I recommend Poly1305 by DJB or VMAC by Ted Krovetz and Wei Dai. Both
are much faster than HMAC and have security proven in terms of an
underlying block cipher.
VMAC is implemented in the nice Crypto++ library by Wei Dai, Poly1305
is implemented by DJB and is also in the new nacl library by
Why Cloud Computing Needs More Chaos:
http://www.forbes.com/2009/07/30/cloud-computing-security-technology-cio-network-cloud-computing.html
[Moderator's note: ... the article is about a growing problem -- the
lack of good quality random numbers in VMs provided by services like
EC2
and the effe
Referring to your note of August 1: I haven't found anything about
breaking RC4 if used with a newly randomly generated key (unrelated to
any others) for every communication session. I would appreciate being
enlightened!
(Of course one should throw away initial parts of the stream. I
sugg
Joseph Ashwood wrote:
RC-4 is broken when used as intended.
...
If you take these into consideration, can it be used "correctly"?
James A. Donald:
Hence "tricky"
Joseph Ashwood wrote:
By the same argument a Viginere cipher is "tricky" to use securely, same
with monoalphabetic and even Cea
Dear people of Perry's cryptography mailing list:
Please check out the new release of Tahoe-LAFS. We claim that it is
the first cloud storage technology which offers "real" security. If
you can find a weakness in the cryptographic structure (or any
security hole whatsoever), then you will
-
From: "PETER SCHWEITZER"
Subject: AES, RC4
Referring to your note of August 1: I haven't found anything about
breaking RC4 if used with a newly randomly generated key (unrelated to
any others) for every communication session. I would appreciate
--
From: "James A. Donald"
Subject: Re: Fast MAC algorithms?
Joseph Ashwood wrote:
RC-4 is broken when used as intended.
...
If you take these into consideration, can it be used "correctly"?
James A. Donald:
Hence "tricky"
Joseph Ashwood w
--
From: "Ray Dillinger"
Subject: Re: Fast MAC algorithms?
I mean, I get it that crypto is rarely the weakest link in a secured
application. Still, why are folk always designing and adopting
cryptographic tools for the next decade or so instead o
An implementation of MD5 collision searching done on GPUs instead of
ordinary CPUs -- substantially faster searches with fewer processors.
http://www.blackhat.com/presentations/bh-usa-09/BEVAND/BHUSA09-Bevand-MD5-PAPER.pdf
I imagine that if anyone really cared to generate such things really
quic
On Sat, Aug 1, 2009 at 10:06 PM, Jerry Leichter wrote:
>> Why Cloud Computing Needs More Chaos:
>>
>> http://www.forbes.com/2009/07/30/cloud-computing-security-technology-cio-network-cloud-computing.html
>>
>> [Moderator's note: ... the article is about a growing problem -- the
>> lack of good qual
Jerry Leichter wrote:
How
does a server, built on stock technology, keep secrets that it can use
to authenticate with other servers after an unattended reboot? Without
tamper-resistant hardware that controls access to keys, anything the
software can get at at boot, an attacker who steals a c
11 matches
Mail list logo