Catch up on stories from the past week (and beyond) at the Slashdot story archive

Journal Paul Crowley's Journal: Open thread 6

Journal by Paul Crowley on Sunday January 14, 2007 @07:32AM

You can reply to me by posting here. In particular, I'm happy to comment on the accuracy of the things people say about crypto on Slashdot if my attention is drawn to them here. Thanks!

This discussion has been archived. No new comments can be posted.

Open thread

Load All Comments

Search 6 Comments Log In/Create an Account

Comments Filter:

Half off-topic (Score:1)

by tqft ( 619476 ) writes:

Chaum digital cash patents have expired as I understand - last year at least the base ones did - on 19 July 2006?

Where are all the apps using them? Seen anything coming out of the woodwork?
- Re: (Score:2)
  
  by Paul Crowley ( 837 ) writes:
  
  2005 is the year I'm seeing in a quick Google search:
  
  https://ancillary-proxy.atarimworker.io?url=https%3A%2F%2Fwww.financialcryptography.com%2Fmt%2Farchives/ 000519.html [financialc...graphy.com]
  
  I haven't heard anything about people starting to use it more, but it's not my area of expertise.
On topic (Score:1)

by tqft ( 619476 ) writes:

I asked someone who knows a fair bit if studios rereleasing a broken title would be a bad move as it would give a plaintext to attack aacs with.

here is their answer

"AACS encrypts the body of a movie using the AES (Advanced Encryption
Standard) cipher. AES is secure against known plaintext attacks, so
knowing a plaintext doesn't do you any good in attacking it."

where would be a good place to start understanding this? Is there a technical/academic paper/write-up of why AES is resistant to plaintext attacks?
- Re: (Score:2)
  
  by Paul Crowley ( 837 ) writes:
  
  AES is a block cipher - a keyed bijective function that maps 128-bit input vectors to 128-bit output vectors. The standard assumption is that an attacker (who does not know the key) can choose any 128-bit plaintext and find out the 128-bit ciphertext, and conversely can find out the ciphertext given any plaintext. Their job is not to find out the key but only to guess whether what they are attacking is really AES or whether it's a random permutation on the 128-bit vectors. If they can do this better than
SHA-1 (Score:2)

by Tet ( 2721 ) writes:

I'm happy to comment on the accuracy of the things people say about crypto on Slashdot if my attention is drawn to them here.
Well, there seems to be a whole front page article full of ill-informed comment here [slashdot.org]. I freely admit that I'm no expert in these things, but I have a reasonable background knowledge. So what's the status of SHA-1? "Cracked" can mean many different things. At worst, you might be able to construct a file with the same length and hash, but containing your choice of text. Slightly bette
- Re: (Score:2)
  
  by Paul Crowley ( 837 ) writes:
  
  Schneier's commentary, as ever, is right on the money:
  
  http://www.schneier.com/blog/archives/2005/02/cryp tanalysis_o.html [schneier.com]
  
  The attacker doesn't have total control over the files that collide by any means, but there are plenty of situations where that doesn't matter - if, for example, you're generating signed executable content, it's not hard to use this attack to build two files with the same SHA-1 hash such that one plays nicely and the other doesn't. However, the attack is still out of reach of our computi

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

You have a massage (from the Swedish prime minister).

Journal Paul Crowley's Journal: Open thread 6

Open thread More Login

Open thread

Half off-topic (Score:1)

Re: (Score:2)

On topic (Score:1)

Re: (Score:2)

SHA-1 (Score:2)

Re: (Score:2)

Slashdot Top Deals

Slashdot