On 06/22/2012 04:42 PM, Kevin W. Wall wrote:
You wrote "going to DIFFERENT consumers". I am interpreting that as
different processes, but I don't see how a CPU instruction like RdRand
or anything else is going to be process or thread or aware. If you would have omitted the "different",
then it
Marsh,
Am I missing something?
On Fri, Jun 22, 2012 at 1:06 PM, Marsh Ray wrote:
> On 06/21/2012 09:05 PM, ianG wrote:
>>
>>
>> On 22/06/12 06:53 AM, Michael Nelson wrote:
[snip]
>> It's a natural human question to ask. "I want to see what's under the
>> hood." But it seems there is also a very
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Jun 22, 2012, at 11:20 AM, Samuel Neves wrote:
>
> Not exactly. If the target is ~80-bit security, ~160-bit elliptic curves are
> still fine, even for pairing-based crypto. The failure there was the choice
> of the particular *field* and *curve
> I don't understand the last few posts here. In the paper linked to by
> Samuel Neves:
>
> http://eprint.iacr.org/2012/042
>
> Table 3, towards the top. (I read that as 2^53 steps.)
>
> So to me, the recent result is "we verified computationally that our
> analysis is correct".
>
> Maybe my br
On 22-06-2012 18:54, Jon Callas wrote:
>
> On Jun 22, 2012, at 2:01 AM, James A. Donald wrote:
>
> > On 2012-06-22 6:21 PM, James A. Donald wrote:
> >>> Is this merely a case where 973 bits is equivalent to ~60 bits
symmetric?
>
> > As I, not an authority, understand this result, this result is not
I don't understand the last few posts here. In the paper linked to by
Samuel Neves:
http://eprint.iacr.org/2012/042
Table 3, towards the top. (I read that as 2^53 steps.)
So to me, the recent result is "we verified computationally that our
analysis is correct".
Maybe my brain is too simple.
BB
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Jun 22, 2012, at 2:01 AM, James A. Donald wrote:
> On 2012-06-22 6:21 PM, James A. Donald wrote:
>>> Is this merely a case where 973 bits is equivalent to ~60 bits symmetric?
>
> As I, not an authority, understand this result, this result is not
On 06/21/2012 09:05 PM, ianG wrote:
On 22/06/12 06:53 AM, Michael Nelson wrote:
"At the output of the DRBG, through RdRand, you have no visibility
of these processes. We seek to limit the side channels through
which an attacker could determine the internal state of the DRNG."
Good answer!
On 2012-06-22 6:21 PM, James A. Donald wrote:
Is this merely a case where 973 bits is equivalent to ~60 bits symmetric?
As I, not an authority, understand this result, this result is not
"oops, pairing based cryptography is broken"
It is "oops, pairing based cryptography requires elliptic cu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Jun 20, 2012, at 8:35 AM, Matthew Green wrote:
I'm definitely /not/ an ECC expert, but this is a pairing-friendly curve, which
means it's vulnerable to a type of attack where EC group elements can be mapped
into a field (using a bilinear map),
On 2012-06-21 12:07 AM, James Muir wrote:
On 12-06-19 08:51 PM, Jonathan Katz wrote:
Anyone know any technical details about this? From the news reports I've
seen, it's not even clear to me what, exactly, was broken.
http://www.pcworld.com/businesscenter/article/257902/researchers_set_new_crypt
11 matches
Mail list logo
