Re: DOS attack on WPA 802.11?

2002-11-19 Thread Niels Ferguson
At 00:55 14/11/02 -0800, Bill Stewart wrote: At 12:03 PM 11/11/2002 -0500, Arnold G. Reinhold wrote: One of the tenets of cryptography is that new security systems deserve to be beaten on mercilessly without deference to their creator. In particular, I'd be interested in finding out if the new

The National Strategy to Secure Cyberspace

2002-11-19 Thread John F. McMullen
From Joe King -- Forwarded message -- The draft of The National Strategy to Secure Cyberspace has been posted for comment by the public at: http://www.whitehouse.gov/pcipb/cyberstrategy-draft.html In view of some of the views espoused by members of the Administration, it is most

Re: DOS attack on WPA 802.11?

2002-11-19 Thread Arnold G Reinhold
I agree that we have covered most of the issues. One area whre you have not responded is the use of WPa in 802.11a. I see no justification for intoducing a crippled authentication there. Also here is one more idea for possibly improving Michael. Scramble the output of Michael in a way that

Re: Public Key Addressing?

2002-11-19 Thread Bill Stewart
Abstract: Maybe he's saying that phone calls could be implemented like remailers or onion routers, or at least like ipsec tunnels, where the contents of the call are kept separate from the signalling information, so the ISPs only see what they need to. At 01:05 PM 11/13/2002 +0100, Hadmut Danisch

Secure Electronic and Internet Voting

2002-11-19 Thread Ed Gerck
List: I want to spread the word about a newly published book by Kluwer, where I have a chapter explaining Safevote's technology and why we can do in voting (a much harder problem) what e-commerce has not yet accomplished (it's left as an exercise for the reader to figure out why e-commerce has

Re: DOS attack on WPA 802.11?

2002-11-19 Thread Niels Ferguson
At 18:15 15/11/02 -0500, Arnold G Reinhold wrote: I agree that we have covered most of the issues. One area whre you have not responded is the use of WPa in 802.11a. I see no justification for intoducing a crippled authentication there. From the point of the standard there is little difference

[Bruce Schneier] CRYPTO-GRAM, November 15, 2002

2002-11-19 Thread Perry E. Metzger
---BeginMessage--- CRYPTO-GRAM November 15, 2002 by Bruce Schneier Founder and CTO Counterpane Internet Security, Inc. [EMAIL PROTECTED] http://www.counterpane.com A free monthly newsletter providing

Security holes... Who cares?

2002-11-19 Thread Eric Rescorla
I thought this paper might be of interest to the cryptography folks. Security holes... Who cares? Eric Rescorla RTFM, Inc. http://www.rtfm.com/ We report on an observational study of user response following the OpenSSL

Information Awareness Office

2002-11-19 Thread Hadmut Danisch
Hi, a lovely anthology of concepts about human and civil rights (american flavour) can be found at http://www.darpa.mil/iao/ best regards Hadmut - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography

Why we spent a decade+ building strong crypto security

2002-11-19 Thread John Gilmore
The US government's moves to impose totalitarian control in the last year (secret trials, enemies lists, massive domestic surveillance) are what some of the more paranoid among us have been expecting for years. I was particularly amused by last week's comments from the Administration that it'll be

'Noisy light' is new key to encryption Pfft.

2002-11-19 Thread Steven Soroka
re article: http://news.zdnet.co.uk/story/0,,t269-s2126017,00.html Correct me if I'm wrong, but isn't this extremely bad? Don't they realize the system fails if they send more than one photon? the redundancy allows an attacker with sensitive equipment to read a single photon (or maybe a few)

Digital ID papers

2002-11-19 Thread R. A. Hettinga
--- begin forwarded text Status: RO To: Bob Hettinga [EMAIL PROTECTED] From: David G.W. Birch [EMAIL PROTECTED] Date: Mon, 18 Nov 2002 14:36:19 + Subject: Digital ID papers Hi Bob, Can you post this in all the usual places thanks! The presentations from the 3rd Annual Consult Hyperion

Re: DOS attack on WPA 802.11?

