Crypto News

Nick · 2016-09-06, 18:19

If you would like to inform the US federal government on cybersecurity issues - you have 3 days to do it!
https://www.federalregister.gov/arti...igital-economy

Xyzzy · 2016-09-07, 13:55

http://arstechnica.com/security/2016...s-of-all-ages/

xilman · 2016-09-13, 13:02

How to cheat at Bridge

vebis · 2016-10-10, 06:57

A kilobit hidden SNFS discrete logarithm computation

Dubslow · 2016-10-10, 08:19

Quote:

Originally Posted by vebis

A kilobit hidden SNFS discrete logarithm computation

Quote:

Our chosen prime p looks random, and p−1 has a 160-bit prime factor, in
line with recommended parameters for the Digital Signature Algorithm.
However, our p has been trapdoored in such a way that the special number
field sieve can be used to compute discrete logarithms in F∗p, yet
detecting that p has this trapdoor seems out of reach. Twenty-five years
ago, there was considerable controversy around the possibility of backdoored
parameters for DSA. Our computations show that trapdoored
primes are entirely feasible with current computing technology. We also
describe special number field sieve discrete log computations carried out
for multiple weak primes found in use in the wild.

Yet more fun news in the world of computer security (ha!)....

chris2be8 · 2016-10-12, 16:56

The obvious counter is to use a well chosen 2048 bit prime, which is well out of range of GNFS.

Possibly better is to use a 3072 bit prime such as prevprime(2^3072) which can be attacked with SNFS, but that's about as hard as GNFS-2048 so still impossible. That should be safe until quantum computers are available.

Chris

xilman · 2016-10-12, 17:48

Quote:

Originally Posted by chris2be8

The obvious counter is to use a well chosen 2048 bit prime, which is well out of range of GNFS.

True, but ...

People are lazy. They very often don't bother. If you look at the history of crypto you will find many, many examples of good crypto being circumvented in this manner. A classical example is the German Enigma which, properly used, would have been very difficult for Bletchley to have broken. Stereotypical plaintext was its downfall in the vast majority of cases. Some Enigma messages were broken only very recently; AFAIK some are still unbroken seventy years later.

ewmayer · 2016-10-20, 23:54

Flaw in Intel chips could make malware attacks more potent | Ars Technica

Quote:

ASLR, short for "address space layout randomization," is a defense against a class of widely used attacks that surreptitiously install malware by exploiting vulnerabilities in an operating system or application. By randomizing the locations in computer memory where software loads specific chunks of code, ASLR often limits the damage of such exploits to a simple computer crash, rather than a catastrophic system compromise. Now, academic researchers have identified a flaw in Intel chips that allows them to effectively bypass this protection. The result are exploits that are much more effective than they would otherwise be.

Nael Abu-Ghazaleh, a computer scientist at the University of California at Riverside and one the researchers who developed the bypass, told Ars:

ASLR is an important defense deployed by all commercial Operating Systems. It is often the only line of defense that prevents an attacker from exploiting any of a wide range of attacks (those that rely on knowing the memory layout of the victim). A weakness in the hardware that allows ASLR to be bypassed can open the door to many attacks that are stopped by ASLR. It also highlights the need for CPU designers to be aware of security as part of the design of new processors.

Specific side-channel exploit that was demoed used the Haswell branch predictor.

henryzz · 2016-10-31, 20:43

http://www.wired.co.uk/article/googl...nce-encryption

Deep learning can also encrypt now. I wonder how hard it would be to replicate this in code.

ewmayer · 2017-02-10, 02:58

Ars Technica: A rash of invisible, fileless malware is infecting banks around the globe : Once the province of nation-sponsored hackers, in-memory malware goes mainstream.

Spawn of Stuxnet, with a generous assist from the folks in Redmond, WA ... As always, blowback's a bitch, innit?

ewmayer · 2017-02-24, 02:16

SHA-1 is officially unsafe - collaboration here was with CWI:

Google Online Security Blog: Announcing the first SHA1 collision

Quote:

Here are some numbers that give a sense of how large scale this computation was:

Nine quintillion (9,223,372,036,854,775,808) SHA1 computations in total
6,500 years of CPU computation to complete the attack first phase
110 years of GPU computation to complete the second phase

They could have just said "2^63 SHA1 computations in total", but nooo...

o And in other news, a major browser/website-security hole has been reported w.r.to sites which use CloudFlare, which are alas legion.

[Note my initial post incorrectly stated the Cloudflare issue was related to the SHA1 collision one.]

2016-09-06, 18:19	#1
Nick Dec 2012 The Netherlands 2×7×131 Posts	Crypto News If you would like to inform the US federal government on cybersecurity issues - you have 3 days to do it! https://www.federalregister.gov/arti...igital-economy

2017-02-10, 02:58	#10
ewmayer ∂²ω=0 Sep 2002 República de California 2²×2,939 Posts	Ars Technica: A rash of invisible, fileless malware is infecting banks around the globe : Once the province of nation-sponsored hackers, in-memory malware goes mainstream. Spawn of Stuxnet, with a generous assist from the folks in Redmond, WA ... As always, blowback's a bitch, innit? Last fiddled with by ewmayer on 2017-02-10 at 02:59

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
ElGamal crypto without prime	ElChapo	Math	9	2017-06-10 03:26
SHA-1 Crypto Hash weakened	plandon	Lounge	0	2009-06-16 13:55
The news giveth, the news taketh away...	NBtarheel_33	Hardware	17	2009-05-04 15:52
Crypto 2007	R.D. Silverman	Lounge	2	2007-08-08 20:24
crypto game	MrHappy	Lounge	0	2005-01-19 16:27

2016-09-07, 13:55	#2
Xyzzy Aug 2002 2²·2,161 Posts	http://arstechnica.com/security/2016...s-of-all-ages/

2016-09-13, 13:02	#3
xilman Bamboozled! "𒉺𒌌𒇷𒆷𒀭" May 2003 Down not across 10110111111011₂ Posts	How to cheat at Bridge

2016-10-10, 06:57	#4
vebis Oct 2015 106₈ Posts	A kilobit hidden SNFS discrete logarithm computation

2016-10-12, 16:56	#6
chris2be8 Sep 2009 996₁₆ Posts	The obvious counter is to use a well chosen 2048 bit prime, which is well out of range of GNFS. Possibly better is to use a 3072 bit prime such as prevprime(2^3072) which can be attacked with SNFS, but that's about as hard as GNFS-2048 so still impossible. That should be safe until quantum computers are available. Chris

2016-10-31, 20:43	#9
henryzz Just call me Henry "David" Sep 2007 Liverpool (GMT/BST) 2²·3·7·73 Posts	http://www.wired.co.uk/article/googl...nce-encryption Deep learning can also encrypt now. I wonder how hard it would be to replicate this in code.