John Levine wrote:
My girlfriend just got an (apparently legitimate from what I can tell)
HTML email from her credit card company, complete with lots of lovely
images and an exhortation to sign up for their new secure online
"ShopSafe" service that apparently generates one time credit card
numbe
John Levine <[EMAIL PROTECTED]> writes:
> On the other hand, MBNA's mail practices would be laughable if they
> weren't entirely in line with every other bank in the country.
The fact that others do laughable things doesn't make their
practices any less laughable. Stupid things remain stupid no m
>1) How do you generate this in a way that does not leak information about
the permutation generated?
>2) How many times can you re-use a single indirection array?
>3) How quickly can you generate new indirection arrays?
Good questions, which probably require empirical answers.
The added cost
>My girlfriend just got an (apparently legitimate from what I can tell)
>HTML email from her credit card company, complete with lots of lovely
>images and an exhortation to sign up for their new secure online
>"ShopSafe" service that apparently generates one time credit card
>numbers on the fly.
S
--
On 22 Jun 2005 at 8:39, Anne & Lynn Wheeler wrote:
> the dual-use attack ... is possibly a person-centric
> digitally signing token (in contrast to
> institutional-centric token where each institution
> might issue a unique token for every use) ... that can
> be registered for use in multipl
My girlfriend just got an (apparently legitimate from what I can tell)
HTML email from her credit card company, complete with lots of lovely
images and an exhortation to sign up for their new secure online
"ShopSafe" service that apparently generates one time credit card
numbers on the fly.
Here'
On Thu, 23 Jun 2005, Beryllium Sphere LLC wrote:
Can you destroy the relationship between key contents and timing without
hurting average run time?
Each round of AES has sixteen table lookups. If you permute the order in which
the implementation does the lookups, then you get a completely
Can you destroy the relationship between key contents and timing without
hurting average run time?
Each round of AES has sixteen table lookups. If you permute the order in which
the implementation does the lookups, then you get a completely different
pattern of cache hits and misses. If you pe
One of the things to remember in all of this is that one of the reasons
we picked Rijndael as the AES was its speed. (And yes, I mean "we." I
was present at the conferences, and I filled out the little poll about
which ciphers I liked and why. That means I participated and bear part
of the resp
Ole Kasper Olsen wrote:
...
Amir Herzberg asked the question of "should login pages be SSL encrypted".
The flurry of discussion can be summerized as "Yes"...
...
2. Most people believe that a login page *should* be encrypted
for web sites carrying important data. (e.g., financial, etc.)
And
| A brief altercation this evening with CERT over the recent hyperthread caching
| issues has brought something that's been simmering at the back of my brain to
| the forefront.
|
| The recent hyperthread/cache key recovery trick, followed by DJB's related
| (IMO) symmetric key recovery, and prece
11 matches
Mail list logo