Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: A new way to hide from Google and Yahoo

From: Javor Ninov <drfrancky () securax org>
Date: Thu, 06 Jul 2006 08:08:08 +0300
a typical example of good encryption alg on a bad place . but the users
sees the "2048 bit RSA" and they get on the hook .

--
Javor Ninov aka DrFrancky
securitydot.net


Valdis.Kletnieks () vt edu wrote:

On Wed, 05 Jul 2006 20:07:44 BST, n3td3v said:

Read more folks, now we can talk about Google and Yahoo without using Tor
www.digg.com/software/World_s_Most_Secure_Instant_Messenger_is_here_!!


Tell me - were any of the Digg votes for that from anybody who had actually
done a code review?  Or they just saw "2048 bit RSA" and got woodies?

(Personally, I wouldn't want to be using 2048 bit RSA for the actual
stream encryption - that's something that IDEA or similar is much better for.
RSA is good for exchanging the IVs for the session keys, and that's about
it.  And anybody want to place bets that it has tons of interesting attacks
on key management?)


------------------------------------------------------------------------

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: