RC5-64 attack reaches 50% mark.

2001-06-15 Thread Trei, Peter
The only RSA Secret Key Challenge known to be under active attack at this time is RC5-64, by distributed.net. Last night this reached the 50% mark, having tested 9,225,283,403,065,065,472 keys at the time I write this, over 1331 days. The current rate is over 210 Gkeys/sec - they should

RE: Effective and ineffective technological measures

2001-07-30 Thread Trei, Peter
-- From: Alan Barrett[SMTP:[EMAIL PROTECTED]] The DMCA said: 1201(a)(1)(A): No person shall circumvent a technological measure that effectively controls access to a work protected under this title. What does effectively mean here? If it has its plain

RE: Rijndael in Assembler for x86?

2001-09-17 Thread Trei, Peter
From: [EMAIL PROTECTED][SMTP:[EMAIL PROTECTED]] In article [EMAIL PROTECTED], Perry E. Metzger [EMAIL PROTECTED] wrote: Helger Lipmaa [EMAIL PROTECTED] writes: Why just not to use a C code? Because it is typically slower by many times than hand tuned assembler. Are you sure?

RE: Yet more stego scare in the New York Times

2001-10-30 Thread Trei, Peter
-- From: Bram Cohen[SMTP:[EMAIL PROTECTED]] Sent: Tuesday, October 30, 2001 12:36 PM To: Nelson Minar Cc: Crypto List Subject: Re: Yet more stego scare in the New York Times On Tue, 30 Oct 2001, Nelson Minar wrote: What's so frustrating about this

RC4 [was: RE: Passport Passwords Stored in Plaintext]

2001-10-08 Thread Trei, Peter
[This response probably can't get to all of the lists to which the original message was addressed to. Feel free to forward it to those lists, if you can, and to other addresses as needed. -pt] Alex Alten[SMTP:[EMAIL PROTECTED]] wrote: [.discussion of .NET weaknesses deleted]] RC4

RE: Scarfo keylogger, PGP

2001-10-16 Thread Trei, Peter
Peter Fairbrother[SMTP:[EMAIL PROTECTED]] The other and more worrying component picked up the PGP key Scarfo used - his father's prison number! - and virtually nothing else. It didn't capture keystrokes. Almost certainly it detected and captured only the PGP logon when the enter key was

RE: private-sector keystroke logger...

2001-11-29 Thread Trei, Peter
Ben Laurie[SMTP:[EMAIL PROTECTED]] wrote: [EMAIL PROTECTED] wrote: Jay D. Dyson writes: -BEGIN PGP SIGNED MESSAGE- On Tue, 27 Nov 2001 [EMAIL PROTECTED] wrote: Hrm, how about a worm with a built-in HTTP server that installs itself on some

RE: Stegdetect 0.4 released and results from USENET search available

2001-12-28 Thread Trei, Peter
There's a much simpler reason why few or no stego'ed messages are present in usenet images: They form an inefficient and unneeded distribution mechanism. Try taking a peek at the Usenet newsgroup alt.anonymous.messages. Dozens for PGP'd messages a day, from our old friends Secret Squirrel,

RSA Conference 2002: Free Expo passes, academic discounts and scholarships available.

2002-01-09 Thread Trei, Peter
(feel free to forward this message in its entirety) The RSA Data Security Conference is being held February 18-22, 2001, at the McEnery Convention Center in San Jose, California. This is the biggest computer security conference in the world, with 200 vendors and over 10,000 attendees.

Apology for Brian Gladman.

2002-01-18 Thread Trei, Peter
Rich is correct. I was over the top. In response to my (much more polite) letter to Mr. Gladman New Scientist, it became clear that the error was due to a journalist compressing down his conversation with Mr. Gladman. Brian had been referring to a (rounded up) bit strength for full 56 bit DES.

RE: password-cracking by journalists...

