Re: Not everyone knows about strong crypto...

2006-04-20 Thread Marcos el Ruptor
The recently arrested boss of bosses of the Sicilian Mafia, Bernardo Provenzano, wrote notes using an encryption scheme similar to the one used by Julius Caesar more than 2,000 years ago, according to a biography of Italy's most wanted man. Sicilian mafia also uses mobile phones that

Re: Status of attacks on AES?

2006-05-04 Thread Marcos el Ruptor
Aloha! Just out of curiosity I tried to Google around for recent papers on attacks against AES/Rijndael. I found the usual suspects with XLS attacks and DJBs timing attack. But what is the current status of attacks, anything new and exciting? http://defectoscopy.com/forum/viewtopic.php?t=3

Re: Status of attacks on AES?

2006-05-11 Thread Marcos el Ruptor
On Wed, 10 May 2006 10:01:57 -0600, John R. Black wrote On Thu, May 04, 2006 at 10:30:40AM -0500, Marcos el Ruptor wrote: http://defectoscopy.com/forum/viewtopic.php?t=3 Expect new attacks soon enough. I skimmed this. The start of the article says that after 3 rounds AES

Re: Status of attacks on AES?

2006-06-04 Thread Marcos el Ruptor
I skimmed this. The start of the article says that after 3 rounds AES achieves perfect diffusion?! 1. It's complete diffusion, not perfect diffusion. Perfect diffusion is a property meaning something completely different. 2. My post incorrectly stated that cryptographers believed that the AES

Re: Status of attacks on AES?

2006-06-06 Thread Marcos el Ruptor
Can you briefly explain how you determine the PRF rounds value? William Your question belongs in our forums - http://defectoscopy.com/forum/viewforum.php?f=3 where it's already being discussed. Ruptor [Moderator's note: no, actually, if you're going to mention it here, you had better be

Re: Chinese WAPI protocol?

2006-06-13 Thread Marcos el Ruptor
unpublished cryptographic algorithms. The specification is secret and confidential. It uses the SMS4 block cipher, which is secret and patented. [*] It's been declassified in January 2006. The SMS4 cipher specification - http://www.oscca.gov.cn/UpFile/200621016423197990.pdf Ruptor

Re: Chinese WAPI protocol?

2006-06-13 Thread Marcos el Ruptor
unpublished cryptographic algorithms. The specification is secret and confidential. It uses the SMS4 block cipher, which is secret and patented. [*]

Re: Crypto to defend chip IP: snake oil or good idea?

2006-08-03 Thread Marcos el Ruptor
You can use cryptography to protect IP and to prevent cloning of microchips even if they get reverse-engineered, but the cipher would have to possess special properties similar to those of VEST ciphers (see http://www.ecrypt.eu.org/stream/vestp2.html), like support family keying to make every

Re: skype not so anonymous...

2006-09-04 Thread Marcos el Ruptor
One thing is possible with Skype: any user can easily obtain any other user's IP address (actually both internal and external IPs). Those users don't even need to be on his contact list. Of course one would need cracking tools or a decrypted patched Skype executable with all the 288 integrity

Re: handling weak keys using random selection and CSPRNGs

2006-10-16 Thread Marcos el Ruptor
Now, you said compressed files and you might not have meant pictures, but note that L-Z style compressed files don't really have much in the way of headers. If the headers were a problem, you'd expect longer files to bury any deviation in the noise, but it doesn't. The longer the files I test the

Re: Can you keep a secret? This encrypted drive can...

2006-12-04 Thread Marcos el Ruptor
Compared to AES-128, AES-256 is 140% of the rounds to encrypt 200% as much data. So when implemented in hardware, AES-256 is substantially faster. Excuse me, AES-256 has the same block size as AES-128, that is 128 bits. It's in fact slower, not faster, and in hardware it also occupies a

Re: debunking snake oil

2007-09-01 Thread Marcos el Ruptor
I'd like to start with the really simple stuff; classical cryptography, systems with clean and obvious breaks. You can start with RSA SecurID, Texas Instruments DST40, Microchip Technologies KeeLoq, Philips/NXP Hitag2, WEP RC4, Bluetooth E0, GSM A5... It's much harder to find a product or

Re: debunking snake oil

2007-09-02 Thread Marcos el Ruptor
I didn't realise the current SecurID tokens had been broken. A quick Google doesn't show anything, but I'm probably using the wrong terms. Do you have references for this that I could have a look at? http://eprint.iacr.org/2003/162.pdf This attack may not be as practical as an algebraic

Re: Philips/NXP/Mifare CRYPTO1 mostly reverse-engineered

2008-01-02 Thread Marcos el Ruptor
The 48-bit Philips Hitag2 algorithm has been completely reverse- engineered a long time ago: http://cryptolib.com/ciphers/hitag2/ Ruptor - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to

Re: OpenSparc -- the open source chip (except for the crypto parts)

2008-05-04 Thread Marcos el Ruptor
vulnerabilities should be enough of a proof of that. Best regards, Marcos el Ruptor http://www.enrupt.com/ - Raising the bar. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: survey of instant messaging privacy

2008-06-10 Thread Marcos el Ruptor
obfuscation algorithms was to have a US company pay $4bln for it... Well done! Marcos el Ruptor http://www.enrupt.com/ - Raising the bar. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography

Re: skype claims they have no technical means to assist wiretapping

2008-06-10 Thread Marcos el Ruptor
with such requests. They just either won't or just won't tell us. Best regards, Marcos el Ruptor http://www.enrupt.com/ - Raising the bar [and disabling Skype SuperNode]. - The Cryptography Mailing List Unsubscribe by sending unsubscribe

Re: Ransomware

2008-06-11 Thread Marcos el Ruptor
files with the same first 16 bytes (roughly 1/256 of them), the keystream will match. No cryptography to implement, only XOR. Good luck! Best regards, Marcos el Ruptor http://www.enrupt.com/ - Raising the bar

Re: Ransomware

2008-06-12 Thread Marcos el Ruptor
want a disarmed harmless one to play with, I can e- mail you my decrypted and patched up variant. Marcos el Ruptor http://www.enrupt.com/ - Raising the bar. - The Cryptography Mailing List Unsubscribe by sending unsubscribe