[16395] in bugtraq
Re: swc / ActivCard
daemon@ATHENA.MIT.EDU (Michal Zalewski)
Fri Aug 25 15:36:28 2000
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.LNX.4.21.0008232250540.15804-100000@dione.ids.pl>
Date: Wed, 23 Aug 2000 22:52:53 +0200
Reply-To: Michal Zalewski <lcamtuf@DIONE.IDS.PL>
From: Michal Zalewski <lcamtuf@DIONE.IDS.PL>
X-To: Alan DeKok <aland@striker.ottawa.on.ca>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.LNX.4.21.0008232220060.15804-100000@dione.ids.pl>
On Wed, 23 Aug 2000, Michal Zalewski wrote:
> [...] my guesses from expected probability - 1 / 100000000 - to
> something around 1 / 200 to 1 / 1000 in most cases. But I'm not sure
> if I found a rule only for my input set and this (maybe specific)
> token, or AC algorithm is somewhat weaker than we should expect?
Ops, pardon, I meant 1 / 2000 - 1 / 10000. That's less or more equal to my
declared 35% within 100 attempts. Sorry again, I was writing this response
in hurry.
_______________________________________________________
Michal Zalewski [lcamtuf@tpi.pl] [tp.internet/security]
[http://lcamtuf.na.export.pl] <=--=> bash$ :(){ :|:&};:
=-----=> God is real, unless declared integer. <=-----=
