Re: Security Architect Position at National Archives

2004-05-08 Thread Don Davis
At 12:02 PM -0400 4/29/04, Rich Salz wrote: > The role is for a system architec/designer with strong cyber > security experience. Somebody who can evaluate the security > implication of various design proposal. In other words, I'm not > looking just for somebody who can run a firewall or vulnera

acoustic cryptanalysis

2004-05-08 Thread Perry E. Metzger
Adi Shamir & Eran Tromer find you can literally "listen in" on your computer doing RSA computations: http://www.wisdom.weizmann.ac.il/~tromer/acoustic/ -- Perry E. Metzger[EMAIL PROTECTED] - The Cryptography Ma

Re: The future of security

2004-05-08 Thread Anne & Lynn Wheeler
On Thu, 2004-05-06 at 17:52, Ian Grigg wrote: > c. much less emphasis on deductive no-risk > systems (PKIs like x.509 with SSL) due to the > poor security and market results of the CA > model. > at the nist pki r&d workship (mentioned elsewhere in some other post in this mailing list) there was

E-Voting Commission Gets Earful

2004-05-08 Thread R. A. Hettinga
Wired News E-Voting Commission Gets Earful By Michael Grebb? Story location: http://www.wired.com/news/evote/0,2645,63349,00.html 02:00 AM May. 06, 2004 PT WASHINGTON -- Passions ran high Wednesday at the first public hearing of the Elect

Quantum crypto gets a speed boost

2004-05-08 Thread R. A. Hettinga
Optics.org Quantum crypto gets a speed boost 6 May 2004 NIST scientists transfer a quantum key made of single photons at a rate of 1Mbps. A team of US scientists from the National Institute of Standards and Technology (NIST) in Colorado and Acadia Opt

Re: The future of security

2004-05-08 Thread Graeme Burnett
Ian Grigg wrote: Graeme Burnett wrote: Hello folks, I am doing a presentation on the future of security, which of course includes a component on cryptography. That will be given at this conference on payments systems and security: http://www.enhyper.com/paysec/ Would anyone there have any good pred

Re: The future of security

2004-05-08 Thread Ian Grigg
Graeme Burnett wrote: Hello folks, I am doing a presentation on the future of security, which of course includes a component on cryptography. That will be given at this conference on payments systems and security: http://www.enhyper.com/paysec/ Would anyone there have any good predictions on how cr

Book Review: Malicious Cryptography- Exposing Cryptovirology

2004-05-08 Thread R. A. Hettinga
About.com Book Review: Malicious Cryptography >From Tony Bradley, CISSP, Your Guide to Internet/Network Security. Guide Rating - The Bottom Line Most people are familiar with malware- viruses, worms, Trojans, etc.- and mos

Microsoft: 'Palladium' Is Still Alive and Kicking

2004-05-08 Thread R. A. Hettinga
Wednesday, May 05, 2004 Microsoft: 'Palladium' Is Still Alive and Kicking By Mary Jo Foley Updated: Redmond denies published report that it is axing its Next-Generation Secure Computing Base and insists the technology still wil

Tiny new agency ill-equipped for e-voting oversight

2004-05-08 Thread R. A. Hettinga
The San Jose Mercury News Posted on Mon, May. 03, 2004 Tiny new agency ill-equipped for e-voting oversight SAN JOSE, Calif. (AP) - As alarm mounts over the integrity of the ATM-like voting mac

Getting Carded

2004-05-08 Thread R. A. Hettinga
The Wall Street Journal May 4, 2004 REVIEW & OUTLOOK Getting Carded May 4, 2004 The Scottish historian and philosopher David Hume once wrote that "it is seldom that any liberty is lost all at once." British Home Secr

MatrixSSL Embedded SSL/TLS

2004-05-08 Thread J Harper
For those of you who are interested in the coding aspects of crypto, I'd like to announce that our small footprint SSL/TLS library, MatrixSSL is available for download at http://www.matrixssl.org With a footprint under 50KB, MatrixSSL not only meets device requirements, it also provides a protocol

Top Italian Mafia Boss Dies in U.S. Prison

2004-05-08 Thread R. A. Hettinga
The life, and death, of Mr. Badalamenti is important to cryptography people and cypherpunks for two reasons. First, the so-called "Pizza Connection" case is one of the very few times, if not the first, where actual wiretap data was good enough to convict someone. The other reason it is important

