On 2013-10-15 10:35, d...@deadhat.com wrote:
http://eprint.iacr.org/2013/338.pdf
No kidding.
___
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
> http://eprint.iacr.org/2013/338.pdf
I'll be the first to admit that I don't understand this paper. I'm
just an engineer, not a mathematician. But it looks to me like the
authors are academics, who create an imaginary construction method for
a random number generator, then prove that /dev/rando
On Tue, Oct 15, 2013 at 12:35:13AM -, d...@deadhat.com wrote:
> http://eprint.iacr.org/2013/338.pdf
*LINUX* /dev/random is not robust, so claims the paper.
I wonder how various *BSDs or the Solarish family (Illumos, Oracle Solaris)
hold up under similar scrutiny?
Linux is big, but it is not
http://eprint.iacr.org/2013/338.pdf
___
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
On 14/10/13 17:51 PM, Adam Back wrote:
On Tue, Oct 01, 2013 at 12:47:56PM -0400, John Kelsey wrote:
The actual technical question is whether an across the board 128 bit
security level is sufficient for a hash function with a 256 bit
output. This weakens the proposed SHA3-256 relative to SHA256 i
On Oct 13, 2013, at 1:04 PM, Ray Dillinger wrote:
>>> This is despite meeting (for some inscrutable definition of "meeting")
>>> FIPS 140-2 Level 2 and Common Criteria standards. These standards
>>> require steps that were clearly not done here. Yet, validation
>>> certificates were issued.
>
>>
Adam,
I guess I should preface this by saying I am speaking only for myself. That's
always true here--it's why I'm using my personal email address. But in
particular, right now, I'm not *allowed* to work. But just speaking my own
personal take on things
We go pretty *overwhelming* feedb
Guys, in order to minimize Tor Project's dependance on
federal funding and/or increase what they can do it
would be great to have some additional funding ~10 kUSD/month.
If anyone is aware of anyone who can provide funding at
that level or higher, please contact exec...@torproject.org
__
* John Denker [2013-10-10 17:13 -0700]:
> *) Each server should publish a public key for "/dev/null" so that
> users can send cover traffic upstream to the server, without
> worrying that it might waste downstream bandwidth.
>
> This is crucial for deniabililty: If the rubber-hose guy accuses
On Tue, Oct 01, 2013 at 12:47:56PM -0400, John Kelsey wrote:
The actual technical question is whether an across the board 128 bit
security level is sufficient for a hash function with a 256 bit output.
This weakens the proposed SHA3-256 relative to SHA256 in preimage
resistance, where SHA256 is
10 matches
Mail list logo