Re: [cryptography] on using RDRAND [was: Entropy improvement: haveged + rngd together?]
On 12/2/13, 3:16 PM, dj-0ozvisyrzglbdgjk7y7...@public.gmane.org wrote: I'm currently arguing with NIST about their specifications which make it hard to provide raw entropy while being FIPS 140-2 and NIST SP800-90 compliant. If I had a free hand, it would not be a configuration. Configurations suck in numerous ways. It would just be there. Is the TRNG circuit small enough you could just slap down two of them, and use one to feed the NIST pipeline and use the other for raw entropy access? --Patrick ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] State of the art in block ciphers?
On 05/12/13 11:41, coderman wrote: On Thu, Dec 5, 2013 at 12:13 AM, Matthew Orgass darks...@city-net.com wrote: ... OTOH, for TLS ChaCha seems to me like the best choice at this point. let me know when you are able to speak TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 between browser and popular site! (or any browser and any site for that matter :) /impatient Based on https://community.qualys.com/thread/12169 https://www.ssllabs.com/ssltest/analyze.html?d=google.coms=173.194.46.17 and https://www.imperialviolet.org/2013/10/07/chacha20.html I'd say today for CHACHA20_POLY1305_SHA256 on popular site and any browser (including developer/nightly builds), before end of the year for mainstream browser. That's TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 not TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, but close enough ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
[cryptography] How is the MD2 hash function S-table constructed from Pi?
Can anyone on the list answer this question? - http://crypto.stackexchange.com/questions/11935/how-is-the-md2-hash-function-s-table-constructed-from-pi The MD2 algorithm (defined in RFC 1319 - http://tools.ietf.org/html/rfc1319) has a bunch of constants, a permutation of 256 bytes, that is said (section 3.2) to be derived from the digits of pi. But there seems to be no record of how. Thanks, Andrew ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] State of the art in block ciphers?
On 06/12/13 10:30, Alan Braggins wrote: On 05/12/13 11:41, coderman wrote: On Thu, Dec 5, 2013 at 12:13 AM, Matthew Orgass darks...@city-net.com wrote: ... OTOH, for TLS ChaCha seems to me like the best choice at this point. let me know when you are able to speak TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 between browser and popular site! (or any browser and any site for that matter :) /impatient Based on https://community.qualys.com/thread/12169 https://www.ssllabs.com/ssltest/analyze.html?d=google.coms=173.194.46.17 and https://www.imperialviolet.org/2013/10/07/chacha20.html I'd say today for CHACHA20_POLY1305_SHA256 on popular site and any browser (including developer/nightly builds), before end of the year for mainstream browser. That's TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 not TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, but close enough https://www.ssllabs.com/ssltest/analyze.html?d=google.coms=173.194.115.46 currently shows... TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (0xcc14) :-) -- Rob Stradling Senior Research Development Scientist COMODO - Creating Trust Online ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] State of the art in block ciphers?
On Fri, Dec 6, 2013 at 3:35 AM, Rob Stradling rob.stradl...@comodo.com wrote: ... https://www.ssllabs.com/ssltest/analyze.html?d=google.coms=173.194.115.46 currently shows... TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (0xcc14) thanks all for additional pointers; progess! i am specifically curious about the mentioned Google servers and Chrome will soon be supporting cipher suites based around ChaCha20 and Poly1305. and In addition to support in Chrome and on Google's servers, myself and my colleague, Elie Bursztein, are working on patches for NSS and OpenSSL to support this cipher suite. from Adam's blog post.[0] latest Chrome Beta's still don't have it, they're all giving me AES_GCM across various platforms. i have not yet tried the nightly builds, this is what i need for the interim it seems... best regards, 0. ChaCha20 and Poly1305 for TLS (07 Oct 2013) https://www.imperialviolet.org/2013/10/07/chacha20.html ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] State of the art in block ciphers?
On 06/12/13 20:22, coderman wrote: On Fri, Dec 6, 2013 at 3:35 AM, Rob Stradling rob.stradl...@comodo.com wrote: ... https://www.ssllabs.com/ssltest/analyze.html?d=google.coms=173.194.115.46 currently shows... TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (0xcc14) thanks all for additional pointers; progess! i am specifically curious about the mentioned Google servers and Chrome will soon be supporting cipher suites based around ChaCha20 and Poly1305. and In addition to support in Chrome and on Google's servers, myself and my colleague, Elie Bursztein, are working on patches for NSS and OpenSSL to support this cipher suite. from Adam's blog post.[0] Various useful-looking patches here... https://chromium.googlesource.com/chromium/deps/nss https://chromium.googlesource.com/chromium/deps/openssl latest Chrome Beta's still don't have it, https://community.qualys.com/thread/12169 says: Chrome 32 promotes Chacha20/Poly1305 suite. However, https://twitter.com/agl__/statuses/398498980151033856 says: Chrome 32 won't enable them when stable however: not yet ready. they're all giving me AES_GCM across various platforms. i have not yet tried the nightly builds, this is what i need for the interim it seems... best regards, 0. ChaCha20 and Poly1305 for TLS (07 Oct 2013) https://www.imperialviolet.org/2013/10/07/chacha20.html -- Rob Stradling Senior Research Development Scientist COMODO - Creating Trust Online ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography