Here's an implementation of semiprivate keys in SAGE (courtesy DCoder) that
actually works:
https://gist.github.com/tarcieri/40d2eb8e4e8f9ed28b3a
I'm a bit lost as to where I'm going wrong in my NaCl-based implementation
--
Tony Arcieri
___
On 19/02/13 02:33 AM, Jon Callas wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Feb 18, 2013, at 7:07 AM, Peter Gutmann pgut...@cs.auckland.ac.nz wrote:
I've just done a quick tally of the certs posted to
http://www.ccssforum.org/malware-certificates.php, a.k.a. Digital
Certificates
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi Jonathan,
This looks like it could be a useful system, but I'm not sure I fully
understand it.
Each node is assumed to have a slowly changing set of addresses, is
that right? A node migrates between streams by choosing whether to
create new
IMO you might want to do something about forward secrecy (aka backward
security) and forward anonymity, or you arguably end up with the same issue as
reply blocks: a subpoena plus suspicion can force decryption (you won’t have
the decrypt the reply-block via repeated subpoenas down the chain,
On 2013-02-20 6:21 AM, Jonathan Warren wrote:
It is tricky indeed. The handshaking necessary to set up the session key could
piggyback on the first couple messages that users send to one another although
those first several messages would not be forward-secret. I suppose that the
session key
If store and forward, cannot be forward secrecy.
Suppose that human readable messages, messages that might contain important
secrets, are only exchanged when the sender and the final recipient are both
online at the same time, then forward secrecy no problem. Both parties set
up a shared
