] the only
thing that will work is stopping the page being seen - replacing it with
a clearly worded explanation with *no* way to pass through and render
the page (okay maybe with a debug build of the browser but not in the
shipped product).
--
Darren J Moffat
thing it still doesn't mean
anything real about trust all it really means is how much money was
invested in getting the cert and setting up the correct information
about the company identity behind it.
--
Darren J Moffat
the apps important to you for some other reason. It also very much
depends on why the app uses the crypto algorithm in question, and in the
case of digest/hash algorithms wither they are key'd (HMAC) or not.
--
Darren J Moffat
support available.
--
Darren J Moffat
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
wanted to put on in machines that didn't
have PCIe capability.
--
Darren J Moffat
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
up with replacements) but I didn't think there'd be much
problem with finding the necessary hardware, unless you've got some particular
requirement that rules a lot of it out.
The Sun CA-6000 card I just pointed to in my other email is such a card
it uses Broadcom 582x.
--
Darren J Moffat
and
re-encrypt the data. Note this doesn't help rsync though since the
stream format is specific to ZFS.
[1] http://opensolaris.org/os/project/zfs-crypto/
--
Darren J Moffat
-
The Cryptography Mailing List
Unsubscribe by sending
reference here is aimed at iTunes. You do know that
iTunes Music Store no longer uses any DRM right ?
--
Darren J Moffat
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
they are sometimes used for
identification I know I have never been asked for mine other than by an
employer or suitably authorised government body how has a real need to know.
--
Darren J Moffat
-
The Cryptography Mailing List
Unsubscribe
to be accepted practice even in
organisations that by policy don't want passphrase/PIN on disk.
--
Darren J Moffat
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
.
--
Darren J Moffat
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Hal Finney wrote:
Darren J Moffat darren.mof...@sun.com asks:
Ignoring performance for now what is the consensus on the suitabilty of
using AES-GMAC not as MAC but as a hash ?
Would it be safe ?
The key input to AES-GMAC would be something well known to the data
and/or software.
No, I
was) the case http://en.wikipedia.org/wiki/FileVault
There is also a sleep mode issue identified by the NSA:
http://crypto.nsa.org/vilefault/23C3-VileFault.pdf
TrueCrypt on the other hand uses AES in XTS mode so you get
confidentiality and integrity.
--
Darren J Moffat
have a
place to store an IV. So every encrypted ZFS block is self contained,
has an IV and a 16 byte MAC. This means that the crypto is all
standards based algorithms and modes for ZFS.
http://hub.opensolaris.org/bin/view/Project+zfs-crypto/
--
Darren J Moffat
, but is it ?
Option 6
IV 96 bits
MAC 96 bits
ChecksumSHA224 or SHA256 truncated to 192 bits
--
Darren J Moffat
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography
/s_lenslok.php
--
Darren J Moffat
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
16 matches
Mail list logo
