Re: [cryptography] what has the NSA broken?

Hi David, Most private keys are issued by, not merely certified by, the CAs. Can you give numerical evidence for this claim? Device certificates (those that go into mass manufactured products) typically have the CA provide both keys and cert. The back and forth of keygen-CSR-Sign-Return per

[cryptography] Political Cypherpunks Trumps Apolitical Cryptography

- Forwarded message from John Young j...@pipeline.com - Date: Sun, 08 Sep 2013 09:12:25 -0400 From: John Young j...@pipeline.com To: cypherpu...@cpunks.org Subject: Political Cypherpunks Trumps Apolitical Cryptography X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 What is striking

Re: [cryptography] [tor-talk] NIST approved crypto in Tor?

- Forwarded message from Gregory Maxwell gmaxw...@gmail.com - Date: Sun, 8 Sep 2013 06:44:57 -0700 From: Gregory Maxwell gmaxw...@gmail.com To: This mailing list is for all discussion about theory, design, and development of Onion Routing. tor-t...@lists.torproject.org Subject:

Re: [cryptography] Random number generation influenced, HW RNG

On Sun, Sep 08, 2013 at 03:00:39PM +1000, James A. Donald wrote: On 2013-09-08 1:25 PM, Thor Lancelot Simon wrote: On Sun, Sep 08, 2013 at 08:34:53AM +1000, James A. Donald wrote: Well, since you personally did this, would you care to explain the very strange design decision to whiten the

[cryptography] NSA can spy on smart phone data

http://www.spiegel.de/international/world/privacy-scandal-nsa-can-spy-on-smart-phone-data-a-920971.html Privacy Scandal: NSA Can Spy on Smart Phone Data SPIEGEL has learned from internal NSA documents that the US intelligence agency has the capability of tapping user data from the iPhone,

[cryptography] [Cryptography] Opening Discussion: Speculation on BULLRUN

Forwarded with permission. So there *is* a BTNS implementation, after all. Albeit only for OpenBSD -- but this means FreeBSD is next, and Linux to follow. - Forwarded message from Andreas Davour ko...@yahoo.com - Date: Sun, 8 Sep 2013 09:10:44 -0700 (PDT) From: Andreas Davour

Re: [cryptography] Random number generation influenced, HW RNG

On 2013-09-09 1:54 AM, Thor Lancelot Simon wrote: On Sun, Sep 08, 2013 at 03:00:39PM +1000, James A. Donald wrote: On 2013-09-08 1:25 PM, Thor Lancelot Simon wrote: On Sun, Sep 08, 2013 at 08:34:53AM +1000, James A. Donald wrote: Well, since you personally did this, would you care to explain

Re: [cryptography] [liberationtech] Random number generation being influenced - rumors

On Sep 8, 2013, at 22:10 , coderman coder...@gmail.com wrote: On Sun, Sep 8, 2013 at 10:05 PM, coderman coder...@gmail.com wrote: ... none of these are compelling reasons to not release raw access to the entropy stream from hardware noise sources.* * i meant to add, there have been

Re: [cryptography] urandom vs random

On 8/20/2013 2:33 PM, grarpamp wrote: The subject thread is covering a lot about OS implementations and RNG various sources. But what are the short list of open source tools we should be using to actually test and evaluate the resulting number streams?

Re: [cryptography] urandom vs random

On Sun, Sep 8, 2013 at 9:57 PM, David Johnston d...@deadhat.com wrote: ... I've argued in private (and now here) that a large entropy pool is a natural response to entropy famine and uneven supply, just like a large grain depot guards against food shortages and uneven supply. this is a good