On Thu, Aug 01, 2013 at 10:16:51AM +0100, Michael Rogers wrote:
My understanding of the above is that the salt doesn't increase the
entropy of HKDF's output from the adversary's point of view, since the
adversary knows the salt value. However, the salt prevents accidental
collisions if
An interesting result, and the link also has circuit representations
of the AES Sbox which they claim are smaller than any so far found -
one of them 32 AND gates, 83 XOR/NXOR, and depth 28.
- Forwarded message from Peralta, Rene rene.pera...@nist.gov -
Date: Thu, 18 Jul 2013 08:22:21
I just created a new mailman list
https://lists.randombit.net/mailman/listinfo/cryptopolitics
as a venue for discussions that would normally go to cypherpunks but
hasn't because of the name or spam or whatever reason, and which
are off topic for this list so haven't happened here.
As with this
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
Morning all,
I'll be moving mailman and postfix to a new host later this week,
likely on Thursday, or Saturday otherwise. Expected downtime is no
more than a handful of hours so mails shouldn't even bounce, but
figured I would send a note so people know what is going on just in
case expectations
On Wed, Jan 23, 2013 at 10:20:23AM +0300, ianG wrote:
If one skims this presentation by Joan Daemen, co-inventer of Keccak, it
seems that the algorithm can also be used for the other modes --
encryption, (h)mac, authenticated encryption as well as message digest.
In addition to HMAC, Keccak
On Mon, Jun 18, 2012 at 10:20:35AM -0700, Jon Callas wrote:
On Jun 18, 2012, at 5:26 AM, Matthew Green wrote:
The fact that something occurs routinely doesn't actually make it a good
idea. I've seen stuff in FIPS 140 evaluations that makes my skin crawl.
This is CRI, so I'm fairly
On Mon, Jun 18, 2012 at 01:21:20PM -0700, Jon Callas wrote:
I am not in any way suggesting that CRI would hide weaknesses or
perform a lame review.
But that is *precisely* what you are saying.
Jon Stewart could parody that argument far better than I can. You're
not saying that CRI would
On Mon, Jun 18, 2012 at 11:58:56AM -0700, Kyle Hamilton wrote:
So what can we do to solve it? Create our own reputable review service?
Who would pay for it? Who could pay for it? Who *should* pay for it?
At first it seems like irony that buyer-pays is likely the process
best aligned with
On Mon, Feb 27, 2012 at 09:01:31AM +0100, Harald Hanche-Olsen wrote:
[Kevin W. Wall kevin.w.w...@gmail.com (2012-02-27 01:50:40 UTC)]
Well, we're already considerably OT, but since the moderator seems to
be letting this thread play itself out, [...]
Moderator? The list has a moderator?
On Thu, Feb 16, 2012 at 09:41:04PM -0600, Nico Williams wrote:
developers agree). I can understand *portable* applications (and
libraries) having entropy gathering code on the argument that they may
need to run on operating systems that don't have a decent entropy
provider.
Another good
On Fri, Feb 17, 2012 at 11:33:15AM -0800, Jon Callas wrote:
Really?
Let's suppose I've completely compromised your /dev/random and I
know the bits coming out. If you pull bits out of it and put them
into any PRNG, how is that not just Bits' = F(Bits) ? Unless F is a
secret function, I just
On Mon, Jan 02, 2012 at 08:03:07PM +0100, Marcus Brinkmann wrote:
Computer programs today are limited by attention of experts (programmers,
researchers). What does hard for computer programs actually mean then? Is
there a theoretical boundary that limits the abilities of computer programs to
On Mon, Nov 28, 2011 at 08:40:45PM -0500, Steven Bellovin wrote:
On Nov 28, 2011, at 8:03 PM, Nico Williams wrote:
The list is configured to set Reply-To. This is bad, and in some
cases has had humorous results. I recommend the list owners change
this ASAP.
Agree, strongly. The
On Wed, Nov 09, 2011 at 07:22:08PM +0100, Adam Back wrote:
Any suggestions on EC capable crypto library that implements things without
tripping over any certicom claimed optimizations?
They can claim whatever they want. Since they have more money for
lawyers than most open source projects, they
On Wed, Nov 02, 2011 at 04:25:30PM -0300, Leandro Meiners wrote:
Hi List!
I was wondering if anybody could give me some pointers as to papers or
books that discuss the advantages/disadvantages of computing an HMAC of
a message versus previously computing a hash of the message and then
On Mon, Sep 19, 2011 at 02:57:21PM -0400, Kevin W. Wall wrote:
So does anyone know anymore details on this? Specifically is it an
implementation flaw or a design flaw?
Duong Rizzo's previous work relied on padding oracle attacks whereas
this one is categorized as a chosen-plaintext attack,
http://research.microsoft.com/en-us/projects/cryptanalysis/aesbc.pdf
I'm wondering how easily the new preimage attack they describe (on AES
in Davies-Meyer) can be applied to any of the AES-based SHA-3
candidates.
Abstract follows
Since Rijndael was chosen as the Advanced Encryption Standard,
On Sun, Jun 19, 2011 at 04:56:34PM +1200, Peter Gutmann wrote:
I know how to check the carry flag from inline asm, I just don't know what
the
rdrand encoding is. Here's the code I sent to the OP, I hadn't posted it yet
because I need to get someone with access to the appropriate hardware
On Thu, Jun 16, 2011 at 09:17:56PM +0200, Adam Back wrote:
Trust me the noise level on here is zero compared to usenet news flame
fests, spam, DoS etc. The maintainer is removing spam for one (I think).
I am definitely trying to prevent any spam from going to the list.
The anti-spam measures
Need something to be encrypted? Just upload it to us and we'll
encrypt it for you. Don't worry, we delete everything. Promise.
https://encryptur.com/
In fairness, this is no worse that downloading some random program off
the internet and using it for the same purpose. At least here the
worst
On Tue, Jun 14, 2011 at 04:52:30PM -0500, Marsh Ray wrote:
The first 7 chars $2a$05$ are a configuration string. The subsequent
53 characters (in theory) contains a 128 bit salt and a 192 bit hash
value. But 53 is an odd length (literally!) for a base64 string, as
base64 uses four
On Mon, Nov 15, 2010 at 09:36:58PM -0600, Marsh Ray wrote:
For one thing, open source projects wouldn't go along with it.
http://fedoraproject.org/wiki/User:Peter/Disabled_applications
This is due to excessive paranoia on the part of RH's legal department
(they are assuming even ECDH over
23 matches
Mail list logo