Secure Coding mailing list archives
Re: Java keystore password storage
From: Edgar Danielyan <e.danielyan () gmail com>
Date: Tue, 26 Apr 2005 22:05:42 +0100
Dear Michael, On 4/26/05, Michael Silk <[EMAIL PROTECTED]> wrote:
As a hash function with 'security' of 2 ** 80, it is completely broken. The security is reduced to 2 ** 69. Even though it's still alot of operations, the function is definately broken as it's actual security is less then specified (less then that required for a 'birthday attack').
I suppose we have different understanding of what "completely broken" means: http://www.schneier.com/blog/archives/2005/02/cryptanalysis_o.html Regards, Edgar
Current thread:
- Java keystore password storage john bart (Apr 25)
- Re: Java keystore password storage Blue Boar (Apr 25)
- Re: Java keystore password storage Nash (Apr 25)
- RE: Java keystore password storage Chris Matthews (Apr 25)
- RE: Java keystore password storage David Crocker (Apr 25)
- Re: Java keystore password storage Edgar Danielyan (Apr 26)
- Re: Java keystore password storage Michael Silk (Apr 26)
- Re: Java keystore password storage Edgar Danielyan (Apr 26)
- Re: Java keystore password storage Edgar Danielyan (Apr 26)
- Re: Java keystore password storage Blue Boar (Apr 26)
- Re: Java keystore password storage ljknews (Apr 26)
- RE: Java keystore password storage Chris Matthews (Apr 26)
- Re: Java keystore password storage Nash (Apr 27)
- Re: Java keystore password storage Mark (May 03)
- <Possible follow-ups>
- RE: Java keystore password storage Goertzel Karen (Apr 25)
- Re: Java keystore password storage Fredrik Hesse (Apr 25)
- RE: Java keystore password storage Michael Howard (Apr 25)
- RE: Java keystore password storage john bart (Apr 26)
- RE: Java keystore password storage Michael Howard (Apr 26)