-BEGIN PGP SIGNED MESSAGE-
[ To: Perry's Crypto List, James, Ben, Bram ##
Date: 07/25/99 ##
Subject: Re: depleting the random number generator ]
Date: Sun, 25 Jul 1999 11:01:00 -0400
To: "James A. Donald" [EMAIL PROTECTED], Ben Laurie
[EMAIL PROTECTED], bram [EMAIL PROTECTED]
Oh, and there's one other thing: There is no companion bill to SAFE in the
Senate. So assuming (this is a big assumption) the Senate approves ProCODE
or something, then the differences between the two bills would be hammered
out in a conference committee.
Needless to say, this would be very
Tim May wrote:
Fourth, and this is a serious question, not a rhetorical one: What the hell
ever happened to the movement to develop offshore and them skirt U.S.
export laws thusly? Remember how RSA had created a European branch would
would supposedly develop RSA-type softwar and then throw
[CC:'s to list I don't subscribe to deleted.]
one possible escape clause here is a constitutional provision
regarding immunity of legislators for acts in congress:
[from article 1, section 6]
".. for any Speech or Debate in either House, they shall not be
questioned in any other place."
..
Declan McCullagh [EMAIL PROTECTED] writes:
The sponsor of yesterday's amendment, Rep. Weldon, said that he wants to
have a classified briefing //on the House floor// to scare members into
voting his way. Look for killer amendments to SAFE to be offered during
that floor vote, perhaps even
--
At 01:49 PM 7/25/99 -0700, David Wagner wrote:
One nice advantage of using RC4 as a nonce generator is that you can
easily
switch back and forth between key setup and code byte generation. You can
even do both at the same time. (There is no need to reset the index
variables.) This
At 07:31 AM 7/26/99 -0400, Bill Sommerfeld wrote:
".. for any Speech or Debate in either House, they shall not be
questioned in any other place."
But then again, i'm not a lawyer, and I'm also not sure how this
provision has been interpreted in the past..
IANL but as you can imagine, members
On Sun, 25 Jul 1999, John Kelsey wrote:
Has anyone looked at this from a cryptanalytic point of
view? I think there are chosen-input attacks available if
you do this in the straightforward way. That is, if I get
control over some of your inputs, I may be able to alternate
looking at your
On Mon, 26 Jul 1999, James A. Donald wrote:
Oh dear! This suggestion worries me.
Is it reasonable to expect this arrangement to be secure
against e.g. chosen-entropy attacks?
Yes: If the attacker knows exactly when the packets arrive (which he
cannot) this cannot give him any
On Sun, 25 Jul 1999, John Kelsey wrote:
Has anyone looked at this from a cryptanalytic point of
view? I think there are chosen-input attacks available if
you do this in the straightforward way. That is, if I get
control over some of your inputs, I may be able to alternate
looking at your
--
Oh dear! This suggestion worries me.
Is it reasonable to expect this arrangement to be secure
against e.g. chosen-entropy attacks?
On Mon, 26 Jul 1999, James A. Donald wrote
Yes If the attacker knows exactly when the packets arrive (which he
cannot) this cannot give him any
At 1:49 PM -0700 7/25/99, David Wagner wrote:
In article v04011700b3c0b0807cfc@[24.218.56.100],
Arnold G. Reinhold [EMAIL PROTECTED] wrote:
One nice advantage of using RC4 as a nonce generator is that you can easily
switch back and forth between key setup and code byte generation. You can
even
In v0421012db3be70faae9c@[207.244.108.87], on 07/23/99
at 03:20 PM, Robert Hettinga [EMAIL PROTECTED] said:
The Financial Services Security Laboratory will open July 28 in
Reston, Va. The facility will be used to test software packages against
a set of standards for securing e-commerce
"William H. Geiger III" [EMAIL PROTECTED] writes:
In v0421012db3be70faae9c@[207.244.108.87], on 07/23/99
at 03:20 PM, Robert Hettinga [EMAIL PROTECTED] said:
The Financial Services Security Laboratory will open July 28 in
Reston, Va. The facility will be used to test software packages
14 matches
Mail list logo