[ISN] Core SDI Presenting 2 Papers on Information Security at DISC'98

From: mea culpa (jerichoat_private)
Date: Fri Nov 06 1998 - 21:17:34 PST

Next message: mea culpa: "[ISN] REVIEW: "The Transparent Society""

Previous message: mea culpa: "[ISN] REVIEW: "Windows NT Server 4 Security Handbook""
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Forwarded From: Nelson Murilo <nelsonat_private>


URL: http://biz.yahoo.com/prnews/981106/core_sdi_p_1.html

Company Press Release
SOURCE: Core SDI
   
Core SDI of Buenos Aires Presenting Two Papers on Information Security at DISC
'98 in Mexico City

BUENOS AIRES, Argentina, Nov. 6 /PRNewswire/ -- Core SDI of Buenos Aires
said today that it is presenting two papers on information security this
week at DISC '98, the largest computing security conference in Latin
America, which is being held in Mexico DF. 
   
The first, ``An Attack on CRC-32 Integrity Checks on Encrypted Channels
Using CBC and CBF Modes,'' reflects the theoretical basis of the ``SSH
insertion attack'' security advisory, which was published in June by Core
SDI. In this advisory, Core experts alerted on vulnerabilities of SSH
(Secure Shell) up to Version 1.2.23, a software widely used by major
companies and organizations all over the world, such as banks,
intelligence agencies, etc., to maintain secure communications over
insecure channels (the Internet, for example). The cryptographic
technology used in this software gives strong authentication and
confidentiality to the transmitted data. The problem found by Core allows
attackers to gain full access over the machines involved in the
communication and, further, access to the net where those machines are
connected. 
   
The second paper is named ``PEO and VCR -- Two Simple Cryptographic
Protocols.'' Core SDI developed three years ago an innovative technology
called ``Secure Logging,'' and these two protocols are the foundational
base for this technology. The company said that thanks to a suite of
products developed by Core SDI and freely available to everyone, it is
possible to detect whether logs have been modified by an attacker, even if
he has gained administrator or root access. It also is possible to
remotely audit in a centralized way all system logs in the network for
Windows NT and Unix platforms. 
   
Core SDI is a research, development and consulting company on computer
security, based in Buenos Aires. Core has participated in many projects in
Latin America, the United States and Canada, providing solutions to
government agencies, telecommunication companies and banks. The CoreLabs
are the research arm of Core SDI, and they are continuously researching,
developing and testing new technologies. 
   
The results of the continuous investigation done at CoreLabs are published
on its web site at www.core-sdi.com. 
   

-o-
Subscribe: mail majordomoat_private with "subscribe isn".
Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]

Next message: mea culpa: "[ISN] REVIEW: "The Transparent Society""
Previous message: mea culpa: "[ISN] REVIEW: "Windows NT Server 4 Security Handbook""
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:10:24 PDT