Re: Quantum crypto, from BBC

2003-06-07 Thread Perry E. Metzger
Udhay Shankar N [EMAIL PROTECTED] writes: I haven't seen this discussed here yet. Is there something to this? Quantum Cryptography is a really expensive way to provide link encryption that is perhaps marginally better in some theoretical sense to simply using, say, AES link encryption boxes at

Re: Announcing httpsy://, a YURL scheme

2003-07-14 Thread Perry E. Metzger
Tyler Close [EMAIL PROTECTED] writes: I have demonstrated the theory behind YURLs by providing an implementation, the Waterken Browser, and by explaining how two other widely used systems implement the theory. Having an implementation demonstrates nothing whatsoever about security -- many

Re: Announcing httpsy://, a YURL scheme

2003-07-14 Thread Perry E. Metzger
Tyler Close [EMAIL PROTECTED] writes: On Monday 14 July 2003 20:04, Perry E. Metzger wrote: Tyler Close [EMAIL PROTECTED] writes: I have demonstrated the theory behind YURLs by providing an implementation, the Waterken Browser, and by explaining how two other widely used systems

Re: Announcing httpsy://, a YURL scheme

2003-07-15 Thread Perry E. Metzger
by eye. It is a neat idea, and certainly instructive, but I don't know that I particularly love it. The YURL idea seems to suffer from most of the same flaws. -- Perry E. Metzger[EMAIL PROTECTED

Re: Announcing httpsy://, a YURL scheme

2003-07-16 Thread Perry E. Metzger
Ian Grigg [EMAIL PROTECTED] writes: Perry E. Metzger wrote: 1) The YURL makes key management and replacement effectively impossible. Well, I would have said it suggests a different method. Instead of regimented, hierarchical and fixed key management - an idea of poor track

cryptographic ergodic sequence generators?

2003-09-06 Thread Perry E. Metzger
For making things like IP fragmentation ids and other similar protocol elements unpredictable, it would be useful to have what I'll call a cryptographic ergodic sequence generator -- that is, a generator that will produce a sequence of n bit numbers such that there are no repeats until you pass

Cyrillic Projector cracked.

2003-09-22 Thread Perry E. Metzger
Headquarters. http://www.elonka.com/kryptos/CyrillicProjectorAnnouncement.html -- Perry E. Metzger[EMAIL PROTECTED] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL

Re: Monoculture

2003-09-30 Thread Perry E. Metzger
Richard Schroeppel [EMAIL PROTECTED] writes: (Responding to the chorus of protocol professionals saying please do not roll your own) I imagine the Plumbers Electricians Union must have used similar arguments to enclose the business to themselves, and keep out unlicensed newcomers. No longer

Re: Monoculture

2003-10-01 Thread Perry E. Metzger
. The alternatives aren't any simpler or easier, and are almost always dangerous. There isn't a guild. People just finally realize what is needed in order to make critical -- and I do mean critical -- pieces of infrastructure safe enough for use. -- Perry E. Metzger[EMAIL PROTECTED

Re: Monoculture

2003-10-01 Thread Perry E. Metzger
Ian Grigg [EMAIL PROTECTED] writes: Perry E. Metzger wrote: ... Dumb cryptography kills people. What's your threat model? Or, that's your threat model? Applying the above threat model as written up in The Codebreakers to, for example, SSL and its original credit card nreeds would

Re: Monoculture

2003-10-01 Thread Perry E. Metzger
will help you make your system far more secure than it would otherwise be. -- Perry E. Metzger[EMAIL PROTECTED] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: Monoculture

2003-10-01 Thread Perry E. Metzger
Ronald L. Rivest [EMAIL PROTECTED] writes: What is aperture minimization? That's a new term for me... Never heard of it before. Google has never seen it either... (Perhaps others on the list would be curious as well...) I'm sure you have heard of it, just under other names. The term

Re: Monoculture

2003-10-02 Thread Perry E. Metzger
Simon Josefsson [EMAIL PROTECTED] writes: Several people have now suggested using TLS, but nobody seem to also refute the arguments made earlier against building VPNs over TCP, in http://sites.inka.de/~bigred/devel/tcp-tcp.html. Well, I agree, the most reasonable thing to do is to use ipsec,

Re: NCipher Takes Hardware Security To Network Level

2003-10-07 Thread Perry E. Metzger
I was asked by someone to anonymously forward the following reply to Joshua Hill to the list. (Second time in a week, and on the same topic!) If you reply, please don't put my name in the reply -- this isn't my comment. --

Re: Open Source (was Simple SSL/TLS - Some Questions)

2003-10-09 Thread Perry E. Metzger
Peter Clay [EMAIL PROTECTED] writes: Having spent much of the past few weeks trying to sort out a workable VPN solution, I think this is a good but doomed idea. http://vpn.ebootis.de/ has the best free windows IPsec configuration tool I've found, but that doesn't help. Why? Because IPsec

Re: Open Source (was Simple SSL/TLS - Some Questions)

2003-10-12 Thread Perry E. Metzger
[Moderator's note: Forwarded anonymously at the sender's request, so if you reply to this, please cut my name out of it, it isn't my message --Perry] -- Perry, please forward anonymously. On Friday, Oct 10, 2003, at 22:48

Re: SSL, client certs, and MITM (was WYTM?)

2003-10-22 Thread Perry E. Metzger
is not TLS, and TLS's properties are not those of X.509. -- Perry E. Metzger[EMAIL PROTECTED] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: SSL, client certs, and MITM (was WYTM?)

2003-10-22 Thread Perry E. Metzger
is that it is a good idea to be conservative. Ditto. -- Perry E. Metzger[EMAIL PROTECTED] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: SSL, client certs, and MITM (was WYTM?)

2003-10-22 Thread Perry E. Metzger
Ian Grigg [EMAIL PROTECTED] writes: In threat analysis, you base your assessment on economics of what is reasonable to protect. It is perfectly valid to decline to protect against a possible threat, if the cost thereof is too high, as compared against the benefits. The cost of MITM

TLS, costs, and threat models

2003-10-22 Thread Perry E. Metzger
We've heard a bit recently from certain parties, especially Ian Grigg, claiming that one should use a cost/benefit analysis before using TLS. The claim seems to be that it provides more protection than one really needs. However, there are many perfectly free (in both senses) TLS implementations,

Re: SSL, client certs, and MITM (was WYTM?)

2003-10-22 Thread Perry E. Metzger
Ian Grigg [EMAIL PROTECTED] writes: Perry E. Metzger wrote: The cost of MITM protection is, in practice, zero. Not true! The cost is from 10 million dollars to 100 million dollars per annum. Those certs cost money, Perry! They cost nothing at all. I use certs every day that I've

Re: A-B-a-b encryption

2003-11-17 Thread Perry E . Metzger
martin f krafft [EMAIL PROTECTED] writes: it came up lately in a discussion, and I couldn't put a name to it: a means to use symmetric crypto without exchanging keys: - Alice encrypts M with key A and sends it to Bob - Bob encrypts A(M) with key B and sends it to Alice - Alice

ADMIN: end of the UCE discussion

2003-11-24 Thread Perry E . Metzger
I allowed through a couple of messages on UCE from The Usual Suspects, partially because they discussed things like anonymous remailers etc., but unless something very interesting comes through I'd like to end this here, given that we're not really the right list for the discussion. Perry

ADMIN: apologies -- testing

2003-11-28 Thread Perry E . Metzger
We're having some trouble with a subtle bug on one of our mail delivery machines for cryptography, which appears to have slowed down delivery of the list recently. I unfortunately may have to send out a couple of test messages to the list, like this one, so we can trace the problem completely.

