|
osdir.com mailing list archive |
|
Subject: Koblitz and Menezes on Provable Security - msg#00082List: encryption.generalpaper about Provable Security on eprint: http://eprint.iacr.org/2004/152.pdf Here's the abstract: We give an informal analysis and critique of several typical "provable security" results. In some cases there are intuitive but convincing argu- ments for rejecting the conclusions suggested by the formal terminology and "proofs," whereas in other cases the formalism seems to be consistent with common sense. We discuss the reasons why the search for mathemat- ically convincing theoretical evidence to support the security of public-key systems has been an important theme of researchers. But we argue that the theorem-proof paradigm of theoretical mathematics is of limited rel- evance here and often leads to papers that are confusing and misleading. Because our paper is aimed at the general mathematical public, it is self- contained and as jargon-free as possible. You can also find my amateur's writeup at: http://www.rtfm.com/movabletype/archives/2004_07.html#000995 -Ekr --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@xxxxxxxxxxxx Thread at a glance:
Previous Message by Date: click to view message previewRe: Can crypto help against Phishing, Spoofing and Spamming...John Levine wrote: Reminder: following lots of discussion on this list, I wrote proposals on how crypto can help solve phishing, spoofing and spamming problems. ... # Protecting (even) Naive Web Users, or: Preventing Spoofing and Establishing Credentials of Web Sites, at http://eprint.iacr.org/2004/155/ (or off http://AmirHerzberg.com) This is a pretty good paper. It outlines the problem and proposes that browsers add a "trusted credential area" that displays a site logo that has to be signed by a CA using SSL, in a way that is hard to spoof or forge. Thanks! But, our prototype (for Mozilla) allows you also to select the Logo (or icon) for the site manually, although having it already signed by a trusted authority could be nice. Also: the trusted area can also display other credentials of the site, and in particular - logo and/or name of the CA. I've been discussing a similar idea with a lot of people that has one important difference: the seal belongs to the CA and is distributed as part of the verification certificate. Per-site logos have the disadvantages that there are a lot of sites, not all with famous logos, and there are a lot of CAs, most of whose primary verification technique is to be sure your check didn't bounce. I completely agree that existing CA solution in browser is lousy; did you notice that the main requirement to become a CA is to be a CPA (certified public accountant) and pay 1400$ to WebTrust? (more in paper) That's why manual logo approval by the users is an important first step (works great - I don't know how I ever used e-banking without it). Second step may be for users to share these user-certified logos, and finally - for some trustworthy organizations to provide logo certificates. In most industries there is a regulator or trade association who already knows who the legitimate players are. That's who should be running the CA for that industry, with an industry wide logo that they could advertise, something like a golden dollar sign that tells you that a site is really a bank. I spoke briefly to a guy from the FDIC at last year's antiphishing meeting who said they'd been thinking of something like that. Agree! We call this a credential, see in paper or just this screen shot http://www.cs.biu.ac.il/~herzbea/Papers/ecommerce/spoofing_files/image006.gif -- Best regards, Amir Herzberg Associate Professor, Computer Science Dept., Bar Ilan University http://amirherzberg.com (information and lectures in cryptography & security) herzbea.vcf Description: Vcard Next Message by Date: click to view message previewRe: Public FTP Space (was looking for sites to host my crypto...)At 04:56 AM 7/14/2004, J.A. Terranson wrote: Recently a list member requested public ftp/web space for the hosting of various crypto files. Also see: http://munitions.vipul.net/ For Linux-based crypto software only, AFAIK. Multi-homed, hosted outside the US. Udhay -- ((Udhay Shankar N)) ((udhay @ pobox.com)) ((www.digeratus.com)) --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@xxxxxxxxxxxx Previous Message by Thread: click to view message previewPublic FTP Space (was looking for sites to host my crypto...)Recently a list member requested public ftp/web space for the hosting of various crypto files. Although I replied both to him and to the list, I did not realize I had been unsubscribed by a mail loop :-/ So, just for those of you who didn't get it the first time, we have facilities which are available to anyone on the list looking to make non-commercial use of the space provided. FTP or HTTP, at your domain name or a sub of one of ours, we don't care - the offer is open to all. The boxen themselves are well connected, and multihomed, so they're always up unless (a) I decide to login and botch an upgrade, or (b) the data center falls down :-) //Alif -- Yours, J.A. Terranson sysadmin@xxxxxxx "...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them." Osama Bin Laden --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@xxxxxxxxxxxx Next Message by Thread: click to view message previewNew Attack on Secure Browsing(((( Financial Cryptography Update: New Attack on Secure Browsing ))))) July 15, 2004 ------------------------------------------------------------------------ http://www.financialcryptography.com/mt/archives/000179.html ------------------------------------------------------------------------ Congratulations go to PGP Inc - who was it, guys, don't be shy this time? - for discovering a new way to futz with secure browsing. Click on http://www.pgp.com/ and you will see an SSL-protected page with that cute little padlock next to domain name. And they managed that over HTTP, as well! (This may not be seen in IE version 5 which doesn't load the padlock unless you add it to favourites, or some such.) Whoops! That padlock is in the wrong place, but who's going to notice? It looks pretty bona fide to me, and you know, for half the browsers I use, I often can't find the darn thing anyway. This is so good, I just had to add one to my SSL page (http://iang.org/ssl/ ). I feel so much safer now, and it's cheaper than the ones that those snake oil vendors sell :-) What does this mean? It's a bit of a laugh, is all, maybe. But it could fool some users, and as Mozilla Foundation recently stated, the goal is to protect those that don't know how to protect themselves. Us techies may laugh, but we'll be laughing on the other side when some phisher tricks users with the little favicon. It all puts more pressure on the oh-so-long overdue project to bring the "secure" back into "secure browsing." Microsoft have befuddled the already next-to-invisible security model even further with their favicon invention, and getting it back under control should really be a priority. Putting the CA logo on the chrome now seems inspired - clearly the padlock is useless. See countless rants [1] listing the 4 steps needed and also a new draft paper from Amir Herzberg and Ahmad Gbara [2] exploring the use of logos on the chrome. [1] SSL considered harmful http://iang.org/ssl/ [2] Protecting (even) Naïve Web Users, or: Preventing Spoofing and Establishing Credentials of Web Sites http://www.cs.biu.ac.il/~herzbea/Papers/ecommerce/spoofing.htm --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@xxxxxxxxxxxx Loading Comments...
|
|
