Op 1 okt. 2013, om 17:59 heeft Jerry Leichter het volgende
geschreven:
> On Oct 1, 2013, at 3:29 AM, Dirk-Willem van Gulik
> wrote:
>> ...I do note that in crypto (possibly driven by the perceived expense of too
>> many bits) we tend to very carefully observe the various
Op 30 sep. 2013, om 05:12 heeft Christoph Anton Mitterer
het volgende geschreven:
>
> Not sure whether this has been pointed out / discussed here already (but
> I guess Perry will reject my mail in case it has):
>
> https://www.cdt.org/blogs/joseph-lorenzo-hall/2409-nist-sha-3
> This makes NIS
Op 20 sep. 2013, om 14:55 heeft Phillip Hallam-Baker het
volgende geschreven:
> On Fri, Sep 20, 2013 at 4:36 AM, Dirk-Willem van Gulik
> wrote:
>
> Op 19 sep. 2013, om 19:15 heeft Phillip Hallam-Baker het
> volgende geschreven:
>
> > Let us say I wan
Op 19 sep. 2013, om 19:15 heeft Phillip Hallam-Baker het
volgende geschreven:
> Let us say I want to send an email to al...@example.com securely.
...
> ppid:al...@example.com:example.net:Syd6BMXje5DLqHhYSpQswhPcvDXj+8rK9LaonAfcNWM
...
> example.net is a server which will resolve the reference
Op 13 sep. 2013, om 21:23 heeft Perry E. Metzger het
volgende geschreven:
> On Fri, 13 Sep 2013 08:08:38 +0200 Eugen Leitl
> wrote:
>> Why e.g. SWIFT is not running on one time pads is beyond me.
>
> I strongly suspect that delivering them securely to the vast number
> of endpoints involved a
Op 6 sep. 2013, om 01:09 heeft "Perry E. Metzger" het
volgende geschreven:
> http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance
….
> The Suite B curves were picked some time ago. Maybe they have problems.
….
> Now, this certainly was a problem for the random numb
Would be interested & interesting. Been doing the same thing with on-chipcard
generated public keys to to the 'reverse' - be able to wipe a part of your
off-site backup store by cutting up the secret. So I think there is a general
case - and I've got a gut feeling that when propably analysed som
On 19 Apr 2010, at 23:29, Massimiliano Pala wrote:
> Hi all,
>
> I was wondering if any of you have some pointers on the security of
> watermarking. In particular I am interested in public-key or asymmetric
> watermarking algorithms.
>
> Also, do you know of any free-to-use (opensource/etc.) im
Weger, B.M.M. de wrote:
- if they rely on the CA for signing CRLs (or whatever
revocation mechanism they're using) then they have to find
some other way to revoke existing certificates.
...
Seems to me that for signing CRLs it's better to have a separate
"Revocation Authority" (whose cer
On 8 Dec 2008, at 22:43, David G. Koontz wrote:
JOHN GALT wrote:
StealthMonger wrote:
This may help to explain the poor uptake of encrypted email. It
would
be useful to know exactly what has been discovered. Can you provide
references?
The iconic Paper explaining this is "Why Johnny Ca
Been looking at the Telnic (dev.telnic.org) effort.
In essence; NAPTR dns records which contain private details such as a
phone number. These are encrypted against the public keys of your
friends (so if you have 20 friends and 3 phone numbers visible to all
friends - you need 20 subdomains
> ... discussion on CA/cert acceptance hurdles in the UI
I am just wondering if we need a dose of PGP-style reality here.
We're really seeing 3 or 4 levels of SSL/TLS happening here - and whilst
they all appear use the same technology - the assurances, UI,
operational
regimen, 'investmen
On 30 Jul 2008, at 21:33, Ben Laurie wrote:
For sure, it would be better if we could check the source code and
match the implemented RNG against an already known RNG.
But, then, there is a "the chicken or the egg" problem: how would you
ensure that a *new* RNG is a good source of "randomness" ?
On 30 Jul 2008, at 19:57, Pierre-Evariste Dagand wrote:
But just how GREAT is that, really? Well, we don'
t know. Why? Because there isn't actually a way test for
randomness. Your
DNS resolver could be using some easily predicted random number
generator
like, say, a linear congruential one,
On Wed, 4 Jun 2008, Perry E. Metzger wrote:
I'm thinking of starting a CA that sells "super duper enhanced
security" certs, where we make the company being certified sign a
document in which they promise that they're absolutely trustworthy.
To be really sure, we'll make them fax said document
On Mar 16, 2008, at 7:52 PM, Ben Laurie wrote:
Dirk-Willem van Gulik wrote:
So I'd argue that while x509, its CA's and its CRL's are a serious
pain to deal** with, and seem add little value if you assume avery
diligent and experienced operational team -- they do pro
On Mar 16, 2008, at 12:32 PM, Ben Laurie wrote:
[EMAIL PROTECTED] wrote:
So at the company I work for, most of the internal systems have
expired SSL certs, or self-signed certs. Obviously this is bad.
