The RISKS Digest
Volume 26 Issue 12

Friday, 30th July 2010

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Please try the URL privacy information feature enabled by clicking the flashlight icon above. This will reveal two icons after each link the body of the digest. The shield takes you to a breakdown of Terms of Service for the site - however only a small number of sites are covered at the moment. The flashlight take you to an analysis of the various trackers etc. that the linked site delivers. Please let the website maintainer know if you find this useful or not. As a RISKS reader, you will probably not be surprised by what is revealed…

Contents

Tech worker: 'Blue screen of death' on oil rig's computer
Gregg Keizer via Gene Wirchenko
BP: "Will no one rid me of this turbulent alarm?"
Danny Burstein
Verizon experienced nationwide Network Extender network failure
Kevin G. Barkes
Oracle's Java Company Change Breaks Eclipse
timothy on Slashdot via Lauren Weinstein
Important Lessons to Learn from the Black Hat ATM Hack
Matthew Kruk
Wal-Mart Radio Tags to Track Clothing
Miguel Bustillo via Monty Solomon
iPhone GPS leads police to stolen device in minutes
Gene Wirchenko
Slovenian Mariposa botnet
Ali Zerdin via George Ledin
Android wallpaper malware
Dean Takahashi via George Ledin
Slashdot: Online banking Trojan horse
PGN
Personal Info For 100 Million Facebook Users Harvested Into One
Dave Farber
WikiLeaks classified documents
PGN
Risks of free-text fields in medical records
dkross via PGN
Photo fakery in the news again
Mark Brader
ICANN touts DNSSEC as tool to fight "Internet Criminals"
Lauren Weinstein
To Change or Not to Change Passwords?
Gene Wirchenko
Re: Cal payroll data system cannot be changed
Valdis Kletnieks
Michael Smith
iPhone Used Left-handed and Used by Lefthanders
Gene Wirchenko
Paper on the law and Implantable Devices security
Gadi Evron
REVIEW: "The Design of Rijndael", Joan Daemen/Vincent Rijmen
Rob Slade
Info on RISKS (comp.risks)

Tech worker: 'Blue screen of death' on oil rig's computer

Gene Wirchenko <genew@ocis.net>
Thu, 29 Jul 2010 11:42:28 -0700

Gregg Keizer, *Computerworld*, 26 Jul 2010

A computer that monitored drilling operations on the Deepwater Horizon had
been freezing with a [BSOD] prior to the explosion that sank the oil rig
last April, the chief electrician aboard testified Friday at a federal
hearing.

In his testimony Friday, Michael Williams, the chief electronics technician
aboard the Transocean-owned Deepwater Horizon, said that the rig's safety
alarm had been habitually switched to a bypass mode to avoid waking up the
crew with middle-of-the-night warnings.

Williams said that a computer control system in the drill shack would still
record high gas levels or a fire, but it would not trigger warning sirens,
He also said that five weeks before the April 20 explosion, he had been
called to check a computer system that monitored and controlled drilling.
The machine had been locking up for months.  You'd have no data coming
through."  With the computer frozen, the driller would not have access to
crucial data about what was going on in the well.

The April disaster left 11 dead and resulted in the largest oil spill in
U.S. history.


BP: "Will no one rid me of this turbulent alarm?"

danny burstein <dannyb@panix.com>
Fri, 23 Jul 2010 18:48:13 -0400 (EDT)

Fire Alarm Was Partially Disabled on Oil Rig, Electrician Says

The fire- and natural-gas alarm system aboard the Deepwater Horizon was
partly disabled on the night the drilling rig caught fire, the chief
electrician aboard testified Friday at a hearing outside New Orleans.  "The
general alarm was inhibited," said Michael Williams, an employee of
Transocean Ltd., which owned the rig. He explained that the system that
automatically sounded a general alarm had been disabled because rig managers
"did not want people woken up at 3 a.m. with false alarms."
     ^^^^^^^^

http://online.wsj.com/article/SB10001424052748703294904575385160342490350.html


"Kevin G. Barkes" <kgbarkes@gmail.com>
July 28, 2010 2:57:15 PM EDT
Subject: Verizon experienced nationwide Network Extender network failure

  [From Dave Farber's IP distribution.  PGN]

I was thinking of ordering a Verizon Network Extender because my office is
in the basement of my home and the signal there fades from time to time.

Before ordering, I stuck "Verizon Network Extender" into Google News and
found this from phonenews.com:

  Verizon Network Extenders Experiencing Outage Nationwide
  Written by Christopher Price on July 27, 2010

If you have a Verizon Network Extender, you might be asking the infamous
'Can you hear me now?'

