On Mon, 12 Dec 2005, Steve Furlong wrote:
| > My question is, what is the layperson supposed to do, if they must use
| > crypto and can't use an off-the-shelf product?
|
| When would that be the case?
|
| The only defensible situations I can think of in which a
| non-crypto-specialist programmer
Travis H. wrote:
>Would a wiki specifically for crypto distribute the burden enough to be useful?
>Or should we just stick to wikipedia? Is it doing a satisfactory job?
>
>
I'd read it. More resources == better. But keep the current Wikipedia
controversy in mind WRT the veracity of the contri
--
From: "Whyte, William" <[EMAIL PROTECTED]>
> Check the standards.
>
> The RSA PKCS#1 standard, which are free, describe how
> to do RSA securely and summarize known security
> results.
> http://www.rsasecurity.com/rsalabs/node.asp?id=2124.
> Don't use PKCS#3-style Diffie Hellman; it's be
Date sent: Mon, 12 Dec 2005 00:41:13 -0600
From: "Travis H." <[EMAIL PROTECTED]>
To: cryptography@metzdowd.com
Subject:crypto for the average programmer
> In Peter Gutmann's godzilla cryptography tutorial, he has some really
> go
--
From: Ralf Senderek <[EMAIL PROTECTED]>
> I think what's missing is the understanding that there
> cannot be secure email without the persons involved
> acting responsible and knowing their role in the
> process. Your mother will probably expect the computer
> to do the job for her (min
On Mon, 12 Dec 2005, Travis H. wrote:
> Seems like a lot of new folks (myself included) ask questions that
> have the following answer: Read the literature, no there's no one
> site, that would be too much effort, &c. Would a wiki specifically
> for crypto distribute the burden enough to be useful
At 9:57 AM -0600 12/12/05, Travis H. wrote:
Would a wiki specifically for crypto distribute the burden enough to
be useful?
Or should we just stick to wikipedia? Is it doing a satisfactory job?
I cannot answer the first question: I am leery of wikis that have
open posting rights, and I am le
Not to side track the discussion, but frequently I've heard PKI
compared to PGP's model. Isn't PGP's trust model the same as everyone
being their own CA?
I find PGP to be problematic. Many keys I see are only self-signed,
and this includes important keys like CERT. Many others sit unsigned
on t
On Sat, 10 Dec 2005, Anne & Lynn Wheeler wrote:
> NSA posts notice about faster, lighter crypto
> http://www.fcw.com/article91669-12-09-05-Web
This makes me wonder how news are created -- the NSA announcement made
on 16 February 2005 becomes a news in December...
BTW, we already discussed here S
On Mon, 12 Dec 2005, Travis H. wrote:
> In Peter Gutmann's godzilla cryptography tutorial, he has some really
> good (though terse) advice on subtle gotchas in using DH/RSA/Elgamal.
> I learned a few no-nos, such as not sending the same message to 3
> seperate users in RSA (if using 3 as an encrypt
> NIST, in its series of FIPS standards and Special Publications, has defined
> federal standards for digital signatures and modes of operation for symmetric
> ciphers, and is moving towards standardizing key exchange mechanisms based
> on public key algorithms. Those standards are also free, tho
Seems like a lot of new folks (myself included) ask questions that
have the following answer:
Read the literature, no there's no one site, that would be too much effort, &c.
Would a wiki specifically for crypto distribute the burden enough to be useful?
Or should we just stick to wikipedia? Is i
On Mon, Dec 12, 2005 at 12:20:26AM -0600, Travis H. wrote:
> 2) While CTR mode with a random key is sufficient for creating a
> permutation of N-bit blocks for a fixed N, is there a general-purpose
> way to create a N-bit permutation, where N is a variable? How about
> picking a cryptographically
> In Peter Gutmann's godzilla cryptography tutorial, he has some really
> good (though terse) advice on subtle gotchas in using DH/RSA/Elgamal.
> I learned a few no-nos, such as not sending the same message to 3
> seperate users in RSA (if using 3 as an encryption exponent).
> My question is, wh
--
From: Ed Gerck <[EMAIL PROTECTED]>
> Digital certs (X.509 and PGP) are useful when the key
> owner is not online. There is a world when this not
> only happens but is also useful. BTW, this is
> recognized in IBE as well.