2002-11-19 Thread Arnold G Reinhold
[please ignore previous mesage, sent by mistake -- agr] On Sat, 16 Nov 2002, Niels Ferguson wrote: At 18:15 15/11/02 -0500, Arnold G Reinhold wrote: I agree that we have covered most of the issues. One area whre you have not responded is the use of WPa in 802.11a. I see no justification for

Fwd: [fc] list of papers accepted to FC'03

2002-11-19 Thread R. A. Hettinga
--- begin forwarded text Status: RO Date: Thu, 14 Nov 2002 13:14:12 -0800 To: [EMAIL PROTECTED] From: Fearghas McKay [EMAIL PROTECTED] Subject: Fwd: [fc] list of papers accepted to FC'03 Reply-To: Usual People List [EMAIL PROTECTED] Sender: [EMAIL PROTECTED] --- begin forwarded text From:

Re: Fwd: [fc] list of papers accepted to FC'03

2002-11-19 Thread James A. Donald
-- On 15 Nov 2002 at 10:55, IanG wrote: List of papers accepted to FC'03 I see pretty much a standard list of crypto papers here, albeit crypto with a waving of finance salt. Theory of what could be implemented has run well ahead of what has in

Re: Fun with Rosslyn Chapel, or, What *was* the Templar's Cipher,anyway?

2002-11-19 Thread R. A. Hettinga
--- begin forwarded text Status: U To: [EMAIL PROTECTED] From: T. Wolf [EMAIL PROTECTED] Date: Sun, 17 Nov 2002 00:00:51 +0100 Subject: Re: Fun with Rosslyn Chapel, or, What *was* the Templar's Cipher, anyway? Dear RAH, I just found the old attached message of yours doing a web search.

Re: AIR TRAVELER ID REQUIREMENT CHALLENGED

2002-11-19 Thread John Gilmore
I was browsing some of my old mail when I came across this. What's the status of Gilmore's case? The regulations I'm challenging purport to require air and train travelers to show a government issued ID. Every traveler has been subjected to these requirements, but it turns out that they

Re: Why we spent a decade+ building strong crypto security

2002-11-19 Thread Adam Shostack
On Sun, Nov 17, 2002 at 11:29:59PM -0800, John Gilmore wrote: | Now's a great time to deploy good working encryption, everywhere you | can. Next month or next year may be too late. And even honest ISPs, | banks, airlines (hah), etc, may be forced by law or by secret pressure | to act as

17 Cypherpunks subscribers on watch list, Project Lookout

2002-11-19 Thread R. A. Hettinga
--- begin forwarded text Status: RO Date: Tue, 19 Nov 2002 14:06:35 -0800 Subject: 17 Cypherpunks subscribers on watch list, Project Lookout From: Tim May [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sender: [EMAIL PROTECTED] A company I am involved with has been on the distribution list for the

Re: 17 Cypherpunks subscribers on watch list, Project Lookout

2002-11-19 Thread R. A. Hettinga
--- begin forwarded text Status: RO Date: Tue, 19 Nov 2002 15:59:42 -0800 Subject: Re: 17 Cypherpunks subscribers on watch list, Project Lookout From: Tim May [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sender: [EMAIL PROTECTED] On Tuesday, November 19, 2002, at 02:06 PM, Tim May wrote: A

[ANNOUNCE] OpenSSL 0.9.7 beta 4 released

2002-11-19 Thread Richard Levitte - VMS Whacker
The fourth beta release of OpenSSL 0.9.7 is now available from the OpenSSL FTP site URL: ftp://ftp.openssl.org/source/. This beta contains numerous fixes (among others, security-related ones) since beta 3, which explains the long time that has passed between the two. This is NOT a