[cryptography] Non-governmental exploitation of crypto flaws?
thierry.moreau at connotech.com
Wed Nov 30 08:01:24 EST 2011
Ilya Levin wrote:
> On Tue, Nov 29, 2011 at 5:52 PM, Jon Callas <jon at callas.org> wrote:
>> But the other one is Drew Gross's observation. If you think like an attacker, then you're a fool to worry about the crypto.
> While generally true, this is kind of an overstatement. I'd say that
> if you think like an attacker then crypto must be the least of your
> worries. But you still must worry about it.
> I've seen real life systems were broken because of crypto combined
> with other thins. Well, I broke couple of these in old days (whitehat
> legal stuff)
> For example, the Internet banking service of the bank I would not name
> here was compromised during a blind remote intrusion simulating
> exercise because of successful known plaintext attack on DES. Short
> DES keys together with key derivation quirks and access to ciphertext
> made the attack very practical and very effective.
Indeed, single-length DES cracking for attacking electronic payment
networks is the other instance (along with the TI software signature
public key factorization) of a "production" crypto attack. Both are
based on brute force against short key material.
It is not verifiable because a) the perpetrators needed no publicity to
benefit, and b) the financial institutions were upgrading electronic
payment gear to triple-DES (suddenly at a faster than usual pace which
could raise suspicion, at least in my mind), and also preferred less
I had some form of confirmation (that the attack scenario occurred) by
the way the triple-DES upgrade project success has been described by a
bank technology specialist who would have been aware of the incident(s).
- Thierry Moreau
> Again, I'm not arguing with Drew Gross's observation. It is just a bit
> extreme to say it like this.
> Best regards,
More information about the cryptography