Verizon has confirmed to PhoneNews.com that all Network Extenders nationwide
are down, due to an outage. Representatives for Verizon could not provide
an estimate as to when the service would be restored.

Verizon may be preparing to release an EV-DO version of the Network
Extender, first shown to the public by PhoneNews.com earlier this year. Both
the current femtocell and Verizon's next-generation Network Extender are
manufactured by Samsung.

In the comments section, a user reported the system was up at 4:45 am EST
today.

Lots of interesting information in the readers comments section:

"- This is a consistent issue and really needs addressed. 4 times our area
has been out in just a few months. Tech support is useless. They keep having
you reset stuff just to inform you after an hour that it's there (sic)
system."

Instead of ordering one now, I think I'll just walk the 12 steps to the
first floor where coverage is adequate...

Archives: https://www.listbox.com/member/archive/247/=now


Oracle's Java Company Change Breaks Eclipse (timothy on Slashdot)

Lauren Weinstein <lauren@vortex.com>
Wed, 28 Jul 2010 15:39:27 -0700

http://bit.ly/dA8Ier  (Slashdot)

Posted by timothy <http://www.monkey.org/~timothy/>  28 Jul 2010

crabel writes "In Java 1.6.0_21, the company field was changed from
'Sun Microsystems, Inc' to 'Oracle.' Apparently not the best idea,
because some applications depend on that field to
identify the virtual machine. All Eclipse versions since 3.3 (released
2007) until and including the recent Helios release (2010) have been
reported to crash with an OutOfMemoryError due to this change. This is
particularly funny since the update is deployed through automatic update
and suddenly applications cease to work."  [Lots of subsequent discussion.
Problem now fixed.  PGN]

http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6969236
https://bugs.eclipse.org/bugs/show_bug.cgi?id=319514
http://www.facebook.com/sharer.php?u=http://it.slashdot.org/story/10/07/28/2121259/Oracles-Java-Company-Change-Breaks-Eclipse
http://twitter.com/home?status=Oracle's+Java+Company+Change+Breaks+Eclipse%3A+http%3A%2F%2Fbit.ly%2FdvJFiL


Important Lessons to Learn from the Black Hat ATM Hack

"Matthew Kruk" <mkrukg@gmail.com>
Thu, 29 Jul 2010 16:23:06 -0600

A security researcher named Barnaby Jack amazed attendees at the Black Hat
security conference by hacking ATM machines in a session titled "Jackpotting
Automated Teller Machines Redux". There are some important lessons to be
learned from the hacks Jack demonstrated, and they apply to more than just
ATM machines.

http://www.pcworld.com/businesscenter/article/202172/important_lessons_to_learn_from_the_black_hat_atm_hack.html?tk=hp_blg


Wal-Mart Radio Tags to Track Clothing (Miguel Bustillo)

Monty Solomon <monty@roscom.com>
Fri, 23 Jul 2010 21:20:29 -0400

[Source: Miguel Bustillo, *Wall Street Journal*, Business Technology,
23 Jul 2010; PGN-ed]

Wal-Mart Stores Inc. plans to roll out sophisticated electronic ID tags to
track individual pairs of jeans and underwear, the first step in a system
that advocates say better controls inventory but some critics say raises
privacy concerns.  Starting next month, the retailer will place removable
"smart tags" on individual garments that can be read by a hand-held scanner.
Wal-Mart workers will be able to quickly learn, for instance, which size of
Wrangler jeans is missing, with the aim of ensuring shelves are optimally
stocked and inventory tightly watched. If successful, the radio-frequency ID
tags will be rolled out on other products at Wal-Mart's more than 3,750
U.S. stores.  "This ability to wave the wand and have a sense of all the
products that are on the floor or in the back room in seconds is something
that we feel can really transform our business," said Raul Vazquez, the
executive in charge of Wal-Mart stores in the western U.S. ...

While the tags can be removed from clothing and packages, they can't be
turned off, and they are trackable. Some privacy advocates hypothesize that
unscrupulous marketers or criminals will be able to drive by consumers'
homes and scan their garbage to discover what they have recently bought.

