Re: [cryptography] Potential funding for crypto-related projects

On 30/06/13 at 01:04am, Jacob Appelbaum wrote: > Yeah, about that... > > Have you seen the most recent paper by Egger et al? IMHO that's is unfair. There are many publications on Tor vulnerabilities as well, and this is unavoidable. Are you sure that in the next two months Tor will not be the ma

Re: [cryptography] SSL session resumption defective (Re: What project would you finance? [WAS: Potential funding for crypto-related projects])

Thanks to Nico for bringing the focus on DH as the central ingredient of PFS. Nico Williams wrote: But first we'd have to get users to use cipher suites with PFS. We're not really there. Why? Perfect forward secrecy (PFS) is an abstract security property defined because Diffie-Hellman (D

Re: [cryptography] Potential funding for crypto-related projects

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 04/07/13 13:34, danimoth wrote: > IMHO that's is unfair. There are many publications on Tor > vulnerabilities as well, and this is unavoidable. Are you sure that > in the next two months Tor will not be the main actor of a similar > publication? >

Re: [cryptography] Potential funding for crypto-related projects

The more fiercely defended security system (anything) the more likely indefensible. Best ones require constant patching and understatement, without exculpation, apologia and bullying arrogance of ignorance. But cloying humility, obsequiousness and masochism seduces sadists for backdooring STD. I

Re: [cryptography] SSL session resumption defective (Re: What project would you finance? [WAS: Potential funding for crypto-related projects])

Forward secrecy is exceedingly important security property. Without it an attacker can store encrypted messages via passive eavesdropping, or court order an any infrastructure that records messages (advertised or covert) and then obtain the private key via burglary, subpoena, coercion or software

Re: [cryptography] Potential funding for crypto-related projects

On 04/07/13 at 04:28pm, Michael Rogers wrote: > I think the point is that i2p's decision to use a decentralised > directory service led to the vulnerabilities described in the paper. Uhm, I don't consider it a matter of centralization vs decentralization. I think the point is how I2P select peers

Re: [cryptography] SSL session resumption defective (Re: What project would you finance? [WAS: Potential funding for crypto-related projects])

Adam Back wrote: Forward secrecy is exceedingly important security property. Without it an attacker can store encrypted messages via passive eavesdropping, or court order an any infrastructure that records messages (advertised or covert) and then obtain the private key via burglary, subpoena,

Re: [cryptography] Potential funding for crypto-related projects

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 04/07/13 17:15, danimoth wrote: > Uhm, I don't consider it a matter of centralization vs > decentralization. I think the point is how I2P select peers to > communicate with; attacker DoS'd previous high-performance peers, > then replace them with no

Re: [cryptography] SSL session resumption defective (Re: What project would you finance? [WAS: Potential funding for crypto-related projects])

I do not think it is a narrow difference. End point compromise via subpoena, physical seizing, or court mandated disclosure are far different things than pre-emptive storing and later decryption. The scale at which a society will do them, and tolerate doing them given their inherently increased

[cryptography] DeCryptocat

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 http://tobtu.com/decryptocat.php DecryptoCat v0.1 cracks the ECC public keys generated by Cryptocat versions 1.1.147 through 2.0.41. Cryptocat version 2.0.42 was released Feb 19, 2013 which increased the key space from 2^54

Re: [cryptography] DeCryptocat

On 2013-07-05 6:34 AM, Silas Cutler wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 a negative one. > http://tobtu.com/decryptocat.php DecryptoCat v0.1 cracks the ECC public keys generated by Cryptocat versions 1.1.147 through 2.0.41. Cryptocat version 2.0.42

Re: [cryptography] DeCryptocat

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 04/07/13 22:07, James A. Donald wrote: > 106 bits is still far too small. Seems to me that they only > increased it as needed to defeat DecryptoCat, not as needed to > defeat an NSA farm running dedicated special purpose hardware. > > Why not use

Re: [cryptography] DeCryptocat

On 2013-07-05 7:18 AM, Michael Rogers wrote: The choice of curve wasn't the problem - they were using Curve25519 but messing up the random number generation. Ah, I see. They have company. ___ cryptography mailing list cryptography@randombit.net htt

[cryptography] Recommendations for glossary of cryptographic terms

I am trying to wrap of the writing of the cryptography section of the new OWASP Dev Guide 2013 and rather than writing all my definitions, my thought was to just refer to some good glossary of cryptographic terms rather than doing all that work over again (and probably not as well). Does anyone ha

Re: [cryptography] Recommendations for glossary of cryptographic terms

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 7/4/13 3:50 PM, Kevin W. Wall wrote: > I am trying to wrap of the writing of the cryptography section of > the new OWASP Dev Guide 2013 and rather than writing all my > definitions, my thought was to just refer to some good glossary of > cryptograph

Re: [cryptography] DeCryptocat

Hello everyone, I urge you to read our response at the Cryptocat Development Blog, which strongly clarifies the situation: https://blog.crypto.cat/2013/07/new-critical-vulnerability-in-cryptocat-details/ Thank you, NK On 2013-07-04, at 11:38 PM, James A. Donald wrote: > On 2013-07-05 7:18 AM,

Re: [cryptography] Recommendations for glossary of cryptographic terms

Hi, On 04.07.2013 23:50, Kevin W. Wall wrote: > Does anyone have any recommendations for one that would > be understandable by most in the development community > who have little or now understanding of cryptography? Maybe you want to cover not only crypto, but also basic anonymity terminology: h

