Re: Wiretap Act Does Not Cover Message 'in Storage' For Short Period(was Re: BNA's Internet Law News (ILN) - 2/27/03)
John says: Wireless is a horse of a different color. IANAL but the last time I looked, there was no federal law against intercepting most wireless signals, but you were (generally) not allowed to disclose the contents to anyone else. No longer, if it ever was. It's a crime, as evidenced by the wireless scandal a few years back when some Democrat partisan intercepted communications of Republican leadership in Florida, then talked. The simple act of interception was illegal. Will Rodger - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Proven Primes
I'm looking for a list or lists of sensibly sized proven primes - all the lists I can find are more interested in records, which are _way_ too big for cryptographic purposes. By sensibly sized I mean in the range 512-8192 bits. I'm particularly after Sophie Germain primes right now, but I guess all primes are of interest. Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit. - Robert Woodruff - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
RE: Scientists question electronic voting
Ian Brown[SMTP:[EMAIL PROTECTED] wrote: Ed Gerck wrote: Printing a paper receipt that the voter can see is a proposal that addresses one of the major weaknesses of electronic voting. However, it creates problems that are even harder to solve than the silent subversion of e-records. For example, using the proposed system a voter can easily, by using a small concealed camera or a cell phone with a camera, obtain a copy of that receipt and use it to get money for the vote, or keep the job. And no one would know or be able to trace it. As a voter could record what they did with pencil-and-paper or a mechanical voting machine. The partial defence in all three systems is that the voter should be able to void the vote after photographing a receipt to hand over later to the vote-buyer, and then cast a real vote. In the UK, for example, you can obtain a new ballot paper from a polling station official in exchange for a spoiled one. I believe Rebecca Mercuri has always suggested that a voter should be able to confirm whether a receipt printed by an electronic voting machine correctly records their intended vote, and if not to void it. I'd prefer that the printed receipt be retained at the polling station, after the voter has had an opportunity to examine it. This serves two purposes: First, it prevents the vote selling described above, and second, if a recount is required, it allows the recount to be done on the basis of a trustworthy record, already certified by the voter as accurate. This loses some of the economic benefits of all-electronic systems, since security still needs to be provided for the receipts for some period, but is far less prone to invisible abuse. Peter Trei - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
ENC: Proven Primes
-Mensagem original- De: Ben Laurie [mailto:[EMAIL PROTECTED] Enviada em: quinta-feira, 6 de março de 2003 08:47 Para: Cryptography Assunto: Proven Primes I'm looking for a list or lists of sensibly sized proven primes - all the lists I can find are more interested in records, which are _way_ too big for cryptographic purposes. By sensibly sized I mean in the range 512-8192 bits. I'm particularly after Sophie Germain primes right now, but I guess all primes are of interest. You might look at the IKE groups The Internet Key Exchange (IKE) http://www.ietf.org/rfc/rfc2409.txt More MODP Diffie-Hellman groups for IKE http://www.ietf.org/internet-drafts/draft-ietf-ipsec-ike-modp-groups-05. txt Regards, Mads - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Proven Primes
- Original Message - From: Ben Laurie [EMAIL PROTECTED] To: Cryptography [EMAIL PROTECTED] Sent: Thursday, March 06, 2003 6:47 AM Subject: Proven Primes I'm looking for a list or lists of sensibly sized proven primes - all the lists I can find are more interested in records, which are _way_ too big for cryptographic purposes. I'm not aware of such a list. If you can't find any you can generate the list yourself using ECPP (Elliptic Curve Primality Proving), an implementation of which is available here http://www.lix.polytechnique.fr/~morain/Prgms/ecpp.english.html The result of ECPP is guaranteed (no probability of error), and provides a certificate of primality for integers that are proven to be prime. A competing algorithm is the Jacobi Sums test, but it is much more complicated, so implementation errors are not to be disregarded, with ECPP the verification of a primality certificate is simple to implement, so you can make sure that there were no errors in the implementation of the proving algorithm. There is also the new algorithm by Agrawal, Kayal and Saxena, but I don't believe that it is efficient in practice for the sizes of integers you are looking at. Also note that if you assume the Extended Riemann Hypothesis (ERH) to be true, you can use the Miller-Rabin algorithm in a deterministic fashion in polynomial time with no probability error. The ECPP package is easy to use and fast. The site gives benchmarks for proving 512-bit primes: Pentium III (450MHz)4.4 sec Solaris 5.7 9.5 sec Alpha EV56 (500MHz) 4 sec I suggest you generate potential Sophie Germain primes q using your favorite library (I use OpenSSL for example) and then use the ECPP package to verify that in fact both q and 2q + 1 are really prime. --Anton - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Proven Primes
