[Cryptography] Fwd: [IP] 'We cannot trust' Intel and Via's chip-based crypto, FreeBSD developers say
Kent Borg
kentborg at borg.org
Fri Dec 13 14:37:07 EST 2013
On 12/13/2013 01:24 PM, John Kelsey wrote:
> Why not just XOR RD_RAND outputs with Yarrow outputs? That guarantees strong results if either one is good.
>
It might make even two bad inputs good. If rdrand has a backdoor it
still needs to leak state to its master. XORing in something way noisy
might be annoying to the masters.
-kb
More information about the cryptography
mailing list