ly. Elligator 2 works fine on curve25519.
--
Taral
"Please let me know if there's any further trouble I can give you."
-- Unknown
___
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
on of why BTNS without X, Y, Z
makes me *less* secure than no BTNS at all.
--
Taral
"Please let me know if there's any further trouble I can give you."
-- Unknown
___
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
On Sep 4, 2013 12:14 AM, "Lucky Green" wrote:
> I *have* PTR records for my IPv6 addresses. What I don't know is which
PTR records will make Gmail happy. SPF PTR records clearly do not do the
trick.
SPF uses TXT records, not PTR ones. Can you share your IPv6 address? I'll
take a look.
- JP
_
ying it to IPv4 would break too
many people. Not enough people use IPv6, so they are insisting on good
hygiene there.
Why do you not have PTR records for your IPv6 address? The problem is
that, not Google's policy.
--
Taral
"Please let me know if there's any further trouble I
> On Thu, Aug 29, 2013 at 1:59 PM, Taral wrote:
>>
>> On Wed, Aug 28, 2013 at 12:08 PM, Lucky Green
>> wrote:
>> > "Additional guidelines for IPv6
>> >
>> > The sending IP must have a PTR record (i.e., a reverse DNS of the
>> &
TR record. Otherwise, mail will be marked as spam
> or possibly rejected."
Because under ipv6 your prefix is supposed to be stable (customer
identifier) and the namespace delegated to you on request. Have you
asked your provider for an ipv6 namespace delegation?
--
Taral
"Please l
On Sat, Jul 17, 2010 at 7:41 AM, Paul Wouters wrote:
>> Several are using old SHA-1 hashes...
>
> "old" ?
"old" in that they are explicitly not recommended by the latest specs
I was looking at.
--
Taral
"Please let me know if there's any furth
709
uk. 172800 IN DS 15191 8 2
A057C8553B1DC6CF158A87CD2D0BAA2CDC9C6A14FA03DE02B19AB0DA 62AF279E
Several are using old SHA-1 hashes...
--
Taral
"Please let me know if there's any further trouble I can give you.
ll as non-password-based
authentication (e.g. smart card) and multi-factor authentication.
--
Taral
"Please let me know if there's any further trouble I can give you."
-- Unknown
-
The Cryptography Mailing Lis
inating, but isn't local to me. Does anyone know of a paper?
--
Taral
"Please let me know if there's any further trouble I can give you."
-- Unknown
-
The Cryptography Mailing List
Unsubscribe by
> what other people say who've read the source code.
Really? What about hardware backdoors? I'm thinking something like the
old /bin/login backdoor that had compiler support, but in hardware.
--
Taral
"Please let me know if there's any
On Fri, Jan 30, 2009 at 1:47 PM, Ray Dillinger wrote:
> This is basic digital signatures; it would work.
What's your transition plan? How do you deal with stolen "trust
tokens"? (Think trojans/worms.)
Also see: http://craphound.com/spamsolutions.txt
--
Taral
"Please
27;s a bug in the way the kernel hands out entropy to multiple
concurrent consumers. I don't think it's a semantic issue.
--
Taral <[EMAIL PROTECTED]>
"Please let me know if there's any further trouble I can give you."
-- Unknown
--
uthenticate a new system or a
system that has lost its cert.
--
Taral <[EMAIL PROTECTED]>
"Please let me know if there's any further trouble I can give you."
-- Unknown
-
The Cryptography Mailing Li
I've attached below Rick's reply to this thread. Rick Carback is a member of
the PunchScan team.
- Taral
-- Forwarded message --
From: Rick Carback
Date: Dec 16, 2007 12:01 PM
Subject: Re: Fwd: Fwd: PunchScan voting protocol
I think there are some misconceptions/assu
he"
> whole problem.
What is "the" whole problem? Please provide an attack model.
--
Taral <[EMAIL PROTECTED]>
"Please let me know if there's any further trouble I can give you."
-- Unknown
On 12/10/07, Steven M. Bellovin <[EMAIL PROTECTED]> wrote:
> Believe it or not, I thought of CFB...
What about PCFB to get around the block issue? I remember freenet
using it that way...
--
Taral <[EMAIL PROTECTED]>
"Please let me know if there's any furth
ios where an unknown
key-share completely undermines the legitimacy of networking
infrastructure which is designed to provide high security.
Funny how they didn't provide any details.
--
Taral <[EMAIL PROTECTED]>
"Please let me know if th
erprint for invalid or no username
This makes some sense...
1. Client may request proof of host private key.
2. Client must authenticate.
3. Client may request a copy of the host public key.
--
Taral <[EMAIL PROTECTED]>
"Please let me know if there's any further trouble I c
Why is it so limited? Reverse DNS is not significantly
more trustworthy than simply querying the remote host on a known port
if you don't have DNSSEC.
--
Taral <[EMAIL PROTECTED]>
"Please let me know if there's any furt
y to use to open that lock.
I'm just waiting for someone with access to photograph said keys and
post it all over the internet.
--
Taral <[EMAIL PROTECTED]>
"You can't prove anything."
-- Gödel's Incompetence Theorem
---
ing" option. Often used in auctions of
adult materials.
--
Taral <[EMAIL PROTECTED]>
"You can't prove anything."