I believe the IPSec primes had been proven. All are SG primes with a g=2 Check RFC 2412, draft-ietf-ipsec-ikev2-05.txt, and draft-ietf-ipsec-ike-modp-groups-05.txt However, I don't seen any primality proof certificates included in the texts. On Thu, 6 Mar 2003, Ben Laurie wrote: I'm looking for a list or lists of sensibly sized proven primes - all the lists I can find are more interested in records, which are _way_ too big for cryptographic purposes. By sensibly sized I mean in the range 512-8192 bits. I'm particularly after Sophie Germain primes right now, but I guess all primes are of interest. Cheers, Ben. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
RE: Scientists question electronic voting
Peter Trei wrote: I'd prefer that the printed receipt be retained at the polling station, after the voter has had an opportunity to examine it. This serves two purposes: First, it prevents the vote selling described above, and second, if a recount is required, it allows the recount to be done on the basis of a trustworthy record, already certified by the voter as accurate. Indeed, that's essential for both the reasons you state. Mercuri's design is for the voter to see the printed receipt behind a glass screen. They then press a Yes or No button to either vote and send the receipt to the trustworthy record, or void it and send the receipt to the bin. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Wiretap Act Does Not Cover Message 'in Storage' For Short Period(was Re: BNA's Internet Law News (ILN) - 2/27/03)
Will Rodger wrote: John says: Wireless is a horse of a different color. IANAL but the last time I looked, there was no federal law against intercepting most wireless signals, but you were (generally) not allowed to disclose the contents to anyone else. No longer, if it ever was. It's a crime, as evidenced by the wireless scandal a few years back when some Democrat partisan intercepted communications of Republican leadership in Florida, then talked. The simple act of interception was illegal. Next time, before disagreeing with someone: a) Please read what he actually wrote, and b) Don't quote snippets out of context. Three sentences later, at the end of the paragraph that began as quoted above, I explicitly pointed out that cellphone transmissions are a more-protected special case. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Scientists question electronic voting
- Original Message - From: Bill Frantz [EMAIL PROTECTED] To: Ed Gerck [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Thursday, March 06, 2003 2:14 AM Subject: Re: Scientists question electronic voting [..] The best counter to this problem is widely available systems to produce fake photos of the vote, so the vote buyer can't know whether the votes he sees in the photo are the real votes, or fake ones. The easiest way to implement is to let people photograph the paper on the sample/practice -- not for real voting -- machine that poll workers use to teach voters how to use the real machines. An extortionist could provide their own camera device to the voter, which has a built in clock that timestamps the photos and does some watermarking, or something like that, which could complicate the counter-measures. But this problem already exists with current non-electronic voting scheme. It depends on the value attributed to a vote (would an extortionist be willing to provide these custom devices?). --Anton - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Scientists question electronic voting
On Wed, 5 Mar 2003, Bill Frantz wrote: The best counter to this problem is widely available systems to produce fake photos of the vote, so the vote buyer can't know whether the votes he sees in the photo are the real votes, or fake ones. blink, blink. you mean *MORE* widely available than photoshop/gimp/illustrator/etc? Let's face it, if somebody can *see* their vote, they can record it. and if someone can record it, then systems for counterfeiting such a record already exist and are already widely dispersed. If the republicans, democrats, greens, libertarians, natural law party, and communist party all offer you a bottle of beer for a record of your vote for them next year, there's no reason why you shouldn't go home without a six-pack. Bear - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Scientists question electronic voting
