ird party attestation idea is wrong as it does not properly
model the actual trust relationships and liability among the parties.
6) The entire idea of signed attestations that last for years is based
on a pre-Internet, largely offline model of security.
There is more, but why should
On Wed, 28 Jul 2010 14:40:14 -0600 Paul Tiemann
wrote:
>
> On Jul 28, 2010, at 11:25 AM, Perry E. Metzger wrote:
>
> > On Wed, 28 Jul 2010 11:20:52 -0500 Nicolas Williams
> > wrote:
> >> On Wed, Jul 28, 2010 at 12:18:56PM -0400, Perry E. Metzger wrote:
>
eport that even I
can't easily configure the thing. Some have proposed standardizing on
radically simplified profiles of the protocol that provide almost no
options -- I believe to be the last hope for the current IPSec suite.)
Perry
--
P
On Wed, 28 Jul 2010 11:20:52 -0500 Nicolas Williams
wrote:
> On Wed, Jul 28, 2010 at 12:18:56PM -0400, Perry E. Metzger wrote:
> > Again, I understand that in a technological sense, in an ideal
> > world, they would be equivalent. However, the big difference,
> > again,
On Wed, 28 Jul 2010 11:23:16 -0500 Nicolas Williams
wrote:
> On Wed, Jul 28, 2010 at 11:20:51AM -0500, Nicolas Williams wrote:
> > On Wed, Jul 28, 2010 at 12:18:56PM -0400, Perry E. Metzger wrote:
> > > Again, I understand that in a technological sense, in an ideal
> >
On Wed, 28 Jul 2010 10:50:52 -0500 Nicolas Williams
wrote:
> On Wed, Jul 28, 2010 at 11:38:28AM -0400, Perry E. Metzger wrote:
> > On Wed, 28 Jul 2010 09:57:21 -0500 Nicolas Williams
> > wrote:
> > > OCSP Responses are much like a PKI equivalent of Kerberos
> > &g
the security properties
of such a system. There are far fewer systems whose compromise will
compromise the authorization decision. These are under-appreciated
features.
Perry
--
Perry E. Metzgerpe...@piermont.com
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
On Wed, 28 Jul 2010 09:30:22 -0500 Nicolas Williams
wrote:
> On Wed, Jul 28, 2010 at 10:05:22AM -0400, Perry E. Metzger wrote:
> > PKI was invented by Loren Kohnfelder for his bachelor's degree
> > thesis at MIT. It was certainly a fine undergraduate paper, but I
> > th
On Wed, 28 Jul 2010 15:16:32 +0100 Ben Laurie wrote:
> On 28 July 2010 15:05, Perry E. Metzger wrote:
> > On Wed, 28 Jul 2010 14:38:53 +0100 Ben Laurie wrote:
> >>
> >> And still needs revocation.
> >
> > Does it?
> >
> > I will point out th
On Wed, 28 Jul 2010 14:38:53 +0100 Ben Laurie wrote:
> On 28/07/2010 14:05, Perry E. Metzger wrote:
> > It is not always the case that a dead technology has failed
> > because of infeasibility or inapplicability. I'd say that a
> > number of fine technologies hav
ndon it even if, on some level, they are
certain that it could be made to work if only someone would do it.
I think we are at or even past that point with PKI. The odor of
putrefaction is unmistakable.
--
Perry E. Metzgerpe...@piermont.com
-
less you can perform an experiment to falsify the self-declared
"objective quantitative security measurement", it isn't science. I
can't think of an experiment to test whether any of the coefficients
in the displayed calculation is "correct". I don't even know what
On Tue, 27 Jul 2010 05:40:07 +0300 (EEST) Sampo Syreeni
wrote:
> On 2010-07-26, Perry E. Metzger wrote:
>
> > I think that you may be right -- the entire TLS PKI model may be
> > so horribly broken that, once you no longer have any real
> > security to speak of, sim
an feel reasonably secure
that others will not be reading their traffic over the air the way
that they might in a pure shared key scenario, and that this justified
the extra complexity of deployment. While what you say is perfectly
true, it does lead one to ask if
nglish Language":
http://www.mtholyoke.edu/acad/intrel/orwell46.htm
If you have not read it, I strongly urge that you do so.
