RE: U.S. seeks OSCE pact on biometric passports

2003-09-03 Thread Trei, Peter
Duncan Frissell[SMTP:[EMAIL PROTECTED] writes: Anyone have any pointers to non destructive methods of rendering Smart Chips unreadable? Just curious. On Mon, 1 Sep 2003, R. A. Hettinga wrote: r The

RE: Code breakers crack GSM cellphone encryption

2003-09-08 Thread Trei, Peter
David Honig[SMTP:[EMAIL PROTECTED] wrote: At 02:37 AM 9/9/03 +1000, Greg Rose wrote: At 05:18 PM 9/7/2003 -0700, David Honig wrote: Laughing my ass off. Since when do governments care about patents? How would this help/harm them from exploiting it? Not that high-end LEOs haven't already

RE: Firm invites experts to punch holes in ballot software

2004-04-07 Thread Trei, Peter
Firm invites experts to punch holes in ballot software The company's software is designed to let voters verify that their ballots were properly handled. It assigns random identification numbers to ballots and candidates. After people vote, they get a receipt that shows which candidates they

RE: Firm invites experts to punch holes in ballot software

2004-04-07 Thread Trei, Peter
Ian Grigg[SMTP:[EMAIL PROTECTED] wrote: Trei, Peter wrote: Frankly, the whole online-verification step seems like an unneccesary complication. It seems to me that the requirement for after-the-vote verification (to prove your vote was counted) clashes rather directly

RE: voting

2004-04-09 Thread Trei, Peter
privacy wrote: [good points about weaknesses in adversarial system deleted] It's baffling that security experts today are clinging to the outmoded and insecure paper voting systems of the past, where evidence of fraud, error and incompetence is overwhelming. Cryptographic

RE: voting

2004-04-16 Thread Trei, Peter
Ed Gerck[SMTP:[EMAIL PROTECTED] John Kelsey wrote: At 11:05 AM 4/9/04 -0400, Trei, Peter wrote: 1. The use of receipts which a voter takes from the voting place to 'verify' that their vote was correctly included in the total opens the way for voter coercion. I think

RE: EU seeks quantum cryptography response to Echelon

2004-05-25 Thread Trei, Peter
Tom Shaddack wrote: On Tue, 18 May 2004, Tyler Durden wrote: Monyk believes there will be a global market of several million users once a workable solution has been developed. A political decision will have to be taken as to who those users will be in order to prevent terrorists

RE: Satellite eavesdropping of 802.11b traffic

2004-05-28 Thread Trei, Peter
R. A. Hettinga At 12:35 PM -0400 5/27/04, John Kelsey wrote: Does anyone know whether the low-power nature of wireless LANs protects them from eavesdropping by satellite? It seems to me that you'd need a pretty big dish in orbit to get that kind of resolution. The Keyholes(?) are

DES: Now 'really most sincerely dead'

2004-07-28 Thread Trei, Peter
Back in late 1996, I wrote to Jim Bidzos, proposing an RSA Challenge to break single DES by brute force computation. Later in 1997, the first DES Challenge was successfully completed. Its taken another 7 years, but NIST has finally pulled single DES as a supported mode. Favorite line: DES

RE: Financial identity is *dangerous*? (was re: Fake companies, real money)

2004-10-25 Thread Trei, Peter
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Aaron Whitehouse Sent: Saturday, October 23, 2004 1:58 AM To: Ian Grigg Cc: [EMAIL PROTECTED] Subject: Re: Financial identity is *dangerous*? (was re: Fake companies, real money) Ian Grigg

RE: Financial identity is *dangerous*? (was re: Fake companies, real money)

2004-11-01 Thread Trei, Peter
James A. Donald wrote: R.A. Hettinga wrote: [The mobile phone is] certainly getting to be like Chaum's ideal crypto device. You own it, it has its own I/O, and it never leaves your sight. Is there a phone that is programmable enough to store secrets on and sign and decrypt stuff?

RE: RSA Implementation in C language

2004-11-30 Thread Trei, Peter
Admittedly somewhat old and creaky, but try Googling RSAREF. I don't know where that stands for IP rights (presumably we still have copyright), bout for research it's a startin point. Peter -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Sandeep N

RE: Banks Test ID Device for Online Security

2005-01-04 Thread Trei, Peter
R.A. Hettinga wrote: Okay. So AOL and Banks are *selling* RSA keys??? Could someone explain this to me? No. Really. I'm serious... Cheers, RAH The slashdot article title is really, really misleading. In both cases, this is SecurID. Peter

RE: Dell to Add Security Chip to PCs

2005-02-02 Thread Trei, Peter
Seeing as it comes out of the TCG, this is almost certainly the enabling hardware for Palladium/NGSCB. Its a part of your computer which you may not have full control over. Peter Trei Tyler Durden ANyone familiar with computer architectures and chips able to answer this question: That

RSA Conference, and BA Cypherpunks

2005-02-07 Thread Trei, Peter
Once again, the RSA Conference is upon us, and many of the corrospondents on these lists will be in San Francisco. I'd like to see if anyone is interested in getting together. We've done this before. At past conferences, we've had various levels of participation, from 50 down to 3. Since the

FW: [IP] One cryptographer's perspective on the SHA-1 result

2005-03-03 Thread Trei, Peter
Full disclosure: Burt Kaliski and I share an employer. Peter Trei -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of David Farber Sent: Wednesday, February 23, 2005 7:48 PM To: Ip Subject: [IP] One cryptographer's perspective on the SHA-1 result From:

From [IP] i secure cell phone via software

2005-05-20 Thread Trei, Peter
Interesting encrypted VoIP application for Symbian GSM phones. Peter Trei -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of David Farber Sent: Monday, April 25, 2005 9:58 AM To: Ip Subject: [IP] i secure cell phone via software

RE: Another entry in the internet security hall of shame....

2005-08-25 Thread Trei, Peter
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Peter Saint-Andre Sent: Wednesday, August 24, 2005 4:56 PM To: Subject: Re: Another entry in the internet security hall of shame Tim Dierks wrote: [resending due to

RE: long-term GPG signing key

2006-01-17 Thread Trei, Peter
Alexander Klimov wrote: On Wed, 11 Jan 2006, Ian G wrote: Even though triple-DES is still considered to have avoided that trap, its relatively small block size means you can now put the entire decrypt table on a dvd (or somesuch, I forget the maths). This would need 8 x 2^{64} bytes of

RE: thoughts on one time pads

2006-01-28 Thread Trei, Peter
You missed the old standby - the microwave oven. The disk remains physically intact (at least after the 5 seconds or so I've tried), but a great deal of pretty arcing occurs in the conductive data layer. Where the arcs travel, the data layer is vapourized. The end result is an otherwise intact

RE: SSL Cert Prices Notes

2006-08-11 Thread Trei, Peter
It is with some irony I note that this message from Peter Saint-Andre failed a signature check - startcom isn't among the trusted roots in my copy of Outlook. Peter Trei -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Peter Saint-Andre Sent: Wednesday,

FW: Entropy of other languages

2007-02-07 Thread Trei, Peter
Steven M. Bellovin wrote: On Sun, 04 Feb 2007 15:46:41 -0800 Allen [EMAIL PROTECTED] wrote: Hi gang, An idle question. English has a relatively low entropy as a language. Don't recall the exact figure, but if you look at words that start with q it is very low indeed.

RE: Entropy of other languages

2007-02-07 Thread Trei, Peter
Travis H. wrote: On Sun, Feb 04, 2007 at 03:46:41PM -0800, Allen wrote: [...] What about other languages? Does anyone know the relative entropy of other alphabetic languages? What about the entropy of ideographic languages? Pictographic? Hieroglyphic? IIRC, it turned out that Egyptian

RE: padlocks with backdoors - TSA approved

2007-02-27 Thread Trei, Peter
Taral wrote: I'm just waiting for someone with access to photograph said keys and post it all over the internet. Let us hope that happnes - it won't make passenger security worse, and would demonstrate that The Emperor Has No Clothes. Even if that doesn't happen, it is presumabley feasible

RE: Russian cyberwar against Estonia?

2007-05-19 Thread Trei, Peter
Dave Korn wrote: On 18 May 2007 05:44, Alex Alten wrote: This may be a bit off the crypto topic, You betcha! but it is interesting nonetheless. Russia accused of unleashing cyberwar to disable Estonia,,329864981-103610,00.html Estonia accuses Russia

RE: Russian cyberwar against Estonia?

2007-05-22 Thread Trei, Peter
Bill Stewart wrote: At 01:04 PM 5/18/2007, Trei, Peter wrote: If the Russians aren't behind this, who else should be suspected? It isn't like Estonia has a wide selection of enemies. :-) There are three likely suspects - the actual Russian government (or some faction thereof) - Russian

Re: question re practical use of secret sharing

2007-06-21 Thread Trei, Peter
RSA's BSAFE supports Bloom-Shamir secret sharing. Peter Trei Principal Engineer RSA: the Security Division of EMC. Disclaimer: I am not a spokesperson for RSA or EMC. -Original Message- Charles Jackson asks: A quick question. Is anyone aware of a commercial product that

RE: Elcomsoft trying to patent faster GPU-based password cracker

2007-10-25 Thread Trei, Peter
I was the person who originated the DES Challenges at RSA, and also helped set up and run them. I knew that there was a stealth effort underway at SGI, but didn't know any of the details. A good deal of cool stuff came out of the contests. Other prior art against this patent would include