PBKDF2 is certainly decent, and often the easiest choice if you intend to
comply with e.g. FIPS 140-2/ISO 27001, but the biggest argument against it
is that it _isn't_ difficult to parallelize, since it is just e.g.
HMAC-SHA256. Each guess might require sequential iteration, but you can
still compu
One curious note is that NIST recommends PBKDF2 for master key derivation,
and specifically write, "The MK [PBKDF2 output] shall not be used for other
purposes." Perhaps the document was meant to document just KDFs. Since the
hashes are one-way anyway, I don't see it making a difference for use as
By reproducible I mean re-usable, sorry.
On Thu, Aug 16, 2012 at 2:46 AM, Patrick Mylund Nielsen <
cryptogra...@patrickmylund.com> wrote:
> Blizzard Entertainment has been receiving a lot of flak from tech and mass
> media lately for choosing to employ SRP in their Battle.net clients
y not inexpensive.
> The limit is actually at 72 chars. 55 was an error in the paper.
Oh, interesting. Then it seems like less of an issue.
Thanks for the clarification!
On Thu, Aug 16, 2012 at 4:27 AM, Solar Designer wrote:
> On Thu, Aug 16, 2012 at 02:25:34AM +0200, Patrick Mylund N
It's interesting how the level of technical expertise of an organization's
members seems to have almost no bearing on how sophisticated the
organization's infrastructure is.
On a related note, I was recently surprised to learn that even the IACR
stores passwords in plain text.
On Tue, Sep 25, 201
I had assumed NIST would publish a revised specification with a fixed
set of lengths, a la Rijndael. Is this stated somewhere, or is my
presumption erroneous?
On Wed, Oct 3, 2012 at 6:42 PM, ianG wrote:
> On 3/10/12 14:10 PM, Landon Hurley wrote:
>>
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash:
One thing that I've sadly seen more times than I can shake a stick at
is people leaving in aNULL/eNULL, or not including !aNULL:!eNULL in
their cipher suite list.
On Wed, Oct 10, 2012 at 6:34 PM,
wrote:
> I want to find common improper usages of OpenSSL library for SSL/TLS.
>
> Can be reverse-eng
Hah. I'm surprised the term "security theater" wasn't coined earlier!
On Wed, Oct 10, 2012 at 9:29 PM, Warren Kumari wrote:
>
> On Oct 10, 2012, at 3:56 PM, Patrick Mylund Nielsen
> wrote:
>
>> One thing that I've sadly seen more times than I can sha
Related:
https://crypto.stanford.edu/~dabo/pubs/abstracts/ssl-client-bugs.html
http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf
On Wed, Oct 10, 2012 at 10:26 PM, <
travis+ml-rbcryptogra...@subspacefield.org> wrote:
> On Wed, Oct 10, 2012 at 08:56:29PM +0100, Patrick Mylund Niel
I would be happy to volunteer to move everything to Github. But it really
is really, really easy to do, and the maintenance required is minimal. That
or git+redmine or git+JIRA would be my suggestion.
On Tue, Oct 30, 2012 at 3:28 PM, Ben Laurie wrote:
> On Tue, Oct 30, 2012 at 2:21 PM, Matthew G
nfinity.net> wrote:
> Thank god...
> On Oct 30, 2012 7:50 AM, "Ben Laurie" wrote:
>
>> On Tue, Oct 30, 2012 at 2:39 PM, Patrick Mylund Nielsen
>> wrote:
>> > I would be happy to volunteer to move everything to Github. But it
>> really is
>> >
There is no good excuse, IMHO, but we also haven't done a good enough job
drawing attention to how to do it properly in a way that's easy for
non-cryptographers to understand. Too many developers think "cryptographic
hash function" means "safe [as-is] for password authentication."
On Mon, Nov 19,
There aren't a lot of root CAs, but there is a very large number of
intermediary CAs. The problem is every one of them has the same power to
sign certificates for anything/any domain.
On Fri, Jan 4, 2013 at 3:01 PM, yersinia wrote:
> On Fri, Jan 4, 2013 at 8:41 PM, John Case wrote:
> >
> > Let
I don't understand how you can accidentally check in ~/.ssh to your
repository, or at least not notice afterwards. Hopefully the OpenSSL
authors won't do that!
