Warning: mysqli::__construct(): (HY000/1203): User howardkn already has more than 'max_user_connections' active connections in D:\Inetpub\vhosts\howardknight.net\al.howardknight.net\includes\artfuncs.php on line 21
Failed to connect to MySQL: (1203) User howardkn already has more than 'max_user_connections' active connections
Warning: mysqli::query(): Couldn't fetch mysqli in D:\Inetpub\vhosts\howardknight.net\al.howardknight.net\index.php on line 66
Article <1b27e538bafdad0e747aca40b12139a844576240@i2pn2.org>
Deutsch   English   Français   Italiano  
<1b27e538bafdad0e747aca40b12139a844576240@i2pn2.org>

View for Bookmarking (what is this?)
Look up another Usenet article

Path: ...!weretis.net!feeder9.news.weretis.net!i2pn.org!i2pn2.org!.POSTED!not-for-mail
From: Stefan Claas <pollux@tilde.club>
Newsgroups: sci.crypt
Subject: Re: fun with nonces
Date: Fri, 5 Jul 2024 19:07:09 -0000
Organization: =?UTF-8?b?4oSt8J2UpfCdlKbwnZSj8J2Uo/CdlK/wnZSi8J2UrfCdlLLwnZSr8J2UqA==?= =?UTF-8?b?8J2UsA==?=
Message-ID: <1b27e538bafdad0e747aca40b12139a844576240@i2pn2.org>
References: <324bb1a7476b82ad04e91b41ab885894d25358e3@i2pn2.org> <45eed9a6-8bc6-7595-a183-82d25eaea562@tznvy.pbz>
MIME-Version: 1.0
Injection-Date: Fri, 5 Jul 2024 19:07:31 -0000 (UTC)
Injection-Info: i2pn2.org;
	logging-data="2271156"; mail-complaints-to="usenet@i2pn2.org";
	posting-account="ieSrCjSDShpZNyqIW52mlwIkg76Hsp+TOOO6KTdfCN8";
User-Agent: flnews/1.3.0pre4 (for GNU/Linux)
X-Ed25519-Pub: 43e6681c5cf3cdc2f9ccf975f8a01b18c5e84bf0ba00605faba9cc0f8757a117
X-Date: It's Fri 11266 Sep 1993 09:07:09 PM CEST, the September that never ends
X-Finger: tilde.club/~pollux/
X-Spam-Checker-Version: SpamAssassin 4.0.0
X-Ed25519-Sig: e542c4bfb76263920816f76cc659cbf6b0a6faacc7e06bca17474f6e0953543a
 ce572bbeff184da4dd17377cf2a96938c01fd8def7bf206690227957fc461202
Bytes: 2020
Lines: 21

Chax Plore wrote:
> 
> Xorshift is reversible, so if Eve is up to no good, then she can use the
> foreknowledge of nonce in bad way (no specific attack in mind, but
> nothing in the message should be predictable or "crackable").
> 
> I suggest to use HKDF instead to generate the nonce in your scheme,
> which I would name "nonce ratchet" instead of confusing "nfs" (I'm just
> looking on my NAS console, where I see two volumes mounted as NFS shares).

Thanks for your valuable input, much appreciated! The Program uses now
hkdf, instead of corshift128+.
 
> And If you are already using KKDF, they why not to "ratchet" the whole
> key/nonce/iv/salt material this way, if you intend to leave no variables
> in plain sight?

What do you mean (language barrier)?

-- 
Regards
Stefan