> http://www.freedom-to-tinker.com/archives/000336.html
>
> Quoting:
>
> Here is one example of the far-reaching harmful effects of
> these bills. Both bills would flatly ban the possession, sale,
> or use of technologies that "conceal from a communication
> servic
> > I must be out of touch - since when did
> > PGP key signing require a photo id?
>
> It's rather efficient if you want to sign a large number of keys of
> people you mostly do not know personally.
Assuming, of course, that the ID is of a sort for which you have an
"is-a-forgery" oracle.
Has a
> ... We can ask what is the
> probability of a collision between f and g, i.e. that there exists
> some value, x, in S such that f(x) = g(x)?
But then you didn't answer your own question. You gave the expected
number of collisions, but not the probability that at least one
exists.
That probab
> RSA is subject to blinding attacks and several other failure modes if
> used without padding. For details on what that means, read the
> cyclopedia cryptologia article on RSA.
>
> http://www.disappearing-inc.com/R/rsa.html
That brings on another amateur question. In that article it says,
"If t
Wouldn't it be a kick if Open Source systems were out there in the
field doing useful and secure things with TCPA before other sorts of
systems showed up trying to do draconian anti-user things?
"It's easy if you try ..."
-
The C
> I can see how Alice can easily generate two primes whose product
> will have that *high* order part, but it seems hard to generate an
> RSA modulus with a specific *low* order 64 bits.
Is it? As long as the lowest bit is a 1, Alice just has to search
for one prime that ends with 63 0's and a 1
The freshness requirement without the safety requirement is trivial
in RSA -- let Scott choose the public exponent.
No, probably not sufficient for anyone's real needs.
At the other extreme, you could go all the way to a Frankel-style
shared key generation protocol, and let Scott give Alice his h
> No, it doesn't. It doesn't take unlimited time for lottery-based
> payment schemes to average out; finite time suffices to get the
> schemes to average out to within any desired error ratio.
Strictly speaking, the average will come within your error tolerance
of the expected value *with probabi
> There's an M-209 for sale on EBay:
>
> http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&item=726499988
>
> Interestingly enough, some people are blocked "for legal reasons" from
> getting to it.
Even more interestingly, connecting from a Department of Energy
network IP address with a .gov
> The basic idea of using zero-knowledge proofs to create an
> unlikable anonymous credentials system ...
"[sic]" !
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
2) I can't prove that a standard hash function such as SHA1
generates all possible codes, but I consider it likely. It would
be quite shocking if a strong hash function such as SHA1 generated
fewer codes than a weak function such as H0.
I think you could do a probabilistic proof
sorb other otherwise
scatter an input photon, but I'm sure you needn't lose 1/2 of them.
But I agree that the use of this device can be detected by the
communicating parties.
Matt Crawford
> > Businesses today could
> > reasonably be content with their 1024-bit keys, and military institutions
> > and those paranoid enough to fear from them should have upgraded years ago.
> >
> > To me, the big news in Lucky Green's announcement is not that he believes
> > that Bernstein's researc
> There are other problems with using IPsec for VoIP.. In many cases
> you are sending a large number of rather small packets of data. In
> this case, the extra overhead of ESP can potentially double the size
> of your data.
HOW small? You'd already be adding IP+UDP+RTP headers (20 [or 40] +
8
I think there must be some sort of steganography tools in the
Microsoft Office Suite. I say this because people often tell
me they are sending me a Word or Powerpoint file with important
information in it, but I've yet to discover any.
:-)
[Moderator's note: I
> Is there even development on the PGP (product) line? AFAIK
> they (NAI) have not release PGP 7.x in source form. Worse, there
> are a couple of bugs I found in 6.5.8 when I was porting it
> to Tru64, but who knows if anyone is listening over at NAI.
Years ago I bought a few copies of commerci
> David Honig wrote:
> > Unbeknown to the latter, Marks had already cracked General de Gaulle's
> > private cypher in a spare moment on the lavatory. -from the obit of Leo
> > Marks, cryptographer
>
> But this was because it was, in fact, one of his own ciphers.
> Cheers,
> Ben.
Not one that he
As I never tire of saying, "PKI is the ATM of security."
Meaning that has a certain niche relevance, but is claimed by
proponents to be the answer to every need, and is the current magic
word for shaking the money tree.
-
The
> If they only cover Windoze (which is likely) the result will be that
> the criminal / paranoid / privacy freak / hacker community will just
> plain migrate to another OS... Which would be good for the world,
> don't you think?
When outlaws use Linux, Linux will be outlawed.
And I'm not being e
Internet Fraud Complaint Center. It might be amusing to set up that
address as a local IP alias and see just what your printer wants to
complain about.
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe crypto
> a) I believe physical media will always have higher bandwidth than
> broadband - why? Because you have to feed the broadband from somewhere,
> and archive it somewhere.
You can use an expensive physical medium to drive your transmission.
If you sell atoms, you have to use a cheap medium.
> It
> One interesting issue with radio networks is Man-in-the-middle attacks,
> because nobody can intercept a request and forward it
> faster than you can receive it directly, unless there are
> distances that are too far for the two parties to reach each other
> but still let the MITM contact both.
> That's an excellent point, but: if you were smart enough to use stego
> for real, wouldn't you be smart enough to pick a good password?
If I hand my users some security package and say "use this", that
doesn't make them any smarter or dumber than they were yesterday.
---
> >Senator Hatch was interviewed by national media on Tuesday and stated that
> >the US government had voice intercepts of calls talking about success with
> >two targets. He was later criticized for talking about the intercepts.
>
> Hm, criticized? Why not indicted?
>
>(a) Whoever kno
> A german TV news magazine (ZDF spezial) just mentioned that
> the terrorists prepared and coordinated
> also by using the internet, but no details were told.
>
> [Moderator: I've listened to virtually all the news conferences made
> so far. The FBI has yet to make any such statement.
The only
I have no Windows source code to judge by, but just looking from the
outside I believe the error arises as follows. When the MIT-based
KDC returns the error code KADM5_PASS_Q_DICT (which it will only do
if your Kerberos admin has inserted a dictionary check, as there is
none by default), the MS p
> > ... and scientists work in secret to develop computers capable of
> > performing more than one septillion
> > (1,000,000,000,000,000,000,000,000) operations every second.
If any single component is to change state this many times per
second, it has to be no bigger than (3*10^8 m/s) * (10^-24
Trusting that Perry will declare this OT before too much longer ...
> > To lift the midpoint of a cable 1000 units long by 5 units requires
> > only 0.067 units of slack, or the ability to stretch by 0.0067%.
> > (This takes into account the catenary shape of the lifted cable.)
>
> Finish your e
> Cable companies do this (from the surface) when they repair cables, but they
> usually cut the cable before separately raising the cut ends and splicing in
> a new section. I doubt that cable would be strong or extensible enough to
> lift uncut, unless there was a lot of slack from eg a previous
> > (3) A person shall not knowingly present a public key certificate
> > for which the person is not the owner of the corresponding
> > private key in order to obtain unauthorized access to information
> > or engage in an unauthorized transaction.
Hooo-wee! Don't you normally present a whole ch
> To sum this whole thing up - /IS/ there a way to put a tap on a fiber line
> without letting the whole world know you're doing it, if not just the
> operator/owner of the line itself? And if so could someone sketch it out for
> me or point me to a resource? I'd love to learn of it
In an optical
On the science-fictional front, Vernor Vinge's recent
"A Deepness in the Sky" (ISBN: 0-312-85683-0) turns
upon software verification and backdoors without being
tedious in the manner of some techno-fiction.
-
The Cryptography
32 matches
Mail list logo