[147903] in cryptography@c2.net mail archive
Re: [Cryptography] [RNG] /dev/random initialisation
daemon@ATHENA.MIT.EDU (James A. Donald)
Wed Oct 30 16:40:58 2013
X-Original-To: cryptography@metzdowd.com
Date: Thu, 31 Oct 2013 06:32:52 +1000
From: "James A. Donald" <jamesd@echeque.com>
To: cryptography@metzdowd.com
In-Reply-To: <5270FB98.205@iang.org>
Reply-To: jamesd@echeque.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On 2013-10-30 22:29, ianG wrote:
> Do we see a multi-phase approach here?
>
> 1. Limit the sources to FIPS-authenticated inputs.
> 2. Limit the number of sources that can be used.
> 3. Do a deal with all major suppliers of FIPS-authenticated inputs.
> 4. Profit.
To restate for the slow witted.
The prohibition against unauthorized sources of entropy indicates evil
intent and evil deeds.
No source of entropy can ever be harmful. The worst that can happen is
that it is entirely predictable to the adversary, in which case it does
little good, but can never do harm.
Thus banning unauthorized sources of entropy is an obviously stupid move.
Unless, of course, you are the adversary, and expect all authorized
sources of entropy to be predictable to yourself, but to no one else.
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
