http://www.usatoday.com/life/cyber/tech/review/2002/2/06/smartcard.htm
02/05/2002 - Updated 08:53 PM ET
One smart card for all your debts
By Edward C. Baig, USA TODAY
The annual Demo conference that kicks off in Phoenix next week may be the
most influential high-tech gabfest you've
At 6:18 PM -0500 2/5/02, Ryan McBride wrote:
On Tue, Feb 05, 2002 at 11:16:40AM -0800, Bill Frantz wrote:
I expect you could initialize the random data in that memory during
manufacture with little loss of real security. (If you are concerned about
the card's manufacturer, then you have
At 05:55 AM 2/7/2002 +1300, Peter Gutmann wrote:
Greg Rose [EMAIL PROTECTED] writes:
While priming the RC4 table, I accidentally filled the data buffer instead
(D'oh!) with consecutive byte values 0x00, 0x01, ... 0xFF, 0x00, ...
This very much passes the FIPS 140 tests for randomness,
Huh? Take their word for it? What are they talking about? Looks like the
DMCA will remain with us even longer now. Why aren't the big cases being
tried all the way to the Supreme Court?! Damn the recording industry!
http://www.eff.org/IP/DMCA/Felten_v_RIAA/20020206_eff_felten_pr.html
-
At 12:20 PM 2/4/2002, Bill Stewart wrote:
A smartcard-only system probably _is_ too limited to generate keys,
but that's the only realistic case I see.
Here are some manufacturer claims for the DataKey 330 smart card: average
of 23 seconds to generate a 1,024-bit RSA key, average of 3 minutes
On Wed, 6 Feb 2002, Greg Rose wrote:
At 03:48 PM 2/5/2002 -0600, Kim-Ee Yeoh wrote:
Could you clarify what you mean by counter output? Are we talking about
a sequence of consecutive 8-, 16-, or 32-bit numbers? If so, FIPS will
detect and flunk such sequences.
While priming the RC4
And if the runs test in FIPS were slightly extended, your sequence of
consecutive 8-bit numbers would have been easily caught too. Here's the
full spectrum of runs for your sequence:
Run-length # of gaps # of blocks
== = ===
--- begin forwarded text
Status: U
Date: Thu, 7 Feb 2002 01:02:16 -0600 (CST)
From: InfoSec News [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: [ISN] Hacker costs CryptoLogic US$1.3M charge
Sender: [EMAIL PROTECTED]
Reply-To: InfoSec News [EMAIL PROTECTED]
http://www0.mercurycenter.com/business/top/024186.htm
Suit delays eagerly awaited IPO
Posted at 7:05 p.m. PST Wednesday, Feb. 6, 2002
BY DEBORAH LOHSE
Mercury News
PayPal's hotly anticipated initial public offering was delayed this week
after the online payment company was sued over alleged
Dan Geer wrote:
In the article they repeat the recommendation that you never
use/register the same shared-secret in different domains ... for
every environment you are involved with ... you have to choose a
different shared-secret. One of the issues of biometrics as a
Dan Geer wrote:
In the article they repeat the recommendation that you never
use/register the same shared-secret in different domains
Compare and contrast, please, with the market's overwhelming
desire for single-sign-on (SSO). Put differently, would the
actual emergence of an
Joshua Hill wrote:
marius wrote:
Not quite true. Encrypting each message twice would not increase the
effective key size to 112 bits.
There is an attack named meet in the middle which will make the
effective key size to be just 63 bits.
Peter Trei wrote:
Don't forget that the MITM
12 matches
Mail list logo