Re: DeCSS and imminent harm ...

was beyond the power of a judge, that judges not only should not censor thei internet, but that they *could* not censor the internet, that the interenet was stronger than the judiciary. It is not about copyright law. It is about power. --digsig James A. Donald 6YeGpsZR+nOTh

Re: Comcast@Home bans VPNs

to businesses, and lower price low bandwidth connections to consumers. Now they want to continue selling high price high bandwidth connections to business while selling low price high bandwidth connections to consumers. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0

Re: What would you like to see in a book on cryptography for programme

subject to much attack, people should not use them, but should read them. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG jWnprzbdcockuFt7jlrh6D57vGi84SX9Qz8lhH+j 4f1X5tAzhVXqKLOeFps1Q4DXRbKUyYfziiL68LAce

Re: A proposal for secure videoconferencing and videomessaging over the Internet

-- James A. Donald: I do not understand what is meant by "provably secure"] At 09:57 AM 7/28/2000 -0400, Rich Salz wrote An unfortunate admission for a would-be cryptographer. It should have been obvious from the context that you deleted that I was criticizing the use o

Re: A proposal for secure videoconferencing and video messaging over the Internet

ill always be yet another attack. Few things are secure against rubber hoses and hot pincers, or against foolishness and carelessness, which tends to be even more common than rubber hoses. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0

Re: A proposal for secure videoconferencing and video messaging over the Internet

-- James A. Donald writes: In real life situations where one wishes a conversation to be secure, people are most commonly authenticated by not by true name, but by face. At 02:49 PM 7/26/2000 -0700, Eugene Leitl wrote: We're mixing several unrelated items in one pot here. One

A proposal for secure videoconferencing and video messaging over the Internet

A proposal for secure videoconferencing and video messaging over the Internet http://catalog.com/jamesd/kong/secure_video.htm Personal presence service is going to be a protocol as widely used as http, and if we can get security into that protocol, it will result in widely deployed nyms,

Re: Weak user keys, strong servers.

access to the user's machine and no power over the server, even if the user chooses a weak passphrase, and a system that is also invulnerable to outsiders with power over the server if the user chooses a strong passphrase and they have no access to the user's machine. --digsig James

Re: Weak user keys, strong servers.

-- James A. Donald: The problem is that I assume that people find each other's IP and transient public key through the server. I also assume the user's computer is insecure, the user is ignorant and careless about security and the user may change computers from time to time. Thus

Re: Weak user keys, strong servers.

-- At 06:16 PM 7/20/2000 -0400, David Jablon wrote: This is a solved problem, under slightly different assumptions. At 07:34 AM 7/20/00 -0700, James A. Donald wrote: One can achieve almost the same effect by having transient user keys separate from the user logon key, random keys

Weak user keys, strong servers.

, but this exposes the client to man in the middle attack from the server, and only works for instant messaging and for transactions that either fail or complete within a single logon session at the server. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG

Re: Legal/patent analysis of Lucre?

by the issuer. If the coin issuer marks coins by using a different key for some coins and not others, the blinding will generate unrecognizable garbage and the system will fail. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG 866Ja9CRG46g

Re: depleting the random number generator

the packets arrive (which he cannot) this cannot give him any additional knowledge about the state. The worst case is that the attacker does not lose any information. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG GwzRjnRrKYJu2r1GIGDbMcu4BUlTzkvCgsPsse1R

Re: depleting the random number generator

-- Oh dear! This suggestion worries me. Is it reasonable to expect this arrangement to be secure against e.g. chosen-entropy attacks? On Mon, 26 Jul 1999, James A. Donald wrote Yes If the attacker knows exactly when the packets arrive (which he cannot) this cannot give him any

If only you knew what we knew

etting rid of the communist state and instituting liberty. Not getting rid of one form of fascism and substituting another. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG ILz8NgHWCv8iqIxlum5mmmYGL3tKQy

Re: depleting the random number generator

tropy pool if he can gain information about the pool from the entropy he sees. It is possible to make this computationally very expensive. Use a cryptographically strong PSEUDO random number generator, such as RC4. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0

Re: NPR story on crypto...

government over US citizens. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG 1Or62Yo2734CUUOeRD2kSfdrhpiM8Q4CGyBqQbaV 4NvZ/17IPS0YGa5nUzZoTAbMgjjNF9ElbQIe4vD2

Re: so why is IETF stilling adding DES to protocols? (Re: It's official... DES is History)

but seemed to lose interest. Perhaps Bill Gates was the recipient of a little talk. Netscape does not seem to have made any effort to get around these laws. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG te44YTbMzpsZ9qSQVGv80eTNWCC2ZX

Re: EPIC releases 1999 Crypto report

arge amount of truth. This presentation probably does not appeal to citizens of the outside world. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG oQuGno2KeatkJ8lm5fJxZinp71JAuBDxmeQMRmf3 4CY2kNueZuow8KiMnPEy3OQH9nc4WRft2RzeKpGTo

Re: IBM MP - error in site, our meaning of open, standard etc

less cynical and pessimistic. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG U6dLsn/tUV6iMtbo48pXXBVGmdGu+PWuPke5YO9w 4bscPXK7ICHSYiKE/sKFZP9GxHlzMhCpwAM/aatqW

Re: quantum codebreaker

to conceive of what it would mean for the Hamiltonian to be non linear. If the non linearity was sufficient to have perceptible effects in everyday life, reality would be unimaginably different. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG G

Re: NSA's economic interest in European GAK

predicted, if the government has access to keys, it will be incapable of restraining itself to lawful uses of that information, and lo and behold, the government was incapable of restraining itself to lawful uses of that information. Surprise surprise. --digsig James A. Donald

Re: Five years, and still no useful internet cash

I think I know some of them. I'd be very interested in an informed discussion of them. You may well be the only person that knows some of them. I would be interested in knowing more about its birth and death. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0

Bernstein Opinion Up

with explanation, discussion, and sufficient information for a human to construct a makefile. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG uPMpxXwshmNpXlGGiHThXA2waVAdPIcMzRs4eF6D 4an5T6V823cgpj1l1hAxD2MmyFdsHIAUHfB+RxHt3

Re: Exporting crypto from the US? Think first...

-- At 12:13 AM 5/7/99 -0700, James A. Donald wrote: Large numbers of people have been conspicuously breaking this law for a long time. At 09:04 AM 5/7/99 -0700, Greg Broiles wrote: Charles Booher of San Jose received investigatory attention and subpoena(s) from the BXA for his website

Re: Intel announcements at RSA '99

. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG 17Dd+YQp5Kf8bt/Y873n/xKTRWPMKN2qcvVsAAg5 4XzWgPvQ5KxYUjNf5+hg96PNe9lqEJMPR4q+ld95i - We have the right to defend ourselves and our property, because