They also worry that retailers will be able to scan customers who carry new
types of personal ID cards as they walk through a store, without their
knowledge. Several states, including Washington and New York, have begun
issuing enhanced driver's licenses that contain radio- frequency tags with
unique ID numbers, to make border crossings easier for frequent
travelers. Some privacy advocates contend that retailers could theoretically
scan people with such licenses as they make purchases, combine the info with
their credit card data, and then know the person's identity the next time
they stepped into the store.  ...

http://online.wsj.com/article/SB10001424052748704421304575383213061198090.html

  [Also noted by Ben Moore: "There are so many RISKS in this I can't even
  make a list!"—e.g., There are two things you really don't want to tag,
  clothing and identity documents, and ironically that's where we are
  seeing adoption.  PGN]


iPhone GPS leads police to stolen device in minutes

Gene Wirchenko <genew@ocis.net>
Sun, 25 Jul 2010 23:04:18 -0700

Source: *The Daily News*, Kamloops, British Columbia, Canada, 24 Jul 2010,
item from The Associated Press, 23 Jul 2010

A man accused of stealing an Apple iPhone out of a woman's hand in San
Francisco may have been shocked when police found him only nine minutes
later.  It turns out the phone had been tracking his every move.

The iPhone was being used to test a new, real-time global positioning system
tracking application, and the woman holding it was an intern for the
software's maker, Mountain View-based Covia Labs.
Covia CEO David Kahn had sent the intern into the street to demonstrate the
software.

Police say Horatio Toure snatched it and sped away on a bicycle.  Kahn was
watching a live map of the phone's location on a computer and says he was
immediately struck by how quickly the image began moving down the street.
Police arrested Toure nine minutes later.

  [A Good Demo!]


Slovenian Mariposa botnet (Ali Zerdin)

George Ledin <george.ledin@sonoma.edu>
Thu, 29 Jul 2010 08:00:09 -0700

A cyber mastermind from Slovenia (Iserdo) who is suspected of creating a
malicious software code that infected 12 million computers worldwide and
orchestrating other huge cyberscams has been arrested and questioned.  His
arrest comes about five months after Spanish police broke up the massive
cyberscam, arresting three of the alleged ringleaders who operated the
Mariposa botnet, which stole credit cards and online banking
credentials. The botnet appeared in December 2008 and infected hundreds of
companies and at least 40 major banks.  [Source: Ali Zerdin, Cyber
mastermind arrested, questioned in Slovenia, Associated Press, 28 Jul 2010;
PGNed]
  http://www.computerworld.com/s/article/9179769/Three_arrested_in_connection_with_Mariposa_botnet
  http://news.yahoo.com/s/ap/20100728/ap_on_hi_te/eu_slovenia_cyber_bust
  http://lenta.ru/news/2010/07/28/mariposa/  [in Russian]


Android wallpaper malware

George Ledin <george.ledin@sonoma.edu>
Thu, 29 Jul 2010 08:00:09 -0700

Questionable Android mobile wallpaper app that collects your personal data
(browsing history, text messages, your phone's SIM card number, subscriber
identification, and even your voicemail password, as long as it is
programmed automatically into your phone) and sends it to www.imnet.us
(owned by someone in China).  It has been downloaded more than a million
times, according to Lookout speakers at Black Hat on 28 Kul 2010.  The app
in question came from Jackeey Wallpaper, and it was uploaded to the Android
Market for use on Google Android.  [Source: Dean Takahashi, MobileBeat;
PGN-ed]
http://mobile.venturebeat.com/2010/07/28/android-wallpaper-app-that-steals-your-data-was-downloaded-by-millions/


Slashdot: Online banking Trojan horse

"Peter G. Neumann" <neumann@csl.sri.com>
Mon, 26 Jul 2010 9:48:33 PDT

Original in Dutch:
http://yro.slashdot.org/story/10/07/25/1954216/Online-Banking-Trojan-Stole-Money-From-Belgians?from=3Drss
&utm_source=3Dfeedburner&utm_medium=3Dfeed&utm_campaign=3DFeed%3A+Slashdot%2Fslashdot+%28Slashdot%29


Google-Translated into English:
http://translate.google.com/translate?js=3Dy&prev=3D_t&hl=3Den&ie=3DUTF-8&layout=3D1&eotf=3D1&u=3Dhttp%3A%2F%2Fwww.hbvl.be%2Fnieuws%2Fgeldzaken%2Faid956766%2Fbelgisch-gerecht-ontdekt-grootschalige-bankfraude.aspx&sl=3Dnl&tl=3Den



[IP] Personal Info For 100 Million Facebook Users Harvested Into One

Dave Farber <dave@farber.net>
Wed, 28 Jul 2010 17:49:45 -0400
 File - The Consumerist

http://consumerist.com/2010/07/personal-info-for-100-million-facebook-users-harvested-into-one-file.html


