TDMX is an application layer messaging protocol over HTTPS. The sending and
receiving agents (applications) are addressable with email addresses.
Example:
bill...@companya.com sends an electronic invoice file to
account...@companyb.com#BillingAPI
- there is end2end encryption on the message sen
Depending on what you're using this protocol for you maybe should try to
make it so that an attacker cannot tell that two messages are for the same
recipient, nor which message comes before another even with access to long
term keys of one or both parties after the fact. (Forward-anonymity
proper
btw as I didnt say it explicitly, why I claim (forward-anonymous) sequence
security is important is that mixmaster remailers shuffle and reorder
messages. If the message sequence is publicly viewable that property is
broken up-front, and if the message sequence is observable backwards in time
wit
Does anyone have a list of processes people have come up with to create
images for hashes? The only one that I'm aware of is the "randomart" that
is generated when creating a keypair for ssh (
http://www.ece.cmu.edu/~adrian/projects/validation/validation.pdf)
I wanted a fuzzy solution - so an imag
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I am wondering if it is okay to use the same asymmetric ECC key for
ECDSA and ECIES. Given that the signing and encryption algorithms are
not related like in RSA, I assume it is okay to use the same key for
both operations.
Are there any things I need
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 20/09/13 13:11, shawn wilson wrote:
> Does anyone have a list of processes people have come up with to create
> images for hashes? The only one that I'm aware of is the "randomart"
> that is generated when creating a keypair for ssh
> (http://www.ec
On 20/09/13 13:22, Dominik Schürmann wrote:
I am wondering if it is okay to use the same asymmetric ECC key for
ECDSA and ECIES. Given that the signing and encryption algorithms are
not related like in RSA, I assume it is okay to use the same key for
both operations.
Are there any things I need
Hi
On 20/09/2013 16:07, "Alan Braggins" wrote:
>On 20/09/13 13:22, Dominik Schürmann wrote:
>> I am wondering if it is okay to use the same asymmetric ECC key for
>> ECDSA and ECIES. Given that the signing and encryption algorithms are
>> not related like in RSA, I assume it is okay to use the
On 20/09/13 16:17, Paterson, Kenny wrote:
It is "technically secure". See:
http://eprint.iacr.org/2011/615
especially Section 4.
Thanks. I wish I'd known that back in 2008
https://bugzilla.mozilla.org/show_bug.cgi?id=344179#c6
With a pointer to a security proof, I might have got the
firmware ch
On 18 September 2013 22:23, Lucky Green wrote:
> According to published reports that I saw, NSA/DoD pays $250M (per
> year?) to backdoor cryptographic implementations. I have knowledge of
> only one such effort. That effort involved DoD/NSA paying $10M to a
> leading cryptographic library provide
On Sep 20, 2013, at 1:34 PM, Ben Laurie wrote:
>
> On 18 September 2013 22:23, Lucky Green wrote:
> According to published reports that I saw, NSA/DoD pays $250M (per
> year?) to backdoor cryptographic implementations. I have knowledge of
> only one such effort. That effort involved DoD/NSA pa
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 20.09.2013 17:17, Paterson, Kenny wrote:
> It is "technically secure". See:
>
> http://eprint.iacr.org/2011/615
Thanks you so much for this paper, it's even mostly understandable
with some basic knowledge of attack models :)
> Even so, I would n
Dominik,
You can certainly do it safely in this instance, because we have a
security analysis that says it's OK, but in general it's a bad idea to use
the same key-pair for more than one purpose, and, as the RSA-based example
in the paper shows, it can sometimes get you into serious trouble. Indee
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 20.09.2013 22:09, Jeffrey Walton wrote:
> Crypto++ has the schemes and Dr. Bernstein's curve. The library is
> available on all major Linux and BSD platforms.
I am using Crypto++ already, but I can't find ed25519 anywhere in the
library. FYI: The
On Fri, Sep 20, 2013 at 2:35 PM, Dominik Schürmann
wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> ...
> After reading related literature, I came to the conclusion to use
> ECDSA and ECIES (Both with Koblitz curves, as I am sceptical about the
> random curves ;),
> Bernstein's curve25
15 matches
Mail list logo