Re: Detecting attempts to decrypt with incorrect secret key in OWASP ESAPI

2009-09-17 Thread Kevin W. Wall
Peter Gutmann wrote: David Wagner d...@cs.berkeley.edu writes: (You could replace AES-CMAC with SHA1-HMAC, but why would you want to?) The answer to that depends on whether you need to support an existing base of crypto software and hardware. Even though (in this case) it's a new

Re: Detecting attempts to decrypt with incorrect secret key in OWASP ESAPI

2009-09-17 Thread Peter Gutmann
Kevin W. Wall kevin.w.w...@gmail.com writes: (Obviously some of these padding schemes such as OAEP are not suitable with symmetric ciphers. Or at least I don't think they are.) You'd be surprised at what JCE developers will implement just because they can, and what therefore gets used by

Re: Bringing Tahoe ideas to HTTP

2009-09-17 Thread Alexandre Dulaunoy
On Thu, Aug 27, 2009 at 11:57 PM, Brian Warner war...@lothar.com wrote: == Integrity == To start with integrity-checking, we could imagine a firefox plugin that validated a PyPI-style #md5= annotation on everything it loads. The rule would be that no action would be taken on the downloaded

Biotech Based Cryptogram Challenge

2009-09-17 Thread Jim Windle
http://www.genengnews.com/cryptogramchallenge/ This is contest to decode the message encrypted in the colors of a 96 well microtiter plate used for an enzyme-linked immunosorbent assay test in which the color indicate the amount of antigen present. The first to decode it gets a $1500 prize.

Re: Detecting attempts to decrypt with incorrect secret key in OWASP ESAPI

2009-09-17 Thread David Wagner
Kevin W. Wall wrote: So given these limited choices, what are the best options to the questions I posed in my original post yesterday? Given these choices, I'd suggest that you first encrypt with AES-CBC mode. Then apply a message authentication code (MAC) to the whole ciphertext (including the

Re: Biotech Based Cryptogram Challenge

2009-09-17 Thread Jon Callas
On Sep 17, 2009, at 6:31 AM, Jim Windle wrote: http://www.genengnews.com/cryptogramchallenge/ This is contest to decode the message encrypted in the colors of a 96 well microtiter plate used for an enzyme-linked immunosorbent assay test in which the color indicate the amount of antigen

Re: Detecting attempts to decrypt with incorrect secret key in OWASP ESAPI

2009-09-17 Thread Jerry Leichter
On Sep 17, 2009, at 1:20 AM, Peter Gutmann wrote: Kevin W. Wall kevin.w.w...@gmail.com writes: (Obviously some of these padding schemes such as OAEP are not suitable with symmetric ciphers. Or at least I don't think they are.) You'd be surprised at what JCE developers will implement just