William Whyte at Baltimore Technologies in Dublin --
where Sarah Flannery worked recently and got a
boost from the cryptographers there -- gave a brief
rundown on her invention on mail list UKCrypto.
There's a copy of his remarks at:
http://jya.com/flannery.htm
There we find:
Tom Weinstein wrote:
Rob Lemos wrote:
http://www.zdnet.com/zdnn/stories/news/0,4586,2189721,00.html
This just seems like FUD to me. ID numbers should help detect theft
and fraud. They aren't going to compromise privacy. I expect it's
going to behave just like the debugging
Declan McCullagh writes:
TIS supports export controls on encryption products. My article:
http://www.well.com/user/declan/pubs/cwd.shadow.cryptocrats.0298.txt
Two problems here. First, you are using the present tense in saying that
TIS "supports" export controls, but your article is from nine
Michael Froomkin writes:
Suppose we move to a system of Domain Name registrations in which people
can be anonymous, or pseudonymous, but at the same time wish to have some
way of identifying the people engaged in large-scale domain name
speculation. Are these ends compatible? In a world
ly equally to the current system.
No system can prevent this. Hence this point is irrelevant in considering
whether the current DNS registry should be replaced by a pseudonymous one.
The original concern about anonymous/pseudonymous systems was that
they might make it much easier than in the pres
Electronic Telegraph, Issue 1380, Saturday 6 March 1999
Police Want Keys to Decode Private E-Mail
By Robert Uhlig, Technology Correspondent
The Government was accused yesterday of rushing through legislation that
could allow it unprecedented powers to access and decrypt any person's
private
Unfortunately the bill doesn't go far
enough, in that individuals are left out in the cold: it's essentially
for the Microsofts and Netscapes of the industry to be exportable.
Everyone always says this, but no one ever says why.
Let's keep in mind that we're talking about software. The
At 10:37 AM 5/7/99 -0500, Elyn Wollensky wrote:
Here's Lance Rose's take on the Bernstein decision:
Sorry to say, but the 9th Circuit took the dumb approach I mentioned in my
earlier post.
Their whole approach to "source code as speech" is misguided -
unless we are talking about
people
Bill Sommerfeld [EMAIL PROTECTED] wrote:
A posting by Cindy Cohn, one of Bernstein's legal team, to cyberia-l,
archived at
http://www.ljx.com/mailinglists/cyberia-l/20266.html
suggests that it would be premature to create such sites.
She writes:
First, the decision is not
[This just arrived in the list inbox. I'm not exactly sure that it is
particularly interesting, accurate or informative, but unfortunately
because it arrived anonymously I'm not really in a position to ask for
an improved version. Anyway, I decided to forward it. --Perry]
-- Forwarded
-- Forwarded message --
Subject: Crypto Equipment Guide -- Part Three of Three
Date: Mon, 17 May 1999 16:10:30 -0500
SECURE TERMINAL EQUIPMENT
Secure Terminal Equipmet
-- Forwarded message --
Date: Wed Jun 09 17:27:24 EDT 1999
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: personal encryption?
http://news.bbc.co.uk/hi/english/sci/tech/newsid_365000/365183.stm
Wednesday, June 9, 1999 Published at 19:04 GMT 20:04 UK
Sci/Tech
DNA hides
you know, this is either a very convenient dead drop
or it has that characteristic that makes "agencies"
put up anonymous re-mailers -- both are vehicles
likely to concentrate interesting material...
--dan
--- Forwarded Message
Date: Thu, 10 Jun 1999 15:23:23 -
D]]
Sent: Monday, June 14, 1999 10:11 PM
To: [EMAIL PROTECTED]
Subject: freedrive
you know, this is either a very convenient dead drop
or it has that characteristic that makes "agencies"
put up anonymous re-mailers -- both are vehicles
likely to concentrate interesting material...
--dan
--
Jim and all: I'm happy to inform you that following your (Jim's) prompting,
in the last face to face meeting of the W3C Micro Payments working group
held today,
the group accepted my proposal to proceed directly to define an
Interoperable Micropayment Order. We seem to have reached already
Tom says,
... They even say that your information is "safe":
"Your personal life is safe with us. Many advanced security
...
