Peter Gutmann wrote:
"Charles Jackson" <[EMAIL PROTECTED]> writes:
Is anyone aware of a commercial product that implements secret sharing? If
so, can I get a pointer to some product literature?
I believe at least some versions of PGP might have supported secret
sharing for key backup.
[EMAIL PROTECTED] said:
> With TPMs it's a bit different, they're absent from the hardware by default
in case you're referring to the TCPA (trusted computing platform alliance)
TPM..
my understanding from a person active in the NEA working group (IETF) is that
TPMs these days "come along for f
On Jun 20, 2007, at 8:41 PM, Steven M. Bellovin wrote:
According to the AP (which is quoting Le Monde), "French government
defense experts have advised officials in France's corridors of power
to stop using BlackBerry, reportedly to avoid snooping by U.S.
intelligence agencies."
That's a bit p
"D. K. Smetters" <[EMAIL PROTECTED]> writes:
>However, given the difficulty people have in managing keys in general,
>building effective systems that allow them to manage key fragments is beyond
>the range of most current commercial products.
I think that's the perfect summary of the problem with
The consensus from a few of my friends is that this paper (by
Warren Smith) is a bit eccentrically written but not obviously
flawed. Whether it is of any practical importance at all remains to be
seen -- there may be no way to apply the results.
http://eprint.iacr.org/2007/248
Abstract. We
Victor Duchovni wrote:
Quantum Cryptography or Quantum Computing (i.e. cryptanysis)?
- Quantum Cryptography is "fiction" (strictly claims that it solves
an applied problem are fiction, indisputably interesting Physics).
I do not really agree on this statement. There are ongoing proje
- Quantum Cryptography is "fiction" (strictly claims that it solves
an applied problem are fiction, indisputably interesting Physics).
Well that is a broad (and maybe unfair) statement.
Quantum Key Distribution (QKD) solves an applied problem of secure key
distribution. It may not be
On Thu, Jun 21, 2007 at 06:00:48PM +0100, Richard Clayton wrote:
> (a) the EU legislation was actually passed well over a year ago
>
> http://europa.eu.int/eur-lex/lex/LexUriServ/site/en/oj/2006/l_105/l_10520060413en00540063.pdf
It is not national law yet. I'm only concerned about when I
have to
Steven M. Bellovin wrote:
> That's a bit puzzling. My understanding is that email is encrypted
> from the organization's (Exchange?) server to the receiving Blackberry,
> and that it's not in the clear while in transit or on RIM's servers.
Doesn't this run into the common problem of "supposedly i
On Thu, Jun 21, 2007 at 01:20:35PM -0400, Victor Duchovni wrote:
> Quantum Cryptography or Quantum Computing (i.e. cryptanysis)?
>
> - Quantum Cryptography is "fiction" (strictly claims that it solves
> an applied problem are fiction, indisputably interesting Physics).
>
> - Quantu
Alexander Klimov wrote:
> So if one xors a Linux iso image and some movie, it is quite hard to
> claim that the result is copyright-protected.
Why? A copyright-protected work is still copyright-protected,
encrypted or not.
It is just as with any reversible encoding of a copyright-
protected work,
On Thu, Jun 21, 2007 at 10:59:14AM -0700, Ali, Saqib wrote:
> >- Quantum Cryptography is "fiction" (strictly claims that it solves
> > an applied problem are fiction, indisputably interesting Physics).
>
> Well that is a broad (and maybe unfair) statement.
>
> Quantum Key Distribution (
Massimiliano Pala <[EMAIL PROTECTED]> writes:
> Victor Duchovni wrote:
>> Quantum Cryptography or Quantum Computing (i.e. cryptanysis)?
>> - Quantum Cryptography is "fiction" (strictly claims that it
>> solves
>> an applied problem are fiction, indisputably interesting Physics).
>
> I do
On Jun 13, 2007, at 4:47 AM, Charles Jackson wrote:
A quick question.
Is anyone aware of a commercial product that implements secret
sharing? If
so, can I get a pointer to some product literature?
PGP. http://www.pgp.com/
I can tell you more gory details than you're probably interested
> [EMAIL PROTECTED]
>
> "D. K. Smetters" <[EMAIL PROTECTED]> writes:
>
> > However, given the difficulty people have in managing keys in general,
> > building effective systems that allow them to manage key fragments is beyond
> > the range of most current commercial products.
