Re: RNG quality verification

Victor Duchovni <[EMAIL PROTECTED]> writes: >On Thu, Dec 22, 2005 at 10:28:47AM +0100, Philipp G?hring wrote: >> I think the better way would be if I had a possibility to verify the quality >> of the random numbers used in a certificate request myself, without the >> dependence on the vendor. > >Th

RNG quality verification

Philipp G#ring <[EMAIL PROTECTED]> writes: >I have been asked by to verify the quality of the random numbers which are >used for certificate requests that are being sent to us, to make sure that >they are good enough, and we don´t issue certificates for weak keys. Go tell whoever wrote your requ

Re: RNG quality verification

Hi Travis, > The only thing is, you cannot test in randomness, That´s true, but I can test non-randomness. And if I don´t detect non-randomness, I can assume randomness to a certain extent. > and it is an abuse > of statistics to make predictions about individual events -- Wasn´t that one o

Re: A small editorial about recent events.

[EMAIL PROTECTED] wrote: Clinton's Asst. A.G. http://www.chicagotribune.com/news/opinion/chi-0512210142dec21,0,3553632.story? coll=chi-newsopinioncommentary-hed Dog bites man: Asst. A.G. claims executive branch has extremely broad "wartime" powers to surveil Americans (with some contradictory

Re: A small editorial about recent events.

[EMAIL PROTECTED] wrote: Clinton's Asst. A.G. http://www.chicagotribune.com/news/opinion/chi-0512210142dec21,0,3553632.story? coll=chi-newsopinioncommentary-hed Dick Morris http://www.drudgereport.com/flash7.htm --dan Yet President Bush as publicly stated it requires a court order to wireta

Comparison of secure email technologies

Thanks for the comments. A new version of the work paper "Comparison Of Secure Email Technologies X.509 / PKI, PGP, and IBE" is available at The Blog (link in the paper page) contains the most relevant public input; private input is also apprecia

Re: RNG quality verification

On 12/22/05, Philipp Gühring <[EMAIL PROTECTED]> wrote: > So if I extract the key, remove the first and the last bit, then I should have > the pure random numbers that are being used. If I do that with lots of keys, > I should have a good amount of random material for the usual statistical > tests.

Re: RNG quality verification

On Thu, Dec 22, 2005 at 10:28:47AM +0100, Philipp G?hring wrote: > I think the better way would be if I had a possibility to verify the quality > of the random numbers used in a certificate request myself, without the > dependence on the vendor. This is impossible. You don't see the raw "random

Re: RNG quality verification

On Thu, 22 Dec 2005, Philipp [iso-8859-1] G?hring wrote: > > I have been asked by to verify the quality of the random numbers which are > used for certificate requests that are being sent to us, to make sure that > they are good enough, and we don?t issue certificates for weak keys. Consider an im

Re: browser vendors and CAs agreeing on high-assurance certificates

On Sun, Dec 18, 2005 at 09:47:27AM -0800, James A. Donald wrote: > > Has anyone been attacked through a certificate that > would not have been issued under stricter security? The > article does not mention any such attacks, nor have I > ever heard of such an attack. Ought we forget that two su

Re: another feature RNGs could provide

On 12/21/05, Perry E. Metzger <[EMAIL PROTECTED]> wrote: > > Good ciphers aren't permutations, though, are they? Because if they > > were, they'd be groups, and that would be bad. > > Actually, by definition, a cipher should be a permutation from the set > of plaintexts to the set of ciphertexts. I

RNG quality verification

Hi, I have been asked by to verify the quality of the random numbers which are used for certificate requests that are being sent to us, to make sure that they are good enough, and we don´t issue certificates for weak keys. The client applications that generate the keys and issue the certificate

Re: A small editorial about recent events.

Clinton's Asst. A.G. http://www.chicagotribune.com/news/opinion/chi-0512210142dec21,0,3553632.story? coll=chi-newsopinioncommentary-hed Dick Morris http://www.drudgereport.com/flash7.htm --dan - The Cryptography Mailing List

Re: another feature RNGs could provide

> Good ciphers aren't permutations, though, are they? Because if they > were, they'd be groups, and that would be bad. Actually, by definition, a cipher should be a permutation from the set of plaintexts to the set of ciphertexts. It has to be 1 to 1 bijective or it isn't an encryption algorith

Re: browser vendors and CAs agreeing on high-assurance certificates

-- Peter Gutmann > In fact the real situation is even worse than this. > Although there has been plenty of anecdotal evidence > of the ineffectiveness of SSL certificates over the > years, it wasn.t until mid-2005 (ten years after > their introduction) that a rigorous study of the

RE: another feature RNGs could provide

>Actually, by definition, a cipher should be a permutation from the set >of plaintexts to the set of ciphertexts. It has to be 1 to 1 bijective >or it isn't an encryption algorithm. > >Therefore, if you want an ergodic sequence of size 2^N, a counter >encrypted under an N bit block cipher will do i

Re: another feature RNGs could provide

Matt Crawford wrote: > On Dec 21, 2005, at 0:10, Ben Laurie wrote: >> Good ciphers aren't permutations, though, are they? Because if they >> were, they'd be groups, and that would be bad. > > A given cipher, with a given key, is a permutation of blocks. (Assuming > output blocks and input blocks

Re: another feature RNGs could provide

On Dec 21, 2005, at 0:10, Ben Laurie wrote: Good ciphers aren't permutations, though, are they? Because if they were, they'd be groups, and that would be bad. A given cipher, with a given key, is a permutation of blocks. (Assuming output blocks and input blocks are the same size.) It may

Re: permutations +- groups

Ben Laurie wrote: Good ciphers aren't permutations, though, are they? Because if they were, they'd be groups, and that would be bad. There are multiple misconceptions rolled together there. 1) All of the common block ciphers (good and otherwise) are permutations. To prove this, it suffices t