I wouldn't mind if it had been called Pretty Good Forward Secrecy instead,
but it really is a lot better than regular public key.
My point was that the name is misleading and causes people to look for more
than is there.
There doesn't seem to be much downside to just calling it Forward
zooko zo...@zooko.com writes:
I agree that randomness-reuse is a major issue. Recently about 55 Bitcoin
were stolen by exploiting this, for example:
http://emboss.github.io/blog/2013/08/21/openssl-prng-is-not-really-fork-safe/
Was that the change that was required by FIPS 140, or a different
Dave Horsfall d...@horsfall.org writes:
Given that there is One True Source of randomness to wit radioactive
emission, has anyone considered playing with old smoke detectors?
The ionising types are being phased out in favour of optical (at least in
Australia) so there must be heaps of them lying
On Wed, Sep 11, 2013 at 4:18 PM, Perry E. Metzger pe...@piermont.comwrote:
The attraction of methods that use nothing but a handful of
transistors is that they can be fabricated on chip and thus have
nearly zero marginal cost. The huge disadvantage is that if your
opponent can convince chip
On 09/11/2013 07:18 PM, Perry E. Metzger wrote:
The attraction of methods that use nothing but a handful of
transistors is that they can be fabricated on chip and thus have
nearly zero marginal cost. The huge disadvantage is that if your
opponent can convince chip manufacturers to introduce
On 09/08/2013 11:49 AM, Perry E. Metzger wrote:
That said, your hypothetical seems much like imagine that you can
float by the power of your mind alone. The construction of such a
cipher with a single master key that operates just like any other key
seems nearly impossible, and that should be
NIST strongly recommends that, pending the resolution of the security concerns
and the
re-issuance of SP 800-90A, the Dual_EC_DRBG, as specified in the January 2012
version of SP 800-90A,
no longer be used.
http://csrc.nist.gov/publications/nistbul/itlbul2013_09_supplemental.pdf
- johnk
http://blog.cryptographyengineering.com/2013/09/on-nsa.html
Johns Hopkins University censored this exact blog post by Prof. Green,
because of a complaint from its local defense contractor affiliated
with NSA, the Applied Physics Laboratory
On Wed, 11 Sep 2013 17:06:00 -0700 Tony Arcieri basc...@gmail.com
wrote:
It seems like Intel's approach of using thermal noise is fairly
sound. Is there any reason why it isn't more widely adopted?
Actually, I think things like this mostly have been missing
because manufacturers didn't
On Wed, 11 Sep 2013 21:06:35 -0400 Marcus D. Leech
mle...@ripnet.com wrote:
And this is the reason that I'd be in favour of diversity --
using sound cards, lava-lamps, etc, etc. Sources that don't
explicitly identify themselves as the random number generator.
As a practical matter, though,
On Wed, Sep 11, 2013 at 8:00 PM, John Gilmore g...@toad.com wrote:
There doesn't seem to be much downside to just calling it Forward
Secrecy rather than Perfect Forward Secrecy. We all seem to agree
that it isn't perfect, and that it is a step forward in security, at a
moderate cost in
11 matches
Mail list logo
