[Owasp-delhi] Cellphone Encryption Code Is Divulged

SUMAN SOURAV suman.sourav at sellasynergy.com
Wed Dec 30 07:39:41 EST 2009

Agreed on both points!!!

I have found something interesting while researching this issue http://reflextor.com/trac/a51.

Finally as an appsec adviser of banking group I can say (may be it is early) it's a challenge for our next generation banking technology i.e. "mobile banking".



-----Original Message-----
From: dhar_ar at yahoo.com [mailto:dhar_ar at yahoo.com]
Sent: Wednesday, December 30, 2009 5:33 PM
To: SUMAN SOURAV; owasp-delhi-bounces at lists.owasp.org; owasp-delhi at lists.owasp.org
Subject: Re: [Owasp-delhi] Cellphone Encryption Code Is Divulged

Am sure when the algo was devised it was known mathematically that a break would exist.

The issue goes beyond technology; since commercially there are millions of phones with pre programmed chips and micro controllers perhaps that won't be compatible with any new algo. I think that's the main reason why that algo still exists and with continue to exist for a while. So the change may take a while to phase in.

Also, given what you know how many can exploit it? Infact the more interesting logical question is "how do u exploit it?"


Sent from BlackBerry(r) on Airtel

-----Original Message-----

From: SUMAN SOURAV <suman.sourav at sellasynergy.com>

Date: Wed, 30 Dec 2009 11:50:52

To: owasp-delhi at lists.owasp.org<owasp-delhi at lists.owasp.org>

Subject: Re: [Owasp-delhi] Cellphone Encryption Code Is Divulged


Owasp-delhi mailing list

Owasp-delhi at lists.owasp.org


Le e-mail provenienti dalla Sella Synergy India Private Ltd sono trasmesse in buona fede e non comportano alcun vincolo ne' creano obblighi per la Sella Synergy India Private Ltd  stessa, salvo che cio' non sia espressamente previsto da un precedente accordo.
Questa e-mail e' confidenziale. Qualora l'avesse ricevuta per errore, La preghiamo di comunicarne via e-mail la ricezione al mittente e di distruggerne il contenuto. La informiamo inoltre che l'utilizzo non autorizzato del messaggio o dei suoi allegati potrebbe costituire reato.
Grazie per la collaborazione.

E-mails from Sella Synergy India Private Ltd are sent in good faith but they are neither binding on the Sella Synergy India Private Ltd nor to be understood as creating any obligation on its part except where provided for an agreement. This e-mail is confidential. If you have received it by mistake, please inform the sender by reply e-mail and delete it from your system. Please also note that the unauthorized disclosure or use of the message or any attachments could be an offence.
Thank you for your cooperation.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-delhi/attachments/20091230/a3a9256d/attachment-0001.html 

More information about the Owasp-delhi mailing list