On Mon, Sep 16, 2013 at 12:44 PM, Bill Frantz fra...@pwpconsult.com wrote:
Symmetric encryption:
Two algorithms give security equal to the best of them. Three
protect against meet-in-the-middle attacks. Performing the
multiple encryption at the block level allows block cyphers to
be
On Tue, Sep 10, 2013 at 10:59 AM, Marcus D. Leech mle...@ripnet.com wrote:
I wonder what people's opinions are on things like the randomsound daemon
that is available for Linux.
I have not looked at that. A well thought out well documented
RNG based on a sound card is:
On Mon, Aug 26, 2013 at 4:12 PM, Phillip Hallam-Baker hal...@gmail.com wrote:
I really like RPis as a cryptographic tool. The only thing that would make
them better is a second Ethernet interface so they could be used as a
firewall type device.
Two things to look at. Onion Pi turns one into a
On 7/13/10, Perry E. Metzger pe...@piermont.com wrote:
It is disturbing to me that people oppose this so much.
Yes. A hardware RNG seems an obvious Good Thing. Not
a complete solution, but a very useful component.
For a lot of applications -- servers run in isolation, networking
equipment,
India recently forbade some Chinese companies from bidding on some
cell phone infrastructure projects, citing national security concerns:
http://www.chinatechnews.com/2010/05/25/12102-indias-bsnl-excludes-chinas-huawei-zte-from-gsm-bidding
Of course, the Chinese gov't and companies are by no
On 11/12/09, David-Sarah Hopwood david-sa...@jacaranda.org wrote:
Sandy Harris wrote:
On 11/8/09, Zooko Wilcox-O'Hearn zo...@zooko.com wrote:
Therefore I've been thinking about how to make Tahoe-LAFS robust against
the possibility that SHA-256 will turn out to be insecure
On 11/8/09, Zooko Wilcox-O'Hearn zo...@zooko.com wrote:
Therefore I've been thinking about how to make Tahoe-LAFS robust against
the possibility that SHA-256 will turn out to be insecure.
NIST are dealing with that via the AHS process. Shouldn't you just use
their results?
We could use a
On 11/6/09, mhey...@gmail.com mhey...@gmail.com wrote:
From http://www.ietf.org/mail-archive/web/tls/current/msg03928.html
and http://extendedsubset.com/?p=8
From what I gather, when TLS client certificates are used, an attacker
can post a command to a victim server and have it
9, mod 16,
or by combining those mod 144. Mod 25, mod 49 et cetera gave
constraints but not unique solutions.
After playing with this a while, I concluded that it was not
actually useful,
--
Sandy Harris,
Quanzhou, Fujian, China
espionage situation, say Boeing
and Airbus competing for big orders.
--
Sandy Harris,
Quanzhou, Fujian, China
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
,
but it looks feasible.
--
Sandy Harris,
Quanzhou, Fujian, China
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
file systems have become much more common and, for all I
know the attack technology may have changed too.
Is there a more recent analysis or is Guttman still the
best reference?
--
Sandy Harris,
Quanzhou, Fujian, China
/wiki/Random_number#Random_sequences_from_physical_phenomena
It is a wiki so if you can improve it, please do.
No doubt Wikipedia has a list as well. All the usual
crypto texts have chapters on it, too.
--
Sandy Harris,
Quanzhou, Fujian, China
not be encrypting
unless some enemy might get the text and using things an
an enemy can get is exactly what you do not want here.
However, it is cheap and random-looking, and the volume
is proportional to the amount of crypto done, so it might
help in some cases.
--
Sandy Harris,
Quanzhou, Fujian
and RC4-128 to get a cipher that takes a 256-bit key
and is significantly faster than AES-256, and arguably more secure. One is
immune to algebraic attacks.
--
Sandy Harris,
Quanzhou, Fujian, China
-
The Cryptography Mailing List
and use a standard hash.
