* Lodewijk andré de la porte:
2013/9/30 Florian Weimer f...@deneb.enyo.de
3. Message integrity does not matter.
4. The security proof assumes there is only one message, ever.
3 and your paper about VOIP regard traffic analysis. I'm not sure what else
3 refers to. Certainly a known
http://www.infoworld.com/print/228000
October 02, 2013
Silent Circle moves away from NIST cryptographic standards, cites NSA
concerns
The company plans to replace AES and SHA-2 with Twofish and Skein in its
encrypted communication services
By Lucian Constantin | IDG News Service
Silent
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Callas' blog post:
http://silentcircle.wordpress.com/2013/09/30/nncs/
On 10/2/2013 8:41 AM, ianG wrote:
http://www.infoworld.com/print/228000
October 02, 2013 Silent Circle moves away from NIST cryptographic
standards, cites NSA concerns The
On 02/10/13 at 08:51am, Florian Weimer wrote:
There is widespread belief that compressing before encrypting makes
cryptanalysis harder, so compression is assumed to be beneficial.
Any academic references?
Without these, IMHO your sentence is false.
Example: http://breachattack.com/
Aside from the curve change (and even there), this strikes me as a marketing
message rather than an important technical choice. The message is we react to
a deeper class of threat than our users understand.
Fair enough, but I'd hardly stop using AES or the larger SHA-2 variants on the
back of
That would be known plaintext attack (or statistical analysis like how
simple ciphers typically are broken) vs chosen plaintext attack (BREACH is
the latter, while compression would increase entropy density to make the
former harder since each individual bit becomes harder to predict).
Sorry, no
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 10/2/13 10:38 AM, danimoth wrote:
On 02/10/13 at 08:51am, Florian Weimer wrote:
There is widespread belief that compressing before encrypting
makes cryptanalysis harder, so compression is assumed to be
beneficial.
Any academic references?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Yeah, it may well be just marketing. The one thing that gives me pause
is that Callas and Schneier are both part of the team that worked on
the systems they have chosen to migrate to (Twofish, Skein), and
Schneier is one of the very few people to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Correction; Callas worked on Threefish, not Twofish, however the
Schneier connection still holds given their past and present
associations...
On 10/2/2013 11:50 AM, d.nix wrote:
Yeah, it may well be just marketing. The one thing that gives me
On Wed, Oct 2, 2013 at 10:38 AM, Jared Hunter feralch...@gmail.com wrote:
Aside from the curve change (and even there), this strikes me as a marketing
message rather than an important technical choice. The message is we react
to a deeper class of threat than our users understand.
it is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Oct 2, 2013, at 12:26 PM, coderman coder...@gmail.com wrote:
On Wed, Oct 2, 2013 at 10:38 AM, Jared Hunter feralch...@gmail.com wrote:
Aside from the curve change (and even there), this strikes me as a marketing
message rather than an
Communications Theory of Secrecy Systems, Claude Shannon, 1949
http://netlab.cs.ucla.edu/wiki/files/shannon1949.pdf
On Wed, Oct 2, 2013 at 1:38 PM, danimoth danim...@cryptolab.net wrote:
On 02/10/13 at 08:51am, Florian Weimer wrote:
There is widespread belief that compressing before
On 2013-10-03 09:17, Charles Jackson wrote:
Any academic references?
Official reality is surreal and generally should be ignored.
___
cryptography mailing list
cryptography@randombit.net
On 2013-10-03 04:50, d.nix wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Yeah, it may well be just marketing. The one thing that gives me pause
is that Callas and Schneier are both part of the team that worked on
the systems they have chosen to migrate to (Twofish, Skein), and
Schneier
For reflection: What percent of domestic and global communications are
protected from the collection of plaintext or session information by AES?
Who has the capability and the desire to avoid going dark on that portion of
data flows? Is this an example of a high-value target for corruption? If
15 matches
Mail list logo
