Re: [ANNOUNCEMENT] OpenSSL 0.9.6a Beta 3 released

uhh, the 'a' on the version can be very deceiving. it denotes an alpha version of the version number stated. >From the email, it doesn't seem this is what you wish to convey. It should either be 0.9.7a or 0.9.6pl1 or something like that. -Tony .-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._

Re: Name wanted

I have received, in chronological order and without censorship (moderation), the following replies to this email: "Name Wanted: Torturing passwords out of people with threats of (?repeated) beatings is usually called rubberhose cryptanalysis. What should torturing passphrases out of people with th

Re: SF Bay Area Cypherpunks March 2001 Physical Meeting Announcement

That's Declan for you, on one hand holds to be a proponent of individual freedom and on the other trying to impose his twisted view of the worl on others. On Thu, 8 Mar 2001, Rodney Thayer wrote: > .xxx domains and a W-Washington update -- Declan McCullagh > > Declan will hold for

Re: stego fingerprints

David Honig writes: > Similarly, stego'ing an .mp3 ripped from a CD is a bad idea; > stego'ing a .mp3 you made from a signal that was analogue at some > point works. Every algorithm is deterministic, but different algorithms will produce different results. And there is no "standard" algorithm

Re: Making One-time pad using the soundcard

David Honig wrote: > >[I would not feel particularly comfortable merely combining the bits > >of a single sample -- distilling entropy using a hash function and > >large blocks of input would probably work out better. I'm sure there > >will be plenty of opinions around here. --Perry] > > A secure

Re: stego fingerprints

In message <[EMAIL PROTECTED]>, David Honig writ es: >1. Measure at the stats on the least significant bits from your cover >source. >2. Shape the uniform distribution you get after encryption into >the form you observe from your coverbits. >3. Replace. This approach is flawed. The distribution

Re: Making One-time pad using the soundcard

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 At 03:31 PM 2/14/01 +0200, Paul N wrote: > >It is secure to make a onetime pad using 16 bit input from soundcard using >the following algorithm? > >Each bit of the output is the result of XOR-ing all 16 bits from the input >sample... so, for making

Re: stego fingerprints

At 12:49 PM 2/17/01 -0600, William Knowles wrote: >Can you tell by statistical or other fiddling with a file whether it >has stuff embedded in it? Not if the stats on the stegodata match the stats of the coverbits they replaced. 1. Measure at the stats on the least significant bits from your c

Re: Making One-time pad using the soundcard

At 03:31 PM 2/14/01 +0200, Paul N wrote: > >It is secure to make a onetime pad using 16 bit input from soundcard using the >following algorithm? >Each bit of the output is the result of XOR-ing all 16 bits from the input >sample... so, for making one byte of "one-time pad", I need 8 samples (16*

Re: Bad PRNGs revisted in FreSSH

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Gee, is Tatu going to yell at them too? (Refer to http://slashdot.org/articles/01/02/14/1120247.shtml if you don't know what I'm talking about.) One would think that after several years of IETF work on standardizing (that which is called SecSH i

Re: 802.11 Wired Equivalent Privacy (WEP) attacks

In message <962j9b$bd5$[EMAIL PROTECTED]>, David Wagner writes: > * Use a VPN with strong end-to-end cryptographic authentication >and encryption (e.g., IPSEC or equivalent) At CITI, we protect the traffic between base station and wavelan clients via IPsec. The setup is very simple and it wor

Re: 802.11 Wired Equivalent Privacy (WEP) attacks

have the 802.11-compliant vendors made any reply to the mac-crypto report? these are substantial products, and i'd expect the vendors to put some work into fixing these problems promptly. i've searched 3Com's AirConnect pages for some mention of what 3Com will do for AirConnect customers, but s

rubberhose.com (was Re: NTK now, 2000-02-09)

noone can ever prove that this isn't *all* the data you have > on the drive. Along with StegFS, it's another recommended > RIP-bypasser. Unless you really are under risk of being > beaten up, in which case, we'll re-pose the FAQ: won'

