1996-08-08 - Re: F2 hash?

Header Data

From: Cerridwyn Llewyellyn <ceridwyn@wolfenet.com>
To: cypherpunks@toad.com
Message Hash: 095add007a0d34b11e6979e8ff8a01cd9c3c47d449f784e8b9c7274130d0558e
Message ID: <2.2.32.19960808143045.006ce858@gonzo.wolfenet.com>
Reply To: N/A
UTC Datetime: 1996-08-08 18:21:34 UTC
Raw Date: Fri, 9 Aug 1996 02:21:34 +0800

Raw message

From: Cerridwyn Llewyellyn <ceridwyn@wolfenet.com>
Date: Fri, 9 Aug 1996 02:21:34 +0800
To: cypherpunks@toad.com
Subject: Re: F2 hash?
Message-ID: <2.2.32.19960808143045.006ce858@gonzo.wolfenet.com>
MIME-Version: 1.0
Content-Type: text/plain



>| At Defcon this year they promised to tell about some security flaws in
>| SecurID tokens, anyone know more about that?
>
>	My understanding is that the guy who was going to give the
>talk had nda difficulties.  Vin?  Did you make it out?  The talk was
>going to be on race conditions, denial of service attacks, and the
>like.

According to Mudge (who gave the talk), he *was* going to speak specifically
on SecurID, but they were harassing him or something, and was afraid of a
libel suit if he spoke on it.  Instead, he chose to speak on S/Key flaws,
many of which are the same as SecurID flaws.  All of the attacks were on
the stupidity of the implementations and protocols, not on the cryptographic
algorithms.   Some stuff can be found at http://www.l0pht.com/~mudge .
//cerridwyn//






Thread