On Fri, Sep 05, 2003 at 04:15:22PM -0400, Anton Stiglic wrote:
You are correct, I just saw Crypto++ in the list of FIPS 140 validated
modules:
http://csrc.nist.gov/cryptval/140-1/140val-all.htm
It is the latest entry, added today.
Congratulations to Wei Dai!
Thanks! Also thanks to Groove
Joshua Hill wrote:
On Fri, Sep 05, 2003 at 04:05:07PM -0400, Rich Salz wrote:
It is the first *source code* certification.
The ability to do this runs counter to my understanding of FIPS 140-2.
. and to experiences with the previous FIPS 140-1 certifications I was
involved in, including
On Fri, Sep 05, 2003 at 06:02:10PM -0400, Wei Dai wrote:
In fact they wouldn't even validate Crypto++ as a
static library despite an earlier verbal agreement that a static
library was ok. It had to be turned into a DLL at the last moment (i.e.
during the review phase).
That's unfortunate.
Does anyone have any pointers to the SSL threat model?
I have Eric Rescorla's book and slides talking about the
Internet threat model.
The TLS RFC (http://www.faqs.org/rfcs/rfc2246.html) says
nothing about threat models that I found.
iang
On Fri, Sep 05, 2003 at 04:05:07PM -0400, Rich Salz wrote:
It is the first *source code* certification.
The ability to do this runs counter to my understanding of FIPS 140-2.
Sure, that's why it's *the first.* They have never done this before,
and it is very different to how they (or their
USENIX SECURITY '04 - AUGUST 9-13, 2004 - SAN DIEGO, CA
CALL FOR PAPERS
The USENIX Security Symposium brings together researchers,
practitioners, system administrators, system programmers, and others
interested in the latest advances in security of computer systems.
The 13th USENIX Security
For making things like IP fragmentation ids and other similar protocol
elements unpredictable, it would be useful to have what I'll call a
cryptographic ergodic sequence generator -- that is, a generator that
will produce a sequence of n bit numbers such that there are no
repeats until you pass
Joshua Hill wrote:
On Fri, Sep 05, 2003 at 06:02:10PM -0400, Wei Dai wrote:
In fact they wouldn't even validate Crypto++ as a
static library despite an earlier verbal agreement that a static
library was ok. It had to be turned into a DLL at the last moment (i.e.
during the review phase).
Wei Dai wrote:
On Fri, Sep 05, 2003 at 04:15:22PM -0400, Anton Stiglic wrote:
You are correct, I just saw Crypto++ in the list of FIPS 140 validated
modules:
http://csrc.nist.gov/cryptval/140-1/140val-all.htm
It is the latest entry, added today.
Congratulations to Wei Dai!
Thanks! Also
Ian Grigg [EMAIL PROTECTED] writes:
Does anyone have any pointers to the SSL threat model?
I have Eric Rescorla's book and slides talking about the
Internet threat model.
The TLS RFC (http://www.faqs.org/rfcs/rfc2246.html) says
nothing about threat models that I found.
Yeah. You can kind
On 09/06/2003 02:33 PM, Tim Dierks wrote:
I'm sure that it would be possible to design a Feistel-based block
cipher with variable block size, supporting some range of even values
of n.
There's no need to exclude odd n.
I know the typical superficial textbook describes
the Feistel trick in
11 matches
Mail list logo