And so it begins

Only laptops, eh? Encrypted media are not mentioned, obviously. And clearly every modern OS (IPsec, ssh, even Winders' weak encryption) has "encryption capability". Spytool Netscape, who would have thought. Matt Crawford writes: > This came third-hand, Sandia -> DOE -> me > > > >

Lots of random numbers

Rich Salz writes: > I'm putting together a system that might need to generate thousands of RSA > keypairs per day, using OpenSSL on a "handful" of Linux machines. What do > folks think of the following: take one machine and dedicate it as an entropy > source. After 'n' seconds turn the networ

Re: /. Yahoo delivers encrypted email

Bram Cohen writes: > To be fair, Yahoo handles so much mail that the CPU power necessary to > start SSL sessions for all of them gets pretty expensive. They'll probably > start doing end-to-end encryption when the prices of that drop lower, > Moore's law and all that. Of course, this assumes

Re: UK Sunday Times: "Steal the face right off your head"

Ray Dillinger wrote: > Side effect of having very thick dry skin that's not very > conductive electrically. There's purpose in using photoplethysmography/photoxytometry (this gives you oxygenation of the blood plus pressure pulses with a little DSP on NIR/red LED light) together with papillary p

Re: copy protection

Lenny Foner wrote: > But the world is -different- now. > > The DMCA exists, and its anticircumvention language will be used as > a bludgeon to sue and perhaps even lock up people who do anything to > bypass the crypto in the disk. Thus, a purely technical solution This assumes I own the disk.

Python RSA

Got this from Mordy Ovits <[EMAIL PROTECTED]> Is the following of more than trivial value? It does seem to use L integers... #!/usr/bin/python from sys import*;from string import*;a=argv;[s,p,q]=filter(lambda x:x[:1]!= '-',a);d='-d'in a;e,n=atol(p,16),atol(q,16);l=(len(q)+1)/2;o,inb=l-d,l-1+d

how secure is digital pulse radio?

stream. It looks very like white noise. What is your estimate how difficult it would be to screen for such communication channels, and how rapidly could one crack them (assuming no further encryption of the traffic)? -- Eugene Leitl

Re: Bush Seeks to Curry Favor in Silicon Valley (was Re: ECARMNEWS for July 02,1999 Second Ed.)

Marshall Clow writes: > Is the PlayStation made here in the US? > Or is it imported? Playstation 2 (a 128 bit/64 bit architecture, 4 MByte embedded RAM gfx engine, up to 32 MByte RamBus, 200 MBps FireWire, PC card slot, etc, etc.) http://www.playstation-europe.com/pr/prnews/old/r&d

Re: depleting the random number generator

bram writes: > Most of the fancy reseedable PRNG schemes people have come up with are > based on using secure hashes. They are sure validated, but are they the best we can do? MD5, the nonplusultra, really?

Re: depleting the random number generator

bram writes: > I'm not sure if anybody's yarrowified /dev/random yet - I think someone > from coderpunks was working on it. Does anybody know how cellular automata perform re cryptographically solid random number generators? They can crank out a lot of integers with a minimum investment in in

A Massively Parallel Cryptosystem Based on Cellular Automata

What is your oppinion on the security of this system. Any obvious flaws? http://www.santafe.edu/~hag/ca11/ca11.html A Massively Parallel Cryptosystem Based on Cellular Automata Howard Gutowitz ESPCI; Laboratoire d'Electronique 10 rue Vauquelin; 75005 Paris, France [EMAIL PROTECTED] The DES i

Crypto bill will harm children, boost "pedophiles"

Declan McCullagh writes: > "Child pornographers could distribute their > filth unimpeded," the House Permanent > Select Committee on Intelligence said. Doesn't that one slowly start to backfire, since ringing hollowly even amon

Re: depleting the random number generator -- repeated state

Jon Callas writes: > I'll also note that the state-loop that Anonymous described can easily be > detected and corrected. Given that this is a PRNG, not a cipher, > predictability is not a requirement (although you can algorithmically > correct in a way that will still make it a cipher). I do

US Urges Ban of Internet Crypto

John Young writes: > Nations do not control distribution of intangible items. While > I recognize that this issue is controversial, unless we address > this situation, use of the Internet to distribute encryption products > will render Wassenaar's controls immaterial." I just love this se