Perry
--
Perry E. Metzgerpe...@piermont.com
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
Setting up the enterprise mode stuff to work is a lot of time
and effort. If it provides essentially no security over WPA2 in shared
key mode, one wonders what the point of doing that work is. This
doesn't seem like a mere enginee
etters/wireless/2010/072610wireless1.html?page=1
All in all, this looks bad for anyone depending on WPA2 for high
security.
--
Perry E. Metzgerpe...@piermont.com
-
The Cryptography Mailing List
Unsubscribe by s
hough, you might
ask your Friendly Neighborhood Email Admin to check their logs and
perhaps adjust their settings.
--
Perry E. Metzgerpe...@piermont.com
-
The Cryptography Mailing List
Unsubscribe by sending "
The root zone has been signed, and the root zone trust anchor has
been published.
Begin forwarded message:
Date: Fri, 16 Jul 2010 14:35:39 +
From: Joe Abley
To: na...@nanog.org
Subject: Root Zone DNSSEC Deployment Technical Status Update
Root Zone DNSSEC Deployment
Technical Status Update
Forwarded from Dave Farber's list:
> From: Paul Levy
> Date: July 14, 2010 1:06:10 PM EDT
> To: d...@farber.net
> Subject: Two new rulings on Internet anonymity
>
> Within a few hours of each other, two significant decisions have
> come down on the issue of how to decide whether to compel the
>
chips to make
them untrustworthy, there is very little you could do about it. The
literature makes it clear at this point that short of carefully
tearing apart and analyzing the entire chip, you're not going to catch
subtle behavioral changes designed to allow attackers
Begin forwarded message:
Date: Sun, 11 Jul 2010 18:11:56 -0400
From: David Farber
To: "ip"
Subject: [IP] DARPA BAA on homomorphic encryption
"There’s a new DARPA BAA on homomorphic encryption:
https://www.fbo.gov/utils/view?id=11be1516746ea13def0e82984d39f59b
The goal is to create practic
I got pointed at this, and it is written unclearly enough that I have
no idea what to make of it:
http://www.enrupt.com/index.php/2010/07/07/skype-biggest-secret-revealed
--
Perry E. Metzgerpe...@piermont.com
people that the security guarantees apply to ideal
> quantum systems. If your emitter isn't ideal -- and of course it
> isn't -- it can (will?) emit more photons; I can play my interception
> games with the ones your detector doesn't need.
Indeed, and from my readings o
silky writes:
> On Thu, Apr 22, 2010 at 12:04 PM, Perry E. Metzger wrote:
>> > > No one is doing that, though. People are working on things like faster
>> > > bit rates, as though the basic reasons the whole thing is useless were
>> > > solved.
>> &g
you care to name people who have an interest here, please let me
know. I haven't found them.
> The interest is not purely academic or oriented towards research. It
> has a very sound practical, commercial, and security basis.
I again note that Mr. Leiseboer is the CTO of a co
hing.
It is, of course, worse than that paper states. If you're only
authenticating, a man in the middle gets the entire bit stream, so you
need both: authentication to know a man in the middle isn't lying to
you, and conventional crypto to know that the man in the middle isn't
violating your privacy. Color me unimpressed by the usefulness of the
system.
Perry
--
Perry E. Metzgerpe...@piermont.com
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
silky writes:
> First of all, I'm sure you know more about this than me, but allow me
> to reply ...
>
> On Wed, Apr 21, 2010 at 11:19 PM, Perry E. Metzger wrote:
>> > Useless now maybe, but it's preparing for a world where RSA is broken
>> > (i.e. q
silky writes:
> On Wed, Apr 21, 2010 at 1:31 AM, Perry E. Metzger wrote:
>>
>> Via /., I saw the following article on ever higher speed QKD:
>>
>> http://www.wired.co.uk/news/archive/2010-04/19/super-secure-data-encryption-gets-faster.aspx
>>
>> Very in
this topic, and especially in the light of various technical
decisions being undertaken on the size of DNS signing keys for high
valued zones (like root), I was curious as to whether anyone had any
interesting comments on the state of the art in factorization.
Perry
--
Perry E. Metzger
security community, quantum key distribution continues to be a subject
of active technological development.
