On Sat, Nov 22, 2014 at 11:58 PM, Russell Leidich pke...@gmail.com wrote:
1. Let's do the math. Let's assume that we have a really dumb entropy
extractor ... that the timing of each
interrupt arrives predictably, but for an error of 1 CPU clock tick, at
random. ... 128 interrupts gives us 128
On Tue, Sep 23, 2014 at 2:47 AM, Ryan Carboni rya...@gmail.com wrote:
Just found about Even-Mansour scheme. Simplest possible cryptosystem,
xor-permute-xor, and for a single round it is roughly as secure as half the
block size, while two rounds have brute force security. If one only desires
staticsafe m...@staticsafe.ca wrote:
On 2014-04-07 17:53, Edwin Chu wrote:
Hi
A latest story for OpenSSL
http://heartbleed.com/
ed
Already patched in Debian.
DSA 2896-1.
OK, but if you have the patches, should you still assume all your keys
may have been compromised and therefore
Cited in a comment on Schneier's blog:
https://www.schneier.com/blog/archives/2013/10/nsa_eavesdroppi_2.html
Register article with link to actual report:
http://www.theregister.co.uk/2013/10/31/most_security_protocols_insecure_suggests_enisa/
___
Ben Laurie b...@links.org wrote:
| Encryption is time-consuming; compressing a file before encryption
| speeds up the process.
I haven't benchmarked it, but I find it unlikely that compression is faster
than encryption.
It can be if weak compression is acceptable. That may not be worth
John Young j...@pipeline.com wrote:
Tiltman vaunts the One Time Pad but cautions there have been effective
decrypts exploiting enthusiastic sloppy thinking that OTP is unbreakable.
Most appears to involve non-decipher means and methods. The paper
redacts others presumably still effective.
Jeffrey Walton noloa...@gmail.com wrote:
With all the talk of the NSA poisoning NIST, would it be wise to
composite ciphers? (NY Times, Guardian, Dr. Green's blog, et seq).
I've been thinking about running a fast inner stream cipher (Salsa20
without a MAC) and wrapping it in AES with an
grarpamp grarp...@gmail.com wrote:
The subject thread is covering a lot about OS implementations
and RNG various sources. But what are the short list of open
source tools we should be using to actually test and evaluate
the resulting number streams?
Two good ones are listed linked here
Aaron Toponce aaron.topo...@gmail.com wrote:
On Sun, Aug 18, 2013 at 05:07:49PM -0700, coderman wrote:
i am surprised this has not surfaced more often in this thread:
if you need good entropy: use a hardware entropy generator!
It's a shame http://entropykey.co.uk is no longer in business.
shawn wilson ag4ve...@gmail.com wrote:
I thought that decent crypto programs (openssh, openssl, tls suites)
should read from random so they stay secure and don't start generating
/insecure/ data when entropy runs low.
(Talking about Linux, the only system where I know the details)
urandom
On Fri, Aug 16, 2013 at 11:07 AM, Aaron Toponce aaron.topo...@gmail.com wrote:
The /dev/urandom device in the Linux kernel uses the Yarrow pseudo random
number generator when the entropy pool has been exhausted.
No, it doesn't, or at least did not last time I looked at the code, a few
months
Randolph D. rdohm...@gmail.com wrote:
Did any one looked into this
http://goldbug.sourceforge.net/
Secure Instant Messenger
Other alternatives include:
http://www.cypherpunks.ca/otr/
https://silentcircle.com/
___
cryptography mailing list
grarpamp grarp...@gmail.com wrote:
And so where does Cisco and Juniper gear come from again... ?
Cisco has factories in China, in at least Suzhou Hefei. They
also have RD centers in at least Shanghai Hefei:
http://cisco-news.tmcnet.com/news/2011/11/25/5954051.htm
William Allen Simpson william.allen.simp...@gmail.com wrote:
We need something yesterday, not next year.
...
Yes, folks have mentioned Salsa20. ...
So, let's talk about what to choose for something fast and
modern to implement in the next decade We cannot
recommend a dozen EU
William Allen Simpson william.allen.simp...@gmail.com wrote:
A quick question: what are our current options for 100 Gbps
line rate encryption?
Are we still using variants of ARC4?
The European Union's Estream contest gave two small
portfolios of ciphers, four for software implementation
and
There is one I mostly wrote, with links to others, here:
http://www.freeswan.org/freeswan_trees/freeswan-2.06/doc/glossary.html
That is about 15 years old and incomplete since it covered only things
relevant to that project's work. However, it is freely available and may
be somewhat useful.
On
James suggests:
Write a block cipher that enciphers 0, 1, ..., n. Pick a random key.
Encipher 0, 1, ..., n.
You need not devise a new cipher; just use Hasty Pudding. From
http://richard.schroeppel.name/hpc/
The arbitrary block size means that anything can be encrypted without
expansion.
On Sun, Mar 3, 2013 at 3:30 PM, Jeffrey Walton noloa...@gmail.com wrote:
In Jesse Walker's slide on Requirements for random number generators
(https://crypto.stanford.edu/RealWorldCrypto/slides/jesse.pdf), Walker
provides a simple gatherer on slide 10:
unsigned before, after, entropy;
From:
http://www.cs.auckland.ac.nz/~pgut001/cryptlib/
Language bindings are available for C / C++, C# / .NET, Delphi, Java,
Python, and Visual Basic (VB).
