Re: [cryptography] Homomorphic split-key encryption OR snake oil crypto

I don't see why you'd want split keys when it's already homomorphic. What would be the additional gain of that? Unless they need half the key to do the homomorphic computations. Also, homomorphic encryption and computation is usually slow. VERY slow. On Sun, Feb 19, 2012 at 17:22, Nico Williams

Re: [cryptography] Homomorphic split-key encryption OR snake oil crypto

There are multiparty computation too, but that's a bit different since it's essentially an encrypted VM where everybody runs one part. It could do the same thing without a snigle trusted party, though. On Sun, Feb 19, 2012 at 22:34, James A. Donald jam...@echeque.com wrote: On 2012-02-20 2:08

Re: [cryptography] (off-topic) Bitcoin is a repeated lesson in cryptography applications - was endgame

Hmm... Where have I heard of that idea before... http://disattention.com/78/digital-currencies-crypto-finance-and-open-source/#ot https://github.com/FellowTraveler/Open-Transactions https://github.com/FellowTraveler/Open-Transactions/wiki/FAQ UNTRACEABLE DIGITAL CASH? … FOR REAL? Is this the

Re: [cryptography] [OT] The NSA Is Building the Country’s Biggest Spy Center (Watch What You Say)

NSA flamebait? Hehe. On Sat, Mar 24, 2012 at 18:14, Jeffrey Walton noloa...@gmail.com wrote: On Fri, Mar 23, 2012 at 8:08 PM, Randall Webmail rv...@insightbb.com wrote: From: Jeffrey I. Schiller j...@qyv.net I bet everyone on this list can send encrypted messages to each other and they

Re: [cryptography] non-decryptable encryption

What I think people react on is that it's really pointless to use decimals and having to keep track of when they repeat. A simple RNG with normal numbers could be used instead, and probably *should* be used unless your crypto really *needs* numbers consisting of primes divided by primes. So

Re: [cryptography] non-decryptable encryption

. but a good deterent. --- natanae...@gmail.com wrote: From: Natanael natanae...@gmail.com To: givo...@37.com Cc: cryptography@randombit.net, jam...@echeque.com Subject: Re: [cryptography] non-decryptable encryption Date: Tue, 19 Jun 2012 12:07:26 +0200 What I think people react

Re: [cryptography] non-decryptable encryption

: Natanael natanae...@gmail.com, cryptography@randombit.net cryptography@randombit.net Subject: Re: [cryptography] non-decryptable encryption Date: Mon, 18 Jun 2012 18:20:13 +0200 Natanael natanae...@gmail.com wrote: One: On the second paper, you assume a prime number as long as the message

Re: [cryptography] encrypted bloom filter protocols with unlinkable queries

Never trust that the server delete data. - Sent from my tablet Den 21 jul 2012 11:15 skrev cryptoquesti...@safe-mail.net: Hello, I have a question regarding encrypted bloom filter protocols. I have come to the understanding that I can use such protocols to allow a client to query a server for

Re: [cryptography] Can there be a cryptographic dead man switch?

If the trustee (correct word?) stops passing the messages to your CDMS (cryptographic dead man switch), it would simply decrypt the original message automatically. So you can not put the entire mechanism in the hands of the trustee, especially not the part that authorizes the decryption. I could

Re: [cryptography] abstract: Air to Ground Quantum Key Distribution

Does anybody here take quantum crypto seriously? Just wondering. I do not see any benefit over classical methods. If one trusts the entire link and knows it's not MitM'd in advance, what advantage if any does quantum key distribution have over ordinary methods? And isn't it just as useless

Re: [cryptography] abstract: Air to Ground Quantum Key Distribution

It can detect passive snooping, not full MITM. - Sent from my tablet Den 18 sep 2012 18:17 skrev Zack Weinberg zack.weinb...@sv.cmu.edu: On Tue, Sep 18, 2012 at 3:30 PM, Natanael natanae...@gmail.com wrote: Does anybody here take quantum crypto seriously? Just wondering. I do not see any

Re: [cryptography] Can there be a cryptographic dead man switch?

But you can't revoke his ability to keep bruteforcing the message. - Sent from my tablet Den 19 sep 2012 23:01 skrev mhey...@gmail.com mhey...@gmail.com: Doh, don't know why I brought public-key crypto into this. There isn't a need for it. Just pick, say, an AES key and give the trustee some

Re: [cryptography] Can there be a cryptographic dead man switch?

bruteforcing of anything. - Sent from my tablet Den 5 sep 2012 16:21 skrev Natanael natanae...@gmail.com: If the trustee (correct word?) stops passing the messages to your CDMS (cryptographic dead man switch), it would simply decrypt the original message automatically. So you can not put

Re: [cryptography] Can there be a cryptographic dead man switch?

