Re: 2factor
On Wed, 16 Apr 2008 14:07:49 -0400 [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Which seem to be aimed at a drop in replacement for SSL (with a working example using Firefox and Apache). They seem to rest on a key exchange or agreement based on a shared secret. As opposed to, say, RFC 4279, which is TLS-based. --Steve Bellovin, http://www.cs.columbia.edu/~smb - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: 2factor
Leichter, Jerry wrote: No real technical data I can find on the site, and I've never seen a site with so little information about who's involved. (Typically, you at least get a list of the top execs.) Some ex-spooks? Pure snake oil? Somewhere in between? He's likely called Paul McGough, of Washington, DC, and ignores that SSL prevents MITM. It gets worse after this. http://www.linkedin.com/pub/0/6ab/50b http://2factor.com/pdf/technology_brief.pdf http://www.freshpatents.com/Method-and-system-for-performing-perfectly-secure-key-exchange-and-authenticated-messaging-dt20060216ptan20060034456.php - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: 2factor
On Wed, Apr 9, 2008 at 12:59 PM, Leichter, Jerry [EMAIL PROTECTED] wrote: Anyone know anything about a company called 2factor (2factor.com)? They're pushing a system based on symmetric cryptography with, it appears, some kind of trusted authority. Factor of 100 faster than SSL. More secure, because it authenticates every message. No real technical data I can find on the site, and I've never seen a site with so little information about who's involved. (Typically, you at least get a list of the top execs.) Some ex-spooks? Pure snake oil? Somewhere in between? Google says: 2factor Inc. 1540 South Holland-Sylvania Road Maumee, OH 43537 Mark O. Wittenmyer, Chairman David M. Burns, Chief Executive Officer Raymond A. Romagnolo, Executive Vice President 2factor, Inc. BOARD OF DIRECTORS Mark O. Wittenmyer -Michael Heyman - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: 2factor
On Wed, Apr 9, 2008 at 12:59 PM, Leichter, Jerry [EMAIL PROTECTED] wrote: Anyone know anything about a company called 2factor (2factor.com)? They're pushing a system based on symmetric cryptography with, it appears, some kind of trusted authority. Factor of 100 faster than SSL. More secure, because it authenticates every message. No real technical data I can find on the site, and I've never seen a site with so little information about who's involved. (Typically, you at least get a list of the top execs.) Some ex-spooks? Pure snake oil? Somewhere in between? More googling and this seems to be the technology: http://www.wipo.int/pctdb/en/wo.jsp?wo=2008030523 and http://www.freshpatents.com/Method-and-system-for-performing-perfectly-secure-key-exchange-and-authenticated-messaging-dt20060216ptan20060034456.php Which seem to be aimed at a drop in replacement for SSL (with a working example using Firefox and Apache). They seem to rest on a key exchange or agreement based on a shared secret. Take this analysis with a grain of salt - I just gave the patent and application a quick scan. -Michael Heyman - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
2factor
Anyone know anything about a company called 2factor (2factor.com)? They're pushing a system based on symmetric cryptography with, it appears, some kind of trusted authority. Factor of 100 faster than SSL. More secure, because it authenticates every message. No real technical data I can find on the site, and I've never seen a site with so little information about who's involved. (Typically, you at least get a list of the top execs.) Some ex-spooks? Pure snake oil? Somewhere in between? -- Jerry - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]