[146815] in cryptography@c2.net mail archive
Re: [Cryptography] [cryptography] Random number generation
daemon@ATHENA.MIT.EDU (Eugen Leitl)
Sun Sep 8 11:55:24 2013
X-Original-To: cryptography@metzdowd.com
Date: Sun, 8 Sep 2013 13:27:46 +0200
From: Eugen Leitl <eugen@leitl.org>
To: cypherpunks@al-qaeda.net, info@postbiota.org, zs-p2p@zerostate.is,
Cryptography List <cryptography@metzdowd.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
----- Forwarded message from "James A. Donald" <jamesd@echeque.com> -----
Date: Sun, 08 Sep 2013 08:34:53 +1000
From: "James A. Donald" <jamesd@echeque.com>
To: cryptography@randombit.net
Subject: Re: [cryptography] Random number generation influenced, HW RNG
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:17.0) Gecko/20130801 Thunderbird/17.0.8
Reply-To: jamesd@echeque.com
On 2013-09-08 3:48 AM, David Johnston wrote:
> Claiming the NSA colluded with intel to backdoor RdRand is also to
> accuse me personally of having colluded with the NSA in producing a
> subverted design. I did not.
Well, since you personally did this, would you care to explain the
very strange design decision to whiten the numbers on chip, and not
provide direct access to the raw unwhitened output.
A decision that even assuming the utmost virtue on the part of the
designers, leaves open the possibility of malfunctions going
undetected.
That is a question a great many people have asked, and we have not
received any answers.
Access to the raw output would have made it possible to determine that
the random numbers were in fact generated by the physical process
described, since it is hard and would cost a lot of silicon to
simulate the various subtle offwhite characteristics of a well
described actual physical process.
_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
