Re: [cryptography] [Cryptography] Boing Boing pushing an RSA Conference boycott
On 16/01/14 11:34, coderman wrote: > On Wed, Jan 15, 2014 at 5:38 PM, arne renkema-padmos > wrote: >> ... Also, I >> would like to have doctors fixing things like intestinal ruptures, not >> some kid with their parent's sewing kit :P > > > i think you misunderstand some of my intent: > > to be a competent developer, you must be expert in myriad > technologies, systems, protocols, etc. however, this would be par > for the course - a standard requirement - the lowest common > denominator. > > this might imply that you apprentice, red team, blue team, triage, bug > fix, and otherwise work on software systems for decades before > becoming competent enough to be a "developer". > > i've been at this far too long and still not capable enough for solid dev! ;) If you only let these mythical omnipotent "developers" of yours near any IT system then the economy will grind to a halt. I think a better alternative is to look not just at usability of cryptosystems for users, but also to look at the usability of cryptosystems for implementers, because these are the two spots where most mistakes are likely to be made. The latter hasn't had as much focus AFAIK, but from what I've seen there's a growing focus on the problem of "dev-proofing" in addition to "user-proofing". >>> 2) Educational Support Everywhere >>> Establish lock picking, computing, and hacking curriculum in pre >>> school through grade school with subsidized access to technical >>> resources including mobile, tablet, laptop test equipment, grid/cloud >>> computing on-demand, software defined radios with full >>> receive/transmit, and gigabit internet service or faster. >> >> If we already have problems trying to keep religion out of schools, how >> are you going to get HackEd into school? ;) > > > i tried a "hackers for jesus" approach in my local sunday school > teaching 5 years old squeak... but it was as well received as my "lock > pickers for the lord" tial at the baptist day care... That is a noble cause, and I applaud your efforts. -- Arne Renkema-Padmos @hcisec, secuso.org Doctoral researcher CASED, TU Darmstadt ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] [Cryptography] Boing Boing pushing an RSA Conference boycott
Punishing RSA is work for bloodthirsty media and its fans. Public crypto needs much better to offer the public than entertaining evanescent revenge. 3DES is intriguing. Publicizing a list of other well-tested ciphersystems would be constructive alternatives to "nothing can be done, authority always wins." Public loss of trust in any comsec and crypto is ever present. As a consumer, I want you to give me something useable and reliable for ordinary use not weapons-grade illusion of infallibility. Ban the use of "unbreakable." Stop tinkering with old reliable OTP with digital simulacra. Stop blaming users for faulty implementation. Civil engineers never say a dam is infallible, they say it will fail, watch for well-known weak spots, prepare to patch and maintain continuously, and never forget the disasters of over-confidence, limited construction budgets, cut backs in maintenance, and water policy exploiters. Earthen dams without sluices, relying upon mass and gravity, outlast reinforced concrete "monoliths" perforated with umpteen ways to monetize the water flow, nowadays usually to run more server farms near hydropower facilities. I'd like an earthen dam crypto tool I can watch myself for leaks. I got PGP 2.6. Anything better that is not reliant up commercially biased assurances? BTW, why is PGP Inc and IBM Inc not being bashed like RSA Inc? At 01:26 AM 1/16/2014, you wrote: At 12:48 PM 1/15/2014, Phillip Hallam-Baker wrote: What then should we do about all the folk clinging to 3DES? How about the people who stuck with MD5? How about the people who have not junked SHA-1? Ignoring Phill's perfectly reasonable main point, what's wrong with 3DES? Sure, it's clunky, takes lots of bit-twiddling, is a good bit slower and larger than AES, and only gives you ~112 bits of security for your 168 bits of keys, but is there anything wrong with it other than being not as good as some of the alternatives? (Ok, and maybe a bit of power analysis risk, depending on your implementation.) It's not like MD5 where there are theoretical attacks that make it much weaker? ___ The cryptography mailing list cryptogra...@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] [Ach] Better Crypto
