mersenneforum.org  

Go Back   mersenneforum.org > Math Stuff > Tales From the Crypt(o)

Reply
 
Thread Tools
Old 2016-09-06, 18:19   #1
Nick
 
Nick's Avatar
 
Dec 2012
The Netherlands

2×719 Posts
Default Crypto News

If you would like to inform the US federal government on cybersecurity issues - you have 3 days to do it!
https://www.federalregister.gov/arti...igital-economy
Nick is offline   Reply With Quote
Old 2016-09-07, 13:55   #2
Xyzzy
 
Xyzzy's Avatar
 
"Mike"
Aug 2002

2·3,847 Posts
Default

http://arstechnica.com/security/2016...s-of-all-ages/
Xyzzy is offline   Reply With Quote
Old 2016-09-13, 13:02   #3
xilman
Bamboozled!
 
xilman's Avatar
 
"𒉺𒌌𒇷𒆷𒀭"
May 2003
Down not across

2×53×41 Posts
Default

How to cheat at Bridge
xilman is offline   Reply With Quote
Old 2016-10-10, 06:57   #4
vebis
 
vebis's Avatar
 
Oct 2015

22×17 Posts
Default

A kilobit hidden SNFS discrete logarithm computation
vebis is offline   Reply With Quote
Old 2016-10-10, 08:19   #5
Dubslow
Basketry That Evening!
 
Dubslow's Avatar
 
"Bunslow the Bold"
Jun 2011
40<A<43 -89<O<-88

3·29·83 Posts
Default

Quote:
Originally Posted by vebis View Post
Quote:
Our chosen prime p looks random, and p−1 has a 160-bit prime factor, in
line with recommended parameters for the Digital Signature Algorithm.
However, our p has been trapdoored in such a way that the special number
field sieve can be used to compute discrete logarithms in F∗p, yet
detecting that p has this trapdoor seems out of reach. Twenty-five years
ago, there was considerable controversy around the possibility of backdoored
parameters for DSA. Our computations show that trapdoored
primes are entirely feasible with current computing technology. We also
describe special number field sieve discrete log computations carried out
for multiple weak primes found in use in the wild.
Yet more fun news in the world of computer security (ha!)....

Last fiddled with by Dubslow on 2016-10-10 at 08:20
Dubslow is offline   Reply With Quote
Old 2016-10-12, 16:56   #6
chris2be8
 
chris2be8's Avatar
 
Sep 2009

35458 Posts
Default

The obvious counter is to use a well chosen 2048 bit prime, which is well out of range of GNFS.

Possibly better is to use a 3072 bit prime such as prevprime(2^3072) which can be attacked with SNFS, but that's about as hard as GNFS-2048 so still impossible. That should be safe until quantum computers are available.

Chris
chris2be8 is offline   Reply With Quote
Old 2016-10-12, 17:48   #7
xilman
Bamboozled!
 
xilman's Avatar
 
"𒉺𒌌𒇷𒆷𒀭"
May 2003
Down not across

101000000010102 Posts
Default

Quote:
Originally Posted by chris2be8 View Post
The obvious counter is to use a well chosen 2048 bit prime, which is well out of range of GNFS.
True, but ...

People are lazy. They very often don't bother. If you look at the history of crypto you will find many, many examples of good crypto being circumvented in this manner. A classical example is the German Enigma which, properly used, would have been very difficult for Bletchley to have broken. Stereotypical plaintext was its downfall in the vast majority of cases. Some Enigma messages were broken only very recently; AFAIK some are still unbroken seventy years later.
xilman is offline   Reply With Quote
Old 2016-10-20, 23:54   #8
ewmayer
2ω=0
 
ewmayer's Avatar
 
Sep 2002
República de California

263768 Posts
Default

Flaw in Intel chips could make malware attacks more potent | Ars Technica
Quote:
ASLR, short for "address space layout randomization," is a defense against a class of widely used attacks that surreptitiously install malware by exploiting vulnerabilities in an operating system or application. By randomizing the locations in computer memory where software loads specific chunks of code, ASLR often limits the damage of such exploits to a simple computer crash, rather than a catastrophic system compromise. Now, academic researchers have identified a flaw in Intel chips that allows them to effectively bypass this protection. The result are exploits that are much more effective than they would otherwise be.

Nael Abu-Ghazaleh, a computer scientist at the University of California at Riverside and one the researchers who developed the bypass, told Ars:

ASLR is an important defense deployed by all commercial Operating Systems. It is often the only line of defense that prevents an attacker from exploiting any of a wide range of attacks (those that rely on knowing the memory layout of the victim). A weakness in the hardware that allows ASLR to be bypassed can open the door to many attacks that are stopped by ASLR. It also highlights the need for CPU designers to be aware of security as part of the design of new processors.
Specific side-channel exploit that was demoed used the Haswell branch predictor.
ewmayer is offline   Reply With Quote
Old 2016-10-31, 20:43   #9
henryzz
Just call me Henry
 
henryzz's Avatar
 
"David"
Sep 2007
Cambridge (GMT/BST)

131328 Posts
Default

http://www.wired.co.uk/article/googl...nce-encryption

Deep learning can also encrypt now. I wonder how hard it would be to replicate this in code.
henryzz is offline   Reply With Quote
Old 2017-02-10, 02:58   #10
ewmayer
2ω=0
 
ewmayer's Avatar
 
Sep 2002
República de California

2×13×443 Posts
Default

Ars Technica: A rash of invisible, fileless malware is infecting banks around the globe : Once the province of nation-sponsored hackers, in-memory malware goes mainstream.

Spawn of Stuxnet, with a generous assist from the folks in Redmond, WA ... As always, blowback's a bitch, innit?

Last fiddled with by ewmayer on 2017-02-10 at 02:59
ewmayer is offline   Reply With Quote
Old 2017-02-24, 02:16   #11
ewmayer
2ω=0
 
ewmayer's Avatar
 
Sep 2002
República de California

2×13×443 Posts
Default

SHA-1 is officially unsafe - collaboration here was with CWI:

Google Online Security Blog: Announcing the first SHA1 collision
Quote:
Here are some numbers that give a sense of how large scale this computation was:

Nine quintillion (9,223,372,036,854,775,808) SHA1 computations in total
6,500 years of CPU computation to complete the attack first phase
110 years of GPU computation to complete the second phase
They could have just said "2^63 SHA1 computations in total", but nooo...

o And in other news, a major browser/website-security hole has been reported w.r.to sites which use CloudFlare, which are alas legion.

[Note my initial post incorrectly stated the Cloudflare issue was related to the SHA1 collision one.]

Last fiddled with by ewmayer on 2017-02-24 at 02:26
ewmayer is offline   Reply With Quote
Reply

Thread Tools


Similar Threads
Thread Thread Starter Forum Replies Last Post
ElGamal crypto without prime ElChapo Math 9 2017-06-10 03:26
SHA-1 Crypto Hash weakened plandon Lounge 0 2009-06-16 13:55
The news giveth, the news taketh away... NBtarheel_33 Hardware 17 2009-05-04 15:52
Crypto 2007 R.D. Silverman Lounge 2 2007-08-08 20:24
crypto game MrHappy Lounge 0 2005-01-19 16:27

All times are UTC. The time now is 02:41.

Fri Sep 25 02:41:35 UTC 2020 up 14 days, 23:52, 0 users, load averages: 1.44, 1.28, 1.22

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.

This forum has received and complied with 0 (zero) government requests for information.

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation.
A copy of the license is included in the FAQ.