Re: [cryptography] "best practices" for hostname validation when using JSSE

I added a comment on your Stack Overflow post (incorrectly closed, IMHO, but the SO crowd can be prickly). The right thing to do depends on knowing a couple more details: 1. Where are you getting your certificates? 2. What's the best way to name the servers you trust? Since you have a proprieta

Re: [cryptography] OT: Ulf Möller

On Thu, Dec 13, 2012 at 5:27 PM, Jeffrey Walton wrote: > Hi All, > > Is anyone aware of any progress (convictions?) in Ulf Möller's murder? > > http://ulf-m.blogspot.com was last updated in February, 2012, and only > talks of the "arrest for robbing and killing Ulf and for other > crimes." Arrest

Re: [cryptography] Can there be a cryptographic "dead man switch"?

On Sep 19, 2012, at 4:48 PM, "mhey...@gmail.com" wrote: > Every three months I, the Grantor, encrypt my secret in a new > secret-encrypting-key and place that secret in my box. (I keep my box > away from others - maybe put it in a safe). > > I also encrypt that secret-encrypting key in a public ke

[cryptography] Why do scammers say they're from Nigeria?

This is an interesting paper that presumably has implications for other social engineering schemes beside financial scammers: http://research.microsoft.com/pubs/167719/WhyFromNigeria.pdf ABSTRACT False positives cause many promising detection technologies to be unworkable in practice. Attackers, w

Re: [cryptography] Intel RNG

On Mon, Jun 18, 2012 at 2:51 PM, Matthew Green wrote: > I think that Jack said most of what I would. The incentives all point in > the wrong direction. > While this is all true, it's also why manufacturers who want persuasive analysis of their products hire consulting vendors with a brand and tra

[cryptography] Voynich Manuscript now online

An interesting item in the historical record, even if it's not actually a code (this is my understanding of the current best hypothesis): http://beinecke.library.yale.edu/digitallibrary/voynich.html - Tim ___ cryptography mailing list cryptography@rando

Re: [cryptography] obfuscating symbols without increasing their size

On Wed, Jan 19, 2011 at 10:37 PM, < travis+ml-rbcryptogra...@subspacefield.org > wrote: > > 4. You can now construct an encryption algorithm which encrypts within > this > > set. Alternatives include: > > Ah, I hadn't considered the re-hashing until it fell within range. > > But why do I not see

Re: [cryptography] obfuscating symbols without increasing their size

On Wed, Jan 19, 2011 at 9:31 PM, > wrote: > On Thu, Jan 20, 2011 at 12:49:26PM +1100, Noon Silk wrote: > > Sounds to me like the simplist solution is just a one-time pad[1]. It > > won't increase the size, and from the sounds of your environment, you > > can just keep the keys locally, and use th