[Cryptography] Checking for the inadvertent use of test keys

Tom Mitchell mitch at niftyegg.com
Fri Sep 4 00:07:30 EDT 2015

On Thu, Sep 3, 2015 at 5:09 PM, Ray Dillinger <bear at sonic.net> wrote:

> On 09/02/2015 11:51 AM, Guus Sliepen wrote:
> > On Wed, Sep 02, 2015 at 07:00:27PM +1200, Peter Gutmann wrote:
> >
> >> What I'm after is a simple safety check to warn about inadvertent use of
> >> predictable sequences that might get used as test keys.  I'm after
> actual
> >> algorithmic tests rather than general advice like "have you looked at
> >> Kolmogorov complexity"...
> >
> > You could algorithmically Google the key and warn when the number of
> > hits is too high.
> Don't even joke about sending keys off to a third-party who's going
> to have to have them in the clear to provide meaningful results.

 Exactly... that is a perfect example of data flow awareness and secrets.
Things like this cannot be lost or a clever summer intern might....

  T o m    M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150903/0d8784f2/attachment.html>

More information about the cryptography mailing list