search for: cryptosystem

...hat remove the detectable optimization away. Would you consider blacklisting openssl versions that do not implement that workaround ? Abstract follows. Kr, Aris Abstract: For over two decades, timing attacks have been an active area of research within applied cryptography. These attacks exploit cryptosystem or protocol implementations that do not run in constant time. When implementing an elliptic curve cryptosystem that provides side-channel resistance, the scalar multiplication routine is a critical component. In such instances, one attractive method often suggested in the literature is Montgomery...

Greetings; I've been reading the OpenSSH source code and have a question about the des_ssh1_setiv function in cipher.c. (cut-n-pasted here from cipher.c v1.47) : static void des_ssh1_setiv(CipherContext *cc, const u_char *iv, u_int ivlen) { memset(cc->u.des.iv, 0, sizeof(cc->u.des.iv)); } This doesn't use the *iv parameter. Compare with: static void

I've expressed several concerns with enabling UpdateHostKeys by default, none of which were even commented on, so this topic seems to not be in any way open for discussion, but I'll still add one more thing here. Peter Stuge wrote: > Subject: Re: UpdateHostkeys now enabled by default > Date: Mon, 5 Oct 2020 11:22:29 +0000 .. > I do not disagree with progressive key management, we

Hi All, On several of my servers I seem to have a high rate of server crashes do to file system errors. So I have some questions related to this: Is there any Mean Time Between Failure ( MTBF) data for the ext3 file-system? Does increased partition size cause a higher risk of the partition being corrupted? If so, is there any data on the ratio between partition size and the likely hood of

Samba4 4.0.5, CentOS 6.4. How does one enable DES enctypes in Samba? I need these to be available for each user when they log in to enable access to a Kerberized NFSv4 export. Steve

...type "MSLSA:" for read-only access to the MS Windows LSA cache. * On Windows, krb5.exe now has a checkbox to request addressless tickets. * To avoid compatibility problems, unrecognized TGS options will now be ignored. * 128-bit AES has been added to the default enctypes. * AES cryptosystem now chains IVs. This WILL break backwards compatibility for the kcmd applications, if they are using AES session keys. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (SunOS) iQCVAwUBQD6aI6bDgE/zdoE9AQH+bwQAlC2pvr+DbnYNw8NzlBAng6Hpqf3b5StJ sZDakTpcOSalnouKv5TxRjLyG9hu9kz7e1Vl1/b9BDU5ROx9...

...against Samba. Samba has some protection for this issue because since Samba 4.8 we have set a default of 'server schannel = yes'. Users who have changed this default are hereby warned that Samba implements the AES netlogon protocol faithfully and so falls to the same fault in the cryptosystem design. Vendors supporting Samba 4.7 and below should patch their installations and packages to change this default, as values of: - server schannel = no - server schannel = auto are NOT secure and we expect can result in full domain compromise, particularly for AD domains. Some pu...

...against Samba. Samba has some protection for this issue because since Samba 4.8 we have set a default of 'server schannel = yes'. Users who have changed this default are hereby warned that Samba implements the AES netlogon protocol faithfully and so falls to the same fault in the cryptosystem design. Vendors supporting Samba 4.7 and below should patch their installations and packages to change this default, as values of: - server schannel = no - server schannel = auto are NOT secure and we expect can result in full domain compromise, particularly for AD domains. Some pu...

Hi, I saw https://blog.rapid7.com/2020/09/14/cve-2020-1472-zerologon-critical-privilege-escalation/ and https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472 today and I am wondering what impact if any this has on samba AD domains in particular and samba in general? Is samba using the "vulnerable Netlogon secure channel connection"? Will samba continue to

Hi everyone, Not sure if you've read http://www.win.tue.nl/hashclash/SoftIntCodeSign/ . should some kind of advisory be sent to advise people not to rely solely on MD5 checksums? Maybe an update to the man page is due ? : " MD5 has not yet (2001-09-03) been broken, but sufficient attacks have been made that its security is in some doubt. The attacks on MD5 are in the