I like the design. However, save draft button is not working for me.
A fast algorithm for parity would be interesting. There is currently no better way to compute parity than factoring N. There is a well known hand wavy-argument that computing any function on the prime factors of…
"..that many people suspect of being compromisable by NSA etc." If it was a backdoor you certainly can't count it among the NSAs successes. It is never used.
I agree this is a good idea but I think using the words "encrypt" and "decrypt" confuses the goal a little bit as this idea is still useful even if the message aren't required to be confidential form anyone. I think…
"So post a PGP key and say, if you really want anonymity, use this." PGP only provides confidentiality, not anonymity. To get anonymity as well would require TOR.
The only reason to use one-time pads is an extraordinary level of paranoia. If you are paranoid enough to need a one-time pad then it makes little sense for you as a private citizen to trust that hardware you take into…
I think it is mainly a logistical issue. The problem is that encryption keys are a single point of failure. IT practices at most businesses would have to be very rigorous before a design with a single point of failure…
Nitpick: RSA isn't known to be backed by factoring. More precisely, there is no proof that if textbook-RSA encrypted messages could be decrypted quickly that integer factorization could also be done quickly. (Of course…
The author's argument is that the probability of impact on ECC of this line of research is less than probability of an impact on factoring. Post-quantum cryptography has to avoid ECC since the elliptic curve discrete…
It makes no sense to argue that a non-existent product is vulnerable to a current exploit without a precise definition or specification of that product. Its an obvious mistake but not so obvious that the author can't…
Don't forget that when decrypted the result must match the operation performed on the corresponding plaintexts.
Of course anyone can follow you in public, the alternative would be impossible to enforce. The problem is that the cost of getting that data could be made unacceptably low. For example, I think most people would object…
You are comfortable relying on stalkers not being persistent enough to search a list, save some metadata, and use google maps?
"you don't need scientific evidence to know" "but it seems as intuitive" Knowledge can come only from reasoning based upon observations. You cannot know anything by intuition. You can believe your intuitions and feel…
I love some of the SO sites but they have a lot of communities that have been lingering in beta limbo for ages. I would be interested in more detail on how they reached the conclusion that pump priming is not useful. Do…
It is not clear that's what it is being said.
I'm not arguing that there aren't situations where then spreading the belief that their capabilities are less than actual would be a good thing. If the goal is to break a specific subset of all encrypted messages then…
Cryptography software is usually critical but I think unlike the code for planes and nuclear power plants it doesn't necessarily have to be. Typically cryptography software is advertised as secure against an adversary…
"it's just a matter of time before RSA offers zero security" This is not the only possible outcome. Scalable quantum computing could turn out to be impractical due to cost. Or new physics could be found that rules out…
So either the NSA wanted a backdoor, in which case we learn that even the NSA can't build a backdoor that academic cryptographers can't detect. Or, much more likely I think, it was just a project that some NSA employees…
I agree that if the game is fun people will play it. The problem is getting them to try the game for long enough to know if it is fun. Popularity is obviously a factor in achieving that since lots of people associate…
The camp of people are both feminists and who care about making arguments based on good science called to say they want you to stop pretending they don't exist.
AES yes, PGP no. Anything based on the difficulty of discrete logs is done for. There are 2 types that remain secure, schemes based on the difficulty of solving problems in lattices and problems in coding theory.…
I believe it has even been proved that for most computational problems quantum computers cannot give an exponential speedup.
The a video of the talk those slides are from is online http://vimeo.com/18417770 Worth watching even if you don't care much about DNSSEC, Bernstein is a good speaker.
I like the design. However, save draft button is not working for me.
A fast algorithm for parity would be interesting. There is currently no better way to compute parity than factoring N. There is a well known hand wavy-argument that computing any function on the prime factors of…
"..that many people suspect of being compromisable by NSA etc." If it was a backdoor you certainly can't count it among the NSAs successes. It is never used.
I agree this is a good idea but I think using the words "encrypt" and "decrypt" confuses the goal a little bit as this idea is still useful even if the message aren't required to be confidential form anyone. I think…
"So post a PGP key and say, if you really want anonymity, use this." PGP only provides confidentiality, not anonymity. To get anonymity as well would require TOR.
The only reason to use one-time pads is an extraordinary level of paranoia. If you are paranoid enough to need a one-time pad then it makes little sense for you as a private citizen to trust that hardware you take into…
I think it is mainly a logistical issue. The problem is that encryption keys are a single point of failure. IT practices at most businesses would have to be very rigorous before a design with a single point of failure…
Nitpick: RSA isn't known to be backed by factoring. More precisely, there is no proof that if textbook-RSA encrypted messages could be decrypted quickly that integer factorization could also be done quickly. (Of course…
The author's argument is that the probability of impact on ECC of this line of research is less than probability of an impact on factoring. Post-quantum cryptography has to avoid ECC since the elliptic curve discrete…
It makes no sense to argue that a non-existent product is vulnerable to a current exploit without a precise definition or specification of that product. Its an obvious mistake but not so obvious that the author can't…
Don't forget that when decrypted the result must match the operation performed on the corresponding plaintexts.
Of course anyone can follow you in public, the alternative would be impossible to enforce. The problem is that the cost of getting that data could be made unacceptably low. For example, I think most people would object…
You are comfortable relying on stalkers not being persistent enough to search a list, save some metadata, and use google maps?
"you don't need scientific evidence to know" "but it seems as intuitive" Knowledge can come only from reasoning based upon observations. You cannot know anything by intuition. You can believe your intuitions and feel…
I love some of the SO sites but they have a lot of communities that have been lingering in beta limbo for ages. I would be interested in more detail on how they reached the conclusion that pump priming is not useful. Do…
It is not clear that's what it is being said.
I'm not arguing that there aren't situations where then spreading the belief that their capabilities are less than actual would be a good thing. If the goal is to break a specific subset of all encrypted messages then…
Cryptography software is usually critical but I think unlike the code for planes and nuclear power plants it doesn't necessarily have to be. Typically cryptography software is advertised as secure against an adversary…
"it's just a matter of time before RSA offers zero security" This is not the only possible outcome. Scalable quantum computing could turn out to be impractical due to cost. Or new physics could be found that rules out…
So either the NSA wanted a backdoor, in which case we learn that even the NSA can't build a backdoor that academic cryptographers can't detect. Or, much more likely I think, it was just a project that some NSA employees…
I agree that if the game is fun people will play it. The problem is getting them to try the game for long enough to know if it is fun. Popularity is obviously a factor in achieving that since lots of people associate…
The camp of people are both feminists and who care about making arguments based on good science called to say they want you to stop pretending they don't exist.
AES yes, PGP no. Anything based on the difficulty of discrete logs is done for. There are 2 types that remain secure, schemes based on the difficulty of solving problems in lattices and problems in coding theory.…
I believe it has even been proved that for most computational problems quantum computers cannot give an exponential speedup.
The a video of the talk those slides are from is online http://vimeo.com/18417770 Worth watching even if you don't care much about DNSSEC, Bernstein is a good speaker.