Re: Who's afraid of Mallory Wolf?

transactions doesn't enable a crook to initiate a fraudulent payment transaction. -- Anne Lynn Wheelerhttp://www.garlic.com/~lynn/ Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm - The Cryptography Mailing List

Re: Who's afraid of Mallory Wolf?

Lynn Wheelerhttp://www.garlic.com/~lynn/ Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: Who's afraid of Mallory Wolf?

significant additional CPU processing load. -- Anne Lynn Wheelerhttp://www.garlic.com/~lynn/ Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm - The Cryptography Mailing List Unsubscribe by sending unsubscribe

Re: How effective is open source crypto?

that don't have their own mechanism for detecting replay/repeats and are relying on SSL. I would also contend that this is significantly smaller exposure than self-signed certificates. -- Anne Lynn Wheelerhttp://www.garlic.com/~lynn/ Internet trivia 20th anv http://www.garlic.com/~lynn

Re: How effective is open source crypto? (addenda)

). -- Anne Lynn Wheelerhttp://www.garlic.com/~lynn/ Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: How effective is open source crypto? (bad form)

, is that with generic webserver (making the connection) there might be a couple levels of indirection between the webserver specifying the connection parameters and the actual server application (leading to webservers always specifying replay challenge option). -- Anne Lynn Wheelerhttp

Re: How effective is open source crypto? (aads addenda)

authentication protocol is just another example (like the purchasse order example) of the higher level protocol having its own replay/repeat handling infrastructure (whether it is something like log checking or its own replay challenge). -- Anne Lynn Wheelerhttp://www.garlic.com/~lynn

Re: Who's afraid of Mallory Wolf?

at home) -- Anne Lynn Wheelerhttp://www.garlic.com/~lynn/ Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Armoring websites

#14 Home mainframes http://www.garlic.com/~lynn/2003c.html#52 diffence between itanium and alpha -- Anne Lynn Wheelerhttp://www.garlic.com/~lynn/ Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

Re: How effective is open source crypto?

. -- Anne Lynn Wheelerhttp://www.garlic.com/~lynn/ Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: Encryption of data in smart cards

of attack on the secret key 2) doesn't affect brute force attack on the derived key 3) makes it harder to use a lost/stolen card -- Anne Lynn Wheelerhttp://www.garlic.com/~lynn/ Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm

Re: Encryption of data in smart cards

://www.garlic.com/~lynn/2002f.html#22 Biometric Encryption: the solution for network intruders? -- Anne Lynn Wheelerhttp://www.garlic.com/~lynn/ Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm - The Cryptography

Re: Interests of online banks and their users [was Re: Cryptogram: Palladium Only for DRM]

instruction count instead of timer http://www.garlic.com/~lynn/2002l.html#28 Two questions on HMACs and hashing -- Anne Lynn Wheeler [EMAIL PROTECTED], http://www.garlic.com/~lynn/ - The Cryptography Mailing List Unsubscribe

Re: Cryptogram: Palladium Only for DRM

Backdoor in AES ? http://www.garlic.com/~lynn/2002m.html#10 Backdoor in AES ? -- Anne Lynn Wheeler [EMAIL PROTECTED], http://www.garlic.com/~lynn/ - The Cryptography Mailing List Unsubscribe by sending unsubscribe