lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <s0a22b06.089@mail.smuht.nwest.nhs.uk>
From: Marek.Isalski at smuht.nwest.nhs.uk (Marek Isalski)
Subject: leaking

>>> Dave Horsfall <dave@...sfall.org> 12/05/2004 13:13:07 >>>
> Unless you have a cryptographically-secure way of generating new email
> addresses, you will not have proved anything.

One of the interesting things I did when tweaking something on a website was to include a piece of code which does exactly that.

Each visitor is given a different email address.  It's made up of their IP address, the Unix time and a partial hash value, encrypted with a private Serpent-256 key.

Decrypting those addresses has been interesting.

Regards,

Marek Isalski
Software Support and Data Security Manager
Software Support, IT Projects, Directorate of Health Informatics
Wythenshawe Hospital, South Manchester University Hospitals NHS Trust

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