From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham autolearn_force=no version=3.4.4 Received: from tb-ob1.topicbox.com (tb-ob1.topicbox.com [64.147.108.173]) by inbox.vuxu.org (Postfix) with ESMTP id DCDD52022A for ; Sat, 11 May 2024 22:16:28 +0200 (CEST) Received: from tb-mx1.topicbox.com (tb-mx1.nyi.icgroup.com [10.90.30.61]) by tb-ob1.topicbox.com (Postfix) with ESMTP id 00B9536C14 for ; Sat, 11 May 2024 16:16:28 -0400 (EDT) (envelope-from bounce.mMf9740abb168ade9f12c1caa5.r522be890-2105-11eb-b15e-8d699134e1fa@9fans.bounce.topicbox.com) Received: by tb-mx1.topicbox.com (Postfix, from userid 1132) id F092718E5724; Sat, 11 May 2024 16:16:27 -0400 (EDT) ARC-Authentication-Results: i=2; topicbox.com; arc=pass; dkim=pass (1024-bit rsa key sha256) header.d=posixcafe.org header.i=@posixcafe.org header.b=pS/9nuE4 header.a=rsa-sha256 header.s=20200506 x-bits=1024; dmarc=pass policy.published-domain-policy=none policy.applied-disposition=none policy.evaluated-disposition=none (p=none,d=none,d.eval=none) policy.policy-from=p header.from=posixcafe.org; spf=pass smtp.mailfrom=moody@posixcafe.org smtp.helo=mail.posixcafe.org; x-internal-arc=fail (as.1.topicbox.com=pass, ams.1.topicbox.com=fail (message has been altered)) (Message modified while forwarding at Topicbox) ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d= topicbox.com; h=message-id:date:mime-version:subject:to :references:from:in-reply-to:content-type :content-transfer-encoding:list-help:list-id:list-post :list-subscribe:reply-to:list-unsubscribe; s=sysmsg-1; t= 1715458587; bh=b1Ip4OEEwd+Gf7fPUo7ouW4tRK5M+RHVx96uON8sUR0=; b=U DwpUcNl8elLBneI+pUmWa8id5KR3uaAwbVqADQTgqGyTM3EQjV9+QHLHr+MCwJa9 WvtmZ7Sy7fLIpqQSbfaQvEi3z6LrpEVpcXfieAJDDt8BQw2gOdPbZPmDU7O8uDGN v7MwYExVo9kp18sxkZQQtprNjVWSuso7NBruPDeK6g= ARC-Seal: i=2; a=rsa-sha256; cv=pass; d=topicbox.com; s=sysmsg-1; t= 1715458587; b=DHGDxmXeZYrL1a5iqcr553Qjfjm+XF4799oZVLQzFnsIGZiEYS GFOs2wZqd75nhmw4SDTQeV+U7WL0LV/OdYcdJUQrLmG6ac+VSwDNKHRzP/+XxxUT fILh0cgaExUkg5jHtu2JlkEek7+cC/iVVyo15V1OhAgS2JE1UUk1fRK4A= Authentication-Results: topicbox.com; arc=pass; dkim=pass (1024-bit rsa key sha256) header.d=posixcafe.org header.i=@posixcafe.org header.b=pS/9nuE4 header.a=rsa-sha256 header.s=20200506 x-bits=1024; dmarc=pass policy.published-domain-policy=none policy.applied-disposition=none policy.evaluated-disposition=none (p=none,d=none,d.eval=none) policy.policy-from=p header.from=posixcafe.org; spf=pass smtp.mailfrom=moody@posixcafe.org smtp.helo=mail.posixcafe.org; x-internal-arc=fail (as.1.topicbox.com=pass, ams.1.topicbox.com=fail (message has been altered)) (Message modified while forwarding at Topicbox) X-Received-Authentication-Results: tb-mx0.topicbox.com; arc=none (no signatures found); bimi=skipped (DMARC Policy is not at enforcement); dkim=pass (1024-bit rsa key sha256) header.d=posixcafe.org header.i=@posixcafe.org header.b=pS/9nuE4 header.a=rsa-sha256 header.s=20200506 x-bits=1024; dmarc=pass policy.published-domain-policy=none policy.applied-disposition=none policy.evaluated-disposition=none (p=none,d=none,d.eval=none) policy.policy-from=p header.from=posixcafe.org; iprev=pass smtp.remote-ip=45.76.19.58 (mail.posixcafe.org); spf=pass smtp.mailfrom=moody@posixcafe.org smtp.helo=mail.posixcafe.org; x-aligned-from=pass (Address match); x-me-sender=none; x-ptr=pass smtp.helo=mail.posixcafe.org policy.ptr=mail.posixcafe.org; x-return-mx=pass header.domain=posixcafe.org policy.is_org=yes (MX Records found: mail.posixcafe.org); x-return-mx=pass smtp.domain=posixcafe.org policy.is_org=yes (MX Records found: mail.posixcafe.org); x-tls=pass smtp.version=TLSv1.2 smtp.cipher=ECDHE-RSA-AES256-GCM-SHA384 smtp.bits=256/256; x-vs=clean