On Thu, 17 Nov 2005, Jari Ruusu wrote:
>
> Unfortunately truecrypt is just another broken device crypto implementation
> that uses good ciphers in insecure way. Specially crafted static bit
> patterns are easily detectable through that kind of bad crypto.
Looks like they have fixed it: version 4.1
Thomas Sjögren wrote:
> On Tue, Nov 08, 2005 at 05:58:04AM -0600, Travis H. wrote:
> > The only thing close that I've seen is Bestcrypt, which is commercial
> > and has a Linux and Windows port. I don't recall if the Linux port
> > came with source or not.
>
> http://www.truecrypt.org/
>
> "True
On 4 Nov 2005, at 5:23 PM, Travis H. wrote:
For example, pgp doesn't hide the key IDs of the addressees.
But OpenPGP does. Here's an extract fro RFC 2440:
5.1. Public-Key Encrypted Session Key Packets (Tag 1)
[...]
An implementation MAY accept or use a Key ID of zero as a "wild
card"
On Tue, Nov 08, 2005 at 05:58:04AM -0600, Travis H. wrote:
> The only thing close that I've seen is Bestcrypt, which is commercial
> and has a Linux and Windows port. I don't recall if the Linux port
> came with source or not.
http://www.truecrypt.org/
"TrueCrypt
Free open-source disk encryption
On Mon, 7 Nov 2005, Jason Holt wrote:
> Take a look at ecryptfs before rewriting cfs
... or at TrueCrypt (which works on linux and windows):
http://www.truecrypt.org/downloads.php
--
Regards,
ASK
-
The Cryptography Mailing L
> Nice, but linux-only and requires special kernel support. cfs supports
> lots and lots of different OSs and doesn't require kernel modes. So far
> as I know, in this regard cfs is unique among cryptographic filesystems.
The only thing close that I've seen is Bestcrypt, which is commercial
and
On Fri, 4 Nov 2005, Travis H. wrote:
PS: There's a paper on cryptanalyzing CFS on my homepage below. I
got to successfully use classical cryptanalysis on a relatively modern
system! That is a rare joy. CFS really needs a re-write, there's no
real good alternatives for cross-platform filesyste
On Fri, 4 Nov 2005, Travis H. wrote:
PS: There's a paper on cryptanalyzing CFS on my homepage below. I
got to successfully use classical cryptanalysis on a relatively modern
system! That is a rare joy. CFS really needs a re-write, there's no
real good alternatives for cross-platform filesyst
> Does ISAKMP do encryption where the input is
> meant to be secret, instead of the key?
I meant MAC, not encryption, sorry.
Of course encryption inputs are secret.
--
http://www.lightconsulting.com/~travis/ -><-
"We already have enough fast, insecure systems." -- Schneier & Ferguson
GPG fingerpr
Hi folks,
If one had the ability to create standards over, with reckless
disregard for performance, how would you improve their security?
Feel free to pick a protocol or system (e.g. gpg or isakmp) and let me
know how it is done, and how it should have been done.
For example, pgp doesn't hide th
10 matches
Mail list logo
