Nicholas Bohm write:
Now I find I can exchange a little over five bitcoins for a 50
Amazon gift certificate that Amazon seems happy to credit to my
account.
Danilo Gligoroski wrote:
Your example is about two actors: Amazon and BitCoin, acting within
small amounts of goods, services and
On 2011-06-14 6:13 PM, Adam Back wrote:
See also:
Auditable Anonymous Electronic Cash by Tomas Sander and Amnon Ta-Shma
in crypto 1998.
http://www.math.tau.ac.il/~amnon/Papers/ST.crypto99.pdf
Its basically the idea of using non-interactive zero knowlede proof of
membership in a list of coins
http://eprint.iacr.org/2011/312.pdf:
In this paper we show that GOST is NOT SECURE even against
differential cryptanalysis (DC), or rather advanced attacks based on
sets of differentials. [...]
An Improved Differential Attack on GOST [...]
Overall this attack requires 2^64 KP [known
AFAIU this attack indeed needs store all 2^64 plaintext/ciphertext
pairs, and needs 2^228 computations. This makes it less interesting
than a generic codebook attack, which only needs the former 2^64
storage.
Saying GOST is NOT SECURE is thus exaggerated, to say the least...
A far-fetched
On 14/06/11 2:31 AM, Marsh Ray wrote:
I 'aint no self-appointed moderator of this list and I do find the
subject of economics terribly interesting, but maybe it would make sense
to willfully confine the scope of our discussion of Bitcoin and other
virtual currencies to the crypto side of it.
On 14-06-2011 13:13, Jack Lloyd wrote:
Intel has publicly described the new instructions that will be
available in Haswell (their 22nm chip with ETA 2013). It will include
integer AVX, and some interesting new bit fiddling instructions for
GPRs, including bit-level gather/scatter instructions
On 15/06/11 12:47 AM, Ian G wrote:
Or worse:
http://forum.bitcoin.org/index.php?topic=16457.0
That link is down, no surprise. From my cached copy, I wrote it up on
the blog:
http://financialcryptography.com/mt/archives/001327.html
Far too much from me, signing out... iang.
On Tue, Jun 14, 2011 at 7:31 AM, Jean-Philippe Aumasson
jeanphilippe.aumas...@gmail.com wrote:
AFAIU this attack indeed needs store all 2^64 plaintext/ciphertext
pairs, and needs 2^228 computations. This makes it less interesting
than a generic codebook attack, which only needs the former 2^64
To extract the essence of both Klimov's and Aumasson's posts about this
attack from the codebook point of view (where I completely agree):
Alexander Klimov alser...@inbox.ru wrote:
Since GOST has a 64-bit block size, it means that the attacker starts
with the full map of (plaintext,
On Tue, Jun 14, 2011 at 04:52:30PM -0500, Marsh Ray wrote:
The first 7 chars $2a$05$ are a configuration string. The subsequent
53 characters (in theory) contains a 128 bit salt and a 192 bit hash
value. But 53 is an odd length (literally!) for a base64 string, as
base64 uses four
Also a discussion on this going on at
http://news.ycombinator.com/item?id=2654586
On 06/14/2011 05:50 PM, Jack Lloyd wrote:
I discovered this a while back when I wrote a bcrypt implementation.
Unfortunately the only real specification seems to be 'what the
OpenBSD implementation does'.
That
On Tue, Jun 14, 2011 at 06:50:18PM -0400, Jack Lloyd wrote:
encode_base64((u_int8_t *) encrypted + strlen(encrypted), ciphertext,
4 * BCRYPT_BLOCKS - 1);
Here's the commit by Niels that fixes the bug in encode_base64() and
replaces it with the explicit - 1 above:
On Tue, Jun 14, 2011 at 7:25 PM, Alexander Klimov alser...@inbox.ru wrote:
http://eprint.iacr.org/2011/312.pdf:
Overall this attack requires 2^64 KP [known pairs, I guess] and
allows to break full 32-round GOST in time of about 2^228 GOST
encryptions for a success probability of 50 %.
On 2011-06-15 1:29 AM, Ian G wrote:
Which, to my mind was the same sin as the alternate: obsession with
privacy, including to the extent of eliminating the core requirements of
money. The first law of money is that it has to be safe:
http://forum.bitcoin.org/index.php?topic=16457.0
This is the
On 2011-06-15 7:58 AM, Nico Williams wrote:
Let's say you have an unbreakable code.
Which we do.
But there's still traffic
analysis, and even with onion routing and such, you don't know if your
peers are ratting you out,
If one of the mixers is my own, I know that that mixer is not ratting
15 matches
Mail list logo