---

Foelgende information kan simpelhen ikke vente til naeste opdatering af
OSS'en:

MIT's *absolut fremragende* samling af gratis, online uddannelser
indeholder nu deres "Network and Computer Security". Underviseren er Ron
Rivest, og materialet er fra efteraaret 2003. Gratis, korrekt og
relevant. Det bliver ikke ret meget bedre end det her, folkens; det
skulle da lige vaere, hvis MIT fik fat i Peter Gutmann.

===========
Highlights of this Course

This course site features problem sets with solutions (including student
submissions) and a full reading list.

Course Description

6.857 is an upper-level undergraduate, first-year graduate course on
network and computer security. It fits within the department's Computer
Systems and Architecture Engineering concentration. Topics covered
include (but are not limited to) the following:

* Techniques for achieving security in multi-user computer
systems and distributed computer systems;
* Cryptography: secret-key, public-key, digital signatures;
* Authentication and identification schemes;
* Intrusion detection: viruses;
* Formal models of computer security;
* Secure operating systems;
* Software protection;
* Security of electronic mail and the World Wide Web;
* Electronic commerce: payment protocols, electronic cash;
* Firewalls; and
* Risk assessment.
============

<URL:http://ocw.mit.edu/OcwWeb/Electrical-Engineering-and-Computer-Science/6-857Fall2003/CourseHome/index.htm>

--
I prefer the dark of the night, after midnight and before four-thirty,
when it's more bare, more hollow. http://a.mongers.org

OSS/FAQ for dk.edb.sikkerhed: http://sikkerhed-faq.dk

---

Alex Holst uttered:
> MIT's *absolut fremragende* samling af gratis, online uddannelser
> indeholder nu deres "Network and Computer Security".

Guldcitat fra rettesættet til eksamen på kurset:

"Students did not receive credit for arguing that MD5 is weak and
that the attacker could simply modify the new files so that they
have the same MD5 as the original files.
Any student who lost credit for this answer is invited to produce
two different files that have the same MD5 hash code."

:D

\\kristian
--
"The brain is a wonderful organ. It starts working the moment you get
up in the morning and does not stop until you get into the office."
--Robert Frost

---

Kristian Thy wrote:
>
> Any student who lost credit for this answer is invited to produce
> two different files that have the same MD5 hash code."

Det er ikke lykkedes for mig endnu. Men jeg har så heller
ikke fulgt kurset.

--
Kasper Dupont -- der bruger for meget tid paa usenet.
For sending spam use kasperd@kd.lir.dk and abuse@kd.lir.dk
I'd rather be a hammer than a nail.

---

Kristian Thy wrote:
> Guldcitat fra rettesættet til eksamen på kurset:
>
> "Students did not receive credit for arguing that MD5 is weak and
> that the attacker could simply modify the new files so that they
> have the same MD5 as the original files.
> Any student who lost credit for this answer is invited to produce
> two different files that have the same MD5 hash code."

Man fornemmer at han tager deres opgavesvar lidt personligt..

--
I prefer the dark of the night, after midnight and before four-thirty,
when it's more bare, more hollow. http://a.mongers.org

OSS/FAQ for dk.edb.sikkerhed: http://sikkerhed-faq.dk

---

Kristian Thy wrote:
> Guldcitat fra rettesættet til eksamen på kurset:
>
> "Students did not receive credit for arguing that MD5 is weak and
> that the attacker could simply modify the new files so that they
> have the same MD5 as the original files.
> Any student who lost credit for this answer is invited to produce
> two different files that have the same MD5 hash code."

Er det birthday-attack, der taenkes paa her? Mig bekendt er det ikke
helt saa enkelt (i hvert fald beregningsmaessigt), saa MD5 er ubrugeligt
til blot mellemstore filer.
--
Rumour is information distilled so finely that it can filter through
anything.
-- (Terry Pratchett, Feet of Clay)

---

Michael Knudsen wrote:
>
> Er det birthday-attack, der taenkes paa her? Mig bekendt er det ikke
> helt saa enkelt (i hvert fald beregningsmaessigt), saa MD5 er ubrugeligt
> til blot mellemstore filer.

Det er en 128 bits hash. Så et brute force angreb vil
kræve ca. 2^64 filer. Det er nok ikke realistisk endnu.
Det har ikke ret meget med størrelsen at gøre. Hvis du
begynder at gennemsøge alle mulige filer på 9 bytes vil
du med stor sandsynlighed finde en kollision. Måske
findes der allerede en med 8 bytes. Mindre end det kan
nok ikke gøre det. Så hvis du har harddisk plads nok
til 2^65 strenge af 9 bytes hver, så kan du bare gå i
gang med at sortere dem efter hash værdien.

(PS: Jeg ved godt det var dig.)

--
Kasper Dupont -- der bruger for meget tid paa usenet.
For sending spam use kasperd@kd.lir.dk and abuse@kd.lir.dk
I'd rather be a hammer than a nail.

---

Alex Holst wrote in
<news:40be2ee1$0$175$edfadb0f@dtext02.news.tele.dk>:

> Foelgende information kan simpelhen ikke vente til naeste
> opdatering af OSS'en:

Mange tak. Der ser ud til at være basis for nogle velanvendte self-
study timer.

--
Niels Callesøe - dk pfy @work
pfy[at]nntp.dk - http://www.pcpower.dk/disclaimer.php

Learn Postfix; live Postfix; love Postfix.