score=0 state=0 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=9fans.net; h=message-id :date:mime-version:subject:to:references:from:in-reply-to :content-type:content-transfer-encoding:list-help:list-id :list-post:list-subscribe:reply-to:list-unsubscribe; s=dkim-1; t=1715458587; x=1715544987; bh=SlQSaP3uf7u2Ec33jt++Lk4As/jypanr b62iuW6uEGI=; b=Tm75/yP8owMssQ7dfRzbuvxT54AKBjpQ8L7PYdzWLgB2faTs pExlbVR760Y/cKD6+Z9fZrNLrvPAXxveGynAKa6ZCxndKQMJhplfngbjTBL1zuy5 qVKPngVzpAt/PDCISrGI0Lxu4HkXMG0A/rSidvd7uBSIhLInu7+9aHluZU8= Received: from tb-mx0.topicbox.com (localhost.local [127.0.0.1]) by tb-mx0.topicbox.com (Postfix) with ESMTP id EB717184754A for <9fans@9fans.net>; Sat, 11 May 2024 16:16:17 -0400 (EDT) (envelope-from moody@posixcafe.org) Received: from tb-mx0.topicbox.com (localhost [127.0.0.1]) by tb-mx0.topicbox.com (Authentication Milter) with ESMTP id 94D6416085E; Sat, 11 May 2024 16:16:17 -0400 ARC-Seal: i=1; a=rsa-sha256; cv=none; d=topicbox.com; s=arcseal; t= 1715458577; b=gsDbUHxYu6ijjf0SDSBbtA2DlO2DRpAWUBMSf/FvGCG6srW5mE z5ZAGOp6gSPPfLvUCHhhE7uk1+Gzx2Zj0dysaNgZw3MY1otg4iH3TL7MQB2uSg1k 0oangxrZKWo0qP7MMCQKhPFOdTKptvqb01UNt23OeH8LxwNckWCq/A0elxV1wnGp GuoMcU4uXxm44DVUPABNqsdJvF2xvq0CLX4wvpKTteqklLdE5gQ190CMe0r/AuX9 pxYswdW/BgzqtLS5SjuWR+RCRXJ5ke0a6OlTEDz5h1+CquhObxqqZg6Sr27fgL2t t3XjUAKzlhwYpQoAkaj2mw9olxNJ2HjPhHgw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d= topicbox.com; h=message-id:date:mime-version:subject:to :references:from:in-reply-to:content-type :content-transfer-encoding; s=arcseal; t=1715458577; bh=dVWN4tt0 sUCAJnmfpb80HqrNWHP1waN7cOQ80rI8aQc=; b=DDoB6dR4i/UdbnWOKgTGofzl iB2n/mf5qlHM09a2iZMNRvj0aMjbvXw1352mSwZq4G44eBq1CEudV69iJtc3vbwB eggWCFHgrqByYVitY3LIeGKre/o30CVPzdDuQZdCNkcwoh8Gb+J5rxEXf/35oNG9 tZJudQJDcJsEwth5RO3OSy2cGSjPgOUZte22NfY544ss7wa/QuYRcR9XK3nMapLV 4SMVP4lxhHWQWqt+cSNWJRsADuZKy6jSltc+E0UkaHTcNWpfhjLRVMVdO9m55M0c zme1zFuZ5s+jiWgNTwIWhM0Ej97yfX1OwmJekP7PAWZhFjXN8cM7cmRXPyPzGw== ARC-Authentication-Results: i=1; tb-mx0.topicbox.com; arc=none (no signatures found); bimi=skipped (DMARC Policy is not at enforcement); dkim=pass (1024-bit rsa key sha256) header.d=posixcafe.org header.i=@posixcafe.org header.b=pS/9nuE4 header.a=rsa-sha256 header.s=20200506 x-bits=1024; dmarc=pass policy.published-domain-policy=none policy.applied-disposition=none policy.evaluated-disposition=none (p=none,d=none,d.eval=none) policy.policy-from=p header.from=posixcafe.org; iprev=pass smtp.remote-ip=45.76.19.58 (mail.posixcafe.org); spf=pass smtp.mailfrom=moody@posixcafe.org smtp.helo=mail.posixcafe.org; x-aligned-from=pass (Address match); x-me-sender=none; x-ptr=pass smtp.helo=mail.posixcafe.org policy.ptr=mail.posixcafe.org; x-return-mx=pass header.domain=posixcafe.org policy.is_org=yes (MX Records found: mail.posixcafe.org); x-return-mx=pass smtp.domain=posixcafe.org policy.is_org=yes (MX Records found: mail.posixcafe.org); x-tls=pass smtp.version=TLSv1.2 smtp.cipher=ECDHE-RSA-AES256-GCM-SHA384 smtp.bits=256/256; x-vs=clean score=0 state=0 X-ME-VSCause: gggruggvucftvghtrhhoucdtuddrgedvledrvdegtddgudegiecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpggftfghnshhusghstghrihgsvgdp uffrtefokffrpgfnqfghnecuuegrihhlohhuthemuceftddtnecunecujfgurhepkfffgg gfuffvfhfhjggtgfesthekredttddvjeenucfhrhhomheplfgrtghosgcuofhoohguhicu oehmohhougihsehpohhsihigtggrfhgvrdhorhhgqeenucggtffrrghtthgvrhhnpeevue fgjeegieejgfevjeetffffgeffheekkeelgfevteejfeehiefgfeevtdfgleenucfkphep geehrdejiedrudelrdehkedpvddtjedrgeehrdekvddrfeeknecuvehluhhsthgvrhfuih iivgeptdenucfrrghrrghmpehinhgvthepgeehrdejiedrudelrdehkedphhgvlhhopehm rghilhdrphhoshhigigtrghfvgdrohhrghdpmhgrihhlfhhrohhmpeeomhhoohguhiesph hoshhigigtrghfvgdrohhrgheqpdhnsggprhgtphhtthhopedupdhrtghpthhtohepoeel