[Cryptography] Kindle as crypto hardware
Phillip Hallam-Baker
hallam at gmail.com
Thu Dec 5 17:53:12 EST 2013
On Thu, Dec 5, 2013 at 4:23 PM, Theodore Ts'o <tytso at mit.edu> wrote:
> On Thu, Dec 05, 2013 at 08:01:04PM +0100, Lodewijk andré de la porte wrote:
> >
> > It's a joke. Noise patterns from hardware are a serious concern though.
>
> A few years ago, people who suggested that NIST might issue a standard
> sabotaged by the NSA would be a joke and/or the paranoid ravings of
> the tin foil hat crowd...
>
I don't think that is what DUAL_EC_DRNG started as.
It would make perfect sense to have a mechanism that allowed the NSA to
check cryptohardware to see if the random number generator has been
bongoed. And one way to do that is to put a backdoor in it so you can dump
out the random number seed being used and check.
The point at which the spec was released was just after a leadership change
at the NSA and at a time when the military thought itself completely above
any form of accountability.
I don't think they would have done that before because the people inside
the agency saying 'this is going to be found out' would be listened to. And
I am pretty certain that there were such people because they are not
stupid. Like the numerous analysts at the CIA telling the administration
that there was no evidence of WMD in Iraq or collusion with Al Qaeda, the
experts were ignored by a bunch of arrogant showboats.
--
Website: http://hallambaker.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20131205/32eec0eb/attachment.html>
More information about the cryptography
mailing list