questions about RNGs and FIPS 140
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Sat Aug 28 02:39:42 EDT 2010
John Denker <jsd at av8n.com> writes:
>There exist lots of small and/or embedded and/or virtual Linux systems that
>have no useful sources of entropy.
Interesting that you should mention this, I was having a debate earlier today
on the use of DLP/ECDLP-based cryptosystems vs. RSA in embedded devices. My
argument was that DLP, and particularly ECDLP, looked good on paper but in
practice were quite dangerous because the lack of entropy on the very limited
systems that they're being pushed for makes it risky to use them there. So
far of the three ECDLP-using embedded devices I've been able to look at in
detail, all three failed to use proper entropy where required and one
definitely and the other two probably didn't check the key parameters as
required either.
(Cue debate on ECC vs. RSA :-).
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list