John Young remains a troll with occasional redeeming qualities.
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
Doesn't Simon look similar to MD5? Sure, it includes a few more
rotates and less additions, but it looks pretty close to one of MD5's
F-functions. Or maybe Ripemd.
Interestingly, it wouldn't take much to convert Simon into a Type-1
feistel network of state size 256 bits (although I'd use Speck's
Yes, until this specific combination becomes widespread enough that
there's sufficient incentive to produce ASICs for it.
YesCrypt is more modern. Use that.
___
cryptography mailing list
cryptography@randombit.net
On Tue, May 12, 2015 at 5:00 PM, d...@deadhat.com wrote:
There is a very simple way around this. Block XXTEA introduced a new
method
[snip]
Although for the internet and smart cards, data packets are small enough
for 64 bit blocks not to matter as long as you rekey between packets.
Don't be ridiculous, NIST providing standards that people care to
standardize?
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
On Tue, May 12, 2015 at 1:19 AM, d...@deadhat.com wrote:
On the lightweight side, I get the impression that block ciphers are
also a big topic, but that there isn't a ton of work being done
there... besides the NSA ciphers, SIMON and SPECK. John Kelsey
mentioned these at RWC. The NSA
http://jsperf.com/
this is a good tool
On Mon, May 4, 2015 at 2:48 AM, Fabio Pietrosanti (naif) - lists
li...@infosecurity.ch wrote:
Hi all,
does anyone ever made a performance comparison of existing JS scrypt
implementation?
Currently there are those three:
- scrypt-async-js
not a totally unreasonable amount of money...
just the size of the entire US IT budget.
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
Nope.
Slide attack and reflection attacks are only possible if there's a certain
symmetry in the key schedule. TEA has a lousy key schedule, but it is not
symmetrical. Neither is PRESENT.
Question: if I were to see the ciphertext being processed under a slide
attack, what would it look like? A
On a minor note, technically the PGP word list is a nine-bit communications
codebook, with one bit dedicated as an error detecting bit.
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
Can't trust anything, except the mail.
Only solution: personally encrypt messages by hand, using computers and GPG
only for transmitting master keys if the keys cannot be delivered in person.
https://en.wikipedia.org/wiki/PGP_word_list
Oddly there isn't as much outcry over this as compared to
Actually D-wave supposedly managed 512-Qubits.
128-bit keys are still safe though. In order for it to be cost effective to
brute force a 128-bit key, and given that 80-bit keys are vulnerable now,
each quantum evaluation of a cryptographic algorithm must be no more
expensive than 2^16 that of a
Just use XXTEA. It's the only good cipher that allows for blocks of size
equal to that of a disk sector. Additionally, maybe use XXTEA in CTR mode
to provide additional confidentiality so that blocks with all zeroes won't
output to the same value.
On Tue, Jan 6, 2015 at 1:12 PM, Kevin
Makes it easier to launder documents stolen by other spies and given to
Snowden.
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
On Sun, Dec 28, 2014 at 3:14 PM, John Young j...@pipeline.com wrote:
Der Spiegel released largest single day number of Snowden docs today,
666 pages, on NSA Attacks on VPN, SSL, TLS, SSH, Tor.
CRC failed in 'media-35515.pdf' file is broken
7zip says this.
I guess this is why John never promised anonymity to his sources, he can't
get zip files right.
On Sun, Dec 28, 2014 at 4:43 PM, John Young j...@pipeline.com wrote:
File size varies with programs. A screen shot of the RAR tally
yes, but if the NSA starts publishing things, people might realize the NSA
exists.
On Wed, Dec 24, 2014 at 4:48 PM, Matthew Green matthewdgr...@gmail.com
wrote:
The NIST Key Wrap is unauthored, which in practice means it's an NSA
construction. That doesn't mean it's insecure. In fact if
It depends on the browser.
Most (probably all) browsers do not use a cryptographically secure function
for the random function.
If you have to generate a large number of cryptographic random numbers, use
XTEA or a WebGL implementation of XTEA.
On Thu, Dec 18, 2014 at 7:53 PM, Givon Zirkind
Pretty sure it's an internal root certificate to the Sony corporation.
On Wed, Dec 17, 2014 at 1:19 PM, Erwann Abalea eaba...@gmail.com wrote:
2014-12-17 21:41 GMT+01:00 Jeffrey Walton noloa...@gmail.com:
Has anyone come across any reports of abuse due to Sony's compromised
root? I believe
http://burtleburtle.net/bob/rand/isaac.html Isaac works.
