this might be of interest as it describes an alternative to scrypt
http://lyra-kdf.net/
On Thu 09 Jan 2014 22:28:55 GMT, Zooko O'Whielacronx wrote:
Hello John Tromp!
That is neat! The paper could use a related work section, for example
Litecoin uses scrypt in the attempt to make it harder to
On 30/09/13 22:11, Jeffrey Goldberg wrote:
With SRP requires a shared secret key, so the attacker doesn’t even need to
“crack a hash” after getting hold of a server’s password database
i don't think that's true.
https://en.wikipedia.org/wiki/Secure_Remote_Password_protocol
The host pwd is of
On 30/09/13 10:47, Adam Back wrote:
Well clearly passwords are bad and near the end of their life-time
with GPU
advances, and even amplified password authenticated key exchanges like
EKE
have a (so far) unavoidable design requirement to have the server store
something offline grindable, which
On 30/09/13 16:43, Adam Back wrote:
On Mon, Sep 30, 2013 at 02:34:27PM +0100, Wasa wrote:
On 30/09/13 10:47, Adam Back wrote:
Well clearly passwords are bad and near the end of their life-time with
GPU advances, and even amplified password authenticated key
exchanges like
EKE have a (so far
On 30/09/13 19:22, Adam Back wrote:
On Mon, Sep 30, 2013 at 06:52:47PM +0100, Wasa wrote:
Also the PBKDF2 / scrypt happens on the client side - how do you think
your ARM powered smart phone will compare to a 9x 4096 core GPU
monster. Not well :)
How much would it help to delegate PBKDF2
On 30/09/13 19:41, Wasa wrote:
- with no server
i meant with no password. Arguably we can have decoy password if users
feel more secure with them :-)
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo
given the images seen on the links, both certs are signed by the same
entity (i cannot see the pubKey ID but issuer names match), yet have the
same serial number 3014267. Isn't the (serial number + issuer pub key
identifier) supposed to be unique and identify a cert uniquely?
is it common practice
On 01/08/13 22:04, Nico Williams wrote:
If you're in a position to know what CAs are allowed to issue certs
for a given name, then you can check for (audit) a) issuance of certs
for that name by unauthorized CAs, b) issuance of new certs by
authorized CAs but for unauthorized public keys.
who's
in CT, how do you tell if a newly-generated cert is legitimate or not?
Say, I am a state-sponsored attacker and can get a cert signed by my
national CA for barclays. How do you tell this cert is not legitimate? It
could have been barclays' IT admin who asked for a new cert.
Do companies need to
On 11/06/13 20:06, Eugen Leitl wrote:
Use a timing-independent array
comparisonhttp://rdist.root.org/2010/01/07/timing-independent-array-comparison/.
It's an easy fix. I've made the same mistake before, which is why I always
look for it now.
the page says Usually it's not, but if these were
On 12/06/13 08:36, James A. Donald wrote:
Difficult to avoid something like that while retaining parallelizability.
/Galois///Counter Mode/ (GCM) is parallelizable and provides
authenticated encryption.
___
cryptography mailing list
11 matches
Mail list logo
