d...@geer.org writes:
The pieces of the key, small numbers, tend to =93erode=94 over time as
they gradually fall out of use. To make keys erode, or timeout, Vanish
takes advantage of the structure of a peer-to-peer file system. Such
networks are based on millions of personal computers
--
From: Nicolas Williams nicolas.willi...@sun.com
Subject: Fast MAC algorithms?
Which MAC algorithms would you recommend?
I didn't see the primary requirement, you never give a speed requirement.
OMAC-AES-128 should function around 100MB/sec,
On Tue, Jul 21, 2009 at 07:15:02PM -0500, Nicolas Williams wrote:
I've an application that is performance sensitive, which can re-key very
often (say, every 15 minutes, or more often still), and where no MAC is
accepted after 2 key changes. In one case the entity generating a MAC
is also the
On Wed, Jul 22, 2009 at 06:49:34AM +0200, Dan Kaminsky wrote:
Operationally, HMAC-SHA-256 is the gold standard. There's wonky stuff all
over the place -- Bernstein's polyaes work appeals to me -- but I wouldn't
really ship anything but HMAC-SHA-256 at present time.
Oh, I agree in general. As
On Jul 21, 2009, at 3:11 PM, Hal Finney wrote:
The first is equivalent to: knowing g^(xy) is it impossible to
deduce g^x,
where y = H(g^x). Define Y = g^x, then y = H(Y) and g^(xy) = Y^H(Y).
The
question is then:
Given Y^H(Y) can we deduce Y?
To make a simple observation: H matters. If
On Wed, Jul 22, 2009 at 1:43 AM, Nicolas
Williamsnicolas.willi...@sun.com wrote:
But that's not what I'm looking for here. I'm looking for the fastest
MACs, with extreme security considerations...In the crypto world
one never designs weak-but-fast algorithms on purpose, only