On Sun, Apr 22, 2007 at 05:59:54PM -0700, Aram Perez wrote:
No, there will be message integrity. For those of you asking, here's
a high level overview of the protocol is as follows:
[...]
3) Data needing confidentiality is encrypted with the SK in the mode
selected in step 1. The
Hi Nico,
On Apr 23, 2007, at 8:11 AM, Nicolas Williams wrote:
On Sun, Apr 22, 2007 at 05:59:54PM -0700, Aram Perez wrote:
No, there will be message integrity. For those of you asking, here's
a high level overview of the protocol is as follows:
[...]
3) Data needing confidentiality is
Some of the messages in this stream have demonstrated why it can be
difficult to get non-crypto people to listen to advice from crypto
experts: Cryptography research is, by its nature, a pretty absolute
thing. We find attacks, we try to eliminate them. There's a strong
tendency to view *any*
Leichter, Jerry wrote:
Suppose we use AES128-CBC with a fixed IV. It's clear that the only
vulnerability of concern occurs when a key is reused. OK, where do
No, remember that if the IV is in the clear, an attacker can
make some controlled bit changes in the first plaintext block.
(There has
On Mon, Apr 23, 2007 at 11:23:54AM -0700, Aram Perez wrote:
On Apr 23, 2007, at 8:11 AM, Nicolas Williams wrote:
On Sun, Apr 22, 2007 at 05:59:54PM -0700, Aram Perez wrote:
No, there will be message integrity. For those of you asking, here's
a high level overview of the protocol is as follows:
The following is a real email, with minor details removed, in which
J.P. Morgan Chase works hard to train its customers to become phishing
victims.
I've left in the name that the email was sent under -- I see no reason
to protect the guilty. The original version of the email was multipart
