[148368] in cryptography@c2.net mail archive
Re: [Cryptography] Kindle as crypto hardware
daemon@ATHENA.MIT.EDU (Phillip Hallam-Baker)
Thu Dec 5 17:56:07 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <20131205212339.GA31099@thunk.org>
Date: Thu, 5 Dec 2013 17:53:12 -0500
From: Phillip Hallam-Baker <hallam@gmail.com>
To: "Theodore Ts'o" <tytso@mit.edu>
Cc: Bill Stewart <bill.stewart@pobox.com>,
cryptography <cryptography@metzdowd.com>,
=?ISO-8859-1?Q?Lodewijk_andr=E9_de_la_porte?= <l@odewijk.nl>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============6840690900579529927==
Content-Type: multipart/alternative; boundary=047d7bb04bd2f452c104ecd164e3
--047d7bb04bd2f452c104ecd164e3
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
On Thu, Dec 5, 2013 at 4:23 PM, Theodore Ts'o <tytso@mit.edu> wrote:
> On Thu, Dec 05, 2013 at 08:01:04PM +0100, Lodewijk andr=E9 de la porte wr=
ote:
> >
> > It's a joke. Noise patterns from hardware are a serious concern though.
>
> A few years ago, people who suggested that NIST might issue a standard
> sabotaged by the NSA would be a joke and/or the paranoid ravings of
> the tin foil hat crowd...
>
I don't think that is what DUAL_EC_DRNG started as.
It would make perfect sense to have a mechanism that allowed the NSA to
check cryptohardware to see if the random number generator has been
bongoed. And one way to do that is to put a backdoor in it so you can dump
out the random number seed being used and check.
The point at which the spec was released was just after a leadership change
at the NSA and at a time when the military thought itself completely above
any form of accountability.
I don't think they would have done that before because the people inside
the agency saying 'this is going to be found out' would be listened to. And
I am pretty certain that there were such people because they are not
stupid. Like the numerous analysts at the CIA telling the administration
that there was no evidence of WMD in Iraq or collusion with Al Qaeda, the
experts were ignored by a bunch of arrogant showboats.
--=20
Website: http://hallambaker.com/
--047d7bb04bd2f452c104ecd164e3
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><div class=3D"gmail_extra"><div class=3D"gmail_quote">On T=
hu, Dec 5, 2013 at 4:23 PM, Theodore Ts'o <span dir=3D"ltr"><<a href=
=3D"mailto:tytso@mit.edu" target=3D"_blank">tytso@mit.edu</a>></span> wr=
ote:<br><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border=
-left:1px #ccc solid;padding-left:1ex">
<div class=3D"im">On Thu, Dec 05, 2013 at 08:01:04PM +0100, Lodewijk andr=
=E9 de la porte wrote:<br>
><br>
> It's a joke. Noise patterns from hardware are a serious concern th=
ough.<br>
<br>
</div>A few years ago, people who suggested that NIST might issue a standar=
d<br>
sabotaged by the NSA would be a joke and/or the paranoid ravings of<br>
the tin foil hat crowd...<br></blockquote><div><br></div><div>I don't t=
hink that is what DUAL_EC_DRNG started as.</div><div><br></div><div>It woul=
d make perfect sense to have a mechanism that allowed the NSA to check cryp=
tohardware to see if the random number generator has been bongoed. And one =
way to do that is to put a backdoor in it so you can dump out the random nu=
mber seed being used and check.</div>
<div><br></div><div>The point at which the spec was released was just after=
a leadership change at the NSA and at a time when the military thought its=
elf completely above any form of accountability.=A0</div><div><br></div><di=
v>
I don't think they would have done that before because the people insid=
e the agency saying 'this is going to be found out' would be listen=
ed to. And I am pretty certain that there were such people because they are=
not stupid. Like the numerous analysts at the CIA telling the administrati=
on that there was no evidence of WMD in Iraq or collusion with Al Qaeda, th=
e experts were ignored by a bunch of arrogant showboats.</div>
<div><br></div><div>=A0</div></div>-- <br>Website: <a href=3D"http://hallam=
baker.com/">http://hallambaker.com/</a><br>
</div></div>
--047d7bb04bd2f452c104ecd164e3--
--===============6840690900579529927==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============6840690900579529927==--
