RE: Scientists question electronic voting

2003-03-06 Thread Francois Grieu 
Peter Trei wrote:

 I'd prefer that the printed receipt be retained at the polling
 station, after the voter has had an opportunity to examine it.
 This serves two purposes: First, it prevents the vote selling
 described above, and second, if a recount is required, it allows
 the recount to be done on the basis of a trustworthy  record,
 already certified by the voter as accurate.
Then there is the problem that the printed receipt must not be usable 
to determine who voted for who, even knowing in which order the 
voters went to the machine. Therefore the printed receipts must be 
shuffled. Which brings us straight back to papers in a box, that we 
shake before opening.

Every way I look at it, electronic voting has a hard time to match 
the resilience to abuse of the traditional 
bulletin-in-an-enveloppe-in-a-box.

  Francois Grieu

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Verizon appeals gainst RIAA's DMCA subpoena

2003-01-22 Thread Francois Grieu 
source:
http://www.theregister.co.uk/content/6/28976.html

Verizon appeals a court decision that it has to diclose one of its 
subscriber's identity following RIAA's claims that this subscriber 
illegally shared (or is it downloaded) copyrighted works.

Rationale for the appel includes that complying would "opens the door 
for anyone who makes a mere allegation of copyright infringement to 
gain complete access to private subscriber information without the 
due process protections afforded by the courts."

  Francois Grieu

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: Smartcard in CD

2002-08-27 Thread Francois Grieu 

Michael Heyman wrote:
>But, how do they power it?


>From 
>
>   An OPSECURE PROTECTED CD looks like a
>   regular CD but contains a smart card and
>   optical input-output system...
>
>   An OpSecure protected media does not
>   only reflect stamped or burnt information
>   but can also RECEIVE, STORE, PROCESS,
>   and TRANSMIT INFORMATION


Other issues:

- How compatible can it be with the zillion different models of 
CD/DVD-R+RW/Unamit drives and drivers around ? This will make or 
break market acceptance. Together with the power source, this was a 
big problem with devices emulating floppies (using 3.5" drives as SC 
reader), which I helped design in the 90's.

- What can be the thruoutput of the drive-to-OpSecure link ? The only 
way I can think of transmitting info in this direction is by seeking 
to a slightly different location on the CD and several photodetectors 
on the OpSecure. Seek times will limit the bandwidth to few bits per 
second. Caches on the drive will get into the way to suppress head 
movements. Read-without-cache do not exist on any drive (much less 
driver) that I know, and retrofiting the drive firmware or even 
driver won't happen, so the cache may have to be flushed by reading a 
lot of other data, and this will further reduce bandwidth. On the 
other hand, very few bits need to be transmitted (especially in this 
direction) for copy-protection purposes.


I'd rather bet on single-chip USB Smart Cards.


   François Grieu

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Any info on this maybe improved matrix algebra for GNFS?

2002-04-25 Thread Francois Grieu 

Found the following at


"(..) The paper, written by Nicko van Someren, CTO of nCipher Corp., a
security equipment vendor based in Cambridge, England (..) discloses
that (..) a student researcher at nCipher recently developed a new
implementation of a factoring method known as the General Number Field
Sieve, or GNFS, which could be used to factor a 512-bit key in about
three weeks using an off-the-shelf server with an Intel Corp. Itanium
processor. The calculations the student performed using the server are
the second phase of the GNFS method.
Previously, this process was thought to be feasible only on much more
powerful computers, such as Cray supercomputers."

In a recent message, Nicko van Someren confirms:
> My research student last winter showed that 512 bit keys can be
> factored in a matter of weeks using only the hardware found in a
> busy 70 person office."

Is there any info on the method used by this student to solve
the matrix algebra?

Is any novelty claimed beyond the technique used in

 "The program we used for this was optimized for running on vector
  computers, which is what CWI used for their record (RSA-155)
  factorization (..) We started to rewrite this program so that it
  would run better on the hardware available for us (..)
  Compaq generously let us use one of their quad processor
  ES40 systems. The total running time on this machine was 13 days,
  which is almost as good as the 16-processor Cray."

or to the one used in the recent

 "The block Lanczos algorithm produced 62 elements of the kernel of
  this matrix. This took two weeks on the six PCs on which the filter
  job was run."


TIA

  François Grieu



-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Alleged use of stego - a new claim (updated)

2001-10-13 Thread Francois Grieu 

On October 10, there has been press reports that a UK company, 
iomart, has unearthed coded messages on the Internet which may be 
linked to Osama bin Laden.

Links:
<http://www.ananova.com/news/story/sm_419821.html>
<http://www.businessam.co.uk/TodaysPaper/TodaysArticles/0,2910,54947,00.html>
<http://www.businessam.co.uk/TodaysPaper/TodaysArticles/0,2910,55039,00.html>>


Most of the data used by the above articles seem to originate from Mr 
Stephen Whitelaw, depicted as both iomart's chief entrepreneurial 
officer and steganography expert. The report are very vague, the best 
I can get of his claims is
- American intelligence officers asked the firm to scan its 27 
terabytes web database of  "inappropriate" material including 
pornography
- the search has identified hundreds of files, some of them 
containing Arabic text and dates (no claim of stego up to this point)
- the company's scan methods can detect data embedded using steganography
- enciphered data embedded using steganography is attributed to Osama bin Laden
- Osama bin Laden has been using steganography to send covert orders, 
and is still doing it.
The press reports do not depict Stephen Whitelaw as using conditional 
in  stating any of the above.

I am suspicious to the utmost:
- there is no claim the enciphered data was decoded, making it 
unclear how it was determined what it is.
- the whole mess is diluted in promotional talk.
- on October 10, 20:00 GMT, the front page of 
<http://www.iomart.com/> mentioned the discovery, with link to the 
businessam article. On October 11, these are replaced by promotional 
material for an email virus filter.
- An article/biography on Stephen Whitelaw and his former company 
(recently acquired by iomart) leaves me with the impression his talk 
is especialy cheap.
<http://www.computerheadline.com/BusinessMatters/January2001/actistech.asp>


I contacted ananova. Their story was written from information released
by or through the service of the London-based "Press Association"
(one service of which is to relay press releases). None of the two ananova
representative that kindly answered my mail claimed any checking was done.
One admitted "that the company's claims should have been addressed more
critically".


   Francois Grieu



-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Alleged use of stego - a new claim

2001-10-10 Thread Francois Grieu 

Lookup
<http://www.ananova.com/news/story/sm_419821.html>

Quote: "A UK communications firm has unearthed coded messages on the
Internet which may be linked to Osama bin Laden."

or directly
<http://www.iomart.com/>


Should we trust these claims ? I am most sceptic.


   Francois Grieu

[Moderator's note: I'm pretty skeptical myself. Actual evidence to
date of any use of high technology has been extraordinarily scant --
most recent rumor seems to have been started by overly imaginative
reporters. --Perry]

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]