MetaFilter posts tagged with crypto

AES à la XKCD

Electric Dragon — Sat, 26 Sep 2009 09:29:32 -0800

A stick figure guide to the Advanced Encryption Standard. [via Bruce Schneier]

15 bits of crypto should be enough for anybody

finite — Fri, 16 May 2008 22:01:42 -0800

On May 13, security advisories published by Debian and Ubuntu revealed that, for over a year, their OpenSSL libraries have had a major flaw in their CSPRNG, which is used by key generation functions in many widely-used applications, which caused the "random" numbers produced to be extremely predictable. [lolcat summary] How bad is it? It's pretty bad. Understand that these keys are used not only for encryption, but also for authentication. The keyspace has been reduced to a mere 32,768 possibilities, and you can already download them all, along with tools to use them. Worse still, in the days before the issue became publicly known, there was a noticeable spike in the number of brute-force attacks on SSH servers, indicating that there has already been significant exploitation of this vulnerability. Partial timeline of events: In May 2006, a bug led to a question which led to the fateful patch being applied to md_rand.c (in Debian's "unstable" development branch). In April 2007, Debian 4.0 "etch" and Ubuntu 7.04 were both released, which was the beginning of the inclusion of the buggy version of OpenSSL in officially-released distributions. The bug remained unfixed through the releases of Ubuntu 7.10 and 8.04. On May 7, 2008, the patch to fix the problem was committed to Debian's source repository, and on May 13 the issue was officially disclosed and updated packages were made available to users. (The patch's availability days before public disclosure of the bug appears to be a violation of Debian's policy.) Here are some responses from Debian blogs, and two from an OpenSSL developer.

Bruce Forcing

Skorgu — Tue, 04 Sep 2007 14:47:37 -0800

NSA@home is a fast FPGA-based SHA-1 and MD5 bruteforce cracker. Based on HDTV equipment from eBay, "It is capable of searching the full 8-character keyspace (from a 64-character set) in about a day in the current configuration for 800 hashes concurrently." Previous well-publicized brute-force attacks include the EFF breaking DES in 56 hours and 1.6TB of md5 hashes you can search online.

andrew cooke — Mon, 16 Sep 2002 04:06:27 -0800

AES may have been broken. The new standard in crypto, AES, and other algorithms, appear to be vulnerable to xsl. This is not a practical attack, yet, but if you're interested in crypto it's fascinating (and shocking) news.

skallas — Fri, 21 Sep 2001 13:26:17 -0800

Crypto guru getting blamed for his software. PGP writer Phil Zimmermann's hate mail goes a little something like this, "Phil -- I hope you can sleep at night with the blood of 5,000 people on your hands." If Phil is guilty of anything so is everyone who has ever used their credit card online, including Mr. Hate Mail.

aaron — Tue, 18 Sep 2001 16:46:37 -0800

War on Civil Liberties Watch: Usable encryption is in deep doo-doo. A new poll finds 72% of Americans now supporting a ban on unbreakable encryption. (Apparantly breakable, and thus useless, encryption is just fine.) Besides the obvious fact that this stuff is already out there and cannot be taken back, particularly from non-US citizens who don't give a damn about our laws (such as, say, the exact people we're trying to defeat), is there any hope that the courts will find any such new laws unconstitutional?

skallas — Thu, 13 Sep 2001 19:05:57 -0800

Terrorism's first win? Bye-Bye crypto. The rubble is still burning and the Republicans are ready to strip of our right to use crypto products. Opportunists feeding off fear. That's how you win at the terrorist game.

monkeyboy — Mon, 18 Jun 2001 03:56:29 -0800

An all encompassing crypto application sounds great, but is it really feasible? If you try to do too much we'll just end up with another halfass program no one really trusts.

Steven Den Beste — Mon, 08 Jan 2001 09:32:41 -0800

The battle for unrestricted encryption continues. Professor Bernstein won't rest; he's not going to let this go. More power to him and let's hope he ultimately wins. [He's challenging the US government restrictions on private encryption on free-speech grounds, and so far he's won in every court where the case has been heard. The government has been using delaying actions, and their relaxation of restrictions may partially have been in hopes he'd give up, leaving them still capable of some control. He's not going to, though. He's got blood in his eye, so to speak.]