Secure storage
in [Java Programming]
|
From: Arne Vajhøj on 1 Mar 2010 15:43 On 01-03-2010 06:59, Nigel Wade wrote: > On Fri, 26 Feb 2010 20:16:46 -0500, Arne Vajhøj wrote: >> On 26-02-2010 04:50, Nigel Wade wrote: >>> I use eWallet for logon details, and other personal info. >>> >>> It's built on 256bit AES encryption. Not the most secure, but secure >>> enough to defeat most attacks. >> >> AES 256 bit is supposed to defeat any attacks. > > Sorry, I did not intend to cause any confusion or concern. I am not an > expert on encryption, but I think there are more secure encryption > methods than 256bit AES. That's all I meant by "not the most secure". I > concede that that expression can also have other connotations - I did not > mean to imply that. What encryption methods ? AFAIK then AES is consider the most secure among the widely used algorithms. And it is approved by NSA for "top secret" data. >> Do you know about a vulnerability? > > No. But then again, that doesn't preclude there being one in this > product. It's quite surprising how many encryption algorithms, which in > theory are uncrackable, turn out to be severely compromised by their > practical implementation. With brute force impossible and no known mathematical attack angels, then implementation disasters is what is left to hope for. Arne
From: Martin Gregorie on 1 Mar 2010 19:30 On Mon, 01 Mar 2010 23:23:45 +0000, Tom Anderson wrote: > On Mon, 1 Mar 2010, Martin Gregorie wrote: > > And before that, a computer was a lady with a slide-rule and a book of > squared paper who did sums. Neither of those machines are what we would > consider a computer today. > I think that job title lasted into the days on hand-wound and electrically driven mechanical calculators - Monromatics (sp?), Fridens and Facits. I remember using them for physical chemistry calculations. > To clarify, i consider the essential feature of a computer to be that it > has a program, which is a body of instructions which control both > computations on data and the sequence of instructions executed, which is > stored in the same medium as the data. Something like that, anyway. > That's certainly the current view, but as you said, it didn't happen before Baby used a Williamson tube (modified CRT) to store program and data. However, there were a number of computers sold before that. I must admit, though, that IBM spent a lot of time (and made a lot of money) selling stored-program computers that emulated those early machines. Think of any small business machine (S/34, S/36, S3) with its data files on cards and running RPG. They were alive and well until well into the late 1970s. > From what i understand, they were as computerlike as ENIAC, if not more > so. I don't think it matters a jot that they were electromechanical > Agreed, though I can't remember whether they were programmed with a plugboard or whether the program was one of those sliding plate memory stacks. > the Analytical Engine had been built, that would have been a computer (i > think - but its brazenness would not have debarred it from that status). > Downstream of the instruction despatch mechanism, they were entirely > computerlike - a random-access store with a general set of operations, > controlled by an instruction code. But the instructions came from a > fixed loop, with very limited flow control, and no branches. That makes > them sequence-controlled calculators, not computers. > That seems correct from the limited amount I've seen about them. I've seen a bit about the arithmetic unit and almost nothing about the instruction set - only that the instruction feed used essentially the same mechanism as a Jacquard Loom. > Okay, then perhaps i'm wrong. Then again, that may have been an earlier, > simpler version of the Enigma (fewer wheels, no steckerboard, etc), and > ISTR that the quantitative increases in the Enigma's complexity required > qualitative changes in methods to crack. > The steckerboard and reflector disk was there on all the Whermacht's 4 disk machines, but I thought the 5 disk version only appeared quite late in the war. If I understand the layout of the rebuilt Bombe, it has the possibility of using 6 disks - at least it has six rows of 12 disks spindles on its face. I don't remember hearing an explanation of how these mapped onto the disks, reflector and steckerboard in an Enigma machine - just assumed that each column represented an Enigma machine so it could run the problem in 12-way parallel > Yes, but if i told you, i'd have to kill you. > :-) were you ever at GCHQ? A friend who was used to say that a lot. > I assume it took the candidate position from the Bombe and put a larger > amount of ciphertext through it to see if it came out sensible. That's > purely a guess, though. > Using it was described as keying each letter of the alphabet in turn and seeing if the same letter appeared on the output lamps. If that worked, they put the settings into a British cypher machine that had been rewired to emulate an Enigma machine and typed the first sentence or so of the cyphertext into that. If good German came out, they passed the settings and cyphertext on to the analysts and reset the Bombe for the next problem. Bletchley Park is well worth a visit. I had pretty high hopes of it, but even so it was a lot more interesting than I expected, not least because that have a good collection of working Enigma and Lorenz machines. I'd hoped to see the Bombe running, but it wasn't run the day I was there, however, Colossus was up and running. -- martin@ | Martin Gregorie gregorie. | Essex, UK org |