Wikipedia project: Crypto

2004-05-08 Thread Ivan Krstic
The good people at Wikipedia have started a cryptography subproject, "an attempt to build a comprehensive and detailed guide to cryptography in the Wikipedia." The project page: http://en.wikipedia.org/wiki/Wikipedia:WikiProject_Cryptography features a list of open tasks and things that need cleanu

Calif. Official Bans Some Voting Machines

2004-05-08 Thread R. A. Hettinga
Yahoo! Yahoo! News Sat, May 01, 2004 Calif. Official Bans Some Voting Machines Fri Apr 30, 8:56 PM ET Add U.S. National - AP to My Yahoo! By JIM WASSERMAN, Associated Press Writer SACRAM

Fwd: [ISN] Mobile flaws expose executives to bugging

2004-05-08 Thread R. A. Hettinga
*Took* 'em long enough... Cheers, RAH --- begin forwarded text Date: Fri, 30 Apr 2004 02:30:16 -0500 (CDT) From: InfoSec News <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: [ISN] Mobile flaws expose executives to bugging Reply-To: [EMAIL PROTECTED] List-Id: InfoSec News List-Unsubscribe: <

Credentica (Re: Is there a Brands certificate reference implementation?)

2004-05-08 Thread Christian Paquin
Hello Steve, From: Steve Furlong <[EMAIL PROTECTED]> To: [EMAIL PROTECTED], [EMAIL PROTECTED] > Fwd: [EMAIL PROTECTED], [EMAIL PROTECTED] Date: 25 Apr 2004 12:14:30 -0400 Does anyone know of a reference implementation for Stefan Brands's digital certificate scheme? Alternatively, does anyone have

[Publicity-list]: DATE CHANGE- DIMACS Workshop on Mobile and Wireless Security

2004-05-08 Thread Linda Casals
DATE CHANGE **DATE CHANGE **DATE CHANGE ** * DIMACS Workshop on Mobile and Wireless Security November 3 - 5, 2004*** NEW DATE DIMACS Center, Rutgers University, Piscataway, NJ Organizers: B

Re: The future of security

2004-05-08 Thread Graeme Burnett
Many thanks to the list members who have contributed ideas to the above - I'll share the results by previewing the paper in the next few weeks if I may. Having been a devotee of the financial crypto community for many years, a thought has just occurred to me about the possible use of Systemics Ric

Signs Point to Worm Attack on SSL Vulnerability

2004-05-08 Thread R. A. Hettinga
EWeek Signs Point to Worm Attack on SSL Vulnerability April 27, 2004 By Dennis Fisher Security experts on Tuesday said they are seeing evidence of what appears to be a worm exploiting the recently announced vulnerability in the Win

RFC 3766 Determining Strengths For Public Keys Used For Exchanging Symmetric Keys

2004-05-08 Thread Anne & Lynn Wheeler
also summary entry at http://www.garlic.com/~lynn/rfcidx12.htm#3766 clicking on ".txt=nnn" field in the summary retrieves the actual RFC BCP 86 RFC 3766 Title: Determining Strengths For Public Keys Used For Exchanging Symmetric Keys Author(s)

iTunes 4.5: "24 hours after I downloaded it... I've broken it"

2004-05-08 Thread R. A. Hettinga
crazney.net - iTunes stuff Welcome to my iTunes stuff website, here you will find various things relating to iTunes hacking that I have written. Last updated:April 29, 2004 iTunes 4.5: iTunes 4.5 uses a new authentication algorithm. However, not even 24 ho

Security Architect Position at National Archives

2004-05-08 Thread Rich Salz
Forwarded with permission. This may not be appropriate for the list, but it is one of the most interesting and useful crypto/security jobs I've seen in some time... The position is at Archive II in College Park, right next to the University of MD, at the junction of I-95 and the beltway. The h

Re: The future of security

2004-05-08 Thread geer
Would anyone there have any good predictions on how cryptography is going to unfold in the next few years or so? I have my own ideas, but I would love to see what others see in the crystal ball. prediction: just as in the 1990s the commercial world caught up to the mil world i

Re: Can Skype be wiretapped by the authorities?

