| However, I still don't believe that quantum cryptography can buy you
| anything but research funding (and probably easier lawful intercept
| because end-to-end encryption is so much harder).
Not to attack you personally - I've heard the same comments from many
other
people - but this is a remar
It strikes me that Joux's attack relies on *two* features of current
constructions: The block-at-a-time structure, and the fact that the state
passed from block to block is the same size as the output state. Suppose we
did ciphertext chaining: For block i, the input to the compression function
i
| > The press will always focus on things people understand, and which
| > seem to have short-term relevance. If you're objecting to researchers
| > blowing their own horns ... well, that's the way the world works.
| > It's certainly been the way physics has had to work since it became
| > impossib
* Bill Stewart:
> I agree that it doesn't look useful, but "lawful intercept" is harder,
> if you're defining that as "undetected eavesdropping with
> possible cooperation of the telco in the middle",
> because quantum crypto needs end-to-end fiber so there's
> nothing the telco can help with exce
Jerrold Leichter <[EMAIL PROTECTED]> wrote:
The press will always focus on things people understand, and which
seem to have short-term relevance. If you're objecting to researchers
blowing their own horns ... well, that's the way the world works.
It's certainly been the way physics has had to wor
Since the rest has been covered quite well, I will instead focus on the
comparison of AES and SHA-0, RIPEM, MD5, etc.
- Original Message -
From: "Jerrold Leichter" <[EMAIL PROTECTED]>
Subject: Re: First quantum crypto bank transfer
Alternatively, how anyone can have absolute confidence
Phil Hawkes' paper on the SHA-2 round function has just been posted as
Eprint number 207. It contains rather a lot of detail, unlike some of the
other papers on the subject of hash function collisions.
Greg.
Greg RoseINTERNET: [EMAIL PROTECTED]
Qualcomm Austra