Re: depleting the random number generator -- repeated state

It would seem to be an excellent idea indeed to incorporate a register which gets filled with fresh entropy (from amplified circuit noise, for instance) at every clock tick into the CPU directly, particularly if it is to be used for embedded crypto gadgets. Of course one would have to believe th

RE: US Urges Ban of Internet Crypto

Lucky Green writes: > [Before a reader replies with an argument based on a claim that strong > crypto is in the process of becoming ubiquitous, please take a look at your > phone. Does it perform 3DES encryption? Do the phones of the majority of Phone? Why do I need a stupid phone if there's

Re: depleting the random number generator -- repeated state

David Honig writes: > One of the many uses of nitric acid. Ie, take random samples I thought this is mostly done by removing the bulk of the package polymer by grinding, and then subjecting the rest of it to a plasma etch. I haven't put a processed wafer into nitric acid yet, but I could imag

crypto file system for Linux: which?

Hi, recently we had a break-in where very valuable intellectual property was stolen along with (negligeable) hardware. To prevent this in future I'd like to establish a (physically secured) Linux SMB server running a cryptographic file system. I've taken a quick look, and there seem to exist e

Re: Power analysis of AES candidates

Why don't you just erase flash when a pressure change (hull breach) is detected. Using double-walled hull, to look for shortcuts. You can also couple this to light detection, and whatnot. Andreas Bogk writes: > Russell Nelson <[EMAIL PROTECTED]> writes: > > > > There's some question about

Re: Power analysis of AES candidates

Arnold Reinhold writes: > A sophisticated attacker could measure the pressure in each > compartment and work in a pressurized, darkened room. You don't know the pressure inside, that's the point: it varies among the units. Whenever there is a (nonthermal) pressure change the thing nukes itse

Re: Power analysis of AES candidates

John Gilmore writes: > What are you guys talking about? Differential power analysis doesn't > require any physical attack, nor does it deal with voltage > variations. (You are probably thinking of Shamir's fault-injection You can't do differential power analysis if you supply power photonic

Re: Power analysis of AES candidates

Eli Brandt writes: > If so, doubling the cap size halves the cutoff frequency (right?), > halving the leaked power. Integrating runs gives signal voltage > linear in n and noise voltage sqrt(n); voltage ratio is sqrt; power > ratio is linear. So leaked-signal power is > Theta( (att

Re: Intel RNG

Are there any other advantages in a hardware PRNG other than it cannot be overwritten? (Yes your hardware might be incorruptible but the software layers always be). I could imagine the soon-to-arrive (you might disagree but the writing's on the wall) CPUs with considerable FPGA areas will make pu

Re: having source code for your CPU chip -- NOT

For the truly paranoid: it is perfectly possible to boostrap a working Forth environment *by hand*, whether by hand assembly and flashing the resulting image, or by porting eForth (or any Forths written in C) to an embedded target. You simply can't fit any Trojan in there: a minimal Forth OS can

grabbed video as a source of entropy

I've recently aquired a video camera (bttv-based 3Com Bigpicture, can do 30 fps true color 640x480). I've noticed that under certain conditions images can become quite noisy. Does anyone has data on the amount and quality of the entropy produced? I wouldn't mind any pointers to sources extractin

Re: grabbed video as a source of entropy

David Honig writes: > Even if I had the same hardware, perhaps the tolerances on my ADCs are > different from yours. > > And illumination levels will affect certain kinds of noise. Sure, but the entropy generation rate will be in any case higher than stuff coming from /dev/dsp > The po

Re: "unbreakable code?" with cash prizes

[EMAIL PROTECTED] writes: > I wrote the author of the challenge. He responded (quoted with > permission): > (((To be clear, the contents of message2.bin were created by xor-ing my > English plain text with a chunk of a jpg file which is NOT on the web. > It is a picture I took myself and sca

Re: "unbreakable code?" with cash prizes

David Honig writes: > you can think about using the bits. You should hash them before use, to be > safer. Of course this assumes that the cryptohash doesn't introduce exploitable hidden order. There should be a way to distill a physical entropy source into an equal-probability sea of ones a

Re: IP: IETF considers building wiretapping into the Internet

James Robertson writes: Boy, things are really heating up on [EMAIL PROTECTED] If you're not there, you're missing something. > As an Australian, I am more than a little concerned > that an American law enforcement agency is trying > to dictate the design of an international communication >

Re: 56 Bits?????