>
> I think that'
| > >- Quantum Cryptography is "fiction" (strictly claims that it solves
| > > an applied problem are fiction, indisputably interesting Physics).
| >
| > Well that is a broad (and maybe unfair) statement.
| >
| > Quantum Key Distribution (QKD) solves an applied problem of secure key
| >
At 10:59 AM -0700 6/21/07, Ali, Saqib wrote:
- Quantum Cryptography is "fiction" (strictly claims that it solves
an applied problem are fiction, indisputably interesting Physics).
Well that is a broad (and maybe unfair) statement.
Quantum Key Distribution (QKD) solves an applied prob
On 6/22/07, Eugen Leitl <[EMAIL PROTECTED]> wrote:
So what's the state in ad hoc IPsec/VPN setup for any end points?
The Linux FreeS/WAN project was working on "opportunistic encryption".
The general idea is that if you use keys in DNS to authenticate gateways
and IPsec for secure tunnels the
On Fri, Jun 22, 2007 at 11:33:38AM -0400, Leichter, Jerry wrote:
> | Secure in what sense? Did I miss reading about the part of QKD that
> | addresses MITM (just as plausible IMHO with fixed circuits as passive
> | eavesdropping)?
> |
> | Once QKD is augmented with authentication to address MITM,
"Leichter, Jerry" <[EMAIL PROTECTED]> writes:
> | > >- Quantum Cryptography is "fiction" (strictly claims that it solves
> | > > an applied problem are fiction, indisputably interesting Physics).
> | >
> | > Well that is a broad (and maybe unfair) statement.
> | >
> | > Quantum Key Dist
A secure Internet requires a secure network protocol
http://www.infoworld.com/article/07/06/22/25OPsecadvise_1.html
from above:
Implementing -- and requiring -- stronger authentication and cryptography standards
is the next step toward a new Internet
... snip ...
i would contend that majorit
Very interesting discussion.
I bring a different angle to the very topic of discussion ("practical
use"). See below, after the quotes which I fully agree.
Peter Gutmann wrote:
"D. K. Smetters" <[EMAIL PROTECTED]> writes:
However, given the difficulty people have in managing keys in gene
At 11:52 PM +0800 6/22/07, Sandy Harris wrote:
On 6/22/07, Eugen Leitl <[EMAIL PROTECTED]> wrote:
So what's the state in ad hoc IPsec/VPN setup for any end points?
The Linux FreeS/WAN project was working on "opportunistic encryption".
The general idea is that if you use keys in DNS to authen
...whereas the key distribution systems we have aren't affected by
eavesdropping unless the attacker has the ability to perform 2^128 or
more operations, which he doesn't.
Paul: Here you are assuming that key exchange has already taken place.
But key exchange is the toughest part. That is where
At 10:44 AM -0700 6/22/07, Ali, Saqib wrote:
...whereas the key distribution systems we have aren't affected by
eavesdropping unless the attacker has the ability to perform 2^128 or
more operations, which he doesn't.
Paul: Here you are assuming that key exchange has already taken place.
No, I
On Fri, Jun 22, 2007 at 10:44:41AM -0700, Ali, Saqib wrote:
> Paul: Here you are assuming that key exchange has already taken place.
> But key exchange is the toughest part. That is where Quantum Key
> Distribution QKD comes in the picture. Once the keys are exchanged
> using QKD, you have to rely
The wikipedia article has some information, but it could use some
edits if you have new information.
http://en.wikipedia.org/wiki/Opportunistic_encryption
rearden
On Fri, 22 Jun 2007 11:52:13 -0400 Sandy Harris
<[EMAIL PROTECTED]> wrote:
>On 6/22/07, Eugen Leitl <[EMAIL PROTECTED]> wrote:
>
>>
At 10:44 -0700 2007/06/22, Ali, Saqib wrote:
...whereas the key distribution systems we have aren't affected by
eavesdropping unless the attacker has the ability to perform 2^128 or
more operations, which he doesn't.
Paul: Here you are assuming that key exchange has already taken place.
But ke
"Ali, Saqib" <[EMAIL PROTECTED]> writes:
>> ...whereas the key distribution systems we have aren't affected by
>> eavesdropping unless the attacker has the ability to perform 2^128 or
>> more operations, which he doesn't.
>
> Paul: Here you are assuming that key exchange has already taken place.
>
29 matches
Mail list logo