Greg Rose writes:
>> This is a very important result. The need to transition from SHA-1
>> is no longer theoretical.
>
> It already wasn't theoretical... if you know what I mean. The writing
> has been on the wall since Wang's attacks four years ago.
Sure, but this should light a fire under peop
On Apr 30, 2009, at 4:31 PM, Perry E. Metzger wrote:
Eric Rescorla writes:
McDonald, Hawkes and Pieprzyk claim that they have reduced the
collision
strength of SHA-1 to 2^{52}.
Slides here:
http://eurocrypt2009rump.cr.yp.to/
837a0a8086fa6ca714249409ddfae43d.pdf
Thanks to Paul Hoffman f
On 2009 Apr 30, at 4:31 , Perry E. Metzger wrote:
Eric Rescorla writes:
McDonald, Hawkes and Pieprzyk claim that they have reduced the
collision
strength of SHA-1 to 2^{52}.
Slides here:
http://eurocrypt2009rump.cr.yp.to/
837a0a8086fa6ca714249409ddfae43d.pdf
Thanks to Paul Hoffman for
On Sat, Mar 14, 2009 at 3:16 AM, Travis
wrote:
> I have never seen a good catalog of computationally-strong
> pseudo-random number generators. It seems that everyone tries to roll
> their own in whatever application they are using, and I bet there's a
> lot of waste and inefficiency and re-invent
On Mar 9, 2009, at 10:32 PM, Mads wrote:
I know of procedures and programs to erase files securely from
disks, Guttman did a paper on that
What I don't know is how to securely erase information from a
database.
If the material is that sensitive, and you only want to selectively
d
Eric Rescorla writes:
> McDonald, Hawkes and Pieprzyk claim that they have reduced the collision
> strength of SHA-1 to 2^{52}.
>
> Slides here:
> http://eurocrypt2009rump.cr.yp.to/837a0a8086fa6ca714249409ddfae43d.pdf
>
> Thanks to Paul Hoffman for pointing me to this.
This is a very important r
On Mon, Mar 9, 2009 at 10:32 PM, Mads wrote:
> I know of procedures and programs to erase files securely from disks,
> Guttman did a paper on that
Yes, but that paper is over ten years old. In the meanwhile, disk
designs and perhaps encoding schemes have changed, journaling
file systems have
> What I don't know is how to securely erase information from a
database.
>
> I cannot assume that the vendor solves this matter, anyone have a
clue?
I'd say your assumption is valid. This is not to disrespect the
database vendors, but to point out that their risk modelling is
generally significa
Steven M. Bellovin wrote:
> We've become prisoners of dogma here. In 1979, Bob Morris and Ken
> Thompson showed that passwords were guessable. In 1979, that was
> really novel. There was a lot of good work done in the next 15 years
> on that problem -- Spaf's empirical observations, Klein's '90
On Sun, Mar 15, 2009 at 12:26:39AM +1300, Peter Gutmann wrote:
>
> I was hoping someone else would leap in about now and question this, but I
> guess I'll have to do it... maybe we have a different definition of what's
> required here, but AFAIK there's an awful lot of this kind of hardware
> floa
Thor Lancelot Simon writes:
>Almost no web servers run with passwords on their private key files. Believe
>me. I build server load balancers for a living and I see a _lot_ of customer
>web servers -- this is how it is.
Ah, that kinda makes sense, it would parallel the experience with client-sid
I have never seen a good catalog of computationally-strong
pseudo-random number generators. It seems that everyone tries to roll
their own in whatever application they are using, and I bet there's a
lot of waste and inefficiency and re-inventing the wheel involved.
If this true, or is there a sur
The assertion occasionally comes up that since the NSA cannot legally
eavesdrop on Americans, it outsources to the UK or one of the other
Echelon countries. It turns out that that's forbidden, too -- see
Section 2.12 of Executive Order 12333
(http://www.archives.gov/federal-register/codification/e
http://www.ilounge.com/index.php/news/comments/chinese-hackers-crack-itunes-store-gift-codes-sell-certificates/
Chinese hackers crack iTunes Store gift codes, sell certificates
By Charles Starrett
Senior Editor, iLounge
Published: Tuesday, March 10, 2009
A group of Chinese hackers has succeeded
I know of procedures and programs to erase files securely from disks,
Guttman did a paper on that
What I don't know is how to securely erase information from a database.
I cannot assume that the vendor solves this matter, anyone have a clue?
Regards,
Mads Rasmussen
On Sat, Mar 07, 2009 at 07:36:25AM +1300, Peter Gutmann wrote:
>
> In any case though, how big a deal is private-key theft from web servers?
> What examples of real-world attacks are there where an attacker stole a
> private key file from a web server, brute-forced the password for it, and then
>
Quoting:
A top federal cybersecurity official resigned this week in a letter
sharply critical of what he described as a power grab by the
National Security Agency.
