On Wed, Nov 24, 2010 at 2:16 PM, Marsh Ray wrote:
> ...
> So are you saying it is or it isn't Cloud-Compliant?
hah, i rant at length on the mistaken security assumptions of cloud
computing. (remember when it was grid computing?, and before that ...)
i'll try to stay on topic. *grin*
> What fre
On Thu, Nov 25, 2010 at 1:14 AM, Rayservers wrote:
> http://www.entropykey.co.uk/tech/
>
> Opinions? Anyone used this? Any other reasonably priced alternatives?
Use a sound card or USN sound device?
http://www.av8n.com/turbid/paper/turbid.htm
___
crypt
BTW, I have a RNG mlist for those who are interested in such discussions:
http://lists.bitrot.info/mailman/listinfo/RNG
I've thrown out some egd-like ideas as well, including a system that
allows randomly-generated bits to flow from the box with the RNG over
a LAN to the systems that need them, w
On 11/24/2010 02:11 PM, coderman wrote:
On Wed, Nov 24, 2010 at 2:49 AM, Marsh Ray wrote:
(that's the abridged version. this is actually more complicated than
many assume, and i've written my own egd's in the past to meet need.)
Ya.
How does this feature interact with virtualization?
for
On Wed, Nov 24, 2010 at 8:26 AM, Jack Lloyd wrote:
>
> An interesting new eprint on attacking AES using cache timings
> "Cache Games - Bringing Access Based Cache Attacks on AES to Practice"
> Endre Bangerter and David Gullasch and Stephan Krenn
> http://eprint.iacr.org/2010/594
>
> What are p
On Wed, Nov 24, 2010 at 2:49 AM, Marsh Ray wrote:
> ...
> How would you know if it was working properly? Or backdoored?
use an entropy gathering daemon to verify sanity checks on output,
obscure generator state through digest or cipher, and finally mix this
entropy at conservative density entropy
This has been discussed here:
http://news.ycombinator.com/item?id=1453299
and for other USB products:
http://www.idquantique.com/true-random-number-generator/products-overview.html
http://www.protego.se/
http://www.araneus.fi/products-alea-eng.html
http://warmcat.com/_wp/whirlygig-rng/
On 24/11/1
Hi,
http://www.entropykey.co.uk/tech/
Opinions? Anyone used this? Any other reasonably priced alternatives?
Ubuntu and Debian have packages.
Best,
Ray
--
Rayservers http://www.rayservers.com/
Zurich: +41 43 5000 728
London: +44 20 30 02 74 72
Panama: +507 832 1846
San Francisco: +1 408 419 1
An interesting new eprint on attacking AES using cache timings. It
describes a weakness in the Linux completely fair scheduler that
allows an attacker to gain a lot of information about the victim's
cache accesses.
"Cache Games - Bringing Access Based Cache Attacks on AES to Practice"
Endre Bange
On 11/24/2010 02:58 AM, coderman wrote:
On Tue, Nov 23, 2010 at 10:43 PM, Marsh Ray wrote:
How about all the weak and insufficiently seeded RNGs out there?
it's more than a little annoying how many accelerated crypto
implementations exist while good entropy is still a scarcity.
why isn'
On Tue, Nov 23, 2010 at 10:43 PM, Marsh Ray wrote:
>
> How about all the weak and insufficiently seeded RNGs out there?
it's more than a little annoying how many accelerated crypto
implementations exist while good entropy is still a scarcity.
why isn't this a native instruction on every arc
11 matches
Mail list logo