I can not imagine anything inherently trustable. I do not want to trust that single server won't be hacked, tapped by NSA or raided by FBI. Den 22 sep 2012 22:49 skrev StealthMonger stealthmon...@nym.mixmin.net: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 James A. Donald jam...@echeque.com

Re: [cryptography] Can there be a cryptographic dead man switch?

In that case Anonymous and other hacker groups is your problem. Den 23 sep 2012 01:37 skrev StealthMonger stealthmon...@nym.mixmin.net: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Natanael natanae...@gmail.com writes: I do not want to trust that single server won't be hacked, tapped

Re: [cryptography] A new form of encryption allows you to compute with data you cannot read

Homomorphic encryption isn't really that new, it's just that it's starting to get practical first now. On Wed, Sep 26, 2012 at 11:49 PM, Moti m...@cyberia.org.il wrote: http://www.americanscientist.org/issues/num2/2012/5/alice-and-bob-in-cipherspace/1

Re: [cryptography] cjdns review

AFAIK the key is just generated once and then hashes are generated in two rounds, if it is 0xFC at the first try it's done, otherwise it runs more checksum rounds in groups of two. Den 4 okt 2012 22:55 skrev Guus Sliepen g...@sliepen.org: On Thu, Oct 04, 2012 at 02:37:53PM +0200, Eugen Leitl

Re: [cryptography] How much does it cost to start a root CA ?

Bitcoin based DNS? That would be Namecoin. I am unsure if it also manages SSL or similiar link encryption or if that is a separate thing for the scheme. Den 6 jan 2013 08:27 skrev James A. Donald jam...@echeque.com: On 2013-01-05 12:07 PM, Morlock Elloi wrote: Correct. The cost of being CA is

Re: [cryptography] Bonding or Insuring of CAs?

On topic for the thread: I don't *think* there's currently any insurance companies with special policies for CA:s. There might be about 600 organizations that can issue SSL certs according to EFF, but there's more insurance companies than that in the world. Most of them probably don't have many

Re: [cryptography] Bonding or Insuring of CAs?

personally don't think as many people would be interested in the discussions. But then I don't have any data on that, and I don't know how many or what kind of responses you got. 2013/1/26 Paul Hoffman paul.hoff...@vpnc.org On Jan 25, 2013, at 4:11 PM, Natanael natanae...@gmail.com wrote

Re: [cryptography] Bitmessage

This is precisely how I2P eepsites work. The true addresses are [52 characters of b32 encoded checksum of public key].b32.i2p while the hosts.txt file is a list of these with their readable [sitename].i2p domains. You can modify your own lists as you wish. I2P Messenger and Bote mail could be

Re: [cryptography] NSA Releases 136 Cryptologs 1974-1997

The OCR file link is wrong. Ditch that e in text. http://cryptome.org/2013/03/nsa-cryptologs-txt.zip 2013/3/20 John Young j...@pipeline.com Most of the Cryptologs were formerly classified Top Secret. NSA calls it a monumental release. Non-searchable image files at NSA:

Re: [cryptography] A new (hopefully silly) Zerocoin/accumulator question

From what I have read, and as far as I have understood it, your zero-knowledge proofs are linked to a specific state of your choice. In other words, you prove that your Zerocoin mint was one of a certain set of Zerocoin mints. One can ONLY test the zero-knowledge proof against that set (since you

Re: [cryptography] Looking for earlier proof: no secure channel without previous secure channel

My suggestion is that you research the history of (cryptographic) authentication, mutual authentication (thanks Wikipedia for that phrase) and MITM. (Maybe you already have done that, though?) I can at least point out that spy agencies have known for many many decades that you can not securely

Re: [cryptography] Looking for earlier proof: no secure channel without previous secure channel

So basically, the way around having one insecure channel is to use so many insecure channels that the same attacker can't control them all. Which IRL means you run around between computers and check if what you published is available under the exact identity/keys you specified, and keep making up

Re: [cryptography] Project C-43 and Public Key Encryption

Isn't that equivalent to sender doing XOR on the plaintext, recipient doing XOR on first ciphertext, sender doing another XOR on second ciphertext to create third ciphertext, and the recipient doing XOR again to get plaintext? That's key-reuse and breaks XOR/OTP. The middleman simply XORs the

Re: [cryptography] 100 Gbps line rate encryption

Would anybody dare to use a SHA256 based stream cipher? (XOR with checksum of key and counter or whatever you want to throw in there.) Would it be faster than RC4/Salsa20? I'm a bit curious about why nobody seems to be using hash/checksum based stream ciphers. 2013/6/23 James A. Donald

Re: [cryptography] Snowden: Fabricating Digital Keys?

