So, how do I translate al...@example.org into a key?
Once again, what do you think of namecoin?
A bitcoin-like consensual database based on proof of work.
If you also require proof-of-key via signature from the recipient,
majority attacks make DoS easy, but identity stealing is still
dependent
On 2013-09-01 9:11 PM, Jerry Leichter wrote:
Meanwhile, on the authentication side, Stuxnet provided evidence that the
secret community *does* have capabilities (to conduct a collision attacks)
beyond those known to the public - capabilities sufficient to produce fake
Windows updates.
Do we
On Sep 1, 2013, at 6:06 PM, Perry E. Metzger wrote:
We know what they spec for use by the rest of the US government in
Suite B.
http://www.nsa.gov/ia/programs/suiteb_cryptography/
AES with 128-bit keys provides adequate protection for classified
information up to the SECRET level.
On Mon, 2 Sep 2013 03:00:42 +0200 Faré fah...@gmail.com wrote:
At intervals, the trustworthy organization (and others like it)
can send out email messages to Alice, encrypted in said key,
saying Hi there! Please reply with a message containing this
magic cookie, encrypted in our key,
On Mon, 2 Sep 2013 00:06:21 -0400 Jerry Leichter leich...@lrw.com
wrote:
- To let's look at what they want for TOP SECRET. First off, RSA -
accepted for a transition period for SECRET, and then only with
2048 bit moduli, which until the last year or so were almost
unknown in commercial
On Sep 1, 2013, at 10:35 PM, James A. Donald wrote:
Meanwhile, on the authentication side, Stuxnet provided evidence that the
secret community *does* have capabilities (to conduct a collision attacks)
beyond those known to the public - capabilities sufficient to produce fake
Windows
On Mon, 2 Sep 2013 19:53:03 +0200 Faré fah...@gmail.com wrote:
On Mon, Sep 2, 2013 at 7:19 PM, Perry E. Metzger
pe...@piermont.com wrote:
On Mon, 2 Sep 2013 03:00:42 +0200 Faré fah...@gmail.com wrote:
At intervals, the trustworthy organization (and others like
it) can send out email
On Mon, Sep 2, 2013 at 7:19 PM, Perry E. Metzger pe...@piermont.com wrote:
On Mon, 2 Sep 2013 03:00:42 +0200 Faré fah...@gmail.com wrote:
At intervals, the trustworthy organization (and others like it)
can send out email messages to Alice, encrypted in said key,
saying Hi there! Please
recent post with email discussing PGP-like implementation ... a decade before
PGP in financial crypto blog
http://www.garlic.com/~lynn/2013i.html#69
and then a little later realizing there were 3-kinds of crypto (when I was told
I could make as many boxes as I wanted ... but could only sell to
On Mon, 2 Sep 2013 15:09:31 -0400 Jerry Leichter leich...@lrw.com
wrote:
On Sep 2, 2013, at 1:25 PM, Perry E. Metzger wrote:
On Mon, 2 Sep 2013 00:06:21 -0400 Jerry Leichter
leich...@lrw.com wrote:
- To let's look at what they want for TOP SECRET. First off,
RSA - accepted for a
On Sep 2, 2013, at 1:25 PM, Perry E. Metzger wrote:
On Mon, 2 Sep 2013 00:06:21 -0400 Jerry Leichter leich...@lrw.com
wrote:
- To let's look at what they want for TOP SECRET. First off, RSA -
accepted for a transition period for SECRET, and then only with
2048 bit moduli, which until the
On Sun, Sep 1, 2013 at 10:35 PM, James A. Donald jam...@echeque.com wrote:
On 2013-09-01 9:11 PM, Jerry Leichter wrote:
Meanwhile, on the authentication side, Stuxnet provided evidence that the
secret community *does* have capabilities (to conduct a collision attacks)
beyond those known to
On Mon, 2 Sep 2013 14:45:00 -0400 Phillip Hallam-Baker
hal...@gmail.com wrote:
Do we know they produced fake windows updates without assistance
from Microsoft?
Given the reaction from Microsoft, yes.
The Microsoft public affairs people have been demonstrating real
anger at the Flame
You know, if there was a completely ironclad legal opinion that made use of
ECC possible without the risk of a lawsuit costing over $2 million from
Certicom then I would be happy to endorse a switch to ECC like the NSA is
pushing for as well.
I would not therefore draw the conclusion that NSA
Do we know they produced fake windows updates without assistance
from Microsoft?
Given the reaction from Microsoft, yes.
The Microsoft public affairs people have been demonstrating real
anger at the Flame attack in many forums.
But of course, sufficiently paranoid people might
On Mon, 2 Sep 2013 13:14:00 -0700 Christian Huitema
huit...@huitema.net wrote:
Do we know they produced fake windows updates without
assistance from Microsoft?
Given the reaction from Microsoft, yes.
The Microsoft public affairs people have been demonstrating real
anger at
On Mon, 2 Sep 2013 17:44:57 -0400 Jerry Leichter leich...@lrw.com
wrote:
...Clearly, as things like bad vendor drivers updates have been
sent out using stolen keys in the past, and clearly vendors might
simply make mistakes in the future
Except that that's not what happened in this
Do we know they produced fake windows updates without assistance
from Microsoft?
Given the reaction from Microsoft, yes.
The Microsoft public affairs people have been demonstrating real
anger at the Flame attack in many forums.
...Clearly, as things like bad vendor drivers updates have
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mon, Sep 02, 2013 at 03:09:31PM -0400, Jerry Leichter wrote:
Google recently switched to 2048 bit keys; hardly any other sites
have done so, and some older software even has trouble talking to
Google as a result.
Btw. As a random side-note.
On Mon, Sep 02, 2013 at 03:09:31PM -0400, Jerry Leichter wrote:
a) The very reference you give says that to be equivalent to 128
bits symmetric, you'd need a 3072 bit RSA key - but they require a
2048 bit key. And the same reference says that to be equivalent to
256 bits symmetric, you need
The backup access problem isn't just a crypto problem, it's a social/legal
problem. There ultimately needs to be some outside mechanism for using social
or legal means to ensure that, say, my kids can get access to at least some of
my encrypted files after I drop dead or land in the hospital
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sep 2, 2013, at 3:06 PM, Jack Lloyd ll...@randombit.net wrote:
On Mon, Sep 02, 2013 at 03:09:31PM -0400, Jerry Leichter wrote:
a) The very reference you give says that to be equivalent to 128
bits symmetric, you'd need a 3072 bit RSA key -
22 matches
Mail list logo