Re: Salt (was: ICSA certifies weak crypto as secure)

At 8:26 AM -0700 6/4/99, Arnold G. Reinhold wrote: At 9:18 AM +1000 6/2/99, Greg Rose wrote: (IMHO the design decision that would most profitably have changed was the limitation to 8 character passwords, not the salt. I agree with you here, though as Steve Bellovin pointed out, hashing hadn't

Re: ICSA certifies weak crypto as secure

The important points were Btw -- large password files using anything like this scheme are obsolescent. You can't use a hashed password for challenge/response, The fundamental problem is that users pick bad passwords and passphrases ... Yup. I like S/Key better than the annoying SecureID

Re: Salt (was: ICSA certifies weak crypto as secure)

At 9:18 AM +1000 6/2/99, Greg Rose wrote: At 16:38 1/06/99 -0400, it was written: [by Arnold Reinhold] ... I would argue that UNIX is an excellent object lesson for John's point. 12 bits was a bad design decision, even in the 70's. I take exception to this last statement. The design (of the

Salt (was: ICSA certifies weak crypto as secure)

At 16:38 1/06/99 -0400, it was written: At 11:48 AM -0400 6/1/99, Steven M. Bellovin replied to John Kelsey [EMAIL PROTECTED] message: Why 32 bits? Salts are good, and often cheap, but I'm curious what your rationale is. Traditionally, a salt serves two purposes: to increase the expense (CPU

Re: ICSA certifies weak crypto as secure

John Kelsey said, in a list of what people do wrong in crypto: e. In exportable systems, you have to use the salt correctly. If you just use a 40-bit key, you end up vulnerable to various kinds of precomputation attack. f. In exportable systems, you have to separate the keys used for

Re: ICSA certifies weak crypto as secure

-BEGIN PGP SIGNED MESSAGE- [ To: Steve, Arnold ## Cc: Perry's Crypto List ## Date: 06/01/99 ## Subject: Re: ICSA certifies weak crypto as secure ] To: "Arnold G. Reinhold" [EMAIL PROTECTED] Cc: John Kelsey [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: ICSA cert

Re: ICSA certifies weak crypto as secure

-BEGIN PGP SIGNED MESSAGE- [ To: Perry's Crypto List, Arnold Reinhold ## Date:05/28/99 ## Subject: Re: ICSA certifies weak crypto as secure ] Date: Fri, 28 May 1999 11:42:03 -0400 From: "Arnold G. Reinhold" [EMAIL PROTECTED] Subject: Re: ICSA certifies weak crypto as secur

Re: ICSA certifies weak crypto as secure

At 1:36 PM -0400 5/27/99, Kawika Daguio wrote: What I would like to know from you is whether you and others have been able to construct a "duh" list of typical, but unacceptable current practices that can easily be remediated. Here are my top 10 candidates for a "duh" list: 1. Keys that are

Re: ICSA certifies weak crypto as secure

On Fri, May 28, 1999 at 11:42:03AM -0400, Arnold G. Reinhold wrote: At 1:36 PM -0400 5/27/99, Kawika Daguio wrote: What I would like to know from you is whether you and others have been able to construct a "duh" list of typical, but unacceptable current practices that can easily be

Re: ICSA certifies weak crypto as secure

At 11:42 AM 5/28/99 -0400, Arnold G. Reinhold presented his "top 10" common bad security practices. Generally good advice, but I've pulled #3 for amendment: 3. Use of short passwords or weak passphrases to protect private keys or, worse, using them to generate symmetric keys. Bad passphrase