That depends on the system. Consider how HDCP encryption was broken; https://en.wikipedia.org/wiki/High-bandwidth_Digital_Content_Protection It used a scheme where access to enough keys allowed you to calculate the master key, breaking the entire scheme. 2013/6/25 Bill Scannell

Re: [cryptography] Potential funding for crypto-related projects

we try to start a new project (if needed) to create one? (I would like one with at least the same level of functionality as I2P, even if it would have to have a very different architecture.) 2013/6/30 Jacob Appelbaum ja...@appelbaum.net Natanael: I would like to point out that the developers

Re: [cryptography] Potential funding for crypto-related projects

chat (IM or IRC) or continous browsing. 2013/6/30 Jacob Appelbaum ja...@appelbaum.net Natanael: I'm not seeing that many options though. The Phantom project died pretty fast; https://code.google.com/p/phantom/ https://groups.google.com/forum/#!forum/phantom-protocol http://phantom

Re: [cryptography] Potential funding for crypto-related projects

Convergence, (in-browser) certificate pinning, and a few more. You could also use DNSSEC to serve the certificate. 2013/6/30 James A. Donald jam...@echeque.com The biggest Tor vulnerability is that governments and large criminal organizations (but I repeat myself) can use their influence over

Re: [cryptography] Paypal phish using EV certificate

That's trademarks, not copyright, and they get it transfered IF they request it and the original owner did not have a valid reason to use that domain with the trademarked name/phrase. And either way, reusing previously malicious domains for legit purposes is probably THE WORST method ever of

Re: [cryptography] urandom vs random

Most regular people can't accurately test or evaluate the output. Numbers aren't random, the sources are. You can't just judge a PRNG by it's output. For all you know the PRNG could be doing nothing more than doing SHA256 of a fixed value plus a counter, and if somebody would know that fixed value

Re: [cryptography] Jingle and Otr

https://jitsi.org/Documentation/ZrtpFAQ ZRTP and the GNU ZRTP implementation provide features to communication programs to setup of secure audio and video session without additional infrastructure, server programs, registration, and alike. While this doesn't state outright that Jitsi uses ZRTP

Re: [cryptography] Jingle and Otr

MESSAGE- Hash: SHA1 On 8/20/13 8:31 PM, Natanael wrote: https://jitsi.org/Documentation/ZrtpFAQ ZRTP and the GNU ZRTP implementation provide features to communication programs to setup of secure audio and video session without additional infrastructure, server programs, registration

Re: [cryptography] Reflection Attacks in Challenge/Response Protocols

The client and the server shouldn't both generate responses exactly the same way with the same key, no. If you use HMAC, I think including a simple identifier would be good enough. Something like this: HMAC(key, device ID + counter + timestamp), where the server and client has different IDs. Den

Re: [cryptography] no-keyring public

Bitcoin Brainwallet software creates ECDSA keys that you can use for multiple purposes, not only for Bitcoin. A link to Phidelius, which was previously mentioned: http://dankaminsky.com/2012/01/03/phidelius/ --- I would like to see some standardized hierarchial deterministic scheme to generate

Re: [cryptography] NSA cracking UN videoconference - worried?

Elsewhere it has been speculated that they got access to the VPN they used. 2013/8/27 pjklau...@gmail.com: Dear Cryptographers, The article on UN video-conference spying allegations ( http://america.aljazeera.com/articles/2013/8/25/nsa-bugged-u-n-headquarters. html ) claims: In the summer

Re: [cryptography] LeastAuthority.com announces PRISM-proof storage service

Considering that it's designed to not trust the servers in the first place (just your gateway, which often will be part of your own client or otherwise run locally), it's not all too hard. If you've verified the client, then you can be sure your data is secure. 2013/8/29 Nikos Fotiou

