Re: libcatmath secure tunnel protocol




http://www.debian.org/security/2008/dsa-1571
a) If you have random from both sides, one failing prng is not
disastrous

Hah yeah if my PRNG sucks then it would not be very secure =)
Both sides will be using the same PRNG that is part of my library so
I don't think that would be advantageous.

b) Nonce from both sides prevents replay attacks within the
handshake process

I do not believe there is a replay attack in the handshake
process... Would you mind showing me how that would work in my
protocol? Thank you for helping me out.

Please read a book about protocol design & crypto, before you use
your protocol in real world apps.

I've read a few books and lots of papers and websites, etc. Maybe I
am just not that bright. =)



http://catid.org

--
--------------------------------- --- -- -
Posted with NewsLeecher v3.95 Beta 3
Web @ http://www.newsleecher.com/?usenet
------------------- ----- ---- -- -

.



Relevant Pages

  • Re: Toaster to Generate Random Numbers
    ... >]A secure PRG is one for which if the input is fairly drawn, ... That is why people worry about a PRNG being ... The entropy of the output cannot be higher than the entropy of ...
    (comp.security.misc)
  • Re: Toaster to Generate Random Numbers
    ... >]A secure PRG is one for which if the input is fairly drawn, ... That is why people worry about a PRNG being ... The entropy of the output cannot be higher than the entropy of ...
    (sci.crypt)
  • Re: implementation of one-time-pad with Mersenne Twister PRNG
    ... generator is secure. ... The Mersenne Twister is not secure. ... PRNG, it is not sufficient to pass a set of commonly accepted statistical ... computers are quite good at it. ...
    (sci.crypt)
  • Re: MT19337 for stream encryption?
    ... opposed to using a weaker PRNG to do the job? ... hashing algorithm to make it truly secure? ... and simpler to achieve security. ... component in a cipher, even if it is a terrible cipher by itself. ...
    (sci.crypt)
  • Re: Micali-Schnorr PRNG
    ... Then I tried to check the note 5.39; in short: that PRNG is crypto ... mean that the Micali-Schnorr PRNG is not crypto secure? ... The code is given in HAC; I just translated it in GMP. ...
    (sci.crypt)