On 7/23/14, David Leon Gil <[email protected]> wrote: > Robert: If your host name and IP address change frequently, just use your > name, or your zip code, or a short, very easy-to-remember nonce. The > requirement is not that it be as strong as a password; just something to > de-genericize the attack. (You get rid of most of that 2^27 advantage with > only 2^16 unique hostnames...)
I would rather just compare a whole 256-bit public key or public-key hash than have to deal with something like the Windows 3.11 concept of ‘workgroup’ again. > De-genericizing attacks using 'nonces' in this way does not allow > avoiding memory accesses, with their huge latency. ??? How do you intend that the nonce be used? Robert Ransom _______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
