On Sep 1, 2014, at 1:15 AM, Rob Stradling rob.stradl...@comodo.com wrote:
On 31/08/14 19:53, Paul Hoffman wrote:
Greetings. I want to use openssl speed as a very loose proxy for how fast
is this CPU right now. (Note the use of the word very there.) I also want
to test systems
(like AES)
that work better or worse depending on the features of the CPU.
If I were to pick one algorithm that is least likely to be optimized past
normal C optimization, which would it be?
--Paul Hoffman
___
cryptography mailing list
cryptography
related to the topic of
protocol design lessons:
https://www.ietf.org/mail-archive/web/tls/current/msg11889.html. It will be
interesting to see what that turns up as well.
--Paul Hoffman
___
cryptography mailing list
cryptography@randombit.net
http
Greetings again. The recent discussion seems to have veered towards having
enough good random bits to create long-lived keys the first time that a system
boots up. Which programs need this? sshd is at the top of the list; are there
others?
--Paul Hoffman
On Jul 2, 2013, at 1:52 PM, Ben Laurie b...@links.org wrote:
Alternatively, we stay in this world, clients expire sessions hourly,
and we're all happy.
Is this what most recent browsers do? They expire their TLS sessions after an
hour? That would be nice.
--Paul Hoffman
On Jul 2, 2013, at 2:59 PM, Ryan Sleevi ryan+cryptogra...@sleevi.com wrote:
On Tue, July 2, 2013 2:02 pm, Paul Hoffman wrote:
On Jul 2, 2013, at 1:52 PM, Ben Laurie b...@links.org wrote:
Alternatively, we stay in this world, clients expire sessions hourly,
and we're all happy
The comment thread is interesting for the level of I'm not a cryptographer but
I know X is true -- oh wait, now I'm not so sure.
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
You've now exported crypto to a restricted country. What happens next?
You ask a lawyer or a legislator, not a bunch of amateurs in the subject?
--Paul Hoffman
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net
to
one_of_the_ciphers_offered or maybe first_cipher_offered, not the only
cipher offered.
--Paul Hoffman
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
was to tease this out a bit.
I'm happy to shut up about it if I'm in the minority, but the question that
started this thread was a perfect example of something that is about security
(actually, security operations), not cryptography, and yet gets brought up on
this list more and more.
--Paul
There is an IETF mailing list for discussing CT:
https://www.ietf.org/mailman/listinfo/therightkey
Discussions on this list may or may not affect the document that Google is
preparing as an RFC; discussions on that list will be much more likely to do so.
--Paul Hoffman
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
it is nice to discover that I'm not the only person on the list
who did four years doing political science. :-)
--Paul Hoffman
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
that would unblock it.
--Paul Hoffman
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
of time to get I/O.
--Paul Hoffman
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
that they were generated when the PRNG was initialized with the
same inputs.
--Paul Hoffman
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
, they should really look at the result as the app having its own
fully-functional PRNG that has input from the OS, not the app making an
improvement on the OS.
--Paul Hoffman
___
cryptography mailing list
cryptography@randombit.net
http
This coming August.
--Paul Hoffman
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
In case people want to read the, you know, actual text:
https://investor.verisign.com/secfiling.cfm?filingID=1193125-11-285850CIK=1014473
tl;dr: Nothing about cryptography.
--Paul Hoffman
___
cryptography mailing list
cryptography@randombit.net
http
Why is this depressing? Because the snake oil was snakier or oilier?
--Paul Hoffman
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
which is kind of a nuisance!)
Sure is.
Suite B pushed use of EC you would think would increase the interest in
having clarity on the EC patent situation..
How could that clarity possibly be achieved? Again, this is a serious question.
--Paul Hoffman
?
Can you say more why it is a great loss?
--Paul Hoffman
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
On Oct 18, 2011, at 8:24 AM, ianG wrote:
On 19/10/11 01:51 AM, Paul Hoffman wrote:
On Oct 18, 2011, at 4:10 AM, ianG wrote:
Another meta question: I seem to have missed the news that RSA has stopped
their factoring challenge in 2007!
http://en.wikipedia.org/wiki/RSA_Factoring_Challenge
be relevant to the mailing list.
- The IETF's cert was for *.ietf.org
- It took a week, not a day or so to get the new one installed
Steve: I wonder if your browser, after you dismissed the dialog once, silently
remembered that dismissal for a week, or if it stopped asking you after a day.
--Paul
be absolutely shocked if 90% of major web
sites ten years from now were *not* using CA-issued certs for TLS.
--Paul Hoffman
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
On Sep 11, 2011, at 6:40 PM, Marsh Ray wrote:
On 09/11/2011 07:26 PM, Paul Hoffman wrote:
Some of us observe a third, more likely
approach: nothing significant happens due to this event. The
collapse of faith is only among the security folks whose faith was
never there in the first place
algorithm, but I don't think we could have known that at the
time.
--Paul Hoffman
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
http://geekandpoke.typepad.com/geekandpoke/2011/06/simply-explained-brute-force-attack.html
--Paul Hoffman
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
And this discussion of ASCII and internationalization has what to do with
cryptography, asks the person on the list is who is probably most capable of
arguing about it but won't? [1]
--Paul Hoffman
[1] RFC 3536, and others
___
cryptography mailing
enough to prevent
trivial brute-force attacks. The encryption will be AES-128 in CBC mode.
What is the current state of brute-force attacks on AES-128 blobs? Are there
recent results where we can estimate the cost of brute-forcing 64-bit and
80-bit keys?
--Paul Hoffman
On Jun 9, 2011, at 10:43 AM, Ian G wrote:
On 10/06/11 3:14 AM, Paul Hoffman wrote:
Greetings again. I am helping someone design a system that will involve
giving someone a randomly-generated key that they have to type in order to
unlock data that is private but not terribly valuable. Thus
At 7:06 PM -0600 12/16/10, Marsh Ray wrote:
On 12/16/2010 04:46 PM, Steven Bellovin wrote:
I've known Angelos Keromytis since about 1997; he's now a colleague
of mine on the faculty at Columbia. I've known John Ioannidis -- the
other name attached to that code -- for considerably longer. I've
specific on which patents you think apply to normal
use of ECDSA and ECDH? Or were you just saying because some company says they
have patents, I believe them? For extra credit, please read
draft-mcgrew-fundamental-ecc-03.txt and suggest where it might be wrong.
--Paul Hoffman, Director
--VPN
33 matches
Mail list logo