I would assume (hope?) that when you have an OTP token, you get two factor
authentication and don't stop needing a password. You would need a password
either to unlock the OTP device or to enter alongside the OTP value. Otherwise,
someone who finds your token can impersonate you.
Assuming that's t
I wonder if the DHS has any idea what it's asking for. The news
totally mangled what you might be able to do with that key. Even
people on this list have trouble figuring it out. Perhaps they just
heard about this root key thing, thought it sounded cool and important,
and since they recently watche
I believe this has been "known" for a long time, though I have never seen the
proof. I could imagine constructing one based on quadratic sieve.
I believe that a proof that the discrete log problem is polynomially reducible
to the factorization problem is much harder and more recent (as in someti
Reportedly, some people demonstrated falsifying votes on Diebold voting
machines using only resources and techniques available to thousands of election
workers. It will be interesting to see the fallout. These weaknesses have
apparently long been "known", but denied by Diebold.
http://www.bbvfo
(resending after bounce)
-Original Message-
From: Charlie Kaufman
Sent: Wednesday, November 09, 2005 9:54 PM
To: 'Steven M. Bellovin'; James A. Donald
Cc: [EMAIL PROTECTED]; cryptography@metzdowd.com
Subject: RE: How broad is the SPEKE patent.
- Steven M. Bellovin wro
(resending after bounce)
-Original Message-
From: Charlie Kaufman
Sent: Wednesday, November 09, 2005 8:59 PM
To: 'James A. Donald'; [EMAIL PROTECTED]; cryptography@metzdowd.com
Subject: RE: How broad is the SPEKE patent.
James A. Donald said:
>Does SPEKE claim to paten
(resending after bounce)
-Original Message-
From: Charlie Kaufman
Sent: Tuesday, November 08, 2005 3:11 PM
To: 'Travis H.'; 'cryptography@metzdowd.com'
Subject: RE: Fermat's primality test vs. Miller-Rabin
>Is that the distinction that makes
>Miller-Rabin
design our protocols.
--Charlie Kaufman
p.s. Your formulae below have unbalanced parentheses, but I can guess
what you probably meant.
-Original Message-
From: Ben Laurie [mailto:[EMAIL PROTECTED]
Sent: Thursday, March 24, 2005 2:39 AM
To: Charlie Kaufman
Cc: Cryptography; [EMAIL
generating a hash and for checking one.
--Charlie Kaufman
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ben Laurie
Sent: Monday, March 21, 2005 3:57 AM
To: Cryptography; [EMAIL PROTECTED]
Subject: Propping up SHA-1 (or MD5)
It was suggested a
James A. Donald said:
>There seem to be a shitload of protocols, in addition to SPEKE
>and DH-EKE
...
>Can anyone suggest a well reviewed, unpatented, protocol that
>has the desired properties?
Unpatented will be your biggest hurdle.
I collaborated on the development of a strong password proto
10 matches
Mail list logo