Michael Sierchio wrote:
Nils Larsch wrote:
Matthew Julius Raibert wrote:
I'm working on a project for which I need to generate big primes.
Along the way I noticed that when I run BN_generate_prime() it seems
to always set the two most significant bits to one. In other words,
if I ask for
Jagannadha Bhattu wrote:
1. If we do not set SSL_OP_SINGLE_DH_USE then the same public and
private keys are used for all connections? If so how can this provide
security at all as one client can decrypt other client's messages?
Different clients would get different common DH secret values.
That
he FAQ
On 7/8/05, Vadym Fedyukovych <[EMAIL PROTECTED]> wrote:
Jagannadha Bhattu wrote:
Hi,
I have some questions on ephemeral keying.
1. In the man page for SSL_CTX_set_tmp_dh_callback the example shows
that the same params are used for all connections. Is it safe?
Hardness of (c
Jagannadha Bhattu wrote:
Hi,
I have some questions on ephemeral keying.
1. In the man page for SSL_CTX_set_tmp_dh_callback the example shows
that the same params are used for all connections. Is it safe?
Hardness of (computational) Diffie-Hellman problem does not suffer from
using the same gr
Richard Levitte wrote:
Rafael Cividanes writes:
Hi,
I'm looking for a secure implementation of Shamir Secret Sharing
algorithm in OpenSSL Project. I coudn't find anything in the page
(www.openssl.org).
Is there any free implementation like that of Shamir's algorithm?
We did talk abou
ed.edward wrote:
X-No-Archive: Yes
Hi,
I recently read PGP Enterprise doc and found the concept of
Additional
Decryption Keys ADK.
What are Additional Decryption Keys? According to the doc, An
Additional
Decryption Key (ADK) is a data recovery tool. This allows the
owner(s) of the Addit
Mathias Sundman wrote:
On Wed, 18 May 2005, Ken Goldman wrote:
All correct for authentication. There are times that public keys or
certificates are encrypted using a DH protocol for privacy. You might
not want a man in the middle to track where you go, and a certificate
is your identity.
Correct
Joshua Juran wrote:
On May 18, 2005, at 2:45 PM, Miles Bradford wrote:
My question on top of that was - "How could someone intercept an
encrypted
message and get to the information inside the certificate without
corrupting
the encryption that the data is wrapped in - since once the perpetrator
le
might be visible but could not be used to "get into"
because of private keys.
Sorry if I got a bit brash.
Thanks
Miles
Regards,
Vadym
-Original Message-
From: Vadym Fedyukovych [mailto:[EMAIL PROTECTED]
Sent: Tuesday, May 17, 2005 6:40 PM
To: openssl-users@openssl.org
Subject: Re
Miles:
I second David Schwartz.
With properly designed VPN and properly issued certificates
and secure use of private key (no leaks)
of proper size (1024 bits for RSA)
there's no chance to cheat a party that follow the specifications.
One should beware:
- brand-new self-made VPNs. Use IPSec, HIP or
10 matches
Mail list logo