Naveen Nathan nav...@lastninja.net writes:
[Quoting someone else]
As I see it from that paper the advantages of a key-wrap scheme over using a
generic AEAD scheme is that
(a) it may be lighter weight in computation and size of ciphertext
(b) Defends against âIV misuseâ.
(c) RFC 3394 has
yeah thx bra!
On Tue, Jan 6, 2015 at 3:25 PM, Warren Kumari war...@kumari.net wrote:
On Tue, Jan 6, 2015 at 4:12 PM, Kevin kevinsisco61...@gmail.com wrote:
I figured I'd start building my own open source encryption algorithm:
... 'cos that can only end well?
On 6 Jan 2015 16:12 -0500, from kevinsisco61...@gmail.com (Kevin):
I figured I'd start building my own open source encryption algorithm:
https://github.com/kjsisco/qode
To borrow a very apt quote from Bruce Schneier: Who the hell are
you? [1] [2]
Nobody is perfect. Even very clever people make
The confidence in AES comes from its designation process during which
many publicly tried and failed to convincingly reduce its security
claim and the fact that it has (publicly still) stood the test of time
: ten years later all we have are the bicliques which gains us 2 bits.
It doesn't have
At 04:55 PM 1/6/2015, you wrote:
Yes, that is the received canon of cryptosystems:
1.Sarcasm toward unqualified efforts,
2. Designing cryptosysystems is *hard*.
3. No, that's too mild, it's mindblowingly* hard.
4. It doesn't start with code, it strts with mathematical description.
5. No,
So the practical reason behind everyone saying unless you have
qualifications, etc, don't do this is because, even if you make
something and say it's just for your learning or a joke or w/e,
someone (no joke) *will* use it and then some Fortune 500 will fall
over because of your joke code. So,
If it's so foolish to build your own crypto, how foolish would a Fortune
500 company be to deploy it?
Too bad there's not a crypto hacker service to test out various crypto
algorithms. We're always told to trust the government-sponsored crypto
like AES when we know full well that governments
I figured I'd start building my own open source encryption algorithm:
https://github.com/kjsisco/qode
--
Kevin
---
This email is free from viruses and malware because avast! Antivirus protection
is active.
http://www.avast.com
___
cryptography
On Tue, Jan 6, 2015 at 4:12 PM, Kevin kevinsisco61...@gmail.com wrote:
I figured I'd start building my own open source encryption algorithm:
... 'cos that can only end well?
https://github.com/kjsisco/qode
The entire contents of which is:
---
qode
An encryption algorithm
On Tue, Jan 6, 2015 at 11:34 AM, shawn wilson ag4ve...@gmail.com wrote:
You can smartly limit resolution in squid - I don't trust this is what
they were doing, but you could provide a better experience like this.
This may be just barely worth mentioning, but still: Gogo was, less
than a year
Kevin wrote:
I figured I'd start building my own open source encryption algorithm:
https://github.com/kjsisco/qode
If you feel overwhelmed by the sarcasm directed your way, there is a
reason for that.
Designing cryptosystems is *hard*. No, that's too mild. Is
*mindblowingly* hard. It
Just use XXTEA. It's the only good cipher that allows for blocks of size
equal to that of a disk sector. Additionally, maybe use XXTEA in CTR mode
to provide additional confidentiality so that blocks with all zeroes won't
output to the same value.
On Tue, Jan 6, 2015 at 1:12 PM, Kevin
On 1/5/2015 8:47 PM, John Levine wrote:
http://venturebeat.com/2015/01/05/gogo-in-flight-internet-says-it-issues-fake-ssl-certificates-to-throttle-video-streaming/
They claim they're doing it to throttle video streaming, not to be evil.
Am I missing something, or is this stupid? If they
On Tue, 06 Jan 2015 14:37:37 -0800, Nathan Dorfman n...@rtfm.net wrote:
Gonna go out on a limb here and strongly suggest not trusting any
*.google.com certificate signed by these guys.
Has anyone on the list had success running the Tor Browser Bundle over a
Gogo in flight connection?
The source code is mostly written to the OpenSSL coding standards, which
are seriously different from any other coding standard I've seen (it's
not Linux/KR, nor GNU, nor Microsoft, nor Sun/Oracle). Nonconformance
with the coding standards in later patches is very common, so it's a
mishmash
On 6 January 2015 at 15:40, Jeffrey Altman jalt...@secure-endpoints.com
wrote:
On 1/5/2015 8:47 PM, John Levine wrote:
http://venturebeat.com/2015/01/05/gogo-in-flight-internet-says-it-issues-fake-ssl-certificates-to-throttle-video-streaming/
They claim they're doing it to throttle
You can smartly limit resolution in squid - I don't trust this is what
they were doing, but you could provide a better experience like this.
On Tue, Jan 6, 2015 at 11:01 AM, Peter Maxwell pe...@allicient.co.uk wrote:
On 6 January 2015 at 15:40, Jeffrey Altman jalt...@secure-endpoints.com
17 matches
Mail list logo