Re: Raw RSA

2006-09-10 Thread John R. Black
I don't follow. For RSA, the only difference between encryption and decryption, and public and private key, and hence between chosen plaintext and chosen ciphertext, is the arbitrary naming of one of a pair of mutually-inverse values as the private key and the other as the public key.

free e-voting software available?!

2006-06-15 Thread John R. Black
My department would like to conduct departmental votes in some automated way. We're looking for free software, (or modestly-priced software) to do this. Anyone know of such a thing? I've done some searching without any luck. We don't have the usual requirements of a full-blown voting package

Re: U. Washington Crypto Course Available Online For Free

2006-06-09 Thread John R. Black
Oops, I forgot about Neal! :embarrassed: He's a top-notch mathematician, has a couple of books on crypto (or crypto-related topics) and even wrote a controversial article with Menezes recently that was discussed on this mailing list. But I don't think he teaches a crypto class at UW?! On

Re: U. Washington Crypto Course Available Online For Free

2006-06-09 Thread John R. Black
It is taught by good people, but I find it a bit strange they are all Microsoft employees. This is perhaps because U. Wash doesn't have any cryptographers. I hardly think that you can discount the skills of Josh Beneloh and Brian LaMacchia. Who is discounting? I said they are good

Re: U. Washington Crypto Course Available Online For Free

2006-06-06 Thread John R. Black
in the fall: they hired an excellent young cryptographer named Yoshi Kohno. == Prof. John R. Black www.cs.colorado.edu/~jrblack Computer Science 430 UCB [EMAIL PROTECTED

Re: Status of attacks on AES?

2006-05-11 Thread John R. Black
On 5/10/06, John R. Black [EMAIL PROTECTED] wrote: I skimmed this. The start of the article says that after 3 rounds AES achieves perfect diffusion?! No, it says their old ASD could not distinguish encrypted data from random after 3 rounds. -- Taral [EMAIL PROTECTED] You can't prove

Re: Get a boarding pass, steal someone's identity

2006-05-10 Thread John R. Black
Perhaps the worst security hole I know of is with United Airlines EasyCheckIn machines at the airport: you swipe a credit card and it does a fuzzy match to find flyers that day whose name is close to yours. My name is John Black. I often get a menu to choose from: are you flying to Dulles? To

Re: Status of attacks on AES?

2006-05-10 Thread John R. Black
On Thu, May 04, 2006 at 10:30:40AM -0500, Marcos el Ruptor wrote: http://defectoscopy.com/forum/viewtopic.php?t=3 Expect new attacks soon enough. I skimmed this. The start of the article says that after 3 rounds AES achieves perfect diffusion?! A simple square attack (that I teach in