| Crypto has been an IP minefield for some years. With the expiry of
| certain patents, and the availability of other unencumbered crypto
| primitives (eg. AES), we may see this change. But John's other
| points are well made, and still valid. Downloadable MP3 ring tones
| are a selling
So, you want to be able to prove in the future that you have some piece of
information today - without revealing that piece of information. We all
know how to do that: Widely publish today the one-way hash of the
Well ... it turns out this idea is old. Very old. In the 17th
on a similar topic as Greek.
i was in Shinsen and DongAng, mainland china (right next to HongKong).
i was able to experience GSM/GPRS Internet as well as hotel wired
Internet (both are IPv4, sigh).
in both cases, TCP port 80 (http) was sucked into
On 07/10/2007 01:59 AM, Florian Weimer wrote:
It's also an open question whether network operators subject to
interception requirements can legally offer built-in E2E encryption
capabilities without backdoors.
I agree. It's a tricky question; see below
You probably meant
On 9 Jul 2007 16:08:33 -0600, Darren Lasko wrote:
2) Does FIPS 140-2 have any requirements regarding the quality of the
entropy source that is used for seeding a PRNG?
Yes. The requirement imposed by FIPS 140-2
are in section
At 10:59 PM 7/9/2007, Florian Weimer wrote:
Uh-oh, no. The protocol characteristics don't change depending on
who is selling you the device.
Of course they do, at least in the US,
where the mobile phones are generally carrier-specific,
often locked, and generally don't have open designs.
On 7/9/07, alan [EMAIL PROTECTED] wrote:
Makes me wonder how this will effect the OpenMoko phone if someone builds
an encryption layer for it. (OpenMoko is a totally open sourced phone.)
Leigh Honeywell and Paul Wouters presented a 'crypto-phone' effort
they have been working on at CCC in
On Jul 6, 2007, at 6:20 PM, John Ioannidis wrote:
Unfortunately, it's not so easy to roll your own on top of a 3G-
enabled smartphone. The broadband channel does not have the tight
jitter and throughput guarantees that voice needs, and some
providers (Verizon in the USA for example)
My apologies if this is considered spam; however, it may be of interest
to a number of list subscribers.
We are soliciting proposals for presentations in the Industry track at
the ACM Conference on Computer and Communications Security, which will
be held October 29th to November 2nd in
SSH (OpenSSH) is routinely used in secure access for remote server
maintenance. However, as I see it, SSH has a number of security issues
that have not been addressed (as far I know), which create unnecessary
Some issues could be minimized by turning off password
Mail list logo