WikiLeaks classified documents

"Peter G. Neumann" <neumann@csl.sri.com>
Mon, 26 Jul 2010 9:45:36 PDT

Some 92,000 individual reports in all were made available to *The New York
Times* and European news organizations by WikiLeaks on the condition that
the papers not report on the data until 25 Jul 2010, when WikiLeaks said it
intended to post the material on the Internet. WikiLeaks did not reveal
where it obtained the material. WikiLeaks was not involved in the news
organizations' research, reporting, analysis and writing. The Times spent
about a month mining the data for disclosures and patterns, verifying and
cross-checking with other information sources, and preparing the articles
that are published today. The three news organizations agreed to publish
their articles simultaneously, but each prepared its own articles.
[Source: *The NYT*, 26 Jul 2010, PGN-ed]

  http://www.nytimes.com/2010/07/26/world/26editors-note.html
See also
  http://www.nytimes.com/interactive/world/26warlogs.html


Risks of free-text fields in medical records

"Peter G. Neumann" <neumann@csl.sri.com>
Wed, 21 Jul 2010 12:19:22 PDT

  [Source: dkross]

JAMIA 2010;17:472-476 doi:10.1136/jamia.2010.003335

    * Case report

  An unintended consequence of electronic prescriptions: prevalence and
  impact of internal discrepancies

1. Correspondence to Dr Alexander Turchin, Clinical Informatics Research and
   Development, Suite 201, 93 Worcester Street, Wellesley, MA 02481, USA;
   aturchin@partners.org <mailto:aturchin@partners.org>

Many e-prescribing systems allow for both structured and free-text fields in
prescriptions, making possible internal discrepancies. This study reviewed
2914 electronic prescriptions that contained free-text fields. Internal
discrepancies were found in 16.1% of the prescriptions.  Most (83.8%) of the
discrepancies could potentially lead to adverse events and many (16.8%) to
severe adverse events, involving a hospital admission or
death. Discrepancies in doses, routes or complex regimens were most likely
to have a potential for a severe event (p=0.0001).  Discrepancies between
structured and free-text fields in electronic prescriptions are common and
can cause patient harm. Improvements in electronic medical record design are
necessary to minimize the risk of discrepancies and resulting adverse
events.


Photo fakery in the news again

Mark Brader
Wed, 21 Jul 2010 17:51:19 -0400 (EDT)

A photo posted by BP supposedly showing the company's oil spill command
center was apparently a Photoshopped collage of a picture with blank screens
from March 2001 that had been altered to seemingly show recent screen
content. The image was posted on BP's Web site and was distributed by the
Associated Press and possibly other news services.  It appeared prominently
on CBSNews.com.  [Source: Ken Millstone, CBS News, 20 Jul 2010; PGN-ed]
http://www.cbsnews.com/stories/2010/07/20/national/main6695900.shtml


ICANN touts DNSSEC as tool to fight "Internet Criminals"

Lauren Weinstein <lauren@vortex.com>
Wed, 28 Jul 2010 18:55:33 -0700

  [From Network Neutrality Squad]

ICANN touts DNSSEC as tool to fight "Internet Criminals"

  ICANN said the DNSSEC would eventually allow Internet users to know "with
  certainty" that they have been directed to the Web site they sought.
  "This upgrade will help disrupt the plans of criminals around the world
  who hope to exploit this crucial part of the Internet infrastructure to
  steal from unsuspecting people," ICANN President and CEO Rod Beckstrom
  said in a statement."

http://bit.ly/aQ4Vmr  (Tech Daily Dose)

 - - -

While the implementation of DNSSEC is certainly important, and the avoidance
of DNS cache poisoning attacks is clearly very useful, ICANN's
"Dragnet-esque" pronouncements about fighting crime strike me as highly
ironic.

The simple fact is that "Internet criminals" have a vast array of tools in
their arsenal to misdirect users, and few of these depend on cache poisoning
or DNS manipulation.

Much of the crime is enabled by the fundamental design of the domain name
registry/registrars ecosystem, which enables crooks to easily create and
abandon completely valid "disposable" domains that are only used for short
periods of time and cannot be reasonable tracked to their owners.

In fact, through their plans to unleash vast numbers of new Top Level
Domains (TLDs) on the Internet—perhaps hundreds in the first year --
ICANN will only be increasing the confusion of consumers and providing fresh
juice for criminal operations.  Most Internet users aren't calling for new
TLDs—they mainly think in terms of dot-com and that's unlikely to change
any time soon.  The main push for new TLDs is from would-be registry
operators and their registrar cohorts, who see the promise of big bucks from
the rush of purely defensive domain registrations that occur when every new
TLD opens.

So as far as I'm concerned, ICANN isn't winning the "Joe Friday"
crime-fighter award any time soon.


To Change or Not to Change Passwords?

Gene Wirchenko <genew@ocis.net>
Wed, 21 Jul 2010 11:06:52 -0700

System vulnerable to default password use?  Change the passwords?  Well,
maybe not:

http://www.itbusiness.ca/it/client/en/home/news.asp?id=58452
Leave passwords alone, Siemens warns customers hit by Stuxnet worm
7/21/2010 6:00:00 AM By: Robert McMillan

Although a newly discovered worm could allow criminals to break into
Siemens' industrial automation systems using a default password, Siemens is
telling customers to leave their passwords alone.

That's because changing the password could disrupt the Siemens system,
potentially throwing large-scale industrial systems that it manages into
disarray. "We will be publishing customer guidance shortly, but it won't
include advice to change default settings as that could impact plant
operations," said Siemens Industry spokesman Michael Krampe in an e-mail
message Monday.

I think Siemens did not do too well in security design.


Re: Cal payroll data system cannot be changed (RISKS-26.10)

<Valdis.Kletnieks@vt.edu>
Thu, 22 Jul 2010 11:07:58 -0400

As I saw reported in one (singular, unitary, not repeated a second time)
story on this debacle, the *real* problem isn't that they can't reprogram
the computers and databases to change salaries.  The *real* problem is that
the *actual* request is to *disburse* to the employees a different amount
than what they earned.

Think about that for a moment.

Doesn't matter if it's a salary position paying $4,329/month or a temp
position paying $10/hour - everybody is *given* the equivalent of minimum
wage *and then we need to keep track of what we owe them* so we can cut them
a reimbursement check when funds become available.  That's after we figure
out what the equivalent of minimum wage is for each of the zillions of
different employment contracts with differing hours-worked rules,
double-time for working a holiday, and so on. of And then the darn thing
propagates through the system - what do we do with the report that tells a
business unit how much is left in their budget for salaries?  They may have
had $750K, and been debited by the total paid every payday - but now that
report needs to debit that pool of money by the sum of what was paid and the
owed money. And so on.

Then there's the accounting issues if the mess crosses a fiscal year
boundary, so that we're piling up liabilities in one year and paying them in
another - that's *always* an accounting mess (hint - how much extra work do
you need to do so that your accounting reports accurately reflect the real
fiscal position in both fiscal years?)

Oh, and that $10/hr temp position? Let's say there's $15,000 budgeted for
it, so the person can work 1,500 hours. We now actually pay him $7.50/hour,
and he stays on the payroll for 2,000 hours.  We have to remember to *not*
pay him a reimbursement afterward.

Sit around for a few minutes and think of other corner cases like that. It
gets to be a real headache really fast...


Re: Cal payroll data system cannot be changed (RISKS-26.10)

Michael Smith <emmenjay@zip.com.au>
Tue, 27 Jul 2010 15:38:47 +1000

Nobody has mentioned a possible explanation that appears (to me) to be very
likely.  "Lying".

  Governor:  I'm going to cut your pay.  Go and change
             the computers.
  IT Staff:  Hmmm.  We'll get right on to that.  But it might take a while.
  Governor:  How long?
  IT Staff:  Just 'till after the next election.


iPhone Used Left-handed and Used by Lefthanders

Gene Wirchenko <genew@ocis.net>
Sat, 24 Jul 2010 21:22:19 -0700

I am a left-hander.  In reading the coverage over the iPhone antenna issue,
I can not tell whether I would have been affected by the problem if I had an
iPhone.

Which hand does a RIGHT-hander use an iPhone with?  Which hand does a
LEFT-hander use an iPhone with?

The answers are not necessarily right and left.  Consider the answers if the
questions were about baseball gloves.

On the computer front, I use a mouse with my right hand for about the same
reason that I would use a baseball glove on my right hand.  I can scroll
through a Web page with my right hand while taking notes with my left.  How
do you right-handers manage this?


Paper on the law and Implantable Devices security

Gadi Evron <ge@linuxbox.org>
Mon, 26 Jul 2010 13:43:51 +0300

A new research paper from the Freedom And Law Center deals with issues that
some of us keep raising these past few years, and does a good job at it -
bionic hacking (or cybernetic hacking if you prefer).

