On Nov 27, 2011, at 12:10 PM, Steven Bellovin wrote:
Does anyone know of any (verifiable) examples of non-government enemies
exploiting flaws in cryptography? I'm looking for real-world attacks on
short key lengths, bad ciphers, faulty protocols, etc., by parties other
than governments and
Just my 2.373 cents:
I recently gave a talk entitled Cryptanalysis vs. reality that
covers the issues discussed in the present thread. The slides:
http://131002.net/data/talks/hashdays11_slides.pdf
On Tue, Nov 29, 2011 at 10:52 AM, Jon Callas j...@callas.org wrote:
On Nov 27, 2011, at 12:10
An interesting item in the historical record, even if it's not actually a
code (this is my understanding of the current best hypothesis):
http://beinecke.library.yale.edu/digitallibrary/voynich.html
- Tim
___
cryptography mailing list
Possibly like NSA warrantless hoovering (ex: the San Francisco splitter), this
mailman feature is not used to evil ends and is no worry.
Alternatively, privacy may be more vulnerable to simple user oversights than
short keys.
On Nov 28, 2011, at 9:27 PM, cryptography-requ...@randombit.net
On Nov 29, 2011, at 7:44 AM, d...@geer.org wrote:
Steve/Jon, et al.,
Would you say something about whether you consider key management
as within scope of the phrase crypto flaw? There is a fair
amount of snake oil there, or so it seems to me in my line of
work (reading investment
On 11/27/2011 03:00 PM, Ben Laurie wrote:
Given the recent discussion on Sovereign Keys I thought people might
be interested in a related, but less ambitious, idea Adam Langley
and I have been kicking around:
http://www.links.org/files/CertificateAuthorityTransparencyandAuditability.pdf.
Some