2004-05-08 Thread Arnold G. Reinhold
At 10:49 PM +0200 4/27/04, Axel H Horns wrote: Is something known about the details of the crypto protocol within Skype? How reliable is the encryption? See e.g. http://www.financialcryptography.com/mt/archives/76.html Can Skype be wiretapped by the authorities? With collaboration of the Skype

Re: Is there a Brands certificate reference implementation?

2004-05-08 Thread Anton Stiglic
Stefan Brands started his own company, http://www.credentica.com/ There isn't much on the web site yet, but if you click on the image you get the info email address. The code that was developed for Brands credentials at ZKS was never released. There was also code written during the ESPRIT proje

message, but also test

2004-05-08 Thread R. A. Hettinga
--- begin forwarded text Date: Thu, 29 Apr 2004 09:07:44 + From: Ryan Lackey <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] User-Agent: Mutt/1.5.5.1+cvs20040105i Subject: message, but also test Sender: [EMAIL PROTECTED] I have two questions: 1) Does anyone have actual performance measurements o

Re: Can Skype be wiretapped by the authorities?

2004-05-08 Thread Enzo Michelangeli
- Original Message - From: "Axel H Horns" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, April 28, 2004 4:49 AM Subject: Can Skype be wiretapped by the authorities? > Is something known about the details of the crypto protocol within > Skype? How reliable is the encryption?

Re: How to WASTE and want not

2004-05-08 Thread iang
This page seems to describe the security: http://waste.sourceforge.net/security.html iang - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: Can Skype be wiretapped by the authorities?

2004-05-08 Thread Joseph Ashwood
- Original Message - From: "Axel H Horns" <[EMAIL PROTECTED]> Subject: Can Skype be wiretapped by the authorities? > Is something known about the details of the crypto protocol within > Skype? How reliable is the encryption? While Skype is generally rather protective of their protocol,

[Neuclear-general] ANNOUNCE: Released version 0.7 of NeuClear Commons

2004-05-08 Thread R. A. Hettinga
--- begin forwarded text From: Pelle Braendgaard <[EMAIL PROTECTED]> Organization: VERAX Inc To: [EMAIL PROTECTED], [EMAIL PROTECTED] User-Agent: KMail/1.6.2 Cc: [EMAIL PROTECTED] Subject: [Neuclear-general] ANNOUNCE: Released version 0.7 of NeuClear Commons Sender: [EMAIL PROTECTED] Lis

RSA-576 Factored

2004-05-08 Thread R. A. Hettinga
MathWorld Headline News RSA-576 Factored By Eric W. Weisstein December 5, 2003--On December 3, the day after the announcement of the discovery of the largest known prime by the Great Internet Mersenne Prime Search on December 2 (MathWorld

The crypto whiz

2004-05-08 Thread R. A. Hettinga
CNET News http://www.news.com/ The crypto whiz By Michael Kanellos and Charles Cooper Staff Writer, CNET News.com http://news.com.com/2008-7355-5201504.html Story last modified April 28, 2004, 4:00 AM PDT Paul Koche

[Neuclear-general] ANNOUNCE: NeuClear XMLSig 0.13 Released

2004-05-08 Thread R. A. Hettinga
--- begin forwarded text From: Pelle Braendgaard <[EMAIL PROTECTED]> To: [EMAIL PROTECTED], [EMAIL PROTECTED] User-Agent: KMail/1.6.2 Cc: [EMAIL PROTECTED], <[EMAIL PROTECTED]> Subject: [Neuclear-general] ANNOUNCE: NeuClear XMLSig 0.13 Released Sender: [EMAIL PROTECTED] List-Id: List-Po

Brands' private credentials

2004-05-08 Thread Jason Holt
Here's what I remember from about a year ago about the current state of private credentials. That recollection comes with no warranties express or implied. Last I heard, Brands started a company called Credentica, which seems to only have a placeholder page (although it does have an info@ addres

Re: The future of security

2004-05-08 Thread Hadmut Danisch
On Mon, Apr 26, 2004 at 08:21:43PM +0100, Graeme Burnett wrote: > > Would anyone there have any good predictions on how > cryptography is going to unfold in the next few years > or so? I have my own ideas, but I would love > to see what others see in the crystal ball. My guess is that it is un