Perry
--
Perry E. Metzgerpe...@piermont.com
-
The Cryptography Mailing List
Unsubscribe by sending
"Perry E. Metzger" writes:
> 3) DOJ attempts to read Yahoo email accounts without a warrant, Yahoo
>resists:
>
> http://www.salon.com/news/opinion/glenn_greenwald/2010/04/15/doj
Alistair Crooks pointed out to me that the DOJ has dropped that fight:
http://www.thereg
/16indict.html?hp
3) DOJ attempts to read Yahoo email accounts without a warrant, Yahoo
resists:
http://www.salon.com/news/opinion/glenn_greenwald/2010/04/15/doj
--
Perry E. Metzgerpe...@piermont.com
-
The
Matt has an interesting blog post up about the afterward he wrote for
"Applied Cryptography" 15 years ago, and how little has changed in the
interim:
http://www.crypto.com/blog/afterword/
Perry
--
Perry E. Metzgerpe...@pi
ble
by them (or that any reasonable modern cryptosystem would have be
crackable). What, then, does the "decryption" claim mean here. Does
anyone know?
Perry
--
Perry E. Metzgerpe...@piermont.com
-
The Cry
Forwarded:
Date: Mon, 29 Mar 2010 16:52:21 +0200
From: OpenSSL
Subject: OpenSSL 1.0.0 released
Message-ID: <20100329145221.ga93...@openssl.org>
OpenSSL version 1.0.0 released
==
OpenSSL - The Open Source toolkit for SSL/TLS
http://www.openssl.org/
T
This is from ten days ago but I just ran across it. Nothing very deep --
just higher speed brute force attacks via GPUs.
http://www.net-security.org/secworld.php?id=9021
--
Perry E. Metzgerpe...@piermont.com
Also manually forwarded on behalf of Peter Gutmann. As before, if you
reply, don't credit me with the text, it is his.
>From pgut001 Fri Mar 26 14:44:54 2010
To: b...@links.org, nicolas.willi...@sun.com
Subject: Re: "Against Rekeying"
Cc: cryptography@metzdowd.com, pe...@piermont.com, si...@jos
Peter Gutmann has been having some trouble with his email and asked me
to manually forward this to the list. If you reply, don't credit me with
the text, it is his.
>From pgut001 Thu Mar 25 17:29:06 2010
To: fra...@pwpconsult.com, pe...@piermont.com
Subject: Re: "Against Rekeying"
Cc: cryptograph
Matt has an interesting blog post up about the Soghoian & Stamm SSL
interception paper:
http://www.crypto.com/blog/spycerts
--
Perry E. Metzgerpmetz...@cis.upenn.edu
Department of Computer and Information Science, University of Pennsylv
s position, partially because I think we have too little
experience with real world attacks on cryptographic protocols, but I'm
fairly open-minded at this point.
Perry
--
Perry E. Metzgerpe...@piermont.com
-
T
.” And
independent American scientists who read his paper said it was true:
Mr. Wang’s work was a conventional technical exercise that in no way
could be used to take down a power grid.
http://www.nytimes.com/2010/03/21/world/asia/21grid.html
--
Perry E. Metzgerpe
I should have the list back to normal again within a few days. Following
that, I will be converting the list over to Mailman and selecting a
couple of co-moderators to handle things when I'm too busy to handle
moderation duties.
Perry
--
Perry E. Metzgerpe...@piermon
I'll point out that in the midst of several current discussions, the
news of the TLS protocol bug has gone almost unnoticed, even though it
is by far the most interesting news of recent months.
Perry
-
The Cryptography Mailing L
Florian Weimer writes:
> * Perry E. Metzger:
>
>> Actually, there are routine attacks on DNS infrastructure these days,
>> but clearly they're not cryptographic since that's not
>> deployed. However, a large part of the point of having DNSSEC is that we
>&g
too close for comfort, especially since I can see the point
in a Large Bad Actor spending orders of magnitude more on this than just
$10M.
Perry
--
Perry E. Metzgerpe...@piermont.com
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
bout.
There are enough people here with the right expertise. I'd be interested
in hearing what people think could be done with a fully custom hardware
design and a budget in the hundreds of millions of dollars or more.
Perry
--
Perry E. Metzgerpe...@piermont.com
bmann...@vacation.karoshi.com writes:
> On Wed, Oct 14, 2009 at 06:24:06PM -0400, Perry E. Metzger wrote:
>> Ekr has a very good blog posting on what seems like a bad security
>> decision being made by Verisign on management of the DNS root key.
