ary.co.uk/sanct/s_lenslok.php
--
Darren J Moffat
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
promise, but is it ?
Option 6
IV 96 bits
MAC 96 bits
ChecksumSHA224 or SHA256 truncated to 192 bits
--
Darren J Moffat
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscr
a Merkle tree. We also have a
place to store an IV. So every encrypted ZFS block is self contained,
has an IV and a 16 byte MAC. This means that the crypto is all
standards based algorithms and modes for ZFS.
http://hub.opensolaris.org/bin/view/Project+zfs-crypto/
ection for certain classes of ciphertext modification than
just using CBC.
--
Darren J Moffat
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
(or at least was) the case http://en.wikipedia.org/wiki/FileVault
There is also a sleep mode issue identified by the NSA:
http://crypto.nsa.org/vilefault/23C3-VileFault.pdf
TrueCrypt on the other hand uses AES in XTS mode so you get
confidentiality and integrity.
--
Hal Finney wrote:
Darren J Moffat asks:
Ignoring performance for now what is the consensus on the suitabilty of
using AES-GMAC not as MAC but as a hash ?
Would it be safe ?
The "key" input to AES-GMAC would be something well known to the data
and/or software.
No, I don't t
e to perform on some
classes of machine better than or close to SHA256 if it would be worth
considering as an available alternate now until SHA-3 is choosen.
--
Darren J Moffat
-
The Cryptography Mailing List
Unsubscribe by sendi
t space padding can be helpful.
--
Darren J Moffat
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
b on
disk for Kerberos - yet that seems to be accepted practice even in
organisations that by policy don't want passphrase/PIN on disk.
--
Darren J Moffat
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
OpenSolaris doesn't do TOE because we don't need
it (and thus have no interfaces for it). This was 3DES, MD5, SHA1 era
IPsec.
So when its successor came along, the SCA-6000 (adding AES), the NIC was
dropped.
--
Darren J Moffat
--
some people but certainly scary for the masses.
Now to bring it back to crypto this shows the danger of assuming
that local "links" don't need to be encrypted and that cables are "more
secure" than wireless links (eg Bl
claims they are sometimes used for
identification I know I have never been asked for mine other than by an
employer or suitably authorised government body how has a real need to know.
--
Darren J Moffat
-
The Cryptography Mailing L
Apple reference here is aimed at iTunes. You do know that
iTunes Music Store no longer uses any DRM right ?
--
Darren J Moffat
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
as ciphertext so that we don't have to decrypt and
re-encrypt the data. Note this doesn't help rsync though since the
stream format is specific to ZFS.
[1] http://opensolaris.org/os/project/zfs-crypto/
--
Darren J Moffat
--
2x's and Cavium's Nitrox (because there hasn't been
any real need to come up with replacements) but I didn't think there'd be much
problem with finding the necessary hardware, unless you've got some particular
requirement that rules a lot of it out.
The Sun CA-600
wanted to put on in machines that didn't
have PCIe capability.
--
Darren J Moffat
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
s machines).
It even has Eliptic Curve support available.
--
Darren J Moffat
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
Steve Furlong wrote:
This just emphasizes what we already knew about C, even the most
careful, security conscious developer messes up memory management.
However I think it is not really efficient at this stage to insist on secure
programming for submission implementations. For the simple reas
e
meaning of what a CA cert is and why it exists.
--
Darren J Moffat
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
your business or
use the apps important to you for some other reason. It also very much
depends on why the app uses the crypto algorithm in question, and in the
case of digest/hash algorithms wither they are key'd (HMAC
the UI to do "the right thing" it still doesn't mean
anything real about trust all it really means is how much money was
invested in getting the cert and setting up the "correct" information
about the &qu
aren't enough in this context [ whey already exists ] the only
thing that will work is stopping the page being seen - replacing it with
a clearly worded explanation with *no* way to pass through and render
the page (okay maybe with a debug build of the browser but no
but for me on MacOS X I
never have to enter my Skype password because it is saved in the MacOS X
keyring and Skype isn't set to start at system boot (user login really)
for my account.
--
Darren J Moffat
-
The Cryp
23 matches
Mail list logo