search for: cryptographically

Now that OpenSSL has received FIPS 140-2 certification, does anyone know if the work started a couple of years ago to allow OpenSSH to use OpenSSL in FIPS mode will be reactivated? Bill

On Fri, Mar 10, 2023 at 10:27?AM Joel GUITTET <jguittet.opensource at witekio.com> wrote: > We currently work on a project that require SSH server with FIPS and > using OpenSSL v3. Gently: this is meaningless. You probably mean one of the following: 1. The SSH server implementation is required to use only cryptographic algorithms that are FIPS-approved. 2. The SSH server

Asterisk Project Security Advisory - AST-2008-007 +------------------------------------------------------------------------+ | Product | Asterisk | |--------------------+---------------------------------------------------| | Summary | Asterisk installations using cryptographic keys | | | generated

These two functions in cipher.c (I have looked at openssh5.8p1 & openssh5.9p1) copy the internal cryptographic state of an OpenSSL RC4 encryption/decryption context using simple memcpy(). This code also copies the state when evptype is EVP_acss, which I am unfamiliar with. This code appears to works fine when using the builtin crypto of OpenSSL 1.0.0d. However, I have been doing some work

Author: kais Repository: /hg/zfs-crypto/gate Revision: af99262cf4c4e55fca29e9b86ad9369fd928745e Log message: PSARC/2005/413 sun4v optimized MD5 and arcfour kernel cryptographic modules 6278572 port Spracklen''s fast MD5 on Niagara to solaris 6278578 port Spracklen''s fast RC4 on Niagara to solaris Files: create: usr/src/common/crypto/arcfour/sun4v/arcfour_crypt.c create:

On 2020-02-20 20:06:39 [+0100], Markus Ueberall wrote: > On 2020-02-09 23:19, Sebastian Andrzej Siewior wrote: > > [...] > > My primar motivation to use SHA1 for checksumming (by default) instead > > of MD5 is not the additional security bits but performance. On a decent > > x86 box the SHA1 performance is almost the same as MD5's but with > > acceleration it

Author: mcpowers Repository: /hg/zfs-crypto/gate Revision: a89079c72c5d3408f62bb8beabbb7fc76cfcd569 Log message: PSARC 2005/576 Support for complex cryptographic mechanisms PSARC 2005/630 session, object, and key management kernel crypto API PSARC 2005/656 AES CTR mode for KCF PSARC 2005/659 Hiding members of KCF logical providers 4721729 Support AES Counter mode for encryption 6243992 dprov

https://bugzilla.mindrot.org/show_bug.cgi?id=1914 Summary: ssh-add: add an option to cryptographically verify if agent can access the matching private key of a given public key Product: Portable OpenSSH Version: 5.8p2 Platform: All OS/Version: Linux Status: NEW Severity: enhancement Priori...

Hi, Does FASTIPSec in FreeBSD use OCF framework ? Where can I find more documentation ? I wish to run cryptographic algorithms after setting a VPN. What command should I use to run a particular crytographic algorithm (e.g. 3DES etc.) Where can I find all such information ? -- Regards, Bubble

https://bugzilla.mindrot.org/show_bug.cgi?id=2054 Bug ID: 2054 Summary: Environment fails to provide cryptographic identity of remote party Classification: Unclassified Product: Portable OpenSSH Version: 5.9p1 Hardware: All OS: All Status: NEW Keywords: low-hanging-fruit,

On 2020-03-17 00:03:03 [+0100], Dimitrios Apostolou via rsync wrote: > On Thursday, February 20, 2020 10:34:53 PM CET, Sebastian Andrzej Siewior > via rsync wrote: > > > > I'm still not sure if rsync requires a cryptographic hash _or_ if a > > strong hash like xxHash64 would be just fine for the job. > > I'm fairly sure the hash should *not* be easy to

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Anyone else using CFS on CentOS 4.4 ? I have started using it today (unimportant stuff for now, for testing), and am wondering what are other people experiences with it. I'm using version 1.4.1, rpms kindly provided by Karan on his repository. My main concern is data loss, not security itself. From what I noticed, the strenght of CFS crypto is

...get a collision probability of 1-in-a-billion. (For comparison, a 64-bit hash gets you about 185,000 inputs for the same collision probability.) If you want a "name-brand" algorithm, I'd suggest MD5 over SHA-1. It produces 128-bit output (versus 160-bit) and the fact that it is "cryptographically broken" is irrelevant to your use-case. --paulr

> > This is a completely inappropriate comparison. LibreSSL is a cryptographic library. Creating a high-quality cryptographic library requires much more than eliminating buffer overruns (etc.). What I don't get this what is the point of a "somewhat secure". Does it make a difference if takes 5 minutes of 5 hours to find a buffer overflow? >> What allocator would you

Hello. Probably only Timo can help-me with this. I have a self-made plugin based on the zlib plugin that i use to cryptograph the messages at inbox. As a side-effect of the cryptography, my plugin changes the size of the message, but until 2.0.19 this works well with dovecot index and the W/S flags. But now, i'm going to upgrade to 2.1.17 and now i have these messages on log at my test

Hi, > I installed VS Express and included the IDE in $LIB. It looks like wine > is able > to run 'cl.exe' but 'cl.exe' itself has a problem. We've tried a number > of variations > of setting %TMP% and %TEMP% to no avail. > > Any ideas. > > TIA. I don't know if this is of any use anymore, but I've had the same problem and google did not have

Hello, PKCS#11 is a standard API interface that can be used in order to access cryptographic tokens. You can find the specification at http://www.rsasecurity.com/rsalabs/node.asp?id=2133, most smartcard and other cryptographic device vendors support PKCS#11, opensc also provides PKCS#11 interface. I can easily make the scard.c, scard-opensc.c and ssh-agent.c support PKCS#11. PKCS#11 is

...nd move to the MI Scheduler soon. Also, have you looked at randomizing register-allocation ? > We would also include a secure random number generator which links > against OpenSSL. This would of course be an optional module disabled > by default, but is necessary so the randomization is cryptographically > secure and useful in security applications. I am not sure why you need this feature. You can provide LLVM with a SEED value that can be controlled from the command line. A wrapper (such as a build-script) can control this value. > > We are in the process of writing test cases an...

On Wed, Jun 19, 2013 at 1:04 AM, edA-qa mort-ora-y <eda-qa at disemia.com>wrote: > > The problem is that if I derive the name from what the type contains the > length of that name is essential unbound. So how does one generate > names? I'm thinking of just using a long hash and hoping I don't get > accidental collisions. Surely there must be a better way? > Just

...I've been thinking about future harvest now, decrypt > later attacks against CC20 and AES. Are there post quantum ciphers that can > effectively replace these available or in development? Is the threat still > too far off to be a serious concern? Grover's search algorithm gives a cryptographically-relevant quantum computer a quadratic speedup. This effectively halves the strength, as expessed in bits, of symmetric ciphers and (I think) hash algorithms. I.e. AES-256 would be "as strong" as AES-128, and AES-128 would be reduced to 64-bit equivalent strength. The latter sounds pretty...