"Killed by Code: Software Transparency in Implantable Medical Devices"
outlines some of the history of these devices and even shows some cases
where devices have been recalled (likely due to software issues).

Some of the paper's recommendations are especially interesting, such as to
create a database of implantable devices code, so that if the vendor
disappears it can still be patched (I rephrased).

While unintentional, I am considered the father of this field (not that I'm
complaining) and I can't even begin to tell you how excited I am that a
field I have been evangelizing for some years now if finally getting more
attention—even if from the legal standpoint with the main concern of
liability.

Still, I can't help but maintain some skepticism that before some disaster
happens (to us or others) this won't be taken too seriously.

The paper can be found here:
http://www.softwarefreedom.org/resources/2010/transparent-medical-devices.html

Here's a 2007 Wired article covering the subject from a talk I gave,
covering the subject from a different perspective:
http://www.wired.com/threatlevel/2007/08/will-the-bionic/


REVIEW: "The Design of Rijndael", Joan Daemen/Vincent Rijmen

Rob Slade <rmslade@shaw.ca>
Thu, 22 Jul 2010 11:39:45 -0800

BKDRJNDL.RVW   20091129

"The Design of Rijndael", Joan Daemen/Vincent Rijmen, 2002,
3-540-42580-2
%A   Joan Daemen
%A   Vincent Rijmen
%C   233 Spring St., New York, NY   10013
%D   2002
%G   3-540-42580-2
%I   Springer-Verlag
%O   212-460-1500 800-777-4643 service-ny@springer-sbm.com
%O  http://www.amazon.com/exec/obidos/ASIN/3540425802/robsladesinterne
  http://www.amazon.co.uk/exec/obidos/ASIN/3540425802/robsladesinte-21
%O   http://www.amazon.ca/exec/obidos/ASIN/3540425802/robsladesin03-20
%O   Audience s- Tech 3 Writing 1 (see revfaq.htm for explanation)
%P   238 p.
%T   "The Design of Rijndael: AES - The Advanced Encryption Standard"

This book, written by the authors of the Rijndael encryption algorithm, (the
engine underlying the Advanced Encryption Standard) explains how Rijndael
works, discusses some implementation factors, and presents the approach to
its design.  Daemen and Rijmen note the linear and differential
cryptanalytic attacks to which DES (the Data Encryption Standard) was
subject, the design strategy that resulted from their analysis, the
possibilities of reduce round attacks, and the details of related ciphers.

Chapter one is a history of the AES assessment and decision process.  It is
interesting to note the requirements specified, particularly the fact that
AES was intended to protect "sensitive but unclassified" material.
Background in regard to mathematical and block cipher concepts is given in
chapter two.  The specifications of Rijndael sub- functions and rounds are
detailed in chapter three.  Chapter four notes implementation considerations
in small platforms and dedicated hardware.  The design philosophy underlying
the work is outlined in chapter five: much of it concentrates on simplicity
and symmetry.  Differential and linear cryptanalysis mounted against DES is
examined in chapter six.  Chapter seven reviews the use of correlation
matrices in cryptanalysis.  If differences between pairs of plaintext can be
calculated as they propagate through the boolean functions used for
intermediate and resultant ciphertext, then chapter eight shows how this can
be used as the basis of differential cryptanalysis.  Using the concepts from
these two chapters, chapter nine examines how the wide trail design diffuses
cipher operations and data to prevent strong linear correlations or
differential propagation.  There is also formal proof of Rijndael's
resistant construction.  Chapter ten looks at a number of cryptanalytic
attacks and problems (including the infamous weak and semi-weak keys of DES)
and notes the protections provided in the design of Rijndael.  Cryptographic
algorithms that made a contribution to, or are descended from, Rijndael are
described in chapter eleven.

This book is intended for serious students of cryptographic algorithm
design: it is highly demanding text, and requires a background in the formal
study of number theory and logic.  Given that, it does provide some
fascinating examination of both the advanced cryptanalytic attacks, and the
design of algorithms to resist them.

copyright Robert M. Slade, 2009    BKDRJNDL.RVW   20091129
rslade@vcn.bc.ca     slade@victoria.tc.ca     rslade@computercrime.org
victoria.tc.ca/techrev/rms.htm blog.isc2.org/isc2_blog/slade/index.html

Please report problems with the web pages to the maintainer

x
Top