Halloween Hash Bash information

Bruce Schneier is liveblogging from the NIST Halloween Hash Bash: http://www.schneier.com/blog/ (Credit: Steve Bellovin directed me at the web page.) Perry - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cry

HTTPS mutual authentication alpha release - please test

Happy Halloween! In what we hope will be a Halloween tradition, we have new release available for testing. WiKID is pleased to announce the alpha release of a major upgrade under the GPL featuring a cryptographic method of mutual authentication for HTTPS: WiKID-2.1: SOMETHING_WiKID_THIS_WAY_COMES

Re: Symmetric ciphers as hash functions

Tom Shrimpton (http://www.cs.pdx.edu/~teshrim/) does research in this area (ie. using block ciphers to build hash functions). See the papers on his web site; in particular: Black-Box Analysis of the Block-Cipher-Based Hash-Function Constructions from PGV [pdf] [ps] John Black, Phillip Rogawa

Re: Some thoughts on high-assurance certificates

Peter Gutmann wrote: > And therein lies the problem. The companies providing the certificates are in > the business of customer service, not of running FBI-style special background > investigations that provide a high degree of assurance but cost $50K each and > take six months to complete. The s

AW: [EMAIL PROTECTED]: Skype security evaluation]

> -Ursprüngliche Nachricht- > Von: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Im Auftrag von cyphrpunk > Gesendet: Freitag, 28. Oktober 2005 06:07 > An: [EMAIL PROTECTED]; cryptography@metzdowd.com > Betreff: Re: [EMAIL PROTECTED]: Skype security evaluation] > > Wasn't there a rumor la

RE: [EMAIL PROTECTED]: Skype security evaluation]

A similar approach enabled Bleichenbacher's SSL attack on RSA with PKCS#1 padding. This sounds very dangerous to me. William > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of cyphrpunk > Sent: Friday, October 28, 2005 5:07 AM > To: [EMAIL PROTECTED

Re: packet traffic analysis

In the context of: >>If your plaintext consists primarily of small packets, you should set the MTU >>of the transporter to be small. This will cause fragmentation of the >>large packets, which is the price you have to pay. Conversely, if your >>plaintext consists primarily of large packets, yo

Some thoughts on high-assurance certificates

A number of CAs have started offering high-assurance certificates in an attempt to... well, probably to make more money from them, given that the bottom has pretty much fallen out of the market when you can get a standard certificate for as little as $9.95. The problem with these certificates is t

[Clips] Security 2.0: FBI Tries Again To Upgrade Technology

--- begin forwarded text Delivered-To: [EMAIL PROTECTED] Date: Mon, 31 Oct 2005 07:29:37 -0500 To: Philodox Clips List <[EMAIL PROTECTED]> From: "R.A. Hettinga" <[EMAIL PROTECTED]> Subject: [Clips] Security 2.0: FBI Tries Again To Upgrade Technology Reply-To: [EMAIL PROTECTED] Sender: [EM

Symmetric ciphers as hash functions

Hi all, How does one properly use a symmetric cipher as a cryptographic hash function? I seem to be going around in circles. Initially I thought you choose some known key and encrypt the data with the key, using either the encrypted text or the internal state of the cipher as the hash value, tur

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

On 10/28/05, Daniel A. Nagy <[EMAIL PROTECTED]> wrote: > Irreversibility of transactions hinges on two features of the proposed > systetm: the fundamentally irreversible nature of publishing information in > the public records and the fact that in order to invalidate a secret, one > needs to know i

Re: On Digital Cash-like Payment Systems

>From: cyphrpunk <[EMAIL PROTECTED]> >Sent: Oct 27, 2005 9:15 PM >To: "James A. Donald" <[EMAIL PROTECTED]> >Cc: cryptography@metzdowd.com, [EMAIL PROTECTED] >Subject: Re: On Digital Cash-like Payment Systems >On 10/26/05, James A. Donald <[EMAIL PROTECTED]> wrote: >> How does one inflate a key?

[Clips] US spy agency's patents under security scrutiny

--- begin forwarded text Delivered-To: [EMAIL PROTECTED] Date: Sat, 29 Oct 2005 08:19:44 -0400 To: Philodox Clips List <[EMAIL PROTECTED]> From: "R.A. Hettinga" <[EMAIL PROTECTED]> Subject: [Clips] US spy agency's patents under security scrutiny Reply-To: [EMAIL PROTECTED] Sender: [EMAIL

Re: packet traffic analysis

> I assume that the length is > explicitly encoded in the legitimate packet. Then the peer for the > link ignores everything until the next "escape sequence" introducing a > legitimate packet. I should point out that encrypting PRNG output may be pointless, and perhaps one optimization is to stop

