At 03:18 PM 7/29/2002 -0700, David Wagner wrote:
I don't even think anyone has analyzed the entropy preservation of a
theoretically perfect random oracle
Well, I know this particular point wasn't central to your email, but
I'm not sure I agree with you on this small point. I believe it
David Wagner said,
The problem can really be divided into two parts:
1. Is our entropy crunching algorithm secure when used with
a random oracle instead of SHA1?
2. Does SHA1 behave enough like a random oracle that the answer
to question 1. is in any way relevant to the real
--
On 30 Jul 2002 at 17:02, Amir Herzberg wrote:
I found that when trying to explain and define hash functions
and their properties, I didn't find a satisfactory definition
for the `randomness` properties.
Randomness is of course indefinable. A random oracle is however
definable.
If
Amir Herzberg wrote:
But there's a big difference: the random oracle `assumption` is clearly not
valid for SHA-1 (or any other specific hash function).
Well, the random oracle model has problems, but I think those problems
are a bit more subtle than just an assumption that is true or false.
So
OpenSSL version 0.9.6e released
===
OpenSSL - The Open Source toolkit for SSL/TLS
http://www.openssl.org/
The OpenSSL project team is pleased to announce the release of version
0.9.6e of our open source toolkit for SSL/TLS. This new OpenSSL version
is
The third beta release of OpenSSL 0.9.7 is now available from the
OpenSSL FTP site URL: ftp://ftp.openssl.org/source/. Quite a lot
of code changed between the 0.9.6 release and the 0.9.7 release, so
a series of 3 or 4 beta releases is planned before the final release.
SECURITY INFORMATION:
