Re: PGP Encryption Proves Powerful

2003-05-31 Thread bear
become aware of crypto when it averts trouble. They become aware of crypto when it causes trouble. Bear - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL

Re: New vs Old (was Snake Oil)

2003-06-04 Thread bear
offhand. Bear - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: Draft Edition of LibTomMath book

2003-06-25 Thread bear
think Math is indispensable to crypto, and there ought to be a secure mathematics library. Bear - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: Attacking networks using DHCP, DNS - probably kills DNSSEC NOT

2003-06-30 Thread bear
are the major targets for a DNS spoof. Bear - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: Attacking networks using DHCP, DNS - probably kills DNSSEC

2003-07-01 Thread bear
or subverted network and it'll just work. At the very least you've got to have a file of keys. Bear - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL

RE: Announcing httpsy://, a YURL scheme

2003-07-16 Thread bear
it uses to print the reference on the page. IOW, if you go to Mallory's search engine, then no matter how many references you find, they're all coming to you through the same channel and you have to trust Mallory. Bear

Re: Looking for an N -out-of-M split algorithm

2003-07-16 Thread bear
on... Bear - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: blackmail / real world stego use

2003-08-27 Thread bear
. Bear - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: Code breakers crack GSM cellphone encryption

2003-09-10 Thread bear
, it's just going to happen. Anything an intel service shares with anybody, it's putting into the network, and it's going to get around to everybody. Bear - The Cryptography Mailing List

Re: Reliance on Microsoft called risk to U.S. security

2003-10-01 Thread bear
to send and recieve live code, so that they could be effectively protected from live code at the outset unless they really need it. Others, of course, disagree. Bear - The Cryptography Mailing

Re: Monoculture

2003-10-01 Thread bear
it. Bear - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: anonymous DH MITM

2003-10-02 Thread bear
can have open protocols that aren't anonymous be immune to MITM. But you can't have both. Bear - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: anonymous DH MITM

2003-10-03 Thread bear
the two contestants from making nonce transmissions twice a move when it's not their turn. Bear - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: anonymous DH MITM

2003-10-04 Thread bear
On Fri, 3 Oct 2003, Benja Fallenstein wrote: bear wrote: Why should this not be applicable to chess? There's nothing to prevent the two contestants from making nonce transmissions twice a move when it's not their turn. I.e., you would need a protocol extension to verify the nonces somehow

Re: anonymous DH MITM

2003-10-05 Thread bear
the players an I need more time to think move, but if they're not allowed to use it more than one time in three, then mitch isn't going to be able to make more than two moves. Bear - The Cryptography

Re: yahoo to use public key technology for anti-spam

2003-12-07 Thread bear
on my home machine. A bit of lag is acceptable. Sending private mail via untrusted SMTP servers is not. Bear - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL

Re: Difference between TCPA-Hardware and other forms of trust

2003-12-20 Thread bear
trustworthy place than a world full of weasels who want to control their systems. Bear - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: Difference between TCPA-Hardware and other forms of trust

2003-12-22 Thread bear
by business models I don't want to deal with. It makes the buy decision complicated and fraught with risk. Bear - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL

Re: Difference between TCPA-Hardware and a smart card (was: example: secure computing kernel needed)

2003-12-29 Thread bear
. Bear - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: The future of security

2004-05-28 Thread bear
to protect *other* users from their stupidity. Bear - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: The future of security

2004-05-30 Thread bear
, or whether the path has some reasonably small distance. I have not yet seen an example of reputation favoring one person over another in a web of trust model; it looks like people can't be bothered to keep track of the trust relationships or reputations within the web. Bear

Re: The future of security

2004-06-01 Thread bear
be autospammed to cut out anyone you didn't like? Sorry; but the fact is no web-of-trust implementation to date works, or even comes close to working. Bear - The Cryptography Mailing List Unsubscribe by sending

Re: Security clampdown on the home PC banknote forgers

2004-06-08 Thread bear
impositions. Wouldn't it be a stitch if nations were forced to re-adopt the gold standard (or adopt the chocolate standard) because all their bills (and SmartCoins, and RFID tokens, and ) could be counterfeited? Bear

RE: identification + Re: authentication and authorization

2004-07-10 Thread bear
(or wherever) and took the money (or whatever) at gunpoint, directing them to charge your account; an image I find more than a little preposterous. There has to be some kind of fraud or subterfuge for the proposed crime to even be credible. Bear

Re: More problems with hash functions

2004-08-26 Thread bear
in their new order. Now the attack doesn't work; collisions against individual blocks don't combine to produce a collision on the sequence because the colliding values wouldn't have been fed into the hash function in the same order as the actual blocks. Bear