>>
>> http://www.ed
ey
for the signature because longer keys would result in excessively large
DNS packets. However, such short keys are very likely crackable in short
periods of time if the stakes are high enough -- and few keys in
existence are this valuable.
Perry
--
Perry E. Metzgerpe...@pi
Stephan Neuhaus writes:
> On Oct 1, 2009, at 16:46, Perry E. Metzger wrote:
>> It is also completely impossible to prove you've deleted a
>> record. Someone who can read the record can always make a copy of
>> it. Cryptography can't fix the DRM problem.
>
>
Stephan Neuhaus writes:
>> I think you've abstracted away too much information to provide a
>> definite answer, but if all you want is a proof of something being
>> done at time X that'll stand up in court then what's wrong with going
>> to a notary? This has worked just fine for... centuries? w
"James A. Donald" writes:
>>> The Haber & Stornetta scheme provides a timestamping
>>> service that doesn't require terribly much trust,
>>> since hard to forge widely witnessed events delimit
>>> particular sets of timestamps. The only issue is
>>> getting sufficient granularity.
>
>> I don't kn
Forwarded message:
From: "Paul F. Doyle"
To: ,
Cc:
Subject: Re: [Barker, Elaine B.] NIST Publication Announcements
Date: Wed, 30 Sep 2009 09:55:36 -0400
Hello Perry and Stephan (cc: Dan Geer),
Dan Geer forwarded a message thread from the crypto mailing list.
There is an approach to
Stephan Neuhaus writes:
> For business reasons,
> Alice can't force Bob to use a particular TTA, and it's also
> impossible to stipulate a particular TTA as part of the job
> description (the reason is that Alice and the Bobsgreat band name
> BTW---won't agree to trust any particular TTA and
Forwarded:
From: "Barker, Elaine B."
To: "Barker, Elaine B."
Date: Thu, 24 Sep 2009 15:54:18 -0400
Subject: NIST Publication Announcements
NIST announces the completion of two NIST Special Publications (SPs): SP
800-56B, Recommendation for Pair-Wise Key Establishment Schemes Using
Integer Fact
2,00.htm?s_cid=260
I guess Mr. Shalowitz is unaware of the existence of
disassemblers. Either that, or perhaps all those people attacking
Windows successfully have the source code, I'm not sure which.
Perry
--
Perry E. Metzge
Not strictly about crypto, but certainly about a very famous
cryptanalyst.
http://news.bbc.co.uk/2/hi/technology/8249792.stm
Perry
--
Perry E. Metzgerpe...@piermont.com
-
The Cryptography Mailing List
h...@finney.org ("Hal Finney") writes:
> Paul Hoffman wrote:
>> Getting a straight answer on whether or not the recent preimage work
>> is actually related to the earlier collision work would be useful.
[...]
> There was an amusing demo at the rump session though of a different
> kind of preimage
Ben Laurie writes:
> Perry E. Metzger wrote:
>> Yet another reason why you always should make the crypto algorithms you
>> use pluggable in any system -- you *will* have to replace them some day.
>
> In order to roll out a new crypto algorithm, you have to roll out new
&
Forwarded message:
From: "Barker, Elaine B."
Date: Thu, 20 Aug 2009 14:40:24 -0400
Subject: NIST Requests Public Comments
NIST announces the availability of two draft documents for public
comment: NIST Special Publication 800-38E and NIST Interagency Report
7609.
Draft NIST Special Publication
Paul Hoffman writes:
> The longer that MD5 goes without any hint of preimage attacks, the
> less "certain" I am that collision attacks are even related to
> preimage attacks.
I believe that yesterday, at the rump session at Crypto, restricted
preimage attacks were described. Not quite what you w
in any system -- you *will* have to replace them some day.
Perry
--
Perry E. Metzgerpe...@piermont.com
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
Watching the rump session online briefly last night, I saw that some
interesting new results on MD5 and AES seem to have been discussed at
the conference. Would anyone care to give us a brief overview for the
mailing list?
Perry
--
Perry E. Metzgerpe...@piermont.com
Zooko Wilcox-O'Hearn writes:
> On Wednesday,2009-08-19, at 10:05 , Jack Lloyd wrote:
>
>> On Wed, Aug 19, 2009 at 09:28:45AM -0600, Zooko Wilcox-O'Hearn wrote:
>>
>>> [*] Linus Torvalds got the idea of a Cryptographic Hash Function
>>> Directed Acyclic Graph structure from an earlier distributed
quickly, custom hardware would be fastest of all.
--
Perry E. Metzgerpe...@piermont.com
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
Jerry Leichter writes:
> On Jul 26, 2009, at 11:20 PM, Perry E. Metzger wrote:
>> Jerry Leichter writes:
>>> While I agree with the sentiment and the theory, I'm not sure that it
>>> really works that way. How many actual implementations of typical
>>>
Jerry Leichter writes:
> While I agree with the sentiment and the theory, I'm not sure that it
> really works that way. How many actual implementations of typical
> protocols are there?
I'm aware of at least four TCP/IP implementations in common use, several
common HTTP servers (though there ar
If you submitted a post to the list for about an hour this afternoon
(as measured by the US/Eastern timezone), it probably bounced. There was
a brief period where email on the list server was misconfigured. My
apologies, and the problem has been fixed.
Perry
-
This is purely about security, not on crypto.
For those of you not in the know, there is an exploitable hole in
Adobe's "Flash" right now, and there is no fix available yet:
http://www.adobe.com/support/security/advisories/apsa09-03.html
(See also:
http://www.us-cert.gov/cas/techalerts/TA09-204
d...@geer.org writes:
> > The pieces of the key, small numbers, tend to =93erode=94 over time as
> > they gradually fall out of use. To make keys erode, or timeout, Vanish
> > takes advantage of the structure of a peer-to-peer file system. Such
> > networks are based on millions of personal co
"Steven M. Bellovin" writes:
> http://feeds.wired.com/~r/wired27b/~3/CFV8MEwH_rM/
>
> A BlackBerry update that a United Arab Emirates service provider pushed
> out to its customers contains U.S.-made spyware that would allow the
> company or others to siphon and read their e-mail and text message
Also from Bruce Schneier, a report that MD6 was withdrawn from the SHA-3
competition because of performance considerations.
http://www.schneier.com/blog/archives/2009/07/md6.html
Perry
--
Perry E. Metzgerpe...@piermont.com
Bruce Schneier's coverage:
http://www.schneier.com/blog/archives/2009/07/new_attack_on_a.html
Paper:
https://cryptolux.uni.lu/mediawiki/uploads/1/1a/Aes-192-256.pdf
Perry
--
Perry E. Metzgerpe...@piermon
27;t want to bother the user (!) but they still want to be
> | > able to elevate privileges.
> |
> | Suppose a user's Kerberos credentials are about to expire. What to do?
>
> What fraction of mac users are using Kerberos?
I think he's pointi
The CSE, Canada's NSA equivalent, is apparently growing so fast that
they need new office buildings to hold all their new staff.
http://www.defenseindustrydaily.com/Canadas-CSE-ELINT-Agency-Building-New-Facilities-05498/
Hat tip: Bruce Schneier's blog.
--
Perry E. Metzger
Apparently, NIST has produced an interestingly optimized design for AES
S-box hardware implementations:
http://cryptome.org/0001/nist062309.htm
Perry
--
Perry E. Metzgerpe...@piermont.com
-
The Cryptography
Jon Callas writes:
> On Jun 27, 2009, at 6:57 PM, Perry E. Metzger wrote:
>> Does anyone have a recommended encrypted password storage program for
>> the mac?
>
> I would recommend the built-in keychain for anything that it works with.
There are some things it doesn&#x
Bill Frantz writes:
> pe...@piermont.com (Perry E. Metzger) on Sunday, June 28, 2009 wrote:
>
>>It has problems. Among other things, it only mlocks your session key
>>itself into memory, leaving both the AES key schedule (oops!) and the
>>decrypted data (oops!) pageabl
Thorsten Holz writes:
> On 28.06.2009, at 20:34, Perry E. Metzger wrote:
>> The fact that it isn't open source worries me a bit -- it means I
>> can't
>> verify that it does things correctly. Also, it integrates heavily with
>> lots of things, which makes me
Bob Mahoney writes:
>> Does anyone have a recommended encrypted password storage program for
>> the mac?
>
> I use 1Password, and I've been very happy. Good integration with the
> iPhone.
The fact that it isn't open source worries me a bit -- it means I can't
verify that it does things correctl
Does anyone have a recommended encrypted password storage program for
the mac?
Perry
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
the existing Mifare Classic infrastructures, anticipates system
security requirements for the future.
http://www.eetimes.com/rss/showArticle.jhtml?articleID=217700981
--
Perry E. Metzgerpe...@piermont.com
Full article:
http://www.nytimes.com/2009/05/29/us/politics/29cyber.html
--
Perry E. Metzgerpe...@piermont.com
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography"
ntals rather than just teach
people about what they need to know to be a "user" of the technology. I
may be mistaken but I'm not aware of any significantly superior
alternatives.
The field really needs a new, thorough textbook suitable for a one year
course, or maybe an up to date one se
Presumably an nation state
would have to need to attack specialized algorithms used by opponents
who are stupid enough to use short key lengths but smart enough not to
use algorithms that are themselves weak and thus attacked without
exhaustive search.
Per
lance james writes:
> stupid question - does this effect IPSec realistically as well?
IPSec and IPSec related protocols like IKE use SHA-1 in various
places. Whether those actually could be attacked using the known
weaknesses in SHA-1 would require detailed examination of the individual
protocol
Peter Gutmann writes:
> "Perry E. Metzger" writes:
>>Greg Rose writes:
>>> It already wasn't theoretical... if you know what I mean. The writing
>>> has been on the wall since Wang's attacks four years ago.
>>
>>Sure, but this should
"Perry E. Metzger" writes:
> For example, Verisign has lots of cert infrastructure right now that
> uses SHA-1. Imagine if I now use the above described attack and start
> forging certs that look to all the world like they're from Verisign and
> claim that I'm a m
hash. They would
need some sort of area that varied, but that's not too hard -- ELF note
sections, data segments regions that contain some blob of data you don't
care about, etc., are all fine possibilities.
So, don't use SHA-1 if you can help it. This is not to say that all uses
ar
this should light a fire under people for things like TLS 1.2.
Perry
--
Perry E. Metzgerpe...@piermont.com
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
Eric Rescorla writes:
> McDonald, Hawkes and Pieprzyk claim that they have reduced the collision
> strength of SHA-1 to 2^{52}.
>
> Slides here:
> http://eurocrypt2009rump.cr.yp.to/837a0a8086fa6ca714249409ddfae43d.pdf
>
> Thanks to Paul Hoffman for pointing me to this.
This is a very important r
t NSA "effectively
controls DHS cyber efforts through detailees, technology
insertions," and has proposed moving some functions to the agency's
Fort Meade, Md., headquarters.
http://news.cnet.com/8301-13578_3-10191170-38.html
--
Perry E. Metzger
I'm back up for air again. The message backlog will be moved out over
the next few days, not necessarily in chronological order.
Perry
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord..
y are successful.
http://www.computerworld.com.au/article/278658/aussie_govt_considers_quantum_leap_secure_comms
--
Perry E. Metzgerpe...@piermont.com
-
The Cryptography Mailing List
Unsubscribe by sending "u
Ivan Krstić writes:
> On Mar 3, 2009, at 1:53 PM, Perry E. Metzger wrote:
>> If it is obvious to you and me that a disk has multiple
>> encrypted views, then you can't expect that a court will not be able
>> to understand this and take appropriate action, like putting
ed views, then you can't expect that a court will not be able
to understand this and take appropriate action, like putting you in a
cage.
Perry
--
Perry E. Metzgerpe...@piermont.com
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
unless you're really very energetic about it, it will be
obvious from things like access times and other content clues ("gee,
why is there nothing in the browser cache from the current year?")
that what is there is not the "real" partition you use day to day.
-10172866-38.html
--
Perry E. Metzgerpe...@piermont.com
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
Yet more internal NSA history released to the public:
http://www.nsa.gov/public_info/declass/oral_history_interviews.shtml
--
Perry E. Metzgerpe...@piermont.com
-
The Cryptography Mailing List
Unsubscribe by
Travis writes:
> I'm working on a presentation about cryptography to give to the Open
> Web Application Security Project (OWASP).
[...]
> In addition, I'm curious about:
>
> Which hashes are currently vulnerable to length-extension attacks. If
> I recall Bruce Schneier's book "Practical Cryptogr
201 - 300 of 765 matches
Mail list logo
