Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ask Security/Cryptography Expert Paul Kocher

Posted by Roblimo on from the lkas;dkl9046-is-how-he-says-hello dept.

Paul Kocher is unquestionably one of the highest-profile computer and network security experts around. He's president of Cryptography Research, Inc. and one of the architects of SSL 3.0. The floor is now open. Please try not to ask questions that can be answered with a few minutes' worth of online research. We'll post Paul's answers to 10 of the highest-moderated questions soon after he gets them back to us. Update: 03/13 18:18 GMT by M : Let's try this one more time, this time with feeling.

5 of 371 comments (clear)

  1. Re:Secure SMTP? by Anonymous Coward · · Score: 1, Informative

    Sounds weird, but it's legit and old.
    (according to m-w, anyway)

    Main Entry: 2certificate
    Pronunciation: -'ti-f&-"kAt
    Function: transitive verb
    Inflected Form(s): -cated; -cating
    Date: 1883
    : to testify to or authorize by a certificate; especially : to recognize as having met special qualifications (as of a governmental agency or professional board) within a field

    Meriam-Webster online

  2. Re:Social engineering by ekephart · · Score: 2, Informative

    In banking many things are under dual (or more) control. Same with government. Since paying people is a recurring cost and is expensive, some businesses have pagers that when activated (by satelite, wireless, etc.) give a password to be used in conjunction with their own personal passwords. The system is synced so that at any moment the password is different from the next. You can do the same thing to restrict physical access to a bulding or room.

    --
    sig
  3. Re:Secure SMTP? by NudeZiggy · · Score: 2, Informative

    actually both certificate and certify are verbs, it's kinda like extract and extracate, used in different but not so clear ways.

  4. Re:Serious Threats? by swillden · · Score: 2, Informative

    The overwhelming majority of security exploits (over 95% iirc-sorry, I don't have a source handy) are due to implementation errors and not cryptanalysis.

    Side-channel attacks, technically, *are* attacks against implementations, not the ciphers themselves. They're attacks that exploit the fact that even if the cipher is solid, the execution of the algorithms involves physical effects which can be measured by an attacker with access to the processing device.

    Depending on your point of view, you may or may not consider side-channel vulnerabilities to be implementation errors, but they are real weaknesses for systems that require some sort of secure token to be distributed to large numbers of end-users. With respect to the published attacks against smart cards, there are far *more* side-channel attacks than attacks made possible by software errors. Not surprising, really, the engineers who write that code tend to be very security-paranoid, and it's generally quite small and simple, as well, so it's pretty good.

    As to the OP's question about the feasibility of these attacks in the real world: They're easy, but generally only if you already know lots more about the systems your attacking than most attackers would. I have no idea if anyone has used them "for real".

    My designs always assume that side-channel attacks are moderately difficult, but feasible.

    --
    Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
  5. Re:Formulaic test for primality by Anonymous Coward · · Score: 1, Informative

    well, IAANT (number theorist), and there is _NO_ way to turn a provable primality test into a factoring algorithm.

    Note that this (the AKS) algorithm will likely never be used as part of a cryptosystem because it is so slow. The probabilistic tests can be run (very quickly) until the probabilty that the number is composite is smaller than the probability that a ram bit accidently flipped during the algorithm run due to, say, cosmic rays.