Re: RSA signatures without padding

2005-06-20 Thread James Muir
There is an attack against this type of RSA signature scheme, although cannot remember just now if it requires that the verfication exponent be small (ie. e=3). The attack I am trying to recall is a chosen-message attack and its efficiency is related to the probability that a random 128-bit

Re: RSA signatures without padding

2005-06-20 Thread James Muir
Taral wrote: On 6/20/05, James Muir [EMAIL PROTECTED] wrote: The attack I am trying to recall is a chosen-message attack and its efficiency is related to the probability that a random 128-bit integer can be factorized over a small set of primes (ie. the prob that a uniformily selected 128-bit

Re: Symmetric ciphers as hash functions

2005-10-31 Thread James Muir
Tom Shrimpton (http://www.cs.pdx.edu/~teshrim/) does research in this area (ie. using block ciphers to build hash functions). See the papers on his web site; in particular: Black-Box Analysis of the Block-Cipher-Based Hash-Function Constructions from PGV [pdf] [ps] John Black, Phillip

Re: webcam encryption beats quasar encryption

2006-03-30 Thread James Muir
bits generated by an orbiting satellite. Quasar encryption is likely impractical, but there could be more to it than you think. However, I did think web cam encryption was funny. :-) -James -- James Muir, [EMAIL PROTECTED] School of Computer Science, Carleton University http

Re: the meaning of linearity, was Re: picking a hash function to be encrypted

2006-05-15 Thread James Muir
Travis H. wrote: - Stream ciphers (additive) This reminds me, when people talk about linearity with regard to a function, for example CRCs, exactly what sense of the word do they mean? I can understand f(x) = ax + b being linear, but how exactly does XOR get involved, and are there +-linear

Re: Selective disclosure

2007-05-07 Thread James Muir
I think the first people to consider i can find Waldo proofs were Naor, Naor Reingold. You might want to add a reference to their paper Applied Kid Cryptography in your write-up: http://www.wisdom.weizmann.ac.il/~naor/PAPERS/waldo_abs.html -James Ben Laurie wrote: I recently wrote a

stickers can deter car theft

2007-05-26 Thread James Muir
I thought this was an interesting security-related story: http://www.cbc.ca/canada/nova-scotia/story/2007/05/25/decal-car.html quoting from the article: The black-and-yellow sticker, which only costs a loonie, is an invitation for police to pull over your vehicle if it's on the road after 1

Re: fyi: Adi Shamir's microprocessor bug attack

2007-11-21 Thread James Muir
' =JeffH ' wrote: From: John Young [EMAIL PROTECTED] Subject: Adi Shamir's microprocessor bug attack To: [EMAIL PROTECTED] Date: Sat, 17 Nov 2007 09:50:31 -0500 (GMT-05:00) Adi Shamir's note on a microprocessor bug attack on public key cryptography featured in the NY Times today:

Re: fyi: Adi Shamir's microprocessor bug attack

2007-11-28 Thread James Muir
James A. Donald wrote: James Muir wrote: Can anyone think of a deployed implementation of RSA signatures that would be vulnerable to the attack Shamir mentions? Hashing and message blinding would seem to thwart it. As I said, public key encryption has long been known to be weak against

Re: Estimated 10 million dollars lost in parking meter fraud

2008-04-22 Thread James Muir
michael taylor wrote: http://www.torontosun.com/News/TorontoAndGTA/2008/04/18/5320936-sun.html The city is playing a $10M game of catchup to stymie thieves using bogus credit cards to get free parking An assuming read. The article mentions the Europark Card; you buy it online for $15 (the

Re: A call for aid in cracking a 1024-bit malware key

2008-06-09 Thread James Muir
Steven M. Bellovin wrote: According to http://www.computerworld.com/action/article.do?command=viewArticleBasicarticleId=9094818intsrc=hm_list%3E%20articleId=9094818intsrc=hm_list some new malware is encrypting files with a 1024-bit RSA key. Victims are asked to pay a random to get their files

Re: Ransomware

2008-06-12 Thread James Muir
Marcos el Ruptor wrote: I've just looked at the virus. Just curious -- where were you able to download the virus from? -James - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL

Re: Cube cryptanalysis?

2008-09-22 Thread James Muir
Paul Hoffman wrote: At 11:08 AM -0700 8/21/08, Greg Rose wrote: Adi mentioned that the slides and paper will go online around the deadline for Eurocrypt submission; it will all become much clearer than my wounded explanations then. There now: http://eprint.iacr.org/2008/385 I just noticed

Re: Cube cryptanalysis?

2008-10-24 Thread James Muir
Paul Hoffman wrote: At 11:08 AM -0700 8/21/08, Greg Rose wrote: Adi mentioned that the slides and paper will go online around the deadline for Eurocrypt submission; it will all become much clearer than my wounded explanations then. There now: http://eprint.iacr.org/2008/385 Given all the

Re: Cube cryptanalysis?

2008-10-25 Thread James Muir
Paul Hoffman wrote: At 11:08 AM -0700 8/21/08, Greg Rose wrote: Adi mentioned that the slides and paper will go online around the deadline for Eurocrypt submission; it will all become much clearer than my wounded explanations then. There now: http://eprint.iacr.org/2008/385 Given all the

no warrant required

2009-02-13 Thread James Muir
From today's (13 Feb 2009) National Post: http://www.nationalpost.com/news/story.html?id=1283120 excerpt: An Ontario Superior Court ruling could open the door to police routinely using Internet Protocol addresses to find out the names of people online, without any need for a search warrant.

Re: consulting question....

2009-05-27 Thread James Muir
Ray Dillinger wrote: Does anyone feel that I have said anything untrue? Can anyone point me at good information uses I can use to help prove the case to a bunch of skeptics who are considering throwing away their hard-earned money on a scheme that, in light of security experience, seems

Re: white-box crypto Was: consulting question....

2009-05-29 Thread James Muir
Alexander Klimov wrote: On Tue, 26 May 2009, James Muir wrote: There is some academic work on how to protect crypto in software from reverse engineering. Look-up white-box cryptography. Disclosure: the company I work for does white-box crypto. Could you explain what is the point of white

Re: padding attack vs. PKCS7

2009-06-14 Thread James Muir
travis+ml-cryptogra...@subspacefield.org wrote: http://www.matasano.com/log/1749/typing-the-letters-a-e-s-into-your-code-youre-doing-it-wrong/ Towards the end of this rather offbeat blog post they describe a rather clever attack which is possible when the application provides error messages

Re: 1024 bit RSA cracked?

2010-03-17 Thread James Muir
The RSA algorithm gives security under the assumption that as long as the private key is private, you can't break in unless you guess it. We've shown that that's not true, said Valeria Bertacco, an associate professor in the Department of Electrical Engineering and Computer Science, in a

copy of On the generation of DSS one-time keys?

2010-03-25 Thread James Muir
Daniel Bleichenbacher presented an implementation attack against DSA in 2001 titled On the generation of DSS one-time keys. I think it made the rounds as a preprint, but I don't know if it was ever officially published. It's cited frequently (e.g. in the SEC1 doc