2002-01-21 Thread Trei, Peter
Karsten M. Self[SMTP:[EMAIL PROTECTED]] writes: Note that my reading the language of 1201 doesn't requre that the work being accessed be copyrighted (and in the case of Afghanistan, there is a real question of copyright status), circumvention itself is sufficient, regardless of status of

RE: Losing the Code War by Stephen Budiansky

2002-02-04 Thread Trei, Peter
I read the article (in the dead tree edition), and despite it's technical inaccuracies, thought it was generally pretty good. Don't forget that the MITM attack (which Schneier claims takes 2^(2n) = 2^112 time), also requires 2^56 blocks of storage. That's a lot, and the attack ceases to be

RE: Welome to the Internet, here's your private key

2002-02-04 Thread Trei, Peter
One other scheme I've seen, and which, while it doesn't give me warm fuzzies, seems reasonable, is to issue the the enduser a smartcard with a keypair on it. The SC generates the pair onboard, and exports only the public half. The private half never leaves the SC (there is no function on the card

RE: Unbreakable? (fwd)

2002-02-04 Thread Trei, Peter
There are plenty of 'thought experiment' crypto systems which are utterly infeasible in practice. Rabin's is one. It does have perfect forward secrecy in that if Eve doesn't know ahead of transmission time what part of the keystream to grab, she can't later decrypt the message. But, as

RE: Welome to the Internet, here's your private key

2002-02-04 Thread Trei, Peter
I'm not the local expert on this, but there are SCs with built-in crypto accelerators. They are designed for the use I described: * Generate an RSA key pair on board, * export the public key, * re-import the certificate, * wrap/unwrap a data block (typically a session key or hash for

RE: Welome to the Internet, here's your private key

2002-02-06 Thread Trei, Peter
[EMAIL PROTECTED][SMTP:[EMAIL PROTECTED]] Trei, Peter [EMAIL PROTECTED] writes: One other scheme I've seen, and which, while it doesn't give me warm fuzzies, seems reasonable, is to issue the the enduser a smartcard with a keypair on it. The SC generates the pair onboard, and exports

RE: Cloak, or Cloaca? :-)

2002-02-27 Thread Trei, Peter
Ben Laurie[SMTP:[EMAIL PROTECTED]] Keyring and Strip are both programs that provide secure DBs on Palms. Keyring, at least, is free and open source. However, since Palms have no MMU, there's no security against hostile other apps, which makes them pretty useless devices for this kind

The Original SSSCA

2002-03-01 Thread Trei, Peter
[The SSSCA would require all devices capable of carrying media content to have hardware locks to prevent copyright violations. Essentially, it turns all computers as closed as set-top boxes - and about as useful. See http://www.politechbot.com/cgi-bin/politech.cgi?name=sssca for background -pt ]

RE: 1997 RSA DES Challenge

2002-03-07 Thread Trei, Peter
I might be able to help you. I was the person who initiated the the DES Challenges, getting RSA Data Security to sponsor them, and working with people in RSA Labs on their design (this was before I switched employers to RSA). I also wrote one of the search engines. I have a fair bit of data,

One for the snakeoil file.

2002-03-28 Thread Trei, Peter
[Note: I'm just passing on posts from sci.crypt. I've not confirmed this independently It appears that not every product which uses smart cards is secure - pt] From: [EMAIL PROTECTED] (Philippe Mestral) Newsgroups: sci.crypt Subject: I've

distributed.net looking for a new ISP.