ADMIN: no more UCE discussion

2003-12-11 Thread Perry E . Metzger
: address (which I do every day) etc. are not really on topic. -- Perry E. Metzger[EMAIL PROTECTED] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Quantum Crypto

2003-12-18 Thread Perry E . Metzger
There have been more press releases about quantum crypto products lately. I will summarize my opinion simply -- even if they can do what is advertised, they aren't very useful. They only provide link security, and at extremely high cost. You can easily just run AES+HMAC on all the bits crossing

Re: Quantum Crypto

2003-12-20 Thread Perry E . Metzger
John Lowry [EMAIL PROTECTED] writes: Perry is absolutely right. There is no point in pursuing this. It might even be analogous to what we now know about computers. We were warned that there would never be a need for more than A half-dozen - after all, they were extremely expensive just to

why penny black etc. are not very useful

2003-12-30 Thread Perry E. Metzger
In my opinion, the various hashcash-to-stop-spam style schemes are not very useful, because spammers now routinely use automation to break into vast numbers of home computers and use them to send their spam. They're not paying for CPU time or other resources, so they won't care if it takes more

fun with CRLs!

2004-01-09 Thread Perry E. Metzger
very slow to start). Hope this helps a few people, and if you have other apps with problems, please post about them below. -- Perry E. Metzger[EMAIL PROTECTED] - The Cryptography Mailing List Unsubscribe

ADMIN: the list...

2004-03-31 Thread Perry E. Metzger
No, I'm not dead, I've just been extremely delinquent in moderating the list. I should be sending out the queued messages that are still relevant over the next few days, and then we'll be back to normal. Perry - The

voting

2004-04-07 Thread Perry E. Metzger
to guard. -- Perry E. Metzger[EMAIL PROTECTED] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

voting, KISS, etc.

2004-04-09 Thread Perry E. Metzger
-- it will make everyone a lot safer. -- Perry E. Metzger[EMAIL PROTECTED] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

my periodic rant on quantum crypto

2004-04-12 Thread Perry E. Metzger
/. is running yet another story on quantum cryptography today, with the usual breathless hype: http://science.slashdot.org/article.pl?sid=04/04/12/133623 I'm especially unimpressed with the Does this spell the end of the field of cryptography? comment. For those who don't know much about what

acoustic cryptanalysis

2004-05-08 Thread Perry E. Metzger
Adi Shamir Eran Tromer find you can literally listen in on your computer doing RSA computations: http://www.wisdom.weizmann.ac.il/~tromer/acoustic/ -- Perry E. Metzger[EMAIL PROTECTED] - The Cryptography

ADMIN: sad but needed anti-spam measures being implemented

2004-05-26 Thread Perry E. Metzger
Moderator's Note: One of the main delays I have in moderating the list has been the massive increase in spam that has happened in the last six months. I have had to wade through first two or three spams per real list message, and then five or ten, and finally one hundred or more. Most days, I

ADMIN: subscribers only posting

2004-05-26 Thread Perry E. Metzger
Moderator's Note: As of now, if you want to be able to send a message to the list, you have to be a subscriber. Otherwise, the message will bounce at the SMTP transaction with my mail server. The old fashioned method of forwarding non-member posts to the moderator (me) for approval was swamping

Re: Satellite eavesdropping of 802.11b traffic

2004-05-28 Thread Perry E. Metzger
Trei, Peter [EMAIL PROTECTED] writes: I suspect that eavesdropping on 802.11b/g from orbit is pretty hard. The power levels are very low, and there may be several nets running on the same channel within a satellites' antenna footprint. As I mentioned, phased arrays are very good at

The secret code is 00000000

2004-05-29 Thread Perry E. Metzger
This article claims the code for the permissive action links on many US nuclear weapons in the 1960s was well known to be . http://www.cdi.org/blair/permissive-action-links.cfm -- Perry E. Metzger[EMAIL PROTECTED

Colossus reconstruction at Bletchley Park is finished.

2004-06-01 Thread Perry E. Metzger
technology staff Colossus Mk2, a wartime code-breaker hailed as one of the first electronic computers, has been rebuilt and reunited with Bletchley Park veterans. http://news.bbc.co.uk/1/hi/technology/3754887.stm -- Perry E. Metzger[EMAIL PROTECTED

Chalabi Reportedly Told Iran That U.S. Had Code

2004-06-02 Thread Perry E. Metzger
The New York Times reports: Chalabi Reportedly Told Iran That U.S. Had Code June 2, 2004 By JAMES RISEN and DAVID JOHNSTON Ahmad Chalabi told an Iranian official that the U.S. had broken the communications code of Iran's intelligence service.

