Re: Some companies are just asking for it.

John Levine wrote: My girlfriend just got an (apparently legitimate from what I can tell) HTML email from her credit card company, complete with lots of lovely images and an exhortation to sign up for their new secure online "ShopSafe" service that apparently generates one time credit card numbe

Re: Some companies are just asking for it.

John Levine <[EMAIL PROTECTED]> writes: > On the other hand, MBNA's mail practices would be laughable if they > weren't entirely in line with every other bank in the country. The fact that others do laughable things doesn't make their practices any less laughable. Stupid things remain stupid no m

AES timing attacks, why not "whiten" the implementation?

>1) How do you generate this in a way that does not leak information about the permutation generated? >2) How many times can you re-use a single indirection array? >3) How quickly can you generate new indirection arrays? Good questions, which probably require empirical answers. The added cost

Re: Some companies are just asking for it.

>My girlfriend just got an (apparently legitimate from what I can tell) >HTML email from her credit card company, complete with lots of lovely >images and an exhortation to sign up for their new secure online >"ShopSafe" service that apparently generates one time credit card >numbers on the fly. S

Re: massive data theft at MasterCard processor

-- On 22 Jun 2005 at 8:39, Anne & Lynn Wheeler wrote: > the dual-use attack ... is possibly a person-centric > digitally signing token (in contrast to > institutional-centric token where each institution > might issue a unique token for every use) ... that can > be registered for use in multipl

Some companies are just asking for it.

My girlfriend just got an (apparently legitimate from what I can tell) HTML email from her credit card company, complete with lots of lovely images and an exhortation to sign up for their new secure online "ShopSafe" service that apparently generates one time credit card numbers on the fly. Here'

Re: AES timing attacks, why not "whiten" the implementation?

On Thu, 23 Jun 2005, Beryllium Sphere LLC wrote: Can you destroy the relationship between key contents and timing without hurting average run time? Each round of AES has sixteen table lookups. If you permute the order in which the implementation does the lookups, then you get a completely

AES timing attacks, why not "whiten" the implementation?

Can you destroy the relationship between key contents and timing without hurting average run time? Each round of AES has sixteen table lookups. If you permute the order in which the implementation does the lookups, then you get a completely different pattern of cache hits and misses. If you pe

Protecting against the cache-timing attack.

One of the things to remember in all of this is that one of the reasons we picked Rijndael as the AES was its speed. (And yes, I mean "we." I was present at the conferences, and I filled out the little poll about which ciphers I liked and why. That means I participated and bear part of the resp

Rephrased: Should login pages be protected by SSL - although it won'thelp most users?

Ole Kasper Olsen wrote: ... Amir Herzberg asked the question of "should login pages be SSL encrypted". The flurry of discussion can be summerized as "Yes"... ... 2. Most people believe that a login page *should* be encrypted for web sites carrying important data. (e.g., financial, etc.) And

Re: Optimisation Considered Harmful

| A brief altercation this evening with CERT over the recent hyperthread caching | issues has brought something that's been simmering at the back of my brain to | the forefront. | | The recent hyperthread/cache key recovery trick, followed by DJB's related | (IMO) symmetric key recovery, and prece