Folks:
Here is the new release of pycryptopp:
https://pypi.python.org/pypi/pycryptopp
It has Ed25519 signatures, using Python wrappers written by Brian
Warner in his "python-ed25519" project and C code written by Daniel J.
Bernstein in his "supercop" project. It also has XSalsa20 cipher,
using P
(N.B. I (still) disagree with Ian Grigg's thesis in several of its
other steps. However, the part about how botnets, which don't pay for
the marginal cost of their electricity, will provide an increasing
contribution to the global Bitcoin transaction-confirmation service
(a.k.a. "mining") -- that p
Yes, when the SHA-3 process was launched—in the exciting time when MD5
and SHA-1 had been dramatically shown to be weak—it seemed like we
were in danger of waking up one day and finding out that we had no
strong hash functions left. It was prudent to get started on SHA-3
ASAP in order to have an al
If you're using one of the pre-SHA-3 error secure hash functions which
is vulnerable to length-extension attacks (e.g. SHA-256), then a good
fix is the "HASH_d" technique suggested in Ferguson and Schneier's
"Practical Cryptography" book (whose new edition is Ferguson,
Schneier, and Kohno's "Crypto
On Fri, Apr 13, 2012 at 9:50 AM, Marsh Ray wrote:
>
> But now SHA-2 takes a 50% performance hit on messages of 55 bytes and shorter.
Good point.
> So something like IPsec AH would see around a 66% loss in performance if its
> bottleneck were actually the authentication (estimating from a handy
On Fri, Apr 13, 2012 at 1:51 PM, Marsh Ray wrote:
> On 04/13/2012 02:38 PM, James A. Donald wrote:
>>
>>
>> To construct a case where length extension matters, one must
>> contrive a rather dreadful protocol.
>
>
> http://vnhacker.blogspot.com/2009/09/flickrs-api-signature-forgery.html
Yes, I thi
http://allthingsd.com/20120423/pgp-creator-phil-zimmerman-has-a-new-venture-called-silent-circle/
https://silentcircle.com/
Continually nowadays I think I'm living in one of the science fiction
novels of my youth. This one is by Neal Stephenson, I think.
Regards,
Zooko
_
Folks:
I posted this on Google+, which I'm effectively using as a blog:
https://plus.google.com/108313527900507320366/posts/cMng6kChAAW
I'll paste the content of my essay below. It elicited some keen
observations from Nikita Borisov in the comments on G+, but I guess you'll
have to actually load
Hello Nico Williams. Nice to hear from you.
Yes, when David-Sarah Hopwood and I (both Tahoe-LAFS hackers)
participated on the zfs-crypto mailing list with you and others, I
learned about a lot of similarities between Tahoe-LAFS and ZFS.
On Wed, Apr 25, 2012 at 1:10 PM, Nico Williams wrote:
>
> O
On Wed, Apr 25, 2012 at 9:27 PM, Marsh Ray wrote:
> On 04/25/2012 10:11 PM, Zooko Wilcox-O'Hearn wrote:
>>
>> 1. the secret-oriented way: you make a MAC tag of the chunk (or equivalently
>> you use Authenticated Encryption on it) using a secret key known to the good
&g
wanted to submit.
> Zooko Wilcox-O'Hearn writes:
>> authenticated encryption can't satisfy any of my use cases!
>
> Of course it can!
No more so than unauthenticated encryption does. Is it possible for
there to be a form of "authenticated encryption" that helps with my
following-up to my own post:
On Wed, May 9, 2012 at 6:34 AM, Zooko Wilcox-O'Hearn wrote:
>
> 1. Decrypt the data,
> 2. Verify the integrity of the data,
> 3. Generate MAC tags for other data which would pass the integrity check.
>
> The fact that 3 is included in that bu
Folks:
Here's a copy of a post I just made to my Google+ account about this
alleged Botnet herder who has been answering questions about his
operation on reddit:
https://plus.google.com/108313527900507320366/posts/1oi1v7RxR1i
=== introduction ===
Someone is posting to reddit claiming to be a ma
13 matches
Mail list logo