Re: Dutch defense minister warns other countries have Echelon-type spy networks

On Mon, Feb 05, 2001 at 11:39:01PM -0500, Declan McCullagh wrote: > I couldn't find the document, but Ulf was kind enough to > forward me the PDF file, which I've placed online: > http://www.politechbot.com/docs/echelon-nl.0101.pdf This document describes the technical aspects of communication sys

Re: 802.11 Wired Equivalent Privacy (WEP) attacks

Arnold G. Reinhold wrote: >Thus there is a need for a short term remedy that can work with the >existing standard. Maybe the easiest short term remedy that does not require any changes to hardware is the following: * Put the wireless network outside your firewall (or place a firewall betw

Re: 802.11 Wired Equivalent Privacy (WEP) attacks

At 12:05 PM -0500 on 2/8/01, Arnold G. Reinhold wrote: > Thus there is a need for a short term remedy that can work with the > existing standard. Not to pull your leg (too hard), or anything, but, we were told, at mac-crypto, that it's called "super-encryption". ;-) IPSec anyone? Cheers, RAH

Re: 802.11 Wired Equivalent Privacy (WEP) attacks

g clock, you are okay - but then why bother > using 802.11?). > That is one of the reasons I suggested a key change interval of every 10 minutes. Most PCs internal clocks will keep time to within a few seconds from day to day, so re-synchronization should not be a problem. If necess

Re: 802.11 Wired Equivalent Privacy (WEP) attacks

>WF1 > >In WF1 the 802.11 WEP keys would be changed many times each hour, say >every 10 minutes. A parameter, P , determines how many time per hour >the key is to be changed, where P must divide 3600 evenly. The WEP >keys are derived from a master key, M, by taking the low order N >bits (N

Re: 802.11 Wired Equivalent Privacy (WEP) attacks

The draft paper by Borisov, Goldberg, and Wagner http://www.isaac.cs.berkeley.edu/isaac/wep-draft.pdf presents a number of practical attacks on 802.11 Wired Equivalent Privacy (WEP). The right way to fix them, as the paper points out, is to rework the 802.11 protocol to use better encryption

Re: Feds complain about Osama bin Laden using crypto, stego

obviously, osama bin laden is this year's poster boy for the fbi. ou sont les child pornographers d'antan? peter

Re: What is currently happening to http://www.cryptome.org/ ?

>"Forbidden - You do not have permission to access the requested file >on this server." You might use, and John might mention on his site, that banned folks could visit cryptome via anonymizer.com's free redirection. (Assuming *their* subnet is ok.) ... "What company did you say you were

Re: What is currently happening to http://www.cryptome.org/ ?

At 10:20 AM 2/7/01 +0100, Axel H Horns wrote: >What is currently happening to > > http://cryptome.org/ > >Since last night I only get > >"Forbidden - You do not have permission to access the requested file >on this server." > >Does anyone know whether the site has been taken down? > >Axel H Hor

Re: David Kahn's Codebreakers

> > I'm trying to find a copy of The Codebreakers, by David Kahn. Does > > anyone know where I can find a copy that costs less than the $52 > > Amazon sells it for, or is that pretty much average for the book? > > A search on finds ~ 50 copies in varying > degrees of

Re: What is currently happening to http://www.cryptome.org/ ?

On 7 Feb 2001, at 10:18, I wrote: > What is currently happening to > > http://cryptome.org/ > > Since last night I only get > > "Forbidden - You do not have permission to access the requested file > on this server." > > Does anyone know whether the site has been taken down? > > Axel H Hor

Re: smartcards, electronic ballots

This would seem relevant ... http://dailynews.yahoo.com/h/nm/20010206/ts/voting_systems_dc_1.html Tuesday February 6 12:23 PM ET Study: Old Voting Systems May Work Best By Deborah Zabarenko WASHINGTON (Reuters) - Looking back at Florida's election mess, scientists say the old ways of casting

