On Sun, 1 Aug 1999, Sandy Harris wrote:
The question, then is how best to make it into
a two-stage design. Mainly, choose a block cipher
and modify the hashing to suit.
You will never get a block cipher in the kernel because of export
restrictions.
What is wrong with SHA1?
Regards,
Or, if you don't wish to page through the export control silliness:
http://www.certicom.com/software/SecureMemo11.ZIP
http://www.certicom.com/software/SecureMemo11.SIT.BIN
-Declan
At 08:38 PM 8-1-99 -0400, Robert Hettinga wrote:
http://www.certicom.com/software/palmmemo.htm
/dev/random should become two-stage, ...
I thought that /dev/urandom was the problem: that as new entropy comes
in, the cryptographically secure pseudo-RNG needs to get its entropy
in big chunks, so an attacker can't probe it to guess each bit of new
entropy as it comes in.
This, it seems,
Bill Frantz [EMAIL PROTECTED] writes:
At 12:26 PM -0700 7/26/99, Rick Smith wrote:
At 10:48 AM 7/26/99 -0700, Tom Perrine wrote:
At that time (1985), every MLS-possible system that had been produced
had been cancelled (or died for other reasons) Sure,
some of these (ours included) had
I think his name was agent Grotz, but I'm
not sure. Definitely Mr. PR. When certain
callers complained heavily, and he couldn't
defend himself, he backtracked to the usual
"we have a program for that" or "just call
my office and we'll talk" or "look at our
new core values".
Very bureaucratic
"John" == John Denker [EMAIL PROTECTED] writes:
John At 10:09 AM 8/2/99 -0400, Paul Koning wrote:
1. Estimating entropy. Yes, that's the hard one. It's
orthogonal from everything else. /dev/random has a fairly simple
approach; Yarrow is more complex.
It's not clear which is
At 10:09 AM 8/2/99 -0400, Paul Koning wrote:
1. Estimating entropy. Yes, that's the hard one. It's orthogonal
from everything else. /dev/random has a fairly simple approach;
Yarrow is more complex.
It's not clear which is better. If there's reason to worry about the
one in /dev/random, a
At 01:27 PM 8/2/99 -0400, Paul Koning wrote:
we weren't talking about "in principle" or "in general".
Sure, given an unspecified process of unknown (to me) properties I
cannot make sensible statements about its entropy. That is true but
it isn't relevant to the discussion.
Instead, we're
http://thomas.loc.gov/cgi-bin/bdquery/z?d106:h.r.02617:
I'm sure you'll all be enthusiastic about the chance to save your
company tax money.
Radia
At 01:50 PM 8/2/99 -0400, Paul Koning wrote:
I only remember a few proposals (2 or 3?) and they didn't seem to be
[unduly weak]. Or do you feel that what I've proposed is this
weak? If so, why? I've seen comments that say "be careful" but I
don't remember any comments suggesting that what I
"John" == John Denker [EMAIL PROTECTED] writes:
John At 01:50 PM 8/2/99 -0400, Paul Koning wrote:
I only remember a few proposals (2 or 3?) and they didn't seem to
be [unduly weak]. Or do you feel that what I've proposed is this
weak? If so, why? I've seen comments that say "be
Date: Sun, 01 Aug 1999 17:04:14 +
From: Sandy Harris [EMAIL PROTECTED]
More analysis is needed, especially in the area of how
to estimate input entropy.
True. I actually don't believe perfection is at all possible. There
are things which could probably do a better job, such as
A new mailing list, [EMAIL PROTECTED], has been established. It's
intended for discussions of crypto politics with a focus on the
European Union.
Topics include:
- Announcements and discussions on common European issues concerning
availability, use, legal framework and politics of
"Paul" == Paul Koning [EMAIL PROTECTED] writes:
Paul 2. Pool size. /dev/random has a fairly small pool normally but
Paul can be made to use a bigger one. Yarrow argues that it makes
Paul no sense to use a pool larger than N bits if an N bit mixing
Paul function is used, so it uses a 160
[EMAIL PROTECTED] (Peter Gutmann) writes:
Is there any easy way to check this which doesn't involve writing a lot of
code and poking it at the ring to see how it'll react? I have one of these
Yes. Upload the ModExp demo applet and see if it will exponentiate two
large numbers correctly in
Enzo Michelangeli wrote:
What's the point of using publick key technologies like ECC to protect
private documents?
The device or terminal I'm using at the moment may not be a
persistently secure part of my TCB. In particular:
(a) I might want to bring a Palm travelling but keep my
secret key
On Mon, Aug 02, 1999 at 10:03:28AM +0800, Enzo Michelangeli wrote:
What's the point of using publick key technologies like ECC to protect
private documents? As key management is a non-issue, something based on,
say, 3DES or IDEA (like "Secret!", http://linkesoft.com/english/secret/)
would
John The point is that there are a lot of customers out there who
John aren't ready to run out and acquire the well-designed hardware
John TRNG that you alluded to. So we need to think carefully about
John the gray area between the strong-but-really-expensive solution
John and the
In article 001201bedc8b$3d5fb580$[EMAIL PROTECTED],
Enzo Michelangeli [EMAIL PROTECTED] wrote:
What's the point of using publick key technologies like ECC to protect
private documents? As key management is a non-issue, something based on,
say, 3DES or IDEA (like "Secret!",
19 matches
Mail list logo
