On 06/09/13 21:21, Tony Arcieri wrote:
There are curves not selected by e.g. NIST with a published rationale
for their selection, like Curve25519. Is there any reason why such
curves can't be evaluated retroactively?
http://cr.yp.to/ecdh/curve25519-20060209.pdf
We have a purely (now mostly) all-symmetric key protocol: Needham-Schroeder
-- Kerberos. Guess what: it doesn't scale, not without a strong dose of PK
(and other things). Worse, its trusted third parties can do more than
MITM/impersonate you like PKI's: they get to see your session keys (unless
Jeffrey Walton noloa...@gmail.com wrote:
With all the talk of the NSA poisoning NIST, would it be wise to
composite ciphers? (NY Times, Guardian, Dr. Green's blog, et seq).
I've been thinking about running a fast inner stream cipher (Salsa20
without a MAC) and wrapping it in AES with an
On 9/6/2013 6:58 AM, Ralph Holz wrote:
Hi,
On 09/06/2013 07:12 AM, James A. Donald wrote:
Most private keys are issued by, not merely certified by, the CAs.
Can you give numerical evidence for this claim?
Device certificates (those that go into mass manufactured products)
typically have
On 9/6/2013 2:03 PM, grarpamp wrote:
Does anyone put any stock into the rumors floating lately that the
government may have influenced Intel and/or AMD into altering
However, I claim that the fear is well founded and should be taken into
account by all threat models.
It interesting to
- Forwarded message from Nick Mathewson ni...@alum.mit.edu -
Date: Sat, 7 Sep 2013 13:02:04 -0400
From: Nick Mathewson ni...@alum.mit.edu
To: tor-t...@lists.torproject.org tor-t...@lists.torproject.org
Subject: Re: [tor-talk] NIST approved crypto in Tor?
Reply-To:
On Sat, Sep 7, 2013 at 1:48 PM, David Johnston d...@deadhat.com wrote:
On 9/6/2013 2:03 PM, grarpamp wrote:
...
However, I claim that the fear is well founded and should be taken into
account by all threat models.
It interesting to consider the possibilities of corruption and deception
that
On 2013-09-08 3:48 AM, David Johnston wrote:
Claiming the NSA colluded with intel to backdoor RdRand is also to
accuse me personally of having colluded with the NSA in producing a
subverted design. I did not.
Well, since you personally did this, would you care to explain the very
strange
On 2013-09-07 9:14 PM, Eugen Leitl wrote:
That's the claimed design, yes. I see no particular reason to believe
that the hardware in my server implements the design. I can't even test
that the AES whitening does what it is documented to do, because Intel
refused to provide access to the
On Sun, Sep 08, 2013 at 08:34:53AM +1000, James A. Donald wrote:
Well, since you personally did this, would you care to explain the
very strange design decision to whiten the numbers on chip, and not
provide direct access to the raw unwhitened output.
You know as soon as anyone complained
On 2013-09-08 1:25 PM, Thor Lancelot Simon wrote:
On Sun, Sep 08, 2013 at 08:34:53AM +1000, James A. Donald wrote:
Well, since you personally did this, would you care to explain the
very strange design decision to whiten the numbers on chip, and not
provide direct access to the raw unwhitened
11 matches
Mail list logo
