=?UTF-8?B?SXZhbiBLcnN0acSH?= [EMAIL PROTECTED] writes:
Aside from admitting to increased CPU utilization, which seemed pretty
incontestable anyway, they're disputing [0] many of the points made in the
original paper [1].
Their response is a mixture of technical content and PR handwaving, I've
For years, I've complained about banks, such as Chase, which let
people type in the password to their bank account into a page that has
been downloaded via http: instead of https:.
The banks always say oh, that's no problem, because the password is
posted via https:, and I say but that's only if
Quoting Perry E. Metzger [EMAIL PROTECTED]:
Now you might wonder, why do I keep picking on Chase?
A certain other security person and I had an extended argument with
the folks at another company I won't name other than to say that it was
American Express. At the time, they more or less said,
On Tue, January 23, 2007 09:24, Perry E. Metzger wrote:
(Incidently, the article gets a few things wrong. It somewhat implies
that you are safe if you pick a WiFi network you have a previous
relationship with, which isn't true.)
It also is only warning against ad-hoc connections with
Derek Atkins [EMAIL PROTECTED] writes:
I'll just point out that you CAN go to:
https://chaseonline.chase.com/
And that works, and should be secure.
And for the six people that know to do that, it works great. :)
It used to be that Verizon (my local phone company, sadly) had this
general
Joseph Ashwood wrote:
I'm going to try to make this one a bit less aggregious in tone. I'm also
Thank you.
- Original Message - From: Matthias Bruestle
Joseph Ashwood wrote:
- Original Message - From: Matthias Bruestle
You also ended up removing a large portion of my point.
On Tue, 23 Jan 2007, Peter Gutmann wrote:
The IEEE P1619 standard group has dropped LRW mode. It has a vulnerability
that that are collisions that will divulge the mixing key which will reduce
the mode to ECB.
Is there any more information on this anywhere? I haven't been able to find
On Tue, Jan 23, 2007 at 05:56:29PM +0200, Alexander Klimov wrote:
* On Tue, 23 Jan 2007, Peter Gutmann wrote:
* The IEEE P1619 standard group has dropped LRW mode. It has a vulnerability
* that that are collisions that will divulge the mixing key which will reduce
* the mode to ECB.
*
* Is
Begin forwarded message:
Date: Tue, 23 Jan 2007 12:03:45 -0500
From: Shu-jen Chang [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: NIST announces Draft Requirements and Evaluation Criteria for
New Hash Algorithms
NIST Wants Comments on Proposed Hash Algorithm Requirements and
Evaluation
David Wagner wrote:
Jim Hughes writes:
The IEEE P1619 standard group has dropped LRW mode. It has a
vulnerability that that are collisions that will divulge the mixing
key which will reduce the mode to ECB.
This is interesting. Could you elaborate on this? I suspect we could
all
Jim Hughes writes:
The IEEE P1619 standard group has dropped LRW mode. It has a vulnerability
that that are collisions that will divulge the mixing key which will reduce
the mode to ECB.
Peter Gutmann asks:
Is there any more information on this anywhere? I haven't been able to find
anything
Hi,
Perry E. Metzger wrote:
For years, I've complained about banks, such as Chase, which let
people type in the password to their bank account into a page that has
been downloaded via http: instead of https:.
The banks always say oh, that's no problem, because the password is
posted via
In addition to the URL Steve sent earlier, there is a web page up for
the NIST hash competition:
http://www.csrc.nist.gov/pki/HashWorkshop/index.html
Perry
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe
13 matches
Mail list logo
