On Thu, Nov 17, 2005 at 12:10:53PM -0500, John Kelsey wrote:
c. Maybe they just got it wrong. SHA0 and SHA1 demonstrate that this
is all too possible. (It's quite plausible to me that they have very
good tools for analyzing block ciphers, but that they aren't or
weren't sure how to best
- Original Message -
From: Anton Stiglic [EMAIL PROTECTED]
Subject: RE: Fermat's primality test vs. Miller-Rabin
The general consensus is that for 500-bit numbers one needs only 6 MR
tests for 2^{-80} error probability [1]:
My own tests disagreed with this, 512-bits seemed to have a
* Peter Gutmann:
I haven't been following the IPSec mailing lists of late -- can anyone
who knows details explain what the issue is?
These bugs have been uncovered by a PROTOS-style test suite. Such test
suites can only reveal missing checks for boundary conditions, leading to
out- of-bounds
* William Allen Simpson:
Quoting Photuris: Design Criteria, LNCS, Springer-Verlag, 1999:
The hallmark of successful Internet protocols is that they are
relatively simple. This aids in analysis of the protocol design,
improves implementation interoperability, and reduces operational
In message [EMAIL PROTECTED], Paul Hoffman writes:
At 11:20 AM +0100 11/17/05, Florian Weimer wrote:
These bugs have been uncovered by a PROTOS-style test suite. Such
test suites can only reveal missing checks for boundary conditions,
leading to out-of-bounds array accesses and things like that.
Dear Travis,
simplification can be reduced to elimination, which is indeed
intractable in the general case (for real-sized problems). (I am
assuming that you need to simplify a big system; however if you only
want to simplify a small SBox, then brute forcing might do.). The
standard citation on
Florian Weimer wrote:
Photuris uses a baroque variable-length integer encoding similar to
that of OpenPGP, a clear warning sign. 8-/
On the contrary:
+ a VERY SIMPLE variable-length integer encoding, where every number
has EXACTLY ONE possible representation (unlike ASN.1 which even the
Florian Weimer wrote:
Photuris uses a baroque variable-length integer encoding similar to
that of OpenPGP, a clear warning sign. 8-/
Actually, if one variable-length integer
encoding is used instead of 5 other formats
in all sorts of strange places, I'd say this
is a good sign. Although I
* William Allen Simpson:
Florian Weimer wrote:
Photuris uses a baroque variable-length integer encoding similar to
that of OpenPGP, a clear warning sign. 8-/
On the contrary:
+ a VERY SIMPLE variable-length integer encoding, where every number
has EXACTLY ONE possible representation