Although these services are free, I believe that the phrase "Trust no
one"
applies in these cases.
actually, one of the services we hope to see happen using
John Markoff wrote up my break of the cipher on the Kryptos
sculpture that's been puzzling people at the CIA for most of
the decade. It's in today's New York Times Technology section
on-line. There are still 97 characters left to break -- I hope
somebody will finish the job so we can move on to
The Times article about Jim's break of the Kryptos sculpture cryptogram is at:
http://www.nytimes.com/library/tech/yr/mo/biztech/articles/16code.html
Perry
At 2:52 PM + 5/31/16, [EMAIL PROTECTED] wrote:
...
Given that your passphrase is the only thing that keeps the server
from knowing your private key, the system is relying very heavily on
users choosing good passphrases. While salt does help against
dictionary attacks, it is really important
At Thu, 17 Jun 1999 11:35:42 -0700 (PDT), Sameer Parekh [EMAIL PROTECTED] wrote:
this. SSL is a bitch (which is presumably why the applet doesn't use
it).
SSL is a bitch for good reason.
OK, but it is possible that some of those reasons wouldn't apply to
hushmail, where both ends of
SAFE makes it out of committee, but not unscarred...
http://www.computerworld.com/home/news.nsf/CWFlash/9906174crypto
Consider a cipher in which the key size and block size are equal, such
as AES-128. The key specifies a pseudo-random permutation of the
plaintexts, producing a ciphertext. We know it's a permutation, because
ciphertexts and plaintexts are one-to-one, given a key. It's not
necessarily true,
if keys 1, then you have in essence just whacked bits off the key size.
Unless you asked your question oddly and missed your intent, I can't see
any value in keys1.
What are the pros/cons of having only one key take a given plaintext to
a given ciphertext?
--
Mike Stay
Cryptographer /
Zombie Cow [EMAIL PROTECTED] writes:
http://linuxtoday.com/stories/6876.html
Could Open Source Software Help Prevent Sabotage?
Jun 18th, 11:07:50
Imagine a Chinese agent working at Microsoft. How difficult do you think it
would be to insert a little "backdoor" into a Windows .dll file or
David Jablon writes:
Access to "the source code" may also give a false sense of security.
"The source" might not be the full, complete, and exact code
used to produce the commonly available object, and thus might not
reveal the threating features.
People in the OpenSource movement tend
--
At 03:01 PM 6/21/99 -0400, Michael Cervantes wrote:
Most open source software is distributed in a tar file with
just makefiles, docs, and source. You compile the object
directly from the source code that is provided. However,
binary packages are becoming more common as package
There are 52! bridge hands, so a random hand has
log2(56!) = 226 bits of entropy or 68 decimal digits worth. Are they
generating that much entropy per hand now? If so, how?
Generating that much entropy would be pointless. All that's needed is
enough entropy to be unguessable in the seed
Hi,
I'm working with Elgamal public Key algorithm for encryption only. Now, I
need to generate a signature with DSA (signature only). Do I have to
calculate all the parameters (p, q, g, y, x ...)
or is it possible to use parameters already calculate in Elgamal algorithm ?
Best regards,
Hi,
suppose we use an ElGamal-variant where we do not need to compute inverses
modulo the group order. Such variants exists and they are explained in the
Handbook of Cryptography, for instance, let
G: generator
a: secret value
A: public value G^a
and for the signature
--
From: Arnold G. Reinhold[SMTP:[EMAIL PROTECTED]]
I am still not clear as to what the hard issues are.
Nor am I. In fact, I can't help but wonder
if this is a case where computers (which are
effectively black boxes which users are asked
to trust) are the wrong
Jeff Schiller writes:
Actually for the TLS crowd, going to DES is a step up.
It is a step up -- right now, of sorts. But in 10 years time it will
look like a step up from ROT-13 to ROT-n (where you have to guess n).
Lucky is right on the money, as usual:
DES or RC4-40 have no business
I've been guilty of sloppy use of English, occasionally, and one such
sloppiness that I run into occasionally is with the word "entropy"
for cryptographic purposes.
What we need is a word or very short phrase to capture the full
phrase:
"the conditional entropy of a measurement given all the
that is to treat the stream generated by the
original seed as a series of seeds for individual hands, that way it takes
about the same amount of time to generate any hand number, no matter how
late it is.
Some anonymous person posted code for generating shuffles based on RC4.
Unfortunately, I think we
Carl Ellison wrote:
I've been guilty of sloppy use of English, occasionally, and one such
sloppiness that I run into occasionally is with the word "entropy"
for cryptographic purposes.