Rod Beckström, director of Homeland Security's National
Cybersecurity Center, said in his letter that NSA "effectivel
Thor Lancelot Simon writes:
>On Sat, Mar 07, 2009 at 05:40:31AM +1300, Peter Gutmann wrote:
>> Given that, when I looked a couple of years ago, TPM support for
>> public/private-key stuff was rather hit-and-miss and in some cases seemed to
>> be entirely absent (so you could use the TPM to wrap an
On Sat, Mar 07, 2009 at 05:40:31AM +1300, Peter Gutmann wrote:
>
> Given that, when I looked a couple of years ago, TPM support for
> public/private-key stuff was rather hit-and-miss and in some cases seemed to
> be entirely absent (so you could use the TPM to wrap and unwrap stored private
> keys
http://www.google.com/hostednews/ap/article/ALeqM5jFmxwZmt8V4URihSIugJroZE4yKgD974J72O0
--Steve Bellovin, http://www.cs.columbia.edu/~smb
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe crypto
Liberated from LiveJournal :-):
Title: Fully Homomorphic Encryption Using Ideal Lattices
Speaker: Craig Gentry, Stanford University
Time/Place: 11 am, 18 March, Wozniak Lounge
[Ed. note: 4th floor, Soda Hall, UC Berkeley]
Abstract:
We propose a fully homomorphic encryption scheme -- i.e., a sch
While poking around Google Books, I stumbled on the following two
references that might be of interest to this list. The first is cited
by Kahn.
\emph{The Military Telegraph During the Civil War in the United States:
With an Exposition of Ancient and Modern Means of Communication,
and of the Fede
"The CNG SDK contains documentation, code, and tools designed to help
you develop cryptographic applications and libraries targeting the
Windows Vista SP1, Windows Server 2008 R2, and Windows 7 Operating
Systems."
http://www.microsoft.com/downloads/details.aspx?FamilyId=1EF399E9-B018-49DB-A98B-0CE
Begin forwarded message:
From: Eugen Leitl
Date: April 22, 2009 1:05:51 PM GMT-04:00
To: i...@postbiota.org, cypherpu...@al-qaeda.net
Subject: [tahoe-dev] NEWSFLASH -- Coder Goes Crazy! Laptop Versus Axe!
Film At 11!
- Forwarded message from Zooko O'Whielacronx
-
From: Zooko O
http://www.wired.com/print/science/discoveries/magazine/17-05/ff_kryptos
Mission Impossible: The Code Even the CIA Can't Crack
By Steven Levy Email 04.20.09
The sculpture named Kryptos at CIA headquarters contains a secret message ?
but not even the agency's brightest can crack its code.
Phot
The whole story's at:
http://www.wired.com/politics/security/news/2009/04/fleetcom
it appears that Brazilians wanting to communicate on the cheap are using US
FLTSATCOM links to talk to each other. This works because "the communication
channel was open, not encrypted, lots of people used it to t
ANNOUNCING Tahoe, the Least-Authority Filesystem, v1.4
The allmydata.org team is pleased to announce the release of version
1.4.1 of "Tahoe", the Lightweight-Authorization Filesystem. This is the
first release of Tahoe-LAFS which was created solely as a labor of love
by volunteers -- it is no lon
I was just reading through the WiMAX PKI documentation [0]... this uses PGP to
issue device and server X.509 certificates for use in WiMAX networks:
"Name" is an identifying name for the recipient that will be used as an
authenticated identity by the CA signing system. This is the identifier
IOP New Journal of Physics, Volume 11, April, 2009
Editorial page describing focus, with table of contents:
http://www.iop.org/EJ/abstract/1367-2630/11/4/045005/
TOC has links to freely downloadable copies of the papers.
--
-
I'm back up for air again. The message backlog will be moved out over
the next few days, not necessarily in chronological order.
Perry
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord..
McDonald, Hawkes and Pieprzyk claim that they have reduced the collision
strength of SHA-1 to 2^{52}.
Slides here:
http://eurocrypt2009rump.cr.yp.to/837a0a8086fa6ca714249409ddfae43d.pdf
Thanks to Paul Hoffman for pointing me to this.
-Ekr
From: Zooko O'Whielacronx
Subject: [tahoe-dev] SHA-1 broken! (was: Request for hash-dependency in
Tahoe security.)
To: nejuc...@gmail.com, tahoe-...@allmydata.org
Date: Wed, 29 Apr 2009 15:59:05 -0600
Reply-To: tahoe-...@allmydata.org
On Apr 29, 2009, at 11:51 AM, Nathan wrote:
> http://
"Until now, the best complete differential path (to our knowledge)
has complexity 2^63
The new path presented has complexity 2^52 - a significant reduction.
Practical collisions are within resources of a well funded organisation.
We are continuing our search for differential paths where the
boom
33 matches
Mail list logo