Re: packet traffic analysis

Good catch on the encryption. I feel silly for not thinking of it. > If your plaintext consists primarily of small packets, you should set the MTU > of the transporter to be small. This will cause fragmentation of the > large packets, which is the price you have to pay. Conversely, if your > p

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

One other point with regard to Daniel Nagy's paper at http://www.epointsystem.org/~nagydani/ICETE2005.pdf A good way to organize papers like this is to first present the desired properties of systems like yours (and optionally show that other systems fail to meet one or more of these properties);

Re: On Digital Cash-like Payment Systems

On 10/26/05, James A. Donald <[EMAIL PROTECTED]> wrote: > How does one inflate a key? Just make it bigger by adding redundancy and padding, before you encrypt it and store it on your disk. That way the attacker who wants to steal your keyring sees a 4 GB encrypted file which actually holds about a

Re: [EMAIL PROTECTED]: Skype security evaluation]

Wasn't there a rumor last year that Skype didn't do any encryption padding, it just did a straight exponentiation of the plaintext? Would that be safe, if as the report suggests, the data being encrypted is 128 random bits (and assuming the encryption exponent is considerably bigger than 3)? Seems

Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

On 10/25/05, Travis H. <[EMAIL PROTECTED]> wrote: > More on topic, I recently heard about a scam involving differential > reversibility between two remote payment systems. The fraudster sends > you an email asking you to make a Western Union payment to a third > party, and deposits the requested a

NY Times reports: NSA falsified Gulf of Tonkin intercepts

http://www.nytimes.com/2005/10/31/politics/31war.html?ex=1288414800&en=e2f5e341687a2ed9&ei=5090&partner=rssuserland&emc=rss WASHINGTON, Oct. 28 - The National Security Agency has kept secret since 2001 a finding by an agency historian that during the Tonkin Gulf episode, which helped pre

Skype Patches Critical Flaws

Skype Patches Critical Flaws Skype users are being urged to upgrade to the latest version of the Internet telephony client, due to a number of critical flaws in the software that were disclosed by Skype's maker, Skype Technologies SA. -

The Pentagon is block NSA patent applications...

http://www.newscientist.com/article.ns?id=dn8223&feedId=online-news_rss091 --Steven M. Bellovin, http://www.cs.columbia.edu/~smb - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography"

[EMAIL PROTECTED]: Re: [p2p-hackers] P2P Authentication]

- Forwarded message from Kerry Bonin <[EMAIL PROTECTED]> - From: Kerry Bonin <[EMAIL PROTECTED]> Date: Thu, 27 Oct 2005 06:52:57 -0700 To: [EMAIL PROTECTED], "Peer-to-peer development." <[EMAIL PROTECTED]> Subject: Re: [p2p-hackers] P2P Authentication User-Agent: Mozilla Thunderbird 1.0.6

Re: [EMAIL PROTECTED]: Skype security evaluation]

Jack Lloyd <[EMAIL PROTECTED]> writes: >I just reread those sections and I still don't see anything about RSA >encryption padding either. 3.2.2 just has some useless factoids about the RSA >implementation (but neglects to mention important implementation points, like >if blinding is used, or if si

Re: [PracticalSecurity] Anonymity - great technology but hardly used

Travis H. wrote: > Part of the problem is using a packet-switched network; if we had > circuit-based, then thwarting traffic analysis is easy; you just fill > the link with random garbage when not transmitting packets. I > considered doing this with SLIP back before broadband (back when my > frien

Re: [PracticalSecurity] Anonymity - great technology but hardly used

Hello, At 25/10/05 07:18, cyphrpunk wrote: > http://www.hbarel.com/Blog/entry0006.html > > I believe that for anonymity and pseudonymity technologies to survive > they have to be applied to applications that require them by design, > rather than to mass-market applications that can also do (

packet traffic analysis

Travis H. wrote: Part of the problem is using a packet-switched network; if we had circuit-based, then thwarting traffic analysis is easy; you just fill the link with random garbage when not transmitting packets. OK so far ... There are two problems with this; one, getting enough random

Re: [PracticalSecurity] Anonymity - great technology but hardly used

On Wed, 26 Oct 2005, JЖrn Schmidt wrote: > --- "Travis H." <[EMAIL PROTECTED]> wrote: > > [snip] > > Another issue involves the ease of use when switching between a > > [slower] anonymous service and a fast non-anonymous service. I > > have a tool called metaprox on my website (see URL in sig) th

Re: On the orthogonality of anonymity to current market demand

-- John Kelsey > What's with the heat-death nonsense? Physical bearer > instruments imply stout locks and vaults and alarm > systems and armed guards and all the rest, all the way > down to infrastructure like police forces and armies > (private or public) to avoid having the biggest gang > en