John Young | 29 Jan 15:48 2015
Picon

Why Google made the NSA

https://medium.com/ <at> NafeezAhmed/why-google-made-the-nsa-2a80584c9c1

Part 2 of the Google TLA allegations.
John Young | 29 Jan 15:30 2015
Picon

How the CIA Made Google

https://medium.com/ <at> NafeezAhmed/how-the-cia-made-google-e836451a959e

Fascinating research, with gobs of suspects besides TLAs, Brin and Page,
some here now, some here back then, as suspected then and now. Not
that there is anything wrong with suspecting cpunks was made similarly.
Kevin | 25 Jan 21:38 2015
Picon

How far are we from quantum cryptography?

Okay, we see a lot about quantum cryptography and how today's 
cryptosystems are mere toys compared to a quantum computer.  Great, but 
in this post-quantum world how close are we to seeing it in action?

--

-- 
Kevin

---
This email is free from viruses and malware because avast! Antivirus protection is active.
http://www.avast.com
John Young | 25 Jan 17:04 2015
Picon

Re: [Cryptography] Barrett Brown allocution statement in court today

At 10:25 PM 1/24/2015, Mahlon Theobald wrote:
>Well what happened?

5 years 3 months sentence. Time served of 2.5 years to be credited.
Possible parole in 1 year.

http://cryptome.org/2015/01/brown-145-104.pdf

  Defiant statement after sentencing: "Mission now to report on FU prison
system after reporting on FU cyber system."
Greg | 24 Jan 21:56 2015

Do quantum attacks/algos also lead to compromise of PFS?

So, I understand that QM algos can pretty much dismantle all popular asymmetric encryption algos with enough q-bits, but I haven't thought hard enough to see if they also can be used to compromise communications that used DH to do PFS underneath the initial handshake.

Side question: is this the right list to ask this on, or is there other ones I should try? (Is CFRG appropriate? Metzdowd is annoying with its long moderation times...)

Thanks,
Greg

--
Please do not email me anything that you are not comfortable also sharing with the NSA.

_______________________________________________
cryptography mailing list
cryptography@...
http://lists.randombit.net/mailman/listinfo/cryptography
John Young | 22 Jan 16:16 2015
Picon

Barrett Brown allocution statement in court today

Barrett Brown allocution statement in court today just released

http://cryptome.org/2015/01/BB_allocution.pdf
http://cryptome.org/2015/01/BB_allocution.doc
John Young | 22 Jan 00:39 2015
Picon

Press release: Barrett Brown will finally be sentenced tomorrow

http://tumblr.freebarrettbrown.org/post/108769779474/press-release-barrett-brown-will-finally-be
realcr | 7 Jan 16:40 2015
Picon

The Wandering Music Band

Hi,
I am looking for some crypto primitive to solve a problem I have.

Assume that I meet a group of people. call it S. I get to talk to them a bit, and
then they are gone.

This group of people walk together in the world. Sometimes they add a person to
their group, and sometimes they remove one person. (You can assume it's a music
band, then it all makes sense). Generally, though, you may assume that they have
at least k people in the group at all times.

Assume that I meet the resulting group at some time in the future, after many
members were added or removed. How can the new group S' prove to me that they
are the descendants of the original group S?

I include here some of my thoughts about this.

1. Naive Solution: Remembering lots of signatures.

Every person in the world will have a key pair (of some asymmetric crypto) to
represent his identity. When I first meet the group S, I collect all their
public keys and keep them.

Whenever a new member x is added to the group S, all the current members of S
sign over the new list: S U {x}. Whenever a member x is removed from the group
S, all the current members of S sign over the new list S \ {x}. The group
members always have to carry with them all the signatures since the beginning of
time.

When I meet the group at some point in the future, I can just ask them to prove
their current public keys, and also to show me all the signatures since the
beginning.

My issue with this solution is that the group has to remember more and more
signatures as time goes by. I wonder if there is a more efficient way.


2. Using "Transitive Signatures"

I have seen two articles about a concept called Transitive Signatures.
Shortly: Given a signature of x over y, and of y over z, any participant will be
able to generate a signature where x signs over z.

http://people.csail.mit.edu/rivest/MicaliRivest-TransitiveSignatureSchemes.pdf
https://eprint.iacr.org/2004/215.pdf

I didn't manage to apply this method to my problem though.


I will appreciate any idea or hint about how to solve this.

Regards,
real.

_______________________________________________
cryptography mailing list
cryptography@...
http://lists.randombit.net/mailman/listinfo/cryptography
Kevin | 6 Jan 22:12 2015
Picon

QODE(quick offline data encryption)

I figured I'd start building my own open source encryption algorithm:
https://github.com/kjsisco/qode

--

-- 
Kevin

---
This email is free from viruses and malware because avast! Antivirus protection is active.
http://www.avast.com
John Levine | 6 Jan 02:47 2015

Gogo inflight Internet uses fake SSL certs to MITM their users


http://venturebeat.com/2015/01/05/gogo-in-flight-internet-says-it-issues-fake-ssl-certificates-to-throttle-video-streaming/

They claim they're doing it to throttle video streaming, not to be evil.

Am I missing something, or is this stupid?  If they want to throttle
user bandwidth (not unreasonable on a plane), they can just do it.
The longer a connection is open, the less bandwidth it gets.

R's,
John
Kevin W. Wall | 1 Jan 19:35 2015
Picon

Fwd: [SC-L] Silver Bullet: Whitfield Diffie

Seems as though this interview might be of interest to those on these lists. I've not listened to it yet so I don't know how interesting it may be.

-kevin
P.S. - Happy Gnu Year to all of you.
Sent from my Droid; please excuse typos.

---------- Forwarded message ----------
From: "Gary McGraw" <gem <at> cigital.com>
Date: Jan 1, 2015 9:44 AM
Subject: [SC-L] Silver Bullet: Whitfield Diffie
To: "Secure Code Mailing List" <SC-L-Cdg0nuESRUFnRNXTzMhQEA@public.gmane.org>

hi sc-l,

Merry New Year to you all!!

Episode 105 of Silver Bullet is an interview with Whitfield Diffie.  Whit co-invented PKI among other things.  We have an in depth talk about crypto, computation, LISP, AI, quantum key distro, and more

http://bit.ly/SB-diffie

As always, your feedback on Silver Bullet is welcome.

gem

company www.cigital.com
blog www.cigital.com/justiceleague
book www.swsec.com



_______________________________________________
Secure Coding mailing list (SC-L) SC-L-Cdg0nuESRUFnRNXTzMhQEA@public.gmane.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates
_______________________________________________
_______________________________________________
cryptography mailing list
cryptography@...
http://lists.randombit.net/mailman/listinfo/cryptography

Gmane