Joseph,
The whole issue of entropy is a bit vague for me - I don't
normally work at that end of things - so could you point to a
good tutorial on the subject, or barring having a reference
handy, could you give an overview?
Thanks,
Allen
Joseph Ashwood wrote:
- Original Message - F
I'm going to try to make this one a bit less aggregious in tone. I'm also
going to sometimes use (3DES) and (ECC) for designation of work and time
measurements.
- Original Message -
From: "Matthias Bruestle" <[EMAIL PROTECTED]>
Cc:
Sent: Monday, January 15, 2007 2:31 AM
Subject: Re: Pr
Steven M. Bellovin wrote:
Not necessarily -- many of my systems have multiple disk drives and
file systems, some of which are on removable media. Apart from that,
though, this is reinforcing my point -- what is the threat model?
PC/RT had external scsi disk drive housing ... with scsi disk dri
On Wed, 17 Jan 2007, Saqib Ali wrote:
[[addressed to Steven Bellovin, but copied to the whole list]]
> I would like to invite you to try out a Free FDE product called
> Compusec < http://www.ce-infosys.com/ >
If I have data that's valuable enough to need encryption, I'm going
to be nervous trustin
Since when did AES-128 become "snake-oil crypto"? How come I missed
that? Compusec uses AES-128 . And as far as I know AES is NOT
"snake-oil crypto"
Closed-source doesn't mean that it is "snake-oil". If that was the
case, the Microsoft's EFS, and Kerberos implementation would be "snake
oil" too.
On 01/17/2007 06:07 PM, Allen wrote:
> The whole issue of entropy is a bit vague for me - I don't normally work
> at that end of things - so could you point to a good tutorial on the
> subject, or barring having a reference handy, could you give an overview?
Entropy is defined in terms of probab
On 1/18/07, Saqib Ali <[EMAIL PROTECTED]> wrote:
Since when did AES-128 become "snake-oil crypto"? How come I missed
that? Compusec uses AES-128 . And as far as I know AES is NOT
"snake-oil crypto"
He didn't say that AES is snake oil. He says he wants assurance that
the tool operates correctly.
In article <[EMAIL PROTECTED]> you write:
>The /definition/ of entropy is
>
> sum_i P_i log(1/P_i) [1]
>
>there the sum runs over all symbols (i) in the probability
>distribution, i.e. over all symbols in the ensemble.
>
>Equation [1] is the gold standard. It is always c
On Thu, 18 Jan 2007, Saqib Ali wrote:
> Since when did AES-128 become "snake-oil crypto"? How come I missed
> that? Compusec uses AES-128 . And as far as I know AES is NOT
> "snake-oil crypto"
It is even easier to use a good cryptographic transform in a way that is
utterly insecure then it is to
On 01/18/2007 03:13 PM, David Wagner wrote:
> In article <[EMAIL PROTECTED]> you write:
>> The /definition/ of entropy is
>>
>> sum_i P_i log(1/P_i) [1]
>>
>> there the sum runs over all symbols (i) in the probability
>> distribution, i.e. over all symbols in the ensembl
Saqib Ali wrote:
Since when did AES-128 become "snake-oil crypto"? How come I missed
that? Compusec uses AES-128 . And as far as I know AES is NOT
"snake-oil crypto"
Saqib,
I believe you are correct as to the algorithm, but the snake-oil
is in the implementation,
As I have often said, "A
John Denker <[EMAIL PROTECTED]> writes:
> There is only one technical definition of entropy,
Oh?
So you're saying Chaitin-Kolmogrov information and other ways of
studying entropy are "wrong"? I think that's a bit unreasonable, don't
you?
There are different definitions that are useful at differ
http://dilbert.com/comics/dilbert/archive/dilbert-20070117.html
http://dilbert.com/comics/dilbert/archive/dilbert-20070118.html
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography"
Algorithms can be perfect and implementation sloppy. If you can
review the code you might find the problem, but with proprietary
code, fergetit.
I think you guys are missing the point. The term "Snake-Oil Crypto"
refers to the algorithm and NOT the actual implementation. This is a
"important" di
14 matches
Mail list logo