2002-03-28 Thread Trei, Peter
Distributed.net, which has won several of the RSA Secret Key challenges, and is currently 73% of the way through the RC5-64 contest, has lost it's ISP. Peter Trei From their front page: - start quote We need your help! URGENT: We have recently learned that our

RE: Schneier (and RSA) on Bernstein factoring machine

2002-04-16 Thread Trei, Peter
Anonymous[SMTP:[EMAIL PROTECTED]] Bruce Schneier writes in the April 15, 2002, CRYPTO-GRAM, http://www.counterpane.com/crypto-gram-0204.html: But there's no reason to panic, or to dump existing systems. I don't think Bernstein's announcement has changed anything. Businesses today

RE: Schneier on Bernstein factoring machine

2002-04-17 Thread Trei, Peter
Russell Nelson[SMTP:[EMAIL PROTECTED]] wrote Derek Atkins writes: I think it's really about degree. I don't agree that having a non-empty threat model implies you a paranoid. Yes, you're right (and Phil Pennock points out that I meant intersection, not union). Dictionary.com defines

RE: Schneier (and RSA) on Bernstein factoring machine

2002-04-17 Thread Trei, Peter
R. A. Hettinga[SMTP:[EMAIL PROTECTED]] At 3:54 PM -0400 on 4/16/02, Trei, Peter wrote: Well, Lucky's not a business, and he's certainly not a military institution (despite his fondness for ordnance). What does that leave? Most of us who know him got a little chuckle out

Just how bad is the Microsoft Visual C++ 6 rand function, anyway?

2002-05-21 Thread Trei, Peter
Now, I'm sure no one on this list would trust MSVC6 rand() for anything important, but this post from sci crypt (which I have not cofirmed) may be of interest: Peter Trei - start quote - Newsgroups: sci.crypt, sci.crypt.random-numbers Subject: Warning: MSVC6 rand function

RE: FC: Hollywood wants to plug analog hole, regulate A-D conve rters

2002-05-29 Thread Trei, Peter
Actually, it's unlikely that anyone would embed watermarks in billboard ads, or in ads in general. Copying an ad is usually a Good Thing from the advertiser's point of view - more exposure. It's only the program material which needs protection. To get back to security; could I use this to defeat

RE: FC: Hollywood wants to plug analog hole, regulate A-D converters

2002-05-31 Thread Trei, Peter
-- From: Nomen Nescio[SMTP:[EMAIL PROTECTED]] Sent: Thursday, May 30, 2002 12:20 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: FC: Hollywood wants to plug analog hole, regulate A-D converters Peter Trei writes: My mind has been boggled, my

Followup: [RE: DOJ proposes US data-rentention law.]

2002-06-21 Thread Trei, Peter
AM To: [EMAIL PROTECTED] Cc: '[EMAIL PROTECTED]'; '[EMAIL PROTECTED]' Subject: Re: DOJ proposes US data-rentention law. Trei, Peter wrote: - start quote - Cyber Security Plan Contemplates U.S. Data Retention Law http://online.securityfocus.com/news/486 Internet service

RE: New Chips Can Keep a Tight Rein on Consumers

2002-07-10 Thread Trei, Peter
John S. Denker[SMTP:[EMAIL PROTECTED]] wrote: Peter Gutmann wrote: Actually I'm amazed no printer vendor has ever gone after companies who produce third-party Smartchips for remanufactured printer cartridges. This sounds like the perfect thing to hit with the DMCA universal

RE: IP: SSL Certificate Monopoly Bears Financial Fruit

2002-07-12 Thread Trei, Peter
Lucky Green[SMTP:[EMAIL PROTECTED]] James wrote: On 11 Jul 2002 at 1:22, Lucky Green wrote: Trusted roots have long been bought and sold on the secondary market as any other commodity. For surprisingly low amounts, you too can own a trusted root that comes pre-installed

RE: Challenge to David Wagner on TCPA

2002-08-02 Thread Trei, Peter
Jon Callas[SMTP:[EMAIL PROTECTED]] On 8/1/02 1:14 PM, Trei, Peter [EMAIL PROTECTED] wrote: So my question is: What is your reason for shielding your identity? You do so at the cost of people assuming the worst about your motives. Is this a tacit way to suggest that the only

RE: Challenge to David Wagner on TCPA

2002-08-02 Thread Trei, Peter
AARG! Anonymous[SMTP:[EMAIL PROTECTED]] writes [...] Now, there is an optional function which does use the manufacturer's key, but it is intended only to be used rarely. That is for when you need to transfer your sealed data from one machine to another (either because you have