You only think this is bad because you believe CAs add some value.
SSH keys aren't signed
On Fri, 15 Feb 2008, Perry E. Metzger wrote:
>
> It appears that disk encryption techniques are spawning technical
> responses. This gadget lets law enforcement take a computer without
> ever turning off the power.
>
> http://www.wiebetech.com/products/HotPlug.php
>
> Countermeasures are, of cour
On Feb 10, 2008, at 4:02 AM, Peter Gutmann wrote:
The device generates random numbers at a data rate of 2.0 megabits
a second, according to Toshiba in a paper presented at the
International Solid-State Circuits Conference (ISSCC) here.
I've always wondered why RNG speed is such a big deal f
On Wed, 23 Jan 2008, Leichter, Jerry wrote:
> well be prior art, but the idea of erasing information by deliberately
> discarding a key is certainly not completely obvious except in
> retrospect. If you look at any traditional crypto text, you won't
Hmm - it is commonly mentioned that (early) h
On Dec 3, 2007, at 2:47 PM, William Allen Simpson wrote:
Dirk-Willem van Gulik wrote:
Keep in mind that the notary is still 'careful' -- effectively they
sign the hash -- rather than the document; and state either such
(e.g. in the case of some software/code where you do not
On Dec 2, 2007, at 3:09 AM, William Allen Simpson wrote:
There are no circumstances in which any reputable certifier will ever
certify any of the "multitude" containing a hidden pdf image,
especially
where generated by another party.
It is getting fairly common for notaries in for example t
On Mon, 24 Oct 2005, cyphrpunk wrote:
> Is it possible that Skype doesn't use RSA encryption? Or if they do,
> do they do it without using any padding, and is that safe?
You may want to read the report itself:
http://www.skype.com/security/files/2005-031%20security%20evaluation.pdf
an
On Tue, 5 Jul 2005 [EMAIL PROTECTED] wrote:
> (currently in Boston, MA, after giving fingerprints at the
> airport immigration)
And you may have then noticed the interesting effect; in Germany we have
mandatory cards - carry them round always - but virtually have to show
them. And only to offici
On Wed, 8 Jun 2005, Perry E. Metzger wrote:
> Dan Kaminsky <[EMAIL PROTECTED]> writes:
> > Yes, because key management is easy or free.
Eh - my experience is that that is where 99% of the cost is - in the whole
human procedures and vetting around it. The paper work, the auditing,
dealing with
On Wed, 1 Dec 2004, Anne & Lynn Wheeler wrote:
> the other attack is on the certification authorities business process
Note that in a fair number of Certificate issuing processes common in
industry the CA (sysadmin) generates both the private key -and-
certificate, signs it and then exports bot
On Tue, 30 Nov 2004, Ben Nagy wrote:
> I'm a bumbling crypto enthusiast as a sideline to my other, real, areas of
> security expertise. Recently a discussion came up on firewall-wizards about
> passively sniffing SSL traffic by a third party, using a copy of the server
Access to the private key
On Thu, 7 Oct 2004, Damien O'Rourke wrote:
> I was just wondering if anyone had any ideas for a project in wireless
> LAN security for a final year undergraduate? Or something along those
(Free)BSD implementation/BSD license implentation of a 802.1x stack usable
in a wireless environment where
On Thu, 30 Sep 2004, Ian Grigg wrote:
> PKI, and the Customs & Excise's, mistake was to assume that a
> key is only useful if it is signed by someone else. From a
Right; that is often forgotten and very useful - as the dutch root PKI was
signed under rather dubious circumstances (and its safeg
On May 27, 2004, at 12:35 PM, John Kelsey wrote:
Does anyone know whether the low-power nature of wireless LANs
protects them from eavesdropping by satellite? Is there some simple
reference that would easily let me figure out whether transmitters at
a given power are in danger of eavesdropping
On Jan 9, 2004, at 8:06 PM, Rich Salz wrote:
dave kleiman wrote:
Because the client has a Certificate Revocation Checking function
turned on
in a particular app (i.e. IE or NAV).
I don't think you understood my question. Why is crl.verisign.com
getting overloaded *now.* What does the expirat
On Tue, 23 Sep 2003, R. A. Hettinga wrote:
> On Tuesday, September 23, 2003, at 03:45 PM, R. A. Hettinga wrote:
>
> > Rivest and Micali's microcheque protocol gets a ducat-download.
> >
> > Next stop an IPO -- and then an eBay buyout... ;-).
>
> Hahaha... "about 7 percent per transaction" - NOT
32 matches
Mail list logo