debunking snake oil
Marcos el Ruptor
ruptor at cryptolib.com
Sat Sep 1 08:39:49 EDT 2007
> I'd like to start with the really simple stuff; classical
> cryptography, systems with clean and obvious "breaks".
You can start with RSA SecurID, Texas Instruments DST40, Microchip
Technologies KeeLoq, Philips/NXP Hitag2, WEP RC4, Bluetooth E0, GSM
A5... It's much harder to find a product or technology that
implements proper ciphers, proper hashes, proper RNGs or proper
protocols. And I don't mean small mistakes like in SSH1 or SSL. I
mean look at all those proprietary weak ciphers sold for millions!
Will they ever learn?
Ruptor
http://defectoscopy.com/ - There is no need to design weak ciphers.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list