Ben Laurie wrote:
Paul Hoffman wrote:
First off, big props to Dan for getting this problem fixed in a
responsible manner. If there were widespread real attacks first, it
would take forever to get fixes out into the field.
However, we in the security circles don't need to spread the Kaminsky
On Aug 2, 2010, at 11:08 AM, Perry E. Metzger wrote:
On Mon, 2 Aug 2010 11:02:54 -0400 Bill Squier g...@old-ones.com
wrote:
...In his presentation at the Black Hat Conference, German GSM
expert Karsten Nohl presented a tool he calls Kraken, which he
claims can crack the A5/1 encryption used
NIST strongly recommends that, pending the resolution of the security concerns
and the
re-issuance of SP 800-90A, the Dual_EC_DRBG, as specified in the January 2012
version of SP 800-90A,
no longer be used.
http://csrc.nist.gov/publications/nistbul/itlbul2013_09_supplemental.pdf
- johnk
On Sep 17, 2013, at 2:43 PM, Phillip Hallam-Baker hal...@gmail.com wrote:
My phrase PRISM-Proofing seems to have created some interest in the press.
PRISM-Hardening might be more important, especially in the short term. The
objective of PRISM-hardening is not to prevent an attack
On Sep 18, 2013, at 4:05 AM, ianG i...@iang.org wrote:
On 17/09/13 23:52 PM, John Kemp wrote:
On Sep 17, 2013, at 2:43 PM, Phillip Hallam-Baker hal...@gmail.com
I am sure there are other ways to increase the work factor.
I think that increasing the work factor would often result