--
Sandy Harris,
Quanzhou, Fujian, China
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
to construct it -- then for
any symmetric cipher key size less than the public key size, your
overheads are the same.
--
Sandy Harris,
Nanjing, China
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography
thousand times faster).
Brute force against a 96-bit key should take 2^32 times as long.
Since pi seconds is a nano-century, that's somewhat over a
century. For a 128-bit key, over 2^32 centuries. If brute force
is the best attack, this is obviously secure.
--
Sandy Harris,
Nanjing, China
relevant.
Among the more obvious problems are the fact that complexity
is bad for security, that the US government has some history
of abusing wiretaps, and that other governments who would
have access to any such technology are even less trustworthy.
--
Sandy Harris,
Nanjing, China
is sound,128 bits should theorectically
be enough for any data and any human time scale.
Practice and theory can differ, though, and you cannot
be utterly certain there's not some unpublished attack
that does awful things to the crypto. I'd use 256 bits
and a well-analyzed algorithm.
--
Sandy Harris
IPsec; it does not handle incoming
connections. However, that may be enough for many client machines that live
in dynamic address space.
--
Sandy Harris
Quanzhou, Fujian, China
-
The Cryptography Mailing List
Unsubscribe by sending
There is an RFC based on that work:
ftp://ftp.rfc-editor.org/in-notes/rfc4322.txt
The FreeS/WAN project has ended. I do no know if the follow-on projects,
openswan.org and strongswan.org, support OE.
--
Sandy Harris
Quanzhou, Fujian, China
Travis H. [EMAIL PROTECTED] wrote:
On Wed, Feb 07, 2007 at 05:42:49AM -0800, Sandy Harris wrote:
He starts from information theory and an assumption that
there needs to be some constant upper bound on the
receiver's per-symbol processing time. From there, with
nothing else, he gets
-known rule about
word, letter or sound frequencies in linguistics.
I'm not sure if you can also get Pareto's Law which
covers income wealth distributions in economics.
--
Sandy Harris
Quanzhou, Fujian, China
-
The Cryptography
can increase it.
* Can you add or increase entropy?
You can add more entropy, either from another source or more
from the same source. That is the only way to increase it.
--
Sandy Harris
Zhuhai, Guangdong, China
Lee Parkes wrote:
Hi,
I'm working on a project for a company that involves the use of 3DES. They have
asked me to find out what the overheads are ...
Some info at:
http://www.freeswan.org/freeswan_trees/freeswan-2.06/doc/performance.html
Zooko O'Whielcronx wrote:
On 2004, Sep 09, , at 16:57, Hal Finney wrote:
... an extension to IPsec to allow for unauthenticated
connections. Presently IPsec relies on either pre-shared secrets or a
trusted third party CA to authenticate the connection.
No. It can also use RSA public keys without
bear wrote:
Bob and Alice routinely discuss bombs, terrorism, tax cheating, sexual
infidelity, and deviant sex over the internet. They conspire to commit
crimes, share banned texts and suppressed news, or topple tyrannical
governments whose agents eavesdrop on their every communication. They
do
Hadmut Danisch wrote:
does anyone know good jokes about
cryptography, cryptographers, or security?
There's always the sys admin's mantra:
I know I'm paranoid, but I worry about whether
I'm paranoid enough.
FreeS/WAN docs have links to several collections
of crypto quotes, many funny:
Adam Back wrote:
What conceivable trade-offs could you have to make to get acceptable
performance out of symmetric crypto encrypted+authenticated tunnel?
All ciphers you should be using are like 50MB/sec on a 1Ghz machine!!
There's fairly detailed performance data for Linux FreeS/WAN IPsec
John S. Denker wrote:
On 06/19/2003 01:49 PM, martin f krafft wrote:
As far as I can tell, IPsec's ESP has the functionality of
authentication and integrity built in:
It depends on what you mean by built in.
1) The RFC provides for ESP+authentication but
does not require ESP to use
31 matches
Mail list logo