SMTP over TLS

2004-06-02 Thread Perry E. Metzger
useful for making sure your mail is actually secure, but I think it is a valuable thing to turn on as much as one can, if only to reduce casual eavesdropping. It certainly can't stop (for the most part) concerted attacks, but I don't think most people view it as being useful for that. -- Perry E

Article on passwords in Wired News

2004-06-02 Thread Perry E. Metzger
card when she's about to run out. http://www.wired.com/news/infostructure/0,1377,63670,00.html -- Perry E. Metzger[EMAIL PROTECTED] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography

Re: Article on passwords in Wired News

2004-06-02 Thread Perry E. Metzger
FYI, /. has posted a story on this, but, true to form, they confuse one time passwords with one time pads. Perry - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

PORTIA Workshop on Sensitive Data (fwd)

2004-06-04 Thread Perry E. Metzger
From: [EMAIL PROTECTED] Subject: PORTIA Workshop on Sensitive Data (fwd) If you think that [EMAIL PROTECTED] would be interested in the enclosed, please forward it. Sincerely, Joan FEigenbaum -- Forwarded message -- Date: Fri, 4 Jun 2004 06:54:33 -0400 (EDT) From: Joan

New James Bamford book

2004-06-04 Thread Perry E. Metzger
James Bamford, of The Puzzle Palace and Body of Secrets fame, has written a new book called A Pretext for War. Has anyone out there read it yet? If so, does it have any interesting new NSA or other general SIGINT related content? Perry

W Post: US gets 126,000,000 intelligence intercepts a day?

2004-06-08 Thread Perry E. Metzger
[Forwarded on John's behalf...] To: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: W Post: US gets 126,000,000 intelligence intercepts a day? Date: Wed, 02 Jun 2004 21:39:36 -0700 From: John Gilmore [EMAIL PROTECTED] The government receives 126 million intelligence intercepts a day. I've

Claimed proof of the Riemann Hypothesis released

2004-06-09 Thread Perry E. Metzger
/ Actual practical impact on cryptography? Likely zero, even if it turns out the proof is correct (which of course we don't know yet), but it still is neat for math geeks. -- Perry E. Metzger[EMAIL PROTECTED

BBC story on Iran codes

2004-06-19 Thread Perry E. Metzger
://news.bbc.co.uk/1/hi/technology/3804895.stm No real new info, but some good background. Several familiar names, such as Ross Anderson, are interviewed. [Note: I found out about the article from Eric Rescorla's blog.] -- Perry E. Metzger[EMAIL PROTECTED

md5 cracking for short texts

2004-07-04 Thread Perry E. Metzger
These folks have a service that will find the text that hashed to an MD5 if the text is less than or equal to 8 characters in length and matches [0-9a-z]+ http://passcracking.com/ -- Perry E. Metzger[EMAIL PROTECTED

PORTIA workshop on sensitive data, July 8-9, 2004, Stanford Univ.

2004-07-08 Thread Perry E. Metzger
Date: Mon, 5 Jul 2004 13:29:39 -0400 (EDT) From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: PORTIA workshop on sensitive data, July 8-9, 2004, Stanford Univ. The final workshop program is available at http://crypto.stanford.edu/portia/workshops/2004_7_prog.html Some potential

Re: EZ Pass and the fast lane ....

2004-07-10 Thread Perry E. Metzger
, and who are also unlikely to be willing to pay more money to gain privacy, I think the implementation of such tags is unlikely. -- Perry E. Metzger[EMAIL PROTECTED] - The Cryptography Mailing List Unsubscribe

crypto '04 rump webcast

2004-08-17 Thread Perry E. Metzger
I've been watching the webcast. The team that did the md4/md5/haval-128/ripemd attacks just presented, and although it was interesting it included precious few details of the attack beyond the fact that it was a twist on differential cryptanalysis. Is there any more information available at this

SHA-1 status, plus request for explanation...

