On Wed, Aug 19, 2015 at 02:55:33PM -0400, Jim Starkey wrote:
>
> The best alternative to RC4 is AES-128. It is "more" (but not
> measurably) secure but also a couple of hundred times as expensive to
> compute. If you don't believe me, run your own numbers.
I did...
mike@unicorn:~> openssl sp
On Wed, 19 Aug 2015 14:55:33 -0400, Jim Starkey
wrote:
> You're excessing fussy. No one has ever found a SHA1 collision, let
> alone a bogus hit. It is perfectly secure. It has known weaknesses,
> but even with these known weaknesses, it is impossible to crack.
>
> RC4 is perfectly secure.
On Wed, 19 Aug 2015 18:17:03 -0400, James Starkey
wrote:
> A "better" hashing algorithm has no signficant effect. The difference
in
> security between a 20 byte hash and a 64 byte hash is 1 / 2^128, a
number
> so small that there isn't enough computer memory on earth to hold it in
> decimal forma
On 08/18/2015 12:22 AM, Jim Starkey wrote:
> The theoretical basis of computer security and mutual authentication
> is the concept of shared secrets. The most common implementations use
> passwords. In Firebird, there are at least two implementation of
> password based authentication, SRP veri
On Thursday, August 20, 2015, Michal Kubecek wrote:
> On Wed, Aug 19, 2015 at 02:55:33PM -0400, Jim Starkey wrote:
> >
> > The best alternative to RC4 is AES-128. It is "more" (but not
> > measurably) secure but also a couple of hundred times as expensive to
> > compute. If you don't believe me
On Thursday, August 20, 2015, Mark Rotteveel wrote:
> On Wed, 19 Aug 2015 18:17:03 -0400, James Starkey >
> wrote:
> > A "better" hashing algorithm has no signficant effect. The difference
> in
> > security between a 20 byte hash and a 64 byte hash is 1 / 2^128, a
> number
> > so small that the
Just my 0.02€
http://ianix.com/pub/chacha-deployment.html
ChaCha20 is in TSL and OpenSSH etc. and mainly because it is secure and it
is fast.
-Tee-
On Thu, Aug 20, 2015 at 2:26 PM, James Starkey wrote:
>
>
> On Thursday, August 20, 2015, Michal Kubecek wrote:
>
>> On Wed, Aug 19, 2015 at 02:
On Thursday, August 20, 2015, Alex Peshkoff wrote:
> On 08/18/2015 12:22 AM, Jim Starkey wrote:
> >
> > Unless it can be guaranteed that SRP verifiers in Firebird are immune
> > to compromised
>
> What do you mean by 'immune to compromised' here? The main goal of using
> SRP as a default authenti
On Thursday, August 20, 2015, Tommi Prami wrote:
> Just my 0.02€
>
> http://ianix.com/pub/chacha-deployment.html
>
> ChaCha20 is in TSL and OpenSSH etc. and mainly because it is secure and it
> is fast.
>
>
> I wasn't aware of that. Very, very cool.
--
Jim Starkey
On 08/20/2015 03:11 PM, James Starkey wrote:
> On Thursday, August 20, 2015, Alex Peshkoff wrote:
>
>> On 08/18/2015 12:22 AM, Jim Starkey wrote:
>>> Unless it can be guaranteed that SRP verifiers in Firebird are immune
>>> to compromised
>> What do you mean by 'immune to compromised' here? The ma
On 07/15/2015 01:24 PM, Dmitry Yemanov wrote:
> 15.07.2015 13:14, Alex Peshkoff wrote:
>
>> I worry more about SQL-based management. Creating first user is required
>> step not only for initializing security3.fdb, it's also required when
>> new security database (non-default) is to be added to the
On Thursday, August 20, 2015, Alex Peshkoff wrote:
>
>
> And what about the vault at the client side containing long randomly
> generated password for SRP - this is definitely a way to make things not
> as bad as they can when verifiers are compromised. I suppose to use this
> suggestion in post-
12 matches
Mail list logo
