On 12/02/2011 01:21 AM, Marsh Ray wrote:
Out of a set of 4096 (salt values) random functions each mapping
{ 1...256 } -> { 0 ... 255 }
samples H[0] values
how many would we expect to have all samples map to the same value,
i.e., have a codomain size of 1 ?
s/codomain/image/
- Marsh
On 12/02/2011 12:25 AM, Solar Designer wrote:
On Thu, Dec 01, 2011 at 11:16:14PM -0600, Marsh Ray wrote:
1. The largest cluster will represent the case where H[0] fails the
comparison in strcmp().
2. The second cluster will be on the order of a few machine cycles
longer, representing times th
http://pauldotcom.com/2011/11/cracking-md5-passwords-with-bo.html
"BozoCrack is a depressingly effective MD5 password hash cracker with almost
zero CPU/GPU load. Instead of rainbow tables, dictionaries, or brute force,
BozoCrack simply finds the plaintext password. Specifically, it googles the M
On Thu, Dec 01, 2011 at 11:16:14PM -0600, Marsh Ray wrote:
> On 12/01/2011 10:15 PM, Solar Designer wrote:
> >http://whitepixel.zorinaq.com is probably the fastest single MD5 hash
> >cracker. This one tests 33.1 billion of passwords per second against a
> >raw MD5 hash on 4 x AMD Radeon HD 5970 (8
Ben Laurie writes:
>They appear to actually be selling sub-RA functionality, but very hard to
>tell from the press release.
OK, so it does appear that people seem genuinely unaware of both the fact that
this goes on, and the scale at which it happens. Here's how it works:
1. Your company or or
On 12/01/2011 11:11 PM, Sampo Syreeni wrote:
On 2011-12-01, Randall Webmail wrote:
I am an almost-complete greenie WRT crypto, which is why I'm here
to learn.
What is the proper thing to do when one of those things pops up?
(It is NOT a rare event).
They mostly mean you no harm.
You don't
Marsh Ray writes:
> Certificate Authority (CA) to Chain to GeoTrust's Ubiquitous Public
> Root
>
>[...]
>
> SAN FRANCISCO, RSA CONFERENCE, Feb. 14
February of which year? If it's from this year then they're really late to
the party, commercial CAs have been doing this for more than a decade. T
On Dec 1, 2011, at 8:43 PM, Randall Webmail wrote:
> From: "ianG"
>
> >It does store certs. It just takes above & beyond to get at them.
> Unknown whether it stores certs that you reject.
>
> I spend a lot of time in hotels, and it is VERY common for me to get one of
> those popups complai
Randall Webmail writes:
>What is the proper thing to do when one of those things pops up? (It is NOT a
>rare event).
Go to the security settings dialog in your browser, go to "Export certificate"
(or whatever your browser uses), select "Certificate chain / PKCS #7", and
then post it to this list
On 12/01/2011 10:15 PM, Solar Designer wrote:
On Thu, Dec 01, 2011 at 09:15:05PM -0600, Marsh Ray wrote:
When you can evaluate MD5 at 5.6 GH/s, accessing even a straight lookup
table in main memory is probably a slowdown.
Yes, but those very high speeds are throughput for large numbers of
hash
Adam Back writes:
>Surely the SSL Observatory has these MitM sub CA certs if they exist in the
>wild and are being used to create real time MitM certs for domains the issuer
>certainly doesnt own.
You have to be inside the captive portal to see these blue-pill certs. This
is why various people
On 2011-12-01, Randall Webmail wrote:
I am an almost-complete greenie WRT crypto, which is why I'm here to
learn.
What is the proper thing to do when one of those things pops up? (It
is NOT a rare event).
They mostly mean you no harm. So just accept/except. But always bear in
mind that
From: "ianG"
>It does store certs. It just takes above & beyond to get at them.
Unknown whether it stores certs that you reject.
I spend a lot of time in hotels, and it is VERY common for me to get one of
those popups complaining about certificates when I connect to the hotel WiFi.
I am an
On Thu, Dec 01, 2011 at 09:15:05PM -0600, Marsh Ray wrote:
> When you can evaluate MD5 at 5.6 GH/s, accessing even a straight lookup
> table in main memory is probably a slowdown.
Yes, but those very high speeds are throughput for large numbers of
hashes to compute in parallel. If you don't yet
On 12/01/2011 06:15 PM, Jerrie Union wrote:
How should the attacker mount the attack after hash[0] has been recovered?
He tests passwords that yield the identified H[0].
I guess for a given digest D if the attacker guess the character at position 1
(D[1])
by supplying the secret S there’
On Dec 1, 2011, at 3:53 PM, Alfonso De Gregorio wrote:
>
> If the attacker has direct control over the challenge/digest, the side
> channel may turn to be observable. The attacker could query adaptively
> the authentication server and exploit the timing information to
> recover the hashed secret
On Dec 1, 2011, at 11:48 PM, Marsh Ray wrote:
> On 12/01/2011 04:37 PM, Jerrie Union wrote:
>>
>> public boolean check(digest, secret) {
>> hash = md5(secret);
>>
>> if (digest.length != hash.length) {
>> return false;
>> }
>>
>> for (i = 0; i< digest.length;
On Thu, Dec 1, 2011 at 5:11 PM, Adam Back wrote:
> btw if client certs are being used or TLS-SRP ciphersuite these attacks
> would not work because SSL negotiation would fail. Unless the MitM could
> create fake client certs on the fly also that would be acceptable to the
> server.
