Re: KMail and smartcard

2005-05-24 Thread Werner Koch
On Tue, 24 May 2005 06:41:24 +0200, Chris said: > How can I use the smartcard in KMail? I cannot choose its keys in the > Identity > management. Does "gpg -K" list your key? This is what Kmail displays. You are using a decent Kmail (with all the crypto tabs in the configuration dialog and th

Re: Timing attack against AES

2005-05-24 Thread Werner Koch
Hi! Ryan, thanks for explaining this. I agree with you. Let me add that this is a classical type of side-channel attack and nothing really new. It is a general problem to hide things from other processes when sharing hardware. It is possible to make it hard but there won't never be perfect sol

Re: possible to encrypt message from pubkey gotten from ssl cert?

2005-05-24 Thread Werner Koch
On Sun, 22 May 2005 15:07:57 -0700, Alex Liberman said: > is it possible to extract public key from ssl cert (actually have > already got that far), and then use gpg to encrypt message using > that public key? THx Yes. It is whoever some work. With the integration of ssh keys, X.509 certs and s

Re: Timing attack against AES

2005-05-24 Thread Jean-David Beyer
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Aside from the necessity to compromise the machine running gpg to get the timing data for this attack, just how much data can a timing attack retrieve from a multiprogramming system, such as UNIX, Linux, etc., anyway, since all the other processes runn

Max compression

2005-05-24 Thread Per Tunedal Casual
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, what are the maximum values for compression for zip, zlib and bzip2? The default is 6 for zlib according to the manpage. I would like to set a somewhat higher compression with: - --compress-level Vänligen Per Tunedal Civ. ing. Civ. ek. S:t Mick

Re: Max compression

2005-05-24 Thread Atom Smasher
On Tue, 24 May 2005, Per Tunedal Casual wrote: what are the maximum values for compression for zip, zlib and bzip2? The default is 6 for zlib according to the manpage. I would like to set a somewhat higher compression with: --compress-level == the range is 1-9. 1 is the fastest,

RE: Timing attack against AES

2005-05-24 Thread Ryan Malayter
[Jean-David Beyer] > Aside from the necessity to compromise the machine running > gpg to get the > timing data for this attack, > just how much data can a timing attack retrieve from a > multiprogramming > system, such as UNIX, Linux, etc., anyway, since all the > other processes > running at th

Re: 2 noob problems

2005-05-24 Thread Alex Mauer
David Shaw wrote: > On Sat, May 21, 2005 at 10:53:12AM -0500, Alex L. Mauer wrote: > There are several reasons why it is a good idea for keyservers to > store multiple signatures, but the main one is that they do not > currently have any crypto code to actually verify the signatures. > Without the

JavaCard Implementation of OpenPGP Card 1.1 Spec

2005-05-24 Thread Greg Reaume
Hi Everyone, I am interested in using a smartcard for OpenPGP and am happy to see that a spec has been developed (thanks to g10code) for this purpose implemented on a native card OS. What I'm looking for though, is an implementation of this spec (compatible with GPG) for the JavaCard OS. I alrea

Re: KMail and smartcard

2005-05-24 Thread =k3Rn=
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hey, Chris wrote: > I have just installed a smartcard reader and set it up. I can successfully > read the information on it and managed to generate a new key on it (gpg > --card-list / gpg ---card-edit). What is the real advantage of a smartcard? I

Re: JavaCard Implementation of OpenPGP Card 1.1 Spec

2005-05-24 Thread Zeljko Vrba
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Greg Reaume wrote: | | I searched the mailing list archive and came up with an individual | that has attempted this: | http://www.core-dump.com.hr/index.pl?lastnode_id=404&node_id=421 | I am that individual :) I managed to get it generate the key

IBM to Provide Security w/o Sacrificing Privacy Using Hash Functions

2005-05-24 Thread Sean C.
http://tinyurl.com/dljdm See comment at bottom. Business/Financial Desk; SECTCTECHNOLOGY I.B.M. Software Aims to Provide Security Without Sacrificing Privacy By STEVE LOHR 624 words 24 May 2005 The New York Times Late Edition - Final 4 English Copyright 2005 The New York Times Company. All Rights

RC2

2005-05-24 Thread Alexander Hoffmann
Hello, i don't know if it is the best place to ask this type of questions, but if i'm wrong here could you tell me a right mailing list fot it. I want to decrypt rrc2 encrypted mails and use libgcrypt for this purpose. As i know the RC2 algorithm is implemented in libgcrypt (rfc2268.c), but it wil

Re: IBM to Provide Security w/o Sacrificing Privacy Using Hash Functions

2005-05-24 Thread Alex Mauer
Sean C. wrote: > I'm confused though. > I just read this article from the New York Times. As a newbie to encryption > and > hash algorithms I thought the idea behind hashes was that you couldn't > reconstruct the data from the hash. You can't. But you can use the hash as a key to cross-referenc

Re: KMail and smartcard

2005-05-24 Thread Chris
On Tuesday 24 May 2005 09:55, Werner Koch wrote: > On Tue, 24 May 2005 06:41:24 +0200, Chris said: > > How can I use the smartcard in KMail? I cannot choose its keys in the > > Identity management. > > Does "gpg -K" list your key? This is what Kmail displays. No, gpg -K does not list anything.

Re: Help with Enigmail and other issues

2005-05-24 Thread J. David Boyd
[EMAIL PROTECTED] wrote in news:1115810734.3667.233878576__ [EMAIL PROTECTED]: > > - How do I proceed further ? > Turn on debugging in enigmail. It's the last tab under preferences. This will show you what errors you are getting. > - Is there a better way to import public keys into enigmail ?

Re: IBM to Provide Security w/o Sacrificing Privacy Using HashFunctions

2005-05-24 Thread Robert Zagarello
Great example, Alex !... BZAG === Sean C. wrote: > I'm confused though. > I just read this article from the New York Times. As a newbie to encryption and > hash algorithms I thought the idea behind hashes was that you couldn't > reconstruct the data from the hash. Y