Peter Gutmann wrote:
Stephan Neuhaus [EMAIL PROTECTED] writes:
Concerning the practical use of AES, you may be right (even though it would
be nice to have some advice on what one *should* do instead).
Definitely. Maybe time for a BCP, not just for AES but for general block
ciphers?
I
Peter Gutmann wrote:
And that's it's killer feature: Although you can still be duped into handing
out your password to a fake site, you simply cannot connect securely without
prior mutual authentication of client and server if TLS-PSK is used.
If I have understood the draft correctly, using
James A. Donald wrote:
But does not, in fact, prevent.
Let me rephrase that. Are we now at a point where we must admit that
PKI isn't going to happen for the Web and that we therefore must face
the rewriting of an unknown (but presumably large) number of lines of
code to accomodate PSKs?
Peter Gutmann wrote:
Alaric Dailey [EMAIL PROTECTED] writes:
In my opinion, PSK has the same problems as all symmetric encryption, its
great if you can share the secret securely, but distribution to the masses
makes it infeasible.
Exactly, PSK's are infeasible, and all those thousands of web
Original article at http://www.heise.de/security/news/meldung/64224
It seems that the German TC TrustCenter GmbH (formerly TC TrustCenter
AG) is now insolvent. TrustCenter was accredited to issue qualified
signatures, which is what you need in Germany if you want your digital
signature to be
Peter Gutmann wrote:
-- Snip --
This is very scary. I bet that our Minister of the Interior would love
it, though, since he has been pushing a scheme for stealth examination
of suspects' computers (called Federal Trojan). Technology like this
would be a large first step towards making
Peter Gutmann wrote:
Given that all you need for this is a glorified pocket calculator, you could
(in large enough quantities) probably get it made for $10, provided you shot
anyone who tried to introduce product-deployment DoS mechanisms like smart
cards and EMV into the picture.
That seems
On Dec 17, 2007, at 17:38, [EMAIL PROTECTED]
wrote:
So... supposing I was going to design a crypto library for use within
a financial organization, which mostly deals with credit card numbers
and bank accounts, and wanted to create an API for use by developers,
does anyone have any advice
On Apr 28, 2008, at 23:56, Perry E. Metzger wrote:
If you have a rotten apple engineer, he will be able to hide what he's
trying to do and make it look completely legit. If he's really good,
it may not be possible to catch what he's done EVEN IN PRINCIPLE.
Fred Cohen proved in 1984 in his
On Jul 1, 2008, at 17:39, Perry E. Metzger wrote:
Ed, there is a reason no one in the US, not even Wells Fargo which you
falsely cited, does what you suggest. None of them use 4 digit PINs,
none of them use customer account numbers as account names. (It is
possible SOMEONE out there does this,
This article: http://www.spiegel.de/wirtschaft/0,1518,563606,00.html
(sorry, German only) describes a judgment made by a German district
court which says that banks are liable for damages due to phishing
attacks. In the case in question, a customer was the victim of a
keylogger even
On Aug 3, 2008, at 13:54, Alexander Klimov wrote:
If your p-value is smaller than the significance level (say, 1%)
you should repeat the test with different data and see if the
test persistently fails or it was just a fluke.
Or better still, make many tests and see if your p-values are
On Oct 24, 2008, at 14:29, John Denker wrote:
On 09/29/2008 05:13 AM, IanG wrote:
My assumptions are:
* I trust no single source of Random Numbers.
* I trust at least one source of all the sources.
* no particular difficulty with lossy combination.
If I have N pools of entropy (all same
On Aug 31, 2009, at 13:20, Jerry Leichter wrote:
It can “...intercept all audio data coming and going to the Skype
process.”
Interesting, but is this a novel idea? As far as I can see, the
process intercepts the audio before it reaches Skype and after it has
left Skype. Isn't that the
On Sep 26, 2009, at 18:31, Perry E. Metzger wrote:
SP 800-102 is intended to address the timeliness of the digital
signatures generated using the techniques specified in Federal
Information Processing Standard (FIPS) 186-3. [...] SP 800-102
provides
methods of obtaining assurance of the
On Sep 30, 2009, at 06:25, Peter Gutmann wrote:
Stephan Neuhaus neuh...@st.cs.uni-sb.de writes:
Is there something that could be done that would *not* require a
TTA? (I have
almost given up on this, but it doesn't hurt to ask.)
I think you've abstracted away too much information
On Oct 1, 2009, at 16:46, Perry E. Metzger wrote:
It is also completely impossible to prove you've deleted a
record. Someone who can read the record can always make a copy of
it. Cryptography can't fix the DRM problem.
Sorry, I should have clarified that. We don't want to verify that Bob
On Oct 22, 2009, at 16:12, Perry E. Metzger wrote:
I don't think anyone is smart enough to understand all the
implications of this across all the systems that depend on the DNS,
especially as we start to trust the DNS because of the authentication.
We trust the DNS already. As far as I
On Mar 23, 2010, at 22:42, Jon Callas wrote:
If you need to rekey, tear down the SSL connection and make a new one. There
should be a higher level construct in the application that abstracts the two
connections into one session.
... which will have its own subtleties and hence probability
On Jul 29, 2010, at 22:23, Anne Lynn Wheeler wrote:
On 07/28/2010 10:34 PM, d...@geer.org wrote:
The design goal for any security system is that the number of
failures is small but non-zero, i.e., N0. If the number of
failures is zero, there is no way to disambiguate good luck
from
On 2013-09-04 16:37, Perry E. Metzger wrote:
Phil Karn described a construction for turning any hash function into
the core of a Feistel cipher in 1991. So far as I can tell, such
ciphers are actually quite secure, though impractically slow.
Pointers to his original sci.crypt posting would be
On 2013-09-17 07:37, Peter Gutmann wrote:
Tony Arcieri basc...@gmail.com writes:
On Mon, Sep 16, 2013 at 9:44 AM, Bill Frantz fra...@pwpconsult.com wrote:
After Rijndael was selected as AES, someone suggested the really paranoid
should super encrypt with all 5 finalests [...].
I wish there
On 2013-10-03 09:49, Peter Gutmann wrote:
Jerry Leichter leich...@lrw.com writes:
My favorite more recent example of the pitfalls is TL1, a language and
protocol used to managed high-end telecom equipment. TL1 has a completely
rigorous syntax definition, but is supposed to be readable.
23 matches
Mail list logo
