On 2012-06-20 5:22 AM, Matthew Green wrote:
If you assume that every manufactured device will meet the standards of Intel's
test units, then you can live with the CRI/Intel review.
If you're /not/ confident in that assumption, the ability to access raw ES
output would be useful...
I see no v
On Wed, Jun 20, 2012 at 12:54 PM, Givonne Cirkin wrote:
>
> curious, why don't some ppl trust link shortners? is that a generation gap
> thing.
Someone recently played a trick on Full Disclosure. Something
about advanced notice of an Apple Update. It was a bitty link to a
eVote system (if I
Flame's too big to take on alone, says Microsoft
by Alastair Stevenson
More from this author
21 Jun 2012
Seattle: Cyber threats like Flame are too big and too advanced for even the
most security savvy of companies to take on alone, according to Microsoft
Trustworthy Computing senior direc
For a proper answer, You should follow pbarreto on Twitter and ask him. He's a
nice guy and *very* willing to talk about this. Mostly because he found the
press release so misleading.
But in any case, the answer to your question is: this is not a standard choice
for a pairing friendly curve. I
On 20-06-2012 22:12, Jon Callas wrote:
> Is this merely a case where 973 bits is equivalent to ~60 bits symmetric? If
> so, what's equivalent to
AES-128 and 256? Is there something inherently weak in pairing-friendly
curves, like there are in p^n curves?
>
Disclaimer: I'm not an authority either,
Not 10^500. That's assuming all numbers are primes. With larger numbers,
the ratio of prime numbers to ordinary drops. A lot. I don't think it's
more than 1^50 primes there, could be far less.
Also, you are SERIOUSLY underestimating cryptoanalysis. You assume to much
about how well these "tricks"
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Jun 20, 2012, at 8:35 AM, Matthew Green wrote:
> I'm definitely /not/ an ECC expert, but this is a pairing-friendly curve,
> which means it's vulnerable to a type of attack where EC group elements can
> be mapped into a field (using a bilinear m
Emphasis on _most profitable_ here. Clearly not the only one employed.
Also, this mode applies mostly to spam; there are a number of other
ways of filtering the victims who will take interest, be more
gullible, or get hooked that do not require being obviously dubious.
On Wed, Jun 20, 2012 at 1:56
was much less than expected:
http://www.techweekeurope.co.uk/news/fujitsu-cryptography-standard-83185
--Michael
Am 20.06.2012 um 17:39 schrieb William Whyte :
> Does anyone know if this attack took the expected amount of time (confirming
> the strength of this particular curve), or significan
thank u 4 the insight. i am so used to phishing scams & other nefarious web
activities that i never assume a link or button is what it says it is. i
always check to see where it is going.
--- weingar...@itsec.rwth-aachen.de wrote:
From: Florian Weingarten
To: undisclosed-recipients: ;
Cc: cr
This is an interesting paper that presumably has implications for other
social engineering schemes beside financial scammers:
http://research.microsoft.com/pubs/167719/WhyFromNigeria.pdf
ABSTRACT
False positives cause many promising detection technologies to be
unworkable in practice. Attackers, w
On 2012-06-20 09:54:33 -0700 (-0700), Givonne Cirkin wrote:
> curious, why don't some ppl trust link shortners? is that a
> generation gap thing.
>
> 2nd. ur guesses are wrong. i was born in the USA. my parents were
> born in the USA. my native language is English.
[...]
Perhaps this is also "a g
On 06/20/2012 06:54 PM, Givonne Cirkin wrote:
> curious, why don't some ppl trust link shortners? is that a generation gap
> thing.
Because there are serious privacy issues with most of them.
http://w2spconf.com/2011/papers/urlShortening.pdf
___
crypt
curious, why don't some ppl trust link shortners? is that a generation gap
thing.
2nd. ur guesses are wrong. i was born in the USA. my parents were born in
the USA. my native language is English. my parent's native language is
English. i grew up speaking English @ home. i went to publi
yes. and i covered this. esp. when the issue applies to the stenagraphic
component. using phi as a model of the method. but, phi is well known &
predictable. however, other sequences not.
--- jth...@astro.indiana.edu wrote:
From: Jonathan Thornburg
To: jam...@echeque.com, cryptography@ra
yes. just with a specific choice of key.
--- jam...@echeque.com wrote:
From: "James A. Donald"
To: givo...@37.com
CC: cryptography@randombit.net
Subject: Re: [cryptography] non-decryptable encryption
Date: Wed, 20 Jun 2012 10:48:01 +1000
On 2012-06-19 8:03 PM, Givonne Cirkin wrote:> i don't un
I've been told (by somebody much more diligent than I, who actually did the
math) that the number of compute-cycles works out to around 2^64. The
theoretical number of steps required is 2^53.
Of course, each step is /not/ 1 cycle, so if we assume that they're around 2048
cycles each it's right
Does anyone know if this attack took the expected amount of time
(confirming the strength of this particular curve), or significantly less
(in which case it’s something to be concerned about)?
William
*From:* cryptography-boun...@randombit.net [mailto:
cryptography-boun...@randombit.net] *On
>
> NIST curves don't have this property. In fact, they're specifically chosen
> so that there's no efficiently-computable pairing.
>
Ah, of course. I wasn't thinking.
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/ma
I'm definitely /not/ an ECC expert, but this is a pairing-friendly curve, which
means it's vulnerable to a type of attack where EC group elements can be mapped
into a field (using a bilinear map), then attacked using an efficient
field-based solver. (Coppersmith's).
NIST curves don't have this
On Wed, Jun 20, 2012 at 10:07 AM, James Muir wrote:
> On 12-06-19 08:51 PM, Jonathan Katz wrote:
>> Anyone know any technical details about this? From the news reports I've
>> seen, it's not even clear to me what, exactly, was broken.
>>
>> http://www.pcworld.com/businesscenter/article/257902/rese
On 12-06-19 08:51 PM, Jonathan Katz wrote:
> Anyone know any technical details about this? From the news reports I've
> seen, it's not even clear to me what, exactly, was broken.
>
> http://www.pcworld.com/businesscenter/article/257902/researchers_set_new_cryptanalysis_world_record_for_pairingbase
On Wed, 20 Jun 2012, James A. Donald wrote:
On 2012-06-19 9:07 AM, d...@deadhat.com wrote:
It does tell you that if it is your chip and you don't let
someone else pull the lid off, scrape off the passivation and apply a pico
probe to it, it will certainly provide you with good random numbers
r
23 matches
Mail list logo
