Re: PGP ADK Bug Fix
At 11:57 AM 8/27/00 -0700, Bill Stewart wrote: ... The real question is whether somebody will hack the keyservers to eat ADK keys before or after somebody downloads all the DH keys, adds ADK keys to them, updates the servers, and threatens to publish ... It looks like NAI is treating this with the seriousness it deserves, and has already modified two key servers to "cleanse" keys with unsigned ADK parasitic records: http://www.pgp.com/other/advisories/adk.asp ___ Michael Paul Johnson [EMAIL PROTECTED]http://ebible.org/mpj
Re: What would you like to see in a book on cryptography for programme
At 07:20 PM 8/11/00 +, lcs Mixmaster Remailer wrote: William Rowden writes: In the tempting-but-wrong category, one could include samples of the insecure systems that result when programmers with no cryptanalysis background create their own cryptographic algorithms. Yes, and let us hope that Michael Paul Johnson resists the temptation to plug his own home-grown ciphers, Sapphire and Diamond. Hopefully he'll realize that including his own ciphers in the book will ruin what little credibility he has as an author. Actually, I'd rather publish your credible cryptanalysis of those ciphers, if you care to enlighten us. Lacking that, I'll see if I can egg someone else on to do so by writing about them, too. I'm not as concerned about what one anonymous person thinks about my credibility as I am about advancing the state of the art of computer cryptography and making it more accessible to the average programmer. I think that involves a balance where I will promote the best ciphers (i. e. the AES finalists), but also explain the design, analysis, and limitations of my own ciphers. Who else could explain them as well? Seriously, if you know of a real weakness in either the Sapphire II Stream Cipher or the Diamond 2 Block Cipher, please let us all know on this list, especially me. I honestly don't know of one, but I openly admit that I could have missed something. Do I write about these ciphers being victorious over your scrutiny, or about their demise? Either one has value. ___ Michael Paul Johnson [EMAIL PROTECTED]http://ebible.org/mpj
Re: Book on cryptography for programmers
At 04:00 PM 8/11/00 -0400, dmolnar wrote: On Fri, 11 Aug 2000, John R Levine wrote: * Don't try to invent a new crypto systems. Amateurs can't write secure crypto systems, as often as not professionals can't either. By the way, I would extend this to include "don't try to write your own new crypto code, unless you really, really have to." Also something on how to find and use test vectors. Good suggestions. Actually, I think that rather than a flat-out "don't try to write your own," a listing of what it takes to do it right, together with pointing out the existence of free or inexpensive libraries that already do what you want to do, should be most effective. The same goes for cipher design. Some people actually do it well, but only after they have studied what was done before, tried cracking a few, etc. I'd really like to get people to think about sensitive data life cycles, too. Good cryptography can be so easy to defeat with simple blunders in applications. ___ Michael Paul Johnson [EMAIL PROTECTED]http://ebible.org/mpj
What would you like to see in a book on cryptography for programmers?
What would you like to see covered in a practical book on cryptography for programmers?
Book on cryptography for programmers
Thank you for the good comments, so far. In case you haven't figured it out, yes, I am seriously contemplating writing such a book. Please keep the good ideas coming. I need someone who is crypto-literate to help review what I write, to help keep me honest, point out stuff I may have missed, and generally help me be clear and accurate. If you (or someone you know) would like to be a technical editor, my publisher would like to talk to you. Email me for details. The benefits include: * Helping spread GOOD crypto-knowledge to programmers in general, thus reducing the average snake oil concentration in applications they write. * Contribute to exercising First Amendment rights (lest they atrophy), and contribute to a book/CD-ROM set for international distribution. * Fame and glory, and your name mentioned in genuine ink-on-wood-pulp print. * A preview of a cryptography book and a free copy of the finished work. * My publisher may even pay you some token amount for these services. Is anyone interested in technical editing? What would you like to see on the CD-ROM that looks like it would fit export license exception TSU (open source, no explicit requirement for payment, no key size limits)? ___ Michael Paul Johnson http://ebible.org/mpj
