Why the poor uptake of encrypted email? [Was: Re: Secrets and cell phones.]
James A. Donald [EMAIL PROTECTED] writes: Of course, the old cypherpunk dream is a system with end to end encryption, with individuals having the choice of holding their own secrets, rather than these secrets being managed by some not very trusted authority We discovered, however, that most people do not want to manage their own secrets This may help to explain the poor uptake of encrypted email. It would be useful to know exactly what has been discovered. Can you provide references? - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: AES HDD encryption was XOR
Jerry Leichter wrote: ... accurately states that AES-128 is thought to be secure within the state of current and expected cryptographic knowledge, it propagates the meme of the short key length of only 128 bits. A key length of 128 bits is beyond any conceivable brute force attack - in and of itself the only kind of attack for which key length, as such, has any meaning. But, as always, bigger *must* be better - which just raises costs when it leads people to use AES-256, but all too often opens the door for the many snake-oil super-secure cipher systems using thousands of key bits. Oh, say it ain't so! ;-) In the NBC TV episode of /Chuck/ a couple of weeks ago, the NSA cracked a 512-bit AES cipher on a flash drive trying every possible key. Could be hours, could be days. (Only minutes in TV land.) http://www.nbc.com/Chuck/video/episodes/#vid=838461 (Chuck Versus The Fat Lady, 4th segment, at 26:19) It's no wonder that folks are deluded, pop culture reinforces this. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Why the poor uptake of encrypted email? [Was: Re: Secrets and cell phones.]
StealthMonger wrote: This may help to explain the poor uptake of encrypted email. It would be useful to know exactly what has been discovered. Can you provide references? The iconic Paper explaining this is Why Johnny Can't Encrypt available here: http://portal.acm.org/citation.cfm?id=1251435 JOHN ;) Timestamp: Monday 08 Dec 2008, 16:13 --500 (Eastern Standard Time) - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Why the poor uptake of encrypted email? [Was: Re: Secrets and cell phones.]
JOHN GALT wrote: StealthMonger wrote: This may help to explain the poor uptake of encrypted email. It would be useful to know exactly what has been discovered. Can you provide references? The iconic Paper explaining this is Why Johnny Can't Encrypt available here: http://portal.acm.org/citation.cfm?id=1251435 Available from the Authors: http://gaudior.net/alma/johnny.pdf http://www.cs.berkeley.edu/~tygar/papers/Why_Johnny_Cant_Encrypt/OReilly.pdf (For those of us not ACM members and not having Library or affliate access). There's also a power point presentation on the cognitive dissonance involved: http://www.nku.edu/~waldenj1/classes/2006/spring/csc593/presentations/Johnny.ppt And something done at Carnegie Mellon: http://cups.cs.cmu.edu/courses/ups-sp06/notes/060202LectureNotes.doc http://cups.cs.cmu.edu/courses/ups-sp06/slides/060202-user-tests2.ppt - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Request for Input (RFI)--National Cyber Leap Year
From: http://edocket.access.gpo.gov/2008/E8-24257.htm NATIONAL SCIENCE FOUNDATION Request for Input (RFI)--National Cyber Leap Year AGENCY: The National Coordination Office (NCO) for Networking Information Technology Research and Development (NITRD). ACTION: Request for Input (RFI). --- DATES: To be considered, submissions must be received by December 15, 2008. SUMMARY: This request is being issued to initiate the National Cyber Leap Year under the Comprehensive National Cybersecurity Initiative (CNCI). The goal of the National Cyber Leap Year is to identify the most promising game-changing ideas with the potential to reduce vulnerabilities to cyber exploitations by altering the cybersecurity landscape. This RFI is the first step in constructing a national research and development agenda in support of the CNCI. Multidisciplinary contributions from organizations with cybersecurity interests are especially encouraged. Cheers - Bill - Bill Frantz| When it comes to the world | Periwinkle (408)356-8506 | around us, is there any choice | 16345 Englewood Ave www.pwpconsult.com | but to explore? - Lisa Randall | Los Gatos, CA 95032 - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]