Re: it's not the crypto

In message , "Arnold G. Reinhold" writes: >> > >While I certainly agree with your general point, I don't think this >case is good exemplar. > >"The exploit requires the person reading a wiretapped email >message to be using an HTML-enabled email reader that

Re: it's not the crypto

Well, there's quite a distance between executing something that is signed by a public entity during a transaction that I initiate, and having code silently execute because something was pushed to me unsolicited. btw, the suggested workaround in the privacy advisory does not appear to work - at le

Re: it's not the crypto

> The notion that e-mail should be permitted to contain arbitrary > programs that are executed automatically by default on being opened > is so over the top from a security stand point that it is hard to > find language strong enough to condemn it. It goes far beyond the > ordinary ris

Re: it's not the crypto

At 8:58 AM -0500 2/5/2001, Steve Bellovin wrote: >Every now and then, something pops up that reinforces the point that >crypto can't solve all of our security and privacy problems. Today's >installment can be found at >http://www.privacyfoundation.org/advisories/advemailwiretap.html > >For almost

Re: 802.11 Wired Equivalent Privacy (WEP) attacks

Unfortunately these are not new attacks. Some IETFers were talking about these as long as 1.5 years ago. This new paper is just a formalization of the (previously known, or at least guessed) attacks. About a year ago we theorized that we could guess a key by passive eavesdropping. However nobo

Re: smartcards, electronic ballots

To pick nits, this is not completely accurate. What is at odds with non-coercibility is the ability to demonstrate to a third party how one voted. But there are techniques that allow a voter to verify that his/her vote was counted correctly without being able to prove this to others. (Not that

Re: Dutch defense minister warns other countries have Echelon-type spy networks

I couldn't find the document, but Ulf was kind enough to forward me the PDF file, which I've placed online: http://www.politechbot.com/docs/echelon-nl.0101.pdf -Declan On Wed, Jan 31, 2001 at 02:46:53AM +0100, Ulf Möller wrote: > > [I haven't seen the original documents, so consider this only

Re: Crypto regs still tricky

Yeah, for example I have always wondered why Sun, in JCE 1.2.1, has gone through the trouble of introducing the signed CSP mechanism at the same time when their domestic-strength provider (which in theory should be good enough even for Saddam) was made freely exportable. By the way, has anybody tr

Re: IEEE 802.11 WEP holes

"R. A. Hettinga" writes: >At 9:35 AM -0800 2/5/01, Jurgen Botz wrote: >> Slashdot this morning reported on a ZD-Net article at: >> >>http://www.zdnet.com/zdnn/stories/news/0,4586,2681947,00.html?chkpt=zdhpnews0 >> 1 >> which states that there are major holes in IEEE 802.11 "WEP" encryption. >> >>

Re: 802.11 Wired Equivalent Privacy (WEP) attacks

"P.J. Ponder" <[EMAIL PROTECTED]> writes: > as reported on Good Morning Silicon Valley: > > Researchers from UC Berkeley and private security firm Zero-Knowledge > Systems have uncovered a means of disrupting the Wired Equivalent Privacy > (WEP) algorithm, an important part of the 802.11 corporat

Re: IEEE 802.11 WEP holes

At 9:35 AM -0800 2/5/01, Jurgen Botz wrote: > Slashdot this morning reported on a ZD-Net article at: > >http://www.zdnet.com/zdnn/stories/news/0,4586,2681947,00.html?chkpt=zdhpnews0 > 1 > which states that there are major holes in IEEE 802.11 "WEP" encryption. > > Does anyone have any more details

Re: David Kahn's Codebreakers

On Mon, Feb 05, 2001 at 08:28:04AM -0600, Zach wrote: > > I'm trying to find a copy of The Codebreakers, by David Kahn. Does > anyone know where I can find a copy that costs less than the $52 > Amazon sells it for, or is that pretty much average for the book? A search on

Re: David Kahn's Codebreakers

Zach wrote: > I'm trying to find a copy of The Codebreakers, by David Kahn. Does > anyone know where I can find a copy that costs less than the $52 > Amazon sells it for, or is that pretty much average for the book? Used paperback for $1, and on up: http://used.addall.com/SuperRare/submitRare.cg

