Re: World's most powerful supercomputer goes online
On Sat, Sep 01, 2007 at 03:46:45PM +1200, Peter Gutmann wrote: I feel I should add a followup to the earlier post, this was implied by the rhetorical question about what the LINPACK performance of a botnet is, but I'll make it explicit here: The standard benchmark for supercomputers is the LINPACK linear-algebra mathematical benchmark. Now in practice the LINPACK performance of a botnet is likely to be nowhere near that of a specially-designed supercomputer, since it's more a distributed grid than a monolithic system. On the other hand bot- herders are unlikely to care much about the linear algebra performance of their botnet since it doesn't represent the workload of any of the tasks that such a system would be used for. Another interesting use may be data hiding. The botnet software could store information in RAM (never on disk), and replicate it to other nodes. If one node goes down, other nodes will still have the information. If one node detects that virusscanners or forensic tools are being used, it can easily wipe the information from RAM or just reboot the machine without fear that the information would really be lost.=20 Experience with tinc (a VPN daemon with peer-to-peer like architecture, which replicates certain information to all daemons in a single VPN), showed that even in a network with only 20 nodes, it is extremely hard to get rid of information. You either need to shut down all daemons at the same time to make sure all state is lost, or modify the software to allow explicit deletion of certain information. With more that 1 million nodes it will be even harder to delete data. -- Met vriendelijke groet / with kind regards, Guus Sliepen [EMAIL PROTECTED] signature.asc Description: Digital signature
Re: debunking snake oil
On Sat, Sep 01, 2007 at 02:39:49PM +0200, Marcos el Ruptor wrote: You can start with RSA SecurID, Texas Instruments DST40, Microchip Technologies KeeLoq, Philips/NXP Hitag2, WEP RC4, Bluetooth E0, GSM A5... I didn't realise the current SecurID tokens had been broken. A quick Google doesn't show anything, but I'm probably using the wrong terms. Do you have references for this that I could have a look at? Thanks, -- Paul - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: debunking snake oil
I didn't realise the current SecurID tokens had been broken. A quick Google doesn't show anything, but I'm probably using the wrong terms. Do you have references for this that I could have a look at? http://eprint.iacr.org/2003/162.pdf This attack may not be as practical as an algebraic attack would be, but it shows that SecurID keyed hash function is in fact weaker than what its claimed 64-bit security level demands. AFAIK, algebraic cryptanalysis of the RSA SecurID keyed hash function by the academic sector hasn't even been performed yet. Their new tokens use AES-128. Maybe they do learn after all... Ruptor http://defectoscopy.com/ - There is no need to design weak ciphers. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: World's most powerful supercomputer goes online
On Sun, 2 Sep 2007 14:48:31 +0200 plus or minus some time Guus Sliepen [EMAIL PROTECTED] wrote: Experience with tinc (a VPN daemon with peer-to-peer like architecture, which replicates certain information to all daemons in a single VPN), showed that even in a network with only 20 nodes, it is extremely hard to get rid of information. You either need to shut down all daemons at the same time to make sure all state is lost, or modify the software to allow explicit deletion of certain information. With more that 1 million nodes it will be even harder to delete data. Actually the stormworm network illustrates this example perfectly. As with most DHT based P2P networks, stormworm suffers from latent/stale node data still in the memory of other nodes. Asside from the overnet peer bootstrap files for each stormworm node, the list of nodes in the network is distributed in memory across all the nodes. Stormworm is especially bad because the authors didn't take the latent data problem into account. There is no built-in mechanism for a botted host to remove dead peers from their list in memory. With tens of thousands of nodes, IPs of machines that were infected and cleaned weeks ago still occasionally show up. I suspect this behavior is the primary source of the ridiculously high (and inaccurate) estimates for the size of the stormworm botnet. Brandon - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: debunking snake oil
On Fri, August 31, 2007 18:54, Stephan Neuhaus wrote: Fun, See German patent document DE10027974A1 (application was refused in 2006). Axel H. Horns - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: debunking snake oil
On Sun, Sep 02, 2007 at 06:26:33PM -0400, Vin McLellan wrote: At 12:40 PM 9/2/2007, Paul Walker wrote: I didn't realise the current SecurID tokens had been broken. A quick Google doesn't show anything, but I'm probably using the wrong terms. Do you have references for this that I could have a look at? I'd also be interested in any evidence that the SecurID has been cracked. Any credible report would have the immediate attention of tens of thousands of RSA installations. Not to speak of EMC/RSA. itself, for which I have been a consultant for many years. That's right, you have. As I recall, the last time you posted here was when you tried to defend RSA's decision to sell no-human-interaction tokens. At that time, I asked you whether you were posting for yourself or whether someone at RSA had asked you to post here, and you declined to respond. I think it's important that we know, when flaws in commercial cryptographic products are being discussed, what the interests of the parties to the discussion are. So, I'll ask again, as I did last time: when you post here, both in this instance and in past instances, is it at your own behest, or that of RSA? Thor - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
News on stolen Australian Law Enforcement Secure Radios
http://www.news.com.au/story/0,23599,22345160-2,00.html APEC security arrangements have been thrown into disarray with the theft of digitally encrypted police radios and a bullet-proof vest. The Sunday Telegraph reports that statewide memos have been issued to police working during the APEC weekend to advise against using special frequencies that can be picked up by the missing radios. The loss of the vital pieces of equipment poses a major headache for NSW Police, who are under extreme pressure from both the State and Federal governments to ensure there are no security breaches over the APEC weekend. --- What no Over The Air Re-keying for net exclusion, or perhaps the radios aren't unique? It's my understanding that the Project 25 stuff used in the U.S. wouldn't be similarly vulnerable on two counts: OTAR with remote key management and role based security. more in the Australian news article: Worth around $5000 each, the digital encryption system radios cannot be picked up by regular scanners. The NSW Government has spent an estimated $18 million in the past three years to convert the old police radio network to a digital system. The source said it was understood several digital radios had also been stolen from NSW Fire Brigade stations in the inner west in recent weeks. --- I'd imagine if they are actually vulnerable as a result of the radio thefts, they've bought the wrong equipment, or at least certainly paid too much. Note the contrast with the Olympics: http://www.abc.net.au/news/stories/2004/08/11/1174423.htm Radio theft 'doesn't compromise' Games security Posted Wed Aug 11, 2004 9:54pm AEST Thieves have stolen six communication radios used by Olympic Games organisers but police say the state-of-the-art devices pose no security risk. ... They were taken on the night of August 4 from cardboard boxes that contained other equipment, but they cannot be used by anyone now, Mr Economou said. --- What appears to have rendered them harmless is that they weren't keyed. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
