[147896] in cryptography@c2.net mail archive
Re: [Cryptography] [RNG] /dev/random initialisation
daemon@ATHENA.MIT.EDU (Jerry Leichter)
Wed Oct 30 14:35:37 2013
X-Original-To: cryptography@metzdowd.com
From: Jerry Leichter <leichter@lrw.com>
In-Reply-To: <5270FB98.205@iang.org>
Date: Wed, 30 Oct 2013 14:09:20 -0400
To: ianG <iang@iang.org>
Cc: cryptography@metzdowd.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On Oct 30, 2013, at 8:29 AM, ianG <iang@iang.org> wrote:
> Do we see a multi-phase approach here?
>
> 1. Limit the sources to FIPS-authenticated inputs.
> 2. Limit the number of sources that can be used.
> 3. Do a deal with all major suppliers of FIPS-authenticated inputs.
> 4. Profit.
>
> This is looking like the same multi-pronged strategy that sunk DRBG_EC.
Maybe. Or maybe we just see a misapplied reasonable principle that any input that could affect sensitive data must be authenticated.
"Never attribute to malice what can be explained by incompetence." One of the really bad things about the NSA's apparent attempts to subvert crypto is that it leads you to question this assertion. We just have no way of knowing.
-- Jerry
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