On Wed, Nov 19, 2014 at 3:54 AM, Givon Zirkind givo...@gmx.com wrote:
Plz excuse if inappropriate. Does anyone know of a decent (as in really
random) open source random generator? Preferably in PHP or C/C++?
Thanks.
I forget, what was the original inputs to the hash?
On Mon, Oct 13, 2014 at 8:14 AM, Krisztián Pintér pinte...@gmail.com
wrote:
On Mon, Oct 13, 2014 at 4:51 PM, Derek Miller dreemkil...@gmail.com
wrote:
However, considering one of the scenarios where these curves might be
compromised (the
Just found about Even-Mansour scheme. Simplest possible cryptosystem,
xor-permute-xor, and for a single round it is roughly as secure as half the
block size, while two rounds have brute force security. If one only desires
confidentiality against attacks faster then brute force, can't one generate
The majority of people are no more capable of GnuPG than understanding why
RAM can't be solely used on a computer.
GnuPG has some weird defaults that are difficult to change as well without
some command line commands.
Ultimately your system will have a major flaw: passwords are typically have
isn't the simplest solution would be to concatenate or XOR a counter?
Thus H[0] = Hash(input)
H[N] = Hash(H[N-1]+CTR)
considering that hashes from MD4 to SHA-2 all have block sizes of 512 bits,
much larger than their outputs, one could simply concatenate a 128-bit
counter.
Firefox users are probably going to keep using Firefox.
Chrome users are probably going to keep using Chrome.
Opera users use Opera because of it's nice little features.
IE users are likely using a pirated version of Windows and live in China.
https://en.wikipedia.org/wiki/Brand_loyalty
The
Feed RC4 through a transposition cipher... essentially a single round
2048-bit block cipher.
Table 1: 256 permuted bytes, serves as the PRGA
Table 2: 256 permuted bytes, serves as the transposition cipher
Table 3: 256 empty values, serves as the output array
Table 4: 256 empty values, serves as
It would be secure against wifi eavesdropping. But worse it might instill a
false sense of security.
On Mon, Aug 18, 2014 at 9:29 PM, Tony Arcieri basc...@gmail.com wrote:
Anyone know why this hasn't gained adoption?
http://tools.ietf.org/html/rfc2817
I've been watching various efforts at
Or in the case of OpenSSL, no one notices the backdoor as it is
indistinguishable from an obscure programming error.
On Sun, Aug 17, 2014 at 5:01 AM, ianG i...@iang.org wrote:
On 17/08/2014 05:09 am, Jeffrey Goldberg wrote:
On 2014-08-16, at 4:51 PM, David I. Emery d...@dieconsulting.com
John Young, true masterspy.
On Mon, Aug 11, 2014 at 1:52 PM, John Young j...@pipeline.com wrote:
We are moving toward a post-spy world, according to the guy that runs
the CIA’s venture capital arm.
Rule of thumb: there's always someone smarter than you, if not today, then
tomorrow. Linguists still exist, and they still try to decipher dead
languages, although those dead languages are totally uncoupled from modern
languages in meaning. Block ciphers are only procedurally generated
, Ryan Carboni rya...@gmail.com wrote:
One can always start with the difficult first step of uninstalling
certificate authorities you do not trust.
Opera will autorepair damage to the certificate repository, a missing
Certificate Authority is considered damage. Opera ships with a list
We happen to live on a planet where most users are ordinary users.
given the extent of phishing, it's probably best we outsource trust to
centralized authorities.
Although it should be easier establishing your own certificate authority.
___
trust is outsourced all the time in the non-cryptographic world
unless you do not have a bank account
On Mon, Apr 28, 2014 at 3:00 PM, James A. Donald jam...@echeque.com wrote:
On 2014-04-29 05:58, Ryan Carboni wrote:
We happen to live on a planet where most users are ordinary users
One can always start with the difficult first step of uninstalling
certificate authorities you do not trust.
On Mon, Apr 28, 2014 at 4:42 PM, ianG i...@iang.org wrote:
On 29/04/2014 00:12 am, Ryan Carboni wrote:
trust is outsourced all the time in the non-cryptographic world
trust is built
oh dear.
He helped the government combat crime and nuisance style offenses. Clearly
in collusion.
On Sun, Apr 6, 2014 at 12:20 PM, tpb-cry...@laposte.net wrote:
Message du 06/04/14 17:41
De : staticsafe
On 4/6/2014 10:40, tpb-cry...@laposte.net wrote:
Message du 04/04/14 20:09
De :
35 matches
Mail list logo