Re: Did Hezbollah use SIGINT against Israel?

2006-09-22 Thread Thomas
, Thomas -- Tom [EMAIL PROTECTED] fingerprint = F055 43E5 1F3C 4F4F 9182 CD59 DBC6 111A 8516 8DBF - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: deriving multiple keys from one passphrase

2006-10-13 Thread Thomas
Am Dienstag 10 Oktober 2006 01:35 schrieb Travis H.: What is the accepted way to derive several keys from a user-supplied input? Maybe RFC289. AFAIK it also describes the reason why it protects against dictionary attacks. Bye, Thomas -- Tom [EMAIL PROTECTED] fingerprint = F055 43E5 1F3C 4F4F

Re: deriving multiple keys from one passphrase

2006-10-13 Thread Thomas
Am Freitag 13 Oktober 2006 12:05 schrieb Travis H.: On 10/13/06, Thomas [EMAIL PROTECTED] wrote: Maybe RFC289. I assume you mean 2289, which appears to describe the OTP scheme used by S/key. sorry, it was too early for an copy-n-paste ;) i meant: B. Kaliski; PKCS #5

Re: deriving multiple keys from one passphrase

2006-10-13 Thread Thomas
Am Freitag 13 Oktober 2006 12:26 schrieb Thomas: Am Freitag 13 Oktober 2006 12:05 schrieb Travis H.: On 10/13/06, Thomas [EMAIL PROTECTED] wrote: Maybe RFC289. I assume you mean 2289, which appears to describe the OTP scheme used by S/key. sorry, it was too early for an copy-n

Re: Persisting /dev/random state across reboots

2010-07-30 Thread Thomas
is very deterministic and if you do not have any Hardware RNG you need to seed /dev/random. At least old Linux kernels (2.4) also overestimate the entropy in the pool by about 30% which is especially a problem when you generate ssh host keys during system installation. Bye Thomas -- Thomas Biege

Re: /dev/random and virtual systems

2010-08-03 Thread Thomas
because the host system itself often doesn't have enough entropy. Much entropy is needed today for protocolls, session IDs and the elf_loader(!). Cheerio Thomas Am Montag 02 August 2010, 21:38:10 schrieb Yaron Sheffer: Hi, the interesting thread on seeding and reseeding /dev/random did not mention

Re: questions about RNGs and FIPS 140

2010-08-27 Thread Thomas
point is placed. It can be assumed that the buffered HDD writing and reading on the host of a VM produce less entropy than the real read(2) and write(2) calls within the VM itself. Bye Thomas - The Cryptography Mailing List

Re: Bluetooth cracked further

2005-06-04 Thread Thomas Lakofski
on the messages transferred. We suggest not to use this mode of work. Finally, the PIN length ranges from 8 to 128 bits. Most manufacturers use a 4 digit PIN and supply it with the device. Obviously, customers should demand the ability to use longer PINs. -thomas -- Thomas Lakofski +44 70 9228

Re: Bluetooth cracked further

2005-06-04 Thread Thomas Lakofski
Olle Mulmo wrote: On Jun 4, 2005, at 14:12, Thomas Lakofski wrote: Wrote? Well, quoted... Finally, the PIN length ranges from 8 to 128 bits. Most manufacturers use a 4 digit PIN and supply it with the device. Obviously, customers should demand the ability to use longer PINs. Correction

Re: gonzo cryptography; how would you improve existing cryptosystems?

2005-11-08 Thread Thomas Sjögren
) of the latest stable version of TrueCrypt for all supported operating systems and all supported hardware platforms are available from http://www.truecrypt.org/downloads.php /Thomas -- signature.asc Description: Digital signature

Re: Status of opportunistic encryption

2006-06-04 Thread Thomas Harold
James A. Donald wrote: Attacks on DNS are common, though less common than other attacks, but they are by scammers, not TLA agencies, perhaps because they are so easily detected. All logons should move to SRP to avoid the phishing problem, as this is the most direct and strongest solution for

Re: Decimal encryption

2008-08-28 Thread Thomas Baignères
/papers/groupLC.pdf ) [3] Baignères (PhD Thesis): Quantitative Security of Block Ciphers: Designs and Security Tools (to be published) I hope this helps. I'm of course available for any question regarding DEANxx. Best regards, Thomas Baignères -- http://lasecwww.epfl.ch/~tbaigner On Aug 27

Re: Proof of Work - atmospheric carbon

2009-01-30 Thread Thomas Coppi
being used for something more interesting than just sending spam or DDoS? -- Thomas Coppi - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com

Re: [tahoe-dev] SHA-1 broken!

2009-05-04 Thread Thomas Coppi
. This only works because straight-up bruteforce requires little memory, though. If the new SHA-1 break requires significant memory usage I don't think something like the COPACOBANA can help. Regards, -- Thomas Coppi

RE: Client Certificate UI for Chrome?

2009-08-06 Thread Thomas Hardjono
if the server-cert is invalid or status unknown). That's all for now. Will send more thoughts if any come up :) /thomas/ -Original Message- From: owner-cryptogra...@metzdowd.com [mailto:owner- cryptogra...@metzdowd.com] On Behalf Of Ben Laurie Sent: Wednesday, August 05, 2009 9:59

RE: Client Certificate UI for Chrome?

2009-08-12 Thread Thomas Hardjono
From: James A. Donald [jam...@echeque.com] Sent: Sunday, August 09, 2009 1:21 AM To: Thomas Hardjono Cc: Ben Laurie; Cryptography Subject: Re: Client Certificate UI for Chrome? Thomas Hardjono wrote: In this UI discussion, I think its less

Re: Wikileaks video crypto.

2010-04-09 Thread Thomas Coppi
). What, then, does the decryption claim mean here. Does anyone know? majord...@metzdowd.com This site http://leaks.telecomix.org/ claims to have the original, unencrypted video. It appears to have been encrypted with OpenSSL given the Salted__ prefix. -- Thomas Coppi