On Thu, Jul 27, 2000 at 03:00:16PM -0400, Arnold G. Reinhold wrote:
> I like "Biprime Cryptography," or maybe "Biprime Public Key
> Cryptography," where a biprime is defined as the product of two prime
> numbers. I doesn't get close to any trademark and it is descriptive
> of the algorithm.
S
On Thu, Jul 27, 2000 at 10:18:02PM -0700, James A. Donald wrote:
> At 05:02 PM 7/27/2000 -0700, Steve Reid wrote:
> > Mallory sends The Real Alice an email claiming to be from The
> > Real Bob (this can be done with the usual spoofing) , telling Alice
> > that she can
On Wed, Jul 26, 2000 at 11:53:07PM -0700, James A. Donald wrote:
> Looking at someone's face, and hearing his voice, is good enough in
> all common circumstances, and common circumstances means "where the
> customers are".
Someone can pull off a man-in-the-middle attack without having to "put
on
On Mon, Oct 02, 2000 at 10:20:35PM -, lcs Mixmaster Remailer wrote:
> Rijndael appears to be a compromise between security and efficiency.
> This leaves us in an unhappy and uncomfortable position. It may well be
> that Twofish and perhaps Serpent continue to be widely used alternatives
> to
On Wed, Oct 06, 1999 at 06:28:45PM -0700, Greg Broiles wrote:
> This deserves further explanation. In order to begin an SSL session, the
> server must present its public key and its site certificate to the client.
I think you're missing the point of the article. The issue is, what
happens when
On Wed, Oct 13, 1999 at 03:08:49PM -0400, Steven M. Bellovin wrote:
> But it's also clear that folks who manufacture this gear for sale in
> the U.S. market are going to have to support CALEA, which in turn
> means that someone is going to have to standardize the interface --
> the FBI regulations
A real-world example of the fact that cryptography is only part of the
equation, and "tamper-proof" devices are not necessarily so.
Article: http://www.globeandmail.ca/gam/National/19991210/UDEBIN.html
Mirror: http://www.efc.ca/pages/media/globe.10dec99.html
On Mon, Dec 13, 1999 at 12:12:42PM -0800, David Honig wrote:
> Wouldn't a thumbprint reader on the card (to authenticate the meat to the
> smartcard) be a tougher thing to shoulder surf?
> Does raise the cost over a PIN.
I'm not sure if biometrics would help with the sort of attack this
appears
On Tue, Jan 25, 2000 at 04:51:12PM -0800, Nelson Minar wrote:
> Of course, this isn't easy to do - "matching statistical properties"
> isn't a simple closed problem. But I bet you could do fairly well in
> certain circumstances. For instance, Linux uses a strong random number
> when starting a TCP
On Sun, Feb 27, 2000 at 11:36:17PM +1100, Damien Miller wrote:
> What risks does using a predictable IV bring?
> Background: I am interested in writing an encrypting swap driver for
> Linux using a fast cipher in CBC mode keyed from /dev/random at boot
> time.
If you just use the block number, th
Here is my first attempt at a passphrase generator that tries to produce
proper sentences. The idea here is similar to Diceware except I'm hoping
the results will be easier to memorize by having proper sentence
structure. Also, it uses /dev/urandom instead of dice.
http://sea-to-sky.net/~sreid/pa
On Tue, May 02, 2000 at 10:14:14AM -0500, Rick Smith wrote:
> Is it really necessary to protect against an attack that orders the phrases
> according to how easy they are to remember? Clearly, a practical brute
> force attack against the passphrases must be automated. But I don't know of
> an algo
On Wed, May 24, 2000 at 04:09:45PM -0500, Rick Smith wrote:
> The problem is that you're talking about finding some people with top-notch
> software development skills that can believably be inserted into Microsoft
> under deep cover. They'd have to be able to pursue their backdoor
> installation
We all know hardware keyboard loggers are possible. Now there is a
commercial product called KeyGhost: http://www.keyghost.com/
Here is an independant review: http://www.dansdata.com/keyghost.htm
Several forms are available or planned, each capable of storing 97k or
500k (Pro version) of keystro
14 matches
Mail list logo
