In message [EMAIL PROTECTED], John Denker writes: Here's a challenge directly relevant to this group: Can you design a comsec system so that pressure against a code clerk will not do unbounded damage? What about pressure against a comsec system designer? That is, of course, one of the primary
--- begin forwarded text Date: Mon, 09 Aug 2004 20:19:35 -0700 To: [EMAIL PROTECTED] From: John Young [EMAIL PROTECTED] Subject: NSA Overcomes Fiber-Optic and Encryption Sender: [EMAIL PROTECTED] Excerpt below from a Baltimore Sun article of August 8, 2004. Some of it could be true, but.
There is some detail in the FIPS 140 security policy of Microsoft's cryptographic provider, for Windows XP and Windows 2000. See for example http://csrc.nist.gov/cryptval/140-1/140sp/140sp238.pdf where they say the RNG is based on FIPS 186 RNG using SHS. The seed is based on the collection of
From: lrk [EMAIL PROTECTED] Sent: Aug 6, 2004 1:04 PM To: R. A. Hettinga [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: Cryptography and the Open Source Security Debate ... More dangerous is a key generator which deliberately produces keys which are easy to factor by someone knowing
http://www.businessweek.com/print/technology/content/aug2004/tc20040810_3053_tc024.htm?tc Business Week AUGUST 10, 2004 NEWS ANALYSIS :TECH By Stephen H. Wildstrom How a Digital Signature Works Microsoft's new Service Pack makes life tough for programs lacking the proper electronic
NEWS ANALYSIS :TECH By Stephen H. Wildstrom How a Digital Signature Works Is this a count the errors contest? I count six. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
The PRNG should be the least concern when using MSFT's cryptographic provider. The MSFT report 140sp238.pdf says: RSAENH stores keys in the file system, but relies upon Microsoft Windows XP for the encryption of the keys prior to storage. Not only RSAENH writes keys to a