Re: [cryptography] Asynchronous forward secrecy encryption

I made a suggestion like this elsewhere: Store the keys split up in several different files using Shamir's Secret Sharing Scheme. Encrypt each file with a different key. Encrypt those keys with a master key. XOR each encrypted key with the SHA256 of their respective encrypted files. Put those

Re: [cryptography] The Unbreakable Cipher

For your question: Session keys and key rotation? Den 25 sep 2013 16:11 skrev John Young j...@pipeline.com: NSA Technical Journal published The Unbreakable Cipher in Spring 1961. http://www.nsa.gov/public_info/_files/tech_journals/The_Unbreakable_Cipher.pdf Excerpts: [Quote] David Kahn,

Re: [cryptography] The Compromised Internet

Carrier-agnostic encrypted mesh routing software: CJDNS. Cantenna, IR-link based RONJA, ethernet/LAN, whatever. If you've got a data link you can use it. It creates an IPv6 network internally in the 'fc' range (private network) where the address is a hash of the node's public key. On Wed, Sep

Re: [cryptography] One Time Pad Cryptanalysis

That would be known plaintext attack (or statistical analysis like how simple ciphers typically are broken) vs chosen plaintext attack (BREACH is the latter, while compression would increase entropy density to make the former harder since each individual bit becomes harder to predict). Sorry, no

Re: [cryptography] ciphersuite revocation model? (Re: the spell is broken)

Should we create some kind of CRL style protocol for algorithms? Then we'd have a bunch of servers run by various organizations specialized on crypto/computer security that can issue warnings against unsecure algorithms, as well as cipher modes and combinations of ciphers and whatever else it

Re: [cryptography] coderman's keys

No hints at what kind of client it takes? Custom config or recompile? - Sent from my phone Den 1 nov 2013 05:11 skrev coderman coder...@gmail.com: On Thu, Oct 31, 2013 at 7:55 PM, coderman coder...@gmail.com wrote: my contempt for email is well known and reinforced by choice of provider.

Re: [cryptography] Bitcoin attack

Can't the distributed pool P2Pool easily be updated to account for that? - Sent from my phone Den 4 nov 2013 16:33 skrev Peter Todd p...@petertodd.org: On Mon, Nov 04, 2013 at 09:31:04AM -0430, Karn Kallio wrote: The paper Majority is not Enough Bitcoin Mining is Vulnerable may be of

Re: [cryptography] [tahoe-dev] SNARKs, constant-time proofs of computation

SCIPR is another one. http://www.scipr-lab.org/ If it became efficient it could be useful for mining in a Bitcoin fork (commonly called altcoins). Don't know what kind of computations you'd actually would want it to do, though. Most meaningful computations could easily be deprecated by better

Re: [cryptography] NIST Randomness Beacon

Proof-of-work, just like Bitcoin itself uses for hashing? See hashcash as well. Require that the message in question is hashed together with a random value, with an output that matches a given pattern. And specify that one part of the message has to be the hash of a Bitcoin block from the given

Re: [cryptography] NIST Randomness Beacon (andrew cooke) (and Andy Isaacson, et al.)

Because there's no guarantees at all for anything at all for that site. On Wed, Nov 13, 2013 at 6:10 PM, Joshua Kingsolver Price jprice...@ivytech.edu wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Something of a noob question, but what about random.org? Is there some reason why this

Re: [cryptography] [Cryptography] Email is unsecurable

Say hello to Bote mail on I2P. I2P provides encrypted anonymizing networking, Bote mail provides DHT based serverless encrypted mailing with public crypto keys as addresses (ECDSA or NTRU). http://i2p2.de and i2pbote.i2p (if you don't have I2P installed, add .us to visit it via an inproxy).

Re: [cryptography] [Cryptography] Email is unsecurable

passive traffic analysis, then improve current systems to provide some added protection against metadata, focusing in a far future, when the new system got already wide adoption, make it perfect. Fabio Il 11/25/13, 7:20 PM, Natanael ha scritto: Say hello to Bote mail on I2P. I2P provides

Re: [cryptography] [Cryptography] Email is unsecurable

That can really only be solved by gateways, IMHO. It's the only way to talk between the systems that don't put limits on how secure either one can be. - Sent from my phone Den 26 nov 2013 16:09 skrev c1cc10 r...@isolved.it: If we're discussing about this topic it is because of people. emails

Re: [cryptography] Email is unsecurable

Bote mail doesn't have to be used for it's anonymous properties, for me that is just a bonus. For many people it is more than enough to be able to know that it is impossible for anybody else than the intended recipient to read the message thanks to public key addressing. Guaranteed end-to-end

Re: [cryptography] [Cryptography] Email is unsecurable

So, Convergence/Perspectives done on email headers? - Sent from my phone Den 27 nov 2013 22:07 skrev Stephen Farrell stephen.farr...@cs.tcd.ie: On 11/27/2013 09:01 PM, Jeffrey Walton wrote: Isn't the key distribution problem being pushed into DNS? The underlying problem still exists.

