OpenID4 items tagged “cryptography”
Django snippets: Sign a string using SHA1, then shrink it using url-safe base65. I needed a way to create tamper-proof URLs and cookies by signing them, but didn’t want the overhead of a full 40 character SHA1 hash. After some experimentation, it turns out you can knock a 40 char hash down to 27 characters by encoding it using a custom base65 encoding which only uses URL-safe characters. 
27th August 2008, 10:18 pm
I don’t understand why the NSA was so insistent about including Dual_EC_DRBG in the standard. It makes no sense as a trap door: It’s public, and rather obvious. It makes no sense from an engineering perspective: It’s too slow for anyone to willingly use it. And it makes no sense from a backwards-compatibility perspective: Swapping one random-number generator for another is easy.
— Bruce Schneier 
16th November 2007, 10:25 am
The Beauty Of The Diffie-Hellman Protocol. Some useful explanations here. Diffie-Hellman is used by OpenID to establish a shared secret between the provider and the consumer. 1st March 2007, 10:08 pm
James Randi owes me a million dollars (via) Interesting case study in cryptographic bit commitment protocols, which allow something to be published that can later prove the authenticity of a revealed secret. 30th January 2007, 1:10 am