I presume if he fails to deliver the goods on time you'll henceforth consider 56 bit secure, in all eternity (=5-10 years)? Strange kind of reasoning. Marshall Clow writes: > OK, Bob. > You have claimed to be from Missouri. > Show me. > > Here's an encrypted file, encrypted with a 56 bit

Re: 56 Bits?????

Wiping is not enough in some cases. With magnetical proximal probe microscopy one can read residual magnetisation even in low-level formatted disks. First wiping with ones and zeroes and then overwriting several times with (pseudo)random sequences offers better protection. The optimal solution

Re: Semantic Forests, from CWD (fwd)

Steven M. Bellovin writes: > The problem, from the perspective of an intelligence agency, is figuring out > what to listen to. Let's do some arithmetic. > > The product you cite requires at least a 133 Mhz Pentium; 200 Mhz preferred. > How many such chips are needed? Well, according t

Re: Debit card fraud in Canada

Arrianto Mukti Wibowo writes: > About Mondex, probably you are right. No information is available about the > internals of Mondex, and is kept secret, unlike CAFE which the specification The fact that Mondex keeps its VM specs secret does not forebode well for its security. Apparently, the VM

Re: Blue Spike and Digital Watermarking with Giovanni

Robin Whittle writes: > Digital watermarks again! > > Joe Sixpack won't believe his file contains a digital watermark with > his name in it unless there is a freely distributed Windows/Mac > program which reads the watermark and so spits out his name and other > personal details. Joe Six

Re: Blue Spike and Digital Watermarking with Giovanni

Well, the deformations must be smooth, so this just describes an attack against a certain type of watermarks. As I said, it is difficult to resiliently watermark a single image. Paul Crowley writes: > As far as I know, all fielded watermarking schemes can be defeated > with simple, invisible

Copy protection proposed for digital displays

http://www.eetimes.com/story/OEG2217S0039 Copy protection proposed for digital displays By David Lammers EE Times (02/17/00, 7:02 p.m. EST) PALM SPRINGS, Calif.-At the Intel Developer Forum here, Intel Corp. unveiled a copy protection scheme that will add a layer of encryption between the

Re: Napster - the quiet revolution

I haven't had the opportunity to try Napster yet (upgrade to glibc is way overdue). Everybody is raving about it, though, so it is probably very good. It seems however, that Napster suffers from a few design flaws: centralism (there is a central database, right?); it seems to produce cleartext t

please help FreeNet by becoming a node

(((I urge you to donate some of your computational/networking resources to the Freenet project, even if it's a single xDSL box. Details how to help see Latest News below.))) http://freenet.sourceforge.net/ "I worry about my child and the Internet all the time, even though she's too young

/. Mozilla Crypto Released for Windows, Linux

http://www.mozillazine.org/ Thursday March 9th, 2000 Mozilla Crypto Released for Windows, Linux! The first crypto-enabled builds of Mozilla have come online. Currently there are Windows and Linux builds available - a Mac version will be available soon. Enabled in these initial builds are SSL,

Re: [FYI] ECHELON for combat of european "national culture" of bribery?

Of course U.S. companies are entirely innocent of that practise. Right. Sounds just like another lame excuse to me. Pedophiles, terrorists, hackers, now it's Evil Euros, snatching up contracts using bribes. Yawn. I'm surprised Janet Reno has this time nothing to say about this. Bill Stewart w

New York teen-ager win $100,000 with encryption research (3/14/2000)

Of course it ain't actual encryption, only (high-payload) steganography at best. Now, if you sneak a message into a living critter (a pet ("the message is the medium"), or creating the ultimate self-propagating chainletter, a pathogen), that would be an interesting twist. Interesting is that you

Re: New York teen-ager win $100,000 with encryption research(3/14/2000)

Arnold G. Reinhold writes: > If you know the DNA sequences of alphabet letters, you can PCR probe > for common words or word fragments like "the" or "ing" and avoid > total sequencing. That's true. Luckily, there is no such test for random base sequences, though a pseudorandom sequence wou

Re: New York teen-ager win $100,000 with encryptionresearch(3/14/2000)