From: Christian on 2 Mar 2010 07:36 Am 01.03.2010 21:43, schrieb Arne Vajhøj: > On 01-03-2010 06:59, Nigel Wade wrote: >> On Fri, 26 Feb 2010 20:16:46 -0500, Arne Vajhøj wrote: >>> On 26-02-2010 04:50, Nigel Wade wrote: >>>> I use eWallet for logon details, and other personal info. >>>> >>>> It's built on 256bit AES encryption. Not the most secure, but secure >>>> enough to defeat most attacks. >>> >>> AES 256 bit is supposed to defeat any attacks. >> >> Sorry, I did not intend to cause any confusion or concern. I am not an >> expert on encryption, but I think there are more secure encryption >> methods than 256bit AES. That's all I meant by "not the most secure". I >> concede that that expression can also have other connotations - I did not >> mean to imply that. > > What encryption methods ? > > AFAIK then AES is consider the most secure among the widely used > algorithms. > > And it is approved by NSA for "top secret" data. > > >>> Do you know about a vulnerability? >> >> No. But then again, that doesn't preclude there being one in this >> product. It's quite surprising how many encryption algorithms, which in >> theory are uncrackable, turn out to be severely compromised by their >> practical implementation. > > With brute force impossible and no known mathematical attack angels, > then implementation disasters is what is left to hope for. > > Arne > Actually AES I would never try to encrypt anything with known plaintext... too many attacks go into that direction.. i.e. use CBC not ECB ... But besides this one example of a more secure Encryption than AES-256 Bit is using AES-128 Bit .. as recent attacks show the keylength is exploitable and makes the attack on AES easier. Strange result.. though be aware of it AES-128 is more secure than AES-256 currently Christian
From: Martin Gregorie on 2 Mar 2010 08:07 On Tue, 02 Mar 2010 11:38:42 +0000, Tom Anderson wrote: > ISTR it was a reel of film. I can't remember how the instructions were > encoded on the film - as holes, rather than image, i think? Hence the > lack of branches - the mechanism was only capable of reading out > instructions one by one in lockstep, because a branch would involve > precisely fast-forwarding or rewinding the film, which the hardware > didn't support. That said, i have a vague memory that there were > predicated instructions, like in the ia64, so there was a limited form > of conditional logic, just not general branches. Indeed, exactly as with > the ia64, this was a way of shoehorning conditionals into a very long > pipeline! > I don't know the ia64 but, and I hate to admit it, I have written RPG3 and it was memory of preceding a command with indicators that controlled whether it was executed or not that brought on the small diatribe about the IBM S/3 and friends. RPG3 is an abomination - the world's only machine-independent assembler. > Some latter-day clever-clogs figured out a way to make a Z3 > Turing-complete, but it involved splicing the film into a loop, and > repeatedly running a fixed sequence of instructions that carried out the > cycle of a Turing machine in the Z3's store. Dubious, but an excellent > illustration of Wheeler's "any problem in computer science can be solved > with another layer of indirection"! > Cool. > Did you meet Tony Sale, who rebuilt it? He was there when i visited. > Really nice old chap, with lots of interesting stories. In fact, i'd had > a similar discussion to this a bit before going, so asked him whether > Colossus was a computer - he was very definite that it wasn't! > No, I didn't meet him - unfortunately. I love the thought that Tommy Flowers designed around telephone exchange modules and that this, together with the wholesale scrapping of valve exchanges, were the only things that made the rebuild possible. -- martin@ | Martin Gregorie gregorie. | Essex, UK org |
From: Arne Vajhøj on 2 Mar 2010 19:41 On 02-03-2010 07:36, Christian wrote: > Am 01.03.2010 21:43, schrieb Arne Vajhøj: >> On 01-03-2010 06:59, Nigel Wade wrote: >>> On Fri, 26 Feb 2010 20:16:46 -0500, Arne Vajhøj wrote: >>>> On 26-02-2010 04:50, Nigel Wade wrote: >>>>> I use eWallet for logon details, and other personal info. >>>>> >>>>> It's built on 256bit AES encryption. Not the most secure, but secure >>>>> enough to defeat most attacks. >>>> >>>> AES 256 bit is supposed to defeat any attacks. >>> >>> Sorry, I did not intend to cause any confusion or concern. I am not an >>> expert on encryption, but I think there are more secure encryption >>> methods than 256bit AES. That's all I meant by "not the most secure". I >>> concede that that expression can also have other connotations - I did not >>> mean to imply that. >> >> What encryption methods ? >> >> AFAIK then AES is consider the most secure among the widely used >> algorithms. >> >> And it is approved by NSA for "top secret" data. >> >> >>>> Do you know about a vulnerability? >>> >>> No. But then again, that doesn't preclude there being one in this >>> product. It's quite surprising how many encryption algorithms, which in >>> theory are uncrackable, turn out to be severely compromised by their >>> practical implementation. >> >> With brute force impossible and no known mathematical attack angels, >> then implementation disasters is what is left to hope for. > > Actually AES I would never try to encrypt anything with known > plaintext... too many attacks go into that direction.. > i.e. use CBC not ECB ... That is wellknown. Most people have hopefully seen the Tux pictures. > But besides this one example of a more secure Encryption than AES-256 Bit > is using AES-128 Bit .. > as recent attacks show the keylength is exploitable and makes the > attack on AES easier. > Strange result.. though be aware of it AES-128 is more secure than > AES-256 currently I don't think there is evidence for that. It has been shown that encryption using 11/14 of AES 256 bit is vulnerable to attacks (that if I understand correctly requires access to plaintext samples and use of multiple secret keys that are related in a known way) while AES 128 bit does not suffer from the same problem. That does not prove that a full AES 256 bit is less secure than a full AES 256 bit. Arne
First
|
Prev
|
Next
|
Last
Pages: 1 2 3 4 5 Prev: Creating Heap dump , jmap or any other way ? Next: %%% Funny College Girls Nude Video HERE %%% |