Re: Can you keep a secret? This encrypted drive can...
On Thu, 2 Nov 2006, Alexander Klimov wrote: I guess many people here have tried full disk encryption for themselves, do you notice any difference in performance or not? Yes and no! I use dm-crypt on a Linux laptop with FC5. On the encrypted filesystem: # df /dev/mapper/secure 309895213342 80553 73% /secure # time dd if=/dev/zero of=cryptogram bs=1MB count=50 50+0 records in 50+0 records out 5000 bytes (50 MB) copied, 1.96366 seconds, 25.5 MB/s dd if=/dev/zero of=cryptogram bs=1MB count=50 0.00s user 0.52s system 25% cpu 2.023 total On the unencrypted filesystem: # time dd if=/dev/zero of=cryptogram bs=1MB count=50 50+0 records in 50+0 records out 5000 bytes (50 MB) copied, 0.216106 seconds, 231 MB/s real0m0.257s user0m0.000s sys 0m0.252s The factor 9.05 making the the unencrypted filesystem faster than the encrypted one really does not make a difference for me for anything I do. I'd be happy with 1 MB/s and I got 25! (using AES-256) Regards Ralf Senderek *.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.* * Ralf Senderek [EMAIL PROTECTED] http://senderek.com* What is privacy * * Sandstr. 60 D-41849 Wassenberg +49 2432-3960 * without * * PGP: AB 2C 85 AB DB D3 10 E7 CD A4 F8 AC 52 FC A9 ED *Pure Crypto? * 49466008763407508762442876812634724277805553224967086648493733366295231438448 - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: thoughts on one time pads
On Thu, 26 Jan 2006, Travis H. wrote: All I've got to say is, I'm on this like stink on doo-doo. Being the thorough, methodical, paranoid person I am, I will be grateful for any pointers to prior work and thinking in this area. You may wish to look at: Ueli M . Maurer: Conditionally-Perfect Secrecy and a Provably-Secure Randomized Cipher in: Journal of Cryptography, vol 5, no. 1, pp. 53-66, 1992 (available online) and Ferguson, Schneier, Wagner: Security Weaknesses in Maurer-Like Randomized Stream Ciphers published on Schneier's website Regards Ralf Senderek *.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.* * Ralf Senderek [EMAIL PROTECTED] http://senderek.com* What is privacy * * Sandstr. 60 D-41849 Wassenberg +49 2432-3960 * without * * PGP: AB 2C 85 AB DB D3 10 E7 CD A4 F8 AC 52 FC A9 ED *Pure Crypto? * 49466008763407508762442876812634724277805553224967086648493733366295231438448 - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: X.509 / PKI, PGP, and IBE Secure Email Technologies
On Fri, 9 Dec 2005, Ed Gerck wrote: [...] at least the grand picture should exist beforehand. This is what this thread's subject paper is about, the grand picture for secure email and why aren't we there yet (Phil's PGP is almost 15 years old) -- what's missing. and Bill Stewart wrote: Popularity of a product is critical to its security; you don't gain anonymity if the Feds can recognize that you're one of the dozen users of a given application. Your mom can use Skype, but nobody she knows uses Crypto Kong, and I only know a few people who use PGP to email their mom. But some of the Instant Messaging systems use crypto; too bad that they're continually trying to be incompatible with each other to gain market share. I think what's missing is the understanding that there cannot be secure email without the persons involved acting responsible and knowing their role in the process. Your mother will probably expect the computer to do the job for her (mine will never expect anything from computers) rejecting any responsibility for her email's security. In my opinion establishing secure email this way is impossible despite the fact that encryption is (relatively) easy if our algorithms work as expected and you have the correct high-quality public key. And even if Instant Messaging systems would use the same crypto people will use them like cell phones without any consciousness of their own responsibility for key validation. Getting good crypto into mass products can help but does not eliminate the necessity for checking essential properties of the system they use. How we can make this job as reliable as possible is the question at the heart of the problem. Ralf Senderek *.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.* * Ralf Senderek [EMAIL PROTECTED] http://senderek.com* What is privacy * * Sandstr. 60 D-41849 Wassenberg +49 2432-3960 * without * * PGP: AB 2C 85 AB DB D3 10 E7 CD A4 F8 AC 52 FC A9 ED *Pure Crypto? * 49466008763407508762442876812634724277805553224967086648493733366295231438448 - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Problems with GPG El Gamal signing keys?
On Thu, 27 Nov 2003, Werner Koch wrote: Yes, yes, I should have removed ElGamal signing key support back in 1998 when there was no more need for it. I recall that some folks begged me not to do that and I took the wrong decision. I think no-one will blame you for this, you couldn't have known the effects. But what are we going to learn? Heading for far less complexity is the future! Regards Ralf Senderek *.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.* * Ralf Senderek [EMAIL PROTECTED] http://senderek.de * What is privacy * * Sandstr. 60 D-41849 Wassenberg +49 2432-3960 * without * * PGP: AB 2C 85 AB DB D3 10 E7 CD A4 F8 AC 52 FC A9 ED *Pure Crypto? * 49466008763407508762442876812634724277805553224967086648493733366295231438448 - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Simple SSL/TLS - Some Questions
On Mon, 6 Oct 2003, Ian Grigg wrote: (answering Jill's questions) The only question I wasn't quite sure of was whether, if I take your code, and modify it, can I distribute a binary only version, and keep the source changes proprietary? I'd strongly recommend to think about some code-signing which would best be included in the source code but could as well be distributed as separate signature files. Including a note in your licence (whatever it will turn out to be) this will not only help to spot and reject unauthorized and dubious attempts to improve your code but will also deter those who might call your code crap without having seen the real thing. Good luck. Ralf *.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.* * Ralf Senderek [EMAIL PROTECTED] http://senderek.de * What is privacy * * Sandstr. 60 D-41849 Wassenberg +49 2432-3960 * without * * PGP: AB 2C 85 AB DB D3 10 E7 CD A4 F8 AC 52 FC A9 ED *Pure Crypto? * 49466008763407508762442876812634724277805553224967086648493733366295231438448 - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
The Pure Crypto Project is released into the public domain
-BEGIN PURE-CRYPTO SIGNED MESSAGE- The development of the Pure Crypto Project has now finished and the source code is finally released into the public domain. http://senderek.de/pcp/release There is a detailed explanation of the security mechanisms and the background of PCP in http://senderek.de/security/pcp-protection.html I'd like to thank everyone who had supported the development with constructive criticism and helpful hints. Ralf Senderek -BEGIN PURE-CRYPTO SIGNATURE- Hash: SDLH *** based on modular exponentiation and RSA alone *** Ralf Senderek, Wassenberg PCP signingkey 2003 [EMAIL PROTECTED] 25958032129854687932657359023881789067615223206769084549252083817701673635916478066451442739272409695432768892327091119955449106519210830940788017364200647426776939035963437924650466140653374164639095531127457251096969368134246401229854317278214790952108232304719334951046143931853036507848781896094422733831171511446825977175759419953334942627329020239718812579256503089309028102255938929278430717387498628586439358045328606841270655376672619190792218866509905138949190124291282590808234947292681044889977767097191953045774717004560559416349715717406817521786793391297428420236953949886297123601451 -END PURE-CRYPTO SIGNATURE- - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
