SEARCH RESULTS
 
Showing 1-5 of 5 records
1
 
Expand article

Got Entropy ?

2008-04-02 02:55:47 by Erik T. Heidt in Art of Information Security
 
...Entropy RNGs are important in Information Security because they are used to generate encryption keys, salts, etc. Historically, attacking RNGs has proven effective, such as the defeat of Netscapes HTTPS sessions Most operating systems utilize a hybrid approach, implementing a PseudoRandom Number Generator that has a seed that is regularly...
 
Tags: entropy, random, 32-byte random, byte, hardware random, entropy sources, sequence, random sequence, pull entropy
 
 
 
 
Expand article

Random Number Bug in Debian Linux

2008-05-19 06:07:59 by schneier in Schneier on Security
 
This is a big deal : On May 13th, 2008 the Debian project announced that Luciano Bello found an interesting vulnerability in the OpenSSL package they were distributing. The bug in question was caused by the removal of the following line of code from md rand.c MD Update(&m,buf,j); [ .. ] MD Update(&m,buf,j); /* purify complains These lines were...
 
Tags: random, openssl, openssl team, random data, process, debian, current process, openssl package, bug
 
 
 
 
Expand article

Metrics for security and performance in low-latency anonymity systems

2008-07-21 08:16:12 by Steven J. Murdoch in Light Blue Touchpaper
 
...entropy . In fact the reality is more complex uniform node selection resists attackers with lots of bandwidth, whereas bandwidth-weighting is better against attackers with lots of nodes Our paper explores the probability of path compromise of different route selection algorithms, when under attack by a range of different adversaries. We find...
 
Tags: route selection, route selection critical, route selection algorithms, route, nodes, tor nodes vary, security, performance, route selection algorithm
 
 
 
 
Expand article

The Number Of Infected Machines In Botnets Quadrupled In Last 3 Months

2008-09-02 22:49:12 by CyberInsecure in CyberInsecure.com
 
According to Shadowserver Foundation, the number of compromised zombie PCs in botnet networks has quadrupled over the last three months. Shadowserver tracks botnet activity and the number of command and control servers. It uses a variety of metrics to slice and dice its figures based in part on the entropy of botnet infections. The clear
 
Tags: figures based, control servers, botnet networks, botnet infections, shadowserver foundation, zombie pcs, months, variety, entropy
 
 
 
 
Expand article

Contest: Cory Doctorow's Cipher Wheel Rings

2008-09-05 12:01:09 by schneier in Schneier on Security
 
...entropy in the system -- but we can come up with some clever pencil-and-paper ciphers that will serve them well if they're ever stuck back in time. And there are certainly other cryptographic uses for the rings Here's a way to use the rings as a password mnemonic: First, choose a two-letter key. Align the three wheels according to the key....
 
Tags: wheel, letter, two-letter key, middle wheel, dot, cory doctorow, cory, rings, top wheel
 
 
 
 
 
Showing 1-5 of 5 records
1
 
TOP SEARCH
Expand / MinimizeClose Widget
  •  
RECENT SEARCH
Expand / Minimize
  •  
RELATED VIDEO
Expand / Minimize
SecurityRatty FAQ
Sergey Zarubin, 31yo
CISSP, CCSP
Moscow, Russia