At 03:55 PM 11/7/02 +0100, Steven M. Bellovin wrote:
Regardless of whether one uses volatile or a pragma, the basic point
remains: cryptographic application writers have to be aware of what a
clever compiler can do, so that they know to take countermeasures.
Wouldn't a crypto coder be using
At 03:32 PM 11/6/02 -0500, Perry E. Metzger wrote:
Does anyone know details of the new proposed protocols?
Small article at:
http://www.eetimes.com/story/OEG20021031S0007
Somewhere I read a larger article; things that
stuck in memory are: No AES, a cipher called Michael
being used; also, the
At 11:25 PM 10/1/02 -0400, R. A. Hettinga wrote:
I'm at a speech by Terry Essex, CTO of Essex Corp. He worked on optical
computing at the NSA for a long time.
the first computer to crack enigma was optical
In one of the historical books about crypto, there's a method
described involving
At 12:07 PM 9/20/02 -0400, Perry E. Metzger wrote:
A couple of places have reported on this:
http://www.nature.com/nsu/020916/020916-15.html
An idea from some folks at MIT apparently where a physical token
consisting of a bunch of spheres embedded in epoxy is used as an
access device by
At 08:56 PM 8/30/02 -0700, AARG!Anonymous wrote:
Bear writes:
In this case you'd need to set up the wires-and-gates model
in the QC for two ciphertext blocks, each attached to an
identical plaintext-recognizer function and attached to the
same key register. Then you set up the entangled
At 11:24 AM 7/25/02 -0400, John S. Denker wrote:
And most particularly I do not
care if the analog threshold of my soundcard shifts slightly
(as a function of recent history, temperature, phase of the
moon, or whatever).
A change in the analogue threshold of your digitizing step
will change
At 08:39 AM 7/23/02 +0200, Eugen Leitl wrote:
On Mon, 22 Jul 2002, David Honig wrote:
Yes, it is a joke. However, it is also a viable if low-bandwidth
entropy source. I disagree that you need to be able to model
I've got a framegrabber with a 640x480 24 bit/pixel camera. It doesn't
At 10:59 PM 7/22/02 -0700, [EMAIL PROTECTED] wrote:
Entropy is not quite a physical quantity -- rather it is on the
slippery edge between being a physical thing and a philosophical
thing. If you are not careful, you will slip into a deep epistemic
bog and find yourself needing to ask how do
At 02:40 PM 7/19/02 -0400, John S. Denker wrote:
Amir Herzberg wrote:
I don't even need quantum mechanics to generate
industrial-strength random symbols.
No one is saying you do.
Specifically: The executive summary of the
principles of operation of my generator is:
-- use SHA-1, which is
At 04:24 PM 7/22/02 -0400, John S. Denker wrote:
For the humor-impaired, let me point out that the lava
lamp is a joke. What it conspicuously lacks is a proof
of correctness -- that is, a nonzero lower bound on the
entropy rate of the raw data.
Yes, it is a joke. However, it is also a
At 01:07 AM 7/1/02 +0200, Hadmut Danisch wrote:
As a consequence, it is not enough to just
encrypt the connection between the computer
and the monitor or the keyboard. An encryption of
the connection between the computer and the
authorized person itself is needed.
The solution would be to
At 05:55 PM 5/31/02 -0400, John S. Denker wrote:
the thermodynamics of electrical circuits, costing
next to nothing. A draft writeup can be found at:
http://www.monmouth.com/~jsd/turbid/paper/turbid.htm
You write: -- We check for common gross failures. We consider it
unnecessary and
Old money is analogue, and therefore decays in a gradual
fashion. The Treasury (via the banks) culls fading bills.
An RFID would be digital and would fail catastrophically.
This is an important difference.
[Moderator's note: enough on the RFID now. It is far away from crypto. -Perry]
At 02:27 AM 1/28/02 -0800, John Gilmore wrote:
I have done enough years of chip testing AND architectural
validation to know how few of the infinitely many combinations of
instructions or bus cycles are actually tested to make sure that
somebody didn't intentionally make *one* combination do
At 02:59 PM 12/30/01 -0800, John Gilmore wrote:
Along these lines I can't help but recommend reading one of the best
crypto books of the last few years:
Between Silk and Cyanide
Leo Marks, 1999
This wonderful, funny, serious, and readable book was written by the
chief
At 02:47 PM 12/28/01 -0800, Bill Stewart wrote:
At 01:59 PM 12/28/2001 -0800, David Honig wrote:
A.A.M + PGP = covert radio transmitter which sends coded messages.
Obviously
interesting, so you direction-find to defeat the anonymity.
And Perry replied:
[Moderator's note: And how would you
At 02:40 PM 12/28/01 -0500, Trei, Peter wrote:
Posting PGP to aam also avoids the bandwidth bloat imposed by stego,
and the extra complication of having to stego and destego images, as
well as generate the images used for cover.
Why would anyone bother hide tiny messages in ebay images or
At 02:40 PM 12/28/01 -0500, Trei, Peter wrote:
There's a much simpler reason why few or no stego'ed messages are
present in usenet images: They form an inefficient and unneeded
distribution mechanism.
On the subject of stego, this showed up earlier this week:
To: [EMAIL PROTECTED]
Subject:
At 12:46 AM 9/23/01 -0400, R. A. Hettinga wrote:
From: Steve Furlong [EMAIL PROTECTED]
Malaysia is willing to share the technology with the US and other
countries now worried about terrorism.
Serbia was willing to send election advisors to help with the FLA
presidential elections..
At 11:50 AM 9/17/01 +0200, Hadmut Danisch wrote:
Which politician would dare to ban hotels?
Which politician would fail to support mandatory registration of
motel occupants with local 'authorities'?
[Moderator's note: Everyone who's got a copy of Netscape or IE has
cryptographic software in
At 02:14 PM 9/17/01 -0400, Jim Windle wrote:
Second, if we assume for a minute that the terrorist use public key
systems
Given their 1. quality opsec including 2. wise avoidance of wireless
phones, etc, and their
3. dependence on long-time personal contacts, isn't it more likely that
private
At 02:28 PM 7/10/01 -0700, Kent Crispin wrote:
A couple of years ago at the RSA conference one of the vendors was
exhibiting a tamperproof that would keep a secret key and perform
encryptions/signatures using the key. Since the key never left the
box, in theory security reduced to physical
At 08:55 AM 7/3/01 -0700, [EMAIL PROTECTED] wrote:
signing. With digital signatures it becomes murkier ... how does somebody
know that what they are looking at is the same thing that the computer is
calculating a digital signature for.
Good point. There's no way without a trusted host
At 12:16 PM 6/20/01 +0200, Barry Wels wrote:
Hi,
In James Bamford's new book 'Body of Secrets' he claims the NSA is working
on some FAST computers.
http://www.randomhouse.com/features/bamford/book.html
Fantastic book. I read the stuff about using Areceibo for moon-bounce
surveillance
of
At 09:42 PM 4/24/01 +0200, Martin Olsson wrote:
The initial permutation and the corresponding final permutation do not
affect the security of DES. (As near as anyone can tell, its primary
purpose is to make it easier to load plaintext and ciphertext data into a
DES chip in byte sized pieces.
25 matches
Mail list logo