For a good Montgomery multiplication pointer, check out:
C. K. Koc, T. Acar, and B. S. Kaliski Jr. Analyzing and comparing Montgomery
multiplication algorithms. IEEE Micro, 16(3):26-33, June 1996.
which you can find at: http://www.ece.orst.edu/ISL/Publications.html
Enjoy - Dave
-Original
Steve McIntosh wrote:
>
> I want to use OpenSSL only for fetching pages off https sites using GET
> or POST. Nothing more, nothing less. Should I be able to compile OpenSSL
> without all of the RSA extras (RC2, RC4, RC5 idea and so on) and still
> be able to do this? Or, do I need the items from
the export ciphers don't get added by default. you need to explicitly add
them. off of the top of my head i don't remember the exact function to
add cipher suites, but if you poke around the docs a bit you'll find it.
--keith
Keit
What you're basically saying is that if someone can sniff packets, and
brute force their way into decrypting the information, is their
data safe, and is this a possible scenario.
No, their data won't be safe. Yes, this is possible. There are
plenty of studies that have shown how much computing po
Hi,
We have developed our own web server and recently upgraded to SSL 3.0 using
SSLeay 0.8.1. We have noticed that web browsers with a cipher strength of
40 bits cannot connect to our server while web browsers with a cipher
strength of 128 bits can.
Any help in debugging why this is happening
I want to use OpenSSL only for fetching pages off https sites using GET
or POST. Nothing more, nothing less. Should I be able to compile OpenSSL
without all of the RSA extras (RC2, RC4, RC5 idea and so on) and still
be able to do this? Or, do I need the items from RSA to connect to these
sites and
Stephan Bauer wrote:
>
> Hi,
>
> I would enjoy hearing some opinions on the following
> potential scenario :
>
> The SSL-Client does no client-auth. and has to transmit
> one string, that contains security-sensitive data.
> Let's think of a man-in-the-middle you leaves through
> the handshake-p
Hi,
I would enjoy hearing some opinions on the following
potential scenario :
The SSL-Client does no client-auth. and has to transmit
one string, that contains security-sensitive data.
Let's think of a man-in-the-middle you leaves through
the handshake-packets, but blocks the data-packets.
He th
Hi,
I've been able to get Crypt::SSleay to compile with SSLeay v8 and v9,
but I had to modify the source a bit to get it to work. If you
want, I can hunt down my mod's that made it possible.
Assuming that OpenSSL is just the later version of SSLeay (?),
what do you all think if I updated Crypt
> anyone has used the ssleay/openssl certificates with >smartcards
>(tokens)
> 1024bits key enabled, inside the browsers like >Netscape or IE/Outlook ?
We're using SSLeay0.9.1 with Chrysalis LunaCA-2 cards
and 1024 keys. Chrsyalis provides a PKCS11 interface,
upon which we built our own library.
On Wed, 24 Feb 1999, Sergio Rabellino wrote:
> Hi,
> anyone has used the ssleay/openssl certificates with smartcards
> (tokens)
> 1024bits key enabled, inside the browsers like Netscape or IE/Outlook ?
We work with Gemplus, who sells crypto smartcards to be used with IE4 and
Netscape 4.04+.
Russell Selph wrote:
>
> Another poster commented that he was having trouble generating large RSA
> keys. (Sorry, but I've deleted the post.) I'm also seeing a difference in
> behavior between versions. Below is a test of SSLEAY 0.8.1 vs. the current
> CVS source. The older code completes in a
Sergio Rabellino wrote:
>
> Hi,
> anyone has used the ssleay/openssl certificates with smartcards
> (tokens)
> 1024bits key enabled, inside the browsers like Netscape or IE/Outlook ?
>
> Thanks for any reply...
I asume that you mean that the smartcard has an 1024bit key?
If you mean that the
Hi,
anyone has used the ssleay/openssl certificates with smartcards
(tokens)
1024bits key enabled, inside the browsers like Netscape or IE/Outlook ?
Thanks for any reply...
--
Dott. Sergio Rabellino
Technical Staff
Department of Computer Science
University of Torino (Italy)
http://www.
14 matches
Mail list logo