| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu Jul 6 06:08:22 2006 From: drfrancky at securax.org (Javor Ninov) Subject: A new way to hide from Google and Yahoo a typical example of good encryption alg on a bad place . but the users sees the "2048 bit RSA" and they get on the hook . -- Javor Ninov aka DrFrancky securitydot.net Valdis.Kletnieks@...edu wrote: > On Wed, 05 Jul 2006 20:07:44 BST, n3td3v said: >> Read more folks, now we can talk about Google and Yahoo without using Tor >> www.digg.com/software/World_s_Most_Secure_Instant_Messenger_is_here_!! > > Tell me - were any of the Digg votes for that from anybody who had actually > done a code review? Or they just saw "2048 bit RSA" and got woodies? > > (Personally, I wouldn't want to be using 2048 bit RSA for the actual > stream encryption - that's something that IDEA or similar is much better for. > RSA is good for exchanging the IVs for the session keys, and that's about > it. And anybody want to place bets that it has tons of interesting attacks > on key management?) > > > ------------------------------------------------------------------------ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: OpenPGP digital signature Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060706/ab87a206/signature.bin
Powered by blists - more mailing lists