Activity for Aaron Toponce

  • Aaron Toponce Aaron Toponce posted a comment on discussion Open Discussion

    https://github.com/dlech/KeePass2.x/blob/VS2019/KeePass/Forms/EntropyForm.cs#L101-L111 seems to be part the logic in question on the mouse entropy model. If I'm reading the source code correctly, it's keeping a pool of mouse (x, y) coordinates, by bitshifting the x-coordinate left 8 bits, and XORing that with the y-coordinate, producing a 16-bit unsigned int. It's then XORed with the system time in milliseconds, and finally the UI is updated, which I'm guessing is showing how many bits you've generated...

  • Aaron Toponce Aaron Toponce posted a comment on discussion Open Discussion

    When navigating to "Tools -> Advanced Tools -> Create Key File..." to create a new file, and the "Entropy Collection" dialog is presented with a randogram for mouse input, and text field for keyboard input, how is the entropy calculated when moving the mouse? I've tried reading the source code, but I couldn't make sense of it, so I figured I would ask here. I know however that the mouse and keyboard entropy are hashed with SHA-256, even if nothing is input. I'm just curious how the mouse movement...

  • Aaron Toponce Aaron Toponce posted a comment on ticket #30

    Hmm. That's better than nothing, but less than optimal. The goal here is to get a...

  • Aaron Toponce Aaron Toponce posted a comment on ticket #30

    You're right. I had made the assumption Debian renamed it. But, that doesn't appear...

  • Aaron Toponce Aaron Toponce posted a comment on ticket #30

    Might be worth reporting to http://www.perlmonks.org/bare/?node_id=465675

  • Aaron Toponce Aaron Toponce posted a comment on ticket #30

    Thanks for implementing the patch. What does it mean to be optional? If the module...

  • Aaron Toponce Aaron Toponce posted a comment on ticket #30

    The following patch will fix this bug. Requires Math::Random::ISAAC, available as...

  • Aaron Toponce Aaron Toponce posted a comment on ticket #30

    Why was this closed, and marked as invalid? Is there something I'm missing about...

  • Aaron Toponce Aaron Toponce posted a comment on ticket #31

    Hmm. That might not be correct. Line 538 appears to be MAC-then-Encrypt. # Store...

  • Aaron Toponce Aaron Toponce posted a comment on ticket #31

    Looks like this is a problem with upstream KeePass proper. See https://sourcefor...

  • Aaron Toponce Aaron Toponce created ticket #31

    Encryption is not authenticated.

  • Aaron Toponce Aaron Toponce created ticket #30

    rand() is used for random number generation.

  • Aaron Toponce Aaron Toponce modified a comment on ticket #22

    It should also be mentioned that EDON-R did not pass round 1 of the NIST SHA3 competition,...

  • Aaron Toponce Aaron Toponce posted a comment on ticket #22

    It should also be mentioned that EDON-R did not pass round 2 of the NIST SHA3 competition,...

  • Aaron Toponce Aaron Toponce posted a comment on ticket #22

    EDON-R is also not standardized, and uses the same Merkle–Damgård construction that...

  • Aaron Toponce Aaron Toponce created ticket #22

    Support for Skein

1
MongoDB Logo MongoDB