Re: Fwd: Protection mail at rest

2008-06-03 Thread Nate Lawson
Greg Black wrote: On 2008-06-02, Adam Aviv wrote: I recently implemented SSARES directly in python and also added parallelism to the searching. We can now search the a large inbox (1000+) messages in about 2-4 minutes. Not to rain on your parade, but 1,000 messages is *not* a large inbox and

Re: Video of physical attack on smart card

2008-06-02 Thread Nate Lawson
[EMAIL PROTECTED] wrote: In a video, Christopher Tarnovsky, shows a physical attack on a smart card: I couldn't tell from the video how long it takes but it doesn't appear to take more than an hour or so. I had written up some

Re: The perils of security tools

2008-05-31 Thread Nate Lawson
On Sun, May 18, 2008 at 4:55 PM, Hal Finney [EMAIL PROTECTED] wrote: A simple trick can be used to help immunize DSA signatures against these kinds of failures. I first learned of this idea many years ago from Phil Zimmermann, and a varient has been used for a long time in PGP and probably

Re: Elcomsoft trying to patent faster GPU-based password cracker

2007-10-27 Thread Nate Lawson
Ilya Levin wrote: I'm not affiliated with Elcomsoft and don't know their real intentions, but what they are trying to do is perfectly reasonable. Once they release a commercial product with such feature it is only a matter of time until Microsoft or some other patent troll will run for a

Re: 307 digit number factored

2007-10-10 Thread Nate Lawson
[EMAIL PROTECTED] wrote: On Mon, May 21, 2007 at 04:32:10PM -0400, Victor Duchovni wrote: On Mon, May 21, 2007 at 02:44:28PM -0400, Perry E. Metzger wrote: My take: clearly, 1024 bits is no longer sufficient for RSA use for high value applications, though this has been on the horizon for some

Re: Scare tactic?

2007-09-20 Thread Nate Lawson
-forgery-explained-with-nate-lawson-part-vi/ The author of the Mu article does not list all the verification steps needed, and even seems to infer that the values g and p are negotiated between the two parties. This would be a bad idea, versus choosing a set of values that were pre-verified. This type