On Sun, Jan 27, 2013 at 9:29 PM, wrote:
>
> offtopic to list purpose, but perhaps timely to this thread
>
>
> http://www.webmonkey.com/
To rephrase, I don't understand why anyone would push their /home/user /
backup git repository to a public one on GitHub :)
On Mon, Jan 28, 2013 at 3:49 AM, ianG wrote:
> On 28/01/13 05:36 AM, Eitan Adler wrote:
>
>> On 27 January 2013 21:34, Patrick Mylund Nielsen
>&g
I would recommend taking a look at NaCl's crypto_box in particular:
http://nacl.cr.yp.to/index.html -- or off-the-record (as Sandy mentioned)
if you want real-time chat. I would not recommend trying to implement OTR
yourself as it is pretty tricky to get right.
On Mon, Jan 28, 2013 at 8:37 AM, Pa
> It is a good thing that Swartz killed himself, like his hero Wallace.
Both of them needed killing.
This is the stupidest thing I have read in a long time. Shut the fuck up.
> It is Jewish leftists like Rahm Israel Emanuel that seek the destruction
of Israel.
Israel is disliked in most countrie
On Fri, Jul 12, 2013 at 2:48 PM, James A. Donald wrote:
> On 2013-07-13 12:20 AM, Eugen Leitl wrote:
>
>> It's worth noting that the maintainer of record (me) for the Linux RNG
>> quit the project about two years ago precisely because Linus decided to
>> include a patch from Intel to allow their
On Sat, Jul 13, 2013 at 1:38 AM, William Yager wrote:
> not trusting your hardware is a great place to start.
>
>
Heh, might as well just give up. http://cm.bell-labs.com/who/ken/trust.html
(I know what you meant, just couldn't resist.)
>
> On Fri, Jul 12, 2013 at 7:20 PM, Peter Gutmann
> wr
On Fri, Jul 12, 2013 at 3:29 PM, ianG wrote:
> On 12/07/13 21:54 PM, Patrick Mylund Nielsen wrote:
>
>> On Fri, Jul 12, 2013 at 2:48 PM, James A. Donald > <mailto:jam...@echeque.com>> wrote:
>>
>> On 2013-07-13 12:20 AM, Eugen Leitl wrote:
>>
>&g
On Fri, Aug 16, 2013 at 11:42 AM, Tony Arcieri wrote:
> On Fri, Aug 16, 2013 at 6:32 AM, shawn wilson wrote:
>
>> I thought that decent crypto programs (openssh, openssl, tls suites)
>> should read from random so they stay secure and don't start generating
>> /insecure/ data when entropy runs lo
On Fri, Aug 16, 2013 at 12:03 PM, Tony Arcieri wrote:
> On Fri, Aug 16, 2013 at 8:47 AM, Patrick Mylund Nielsen <
> cryptogra...@patrickmylund.com> wrote:
>
>> Not for nothing, but that refers to both random and urandom, showing one
>> problem with the entropy estim
On Fri, Aug 16, 2013 at 3:30 PM, Tony Arcieri wrote:
> On Fri, Aug 16, 2013 at 9:18 AM, Patrick Mylund Nielsen <
> cryptogra...@patrickmylund.com> wrote:
>
>> Yes, but they aren't talking about urandom. Your reply made it sound like
>> random is weak, but the pap
On Thu, Nov 14, 2013 at 5:57 PM, Ben Laurie wrote:
> On 14 November 2013 03:29, shawn wilson wrote:
> > This is the only thing I've seen (haven't really looked):
> > http://stricture-group.com/files/adobe-top100.txt
>
> I have to ask: snoopy1 more popular than snoopy? wtf?
Probably people who
On Tue, Dec 24, 2013 at 9:39 PM, Bernie Cosell wrote:
>
> [but I would vote strongly for having the list archived online! That
> makes searches of old threads and most every other 'benefit' of a forum
> available while not messing up the ongoing discussion mechanism at all]
Already happening: h
On Thu, Jan 8, 2015 at 6:35 PM, Jon Callas wrote:
>
> Well, I'll be. I am on a Gogo-enabled flight even as we squeak, and I just
> turned my VPN off to go get you one of their certs. They're letting me get
> to YouTube and Vimeo just fine now. I guess someone got some sense. It was
> pretty hamfi
On Thu, Apr 30, 2015 at 3:14 PM, John Young wrote:
> Matt Blaze testified yesterday at the House hearing on encryption
>
>
> http://oversight.house.gov/wp-content/uploads/2015/04/4-29-2015-IT-Subcommittee-Hearing-on-Encryption-Blaze.pdf
>
> Others too:
>
>
> http://oversight.house.gov/hearing/enc
27 matches
Mail list logo
