Jill's approach to key stretching is not quite the same as the
traditional iterated hash. It imposes no cost at encryption time,
you only have to work at decryption. This might be valuable when you
want to save your files as the Gestapo is breaking down your door.
I've been working on a
fyi
- Forwarded message from Lucky Green [EMAIL PROTECTED] -
Cpunks,
I spent the last few months working at PGP on a nifty new solution to an
old problem: how to get email encryption deployed more widely without
requiring user education.
Since ideas for solving this problem have been
Arcane Jill wrote:
... a way to make decryption more expensive ...
I think it is a neat idea. I think it is best understood as a kind of
key-stretching akin to iterated hashing of a password, as in:
Secure Applications of Low-Entropy Keys (1998)
John Kelsey, Bruce Schneier, Chris Hall,
it came up lately in a discussion, and I couldn't put a name to it:
a means to use symmetric crypto without exchanging keys:
- Alice encrypts M with key A and sends it to Bob
- Bob encrypts A(M) with key B and sends it to Alice
- Alice decrypts B(A(M)) with key A, leaving B(M), sends it to
Does anyone have robust code to generate globally unique IDs which won't break XML
parsing,
and work on several platforms?
I was thinking of using an entropy pool to seed a cryptographic PRNG, used to
generate a sequence of SHA-1 hashes, dumped to an XML-armored representation.
Thanks.
--
Enzo Michelangeli wrote:
...one-way encryption algorithms guaranteed to be injective (i.e.,
deterministically collision-free)?
Every encryption algorithm is injective, otherwise decryption
would be ambiguous. In other words, if x and x' are two different
plaintexts, then E_k(x) != E_k(x').
I'm
The postal notice itself says this is the first step to identify all
senders, so this is not a matter of paranoia, this is reality. The post
office is moving towards identification requirements for everyone, said
Chris Hoofnagle, associate director of the Electronic Privacy Information
Bill Frantz [EMAIL PROTECTED] writes:
I usually travel with zipper closed duffel bags. I fasten the zipper closed
with a screw link. Anyone can unscrew the link and get into the bag, but it
does effectively keep the zipper closed in transit. I suppose it also
provides some level of security
Enzo asked,
Are there one-way encryption algorithms guaranteed to be injective
(i.e., deterministically collision-free)? Or are there
theoretical reasons against their existence?
I'm looking for algorithms where every piece of code and data
is public, thus excluding conventional
At 05:52 AM 11/14/2003, Eugen Leitl wrote:
Does anyone have robust code to generate globally unique IDs which won't
break XML parsing,
and work on several platforms?
I was thinking of using an entropy pool to seed a cryptographic PRNG, used to
generate a sequence of SHA-1 hashes, dumped to an
10 matches
Mail list logo