On Sun, 4 May 2008, Scott Guthery wrote:
One useful application of the Katz/Sahai/Waters work is a counter to traffic
analysis. One can send the same message to everyone but ensure that only a
defined subset can read the message by proper key management. What is less
clear is how to ensure
On Mon, 5 May 2008, Ariel Waissbein wrote:
[Moderator's note: Again, top posting is discouraged, and not editing
quoted material is also discouraged. --Perry]
Hi list,
Interesting. Great work! I had been looking *generic* predicate
encryption for some time. Encryption over specific predicates
On Fri, 27 Jun 2008, Erik Ostermueller wrote:
Hello all,
If I exchange messages with a system and the messages are encrypted with a
symmetric key, what further benefit would we get by using a MAC (Message
Authentication Code) along with the message encryption?
Being new to all this, using
On Wed, 27 Aug 2008, Eric Rescorla wrote:
At Wed, 27 Aug 2008 17:05:44 +0200,
Philipp Gühring wrote:
Hi,
I am searching for symmetric encryption algorithms for decimal strings.
Let's say we have various 40-digit decimal numbers:
2349823966232362361233845734628834823823
On Wed, 27 Aug 2008, Eric Rescorla wrote:
At Wed, 27 Aug 2008 16:10:51 -0400 (EDT),
Jonathan Katz wrote:
On Wed, 27 Aug 2008, Eric Rescorla wrote:
At Wed, 27 Aug 2008 17:05:44 +0200,
There are a set of techniques that allow you to encrypt elements of
arbitrary sets back onto that set
On Wed, 27 Aug 2008, Hovav Shacham wrote:
- Jonathan Katz [EMAIL PROTECTED] wrote:
But he probably wants an encryption scheme, not a cipher.
Jon, I'm not sure I understand what you mean.
If I am reading his message correctly, the original poster seems
to be asking for a format
[Moderator's note: top posting is not tasteful. --Perry]
I think it depends on what you mean by N pools of entropy.
Are you assuming that one of these is sources is (pseudo)random, but you
don't know which one? Are you assuming independence of these difference
sources? If both these
On Sat, 25 Oct 2008, John Denker wrote:
On 10/25/2008 04:40 AM, IanG gave us some additional information.
Even so, it appears there is still some uncertainty as to
interpretation, i.e. some uncertainty as to the requirements
and objectives.
I hereby propose a new scenario. It is detailed
On Tue, 17 Feb 2009, R.A. Hettinga wrote:
hi,
I was going through the wikipedia example of shamir secret sharing which says
it is information theoretically secure.
http://en.wikipedia.org/wiki/Shamir%27s_Secret_Sharing
...
The scheme is defined over a finite field *not* over the
On Mon, 2 Mar 2009, Arshad Noor wrote:
Ali, Saqib wrote:
A new protocol aims to protect privacy while allowing organizations to
share valuable information:
http://www.technologyreview.com/communications/22238/?a=f
Any links to the actual protocol itself? The article is a little
vague on
On Fri, 22 May 2009, Perry E. Metzger wrote:
The field really needs a new, thorough textbook suitable for a one year
course, or maybe an up to date one semester intro text and an up to date
one semester textbook on modern cryptanalysis.
Let me humbly suggest my own book: Introduction to
On Sat, 3 Oct 2009, Kevin W. Wall wrote:
Hi list...I have a question about Shamir's secret sharing.
According to the _Handbook of Applied Cryptography_
Shamir’s secret sharing (t,n) threshold scheme works as follows:
SUMMARY: a trusted party distributes shares of a secret S to n users.
Anyone care to give a layman's explanation of the attack? The
explanations I have seen assume a detailed knowledge of the way TLS/SSL
handle re-negotiation, which is not something that is easy to come by
without reading the RFC. (As opposed to the main protocol, where one can
find textbook
[Moderator's Note: please don't top post... --Perry]
Sounds like a bad idea -- at a minimum, your encryption will be
deterministic.
What are you actually trying to achieve? Usually once you understand that,
you can find a protocol solving your problem already in the crypto
literature.
On
of
cryptography!
Now I'm working on an new untraceable e-cash protocol which has some
additional properties. And I'm searching for a secure commutable signing
primitive.
Best regards,
Sergio Lerner.
On 22/03/2010 09:56 a.m., Jonathan Katz wrote:
Sounds like a bad idea -- at a minimum, your encryption
On Thu, 22 Apr 2010, Zooko O'Whielacronx wrote:
There is some interesting work in public key cryptosystems that reduce
to a *random* instance of a specific problem.
Here is a very cool one:
http://eprint.iacr.org/2009/576
...
Unless I misunderstand, if you read someone's plaintext without
On Thu, 22 Apr 2010, Zooko O'Whielacronx wrote:
On Wed, Apr 21, 2010 at 5:29 PM, Samuel Neves sne...@dei.uc.pt wrote
(on the cryptography@metzdowd.com list):
[2] http://www.cs.umd.edu/~jkatz/papers/dh-sigs-full.pdf
As one of the authors of the above paper, I have an obvious interest in
this
On Wed, 28 Apr 2010, Zooko O'Whielacronx wrote:
Anyway, although this is not one, there do exist proposals for public
key crypto schemes where breaking the scheme implies solving a worst
case instance of a supposedly hard problem, right?
Not to worst-case hardness of an NP-complete problem,
CTR mode seems a better choice here. Without getting too technical,
security of CTR mode holds as long as the IVs used are fresh whereas
security of CBC mode requires IVs to be random.
In either case, a problem with a short IV (no matter what you do) is the
possibility of IVs repeating. If
On Mon, 14 Jun 2010, Alfonso De Gregorio wrote:
The last Thursday, Vincent Rijmen announced a new clever attack on AES (and
KASUMI) in a report posted to the Cryptology ePrint Archive: Practical-Titled
Attack on AES-128 Using Chosen-Text Relations,
http://eprint.iacr.org/2010/337
Err...I
On Mon, Aug 8, 2011 at 3:37 PM, Ali, Saqib docbook@gmail.com wrote:
Two years after Dr. Craig Gentry of IBM published the proof for fully
homomorphic encryption, Microsoft has come up with a prototype that
utilizes the technique:
http://www.technologyreview.com/computing/38239/page1/
On Wed, 11 Sep 2013, Bernie Cosell wrote:
Anyhow, are there any (not *too* technical) books on the modern
techniques for attacking cryptosystems?
Really depends what you mean by attacking; there are attacks at the
protocol level (e.g., padding-oracle attacks), at the crypto level (e.g.,
22 matches
Mail list logo