Re: smartcards, electronic ballots

Why unfair? The rules are published and people get to choose when they vote. Cambridge is the home of Harvard and other institutions of higher education, so the populace is certainly not all peons. I believe there have been legal challenges to the system before which failed. The system is use

Re: smartcards, electronic ballots

r would be a real problem for one party or another > (Other architectures include standalone or LAN-only machines acting only as > better voting-acquisition-machines; or a pure central server scheme like > home internet voting.) > There have been a lot of problems with stand-alone

Re: smartcards, electronic ballots

From: Ed Gerck <[EMAIL PROTECTED]> Message-ID: <[EMAIL PROTECTED]> Date: Sun, 04 Feb 2001 11:43:19 -0800 To: David Honig <[EMAIL PROTECTED]> Cc: William Allen Simpson <[EMAIL PROTECTED]>, [EMAIL PROTECTED], "John R. Levine" <[EMAIL PROTECTED]>, Ed Gerck <[EMAIL PROTECTED]> Refere

Re: smartcards, electronic ballots

At 05:51 PM 2/4/01 -0500, William Allen Simpson wrote: >-BEGIN PGP SIGNED MESSAGE- > >David Honig wrote: >> >> If you give people a paper receipt with their votes on it >> (as WAS's scheme mentions) then their votes can be bought or blackmailed. > >I'm unaware of how that interpretation m

Re: smartcards, electronic ballots

William Allen Simpson wrote: > -BEGIN PGP SIGNED MESSAGE- > > I'm sorry for the second message, but I could not let the egregious > error pass uncorrected: :-) egregious ... > Ed Gerck wrote: > > The law does not allow it, and for good reasons as you mention. > >... > > > The voting a

Re: smartcards, electronic ballots

-BEGIN PGP SIGNED MESSAGE- I'm sorry for the second message, but I could not let the egregious error pass uncorrected: Ed Gerck wrote: > The law does not allow it, and for good reasons as you mention. >... > > The voting apparatus may keep a serial record of each vote, in order, for >

Re: smartcards, electronic ballots

-BEGIN PGP SIGNED MESSAGE- David Honig wrote: > > If you give people a paper receipt with their votes on it > (as WAS's scheme mentions) then their votes can be bought or blackmailed. I'm unaware of how that interpretation might have arisen? I don't see anything in the proposed text t

Re: smartcards, electronic ballots

As seems universally the case in security design, there must be ugly tradeoffs. In particular (and without quoting acres of prior material), the proposed requirements for verifiability and non-coercibility are at odds and one must yield to the other. Paper systems make this tradeoff by, on the

Re: electronic ballots

At 1:01 PM -0500 2/4/2001, John Kelsey wrote: >-BEGIN PGP SIGNED MESSAGE- > >At 11:02 PM 1/27/01 -0500, William Allen Simpson wrote: > >... >>"Arnold G. Reinhold" wrote: >>> There are a lot of reasons why open source is desirable, >>> but it does simply the job for an attacker. > >>I disag

Re: smartcards, electronic ballots

> The voting apparatus may keep a serial record of each vote, in > order, for auditing purposes. This is also mentioned in WAS's > legislative text. Good lord no. Here in NY, the inspectors write down each voter's name on a log sheet with the names numbered in order, and write down the numbers

Re: smartcards, electronic ballots

David Honig wrote: > >First of all, that's not "privacy", that's "anonymity". > > > >We have voter registration precisely so that we know who the voters > >are! We are not changing voter registration > > > > Ed Gerck wrote: > >>4. Fail-safe privacy in universal verifiability. If the >

Re: smartcards, electronic ballots

>First of all, that's not "privacy", that's "anonymity". > >We have voter registration precisely so that we know who the voters >are! We are not changing voter registration > >4. Fail-safe privacy in universal verifiability. If the >encrypted ballots are successfully attacked, even

Re: electronic ballots

-BEGIN PGP SIGNED MESSAGE- At 11:02 PM 1/27/01 -0500, William Allen Simpson wrote: ... >"Arnold G. Reinhold" wrote: >> There are a lot of reasons why open source is desirable, >> but it does simply the job for an attacker. >I disagree. Security by obscurity is never desirable. Right.