Re: [cryptography] Security Discussion: Password Based Key Derivation for Elliptic curve Diffie–Hellman key agreement

Sounds just like the Bitcoin blockchain to me. Or maybe the fork Namecoin. - Sent from my phone Den 18 dec 2013 02:20 skrev James A. Donald jam...@echeque.com: On 2013-12-18 04:38, Joseph Birr-Pixton wrote: In very general terms, you cannot hope to achieve confidentiality without

Re: [cryptography] Mixing RdRand with other CPU-based entropy sources?

It's always a good idea to use several entropy sources and cryptographically mix their outputs into your pool. They won't reduce your total entropy either way, any predictable sources will only be adding less entropy than promised. - Sent from my phone Den 19 dec 2013 09:19 skrev Joachim

Re: [cryptography] DNSNMC replaces Certificate Authorities with Namecoin and fixes HTTPS security

That sounds a lot like my Web of Trust based DNS suggestion. Link: http://www.reddit.com/r/Meshnet/comments/o3wex/wotdns_web_of_trust_based_domain_name_system Domain names would not be globally unique, where they go would instead be based on each individual node's trust ranking for the site's

Re: [cryptography] The next gen P2P secure email solution

... I'm not so sure about this, look at all the global resources being poured into traditional email, and attempts to 'fix' it. Now redirect fractional 1% of those resources and put them into a P2P replacement. That's ftw. = natanael... Say hello to Bote mail on I2P. I2P provides

Re: [cryptography] pie in sky suites - long lived public key pairs for persistent identity

Den 3 jan 2014 20:42 skrev coderman coder...@gmail.com: use case is long term (decade+) identity rather than privacy or session authorization. eternity key signs working keys tuned for speed with limited secret life span (month+). working keys are used for secret exchange and any other

Re: [cryptography] Preventing Timing Correlation Attacks on XMPP chats?

Den 5 jan 2014 13:23 skrev Randolph rdohm...@gmail.com: Hi - a scrambler could send out from time to time fake messages. - an impersonator could record your own chat behaviour and generate random time and lenght and content data, so it looks like your own chat - the main problem remains that

Re: [cryptography] Techniques for protecting CA Root certificate Secret Key

Den 9 jan 2014 00:56 skrev Paul F Fraser pa...@a2zliving.com: Software and physical safe keeping of Root CA secret key are central to security of a large set of issued certificates. Are there any safe techniques for handling this problem taking into account the need to not have the control in

Re: [cryptography] First public DNSChain server went online yesterday!

1: Domains expire unless renewed. 2: Transfers are possible. 3: The security model of blockchain based systems like Namecoin is that the primary chain had the greatest amount of proof-of-work behind it, and you can't fake the proof-of-work. You can try to isolate a node and provide a fake chain,

Re: [cryptography] [Cryptography] Help investigate cell phone snooping by police nationwide

Den 8 jun 2014 21:52 skrev Jerry Leichter leich...@lrw.com: On Jun 7, 2014, at 7:56 PM, Bill Cox waywardg...@gmail.com wrote: Is there reliable evidence that putting mobiles in a fridge is any better illusory comsec than putting pillows around the door also comically exhibited to clueless

Re: [cryptography] WG Review: TCP Increased Security (tcpinc)

On Mon, Jun 9, 2014 at 7:35 PM, ianG i...@iang.org wrote: Original Message Subject: [Tcpcrypt] WG Review: TCP Increased Security (tcpinc) Date: Thu, 05 Jun 2014 14:31:12 -0700 From: The IESG iesg-secret...@ietf.org To: IETF-Announce ietf-annou...@ietf.org CC: tcpinc WG

Re: [cryptography] Weak random data XOR good enough random data = better random data?

