On Wed, 16 Feb 2005, Ben Laurie wrote:
A work factor of 2^69 is still a serious amount of work.
Yep.
Does anyone recall DeepCrack's specs?
--
Yours,
J.A. Terranson
[EMAIL PROTECTED]
0xBD4A95BF
Quadriplegics think before they write stupid pointless
shit...because they have to type
Ian G wrote:
Stefan Brands just posted on my blog (and I saw
reference to this in other blogs, posted anon)
saying that it seems that Schneier forgot to
mention that the paper has a footnote which
says that the attack on full SHA-1 only works
if some padding (which SHA-1 requires) is not
done.
I
at the risk of being accused of being humor impaired:
the particles are ignorant. it's the police officers that need to
know to look for the taggants. civilians could look, but might not
have access to the semantic content in the database.
this is similar, i think to the taggants that are
http://www.technologyreview.com/articles/05/03/issue/forward_cybercash.asp?p=0
Technology Review
TechnologyReview.com
Print | Forums
Cybercash on Vacation
By Peter Wayner March 2005
Back in 1996, a small handful of cryptographers, bankers, and blue-sky
thinkers were debating, on Internet
From: Joseph Ashwood [EMAIL PROTECTED]
Sent: Feb 17, 2005 12:15 AM
To: cryptography@metzdowd.com
Subject: Re: SHA-1 cracked
This attack means that we need to begin the process for a quick and painless
retirement of SHA-1 in favor of SHA-256/384/512 in the immediate future and
begin further
John Kelsey wrote:
Anyone know where we could find the paper? It'd be kind-of convenient when trying to assess the impact of the attack if we knew at least a few details
The *words* part I typed in here:
http://www.financialcryptography.com/mt/archives/000357.html
I skipped the examples.
Matt Crawford wrote:
How do the tiny particles know that it's not a civilian
illuminating them with ultraviolet light?
And how does Wired reporter Robert Andrews fail to ask that question?
And other people complain about how someone can spray their paint on
someone else's valuable and then
Taral wrote:
On Wed, Feb 09, 2005 at 07:41:36PM +0200, Amir Herzberg wrote:
Want to protect your Mozilla/FireFox from such attacks? Install our
TrustBar: http://TrustBar.Mozdev.org
(this was the first time that I had a real reason to click the `I don't
trust this authority` button...)
Opinions?
Ian Grigg writes:
Stefan Brands just posted on my blog (and I saw
reference to this in other blogs, posted anon)
saying that it seems that Schneier forgot to
mention that the paper has a footnote which
says that the attack on full SHA-1 only works
if some padding (which SHA-1 requires) is
Matt Crawford wrote:
On Feb 15, 2005, at 12:40, R.A. Hettinga wrote:
Instant, is a property-marking fluid that, when
brushed on items like office equipment or motorcycles, tags them with
millions of tiny fragments, each etched with a unique SIN (SmartWater
identification number) that is
On Feb 16, 2005, at 9:15 PM, Joseph Ashwood wrote:
- Original Message - From: Steven M. Bellovin
[EMAIL PROTECTED]
Subject: SHA-1 cracked
It's probably not a practical
threat today, since it takes 2^69 operations to do it
I will argue that the threat is realizable today, and highly
At 22:33 2005-02-16 +, Ian G wrote:
Steven M. Bellovin wrote:
According to Bruce Schneier's blog
(http://www.schneier.com/blog/archives/2005/02/sha1_broken.html), a team
has found collisions in full SHA-1. It's probably not a practical threat
today, since it takes 2^69 operations to do it
--- begin forwarded text
To: [EMAIL PROTECTED]
Subject: Re: [p2p-hackers] SHA1 broken?
Date: Thu, 17 Feb 2005 14:25:36 -0800 (PST)
From: [EMAIL PROTECTED] (Hal Finney)
Reply-To: Peer-to-peer development. [EMAIL PROTECTED]
Sender: [EMAIL PROTECTED]
The problem with the attack scenario where two
http://software.itmanagersjournal.com/print.pl?sid=05/02/17/198257
IT Manager's Journal
Tracking the Evolution of IT
Title
Gates not his cocky self at RSA conference
Date
2005.02.17 14:33
By
Roger Smith
Topic
Security
Story URL
SAN FRANCISCO -- Hardcore open source security
- Original Message -
From: Lee Parkes [EMAIL PROTECTED]
Subject: ATM machine security
Hi,
I'm working on a project that requires a benchmark against which to judge
various suppliers. The closest that has similar requirements is the ATM
industry. To this end I'm looking for any papers,
http://www.theregister.co.uk/2005/02/17/drm_security_shortcomings/print.html
The Register
Biting the hand that feeds IT
Cryptographers to Hollywood: prepare to fail on DRM
By John Leyden (john.leyden at theregister.co.uk)
Published Thursday 17th February 2005 19:37 GMT
RSA 2005 Movie
(As I've said many times, security breaches reported at
conferences full of security people don't count as a
predictor of what's out in the real world as a threat.
But, it makes for interesting reading and establishes
some metric on the ease of the attack. iang)
that is [...] invisible until illuminated by police
officers using ultraviolet light.
That's amazing! How do the tiny particles know that it's not a
civilian illuminating them with ultraviolet light?
And how does Wired reporter Robert Andrews fail to ask that question?
Why would it matter?
[...]
- Original Message -
From: Joseph Ashwood [EMAIL PROTECTED]
Sent: Friday, February 18, 2005 3:11 AM
[the attack is reasonable]
Reading through the summary I found a bit of information that means my
estimates of workload have to be re-evaluated. Page 1 Based on our
estimation, we expect
http://theory.csail.mit.edu/~yiqun/shanote.pdf
No real details, just collisions for 80 round SHA-0 (which I just confirmed)
and 58 round SHA-1 (which I haven't bothered with), plus the now famous work
factor estimate of 2^69 for full SHA-1.
As usual, Technical details will be provided in a
On Feb 15, 2005, at 11:29 PM, Steven M. Bellovin wrote:
nevertheless -- especially since it comes just a week after NIST stated
that there were no successful attacks on SHA-1.
--Prof. Steven M. Bellovin, http://www.cs.columbia.edu/~smb
Should anything be read into the timing of the
http://wcbs880.com/topstories/topstories_story_049165912.html/resources_storyPrintableView
WCBS 880 | wcbs880.com
Experts: New Sub Can Tap Undersea Cables
* USS Jimmy Carter Will Be Based In Washington State
Feb 18, 2005 4:55 pm US/Eastern
The USS Jimmy Carter, set to join the
- Original Message -
From: Dave Howe [EMAIL PROTECTED]
Subject: Re: SHA1 broken?
Indeed so. however, the argument in 1998, a FPGA machine broke a DES
key in 72 hours, therefore TODAY... assumes that (a) the problems are
comparable, and (b) that moores law has been applied to FPGAs
You may want to look at US Patents 4,268,715 and 4,268,715.
I believe these are among the core group of ATM patents.
- Alex
At 09:58 AM 2/17/2005 +0100, Lee Parkes wrote:
Hi,
I'm working on a project that requires a benchmark against which to judge
various suppliers. The closest that has similar
24 matches
Mail list logo