In anon-ip (a zero-knowledge systems internal project) and cebolla [1]
we provided forward-secrecy (aka backward security) using symmetric
re-keying (key replaced by hash of previous key). (Backward and
forward security as defined by Ross Anderson in [2]).
But we did not try to do forward securit
> I'd be interested in hearing what people think on the topic. I'm a bit
> skeptical of his position, partially because I think we have too little
> experience with real world attacks on cryptographic protocols, but I'm
> fairly open-minded at this point.
I think that if anything, he doesn't go fa
I saw this post on Avi Rubin's blog today about his preparation for
teaching a class of 5th graders cryptographic principles.
http://avi-rubin.blogspot.com/2010/03/teaching-cryptography-to-5th-graders.html
It is a nice post, and I thought the list would be interested despite
the lack of eliptic c
On Tue, Mar 23, 2010 at 10:42:38AM -0500, Nicolas Williams wrote:
> On Tue, Mar 23, 2010 at 11:21:01AM -0400, Perry E. Metzger wrote:
> > Ekr has an interesting blog post up on the question of whether protocol
> > support for periodic rekeying is a good or a bad thing:
> >
> > http://www.educatedg
On 3/23/10 at 8:21 AM, pe...@piermont.com (Perry E. Metzger) wrote:
> Ekr has an interesting blog post up on the question of whether protocol
> support for periodic rekeying is a good or a bad thing:
>
> http://www.educatedguesswork.org/2010/03/against_rekeying.html
>
> I'd be interested in hear
On Tue, Mar 23, 2010 at 11:21:01AM -0400, Perry E. Metzger wrote:
> Ekr has an interesting blog post up on the question of whether protocol
> support for periodic rekeying is a good or a bad thing:
>
> http://www.educatedguesswork.org/2010/03/against_rekeying.html
>
> I'd be interested in hearing
Sergio Lerner wrote:
I looking for a public-key cryptosystem that allows commutation of the
operations of encription/decryption for different users keys
( Ek(Es(m)) = Es(Ek(m)) ).
Diffie-Hellman combined with Pohlig-Hellman can do what you describe.
It's a variation on www.zenadsl6186.zen.
Ekr has an interesting blog post up on the question of whether protocol
support for periodic rekeying is a good or a bad thing:
http://www.educatedguesswork.org/2010/03/against_rekeying.html
I'd be interested in hearing what people think on the topic. I'm a bit
skeptical of his position, partial