On 30.10.2013, Sam Tuke wrote:
> I'm working with Werner to promote GnuPG and raise awareness.
Just my 5ΓΈ:
Raised awareness does seldom lead to change (just as knowledge and
attitudes). Before developing a strategy on promoting the use of
GPG, the barriers which prevent people from using it sh
On Wed, Oct 30, 2013 at 06:19:27PM +0100, Philipp Klaus Krause wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Am 10.09.2013 15:30, schrieb Robert J. Hansen:
> > On 9/10/2013 6:35 AM, Philipp Klaus Krause wrote:
> >> I wonder if it would be a good idea to have an option to combine
> >
Having not read far enough down the thread, Mark H. Wood wishes to
recall a completely redundant message:
> Consider a composition of *three* ciphers:
>
> A := ROT13
> B := ROT10
> C := ROT3
--
Mark H. Wood, hasty poster mw...@iupui.edu
Machines should not be friendly. Machines should
On Wed, Oct 30, 2013 at 11:33:18PM +0100, Philipp Klaus Krause wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Is there a known good way to combine multiple symmetric ciphers into
> something that is at least as strong as the weakest of them?
I sincerely doubt that there is, in the g
On 31-10-2013 4:52, Robert J. Hansen wrote:
>> That's because ROT(N) is a group.
>
> Yes, but good luck answering the inevitable next two questions: "what's
> a group?"
Playing Captain Obvious:
G is a group for the operation X if:
- \forall {A,B \in G} --> A X B \in G: G is closed.
- \forall
On Thursday, October 31, 2013 at 10:06 AM, "Johan Wevers"
wrote:
>However, encrypting a message with AES with key1 and then
>encrypting it again with key2 (key1 unrelated to key2) can't make it less
>secure
>since any attacker can encrypt the intercepted encrypted message again
>with littl
On 31/10/13 16:37, ved...@nym.hush.com wrote:
> The advantage is, that if it should ever be possible to brute force the
> keyspace of one key, then NONE of the possible elements of the keyspace
> (including the *correct* key) will result in an identifiable *correct*
> plaintext. It will only result
On Thu 2013-10-24 15:05:45 -0400, Sylvain wrote:
> I saw a lot of activity in the Debian project about upgrading to a
> 4096 RSA key,
> e.g. http://lists.debian.org/debian-devel-announce/2010/09/msg3.html
>
> However GnuPG's default is 2048.
ENISA (the European Union Agency for Network and Inf
Am Do 31.10.2013, 16:31:02 schrieb Daniel Kahn Gillmor:
> http://www.enisa.europa.eu/activities/identity-and-trust/library/deliverable
> s/algorithms-key-sizes-and-parameters-report
There is one point I don't understand:
[3.6 Recommendations]
"there is general agreement this should be above the
On Thu, Oct 31, 2013 at 10:02 PM, Hauke Laging
wrote:
> Am Do 31.10.2013, 16:31:02 schrieb Daniel Kahn Gillmor:
>
>> http://www.enisa.europa.eu/activities/identity-and-trust/library/deliverable
>> s/algorithms-key-sizes-and-parameters-report
>
> There is one point I don't understand:
>
> [3.6 Reco
Playing Captain Obvious:
Excellent! Let's play more.
- \forall {A,B \in G} --> A X B \in G: G is closed.
What's this "\forall" and "\in"? I don't understand. Are those HTML
entity codes that my email client isn't presenting properly?
... Or, in other words, your very first line assume
The advantage is,
that if it should ever be possible to brute force the keyspace of one key
No one will ever be able to brute-force a 128-bit key until such time
as we have quantum computers with 256-bit ensembles running at 3.2
kelvins and powered by stars.
Consequentially, I don't think
But this http://eprint.iacr.org/2009/317 (mentioned by the German Wikipedia
article for AES) claims that AES-256 was down to 99.5 bits.
If memory serves that's a related-key attack.
(Hmm. When you've gotten to the point where you can recognize
academic papers by their URLs, maybe that's a si
Sam Tuke wrote:
>Hi all,
>
>I'm working with Werner to promote GnuPG and raise awareness. To that
>end we're
>collecting quotes from users - endorsements from people who know and
>trust GPG,
>people like you.
>
>If you want to help us, send your own statement about why GPG is
>important to
>you. P
On 31/10/13 22:02, Hauke Laging wrote:
> But this http://eprint.iacr.org/2009/317 (mentioned by the German Wikipedia
> article for AES) claims that AES-256 was down to 99.5 bits.
I just glanced over the abstract, but didn't you glance over the term "related
key"? I.e., not generally applicable.
On 31-10-2013 22:36, Robert J. Hansen wrote:
> ... Or, in other words, your very first line assumes a level of
> mathematical knowledge that the overwhelming majority of people lack:
> namely, the abilities of understanding mathematical notion and TeX.
I am quite confident the majority of the peo
I am quite confident the majority of the people don't understand this,
but they don't need to. Someone can prove wether AES / Twofish / ... /
combinations of them is a group or not, and can then explain that
combinations are safer / at least as safe / less safe.
Yes. But please remember how thi
> The reason why the cryptanalytic community looked into whether DES forms a
> group is because the 56-bit keyspace was too short and we critically needed
> a way to compose DES into a stronger algorithm. That's not the case with
> AES.
Disclaimer : I am not a mathematician, only a student in mat
On 10/31/2013 4:31 PM, Daniel Kahn Gillmor wrote:
> ENISA (the European Union Agency for Network and Information Security)
> recently issued a report recommending that non-legacy systems using RSA
> start with keys that are >= 3072 bits (see page 30 of the PDF):
Huh -- fascinating! Thank you for
19 matches
Mail list logo