But the key owner is always online, for in practice
> My question is, what is the layperson supposed to do, if they must use
> crypto and can't use an off-the-shelf product?
When would that be the case?
The only defensible situations I can think of in which a
non-crypto-specialist programmer would need to write crypto routines
would be an uncommon
In Peter Gutmann's godzilla cryptography tutorial, he has some really
good (though terse) advice on subtle gotchas in using DH/RSA/Elgamal.
I learned a few no-nos, such as not sending the same message to 3
seperate users in RSA (if using 3 as an encryption exponent).
My question is, what is the l
One thing I haven't seen from a PRNG or HWRNG library or device is an
unpredictable sequence which does not repeat; in other words, a
[cryptographically strong?] permutation. This could be useful in all
sorts of places in the kernel and elsewhere to prevent replay (for
example, in DNS ID #s, in ch
--
From: Anne & Lynn Wheeler <[EMAIL PROTECTED]>
> drastically improving the useability of the interface
> to the trusted public key repositories could be viewed
> as having two downsides 1) certification authorities
> that haven't payed to have their public keys preloaded
> can more easil
--
From: Ed Gerck <[EMAIL PROTECTED]>
> As new capabilities conflict with the old, the end
> result of this approach seems to ne a lot of patched
> in complexity and vulnerabilities.
>
> It seems better to start with a performance
> specification for the full system. The co
--
From: Bill Stewart <[EMAIL PROTECTED]>
> The real security issue for your mother is [...] her
> bank and eBay don't cryptographically sign their mail.
And, since her bank and ebay are under massive attack
from phishers, and your mother, if she is using any of
the common email clients
James A. Donald wrote:
> This was the scenario envisaged when PKI was created,
> but I don't see it happening, and in fact attempting to
> do so using existing user interfaces is painful. They
> don't seem designed to do this.
>
> My product, Crypto Kong, http://echeque.com/Kong was
> designed to
--
James A. Donald wrote:
> > However, the main point of attack is phishing, when
> > an outsider attempts to interpose himself, the man
> > in the middle, into an existing relationship between
> > two people that know and trust each other.
Anne & Lynn Wheeler <[EMAIL PROTECTED]>
> in the trad
On Fri, 9 Dec 2005, Ed Gerck wrote:
> [...] at least the grand
> picture should exist beforehand. This is what this thread's subject
> paper is about, the grand picture for secure email and why aren't
> we there yet (Phil's PGP is almost 15 years old) -- wh
A recent magazine article suggested a spoofing technique involving
wrapping one's finger with a few layers of cellophane; the latent
print on the reader apparently is visible enough to be reused in this
manner, at least with some currently-available scanners.
--
http://www.lightconsulting.com/~trav
--- begin forwarded text
Delivered-To: [EMAIL PROTECTED]
Date: Sat, 10 Dec 2005 20:51:58 -0500
To: Philodox Clips List <[EMAIL PROTECTED]>
From: "R. A. Hettinga" <[EMAIL PROTECTED]>
Subject: [Clips] Pentagon Intelligence Agency Gathers Domestic Intelligence
Reply-To: [EMAIL PROTECTED]
Sen
Anne & Lynn Wheeler wrote:
OCSP provides for a online
transaction which asks whether the stale, staic information is still
usuable, attempting to preserve the facade that digital certificates
serve some useful purpose when there is online, direct access
capability. The alternative is to eliminate
--- begin forwarded text
Delivered-To: [EMAIL PROTECTED]
Date: Sat, 10 Dec 2005 17:48:40 -0500
To: "Philodox Clips List" <[EMAIL PROTECTED]>
From: "R. A. Hettinga" <[EMAIL PROTECTED]>
Subject: [Clips] MIT Real ID Conference a Success: Participate in New Virtual
Civic Conversation
Reply-T
Ed Gerck wrote:
> I think that's where PKI got it wrong in several parts and not
> just the CPS. It started with the simplest (because it was meant to
> work for a global RA -- remember X.500?) and then complexity was
> added. Today, in the most recent PKIX dialogues, even RFC authors
> often disag
NSA posts notice about faster, lighter crypto
http://www.fcw.com/article91669-12-09-05-Web
The National Security Agency wants federal agencies to consider using a
group of algorithms it refers to as Suite B to satisfy future
cryptographic requirements. Suite B contains NSA-approved cryptographic
a
30 matches
Mail list logo
