Create an Account
username: password:
  MemeStreams Logo

What questions are you asking yourself?


My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Jeremy's topics
   Sci-Fi/Fantasy Literature
   Movie Genres
    Cult Films
    Independent Films
    Film Noir
    Sci-Fi/Fantasy Films
   Music Styles
    Electronic Music
    Rap & Hip Hop
    World Music
   TV Documentary
   TV Drama
   SciFi TV
  Finance & Accounting
   Tech Industry
   Telecom Industry
  Markets & Investing
  Video Games
   PC Video Games
   Console Video Games
Health and Wellness
Home and Garden
   Using MemeStreams
Current Events
  War on Terrorism
  Cars and Trucks
Local Information
  United States
    SF Bay Area
   Events in Washington D.C.
   News for Washington D.C.
     Atlanta Events
  Nano Tech
  International Relations
  Politics and Law
   Civil Liberties
    Internet Civil Liberties
   Intellectual Property
   Computer Security
   PC Hardware
   Human Computer Interaction
   Computer Networking
   Software Development
    Open Source Development
  Military Technology
  High Tech Developments

support us

Get MemeStreams Stuff!

Current Topic: Cryptography

Cryptography's Role in Securing the Information Society
Topic: Cryptography 1:05 am EDT, Apr 14, 2004

Former FBI Director Louis Freeh is back in the saddle of his hobbyhorse, complaining about key escrow/recovery. I thought we'd already covered this, back in 1996, but for those who may need a refresher, this book is the one stop shop.

For every opportunity presented by the information age, there is an opening to invade the privacy and threaten the security of the nation, US businesses, and citizens in their private lives. The more information that is transmitted in computer-readable form, the more vulnerable we become to automated spying.

This book addresses the urgent need for a strong national policy on cryptography that promotes and encourages the widespread use of this powerful tool for protecting of the information interests of individuals, businesses, and the nation as a whole, while respecting legitimate national needs of law enforcement and intelligence for national security and foreign policy purposes.

Is encryption of voice traffic a serious threat to legitimate law enforcement wiretaps?

What is the systemic threat to the nation's information infrastructure?

These and other thought-provoking questions are explored.

This book will be of critical importance to everyone concerned about electronic security: policymakers, regulators, attorneys, security officials, law enforcement agents, business leaders, information managers, program developers, privacy advocates, and Internet users.

Cryptography's Role in Securing the Information Society

Louis Freeh - Statement to 9-11 Commission
Topic: Cryptography 12:48 am EDT, Apr 14, 2004

CALEA simply permits the FBI to maintain court-approved access to digital communications and stored data. Another technical challenge called encryption then and now threatens to make court-authorized interception orders a nullity. Robust and commercially available encryption products are proliferating and no legal means has been provided to law enforcement to deal with this problem, as was done by Parliament in the United Kingdom. Terrorists have been able to exploit this huge vulnerability in our public safety matrix.

In 1998, HPSCI adopted a substitute bill to S.909 which effectively addressed all of law enforcementÂ’s public safety and terrorism-related concerns regarding encryption products. Unfortunately, this needed counter-terrorism assistance was not enacted. As we know from Ramzi Yousef's encrypted computer files found in Manila, terrorists are exploiting this technology to defeat our most sophisticated methods to prevent their attacks. I have long said that this unaddressed problem creates a huge vulnerability in our nation's counter-terrorism program. Neither the Patriot Act nor any other likely-to-be-enacted statute even attempts to close this gap. Resolving this issue is critical to homeland security.

#1 Recommendation: Provide legal authority and significant new funding to enable the FBI to manage information technology and deal with encryption.

Louis Freeh - Statement to 9-11 Commission

Dining Cryptographers Revisited
Topic: Cryptography 1:29 am EDT, Apr 13, 2004

Dining cryptographers networks (or DC-nets) are a privacy-preserving primitive devised by Chaum for anonymous message publication. A very attractive feature of the basic DC-net is its non-interactivity -- no player-to-player communication. A drawback to DC-nets, however, is that malicious players can easily jam them.

We present new DC-net constructions that simultaneously achieve non-interactivity and high-probability detection and identification of cheating players.

I've always been intrigued by the dining cryptographers problem.

Dining Cryptographers Revisited

The Reader of Gentlemen's Mail
Topic: Cryptography 11:20 am EST, Mar 28, 2004

David Kahn has written a first-rate biography of Herbert O. Yardley, the celebrated (and notorious) codebreaker and poker player, the cryptographic whiz who was, in Kahn's judgment, "the most colorful and controversial figure in American intelligence."

As one of the most distinguished scholars of military intelligence, he is ideally suited to tell the tale.

Why didn't the United States have "an agency of its own to solve and read foreign messages"? "As I asked myself this question I knew that I had the answer to my eager young mind which was searching for a purpose in life. I would devote my life to cryptography."