2004-08-18 Thread Perry E. Metzger
and Yu in simpler terms for those of us who find the extant documentation incomprehensible? -- Perry E. Metzger[EMAIL PROTECTED] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography

Article on Echelon on Techworld...

2004-10-21 Thread Perry E. Metzger
I saw this on /.: http://www.techworld.com/storage/news/index.cfm?NewsID=2430 -- Perry E. Metzger[EMAIL PROTECTED] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL

Re: Are new passports [an] identity-theft risk?

2004-10-22 Thread Perry E. Metzger
Ian Grigg [EMAIL PROTECTED] writes: R.A. Hettinga wrote: http://worldnetdaily.com/news/printer-friendly.asp?ARTICLE_ID=41030 An engineer and RFID expert with Intel claims there is little danger of unauthorized people reading the new passports. Roy Want told the newssite: It is actually

US deploys anti-satelite equipment

2004-11-01 Thread Perry E. Metzger
WASHINGTON (Reuters) -- The U.S. Air Force quietly has put into service a new weapon designed to jam enemy satellite communications, a significant step toward U.S. control of space. http://www.cnn.com/2004/TECH/space/11/01/satellite.jamming.reut/index.html Perry

feel free to capture keystrokes at will

2004-11-23 Thread Perry E. Metzger
://www.securityfocus.com/news/9978 -- Perry E. Metzger[EMAIL PROTECTED] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

More on serial numbers in color printing

2004-11-23 Thread Perry E. Metzger
Another article on serial numbers embedded in the output of color printers and copiers: http://story.news.yahoo.com/news?tmpl=storycid=1093e=4u=/pcworld/20041122/tc_pcworld/118664 - The Cryptography Mailing List Unsubscribe by

Fyodor of Nmap regularly gets FBI subpoenas.

2004-11-23 Thread Perry E. Metzger
Just got this in email -- I thought it might be of interest to the readership. Perry Date: Tue, 23 Nov 2004 17:41:49 -0800 From: Fyodor [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: FBI Subpoenas Message-ID: [EMAIL PROTECTED] Dear Nmap hackers, Let me first wish you Americans a happy

export regulations updated

2004-12-09 Thread Perry E. Metzger
Cryptome just published some updates to the crypto export regulations: http://cryptome.org/bis120904.txt Perry - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: comments wanted on gbde

2005-03-13 Thread Perry E. Metzger
Charlie asked me to forward this. From: Charlie Kaufman [EMAIL PROTECTED] Sent: Tuesday, March 08, 2005 12:46 PM To: cryptography@metzdowd.com Subject: Re: comments wanted on gbde Steve Bellovin writes: A discussion -- I'll be polite and call it that -- has erupted on some mailing lists about

Please forward to cryptography@ list.

2005-03-13 Thread Perry E. Metzger
Forwarded at PHK's request. To: Perry E. Metzger [EMAIL PROTECTED] Subject: Please forward to cryptography@ list. From: Poul-Henning Kamp [EMAIL PROTECTED] Date: Tue, 08 Mar 2005 14:29:20 +0100 I have read the comments on gbde in the archive of the cryptography@ list and I would like to attach

[ADMIN] multi-moderator software?

2005-05-20 Thread Perry E. Metzger
Your humble moderator asks... Does anyone know of a mailing list system that handles having multiple, rotating moderators cleanly? I'd like to avoid many-week delays like the one I've just caused. Perry - The Cryptography

DES FIPS is finally withdrawn.