Hi Peter, hi list, On Jan 16, 2014, at 1:13 PM, Peter Gutmann wrote: > "L. Aaron Kaplan" writes: > >> So, Peter, how about this approach? > > Sorry about the delayed reply, too much other stuff on my plate at the > moment... > >> 1. We will have three config options: cipher String A,B,C ( generic safe >> config, maximum interoperability (== this also makes the mozilla people happy >> then) and finally a super-hardened setting (with reduced compatibility)). >> Admins will get a choice and explanations on when to use which option. > > That sounds good. > okay. We'll discuss this at the next meeting of co-writers then . >> 3. we give people a config generator tool on the webpage which gives them >> snippets which they can include into their webservers, mailservers etc. The >> tool also shows admins (color codes?) which settings are compatible, unsafe >> etc. > > Now that would be very useful. > :) >> 4. In addition to having the config generator on the web page, the config >> snippets are moved to the appendix (as you suggested). The theory section >> moves up. > > Yup, good idea. The single-location-for-config solves the problem of having a > cut&paste of the same (or possibly somewhat out-of-sync when the doc is > updated) text in a dozen or more locations. > same comment applies: I'll discuss this with the co-writers. We skipped the meeting the last Monday and there are many pull requests and change requests in the queue. So, we'll have to resume working on the draft version soon. Thanks very much for your great input and comments! Aaron. --- // L. Aaron Kaplan - T: +43 1 5056416 78 // CERT Austria - http://www.cert.at/ // Eine Initiative der nic.at GmbH - http://www.nic.at/ // Firmenbuchnummer 172568b, LG Salzburg signature.asc Description: Message signed with OpenPGP using GPGMail ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] pie in sky suites - long lived public key pairs for persistent identity
On Fri, Jan 3, 2014 at 11:42 AM, coderman wrote: > use case is long term (decade+) identity ... key signs > working keys tuned for speed with limited secret > life span (month+). i should have better clarified intent: - long term keys are offline, otherwise better protected (for arbitrary degrees of "beyond the everyday level"). thwarting active attacks or chosen input attacks is explicitly intended. - long term keys can be large, or slow, or demand elevated protections and blinding, or other mechanisms which aggravate to point of disabling or calling to costly with respect to the working / short term keys. applying all reasonable protections is specifically intended. - long term keys may be M of N threshold schemes for group or ceremony based attestations for other long term keys, working keys, or secure identifiers in general. said another way, long term keys are specifically intended as trust anchors in public key systems of various types. thanks all for the input that followed; i appreciate it! best regards, ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] [Ach] Better Crypto
"L. Aaron Kaplan" writes: >So, Peter, how about this approach? Sorry about the delayed reply, too much other stuff on my plate at the moment... >1. We will have three config options: cipher String A,B,C ( generic safe >config, maximum interoperability (== this also makes the mozilla people happy >then) and finally a super-hardened setting (with reduced compatibility)). >Admins will get a choice and explanations on when to use which option. That sounds good. >3. we give people a config generator tool on the webpage which gives them >snippets which they can include into their webservers, mailservers etc. The >tool also shows admins (color codes?) which settings are compatible, unsafe >etc. Now that would be very useful. >4. In addition to having the config generator on the web page, the config >snippets are moved to the appendix (as you suggested). The theory section >moves up. Yup, good idea. The single-location-for-config solves the problem of having a cut&paste of the same (or possibly somewhat out-of-sync when the doc is updated) text in a dozen or more locations. Peter. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] [Cryptography] Boing Boing pushing an RSA Conference boycott
On Wed, Jan 15, 2014 at 5:38 PM, arne renkema-padmos wrote: > ... Also, I > would like to have doctors fixing things like intestinal ruptures, not > some kid with their parent's sewing kit :P i think you misunderstand some of my intent: to be a competent developer, you must be expert in myriad technologies, systems, protocols, etc. however, this would be par for the course - a standard requirement - the lowest common denominator. this might imply that you apprentice, red team, blue team, triage, bug fix, and otherwise work on software systems for decades before becoming competent enough to be a "developer". i've been at this far too long and still not capable enough for solid dev! ;) >> 2) Educational Support Everywhere >> Establish lock picking, computing, and hacking curriculum in pre >> school through grade school with subsidized access to technical >> resources including mobile, tablet, laptop test equipment, grid/cloud >> computing on-demand, software defined radios with full >> receive/transmit, and gigabit internet service or faster. > > If we already have problems trying to keep religion out of schools, how > are you going to get HackEd into school? ;) i tried a "hackers for jesus" approach in my local sunday school teaching 5 years old squeak... but it was as well received as my "lock pickers for the lord" tial at the baptist day care... please advise of greater successes you encounter! "L'enfer, c'est les autres," - Sartre ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