- Original Message - From: Ed Gerck [EMAIL PROTECTED] [...] This is not possible for current paper ballots, for several reasons. For example, if you take a picture of your punch card as a proof of how you voted, what is to prevent you -- after the picture is taken -- to punch another hole for the same race and invalidate your vote? Or, to ask the clerk for a second ballot, saying that you punched the wrong hole, and vote for another candidate? The same happens for optical scan cards. These proofs are easily deniable and, thus, have no value to prove how the voter actually voted. Likewise, electronically, there is no way that a voter could prove how he voted, even if the confirmation screen does list all the choices that the voter has chosen, if that screen has two buttons: go back, confirm, and a suitable logic. After the voter presses confirm the voter sees a thank you screen without any choices present. The logic canbe set up in such a way in terms of key presses and intermediate states that even photographing the mouse cursor on a pressed confirm button does not prove that the voter did not take the mouse out and, instead, pressed the go back button to change his choices. Well the whole process can be filmed, not necessarily photographed... It's difficult to counter the attack. In you screen example, you can photograph the vote and then immediately photograph the thank you, if the photographs include the time in milliseconds, and the interval is short, you can be confident to some degree that the vote that was photographed was really the vote that was casted. You can have tamper resistant film/photograph devices and whatever you want, have the frames digitally signed and timestamped, but this is where I point out that you need to consider the value of the vote to estimate how far an extortionist would be willing to go. --Anton - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: double shot of snake oil, good conclusion
Tal Garfinkel wrote: The value of these type of controls that they help users you basically trust who might be careless, stupid, lazy or confused to do the right thing (however the right thing is defined, according to your company security policy). It beats me that users you basically trust might also be careless, stupid, lazy or confused ;-) Your point might be better expressed as the company security policy would be followed even if you do NOT trust the users to do the right thing. But, as we know, this only works if the users are not malicious, if social engineering cannot be used, if there are no disgruntled employees, and other equally improbable factors. BTW, one of the arguments that Microsoft uses to motivate people to be careful with unlawful copies of Microsoft products is that disgruntled employees provide the bulk of all their investigations on piracy, and everyone has disgruntled employees. We also know that insider threats are responsible for 71% of computer fraud. Thus, the lack of value of these type of controls is to harass the legitimate users and give a false sense of security. It reminds me of a cartoon I saw recently, where the general tells a secretary to shred the document, but make a copy first for the files. Cheers, Ed Gerck - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Scientists question electronic voting
Anton Stiglic wrote: -Well the whole process can be filmed, not necessarily photographed... It's difficult to counter the attack. In you screen example, you can photograph the vote and then immediately photograph the thank you, if the photographs include the time in milliseconds, and the interval is short, you can be confident to some degree that the vote that was photographed was really the vote that was casted. You can have tamper resistant film/photograph devices and whatever you want, have the frames digitally signed and timestamped, but this is where I point out that you need to consider the value of the vote to estimate how far an extortionist would be willing to go. The electronic process can be made much harder to circumvent by allowing voters to cast any number of ballots but counting only the last ballot cast. Since a voter could always cast another vote after the one that was so carefully filmed, there would be no value for such film. BTW, a similar process happens in proxy voting for shareholders meeting, where voters can send their vote (called a proxy) before the meeting but can also go to the meeting and vote any way they please -- trumping the original vote. Much work needs to be done, and tested, to protect the integrity of public elections. Even with all such precautions, if the choices made by a voter are disclosed (ie, not just the tally for all voters) then a voter can be identified by using an unlikely pattern -- and the Mafia has, reportedly, used this method in Italy to force (and enforce) voter choices in an otherwise private ballot. Cheers, Ed Gerck - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Proven Primes
- Original Message - From: Ben Laurie [EMAIL PROTECTED] To: Anton Stiglic [EMAIL PROTECTED] [Talking about the ECPP package...] I'm not convinced any of those binaries are going to run on my system (which is FreeBSD), and anyway, if I'm going to use a binary to do ECPP I may as well shove it through Mathematica - much prettier UI :-) Is their no free implementation of ECPP? Is there at least a free verifier? It's been a while since I tried it, I don't remember which platform and OS I used (a pentium with some sort of Linux) but I know that I didn't have any problems using it. I think that ECPP comes with a Maple certificate verifier, which might be what you are looking for. I think you can also convert certificates to Mathematica format. So once you have these certificates of primality it's easy to verify them. But I haven't tried any of those features... --Anton - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
RE: Scientists question electronic voting