2005-05-20 Thread Perry E. Metzger
At long last, the DES FIPSes are withdrawn: http://cryptome.org/nist051905.txt Perry - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Traffic Analysis in the New York Times

2005-05-23 Thread Perry E. Metzger
Sunday's New York Times Week in Review section had an interesting article on traffic analysis, although the term doesn't appear once in the entire article. A large corpus of Enron internal electronic mail was made available some time ago, and apparently a number of groups have been using it to

Re: SSL stops credit card sniffing is a correlation/causality myth

2005-05-31 Thread Perry E. Metzger
for the obvious reasons You are wrong there again. Where are you getting your information from? Whomever your informant is, they're not giving you accurate information. -- Perry E. Metzger[EMAIL PROTECTED

Re: SSL stops credit card sniffing is a correlation/causality myth

2005-05-31 Thread Perry E. Metzger
, and that human error is extremely pervasive. I've yet to sit in a conference room and think oh, if I only had more statistical data, but I've frequently been frustrated by gross incompetence. -- Perry E. Metzger[EMAIL PROTECTED

Re: SSL stops credit card sniffing is a correlation/causality myth

2005-06-01 Thread Perry E. Metzger
Daniel Carosone [EMAIL PROTECTED] writes: On Tue, May 31, 2005 at 06:43:56PM -0400, Perry E. Metzger wrote: So we need to see a Choicepoint for listening and sniffing and so forth. No, we really don't. Perhaps we do - not so much as a source of hard statistical data, but as a source

Bluetooth cracked further

2005-06-03 Thread Perry E. Metzger
than 0.3 sec on an old Pentium III 450MHz computer, and in 0.06 sec on a Pentium IV 3Ghz HT computer. -- Perry E. Metzger[EMAIL PROTECTED] - The Cryptography Mailing List Unsubscribe by sending unsubscribe

Re: Bluetooth cracked further

2005-06-03 Thread Perry E. Metzger
Matt Crawford [EMAIL PROTECTED] writes: On Jun 3, 2005, at 11:55, Perry E. Metzger wrote: 2) They also have a way of forcing pairing to happen, by impersonating one of the devices and saying oops! I need to pair again! to the other. Do the devices then pair again without user

Re: AmEx unprotected login site

2005-06-08 Thread Perry E. Metzger
level decision to screw their users, so much the worse. -- Perry E. Metzger[EMAIL PROTECTED] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: encrypted tapes

2005-06-08 Thread Perry E. Metzger
Ben Laurie [EMAIL PROTECTED] writes: Perry E. Metzger wrote: Have a look, for example, at http://www.americanexpress.com/ which encourages users to type in their credentials, in the clear, into a form that came from lord knows where and sends the information lord knows where. Spoof the site

Re: encrypted tapes

2005-06-08 Thread Perry E. Metzger
james hughes [EMAIL PROTECTED] writes: There are large institution with 1000s of tape drives and 1,000,000 or more cartridges. Even simple solutions are huge to implement. This is a non-trivial matter. The technical solutions are possible, there are vendors out there that are already doing

Re: encrypted tapes

2005-06-08 Thread Perry E. Metzger
[EMAIL PROTECTED] writes: One thing that irritates me is that most security audits (that verify compliance with regulations) are done by accountants. No disrespect for accountants here, they are smart people, but most of them lack the security knowledge needed to really help with the

Re: AmEx unprotected login site

2005-06-08 Thread Perry E. Metzger
Jerrold Leichter [EMAIL PROTECTED] writes: If you look at their site now, they *claim* to have fixed it: The login box has a little lock symbol on it. Click on that, and you get a pop-up window discussing the security of the page. It says that although the page itself isn't protected,

Re: AmEx unprotected login site

2005-06-08 Thread Perry E. Metzger
Steven M. Bellovin [EMAIL PROTECTED] writes: They're still doing the wrong thing. Unless the page was transmitted to you securely, you have no way to trust that your username and password are going to them and not to someone who cleverly sent you an altered version of the page. They're doing

Re: encrypted tapes

2005-06-08 Thread Perry E. Metzger
Dan Kaminsky [EMAIL PROTECTED] writes: 2) The cost in question is so small as to be unmeasurable. Yes, because key management is easy or free. In this case it is. As I've said, even having all your tapes for six months at a time use the same key is better than putting the tapes in the clear.