Re: time dependant
At 05:05 3/8/2000 +0800, Arrianto Mukti Wibowo wrote: Hi, I want to know whether there is a crypto building block which doesn't allow someone to open an encrypted message before a certain date. [Damn hard. Math functions don't grok "date". The only reasonable way to do this without a trusted third party is to pick an encryption algorithm that will take at least as long to decrypt (in likely available computer time) as are needed. -Perry] Perry is right. If you have a trusted third party with a secure location, you could simply have the trusted third party release the key on the appointed date. ___ Michael Paul Johnson http://ebible.org/mpj
Posting Kerberos on the World-Wide Web
Posting Kerberos on the World-Wide Web -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Pursuant to 15 CFR Part 734, notice is hereby given that the following files containing open Kerberos source code will be published at http://cryptography.org/source/kerbnet/ (with links from http://cryptography.org/source/index.htm), without benefit of the current export control CGI program: http://cryptography.org/cgi-bin/crypto.cgi/KerbNet/docs/kerbnet-docs.tgz http://cryptography.org/cgi-bin/crypto.cgi/KerbNet/release_notes http://cryptography.org/cgi-bin/crypto.cgi/KerbNet/MD5SUMS http://cryptography.org/cgi-bin/crypto.cgi/KerbNet/source/kerbnet-source.tgz http://cryptography.org/cgi-bin/crypto.cgi/KerbNet/source/tcl-source.tgz -BEGIN PGP SIGNATURE- Version: PGPfreeware 6.0.2 iQA/AwUBOITeCkSP4McX10e7EQKVVgCgywM+BisffYLmx5wh2DxhPEFsYC0AoO+6 o+0GIJRN+tKPo4Ysnd4P5lPa =XLBC -END PGP SIGNATURE-
Posting PGP 6.5x on the World-Wide Web
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Notice is hereby given that the following files containing open Pretty Good Privacy source code and documentation will be published at http://cryptography.org/source/pgp with links from http://cryptography.org/source: ftp://ftp.no.pgpi.org/pub/pgp/6.5/6.5.1i/mac/pgp651i-mac-src.zip ftp://ftp.no.pgpi.org/pub/pgp/6.5/6.5.1i/win/pgp651i-win-src.zip ftp://ftp.no.pgpi.org/pub/pgp/6.5/docs/IntroToCrypto.pdf ftp://ftp.no.pgpi.org/pub/pgp/6.5/docs/PGPCmdLineGuide.pdf ftp://ftp.no.pgpi.org/pub/pgp/6.5/docs/PGPWinUsersGuide.pdf -BEGIN PGP SIGNATURE- Version: PGPfreeware 6.0.2i iQA/AwUBOIYhTkSP4McX10e7EQJmfQCfcQwbGjFp1Uyxdsn301MU5SJP1TYAoKXQ lKrb9P4BFxGp3PLHezJK9/Tf =uCbn -END PGP SIGNATURE-
Re: A5/1 FAQ
http://cryptography.org/cgi-bin/crypto.cgi/libraries/A51ref.zip
Re: PGP 6.5/PGPnet Announcement!
At 01:14 PM 4/6/1999 -0700, Jim Gillogly wrote: Michael Paul Johnson wrote: Of course this is dangerous, but there is a demand for it. Not everyone wants bomb-proof security. ... The real cure, of course, is to so tightly and easily integrate security into email that it is as easy as this to use, but not as risky. Steven M. Bellovin responded: There's bomb-proof security, and there's "security" that itself is a time bomb. I fear that self-extracting decryptors are much closer to the latter than to the former -- very much closer. I agree with Steve about this part. These programs are much like the active email bogosities, which should never be allowed to operate without the user's informed consent -- and I don't regard accepting Windows defaults as constituting informed consent. But supplying weak cryptography to people even with caveats can give them a fatally false sense of security. If they could tell at a glance that their communications were weak, they might use them more safely. Of course. This problem can be solved by providing the recipient with a "real" security program instead of a "self-decrypting" executable, then sending the encrypted data separately. Of course, this is also subject to the very same active attack. The attacker merely forges a message from you, offering an upgrade to the "real" security program that sereptitiously also mails the password(s) and/or plaintext back to him, and hopes that the recipient doesn't notice the lack of a digital signature. ___ Michael Paul Johnson http://ebible.org/mpj
Re: Building crypto archives worldwide to foil US-built Berlin Walls
At 09:10 AM 12/8/1998 -0500, John Young wrote: In response to John Gilmore's call for a foil to US-Wassenaar restrictions acoming, we've put up a preliminary list of international cryptography sources for mirroring: http://jya.com/crypto-free.htm See also http://cryptography.org/freecryp.htm This is a quick starter-kit and is far from comprehensive. Contributions welcome. Ken Williams offers an impressive (177MB) crypto/stego archive: http://www.genocide2600.com/~tattooman/cryptography/ ___ Michael Paul Johnson http://ebible.org