On Fri, Jun 24, 2005 at 03:36:19AM -, Beryllium Sphere LLC wrote:
(b) Is there a better way to scramble the timing of an AES operation
without going to the last resort of padding everyting to worst-case timing?
Perhaps something along the lines of:
Provably Secure Masking of AES:
On Thu, Jun 23, 2005 at 07:36:38AM -0400, Jerrold Leichter wrote:
- Develop algorithms that offer reasonable performance even if
implemented in unoptimized ways. This will be difficult
to maintain in the face of ever-increasing hardware optimiza-
Victor Duchovni wrote:
On Thu, Jun 23, 2005 at 07:36:38AM -0400, Jerrold Leichter wrote:
- Develop algorithms that offer reasonable performance even if
implemented in unoptimized ways. This will be difficult
to maintain in the face of ever-increasing
On Friday 24 June 2005 04:36, Beryllium Sphere LLC wrote:
1) How do you generate this in a way that does not leak information about
the permutation generated?
2) How many times can you re-use a single indirection array?
3) How quickly can you generate new indirection arrays?
Good
James A. Donald wrote:
Rather the server should send out some encrypted random
data which the end user decrypts. End user should then
prove knowledge of that encrypted data.
so the random data is sent encrypted with the person's public key ...
they can decrypt it with their private key. so
On Fri, Jun 24, 2005 at 10:00:55AM +0100, Ben Laurie wrote:
- Find reasonably efficient masking strategies, that assume
that side-channel attacks are here to stay, and randomly choose
one of many isomorphic ways to perform the computation. The
masking would have to
What do you tell people to do?
commercial_message
Defense in depth, as always. As an officer at
Verdasys, data-offload is something we block
by simply installing rules like Only these
two trusted applications can initiate outbound
HTTP where the word trusted means checksummed
and the choice of
--
On 23 Jun 2005 at 0:50, Ben Laurie wrote:
A brief altercation this evening with CERT over the
recent hyperthread caching issues has brought
something that's been simmering at the back of my
brain to the forefront.
The recent hyperthread/cache key recovery trick,
followed by DJB's
--- begin forwarded text
Delivered-To: [EMAIL PROTECTED]
Date: Fri, 24 Jun 2005 11:49:02 -0400
To: Philodox Clips List [EMAIL PROTECTED]
From: R.A. Hettinga [EMAIL PROTECTED]
Subject: [Clips] ChoicePoint Curtails Business,
Changes Methods to Protect Data
Reply-To: [EMAIL
Dan--
I had something much more complicated, but it comes down to.
You trust Internet Explorer.
Spyware considers Internet Explorer crunchy, and good with ketchup.
Any questions?
A little less snarkily, Spyware can trivially use what MS refers to
as a Browser Helper Object
Perry E. Metzger [EMAIL PROTECTED] writes:
Oh, and what companies are involved? The card is Fidelity branded, but
it is really an MBNA production, with online marketing and card
servicing (like this piece) being done by Individualized BankCard
Services. One would think that everyone in
Suppose you have something that is inadvertently an
oracle - it encrypts stuff from many different users
preparatory to sending it out over the internet, and
makes no effort to strongly authenticate a user.
Have it encrypt stuff into a buffer, and on a timer
event, send out the buffer.
Your
Charles M. Hannum wrote:
As long as the credit card has no display, you're still trusting the
terminal to give the purchaser correct information. If you're using a smart
credit card that participates directly in the transaction, storing
transaction data, signed by the processor's system,
Dan Kaminsky writes:
| Dan--
|
| I had something much more complicated, but it comes down to.
|
| You trust Internet Explorer.
| Spyware considers Internet Explorer crunchy, and good with ketchup.
| Any questions?
|
| A little less snarkily, Spyware can trivially use
14 matches
Mail list logo
