Re: Private Key Generation from Passwords/phrases

2007-01-18 Thread Allen

Joseph,

The whole issue of entropy is a bit vague for me - I don't 
normally work at that end of things - so could you point to a 
good tutorial on the subject, or barring having a reference 
handy, could you give an overview?


Thanks,

Allen

Joseph Ashwood wrote:
- Original Message - From: Matthias Bruestle 
[EMAIL PROTECTED]

Subject: Private Key Generation from Passwords/phrases



What do you think about this?


I think you need some serious help in learning the difference between 
2^112 and 112, and that you really don't seem to have much grasp of the 
entire concept. 112 bits of entropy is 112 bits of entropy, not 76 bits 
of entropy, 27 bits of bull, 7 bits of cocaine, and a little bit of 
alcohol, and the 224 bits of ECC is approximate anyway, as you noted the 
time units are inconsistent. Basically just stop fiddling around trying 
to convince yourself you need less than you do, and locate 112 bits of 
apparent entropy, anything else and you're into the world of trying to 
prove equivalence between entropy and work which work in physics but 
doesn't work in computation because next year the work level will be 
different and you'll have to redo all your figures.

   Joe

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]




-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: It's a Presidential Mandate, Feds use it. How come you are not using FDE?

2007-01-18 Thread Allen



Saqib Ali wrote:

Since when did AES-128 become snake-oil crypto? How come I missed
that? Compusec uses AES-128 . And as far as I know AES is NOT
snake-oil crypto


Saqib,

I believe you are correct as to the algorithm, but the snake-oil 
is in the implementation,


As I have often said, A misplaced comma in an English sentence 
will merely get you a bad reputation as a writer, however, a 
misplaced comma in a nuclear weapons project may leave an 
enduring mark on the world.


Algorithms can be perfect and implementation sloppy. If you can 
review the code you might find the problem, but with proprietary 
code, fergetit.


Closed-source doesn't mean that it is snake-oil. If that was the
case, the Microsoft's EFS, and Kerberos implementation would be snake
oil too.


As I recall there have been a few problems with Kerberos in the past.

Best,

Allen

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: Private Key Generation from Passwords/phrases

2007-01-18 Thread Perry E. Metzger

John Denker [EMAIL PROTECTED] writes:
 There is only one technical definition of entropy,

Oh?

So you're saying Chaitin-Kolmogrov information and other ways of
studying entropy are wrong? I think that's a bit unreasonable, don't
you?

There are different definitions that are useful at different
times. Fundamentally, mathematics provides us with models, which are
sometimes applicable to a particular practical problem, and sometimes
are not applicable. It is dangerous to forget that. When you do, you
get things like proofs of security based on inapplicable models, and
worse.

Perry

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Real-world password guessing

2007-01-18 Thread Steve Schear

http://dilbert.com/comics/dilbert/archive/dilbert-20070117.html
http://dilbert.com/comics/dilbert/archive/dilbert-20070118.html

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: It's a Presidential Mandate, Feds use it. How come you are not using FDE?

2007-01-18 Thread Saqib Ali

Algorithms can be perfect and implementation sloppy. If you can
review the code you might find the problem, but with proprietary
code, fergetit.


I think you guys are missing the point. The term Snake-Oil Crypto
refers to the algorithm and NOT the actual implementation. This is a
important distinction.

I am copying Matt Curtain (who maintains Snake-Oil Crypto FAQ) and
Bruce Schneier so that they can correct me if I am wrong.

We all know that many open crypto algorithms (like kerberos, AES) have
been implemented in sloppy manner in both open-source and close-source
world. Being open source doesn't necessarily mean that the
implementation is secure.

When is the last time you checked the code for the open source app
that you use, to make sure that it is written properly?

saqib
http://www.full-disk-encryption.net




On 1/18/07, Allen [EMAIL PROTECTED] wrote:



Saqib Ali wrote:
 Since when did AES-128 become snake-oil crypto? How come I missed
 that? Compusec uses AES-128 . And as far as I know AES is NOT
 snake-oil crypto

Saqib,

I believe you are correct as to the algorithm, but the snake-oil
is in the implementation,

As I have often said, A misplaced comma in an English sentence
will merely get you a bad reputation as a writer, however, a
misplaced comma in a nuclear weapons project may leave an
enduring mark on the world.


 Closed-source doesn't mean that it is snake-oil. If that was the
 case, the Microsoft's EFS, and Kerberos implementation would be snake
 oil too.

As I recall there have been a few problems with Kerberos in the past.

Best,

Allen

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]




--
Saqib Ali, CISSP, ISSAP
http://www.full-disk-encryption.net

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]