How broad is the SPEKE patent.

2005-11-09 Thread James A. Donald
-- Does SPEKE claim to patent any uses of zero knowledge proof of possession of the password for mutual authentication, or just some particular method for establishing communications? Is there any way around the SPEKE patent for mutual authentication and establishing secure communications on

RSA-640 factored

2005-11-09 Thread Steven M. Bellovin
http://mathworld.wolfram.com/news/2005-11-08/rsa-640/ --Steven M. Bellovin, http://www.cs.columbia.edu/~smb - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

RSA-640 factored

2005-11-09 Thread Heyman, Michael
From: http://mathworld.wolfram.com/news/2005-11-08/rsa-640 November 8, 2005--A team at the German Federal Agency for Information Technology Security (BSI) recently announced the factorization of the 193-digit number 310 7418240490 0437213507 5003588856 7930037346

Re: How broad is the SPEKE patent.

2005-11-09 Thread Steven M. Bellovin
In message [EMAIL PROTECTED], James A. Donald writes: -- Does SPEKE claim to patent any uses of zero knowledge proof of possession of the password for mutual authentication, or just some particular method for establishing communications? Is there any way around the SPEKE patent for mutual

Re: RSA-640 factored

2005-11-09 Thread Simon Josefsson
Steven M. Bellovin [EMAIL PROTECTED] writes: http://mathworld.wolfram.com/news/2005-11-08/rsa-640/ There are timing details in: http://www.crypto-world.com/announcements/rsa640.txt They claim they need 5 months of 80 machines with 2.2GHz processors. Using these numbers, I think it would be

[Clips] Sony BMG's DRM provider does not rule out future use of stealth

2005-11-09 Thread R. A. Hettinga
--- begin forwarded text Delivered-To: [EMAIL PROTECTED] Date: Wed, 9 Nov 2005 10:50:05 -0500 To: Philodox Clips List [EMAIL PROTECTED] From: R. A. Hettinga [EMAIL PROTECTED] Subject: [Clips] Sony BMG's DRM provider does not rule out future use of stealth Reply-To: [EMAIL

Re: RSA-640 factored

2005-11-09 Thread Victor Duchovni
On Wed, Nov 09, 2005 at 05:27:12PM +0100, Simon Josefsson wrote: I'm not sure translating complexity into running time is reasonable, but pending other ideas, this is a first sketch. It is not reasonable, because the biggest constraint is memory, not CPU. Inverting the matrix requires

Re: RSA-640 factored

2005-11-09 Thread Simon Josefsson
Victor Duchovni [EMAIL PROTECTED] writes: On Wed, Nov 09, 2005 at 05:27:12PM +0100, Simon Josefsson wrote: I'm not sure translating complexity into running time is reasonable, but pending other ideas, this is a first sketch. It is not reasonable, because the biggest constraint is memory,

Re: How broad is the SPEKE patent.

2005-11-09 Thread William Arbaugh
You may want to look at EAP-PAX. We tried to engineer around the patent land mines in the field when we designed it. This of course doesn't mean that someone won't claim it infringes on something. We also have a proof (not yet published) of security in a random oracle model. Best, Bill

Re: gonzo cryptography; how would you improve existing cryptosystems?

2005-11-09 Thread Jon Callas
On 4 Nov 2005, at 5:23 PM, Travis H. wrote: For example, pgp doesn't hide the key IDs of the addressees. But OpenPGP does. Here's an extract fro RFC 2440: 5.1. Public-Key Encrypted Session Key Packets (Tag 1) [...] An implementation MAY accept or use a Key ID of zero as a wild card