Right, becaus
On Fri, Dec 2, 2011 at 12:31 AM, Jon Callas wrote:
>
> On Dec 1, 2011, at 2:37 PM, Jerrie Union wrote:
>
>> I’m wondering, if it’s running as some authenticated server application, if
>> it should be considered as resistant to time attacks nowadays. I’m aware
>> that’s
>> not a good practice, but
On 12/01/2011 04:37 PM, Jerrie Union wrote:
public boolean check(digest, secret) {
hash = md5(secret);
if (digest.length != hash.length) {
return false;
}
for (i = 0; i< digest.length; i++) {
if (digest[i] != hash[i]) {
return fals
On Dec 1, 2011, at 2:37 PM, Jerrie Union wrote:
> I’m wondering, if it’s running as some authenticated server application, if
> it should be considered as resistant to time attacks nowadays. I’m aware
> that’s
> not a good practice, but I’m not clear if I should consider it as exploitable
> ov
On Thu, Dec 1, 2011 at 11:37 PM, Jerrie Union wrote:
>
> Given the following Java code:
>
> public boolean check(digest, secret) {
> hash = md5(secret);
>
> if (digest.length != hash.length) {
> return false;
> }
>
> for (i = 0; i < digest.length; i++) {
> if (di
It does at least say they need a certificate practice statement, and
hardware key generation and storage, AND "All domains must be owned by the
enterprise customer". They can sell the ability to be a sub-CA if they want
to. There standards seem probably as good as your average CA and precludes
M
On 2/12/11 09:37 AM, Jerrie Union wrote:
I’m wondering, if it’s running as some authenticated server application, if
it should be considered as resistant to time attacks nowadays. I’m aware that’s
not a good practice, but I’m not clear if I should consider it as exploitable
over the
network (on
Given the following Java code:
public boolean check(digest, secret) {
hash = md5(secret);
if (digest.length != hash.length) {
- Forwarded message from Gregory Maxwell -
From: Gregory Maxwell
Date: Thu, 1 Dec 2011 01:38:33 -0500
To: Jeffrey Burdges
Cc: liberationt...@lists.stanford.edu
Subject: Re: [liberationtech] Crypto Advocacy TED Talk
On Thu, Dec 1, 2011 at 12:01 AM, Jeffrey Burdges wrote:
[snip]
> Aside
InfoSec Southwest 2012 Call for Papers
March 30th through April 1st 2012, Austin, Texas
http://infosecsouthwest.com/cfp.html
The InfoSec Southwest staff are now soliciting papers to be presented at
our 2012 conference to be held March 30th through April 1st 2012 in
Austin, Texas.
Who Should Submi
[ianG (2011-12-01 16:43:59 UTC)]
> I'm just poking around, it seems that Certificate Patrol should keep
> the cert.
>
> In Firefox
>
> Tools / Add-ons / Certificate Patrol / Preferences / View Certificates
> / getting tired now / [...] / ... time for a stiff drink [...]
As an alternative, you
http://www.trustico.com/material/DS_GeoRoot_0205.pdf
Well, we'll only break the dishonest ones :-)
On Thu, Dec 1, 2011 at 5:48 PM, Marsh Ray wrote:
> On 12/01/2011 11:09 AM, Ben Laurie wrote:
>>
>> On Thu, Dec 1, 2011 at 4:56 PM, Marsh Ray
>> wrote:
http://www.prnewswire.com/news-
On 12/01/2011 11:09 AM, Ben Laurie wrote:
On Thu, Dec 1, 2011 at 4:56 PM, Marsh Ray
wrote:
http://www.prnewswire.com/news-releases/geotrust-launches-georoot-allows-organizations-with-their-own-certificate-authority-ca-to-chain-to-geotrusts-ubiquitous-public-root-54048807.html
They appear to ac
On Dec 1, 2011, at 9:09 AM, Ben Laurie wrote:
> Bottom line: I'm going to believe this one someone displays a cert chain.
Multiple cert chains from different environments, please. One from Boingo (I'm
not traveling for a few months so I can't grab one sooner), one from a
corporation using a Son
On Thu, Dec 1, 2011 at 4:56 PM, Marsh Ray wrote:
> On 11/30/2011 06:44 PM, Adam Back wrote:
>>
>> Are there really any CAs which issue sub-CA for "deep packet
>> inspection" aka doing MitM and issue certs on the fly for everything
>> going through them: gmail, hotmail, online banking etc.
>
>
>
>>
On 11/30/2011 06:44 PM, Adam Back wrote:
Are there really any CAs which issue sub-CA for "deep packet
inspection" aka doing MitM and issue certs on the fly for everything
going through them: gmail, hotmail, online banking etc.
http://www.prnewswire.com/news-releases/geotrust-launches-georoot-
On 2/12/11 03:26 AM, Rose, Greg wrote:
On 2011 Nov 30, at 22:28 , Jon Callas wrote:
On Nov 30, 2011, at 9:32 PM, Rose, Greg wrote:
I run a wonderful Firefox extension called Certificate Patrol. It keeps a local
cache of certificates, and warns you if a certificate, CA, or public key
changes
On 2011 Nov 30, at 22:28 , Jon Callas wrote:
> On Nov 30, 2011, at 9:32 PM, Rose, Greg wrote:
>
>> I run a wonderful Firefox extension called Certificate Patrol. It keeps a
>> local cache of certificates, and warns you if a certificate, CA, or public
>> key changes unexpectedly. Sort of like S
35 matches
Mail list logo