-- Gödel's Incompetence Theorem
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
x27;t remember seeing anything in
the GSM standard that would allow this either.
--
Taral <[EMAIL PROTECTED]>
"You can't prove anything."
-- Gödel's Incompetence Theorem
-
The Cryptography Mailing List
U
don't think there's anything inherently wrong with ASN.1 DER in
crypto applications.
--
Taral <[EMAIL PROTECTED]>
"You can't prove anything."
-- Gödel's Incompetence Theorem
-
The Cryptography M
On 7/4/06, Andrea Pasquinucci <[EMAIL PROTECTED]> wrote:
About RNG, does someone in the list have any comment, ideas on this
http://www.idquantique.com/products/quantis.htm
Why? Noise-based RNGs are just as random and just as "quantum". :)
--
Taral <[EMAIL PROTECTED
On 5/10/06, John R. Black <[EMAIL PROTECTED]> wrote:
I skimmed this. The start of the article says that after 3 rounds AES
achieves perfect diffusion?!
No, it says their old ASD could not distinguish encrypted data from
random after 3 rounds.
--
Taral <[EMAIL PROTECTED]>
&quo
cryption) if you could factor n, which relates the two.
This implication runs both ways. Given d and e (and pq), one can
compute p and q. Proving this is an exercise left to the reader.
--
Taral <[EMAIL PROTECTED]>
"You can'
the entries will be independent, theoretically.
--
Taral <[EMAIL PROTECTED]>
"You can't prove anything."
-- Gödel's Incompetence Theorem
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
ity blog:
http://www.schneier.com/blog/archives/2006/02/quantum_computi.html
--
Taral <[EMAIL PROTECTED]>
"Computer science is no more about computers than astronomy is about
telescopes."
-- Edsger Dijkstra
modulo e (the linear
> system incorporates the signatures on the chosen messages).
I think you're referring to the Desmedt-Odlyzko selective forgery attack.
See http://www.ipa.go.jp/security/enc/CRYPTREC/fy15/doc/1014_Menezes.sigs.pdf
--
Taral <[EMAIL PROTECTED]>
-
> Ian - would you care to share some insights on this? Is it ready for
> prime time or just a proof-of-concept? Any known issues?
If you want encryption with authentication, there's the gaim-encryption
plugin. I get the feeling gaim-otr is for more specific circumstances.
--
Taral
x27;d prefer a second-party review
before I install anything.
Then again, the only extension I have installed (FlashGot), I manually
checked myself.
--
Taral <[EMAIL PROTECTED]>
This message is digitally signed. Please PGP encrypt mail to me.
A: Because it fouls the order in which people n
..)
>
> Opinions?
Why should I trust you? Filtering xn--* domains works for me, and
doesn't require that I turn my browser over to unreviewed, possibly
buggy code.
--
Taral <[EMAIL PROTECTED]>
This message is digitally signed. Please PGP encrypt mail to me.
A: Because it fouls
gt; full bit.
I think this last bit is untrue. You will find that the expected number
of states of the PRNG after extracting one bit of randomness is half of
the number of states you had before, thus resulting in one bit of
entropy loss.
--
Taral <[EMAIL PROTECTED]>
This message is digita
, *entropy* assumes that there is
infinite compute capacity. From an information-theoretic point of view,
there is NO SUCH THING as a perfect one-way function.
--
Taral <[EMAIL PROTECTED]>
This message is digitally signed. Please PGP encrypt mail to me.
A: Because it fouls the order in which
On Wed, Dec 22, 2004 at 10:58:11AM -0600, Matt Crawford wrote:
>
> On Dec 15, 2004, at 11:54, Taral wrote:
>
> >What stops someone using 3 players and majority voting on frame data
> >bits?
>
> As I understand it, they use such a huge number of bits for marking,
e using 3 players and majority voting on frame data
bits?
--
Taral <[EMAIL PROTECTED]>
This message is digitally signed. Please PGP encrypt mail to me.
A: Because it fouls the order in which people normally read text.
Q: Why is top-posting such a bad thing?
A: Top-posting.
Q: What is the most a
rhaps using the partial payment system just discussed.
The mojonation file sharing system had an implementation like this
originally...
--
Taral <[EMAIL PROTECTED]>
This message is digitally signed. Please PGP encrypt mail to me.
A: Because it fouls the order in which people normally read text.
Q
n supplied with POW/RPOW tokens of equal value.
Just a quick sanity check for me... what stops you simply faking this
"attestation" and running a compromised system?
--
Taral <[EMAIL PROTECTED]>
This message is digitally signed. Please PGP encrypt mail to me.
"Some pe
rence.
Yes it is. An anonymous system can be constructed from a pseudonymous
system by never reusing a pseudonym.
--
Taral <[EMAIL PROTECTED]>
This message is digitally signed. Please PGP encrypt mail to me.
"Be who you are and say what you feel, because those who mind don't
m
it does make sense as a
> security spec.
Hardly. Just perform DH exchange over the interlock protocol. By your
own admission, the MITM could not change the factors being exchanged,
and by DH, the MITM cannot then know what the resulting key data is.
--
Taral <[EMAIL PROTECTED]>
This messag
41 matches
Mail list logo