[ISN] Core SDI Presenting 2 Papers on Information Security at DISC'98

From: mea culpa (jerichoat_private)
Date: Fri Nov 06 1998 - 21:17:34 PST

  • Next message: mea culpa: "[ISN] REVIEW: "The Transparent Society""

    Forwarded From: Nelson Murilo <nelsonat_private>
    URL: http://biz.yahoo.com/prnews/981106/core_sdi_p_1.html
    Company Press Release
    SOURCE: Core SDI
    Core SDI of Buenos Aires Presenting Two Papers on Information Security at DISC
    '98 in Mexico City
    BUENOS AIRES, Argentina, Nov. 6 /PRNewswire/ -- Core SDI of Buenos Aires
    said today that it is presenting two papers on information security this
    week at DISC '98, the largest computing security conference in Latin
    America, which is being held in Mexico DF. 
    The first, ``An Attack on CRC-32 Integrity Checks on Encrypted Channels
    Using CBC and CBF Modes,'' reflects the theoretical basis of the ``SSH
    insertion attack'' security advisory, which was published in June by Core
    SDI. In this advisory, Core experts alerted on vulnerabilities of SSH
    (Secure Shell) up to Version 1.2.23, a software widely used by major
    companies and organizations all over the world, such as banks,
    intelligence agencies, etc., to maintain secure communications over
    insecure channels (the Internet, for example). The cryptographic
    technology used in this software gives strong authentication and
    confidentiality to the transmitted data. The problem found by Core allows
    attackers to gain full access over the machines involved in the
    communication and, further, access to the net where those machines are
    The second paper is named ``PEO and VCR -- Two Simple Cryptographic
    Protocols.'' Core SDI developed three years ago an innovative technology
    called ``Secure Logging,'' and these two protocols are the foundational
    base for this technology. The company said that thanks to a suite of
    products developed by Core SDI and freely available to everyone, it is
    possible to detect whether logs have been modified by an attacker, even if
    he has gained administrator or root access. It also is possible to
    remotely audit in a centralized way all system logs in the network for
    Windows NT and Unix platforms. 
    Core SDI is a research, development and consulting company on computer
    security, based in Buenos Aires. Core has participated in many projects in
    Latin America, the United States and Canada, providing solutions to
    government agencies, telecommunication companies and banks. The CoreLabs
    are the research arm of Core SDI, and they are continuously researching,
    developing and testing new technologies. 
    The results of the continuous investigation done at CoreLabs are published
    on its web site at www.core-sdi.com. 
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:10:24 PDT