Cryptology ePrint Archive : Listing for 2013

« TRS-80 With A Keccak Sponge Cake

de Jean-Marie Chauvet

The subject of this paper, an improbable implementation of
a recently standardized cryptographic hash function on a thirty-five-year-
old microcomputer, may strike some as unusual and recreative at best.
In the tedious discipline of the process, however, lessons were learned in
implementation trade-offs for basic cryptographic primitives which may
prove interesting in the current context of securing (small to nano) ma-
chine to machine communications. More importantly, that such insights
might stem out of revisiting how earlier computing platforms relate to
the code written on them to cast a distant light on modern connections of
code to material, historical and contextual factors certainly illuminates
the joys of retrocomputing. »

▻https://eprint.iacr.org/2013/736.pdf

La mise en œuvre d’un algorithme de programmation moderne sur un #TRS-80... Code en assembleur et en BASIC

#cryptographie #geek #nostalgie #rétroinformatique #keccak

« Elliptic Curve Cryptography in Practice

de Joppe W. Bos1 , J. Alex Halderman , Nadia Heninger, Jonathan Moore, Michael Naehrig1 , et Eric Wustrow

In this paper, we perform a review of elliptic curve cryptography (ECC), as it it used in practice today, in order to reveal unique mistakes and vulnerabilities that arise in implementations of ECC. We study four popular protocols that make use of this type of public-key cryptography : Bitcoin, secure shell (SSH), transport layer security (TLS), and the Austrian e-ID card. We are pleased to observe that about 1 in 10 systems support ECC across the TLS and SSH protocols. However, we find that despite the high stakes of money, access and resources protected by ECC, implementations suffer from vulnerabilities similar to those that plague previous cryptographic systems. »

▻https://eprint.iacr.org/2013/734.pdf

Les auteurs ont mis la main sur plein de clés cryptographiques utilisant la technique (relativement) récente des courbes elliptiques et ont analysé ces clés. Les courbes elliptiques augmentent en popularité mais restent loin derrrière le classique RSA (par exemple, 10 % des clés SSH seulement, et 7 % des serveurs HTTPS). Plus gênant, l’examen de ces clés montre des faiblesses dans leur génération, telles que l’utilisation de générateurs aléatoires pas très aléatoires. On rencontre même des machines qui ont la même clé.

#cryptographie #courbes_elliptiques