David Honig wrote:
>Is there a reason not to use AES block cipher in a hashing mode
>if you need a secure digest of some data?
Yes. The standard hashing modes provide only 128-bit hash digests, and
for long-term collision-resistance, we'd probably like longer outputs.
Also, Rijndael has not b
"Steven M. Bellovin" wrote:
> Purely procedurally, if you tried to get it published as an RFC it
> would probably be bounced by the IESG -- there's a policy against RFCs
> that are or appear to be end-runs around a working group. If something
> is in a WG's area, it's up to them to publish it.
On Tue, 05 Dec 2000, Bram Cohen wrote:
> > [SHA-2 looks pretty good. What's your problem with it? --Perry]
>
> It's slow.
Just how slow? Are you sure you tried a production implementation? What
efficiency figures do you have (say, SHA-256 vs. SHA-1 vs. Rijndael)?
Paulo Barreto.
At 3:04 PM -0800 12/5/2000, Ray Dillinger wrote:
>On Tue, 5 Dec 2000, Arnold G. Reinhold wrote:
>
...
> >I believe there are applications where a passphrase generated key is
>>preferable.
>
>>I think a standard such as Mr. Simpson suggests is a worthwhile idea.
>>No one is forced to use a standar
At 11:59 PM 12/4/00 -0800, Alan Olsen wrote:
>The
>review of the system during the audit was less than nice, but they still
>wanted to go ahead with it.
Didn't they set themselves up for extra liability when fraud
is committed due to their *now conscious* lack of diligence?
Ignorance is bliss
At 11:19 PM 12/4/00 -0800, Bram Cohen wrote:
>On Mon, 4 Dec 2000, William Allen Simpson wrote:
>
>> We could use the excuse of AES implementation to foster a move to a
>> new common denominator.
>
>AES is silly without an equivalently good secure hash function, which we
>don't have right now.
>
In message <[EMAIL PROTECTED]>, Bram Coh
en writes:
>On Mon, 4 Dec 2000, Bram Cohen wrote:
>>
>> [SHA-2 looks pretty good. What's your problem with it? --Perry]
>
>It's slow. It's fast enough for most applications, but then again so is
>3DES - either you care about speed or you don't, and if you
On Tue, 5 Dec 2000, Arnold G. Reinhold wrote:
>At 7:20 PM + 12/4/2000, lcs Mixmaster Remailer wrote:
>>William Allen Simpson <[EMAIL PROTECTED]> writes:
>>> 4) an agreed algorithm for generating private keys directly from
>>> the passphrase, rather than keeping a private key database.
On Mon, 4 Dec 2000, Bram Cohen wrote:
>
> [SHA-2 looks pretty good. What's your problem with it? --Perry]
It's slow. It's fast enough for most applications, but then again so is
3DES - either you care about speed or you don't, and if you do, SHA2 just
doesn't rank up there with Rijndael.
-Bram
At 11:19 PM -0800 12/4/2000, Bram Cohen wrote:
>On Mon, 4 Dec 2000, William Allen Simpson wrote:
>
>> We could use the excuse of AES implementation to foster a move to a
>> new common denominator.
>
>AES is silly without an equivalently good secure hash function, which we
>don't have right now.
>
Bram Cohen writes:
> To be fair, Yahoo handles so much mail that the CPU power necessary to
> start SSL sessions for all of them gets pretty expensive. They'll probably
> start doing end-to-end encryption when the prices of that drop lower,
> Moore's law and all that.
Of course, this assumes
--- Forwarded Message
Return-Path: [EMAIL PROTECTED]
Message-ID: <[EMAIL PROTECTED]>
From: "Pawling, John" <[EMAIL PROTECTED]>
To: "Pawling, John" <[EMAIL PROTECTED]>
Subject: SFL/CML/ACL/SNACC Freeware Available *NEW CML RELEASE*
Date: Tue, 5 Dec 2000 14:20:30 -0500
Sender: [EMAIL PROTECTE
"Enzo Michelangeli" <[EMAIL PROTECTED]> writes:
>>I have an RFC draft for this which I wrote a while back but it was rejected by
>>the PKIX WG chair(s) ("I am concerned that we not turn PKIX into PGP with ASN.1
>>syntax"), and I haven't had the motivation to publish it as an independent
>>draft -
At 7:20 PM + 12/4/2000, lcs Mixmaster Remailer wrote:
>William Allen Simpson <[EMAIL PROTECTED]> writes:
>> My requirements were (off the top of my head, there were more):
>>
>> 4) an agreed algorithm for generating private keys directly from
>> the passphrase, rather than keeping a priva
On Tue, 5 Dec 2000, Enzo Michelangeli wrote:
> I'm not sure about this, unless you assume that the best attacks are based
> on dictionary search (which, for PK algorithms, can be pretty
> time-consuming). Let's suppose that the entropy of the passphrase only
> amounts to 100 bits: my gut feeling
-BEGIN PGP SIGNED MESSAGE-
I can see that one can put information associated with a
signature outside the hashed area but I cannot see that one
should do so and I doubt that this will improve security.
First the key-ID. Why should I have it outside the signature?
It's possibly not secur
On Mon, 4 Dec 2000, William Allen Simpson wrote:
> We could use the excuse of AES implementation to foster a move to a
> new common denominator.
AES is silly without an equivalently good secure hash function, which we
don't have right now.
[SHA-2 looks pretty good. What's your problem with it?
On Mon, 4 Dec 2000 [EMAIL PROTECTED] wrote:
> >Yahoo's new system works like this: Once a message is composed, it
> >travels, unencrypted, to Yahoo,
>
> So feel no fear in sending anything you wouldn't mind being read before
> it's encrypted?
> I'm surprised AOL isn't offering this "security fe
18 matches
Mail list logo
