|
|
 Up |
|
|
  |
Author: UnruhUnruh
Date: Dec 4, 2006 18:32
>If I were British, and if there were export restrictions on
>cryptographic software, I certainly would post it. Anything to annoy
>Tony Blair and his New Fascist Party. I can't believe you let those
>clowns toss Magna Carta into the dust bin. What happended to you
>Britain? You used to be cool!
Ah yes. I assume that when there WERE export restriction in the USA you
posted crypto on the web and let the DOJ know.
I note that there are STILL export restriction in the USA on cryptography.
HOw about emailing a copy of PGP to Iran to protest the US govenment's
rules? Or NOrth Korea?
And when you went to Russia, you posted crypto on the web there and let the
KGB know? It is all very well for you to advocate actions that will get
others thrown in jail.
Gevernments have ways of making you regret annoying them.
>Dave
|
| Show full article (1.29Kb) |
|
| |
2 Comments |
|
|
Author: UnruhUnruh
Date: Dec 4, 2006 12:51
Juuso Hukkanen tele3d.net> writes:
>On 4 Dec 2006 18:29:46 GMT, Unruh wrote:
>>Juuso Hukkanen tele3d.net> writes:
>>>>>On Mon, 4 Dec 2006 17:50:46 +0100, Sebastian Gottschalk
>>> wrote:
>>
>>>>That's both prior art and non-working. Hint: What happens...
|
| Show full article (4.65Kb) |
|
| |
2 Comments |
|
|
Author: Tom St DenisTom St Denis
Date: Dec 4, 2006 11:47
Ernest Hammingweight wrote:
> Mike Amling wrote:
>> If there are several titles on the disk, and they have different
>> title keys (I don't know if that ever actually happens or not.), then
>> CSS only needs one 409-element list per disk, rather than one
>> 409-element list per title key. (Albeit one would think that
>> space-saving would not be a major concern for DVDs.)
>>
>> --Mike Amling
> That sounds plausible. Thanks.
And it's also exactly what I said a few hours earlier. I guess because
it came from me instead of Mike it was contained less truthiness? Well
I'm glad we have a wikiality about this subject.
Tom
|
| |
|
1 Comment |
|
|
Author: Ernest HammingweightErnest Hammingweight
Date: Dec 4, 2006 11:44
Mike Amling wrote:
> If there are several titles on the disk, and they have different
> title keys (I don't know if that ever actually happens or not.), then
> CSS only needs one 409-element list per disk, rather than one
> 409-element list per title key. (Albeit one would think that
> space-saving would not be a major concern for DVDs.)
>
> --Mike Amling
That sounds plausible. Thanks.
|
| |
|
no comments
|
|
|
Author: Jean-Luc CookeJean-Luc Cooke
Date: Dec 4, 2006 11:29
The key words you should be looking for are "inclusive" and "exclusive"
connicalization.
JLC
xml gmail.com> wrote:> Thanks, looks very interesting, but...
> I downloaded:
> xml-security-1_3_0\src_samples\org\apache\xml\security\samples
> (for Java), and could not find any example that would use KeyAlpha, or
> any other related example. Would you please help?
> Jean-Luc Cooke wrote:
>> XMLEnc allows you to specify "exclusive" and "inclusive" encryption of
>> an XML node and it's sub-elements.
>>
>> Examples: "Encrypting node 'a' using KeyAlpha, excluding...
|
| Show full article (3.79Kb) |
|
no comments
|
|
|
Author: UnruhUnruh
Date: Dec 4, 2006 11:12
Juuso Hukkanen tele3d.net> writes:
>On Mon, 04 Dec 2006 10:02:33 -0700, Anne & Lynn Wheeler
> garlic.com> wrote:>>RFC 2289 claims to be
>>countermeasure to purely passive, evesdropping attacks (as well a
>>end-user to utilize a static value password across multiple different
>>servers) ... but is not resistant to active and/or man-in-the-middle
>>attacks.
>Offcause that my brief 'patent buster' leaves all possibilities for
>snooping etc. and much advanced methods SSH, https & co. should be
>used instead. However lots of site logins still travel embedded as
>plaintext into URL requests and such logins are used by automated
>scripts. Ok, all such are bad... but real and practical.
You are saying "Change your broken system and use my system instead". But
if they are changing already why not change to a system that is not broken
at all and gives strong authentication? Ie, your system falls between two
stools. It means that the people using it have to change anyway, but it
gives a system which is weak as a reward for all that work.
|
| Show full article (2.17Kb) |
|
1 Comment |
|
|
Author: UnruhUnruh
Date: Dec 4, 2006 10:29
Juuso Hukkanen tele3d.net> writes:
>On Mon, 4 Dec 2006 17:50:46 +0100, Sebastian Gottschalk
> wrote:
>>That's both prior art and non-working. Hint: What happens when the URL
>>changes?
>Address changes can be managed:
> a) If the hash-password uses a site name (major sites rarely abandon
>their domain names; ebay.com, hotmail.com, google.com are forever)
>-->But if e.g., two companies merge and change name they could
>continue somehow maintain their login- forms at those 'old' domains OR
>--> They could gradually ask users to change passwords and store &use
>both old and new site passwords during the transition, no-collisions
>will occur with hashes anyway.
|
| Show full article (2.65Kb) |
|
2 Comments |
|
|
Author: Juuso HukkanenJuuso Hukkanen
Date: Dec 4, 2006 08:46
Dear all reading professional (as described in patent regulations),
This time, I write to you to in order to make sure that you aware of a
simple method that can be used in increasing the password security
within networked computer environment. This method is so simple that
you probably have already read about it, but let's just make sure that
third party instances will not be granted patents for this obvious and
only slightly innovative method.
Field of invention:
^^^^^^^^^^^^^^
Telecommunication systems, where a user is required to insert a
password in order to be able to use, one or more, access restricted
resources.
|
| Show full article (3.95Kb) |
|
10 Comments |
|
|
Author: ttt.tasttt.tas
Date: Dec 4, 2006 06:39
Dear ALL,
i need some encryption algorithm, that will produce the cipher text of
the same size as the input or plain text
any ideas?? can any of the AES modes do so??
|
| |
|
8 Comments |
|
|
|
|
|
Author: Tom St DenisTom St Denis
Date: Dec 4, 2006 05:24
Ernest Hammingweight wrote:
> I know that there are 409 player keys and I know why there's more than
> one player key. But it still doesn't explain why we need both a disk
> key and a title key.
You'll have to find the CSS specifications and/or ask a designer.
Failing that, track down one of the authors of libdvdread and ask them
if they know.
My guess is that each stream/title is encrypted independently, then as
they're collected to be published on a DVD the disc key encrypts all of
the title keys (of which there may be more than one) and the player
keys encrypt the disc key. Only really useful reason to have that many
levels of indirection.
For all intents and purposes CSS is as effective as XOR'ing the byte
0xAA against the stream. So unless the CSS developers were so off-base
as to think CSS was good, it's hard to really rationalize any of their
decisions (hint: most likely CSS was designed by commitee by a bunch of
sales/senior folk where at least one of them thought themselves the
devious cryptographer).
Tom
|
| |
|
no comments
|
|
|
|
|
|
|
