ciphergoth: (Default)
I can't find my copy of An Introduction to the Theory of Numbers anywhere, and I haven't been able to for some time. Did I lend it to you, and if so can I have it back please? Ta!

Update: also, opinions on books on elliptic curves solicited, for the four or five of you who might have some! See my comment below.
ciphergoth: (Default)
Update: Anonymous comments must be signed! I've made a couple of exceptions to this policy, but I may stop unscreening comments that don't have any kind of name at the bottom.

My current plan to change the world involves writing a manifesto for a proposed mailing list to work out crypto standards that actually work and stand a chance of getting widely adopted in the open source world. This is essentially version 0.1.5 of that rant, and may contain some inaccuracies or overstatements; I look forward to your comments and corrections. Read more... )
ciphergoth: (Default)
I've posted before about the generally dreadful nature of cryptographic products. Yesterday I got into an argument on bloody Slashdot with a developer about whether he should try to use good crypto or not. Now, unlike [ profile] jwz I can see that he's not the only one with attitude in this thread, but the result still gets me down.

Next time you use something that uses crypto, bear in mind that it was probably written by the likes of this guy.
ciphergoth: (Default)
I had a very very lovely time at BiCon and in Tuscany.

But I'm still a geek I'm afraid...
ciphergoth: (Default)
Just read this story on Slashdot, so in curiosity I downloaded the paper. And I have to echo and extend comments Peter Gutmann made about the state of crypto under Linux: when you hear about a product that uses crypto, open source, Linux based or otherwise, just assume that the crypto is woefully cack-handed rubbish from someone who's read Applied Cryptography if that.

ssh v2 is mostly OK. TLS (SSL v3.1) is mostly OK. GPG is mostly OK. IPSec is mostly OK. I don't know of anything else that people in the field think well of.
ciphergoth: (Default)
I wrote a longer entry on this that LogJam threw away, but in summary, it now looks like the XSL attack on AES, which was always an academic attack anyway, won't even work in theory, according to Moh and Coppersmith. I don't understand the attack well enough to discuss the detail of all this though.

footnote defending Bruce Schneier )
ciphergoth: (Default)
You may have heard of a new attack on AES which substantially reduces the security it offers. Here's my reaction.
Read more... )
ciphergoth: (Default)
Update: YES, I'M CITED IN THE PRINTED PAPER! FUCKING YES! *does another dance around the room*

Just got an email saying that Moses Liskov did mention my paper on Mercy when presenting "Tweakable Block Ciphers", co-authored with Ronald L Rivest, at Crypto this year. Yay! I wonder if I'm cited in the printed version too?

For those who don't know, Rivest is the "R" in RSA.

Cool cool cool cool cool!


ciphergoth: (Default)
Paul Crowley

December 2018

1617 1819202122


RSS Atom

Most Popular Tags

Style Credit

Expand Cut Tags

No cut tags
Page generated Apr. 20th, 2019 07:05 am
Powered by Dreamwidth Studios