Re: entropy depletion (was: SSL/TLS passive sniffing)

2005-01-07 Thread Michael_Heyman
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Enzo Michelangeli Sent: Tuesday, January 04, 2005 7:50 PM This entropy depletion issue keeps coming up every now and then, but I still don't understand how it is supposed to happen. If the PRNG uses a really non-invertible

Re: entropy depletion (was: SSL/TLS passive sniffing)

2005-01-07 Thread Taral
On Thu, Jan 06, 2005 at 04:35:05PM +0800, Enzo Michelangeli wrote: By how much exactly? I'd say, _under the hypothesis that the one-way function can't be broken and other attacks fail_, exactly zero; in the real world, maybe a little more. Unfortunately for your analysis, *entropy* assumes

OpenVPN and SSL VPNs

2005-01-07 Thread Stefan Mink
Hi, I already stumbled several times over OpenVPN but never had the time to look at it in detail. Now I had but didn't find many infos except many lucky users and few negative outputs. I have two open points: a) It would be good to hear from this community if there are any negative aspects of

Re: entropy depletion (was: SSL/TLS passive sniffing)

2005-01-07 Thread Jerrold Leichter
| You're letting your intuition about usable randomness run roughshod | over the formal definition of entropy. Taking bits out of the PRNG | *does* reduce its entropy. | | By how much exactly? I'd say, _under the hypothesis that the one-way | function can't be broken and other attacks fail_,

[ISN] SSL VPNs Will Grow 54% A Year, Become Defacto Access Standard: Report

2005-01-07 Thread R.A. Hettinga
--- begin forwarded text Date: Fri, 7 Jan 2005 06:41:49 -0600 (CST) From: InfoSec News [EMAIL PROTECTED] To: isn@attrition.org Subject: [ISN] SSL VPNs Will Grow 54% A Year, Become Defacto Access Standard: Report Reply-To: [EMAIL PROTECTED] Sender: [EMAIL PROTECTED]

Re: entropy depletion

2005-01-07 Thread John Denker
Jerrold Leichter asked: random number generator this way. Just what *is* good enough? That's a good question. I think there is a good answer. It sheds light on the distinction of pseudorandomness versus entropy: A long string produced by a good PRNG is conditionally compressible

Entropy and PRNGs

2005-01-07 Thread Ben Laurie
Given recent discussion, this is perhaps a good moment to point at a paper I wrote a while back on PRNGs for Dr. Dobbs, where, I'll bet, most of you didn't read it. http://www.apache-ssl.org/randomness.pdf One day, I plan to implement the API I describe there. Cheers, Ben. --

[fc-announce] FC05 registration to open next week

2005-01-07 Thread R.A. Hettinga
--- begin forwarded text User-Agent: Microsoft-Entourage/11.1.0.040913 From: Stuart E. Schechter [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: [fc-announce] FC05 registration to open next week Sender: [EMAIL PROTECTED] Date: Fri, 07 Jan 2005 11:00:54 -0500 Registration for Financial

Re: entropy depletion

2005-01-07 Thread Jerrold Leichter
| | random number generator this way. Just what *is* | good enough? | | That's a good question. I think there is a good answer. It | sheds light on the distinction of pseudorandomness versus | entropy: | | A long string produced by a good PRNG is conditionally | compressible

Re: entropy depletion (was: SSL/TLS passive sniffing)

2005-01-07 Thread John Kelsey
From: John Denker [EMAIL PROTECTED] Sent: Jan 5, 2005 2:06 PM To: Enzo Michelangeli [EMAIL PROTECTED] Cc: cryptography@metzdowd.com Subject: Re: entropy depletion (was: SSL/TLS passive sniffing) ... You're letting your intuition about usable randomness run roughshod over the formal definition of

Re: entropy depletion

2005-01-07 Thread John Denker
I wrote: A long string produced by a good PRNG is conditionally compressible in the sense that we know there exists a shorter representation, but at the same time we believe it to be conditionally incompressible in the sense that the adversaries have no feasible way of finding a shorter

[PadLock] PadLock patches for linux kernel 2.6.10 (fwd from [EMAIL PROTECTED])

2005-01-07 Thread Eugen Leitl
From: Michal Ludvig [EMAIL PROTECTED] Subject: [PadLock] PadLock patches for linux kernel 2.6.10 To: [EMAIL PROTECTED] Date: Fri, 7 Jan 2005 17:24:02 +0100 (CET) From: Michal Ludvig [EMAIL PROTECTED] Date: Fri, 7 Jan 2005 17:24:02 +0100 (CET) To: [EMAIL PROTECTED] Subject: [PadLock] PadLock

Atom demo fixes quantum errors

2005-01-07 Thread R.A. Hettinga
http://www.alwayson-network.com/comments.php?id=7746_0_6_0_C Always On Atom demo fixes quantum errors TRN NewsTeam | TRN [] | POSTED: 01.07.05 @09:47 Although quantum computers promise fantastic speed for certain types of very large problems, the logical components of quantum computers --

Re: AOL Help : About AOL® PassCode

2005-01-07 Thread Richard Clayton
In article [EMAIL PROTECTED], Joerg Schneider [EMAIL PROTECTED] writes Florian Weimer wrote: I think you can forward the PassCode to AOL once the victim has entered it on a phishing site. Tokens à la SecurID can only help if Indeed. the phishing schemes *require* delayed exploitation of