Description: Dies ist