What we need is a word or very short phrase to capture the full
phrase:
"the conditional entropy of a
--
From: Steve Mynott[SMTP:[EMAIL PROTECTED]]
On Sat, Jun 26, 1999 at 01:09:36PM -0400, Nelson Minar wrote:
The point is that in Netscape, it is very hard to tell if a given link
is 40 bit or 128 bit. Sure, with enough poking around looking at page
info you could
From Dave Farber's list.
The formatting is a bit mangled, but it seemed interesting.
Date: Mon, 28 Jun 1999 13:38:05 -0400
To: [EMAIL PROTECTED] (David Farber)
From: "Richard J. Solomon" [EMAIL PROTECTED]
Hong Kong Police Calls For Stronger Encryption To Fight Hackers
HONG KONG, CHINA,
Adam Back writes:
The other kind of stego key is where the stego algorithm has a key to
guide the dispersal of data in the target data. (Eg select which n of
m possible bits in the LSBs of an image file to replace with the
message).
This is very different. First, this is not an "other kind
At 08:09 PM 7/7/99 -0500, William H. Geiger III wrote:
Well it's only DES which we all know can easily be broken. Doing weak
crypto really fast is not all that impressive to me.
That's because you're trying to write, not read.
Get it?
Les Fedz
Bodo Moeller writes:
Adam Back [EMAIL PROTECTED]:
On how to stego pgp messages. First you have to ensure that the data
you are stegoing has a rectangular distribution [...]
[...]
It might be nice to update stealth-2 for openPGP / pgp5. There you
have the additional task of coping
John Denker writes:
1b') When the pool is depleted, /dev/urandom acts like a PRNG but reseeds
itself in dribs and drabs as TRNG entropy becomes available. This leaves
it vulnerable to an iterated guessing attack.
The question is whether this is a realistic attack.
2a) Suppose some poor
On Sun, 25 Jul 1999, John Kelsey wrote:
Has anyone looked at this from a cryptanalytic point of
view? I think there are chosen-input attacks available if
you do this in the straightforward way. That is, if I get
control over some of your inputs, I may be able to alternate
looking at your
Sandy Harris writes:
Conclusions I've reached that I hope there's agreement on:
More analysis is needed, especially in the area of how
to estimate input entropy.
(Yarrow does this quite differently than /dev/random.
I'm not convinced either is right, but I've nothing
else to propose.
John The point is that there are a lot of customers out there who
John aren't ready to run out and acquire the well-designed hardware
John TRNG that you alluded to. So we need to think carefully about
John the gray area between the strong-but-really-expensive solution
John and the
Paul Koning writes:
The most straightforward way to do what's proposed seems to be like
this:
1. Make two pools, one for /dev/random, one for /dev/urandom. The
former needs an entropy counter, the latter doesn't need it.
2. Create a third pool, which doesn't ned to be big. That's the
Except that if you are paranoid enough to be worried about some
unknown entity flooding your machine with network packets to
manipulate the output of /dev/urandom, you are likely to not
trust Intel to do RNG in such a way that it can't be fooled with.
And if you're that paranoid,
Wired.com:
"The key is a Microsoft key -- it is not shared with any party including
the NSA," said Windows NT security product manager Scott Culp. "We don't
leave backdoors in any products."
"The only thing that this key is used for is to ensure that only those
products that meet US export
[I have my doubts about the reality of this description -- the entire
stego description seems like fantasy, especially given the low
bandwidths available into many countries, and the obviousness of the
whole thing. However, I'm forwarding it in spite of my bogometer
beeping... Caveat Lector...
Perry writes:
I have my doubts about the reality of this description -- the
entire stego description seems like fantasy, especially given the
low bandwidths available into many countries, and the obviousness
of the whole thing...
I think that you misunderstand the purpose of the
Bram writes:
Paul Kocher has said the design looks sound, which I believe, but
unforotunately the raw output of Intel's RNG just plain can't be accessed
without it going through whitening first. Unsurprisingly, all the output
passes all statistical tests. Well, duh, it's been sent through
... thought there was a certain irony in this appearing on the same link as
mentioned below:
"NOW, THEREFORE, I, WILLIAM J. CLINTON, President of the United States of
America, do hereby proclaim September 17, 1999, as Citizenship Day and
September 17 through September 23, 1999, as Constitution
. Appropriate
values for n could be chosen using the mechanisms Wei suggests in
b-money.
