If I have N pools of entropy (all same size X) and I pool them
together with XOR, is that as good as it gets?
My assumptions are:
* I trust no single source of Random Numbers.
* I trust at least one source of all the sources.
* no particular difficulty with lossy combination.
iang
We knew it was coming, right?
Original Message
Subject: [announce] THC releases video and tool to backup/modify
ePassports
Date: Mon, 29 Sep 2008 10:00:26 +
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
http://freeworld.thc.org/thc-epassport/
29th September 2008
I am considering adding TLS Server Name Indication support in the Postfix
SMTP server and client. I am puzzled by the exceedingly terse description
of the semantics of the HostName sent in the SNI extension:
http://tools.ietf.org/html/rfc4366#section-3.1
If the hostname labels
RFC 4366 is somewhat of a mess. I do not remember the authors asking
the authors of IDNA (of which I am one) about what they should do.
FWIW, I'm not sure why this would be on the cryptography list, but
I'm not sure of that for most of the we can design a better UI
threads either.
What
Cool! ;-)
Verisign's CPS has been an inspiration for me for quite
a few years now. E.g., this statement has been in there
for a number of years:
The Certificate, however, provides no proof of the identity
of the Subscriber.
Taken from page 12 of the current version, obviously (?)
referring
http://technology.newscientist.com/channel/tech/dn14866-laser-cracks-unbreakable-quantum-communications.html?feedId=online-news_rss20
Not surprisingly, it's attacking the implementation, not the physics --
but of course we use implementations to communicate, rather than
theories.
http://ephermata.livejournal.com/190880.html?mode=reply
David Molnar (ephermata) wrote,
@ 2008-10-04 01:59:00
Current music:
Crystal Castles - Air War
What does knot theory have to do with P^#P != NP ?
I didn't know, but Michael H. Freedman has an answer - by assuming
that the complexity
A failure in implementation leads to the ability to eavesdrop on a
quantum-secrecy based key exchange on 2/3 of the types of quantum
equipment used.
From:
http://technology.newscientist.com/article/dn14866-laser-cracks-unbreakable-quantum-communications.html
Makarov and colleagues from
Paul Hoffman wrote:
At 11:08 AM -0700 8/21/08, Greg Rose wrote:
Adi mentioned that the slides and paper will go online around the
deadline for Eurocrypt submission; it will all become much clearer
than my wounded explanations then.
There now: http://eprint.iacr.org/2008/385
Given all the
Peter Gutmann wrote:
If this had been done in the beginning, before users -- and web site
designers, and browser vendors -- were mistrained, it might have worked.
Now, though? I'm skeptical.
For existing apps with habituated users, so am I. So how about the following
strawman: Take an
Elcomsoft has a product that uses GPUs to do password-cracking on a
variety of media. They claim a speed-up of up to 67x, depending on the
application being attacked.
http://www.elcomsoft.com/edpr.html?r1=prr2=wpa
(This has led to a variety of stories (see, for example,
The DailyWTF has an entertainnig writeup on how not to use strong crypto to
protect an embedded device, in this case a Wii, at
http://thedailywtf.com/Articles/Anatomii-of-a-Hack.aspx. The
signature-verification function was particularly entertaining:
decrypt_rsa(signature, public_key,
[British shoppers were promised high security by switching from credit
cards to cards that have a chip in them and require that a PIN be entered
for each transaction. That was the reason for changing everything over,
at high cost in both money and inconvenience to shops and shoppers. Perhaps
Begin forwarded message:
From: Eugen Leitl [EMAIL PROTECTED]
Date: October 18, 2008 7:08:22 AM GMT-04:00
To: [EMAIL PROTECTED]
Subject: German data rentention law
- Forwarded message from Karsten N. [EMAIL PROTECTED]
-
From: Karsten N. [EMAIL PROTECTED]
Date: Sat, 18 Oct 2008
Computer keyboards are often used to transmit sensitive information such as
username/password (e.g. to log into computers, to do e-banking money transfer,
etc.). A vulnerability on these devices will definitely kill the security of
any computer or ATM.
http://lasecwww.epfl.ch/keyboard/
Arshad
On 09/29/2008 05:13 AM, IanG wrote:
My assumptions are:
* I trust no single source of Random Numbers.
* I trust at least one source of all the sources.
* no particular difficulty with lossy combination.
If I have N pools of entropy (all same size X) and I pool them
together with XOR,
Moderator's note: Yes, I'm alive. I've just been insanely busy. I'm
planning on adding a system so I can turn the list over to guest
moderators before this happens again (in about a month, I'm
anticipating.)
Perry
-
The
[Moderator's note: top posting is not tasteful. --Perry]
I think it depends on what you mean by N pools of entropy.
Are you assuming that one of these is sources is (pseudo)random, but you
don't know which one? Are you assuming independence of these difference
sources? If both these
On Mon, Sep 29, 2008 at 1:13 PM, IanG [EMAIL PROTECTED] wrote:
If I have N pools of entropy (all same size X) and I pool them
together with XOR, is that as good as it gets?
Surely not. Consider N pools each of size 1 bit. Clearly you can do
better than the 1 bit your suggestion would yield.
On Oct 24, 2008, at 14:29, John Denker wrote:
On 09/29/2008 05:13 AM, IanG wrote:
My assumptions are:
* I trust no single source of Random Numbers.
* I trust at least one source of all the sources.
* no particular difficulty with lossy combination.
If I have N pools of entropy (all same
L.S.,
If I have N pools of entropy (all same size X) and I pool them
together with XOR, is that as good as it gets?
My assumptions are:
* I trust no single source of Random Numbers.
* I trust at least one source of all the sources.
* no particular difficulty with lossy combination.
I
IanG wrote:
If I have N pools of entropy (all same size X) and I pool them
together with XOR, is that as good as it gets?
My assumptions are:
* I trust no single source of Random Numbers.
* I trust at least one source of all the sources.
* no particular difficulty with lossy combination.
On Mon, Oct 06, 2008 at 05:51:50PM +1300, Peter Gutmann wrote:
For the past several years I've been making a point of asking users of crypto
on embedded systems (which would be particularly good targets for side-channel
attacks, particularly ones that provide content-protection capabilities)
http://www.theregister.co.uk/2008/10/24/spanish_enigmas/
Spanish discover cache of 26 Enigma machines
Franco's 'secret weapon' tracked to army HQ
By Lester Haines
Posted in Science, 24th October 2008 10:03 GMT
Spanish newspaper El Pa�s last week tracked down 26 examples of Franco's
secret
On Sep 29, 2008, at 5:13 AM, IanG wrote:
If I have N pools of entropy (all same size X) and I pool them
together with XOR, is that as good as it gets?
My assumptions are:
* I trust no single source of Random Numbers.
* I trust at least one source of all the sources.
* no particular
On Fri, Oct 24, 2008 at 10:23:07AM -0500, Thierry Moreau wrote:
Do you really trust that no single source of entropy can have knowledge of
the other source's output, so it can surreptitiously correlate its own?
I.e, you are are also assuming that these sources are *independent*.
I do not
On 10/24/2008 01:12 PM, Jack Lloyd wrote:
is a very different statement from saying that
lacking such an attacker, you can safely assume your 'pools of
entropy' (to quote the original question) are independent in the
information-theoretic sense.
The question, according to the original
On Fri, Oct 24, 2008 at 03:20:24PM -0700, John Denker wrote:
On 10/24/2008 01:12 PM, Jack Lloyd wrote:
is a very different statement from saying that
lacking such an attacker, you can safely assume your 'pools of
entropy' (to quote the original question) are independent in the
28 matches
Mail list logo