sci.crypt
  Home FAQ Contact Sign in
sci.crypt only
 
Advanced search
November 2006
motuwethfrsasuw
  12345 44
6789101112 45
13141516171819 46
20212223242526 47
27282930    48
2006
 Jan   Feb   Mar   Apr 
 May   Jun   Jul   Aug 
 Sep   Oct   Nov   Dec 
2008 2007 2006  
total
sci.crypt Profile…
RELATED GROUPS

POPULAR GROUPS
 Up
  Re: New attacks on the financial PIN processing         


Author: Anne & Lynn Wheeler
Date: Nov 30, 2006 18:45

Possible Serious Security Flaw In ATMs
http://it.slashdot.org/it/06/11/30/2139235.shtml

ATM system called unsafe
http://redtape.msnbc.com/2006/11/researchers_who.html

from above:

A U.S. Secret Service memo obtained by MSNBC.com indicates that
organized criminals are systematically attempting to subvert the ATM
system and unscramble encrypted PIN codes.

... snip ...
no comments
  Re: Comaprison between MD5 and SHA         


Author: Stelian Ene
Date: Nov 30, 2006 17:46

Tom St Denis wrote:
> Luc The Perverse wrote:
>>> What makes you think you can multi-thread MD5?
>>
>> There is probably someway to take advantage of another core - but I
>> doubt it would be trivial. Perhaps I am completely wrong - I don't
>> know enough about MD5
>
> You'd be wrong. At the point where you think MD5 could benefit from
> SMP [or dual-core since this isn't strictly SMP] you need to re-take
> your operating systems classes from school :-)
>
> The overhead alone in synchroizing two threads and extracting the
> results would be MORE than a single MD5 compression.
>

I think you could gain some speed for SHA-1 by precomputing some stuff. Each
uint must be read from the memory as big endian:
Show full article (1.69Kb)
no comments
  Re: Usable pen-and-paper ciphers?         


Author: Unruh
Date: Nov 30, 2006 12:38

"Alan" hotmail.com> writes:
>Chris De Young wrote:
>> Any suggestions?
>Take a cue from the Code Talkers of WWII (Choctaw Indians speaking in
>their native tongue to communicate secrets). Create your own
>language.

Actually no. A language is just a substitution cypher ( substituting words
in one language with those in another). It is easy to break them. Just
learn the new language. Ie, if you have the plaintext for a relatively
small amount of "encrypted" text then you have broken the cypher.

The Americans were worried that some anthropoligist from Japan had learned
Navaho before the way. If they had, the code would have been completely
broken.

Ie, such a cypher is not resistant to known plaintext attacks.
no comments
  Re: Usable pen-and-paper ciphers?         


Author: Unruh
Date: Nov 30, 2006 12:34

VPE writes:
>Unruh kirjoitti Wed, 29 Nov 2006 22:30:20
>+0200:
>[One time pad]
>> and you HAVE to make sure that you never never ever reuse any streatch
>> of those numbers in either direction. If you do that then the cypher is
>> unbreakable
>He means 'breakable' of course ...

No I mean that IF you "make sure that you never never reuse.... then the
cypher is unbreakable."
>> by anyone no matter what their resources.
no comments
  Re: Usable pen-and-paper ciphers?         


Author: Markus Jansson
Date: Nov 30, 2006 10:00

vedaal wrote:
> what is broken in theory?
> even with the bias,
> the workload requiring to break it exceeds what is currently feasible

Well, you sayed it yourself. :)

--
My computer security & privacy related homepage
http://www.markusjansson.net
Use HushTools or GnuPG/PGP to encrypt any email
before sending it to me to protect our privacy.
no comments
  XML encryption         


Author: xml
Date: Nov 30, 2006 07:38

I believe that the W3C XML Encryption standard defines two kinds of
element encryption:
· the element encryption mode to encrypt an entire element; start
tag, children and end tag
· the content encryption mode to encrypt the content of the element
but leave the start and end tags in clear.

What I need is to use multiple keys to encrypt the element name and its
contents with one key, but encrypt sub-elements with other keys (or,
leave them in clear). (Note: I do NOT want to use super-encryption.)
Example.


bb
cc
aa
Show full article (2.59Kb)
3 Comments
  3rd Chaos Communication Congress: planned events/         


Author: Jan Panteltje
Date: Nov 30, 2006 07:10

http://events.ccc.de/congress/2006/Fahrplan/events.de.html
Some real interesting presentations planned for the
23rd Chaos Communication Congress

How about for example:
Hot or Not:
Defeating anonymity by monitoring clock skew to remotely detect the temperature
of a PC.

I think it is cute, but Tom will have it covered already somewhere.
In that case consider it a reminder.
no comments