Peter Trei wrote: I'd prefer that the printed receipt be retained at the polling station, after the voter has had an opportunity to examine it. This serves two purposes: First, it prevents the vote selling described above, and second, if a recount is required, it allows the recount to be done on the basis of a trustworthy record, already certified by the voter as accurate. Then there is the problem that the printed receipt must not be usable to determine who voted for who, even knowing in which order the voters went to the machine. Therefore the printed receipts must be shuffled. Which brings us straight back to papers in a box, that we shake before opening. Every way I look at it, electronic voting has a hard time to match the resilience to abuse of the traditional bulletin-in-an-enveloppe-in-a-box. Francois Grieu - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
RE: Scientists question electronic voting
Francois Grieu[SMTP:[EMAIL PROTECTED] Peter Trei wrote: I'd prefer that the printed receipt be retained at the polling station, after the voter has had an opportunity to examine it. This serves two purposes: First, it prevents the vote selling described above, and second, if a recount is required, it allows the recount to be done on the basis of a trustworthy record, already certified by the voter as accurate. Then there is the problem that the printed receipt must not be usable to determine who voted for who, even knowing in which order the voters went to the machine. Therefore the printed receipts must be shuffled. Which brings us straight back to papers in a box, that we shake before opening. Every way I look at it, electronic voting has a hard time to match the resilience to abuse of the traditional bulletin-in-an-enveloppe-in-a-box. Francois Grieu I absolutely agree. Here in the US, where voters often have to make over a dozen choices each time they vote, the value of automating the process is significant. But it *must* be done in a way which increases voter confidence in the result. Ballot boxes are also subject to many forms of fraud. But a dual system (electronic backed up by paper) is more resistant to attack then either alone. Peter - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Wiretap Act Does Not Cover Message 'in Storage' For Short Period
At 4:57 PM -0500 3/5/03, John S. Denker wrote: Tim Dierks wrote: In order to avoid overreaction to a nth-hand story, I've attempted to locate some primary sources. Konop v. Hawaiian Airlines: http://laws.lp.findlaw.com/getcase/9th/case/9955106pexact=1 [US v Councilman:] http://pacer.mad.uscourts.gov/dc/opinions/ponsor/pdf/councilman2.pdf Well done. Thanks. I'd be interested in any opinions on how this affects the government's need to get specific wiretap warrants; I don't know if the law which makes illicit civilian wiretapping illegal is the same code which governs the government's ability (or lack thereof) to intercept communications. 0) IANAL. But as to the question of same code, the answer is clearly no. I2ANAL, but I don't think that's clear at all, unless your are talking about specific paragraphs within the Wiretap Act and the Stored Communications Act. 1) As to government-authorized intercepts, see http://www.eff.org/Privacy/Surveillance/Terrorism_militias/20011031_eff_usa_patriot_analysis.html which gives a plain-language discussion of at least eight different standards under which some sort of authorization could be obtained. Also note that neither Konop nor Councilman involved government intercepts, so you can't learn anything about authorized intercepts by studying them. Also note that post-9/11 laws have superseded everything you might previously have known on the subject. The Konop decision specifically talks about government intercepts. See section B7, for example. They even discuss the post 9/11 situation in B6. 2) As to intercepts by civilians, it's wrong, and it may be punishable under many different theories and standards, including invasion of privacy, copyright infringement, computer trespass, computer vandalism, simple theft of things of value, and who-knows-what else. Add the Railway Labor Act in this case. 4) Crypto-related sidelight: I wonder what would have happened if Konop had encrypted his sensitive data. (eBook format or the like. :-) Then could he have used the draconian provisions of the DMCA against his opponent (Hawaiian Airlines)? There are some who would argue that the simple password protection scheme Knopp used would be a technological protection covered under DMCA. However, the penalty for access to protected material, as opposed to trafficking in technology, is a $2000 fine, which may not seem draconian to an airline. Arnold Reinhold - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Wiretap Act Does Not Cover Message 'in Storage' For Short Period (was Re: BNA's Internet Law News (ILN) - 2/27/03)
John says: Next time, before disagreeing with someone: a) Please read what he actually wrote, and b) Don't quote snippets out of context. Three sentences later, at the end of the paragraph that began as quoted above, I explicitly pointed out that cellphone transmissions are a more-protected special case. Well, I did the first and, I thought, avoided the second. I misunderstood what you meant. Sorry. Will - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Delta CAPPS-2 watch: decrypt boarding passes!