Re: [cryptography] DeCryptocat

Nadim Kobeissi: > Hello everyone, > I urge you to read our response at the Cryptocat Development Blog, which > strongly clarifies the situation: > > https://blog.crypto.cat/2013/07/new-critical-vulnerability-in-cryptocat-details/ > Has there been a rotation of the certificate and keying materia

Re: [cryptography] Recommendations for glossary of cryptographic terms

> I am trying to wrap of the writing of the cryptography section > of the new OWASP Dev Guide 2013 and rather than writing all > my definitions, my thought was to just refer to some good > glossary of cryptographic terms rather than doing all that work > over again (and probably not as well). th

Re: [cryptography] Recommendations for glossary of cryptographic terms

> Maybe you want to cover not only crypto, but also basic anonymity > terminology: http://dud.inf.tu-dresden.de/Anon_Terminology.shtml yes, the above is another excellent resource. for crypto specific stuff, there's also.. http://www.ciphersbyritter.com/GLOSSARY.HTM RSA Labs - PKCS Standar

Re: [cryptography] DeCryptocat

On 2013-07-05, at 3:15 AM, Jacob Appelbaum wrote: > Nadim Kobeissi: >> Hello everyone, >> I urge you to read our response at the Cryptocat Development Blog, which >> strongly clarifies the situation: >> >> https://blog.crypto.cat/2013/07/new-critical-vulnerability-in-cryptocat-details/ >> >

Re: [cryptography] DeCryptocat

Nadim Kobeissi: > > On 2013-07-05, at 3:15 AM, Jacob Appelbaum wrote: > >> Nadim Kobeissi: >>> Hello everyone, >>> I urge you to read our response at the Cryptocat Development Blog, which >>> strongly clarifies the situation: >>> >>> https://blog.crypto.cat/2013/07/new-critical-vulnerability-in

Re: [cryptography] DeCryptocat

On Jul 5, 2013, at 12:01 AM, Jacob Appelbaum wrote: > Nadim Kobeissi: >> >> On 2013-07-05, at 3:15 AM, Jacob Appelbaum wrote: >> >>> Nadim Kobeissi: Hello everyone, I urge you to read our response at the Cryptocat Development Blog, which strongly clarifies the situation:

[cryptography] libzerocoin

Hi everyone, We've released the source to libzerocoin, a library that implements the core cryptographic routines for the Zerocoin protocol. https://github.com/Zerocoin/libzerocoin This is still development code and we'd appreciate any code review people can offer. Please tear it apart. Matt

Re: [cryptography] DeCryptocat

On 2013-07-05, at 6:15 AM, Matthew Green wrote: > > > On Jul 5, 2013, at 12:01 AM, Jacob Appelbaum wrote: > >> Nadim Kobeissi: >>> >>> On 2013-07-05, at 3:15 AM, Jacob Appelbaum wrote: >>> Nadim Kobeissi: > Hello everyone, > I urge you to read our response at the Cryptocat De

Re: [cryptography] DeCryptocat

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 07/05, Nadim Kobeissi wrote: > On 2013-07-05, at 3:15 AM, Jacob Appelbaum wrote: > > Has there been a rotation of the certificate and keying material for > > all services that serve CryptoCat chat traffic? > > Rest assured we're working on it as

Re: [cryptography] DeCryptocat

Nadim Kobeissi: > > On 2013-07-05, at 6:15 AM, Matthew Green > wrote: > >> >> >> On Jul 5, 2013, at 12:01 AM, Jacob Appelbaum >> wrote: >> >>> Nadim Kobeissi: On 2013-07-05, at 3:15 AM, Jacob Appelbaum wrote: > Nadim Kobeissi: >> Hello everyone, I urge you to r

Re: [cryptography] DeCryptocat

On 2013-07-05, at 6:59 AM, Cool Hand Luke wrote: > Signed PGP part > On 07/05, Nadim Kobeissi wrote: > > On 2013-07-05, at 3:15 AM, Jacob Appelbaum wrote: > > > Has there been a rotation of the certificate and keying material for > > > all services that serve CryptoCat chat traffic? > > > > Re

[cryptography] Testing list access from mail.i2p

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Sorry for the test post - I'm checking whether this mailing list will accept emails from @mail.i2p addresses (they should get rewritten to @i2pmail.org externally, which is what I used to sign up with). str4d -BEGIN PGP SIGNATURE- Version: G

Re: [cryptography] Potential funding for crypto-related projects

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Disclaimer: I'm an I2P developer, and a user of both Tor and I2P. On 05/07/13 04:44, Michael Rogers wrote: > As far as I can see, the attacks work by seizing control of the > netDB, which is i2p's decentralised directory service. > > "We first show

Re: [cryptography] DeCryptocat

Nadim Kobeissi writes: >AES-GCM is already prioritized over RC4, but unfortunately most browsers >don't support AES-GCM yet, which is why RC4 remains as the secondary choice. >In the case that AES-GCM is not supported, we use RC4 instead of AES-CBC in >order to mitigate for BEAST. If you have alt

Re: [cryptography] DeCryptocat

Il 7/5/13 5:29 AM, Nadim Kobeissi ha scritto: Rest assured we're working on it as an extra precaution (as mentioned in the blog post). Also, our services use SSL forward secrecy. NK What's about embeding Tor binary (build as library) within the CryptoCat plugin and abbandon internet/SSL issu