Secure Coding mailing list archives

Re: Java keystore password storage

From: Edgar Danielyan <e.danielyan () gmail com>
Date: Tue, 26 Apr 2005 22:05:42 +0100

Dear Michael,

On 4/26/05, Michael Silk <[EMAIL PROTECTED]> wrote:

As a hash function with 'security' of 2 ** 80, it is completely
broken. The security is reduced to 2 ** 69. Even though it's still
alot of operations, the function is definately broken as it's actual
security is less then specified (less then that required for a
'birthday attack').


I suppose we have different understanding of what "completely broken" means:

http://www.schneier.com/blog/archives/2005/02/cryptanalysis_o.html

Regards,

Edgar

Current thread:

Java keystore password storage john bart (Apr 25)
- Re: Java keystore password storage Blue Boar (Apr 25)
- Re: Java keystore password storage Nash (Apr 25)
- RE: Java keystore password storage Chris Matthews (Apr 25)
- RE: Java keystore password storage David Crocker (Apr 25)
  - Re: Java keystore password storage Edgar Danielyan (Apr 26)
    - Re: Java keystore password storage Michael Silk (Apr 26)
    - Re: Java keystore password storage Edgar Danielyan (Apr 26)
  - Re: Java keystore password storage Blue Boar (Apr 26)
    - Re: Java keystore password storage ljknews (Apr 26)
  - RE: Java keystore password storage Chris Matthews (Apr 26)
    - Re: Java keystore password storage Nash (Apr 27)
- Re: Java keystore password storage Mark (May 03)
- <Possible follow-ups>
- RE: Java keystore password storage Goertzel Karen (Apr 25)
- Re: Java keystore password storage Fredrik Hesse (Apr 25)
- RE: Java keystore password storage Michael Howard (Apr 25)
  - RE: Java keystore password storage john bart (Apr 26)
- RE: Java keystore password storage Michael Howard (Apr 26)

(Thread continues...)