Yeah, neat idea! With b-money, newly minted value goes directly into
someone's account, but if it was used instead to create an anonymous
coin you would have an accountless system. In that case you don't
[Excerpt from CATO Update, 20 Sept. 1999:]
The Cato Institute released a new Cato Briefing Paper, "Strong
Cryptography: The Global Tide of Change," as the Clinton
administration was announcing a relaxation in controls on the export
of encryption technology. In the paper, Arnold G. Reinhold
At 12:41 PM 9/20/99 -0700, Rob Lemos wrote:
Can anyone recommend a good product for encrypting information on the fly,
meaning encrypt the file when you close it and decrypt it when you open it.
It would also be nice if it would ask you whether you wanted the file you
are just closing to be
On Mon, 20 Sep 1999 at 01:52:43PM -0700, Wei Dai wrote:
On Mon, Sep 20, 1999 at 09:02:17PM +0200, Anonymous wrote:
Yeah, neat idea! With b-money, newly minted value goes directly into
someone's account, but if it was used instead to create an anonymous
coin you would have an accountless
Amir Herzberg says,
Anonymous says,
It is still worth considering how to create anonymous payment systems
which could be more compatible with other elements of present day society.
I think we can do this, indeed, we can achieve an even stronger goal:
a payment mechanism that will support
Did any of you see this
http://www.votehere.net/content/Products.asp#InternetVotingSystems
that proposes to authenticate the voter by asking for his/her/its SSN#?
It looked like the idea for this part was to prevent double voting,
plus make sure that only authorized people could vote. It
John R. Levine writes, quoting others:
Did any of you see this
http://www.votehere.net/content/Products.asp#InternetVotingSystems
that proposes to authenticate the voter by asking for his/her/its SSN#?
It looked like the idea for this part was to prevent double voting,
plus make
and are forbidden by section 744.9 of the United
States Code of Federal Regulations.
Regarding the benefits of combining anonymous and non-anonymous payment
systems:
Second, and more essential, there are some important advantages e.g. in
efficiency to non-anonymous payment mechanisms.
Some people have
On Sat, 09 Oct 1999 20:35:15 -0700, Ed Gerck [EMAIL PROTECTED] wrote:
In reference to the recent discussions on voting, I am
preparing a list of desirable properties of voting, as a
secure protocol. Of course, it may not be desirable or even
possible for a particular election process to
At 09:30 AM 10/14/99 +1000, James Robertson wrote:
As an Australian, I am more than a little concerned
that an American law enforcement agency is trying
to dictate the design of an international communication
standard.
But hey, its *our* internet. I mean, Al Gore invented it,
you know.
Does
Russell Nelson [EMAIL PROTECTED] writes:
If
quantum computers make brute-force cryptanalysis tasks easier, don't
they also make brute-force cryptographic tasks easier as well? Put
another way, is there something special about quantum computers that
is different from Intel's next process
Julian Assange [EMAIL PROTECTED] writes:
Anonymous [EMAIL PROTECTED] writes:
Quantum computers help cryptanalysis in a couple of specific ways.
They aren't all-purpose speeder-upers.
No. The reason I posted this abstract is because it says exactly the
opposite. *almost* any given Turing
protocols to accomplish the same thing.
Maybe you could try to clarify how the TTP would behave in order to
accomplish what you desire with regard to anonymous contributions. What
information would the TTP have? What kinds of interactions would it
have to have with the participants? Expressing
, but judging from earlier papers by Stefan Brands,
his problem domain is similar to that of the previous work on anonymous
credentials. The idea is that you want to give out, say, "good credit
risk" credentials, but you want them to be anonymous. The holder can
transfer them from one
Bill Stewart writes:
At 10:20 PM 11/21/1999 -, Some Ostensibly Anonymous Person remailed
an article to coderpunks, which Bob Hettinga reposted to cryptography
and probably also to cypherpunks. David Wagner's developed a blinding
method probably not covered by Chaum's existing patents
Rodney Thayer asks:
Gilmore etc. have made comments, includingt the quoted passage below
from the Linux IPsec list, indiciating that DSA is "not as trustworthy
as RSA".
Can anyone here offer some more details?
I _know_ it's a 'fuzzy' discomfort, I'm just looking for backup data.
At
http://www.the-times.co.uk/news/pages/Times/frontpage.html?1124027
The Times [London], Monday, 12 June 2000
New MI5 Unit to Crack Criminal Computer Codes
By Michael Evans, Defence Editor
A special codebreaking organisation is to be set up inside the
headquarters of MI5 to crack encrypted
67 matches
Mail list logo