[Cryptography] Is there a better way to discuss/publish new attacks?

Ray Dillinger bear at sonic.net
Sat Jul 11 14:43:02 EDT 2015

On 07/07/2015 11:53 PM, Bill Cox wrote:
> If I am correct (and I am often mistaken), I've broken 3 would-be
> memory-hard PoW systems this week.  Momentum and I believe Cuckoo Cycle can
> be sped up with parallel processing to arbitrarily reduce memory*time cost
> with practical hardware.  Ramhog is so flawed that I did not bother posting
> attacks to this list, and just left a warning on a bitcoin related forum
> instead.  Momentum and Ramhog were even used in their own crypto-currencies
> (BitShare and ShinyCoin).
> I do not know anyone who I can discuss these algorithms with, so I have no
> choice but to post attacks without any review by anyone else before hand,
> or not post my security concerns at all. 

Crypto-practicum is a fully moderated free mailing list devoted
to discussing and analyzing attacks on cryptographic systems.  It
is hosted on sonic.net, the only ISP to get top grades for security,
transparency and privacy for all of the last six years.  If you
want to get people to look at, critique, refine, or possibly
extend your attacks, please subscribe and post.

A good URL for it is:

Full disclosure:  I am the moderator of the list, so this post is
promoting something that I personally am involved with.

I am especially hoping to attract people who want to discuss and
refine attacks to a point where they can be journal-published papers.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150711/66cffb6b/attachment.sig>

More information about the cryptography mailing list