RE: trade-offs of secure programming with Palladium (Re: Palladium: technical limits and implications)

2002-08-15 Thread Trei, Peter
Russell Nelson[SMTP:[EMAIL PROTECTED]] writes: You're wearing your programmer's hat when you say that. But the problem isn't programming, but is instead economic. Switch hats. The changes that you list above may or may not offer some security advantages. Who cares? What really matters

RE: Cryptogram: Palladium Only for DRM

2002-09-17 Thread Trei, Peter
Niels Ferguson[SMTP:[EMAIL PROTECTED]] wrote: Well, I'm tired of this. AARG, or whoever is hiding behind this pseudonym, is obviously not reading the responses that I send, as he keeps asking questions I already answered. I'm not going to waste more of my time responding to this. This is

RSA's RC5-64 Secret Key Challenge has been solved.

2002-09-26 Thread Trei, Peter
First, the official PR release: --- Distributed Team Collaborates to Solve Secret-Key Challenge Contest designed to keep the cryptographic community updated on new achievements and help organizations maintain highest levels of security Bedford,

RE: RSA's RC5-64 Secret Key Challenge has been solved.

2002-09-27 Thread Trei, Peter
Ralf-P. Weinmann[SMTP:[EMAIL PROTECTED]] wrote: On Thu, Sep 26, 2002 at 02:45:12PM -0700, John Gilmore wrote: [...] After getting that getting started, though, I suggest beginning a brute-force attack on the GSM cellphone encryption algorithm. That's in use in hundreds of

RE: QuizID?

2002-10-17 Thread Trei, Peter
Branchaud, Marc writes: Any thoughts on this device? At first glance, it doesn't seem particularly impressive... http://www.quizid.com/ Lovely idea of two-factor authentication: The user then enters their user name (something they know) and the 8-digit Quizid passcode

Did you *really* zeroize that key?

2002-11-06 Thread Trei, Peter
[Moderator's note: FYI: no pragma is needed. This is what C's volatile keyword is for. Unfortunately, not everyone writing in C knows the language. --Perry] From RISKS: http://catless.ncl.ac.uk/Risks/22.35.html#subj6 Those of us who write code need to be reminded of this now and then. Peter

RE: New Protection for 802.11

2002-11-07 Thread Trei, Peter
James A. Donald[SMTP:[EMAIL PROTECTED]] wrote: Reading the Wifi report, http://www.weca.net/OpenSection/pdf/Wi- Fi_Protected_Access_Overview.pdf it seems their customers stampeded them and demanded that the security hole be fixed, fixed a damned lot sooner than they intended to fix it.

RE: 'E-postmark' gives stamp of approval

2002-11-27 Thread Trei, Peter
The PO tried marketing this service about 6 years ago. As far as I can see, this is almost identical to the last try. It failed in the marketplace then, and I see no reason whatsoever to think it will suceed now. Favorite paragraph: Having a feature certified as secure by a federal agency

RE: RIAA turns against Hollings bill

2003-01-15 Thread Trei, Peter
John Gilmore[SMTP:[EMAIL PROTECTED]] writes: Nomen writes: How does this latest development change the picture? If there is no Hollings bill, does this mean that Trusted Computing will be voluntary, as its proponents have always claimed? And if we no longer have such a threat

RE: A talk on Intellectual Property and National Defense

2003-02-04 Thread Trei, Peter
Adam Shostack[SMTP:[EMAIL PROTECTED]] writes: I believe that DRM systems will require not just an authorized boot sequence, but a secure remote attestation that that boot sequence was followed, and a secure attestation as to the versions of the software on your system. So, while a

