On Fri, Jul 17, 2009 at 01:37:43PM -0500,
travis+ml-cryptogra...@subspacefield.org wrote:
> I'm curious if there's a way to express this calculation as a
> mathematical formula, rather than an algorithm, but right now I'm just
> blanking on how I could do it.
This has been dubbed the "guesswork"
Oh, and by the way the way that TahoeLAFS uses public key
cryptography highlights some of the weaknesses of current public key
techniques and some of the strengths of possible future techniques
such as hyperelliptic curves. (I know that Tanja Lange has done a
lot of work on those.)
Tahoe
By the way, we've recently been planning our next crypto-capabilities
design for the TahoeLAFS secure distributed filesystem. This
involves deciding whether a 192-bit elliptic curve public key is
strong enough, as well as subtler and more unusual issues involving
embedding keys directly in
>Assume for a moment that we have a random number generator which is
>non-uniform, and we are using it to generate a key.
>
>What I'd like to do is characterize the work factor involved in
>brute-force search of the key space, assuming that the adversary
>has knowledge of the characteristics of the
Leandro Meiners quotes:
>"For example, by specifying an HMACOutputLength of 1, only one bit of the
>signature is verified. This can allow an attacker to forge an XML signature
>that will be accepted as valid."
This excessive generality is a serious problem in way too many crypto specs,
and impl