Berkeley CSUA MOTD:Entry 24756
Berkeley CSUA MOTD
 
WIKI | FAQ | Tech FAQ
http://csua.com/feed/
2024/11/23 [General] UID:1000 Activity:popular
11/23   

2002/5/8-9 [Computer/SW/Security] UID:24756 Activity:low
5/8     I'm thinking about using a block cipher to encrypt pkts
        in my application, but I'm running into a problems wtr
        transmitting/receiving the encrypted pkts. Here is
        what I want to do (given values are secret key K, plain
        text PT):
        1. Derive K1 (encryption key) from K and a random nonce
           N1 and derive K2 (HMAC key) from K and a random nonce N2
        2. Encrypt PT and H(PT) using K1: e = E(H(PT)|PT,K1)
        3. Calc. HMAC of the e: h = HMAC(e,K2)
        4. Transmit N1|N2|e|h (this would be a fixed size pkt)
        5. Recv. N1,N2,e,h
        6. Derive K1 and K2 from K using recv'd N1 and N2
        7. If HMAC(e) = h, then decrypt e: D(e,K2) = H(PT)|PT
        8. If the decrypted H(PT) matches a computes H(PT)
           return PT.
        What I don't know how to do is recover from the following
        situations:
        * HMAC(e) of the recv'ed e != h
        * Decrypted H(PT) != computed H(PT)
        Since it it unlikely that the pkt was corrupted by trans.
        errors (I'm using TCP), the only way that this could happen
        is because of an active attacker. Is there any point in
        asking for a retransmit on the recv side if an active
        attacker is present?
        \_ post this to crypto@csua, you'll get better results than the
           motd.  Motd is full of dropouts and sysadmins.
           \_ Hi paolo. You're delusional again. Go back to bed.
              \_ who is this paolo?
                 \_ He was president for a long time, then he quit logging in.
2024/11/23 [General] UID:1000 Activity:popular
11/23   

You may also be interested in these entries...
2012/8/26-11/7 [Computer/SW/Security] UID:54465 Activity:nil
8/26    Poll: how many of you pub/priv key users: 1) use private keys that
        are not password protected 2) password protect your private keys
        but don't use ssh-agent 3) use ssh-agent:
        1) .
        2) ..
        3) ...
	...
2012/7/13-8/19 [Computer/SW/Security, Computer/Companies/Yahoo] UID:54436 Activity:nil
7/13    Why would Yahoo store passwords unencrypted?  I recall that even 20+
        years ago the passwords stored in /etc/passwd on instructional
        machines here at Cal were one-way encrypted.  (I think those were
        Ultrix machines.)
        \_ Doesn't this say anything already?
           http://finance.yahoo.com/echarts?s=YHOO+Interactive#symbol=yhoo;range=5y
	...
2008/12/2-6 [Computer/SW/Apps, Academia/Berkeley/CSUA/Motd] UID:52140 Activity:kinda low
12/1    Just curious -- what do you guys generally use soda for? Why do you
        log on? Personally, I use it to keep a presence on IRC and AIM/gTalk
        at all times, and mess around with some Python programming (been
        setting up Twisted and such so I can play with making an irc bot).
        --toulouse
        \_ I use it to post SHIT, er, I mean, spill my guts about the company
	...
2008/11/11-26 [Computer/SW/Mail] UID:51911 Activity:nil
11/11   My RAID box has an email alert setting that requires an SMTP
        server. Are there non-encrypted smtp servers I can use?
        \_ yes
	...
2008/8/5-10 [Computer/HW/Laptop] UID:50783 Activity:nil
8/5     Laptop with names of 33K people in the 'Clear' program stolen.  Data
        was (of course) unencrypted.
        http://www.schneier.com/blog/archives/2008/08/laptop_with_tru.html
        \_ http://news.yahoo.com/s/nm/20080805/bs_nm/tjx_theft_charges_dc
           When are people going to learn to encrypt sensitive data?
           \_ When encryption becomes transparent enough that noone has
	...
2008/8/5-10 [Computer/HW/Laptop] UID:50787 Activity:nil
8/5     how is power usage on my laptop if i encrypt everything
        http://www.schneier.com/blog/archives/2008/08/laptop_with_tru.html
        \_ Steve Gibson's analysis on performance was that Trucrypt on a WinXP
           laptop was actually faster, but I don't know about battery.
           laptop was actually faster, but I don't know about battery life.
           \_faster?  How can that be?  Also, I don't see that in the article.
	...
2008/7/20-23 [Computer/HW/Laptop, Computer/SW/Security] UID:50640 Activity:nil
7/20    Does my encrypted disk LVM everything partition scheme make my
        laptop consume a lot more power than if I weren't using encrypted
        LVM?
	...
2008/4/21-5/2 [Computer/SW/Security] UID:49787 Activity:nil
4/21    Yahoo Instant Messenger is not encrypted. Are there chat programs
        that are a bit more secure than YIM?
        \_ what OS are you using?
        \_ What are your goals? Corporate security, or preventing your wife
           from eavesdropping on you? If you're using IM for internal company
           communication, you shouldn't be using anything where you don't
	...
2008/4/26-30 [Computer/Companies/Google, Computer/SW/Security] UID:49838 Activity:low
4/26    is Google Chat through the web browser encrypted?  My sweetie
        spends all day chatting with me via Google Chat in gmail
        "oh baby i want to **** your **** and then *** *** **** **
        ** *** ***" and "* **** **** *** **** in ** *** *****".
        Could some nosy sysadmin packet sniff her?
        \_ Like this really happened with a live woman.
	...
2007/9/11-13 [Computer/SW/OS/FreeBSD] UID:48016 Activity:nil
9/11    Hi does anyone else run linux/freebsd on their Desktop?
        Do you encrypt your home directory?  How does that play nice
        with hibernation/suspend?  Do you have to enter in a secret
        key when you log in?  Could you give a short summary of how
        this all works?  thank you!
        \_ I'm a FreeBSD user.  I do not encrypt my home directory
	...