Re: Pinoy math enthusiast finds fast way to decode RSA encryption

; At 03-02-01 02:27, Marc Branchaud wrote: After finding his e-mail adres, I just asked him : From: Leo <[EMAIL PROTECTED]> To: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: [Fwd: Re: RSA Broken ??] Dear Barry Wels, For your information and further discussion and scrutiny. Here is a

Anonymous "Credit": 7-11/AMEX Gift Card (was Re: PRIVACY ForumDigest V10 #02)

At 6:48 PM -0800 on 2/3/01, PRIVACY Forum wrote: > Date:Thu, 07 Dec 2000 19:00:36 EST > From:HC <[EMAIL PROTECTED]> > Subject: Anonymous "Credit": 7-11/AMEX Gift Card > > I'm writing about a fairly new product that has become available: the > 7-Eleven Gift Card by American Express. I fo

Re: Pinoy math enthusiast finds fast way to decode RSA encryption

At 05:27 PM 2/2/01 -0800, Marc Branchaud wrote: > >Anyone know if there's any truth to this? I don't know anything about it beyond the (minimal) information in the article, but remember that "decode" could either refer to cracking, which would be a highly surprising discovery, or to faster decry

Re: smartcards, electronic ballots

-BEGIN PGP SIGNED MESSAGE- "John R. Levine" wrote: > The current election system, for all its faults, is the result of two > centuries of effort by people not all of whom were completely stupid, > and has a complex and not always set of features to defend against all > sorts of schemes to

Re: smartcards, electronic ballots

William Allen Simpson wrote: > And in the same vein, I forwarded Ed Gerck's list of published > 'requirements' to Lynn. She intends to use them as a perfect example > of what we DO NOT want! see below, before you set yourself to re-invent the wheel. > Ed

RE: Leo Marks

--- begin forwarded text Reply-To: <[EMAIL PROTECTED]> From: "Chris Ogden" <[EMAIL PROTECTED]> To: "R. A. Hettinga" <[EMAIL PROTECTED]> Subject: RE: Leo Marks Date: Thu, 1 Feb 2001 20:26:02 - > > By the way, what was the source of the obi

Re: issuing smartcards is likely to be cheap [Was: electronic ballots]

[ likely too far off topic ] > Hmmm, I have a "voter registration card" and I believe that is > the case across the USA. Anything that is itself mechanically _required_ in order to vote must be provided to the voter gratis else it will be surely challenged as a poll tax. By just this

Re: smartcards, electronic ballots

>>Hmmm, I have a "voter registration card" and I believe that is the case >>across the USA. Here in New York, the county sends you a card when you register, which all but the most anal then lose. I used to be an election inspector, and I can report that we never asked for the cards, and I can't

Re: issuing smartcards is likely to be cheap [Was: electronicballot s]

At 11:09 AM -0600 2/1/2001, (Mr) Lyn R. Kennedy wrote: >On Thu, Feb 01, 2001 at 09:52:05AM -0500, Arnold G. Reinhold wrote: >> At 1:36 PM -0800 1/31/2001, Heyman, Michael wrote: >> > > -Original Message- >> >> From: William Allen Simpson [mailto:[EM

Re: electronic ballots

At 05:28 PM 1/25/01 -0600, (Mr) Lyn R. Kennedy wrote: >On Thu, Jan 25, 2001 at 01:03:49PM -0500, William Allen Simpson wrote: >> >> I've been working with Congresswoman Lynn Rivers on language for >> electronic ballots. My intent is to specify the security sensitive >> information, and encoura

Re: Smartcard Security?