Den 28 jul 2014 18:23 skrev Lodewijk andré de la porte l...@odewijk.nl: Hey everyone, If I XOR probably random data with good enough random data, does that result in at least good enough random data? I'm working on some Javascript client side crypto. There's a cryptographic quality random

Re: [cryptography] Complete repository of known playing card ciphers

Den 10 sep 2014 22:34 skrev Aaron Toponce aaron.topo...@gmail.com: I've since put together a site of playing card ciphers, weak and strong. It's still _very_ much a work in progress, but some input would be appreciated: http://aarontoponce.org/card-ciphers/ [...] I still have a great

Re: [cryptography] Do quantum attacks/algos also lead to compromise of PFS?

Den 24 jan 2015 22:06 skrev Greg g...@kinostudios.com: So, I understand that QM algos can pretty much dismantle all popular asymmetric encryption algos with enough q-bits, but I haven't thought hard enough to see if they also can be used to compromise communications that used DH to do PFS

Re: [cryptography] The Wandering Music Band

Den 8 jan 2015 08:03 skrev realcr rea...@gmail.com: Hey Natanael, Thanks for your response. It's the chain of signatures always published in an accessible way so that the original members can't doublespend and claim to be the task group? Otherwise the blockchain approach is useful for you

Re: [cryptography] The Wandering Music Band

Den 8 jan 2015 11:54 skrev realcr rea...@gmail.com: Hey, thanks again for the reply. The only notable difference is that in my version you are checkpointing the change in th blockchain. You still have the very same form of signing, but you sign a slightly different message (transfer of a

Re: [cryptography] The Wandering Music Band

Den 7 jan 2015 22:14 skrev realcr rea...@gmail.com: Hey, Thank you for all the responses. I figured out that I left some important details out, probably because I thought about it for a long time. I'm sorry about that. I will try to formulate it again: Assume that the world contains correct

Re: [cryptography] [Cryptography] Feedback requested: ECC anonymous signatures with per-message revocable anonymity and pair-wise message linkability

@Richard Clayton: I'm aware of Fawkes signatures. They are somewhat applicable, but in some circumstances they aren't useful and/or safe. Here's the best case stateless implementation of Fawkes signatures that I can see that matches this usecase; Use a seed and a counter to derive commitment

[cryptography] Feedback requested: ECC anonymous signatures with per-message revocable anonymity and pair-wise message linkability

This started with the following Reddit thread: http://www.reddit.com/r/crypto/comments/32gh1v/looking_for_signing_algorithm_that_keeps_signee/ The goal is to be able to publish signed messages anonymously and then later on prove it was you who signed them, at a time of your choosing. NOTE: I'm

Re: [cryptography] Fwd: The Wandering Music Band

Den 10 dec 2015 21:02 skrev "realcr" : > > It has been a while, but I think I know now about an idea to solve this problem. > I really appreciate all the help I got from your responses. > > I wrote a document that explains it here: > >

Re: [cryptography] [Cryptography] Secure universal message addressing

- Sent from my phone Den 5 apr. 2016 09:17 skrev "John Gilmore" : > > > The key idea here is that you get to have *one* identifier for yourself > > under your control, that you can use everywhere, securely. > > The key idea here is a bad idea. > > I don't want everyone I interact

[cryptography] Secure universal message addressing

I'm crossposting this to a few lists, a few of the relevant mail archives are here for those who want to follow the replies on the other lists; http://www.metzdowd.com/pipermail/cryptography/ http://lists.randombit.net/pipermail/cryptography/

Re: [cryptography] [Endymail] Secure universal message addressing

Den 4 apr. 2016 19:23 skrev "Sean Leonard" : > > I think it’s called a URI. > > Any “universal” address is going to have to have embedded info about the protocol or system that it is addressing. See URI. People see URL:s and think websites, they see email addresses and think

Re: [cryptography] Number of hash function preimages

He actually asked two different questions on #2, if all hashes have collisions and if all messages have collisions. For MD5, the latter is almost proven true. There's a tool that let you enter two plaintexts, and then it generates a shared appended string (like

Re: [cryptography] Haystacks and Needles

Sounds good, but they're already asking for backdoors to the haystacks... 2012-03-27 17:45 skrev Ed Stone: Just as immunizations protect not only the person immunized, but also help protect the community from contagion, wouldn't more encrypted content have a public benefit through increasing

Re: [cryptography] crypto.cat

Again - SSL flaws, bad server, etc... Maybe a buggy browser. Can you imagine a bug allowing JS injection in any tab? Post a bit.ly link and wait for keys... Bugs like that have existed before. 2012-04-01 02:54 skrev James A. Donald: On 2012-04-01 7:51 AM, natanae...@gmail.com wrote: It's