questions about RNGs and FIPS 140
Steven Bellovin
smb at cs.columbia.edu
Wed Aug 25 23:46:00 EDT 2010
On Aug 25, 2010, at 4:37 16PM, travis+ml-cryptography at subspacefield.org wrote:
>
> 3) Is determinism a good idea?
> See Debian OpenSSL fiasco. I have heard Nevada gaming commission
> regulations require non-determinism for obvious reasons.
It's worth noting that the issue of determinism vs. non-determinism is by no means clearcut. You yourself state that FIPS 140-2 requires deterministic PRNGs; I think one can rest assured that the NSA had a lot of input into that spec. The Clipper chip programming facility used a PRNG to set the unit key -- and for good reasons, not bad ones.
--Steve Bellovin, http://www.cs.columbia.edu/~smb
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list