> I seem to recall that Enigma was broken largely due to sloppy user practices
> e.g. weak message key, re-use of keys, repeating same message with a weaker
> scheme, etc. Used properly, Enigma would've been unbreakable at the time.
Yes, sloppy user practices helped cryptanalysis on all sides,
Source code would be nice as well.
On Mon, Nov 4, 2013 at 6:27 PM, Mansour Moufid wrote:
> On Sun, 2013-11-03 at 04:17 +, Roth Paxton wrote:
>
> > Cryptographyuniversal.com is my website.@Niko. I accept your criticism
> > and you are correct that I was angry at the IACR when the site was
> >
>
> I would hope that talented folks at the NSA would be averse to embedding
> backdoors in hardware (and firmware, and software) that they could lose
> control of, especially in light of recent developments.
Unfortunately it appears that for security reasons at least some chips are
being backdoo
>The way I read that (and combined with the overall disclosures that they
are basically collecting everything they can get their hands on) the NSA
has now been de-militarised, or civilianised if you prefer that term. In
the sense that, information regarding criminal activity is now being shared
wit
>From the new Washington Post Article
> According to a separate “User’s Guide for PRISM Skype Collection,” that
> service can be monitored for audio when one end of the call is a
> conventional telephone and for any combination of “audio, video, chat, and
> file transfers” when Skype users connect
’t the ID really just
> the shared secret (credentials) Ralph mentions in his question?
>
> ** **
>
> --Felix
>
> ** **
>
> *From:* cryptography [mailto:cryptography-boun...@randombit.net] *On
> Behalf Of *Ethan Heilman
> *Sent:* Thursday, June 06, 2013 16:04
>
Consider a network of N nodes each given an id from 1 to N, each node uses
a protocol where any message it receives it decrypts with it's id. All
messages get sent to every node instantly, and decryption has a very high
cost.
Node A wants to send a message to another node (node A just chooses an i
>Consider authentication of A to B. If there is nothing distinguishing
(impersonator) Mallory from (honest) A, then anything A can do can also be
done by Mallory.
You still need to know that you want to communicate with someone named
Mallory, which is a piece of information that predates the commu
r-in-Skype-736607.html
On Sat, May 25, 2013 at 10:20 AM, Ethan Heilman wrote:
> >I missed that one--do you have a URL? (I don't know German.)
>
> Sure, here is the translated quote from Kurt Sauer, head of the security
> division of Skype:
>
> ZDNet: What is the answer
>I missed that one--do you have a URL? (I don't know German.)
Sure, here is the translated quote from Kurt Sauer, head of the security
division of Skype:
ZDNet: What is the answer to my question, even if you can not listen to
> Skype calls?
> Sauer: We answer to this question: We provide a safe c
>At a minimum, it's "is there any evidence--at all--other than guessing /
>suspicions / assumptions / presumptions / paranoia?" It need not be a
>religious or ideological discussion; it need not be based on "I believe it's
>happening" or "I don't believe it's happening"--just, is there any evidence
Does anyone on this list honestly doubt that intelligence agencies are
intercepting and reading skype given both public statements by skype,
the various news reports about governments state they are doing it,
and the 200 year history of agencies and communication companies
working together?
Is the
>Actually I think that was the point, as far as anyone knew and from the last
>published semi-independent review (some years ago on the crypto list as I
>recall) it indeed was end2end secure.
Skype has never claimed it is end to end secure in fact they have
hinted many times that they can and do
Peter,
Do I understand you correctly. The checksum is calculated using a key or
the checksum algorithm is secret so that they can't generate checksums for
new keys? Are they using a one-way function? Do you have any documentation
about this?
Thanks,
Ethan
On Wed, Mar 27, 2013 at 11:50 PM, Pete
In the 1980's and early 1990's elements of the Iran government used Crypto
AG cipher machines (prior to that the Iraqis had compromised almost all of
Iranians military ciphers which may have triggered a switch to "industry
best practices"), Iran discovered that the Crypto AG machines were
backdoore
It depends what sort of side channel attacks you are worried about and what
sort of crypt algorithms you are using.
My knowledge area is cache based side channel attacks.
1. ARM chips use trustzone which claims it prevents cache based side
channel attacks when running in secure mode but probably
16 matches
Mail list logo