___
cryptography mailing list
cryptography@randombit.net
On Mon, Jan 28, 2013 at 8:37 AM, Paul Christian pho...@gmail.com wrote:
... not much experiance ... or a details understanding of modern methods.
I am interested in developing some technology ...
One summary of why that may be hard:
Jon Callas j...@callas.org wrote:
(The quibble I have is over partial security. My quibble is that lots of
partial
security systems label the partial security as being worse than no security.
I believe that partial security is always better than no security.)
Except when it is marketed as
There's a reasonable, if incomplete, discussion here:
http://en.citizendium.org/wiki/Random_number_generator#Random_sequences_from_physical_phenomena
Wikipedia also has an article. The standard reference is an IETF document
in the Best Current Practices series
http://www.ietf.org/rfc/rfc4086.txt
A friend just sent me a link to this:
http://wiki.franklinheath.co.uk/index.php/Enigma/Paper_Enigma
Instructions and templates for building a functional Enigma machine.
___
cryptography mailing list
cryptography@randombit.net
On Mon, Mar 19, 2012 at 9:38 AM, Randall Webmail rv...@insightbb.com wrote:
I suppose we've all seen the proofs that brute-forcing PGP would take a
supercomputer
the size of the planet longer than the age of the universe to accomplish. Was
the math
faulty in those proofs, or is it true,
On Thu, Jan 5, 2012 at 1:47 AM, Thor Lancelot Simon t...@panix.com wrote:
Eventually I will replace it with a multi-pool implementation like
Fortuna. However, I'm trying to make incremental improvements while
waiting for that mythical great extent of free time to appear.
Why do you want to
On Mon, Nov 28, 2011 at 4:10 AM, Steven Bellovin s...@cs.columbia.edu wrote:
Does anyone know of any (verifiable) examples of non-government enemies
exploiting flaws in cryptography? I'm looking for real-world attacks on
short key lengths, bad ciphers, faulty protocols, etc., by parties other
On Tue, Sep 27, 2011 at 2:04 PM, Sandy Harris sandyinch...@gmail.com wrote:
I have written a demon for Linux that gathers entropy from timer
jitter and pushes it into random(4). Comment and criticism solicited.
There is working code and a PDF rationale document, but it is not
finished
William Allen Simpson william.allen.simp...@gmail.com wrote:
3) Require Perfect Forward Secrecy. We'd not managed to get IPsec to do
that. It was a big argument at the time. Even today, not all TLS suites
provide PFS.
What on Earth were the arguments against it? I'd have thought PFS was
a
On Tue, Jun 14, 2011 at 7:25 PM, Alexander Klimov alser...@inbox.ru wrote:
http://eprint.iacr.org/2011/312.pdf:
Overall this attack requires 2^64 KP [known pairs, I guess] and
allows to break full 32-round GOST in time of about 2^228 GOST
encryptions for a success probability of 50 %.
On Fri, Jun 10, 2011 at 1:14 AM, Paul Hoffman paul.hoff...@vpnc.org wrote:
Greetings again. I am helping someone design a system that will involve
giving someone
a randomly-generated key that they have to type in order to unlock data that
is private
but not terribly valuable. Thus, we want
On Sun, Apr 3, 2011 at 11:24 AM, Kevin W. Wall kevin.w.w...@gmail.com wrote:
Of course, if the GPS is tracking the random walk of a drunken
sailor, you might be OK in terms of your entropy. (Sounds like
an experiment is in order. ;-)
No. If he passes out or encounters an interesting woman or
Thierry Moreau thierry.mor...@connotech.com wrote:
Only NIST (with the help of NSA and participants in a circa 2004 symposium)
advanced the true random source standardization effort, with the main
outcome being NIST SP-800-90. Neither the financial industry (ANSI) nor the
European digital
On Thu, Dec 16, 2010 at 4:38 AM, Jon Callas j...@callas.org wrote:
That said, I would not recommend people to write their own crypto, as
cryptography is hard enough to foster any kind of fault, glitch or
defect. In turn, this may leads to incidents that promise to be no
less severe than those
On Thu, Nov 25, 2010 at 1:14 AM, Rayservers supp...@rayservers.com wrote:
http://www.entropykey.co.uk/tech/
Opinions? Anyone used this? Any other reasonably priced alternatives?
Use a sound card or USN sound device?
http://www.av8n.com/turbid/paper/turbid.htm
Nice visual demo of not reusing pseudo-random material in a
stream cipher or true random in a one-time pad system:
http://www.cryptosmith.com/archives/70
___
cryptography mailing list
cryptography@randombit.net
travis+ml-rbcryptogra...@subspacefield.org wrote:
We'll never be able to defend against physical attacks without
tamper-resistant or tamper-evident hardware. Actually designing a
tamper-evident server you could ship overseas and have co-located
somewhere is an interesting engineering
On Tue, Sep 28, 2010 at 10:07 AM, Steven Bellovin s...@cs.columbia.edu wrote:
Someone else pointed out BassOMatic, in PGP 1.0, which is exactly what I was
looking for.
Most key material is mixed into the data with XOR, addition, IDEA multiplication
or whatever. You asked about key data used
37 matches
Mail list logo