On Thu, Feb 01, 2001 at 12:04:37AM -0800, Brad B wrote: > I know NOTHING about Crypto/Smartcard tech, so please don't flame me, as I > have nothing to defend myself with (hehe). > > However, I was watching a thing on CSPAN about voting technology, and some > guy was showing off an electronic syst

Re: issuing smartcards is likely to be cheap [Was: electronicballot s]

At 1:36 PM -0800 1/31/2001, Heyman, Michael wrote: > > -Original Message- >> From: William Allen Simpson [mailto:[EMAIL PROTECTED]] >> Subject: Re: electronic ballots >> [SNIP much] >> > >> > It seems that something like a smartcard would be the

Telephone Behavior as Biometric (was Re: ip: New ScientistNewsletter 3 February 2001)

[Interesting implications on automated traffic analysis... --Perry] At 1:37 AM -0600 on 2/1/01, by way of [EMAIL PROTECTED] wrote: > GUARDIAN ANGEL > We wouldn't go so far as to suggest that your are boring, but this > week's New Scientist does have evidence that you are somewhat > predictable.

Re: electronic ballots

William Allen Simpson wrote: > -BEGIN PGP SIGNED MESSAGE- > > I've been working with Congresswoman Lynn Rivers on language for > electronic ballots. My intent is to specify the security sensitive > information, and encourage widespread implementation in a competitive > environment. We

Re: issuing smartcards is likely to be cheap [Was: electronic ballots]

> Hmmm, I have a "voter registration card" and I believe that is the case > across the USA. It is not. /r$ [True enough. --Perry]

Re: Leo Marks

ffic. Marks' first response was to supply agents with his own poems, which were far less likely to be guessed. > >More subtly, doing the encryption was an error-prone process, >especially if done under field conditions without the aid of graph >paper. Per protocol, if London couldn

Re: Wassenaar question

Back in mid-1999, I sent this to the list: > The Canadian Dep't of Foreign Affairs & International Trade (DFAIT) has an export law > page at: > > http://www.dfait-maeci.gc.ca/~eicb/notices/ser113-e.htm > > It includes this text: > > | PROPOSED EXPORT CONTROL LIST CHANGES: > | > | 12. The Was

Re: Dutch defense minister warns other countries have Echelon-type spy networks

At 28-01-01 00:52, John Gilmore wrote: >[I haven't seen the original documents, so consider this only a rumor > at this point. Anyone have more info? -- John] > >Translation of report by Dutch newspaper NRC Handelsblad on 20 January > >Source: NRC Handelsblad, Rotterdam, in Dutch 20 Jan 01 p 2

Re: Dutch defense minister warns other countries have Echelon-type spy networks

On Wed, 31 Jan 2001 02:46:53 +0100 Ulf Möller <[EMAIL PROTECTED]> writes: > > [I haven't seen the original documents, so consider this only a rumor at this > >point. Anyone have more info? -- John] > > >http://parlando.sdu.nl/cgi/showdoc/doc/anonymous:62665/4/0/KST50892.pdf/0/KST50892.pdf > >

Re: electronic ballots

it be no worse. After Florida, I think we can shoot for something a lot better. > 3. The concept of the polling place needs to be re-examined. If a voter > can vote from anywhere at anytime then the problem becomes one of > counting the last vote. A vote signed by an authori

Re: Leo Marks

ons without the aid of graph paper. Per protocol, if London couldn't decrypt the message, the agent was told to re-encrypt and re-transmit. But that meant more air time -- a serious matter, since the Gestapo used direction-finding vans to track down the transmitters. Doing some sim

Re: Dutch defense minister warns other countries have Echelon-type spy networks

- Original Message - From: "John Gilmore" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Sunday, January 28, 2001 7:52 AM Subject: Dutch defense minister warns other countries have Echelon-type spy networks > [I haven't seen the original documents, so consider thi

Re: Dutch defense minister warns other countries have Echelon-type spy networks

> [I haven't seen the original documents, so consider this only a rumor > at this point. Anyone have more info? -- John] http://parlando.sdu.nl/cgi/showdoc/doc/anonymous:62665/4/0/KST50892.pdf/0/KST50892.pdf (I don't know if that is a permanent URL. If not, search for document number 27591, nr

Re: electronic ballots

wrote: > 1. An electronic election system need only be as good as the current > system. While perfection remains the goal, the minimum criteria > is that it be no worse. > > 2. There needs to be an absolute disconnect between the voter and the > vote. Some k

Re: electronic ballots

At 1:03 PM -0500 1/25/2001, William Allen Simpson wrote: >-BEGIN PGP SIGNED MESSAGE- > >I've been working with Congresswoman Lynn Rivers on language for >electronic ballots. My intent is to specify the security sensitive >information, and encourage widespread implementation in a competiti

Re: electronic ballots

e voter and the vote. Some kind of voting certificate should allow a vote but make it difficult to determine how someone voted. 3. The concept of the polling place needs to be re-examined. If a voter can vote from anywhere at anytime then the problem becomes one of counting the

Re: electronic ballots

At 01:03 PM 1/25/01 -0500, William Allen Simpson wrote: >-BEGIN PGP SIGNED MESSAGE- > >I've been working with Congresswoman Lynn Rivers on language for >electronic ballots. My intent is to specify the security sensitive >information, and encourage widespread implementation in a competit

Re: electronic ballots

-BEGIN PGP SIGNED MESSAGE- Long answer Matt Crawford wrote: > > It looks as if your VERIFIABILITY constraints allow pay-for-vote to > take place. The voter V can show his audit number to ward-heeler W, > who can subsequently verify, together with poll-watcher P, that V > voted for

Re: electronic ballots

It looks as if your VERIFIABILITY constraints allow pay-for-vote to take place. The voter V can show his audit number to ward-heeler W, who can subsequently verify, together with poll-watcher P, that V voted for Boss B. The PRIVACY section does not seem strong enough to prevent this. Ten years

Re: iDVD Not What It's Claimed

It's interesting to note that in a recent Canadian decision on copyright, users are allowed to use recordable media for copying as long as it is for private use. Of note in the decision is the fact that the manufacturers pay a fee for each recordable media. I'm sure that if it was deemed profita

Re: small crypto that isn't predictable

Bill Stewart <[EMAIL PROTECTED]> writes: > If you've got room for an IV, you _could_ do something like > XORing the IV with the key, not the data stream - > that means that it isn't really using the same algorithm > for the IV as for the rest of the data stream, but you may not care. With RC4, it

Re: small crypto that isn't predictable

This is more of a cryptography question than a coding question, so I've Cc:d [EMAIL PROTECTED], and you may want to shift the discussion there. How small do you need? And how unpredictable? RC4's pretty small, though it has issues with how you use it. DES isn't really all that big these days -

Re: What's Wrong With Content Protection

On Sat, 20 Jan 2001 10:41:52 -0800 [EMAIL PROTECTED] writes: > I will make a partial rebuttal to John Gilmore's article on the problems > with content protection schemes. > > [..snip..] > > I understand that John and others worry that consumers will not actually > be able to make choices and deci

Re: 3G crypto algorithms

f8 and f9 are specified in 3G_20TS35.201, version 1.2 of September 5th, 2000. Jaap-Henk On Sat, 20 Jan 2001 13:26:13 +1100 Greg Rose <[EMAIL PROTECTED]> writes: > You're missing the document that specifies f8 and f9, which is the glue > between 33.102 and the Kasumi spec. Unfortunately I can't

Re: The Shining Cryptographers Net

John Denker writes: > A much better strategy for Eve is to _not_ make so many > measurements. Rather, she should preserve the photon in all its analog, > quantum-mechanical glory and recirculate it back to Bob, bypassing the > other participants in the ring. > > Then Bob, in blissful ignorance

Re: iDVD Not What It's Claimed

In article <[EMAIL PROTECTED]>, Alan Olsen <[EMAIL PROTECTED]> wrote: > How much would digital out jacks cost? $1? $2? $5? In consumer electronics, which is a world where a cassette walkman can sell *at retail* for $5, that is a lot of money. > The market has nothing to do with the situation.

