From: Elaine Barker [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Request for Comments on primality testing
Date: Tue, 23 Jan 2007 16:18:59 -0500
X-Mailer: QUALCOMM Windows Eudora Version 6.2.3.4
NIST received many comments when Draft FIPS 186-3 was posted for public
comment during the spring
Perry E. Metzger wrote:
http://www.csrc.nist.gov/pki/HashWorkshop/index.html
I'm completely unfamiliar with the way NIST operates, but I've been
wondering for years why they haven't organized this competition already.
Do we have a list veteran who can shed some light on why it took them
this
David Wagner [EMAIL PROTECTED]
Jim Hughes writes:
The IEEE P1619 standard group has dropped LRW mode. It has a vulnerability
that that are collisions that will divulge the mixing key which will reduce
the mode to ECB.
Peter Gutmann asks:
Is there any more information on this anywhere? I
With 4K possible salts, you'd need a
very large password file to have more than a very few collisions,
Definition of very large can vary. (alliteration intended).[...]
UCSD has maybe 60,000 active users. I think very large is very common
in the University environment.
Different decade,
David Wagner [EMAIL PROTECTED] writes:
That is indeed an interesting requirement, and one that seems to legitimately
rule out a number of existing modes of operation for IEEE P1619.
From reading through the followup discussions, I think there's a strong desire
to not standardise something that's
Hi,
This is not really typical of the traffic on this list, hence the OT.
I send it because I think this is one of the few places where I'll
find some people with deep understanding of SSL certs.
Recently I had an issue where Google checkout would not accept an
SSL certificate because Apache
Thanks to everyone who responded with more information about IEEE
P1619. Here are some of the additional links, with my reactions:
Andrea Pasquinucci points to:
http://en.wikipedia.org/wiki/IEEE_P1619#LRW_issue
Ben Laurie points to:
http://grouper.ieee.org/groups/1619/email/msg00558.html
Hi gang,
As an outsider, sort of, looking in I had an interesting thought
about this. Since insider threats are the biggest problem, what
vector could an insider use against password hashes to gain root
password access?
The problem with Rainbow tables is that they would be too massive
when