Re: [cryptography] Well, that's depressing. Now what?

2012-02-02 Thread ianG
On 3/02/12 10:55 AM, Bill Squier wrote: On Feb 2, 2012, at 6:25 PM, ianG wrote: Hi Bill, Actually, Marsh wrote those words, but my mail client decided I really needed to take credit for them... on the order of 6 or 8 times. -wps Oh, ok! My apologies. I saw the mixup and assumed that y

Re: [cryptography] Well, that's depressing. Now what?

2012-02-02 Thread Bill Squier
On Feb 2, 2012, at 6:25 PM, ianG wrote: > Hi Bill, Actually, Marsh wrote those words, but my mail client decided I really needed to take credit for them... on the order of 6 or 8 times. -wps ___ cryptography mailing list cryptography@randombit.net h

Re: [cryptography] Well, that's depressing. Now what?

2012-02-02 Thread ianG
Hi Bill, tongue firmly in cheek, On 1/02/12 05:50 AM, Bill Squier wrote: On 01/31/2012 05:21 AM, ianG wrote: major software product that still calls self-signed certificates "snake-oil" certificates. Which is upside down, the use of the term itself can be snake-oil recursively. That would

Re: [cryptography] FHMQV Shared Secret Size (Element vs Hash size)

2012-02-02 Thread Jeffrey Walton
On Thu, Feb 2, 2012 at 3:53 PM, Jeffrey Walton wrote: > Hi All, > > I'm working on an implementation of FHMQV. The math works out and a > shared secret is derived by both parties. > > HFMQV is Fully Hashed MQV, and applies a hash function at key points > to remediate information leakage. One of th

Re: [cryptography] OT: Key Internet [DNS] operator VeriSign hit by hackers

2012-02-02 Thread Paul Hoffman
In case people want to read the, you know, actual text: tl;dr: Nothing about cryptography. --Paul Hoffman ___ cryptography mailing list cryptography@randombit.net htt

[cryptography] FHMQV Shared Secret Size (Element vs Hash size)

2012-02-02 Thread Jeffrey Walton
Hi All, I'm working on an implementation of FHMQV. The math works out and a shared secret is derived by both parties. HFMQV is Fully Hashed MQV, and applies a hash function at key points to remediate information leakage. One of those points is just before the shared secret is output. In classica

[cryptography] OT: Key Internet [DNS] operator VeriSign hit by hackers

2012-02-02 Thread Jeffrey Walton
http://www.reuters.com/article/2012/02/02/us-hacking-verisign-idUSTRE8110Z820120202 http://www.msnbc.msn.com/id/46238729/ns/technology_and_science-security/ (Reuters) - VeriSign Inc, the company in charge of delivering people safely to more than half the world's websites, has been hacked repeatedl