Pinboard (jm)
https://pinboard.in/u:jm/public/
recent bookmarks from jmImperialViolet - Juniper: recording some Twitter conversations2015-12-22T10:53:00+00:00
https://www.imperialviolet.org/2015/12/19/juniper.html
jm... if it wasn't the NSA who did this, we have a case where a US government backdoor effort (Dual-EC) laid the groundwork for someone else to attack US interests. Certainly this attack would be a lot easier given the presence of a backdoor-friendly RNG already in place. And I've not even discussed the SSH backdoor. [...]
]]>primes ecc security juniper holes exploits dual-ec-drbg vpn networking crypto prngshttps://pinboard.in/https://pinboard.in/u:jm/b:10c7b24183e0/Australia tries to ban crypto research – by ACCIDENT • The Register2015-01-17T21:56:41+00:00
http://www.theregister.co.uk/2015/01/14/australia_tries_to_ban_crypto_research_by_accident/?mt=1421531453255
jmResearchers are warned off [discussing] 512-bits-plus key lengths, systems “designed or modified to perform cryptanalytic functions, or “designed or modified to use 'quantum cryptography'”. [....] “an email to a fellow academic could land you a 10 year prison sentence”.
https://twitter.com/_miw/status/556023024009224192 notes 'the DSGL 5A002 defines it as >512bit RSA, >512bit DH, >112 bit ECC and >56 bit symmetric ciphers; weak as fuck i say.']]>law australia crime crypto ecc rsa stupidity failhttps://pinboard.in/https://pinboard.in/u:jm/b:a9aaf95e27a9/NSA: Possibly breaking US laws, but still bound by laws of computational complexity2013-09-11T21:42:58+00:00
http://www.scottaaronson.com/blog/?p=1517
jmI didn’t clearly explain that there’s an enormous continuum between, on the one hand, a full break of RSA or Diffie-Hellman (which still seems extremely unlikely to me), and on the other, “pure side-channel attacks” involving no new cryptanalytic ideas. Along that continuum, there are many plausible places where the NSA might be. For example, imagine that they had a combination of side-channel attacks, novel algorithmic advances, and sheer computing power that enabled them to factor, let’s say, ten 2048-bit RSA keys every year. In such a case, it would still make perfect sense that they’d want to insert backdoors into software, sneak vulnerabilities into the standards, and do whatever else it took to minimize their need to resort to such expensive attacks. But the possibility of number-theoretic advances well beyond what the open world knows certainly wouldn’t be ruled out. Also, as Schneier has emphasized, the fact that NSA has been aggressively pushing elliptic-curve cryptography in recent years invites the obvious speculation that they know something about ECC that the rest of us don’t.
]]>ecc rsa crypto security nsa gchq snooping sniffing diffie-hellman pki key-lengthhttps://pinboard.in/https://pinboard.in/u:jm/b:aca1fd6e4fb2/Applied Cryptography, Cryptography Engineering, and how they need to be updated2013-07-27T17:33:29+00:00
http://sockpuppet.org/blog/2013/07/22/applied-practical-cryptography/
jmECC is going to replace RSA within the next 10 years. New systems probably shouldn’t use RSA at all.
This blogpost is full of similar useful guidelines and rules of thumb. Here's hoping I don't need to work on a low-level cryptosystem any time soon, as the risk of screwing it up is always high, but if I do this is a good reference for how it needs to be done nowadays.]]>thomas-ptacek crypto cryptography coding design security aes cbc ctr ecb hmac side-channels rsa ecchttps://pinboard.in/https://pinboard.in/u:jm/b:40c846206102/