Travis H. [EMAIL PROTECTED] writes:
On 2/4/06, Eric Rescorla [EMAIL PROTECTED] wrote:
Look, this design just reduces to a standard cryptographic PRNG with
some of the seed being random and periodically being reseeded by the
random network stream you're sending around. There's no need to
At 01:01 AM 2/4/2006, Travis H. wrote:
Assume further that it is not cost-effective to furnish each with a
HWRNG, even one as inexpensive as a sound card (for example, they may
not have a spare slot on the motherboard nor built-in sound).
...
Suppose that /dev/random is too slow (SHA-1 was never
If anyone is interested in participating in the design of a system
that could be used for manual key distribution and/or OTP purposes,
email me. I figure we can talk about our special cases off-list, and
maybe submit the final design to the list for people to take their
best crack at it.
--
Steven M. Bellovin [EMAIL PROTECTED] writes:
What makes this interesting is how it was done: software was installed on the
switch that diverted calls to a prepaid phone. Think about who could manage
that.
Just in case people think the answer is The MIB, it's actually Any kid with
a bit of
Dave Howe wrote:
Oh - before I forget, I was thinking about covert channels and cds a few
days
ago and realised there is already one - CDs support a special mode called
CD+G
- this is used making karaoke cds to support the video data stream; the vast
majority of pc drives cannot read
Travis H. wrote:
So on this page:
http://www.saout.de/tikiwiki/tiki-index.php?page=EncryptedDevice
there is a suggestion that people fill the encrypted image of a
dm-crypt target with random data. Why?
I assume this is because making the filesystem on the unencrypted
(upper) layer will
Will large quantum computers be built? If so, what will they do to the
cryptographic landscape?
Anyone who can build a large quantum computer can break today's most
popular public-key cryptosystems: e.g., RSA, DSA, and ECDSA. But there
are several other cryptosystems that are conjectured to
Hey,
In Practical Cryptography, Schneier mentions a couple of general
principles that he thinks wise when writing code which uses or
implements cryptographic routines.
Bear with me as I try to remember them:
1) When using a user input, run it through a OWF first. NB: This is a
possible DoS
Hi.
I have checked several papers and software packages which implement
modular square root and it looks like there is no agreement about what
algorithm is the best except that everybody does the same for p=3(4).
Chapter 3 of HAC suggests special algorithms for p=3(4) and p=5(8); a
general
Susan Landau has an article in the upcoming March issue of Notices of
the AMS: Find me a hash.
There is a short preview of the article here:
http://www.eurekalert.org/pub_releases/2006-02/ams-dsa020106.php
it even includes a non-public (whatever that means) link to the
paper itself:
Simon Josefsson wrote:
Travis H. [EMAIL PROTECTED] writes:
...
3) Authenticate the plaintext, not the ciphertext. This is a general
[...]
I wonder whether this is really a good suggestion, considering
Krawczyk's paper that show that this construct is not generically
secure. See
11 matches
Mail list logo