All in all Yardley was a pretty weird guy.

The Reader of Gentlemen's Mail

Press Release: The Cyrillic Projector Code Has Been Solved
Topic: Cryptography 11:34 pm EDT, Sep 22, 2003

] An international group of cryptographers, the Kryptos
] Group, announced this week that the decade-old Cyrillic
] Projector Code has been cracked, and that it deciphers to
] some classified KGB instructions and correspondence.
] The Cyrillic Projector is an encrypted sculpture at the
] University of North Carolina in Charlotte, that was
] created by Washington DC artist James Sanborn in the
] early 1990s. It was inspired by the encrypted Kryptos
] sculpture that Sanborn created two years earlier for CIA
] Headquarters.
] The message on the Cyrillic Projector has turned out to
] be in two parts. The decrypted first part is a Russian
] text encouraging secret agents to psychologically control
] potential sources of information. The second part appears
] to be a partial quote from classified KGB correspondence
] about the Soviet dissident Sakharov, with concerns that
] his report to the Pugwash conference was being used by
] the Americans for an anti-Soviet agenda.

Kudos to Elonka and crew!

Press Release: The Cyrillic Projector Code Has Been Solved

Policy Says AES OK for National Security Info
Topic: Cryptography 10:50 am EDT, Jun 21, 2003

The design and strength of all key lengths of the AES algorithm (i.e., 128, 192 and 256) are sufficient to protect classified information up to the SECRET level. TOP SECRET information will require use of either the 192 or 256 key lengths.

Policy Says AES OK for National Security Info

Information-Theoretic Analysis of Information Hiding
Topic: Cryptography 12:04 am EST, Mar 27, 2003

Pierre Moulin has a paper entitled "Information-Theoretic Analysis of Information Hiding" in the March 2003 issue of IEEE Transactions on Information Theory. You can find this paper online here, along with his other related work.

Excerpts from the abstract of the paper: An information-theoretic analysis of information hiding is presented, forming the theoretical basis for design of information-hiding systems. ... The host data set is intentionally corrupted, but in a covert way, designed to be imperceptible to a casual analysis. We formalize and evaluate the hiding capacity ... [which] is the value of a game between the information hider and the attacker. It is shown that many existing information-hiding systems in the literature operate far below capacity.

Information-Theoretic Analysis of Information Hiding

Decimalisation Table Attacks for PIN Cracking [PDF]
Topic: Cryptography 1:26 pm EST, Feb 22, 2003

We present an attack on hardware security modules used by retail banks for the secure storage and verification of customer PINs in ATM (cash machine) infrastructures.

By using adaptive decimalisation tables and guesses, the maximum amount of information is learnt about the true PIN upon each guess. It takes an average of 15 guesses to determine a four digit PIN using this technique, instead of the 5000 guesses intended.

In a single 30 minute lunch-break, an attacker can thus discover approximately 7000 PINs rather than 24 with the brute force method. With a $300 withdrawal limit per card, the potential bounty is raised from $7200 to $2.1 million and a single motivated attacker could withdraw $30-50 thousand of this each day.

This attack thus presents a serious threat to bank security.

Ross Anderson's students are getting into the act.

(You can also find a mirror copy of this paper, with slightly different formatting, at )

Decimalisation Table Attacks for PIN Cracking [PDF]

The Code War | Beyond Discovery
Topic: Cryptography 12:14 am EST, Feb 15, 2003

The newest release in the Beyond Discovery series, "The Code War," explores the trail of developments in the branch of mathematics known as number theory that led to modern-day encryption techniques. Learn about historical ciphers, Fermat's "little theorem" and why mathematics is vital for encryption today.

The Code War | Beyond Discovery

Master-Keyed Lock Vulnerability
Topic: Cryptography 4:40 pm EST, Jan 23, 2003

We describe weaknesses in most master-keyed lock systems, such as those used by offices, schools, and businesses as well as by some residential facilities (particularly apartment complexes, dormitories, and condominiums). These weaknesses allow anyone with access to the key to a single lock to create easily the "master" key that opens every lock in the entire system. Creating such a key requires no special skill, leaves behind no evidence, and does not require engaging in recognizably suspicious behavior. The only materials required are a metal file and a small number of blank keys, which are often easy to obtain.

Needless to say, the ability for any keyholder to obtain system-wide access represents a serious potential threat to the security of master-keyed installations. Individuals and institutions that depend on such locks to protect their safety and property should be aware of these risks and consider alternatives to eliminate or reduce their exposure to this threat.

Matt Blaze is at it again ... this paper has a Markus Kuhn / Ross Anderson flavor to it. (There is a news article in today's NYT about this paper.)

Master-Keyed Lock Vulnerability

<< 1 - 2 - 3 >> Older (First)
Powered By Industrial Memetics