RE: A talk on Intellectual Property and National Defense

2003-02-04 Thread Trei, Peter
:[EMAIL PROTECTED]] Sent: Tuesday, February 04, 2003 11:42 AM To: Dave Farber Cc: Trei, Peter; [EMAIL PROTECTED] Subject: Re: A talk on Intellectual Property and National Defense Dave, I think Peter was responding to me, not you. And no, I'm not proposing

RE: Columbia crypto box

2003-02-10 Thread Trei, Peter
Matthew Byng-Maddick[SMTP:[EMAIL PROTECTED]] writes: On Sun, Feb 09, 2003 at 11:43:55PM -0500, Donald Eastlake 3rd wrote: been that you either throw away the first 256 bytes of stream key output or use a different key on every message. WEP does neither. TKIP, the new You NEVER,

RE: Columbia crypto box

2003-02-11 Thread Trei, Peter
Arnold G. Reinhold[SMTP:[EMAIL PROTECTED]] wrote: It's worth remembering that the original WEP used 40 bit keys. For some time, RC4 with 40 bit keys was the only crypto system that could be exported without a license. It's hard for me to believe that export concerns were not the primary

RE: Columbia crypto box

2003-02-11 Thread Trei, Peter
Steven M. Bellovin[SMTP:[EMAIL PROTECTED]] wrote: In message [EMAIL PROTECTED] m, Trei, Peter writes: If I recall correctly (dee3: Can you help?) WEP is actually derived from the encryption system used in the Apple Mobile Messaging System, a PCMCIA paging card made for the Newton

RE: Columbia crypto box

2003-02-13 Thread Trei, Peter
Pete Chown[SMTP:[EMAIL PROTECTED]] Arnold G. Reinhold wrote: Indeed, but it is important to remember just how thickheaded the anti-crypto effort of the '80s and '90s was and how much damage it did. As a footnote to those times, 2 ** 40 is 1,099,511,627,776. My PC can do 3,400,000

RE: Scientists question electronic voting

2003-03-06 Thread Trei, Peter
Ian Brown[SMTP:[EMAIL PROTECTED] wrote: Ed Gerck wrote: Printing a paper receipt that the voter can see is a proposal that addresses one of the major weaknesses of electronic voting. However, it creates problems that are even harder to solve than the silent subversion of

RE: Scientists question electronic voting

2003-03-06 Thread Trei, Peter
Francois Grieu[SMTP:[EMAIL PROTECTED] Peter Trei wrote: I'd prefer that the printed receipt be retained at the polling station, after the voter has had an opportunity to examine it. This serves two purposes: First, it prevents the vote selling described above, and second, if a

RE: Encryption of data in smart cards

2003-03-13 Thread Trei, Peter
John Kelsey[SMTP:[EMAIL PROTECTED] At 11:08 PM 3/12/03 +0100, Krister Walfridsson wrote: ... This is not completely true -- I have seen some high-end cards that use the PIN code entered by the user as the encryption key. And it is quite easy to do similar things on Java cards...

RE: Run a remailer, go to jail?

2003-03-31 Thread Trei, Peter
Sidney Markowitz writes: They both require that the use of such technologies be for the purpose of committing a crime. The Massachusetts law defines as a crime: (b) Offense defined.--Any person commits an offense if he knowingly (1) possesses, uses, manufactures, develops, assembles,

RE: Russia Intercepts US Military Communications?

2003-03-31 Thread Trei, Peter
reusch[SMTP:[EMAIL PROTECTED] wrote: Via the Cryptome, http://www.cryptome.org/, RU sure, look at http://www.aeronautics.ru/news/news002/news082.htm. I'm amazed at their claims of radio interception. One would expect that all US military communications, even trivial ones, are

RE: Run a remailer, go to jail?

2003-04-01 Thread Trei, Peter
Derek, etal If you (or anyone) goes, I'm sure we'd all appreciate some notes on what transpired. I understand 17 different bills are being considered at this hearing, so don't blink or you may miss it. Peter Trei -- From: Derek Atkins[SMTP:[EMAIL PROTECTED] Dave Emery