Re: [Cryptography] An NSA mathematician shares his from-the-trenches view of the agency's surveillance activities

2013-09-18 Thread Pat Farrell
On 9/18/13 10:44 AM, Phillip Hallam-Baker wrote: The enterprise bridge control center certainly does not seem to be Hayden's style either. Hayden is not the type to build a showboat like that. Moving abit OT: On the PBS Newshour coverage of this story, the showed the website of DBI Architects

Re: A mighty fortress is our PKI, Part II

2010-07-29 Thread Pat Farrell
and ubiquitous networking. Why are we still thinking about systems based on 3 inch think paper books? We seem to be solving a problem that no longer exists when you look at it from first principals. Pat -- Pat Farrell http://www.pfarrell.com

Re: A mighty fortress is our PKI

2010-07-27 Thread Pat Farrell
with business success. Public Key Crypto with out all the cruft of PKI. Its still a good idea. Pat -- Pat Farrell http://www.pfarrell.com/ - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord

Re: Strength in Complexity?

2008-07-03 Thread Pat Farrell
Peter Gutmann wrote: Pat Farrell [EMAIL PROTECTED] writes: At CyberCash, where we had real RSA/DES in the system, we found that users want convenience, not security I think that's phrasing it a bit badly, it'd be better put as without usability, you won't have users (see the Tor paper

Re: Strength in Complexity?

2008-07-02 Thread Pat Farrell
it look like they had security, but were convenient. Which company was sold for over a Billion? and which went bankrupt? Most attacks are more social engineering than breaking crypto. -- Pat Farrell http://www.pfarrell.com

Re: Toshiba shows 2Mbps hardware RNG

2008-02-13 Thread Pat Farrell
the whole thing in a quite small bit of silicon. The speed is probably icing on the cake. One of the benefits of speed is that you can use cleanup code to control bias. Carl Ellison put some out on his website last century. -- Pat Farrell http://www.pfarrell.com

Re: Proving the randomness of a random number generator?

2005-12-03 Thread Pat Farrell
is, of course, in a state of sin. John von Neumann, 1951, quoted by Knuth Depending on the language you are using, it is as simple as calling the appropriate random number generator. Of have someone read Knuth's Art of Computer Programming for background on it. -- Pat Farrell http

Is there any future for smartcards?

2005-09-10 Thread Pat Farrell
solve, sufficient to drive the building of the needed infrastructure? I don't see it, and I'd love to be made smarter. -- Pat Farrell http://www.pfarrell.com - The Cryptography Mailing List Unsubscribe by sending unsubscribe

Re: the limits of crypto and authentication

2005-07-14 Thread Pat Farrell
On Thu, 2005-07-14 at 18:43 +0200, Amir Herzberg wrote: Pat Farrell wrote: As I recall, the goal of SET was to have a standard that was not invented by CyberCash. (I may be biased, I worked at CyberCash at the time). This is incorrect. The main politics around SET was the artificial

Re: Difference between TCPA-Hardware and a smart card (was: example: secure computing kernel needed)

2003-12-18 Thread Pat Farrell
method and apparatus, [Ellison], USPTO 6,073,237 (Do a patent number search at http://www.uspto.gov/patft/index.html) Carl invented this as an alternative to Smartcards back in the SET development days. Pat Pat Farrell [EMAIL PROTECTED] http://www.pfarrell.com

RE: Sessions

2003-06-16 Thread Pat Farrell
learned this the hard way back in 97 at CyberCash, when we tried the same idea. The solution is not very hard, set a cookie with a strongly created nonce, use that to index into the table of valid sessions. At least it is easy until you want to scale it to many servers. Pat Pat Farrell

RE: Keyservers and Spam

2003-06-13 Thread Pat Farrell
folks that encouraging self defined trust trees was one of the goals. Of course, if the size of the tree is small enough, you can just use shared secrets. Pat Pat Farrell [EMAIL PROTECTED] http://www.pfarrell.com