Aloha!
On 2012-06-20 05:32 , James A. Donald wrote:
If intel told me how it worked, and provided low level access to raw
unwhitened output, I could find pretty good evidence that the low level
randomness generator was working as described, and perfect evidence that
the whitener was working as
On 12-06-19 08:51 PM, Jonathan Katz wrote:
Anyone know any technical details about this? From the news reports I've
seen, it's not even clear to me what, exactly, was broken.
On Wed, Jun 20, 2012 at 10:07 AM, James Muir muir.jame...@gmail.com wrote:
On 12-06-19 08:51 PM, Jonathan Katz wrote:
Anyone know any technical details about this? From the news reports I've
seen, it's not even clear to me what, exactly, was broken.
I'm definitely /not/ an ECC expert, but this is a pairing-friendly curve, which
means it's vulnerable to a type of attack where EC group elements can be mapped
into a field (using a bilinear map), then attacked using an efficient
field-based solver. (Coppersmith's).
NIST curves don't have this
NIST curves don't have this property. In fact, they're specifically chosen
so that there's no efficiently-computable pairing.
Ah, of course. I wasn't thinking.
___
cryptography mailing list
cryptography@randombit.net
I've been told (by somebody much more diligent than I, who actually did the
math) that the number of compute-cycles works out to around 2^64. The
theoretical number of steps required is 2^53.
Of course, each step is /not/ 1 cycle, so if we assume that they're around 2048
cycles each it's right
yes. just with a specific choice of key.
--- jam...@echeque.com wrote:
From: James A. Donald jam...@echeque.com
To: givo...@37.com
CC: cryptography@randombit.net
Subject: Re: [cryptography] non-decryptable encryption
Date: Wed, 20 Jun 2012 10:48:01 +1000
On 2012-06-19 8:03 PM, Givonne Cirkin
yes. and i covered this. esp. when the issue applies to the stenagraphic
component. using phi as a model of the method. but, phi is well known
predictable. however, other sequences not.
--- jth...@astro.indiana.edu wrote:
From: Jonathan Thornburg jth...@astro.indiana.edu
To:
curious, why don't some ppl trust link shortners? is that a generation gap
thing.
2nd. ur guesses are wrong. i was born in the USA. my parents were born in
the USA. my native language is English. my parent's native language is
English. i grew up speaking English @ home. i went to
On 06/20/2012 06:54 PM, Givonne Cirkin wrote:
curious, why don't some ppl trust link shortners? is that a generation gap
thing.
Because there are serious privacy issues with most of them.
http://w2spconf.com/2011/papers/urlShortening.pdf
___
On 2012-06-20 09:54:33 -0700 (-0700), Givonne Cirkin wrote:
curious, why don't some ppl trust link shortners? is that a
generation gap thing.
2nd. ur guesses are wrong. i was born in the USA. my parents were
born in the USA. my native language is English.
[...]
Perhaps this is also a
This is an interesting paper that presumably has implications for other
social engineering schemes beside financial scammers:
http://research.microsoft.com/pubs/167719/WhyFromNigeria.pdf
ABSTRACT
False positives cause many promising detection technologies to be
unworkable in practice. Attackers,
Emphasis on _most profitable_ here. Clearly not the only one employed.
Also, this mode applies mostly to spam; there are a number of other
ways of filtering the victims who will take interest, be more
gullible, or get hooked that do not require being obviously dubious.
On Wed, Jun 20, 2012 at
Not 10^500. That's assuming all numbers are primes. With larger numbers,
the ratio of prime numbers to ordinary drops. A lot. I don't think it's
more than 1^50 primes there, could be far less.
Also, you are SERIOUSLY underestimating cryptoanalysis. You assume to much
about how well these tricks
On 20-06-2012 22:12, Jon Callas wrote:
Is this merely a case where 973 bits is equivalent to ~60 bits symmetric? If
so, what's equivalent to
AES-128 and 256? Is there something inherently weak in pairing-friendly
curves, like there are in p^n curves?
Disclaimer: I'm not an authority either,
For a proper answer, You should follow pbarreto on Twitter and ask him. He's a
nice guy and *very* willing to talk about this. Mostly because he found the
press release so misleading.
But in any case, the answer to your question is: this is not a standard choice
for a pairing friendly curve.
Flame's too big to take on alone, says Microsoft
by Alastair Stevenson
More from this author
21 Jun 2012
Seattle: Cyber threats like Flame are too big and too advanced for even the
most security savvy of companies to take on alone, according to Microsoft
Trustworthy Computing senior
On Wed, Jun 20, 2012 at 12:54 PM, Givonne Cirkin givo...@37.com wrote:
curious, why don't some ppl trust link shortners? is that a generation gap
thing.
Someone recently played a trick on Full Disclosure. Something
about advanced notice of an Apple Update. It was a bitty link to a
eVote
18 matches
Mail list logo
