Status of attacks on AES?

2006-05-04 Thread Joachim Strombergson
Aloha! Just out of curiosity I tried to Google around for recent papers on attacks against AES/Rijndael. I found the usual suspects with XLS attacks and DJBs timing attack. But what is the current status of attacks, anything new and exciting? -- Med vänlig hälsning, Cheers! Joachim

Re: fyi: Deniable File System - Rubberhose

2006-05-04 Thread Joachim Strombergson
Ivan Krstic wrote: Owen Blacker wrote: I wanted to create a file system that was deniable: where encrypted files looked like random noise, and where it was impossible to prove either the existence or non-existence of encrypted files. I spent some time thinking about this a few years back:

Re: fyi: Deniable File System - Rubberhose

2006-05-04 Thread dan
OK, I'll say it. This site: http://www.truecrypt.org/ makes me visualize tinfoil hats. --dan - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: fyi: Deniable File System - Rubberhose

2006-05-04 Thread Peter Gutmann
[EMAIL PROTECTED] writes: OK, I'll say it. This site: http://www.truecrypt.org/ makes me visualize tinfoil hats. TrueCrypt is definitely deep tinfoil-hat crypto (I have an upcoming article on disk-encryption software that goes into this in more detail). That's rather unfortunate, because

Re: Status of attacks on AES?

2006-05-04 Thread Marcos el Ruptor
Aloha! Just out of curiosity I tried to Google around for recent papers on attacks against AES/Rijndael. I found the usual suspects with XLS attacks and DJBs timing attack. But what is the current status of attacks, anything new and exciting? http://defectoscopy.com/forum/viewtopic.php?t=3

Re: Linux RNG paper

2006-05-04 Thread markus reichelt
* Travis H. [EMAIL PROTECTED] wrote: 1) In the paper, he mentions that the state file could be altered by an attacker, and then he'd know the state when it first came up. Of course, if he could do that, he could simply install a trojan in the OS itself, so this is not really that much of a

Re: Linux RNG paper

2006-05-04 Thread Steven M. Bellovin
On Thu, 04 May 2006 18:14:09 +0200, markus reichelt [EMAIL PROTECTED] wrote: * Travis H. [EMAIL PROTECTED] wrote: 1) In the paper, he mentions that the state file could be altered by an attacker, and then he'd know the state when it first came up. Of course, if he could do that, he

Re: Linux RNG paper

2006-05-04 Thread Jason Holt
On Thu, 04 May 2006 18:14:09 +0200, markus reichelt [EMAIL PROTECTED] wrote: Agreed; but regarding unix systems, I know of none crypto implementation that does integrity checking. Not just de/encrypt the data, but verify that the encrypted data has not been tampered with. There's also