Re: More problems with hash functions

2004-08-26 Thread bear
On Wed, 25 Aug 2004, Hal Finney wrote: Bear writes: One interesting idea which I came up with and haven't seen a way past yet is to XOR each block with a value computed from its sequence number, then compute the hash function on the blocks in a nonsequential order based on the plaintext

A splint for broken hash functions

2004-08-31 Thread bear
generation of hash functions to be written. Bear - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: A splint for broken hash functions

2004-08-31 Thread bear
On Sun, 29 Aug 2004, John Denker wrote: bear wrote: H2(H1) = H1( H1(M) xor H1( TT( M))) I think that was intended to be something like H2(M) = H1( H1(M) xor H1( TT( M))) ^ Actually, it was intended to take a hash function as an argument and define a new hash function

Re: Compression theory reference?

2004-09-01 Thread bear
is that a faculty is always right by definition. That is inconsistent with the advancement of knowledge. Any university relying on such a principle has abandoned its duty. Bear - The Cryptography

Re: Compression theory reference?

2004-09-01 Thread bear
-bit messages, there must be at least 1024 distinct nine-bit messages which, when the reversal is applied, result in these 1024 messages. There are exactly 512 distinct nine-bit messages. Therefore 512 = 1024. Bear

Re: ?splints for broken hash functions

2004-09-06 Thread bear
in this case because H1 is fixed. The above construction is in fact secure against the Joux attack as stated. 2^80 work will find, on average, one collision. Bear - The Cryptography Mailing List

Re: Spam Spotlight on Reputation

2004-09-07 Thread bear
failures of marketability. But to the extent that they allow bypassing filters, the spammers are the biggest customers. Bear - The Cryptography Mailing List Unsubscribe by sending unsubscribe

Re: [anonsec] Re: potential new IETF WG on anonymous IPSec (fwd from [EMAIL PROTECTED]) (fwd from [EMAIL PROTECTED])

2004-09-11 Thread bear
, but on this list anonymous is a very strong claim. Anonymity is *HARD* to do, not something that results from failing to check a credential. Bear - The Cryptography Mailing List Unsubscribe by sending

Re: Is 3DES Broken?

2005-02-02 Thread bear
modes available for using 3DES if you have a fat pipe to encrypt. Bear - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: Optimisation Considered Harmful

2005-06-25 Thread bear
- in the hopes that attackers couldn't isolate which parts of the information were related to your algorithm. Bear - The Cryptography Mailing List Unsubscribe by sending unsubscribe

Re: ISAKMP flaws?

2005-11-30 Thread bear
human attention/intervention. This is treating key distribution seriously, and possibly for the first time in the modern incarnation of the industry. Bear - The Cryptography Mailing List

Re: Proving the randomness of a random number generator?

2005-12-03 Thread bear
of the PRNG so far has no strategy better than random guessing for determining the next and subsequent outputs, and that may be random enough for your bosses.) Bear - The Cryptography

Re: quantum chip built

2006-01-17 Thread bear
algorithm, which requires n qbits) won't work. Given that our knowledge of QC is nascent, our ignorance of QC's practical limits is likely staggering, and caution is to be advised. Bear

Re: thoughts on one time pads

2006-01-26 Thread bear
to need, barring catastrophic medical advances,) of a very secure low-bandwidth channel. Of course, the obvious application for this OTP material, other than text messaging itself, is to use it for key distribution. Bear Bruce acknowleges this by saying [t

Re: thoughts on one time pads

2006-01-27 Thread bear
On Thu, 26 Jan 2006, Adam Fields wrote: On Thu, Jan 26, 2006 at 06:09:52PM -0800, bear wrote: [...] Of course, the obvious application for this OTP material, other than text messaging itself, is to use it for key distribution. Perhaps I missed something, but my impression

Re: Can you keep a secret? This encrypted drive can...

2006-11-12 Thread bear
. Bear - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

RE: How the Greek cellphone network was tapped.

2007-07-21 Thread bear
cell traffic if you tuned, for example, to UHF TV channel 78.44. But not if you tuned to channel 78 or channel 79. Bear - The Cryptography Mailing List Unsubscribe by sending unsubscribe

Re: How the Greek cellphone network was tapped.

2007-07-21 Thread bear
. Bear - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: A secure Internet requires a secure network protocol

2007-07-25 Thread bear
in the case of users who have perpetrated or permitted known security abuses. It should therefore be no surprise that SSL is nearly useless. Bear - The Cryptography Mailing List Unsubscribe by sending