John Young | 29 Jan 15:48 2015

Why Google made the NSA <at> NafeezAhmed/why-google-made-the-nsa-2a80584c9c1

Part 2 of the Google TLA allegations.
John Young | 29 Jan 15:30 2015

How the CIA Made Google <at> NafeezAhmed/how-the-cia-made-google-e836451a959e

Fascinating research, with gobs of suspects besides TLAs, Brin and Page,
some here now, some here back then, as suspected then and now. Not
that there is anything wrong with suspecting cpunks was made similarly.
Kevin | 25 Jan 21:38 2015

How far are we from quantum cryptography?

Okay, we see a lot about quantum cryptography and how today's 
cryptosystems are mere toys compared to a quantum computer.  Great, but 
in this post-quantum world how close are we to seeing it in action?



This email is free from viruses and malware because avast! Antivirus protection is active.
John Young | 25 Jan 17:04 2015

Re: [Cryptography] Barrett Brown allocution statement in court today

At 10:25 PM 1/24/2015, Mahlon Theobald wrote:
>Well what happened?

5 years 3 months sentence. Time served of 2.5 years to be credited.
Possible parole in 1 year.

  Defiant statement after sentencing: "Mission now to report on FU prison
system after reporting on FU cyber system."
Greg | 24 Jan 21:56 2015

Do quantum attacks/algos also lead to compromise of PFS?

So, I understand that QM algos can pretty much dismantle all popular asymmetric encryption algos with enough q-bits, but I haven't thought hard enough to see if they also can be used to compromise communications that used DH to do PFS underneath the initial handshake.

Side question: is this the right list to ask this on, or is there other ones I should try? (Is CFRG appropriate? Metzdowd is annoying with its long moderation times...)


Please do not email me anything that you are not comfortable also sharing with the NSA.

cryptography mailing list
John Young | 22 Jan 16:16 2015

Barrett Brown allocution statement in court today

Barrett Brown allocution statement in court today just released
John Young | 22 Jan 00:39 2015

Press release: Barrett Brown will finally be sentenced tomorrow
realcr | 7 Jan 16:40 2015

The Wandering Music Band

I am looking for some crypto primitive to solve a problem I have.

Assume that I meet a group of people. call it S. I get to talk to them a bit, and
then they are gone.

This group of people walk together in the world. Sometimes they add a person to
their group, and sometimes they remove one person. (You can assume it's a music
band, then it all makes sense). Generally, though, you may assume that they have
at least k people in the group at all times.

Assume that I meet the resulting group at some time in the future, after many
members were added or removed. How can the new group S' prove to me that they
are the descendants of the original group S?

I include here some of my thoughts about this.

1. Naive Solution: Remembering lots of signatures.

Every person in the world will have a key pair (of some asymmetric crypto) to
represent his identity. When I first meet the group S, I collect all their
public keys and keep them.

Whenever a new member x is added to the group S, all the current members of S
sign over the new list: S U {x}. Whenever a member x is removed from the group
S, all the current members of S sign over the new list S \ {x}. The group
members always have to carry with them all the signatures since the beginning of

When I meet the group at some point in the future, I can just ask them to prove
their current public keys, and also to show me all the signatures since the

My issue with this solution is that the group has to remember more and more
signatures as time goes by. I wonder if there is a more efficient way.

2. Using "Transitive Signatures"

I have seen two articles about a concept called Transitive Signatures.
Shortly: Given a signature of x over y, and of y over z, any participant will be
able to generate a signature where x signs over z.

I didn't manage to apply this method to my problem though.

I will appreciate any idea or hint about how to solve this.


cryptography mailing list
Kevin | 6 Jan 22:12 2015

QODE(quick offline data encryption)

I figured I'd start building my own open source encryption algorithm:



This email is free from viruses and malware because avast! Antivirus protection is active.
John Levine | 6 Jan 02:47 2015

Gogo inflight Internet uses fake SSL certs to MITM their users

They claim they're doing it to throttle video streaming, not to be evil.

Am I missing something, or is this stupid?  If they want to throttle
user bandwidth (not unreasonable on a plane), they can just do it.
The longer a connection is open, the less bandwidth it gets.

Kevin W. Wall | 1 Jan 19:35 2015

Fwd: [SC-L] Silver Bullet: Whitfield Diffie

Seems as though this interview might be of interest to those on these lists. I've not listened to it yet so I don't know how interesting it may be.

P.S. - Happy Gnu Year to all of you.
Sent from my Droid; please excuse typos.

---------- Forwarded message ----------
From: "Gary McGraw" <gem <at>>
Date: Jan 1, 2015 9:44 AM
Subject: [SC-L] Silver Bullet: Whitfield Diffie
To: "Secure Code Mailing List" <>

hi sc-l,

Merry New Year to you all!!

Episode 105 of Silver Bullet is an interview with Whitfield Diffie.  Whit co-invented PKI among other things.  We have an in depth talk about crypto, computation, LISP, AI, quantum key distro, and more

As always, your feedback on Silver Bullet is welcome.



Secure Coding mailing list (SC-L)
List information, subscriptions, etc -
List charter available at -
SC-L is hosted and moderated by KRvW Associates, LLC (
as a free, non-commercial service to the software security community.
Follow KRvW Associates on Twitter at:
cryptography mailing list