Arnold G. Reinhold writes: > I am not sure I understand the difference between "random" and > "pseudorandom" as you are using it here. In any case, I expect more There is no difference from an attacker's point of view. He can't tell random from pseudorandom without extra knowledge. But he su

Re: New York teen-ager win $100,000 withencryptionresearch(3/14/2000)

Arnold G. Reinhold writes: > destruction. (After all, a suitable amount of thermite will do a fine > job on an ordinary hard disk drive. Pretty to watch too.) Interesting. I thought I was the only one who considered this as the only proper disposal mechanism of magnetic storage media in high

Re: GPS integrity

I presume the paper in question is http://www.cs.georgetown.edu/~denning/infosec/Grounding.txt Ian BROWN writes: > Dorothy Denning wrote an interesting paper on authenticating location using > GPS signals... I think it's reachable from her home page as well as the > following citation: >

Re: GPS and cell phones

Bill Stewart writes: > That doesn't mean that the author isn't mixing up two concepts - > GPS vs cell phone location by the phone system's signalling. > GPS burns too much power to be used in typical cellphones - I'd like to point out an emerging technology (based on digital pulse radio, imple

Re: NSA back doors in encryption products

Rick Smith writes: > 3) A more sophisticated backdoor in Windows would involve a lot of people > who can't be covered by government secrecy agreements. It would be > extremely difficult to keep such a thing both functioning and secret for > more than a few years. The canonical way to install

Re: NSA back doors in encryption products

Jim Choate writes: > Bull, the hardware companies aren't any more trustworthy. True. You can always validate a few from a batch by plasma etching the device, and trace the structures on an electromicrograph (some EMs allow you to observe the device in operation). Also, it is hard to insert a t

Re: NSA back doors in encryption products

Jim Choate writes: > Trying to avoid software compromises by using hardware is impossible since > you can't build the hardware without software. The point is to put the sensitive area (key ring, crypto engine) into a small, isolated system which can't be easily compromised by a remote exploit.

Re: NSA back doors in encryption products

Enzo Michelangeli writes: > And why should we trust hardware implementations, which are even more opaque > to analysis than binary-only software? It is harder to analyze (mostly, because you can't look at it easily, and can't trust what it tells about its inner state), but it has much less bits

RE: NSA back doors in encryption products

From: "Minow, Martin" <[EMAIL PROTECTED]> Jim Choate writes: > Bull, the hardware companies aren't any more trustworthy. I've been recommending the Dallas Semiconductor "iButton" for secure storage. The Java version also lets you implement your own on-chip algorithms

Re: NSA back doors in encryption products

Jim Choate writes: > > Also, it is hard to insert a trapdoor into an FPGA. OpenSource hardware. > > All of it using software. You're aware of of difficulties repeating the compiler/login trojaning trick when you're doing metacompiling, are you? It's not that it can't be done, but it is so m

Re: NSA back doors in encryption products

Jim Choate writes: > No, you don't. Sign the source and binaries. You trust your secure hash reporting you the truth? Duh.

Re: FBI announcement on email search 'Carnivore'

David Honig writes: > For $500/monthly you too can have a box in various NAPs. You can > run your NIC in Bill Clinton mode, e.g., to measure certain > things about traffic. I know of a corporation doing this (they > are only interested in infrastructure traffic, not content). I know of a

Re: UK searching traveler's disk drives for pornography (fwd)

David Honig writes: > But could they do that to an American returning to America? Sure, > a brit returning to post-RIP britain is fresh meat. Or a furriner > coming to America (who isn't yet on US soil). The point is rather, can they legally demand the passphrase for my hard drive with a cr

Re: UK searching traveler's disk drives for pornography (fwd)

David Honig writes: > Again, if they have the 'right' (as border agents) then the technical > difficulty translates into a battle of wills. A non-citizen would > lose. A citizen *might* have a case but might also spend a few > weeks in a Customs' hotel... Essentially, this means a storage

airport searches

SteveC writes: > At the risk of going against the tide, I would rather be in a country > where they did search some percentage of the incoming passport holders > belongings than one where they didn't. They can search for things which can harm other people on the flight. This involves plastiqu

Re: A proposal for secure videoconferencing and video messaging over the Internet

James A. Donald writes: > In real life situations where one wishes a conversation to be secure, are > people most commonly authenticated by true name, or by face. We're mixing several unrelated items in one pot here. One thing is authentication, the other is securety. Authentication is when