John, John Gilmore [EMAIL PROTECTED] writes: And, besides identifying what cities they're doing this in, we should also start examining a collection of these boarding passes, looking for the encrypted let me through without searching me information. Or the Don't let me fly information. Then we can evaluate how easy it would be to turn one into another. (Don't mistake a system that claims to provide security for one that actually does.) When I flew on US-Airways out of BAL last year, they had a marking on the boarding pass that signified search this person. If your boarding pass had the mark, you were searched as you tried to board. If it did not, then you were not searched. I'm flying United out to the IETF next week, so I'll gladly report my findings. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH [EMAIL PROTECTED]PGP key available - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Scientists question electronic voting
bear wrote: Let's face it, if somebody can *see* their vote, they can record it. Not necessarily. Current paper ballots do not offer you a way to record *your* vote. You may even photograph your ballot but there is no way to prove that *that* was the ballot you did cast. In the past, we had ballots with different collors for each party ;-) so people could see if you were voting Republican or Democrat, but this is no longer the case. and if someone can record it, then systems for counterfeiting such a record already exist and are already widely dispersed. It's easier than one may think to have a reliable proof, if you can photograph the ballot that you *did* cast (as in that proposal for printing a paper receipt with your vote choices) -- just wait out of the poll place and demand the film right there, or wait out of the poll place, hear the voter's voice right then and get the image sent by the cell phone before the voter leaves the poll booth. Cheers, Ed Gerck - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Re: Delta CAPPS-2 watch: decrypt boarding passes!
On Thu, Mar 06, 2003 at 01:50:44PM -0500, Derek Atkins wrote: [...] When I flew on US-Airways out of BAL last year, they had a marking on the boarding pass that signified search this person. If your boarding pass had the mark, you were searched as you tried to board. If it did not, then you were not searched. [...] -derek Are you referring to the string on the boarding pass? That indicated that you were going to be searched by the boarding gate TSA people whether they were going to decide to search you or not (they still picked up random people without the search string on their boarding passess). Both JFK and SFO have stopped gate searches. Searches at security are still decided by the TSA personnel there (they don't get to see your boarding pass). LHR still has gate searches, and the mix of people they were searching looked fairly random. I don't know if any of them had been flagged by the computers, or if the gate security personnel had picked them out. I wasn't searched, either going through security or at the gate, but when I tried going from the gate area back into the duty-free area they were pretty thorough (but exceedingly polite). /ji - KC2IER -- /\ ASCII ribbon | John JI Ioannidis * Secure Systems Research Department \/campaign| ATT Labs - Research * Florham Park, NJ 07932 * USA /\against | Intellectuals trying to out-intellectual / \ HTML email. | other intellectuals (Fritz the Cat) - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Delta CAPPS-2 watch: decrypt boarding passes!
John Ioannidis [EMAIL PROTECTED] writes: Are you referring to the string on the boarding pass? That indicated that you were going to be searched by the boarding gate TSA people whether they were going to decide to search you or not (they still picked up random people without the search string on their boarding passess). Yes, that's what I was referring to. I didn't recall exactly what the mark was, but sounds right. I was just annoyed because they flagged about 30% of the flight. Even though I was seated in like row 15/22 (in the second group to get boarded), by the time I actually made it through the line they had already finished normal boarding and closed the gate doors. Both JFK and SFO have stopped gate searches. Searches at security are still decided by the TSA personnel there (they don't get to see your boarding pass). Hmm. Well, I'll let you know about BOS. And I'll find out about ORD on my return flight. I consider gate checks rather rude, but then again I consider commercial travel in general rather annoying. If it weren't going to take me 3 days (rather than 6 hours) I would have just flown myself out to SF -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH [EMAIL PROTECTED]PGP key available - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Changes may follow Yale hoax e-mail
