Hello,

I hope this is the correct NG to post such a question,
but I need some advice from experts about something is
"floating" in my mind.

I was playing around with some disk encryption tools,
namely truecrypt, dm-crypt and luks, and comparison
of features was, of course, happening.

So, truecrypt has, among other things, the possibility
to have cascade encryption and the encrypted header.

While truecrypt is also available under Linux, I was
wondering if it would be possible to create an equivalent
system using dm-crypt and luks.

The concept would be to use luks over a dm-crypt device,
which is over another dm-crypt device.

RFC 2986 (PKCS #10: Certification Request Syntax Specification Version
1.7) describes a vulnerability related to an unsigned CSR:

"The signature on the certification request prevents an entity from
requesting a certificate with another party's public key. Such an
attack would give the entity the minor ability to pretend to be the
originator of any message signed by the other party. This attack is
significant only if the entity does not know the message being signed
and the signed part of the message does not identify the signer. The
entity would still not be able to decrypt messages intended for the
other party, of course."

Another vulnerability could arise if unsigned CSRs weakens non-
repudiation. Let's suppose that Alice is requesting a certificate and
does know that the CSR will go unsigned to the RA/CA. After the
certificate is issued, she repudiates a purchase statement signed with
the private key saying that "she didn´t have access to the private
key" or "she didn't control it". Will an impartial observer (say, a
judge) consider reasonable this declaration?

JHAF

I have downloaded the AES code for several freeware implementations from the
Web, none of which have passed the Monte Carlo output tests when compiled
into a Win32 application (GUI or Console). Interestingly, they passed all
the other tests.

Most likely I am making some incredibly simple and stupid mistake. However,
I really need some working source code plus visual studio project files.

Is there someplace I can purchase some working AES source code, plus project
files that have been proven to pass the Monte Carlo tests in Win32
applications (and hopefully x64 applications as well).

Thanks.

I was doing some searching and came across some software but it
doesn't seem to be available any longer.

It's called Original Absolute Privacy.

Does anyone have a copy or know how I can get a copy?

The website is not up.

Thanks.

jmorton123@rock dot com

Well, Corliss, if you are asking him for his personal opinion then why
the FUCK do you call his personal opinion bullshit?

Uh, let me see. It doesn't equate to *your* bullshit personal opinion?

Better? Maybe you geek-carry a USB stick all over Hell but most
non-retardos don't.

Bullshit.

To the hilt, learned that lesson from IBM which reminds me I need to
take a crap.

Sorry, Mr. Connector, I was being quaint, Mr. Connector.

"Daddy, what do you do for a living"

"Why son, I am a Doctor and a metallurgist!

"???"

Alright, son, they call me Dr. Anonymousie and I make fucking
connectors.

Waaaaaaaaaaaah, Daddy's a looser and an asshole, Mommy!!

On Wed, 02 Jul 2008 13:33:05 +0100, Franklin wrote:

Or please go fuck yourself with a connector, Dr. Corrector