Re: AmEx unprotected login site

2005-06-09 Thread Perry E. Metzger
R. Hirschfeld [EMAIL PROTECTED] writes: From: Perry E. Metzger [EMAIL PROTECTED] Date: Wed, 08 Jun 2005 19:01:37 -0400 The other major offender are organizations (such as portions of Verizon) that subcontract payment systems to third parties. They are training their users to expect

Re: AmEx unprotected login site

2005-06-09 Thread Perry E. Metzger
Ben Laurie [EMAIL PROTECTED] writes: Perry E. Metzger wrote: Steven M. Bellovin [EMAIL PROTECTED] writes: They're still doing the wrong thing. Unless the page was transmitted to you securely, you have no way to trust that your username and password are going to them and not to someone who

NIST Public Workshop on Cryptographic Hashes

2005-06-15 Thread Perry E. Metzger
of other NIST-approved hash algorithms, and discuss possible near- and long-term options. The workshop will be held on October 31 and November 1, 2005, from 9 a.m. to 5:30 p.m. -- Perry E. Metzger[EMAIL PROTECTED

US DoJ wants ISPs to be forced to log their customers activities

2005-06-17 Thread Perry E. Metzger
Quoting: The U.S. Department of Justice is quietly shopping around the explosive idea of requiring Internet service providers to retain records of their customers' online activities. http://news.com.com/Your+ISP+as+Net+watchdog/2100-1028_3-5748649.html -- Perry E. Metzger

Re: AES cache timing attack

2005-06-20 Thread Perry E. Metzger
[EMAIL PROTECTED] (Peter Gutmann) writes: [EMAIL PROTECTED] (Hal Finney) writes: Steven M. Bellovin writes: Dan Bernstein has a new cache timing attack on AES: http://cr.yp.to/antiforgery/cachetiming-20050414.pdf This is a pretty alarming attack. It is? Recovering a key from a

Re: AES cache timing attack

2005-06-22 Thread Perry E. Metzger
Jerrold Leichter [EMAIL PROTECTED] writes: Usage in first of these may be subject to Bernstein's attack. It's much harder to see how one could attack a session key in a properly implemented system the same way. You would have to inject a message into the ongoing session. I gave an

Some companies are just asking for it.

2005-06-23 Thread Perry E. Metzger
My girlfriend just got an (apparently legitimate from what I can tell) HTML email from her credit card company, complete with lots of lovely images and an exhortation to sign up for their new secure online ShopSafe service that apparently generates one time credit card numbers on the fly. Here's

Re: Some companies are just asking for it.

2005-06-23 Thread Perry E. Metzger
John Levine [EMAIL PROTECTED] writes: On the other hand, MBNA's mail practices would be laughable if they weren't entirely in line with every other bank in the country. The fact that others do laughable things doesn't make their practices any less laughable. Stupid things remain stupid no

Re: Some companies are just asking for it.

2005-06-24 Thread Perry E. Metzger
Perry E. Metzger [EMAIL PROTECTED] writes: Oh, and what companies are involved? The card is Fidelity branded, but it is really an MBNA production, with online marketing and card servicing (like this piece) being done by Individualized BankCard Services. One would think that everyone

[Forwarded] RealID: How to become an unperson.

2005-07-05 Thread Perry E. Metzger
I'm forwarding this article, originally from the Cypherpunks mailing list (I saw it on Dave Farber's Interesting People) because I find the security implications important. HOWEVER, I'm warning in advance that I'm not going to forward a lot of followups, especially if they are unoriginal and/or

Time-Memory-Key tradeoff attacks?

2005-07-05 Thread Perry E. Metzger
-memory-data tradeoff which results in a new tradeoff curve. By the way, much thanks to Eric Rescorla for pointing this out to me. Perry -- Perry E. Metzger[EMAIL PROTECTED] - The Cryptography Mailing List

Private info for sale in Moscow kiosks...