http://www.yaledailynews.com/articlefunctions/Printerfriendly.asp?AID=22111 yaledailynews.com - Changes may follow hoax e-mail Published Wednesday, March 5, 2003 Changes may follow hoax e-mail BY JESSAMYN BLAU Staff Reporter The Feb. 17 hoax e-mail that caused some students to miss classes and angered the administration could now lead to changes in Information Technology Services policy. The e-mail -- allegedly sent by Yale Provost Susan Hockfield -- informed undergraduates that classes had been cancelled because of inclement weather. Approximately one and a half hours later, University Secretary Linda Lorimer sent out an e-mail informing students that the first e-mail was a hoax. In order to prevent a similar situation in the future, ITS Director Philip Long said ITS is considering adding a link in all official e-mails to a protected Yale Web site that would display copies of the original message, creating a back-up security measure. Long said the hoax situation has been investigated, but that he could not comment on any recent developments that could lead to disciplinary action. While ITS is currently contemplating ways to reduce the impact of potential hoaxes, Long said there is no real way to prevent someone from sending such an e-mail. Anyone can dump an e-mail into a system, Long said. That doesn't make it an honest e-mail. But Long said because University officials send out so many e-mails, it is not clear whether all of them would have to be logged in a protected Yale Web site. Alexander Clark '04, founder of YaleStation.org, said using a Web site might not be entirely convenient. That certainly is one option, except that students might not go to the trouble of clicking on the URL, Clark said. Clark also said posting e-mails on the Internet could potentially make the e-mail accessible to unintended recipients. Instead of using a Web site, Clark said the use of digital certificates could be a more useful way of making official e-mails look more official. When you receive a certificate -- which is very difficult to forge -- an e-mail client is going to tell you whether it is a valid certificate, Clark said. In the hoax e-mail, the address in the Reply-to field was [EMAIL PROTECTED] Long said he has spoken with Zihal, a draper in the School of Drama's costume shop, and determined that she is an innocent victim. Long said the e-mail was a violation of a number of ITS policies because it impersonated Hockfield, victimized Zihal and caused annoyance and inconvenience to members of the Yale community. I think that most people are not looking for cheap thrills at the expense of the community, Long said. Bottom line, this is a question of trust. It might have more consequences than the person who casually initiated it had intended. Long said there is a law in Connecticut about the use of electronic communication for deceptive purposes, but said he is not sure whether this particular abuse could be prosecuted. -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire' - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Proven Primes
Ben Laurie writes:
I'm looking for a list or lists of sensibly sized proven primes - all
the lists I can find are more interested in records, which are _way_ too
big for cryptographic purposes.
Directory
ftp://ftp.ssh.com/pub/ietf/ecpp-certificates
contains ecpp certificates for IKE primes (768, 1024, 1536, 2048,
3072, 4096, 6144, 8192 bit Diffie-Hellman groups), i.e proven
Sophie-Germain primes.
The ikeprime-.txt is the prime itself and the
ikeprime-xxx{,-primo}-certificate.txt is the certificate for it. I
used two different programs to prove those primes primo and ecpp. The
primo was faster, thus bigger groups are only proven by that.
There is also certificates for (p - 1) / 2, but those are mostly
redundant as most certificates starts with N-1 test, which will
actually proves the (p - 1) / 2 also.
By sensibly sized I mean in the range 512-8192 bits. I'm particularly
after Sophie Germain primes right now, but I guess all primes are of
interest.
--
[EMAIL PROTECTED]
SSH Communications Security http://www.ssh.fi/
SSH IPSEC Toolkithttp://www.ssh.fi/ipsec/
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Scientists question electronic voting
Ed Gerck [EMAIL PROTECTED] writes: This is not possible for current paper ballots, for several reasons. For example, if you take a picture of your punch card as a proof of how you voted, what is to prevent you -- after the picture is taken -- to punch another hole for the same race and invalidate your vote? [...] On the other hand, photographing a paper receipt behind a glass, which receipt is printed after your vote choices are final, is not readily deniable because that receipt is printed only after you confirm your choices. The vote can't be final until the voter confirms the paper receipt. It's inevitable that some voters won't realize they voted the wrong way until seeing the printed receipt, so that has to be allowed for. Elementary human factors. But this whole discussion is terribly last century--still pictures are passe. What's the defense of any of these systems against cell phones that transmit live video? -dan - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Proven Primes
At 3:47 AM -0800 3/6/03, Ben Laurie wrote: I'm looking for a list or lists of sensibly sized proven primes - all the lists I can find are more interested in records, which are _way_ too big for cryptographic purposes. By sensibly sized I mean in the range 512-8192 bits. I'm particularly after Sophie Germain primes right now, but I guess all primes are of interest. Having set a computer to the problem of coming up with a Sophie Germain prime for the E startup protocol (Diffie-Hellman), I offer you: static final BigInteger g = new BigInteger(2); static final BigInteger modulus = new BigInteger(11973791477546250983817043765044391637751157152328012 + 72278994477192940843207042535379780702841268263028 + 59486033998465467188646855777933154987304015680716 + 74391647223805124273032053960564348124852668624831 + 01273341734490560148744399254916528366159159380290 + 29782321539388697349613396698017627677439533107752 + 978203); Cheers - Bill - Bill Frantz | Due process for all| Periwinkle -- Consulting (408)356-8506 | used to be the | 16345 Englewood Ave. [EMAIL PROTECTED] | American way. | Los Gatos, CA 95032, USA - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: 3-rotor enigma on ebay: $5200