fhgrnhhsseelfhgrnhhsrdhnvghtqe X-ME-VSScore: 0 X-ME-VSCategory: clean Received-SPF: pass (posixcafe.org: 45.76.19.58 is authorized to use 'moody@posixcafe.org' in 'mfrom' identity (mechanism 'mx' matched)) receiver=tb-mx0.topicbox.com; identity=mailfrom; envelope-from="moody@posixcafe.org"; helo=mail.posixcafe.org; client-ip=45.76.19.58 Received: from mail.posixcafe.org (mail.posixcafe.org [45.76.19.58]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by tb-mx0.topicbox.com (Postfix) with ESMTPS for <9fans@9fans.net>; Sat, 11 May 2024 16:16:17 -0400 (EDT) (envelope-from moody@posixcafe.org) Received: from [192.168.168.200] ( [207.45.82.38]) by mail.posixcafe.org (OpenSMTPD) with ESMTPSA id 12d84f6b (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO) for <9fans@9fans.net>; Sat, 11 May 2024 15:16:06 -0500 (CDT) Message-ID: <2dda1745-c644-4d9b-b436-26aaf3380192@posixcafe.org> Date: Sat, 11 May 2024 15:16:15 -0500 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [9fans] Interoperating between 9legacy and 9front To: 9fans@9fans.net References: <5BDA3A43B36A42DC855E6BC34C893A7A@eigenstate.org> <2418bd0bb3ebe621a5075e616d35eb29@hamnavoe.com> Content-Language: en-US From: Jacob Moody In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Topicbox-Policy-Reasoning: allow: sender is a member Topicbox-Message-UUID: 55ac1eac-0fd3-11ef-91a4-5b69fb8b7b06 Archived-At: =?UTF-8?B?PGh0dHBzOi8vOWZhbnMudG9waWNib3guY29tL2dyb3Vwcy85?= =?UTF-8?B?ZmFucy9UZGUyY2EyYWRkYTM4M2EzYS1NZjk3NDBhYmIxNjhhZGU5ZjEyYzFj?= =?UTF-8?B?YWE1Pg==?= List-Help: List-Id: "9fans" <9fans.9fans.net> List-Post: List-Software: Topicbox v0 List-Subscribe: Precedence: list Reply-To: 9fans <9fans@9fans.net> List-Unsubscribe: , Topicbox-Delivery-ID: 2:9fans:437d30aa-c441-11e9-8a57-d036212d11b0:522be890-2105-11eb-b15e-8d699134e1fa:Mf9740abb168ade9f12c1caa5:1:dGvlbxtaeaIFg2TgbPdMzLUobwCdIzn2roAB1g5Co9Q On 5/11/24 14:59, Dan Cross wrote: > On Sat, May 11, 2024 at 3:36=E2=80=AFPM hiro <23hiro@gmail.com> wrote: >>> explanation of dp9ik, which while useful, only >>> addresses what (I believe) Richard was referring to in passing, simply >>> noting the small key size of DES and how the shared secret is >>> vulnerable to dictionary attacks. >> >> i don't remember what richard was mentioning, but the small key size >> wasn't the only issue, the second issue is that this can be done >> completely offline. why do you say "only", what do you think is >> missing that should have been documented in addition to that? >=20 > Probably how a random teenager could break it in an afternoon. :-) If we agree that: 1) p9sk1 allows the shared secret to be brute-forced offline. 2) The average consumer machine is fast enough to make a large amount of at= tempts in a short time, in other words triple DES is not computationally hard to brute force the= se days. I don't know how you don't see how this is trivial to do. A teenager can learn to download hashcat, all that is missing from this rig= ht now is some python script to get the encrypted shared secret from a running p9sk1 server. All = the code for doing this is already written in C as part of the distribution, you just have to = only do half the negotiation and break out. I think you vastly underestimate the resourceful= ness of teenagers. I had previously stated I would publish the PoC that friends of mine in uni= versity built as part of their class, I have been asked to not do that so I will not. - moody ------------------------------------------ 9fans: 9fans Permalink: https://9fans.topicbox.com/groups/9fans/Tde2ca2adda383a3a-Mf9740= abb168ade9f12c1caa5 Delivery options: https://9fans.topicbox.com/groups/9fans/subscription