2005-07-06 Thread Perry E. Metzger
, telephone numbers, descriptions of vehicles, and vehicle identification (VIN) numbers for every driver in Moscow. -- Perry E. Metzger[EMAIL PROTECTED] - The Cryptography Mailing List Unsubscribe by sending

Re: [Forwarded] RealID: How to become an unperson.

2005-07-07 Thread Perry E. Metzger
[EMAIL PROTECTED] writes: But nevertheless, I do not understand why americans are so afraid of an ID card. Perhaps I can explain why I am. I do not trust governments. I've inherited this perspective. My grandfather sent his children abroad from Speyer in Germany just after the ascension of

Why Blockbuster looks at your ID.

2005-07-08 Thread Perry E. Metzger
Dirk-Willem van Gulik [EMAIL PROTECTED] writes: And you may have then noticed the interesting effect; in Germany we have mandatory cards - carry them round always - but virtually have to show them. And only to officials often. In the US they have no official card - yet even the lowest clerk

Re: Why Blockbuster looks at your ID.

2005-07-08 Thread Perry E. Metzger
Adam Fields [EMAIL PROTECTED] writes: On Fri, Jul 08, 2005 at 10:42:02AM -0400, Perry E. Metzger wrote: [...] A system in which the credit card was replaced by a small, calculator style token with a smartcard style connector could effectively eliminate most of the in person and over the net

Re: Why Blockbuster looks at your ID.

2005-07-08 Thread Perry E. Metzger
Edgar Danielyan [EMAIL PROTECTED] writes: A system in which the credit card was replaced by a small, calculator style token with a smartcard style connector could effectively eliminate most of the in person and over the net fraud we experience, and thus get rid of large costs in the system

Re: Why Blockbuster looks at your ID.

2005-07-08 Thread Perry E. Metzger
Dan Kaminsky [EMAIL PROTECTED] writes: Credit card fraud has gone *down* since 1992, and is actually falling: 1992: $2.6B 2003: $882M 2004: $788M We're on the order of 4.7 cents on the $100. http://www.businessweek.com/technology/content/jun2005/tc20050621_3238_tc024.htm If it's any

Re: Why Blockbuster looks at your ID.

2005-07-09 Thread Perry E. Metzger
Adam Shostack [EMAIL PROTECTED] writes: I think those numbers are misleading. The FTC reports ID theft as a $50B problem, but I haven't seen that broken down by vector. I suspect most of it is CC (rather than cheque, mortgage/line of credit/auto loan), but have no data. If you or anyone

payment system fraud, etc.

2005-07-09 Thread Perry E. Metzger
Jerrold Leichter [EMAIL PROTECTED] writes: In doing this calculation, be careful about the assumptions you make about how effective the countermeasures will be. The new systems may be more secure, but people will eventually come up with ways to break them. The history of security measures

security infrastructure and government

2005-07-09 Thread Perry E. Metzger
Florian Weimer [EMAIL PROTECTED] writes: I share your general concern, but it's not the ID cards which worry me. After all, forgeable passports are only a very, very weak form of defense in an age of non-invasive biometric applications which operate in real-time. (I know, we aren't quite

Re: the limits of crypto and authentication

2005-07-09 Thread Perry E. Metzger
Nick Owen [EMAIL PROTECTED] writes: It would seem simple to thwart such a trojan with strong authentication simply by requiring a second one-time passcode to validate the transaction itself in addition to the session. Far better would be to have a token with a display attached to the PC. The

Re: Why Blockbuster looks at your ID.

2005-07-09 Thread Perry E. Metzger
Peter Fairbrother [EMAIL PROTECTED] writes: Perry E. Metzger wrote: A system in which the credit card was replaced by a small, calculator style token with a smartcard style connector could effectively eliminate most of the in person and over the net fraud we experience, and thus get rid

Re: EMV

2005-07-11 Thread Perry E. Metzger
for RFID (RFID being a large scale solution waiting for problems), but at the same time we've lost quite a bit. -- Perry E. Metzger[EMAIL PROTECTED] - The Cryptography Mailing List Unsubscribe by sending unsubscribe

  1   2   3   4   5   6   7   >