Re: What's Wrong With Content Protection

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 At 05:29 AM 1/22/01 GMT, David Wagner wrote: >Free markets may be the best hope we've got (or they may not), but >in any case, wouldn't it be fair to say that reliance on free markets >to eliminate content protection is a little risky? [...] >Now su

Re: What's Wrong With Content Protection

Hal Finney writes: >But when we deal with content protection which is provided on a >competitive basis in the marketplace, it is another matter. In that >case it is ultimately a question of satisfying the desires of the consumer >which determines which products will succeed. [...] > >I understand

Re: iDVD Not What It's Claimed

On Sun, 21 Jan 2001, R. A. Hettinga wrote: > I think Gilmore's right. > > On the other hand, and, quite frankly, it is the *market* that > ultimately determines the salability of something, and not government > regulation, or even the litigiousness of the recording industry. > > I think the rea

Re: iDVD Not What It's Claimed

-BEGIN PGP SIGNED MESSAGE- At 7:41 AM -0800 on 1/21/01, Somebody wrote: > You've all seen this - I'm just trying to figure out what > I think about at least the part that applies to Apple and iDVD. I think Gilmore's right. On the other hand, and, quite frankly, it is the *market* tha

Re: The Shining Cryptographers Net

At 10:10 AM 1/20/01 -0800, [EMAIL PROTECTED] wrote: >This analysis will focus on one particular kind of attack. Eve will make >measurements of the photon polarization angle as it travels through the >network and attempt to deduce information about the signals being sent >by the participants. Th

Re: What's Wrong With Content Protection

Excellent essay. I feel smarter for having read it. I would say that I think that there are some breaks in the clouds you describe so well. 1) If most of these copy-protection schemes are schemes, and not laws, then the free market will route around them (The free market is about as adaptable

Re: 3G crypto algorithms

You're missing the document that specifies f8 and f9, which is the glue between 33.102 and the Kasumi spec. Unfortunately I can't get to their server at the moment for some reason, so I can't give you it's number, but I think it is 33.2xx. thanks and regards, Greg. At 01:53 PM 1/19/2001 -0500

Re: What's Wrong With Content Protection

I will make a partial rebuttal to John Gilmore's article on the problems with content protection schemes. I distinguish between schemes which are enforced by legislation such as the Digital Millennium Copyright Act (DMCA), versus schemes which rely on technological means and market competition to

Re: The Shining Cryptographers Net

This message analyzes the Shining Cryptographers network in terms of how much information Eve the eavesdropper can hope to get by measuring the photon state before and after it is rotated. See earlier messages for more detail about how the SC Net works. This analysis will focus on one particular

Re: What's Wrong With Content Protection

John Gilmore wrote: > Few or no manufacturers are willing to put ordinary > digital audio recorders on the market -- you see lots of MP3 *players* > but where are the stereo MP3 *recorders*? They've been chilled into > nonexistence by the threat of lawsuits. The ones that claim to > record, reco

Re: The Shining Cryptographers Net

At 09:36 AM 1/18/01 -0800, [EMAIL PROTECTED] wrote: >Jaap-Henk Hoepman, <[EMAIL PROTECTED]>, writes: >> In the `traditional' DC Net, how is absence of a message detected? ... >> If this is a seperately distinguishable outcome of a round, each round may >> return three outcomes: `0', `1' and `none'

Re: The Shining Cryptographers Net

Ray Dillinger wrote, quoting me: > >Another idea would be for the stations to actually absorb the photon > >in some manner that preserved its polarization, and then to re-emit it. > >These could be primed to pass only a single photon. > > Now you are talking serious voo

Re: Full text to the book ``Underground'' released.

The site below has been offline because of heavy traffic. Mirrors, in case you can't get through: http://www.attrition.org/ee/underground-book.zip http://www.politechbot.com/docs/underground.011800.txt.gz -Declan On Thu, Jan 18, 2001 at 08:31:03AM +1100, Julian Assange wrote: > [More security

  1   2   3   4   5   6   7   8   9   10   >