At 9:17 AM -0800 3/6/03, Daniel Garcia wrote: On Thu, 6 Mar 2003, Don Davis wrote: http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItemitem=2162414185 i saw this on the boing-boing blog. Interesting, when i try to look at this from work (over in brighton, actually), i get: Dear User: Unfortunately, access to this particular category or item has been blocked due to legal restrictions in your home country. Based on our discussions with concerned government agencies and eBay community members, we have taken these steps to reduce the chance of inappropriate items being displayed. Regrettably, in some cases this policy may prevent users from accessing items that do not violate the law. At this time, we are working on less restrictive alternatives. Please accept our apologies for any inconvenience this may cause you, and we hope you may find other items of interest on eBay. But I can hit it from my dsl line at home (right up the road). I guess Verizon T1-land is restricted... I got that on my Safari beta browser. (Safari is Apple's new browser.) On the same machine with the same IP address I got the page using Netscape 4.77. There seems to be some strangeness with eBay. (I looked for a way to report the problem, but lost interest after shuffling through a few of their web pages.) Cheers - Bill - Bill Frantz | Due process for all| Periwinkle -- Consulting (408)356-8506 | used to be the | 16345 Englewood Ave. [EMAIL PROTECTED] | American way. | Los Gatos, CA 95032, USA - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Scientists question electronic voting
Dan Riley wrote: The vote can't be final until the voter confirms the paper receipt. It's inevitable that some voters won't realize they voted the wrong way until seeing the printed receipt, so that has to be allowed for. Elementary human factors. This brings in two other factors I have against this idea: - a user should not be called upon to distrust the system that the user is trusting in the first place. - too many users may reject the paper receipt because they changed their minds, making it impossible to say whether the e-vote was wrong or correct based on the number of rejected e-votes. But this whole discussion is terribly last century--still pictures are passe. What's the defense of any of these systems against cell phones that transmit live video? This was in my first message, and some subsequent ones too: For example, using the proposed system a voter can easily, by using a small concealed camera or a cell phone with a camera, obtain a copy of that receipt and use it to get money for the vote, or keep the job. And no one would know or be able to trace it. Cheers, Ed Gerck - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Scientists question electronic voting
On Thu, Mar 06, 2003 at 08:38:42PM -0500, Dan Riley wrote: But this whole discussion is terribly last century--still pictures are passe. What's the defense of any of these systems against cell phones that transmit live video? A Faraday cage. Seriously, what current or historic voting system would defend against these risks? We certainly don't want an electronic system that is more vulnerable than existing systems, but sticking with known-to-be-terrible systems is not a sensible choice either. -- Barney Wolff http://www.databus.com/bwresume.pdf I'm available by contract or FT, in the NYC metro area or via the 'Net. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: double shot of snake oil, good conclusion
Lotus Notes/Domino already has something similar to what Microsoft is proposing. You can designate an outgoing message as read-only. The end-user (if they are using a Notes Client) can only view the message, menu choices for printing and cutting/copy text are disabled. Forwarding the message is also disabled. Note you can still use a screen grabber to grab the image off the screen... Leave to Microsoft to claim it's a new idea. (Although, after using Notes/Domino for over a year, I heartily agree with Peter Guttman's assessment of it, and would definitely switch back to Outlook/Exchange if given the choice between the two. POP/IMAP would be even better). -- Neil Johnson http://www.njohnsn.com PGP key available on request. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
RE: Scientists question electronic voting
At 02:39 AM 3/6/03 +, Ian Brown wrote: Ed Gerck wrote: ... For example, using the proposed system a voter can easily, by using a small concealed camera or a cell phone with a camera, obtain a copy of that receipt and use it to get money for the vote, or keep the job. And no one would know or be able to trace it. As a voter could record what they did with pencil-and-paper or a mechanical voting machine. The big theoretical question is whether you could tell whether the vote-seller was faking it. A design goal ought to be to make plausible fake proofs of how you voted easy to generate, IMO. Why only sell your vote to one side, when you can sell it to both sides multiple times? In practice, if it's more trouble to generate fakes than to just vote and bring the proof to sell, then the individual vote seller will probably just vote as he's told. After all, most people eligible to vote don't bother most of the time; presumably, they just don't care that much who wins the next election. I assume most people who sell their votes aren't committed ideologues who are selling out their cause, but rather people who didn't much care either way. (But surely someone, somewhere has real data on this.) --John Kelsey, [EMAIL PROTECTED] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
