On 2013-09-01 11:16 AM, Jeremy Stanley wrote:
At free software conferences, where there is heavy community
penetration for OpenPGP already, it is common for many of us to bring
business cards (or even just slips of paper) with our name, E-mail
address and 160-bit key fingerprint. Useful not onl
On Aug 31, 2013, at 2:02 PM, Ray Dillinger wrote:
> ... It is both
> interesting and peculiar that so little news of quantum computing has been
> published since.
I don't understand this claim. Shor's work opened up a really hot new area
that both CS people and physicists (and others as well) ha
So I was thinking about Jon's claim that keys should be 'disposable'. Not sure
if I buy that. But I did decide that key backup is a completely separate
problem and demands a separate infrastructure.
Let us imagine that I do the key-splitting and share in 5 places thing for my
Comcast email. I
On 2013-08-25 16:29:42 -0400 (-0400), Perry E. Metzger wrote:
[...]
> If I meet someone at a reception at a security conference, they might
> scrawl their email address ("al...@example.org") for me on a cocktail
> napkin.
>
> I'd like to be able to then write to them, say to discuss their
> exciti
On 2013-09-01 4:02 AM, Ray Dillinger wrote:
On 08/30/2013 08:10 PM, Aaron Zauner wrote:
I read that WP report too. IMHO this can only be related to RSA
(factorization, side-channel attacks).
I have been hearing rumors lately that factoring may not in fact be as
hard
as we have heretofore sup
On 8/29/13 11:30 AM, Perry E. Metzger wrote:
> On Wed, 28 Aug 2013 20:04:34 +0200 Faré wrote:
>> One thing that irks me, though, is the problem of the robust, secure
>> terminal: if everything is encrypted, how does one survive the
>> loss/theft/destruction of a computer or harddrive?
>
> So, as
I think it makes sense to separate out the user-level view of what happens (the
first five or six points) from how it's implemented (the last few points, and
any other implementation discussions). In order for security to be usable, the
user needs to know what he is being promised by the securi
If I had to bet, I'd bet on bad rngs as the most likely source of a
breakthrough in decrypting lots of encrypted traffic from different sources.
--John
___
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo
On 08/30/2013 08:10 PM, Aaron Zauner wrote:
I read that WP report too. IMHO this can only be related to RSA (factorization,
side-channel attacks).
I have been hearing rumors lately that factoring may not in fact be as hard
as we have heretofore supposed. Algorithmic advances keep eating into
On 31/08/13 06:10 AM, Aaron Zauner wrote:
On Aug 30, 2013, at 1:17 PM, Jerry Leichter wrote:
So the latest Snowden data contains hints that the NSA (a) spends a great deal of money
on cracking encrypted Internet traffic; (b) recently made some kind of a cryptanalytic
"breakthrough". What a
Some comments, only.
On 30/08/13 11:11 AM, Ray Dillinger wrote:
Okay...
User-side spec:
1. An email address is a short string freely chosen by the email user.
It is subject to the constraint that it must not match anyone else's
email address, but may (and should) be pronounceable
11 matches
Mail list logo
